Star InactiveStar InactiveStar InactiveStar InactiveStar Inactive

For admins, the cloud may trick as much as it treats. Here are three IT nightmares that spooked SearchCloudComputing Advisory Board members in 2016.

The post Three IT nightmares that haunted cloud admins in 2016 appeared first on The Troposphere.

Cloud doesn’t treat enterprise IT teams all the time; in fact, it occasionally throws out a few tricks. While there are many benefits to cloud, sometimes a cloud deployment can go terribly awry, prompting real-life IT nightmares — ranging from spooky security breaches to pesky platform as a service implementations.

We asked the SearchCloudComputing Advisory Board to share the biggest cloud-related IT nightmares they faced, or saw others face, so far in 2016. Here’s a look at their tales of terror:

Bill Wilder

Halloween nightmares came ten days early this year for DNS provider Dyn, as it was hit with a massive DDoS attack. The Internet simply can’t function without reliable DNS, and most cloud applications and services outsource that to companies like Dyn. Among the parties impacted by the attack on Dyn is a “who’s who” of consumer sites, such as Twitter, Spotify and Netflix, and developer-focused cloud services, such as Amazon Web Services, Heroku and Github. This news comes about a month after security researcher and journalist Brian Krebs had his own web site attacked by one of the largest ever DDoS attacks, reportedly reaching staggering levels exceeding a half terabit of data per second.

Both attacks appear to have been powered by bot armies with significant firepower from unwitting internet-connected internet of things (IoT) devices. This is truly frightening, considering that there are billions of IoT devices in the wild already, from video cameras, DVRs and door locks to refrigerators and Barbie dolls. Since internet-exposed IoT devices are easily found through specialized search engines, and IoT device exploit code is readily available for download, we can be sure of one thing: we are only seeing the early wave of this new brand of DDoS attack.

Gaurav “GP” Pal

My biggest cloud computing nightmare was the first-hand experience of implementing a custom platform as a service (PaaS) on an infrastructure as a service (IaaS) platform. Many large organizations are pushing the innovation envelope in search of cloud nirvana, including hyper-automation, cloud-platform independence and container everything. Sounds great! But with the lines between IaaS, managed IaaS and PaaS constantly blurring, the path to nirvana is not a straight one. It took way longer to create the plumbing than anticipated, the platform was unable to pass security audits and getting the operational hygiene in place was challenging.

Adding to the cup of woes is the lack of qualified talent that truly has experience with custom PaaS, given that it has been around only for a short period of time. On top of that you have a constantly changing technology foundation on the container orchestration side. All of this made for a ghoulish mix. Only time will tell whether a custom PaaS on an IaaS platform is a trick or a treat.

 Alex Witherspoon

The trend I keep seeing repeat is off-base cost expectations and the risk of operating non-cloud-architected applications in a private or public cloud environment that is not ideal for them.

Cloud environments should essentially be the automated abstraction and utilization of physical resources. Additionally, public cloud charges you for that value, in addition to the physical servers that cloud lives on — without your input in the buying decisions. For some, businesses align well with the public cloud of choice and its cost model, and so perhaps the tradeoffs to the business tabulate well. For many, such as Dropbox, to name a public example, they find that public cloud was quickly going to transform at an inflection point from a savings to an operational cost that would only continue to grow with the business and never provide stable controlled operational expenditure (OPEX) or capital expenditure (CAPEX) like a private cloud could provide. Given modern financial mechanisms to take CAPEX investments in private clouds and convert them into flexible OPEX arrangements, the financial models for private cloud are often more economically feasible at the expense of some additional complexity in managing the private cloud. Often, though, that tradeoff for complexity is justified in the control one gains by shaping the architecture of the private cloud to perfectly align to the business needs technologically and economically.

These optimizations in cloud can be numerous, one of them being support for non-cloud architected applications. This is important to consider because not all clouds are built alike, and many public cloud providers like AWS, Azure and Google suggest the minimum viable architecture is a widely distributed application that can survive random outages at any single node. Many modern applications do provide for that, but ultimately, the majority of software in play today is operating with the expectation that the infrastructure underneath it is going to be 100% reliable, and these applications can be dangerous in a public or private cloud environment that isn’t designed for high availability.

To this end, it’s endlessly important to consider the risks, and the return on investment (ROI) picture throughout the lifecycle of the service. Clouds of all types carry diverse ROI profiles, and being able to specifically quantify the strategic fitment of the business needs against these offerings can avert technological and economic disaster for your business.

The post Three IT nightmares that haunted cloud admins in 2016 appeared first on The Troposphere.

Read full article on Cloud Computing from IT knowledge exchange

Powered by Preisvergleich

My Tweets

Last Articles

How Python made it big at Microsoft

If your company is slow to embrace open source, take heart from Microsoft's Python experience.

EUC Weekly Digest – December 15, 2018

Interesting EUC items from last week: Citrix Virtual Apps and Desktops Download Citrix Virtual...

What will the next year bring for developers?

AI, application platforms, and IoT will continue to change the tech landscape for software...

The world's most popular programming language is JavaScript, but why?

Code repository service GitHub has shed light on what's fuelling the continued interest in...

How to install Linux software from source

If you're curious about installing Linux apps from source, Jack Wallen is there to get you started...

How to use the DNF Package Manager

If you've migrated to Fedora Desktop or Server and want to get up to speed with the DNF package...

Microsoft is telling awesome open source stories

Microsoft has a new way to contribute to open source: A blog series that highlights the...

How to modify a Linux username

How many times have you been asked to make username change? With the right tools this is an easy...

What are Linux man pages?

Jack Wallen goes full-on Linux 101 and describes what the "M" stands for in "RTFM."

Help Identify and Protect Data Access with SolarWinds Access Rights Manager

Excessive user access privilege can pose a significant risk to your organization’s data*....

  • How Python made it big at Microsoft

    Saturday, 15 December 2018 17:30
  • EUC Weekly Digest – December 15, 2018

    Saturday, 15 December 2018 15:30
  • What will the next year bring for developers?

    Friday, 14 December 2018 16:30
  • The world's most popular programming language is JavaScript, but why?

    Friday, 14 December 2018 14:30
  • How to install Linux software from source

    Thursday, 13 December 2018 18:30
  • How to use the DNF Package Manager

    Thursday, 13 December 2018 17:30
  • Microsoft is telling awesome open source stories

    Thursday, 13 December 2018 00:30
  • How to modify a Linux username

    Wednesday, 12 December 2018 19:30
  • What are Linux man pages?

    Tuesday, 11 December 2018 22:30
  • Help Identify and Protect Data Access with SolarWinds Access Rights Manager

    Tuesday, 11 December 2018 20:30