Processors

Ten questions to ask your cloud provider

In the absence of strict standards to identify criteria/metrics for cloud computing, Colin Smith came up with 10 questions to ask cloud providers when making a decision about competing services. What would you add?

Earlier this month I attended a Red Hat sponsored Cloud Camp. (Full disclosure: They gave me a hat -- guess what colour it is?) One of the most interesting discussions for me centered on Red Hat's recently announced Cloud Engine. I found the Deltacloud API concept quite compelling. Without getting into technical details of an as yet unreleased product, let me quickly outline the parts that I found most exciting by describing a possible future scenario of how the Cloud Engine would work using the Deltacloud functionality:

<scenario>Imagine that you have three workloads that have the following business requirements:

Workload Security Requirements Description Due Date
Workload 1 High Contains customer identifiable data, credit card numbers, etc. End of Month
Workload 2 Medium Contains mostly public data 4 days
Workload 3 Low Contains product images that need to be displayed on an eCommerce website ASAP

If you feed all of the workloads into the hopper of the Cloud Engine, it would apply policies to the workloads to assign them to different cloud service queues. The Deltacloud functionality would prepare the workload for the target cloud service. The output could look something like the following:

  • Schedule workload 1 to be processed on the corporate private cloud during off peak hours.
  • Encrypt the data and schedule Workload 2 to be processed on the EC2 spot market when prices are 20% below retail on day 1, 10% on day 2, 5% on day 3 and at retail on day 4.
  • Schedule Workload 3 to process immediately on reserved cloud instances. </scenario>

There will come a day, in the not too distant future, when we will be able to buy cloud service futures (just like pork bellies). As I mentioned earlier, Amazon already has a spot market for EC2 services. I expect the Cloud Engine (and other similar offerings) will be able to manage much more complex workloads and policies and be able to move workloads to many different types of clouds, as required.

The ability for systems like the Cloud Engine to really make the best use of available cloud services relies on some level of standardization among the cloud providers so that real comparisons can be used to make rational choices.

Unfortunately, not all clouds are created equal. It is very difficult to compare cloud service offerings as much of the detail is just not available. Take a look at the definitions of EC2 instance types and you will see terms like "virtual core", EC2 Compute Unit (one EC2 Compute Unit provides the equivalent CPU capacity of a 1.0-1.2 GHz 2007 Opteron or 2007 Xeon processor. This is also the equivalent to an early-2006 1.7 GHz Xeon processor), and high/moderate/low I/O performance. These are less than precise measures. It makes it challenging to know what you are purchasing and even more difficult to compare with other providers.

There are already several standards bodies involved in defining criteria and metrics for cloud computing. The wonderful thing about standards is that there are always plenty to choose from. Until they reach a consensus, the following list is an attempt at gathering enough information to be able to make a reasonable comparison between providers:

1.       How many locations do you have and how are they connected?

2.       How do you define a processor / virtual core / Compute Unit?

3.       How many IOPS can I expect at each I/O performance level?

4.       How does your memory access score on the STREAM benchmark?

5.       How does your virtualization system score on the SPECvirt benchmark?

6.       How many live copies of my data are there?

7.       How do you back up data?

8.       What is the retention period and recovery granularity?

9.       What happens to my data if I cancel my service?

10.   What is your SLA and how do you compensate when it is not met?

I intentionally capped this list at ten questions. What questions do you think should be added to the list?

About

Colin Smith is a Microsoft SCCM MVP who has been working with SMS since version 1.0. He has over 20 years of experience deploying Microsoft-based solutions for the private and public sector with a focus on desktop and data center management.

14 comments
geoffokao
geoffokao

Thanks for this list. In addition I'd suggest the following:- 1. What are the locations of my live data? (Driven by compliance issues) 2. If not in the US (where activation of the Patriot Act can severely impact your business without neither you nor your cloud provider having a say...), what laws regulate government access to my company information? 3. How do I know that there's been a breach? 4. To what granularity levels can the management tools go to inform me of what has been illegally accessed?

