Cloud-based Application Design for Availability and Reliability

According to Amazon’s guide to Cloud Best Practices (2017), “If you design for failure, nothing will fail.”. The recommendation given is to “Be a pessimist when designing architectures in the cloud; assume things will fail. In other words, always design, implement and deploy for automated recovery from failure.”

Jinesh Varia, Lead Technology Evangelist at Amazon AWS, took it further by specifying a total of 12 design patterns (best practices) that all businesses should consider when designing highly available and reliable cloud applications (Figure 1).

Figure 1 – Building Powerful Web Applications in the AWS Cloud (Varia, 2011). [Read more…]

Open Cloud Management Platforms: Apache CloudStack & HP Helion Eucalyptus

Two of the most popular cloud management platforms from the open-source space are OpenStack and OpenNebula. Both of them provide an open source scalable software platform that allows cloud service vendors and enterprises to provision and orchestrate large deployments of virtual machines, as well as manage and control networking, processing and storage resources in a data center. Both also offer a web based dashboard, as well as command line and API services to better control all of the interrelated components, in IaaS private cloud. However, even though OpenStack and OpenNebula are certainly among the most recognized open source cloud management platforms, in this post I introduce two other CMPs that in my opinion deserve to be explored, namely the CloudStack and Eucalyptus open cloud management platforms.  [Read more…]

Cross-Region Replication and Geo-Redundancy in Amazon, Microsoft and Google Cloud

As we all know, most large IT cloud companies offer some way to do the Cross-Region Replication for their data storage. As they are expanding across the globe in a race to provide the best disaster recovery and also their ability to use storage in different regions I wanted to spend 5 seconds to look at the options offered by Amazon, Microsoft, and Google.  [Read more…]

Introduction to CSA, Cloud Governance and Operational Domain of Encryption & Key Management

In this post, I will introduce Cloud Security Alliance (CSA) and the governance and operation domains through which they promote the best security practices in the cloud. I also briefly look at the Encryption and Key Management as one of the parts of the operational domains; and look at the general security concerns, as well as specific concerns of this particular domain. [Read more…]

Importance of Cloud Service Level Agreement Analysis

One of the best general definitions of SLA comes from Marilly, Martinot and Betgé-Brezetz (2002, p.57-62), “A Service Level Agreement (SLA) is a contract between Service Providers or between Service Providers and Customers that specifies, usually in measurable terms, what services the Service Provider will furnish and what penalties the Service pay if he cannot meet the committed goals.”. The similar definition applies to cloud providers. In essence, the SLA describes a contract between the vendor that delivers a cloud service and the company which is receiving it. That said, I see some differences between the traditional IT level SLA and those created by cloud providers. While in the depth of the covered obligations, the cloud service level agreements appear to be similar to typical IT SLA, the cloud landscape is certainly more complex, which also alters the nature of cloud SLAs and their presentation to end client. Let me explain. [Read more…]