application delivery
There are 315 entries for the tag application delivery
#infosec #adcfw #cloud Alternate title: How to take out an entire PaaS cloud with one vulnerability Apache Killer. Post of Doom. What do these two vulnerabilities have in common? Right, they’re platform-based vulnerabilities. Meaning they are vulnerabilities peculiar to the web or application server platform upon which applications are deployed. Mitigations for such vulnerabilities generally point to changes in configuration of the platform – limit post size, header value sizes, turn off some value in the associated configuration. But they also have something else in common – risk. And not just risk...
#fasterapp #ccevent While web applications aren’t sensitive to jitter, business processes are. One of the benefits of web applications is that they are generally transported via TCP, which is a connection-oriented protocol designed to assure delivery. TCP has a variety of native mechanisms through which delivery issues can be addressed – from window sizes to selective acks to idle time specification to ramp up parameters. All these technical knobs and buttons serve as a way for operators and administrators to tweak the protocol, often at run time, to ensure the exchange of requests and responses upon...
#mobile #vdi #IPv6 In the case of technology – as with mythology - the whole is often greater (and more challenging) than the sum of its parts. The chimera is a mythological beast of scary proportions. Not only is it fairly large, but it’s also got three, independent heads – traditionally a lion, a goat, and a snake. Some variations on this theme exist, but the basic principle remains: it’s a three-headed, angry beast that should not be taken lightly should one encounter it in the hallway. Individually, one might have a strategy to...
#mobile #fasterapp #ccevent Today, at least. Tomorrow, who knows? Some have tried to distinguish between “mobile cloud” and “cloud” by claiming the former is the use of the web browser on a mobile device to access services while the latter uses device-native applications. Like all things cloud, the marketing fluff is purposefully obfuscating and sweeping under the rug the technology required to make things work for consumers, whether those consumers be your kids or IT professionals. Infrastructure is not eliminated when organizations take to the cloud nor do the constraints of web-based protocols and methodologies become...
#fasterapp #cceventThey’re written for readability, for integration, for business function, and for long-term maintenance… When I was first entering IT I had the good (or bad, depending on how you look at it) fortune to be involved in some of the first Internet-facing projects at a global transportation organization. We made mistakes and learned lessons and eventually got down to the business of architecting a framework that would span the entire IT portfolio. One of the lessons I learned early on was that maintainability always won over performance, especially at the code level. Oh, some basic...
#fasterapp #ccevent WAN optimization is not and cannot be separated from application delivery Yes, yes I did say that. There's a reason for that, and after more than a decade of watching the markets that tangentially revolve around making applications faster I'm here to tell you it's a failure of monumental proportions. The very term WAN Optimization has always stuck in my craw (whatever and wherever that may be). That's because optimizing the WAN implies that you're making the WAN faster. The problem is that a WAN is either a dedicated link between two locations (old...
#fasterapp If you know these three axioms, then you’ll know application delivery when you see it. Like most technology jargon, there are certain terms and phrases that end up mangled, conflated, and generally misapplied as they gain traction in the wider market. Cloud is merely the latest incarnation of this phenomenon, and there will be others in the future. Guaranteed. Of late the term “application delivery” has been creeping up into the vernacular. That could be because cloud has pushed it to the fore, necessarily. Cloud purports to eliminate the “concern” of...
It’s like unicorns…and rainbows! #mobile Mark my words, the term “mobile” is the noun (or is it a verb? Depends on the context, doesn’t it?) that will replace “cloud” as the most used and abused and misapplied term in technology in the coming year. If I was to find a pitch in my inbox that did not someway invoke the term “mobile” I’d be surprised. The latest one to catch my eye was pitching a survey on the “mobile cloud”. The idea, apparently, around this pitch involving “mobile cloud” is the miraculous capability bestowed upon cloud...
#adcfw The reason bars place bouncers at the door is because it’s easier and less riskier to prevent entry than to root out later No one ever said choosing a career in IT was going to be easy, but no one said it had to be so hard you’d be banging your head on the desk, either. One of the reasons IT practitioners end up with large, red welts on their foreheads is because data centers tend to become more, not less, complex and along with complexity comes operational risk. Security, performance, availability. These three inseparable issues often...
Stateless infrastructure and highly dynamic networks may eliminate this issue. There is great awareness in both consumer and corporate culture with respect to data and second-hand markets. We know that data stored on devices of all shapes and sizes can be a potential source of sensitive information loss if not carefully eliminated before sale or disposal. But consider, too, the potential value of picking up a second-hand switch or router from e-Bay that has not been carefully wiped of all configuration data. ACLs, routing tables, VLANs, comments. These configuration details are often left on infrastructure even...
Understanding web #acceleration techniques and when to apply them We’ve already discussed the difference between acceleration and optimization, so now it’s time to quickly dig into the difference between the two major types of acceleration: WPO (Web Performance Optimization) and FEO (Front End Optimization). The difference is important because each technique is effective at addressing different performance bottlenecks, and obviously applying the wrong solution to the problem will not provide the desired results, i.e. fast, fast, fast web applications. WPO focuses on content delivery, which means it applies different optimization techniques to counter poorly...
#devops It’s a simple equation, but one that is easily overlooked. Most folks recall, I’m sure, the Pythagorean Theorem. If you don’t, what’s really important about the theorem is that any side of a right triangle can be computed if you know the other sides by using the simple formula a2 + b2 = c2. The really important thing about the theorem is that it clearly illustrates the relationship between three different pieces of a single entity. The lengths of the legs and hypotenuse of a triangle are intimately related; variations in one impact...
Why a full-proxy architecture is important to both infrastructure and data centers.
In the early days of load balancing and application delivery there was a lot of confusion about proxy-based architectures and in particular the definition of a full-proxy architecture. Understanding what a full-proxy is will be increasingly important as we continue to re-architect the data center to support a more mobile, virtualized infrastructure in the quest to realize IT as a Service.
THE FULL-PROXY PLATFORM
The reason there is a distinction made between “proxy” and “full-proxy” stems from the handling of connections as they flow through the device. All proxies...
There’s a significant difference between a platform and a product, especially when it comes to architecting a dynamic data center In the course of nearly a thousand blogs it’s quite likely you’ve seen BIG-IP referenced as a platform, and almost never as a product. There’s a reason for that, and it’s one that is increasingly becoming important as organizations begin to look at some major transformations to their data center architecture. It’s not that BIG-IP isn’t a product. Ultimately, of course, it is in the traditional sense of the word. But it’s also a...
Application delivery infrastructure can be a valuable partner in architecting solutions …. AJAX and JSON have changed the way in which we architect applications, especially with respect to their ascendancy to rule the realm of integration, i.e. the API. Policies are generally focused on the URI, which has effectively become the exposed interface to any given application function. It’s REST-ful, it’s service-oriented, and it works well. Because we’ve taken to leveraging the URI as a basic building block, as the entry-point into an application, it affords the opportunity to optimize architectures and make more efficient the...
It’s how much load that really generates and how it scales to meet the challenge. There’s some amount of debate whether Facebook really crossed over the one trillion page view per month threshold. While one report says it did, another respected firm says it did not; that its monthly page views are a mere 467 billion per month. In the big scheme of things, the discrepancy is somewhat irrelevant, as neither show the true load on Facebook’s infrastructure – which is far more impressive a set of numbers than its externally measured “page view”...
We need to start focusing on improving the application deployment processes that all too often are the bulk of time spent trying to get an application out the door. The application deployment process is broken. Oh, I know it looks like it’s actually improving, but it’s not. Virtualization came along and took the low hanging fruit off the application deployment tree and paid no never mind to those still waiting in the upper branches. While applications are easy to provision today thanks to the wonders of virtualization, the rest of the infrastructure still is...
JSON Activity Streams offers some interesting new scalability pattern possibilities via layer 7 (application) switching. One of the most interesting aspects of deploying applications is figuring out how to scale them. There’s many options, from simple scale out and scale up to more advanced architectural designs that take advantage of external, application switching services. The flexibility in the latter has become more obvious with the advent of not just cloud computing , but its underlying virtualized auto-scaling technologies. Combined with more targeted scalability strategies, infrastructure services provide a more operationally and financially efficient means of scaling...
Driving a car in a circle, even at high speed, may sound easy but it’s not a one-man job: it takes a team with visibility to avoid accidents and enable a successful race. Optimization and visibility, on the surface, don’t seem to have much in common. One is about making something more efficient – usually faster – and the other is about, well, being able to see something. It’s the difference between driving in a race and watching a race. But if you’ve ever looked into racing – high speed, dangerous racing like NASCAR ...
#devops #infosec Shared resources do benefit organizations, there’s no arguing about that. But when resources forming the basis of identity are trusted and then inadvertently shared, you may find your (IP) identity misappropriated. In the past two years there have been interesting stories floating around about what happens when IP addresses are “shared” in public cloud computing environments. You’ve no doubt heard how someone spun up an instance and was immediately blacklisted by some other website because the last application assigned that IP address was naughty on the Internets. Organizations have struggled with such issues...
#vcmp It’s great to be fast and furious, but if your infrastructure handles like a boat you won’t be able to take advantage of its performance We recently joined the land of modernity when I had a wild urge to acquire a Wii. Any game system is pretty useless without games, so we got some of those too. One of them, of course, had to be Transfomers: The Game because, well, our three-year old thinks he is a Transformer and I was curious as to how well the game recreated the transformation process. ...
It’s called a feedback loop, not a feedback black hole. One of the key components of a successful architecture designed to mitigate operational risk is the ability to measure, monitor and make decisions based on collected “management” data. Whether it’s simple load balancing decisions based on availability of an application or more complex global application delivery traffic steering that factors in location, performance, availability and business requirements, neither can be successful unless the components making decisions have the right information upon which to take action. Monitoring and management is likely one of the least sought after...
If integrated web applications and services were cars… Technorati Tags: MacVittie,performance,application,1024 Words,application delivery
Desktops aren’t GPS-enabled but don’t let that stop you from providing hyperlocal information to all your fans. IMAGE from macmillan buzzword dictionary Two people are sitting in an Internet-enabled café. Let’s call the café Starbucks. One of them is using an iPhone or iPad while having a Hoffachino to find out what’s going on in the area. One of them is using a laptop to do the same. One of these two people is likely to get more accurate responses with less work. Which one is it? ...
You’re still asking the wrong questions about cloud computing .
The city of Santa Clara is covered by a cloud this week, but not the kind of clouds most folks associate with California. CloudConnect 2011 is gearing up for a week of sessions and workshops, thought-provoking panels and general conversation on a topic that continues to be top of mind for everyone from press to analysts to IT professionals.
