Are You Sure You Are Ready For The Cloud: Design
For the last few months, we have been discussing getting ready to go to the cloud. We have covered topics such as Financial and Business Security reasons. We have even discussed the type of knowledge you should obtain.
This month, we are going to take the next step, which is covering:
Why is design so important? Cloud is an amazing technology, but if not properly designed, you can loose the ability to access all of your resources that you have paid good money for.
How so? Starting with something as simple as spinning up and server Instance. If you assign to many resources to it, and do not effectively use these resources you now have a “committed waste”. As an example, if you assigned 4 vCPUs to an instance, and after looking at your resource usage on that instance some time later, you noticed you never used more than two vCPUs; so now you have waste. Beings you committed 4 vCPUs, two are lost unless you can reclaim them.
In some cloud management software, you will find that this is either impossible, or extremely difficult. On a virtual server side, usually on the hypervisor level, you can add and remove vCPUs easily, but is not normally recommended because it can cause issues with the Guest operating system.
So, lets go back to the Design aspect: the design in itself can be broken down into four main areas with a few sub areas:
- User Connectivity
- Web Browser
- System Level
- System Ports
Now, lets look at each one of these at a higher level. I am going to start at the bottom of the list first.
The resources I have listed are extremely basic, and show that this is a minimum to get started, except for the volume storage. You can use local storage depending on the size of your cloud, but larger companies will have separate volume storage, such as NAS or SAN units or other types of external storages like appliances.
The vCPU and vRAM are normally based directly on physical CPUs and installed RAM. Several of the cloud management tools, even open source ones have the ability to adjust the ratio of physical to virtual vCPUs. Such as, if you have 24 physical CPUs, and industry standard of 10ea – 15ea vCPUs to each physical CPUs will give you 240 or 360 vCPUs that can be allocated to your instances.
Next in the Infrastructure bullet, you will see only two things: Network and Internet. You do not necessarily need Internet access to have a cloud, but it comes in handy if you are spinning up instances and they need drivers or libraries from vendors or various repositories. Of course, the Network is in itself self-explanatory, but I would encourage you to have the fastest and most robust possible for your budget. Why?
Moving instances from one compute node to another takes time, and the faster the wire speed the better. Also, when you get into backups / Disaster Recovery areas, you will really need that speed.
Security is the next bullet, and I broke it down into three sub bullets: Firewalls, System Ports and Username and Passwords. There are many other facets of security of course, but I am only look at the three basic pones here.
Firewalls are self explanatory, while System Ports are not. Several of the open source and commercial cloud management software packages have the ability to wrap each instance with the ability to block TCP/UDP ports from sending or receiving data for each of the IP stack ports. And again, complex Usernames and Passwords are always important.
The last is User Connectivity. Hopefully everyone reading this article can effectively use a web browser, but direct system connections may be a little harder. If the required TCP/UDP ports are open, then you can connect with SSH, Telnet or RDP depending on your machine flavor.
Knowing where you want to use the resources, security or network will help you take advantage of making sure you can connect to your cloud and be able to effectively use it. Shoot for as much Compute resources as possible, and make sure that you are robust in your network choices, and you will have a lot better experience with your cloud.
By Richard Thayer