Today, we announced the availability of Hyperscale instances, a new service that combines our high-end compute with 100% flash storage. Before we jump into how customers can use the service, let’s take a minute to think about the characteristics of applications and architectures deployed today.
Here are 5 key attributes we’ve noticed:
- Large volumes of data ingested in real-time. Customers and partners collaborating together; lots of machine-to-machine data as well.
- Global reach. Startups in a garage can be global in an instant.
- Mobile focus (often exclusively). Low latency and a responsive user experience is crucial.
- Highly distributed. No single points of failure or ‘master’ node controlling other components.
- Low cost of failure. Open source technologies without seven-figure contracts, minimal capital expense from hardware, if any.
Now, think about most applications running in enterprise data centers. In all 5 cases, it’s almost the exact opposite.
That’s NoSQL vs. relational databases in a nutshell. The folks at MongoDB sum it up pretty well:
NoSQL encompasses a wide variety of different database technologies and were developed in response to a rise in the volume of data stored about users, objects and products, the frequency in which this data is accessed, and performance and processing needs. Relational databases, on the other hand, were not designed to cope with the scale and agility challenges that face modern applications, nor were they built to take advantage of the cheap storage and processing power available today.
If you’re a CIO, it’s simple. The more relational systems you have, the slower you can respond to the market. Relational databases will always have their place. But most of the innovation happening in the next 5 years will be on NoSQL platforms.
Of course, the public cloud is a great home for both types of systems. NoSQL apps in particular are well-suited to it.
CenturyLink Cloud hosts many different relational systems today – these are often applications that “run the business” but don’t “transform the business.” IT is increasingly moving these apps to the public cloud, freeing their time to focus on more strategic projects.
Now, with our new Hyperscale instances, enterprise developers have a service with high-end compute and 100% flash storage to make their NoSQL apps hum. Cassandra, MongoDB, and Couch all perform blazingly fast. In fact, users can expect typical performance to be 6x faster than our standard storage.
Hyperscale is a win for IT as well, since these instances are just as easy to manage as other VMs. Billing, usage, automation, and monitoring are all built-in. Full parity with Blueprints and APIs are coming soon, and additional geographies will be online soon as well.
No Pain, No Gain
But it’s not just about new distributed architectures. It’s about reducing the business reliance on relational systems.
Moving from relational to NoSQL is hard, but in many cases inevitable. In fact, this is something our engineering team has been committed to over the last 8 months. We have shifted to Couch as our primary platform, after using MS SQL for several years.
Why make this change? The same reasons many other enterprises will. More native replication, cleaner interactions with the user interface, ease of system administration, and so on.
The transition it has been liberating on so many levels. Our engineers will soon be contributing back to the open source community some important components to help enterprises do the same thing.
Watch this space for more details – and in the meantime, take Hyperscale for a spin.
Multitenancy – the concept of using a single (software) platform to serve multiple customers – is a key aspect of nearly every cloud computing platform. Pooling resources results in lower costs for all parties, greater efficiencies, and faster innovation for customers. Are there risks and tradeoffs with this model? Sure, but every technology paradigm has them.
In this blog post, we’ll look at some core principles for successful multitenancy, see how the CenturyLink Cloud provides tenant isolation, and review the ways that CenturyLink Cloud customers create isolation within their own account. The goal is to simply help customers understand what to look for when assessing multi-tenant environments to run their workloads, SaaS applications, and more.
Any service provider delivering a multi-tenant environment must adhere to these six commandments:
- Thou shalt isolate tenants within their own network. This one applies mainly to infrastructure-as-a-service (IaaS) providers who promise secure computing environments. Software-as-a-Service (SaaS) customers on a platform like Salesforce.com don’t have this issue as customers do not have access to low level network traffic. When granting virtual machine access to users, the service provider has to ensure that there’s no opportunity to intercept network traffic from other customers.
- Thou shalt not allow tenants to see another tenant’s metadata. Sometimes metadata can be just as sensitive as transactional data! Multi-tenant service providers must make sure that customers are logically or physically walled off from seeing the settings or user-defined customizations created by other customers.
- Thou shalt encrypt data in transit AND at rest. Providers shouldn’t let their guard down just because data is within their internal network. Rather, data should constantly be transferred over secure channels, and encrypted whenever it’s stored on disk.
