|
| DevCentral > Weblogs > - Two Different Socks
|
architecture
There are 108 entries for the tag architecture
 |
Thought those math rules you learned in 6thgrade were useless? Think again…some are more applicable to the architecture of your data center than you might think.
Remember back when you were in the 6th grade, learning about the order of operations in math class? You might recall that you learned that the order in which mathematical operators were applied can have a significant impact on the result. That’s why we learned there’s an order of operations – a set of rules – that we need to follow in order to ensure that we always get the correct answer when performing...
posted @ Tuesday, March 09, 2010 3:41 AM |
|
|
The current threat level is … the same as it was yesterday, and the day before, and will be tomorrow. We’ve all been in the airport before and heard the announcement. “The current threat level is orange. Blah blah blah blah yada yada whatever.” At least that’s what I hear today because I’ve become immune to the fact that “orange” means there’s a threat. There’s always a threat, it seems, and the announcement simply conveys what appears to many of us to be the “status quo.” We have effectively been desensitized to a “higher” threat level as...
posted @ Friday, March 05, 2010 3:48 AM |
|
|
Ultimately a highly-scalable, high-performance architecture will rely on choosing the right form factor in the right places at the right time.
Scale is not just about servers, and for corporate data centers and cloud computing providers looking to realize the benefits of rapid elasticity and on-demand provisioning scale simply must be one of the foundational premises upon which a dynamic data center is built. And that includes the infrastructure.
This isn’t the first time I’ve touched upon this subject, but it’s a concept that needs to be reiterated – especially with so many pundits and analysts looking for the...
posted @ Monday, March 01, 2010 3:53 AM |
|
|
Managing a virtual machine is not the same thing as managing the stuff inside it. I’ve been noticing a disturbing, though not unexpected, trend in the world of virtualization and cloud computing around management of infrastructure, particularly around virtual network appliances (VNAs). Specifically this trend is claiming the ability to manage virtualized infrastructure. You’d think I’d be happy about that. I probably would - if the solutions were actually capable of managing the infrastructure. Digging into these management solutions shows that for the most part the definition of the term “manage”...
posted @ Wednesday, February 24, 2010 3:56 AM |
|
|
More interesting, what if you had the means to actually try to meet them? On the surface, Infrastructure 2.0 seems to have very little value to the end-user. It is, after all, about collaboration at the infrastructure layer. It is under the covers, as it were, of the application blanket with which end-users actually interact. But it may end up that Infrastructure 2.0 will have a direct impact on the control the user has over the way in which applications are delivered. Which is to say they might one day have some. What this means is something...
posted @ Wednesday, February 17, 2010 3:43 AM |
|
|
Or more apropos, it’s in the complex and intimate relationship between applications and their infrastructure. What’s the difference between a highly virtualized corporate data center and a cloud computing environment? There are probably many, but the most important distinction – and the one that earns the latter a “cloud computing” tag – is certainly that the former lacks a comprehensive orchestration system and was likely not architected using a rapid, infrastructure inclusive, scalability strategy. Mitch Garnaat, “The Elastician”, recently managed to sum up what should be every modern data center’s motto in a...
posted @ Monday, February 15, 2010 4:06 AM |
|
|
Preparing for the upcoming Cloud Connect conference several speakers and presenters have put forth the proposal that no one should attempt to define cloud yet again. After all, if you’re attending the conference (and you are attending, of course, aren’t you?) then you certainly have a firm understanding of what cloud computing is and what it can do. But most end-users and business stakeholders won’t be attending and don’t have a firm understanding of cloud computing. Even the technology pundits to whom these constituents turn to learn about the technology often fail to really “get” cloud computing, as evinced...
posted @ Friday, February 12, 2010 3:50 AM |
|
|
If developers will not write “virtualization aware” applications, who will? The future of application development platforms may be at stake… Right now developers are packaging up applications in virtual machines and deploying them. That’s according to, well, every survey you find related to virtualization and cloud computing. Joe McKendrick, citing the latest Evans Data Cloud Development Survey, noted that “sixty-one percent of 400 developers in Evans Data Corp’s recent Cloud Development Survey report that at least some of their IT resources will move to the public cloud within the next year.” But even given the number...
posted @ Thursday, February 11, 2010 3:30 AM |
|
|
Agreed that cloud vendors need to differentiate on services. Disagreed that cloud standards will not forward that cause and that virtualization platform makes a difference. The battle for virtualization platform dominance rages on, but it will not be virtualization that makes or breaks a cloud computing offering; it will be the diversity – or lack thereof - of the services it offers. We need to stop focusing on virtualization as the be-all and end-all of cloud computing and start bending our efforts toward what really matters: the ability of providers to efficiently offer a broad set of...
posted @ Wednesday, February 10, 2010 4:35 AM |
|
|
Scaling applications that include AJAX and non-AJAX components may require more than just tuning your web server A common problem after deploying a Web 2.0 AJAX-based application shows itself through poor performance or lower capacity on the server, often both. Web serving tuning is almost always the first step in improving performance and capacity, but the inherently competing behavior of AJAX-requests and “normal” HTTP requests quickly becomes problematic as well. Tune for the AJAX requests and performance of regular old HTTP requests suffers. Tune for regular old HTTP requests, and performance of AJAX-requests suffer. This is...
posted @ Monday, February 08, 2010 4:35 AM |
|
|
We seem on the verge of repeating the mistakes associated with failed SOA implementations: ignoring the larger issue of architecture. Everyone – from pundit to public – is asking the same question: “Where are the network virtual appliances?” But fewer people seem to be asking a question that needs to go hand-in-hand with that one: “Where are the architectural guidelines to support deployment of network virtual appliances?” SOA has been deemed by many to be a failure in part because it lacked true architectural guidance. Architects were simply unable – whether by lack of skills or training or...
posted @ Thursday, February 04, 2010 4:43 AM |
|
|
One of the concerns with cloud bursting specifically for the use of addressing seasonal scaling needs is that cloud computing environments are not necessarily PCI-friendly. But there may be a solution that allows the application to maintain its PCI-compliance and still make use of cloud computing environments for seasonal scaling efficiency. Cloud bursting, a.k.a. overdraft protection, is a great concept but in some situations, such as those involving PCI-compliance, it can be difficult if not impossible to actually implement. The financial advantages to cloud bursting for organizations requiring additional capacity on only a seasonal basis are well understood,...
posted @ Thursday, January 21, 2010 5:54 AM |
|
|
If it is, you might want to reconsider how you’re handling security, acceleration, and delivery of your applications before users “go postal” because of poor application performance. Sometimes wisdom comes from the most unexpected places. Take Jason Rahm’s status update on Facebook over the holidays. He’s got what is likely a common complaint regarding the delivery model of the US postal service: the inefficiency of where postage due is determined. Everyone has certainly had the experience of sending out a letter (you know, those paper things) and having it returned a week or more later...
