People are right to be wary of any vendor claiming to be the “top performing!” or “fastest!” cloud provider. Most folks know that ANYTHING can look spectacular – or unspectacular for that matter – if you stack the deck just right. But at the same time, cloud shoppers have a deep hunger for legitimate information on realistic performance expectations. Cloud performance has a direct impact on what you spend on compute resources, how you decide the right host for your workload, and how you choose to scale when the need arises. In this blog post, we’ll summarize some recent findings and put them in context.
With the launch of our new Hyperscale instances, we approached an independent analytics company, CloudHarmony, and asked them to conduct an extended performance test that compared CenturyLink Cloud Hyperscale servers to the very best equivalent servers offered by AWS and Rackspace. CloudHarmony is a well-respected shop that collects data from dozens of benchmarks and shares the results publicly for anyone to dissect. After running a variety of benchmarks over a long period of time (to ensure that the test gave an accurate look over an extended window), they shared their findings with the world.
The results were positive – as we’ll talk through below – but how do reliable performance metrics help you in your cloud journey?
More Bang for the Buck
In an ideal world, you want reliable performance at a fair market price and no hidden charges. In the CloudHarmony results, we saw that our Hyperscale SSD storage provided excellent disk read performance and strong disk write performance through a variety of tests. In the results below – run against AWS c3 servers and Rackspace Performance servers – you can see that Hyperscale has a fantastic IO profile for large block sizes.
Why does this matter? Consider databases running on Microsoft SQL Server that often works with 64k blocks. By running this workload on Hyperscale, you get persistent storage, high performance, and no charges for IO requests or provisioned IOPS. This results in predictable costs and fewer resources needed to achieve optimal performance.
Simplified Decision Making
Choice is great, but is also a paradox. When you’re faced with dozens of server types to choose from, you find yourself selecting a “best fit” that may compromise in one area (“too much RAM!”) in order to get another (“need 8 CPUs”). In CenturyLink Cloud, we have two classes of servers (Standard and Hyperscale) and both have shown to have reliable performance. Pick whatever amount of CPU or memory that makes sense – which is of course how traditional servers have always been purchased.
If built-in data redundancy doesn’t matter, but reliable, high performance does, choose Hyperscale. Need strong, consistent performance but want daily storage snapshots and a SAN backbone? Use Standard servers. Straightforward choices means that you spend less time navigating a gauntlet of server types and more time deploying killer applications.
Predictable Performance & Scaling
Valid performance testing results can help you understand how best to scale an application. Should I add more capacity to this VM, or does it make sense to add more VMs to the environment? That’s a hard question to answer without understanding how the platform reacts to capacity changes,. The CloudHarmony results not only showed that the CenturyLink Cloud Hyperscale CPU performed better than the others in the “Performance Summary Metric” that compared cloud servers to a bare metal reference system, but also showed that performance improved as CPU cores were added. That’s obviously not shocking, but it’s good to see that performance change was relatively linear.
How does this information help you maximize your cloud portfolio? If you know that you can add resources to a running VM *before* scaling out to new hardware, that can simplify your infrastructure and lower your costs. Scaling out is fantastic cloud pattern, but it doesn’t always have to be the first response. You can trust that Hyperscale scales out *and* up well, and you can plan your scaling events accordingly.
Performance metrics are only a snapshot in time. The individual results may change from month to month or year to year, but a reliable performance profile means that you can minimize costs, make decisions faster, and make predictable choices.
Want to read this CloudHarmony report in full? Simply get it here and see all the details about this thorough analysis. Price out a Hyperscale server for yourself, and sign up to take the platform for a spin!
Recent history has shown that after a cloud provider is acquired, the pace of innovation slows and there’s a loss of focus (and staff). If you don’t believe me, check out the release notes (if you can find them!) of some recently acquired cloud companies. It’s not pretty. I’m here to say that we’re different.