- Thou shalt properly clean up deleted resources. In a multi-tenant IaaS environment, there is clearly reuse. When a network is released by one customer, another can use it. When a storage volume is removed, that space on the SAN is now available for others. It’s imperative that service providers reset and clear resources before allowing anyone else to acquire them.
- Thou shalt prevent noisy neighbors from impacting others. This phenomenon is one of the hardest problems to address in multi-tenant environments. As a user, you have no say in who *else* is using the same environment. It’s up to the service provider to make sure that one customer can’t (intentionally or unintentionally) adversely impact the performance of other customers by overwhelming the shared compute, storage, or networking resources.
- Thou shalt define and audit policies to ensure proper administration of shared environments. Let’s be honest – using a multi-tenant environment involves a bit of trust. As a customer, you have to trust that the service provider has built a platform that properly isolates each customer, and that operational staff can’t go off the reservation and compromise your business. However, to run mission-critical apps in someone’s multi-tenant platform requires more than blind trust; you should also be able to demand to see 3rd party certifications and audits that prove that a mature organization is behind the platform.
Built-in Platform Isolation
With those principles in mind, how does the CenturyLink Cloud platform deliver secure isolation?
IaaS customers can create sophisticated network topologies with one or more VLANs. All of these logical networks are part of a giant physical network and we do best-practice VLAN isolation to make sure that data packets stay within the appropriate VLANs. This ensures that our customers cannot intercept traffic from other customers and creates a protected barrier around your virtual hardware.
What about data? The CenturyLink Cloud makes it easy to provision terabytes of persistent storage that you can easily resize as needed. But when it comes time to delete volumes, we make sure that all virtual disks are automatically wiped so that the next customer always get a blank volume with no way to retrieve data from the previous user. Regarding data encryption, by the end of 2014 we plan on being 100% encrypted at rest and support 3rd party tools for customers to manage their keys.
As mentioned above, noisy neighbors are one of the biggest challenges for multi-tenant cloud providers to handle. The CenturyLink Cloud takes a multi-pronged approach. First, we always leave headroom on host machines and closely monitor usage to know when it’s time to scale. Second, we use features in our hypervisor platform to protect against capacity and latency bursts in CPU and disk. Our storage subsystem is built to handle multi-tenancy and provide protection against I/O bursts. Third, the network is designed to prevent any one tenant from overwhelming the firewalls, and our ample bandwidth ensures that network saturation is nearly impossible.
Finally, you can certainly just “trust us” that we do everything right. But most customers, at first anyway, trust those who audit us. Our data centers and policies are regularly reviewed and we maintain certifications and standards that prove our extreme focus on building a secure environment for your applications.
The platform itself provides built-in multi-tenancy to isolate customers, but how can you build your own isolation WITHIN your account? This is a common scenario for resellers, SaaS provider, and large enterprises who want to logically segment business units or departments. Let’s look at a few options.
One of the best ways to create isolation in your account is through sub-accounts. Sub accounts are containers that can have unique users, permissions, billing procedures, networks, and even branding (look-and-feel). You can choose to inherit various settings from a parent account (e.g. “share parent networks”, governance limits) or treat them as completely independent resources.
Another choice? Use separate VLANS to isolate servers within an account. Consider providing users with remote access to cloud servers but only allowing a small subset of administrators to place the servers on the appropriate VLANs. This makes it possible to have project-specific VLANs where traffic is cleanly isolated from other networks in the account.
A final way to isolate users within an account is through the use of different data centers. The CenturyLink Cloud is spread across the globe, and expanding even more this year. It’s easy to spin up sub-accounts and intentionally constrain users to a chosen set of data centers. This helps you isolate accounts (and applications) to the geographies that work best for your business.
The most advanced cloud deployments depend on multi-tenant platforms. Building systems in this way isn’t easy - it takes careful upfront consideration and steady vigilance to ensure that all users get reliable, consistent performance. The CenturyLink Cloud was designed from day one to excel at multi-tenancy, and you can see that in how we’ve architected the platform and the features we expose to our customers.
Want to try it out? Spin up an account and see how our high-performing cloud can meet your needs today.
We’re big fans of Cloud Foundry, open-source platform as a service. Why? Two reasons: the level of abstraction it offers enterprise developers, and the portability across cloud providers. This combination means faster development and deployment of multi-language web applications. And Cloud Foundry is backed by a thriving ecosystem of hosting providers.
