Storage

Storage in the cloud: Requires a different mind-set

One of the fundamental requirements for any IT professional deciding whether to embrace or dismiss cloud computing is to first understand it. IT pro Rick Vanover highlights the big picture offerings of storage in the cloud.

In traditional computing infrastructures –- brick-and-mortar IT if you will -– storage is fairly simple to understand. There are two main areas of management -– data and disks. In regards to cloud computing, the data management doesn’t go away. In fact, I would argue that the data management requirement increases with the cloud. But the all-encompassing disk management requirements go away when cloud storage is used.

There are two fundamental types of cloud storage. I will explain their usage implications and how they can be applied to organizations as they consider cloud architectures.

API-based storage

In the case of Amazon Web Services, this is the more common storage option available through the Simple Storage Service (S3) cloud. Accessing S3 is different than traditional storage in internal infrastructures as it is accessed through a Web service via the S3 API. The beauty here is that organizations can write their own applications through the well-defined S3 API or organizations can utilize partner solutions that adhere to the specification.

Direct storage

Again with the Amazon cloud offering, cloud solutions can be provisioned storage on a direct-attached basis for extra storage. The Elastic Block Store (EBS) cloud is a provisioning mechanism to allocate direct storage to an instance in the Elastic Compute Cloud (EC2). An EC2 instance can include familiar entities such as a Windows Server 2003 or a Linux system. The EBS storage provisioning is comparatively much quicker than the API-driven S3 architecture.

Doesn’t it always just depend?

The best selection for storage in the cloud will depend on many factors, but these two fundamental differences can highlight how storage can be provisioned in the cloud. S3 is better for multiple inbound and outbound points due to its collaborative nature. EBS, on the other hand, would be better for singular I/O intensive activities that go along with a system or application.

Cloud computing is a reality, and infrastructure professionals need to understand the details to justify their pro or con cloud stance above all else. Share your comments below on cloud storage technology (leave security and compliance out for now -– that is coming in another series of posts).

About

Rick Vanover is a software strategy specialist for Veeam Software, based in Columbus, Ohio. Rick has years of IT experience and focuses on virtualization, Windows-based server administration, and system hardware.

56 comments
The 'G-Man.'
The 'G-Man.'

But that is what stops most people from even considerng it in the first place. That should be the FIRST thing considered.

jck
jck

the willingness to trust someone with your data in the end. Will you have true 24/7 access? Will you have 100% security? The cloud thing is good for small shops who can't afford clusters or farms. But, a real large company with sensitive data can't take a real risk on it leaking, being hacked, or being lost.

Tony Hopkinson
Tony Hopkinson

There are various vested interests who want it to become a reality, and time and again, those vested interests ingnore the real issues, and come up with drivel like paying for and powering up a hard drive, and may be some guy to press his ear to it to see if it going. Security, access, control, ownership are the important issues, if you keep ignoring them, professionals are going to keep ignoring you....

Deadly Ernest
Deadly Ernest

For starters damn few businesses will be able to put all their data out there in the cloud due to legislation like privacy laws. So why not keep it all in house since you have to keep some? But lets say you have nothing covered by privacy. You place your entire corporate data and operation at risk as any problems at the data storage site or the Internet in between means you're closed down until it's fixed. Also where is it located. Hey, I'm in Australia and I set up such a service, as is usual I set up my maintenance to happen between 2 am and 3 am local time as that's minimum disruption for the bulk of my customers who are here in Australia - sorry you guys in the US are anywhere between start of work and lunchtime when I start (depending upon where you are) - oh so sorry you can't do any work for an hour or so in the main part of the business day - oops. Plus bandwidth costs go up, you need to increase your internet service access by about ten times to allow everyone to get out over the net. What control do you have on back up and back up copies? What control do you have on verification of, and limitation of, access due to court orders. OOh, kinky the courts in your home country can't get access, but the courts in the country where the server is can. Oh dear, and the get everything, not just what they asked for. Then we get into the points raised by others on security and breaches. Oh, BTW, don't forget everything that crosses the US border is subject to interception and analysis by NSA and CIA and the intelligence services of several other countries. Gee, isn't it nice to have all your corporate data open to view by them, if they want to. .......... I can see web storage for individuals, especially college students, as being a damn good idea - hell, they can get at their assignments from anywhere. But not for companies.

