If there was any take-a-way from TakeDownCon related to virtualization, it was that the virtualization host is not the primary attack point but all the ancillary systems that touch it. These systems may not even be considered part of the virtual environment but they certainly can impact the security of the environment.
I keep hearing we are now in a Cloud based world, I keep hearing that to “Do Cloud” properly you need to bill like a utility company, small standing charge and then a price per unit used cost.
Cloud Computing ...
• • 0 Comments
Amazon failed because of simultaneous failure of its EBS in two Availability zones. If you were dependent on one of these (or mirrored across the two) you lost access to the filesystem from your Instances. It may be sensible to move to the use of the S3 mechanism (or some portable abstraction over it) for new applications, but if you have an existing application that expects to see a filesystem in the traditional way, Gluster can provide a distributed cloud-agnostic shared filesystem with multi-way replication (including asynchronous replication).
Business Agility ...
• • 0 Comments
These announcements and ideas paint a better direction for cloud development and creation than there existed even one week ago. These announcements also concentrate on the data, not the computer engine(s) within the cloud. It has alwys been about the data.
IT as a Service ...
• • 1 Comment
The problem is that not everything is as black and white as security folks desire. If we implement performance and other management tools, we often need to expose part of our all important virtualization management network to others. But how do we do this safely, securely, with minimal impact to usability? Why do we need to this is also another question. You just have to take one look at the Virtualization ASsessment TOolkit (Vasto) to realize the importance of this security requirement. But the question still exists, how do you implement other necessary tools within your virtual environment without impacting usability?
VMTurbo has delivered a new free vSphere performance and capacity management solution that is neither time nor size of environment limited, and that breaks new ground in terms of capacity management functionality delivered in a free solution. The automatically generated VM Rightsizing Recommendations should prove to be of particular value to vSphere administrators.
Public Cloud SLA’s are worthless. They need to be replaced by metrics that measure the responsiveness of what the cloud provider owns to the layer of software from the customer running in the cloud. Developing these metrics will require significant changes to existing APM approaches in order to be able to separate time spent in the application from time spent in the application framework or OS.
Mike DiPetrillo’s post entitled VMware is Building Clouds sparked some interesting thoughts and discussion about what it means to have federated clouds and how do you define such federation? Is federated required to make ‘cloud’ ubiquitous or are we already there? But is the discussion really about federated clouds or simplistic data object movement between the VMs or about cloud management?
A Service Level Agreement (SLA) is an excellent expectations-managing mechanism, but it’s important to manage your own expectations of what an SLA can realistically accomplish. Just those three words “Service” “Level” and “Agreement” is often an attention turn-off I know: SLAs are to infrastructure bods what documentation is to developers. Yet, when considering taking up cloud and utility services many consider that the SLAs offered aren’t reliable, if they exist at all. So the SLA becomes the blocker – ‘If I move services out of my data centre, how will I guarantee availability and performance’.