posted @ Wednesday, January 06, 2010 3:19 AM |
|
|
Beware the danger of building out isolated network and application network infrastructures in the cloud lest we end up with silos from which it is difficult to escape. While writing a separate post on the business value of public versus private cloud computing investments I specifically called out the fact that infrastructure – virtual or physical – provisioned in a cloud environment is applicable only to that cloud environment; it really can’t be shared within the enterprise architecture or other public cloud computing environments, for that matter. That led to considering the impact...
posted @ Tuesday, December 08, 2009 3:31 AM |
|
|
Certainly no one would seriously argue that web applications are fast enough for everyone. SPDY is one suggested solution, but what if we combine MapReduce and SPDY? Could we develop an architectural solution that leverages the best of SPDY without requiring entire infrastructure changes to support a new protocol? More than a couple of people have mentioned Map/Reduce as a means to achieve workload-level distribution of applications in a cloud computing environment. I hadn’t looked into Map/Reduce but finally decided that if that many very smart people were thinking it was a solution, I should look into it....
posted @ Wednesday, December 02, 2009 3:14 AM |
|
|
Google’s desire to speed up the web via a new protocol is laudable, but the SPDY protocol would require massive changes across networks to support ArsTechnica had an interesting article on one of Google’s latest projects, a new web protocol designed to replace HTTP called SPDY. SPDY uses a single SSL-encrypted session between a browser and a client, and then compresses all the request/response overhead. The requests, responses, and data are all put into frames that are multiplexed over the one connection. This makes it possible to send a higher-priority small file without...
posted @ Tuesday, November 17, 2009 4:20 AM |
|
|
The question is whether that impact is positive (a reduction) or negative (an increase). One of the biggest threats to data integrity is the introduction of malicious content via SQLi (SQL Injection) attacks. Traditional database access methods don’t provide a lot in the way of validating requests and like HTML the vagaries of SQL allow for myriad ways in which a statement can be constructed – and thus exploited. These vagaries, of course, are one factor in the reason why SQLi continues to plague applications and sites driven by user generated content. Another factor is certainly...
posted @ Monday, November 16, 2009 4:52 AM |
|
|
Microsoft has made some fairly substantial changes to the core architecture of Exchange 2010. Given that messaging can only be described as business critical today, it’s no surprise that many new aspects of Exchange 2010 and in particular its new architecture are designed to improve availability and management of its messaging systems. Exchange 2010 includes many changes to its core architecture. In Exchange 2010, new features such as incremental deployment, mailbox database copies, and database availability groups work with other features such as shadow redundancy and transport dumpster to provide a new, unified...
posted @ Tuesday, November 10, 2009 3:27 AM |
|
|
Cloud computing management functionality and standards are right now laser-focused on virtual machines, and most APIs include the ability to stop,start,launch,etc…at that level of the infrastructure. This is because the application is still insulated by its virtualized environment. The “depth” of management and standards efforts today stops at the hard shell of the virtualization layer and leaves the soft, chewy application center alone. This means nothing is really all that different for developers. But it could, and some might argue should, be different. The development of a web-application for a cloud computing environment today is really...
posted @ Monday, November 09, 2009 3:57 AM |
|
|
IMAGE CREDIT: DANIEL PENNEY Everyone has surely experienced the frustration of an overloaded desktop/laptop. You’ve just got too many apps open at one time and the performance of your machine has been slowly degrading to the point where you can select an application from the toolbar, run down to the local Starbucks, stop and chat with a friend, and return to find the application still not ready for use. The same thing happens on servers. Even though a web/application server is likely only running a few critical applications,...
posted @ Thursday, October 22, 2009 4:13 AM |
|
|
“Where are you storing your data these days,” he asked casually after trying to come up with a better opening line but failing. “Ah, dahhling,” she drawled while gesturing in no particular direction with an almost deprecating wave of her hand. “The Cloud, where else?” Thanks to the nearly constant misapplication of the phrase “The Cloud” and the lack of agreement on a clear definition from technical quarters I must announce that “The Cloud” is no longer a synonym for “Cloud Computing”. It can’t be. Do not be misled into trying, it will only cause you...
posted @ Wednesday, October 21, 2009 3:12 AM |
|
|
Cloud offers an appealing “pay only for what you use” that makes it hard to resist. Paying on a per-usage hour basis sounds like a good deal, until you realize that your site is pretty much “always on” because of bots, miscreants, and users. In other words, you’re paying for 24x7x365 usage, baby, and that’s going to add up. Ironically, the answer to this problem is … cloud. Don and I occasionally discuss how much longer we should actually run applications on our own hardware. After all, the applications we’re running are generally pretty light-weight, and only see...
posted @ Tuesday, October 13, 2009 4:30 AM |
|
|
The problem of AJAX, interstitial request patterns, and the effect on the performance and availability of your applications. There are several reasons why applications need to be scaled out but they all come down to essentially addressing the same core problem: resource consumption. In the case of networked applications this often means specifically TCP connection resources. Now most people don’t think of TCP connections as a resource, per se, but every web and application server has an upper limit to the number of TCP connections it can hold open at any given time. In some cases this...
posted @ Wednesday, October 07, 2009 3:53 AM |
|
|
A question I often hear is “Why don’t you just move load balancing/application delivery into a virtual appliance model?” My answer is almost always “That’s the wrong question.” The question that should be asked is “What are the potential impacts to the infrastructure and application?” Because the whole point of deploying an application delivery solution – virtual appliance or hardware – is about improving some facet of the infrastructure in order to better deliver your applications. So in order to determine whether using a virtual appliance is a good idea or not you have to ask what the impacts might...
posted @ Tuesday, October 06, 2009 3:43 AM |
|
|
Steve (apparently yes, we are on a first name basis) offers up his thoughts on developing APIs for the Cloud in “A Cloud Tools Manifesto.” While the inclusion of the word “manifesto” in the title raised quite the stir (“Manifestogate” is still fresh on the minds of many cloud-oriented people), what really caught my eye is his inclusion of a “mock endpoint” primarily for testing of API based integration and development. This is something that’s increasingly important not just to cloud but to Web 2.0 and social networking sites that provide APIs via which other sites and client applications can...
posted @ Monday, October 05, 2009 4:00 AM |
|
|
Operational efficiency in the cloud comes in part from automation and orchestration as well as from the outsourcing of management and maintenance of the hardware. While you can’t achieve the latter without cloud or hosting externally, you can realize a lot of the same efficiencies in a traditional architecture just by leveraging existing collaborative capabilities of infrastructure 2.0. Glenn Gruber of Software Industry Insights in “Who’ll Be the First to Offer Cash for Infrastructure” (which is a great read in general) says: And for those who are thinking about evaluating a private cloud...
posted @ Tuesday, September 29, 2009 4:12 AM |
|
|
If one of the drivers for moving to cloud-based applications is reducing costs, you should think twice about the placement of application security solutions. There’s almost no way to avoid an argument on this subject so I won’t tiptoe around it: web application security in the cloud is better accomplished at the edge, with a web application firewall or similar solution, than it is inside the cloud in the application. This is true regardless of whether the cloud model is public or private; basically if you’re being charged on a per-usage basis then placement of web application security...