Ou Jipi je
Ou Jipi je

I haven't checked out Amazon Web Services yet, but since you obviously have -- you might be able to answer my few questions: 1) If (of better when) Amazon Web Services get hacked and your company's sensitive information finds itself on the Internet - Does Amazon accept full legal liability? Secondly, 2) if (of better when) they get hacked - are they obligated to tell you about it of can they legally keep this information to themselves? 3) If your data is gone for whatever reason where lies the responsibility? Giving that the data/ information is transmitted over WAN 4) what International laws are in place to protect the sensitivity of the information? 5) What security and legal measures have been put in place to ensure data availability and integrity? Further - currently, to accommodate your file services, I suppose your filers are connected to your LAN backbone at the speed of several gigabit per second -- 6) what WAN connectivity do you require to achieve similar performance when your file services are hosted at for example Amazon? 7) What do you mean when you say "the all-encompassing disk management requirements"? I ask because as far as I understand it, in fact you do not remove the "the all-encompassing disk management" in stead, you pass the buck someplace else and chose to pay for "the all-encompassing disk management" being done by someone else - for a fee of course. Am I wrong? If we are to understand it before dismissing it please answer my above questions -- specific answers please!

Jaqui
Jaqui

after all, you are giving control of the storage to another party. And your only access is over the net. I don't see either option being viable for an Enterprise to adopt a cloud based app.

b4real
b4real

The 'G-Man': I am lining up compliance experts as we speak. They will be featured on future cloud commentary on how compliance is addressed for cloud-based solutions. My initial compliance areas for commentary will be COBIT and PCI.

Tony Hopkinson
Tony Hopkinson

IT professionals trying to get us to buy into this fallacy.

b4real
b4real

24/7 Access - physical facility access or 'cloud' access? I don't think we'd need physical access.

b4real
b4real

24/7 Access - physical facility access or 'cloud' access? I don't think we'd need physical access.

b4real
b4real

The small organization and the startups are obviously cloud-ready. Big organizations (like me) have trouble making the jump. The cloud can be real. My goal is to communicate how it works first.

b4real
b4real

S3, EBS, and Nirvanix can keep your data on the US if you wish. Also, nothing stopping me from encryption.

fatman65535
fatman65535

In some countries, who needs them. Just a few goons show up in military uniforms carrying AK-47's or M-16's with bayonets. Do you HONESTLY think the cloud service provider's employees are going to STOP THEM????? I DON'T THINK SO!!!

Ou Jipi je
Ou Jipi je

Jeremy Clarkson used a nice expression that might apply to the cloud computing crowds and fearless leaders who bother to spend more than two minutes discussing "the cloud" -- "Ambitious, But Rubbish". Rick -- still awaiting your answers.

paf-1
paf-1

In the excitement of gaining the "cloud" as a storage and application hosting venue, are we forgetting security? Security of data and corporate sensitive information like H.R., R&D, Payroll and the such. While general information websites, e-stores and info gathering (surveys)can be hosted elsewhere, not everything belongs outside of the "back room" where 3rd and 4th parties have access to it.

b4real
b4real

My goal is for us first to understand cloud. Then we can see where it makes sense. I'm convinced the cloud will win, however.

jck
jck

Having someone store your data is one issue. Having someone maintain it is another. Do you pay for just storage/access? Or throw on top of that a DBA too? If you lose access to the data, who maintains it? Who backs it up? Who ensures it all was done if their fibre goes down? What if a backup is missed and you don't get the report and they have a crash and you lose 12-48 hours of data? Big big issues can arise from off-site data storage and maintenance.

Tony Hopkinson
Tony Hopkinson

or anything. I was sitting at tty connected to Hull University in 1976, and I can assure you it wasn't new. I am not here to change my needs, so yours can be met, why the heck should I? Don't tell me I'll save money, my current outlay for the offerings mooted is zero, other needs which you could never meet, already fund my infrastructure, and If I want to remote to my box, I could do it very easily.