“Everyone” is going to be there. Well, everyone but me.
Now you might think that’s odd, that a co-chair of a track at a conference wouldn’t attend the show. My cohort...
Cloud is about achieving a steady state where dynamism is the norm but actions and reactions are in perfect balance. It’s called “dynamic equilibrium” and you’ll need to pass Cloud Chemistry 101 to get there. When you were a kid you might have had a goldfish. It lived in a bowl of water and you fed it and if you were lucky it lived for quite a while. You certainly didn’t concern yourself with things like water quality (unless the water started turning green, of course) or pH or alkalinity or gas exchange rates. Circulation...
Like Subway, too often we fail to recognize that ingredients is only half a successful recipe. Process is the other half. The response from sufferer’s of Celiac Disease (and similar conditions) to Subway’s announcement it was trying out a new, gluten-free version of some of its sandwiches was heavily weighted toward excitement. One of the most frustrating effects of suffering from Celiac’s is, of course, a lack of fast and tasty options for mealtime. We simply can’t run out to Subway or any other traditional “fast food” restaurant for a bite because, well, most of...
Network and applications. Operations and developers. IT and the business. These relationships are technical, personal, and organizational and all require each other to flourish. If you ask someone to describe the kinds of animals that are in the ocean they probably think of odd invertebrates like jellyfish and octopuses and of course the colorful, strange looking fish. They might also mention the corals or in particular the coral reefs – those long stretches of undersea “gardens” in which an exotic array of animals (or are they plants?) make their homes....
It’s not just having partnerships, it’s what you do with them that makes a difference When you’re an application delivery focused organization it kind of behooves you to focus on, well, applications. But since you don’t actually develop the applications yourself, how do you ensure that the policies and solutions you do develop are going to actually work and provide value for those applications? You could adopt an “on the job training” style policy, where you figure out the best configuration and options as you encounter applications, but that may not...
You can put into place technology to mitigate and defend against the effects, but you can’t stop the attack from happening
In the wake of attacks that disrupted service to many popular sites in December the question on many folks’ minds was: how do you prevent such an attack?
My answer to that question was – and continues to be – you can’t. You also can’t prevent an SQLi attack, or an XSS-based attack, or a DDoS directed at your DNS infrastructure. You cannot prevent an attack any more than you can prevent a burglar from targeting your house. You can make...
Sometimes it’s not about how many resources you have but how you use them The premise upon which scalability through cloud computing and highly virtualized architectures is built is the rapid provisioning of additional resources as a means to scale out to meet demand. That premise is a sound one and one that is a successful tactic in implementing a scalability strategy. But it’s not the only tactic that can be employed as a means to achieve scalability and it’s certainly not the most efficient means by which demand can be met. ...
It’s not just that attacks are distributed, but that attacks are also diverse in nature – up and down the stack, at the same time.
If Anonymous has taught us anything it’s that the future of information security is in fending off attacks across the breadth and depth of the network stack – and the data center architecture – at the same time. Traditionally DDoS attacks are so-named because the clients are distributed; that is they take advantage of appearing to come from a variety of locations as a means to prevent detection and easy prevention. It’s about the...
Why these two are very different but complementary technologies Have you ever wondered why one network product is called a “controller” while another seemingly similar in function solution is called a “gateway”? There’s actually a very good reason for the naming and despite appearing to act similarly they do fill different roles in an architecture and are often called upon to work together. GATEWAYS If you loosely defined a gateway as a “converter” or “translator” you’d be very close to nailing down a simple definition. Gateways act as mediators between...
Here’s the conundrum: utilizing every last drop of network, storage, and compute resources can impede performance and, through it, the business’ bottom line. So which do you choose? There are a few vertical industries for which performance is absolutely critical. A delay of even a micro-second can mean a huge differential in revenue or lost opportunities. A delay of seconds is a disaster, and more than that? Might as call yourself unavailable. While most organizations do not have such stringent “do or die” performance requirements, performance is always top of mind because users, well, users...
Three shall be the number thou shalt count, and the number of the counting shall be three. If you’re concerned about maintaining application availability, then these three rules of thumb shall be the number of the counting. Any less and you’re asking for trouble.
I like to glue animals to rocks and put disturbing amounts of
electricity and saltwater NEXT TO EACH OTHER
Last week I was checking out my saltwater reef when I noticed water lapping at the upper edges of the tank. Yeah, it was about to overflow. Somewhere in the system something had failed....
Without the proper feedback an automated data center can experience vertigo, leaving end-users dizzy and frustrated.
As organizations continue to virtualize and automate the data center in their quest to liberate themselves and their users from the physical bonds that have kept them tied to the data center floor they are necessarily moving “up the stack” and running into a profoundly important question: how do I enable IT as a Service?
Virtualizing compute, network, and storage resources is just the first step. Once those are virtualized, they must be managed. Once they’re managed, the next layer of the stack needs...
Need it you do, even if know it you do not. But you will…heh. You will.
With all the attention being paid these days to VDI (virtual desktop infrastructure) and application virtualization and server virtualization and <insert type> virtualization it’s easy to forget about network-based application virtualization. But it’s the one virtualization technique you shouldn’t forget because it is a foundational technology upon which myriad other solutions will be enabled.
WHAT IS NETWORK-BASED APPLICATION VIRTUALIZATION?
This term may not be familiar to you but that’s because since its inception oh, more than a...
Managing a datacenters is often like managing a multi-generational family – you’ve got applications across a variety of life stages that need to be managed individually, and keeping costs down while doing so is a concern.
Those who know Don and I know we have a multi-generational family. Our oldest son is twenty-three and “The Toddler” is, well, almost three. There’s still “The Teenager” at home, and there’s also a granddaughter in there who is, well, almost three, so we’ve got a wide variety of children across which we have to share our limited resources.
Each one, of course,...
Knowing the algorithms is only half the battle, you’ve got to understand a whole lot more to design a scalable architecture.
Citrix’s Craig Ellrod has a series of blog posts on the basic (industry standard) load balancing algorithms. These are great little posts for understanding the basics of load balancing algorithms like round robin, least connections, and least (fastest) response time. Craig’s posts are accurate in their description of the theoretical (designed) behavior of the algorithms. The thing that’s missing from these posts (and maybe Craig will get to this eventually) is context. Not the context...
Correcting some misperceptions regarding ADCs, virtualization, and the use of Cisco as the definitive yardstick for measuring the ADC market A recent article penned by analyst Jim Metzler asks “Can application delivery controllers support virtualization?” A fair question, especially when one digs into the eventual migration and portability of virtual machines across disparate cloud computing deployments based on just such support. But the conclusion reached is misleading and does a disservice to the entire load balancing/application delivery controller industry. Caveat: Having been under fire from vendors and readers alike in the past...
The fallacy of security is that simplicity or availability of the solution has anything to do with time to resolution The announcement of the discovery of a way in which an old vulnerability might be exploited gained a lot of attention because of the potential impact on Web 2.0 and social networking sites that rely upon OAuth and OpenId, both of which use affected libraries. What was more interesting to me, however, was the admission by developers that the “fix” for this vulnerability would take only “six lines of code”, essentially implying a “quick fix.” ...
You can’t assume anything about an application’s performance and delivery needs based on the fact that it rides on HTTP. I read an interesting article during my daily perusal of most of the Internet (I’ve had to cut back because the Internet is growing faster than my ability to consume) on “Virtual Micro Networks.” The VMN concept goes well beyond Virtual Local Area Networks (VLANs). Like VLANs or any other network, VMNs transport data from source to destination. But VMNs extend beyond transport to...
Detecting bots requires more than a simple USER_AGENT check today… Anyone who’s taken an artificial intelligence class in college or grad school knows all about the Turing Test. If you aren’t familiar with the concept, it was a “test proposed by Alan Turing in his 1950 paper Computing Machinery and Intelligence, which opens with the words: "I propose to consider the question, 'Can machines think?'" Traditional Turing Tests always involve three players, and the goal is to fool a human interviewer such that the interviewer cannot determine which of the two players is human and which...
As the majority of an application’s presentation layer logic moves to the client it induces changes that impact the entire application delivery ecosystem
The increase in mobile clients, in demand for rich, interactive web applications, and the introduction of the API as one of the primary means by which information and content is shared across applications on the web is slowly but surely forcing a change back toward a traditional three-tiered architecture, if not in practice then in theory. This change will have a profound impact on the security, delivery, and scalability of the application but it also forces changes in...
No, it’s not global server load balancing or GeoLocation. It’s something more… because knowing location is only half the battle and the other half requires the ability to make on-demand decisions based on context. In most cases today, global application delivery bases the decision on which location should service a given client based on the location of the user, availability of the application at each deployment location and, if the user is lucky, some form of performance-related service-level agreement. With the advent of concepts like cloud bursting and migratory applications that can be deployed at any number of...
Security risks are not always indicative of a lack of faith in the provider’s competency but about, well, risk. IDC recently conducted another cloud survey and [feign gasp of surprise here] security risks topped a healthy list of concerns that, according to the survey, outweighed cloud computing benefits. While growing numbers of businesses understand the advantages of embracing cloud computing, they are more concerned about the risks involved, as a survey released at a cloud conference in Silicon Valley shows. Respondents showed greater concern about the risks associated with cloud...
Google finally catches on and begins to develop what application delivery vendors have been doing for years. It’s a primary axiom of web operations and networking: speed matters. One has only to look at the number of niche products that focus on speed: WAN optimization, application acceleration, caching, content delivery networks, and continuing increases in the core speeds and feeds of our networks. So it shouldn’t be a surprise when “cloud” providers start talking about performance as a differentiator, which is exactly what Google recently noted at the Velocity conference. The average...
From mammoth hunting to military maneuvers to the datacenter, the key to success is control Recalling your elementary school lessons, you’ll probably remember that mammoths were large and dangerous creatures and like most animals they were quite deadly to primitive man. But yet man found a way to hunt them effectively and, we assume, with more than a small degree of success as we are still here and, well, the mammoths aren’t. Marx Cavemen PHOTO AND ART WORK : Fred R Hinojosa. The theory of how man successfully hunted ginormous creatures...
End-to-end is a popular term in marketing circles to describe some feature that acts across an entire “something.” In the case of networking solutions this generally means the feature acts from client to server. For example, end-to-end protocol optimization means the solution optimizes the protocol from the client all the way to the server, using whatever industry standard and proprietary, if applicable, techniques are available. But end-to-end is not necessarily an optimal solution – not from a performance perspective, not from a CAPEX or OPEX perspective, and certainly not from a dynamism perspective. The better option, the more...