140 days ago, the acquisition of Tier 3 by CenturyLink was described as a "transformational deal for the industry." Instead of randomizing Engineering post-acquisition with unnecessary process, and haphazard integrations with legacy and redundant products, we’ve actually accelerated pace of development on our go-forward platform, CenturyLink Cloud. In the past four months, we’ve maintained our software release cadence, grown our team, expanded our data center footprint, actively integrated with our parent company, and solidified a game-changing vision that has retained and attracted a phenomenal set of customers.
We update our cloud platform every month with new, meaningful capabilities. Only a very small subset of cloud providers can make that claim. In the past 140 days, we’ve shipped over 1,200 features, enhancements, and fixes. This includes a new high performance server class, faster virtual machine provisioning, new reseller services, a major user interface redesign, a compelling monitoring/alerting service, a new RESTful API, and a pair of new data centers.
Our ambitious data center expansion is on track. In the past few weeks, we’ve lit up a pair of new data centers in the US. This gives customers access to world-class CenturyLink network, security, and management services in those locations. With 11 total data centers, the CenturyLink Cloud has a greater geographic breadth than all but two public cloud providers. That’s pretty awesome for our customers who want a highly distributed environment for running their portfolio of applications.
Our Engineering team has also grown as additional experienced developers have come on board and contributed in a major way. The Operations team continues to scale out as well while becoming even more efficient at managing infrastructure at scale. Just as important, we’ve integrated with the broader CenturyLink teams and have a single, comprehensive vision for delivering multiple infrastructure options on a unified platform to a global customer base. Why should organizations compromise when trying to fit their needs into the cloud? With CenturyLink, customers can consume co-location, dedicated hardware, managed services, public infrastructure-as-a-service, and platform-as-a-service all with a single provider. And we’re working to integrate these options into a groundbreaking customer experience.
We aren’t close to being done disrupting this space. The next 140 days will be just as exciting. Try out our compelling platform, or join the team building the future of cloud and infrastructure.
Multitenancy – the concept of using a single (software) platform to serve multiple customers – is a key aspect of nearly every cloud computing platform. Pooling resources results in lower costs for all parties, greater efficiencies, and faster innovation for customers. Are there risks and tradeoffs with this model? Sure, but every technology paradigm has them.
In this blog post, we’ll look at some core principles for successful multitenancy, see how the CenturyLink Cloud provides tenant isolation, and review the ways that CenturyLink Cloud customers create isolation within their own account. The goal is to simply help customers understand what to look for when assessing multi-tenant environments to run their workloads, SaaS applications, and more.
Any service provider delivering a multi-tenant environment must adhere to these six commandments:
- Thou shalt isolate tenants within their own network. This one applies mainly to infrastructure-as-a-service (IaaS) providers who promise secure computing environments. Software-as-a-Service (SaaS) customers on a platform like Salesforce.com don’t have this issue as customers do not have access to low level network traffic. When granting virtual machine access to users, the service provider has to ensure that there’s no opportunity to intercept network traffic from other customers.
- Thou shalt not allow tenants to see another tenant’s metadata. Sometimes metadata can be just as sensitive as transactional data! Multi-tenant service providers must make sure that customers are logically or physically walled off from seeing the settings or user-defined customizations created by other customers.
- Thou shalt encrypt data in transit AND at rest. Providers shouldn’t let their guard down just because data is within their internal network. Rather, data should constantly be transferred over secure channels, and encrypted whenever it’s stored on disk.
- Thou shalt properly clean up deleted resources. In a multi-tenant IaaS environment, there is clearly reuse. When a network is released by one customer, another can use it. When a storage volume is removed, that space on the SAN is now available for others. It’s imperative that service providers reset and clear resources before allowing anyone else to acquire them.
- Thou shalt prevent noisy neighbors from impacting others. This phenomenon is one of the hardest problems to address in multi-tenant environments. As a user, you have no say in who *else* is using the same environment. It’s up to the service provider to make sure that one customer can’t (intentionally or unintentionally) adversely impact the performance of other customers by overwhelming the shared compute, storage, or networking resources.
