When migrating to the cloud consider security and resource variability, the cultural shift for operations and the new cost model.
1. Costs Move to Operating Expenses
When computing resources move from hardware, components and infrastructure that you buy and own, to those you rent by the hour, they also change places on your balance sheet. They move from being capital expenses that depreciate over time to operating expenses.
At the end of the day, this is a very good thing because of the idea of discounted cash flow, and cost of capital in accounting. It’s always better to spend your money later.
That said it shifts how servers are provisioned, and how business units, and managers think about those expenses. So expect some hiccups in that regard.
2. Operations & Automation – Cultural Shift
Best practices include solid disaster recovery, backups and then fire drills to prove all your ducks are in a row. But best practices often get sidelined for more pressing concerns, and other obstructing priorities.
With virtual cloud servers, you start with a server that is less reliable to begin with, and a lower SLA to boot. So automation from your starting point moves to front and center. This requires a more managed approach to rolling out servers, akin to a small software development team in the habit of rolling out code manually, being pressed to move into version control. This new managed approach to web operations is a good thing, encouraging configuration management, and automating resource provisioning tools like Chef. Still it is a cultural shift, and one that won’t happen overnight.
Although the Amazon environment does not provide perimeter security, the security groups model can provide equally good security if managed well. But one also has to manage other things closely such as:
- authentication keys
- machine images – built without sensitive data in the AMI
Furthermore compliance questions are often on everyones mind. While you cannot say for sure where your data is physically located in the AWS environment, you can control whether it is encrypted or not, and you control those encryption keys. Nevertheless legal requirements may have other plans in this regard.
Consider also what would happen if your cloud provider were hit with a lawsuit that being overly broad, sweeps some of your servers into its net. How will you handle such a scenario? Use multiple cloud providers and test your disaster recovery scenarios.
4. Resource Variability
Like moving from big iron to commodity servers fifteen years ago, cloud hosted environments can take some getting used to. In the virtualized environment, the CPU, disk and network resources you are allocated are based on computed averages. At any time the disk I/O throughput for example can fluctuate higher, or quite a bit lower than the service level agreement for that instance type.
All of the practices and methods for promoting scalability, decoupling components, caching agressively, and scaling horizontally will reduce the impact of these resource variabilities. In the same way the internet masses can descend on your website without warning, building a robust infrastructure to stand up to the vagaries of virtualization will go a long way towards helping you scale smoothly when traffic spikes.