Tony Hopkinson
Tony Hopkinson

and leave all the hard ones out.... Security, control, legislation, recovery, IP, enhancibility, local redundancy... Lock in...

E1M
E1M

I'd move number 10 to the top.

carlsf
carlsf

And down times what happens to my business when I cannot readh my data.

The Colin Smith
The Colin Smith

Tony, don't confuse technology with delivery. Cloud computing is not a technology but a consumption and delivery model. Virtualization is one technology that is often used to enable cloud computing.

Martyn Keigher
Martyn Keigher

Tony... I admit that security, redundancy and recovery are all big issues, but don't pre-judge what you 'think' the operator has setup already, with regards to 'generic' questions and to be given 'template' answers. These 10 questions are good questions to ask, but their obviously not 'the only' 10 questions you will ask... Good article Colin, you defo need to ask these questions!! Cheers Colin. :)

Tony Hopkinson
Tony Hopkinson

is you don't pay for the service you didn't get. The business you lost because you didn't get it, well tough, shouldn't have been a complete wally and delivered critical business functionality to a third party with totally different goals should you!

DJMorais
DJMorais

I think security is a huge factor. How can a provider absolutely ensure me that my data is secure? I would also want to make sure that I had redundant paths to my data to keep uptime at a maximum. Compatability of systems as well should be considered. Not everything plays nice together. You don't want a native app breaking because it doesn't play nice with an optimization method they are using...

Tony Hopkinson
Tony Hopkinson

Cloud is a platform. You take your standard dated monolithic enterprise CRUD app with a SQl server backend and put it in the cloud. Very little is going to be delivered so there will be nothing to consume... Just do email and browsing, well Ok, but then you still need all your IT effort to drive the rest and the extra cost of throwing in Email, proxy server etc is relatively trivial. Delivery is critical, you could make the same argument winders vs linux, SAP, Oracle and all it's gubbins. We know one size fit's all doesn't work for anybody, but if we make it work for everybody we wouldn't make any money unless we charge them for each difference.

Tony Hopkinson
Tony Hopkinson

Gartner led numpties selling clouds particualry on this site and everyone of them tells me these issues aren't imporant compared to the amount of money I could save on people and kit... Seeing as none were mentioned, the guy got pigeon holed with rest of the get rich quick or myopic muppets on this model of bandwagon.

Tony Hopkinson
Tony Hopkinson

If you are talking private cloud as in private to your company where the savings are say in efficient virtualisation, reduced deployment and configuration, then maybe. If you are talking your own data centre so say your custoners to access their data and functions, then you just made yourself effectively liable for all the issues those of us who can tell our arse from our elbow, have been saying the cloud vendors need to consider. Even internal, short of a ma and pa shop, say SBS and a couple of budget desktops, this is a huge project. The cloud is a different platform, it's like walking up to the big boys and saying we should switch to Linux because it's free. Well may be it is if you squint, switching to it isn't though.... Above all given the Gartner speak is you will save lots of money, ( and the implication get promoted before the wheels come off), when cheap is the driver in IT, you get what you pay for at best. On big projects, you end up looking like a government run IT project, a hugely expensive failure.

The Colin Smith
The Colin Smith

I heartily agree. That's why my push is towards private clouds. Public cloud hype is the perfect counter-point to a well thought out private cloud. While there are definitely some workloads that make sense for the public cloud, most large organizations can achieve many of the benefits of the public cloud while maintaining ownership and control in a private cloud.

Tony Hopkinson
Tony Hopkinson

way of justifying a decision that had already been made. As usual in IT costs tend to be very hard numbers, benefits (not simply reduced costs) tend to be very fuzzy. Bit of massaging and careful presentation, you can justify either way. What doesn't happen is people looking at the real long term costs and benefits, as opposed to the ones conveient for justifying their position now. The question to ask a cloud vendor is very simple. WHEN I lose access to critical data and services for some reason outside of my control how do I do business? The only people I've talked to who gave me an honest answer were some MS boys describing Azure as a platform. The basic answer was don't put yourself in that position.

Editor's Picks