CloudOps: Where We've Been, Where We're Going, How Can We Do It Better?
Jeremy Edberg, Lead Cloud Reliability Engineer at Netflix
First up was Jeremy, talking about his cloud computing experiences at both reddit and Netflix. His talk provided insights into reddit's migration to cloud resources, along with surprising financial analysis. According to his calculations, Amazon's Elastic Compute Cloud (EC2) was almost thirty percent cheaper than managing scale with their own resources during his time at reddit, while the site's traffic grew 13x. He also mentioned the Octoputer, which has been referred to as a conceptual example of cloud computing, at least in the sense that you work remotely from any terminal with a connection to the system. RCA's Spectra 70 (Octoputer) is probably not a current offering from any cloud provider.
Jeremy discusses his cloud experience from reddit and Netflix
A Brief History of Cloud
James Watters, Business Development Manager, Cloud Foundry, VMware
James talked about cloud costs, using DRAM prices as a commodity to index virtual services invoicing. As an example, system pricing falls at a much faster rate than service pricing, specifically in the cloud. This is especially true for companies which are not large enough for the cloud provider to keep them happy. As he put it, "[EC2] does cut pricing, but you are at their mercy." Cloud costs have been the reasoning behind several companies building private clouds: Zynga and Urban Airship. Just an aside, it was brought up that the cost at Sun Microsystems to process a payment was around twelve hundred dollars ($1,200). I remember hearing something very similar from way back in my own past, when I was informed that it costs DuPont over ten thousand dollars ($10,000) to cut a check.
Building Cloud Tools for Netflix
Joe Sondow, Senior Software Engineer at Netflix
Joe talked about Netflix's REST interface, which layers over Amazon's provided management console. Reasons given for why they chose not to use the AWS Console were valid and raise questions regarding trusting cloud providers with too much SysAdmin information. You can find the presentation slides here. To learn more about cloud use at Netflix, follow #netflixcloud on Twitter.
Cloud Is Such Stuff As Dreams Are Made On
Patrick Chanezon, Senior Director of Developer Relations at VMware
Patrick did a great job presenting (slides) how he envisions changes to systems administration due to a migration to cloud services. His comments on Starbucks and two-phase commitment was spot on regarding increased efficiency. Basically, Starbucks starts working on the drink preparation before the ordering process is completed. This reduction in latency increases throughput if the transaction parameters are not changed. Changes do not result in a loss of efficiency. If the drink is rejected, a new one is created. If there is a failure to make the drink, the customer is reimbursed. If the customer cannot afford the drink, it is discarded. He also warned against vendor lock-in. As he puts it, it is much like Hotel California, where "you can check out any time you like, but you can never leave." Therefore, he endorses Cloud Foundry so that you can be your own bitch, not Google's, Facebook's or Twitter's, quoting Fred Wilson.
Own That Cloud!
OpenShift / Red Hat
I missed the start of the presentation, so I do not know the presenter's name. Red Hat becomes a cloud provider with OpenShift. Their platform as a service (PaaS) offering comes in two flavors: Express is for quick deployment and Flex is for more administrative control. Some side notes on how SELinux and Linux Containers (LXC) are implemented were interesting.
A Tale of Locks and Hacks
Ramon Gomez, Security Program Manager at StrataScale
Questions asked: Anyone using the cloud to scale up online scans and/or attacks? Do cloud providers respond to online security incidents appropriately? What should be part of the due diligence in choosing a cloud service vendor? Ramon went into how StrataScale uses a combination of tools to identify and stop traffic which should not be on their network. Some of the tools mentioned were:
- Open Source Security Information Manager (OSSIM)
- Intrustion detection with Snort
- NetFlow traffic analysis with Nfdump
- Using PacketFence for network access control
- Brute-force attacker, Medusa
- Simple Event Correlator (SEC)
Keeping administrators on top of things using Medusa is an excellent idea. If you see a new host on the network, run a light scan against it with Medusa, just to make sure services don't have default administrative passwords configured.
Again, to PayPal for hosting. Thanks also the sponsors: Scalr, VMware, RackSpace, DataStax, Amazon Web Services, HP Cloud, Red Hat OpenShift, Akamai, StrataScale and CloudStack. And, a huge thank you to #svccg.