Minimizing the impact of code changes on multi-tenant applications requires a little devops “magic” and a broader architectural strategy
Ignoring the unavoidable “cloud outage” hysteria that accompanies any Web 2.0 application outage today, there’s been some very interesting analysis of how WordPress – and other multi-tenant Web 2.0 applications – can avoid a similar mistake. One such suggestion is the use of a “feathered release schedule”, which is really just a controlled roll-out of a new codebase as a means to minimize the impact of an error. We’d call this “fault isolation” in data center architecture 101. It turns out...
Virtual Desktop Infrastructure (VDI) is designed to deliver virtual, managed desktops in the corporate environment. There are many benefits to this model, especially when applied to traditionally high-maintenance desktops in call centers where users may not be technically savvy and insist on, oh, changing the fonts and background to be black and then calling the help desk to “fix” the problem*. Fixing the problem becomes a simple case of pushing the clean desktop to the user. But as VDI broadens its use from limited, internal deployments to off-site deployments supporting remote workers and disaster...
… where response time and speed are concerned, many businesses automatically assume Google.com- and Amazon.com-levels of performance from services such as Google App Engine and Amazon EC2, but this can be a mistake. -- ESJ, “Q&A: Managing Performance of Cloud-Based Applications and Services” A big mistake, indeed. While the underlying systems may be optimized and faster than fast, that doesn’t mean that applications won’t suffer poor performance. There are many other factors that determine how an application will perform, and most of them are variable. They can change from...
There have been many significant events over the past decade, but looking back these are still having a significant impact on the industry. Next week is Interop. Again. This year it’s significant in that it’s my tenth anniversary attending Interop. It’s also the end of a decade’s worth of technological change in the application delivery industry, the repercussions and impact of which in some cases are just beginning to be felt. We called it load balancing back in the day, but it’s grown considerably since then and now encompasses a wide variety of application-focused concerns: security, optimization,...
The future of application performance management is in real-time visibility, action, and integration. For a very long time now APM (Application Performance Management) has been a misnomer. It’s always really been application performance monitoring, with very little management occurring outside of triggering manual processes requiring the attention of operators and developers. APM solutions have always been great at generating eye-candy reports about response time and components and, in later implementations, dependencies on application and even network infrastructure. But it has rarely been the case that APM solutions have really been about, well, managing application performance. Certainly...
Think that your image heavy site won’t benefit from compression? Think again, because compression is not only good for image heavy sites, it might be better than for those without images. jetNEXUS has a nice post entitled, “What does Application acceleration mean?” Aside from completely ignoring protocol acceleration and optimization (especially good for improving performance of those chatty TCP and HTTP-based applications) the author makes a point that should have been obvious but isn’t – compression is actually good for image heavy sites. It’s true that images are technically already compressed according to their respective...
What we’ve got here is a failure to communicate. Some apps you just can’t reach … in the cloud. Доброе утро! What? You don’t speak Russian? Not even “baby” Russian? French? Spanish? Indonesian? Korean? Chinese? If you’ve traveled you’ve probably picked up a few words here and there but it’s unlikely you are, at this point, fluent in any of the world’s languages excepting English. Luckily most other people in the world speak English better than you speak their language so you should get along just fine. Unfortunately for...
Thought those math rules you learned in 6thgrade were useless? Think again…some are more applicable to the architecture of your data center than you might think.
Remember back when you were in the 6th grade, learning about the order of operations in math class? You might recall that you learned that the order in which mathematical operators were applied can have a significant impact on the result. That’s why we learned there’s an order of operations – a set of rules – that we need to follow in order to ensure that we always get the correct answer when performing...
The current threat level is … the same as it was yesterday, and the day before, and will be tomorrow. We’ve all been in the airport before and heard the announcement. “The current threat level is orange. Blah blah blah blah yada yada whatever.” At least that’s what I hear today because I’ve become immune to the fact that “orange” means there’s a threat. There’s always a threat, it seems, and the announcement simply conveys what appears to many of us to be the “status quo.” We have effectively been desensitized to a “higher” threat level as...
The advent of virtualization brought about awareness of the need to decouple applications from IP addresses. The same holds true on the client side – perhaps even more so than in the data center. I could quote The Prisoner, but that would be so cliché, wouldn’t it? Instead, let me ask a question: just which IP address am I? Am I the one associated with the gateway that proxies for my mobile phone web access? Or am I the one that’s currently assigned to my laptop – the one that will change tomorrow because today I am...
What is needed to customize the cloud is a pair of data center ruby slippers called Infrastructure 2.0. Frank Gens of IDC discussed the “New IDC IT Cloud Services Survey: Top Benefits and Challenges” in his blog and what is not surprising is that security continues to top the challenges associated with cloud services. What may be surprising to some is the increasing focus on customization. It shouldn’t be. As customers continue to push at the boundaries of the cloud computing model they will inevitably find it unable to meet some need they have, such as customization....
There’s compression, and then there’s compression. One of the most common means of improving application performance is to reduce the size of the data being exchanged as redress for inherent network protocol behavior that can cause excessive delays in delivery of application data. Compression is often enabled to achieve this goal, and because most data being delivered to applications is text-based (XML, HTML, JSON) this technique generally works quite well. Depending on the architecture of the application delivery network, however, there may be other “types” of compression that can be used in addition to the “compression” typically associated...
There’s a difference between automation and orchestration, and knowing which one you’re really doing is half the battle in achieving a truly dynamic data center. Randy Heffner on CIO.Com wrote an excellent article on SOA and its value, “SOA: Think Business Transformation, Not Code Reuse.” The problem I had with the article was not in any way related to its advice, conclusions, or suggestions. The problem I had was that I kept thinking about how perfectly much of his article could be applied to data center orchestration, operational transformation, and automation. Simply replace “SOA” with “orchestration”, “software reuse”...
More interesting, what if you had the means to actually try to meet them? On the surface, Infrastructure 2.0 seems to have very little value to the end-user. It is, after all, about collaboration at the infrastructure layer. It is under the covers, as it were, of the application blanket with which end-users actually interact. But it may end up that Infrastructure 2.0 will have a direct impact on the control the user has over the way in which applications are delivered. Which is to say they might one day have some. What this means is something...
Or more apropos, it’s in the complex and intimate relationship between applications and their infrastructure. What’s the difference between a highly virtualized corporate data center and a cloud computing environment? There are probably many, but the most important distinction – and the one that earns the latter a “cloud computing” tag – is certainly that the former lacks a comprehensive orchestration system and was likely not architected using a rapid, infrastructure inclusive, scalability strategy. Mitch Garnaat, “The Elastician”, recently managed to sum up what should be every modern data center’s motto in a...
Agreed that cloud vendors need to differentiate on services. Disagreed that cloud standards will not forward that cause and that virtualization platform makes a difference. The battle for virtualization platform dominance rages on, but it will not be virtualization that makes or breaks a cloud computing offering; it will be the diversity – or lack thereof - of the services it offers. We need to stop focusing on virtualization as the be-all and end-all of cloud computing and start bending our efforts toward what really matters: the ability of providers to efficiently offer a broad set of...
The W3C specification now offers the means by which cross-origin AJAX requests can be achieved. Leveraging network and application network services in conjunction with application-specific logic improves security of allowing cross-domain requests and has some hidden efficiency benefits, too. The latest version of the W3C working draft on “Cross-Origin Resource Sharing” lays out the means by which a developer can use XMLHTTPRequest (in Firefox) or XDomainRequest (in IE8) to make cross-site requests. As is often the case, the solution is implemented by extending HTTP headers, which makes the specification completely backwards and cross-platform compatible even if the...
Scaling applications that include AJAX and non-AJAX components may require more than just tuning your web server A common problem after deploying a Web 2.0 AJAX-based application shows itself through poor performance or lower capacity on the server, often both. Web serving tuning is almost always the first step in improving performance and capacity, but the inherently competing behavior of AJAX-requests and “normal” HTTP requests quickly becomes problematic as well. Tune for the AJAX requests and performance of regular old HTTP requests suffers. Tune for regular old HTTP requests, and performance of AJAX-requests suffer. This is...
We worry about VM sprawl but what about device sprawl? Management of a multitude of network-deployed solutions can be as operationally inefficient as managing hundreds of virtual machines, and far more detrimental to the health and performance of your applications. Turning them all into virtual network appliances that might need scaling themselves? That’s even badder. But all you hardware fanbois best not smirk too much because the proliferation of hardware network devices is only slightly less badder than the potential problems arising from virtual network appliance sprawl. WAIT, WHY IS DEVICE SPRAWL BAD AGAIN?...
I haven’t heard the term “graceful degradation” in a long time, but as we continue to push the limits of data centers and our budgets to provide capacity it’s a concept we need to revisit. You might have heard that Twitter was down (again) last week. What you might not have heard (or read) is some interesting crunchy bits about how Twitter attempts to maintain availability by degrading capabilities gracefully when services are over capacity. “Twitter Down, Overwhelmed by Whales” from Data Center Knowledge offered up the juicy details: ...
Nope. Wasn’t under the couch. In fact it turns out it wasn’t even missing, it’s just been overlooked and might already be in your data center. As more organizations continue to make virtualization a core part of their overall application deployment strategy they are finding challenges associated with managing and, apparently, optimizing their newly created heterogeneous infrastructure. Kevin Fogarty, in “10 Virtualization Vendors to Watch in 2010”, writes of some of the challenges with virtualization to come in the next year. One of those challenges is, apparently, optimization of resources across physical and virtual assets, at least...
One of the concerns with cloud bursting specifically for the use of addressing seasonal scaling needs is that cloud computing environments are not necessarily PCI-friendly. But there may be a solution that allows the application to maintain its PCI-compliance and still make use of cloud computing environments for seasonal scaling efficiency. Cloud bursting, a.k.a. overdraft protection, is a great concept but in some situations, such as those involving PCI-compliance, it can be difficult if not impossible to actually implement. The financial advantages to cloud bursting for organizations requiring additional capacity on only a seasonal basis are well understood,...
In the wake of Google’s revelation that its GMail service had been repeatedly attacked over the past year the search engine goliath announced it would be moving to HTTPS (HTTP over SSL) by default for all GMail connections. For users, nothing much changes except that all communication with GMail will be encrypted in transit using industry standard SSL, regardless of whether they ask for it by specifying HTTPS as a protocol or not. In the industry we generally refer to this as an HTTPS redirect, and it’s often implemented by automatically rewriting the URI using a load balancing /...