Deadly Ernest
Deadly Ernest

do have security and legal issues to contend with in the business world. I know in some countries the placing of data covered under that countries privacy laws on systems outside of the country will leave the senior managers open to charges that can result in a prison sentence. the technology for cloud computing is here, but it requires companies to, in some cases, break the laws of their country; and also opens them up to very severe security and performance risks that also need to be assessed fully. If you're promoting something, then tell both sides so they can make INFORMED decisions.

b4real
b4real

In the S3 cloud, for instance, the option exists for a US-based data location (East or West). At least one of the S3 clouds in EU is in Ireland.

melias
melias

I would hope that Google, Microsoft or any other 'responsible' cloud service provider would setup a data center in such a country. I would hate to think to think they would be so foolish. But then again, company executives have been known to do worse in the name of profit. Another reason to nail them down via SLA's and VERY restrictive contracts. I think cloud data should be encrypted so even the cloud provider cannot read it.

Deadly Ernest
Deadly Ernest

is to set up your own mini cloud on your own servers and use it as a variant of thin client. That way you can run older or less capable hardware as all they need on the desktop system is a basic OS and a browser. All the rest runs on the company cloud inside the company where you control it.

Jaqui
Jaqui

what happens if Amazon's data center has an airplane drop in? what do you do when the systems have been burned and you cannot access the data you had on them?

Jaqui
Jaqui

I stand by my opinion on the two services. Storage is not a viable cloud service, the infrastructure can to easily be damaged, costing any business massive income loss. I personally see the cloud more as a distributed application system, for services that would be viable for enterprise deployment, than a distributed system level service.

Ou Jipi je
Ou Jipi je

"My goal is for us first to understand cloud. Then we can see where it makes sense. I'm convinced the cloud will win, however." What are you saying here? If I read your input -- you are saying that-> _you_ don't understand "cloud" and _your goal_ is to understand it -- yet -- in the second half of the sentence you seem to be convinced that it will "win" (something). Thus, besides that I have absolutely no idea what "the winning of cloud" possibly means, it seem that you are being convinced that it will "win" based on your eventual possible understanding of _why_ it will "win". Rather amusing, must I say....

Deadly Ernest
Deadly Ernest

but an internal cloud for companies is a goer.

b4real
b4real

We'll see where this whole cloud thing goes between now and say 2 or 3 years from now. If people are not using it - they'll fade. If not, I'm right :)

Tony Hopkinson
Tony Hopkinson

pyramid schemes, centralisation decentalisation outsourcing, off shoring on shoring, alignment, the weeks greatest tool to solve all our problems SSDFad

b4real
b4real

Cloud is nothing new. The Internet was a cloud before we knew it. The electric company is a cloud. Before we had electric companies people were afraid to not generate their own power.

Tony Hopkinson
Tony Hopkinson

of yet another boom and bust cycle. Big boys make money, jump ship amd then we find out our 200 shares each are now worth f'all.

jck
jck

Napster was a success. Was being the key word here.

jck
jck

Then what value do you provide your customer? Slower access? Less control? Less security? I think cloud computing's best implementation currently would be for off-site automated backups by a service. Even then, it would not be something probably considered by people who have sensitive data.

Tony Hopkinson
Tony Hopkinson

After all if they were successes, they'd have resolved some key issues. Or may be they just did real well on the stock markets and no one has found them out, yet.... Examples of what, and an acceptable definition of success required.

b4real
b4real

To a point of my next blog - the burden of data backup doesn't go away. I think a concept of federated clouds may roll in.

Deadly Ernest
Deadly Ernest

cloud based photo storage service that closed down at very short notice. I saw an article by a professional photographer, due to the lack of notice he was unable to get thousands of his photos back off the site. Lucky for him he had copies, but he wonders how many non professionals didn't, and lost the photos. All he lost was the time and effort tagging them and sorting them.

b4real
b4real

Of cloud success stories? I think so.

Tony Hopkinson
Tony Hopkinson

to maintain your data on our kit. That will go down like a lead baloon. Then of course providing the secure access and privileges to maintain the data, without allowing access to anyone else's, and in a distributed system where is it.... Enclosed one high volume receptacle of pink tubular wriggly invertebrates.

Tony Hopkinson
Tony Hopkinson

MS's recent hack of FireFox, Sony's rootkit.. These guys are responsible to their shareholders that's it. They are trying to sell the full thing, so either the application runs on their machines and the data is decrypted, or theres a shed load of clientside functionality, which negates the so called benefit, and you have to trust that they haven't malwared you. For trust see first paragraph....

b4real
b4real

Citrix and others are veterans in the private cloud.