posted @ Monday, September 28, 2009 3:50 AM |
|
|
There’s more than one way to address the rapid rate of change in infrastructure supporting a dynamic environment. We spend a lot of time talking about how software and systems and standards are the ultimate solution to addressing the rapid rate of change in the association between applications and IP addresses in a dynamic infrastructure. But sometimes you have look down the stack to find a simpler, more economical and honestly, elegant, answer to the challenge of managing the problem associated with virtualized and cloud computing architectures. We need to take another look at the link layer...
posted @ Friday, September 18, 2009 3:19 AM |
|
|
AJAX enables the use of network-side scripting enabled application delivery solutions to offload client-side functionality and improve capacity and performance of dynamic (Web 2.0/AJAX) applications. In the last couple of weeks I’ve embarked on a home project to rewrite – from scratch – a couple of web applications that Don and I and friends use on a regular basis. Consider it a very restricted (in terms of users) social networking application, because that’s basically what it is. I made heavy use of AJAX for one component in the past version but have been really leveraging it a lot more...
posted @ Wednesday, September 16, 2009 5:02 AM |
|
|
A load balancing algorithm can make or break your application’s performance and availability It is a (wrong) belief that “users” of cloud computing and before that “users” of corporate data center infrastructure didn’t need to understand any of that infrastructure. Caution: proceed with infrastructure ignorance at the (very real) risk of your application’s performance and availability. Think I’m kidding? Stefan’s SOA & Enterprise Architecture Blog has a detailed and very explanatory post on Load Balancing Strategies for SOA Infrastructures that may change your mind. This post grew, apparently, out of some (perceived) bad behavior on...
posted @ Tuesday, September 08, 2009 4:11 AM |
|
|
Leveraging Java EE and dynamic infrastructure to enable a shared resource, on-demand scalable infrastructure – without server virtualization Many pundits and experts allude to architectures that are cloud-like in their ability to provide on-demand scalability but do not – I repeat do not – rely on virtualization, i.e. virtual machines. But rarely – if ever – is this possibility described. So everyone says it can be done, but no one wants to tell you how. Maybe that’s because it appears, on the surface, to not be cloud. And perhaps there’s truth to that appearance. It is more...
posted @ Wednesday, September 02, 2009 4:03 AM |
|
|
How to leverage a “private virtual cloud” such as Amazon VPC with your own dynamic infrastructure A couple of blog posts on Amazon’s recent announcement of its VPC (Virtual Private Cloud) have made much of the fact that the resources available within Amazon’s cloud via VPC aren’t public. These same commentaries seem to believe that this makes the resources not very valuable. One author called it a “terrible” implementation because “users can’t expose clients to the internet and can’t assign them IP addresses.” I understand how some might reach that conclusion if they...
posted @ Monday, August 31, 2009 3:48 AM |
|
|
Cloud changes how we deliver applications but we’re still delivering applications With all the hype around cloud it’s easy to get caught up in deployment models and architectures and how much money it is/is not going to save us and, of course, with the cool factor that always surrounds such innovation. But when we get our heads too far up in the clouds we forget what we’re really doing: delivering applications. Whether it’s thin-client, fat-client, browser-based, client/server, three-tier, n-tier, traditional, .NET, Java EE, or cloud we are still all focused on the same goal: deliver an application. ...
posted @ Thursday, August 27, 2009 3:57 AM |
|
|
Cloud providers know the secret to a successful cloud computing implementation is integration between the infrastructure and virtualization Ever notice that cloud providers are v e r y reluctant to reveal on what foundation their cloud computing architectures are laid? Most providers don’t want to share their “secret sauce” because, well, then everyone else could get into the game as well. While it is certainly true that the infrastructure – and specifically the application delivery infrastructure – you choose to lay the foundation for a cloud computing architecture can affect your ability to succeed and innovate...
posted @ Tuesday, August 25, 2009 10:17 AM |
|
|
You’re going to need a dynamic infrastructure lest you effectively negate the gains achieved by higher VM densities In the continuing saga of “do more with less” comes a new phrase that’s being tossed around: VM density. For example, VMware puts forth the notion that the Total Cost of Ownership (TCO) of virtualization technology must consider VM density, saying, “Density matters in a many-to-one relationship.” VMware illustrates this concept in the context of TCO, but in general an increasing number of solutions are beginning to tout not only the benefits of higher VM density, but of their solutions ability...
posted @ Monday, August 24, 2009 4:07 AM |
|
|
I was recording a podcast last week on the subject of cloud with an emphasis on security and of course we talked in general about cloud and definitions. During the discussion the subject of “private cloud” computing was raised and one of the participants asked a very good question: Some of the core benefits of cloud computing come from shared resources. In a private cloud, where does the sharing of resources come from? I had to stop and think about that one for a second, because it’s not something I’ve really thought about before. But it was...
posted @ Monday, August 17, 2009 3:34 AM |
|
|
When it comes to availability, coding a solution is just delaying the inevitable Jonathan Howell, in Five Things That Will Kill Your Site – an excellent read, by the way, for all web application developers – asserts that there are several ways to avoid web application death that do not require the implementation of “expensive redundant hardware with top of the line load balancers and an enterprise class SAN.” In general he’s got some good advice to which application developers should pay attention, but I had to disagree with his assertion that a solution to provide graceful degradation...
posted @ Tuesday, August 11, 2009 3:56 AM |
|
|
Why Carr’s analogy doesn’t describe today’s cloud environments and how SOA can get us closer to what he describes Back when cloud first starting drifting in to obscure the computing landscape there were a lot of parallels drawn between it and grid, and a lot of analogies used to explain the concept behind it. Cloud computing is most often analogized using Nicolas Carr’s analogy of the cloud as an electrical grid; that’s always bothered me at almost a visceral level. But I could never articulate why well enough and a lot of smart people told me that if I...
posted @ Monday, August 10, 2009 3:57 AM |
|
|
The “replace” in “rip and replace” essentially means getting rid of old security problems and replacing them with new ones. Twittergate is (thankfully) behind us but it’s almost assuredly going to be the case that we’ll be rehashing this one for a while. This certainly isn’t the first time Twitter and security issues have clashed, and as in the past Twitter (and really any very public application in a similar situation) is the clear loser. And of course there comes the unsolicited advice offered regarding what Twitter needs to do to address its security issues. I am, of...
posted @ Monday, July 20, 2009 3:43 AM |
|
|
Without availability scalability is irrelevant I really enjoyed Jeff Atwood’s recent blog on Scaling Up vs Scaling Out, which includes a fairly detailed comparison of the costs associated with each approach to scalability. I enjoyed it because not only did it take into consideration the cost of hardware, but also remembered to include the cost of software licensing. And of course there’s the fact that Jeff’s site is focused on development and coding, and this discussion broadened the discussion into the realm of application networking – a demesne with which I am of course particularly fond. ...