If you’re just trading “specialized” hardware for “dedicated” hardware you’re losing more than you’re gaining. Apparently I have not gotten the memo detailing why specialized hardware is a Very Bad Thing(TM) . I’ve looked for it, I really have, but I cannot find it anywhere. What I did find was any number of random press releases announcing how “virtual version X” of some network or application infrastructure solution was now virtualized and hey, you don’t specialized hardware to run it. These random press releases neglect, I might add, to mention that there's very little difference between the requirement...
Kicking of the new year (and a new decade) with a lively debate on a technological concept that is barely out of its infancy is always a good thing. Fred Cummins over at HP recently penned “Pursuit of the Intercloud is Premature” and caught the eye of several of us for whom Intercloud is near and dear and, I think, provided a great way to start off the year by declaring the concept of Intercloud “not yet worthy of concern”. If this elastic mesh is provided by a single cloud provider, then it is...
Being an efficient developer often means abstracting functionality such that a single function can be applied to a variety of uses across an application. Even as this decreases risk of errors, time to develop, and the attack surface necessary to secure the application it also makes implementing security more difficult. Over the holidays I had the opportunity to do some coding on my latest web application project. I won’t bore you with the details of what it is because it’s to support a hobby of Don and mine except to say that it’s running on a LAMP stack...
If it is, you might want to reconsider how you’re handling security, acceleration, and delivery of your applications before users “go postal” because of poor application performance. Sometimes wisdom comes from the most unexpected places. Take Jason Rahm’s status update on Facebook over the holidays. He’s got what is likely a common complaint regarding the delivery model of the US postal service: the inefficiency of where postage due is determined. Everyone has certainly had the experience of sending out a letter (you know, those paper things) and having it returned a week or more later...
We’ve been talking about “aligning IT with the business” since SOA first took legs but you rarely see CONCRETE EXMAPLES OF WHAT THAT REALLY MEANS. It sounds much more grand and lofty than it really is. To put it in layman’s terms, or at least take it out of marketing terms, aligning IT with the business is really nothing more than justifying or tying a particular IT investment or project to a specific business goal. What that means ultimately is that you, as an IT professional, must understand what those business goals are in the first place. Once...
Like peanut-butter and jelly, cloud computing and application acceleration are just better together. Ann Bednarz of Network World waxes predictive regarding 2010 trends in application delivery and WAN optimization in WAN optimization in 2010. One of the interesting tidbits she offers from research firm Gartner is growth in the application acceleration market: Second, the research firm is predicting a return to modest growth for the application acceleration market in 2010. Gartner is forecasting a compound annual growth rate of 12.22%, with 2014 revenue of $4.27 billion. This, when viewed alongside...
A recent tweet about a free, Linux-based XML Security suite reminded me that we do not opine on the subject of XML security and its importance enough. SOA has certainly been dethroned as the technology darling du jour by cloud computing and virtualization and with that forced abdication has unfortunately also come a reduction in the focus on XML and security. That’s particularly disturbing when you recognize that what’s replaced SOA – primarily WOA and RESTful APIs – exchange data primarily via one of two formats: XML and JSON. Whether you prefer one over the other is...
Should the enterprise standardize on JSON or XML as their lingua franca for Web 2.0 integration? Or should they use both as best fits the application?The decision impacts more than just integration – it resounds across the entire infrastructure and impacts everything from security to performance to availability of those applications.
One of the things a developer may or may not have control over when building enterprise applications is the format of the data used to communicate (integrate) with other applications. Increasingly services external to the enterprise are very Web 2.0 in that they provide HTTP-based APIs for integration that...
An interesting thing happens when you combine toolkits like XAJAX and SAJAX and the ability to perform content-based routing: you can actually achieve function-level load balancing in both cloud-based and traditional architectures. As you might have discovered from previous posts mentioning it, I still do web application development to support hobby interests in my (very little) spare time. I’m currently in love with the XAJAX library, which has made development of what is supposed to be a very interactive application nearly effortless. I’m also very much enamored of load balancing/application delivery and cloud computing, specifically...
Beware the danger of building out isolated network and application network infrastructures in the cloud lest we end up with silos from which it is difficult to escape. While writing a separate post on the business value of public versus private cloud computing investments I specifically called out the fact that infrastructure – virtual or physical – provisioned in a cloud environment is applicable only to that cloud environment; it really can’t be shared within the enterprise architecture or other public cloud computing environments, for that matter. That led to considering the impact...
The long, lost application delivery spell compendium has been found! Its once hidden, arcane knowledge is slowly being translated for the good of all web applications. Luckily, you don’t have to be Elminster or Gandalf or <insert powerful wizard you know here> to cast this spell over your infrastructure Contingency School of Magic: Evocation Components: Somatic (requires gestures), Material (requires physical component) Saving Throw: None Spell Resistance: No Through the use of the contingency spell, application delivery professionals can dictate the conditions...
Certainly no one would seriously argue that web applications are fast enough for everyone. SPDY is one suggested solution, but what if we combine MapReduce and SPDY? Could we develop an architectural solution that leverages the best of SPDY without requiring entire infrastructure changes to support a new protocol? More than a couple of people have mentioned Map/Reduce as a means to achieve workload-level distribution of applications in a cloud computing environment. I hadn’t looked into Map/Reduce but finally decided that if that many very smart people were thinking it was a solution, I should look into it....
Ever wonder why requests coming through proxy-based solutions, particularly load balancers, end up with an IP address other than the real client? It’s not just a network administrator having fun at your expense. SNAT is the question – and the answer. SNAT is the common abbreviation for Secure NAT, so-called because the configured address will not accept inbound connections and is, therefore, supposed to be secure. It is also sometimes (more accurately in the opinion of many) referred to as Source NAT, however, because it acts on source IP address instead of the destination IP address as is...
Google’s desire to speed up the web via a new protocol is laudable, but the SPDY protocol would require massive changes across networks to support ArsTechnica had an interesting article on one of Google’s latest projects, a new web protocol designed to replace HTTP called SPDY. SPDY uses a single SSL-encrypted session between a browser and a client, and then compresses all the request/response overhead. The requests, responses, and data are all put into frames that are multiplexed over the one connection. This makes it possible to send a higher-priority small file without...
No, not the kind you do on Facebook when you’re really, really tired but the kind defined as a means to reduce power consumption without affecting application performance or availability by eliminating non-essential processing and networking whenever possible. An article on “Drowsy” computing as a means to reduce power consumption in data centers got me thinking about how such concepts might be applied to networking. To summarize the concept of “drowsy” computing its basic premise is that when applications aren’t being heavily used some mechanism is used to reduce the power consumption on...
With just a few clicks you, too, can create a cloud computing environment. But if you’re like a lot of organizations, you may not know what to do with it after that. The latest version of Ubuntu Server (9.10) includes the Ubuntu Enterprise Cloud (UEC), which is actually powered by Eucalyptus. The ability to deploy a “cloud” on any server running Ubuntu is really quite amazing, especially given the compatibility of Eucalyptus with Amazon and the plethora of application images available for nearly immediate deployment. It supports both a public and private option, and a hybrid model, and...
You can address the problem of converting smart quotes – and any other content - in your application if you control the code. What if you’re using third-party software for which you do not have the code? Or what if it is your code but the “defect” is so low on the priority list that you won’t get to it until the year 2020?
Dealing with Microsoft smart quotes is a fact of life for developers. Almost every developer out there has a server-side script/function they use to strip them out of user-generated content and replace them with web-friendly HTML...
Cloud computing is, at its core, about using resources in the most operational and financially efficient manner possible. It’s about spreading resources around and sharing them to achieve greater scalability with fewer investments in hardware and software. But what if you aren’t moving to cloud? Or virtualization? Or perhaps you are, but the benefits won’t be really seen until you actually get enough resources shared across your organization. Isn’t there any other way to better utilize the resources you have now to improve the bottom line? Yes, yes, there is. And the best part is that these methods...
Carrying over the provisioning and capacity planning techniques used in a traditional data center to cloud computing negates the full power of the Force cloud computing. One of the benefits of cloud computing is supposed to be efficiency, particularly in the utilization of compute resources. Over-provisioning of compute resources has long been one way in which IT combats the need for scalability and availability of applications but this often leaves a large percentage of compute resources unused. The utilization rule once employed as a means to ensure availability and performance of applications, i.e. no device...
There is a common myth that the reason legacy code continues to run in businesses around the world is that no one understands it; that IT and businesses are afraid to replace it because they don’t know what it does. Once again, living in the mainframe capital of the world (the insurance industry heavy midwest), I get to talk to IT folks who deal with legacy software and hardware all the time. Do not doubt that they know exactly what that legacy software does and how it works, and perhaps frightening to proponents of change and the...
“Where are you storing your data these days,” he asked casually after trying to come up with a better opening line but failing. “Ah, dahhling,” she drawled while gesturing in no particular direction with an almost deprecating wave of her hand. “The Cloud, where else?” Thanks to the nearly constant misapplication of the phrase “The Cloud” and the lack of agreement on a clear definition from technical quarters I must announce that “The Cloud” is no longer a synonym for “Cloud Computing”. It can’t be. Do not be misled into trying, it will only cause you...
A lack of ability in the cloud to distinguish illegitimate from legitimate requests could lead to unanticipated costs in the wake of an attack. How do you put a price on uptime and more importantly, who should pay for it? A “Perfect Cloud”, in my opinion, would be one in which the cloud provider’s infrastructure intelligently manages availability and performance such that when it’s necessary new instances of an application are launched to ensure meeting the customer’s defined performance and availability thresholds. You know, on-demand scalability that requires no manual intervention. It just “happens” the way it should....
Amazon’s ELB is an exciting mix of well-executed infrastructure 2.0 and the proper application of SOA, but it takes a lot of work to make anything infrastructure look that easy. The notion of Elastic Load Balancing, as recently brought to public attention by Amazon’s offering of the capability, is nothing new. The basic concept is pure Infrastructure 2.0 and the functionality offered via the API has long been available on several application delivery controllers for many years. In fact, looking through the options for Amazon’s offering leaves me feeling a bit, oh, 1999. As if load balancing hasn’t...
One of the benefits of Infrastructure 2.0 is connectedness: the ability to collect and share pertinent data regarding the health and performance of applications and infrastructure services. Based on that data a dynamic infrastructure can adapt on-demand and make decisions that respect real capacity limits, not artificial ones. Randy Hayes writes “The CapCal Blog”, and describes CapCal as being about “measuring the performance and scalability of web apps using real, production level workloads.” In A Very Delicate Load Balancing Act he discusses the impact of load balancing configurations on the capacity and performance of applications. ...