It’s our goal to make the CenturyLink Cloud the cloud of choice for enterprise developers interested in Cloud Foundry. To that end, we’re excited to announce an important milestone.
Today, we’re pleased to announce the beta availability of BOSH on the CenturyLink Cloud.
BOSH is a crucial tool for deploying and managing Cloud Foundry at scale. It is supported on AWS, OpenStack, and vSphere and vCloud Director – and now CenturyLink Cloud.
Getting started with BOSH on the CenturyLink Cloud is easy - just set up a Micro-BOSH server configured for CenturyLink Cloud, then use the standard BOSH command line tools! Check out how to get started here: https://github.com/Tier3/bosh/wiki/Getting-Started. Support is based on the BOSH July 2013 snapshot and is Ubuntu only.
We are confident enterprises and devs will like the “better together” combination of BOSH, Cloud Foundry and CenturyLink Cloud. Here are five reasons why:
- Supports everything you love about BOSH and Cloud Foundry. Portability is one of the two defining attributes of Cloud Foundry, as mentioned above. This means developers can use the same tools across different cloud “targets” for their deployments. Whatever Cloud Foundry and BOSH expertise you have today – or plan to have in the future - it transfers immediately to CenturyLink Cloud.
- More options for Cloud Foundry deployments. Enterprises have a few options for BOSH today, but more choices are always better. It leads to faster innovation and lower prices. With CenturyLink Cloud on our way to supporting BOSH, you now have another great option to consider.
- Your PaaS deployment, your way. Part of the PaaS value proposition is abstracting complexity away for developers and IT. But there are some scenarios – several actually – where the enterprise needs to have more control and get “hands on” with their environment. With BOSH, you have complete control over your Cloud Foundry instance in the CenturyLink Cloud. Adjust nodes to the size you require. Upgrade on your schedule. Whatever control you desire over Cloud Foundry on CenturyLink Cloud, BOSH delivers.
- One platform for legacy and greenfield apps. Customers and industry analysts alike have lauded our enterprise cloud platform for its innovation, self-service and automation functions. IT likes our services because we offer the governance, compliance, and billing features they require. This combination has made CenturyLink Cloud an attractive platform for legacy enterprise apps. Now, with greater support for BOSH and Cloud Foundry, CenturyLink Cloud is an even more attractive platform for new cloud apps.
- The first step in CenturyLink’s PaaS roadmap for 2014. One of our predictions for 2014 is that platform as a service would go away as a category, and simply become another cloud service. The CenturyLink Cloud Development Center is doing our part to make this a reality. This BOSH support is just the beginning. Our engineers are working now on integrating AppFog’s service with Iron Foundry. Expect more news from us on this front later in the spring.
Cloud Foundry, Iron Foundry, and BOSH are the kinds of open source projects our team here at the CenturyLink Cloud Development Center gets excited about. And we’re even more excited to hear your feedback on BOSH, and how we can smooth Cloud Foundry deployments even more for your business.
Today at Dell World, Dell announced that CenturyLink has joined the Dell Cloud Partner Program.
So what does this news mean for Dell customers? Simple: you now have easy access to a high performance, highly resilient public cloud, with extensive self-service capabilities. And you will be supported by Dell and the CenturyLink Cloud team every step of the way.
Here are five key benefits you can take advantage of immediately on this platform:
- Deploy on virtual servers with resiliency and redundancy. When it comes to public cloud, you hear the phrase ‘build for failure.’ That’s a critical design pattern for cloud-native applications. But many of the apps running in your data center today – including many that are candidates to move to the public cloud – are designed with reliable infrastructure in mind. Dell Cloud On Demand with CenturyLink offers built-in resiliency and redundancy, so many of your legacy apps – homegrown, from boutique ISVs, or Microsoft – will run smoothly ‘out of the box’ on CenturyLink Cloud.
- Simplify DR and backups. These tedious activities should be immediately automated. Savvy IT departments – and those that will thrive in the future as a strategic enabler of the business – are already on this path. Block storage from CenturyLink Cloud automatically replicates data with rolling snapshots every five days. A premium option is available with 14 days of back-ups at a secondary data center. Premium storage also includes an RTO of eight hours and an RTP of 24 hours for your data. So, you have automatic DR for all your apps in the cloud – no extra effort required.
