Like many of you, I’m a huge fan of cloud computing. I’ve been lucky enough to see first-hand how the cloud has enabled thousands of companies worldwide get started without having to spend large amounts of CapEx or commit to long term OpEx contracts just to realize an idea or launch a product without any notion of whether it will be a bust or the next big thing.

I started working at GoGrid’s originating company ServePath in 2005 where our main product lines were dedicated servers and collocation services. ServePath was a pioneer in dedicated managed servers at a time when private networks and load balancing on shared network infrastructure were not yet productized.

John Keagy, GoGrid’s Founder & CEO (now Executive Chairman), was always pushing the boundaries within the four walls of our data center with his motto, “complex infrastructure made easy.” It was with this vision that GoGrid was developed and became a very successful provider of Infrastructure as a Service. However it’s also because of that same vision the GoGrid Ops team has spent countless hours at a whiteboard figuring out how to support “complex infrastructure made easy”.

In the six-plus years of building out our data centers and revamping them to support the constant growth of our cloud computing platform, one thing has stayed constant: power density continues to increase. When we first filled up our flagship San Francisco facility, we had power capacity to spare. As the growth of our dedicated server service became even more compelling over collocation, we started seeing an uptick in our power utilization per rack; power density was increasing from 2-3 kilowatts per rack up to 4-5 kilowatts per rack – that is when we first realized that power could become our limiting factor in our data center if this trend continued. In 2007 when GoGrid was being developed, we were asked to build out the infrastructure to support 7 – 10 kilowatts per rack, a 250% – 500% increase in power density per rack! At 2-3 kilowatts per rack, imagine you’re sitting in a small office with a space heater and you turn it on full blast, it can get a bit warm, however you can stay in the room and continue to work. When we were tasked to build racks at 7- 10 kilowatts, it was like adding 25 space heaters in the same size room; unless you make some changes to your cooling system and redesign your rack layout, you are going to feel the heat real fast. As you can imagine, not only did this create a challenge in regards to supporting that much power, cooling that much power became quite a challenge as well. But we have overcome these challenges and continue to grow.

You may be wondering how much is GoGrid’s power bill with that type of power density, and whether it is even economically scalable. Without breaking out the spreadsheets, I can assure you that one of the many benefits of cloud computing is power saving. You see, in the past, 20 servers could be supported by a dedicated server rack drawing 2 – 3 kilowatts of power, but now we can support over 2,000 virtual (multi-tenant) servers with the same rack drawing 7-10- kilowatts of power! Feel free to call me a bit of a geek, but it’s that type of efficiency that excites me to work at one of the world’s leading infrastructure as service companies.

There have been and will continue to be many challenges that the Ops Team will face as we transform our datacenters to support GoGrid’s cloud infrastructure, stories that I will be happy to share both the challenges and the benefits in future postings. For now, I hope I have given you a bit of insight into GoGrid and the power benefits that come with cloud computing.

As you may recall, at the beginning of 2011 we polled over 500 CTOs, developers and IT professionals asking them about various aspects of cloud computing. Questions included: What is cloud computing and how do you use it?, What security measures do you require in the cloud? and many more. The data from this cloud survey report provides a good idea of the current cloud computing landscape and upcoming trends as we race towards 2012.

Continuing on in the series, we wanted to know what IT professionals thought of cloud computing’s latest innovation: the private cloud. Private clouds have quickly become the topic of much conversation in the industry because they offer core public cloud technology but within a single-tenant environment. Before we jump into the results of our question, What aspects of the private cloud are most important to your organization?, it is important to have a clear understanding of what private clouds are.

What are private clouds?

There are quite a few ways how private clouds differ from public cloud offerings but I won’t go into all of the differences within this post. As I mentioned above, there is the idea of tenancy. To broadly generalize, public clouds are multi-tenant and private clouds are single-tenant. To expand on this concept a bit more, public clouds provide shared resources for consumption by multiple companies or organizations within the same server cluster. However, these resources are dedicated and fully isolated to those users in that networking, storage, RAM and CPU units are allocated to those users. This is very different than traditional shared hosting or VPS’s (Virtual Private Servers) – shared or VPS environments can, at times, suffer from over-allocation of resources or degraded performance if one user on a particular “machine” is “hogging” those resources. Public clouds effectively isolate those resources so that customers don’t experience usage hogs.