Cloud offers an appealing “pay only for what you use” that makes it hard to resist. Paying on a per-usage hour basis sounds like a good deal, until you realize that your site is pretty much “always on” because of bots, miscreants, and users. In other words, you’re paying for 24x7x365 usage, baby, and that’s going to add up. Ironically, the answer to this problem is … cloud. Don and I occasionally discuss how much longer we should actually run applications on our own hardware. After all, the applications we’re running are generally pretty light-weight, and only see...
The problem of AJAX, interstitial request patterns, and the effect on the performance and availability of your applications. There are several reasons why applications need to be scaled out but they all come down to essentially addressing the same core problem: resource consumption. In the case of networked applications this often means specifically TCP connection resources. Now most people don’t think of TCP connections as a resource, per se, but every web and application server has an upper limit to the number of TCP connections it can hold open at any given time. In some cases this...
Steve (apparently yes, we are on a first name basis) offers up his thoughts on developing APIs for the Cloud in “A Cloud Tools Manifesto.” While the inclusion of the word “manifesto” in the title raised quite the stir (“Manifestogate” is still fresh on the minds of many cloud-oriented people), what really caught my eye is his inclusion of a “mock endpoint” primarily for testing of API based integration and development. This is something that’s increasingly important not just to cloud but to Web 2.0 and social networking sites that provide APIs via which other sites and client applications can...
Malicious links served up in a browser are OS agnostic. They don’t care about the OS because the target is people, not technology. In response to the problem of links and trust put forth in a recent post a reader replies that the answer to “evil links” is simply to run Linux instead of Windows. the very best solution is to run something other than windows, and with ubuntu at its current state of maturity (and free-ness), why wouldn't you? I won’t disagree with the assessment of Ubuntu and its current...
Are you monitoring the network, servers, stack, or the application? The answer may mean the difference between your application being available or not. One of the biggest problems with moving away from simple load balancing to application delivery is that network teams don’t often get the memo and the application teams don’t have a good understanding of what load balancers can do so they can’t even offer suggestions regarding how to architect a better solution to availability. That means neither team really understands the role of health monitoring in maintaining availability for applications. What should happen...
Back in the day when I was actually allowed to write code for customers the pat answer to any code being returned from QA because of problems was a flat “but it works on my machine.” Alright, alright, I’ll be honest; it wasn’t flat at all, it usually a plaintive whine. This isn’t an uncommon scenario as differences in environments and interactions with other applications may be enough to cause problems on one machine and not another. Troubleshooting such subtle issues were painful, to say the least, and not something anyone wanted to do. Now comes the time...
Understanding the various types of load balancing
When someone says “load balancing” the immediate reaction is usually to think of pools of servers and applications being load balanced to provide high-availability for massive sites like Amazon or Google or Facebook. But there’s a couple of other types of load balancing that deserve to be recognized because although they sit in the shadow of “load balancing” they are often invaluable assets to network and application architects attempting to ensure availability and adherence to service level agreements.
Link Load Balancing
Link load balancing is the...
Business critical internal processing systems often require high-availability and fault tolerance, too. Load balancing and application delivery is almost always associated with scaling out interactive, web-based applications. Rarely does anyone think about load balancing and application delivery in batch processing systems even when those systems might be critical to the business they are supporting. But scaling out non-interactive processing systems and providing high-availability to such critical systems is just as easily accomplished for an application delivery controller (ADC) as it is to scale out an interactive web-based application. Maybe easier. When that system also requires a...
Isolation of resources in “the cloud” is moving providers toward hosted data centers and away from shared resource computing. Do we need to go back to the future and re-examine mainframe computing as a better model for isolated applications capable of sharing resources? James Urquhart in “Enterprise cloud computing coming of age” gives a nice summary of several “private” cloud offerings; that is, isolated and dedicated resources contracted out to enterprises for a fee. James ends his somewhat prosaic discussion of these offerings with a note that this “evolution” is just the beginning of a long process. ...
Commoditized from solution to feature, from feature to function, load balancing is no longer a solution but rather a function of more advanced solutions that’s still an integral component for highly-available, fault-tolerant applications. Unashamed Parody of Monty Python and the Holy Grail Load balancers: I'm not dead. The Market: 'Ere, it says it’s not dead. Analysts: Yes it is. Load balancers: I'm not. The Market: It isn't. Analysts: Well, it will be soon,...
AJAX enables the use of network-side scripting enabled application delivery solutions to offload client-side functionality and improve capacity and performance of dynamic (Web 2.0/AJAX) applications. In the last couple of weeks I’ve embarked on a home project to rewrite – from scratch – a couple of web applications that Don and I and friends use on a regular basis. Consider it a very restricted (in terms of users) social networking application, because that’s basically what it is. I made heavy use of AJAX for one component in the past version but have been really leveraging it a lot more...
Are you load balancing servers or applications? Network traffic or application requests? If your strategy to application availability is network-based you might need a change in direction (up the stack). Can you see the application now? Network load balancing is the distribution of traffic...
A load balancing algorithm can make or break your application’s performance and availability It is a (wrong) belief that “users” of cloud computing and before that “users” of corporate data center infrastructure didn’t need to understand any of that infrastructure. Caution: proceed with infrastructure ignorance at the (very real) risk of your application’s performance and availability. Think I’m kidding? Stefan’s SOA & Enterprise Architecture Blog has a detailed and very explanatory post on Load Balancing Strategies for SOA Infrastructures that may change your mind. This post grew, apparently, out of some (perceived) bad behavior on...
There is no reason in a modern web application for users to see a white error page Sightings of the Twitter “fail whale” are, these days, fewer and far between. That’s a good thing. What’s interesting is that when it does show up, users are almost amused – as if they’re glad to see an old friend. I mean, come on; Twitter’s users named the whale, for crying out loud. How many of your users have a fan club for your error pages? Exactly. That’s the kind of reaction you want from HTTP errors but what you...
Cloud providers know the secret to a successful cloud computing implementation is integration between the infrastructure and virtualization Ever notice that cloud providers are v e r y reluctant to reveal on what foundation their cloud computing architectures are laid? Most providers don’t want to share their “secret sauce” because, well, then everyone else could get into the game as well. While it is certainly true that the infrastructure – and specifically the application delivery infrastructure – you choose to lay the foundation for a cloud computing architecture can affect your ability to succeed and innovate...
Why do application delivery vendors talk about both? Aren’t they the same thing? In general, acceleration implies that something will be done to the application: caching, compression, etc… The actual behavior of the application is changed such that the client may need to participate in the acceleration. Acceleration is technically speaking disruptive in the sense that it requires participation of client, intermediary, and often the server. This generally takes a form that leverages existing standards, a la caching, such that no changes need be made to clients or servers, but the behavior of the application and its...
Idle resources will always need to exist, especially in a cloud architecture With IT focused on efficiency – for reduction in operating expenses and in the interests of creating a greener computing center – there’s a danger that we’ll attempt to achieve 100% efficiency. You know, the data center in which no compute resources are wasted; all are applied toward performing some task – whether administrative, revenue generating, development cycles, or business-related – and no machine is allowed to sit around idle. Because, after all, idleness is the devil’s playground, isn’t it? But before...
When it comes to availability, coding a solution is just delaying the inevitable Jonathan Howell, in Five Things That Will Kill Your Site – an excellent read, by the way, for all web application developers – asserts that there are several ways to avoid web application death that do not require the implementation of “expensive redundant hardware with top of the line load balancers and an enterprise class SAN.” In general he’s got some good advice to which application developers should pay attention, but I had to disagree with his assertion that a solution to provide graceful degradation...
Why Carr’s analogy doesn’t describe today’s cloud environments and how SOA can get us closer to what he describes Back when cloud first starting drifting in to obscure the computing landscape there were a lot of parallels drawn between it and grid, and a lot of analogies used to explain the concept behind it. Cloud computing is most often analogized using Nicolas Carr’s analogy of the cloud as an electrical grid; that’s always bothered me at almost a visceral level. But I could never articulate why well enough and a lot of smart people told me that if I...
For some companies there’s never been a quantifiable financial impact from attacks. Cloud may change that. One of the frustrations with information security is that it’s always difficult – if not impossible – to quantify risk. Without the ability to quantify risk, it’s often the case that solutions that would mitigate the risk are left unimplemented because there’s no way to prove that the risk would turn into a breach, downtime, or other revenue impacting incident. Take the recent PayPal outage. Estimates are that the hour of downtime for the payment processing king might have...
Ever wanted to prove or understand how the network impacts productivity? There is a formula for that… We often talk in abstract terms about the affects of application performance on productivity. It seems to make sense that if an application is performing poorly – or unavailable – that it will certainly affect the productivity of those who rely upon that application. But it’s hard enough to justify the investment in application acceleration or optimization without being able to demonstrate a real impact on the organization. And right now justification is more of an issue than it’s ever been. ...
The concept of a server needs to go the way of the dodo One of the reasons I enjoy Twitter is that quite frequently – if you’re following the right people – you’ll see a tweet that is absolutely profound despite its simplicity and the constraints placed upon the author. Recently we were having a mini-discussion on Twitter regarding the definition of availability that elicited just such a golden nugget from botchagalupe: “Apps designed for a cloud should remove the ‘server’ concept.” First, I really like the use of the article “a” in...
The importance of a full-proxy architecture to application delivery, security, cloud computing, and virtualization People often describe the act of changing focus from one related but distinct task to another as “wearing two different hats.” Like moving from “developer” to “administrator” when you’re trying to deploy an application in a testing environment. You’re the developer, but then you have to “switch gears” and become a server administrator in order to ensure that the application server and its environment is configured properly before you can actually test the application you just wrote. But the metaphor...
Context, it’s always about context (or the lack thereof) I received a call recently that most people have probably received: our banking institution just wanted to verify that yes, that was Don or I making purchases at midnight in Wisconsin and then later in Indiana and yet again that afternoon in Ohio. That’s a good thing, I’m sure, as they’re just trying to watch our back. But later in the day I tried to make a purchase and was, horror of horrors, denied. The bank, when called, seemed matter-of-fact about the situation. The security flag hadn’t been...
Availability means more than the dread “d” word The focus on making servers unhackable to prevent service disruption (that’s such a politic way of saying the dread “d” word – downtime) is admirable but exposes the tendency of technical folks to go down rat holes when discussing application delivery challenges and specifically the challenge of assuring availability of applications and services. What generally seems to happen when we start talking about availability in the cloud is that we go down the rat hole of talking specifically about the cloud and not applications deployed...
