Views

Sunday, September 25, 2011

SVCCG Workshop in San Jose

Attended this weekend's Silicon Valley Cloud Computing Group meeting. PayPal hosted the event at their town hall, which had ample space for the eight hundred attendees. The schedule called for some tough decisions: I really wanted to hear about cloud work being done at both eBay and Netflix, however those discussions happened simultaneously. So, after weighing the options with Nisheed, who told me about this event in the first place, I decided on what to listen in on.

CloudOps: Where We've Been, Where We're Going, How Can We Do It Better?
Jeremy Edberg, Lead Cloud Reliability Engineer at Netflix

First up was Jeremy, talking about his cloud computing experiences at both reddit and Netflix. His talk provided insights into reddit's migration to cloud resources, along with surprising financial analysis. According to his calculations, Amazon's Elastic Compute Cloud (EC2) was almost thirty percent cheaper than managing scale with their own resources during his time at reddit, while the site's traffic grew 13x. He also mentioned the Octoputer, which has been referred to as a conceptual example of cloud computing, at least in the sense that you work remotely from any terminal with a connection to the system. RCA's Spectra 70 (Octoputer) is probably not a current offering from any cloud provider.


Jeremy discusses his cloud experience from reddit and Netflix

A Brief History of Cloud
James Watters, Business Development Manager, Cloud Foundry, VMware

James talked about cloud costs, using DRAM prices as a commodity to index virtual services invoicing. As an example, system pricing falls at a much faster rate than service pricing, specifically in the cloud. This is especially true for companies which are not large enough for the cloud provider to keep them happy. As he put it, "[EC2] does cut pricing, but you are at their mercy." Cloud costs have been the reasoning behind several companies building private clouds: Zynga and Urban Airship. Just an aside, it was brought up that the cost at Sun Microsystems to process a payment was around twelve hundred dollars ($1,200). I remember hearing something very similar from way back in my own past, when I was informed that it costs DuPont over ten thousand dollars ($10,000) to cut a check.

Building Cloud Tools for Netflix
Joe Sondow, Senior Software Engineer at Netflix

Joe talked about Netflix's REST interface, which layers over Amazon's provided management console. Reasons given for why they chose not to use the AWS Console were valid and raise questions regarding trusting cloud providers with too much SysAdmin information. You can find the presentation slides here. To learn more about cloud use at Netflix, follow #netflixcloud on Twitter.

Cloud Is Such Stuff As Dreams Are Made On
Patrick Chanezon, Senior Director of Developer Relations at VMware

Patrick did a great job presenting (slides) how he envisions changes to systems administration due to a migration to cloud services. His comments on Starbucks and two-phase commitment was spot on regarding increased efficiency. Basically, Starbucks starts working on the drink preparation before the ordering process is completed. This reduction in latency increases throughput if the transaction parameters are not changed. Changes do not result in a loss of efficiency. If the drink is rejected, a new one is created. If there is a failure to make the drink, the customer is reimbursed. If the customer cannot afford the drink, it is discarded. He also warned against vendor lock-in. As he puts it, it is much like Hotel California, where "you can check out any time you like, but you can never leave." Therefore, he endorses Cloud Foundry so that you can be your own bitch, not Google's, Facebook's or Twitter's, quoting Fred Wilson.

Own That Cloud!
OpenShift / Red Hat

I missed the start of the presentation, so I do not know the presenter's name. Red Hat becomes a cloud provider with OpenShift. Their platform as a service (PaaS) offering comes in two flavors: Express is for quick deployment and Flex is for more administrative control. Some side notes on how SELinux and Linux Containers (LXC) are implemented were interesting.

A Tale of Locks and Hacks
Ramon Gomez, Security Program Manager at StrataScale

Questions asked: Anyone using the cloud to scale up online scans and/or attacks? Do cloud providers respond to online security incidents appropriately? What should be part of the due diligence in choosing a cloud service vendor? Ramon went into how StrataScale uses a combination of tools to identify and stop traffic which should not be on their network. Some of the tools mentioned were:

  • Open Source Security Information Manager (OSSIM)
  • Intrustion detection with Snort
  • NetFlow traffic analysis with Nfdump
  • Using PacketFence for network access control
  • Brute-force attacker, Medusa
  • Simple Event Correlator (SEC)

Keeping administrators on top of things using Medusa is an excellent idea. If you see a new host on the network, run a light scan against it with Medusa, just to make sure services don't have default administrative passwords configured.

Thank You

Again, to PayPal for hosting. Thanks also the sponsors: Scalr, VMware, RackSpace, DataStax, Amazon Web Services, HP Cloud, Red Hat OpenShift, Akamai, StrataScale and CloudStack. And, a huge thank you to #svccg.

2 comments:

  1. Regarding "Shift Happens" (Redhat), this is - by the speaker's admission - currently just an R&D effort - with no committment to be commericalized. In that case, it may be(come) "No Shift".

    ReplyDelete