posted @ Friday, July 10, 2009 3:38 AM |
|
|
Can the inherent abstraction of virtualization succeed where SOA did not? My first read through a post on the Cloud Front Office led me to scoff disdainfully at the re-emergence of a concept central to a successful SOA implementation: the service catalog. Oh, we called it "registry" and then "registry/repository (reg/rep)" and finally "governance" but the concept behind it was exactly the same. Take a gander at the description of a cloud service catalog apparently growing out of discussions that began at Structure 09: Last week I attended Structure 09, one of the...
posted @ Thursday, July 02, 2009 3:39 AM |
|
|
Somebody has to be first Recently Microsoft came up with a solution, supported natively in IE8, to protect against clickjacking attempts. Apparently some folks have decided that because Microsoft has a history of implementing proprietary solutions that this one, too, must be proprietary. These same folks must also have very little understanding of today’s web application architectures, as they declared the solution pretty much useless based on some pretty poor assumptions regarding the implementation of said solution. As noted in the Register, “some critics have contended the protection [X-FRAME-OPTIONS custom HTTP header] will be ineffective because...
posted @ Monday, June 29, 2009 3:15 AM |
|
|
I was chatting with my mother a couple weeks ago about cloud (she’s a used-to-be programmer turned project manager for a Fortune 500. Don’t look at me like that, I keep telling you it runs in the family) and one of the problems she lamented about was that folks don’t seem to understand how entrenched COBOL and the mainframe is in the organization. It’s so entrenched that given the choice between a client-server application and a COBOL application that did the same thing they chose the COBOL program because it was less expensive and they had the knowledge on staff...
posted @ Friday, June 26, 2009 2:50 AM |
|
|
I am not a number, I am a free man! – "The Prisoner", sampled by Iron Maiden (edited because geeks are picky and well, they're right even though I always think of Maiden and Eddie first before getting to the actual origins)
We, meaning everyone who deals with technology for a living, know that the move to IPv6 is inevitable. We simply must migrate in order to maintain the scalability of the Internet and its infrastructure. Well, we could continue to use technologies like NAT and SNAT in order to conserve IPv4 addresses, but really that’s just not practical...
posted @ Monday, June 22, 2009 3:54 AM |
|
|
One of the tasks of an enterprise architect is to design a framework atop which developers can implement and deploy applications consistently and easily. The consistency is important for internal business continuity and reuse; common objects, operations, and processes can be reused across applications to make development and integration with other applications and systems easier. Architects also often decide where functionality resides and design the base application infrastructure framework. Application server, identity management, messaging, and integration are all often a part of such architecture designs. Rarely does the architect concern him/herself with the network infrastructure, as that is...
posted @ Wednesday, June 17, 2009 4:07 AM |
|
|
I’m heading out today for a little time off and so you’ll have to make due the rest of the week without any (new) words of wisdom from me. I know, try to pull yourself together. You’ll live, really, and I’ll be back Monday with something interesting, promise. While I’m out, you might consider checking out some of the blogs I follow myself on a regular basis. They’re always full of interesting tidbits and stories and wisdom on a variety of subjects, and if you don’t follow them yourself you might find something interesting in them. ...
posted @ Wednesday, June 10, 2009 4:25 AM |
|
|
An interesting thing happened on the way to testing that application from the cloud. We broke the innertubes!
Pros and Cons of Application Testing in the Cloud
A firm wanted to test their application and need 100 browser instances. In the old days it would have required 100 machines -- that would be a massive undertaking. Even with hardware virtualization, you would need 5 to 10 machines, and there would be some complex configuration issues. However, by putting it all in the cloud, they were able to sync up 100 virtual instances of the browsers and take them down over...
posted @ Wednesday, June 10, 2009 3:24 AM |
|
|
When SOA was declared dead there was a spate of articles and blogs on why the architecture “died.” Most pundits came to the conclusion that like many innovations it wasn’t the technology to blame but rather people. Architects lacked the skills to properly leverage SOA; business stakeholders failed to look at SOA as a strategic architecture, choosing instead to use it as a tactical integration-solving solution; network and systems’ administrators did not understand the unique characteristics and issues a well-designed SOA raised within the network and on systems; and developers were loathe to “reuse” and “share” services despite alternate...
posted @ Thursday, June 04, 2009 4:07 AM |
|
|
Attackers say, we can go where we want to; we can leave our code behind… There’s probably a raid going on right now in Naxxramas and the attackers are almost certainly doing the Safety Dance. They probably learned the Safety Dance the same way I learned about it; from someone well-versed in its intricate steps. See, if you don’t know the Safety Dance and you come up against Heigan the Unclean, well… he’s not called Heigan the Unclean for nothing. You will not survive. Not even if you happen to have a Holocaust Cloak at...
posted @ Wednesday, June 03, 2009 3:58 AM |
|
|
There is a tendency to describe every device on a network as simply “the network” regardless of whether that device is dedicated to security, or application delivery (layer 4-7), or actual network (layer 2-3) functionality. It’s an artifact of aging data center architecture models that there exists an artificial line of demarcation between web and application servers and everything else. We used to depict “everything else” as a cloud, but with the emergence of The Cloud doing so simply complicates discussions even further because the “network” necessary to support a dynamic, on-demand operational model of computing like “cloud” is more...
posted @ Friday, May 29, 2009 3:49 AM |
|
|
It certainly sounds reasonable: networks are moving toward a perimeter-less model so the line between internal and external network is blurring. The introduction of cloud computing as overdraft protection (cloud-bursting) further blurs that perimeter such that it’s more a suggestion than a rule. That makes the idea of encrypting everything whether it’s on the internal or external network seem to be a reasonable one. Or does it? THE IMPACT ON OPERATIONS A recent post posits that PCI Standard or Not, Encrypting Internal Network Traffic is a Good Thing....
posted @ Thursday, May 28, 2009 4:02 AM |
|
|
There’s apparently been a bit of confusion over what, exactly, F5 thinks of cloud computing as an organization based on a recent blog post. I thought I’ve been fairly clear on where F5 stands in terms of cloud computing but I may be suffering what’s known as the “curse of knowledge”, which means I am so deeply entrenched in F5’s view of cloud that I forget that other people don’t have the luxury of that knowledge. So I’d like to take this opportunity to clear up any misconceptions that may be floating around and just set the record...
posted @ Tuesday, May 26, 2009 4:09 AM |
|
|
As a telecommuter – and one that lives in that technological mecca of the midwest, Green Bay – I don’t often get the chance to talk face to face with, well, anyone. Being conscripted into booth duty at Interop this week means I get to talk to people with real problems and with ones that can quickly bring anyone with their head in the clouds back down to earth. Imagine if you will an application. A real, honest to goodness client-server application. Not web-based, but client-server; like the kind we wrote in Delphi and Visual Basic back in...