The “replace” in “rip and replace” essentially means getting rid of old security problems and replacing them with new ones. Twittergate is (thankfully) behind us but it’s almost assuredly going to be the case that we’ll be rehashing this one for a while. This certainly isn’t the first time Twitter and security issues have clashed, and as in the past Twitter (and really any very public application in a similar situation) is the clear loser. And of course there comes the unsolicited advice offered regarding what Twitter needs to do to address its security issues. I am, of...
Is ESB just an expensive integration hub or is there more to the story than we heard… In the beginning, the ESB (Enterprise Service Bus), was marketed as much more than an integration technology. While the core of an ESB is certainly about connectivity between services, there was – and still is – so much more to an ESB than just integrating disparate protocols and technologies. Transformation, parallel processing, content based routing, and service orchestration are among the more useful and beneficial capabilities of an ESB. That’s why it was somewhat surprising to see the CTO of...
One of the interesting points that discussions around intercloud brings up is the need for infrastructure to, if you’ll pardon the use of marketing jargon, align with the business. What that really means is that applications and their supporting infrastructure need to be more business-aware. Thing is you don’t really need intercloud or even cloud or even virtualization for many of these business-aware capabilities. They are certainly a boon, but solutions that include application delivery functionality don’t need to wait for a fully-baked cloud or intercloud implementation. Consider, for example, the potential of business-layer load...
No, that isn’t a homophonic mistake. Dan directed my attention to an interesting article recently, “Are 3-tier web architecture models too rigid?” in which the author postulates that “maybe it is time to finally break out of the old 3-tier web architecture box and retire the concept…” In addition to a great mention of F5 and an “application delivery tier” in web architecture models (the concept of which deserves its very own blog post), the author inadvertently, I think, brings to the fore one of the reasons SOA might have failed to dominate the world: service...
Without availability scalability is irrelevant I really enjoyed Jeff Atwood’s recent blog on Scaling Up vs Scaling Out, which includes a fairly detailed comparison of the costs associated with each approach to scalability. I enjoyed it because not only did it take into consideration the cost of hardware, but also remembered to include the cost of software licensing. And of course there’s the fact that Jeff’s site is focused on development and coding, and this discussion broadened the discussion into the realm of application networking – a demesne with which I am of course particularly fond. ...
So once we have the intercloud, what are we going to do with it? Some debate is heating up, at least on Twitter, about a variety of cloud-related topics. As James Urquhart pointed out in his “Three debates that will benefit cloud computing” debate is good, because it fuels innovation and drives markets forward. One of the things that’s frustrating about new technology and concepts is that terminology often confuses the discussion. We periodically still see discussions – and debates – around the definition of cloud computing, after all, so that shouldn’t be surprising at all....
Smashing Magazine has a cool “cheat sheet” for those interested in the ongoing development of HTML 5. Of interest is what’s being excluded and what’s new, as well as the length of time it’s going to take before HTML 5 is completely supported: XHTML is dead, long live HTML 5! According to W3C News Archive, XHTML 2 working group is expected to stop work end of 2009 and W3C is planning to increase resources on HTML 5 instead. And even although HTML 5 won’t be completely supported until 2022, it doesn’t mean that it won’t...
The concept of an “intercloud” is floating around the tubes and starting to gather some attention. According to Greg Ness you can “Think of the intercloud as an elastic mesh of on demand processing power deployed across multiple data centers. The payoff is massive scale, efficiency and flexibility.” Basically, the intercloud is the natural evolution of global application delivery. The intercloud is about delivering applications (services) from one of many locations based on a variety of parameters that will be, one assumes, user/organization defined. Some of those parameters could be traditional ones: application availability, performance, or user-location. Others...
Somebody has to be first Recently Microsoft came up with a solution, supported natively in IE8, to protect against clickjacking attempts. Apparently some folks have decided that because Microsoft has a history of implementing proprietary solutions that this one, too, must be proprietary. These same folks must also have very little understanding of today’s web application architectures, as they declared the solution pretty much useless based on some pretty poor assumptions regarding the implementation of said solution. As noted in the Register, “some critics have contended the protection [X-FRAME-OPTIONS custom HTTP header] will be ineffective because...
I was chatting with my mother a couple weeks ago about cloud (she’s a used-to-be programmer turned project manager for a Fortune 500. Don’t look at me like that, I keep telling you it runs in the family) and one of the problems she lamented about was that folks don’t seem to understand how entrenched COBOL and the mainframe is in the organization. It’s so entrenched that given the choice between a client-server application and a COBOL application that did the same thing they chose the COBOL program because it was less expensive and they had the knowledge on staff...
Whether you are aware of it or not, if you’re deploying applications in the cloud or building out your own “enterprise class” cloud, you’re going to be using load balancing. Horizontal scaling of applications is a fairly well understood process that involves (old skool) server virtualization of the network kind: making many servers (instances) look like one to the outside world. When you start adding instances to increase capacity for your application, load balancing necessarily gets involved as it’s the way in which horizontal scalability is implemented today. The fact that you may have already...
But browser support is only half the solution, don’t forget to implement the server-side, too. Clickjacking, unlike more well-known (and understood) web application vulnerabilities, has been given scant amount of attention despite its risks and its usage. Earlier this year, for example, it was used as an attack on Twitter, but never really discussed as being a clickjacking attack. Maybe because aside from rewriting applications to prevent CSRF (adding nonces and validation of the same to every page) or adding framekillers there just haven’t been many other options to prevent the attack technique from being utilized against...
The inclusion of a web server gives attackers clear line-of-sight to their targets There’s been a few articles on Opera Unite that have called into question the security of the decision to include a web server with the browser. Most of those discussions have centered around the ability to muck with files not intended by the host to be shared, but given current infection techniques there’s a far greater danger to Opera: mass injection attacks. As is often pointed out, current attack techniques are not necessarily targeting web sites per se, but are intended to infect...
You can’t differentiate until you do something different Gartner analyst and cloud pundit Lydia Leong reminds us that without differentiation, all clouds look pretty much the same. “These are traits that it doesn’t take a genius to think of. Most are known requirements established through a decade and a half of hosting industry experience. If you want to differentiate, you need to get beyond them.” [emphasis added] She lists traits common to most cloud providers: premium equipment, VMWare-based, private VLANs, private connectivity, and co-located dedicated gear but doesn’t really get into...
One of the tasks of an enterprise architect is to design a framework atop which developers can implement and deploy applications consistently and easily. The consistency is important for internal business continuity and reuse; common objects, operations, and processes can be reused across applications to make development and integration with other applications and systems easier. Architects also often decide where functionality resides and design the base application infrastructure framework. Application server, identity management, messaging, and integration are all often a part of such architecture designs. Rarely does the architect concern him/herself with the network infrastructure, as that is...
How to optimize compute resources in a heterogeneous environment using weight/ratio-based load balancing Unless you’re starting from scratch your data center is full of physical servers of various and sundry sizes, colors, shapes, and compute resources. And even if you’re starting from scratch and you have beautiful racks of everything the same, it’s not likely to stay that way if for no other reason than, well, hardware moves on at an astonishing rate these days. So you’ve almost certainly got (or will have) a physically heterogeneous environment in terms of hardware compute resources. When you’re scaling...
I’m heading out today for a little time off and so you’ll have to make due the rest of the week without any (new) words of wisdom from me. I know, try to pull yourself together. You’ll live, really, and I’ll be back Monday with something interesting, promise. While I’m out, you might consider checking out some of the blogs I follow myself on a regular basis. They’re always full of interesting tidbits and stories and wisdom on a variety of subjects, and if you don’t follow them yourself you might find something interesting in them. ...
An interesting thing happened on the way to testing that application from the cloud. We broke the innertubes!
Pros and Cons of Application Testing in the Cloud
A firm wanted to test their application and need 100 browser instances. In the old days it would have required 100 machines -- that would be a massive undertaking. Even with hardware virtualization, you would need 5 to 10 machines, and there would be some complex configuration issues. However, by putting it all in the cloud, they were able to sync up 100 virtual instances of the browsers and take them down over...
Balancing Cost, Performance, and Capacity in the Cloud There is a huge difference between provisioning applications to support capacity and provisioning them to support performance requirements. That as capacity increases performance decreases is one of the truisms of scalability that is likely to be one of the first axioms of cloud computing that will bite us in the proverbial rear-end while simultaneously reaching for our wallets. Alistair Croll of BitCurrent has a couple of great charts that illustrate this point perfectly. He then goes on to discuss how that affects cloud computing in “The cloud’s...
If you haven’t got your (applications’) health, then you haven’t got anything If you happen to be unlucky enough to suffer from Celiac disease - gluten intolerance (wheat, barley, oats, rye) - then you know how important it is to keep gluten out of your diet. If you don’t know let’s just say that you have to keep even trace amounts of gluten out of your diet lest you suffer the consequences, which can be different from person to person, but none are pleasant. You feed off food; applications feed off requests and responses. Like those who...
There is a tendency to describe every device on a network as simply “the network” regardless of whether that device is dedicated to security, or application delivery (layer 4-7), or actual network (layer 2-3) functionality. It’s an artifact of aging data center architecture models that there exists an artificial line of demarcation between web and application servers and everything else. We used to depict “everything else” as a cloud, but with the emergence of The Cloud doing so simply complicates discussions even further because the “network” necessary to support a dynamic, on-demand operational model of computing like “cloud” is more...
Understanding the impact of compression on server resources and application performance While doing some research on a related topic, I ran across this question and thought “that deserves an answer” because it certainly seems like a no-brainer. If you want to decrease bandwidth – which subsequently decreases response time and improves application performance – turn on compression. After all, a large portion of web site traffic is text-based: CSS, JavaScript, HTML, RSS feeds, which means it will greatly benefit from compression. Typical GZIP compression affords at least a 3:1 reduction in size, with hardware-assisted compression yielding an average...
There’s apparently been a bit of confusion over what, exactly, F5 thinks of cloud computing as an organization based on a recent blog post. I thought I’ve been fairly clear on where F5 stands in terms of cloud computing but I may be suffering what’s known as the “curse of knowledge”, which means I am so deeply entrenched in F5’s view of cloud that I forget that other people don’t have the luxury of that knowledge. So I’d like to take this opportunity to clear up any misconceptions that may be floating around and just set the record...
As a telecommuter – and one that lives in that technological mecca of the midwest, Green Bay – I don’t often get the chance to talk face to face with, well, anyone. Being conscripted into booth duty at Interop this week means I get to talk to people with real problems and with ones that can quickly bring anyone with their head in the clouds back down to earth. Imagine if you will an application. A real, honest to goodness client-server application. Not web-based, but client-server; like the kind we wrote in Delphi and Visual Basic back in...