- Thou shalt define and audit policies to ensure proper administration of shared environments. Let’s be honest – using a multi-tenant environment involves a bit of trust. As a customer, you have to trust that the service provider has built a platform that properly isolates each customer, and that operational staff can’t go off the reservation and compromise your business. However, to run mission-critical apps in someone’s multi-tenant platform requires more than blind trust; you should also be able to demand to see 3rd party certifications and audits that prove that a mature organization is behind the platform.
Built-in Platform Isolation
With those principles in mind, how does the CenturyLink Cloud platform deliver secure isolation?
IaaS customers can create sophisticated network topologies with one or more VLANs. All of these logical networks are part of a giant physical network and we do best-practice VLAN isolation to make sure that data packets stay within the appropriate VLANs. This ensures that our customers cannot intercept traffic from other customers and creates a protected barrier around your virtual hardware.
What about data? The CenturyLink Cloud makes it easy to provision terabytes of persistent storage that you can easily resize as needed. But when it comes time to delete volumes, we make sure that all virtual disks are automatically wiped so that the next customer always get a blank volume with no way to retrieve data from the previous user. Regarding data encryption, by the end of 2014 we plan on being 100% encrypted at rest and support 3rd party tools for customers to manage their keys.
As mentioned above, noisy neighbors are one of the biggest challenges for multi-tenant cloud providers to handle. The CenturyLink Cloud takes a multi-pronged approach. First, we always leave headroom on host machines and closely monitor usage to know when it’s time to scale. Second, we use features in our hypervisor platform to protect against capacity and latency bursts in CPU and disk. Our storage subsystem is built to handle multi-tenancy and provide protection against I/O bursts. Third, the network is designed to prevent any one tenant from overwhelming the firewalls, and our ample bandwidth ensures that network saturation is nearly impossible.
Finally, you can certainly just “trust us” that we do everything right. But most customers, at first anyway, trust those who audit us. Our data centers and policies are regularly reviewed and we maintain certifications and standards that prove our extreme focus on building a secure environment for your applications.
The platform itself provides built-in multi-tenancy to isolate customers, but how can you build your own isolation WITHIN your account? This is a common scenario for resellers, SaaS provider, and large enterprises who want to logically segment business units or departments. Let’s look at a few options.
One of the best ways to create isolation in your account is through sub-accounts. Sub accounts are containers that can have unique users, permissions, billing procedures, networks, and even branding (look-and-feel). You can choose to inherit various settings from a parent account (e.g. “share parent networks”, governance limits) or treat them as completely independent resources.
Another choice? Use separate VLANS to isolate servers within an account. Consider providing users with remote access to cloud servers but only allowing a small subset of administrators to place the servers on the appropriate VLANs. This makes it possible to have project-specific VLANs where traffic is cleanly isolated from other networks in the account.
A final way to isolate users within an account is through the use of different data centers. The CenturyLink Cloud is spread across the globe, and expanding even more this year. It’s easy to spin up sub-accounts and intentionally constrain users to a chosen set of data centers. This helps you isolate accounts (and applications) to the geographies that work best for your business.
The most advanced cloud deployments depend on multi-tenant platforms. Building systems in this way isn’t easy - it takes careful upfront consideration and steady vigilance to ensure that all users get reliable, consistent performance. The CenturyLink Cloud was designed from day one to excel at multi-tenancy, and you can see that in how we’ve architected the platform and the features we expose to our customers.
Want to try it out? Spin up an account and see how our high-performing cloud can meet your needs today.
Last year, we made 12 predictions about what would happen in the cloud space in 2013. As the year comes to a close, it’s only fair for us to assess our hits and misses to see how well we did.
Recap and Scorecard
PREDICTION #1: 2013 will be the year of cloud management software.