posted @ Thursday, May 21, 2009 6:30 AM |
|
|
If they aren’t now then Infrastructure 2.0 may force them in that direction - and vice versa. My brother (yes, it does run in the family) has a degree in computer science which, by most definitions, makes him a developer. That’s the focus of most computer science focused degree programs, much to the chagrin of the myriad other IT-focused specialties like networking, security, and operations. Interestingly enough, he worked his way through college as a sysadmin and his first job out of college was as a sysadmin. And now he’s doing a little of...
posted @ Wednesday, May 13, 2009 3:51 AM |
|
|
Why architecture matters not only to security but to the future of cloud computing It seems the phrase “in the cloud”, sadly, has become a marketing-hyped euphemism for “the Internet.” I say sadly because the use of cloud to refer to every and any service delivered over the Internet dirties up the cloud. It obscures the intent of cloud computing and makes it difficult for technologists in the trenches to get a handle on how cloud – both external and internal – can provide benefits and solutions to problems they have right now. The very loose use of the...
posted @ Monday, May 11, 2009 3:38 AM |
|
|
Brother, can you give a developer a hand? As the topology of networks delivering applications becomes increasingly complex it becomes more and more difficult to troubleshoot problems, especially for developers tasked with figuring out why their “application broke” in production when it was working just fine thank you very much in “DEV” and “QA.” It is rare, after all, that the production environment – including all the moving parts – is duplicated in development and testing environments. It is already difficult enough for developers to track down problems due to the complex nature of application infrastructure...
posted @ Wednesday, May 06, 2009 4:17 AM |
|
|
Finding new life for SOA in the cloud We’ve been having quite a few discussions with analysts over the past few months on the subject of “cloud”. The interesting thing about these discussions is the vast array of points of view from which those analysts are viewing “cloud”. Some are focused on the network aspects, others on pricing/differentiation, and some are even very focused on what “cloud” means to applications – and the organizations that will, allegedly, take advantage of the cloud as a means of application deployment. One such analyst is Daryl Plummer of Gartner. Daryl...
posted @ Tuesday, April 07, 2009 3:37 AM |
|
|
Better performance, reduced costs and data center footprint are not niche-market interests. The fast-paced world of finance is taking a hard look at the benefits of hardware acceleration for performance and finding additional benefits such as a reduction in rack-space via consolidation of server hardware. Rich Miller over at Data Center Knowledge writes: Hardware acceleration addresses computationally-intensive software processes that task the CPU, incorporating special-purpose hardware such as a graphics processing unit (GPUs) or field programmable gate array (FPGA) to shift parallel software functions to the hardware level. ...
posted @ Tuesday, March 24, 2009 3:27 AM |
|
|
Ah, those were the days, weren’t they? When improving the security, reliability, and performance of applications over the LAN, over the WAN, and over the Internet meant you had to deploy many different solutions, each one standing on their own in the data center. When you had to learn how to configure and manage as many devices as you have fingers just to deliver a single business-critical application to users and customers across a wide variety of environments. When there really wasn’t an option because solutions weren’t unified, weren’t contextually aware, and were basically just a bunch of point solutions...
posted @ Monday, March 23, 2009 3:21 AM |
|
|
One of the oft cited reasons in surveys that enterprises aren’t flocking to the cloud like lemmings off a cliff is “lack of control”. Problem is that articles and pundits quoting this reason never really define what that means. After all, cloud providers appear to be cognizant of the need for users (IT) to be able to define thresholds, reserve instances, deploy a variety of “infrastructure”, and manage their cloud deployment themselves. The lack of control, however, is at least partially about control over the infrastructure itself and, perhaps, complicated by the shallow definition of “infrastructure” by cloud...
posted @ Wednesday, March 18, 2009 2:49 AM |
|
|
What’s driving your organizational interest in cloud? Is it apathy or is it architecture? The whole debate surrounding the existence, or non-existence as it were, of “private” clouds seems to revolve around the definition of cloud. Yes, we’re right back at the beginning, Vizzini. The problem is that lots of folks want to focus in on the “apathy” inherent in cloud rather than the “architecture”. Yes, apathy. After all, that’s what we’re saying when we include as a key component of the definition of cloud “you don’t have to care about the infrastructure.” For example, Andrew...
posted @ Monday, March 16, 2009 3:45 AM |
|
|
Ah, those were the days, weren’t they? When you needed a way to add security at several layers to your network and application network infrastructure but knew that implementing a solution capable of securing those pesky applications was more than likely going to end up with poor performance and angry users. When you needed to add something to secure applications and the network against the growing wave of attacks but knew that doing so would negatively impact performance. It was a tough choice, and most people ended up going the route of maintaining application performance at the expense...
posted @ Monday, March 16, 2009 3:39 AM |
|
|
There is no evidence, no research, no surveys that indicate the cloud is, or ever will be, ready to completely outsource an organization’s data center. There’s no reason to even believe that’s the goal of cloud providers, though it might seem a logical conclusion. So making outrageous claims about the capabilities of the cloud, and the relevance of the data center, does no one any good. What’s got me so riled up? This particular statement from a prediction for 2009 from Appirio: But all this talk about “private clouds” is a distraction from...
posted @ Tuesday, March 10, 2009 4:30 AM |
|
|
Ah, those were the days, weren’t they? When you needed a way to inspect data at the edge for application-specific issues but knew that implementing a solution capable of that kind of agility was more than likely going to end up with poor performance and angry users. When you needed to add something to secure applications and the network against the growing wave of attacks but knew that doing so would negatively impact performance. It was a tough choice, and most people ended up going the route of maintaining application performance at the expense of security and optimization...
posted @ Monday, March 09, 2009 4:30 AM |
|
|
During my reading of the Internet I happened across an ad on Network World that stopped me in my tracks. And not because it was one of those “pre-ads” that you can’t avoid, nor because it was cool or flashy or said something particularly witty. No, it stopped me in disbelief because it implied that someone else (a vendor) was in charge of your data center architecture; that you had nothing to do but sit back and wait for them to let you know when it – and you – were ready to take the next step. Look,...
posted @ Monday, March 02, 2009 4:32 AM |
|
|
If you’re looking at standardization and interoperability efforts only as they relate to providers or end-users then you’re not thinking long term nor are you really considering the potential of cloud computing and virtualization to revolutionize data center architectures. In a nutshell, if you equate “cloud” with “providers like Amazon and Google” then you don’t really get the big picture. While the ultimate goal of cloud specifications and standards is to enable interoperability and ease of migration for the end-user, approaching the creation of such standards from the point of view of the end-user will result in a...
posted @ Monday, February 23, 2009 4:06 AM |
|
|
When folks are asked to define the cloud they invariably, somewhere in the definition, bring up the point that “users shouldn’t care” about the actual implementation. When asked to diagram a cloud environment we end up with two clouds: one representing the “big cloud” and one inside the cloud, representing the infrastructure we aren’t supposed to care about, usually with some pretty graphics representing applications being delivered out of the cloud over the Internet. But yet some of us need to care what’s obscured; the folks tasked with building out a cloud environment need to know what’s...