Private clouds are essentially public clouds but in an environment dedicated to one company, thus “single-tenant.” That does not mean though, that a private cloud cannot host multiple departments or business units from that single organization. Basically, a private cloud dedicates all of the resources to a single company or corporation and serves just that organization. The computer, storage and networking resources are most likely either owned by that organization, hosted by that organization or running exclusively for that organization but managed by another vendor (see GoGrid’s Hosted Private Cloud).

Private clouds frequently come at a higher cost than traditional public clouds mainly because public clouds give you economies of scale via larger infrastructure installations. Some companies may prefer operating in a non-shared environment due the higher amounts of control that they have on the infrastructure and the hardware or due to compliance or regulatory concerns.

It is also important to note that some private clouds operate the same way as a public cloud. But difference do emerge between popular types of private clouds: in-house vs. hosted private clouds. With hosted private clouds, there is no need for on-premise hardware and capital expenditure. In-house private cloud frequently come with some sort of a capital expenditure and may have additional costs that you need to carefully evaluate. Any vendor who offers on-premise solutions under the “private cloud” label cloud really be offering a “false” cloud as they don’t follow the characteristics of cloud computing.

If you want to understand more about public, private and hosted private cloud, be sure to read our white paper titled “Skydiving Through the Clouds“. The comparison matrix below is from the white paper.

The Survey Results

Let’s jump to the question and the results from our 500 respondents.

Obviously the single-tenancy and non-shared resources top the list of most important private cloud features. As the chart shows, the majority of our respondents found private cloud offerings beneficial to their business – so much so that only 11.9% felt that private cloud was not an important feature for their company.

What is interesting is how important Firewalls (e.g., security) is of top-of-mind concern. As a side note, you can actually use a hardware firewall with GoGrid’s public cloud. (See our Fortinet and Cisco ASA offerings.) Note: not many public clouds actually offer this service.

Next time, as we continue on in this series, we’ll be focusing on which operating systems are most important to the IT industry and business critical applications.

For more information on our survey methodology or to see all of our results, please download the Cloud Survey Report.

The cloud is great for so many things. You can create a web presence in a matter of hours or completely implement an N-tiered, redundant, elastic, secure globally-available cloud topology. Spinning up infrastructure via a web portal or API in minutes via a few clicks of a mouse is a dramatic transformation from the days of racking and stacking servers, untangling miles of cat5/6 cables, connecting load balancers and firewalls to the mix and hooking up storage devices. And let’s not forget about physical security, power supplies, cooling and network redundancy. The neat thing about the cloud is that all of the stuff has become really easy to do and you can do it very quickly.

GoGrid has a long history of enabling IT infrastructure solutions for companies across the world. We have built out core services and offerings to allow businesses to build want they want quickly, efficiently and with state-of-the-art cloud technology. But just because you have great tools at your disposal doesn’t mean that your cloud environment will magically create itself. And that is something that we realize and understand at GoGrid.

Architect for Success

Cloud computing can be almost magical at times, but we need to remember the processes and best practices for security and ensuring redundancy that we are accustomed to using, and adapt and use them within the cloud as well.

A few weeks ago, I wrote a post “Things to Think About When Building Secure Infrastructure” where I made a few points about “assumption,” namely, assuming that whatever cloud vendor you choose, they will take care of everything for you. Regardless of the cloud vendor, you need to do your due diligence and update your standard operating procedures to reflect how cloud computing works. It is different than traditional IT in many ways. For example, in the GoGrid cloud, you can create a cloud server, harden it with security software and configurations and then save it as a MyGSI (as “server image”). Then, as you need to scale out your infrastructure, you can do this not only quickly, but securely as well, by deploying clones or instances of that hardened server. With a traditional, physical deployment, it takes much longer and there is no guarantee that you will have each and every security patch in place on every server.

You must design any IT environment, cloud or not, for resiliency and redundancy. Obviously, the level to which you do this really requires you to fully understand the needs of both your organization and your customers. A QA environment, for example, probably doesn’t need as much redundancy as an eCommerce site does. A great recent example of this is with the Amazon Web Services (AWS) outage that took place on April 21^st, 2011.