- Automate server maintenance. Just like with DR, IT pros should be looking to automate anywhere and everywhere. Dell Cloud On Demand with CenturyLink makes this easy. With our Groups capability, users can manage VMs in bulk – and with just a few clicks apply power commands at scheduled times to hundreds of servers, configure maintenance windows, and manage temporary snapshots. Best of all, this capability is included, at no additional fee.
- Easy and painless “chargebacks.” Business users require access to cloud resources on-demand via self-service. Give them what they want, while facilitating easy “chargebacks” so they pay for the resources consumed each month. CenturyLink Cloud provides intuitive, granular billing organized by department, product line, geography, or any combination of hierarchy.
- Agility (for users) and control (for you). This is nirvana for an IT leader. Users are free to provision resources as they need them, while IT ensures corporate IT policies are met with a compliant, secure environment. Dell Cloud On Demand with CenturyLink delivers on both fronts. Simply point and click to create permissions for users. Then, establish resource thresholds that ensure capacity levels are never exceeded.
Enterprises are already using many public clouds for different workloads. Multi-cloud is the present and future state for enterprises. Hopefully these benefits help illustrate how the Dell Cloud On Demand with CenturyLink can fit into your cloud approach.
Want to know more? Request a free trial at www.centurylinkcloud.com/dell.
Today, Dell chose CenturyLink Cloud for their partner program due to our cloud’s extensive reseller capabilities. These features, first launched as Tier 3’s Reseller Edition, include account management, APIs, SSO via SAML, extensive re-branding and more (details here and here). CenturyLink’s approach to reseller enablement gives Dell a completely rebranded public cloud offering overnight – no engineering required on their side.
This is big news for us, and we’re excited to be working with Dell.
Now, let’s explore this idea of partnerships for public cloud a little more.
Developers and IT increasingly turn to new-school cloud vendors for their infrastructure. Common sense on the eve of 2014. But this shift was not anticipated by most SIs, MSPs, and hardware OEMs 5 years ago.
How have these vendors responded? The results are mixed. Many are still refining their cloud strategy, and wrestling with the build, buy, partner calculus.
The industry isn’t sitting still – far from it. But there’s plenty of time for vendors who missed out on the first wave of cloud to capitalize on the second wave. But as CenturyLink CTO Jared Wray recently wrote, building cloud is hard. It takes a specific set of engineering skills that are in high demand.
Consequently, we’re seeing more and more companies kick start their cloud business with the ‘partner’ route. Dell is simply the latest partner to work with us.
Reseller enablement is a key component of CenturyLink’s public cloud strategy, and we’ve learned a great deal from our experiences with PEER 1, Dell and others.
At CenturyLink Cloud, we believe that any provider should be able to launch a public cloud business. And it should be easy, where newly rebranded services can be ready in days, not months.
That said, what makes a good cloud partner? These are the important elements:
- Infrastructure services that deliver the agility and self-service business units and developers crave. This is where many homegrown efforts have failed, by the way.
- Management functions that give IT the control they require – ticking all the boxes on compliance, security, and governance. Governance is hard to build; most traditional vendors understand compliance and security quite well.
- Give customers a path to future, with soon-to-be-mainstream application services like platform as a service. In a few years, it won’t be about servers or infrastructure at all. Vendors that will thrive in 3 years help customers understand this, and then help them to plan accordingly.
Most importantly, a cloud partner needs to extend the vendor’s ‘distinctive competence.’ Let’s examine a few of the most common strengths of MSPs, SIs, and hardware OEMs, and how they mesh with cloud.
- Expertise in specific applications, business processes, or integrations. Providers should seek clouds with resilient infrastructure that run legacy business apps ‘out of the box.’ In addition, automation and orchestration functions can yield efficiencies when deploying said applications, and when weaving complex cloud environments together. Existing best practices from pre-cloud can now be cloudy!
- Brand and customer experience. In this scenario, the cloud provider must have deep white-label capabilities - beyond basic re-branding – and an ability to link to existing post-sale systems.
- Managed services. Clouds with self-service and automation to enable a lucrative managed services play. If a services team can just as easily manage 500 servers as 5, incredible economies of scale can be achieved.
- Geography and geo-specific services. The provider should have global reach, with federated locations in the countries most important to your customers.
Based on a solid foundation of compute, storage, and network – all wrapped into a management layer – providers can begin to engage with customers at more profound level in a way that builds on their unique expertise.
We’re on the cusp of the next wave of cloud - and partnering could be the right option for you. Want to know more about how CenturyLink Cloud might be able to help? Contact us today!