posted @ Wednesday, February 18, 2009 4:14 AM |
|
|
The issue of application state and connection management is one often discussed in the context of cloud computing and virtualized architectures. That's because the stress placed on existing static infrastructure due to the potentially rapid rate of change associated with dynamic application provisioning is enormous and, as is often pointed out, existing "infrastructure 1.0" systems are generally incapable of reacting in a timely fashion to such changes occurring in real-time. The most basic of concerns continues to revolve around IP address management. This is a favorite topic of Greg Ness at Infrastructure 2.0 and has been subsequently addressed...
posted @ Tuesday, February 10, 2009 7:59 AM |
|
|
Rich Miller, in response to some questions I maintain on meta-data ownership and interoperability with regards to the CCIF's efforts in defining a cloud interoperability specification, had some questions of his own: The part I'm itching to ask her about ... or start a more open conversation: the possibility of "a specification regarding application network delivery metadata" which, if properly (??) abstracted and generic, could "allow the meta-data policies to be transported and applied across different cloud implementations while preserving the specific details of implementation within the cloud computing infrastructure." Whoa!! Tall order, isn't it? ...
posted @ Monday, February 09, 2009 4:19 AM |
|
|
The webification of applications over the years has led to the belief that client-server as an architecture is dying. But very few beliefs about architecture have been further from the truth. The belief that client-server was dying - or at least falling out of favor - was primarily due to fact that early browser technology was used only as a presentation mechanism. The browser did not execute application logic, did not participate in application logic, and acted more or less like a television: smart enough to know how to display data but not smart enough to do anything...
posted @ Monday, February 02, 2009 4:38 AM |
|
|
We've been talking a lot about the benefits of Infrastructure 2.0, or Dynamic Infrastructure, a lot about why it's necessary, and what's required to make it all work. But we've never really laid out what it is, and that's beginning to lead to some misconceptions. As Daryl Plummer of Gartner pointed out recently, the definition of cloud computing is still, well, cloudy. Multiple experts can't agree on the definition, and the same is quickly becoming true of dynamic infrastructure. That's no surprise; we're at the beginning of what Gartner would call the hype cycle for both concepts, so...
posted @ Wednesday, January 28, 2009 7:19 AM |
|
|
Much of the dialogue today surrounding cloud computing and virtualization is still taking the 50,000 foot view. It's all conceptual; it's all about business value, justification, interoperability, and use cases. These are all good conversations that need to happen in order for cloud computing and virtualization-based architectures to mature, but as is often the case that leaves the folks tasked with building something right now a bit on their own. So let's ignore the high-level view for just a bit and talk reality. Many folks are being tasked, now, with designing or even implementing some form of a cloud...
posted @ Friday, January 23, 2009 4:51 AM |
|
|
If you've taken the time to read over the "Top 25 Most Dangerous Programming Errors" published by SANS recently, you may (or may not) have noticed that CWE-319 is an anomaly, and should be easily picked out by developers and security professionals in a game called "which one of these is not like the other". CWE-319 If your software sends sensitive information across a network, such as private data or authentication credentials, that information crosses many different nodes in transit to its final destination. Attackers can sniff this...
posted @ Monday, January 19, 2009 3:57 AM |
|
|
You may recall a recent overview on network-side scripting that described a few uses of this technology integrated with application delivery controllers. With thousands of examples of the uses of network-side scripting it's hard to choose just one to adequately represent its potential. Luckily, we don't have to stick to just one. Viva la Internet! Based on the technical session the great network-side scripting guru Colin and I ran at SD Best Practices in October, I've pulled nine ways to use network-side scripting that can enhance the scalability, security, and performance of web applications into a presentation for...
posted @ Thursday, December 11, 2008 4:04 AM |
|
|
SOA is, at its core, a design and development methodology. It embraces reuse through decomposition of business processes and functions into core services. It enables agility by wrapping services in an accessible interface that is decoupled from its implementation. It provides a standard mechanism for application integration that can be used internally or externally. It is, as they say, what it is. SOA is not necessarily SOAP, though until the recent rise of social networking and Web 2.0 there was little real competition against the rising standard. But of late the adoption of REST...
posted @ Friday, December 05, 2008 3:33 AM |
|
|
Thanks to a tweet from @Archimedius, I found an insightful blog post from cloud computing provider startup Kaavo that essentially makes the case for a move to application-centric management rather than the traditional infrastructure-centric systems on which we've always relied. We need to have an application centric approach for deploying, managing, and monitoring applications. A software which can provisions optimal virtual servers, network, storage (storage, CPU, bandwidth, Memory, alt.) resources on-demand and provide automation and ease of use to application owners to easily and securely run and maintain their applications will be critical for the...
posted @ Monday, December 01, 2008 2:59 AM |
|
|
Horizontal scalability achieved through the implementation of a load balancing solution is easy. It's vertical scalability that's always been and remains difficult to achieve, and it's even more important in a cloud computing or virtualized environment because now it can hurt you where it counts: the bottom line. Horizontal scalability is the ability of an application to be scaled up to meet demand through replication and the distribution of requests across a pool or farm of servers. It's the traditional load balanced model, and it's an integral component of cloud computing environments. Vertical scalability is the ability of...
posted @ Tuesday, November 25, 2008 3:29 AM |
|
|
The diseconomy of scale so adversely affecting the IP address management space isn't limited to network infrastructure; it's crawling up the stack steadily and infecting all layers of the data center like some kind of unstoppable infrastructure management virus. That is why, even with the simple act of managing an enterprise network’s IP addresses, which is critical to the availability and proper functioning of the network, actually goes up as IP addresses are added. As TCP/IP continues to spread and take productivity to new heights, management costs are already escalating. -- Greg Ness, "What Are the Barriers to...
posted @ Monday, November 24, 2008 3:47 AM |
|
|
Amidst the hype of cloud computing and virtualization have been the publication of several research notes regarding SOA. Adoption, they say, is slowing. Oh noes! Break out the generators, stock up on water and canned food! An article from JavaWorld quotes research firm Gartner as saying: The number of organizations planning to adopt SOA for the first time decreased to 25 percent; it had been 53 percent in last year's survey. Also, the number of organizations with no plans to adopt SOA doubled from 7 percent in 2007 to...
posted @ Friday, November 21, 2008 3:09 AM |
|
|
Load balancing an application should, by now, be a fairly routine scaling exercise. But too often when an application is moved into a load balanced architecture it breaks. The reason? Application sessions are often specific to an application server instance. The solution? Persistence, also known as sticky connections. The use of sessions on application servers to add state to web (HTTP) applications is a common practice. In fact, it's one of the greatest "hacks" in the history of the web. It's an excellent solution to the problem of using a stateless application protocol to build applications for which...