Amazon is the cloud vendor of thousands of companies worldwide. When their outage hit their US-East facility, it brought down a large number of high-profile sites and countless “regular” sites as well. However, missing from the list of affected sites was one Amazon’s most famous customers, Netflix, who, because of solid standard operating procedures and designing for the cloud, weathered the outage just fine. As stated on the Netflix blog: “…our systems are designed explicitly for these sorts of failures. When we re-designed for the cloud this Amazon failure was exactly the sort of issue that we wanted to be resilient to.”

There is an important lesson here – your ability to recover is a direct result of the amount of effort and planning you put in prior to prevent something catastrophic from happening. Or, to use a cliché here, an ounce of prevention is worth a pound of cure.

Leverage ALL of your Tools

From GoGrid’s perspective, it is our goal to provide cloud infrastructure designed to transform IT. GoGrid’s custom-built management layer leverages hosting and IT technology expertise that we have gained through years of experience. Our technology enables our customers to construct their businesses, solutions and architectures using solutions never before seen in the marketplace.

Many think of cloud computing as containing simply the raw building materials required to craft an IT topology – but actually, it is much more than that. But that depends on the provider. Many cloud providers merely provide the tools and leave the rest up to you. At GoGrid, our goal is to make complex infrastructure easy by providing not only full management of the entire infrastructure as a suite of services (e.g., the VMs, physical servers, load balancers, cloud storage, firewalls, etc.) but also in the form of education and consultation.

We recognized that it is critical to have best-in-class cloud solutions available to our customers when they are building out their architecture. In order to provide these industry-leading solutions, we have also partnered with many leaders with various specialty solutions and showcase these partners within the GoGrid Exchange. This ecosystem of partner solutions continues to grow regularly. There are solutions in Software/Applications, Development/Testing, Disaster Recovery & Backup, Cloud Management, Security, Monitoring and Reporting.

Some GoGrid Recommendations

While GoGrid provides you with the components and solutions from which to fully construct your infrastructure, there are times where a Partner solution or additional service might be worth implementing. You can see some GoGrid and GoGrid Partner options below:

Load Balancing – create redundancy by routing traffic between multiple servers/locations. Load balancers distribute workload across multiple computers to minimize response time, optimize throughput and avoid overload. Should a server encounter an issue, load balancers automatically route traffic to other available resources, thereby eliminating downtime or outages.

• Option #1: GoGrid’s built-in F5 hardware-based load balancing can route traffic around your infrastructure within a pre-defined data center.
• Option #2: Use a GoGrid Partner Server Image (PGSI) from Zeus Technologies to enable global load-balancing between data centers and do more with your traffic flow.

Firewall – a hardware or software-based firewall is designed to either permit or block particular pre-configured types of network transmission based on a set of rules. Firewalls, when properly configured, protect against unauthorized access to infrastructure and can prevent threats from the public internet. Be sure that you have your servers and infrastructure secure using some sort of firewall.

• Option #1: When a service is created (virtual or physical), it has standard OS firewalls implemented (e.g., iptables or Windows Firewall). Do note, we always recommend going into those new servers immediately and changing the randomly-created default password, as well as running system updates to ensure that your server is fully patched.
• Option #2: Use a GoGrid Partner server image by Gazzang ezEncrypt for application-level encryption of data within a MySQL database or a GoGrid PGSI from CloudPassage Halo for hardened server images that are monitored to maintain maximum security.
• Option #3: Sign up for GoGrid’s Fortinet Firewall or Cisco ASA 5510 for dedicated multi-threat prevention hardware to fully harden your environment.

Backups – a backup is essentially a copy of data. Backups act as a means to recover from a data loss or to recover data from a historical period of time. There are various types of backup solutions (e.g., incremental vs. complete) you can employ so it is important to carefully consider items like the frequency of backups, the location(s) where the backups are stored and the type of data you are backing up. Having backups of your environment and data is critical, and you should always have these backups in multiple, distinct locations for better loss prevention.