REALITY: Hit. We saw this come true on multiple fronts. First, cloud management providers Enstratius and ServiceMesh were acquired by Dell and CSC, respectively. Tier 3 – known for the sophisticated management software that runs our IaaS – was acquired by CenturyLink. On top of this, Gartner estimates that a new vendor enters the cloud management space every month, and nearly every cloud provider is constantly beefing up their own management offerings. This shows the strategic value of comprehensive management capabilities in a cloud portfolio. Customer adoption of these platforms is also on the rise and Gartner sees 60% of Global 2000 enterprises using cloud management technology (up from 30% in 2013).
PREDICTION #2: While the largest cloud providers duke it out on price and scale, smaller cloud providers see that enterprise adoption really depends on tight integration with existing tools and processes.
REALITY: Mixed. Of course, cloud prices definitely declined in 2013 and massive scale continued to be a key selling point. Hybrid cloud picked up momentum this year as more companies looked to establish an IT landscape that leveraged on-premises assets while taking advantage of cloud scale. In order to maximize the efficiency of hybrid scenarios, companies need consistency in processes and tools. While cloud management platforms have helped with this a bit, there wasn’t a wholesale move by cloud providers to seamlessly integrate their core offerings with established products.
PREDICTION #3: Enterprises move from pilots to projects, and architecture takes a front seat.
REALITY: Hit. There’s been much less gnashing of teeth on “should I use the cloud” this year, and much more discussion about how to capitalize on the cloud. We’ve seen our customers move to more substantial solutions and ask for more sophisticated capabilities, such as self-service networking. Throughout the industry, we’re seeing more enterprise-class case studies where customers are putting mission critical workloads in the cloud. However, outages still occur on any cloud, and providers are publishing guidelines on how to properly architect for high availability. The recent AWS conference was full of sessions on architecture best practices, and developers are hungry for information about how those best practices are applied.
PREDICTION #5: Standalone, public PaaS offerings will be slow to gain enterprise adoption.
REALITY: Hit. In 2013 we saw renewed discussion on what PaaS actually is and what it SHOULD be. Longtime PaaS providers Microsoft and Google added IaaS products to their portfolio, while smaller firms like Apprenda saw success in private PaaS. Our sister company, AppFog, has launched over 100,000 apps, including some impressive enterprise deployments. Former Tier 3 colleague Adron Hall asked whether PaaS was still “a thing” or whether new container technologies like Docker were going to replace it. However, as some like our own Jared Wray and Red Hat’s Krish Subramanian have said, PaaS is about more than JUST application containers. A rich PaaS also includes the orchestration, management, and services that make it a valuable platform for web applications of any type. Either way, PaaS is still in its infancy and will continue to morph as customer scenarios take shape.
PREDICTION #6: Public goes private.
REALITY: Mixed. There were hints of this in 2013 as Amazon won a bid to win a private cloud for the CIA (and for you too if you have half a billion sitting around!), Microsoft offered a “pack” for making on-premises environments resemble their public cloud, and platforms like OpenStack gained traction as a private cloud alternative. We continued to make advances in supporting private scenarios by adding self-service site-to-site VPN capabilities to an already-robust set of connectivity options. I gave this a “mixed” score because as a whole, public cloud providers don’t yet (and may never) make it simple to run their stack in a private data center for mainstream enterprises.
PREDICTION #7: Cloud providers embrace alternate costing models.
REALITY: Hit. 2013 saw some changes to how cloud customers paid for resources. We modified our pricing to decouple some components while still making it easy to provision exactly the amount of CPU, memory and storage that you need for a given server. Google and Microsoft both launched their IaaS clouds with “per minute” pricing for compute resources. Cloud providers have yet to move to a “pay for consumption instead of allocation” model for things like storage, but overall we’ve seen a maturation of pricing considerations in 2013.
PREDICTION #8: While portability will increase at the application and hypervisor layer, middleware and environment metadata will remain more proprietary.