posted @ Wednesday, November 19, 2008 3:40 AM |
|
|
While I was at SD Best Practices in Boston last month I got to talk to a lot of engineers, developers, and architects about their environments and about what F5 does for application delivery. One of the developers glibly told me he wasn't sure we could help him out because his environment was the international space station. Yeah, how cool is that? Now that's cloud computing. Another architect, who turned out to be a friend of a friend who I've conversed with but never met in person said the same thing, but...
posted @ Friday, November 14, 2008 3:08 AM |
|
|
Whenever there is a shift in architectural thinking about technology, such as is happening right now with cloud computing and virtualization, we start thinking forward, past the now, and into the future about how that technology might be leveraged. We start looking at the impact to architecture from the top of the stack to the bottom. For a company that's focused on application delivery, that means taking a good hard look at how that new technology might impact the architecture of applications. It's been suggested that perhaps, just maybe, we'll see service-oriented clouds; that the concepts of SOA...
posted @ Wednesday, November 12, 2008 8:52 AM |
|
|
It is often the case that application server clustering and load-balancing are mistakenly believed to be the same thing. They are not. While server clustering does provide rudimentary load-balancing functionality, it does a better job of providing basic fail-over and availability assurance than it does load-balancing. In fact, load balancing has effectively been overtaken by application delivery, which builds on load balancing but is much, much more than that today. Clustering essentially turns one instance of an application server into a controlling node, a proxy of sorts, through which requests are funneled and then distributed amongst several...
posted @ Tuesday, November 11, 2008 7:05 AM |
|
|
When SOA was the hot topic of the day (not that long ago) everyone was pumped up about the ability finally align IT with the business. Reusability, agility, and risk mitigation were benefits that would enable the business itself to be more agile and react dynamically to the constant maelstrom that is "the market". But only half of IT saw those benefits; the application half. Even though pundits tried to remind folks that the "A" in SOA stood for "architecture", and that it necessarily included more than just applications, still the primary beneficiary of SOA has been applications...
posted @ Monday, November 10, 2008 8:23 AM |
|
|
The VirtualDC has asked the same question that's been roaming about in every technophile's head since the beginning of the cloud computing craze: what defines a cloud? We've chatted internally about this very question, which led to Alan's questions in a recent blog post. Lori and others have suggested that the cloud comes down to how a service is delivered rather than what is delivered, and I’m fine with that as a long term definition or categorization. I don’t think it’s narrow enough, though, to answer the question “Is Gmail a cloud service?” because...
posted @ Wednesday, November 05, 2008 6:53 AM |
|
|
How the cloud acts and is used is more important than where it physically resides Cloud computing and SOA suffer from the same lack of prescriptive architectures. They are defined by how they act rather than what they are, or from what they are composed. They are, in a way, existential technology that cannot be confined to a simple architectural diagram but require instead a set of properties or ways of acting in order to be recognized. To over simplify and paraphrase Jean-Paul Sartre's concepts of existentialism, we define ourselves (mankind) through our actions. To apply this to...
posted @ Monday, November 03, 2008 3:29 AM |
|
|
We all understand the lines in the sand (or the architectural diagram) that separate client-side scripting from server-side scripting. It's very clear that client-side scripting, e.g. JavaScript, VBScript, ActionScript, executes on the client while server-side scripting, e.g. PHP, ASP, executes on the server. But what about network-side scripting?
"There is no such thing!" might be the first response to this question, but I beg to disagree. Programmable proxies, a la F5's BIG-IP Local Traffic Manager, that provide a scripting language such as iRules, are simultaneously client-side and server-side, with the best definition to describe their placement in architectures being network-side...
posted @ Friday, October 31, 2008 5:26 AM |
|
|
I'm off Monday to Boston for SD Best Practices. This is the first time I (and F5) have been at the show, and we're all excited about the opportunity to meet some new folks. Monday is a busy day, with travel and our keynote, "The Best Kept Secret in Building Scalable Applications." Wednesday, fellow blogger Colin and I will be running a technical session on the "9 Things You Can Do to Build Scalable Applications (and 3 You Can't)" that promises to be a lot of fun. In between our speaking engagements, we'll be hanging out...
posted @ Friday, October 24, 2008 8:26 AM |
|
|
I'm in a bit of mood after reading a Javaworld article on server load balancing that presents some fairly poor ideas on architectural implementations. It's not the concepts that are necessarily wrong; they will work. It's the architectures offered as a method of load balancing made me do a double-take and say "What?" I started reading this article because it was part 2 of a series on load balancing and this installment focused on application layer load balancing. You know, layer 7 load balancing. Something we at F5 just might know a thing or two about. But you...
posted @ Friday, October 24, 2008 7:55 AM |
|
|
You have just been promoted to CTO of Widgets, Inc. (Congratulations, by the way!) In your new role, on which of the following will you focus the most attention (and budget): (a) the network (b) the applications (c) the data Trick...
posted @ Thursday, October 23, 2008 4:40 AM |
|
|
If you're excited about the automation capabilities of cloud computing and virtualization, you are going to love this solution. In a virtualized environment where applications can ostensibly be popping up all over, and applications are no longer tied to specific servers, there is a need to automatically manage these application instances in a high-availability (load balanced) environment. What you need is the ability to automagically add and remove application instances from the application delivery controller (load balancer) so you don't have to worry about tying those applications down, which could reduce the benefits typically associated with virtualization. If...
posted @ Tuesday, September 30, 2008 4:49 AM |
|
|
It seems that every time a new technology breaks through the surface a hundred "experts", vendors, and standards-bodies appear like moths to a flame attempting to define the term such that only "they" have the answer, the solution, the standard, or the product. When my son mentioned a research paper he wrote on cloud computing (which you still haven't sent me, by the way) he did so while disagreeing with a previous post of mine on the subject. He was quite vehement that grid computing did not equal cloud computing, and seemed almost shocked that I would dare...
posted @ Monday, September 29, 2008 11:07 AM |
|
|
No one likes to hear that they need to rewrite or re-architect an application because it doesn't scale. I'm sure no one at Twitter thought that they'd need to be overhauling their architecture because it gained popularity as quickly as it did. Many developers, especially in the enterprise space, don't worry about the kind of scalability that sites like Twitter or LinkedIn need to concern themselves with, but...
posted @ Friday, September 19, 2008 5:09 AM |
|
|
David Linthicum of Real World SOA asks whether SOA governance should be delivered as a service, from the cloud. Core to this proposition is the use of a registry/repository in the cloud: This repository would provide more than just WSDL, but a complete design time and runtime SOA governance system delivered out of the cloud, perhaps linked with a local slave repository within your firewall. One of the problems with this, I see, is that in a SOA where governance is actively used and policies enforced, governance becomes crucial to...
posted @ Tuesday, September 09, 2008 4:17 AM |
|
|
In general, we talk a lot about the benefits of SOA in terms of agility, aligning IT with the business, and risk mitigation. Then we talk about WOA (web oriented architecture) separately from SOA (service oriented architecture) but go on to discuss how the two architectures can be blended to create a giant application architecture milkshake that not only tastes good, but looks good. AJAX (Asynchronous JavaScript and XML) gets lumped under the umbrella of "Web 2.0" technologies. It's neither WOA nor SOA, being capable of participating in both architectural models easily. Some might argue that AJAX, being...