Greedy algorithms can result in the right solution in the end, but rarely do Don and I were having a discussion with our oldest son the other night about writing a chess program. There are myriad options for implementing the learning aspects of a chess program, but this is not a task for the timid. He ended up proposing a much simpler solution (this was just an exercise in ‘can I write it’, after all) that would have essentially used a very greedy algorithm; one that made a decision regarding the computer’s next move based on current state of...
Why architecture matters not only to security but to the future of cloud computing It seems the phrase “in the cloud”, sadly, has become a marketing-hyped euphemism for “the Internet.” I say sadly because the use of cloud to refer to every and any service delivered over the Internet dirties up the cloud. It obscures the intent of cloud computing and makes it difficult for technologists in the trenches to get a handle on how cloud – both external and internal – can provide benefits and solutions to problems they have right now. The very loose use of the...
Don’t confuse computing services with infrastructure services. We aren’t there yet. The subtext to the cloud computing discussion is subtle, as is the wont of subtext. But it is clear that underlying all the concerns about cloud computing is a common theme: control. Whether we’re talking about reliability or security, it should be obvious if you’re reading between and beneath the lines that the biggest stumbling block to massive cloud adoption is the issue of control. There is a very real difference between on-demand computing and on-demand infrastructure. What the cloud provides now, and is described...
Brother, can you give a developer a hand? As the topology of networks delivering applications becomes increasingly complex it becomes more and more difficult to troubleshoot problems, especially for developers tasked with figuring out why their “application broke” in production when it was working just fine thank you very much in “DEV” and “QA.” It is rare, after all, that the production environment – including all the moving parts – is duplicated in development and testing environments. It is already difficult enough for developers to track down problems due to the complex nature of application infrastructure...
If you’ve ever played Dungeons & Dragons for an extended period of time (a campaign, in the vernacular) you know that of all the classes available the cleric is the least likely to be chosen willingly. The cleric class is much like the kid picked last in kickball, chosen only because you have to, not because you want to. Okay, bard may actually be less likely but cleric is really, really close and you need a cleric, you don’t necessarily need a bard. The problem is that clerics can be somewhat dull to play but...
The importance of context in solving the problems created by tying web applications to deeply rooted local metaphors (IP addresses). The relationship between IP addresses and web applications to most end-users is much like the metaphorical language of the Tamarians in Star Trek: The Next Generation “Darmok”. It is incomprehensible without the proper foundational concepts; to anyone who lacks the proper context. In the case of IP addresses and web applications that foundation is technological rather than the historical basis of the Tamarian’s metaphorical language. The diseconomy of scale inherent in our reliance on IP addresses...
The undisclosed relationship between o3 magazine and application delivery startup Carbon Mountain Robert Scoble recently lamented the “free meals” the newspaper industry has given away but mentions that there are still some meals left, most notably “objectivity”: Meal left #4: objectivity and accountability. I can argue that lots of journalists aren’t objective, but the truth is they are part of a system that adds objectivity and accountability as a system BEFORE publishing. Blogging and Twittering, I have noticed, can be objective and accountable, but it sometimes takes time to figure that out, especially...
How to defeat the ancient Jedi mind trick known as HTTP Request Smuggling. HTTP Request Smuggling (HRS) is not a new technique; it's been around since 2005. It takes advantage of architectures where one or more intermediaries (proxies) are deployed between the client and the server. HRS is can be used to poison web-caches and bypass security solutions such as web application firewalls as well as for the delivery of malicious payloads such as worms, viruses, and those used to exploit known vulnerabilities in web and application servers. The good news is that to exploit HRS,...
Automation isn’t some special brand of soup and there’s no “automation nazi” who can deny access to its benefits. The recent McKinsey report on cloud computing has pundits everywhere choking on their donuts and scrambling to dispute the report’s findings, which essentially end up saying “cloud ain’t cheaper.” I’m not going to rehash the arguments. I’m not going to analyze the report. But I am going to dig into a few comments on the report by Thorsten at RightScale who started off by saying: “Its claim that cloud computing (in the...
OVF (Open Virtualization Format) apparently just isn’t getting enough mindshare out there in the discussions of cloud computing that focus on portability and interoperability. The goal of OVF is to provide a portable, interoperable non-vendor specific meta-data that describes an application, its virtual container, and the attributes necessary to deploy it in a new environment with minimal human intervention. This will, allegedly, allow it to move seamlessly from cloud to cloud, drifting ever-so-gently and making the entire process appear effortless. Given that lofty goal, it’s no surprise that Jon Oltsik, senior analyst at the Enterprise Strategy Group, wonders...
What is this application delivery thing that everyone keeps telling me I need? Isn’t that just the latest marketing term for load balancing? A recently released Forrester report concludes that “firms must develop and integrated strategy for application delivery.” We don’t disagree with that, or with the Gartner report claiming that “Load Balancing is Dead, Time to Focus on Application Delivery.” Application delivery is the next step in the logical evolutionary path from the tactical solution of load balancing to a comprehensive application infrastructure strategy. Forrester’s research indicates that despite the fact that application...
The acceleration technique known as pre-fetching went the way of the do-do bird sometime around 2002. But perhaps it should be resurrected, just in a different place and with a slightly different focus. A SHORT HISTORY OF ACCELERATION TECHNIQUES Most modern acceleration techniques revolve around two things: decreasing the amount of data to be transferred (compression, optimization of the client-side cache) or twiddling with protocols (TCP, HTTP) and their associated behaviors to improve the overall speed at which a client and server communicate. Back in the early days of application acceleration most technologies were...
You’ve declared your Data Center Independence. You’ve agreed on a basic set of rights. The problem now is ensuring that those rights are upheld and that you can achieve that independence. We’re not innocent bystanders in the data center revolution; we wholly support your rights to choose the architecture and solutions that best fit your environment. You can’t do it alone. You need tools with which to fight the data center revolution. So we’re arming you with at least some of those tools (hey, we can’t do it all alone) with the introduction of BIG-IP v10...
First Amendment Vendors shall make no law respecting an establishment of architecture, or prohibiting the free design thereof; or constraining the flow of data, or of packets; or the right of the administrators easily to configure, and to ensure the fast, secure, and available delivery of applications. Second Amendment A well-performing network being necessary to the delivery of applications, the right of IT to optimization of any network environment, shall not be infringed. Third Amendment Budgetary constraints, though required for an efficient business, shall not force IT to compromise on security or...
When in the course of deploying applications, it becomes necessary for administrators to dissolve the technical shackles which have connected them to products, and to assume among the powers of IT, the separate and equal station to which management entitles them, a decent respect for their valuable time requires that vendors should provide them with the means by which they may enact this separation. We hold these truths to be self-evident, that not all applications are created equal, that they are endowed by their developers with certain quirky behaviors, that among these are chattiness, vulnerabilities, and very large...
Better performance, reduced costs and data center footprint are not niche-market interests. The fast-paced world of finance is taking a hard look at the benefits of hardware acceleration for performance and finding additional benefits such as a reduction in rack-space via consolidation of server hardware. Rich Miller over at Data Center Knowledge writes: Hardware acceleration addresses computationally-intensive software processes that task the CPU, incorporating special-purpose hardware such as a graphics processing unit (GPUs) or field programmable gate array (FPGA) to shift parallel software functions to the hardware level. ...
ArsTechnica has an interesting little article on what Windows Azure is and is not. During the course of discussion with Steven Martin, Microsoft's senior director of Developer Platform Product Management, a fascinating – or disturbing in my opinion – statement was made: There is a distinction between the hosting world and the cloud world that Martin wanted to underline. Whereas hosting means simply the purchase of space under certain conditions (as opposed to buying the actual hardware), the cloud completely hides all issues of clustering and/or load balancing, and it offers an entirely virtualized...
Decisions about routing at every layer require context A friend forwarded a blog post to me last week mainly because it contained a reference to F5, but upon reading it (a couple of times) I realized that this particular post contained some very interesting information that needed to be examined further. The details of the problems being experienced by the poster (which revolve around a globally load-balanced site that was for some reason not being distributed very equally) point to an interesting conundrum: just how much control over site decisions should a client have? Given the...
Increasingly WAN optimization solutions are adopting the application acceleration moniker, implying a focus that just does not exist. WAN optimization solutions are designed to improve the performance of the network, not applications, and while the former does beget improvements of the latter, true application acceleration solutions offer greater opportunity for improving efficiency and end-user experience as well as aiding in consolidation efforts that result in a reduction in operating and capital expenditure costs. WAN Optimization solutions are, as their title implies, focused on the WAN; on the network. It is their task to improve the utilization of bandwidth,...
Owning the stack is important to security, but it’s also integral to a lot of other application delivery functions. And in some cases, it’s downright necessary. Hoff rants with his usual finesse in a recent posting with which I could not agree more. Not only does he point out the wrongness of equating SaaS with “The Cloud”, but points out the importance of “owning the stack” to security. Those that have control/ownership over the entire stack naturally have the opportunity for much tighter control over the "security" of their offerings. Why? because they...
The case of Laura Dean has been treated as a “wake up call” to the millions of users of social networking sites. At first glance it appears there is nothing that Facebook (or any other social media site) could have done to prevent the theft and subsequent abuse of her identity. I was briefly on the “you can’t blame technology for this one” bandwagon until I stopped and thought about the ways in which fraud detection systems work and applied that process to the very simple login process used by every social media site in existence. ...
When folks are asked to define the cloud they invariably, somewhere in the definition, bring up the point that “users shouldn’t care” about the actual implementation. When asked to diagram a cloud environment we end up with two clouds: one representing the “big cloud” and one inside the cloud, representing the infrastructure we aren’t supposed to care about, usually with some pretty graphics representing applications being delivered out of the cloud over the Internet. But yet some of us need to care what’s obscured; the folks tasked with building out a cloud environment need to know what’s...
It has been suggested that the use of application acceleration solutions as a means to improve application performance would result in programmers writing less efficient code. In a comment on “The House that Load Balancing Built” a reader replies: Not only will it cause the application to grow in cost and complexity, it's teaching new and old programmers to not write efficient code and rely on other products and services on [sic] thier behalf. I.E. Why write security into the app, when the ADC can do that for me. Why write code that...
The year 2009 may be remembered as the year technologies died. First Anne Thomas Maynes of Burton Group declared SOA dead, and more recently Mark Fabbi of Gartner announced the death of load balancers. The difference in the obituaries is striking: Maynes declare an entire architectural model dead while Fabbi merely declares the death of a product, not the technological concepts behind it. Load balancers may be dead, the concept of load balancing lives on as a critical foundation for more advanced and valuable features available in the load balancer’s evolutionary replacement: the application delivery controller. Where Maynes gives...