• Option #1: Persistent storage on the Virtual Machine is a good place to start. Even if your server is restarted, the data will persist. You can also use GoGrid’s Cloud Storage which is dynamically scalable and attachable to your VMs. Cloud Storage can be used as a back-up solution in conjunction with other solutions (e.g., 3^rd party or off-site solutions).
• Option #2: Use a GoGrid PGSI from GlusterFS as an ideal solution for a software-only, highly available, scalable, NAS storage system for a managed storage pool.
• Option #3: If your environment requires critical data backup with the option of quick recovery, talk to a GoGrid Account Manager about Managed Storage and Backup solutions.

There are other GoGrid Partners with PGSI solutions within the Exchange as well and the list will continue to grow. But the thing to remember here is there is a reason why we have worked diligently to have relationships with these vendors. They make our infrastructure solutions even better because they are experts within their particular niche. We provide the infrastructure tools, components and services, the management layers, the education and consultation to make your cloud a success. Our Partners, in turn, provide you with solutions even beyond that.

So here’s the bottom line, you can build just about whatever you want with the cloud. Just don’t lose sight on the fact that your solution is only as resilient, robust, secure or available as to what you put in it. So talk to your cloud vendor, employ security and redundancy best practices, and leverage the expertise of partner solutions.

Whether you’re a small, medium or enterprise company using cloud solutions, using secure Infrastructure-as-a-Service (IaaS) is a must. A couple weeks ago I shared some survey data showing you the average security and compliance requirements from professionals in the IT industry. The results of the survey clearly shows that security is a forethought for most businesses, but just like the term “cloud”, “security” can be a bit of a buzz word if not given proper context.

When thinking about security and potentially compliance within an IT environment, there are a lot of important items to consider; some of these can be “offloaded” to your provider, but others are your own undertaking completely. Start by asking yourself the following questions:

1. Who is your “customer”? – Is your customer, your end user? Or is it your internal organization? More than likely, it is both. Do these “customers” require different levels of security? If so, what are they?
2. What level of security is “acceptable”? – This varies from company to company. Some organizations like healthcare or government must adhere to extremely strict security (and compliance) requirements, while other businesses might have more leeway when it comes to protecting their assets.
3. Who in your organization is responsible for security? – Is there a particular team that is tasked with not only determining the security requirements, but also maintaining and auditing those requirements and activities over time?
4. Is physical security required? – Do you need to physically audit and control your environment? Remember, while clouds are highly virtualized or abstracted, the providers are physical entities. Does your cloud environment need to be physically isolated from other cloud environments? (If so, you might want to consider a Hosted Private Cloud)
5. Does your company have their security best practices carefully documented? – If they do, you should review it with a critical eye to ensure that it reflects changes in technologies.

To the last point above, the most important philosophy for businesses to understand is that security isn’t a destination – it is a process that takes constant iteration and innovation. Regardless what cloud provider you use (or even if you use traditional in-house infrastructure), this mentality is important to maintaining infrastructure security and compliance.

There are two core levels where security is critical:

1. Your Cloud (or hosting) provider
2. Within your organization

As most hosting or cloud organizations build their business around providing secure services, you would think that this would be a no-brainer. For the most part, it is, provided that you do choose a reputable vendor whose core competency is focused on delivering these services. However, many security failures actually happen because a customer stopped at that point and merely assumed that because they chose a secure provider, that all threats would be neutralized. If you don’t set up security best practices WITHIN those environments, you could be leaving your infrastructure vulnerable. Remember, your security is only as good as the best practices your organization implements.

Assuming that you have implemented these best practices, achieving compliance is much more straight forward. Compliance, as I mentioned, does depend on the vertical and your business and what that industry requires, so there is no clear-cut golden checklist of things you should do that can be boiled down into just a few bullet points. However, doing your research and documenting the process is a great first step.

Even if you have selected a cloud provider with a deep commitment to security, it is also important for businesses to understand what hardware and software components are necessary to protect their data.

In order to help businesses learn about security and compliance in the cloud, GoGrid created a white paper entitled, “Cloud Infrastructure Security and Compliance,” which is a primer for explaining security architecture, data security and role-based user management. If you have any doubts or questions about security in the cloud, this free white paper is a great source of information that can bring more clarity.

Download the Cloud Infrastructure Security & Compliance Whitepaper