posted @ Tuesday, September 02, 2008 3:50 AM |
|
|
Elasticity (adj) the ability of a cloud computing environment to expand or contract automatically on-demand according to real-time computing needs One of the promises of an on-demand cloud computing environment (that's redundant, I think) is the ability to burst resources. Much in the same way that ISPs have long offered contracts that include the ability of the organization to exceed its allotted bandwidth for a fee, it is expected that cloud computing providers offer a mechanism for "bursting resources" that allows an organization to exceed its agreed upon resources for a fee, based on any number of factors such...
posted @ Thursday, August 28, 2008 7:04 AM |
|
|
We all know that SOA stands for Service Oriented Architecture, right? Gaurav Sharma over at Infosys-Oracle has another definition of SOA and it really fits well with both the business and IT goals surrounding SOA. Gaurav redefines SOA as Scalable, Open, and Adaptable, and then walks through how Oracle solutions fit this definition. This actually makes a lot of sense, because open and adaptable are inexorably tied to SOA as an architectural methodology. SOA is built on open standards like SOAP, WSDL, and XML and its meta-data driven execution style is highly adaptable, making it flexible or, in...
posted @ Thursday, August 07, 2008 5:20 AM |
|
|
One of the most well-kept secrets in technology is the extensibility of HTTP. It's one of the reasons it became the de facto application transport protocol and it was instrumental in getting SOAP off the ground before SOAP 1.2 and WS-I Basic Profile made the requirement for the SOAP Action header obsolete. Web browsers aren't capable of adding custom HTTP headers on their own; that functionality comes from the use of client-side scripting languages such as JavaScript or VBScript. Other RIA (Rich Internet Applications) client platforms such as Adobe AIR and Flash are also capable of adding HTTP...
posted @ Wednesday, August 06, 2008 4:07 AM |
|
|
In reading through ZapThink's latest post regarding the "Great ESB Controversy of 2008" it occurred to me that it is quite possible, and probably likely, that the issue of ESB use primarily revolves around whether you're doing SEA or SOA. Yes, I know. You've never heard of "SEA" before. That's because I just made it up to describe the difference between a service-enabled architecture and a service-oriented architecture. And there is a difference. A SOA (service oriented architecture) implies that an architecture has been designed around the concept of services. A SEA (service enabled architecture) implies...
posted @ Friday, August 01, 2008 8:02 AM |
|
|
Alistair Croll has a great post on GIGAOM discussing how networking vendors will need to change in order to support a cloud computing infrastructure. He outlines two options for networking vendors that will keep them relevant in a cloud computing environment. In option number one he postulates that virtual appliances are the way to go, that the "pendulum swings back to software". Option number two revolves around sales strategy, and he suggests that networking vendors will need to sell to the providers of the cloud. That makes sense to me. If you want to be a...
posted @ Wednesday, July 30, 2008 5:11 AM |
|
|
Outside of the technology world a lot of products are billed as "one size fits all". Anyone who's purchased such a product generally knows, no, no they don't. They're close, but never a truly good fit. Inside the technology world we know better. Software and solutions are never a "one size fits all" proposition, that's why so many business software solutions are "customizable": ERP (enterprise resource planning), CRM (customer relationship management), workflow, automation, and portals. Just about every software solution you can purchase these days takes a customizable approach to actually meeting the needs of the business. ...
posted @ Monday, July 28, 2008 6:46 AM |
|
|
I'm going to give you an engine low to the ground. An extra-big oil pan that'll cut the wind underneath you. That'll give you more horsepower. I'll give you a fuel line that'll hold an extra gallon of gas. I'll shave half an inch off you and shape you like a bullet. When I get you primed, painted and weighed... ...
posted @ Friday, July 25, 2008 11:30 AM |
|
|
There is an interesting war being fought in the blogosphere over the use (or overuse) of ESB (enterprise service buses) to build out a SOA (service oriented architecture). It certainly appears that Dave Linthicum is taking on the role of Leonidas and the Spartans at the battle of Thermopylae while everyone else is on the side of Xerxes and the Persians. Dave is defending his view that ESBs are overused and often, apparently, misused against a host of ESB and SOA focused bloggers like Joe McKendrick and Jeff Schneider. But everyone is talking in abstractions, and...
posted @ Thursday, July 24, 2008 5:35 AM |
|
|
I do an awful lot of talking about SOA: problems, challenges, concepts, solutions, security, products. But I don't often present "the big picture", and certainly rarely discuss how F5 and SOA go together like ice-cream and pretzels. I know, that isn't a traditional simile, but if you've ever tried hot pretzels and ice-cream you might agree with me in saying that while they don't sound like they go together they really do, and they do so well. It's also applicable because when you think of ice-cream you don't immediately think of pretzels, and I'm fairly certain...
posted @ Tuesday, July 22, 2008 4:17 AM |
|
|
Bob owns a widget shop. Now this widget shop is not your ordinary widget shop, because the widgets are made from Swarovski crystal. Very expensive stuff. Bob is aware that losing any number of his widgets would be financially devastating, and the negative press he'd receive would darken his shop's reputation. So he's invested in a very modern physical security system that utilizes electronic locks on all the doors, and includes all the newest laser motion detection technology. It's further connected to a monitoring service just in case, so he'll know if security has been breached and can...
posted @ Wednesday, July 02, 2008 4:58 AM |
|
|
Individual servers in a farm may be expected to fail, but the site - that's a different story Tom's Hardware has an interesting look at an architecture I'm going to call "built to fail". This architecture is focused on building a fault tolerant site, not necessary a fault tolerant web application infrastructure. While the author of the article implies that this architecture is something new, it's really not except in the sense that today's Web 2.0 app providers might not care if a server is lost because it's cheap to replace while other, more cost conscious organizations...
posted @ Tuesday, May 27, 2008 5:00 AM |
|
|
With apologies to the writers of Amadeus MOZART [The fresh SOA Architect] But it's new, it's entirely new. It's so new, people will go mad for it. For example, I have an activity in the second step - it requires calls to two services in parallel. Then a third service is called to verify the name of the customer, and a fourth to perform some security checks. Then a logging service makes five and so on. On and on, six, seven, eight! How long do you think I can sustain that? ...
posted @ Thursday, May 08, 2008 10:56 AM |
|
|
No Service is An Island
No one has ever claimed that processing of XML was speedy. Indeed, my reaction to the results of the first test I ever conducted on SOA Security Gateways back in 2003 was to test them again. And again. It turns out that this was actually okay, as a subsequent review of the application servers these devices were protecting weren't capable of keeping up anyway.
But that was back in 2003, right? Things have gotten better, haven't they?
Well, yes and no. Another round of testing in 2005 showed that while the devices offloading XML processing...
posted @ Friday, January 19, 2007 12:09 PM |
|
|
|
|
|
|
