Sky’s Blog

I had a meeting with Alex Polvi (a founder) and Bob Hrdinsky of Cloudkick today. Over a Thai lunch. And then we followed up with a short discussion-demo at their office at the foot of Potrero Hill where I met most/all of their US tech experts.

Cloudkick runs a slick service that lets you manage your Slicehost and Rackspace/Mosso cloud servers (both brands are owned by and housed in Rackspace facilities), providing some data visualization in addition. Of course you could manage your servers using the control panels provided by Slicehost and Rackspace, but Cloudkick’s one-layer-removed management adds some unique extras. And they can “automatically” migrate your Amazon EC2 servers over to Rackspace if you’re interested in that. I have nine virtual servers on S&R (as I’ll call the two services) and signed up for the free Cloudkick services almost three months ago. They were voted Best in Show at Under the Radar (see Cloudkick writeup and video). The company is a little under a year old. It was kick-started by a seed investment by Y-Combinator, and recently obtained an angel round of investment. (continue reading…)

Tweet This Post

Being a user of and a promoter of cloud computing, I am also aware of challenges to the security of cloud computing environments. Cloud computing suppliers come in several flavors. I’ll address two of them here: 1) those who provide virtual hosts; and 2) those who provide automatically-scalable hosting solutions without distinguishable hosts.

A virtual host looks like an actual server. You (or your programmer/sysadmin) can use it as if it were your own dedicated server. In fact, however, it is only a portion of a much larger server. Rackspace/Mosso, and Slicehost are two I’ve discussed and actually use. The focus is on the virtual server.

An automatically-scalable hosting solution is a service or set of services which are hosted on one or more computers, and you can’t actually tell how big the server is or for that matter, whether it’s a whole array of servers. The focus is on the virtual service (not the server itself).

What’s good: Virtual servers are a more secure environment than shared servers because you are only dependent on your own security efforts. (On a shared server, if another user picks a poor password, or doesn’t upgrade their PHP software when security upgrades are released, you can be hacked if their account is compromised.) Automatically-scalable hosts may also be secure in this same way if accounts are adequately protected from each other.

What’s bad: A root compromise of a virtual server may be possible. In fact, it’s probably inevitable that such things will happen. And if you don’t update your underlying software (like WordPress, for instance), they you’re likely to be in trouble anyway. So ultimately any server can be compromised.

---

“Cloud-clobbering” (talk – is cheap)— cloud servers may become a target for hackers.at the 7th Hack in The Box Security Conference in Kuala Lumpur.

I’ve written about “economic denial-of-sustainability” attacks, in which an attacker causes a cloud user to so scale up their server usage that it becomes economically impossible for the defender to survive. These wouldn’t be possible if there were no cloud computing.

Tweet This Post

When all data for Sidekicks got lost recently [read this article in the Wall Street Journal] was it a cloud failure or was it a single system failure?^[1] [also New York Times article]

In the sense that data was being stored somewhere and the customer didn’t know where it was, then yes it was a cloud failure. But I contend that it was also a failure caused by the existence of a single-point-of-failure. (As system developers, this is our constant nightmare.) The product/service was set up to use a single data service with (apparently) inadequate backup. That created the possibility of this single-point-of-failure. The real failure was that T-Mobile didn’t provide the option to back up your data in a location under your control, so that you could later on restore it if the central service went down. (continue reading…)

Tweet This Post

Geek alert! This article is for Slicehost geeks only.

Talk about playing on the edge, I almost fell off this time. I have eight slices (virtual servers, that is) on Slicehost (which is now owned by Rackspace) and believe me they are tiny!^[1] But they can serve low-volume to medium-volume web sites pretty well. For instance, Shaping Youth (several thousand visitors a day) and GirlsHorseClub are on these little servers and they serve up pretty rapidly.^[2] Nice thing about Slicehost is that any host can be scaled up from the tiny size to 16x that size, and because it’s cloud computing, you can also bring up multiple instances of any server and have them share load. This allows me to implement the traditional three-tiered architecture (web/application/database) quite well without having to worry about whether my servers will be able to handle the load because I can scale ’em up whenever I need to.

But, the catch is that when you start with the tiniest slice (256MB RAM) you really have to fine-tune your operating system and applications in order to get good performance out of them. (continue reading…)

Tweet This Post