Cloud Concerns

  • Comments posted to this topic are about the item Cloud Concerns

  • We just went through our required annual DR exercise. Databases were restored to a geographically-separated alternate location and applications were recovered at that site. I'm not in an industry where we can "wait for the cloud to come back up."

    Businesses need to decide on recovery architecture when considering a cloud-based solution. Cloud services do not eliminate the need for or the cost of maintaining disaster recovery facilities, be they in-house or with another provider (separate from the main provider).

    Net-based providers that claim disaster recovery capability had best be able and prepared to exercise on my schedule and fulfill my mandated RTOs, or they're out of the mix.

    Cloud services have been touted as a magic bullet that reduces costs and eliminates the need for infrastructure and resources. When it comes to critical application support and protection, nothing could be further from the truth.

  • I was shown a design with SQL2012 High Availability where there were 3 nodes in an HA cluster.

    The 3rd node was in the cloud and was minimal spec as a DR option. In the event of a full failover the elasticity of the cloud would come to the fore and the node would be spun up with whatever juice it needed.

    Low cost node during normal working, high cost just when it was needed.

    With SQL2012 the different nodes in the cluster don't have to be the same spec so one node can be specced for OLTP, another for reporting and a 3rd for DR.

  • Just as cell phone providers have been using aggressive marketing and competitive pricing plans for decades, perhaps cloud database providers will also use highly publicised outages and security breaches to lure clients into making a quick and easy switch over to their cloud. If high value clients can move their big data to a new cloud provider overnight, then cloud providers will take security and availability very seriously.

    "Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho

  • It is my understanding that once your data leaves your building (...to the cloud...), that a search warrant is no longer needed in order to review the data :w00t: . I submit for consideration that the ramification of storing data offsite with a 3rd party needs to be considered very carefully.

    In most cases this is of little concern, but it presents us with a slippery slope. Indeed it could be argued that "we have nothing to hide":kiss:, or for the more paranoid, "the govt. already routinely access our data without our knowledge anyways":smooooth:

    It is my SINCERE hope that none of us would ever find ourselves in a situation where this is a real concern, but there are scenarios that could play out that none of us would ever even think of.

    Step carefully, that's all I'm saying here ;-).

    Applications come and go, but data lasts forever!

  • I guess it depends a lot on which definition of "the cloud" you're dealing with.

    Is a virtual server on the Amazon EC2 infrastructure "the cloud"? How about a hosted server with Rackspace? What about a hosted virtual server with Rackspace?

    In any of those cases, co-located servers, physical or virtual, are options.

    And, while some "cloud outages" have been well-publicized, is average downtime actually higher than in-house servers, across industries?

    I don't have any of those numbers. And any you get from "cloud computing providers" are likely to be spun in their favor, while any you get from a server hardware vendor are likely to be spun in their favor.

    It's an interesting set of questions. The more I learn, the more I know I don't know, on this kind of thing.

    - Gus "GSquared", RSVP, OODA, MAP, NMVP, FAQ, SAT, SQL, DNA, RNA, UOI, IOU, AM, PM, AD, BC, BCE, USA, UN, CF, ROFL, LOL, ETC
    Property of The Thread

    "Nobody knows the age of the human race, but everyone agrees it's old enough to know better." - Anon

  • GSquared (12/13/2012)


    ...

    And, while some "cloud outages" have been well-publicized, is average downtime actually higher than in-house servers, across industries?

    I wonder. I sometimes think outages are just as likely in either case, highly dependent on the staff.

    I don't have any of those numbers. And any you get from "cloud computing providers" are likely to be spun in their favor, while any you get from a server hardware vendor are likely to be spun in their favor.

    As are local numbers. I've seen so many admins claim much higher uptimes than were reported on servers. Inside many companies we certainly don't track this well, perhaps because the numbers might be < 99%.

    It's an interesting set of questions. The more I learn, the more I know I don't know, on this kind of thing.

    I feel like I know less every day.

  • However business continuity is important. If your database, or application server goes down, what would you do? In most cases you would sit in your office waiting for the cloud provider to come back online. That's not much different from in-house failures where you may wait on the network or OS administrators to recover a host server. In a few of the disasters I've experienced, I only had slightly more control than I'd guess a cloud provider gives me.

    Steve.

    The difference is that when it is in-house the admins are dedicated to our systems. In the cloud they might decide someone else's system is more important than yours.

    And using the cloud as a DR backup? I'm not too sure about that. I worked for a company that was on a government contract and we were looking at an off-site DR location. It would be a shared system. In other words, the site has the equipment, but it is only used when a disaster happens. You store tapes/whatever there and restore them to the off-site equipment when you need their system. HOWEVER, in a major disaster other companies might beat you to the equipment and you could be out in the 'cold'. We passed on that.

    If you go to the cloud for a DR backup, you need to ask if the 'storage/systems/whatever' are dedicated for your company or are shared on as needed basis. As needed can be okay, but what if a major disaster happens? How many companies needed to bring up equipment in a remote location after the Twin Towers got hit? WHat if all the companies in that building had their backup plan going to the same DR site and it was on first-come/first-served basis?

    I've also seen in the news where servers in the cloud were taken by the FBI because they had evidence of a crime. Intermingled in the same servers were other business' data. They lost their data until the FBI returned the hardware. Can your company afford to lose data because it's on a drive that is also used by another company? (If I can find the article, I'll update this with the link).

    -SQLBill

  • Database cloud services in 2012 are sort of like web application frameworks back in 1996; the basic technology infrastructure is there, but folks are still debating about what to do with it and when.

    "Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho

  • SQLBill (12/13/2012)


    [

    If you go to the cloud for a DR backup, you need to ask if the 'storage/systems/whatever' are dedicated for your company or are shared on as needed basis. As needed can be okay, but what if a major disaster happens? How many companies needed to bring up equipment in a remote location after the Twin Towers got hit? WHat if all the companies in that building had their backup plan going to the same DR site and it was on first-come/first-served basis?

    I've also seen in the news where servers in the cloud were taken by the FBI because they had evidence of a crime. Intermingled in the same servers were other business' data. They lost their data until the FBI returned the hardware. Can your company afford to lose data because it's on a drive that is also used by another company? (If I can find the article, I'll update this with the link).

    -SQLBill

    Fair points, though I'm not sure this mitigates the use of the cloud. If you were to choose AWS, Azure, or the Google Compute clouds, these are huge infrastructures. Not like many DR situations where the equipment is shared. Even a hurricane like Sandy, if it knocked out hundreds of businesses, these wouldn't exhaust the capabilities of an AWS. Not likely, though it's possible.

    The idea of the FBI pulling your data, or a similar situation, is something to worry about, but I wouldn't worry about that with a cloud service where the data isn't on physical disks like it used to be in many shared, rent-a-VM hosting providers. It's spread out more like a SAN, with redundancy, so law enforcement pulling one down wouldn't pull your data.

    The cloud isn't THE answer, and there are certainly potential problems, but if you stick with thinking about this as an old, App Service Provider or rent a VM paradigm, then you're not really paying attention to what some of the larger providers are offering.

  • Eric M Russell (12/13/2012)


    Database cloud services in 2012 are sort of like web application frameworks back in 1996; the basic technology infrastructure is there, but folks are still debating about what to do with it and when.

    Well said. We're also still trying to define them. What Azure offers is different than AWS, and vastly different than something like Rackspace.

  • True, I am fully agreed with your statement.

Viewing 12 posts - 1 through 11 (of 11 total)

You must be logged in to reply to this topic. Login to reply