Amazon Web Services

SaaS, PaaS, IaaS, OPEX, CAPEX, Cloud Governance anyone?

In order to get to "less bloat" we have to completely strip the industry to its bones and start again. Attempting to do this kind of foundry work on the likes of pretty brain-dead platforms like Unix and its descendants (OSX, Linux, Android, and the ilk) or Windows is quite pointless, but such a rethink will be far too expensive and vested interests will say no. We can't simply go back to a wonderland of robust, secure, and simple OSes after the industry has decided they are rubbish (anyone with experience of DEC's VMS or Tandem's Non-stop will know what I mean) when we're hooked on "the cloud," particularly AWS. Incidentally, my real first professional experience back in the 90s as I was running a SAP R/3 Basis/SysAdmin Business Unit was with DEC’s VMS.

The inefficiency potential for systems is far greater than component (program) inefficiency. Indeed you can have efficient programs and yet still have a hopelessly inefficient system solution. As successive Australian federal governments, principally Lib/Nat, have disposed of most IT development capability; the multi-national IT vendors are grunting at the trough! Its some sort of Orwellian joke that this has all been achieved under an 'efficiency dividend'. You don't have to wait twenty years, this is here and now, and all Australians are paying for it and will be for years to come, think billions not millions.

I’ve been working for many years in several areas in the field of Cloud Computing and Data Centres. At the end of the day it’s all a corporate gimmick related to the act of taking IFT stuff from on-premises to the cloud. Sure, you may spare a few “pennies” but in the long run you’ll definitely loose a huge amount of control (as a Top Corporate Service Manager to a lot of B2B Clients I experienced this in the flesh and one particular client comes to mind: its CTO was complaining to me whenever a cloud glitch happened in the underlying IFT serving all top corporate clients, namely in the rules of the email/anti-spam service…). And if not implemented right you’ll have a ticking bomb in your hands. It’s not only a question of using lift-and-shift approaches whenever possible…It goes beyond that. First, choosing the right Operational Stack Model according to the business has become a major challenge for CIOs/CTOs (they basically don’t a have a clue, nor the people around them…). Second, the foremost step in cloud migration is an identification of the challenges while working with the selected cloud provider to navigate around these barriers to generate a healthy cloud environment for the business. It’s just not a question of moving from an CAPEX model to an OPEX one. For every platform Public, Private or Hybrid, make sure you ask the right questions to the CSP and understand the risks to your business otherwise you’re in deep shit, i.e, don’t migrate your IT on-premise issues to the cloud without being fully aware of what you’re moving and what the impact it’ll have on your internal processes... Humans are progressing up the evolutionary chain until they reach the top as ants. Is it worth it? Besides I don’t believe it’s even remotely possible to scratch the surface of this topic in a paper with less than 50 pages…

Jokes aside, a good cloud governance is all about implementing a good set of cloud policies. Nothing else. For instance, are some companies aware that they should conduct server patching? What about role segregation? What about Data Cloud Policies (does the company have restrictions where the user data should located for instance?)? What about service logging? Are the SysAdmin’s from the company running the VMs aware of this? Some sample questions to take into consideration regarding service logging:

1. How do you standardize the logs in distributed environment - Answers expected would be related to mutation , filtering (gork) in order to standardize;
2. What tools are available out there for a infrastructure team / person to monitor logs and logging mechanism itself?
3. How to you manage log archival?
4. How do you control log ingestion at server level and log creation at microservice level -> which again relates to standardization, expect someone talking about log rolling , file limit and at server level queuing the logs , forwarding using logstash/filebeat etc.?
5. How do ensure that sensitive data doesn't get into the logs? What's your favourite way of consuming logs? (I.e., Kibana, Logz.io, readily available or custom dashboards, some sort of aggregator... ).
Anyway, enough of that - bring back assembler. If nothing else it might straighten out those so beguiled at working at umpteen levels of abstraction that they actually believe their own hype about sentient computers taking over. I'm a firm believer that if many of today's computer scientists went back to one step remove from pushing electricity round a circuit , it would dispel much silliness.… (altro)