If you missed the AWS S3 versioning webcast, I have a copy of the video here. And here are the highlights..
- You can enable and disable this at the bucket level
- They donâ€™t think there is a performance penalty of turning versioning (but it was kind of obvious S3 would be doing slightly extra work to figure out which is the latest version of any object you have)
- There isnâ€™t any additional cost for using versioning. But you have to pay for extra copy of each object.
- MFA (multi factor authentication) to delete objects is not mandatory when versioning is turned on. It needs to be turned on. This was slightly confusing in the original email I got from AWS.
- If you are planning to use this, please watch this video. There is a part where they explain what happens if you disable versioning after using the feature. This is something you might like to know about.
- They use GUID for versioning of each object
- You can iterate over objects and figure out how many versions you have for each object, but currently its not possible to find all objects which have versions older than X date. This is important if you are planning to garbage collection (cleaning up older copies of data) for a later time.
Windows Azure is an application platform provided by Microsoft to allow others to run applications on Microsoftâ€™s â€œcloudâ€ infrastructure. Its finally open for business (as of Feb 1, 2010). Below are some links about Azure for those who are still catching up.
Wikipedia: Windows Azure has three core components: Compute, Storage and Fabric. As the names suggest, Compute provides computation environment with Web Role and Worker Role while Storage focuses on providing scalable storage (Blobs, Tables, Queue) for large scale needs.
The hosting environment of Windows Azure is called the Fabric Controller – which pools individual systems into a network that automatically manages resources, load balancing, geo-replication and application lifecycle without requiring the hosted apps to explicitly deal with those requirements. In addition, it also provides other services that most applications require â€” such as the Windows Azure Storage Service that provides applications with the capability to store unstructured data such as binary large objects, queues and non-relational tables. Applications can also use other services that are a part of the Azure Services Platform.
While â€œprivate clouds may not be the futureâ€ they are definitely needed today. Here are some of the top issues bothering some organizations which have been thinking about going into the cloud. Some of issues were based on Craig Boldingâ€™s talk on â€œGuide to cloud securityâ€.
- Unlike your own data center, you will never know what the cloud vendors are running, or how they backup, or what their DR plans are. They will say you shouldnâ€™t care, but do you remember what happened to the Tmobile customerâ€™s on Danger ?
- Uptime, availability and responsiveness is less predictable than in a self hosted environment. In most cases the cloud vendors may not even choose to let customers know about major maintenance if they donâ€™t anticipate any issues. Organizations who manage their own infrastructure would always try to avoid doing two major changes which have interdependencies.
- Multi-Tenancy means you may have to worry about a noisy neighbor.
- Muti-Tenancy could also lead one to interesting issues which were never thought about before. What if there was a way to do an â€œinjection attackâ€. Depending on how Multi-Tenancy is implemented, you could potentially touch other customers data.
- Infrastructure and platform lock-in issues are worrying for many organizations who are thinking long term. Most cloud vendors donâ€™t really have a long history to show their track record.
- Change control and detailed change log is missing.
- Individual customers donâ€™t have much decision making power on what a vendor should do next. In a privately hosted environment the stake holders are asked before something is done, but in larger infrastructure, you are a small fish in a huge pond.
- Most cloud vendors have multiple layers of cloud infrastructure dependent on each other. Its hard to understand how issues around one type of cloud could impact others. This is especially true from Security view point. A bad flaw in a lower layer of the architecture could impact all other platforms built over it.
- Moving applications to cloud means dealing with a different style of programming designed for horizontal scalability, data consistency issues, health monitoring, load balancing, managing state, etc.
- Identify management is still in early stages. Integration with corporate Identify management infrastructure would be important to make it easy for individuals from large organizations on external clouds.
- Who takes care of scrubbing disks when data is moved around ? What about data on backup tapes ? This is very important in application handling highly sensitive data.
- Just like credit card fraud, one has to worry about CPU time fraud. Is the current billing and reporting good enough to help large organizations figure out what is real and what could be fraud ? They need a real-time fraud detection mechanism. And what about loss of service due to DOS attacks ? Who pays for that ?
- Need a better mechanism to bill large corporations.
- On the non-technical side, there are a lot of questions related to SLAs, Compliance issues, Terms of services, Legal issues around cross border services, and even questions about whether law enforcement have a different set of rules when search and seizure is required.
- Not too far from being another form of â€œoutsourcingâ€.
Photo credit: akakumo
If you haven’t seen these links before.. you should check this page first “Talks and slides from web architects“. But if you have already seen that page… here are the updates from last week.
For latest set of links go here.
This is a collection of various slides, pdfs and videos about designing scalable websites I collected time. If you have something interesting which might go in here, please let me know.