REALITY: Mixed. We might have been too pessimistic last year! DevOps tools have flourished in 2013 and platform adapters have made it possible to move workloads between clouds without a massive re-architecture effort. To be sure, code portability is still MUCH simpler than environment portability. Each cloud provider has their own value-added services that rarely transfer easily to other locations, and no clear IaaS standard has emerged. However, platforms like OpenStack are attempting to make cloud portability a reality, and the increasing prevalence of public APIs makes it possible for tools like Pivotal’s BOSH or Chef to orchestrate deployments in diverse provider environments.
PREDICTION #9: Global expansion takes center stage.
REALITY: Hit. One of the first questions we hear from prospective customers is “where are your data centers?” This year, almost all of the leading cloud providers expanded their footprint around the globe. For our part, we added data centers in Canada, the UK, and Germany. Now, as part of CenturyLink, we have major expansion plans in 2014.
PREDICTION #10: IaaS providers who don’t court developers get left behind.
REALITY: Hit. In 2013, Stephen O’Grady wrote that developers are the “new kingmakers” and this was reinforced by Gartner analyst Lydia Leong who wrote that IT operations no longer has a monopoly on cloud procurement. Developers are now running the show – bringing in vendors that meet their unique criteria. Consequently, a new crop of developer-centric cloud providers has popped up. While they don’t offer managed services or sophisticated resource management, they DO help developers get going quickly in the cloud. We wooed developers with new self-service capabilities, API improvements, and with new features like Autoscale and webhooks. Developers will continue to be a focus for us at CenturyLink and we plan on continuing our regular Open Source contributions!
PREDICTION #11: Clouds that cannot be remotely managed through an API will fall behind.
REALITY: Hit. APIs are the gateway to modern services and allow ecosystems to flourish. Consider the vibrant crop of cloud management platforms discussed in prediction #1. And that is just one small example. The vast majority of clouds listed in Gartner’s 2013 Magic Quadrant for Cloud Infrastructure have public, comprehensive APIs that developers can use to consume the cloud in whatever way they want. In 2013, we started an effort to replace our existing API with an even more expansive offering that offers complete parity with our industry leading Control Portal user interface. That effort will continue into the next year. When complete, a new host of capabilities will be accessible for CenturyLink, our partners, and mostly important, our customers.
PREDICTION #12: Usability and self-service become table stakes for cloud providers.
REALITY: Mixed. In 2013, we seemed to hit the point where “clouds that aren’t really clouds” struggled as the market began to demand more. Customers expected more and more self-service capabilities, and Tier 3 – along with most every other major provider – focused heavily on that in 2013. Platform usability was a lesser focus this year. While new clouds from Microsoft and Google included relatively straightforward user experiences, few providers made any massive visual improvements. While the CenturyLink Cloud continues to be lauded for an easy to use, powerful interface, we haven’t stood still. A major redesign is underway that will surface more data, simplify activities, and improve performance.
2013 was an important year in the maturation of the cloud industry. New vendors were introduced, popular platforms were acquired, and consumption of cloud services skyrocketed. What will happen in 2014? Stay tuned for our predictions!
It’s difficult for businesses to compare so many diverse players in the cloud. To make the task a bit easier, the team at Cloud Spectator recently issued a useful report: “IaaS Performance and Value Analysis.” View it here, registration required to download.
At CenturyLink Cloud, we’ve always claimed to be a “high performance” cloud (who doesn’t?), so it is nice to see this validated by a third party. A summary of findings that brought a smile to our faces:
- #1 “Performance Leader” for overall system results
- #1 performance leader for Disk and RAM
- #2 performance leader for CPU and internal networking
My personal favorite passage:
UnixBench highlights the significant system performance difference among the top providers in the IaaS industry. The highest and lowest scorers show a difference of 4.7x in system performance; CenturyLink Cloud’s average UnixBench score is 2998, while Amazon EC2’s is 642.