Last week’s CloudCamp in Newcastle started of with a series of lightning talks, five minutes on a topic of the speakers choice.
Simon @ Amazon
Simon focused on security issues arising from implementing service provision based on Cloud architecture, starting of suggesting that most cloud implementations don’t consider security issues until after the initial implementation. It was also proposed that a lot of the security concerns were physcological, people feel less confidence in the security of their systems if they don’t control the physical hardware, but that sufficient security can be achieved by following best practice at other layers of the system architecture. To assist, Amazon’s cloud provision denies access to all network ports by default.
Gehan Munasighe @ Flexiscale
Gehan discussed provisioning cloud systems in more general terms. Cloud services are not virtualisation, but virtualisation is an integral component to a functional cloud offering. The goal of a cloud provider, and the benefit to a client hosting within the cloud, is that a client should not notice or be aware of any system failure within the cloud.
Stewart Townsend @ Sun
This presentation contained nearly every buzzword related to the Cloud, but trying to prove that the buzzwords aren’t important. The benefits provided by a Cloud environment are low-cost, increased agility and greater efficiency. Stewart claims the the technology required for Cloud systems is simple, the roadblocks to Cloud implementation are often developers and deployers, and in some case out-dated corporate policy.
Matt Deacon @ Microsoft
Cloud computing is required for progressive enterprises. The computing industry is currently an industry in transistion, but this transistion will likely not be realised for another 20 years.
Steve Caughey @ Arjuna
Steve started out by detailing some universal laws of computing. In addition to the well known Moores Law which states that processor power doubles every 18months, the law of storage states that disk capacity doubles every 12 months and Gilder’s law doubles every 6 months. These increases mean that geography and phyical location of resources become less important over time, allowing businesses to take advantage of economies of scale, but this must be tempered by consideration of local legal requirements.
Ross Cooney @ EmailCloud
Ross discussed a use for Cloud services that he calls ‘Boot strap & Transistion’. The theory is that by utilising Cloud services in the short term, start-ups and new services can be instantiated without the initial capital expenditure commonly associated with new IT environments. Once business is stable, and return on investiment can be proven the service can be transistioned back to in house hardware to increase control of the service and to increase potential client base as some businesses currently do not trust the cloud model. Alternatively if the venture proves unsuccessful the stakeholders can walk away with penalty or outstanding debt.
Same story as my previous post on the event; I’m still trying to fully digest all of the information and ideas presented. Whilst I research further I thought I’d share some of the comments and soundbites (mostly paraphrased) a took a note of during the event, which are currently bouncing around my head.
(If any of the speakers feel these are mis-quoted or out of context, please let me know)
Reading back through my notes, I find it interesting that most of these could relate equally well to any form of IT-based service, feeding back into my original feeling that cloud computing isn’t especially new but is simply the evolution of other shared IT frameworks (main-frames, multi-user systems, etc.). Which brings me nicely to my first quote:
The ideas and technologies behind cloud computing aren’t new; it is the billing model that is innovative and creating opportunities.
Use multiple cloud providers to ensure tolerance to failure
Balance the cost of a failure against the cost of mitigating the risk
Run a business/service expecting failures to happen, and plan accordingly
Contractual SLAs are not insurance against failure
Security issues related to Cloud computing aren’t new or worse than security issues within traditional architectures, they’re just more visible
Traditional systems don’t scale well within a cloud architecure
Todays archicture and system components will evolve to be more efficient with a cloud based environment
The cost of failure is often the biggest cost of IT systems
Traditional licensing models for OS and applications needs to evolve to match the requirements of cloud based services
And finally, which was said with a wry smile:
Cloud computing is good news for consultants
Tonight was the second CloudCamp event in the North East of England, and my first serious look at cloud computing. I really enjoyed the event and believe I recieved excellent value from attendence, so thanks to all those who helped run the event, presented and discussed aspects of the field with me during the breakout sessions.
My head is still spinning with new ideas and understanding as a result of the event so I’ll try to keep this brief and to act as a semi disclaimer for future postings regarding cloud computing.
Before the event my understanding of cloud computing was very cursory and I was very dubious of both it’s implementation and actual value to an organise. As such I attended the event in an effort to gain a greater insight into this new buzz word in service provisioning, either to join the bandwagon and take advantage of the Cloud’s potential, or to be able to better argue against adoption with a more reasoned argument than ‘I don’t like it’.
For this goal the event was perfect for my needs, as I know have a better understanding of what Cloud computing is (and isn’t) and have been able to answer some of my fundemental questions.
Short and sweet was the intention of this post so I’ll finish with a quote (paraphrased) from the event which has in some ways changed my outlook on Cloud computing, and more specifically the ability to secure a Cloud:
Security issues related to Cloud computing aren’t new or worse than security issues within traditional architectures, they’re just more visible.