One of the negatives of providing a solution is that it necessarily assumes there is a problem. That’s actually a fair assumption in the technology world, as problems seem to abound with no end in sight. What it also does, unfortunately, is lead to a culture within IT that is more tactical than strategic. Because IT is almost always trying to put out one fire or another, they rarely have time to think – and plan – ahead. Honestly, that’s the responsibility of directors and C-level executives, anyway. It’s their responsibility to look ahead not just months...
Rich Miller, in response to some questions I maintain on meta-data ownership and interoperability with regards to the CCIF's efforts in defining a cloud interoperability specification, had some questions of his own: The part I'm itching to ask her about ... or start a more open conversation: the possibility of "a specification regarding application network delivery metadata" which, if properly (??) abstracted and generic, could "allow the meta-data policies to be transported and applied across different cloud implementations while preserving the specific details of implementation within the cloud computing infrastructure." Whoa!! Tall order, isn't it? ...
While the vast majority of folks are still debating what is or is not "cloud computing", there are already groups trying to get ahead of the curve by focusing on broader issues such as interoperability and portability. Indeed, by addressing the potential pitfalls associated with portability across cloud implements now rather than later, it is hoped that there won't be as many problems when it does finally become an issue. There is a very real danger, however, that cloud interoperability and portability specifications will fail to address the very real need to include all the relevant application and...
You're standing in line at the bank when someone walks in. You instinctively look around and notice the newcomer is wearing sunglasses, and a hooded sweatshirt. His hands are both inside the pockets of his sweatshirt, even though it's warm inside. He chooses a line, and dances nervously from foot to foot, craning his neck to see to the front of the line. After a few minutes he leaves the line and chooses a new one, growing increasingly agitated at the wait. He keeps looking from the clock to the line to the tellers, and appears to be wringing his...
The webification of applications over the years has led to the belief that client-server as an architecture is dying. But very few beliefs about architecture have been further from the truth. The belief that client-server was dying - or at least falling out of favor - was primarily due to fact that early browser technology was used only as a presentation mechanism. The browser did not execute application logic, did not participate in application logic, and acted more or less like a television: smart enough to know how to display data but not smart enough to do anything...
We've been talking a lot about the benefits of Infrastructure 2.0, or Dynamic Infrastructure, a lot about why it's necessary, and what's required to make it all work. But we've never really laid out what it is, and that's beginning to lead to some misconceptions. As Daryl Plummer of Gartner pointed out recently, the definition of cloud computing is still, well, cloudy. Multiple experts can't agree on the definition, and the same is quickly becoming true of dynamic infrastructure. That's no surprise; we're at the beginning of what Gartner would call the hype cycle for both concepts, so...
Open APIs are a matter of much discussion these days in the realm of cloud computing. Just take a peek at the discussion that occurred via Twitter during Cloud Connect. Many folks were not shy in putting forth the notion that cloud portability and interoperability can only be achieved through accepted "cloud" standards. Integration standards, for the cloud, if you will. The fear is that any emerging standards will focus only the portability of the application or virtual container environment. They are likely to ignore the fact that no application is an island, and that the application delivery...
Twitter is, once again, feeling growing pains. This time the microblogging darling of the social networking world is proactively addressing the problem - by further rate limiting its APIs. Alex Payne, API Lead for Twitter, explained on the Twitter Developers mailing list: “Starting later this week we’ll be limiting those on the whitelist to 20,000 requests per hour. Yes, you read that right: twenty THOUSAND requests per hour. According to our logs, this accounts for all but the very largest consumers of our API. This is essentially a ...
The debate this week is on location, specifically we're back arguing over whether there exist such things as "private" clouds. Data Center Knowledge has a good recap of some of the opinions out there on the subject, and of course I have my own opinion. Location is, in fact, important to cloud computing, but probably not in the way most people are thinking right now. While everyone is concentrating on defining cloud computing based on whether it's local or remote, folks have lost sight that location is important for other reasons. It is the location...
Infrastructure 2.0 is, at its core, about evolving to a new level of interconnectedness, one in which the underlying infrastructure becomes as flexible and adaptable as the applications and virtualization infrastructure it is responsible for managing and delivering. In order to be connected, however, you need a way in which disparate infrastructure components can communicate, either directly or via a third party (coordination | management | orchestration) server. That communication is almost certainly going to take (and in many cases has already taken) the form of service-enabled control planes. These "services" are necessary in order to provide the...
While doing some research on a related topic I dug into the technical aspects of Obama's Blueprint For Change. The plans around technology are fairly nebulous, with a few exceptions, such as those related specifically to broadband access: Deploy Next-Generation Broadband: Barack Obama believes we can get broadband to every community in America through a combination of reform of the Universal Service Fund, better use of the nation’s wireless spectrum, promotion of next-generation facilities, technologies and applications, and new tax and loan incentives. On this front, a U.S. House committee recommended yesterday...
One of the reasons behind some folks pushing for infrastructure as virtual appliances is the on-demand nature of a virtualized environment. When network and application delivery infrastructure hits capacity in terms of throughput - regardless of the layer of the application stack at which it happens - it's frustrating to think you might need to upgrade the hardware rather than just add more compute power via a virtual image. The truth is that this makes sense. The infrastructure supporting a virtualized environment should be elastic. It should be able to dynamically expand without requiring a new network architecture,...
It has been suggested more than once, by folks normally considered rational, that in a cloud computing implementation everything - and I mean everything - should be virtualized. Even the infrastructure. The hype surrounding virtualization has spread not just to applications and their virtual image deployment as a means to achieve dynamic horizontal scale but also to infrastructure, to routers and switches and security devices. Indeed, there are a good number of infrastructure vendors currently offering and others feverishly working on virtual appliance versions of hardware devices for deployment in cloud and virtual computing environments. Part...
dy·nam·ic (adj) Characterized by continuous change, activity, or progress flex·i·ble (adj) Responsive to change; adaptable. Able to bend without breaking Infrastructure 2.0 is, at its core, about not just the network but the entire infrastructure evolving to a new level of interconnectedness, one in which the underlying infrastructure devices become flexible and adaptable; capable of responding to the continuous change in the next generation data center without breaking. The demands placed upon infrastructure by virtualization, consolidation, and the cloud require that networks grow out of their static configuration models and adopt a more...
VM sprawl is predicted to be one of the outcomes of early adoption and excitement over virtualization. Just as IT struggled to manage the explosion of PCs and servers across the enterprise, it is predicted that now it will need to find a way to manage the explosion of virtual machines as they pop up all over the enterprise with surprising alacrity. Part of the difficulty in managing new technology is the rogue deployment of X. Whether that's physical or virtual servers is irrelevant, the challenges associated with managing what are essentially unmanaged applications and servers deployed outside...
Just because you can, doesn't mean you should. I'm going to start this one by quoting Hoff who was quoting Andreas Antonopoulos of Nemertes Research Group who was paraphrasing a concept put forth by Doug Gourlay. From Rational Survivability "How about using netflow information to re-balance servers in a data center" Routing: Controlling the flow of network traffic to an optimal path between two nodes Virtual-Routing or Anti-Routing: VMotioning nodes (servers) to optimize the flow of traffic on the network. Using netflow information, identify those...
When an application is deployed into a high-availability production environment there are a number of interesting infrastructure related things need to happen. The application delivery controller (ADC) needs to be configured, DNS entries updated, storage allocated, and all the other associated network infrastructure must be prepared to handle the delivery of the new application. We have a BIG-IP. Do I have to talk to the network guys?? ...
One of the most affordable options for small and medium businesses in terms of Internet connectivity is business-class service from cable and telco providers like Time Warner Cable, Cox, Verizon, and AT&T. Unfortunately, the definition of "business-class" is ill-suited to businesses that host their own web applications or mail servers. If you've ever looked into business class service, you'll notice that like residential services, they are only truly cost effective if you don't really care about upload speed. For example, Verizon has a promotional offer that promises download speeds up to 7.1Mbps, but limits upload speeds to 768Kbps....
You may recall a recent overview on network-side scripting that described a few uses of this technology integrated with application delivery controllers. With thousands of examples of the uses of network-side scripting it's hard to choose just one to adequately represent its potential. Luckily, we don't have to stick to just one. Viva la Internet! Based on the technical session the great network-side scripting guru Colin and I ran at SD Best Practices in October, I've pulled nine ways to use network-side scripting that can enhance the scalability, security, and performance of web applications into a presentation for...
As an application delivery solution provider focused on securing, accelerating, and optimizing web applications, we pay a lot of attention to web application development trends. Languages, environments, and technologies are all of significant interest because in many cases the decisions regarding development affect the security and performance of applications deployed in production. AJAX-based applications, for example, can have a significant impact on performance of the application and on the network (and vice-versa), so we pay attention to its adoption and use and are always looking for new ways to secure and accelerate applications using the technology. ...
In the face of a recession everyone, individuals and organizations alike, begin scaling back spending. The first thing to go is luxury items; after all, you probably didn't need that big screen TV for Christmas, and the kids will likely be just as happy with used video games as they would with new ones. IT departments quickly scale back as well, putting off larger, more costly projects that aren't critical to the core business and re-evaluating much of their infrastructure in an attempt to cut costs and reduce the impact of the hardware and software costs of running...
Deploying applications in a cloud computing environment, whether private or public, requires a bit of proactive thinking on the ramifications of a dynamic, on-demand environment, particularly when considering the impact on application session management. Consider that today, application sessions are often relied upon to remain in memory, on the application server, for hours. Persistence is achieved by storing the session in a file if necessary on the local server rather than in a database. This is particularly true of web applications developed in scripting languages like PHP that do not require a separate application server. But users who...
The prediction of the death of online shopping this holiday season were, apparently, greatly exaggerated. As it's been reported, Sears, along with several other well known retailers, were victims of heavy traffic on Black Friday. One wonders if the reports of a dismal shopping season this year due to economic concerns led retailers to believe that there would be no seasonal rush to online sites and therefore preparation to deal with sudden spikes in traffic were unnecessary. Most of the 63 objects (375 KB of total data) comprising sears.com home page are served from sears.com...
Christofer Hoff, better known as @Beaker to the Twitterverse, put on his devil's advocacy hat (yes, it really is a good color for him) yesterday and questioned whether there was a need for hardware application delivery solutions in the cloud. He postulated via Twitter that application delivery functions would become part of the cloud fabric and thus whether they were implemented in hardware or software was largely irrelevant. Generally speaking we're in agreement on that one. But then he really used that devil's advocacy hat and suggested that the application delivery control layer might be virtualized and...