Deadly Ernest
Deadly Ernest

like Citrix is what you need on the user system to get access. I don't remember actually saying it was available for decades, but this type of computer usage has been. Thin client and cloud computing is just a variant of the old mainframe based computer usage system but smart terminals instead of dumb terminals. Same basics. As to the bit about 'fulfils your requirements' - that should be a given in any business decision. However, so many IT decisions now are made by senior managers without the information needed to make an INTELLIGENT and INFORMED decision about IT trends and how they meet business requirements. If a company is looking at reducing their IT costs and improving the data security by going to a thin client, an internal cloud system is as viable an alternative for them as Citrix or any other thin client solution. Example, company is switching over and wants to save on computer replacement costs by extending the life of the existing desktops. Set up an internal cloud computing environment with the proper software to use all the business needed software off the company cloud server. Log on ID etc is then done on the server and not needed on the desktop until you access the classified data. So you go around all the older systems and clear the software off and image them with a basic Linux installation with Firefox and a set of bookmarks for all the corporate software. The desktops need only work the minimum OS and the browser, so they should be faster, despite the age and lower standard of hardware. This extends their usage life for you and also saves you about a grand or more on all new installs due to using free software and not having to pay for licences. It will mean you need to upgrade your internal network to handle the heavier load, but that is cheaper and easier in the long run.

Ou Jipi je
Ou Jipi je

How is it different from, for example, Citrix environments which run things this way for over 10 years now? In other words, what you are suggesting is already available for decades..........!!!? -- But -- why all or a majority of the companies did not adapted this approach? Three words....REQUIREMENTS, REQUIREMENTS, REQUIREMENTS. I would change your input slightly by adding: "Actually, the best use for cloud computing in business, is to set up your own mini cloud on your own servers and use it as a variant of thin client, if such fulfills your requirements" - do you agree?

b4real
b4real

One player - Nirvanix - offers 100% availability (who cares about 9s!). When the option for triplicate datacenter replication is selected. Pretty cool.

Tony Hopkinson
Tony Hopkinson

have been applications and data. The thing is the suppliers of cloud keep selling it as a cost saver, but every method of combating the weakness inherrent in relying on remote storage never mind applications, costs money. I think when you add the costs up properly, it isn't going to be saver anymore, not for anything but a very small business anyway, and that is dubious. The other problem, is how does the provider of the service 'maximise shareholder value'? Where does their margin come from? Reduced quality, options, increased prices , or market domination. Can't say any of those have me leaping to sign up...

markm
markm

but only up to a point. Your first rebuttal applies, it seems to me, only to SaaS; whereas I thought this thread *was* about "just doing storage." In this narrower use case, encryption/decryption takes place locally (vis-a-vis the end user) and the pipe and cloud server(s) only see uncrackable (as these things go) data. If Amazon S3, say, is indeed geographically dispersed as well as replicated (large assumptions, to be sure), then the infrastructure fragility argument fails, no? Except of course for the "first mile" (local machine to the Internet) problem...

Tony Hopkinson
Tony Hopkinson

It has to be decrypted and the application is running on the provider's server. So your data is far from secret from them. Or it's all done clientside by their code, and your data is not secure from them. Or you are just doing storage, which chops the so called savings down dramatically. As far as infrastructure fragility goes, depends on how many pipes you and they have. One tattooed ****wit with a backhoe... That's disregarding things like the ability to near shutdown the internet in a geographic area by messing with a couple of key nodes, legislative privacy discrepanciies, your supplier breaking contract, and above all the natural amalgamation of the service for scaling savings, perhaps leaving you with a very expensive alternative to a competitor owning the servers your business runs on.... Comprenez vous?

markm
markm

ANY intramural solution is equally vulnerable to ALL risks cited thus far. Strong encryption obviates the HIPAA/"OMG, my corporate financials somewhere out there?" fear. And IIRC "Amazon's data center" is more like a dozen farms. If there's any replication happening, infrastructure fragility is more likely to happen to the self-hosted solution, n'est-ce pas?

Ou Jipi je
Ou Jipi je

What do you mean by saying "as I see it"? Could you be little more specific? Do you have a specific question regarding off-premise cloud storage?