Posts Tagged ‘Hosting’



Worse Than Failure

Friday, June 12th, 2009

Whether you have your own shop or host your gear somewhere else, this week’s horror story at VAserv should serve as a wake-up call if you’re responsible for safeguarding vital company data, especially your customer’s data.

To briefly sum up the story, hackers took out 100,000, (yes 100,000) web sites, many of them permanently, in an evening’s worth of work.   Just restore the backup, you say?  Not so fast.

VAserv basically offers low-cost Web hosting services using virtualized private servers based on HyperVM. As of Wednesday morning, it was not clear how many of its customers — many of them based in the U.S — had irretrievably lost data in the attack. That number could be high, though, because half of those affected had apparently signed up for an unmanaged service that doesn’t include backups, according to the Register. [emphasis added]

 
And for those customers that did sign up for backup?

A note on VAserv’s Web site, which is now just a text document with details on the company’s restoration efforts, claimed its staff had been working “tirelessly” over the last 48 hours. “However, we have now reached the end of all of our servers, and as such, if your server is not currently up, or not partly up, then it is unfortunate that you will have lost your data due to this third-party attack,” the note said.

Oh the humanity, indeed. ComputerWorld’s Jaikumar Vijayan receives this week’s Master of the Understatement award:

The continuing fallout from a hacking incident at U.K.-based Web hosting company VAserv should serve as a powerful reminder that companies need proper data backup and disaster recovery procedures. The incident, which could result in a fire sale of VAserv to another hosting provider, is also an especially stark example of the kind of havoc that a malicious attacker can wreak on businesses.  [more emphasis added]

 
Can you say ‘class action lawsuit?’

Attempts to reach Rus Foster, VAserve’s director via e-mail and phone were unsuccessful. But the terse updates on the company’s Web site and the thousands of customer posts on a discussion forum painted a picture of total chaos.

I’ve personally reached the end of my physical and emotional tether” Foster wrote in one post on the discussion forum late Tuesday evening. “We have worked pretty much continuously for the last few days firefighting.”

Foster wrote in a post that suggested he was putting the company up for sale. In his note, Foster said he had two options: Do what’s best for the customer base by getting “some big boys in behind” to help get things back up and running. The other he said was to simply “Run away and hide and just say to everyone “good bye”"

 
Run away and hide?  When did that become a viable option for gross negligence?  No one can outrun the long arm of the Bar Association.

matrix42

I’m reminded of a line from The Architect’s classic speech: “There are levels of survival we are prepared to accept.”   There are clearly plenty of folks that seem comfortable managing their IT shops that way.  We see it all the time when we look at their backup strategies and disaster plans, if they have any.  It seems to me that being totally wiped out or having to sell our companies because of something so easily preventable as failed backups is not one of those acceptable levels. But wait, it was those scoundrels the hackers, wasn’t it?  They caused the problem, and they killed the company.  No they didn’t. To be sure, the hackers wreaked havoc, but what they really did was expose the ultimate game-ending event: no backups. Had proper backup procedures been in place and restores regularly tested, the incident would have been merely one of  downtime and possibly SLA penalties. (Yes. I know credit card data was also stolen, but that’s not necessarily a game-ender.)

Being an infrastructure company, we routinely preach about the need for proper backup and restore procedures, and the need to test them.  Sadly, it often falls on deaf ears, and while we do occasionally read an obituary like VAserv’s,  death-by-no-backups is happening all the time in companies you’ll never hear about.

There’s another quote I like from the Matrix: “You hear that Mr. Anderson?  That is the sound of inevitability…it is the sound of your death…”   If you aren’t testing your ability to restore your backups (you do have them don’t you?) , the sound of inevitability may be tolling for you.

Hope is not a strategy.  If backups and restores stress you out, or you’re just hoping they’ll be there when you need them, consider handing it all over to a group of people who live and breathe it. They actually enjoy backups, and they’ll take good care of your gear too.

//spk

Post to Twitter Tweet This Post to Delicious Delicious Post to Digg Digg This Post Post to StumbleUpon Stumble This Post

Tags: , , ,
Posted in Backup/Restore, Disaster Recovery | 2 Comments »

Infrastructure Friday

Friday, May 29th, 2009

Since only Robinson Crusoe had the luxury of getting everything done by Friday, the rest of us have to come up with other strategies to get all of the things done necessary to properly serve our customers.   To help with this in our own data center, we’ve have a pseudo-tradition called Infrastructure Friday.  This is not to be confused with Redneck Tuesday:

redneckhorseshoes

On Infrastructure Fridays, members of the data center team who normally don’t work out on the floor put down email, IM and PDAs, roll up their sleeves, and step into the data center to help get some of the “real” work done.  To keep IT running smoothly, we sooner or later have to stop talking about it and actually go and do something about it.   That “something” we do includes taking care of ongoing operational details and implementing new functionality that maintain or improve reliability.

Like many other things, excellent  performance in the data center is all about execution and details.   Focus on the details and the big picture will take care of itself, or as Mel Gibson advised his young son in The Patriot, “Aim small, miss small.”    What sort of details are we talking about on Infrastructure Friday?

  • Not just performing rack inspections, but actually correcting any problems found.
  • Not just noting network latency issues, but getting the right people involved to isolate and resolve them.
  • Not just checking that critical monitoring systems in the NOC are healthy, but verifying they are actually working by simulating failures.
  • Not just verifying that operational documentation is current and complete, but actually updating it if it’s not.
  • Not just checking parts inventories (patch cables, cable management supplies, etc), but placing the orders to replenish supplies.
  • Not just validating that data center standards are being followed (equipment mounted for proper air flow, floor tile placement, etc) , but actually correcting violations.
  • Not just noting that wire management is shoddy, but actually making it better.
  • Not just complaining that critical patch cables aren’t labeled, but actually getting out the label machine and doing the labeling.
  • Not just finding hot spots in the electrical system, but scheduling the downtime required to avert a future disaster.

Hopefully the theme is obvious.  On Infrastructure Friday, the goal isn’t to grouse about problems, it’s to fix them.

On a happier note, what sort of cool new functionality might we install on Infrastructure Fridays to improve reliability?  That’s a shorter list probably not worthy of a set of bullets, but it typically involves installing new or upgraded monitoring capabilities in the NOC,  adding additional monitoring instrumentation out on the floor, improving the quality and types of information on the master dashboards, and continuing to implement automated processes  to lessen the chance of unplanned downtime.    But again the theme is the same:  take action.

In the day-to-day blur of activity required to keep a live data center running, the Oughta List of things (we ought to do this, we ought to do that)  that would improve reliability grows week by week, but never seem to get done because of the tryanny of the urgent.  We find ourselves officially declared Too Busy to work on the Oughta List and before we know it, an outage occurs and the Oughta List suddenly becomes an embarrassing Shoulda List.

Infrastructure Friday is designed to overcome Oughta List inertia.  With a “try me” cost of zero, it has pretty good ROI.

//spk

Post to Twitter Tweet This Post to Delicious Delicious Post to Digg Digg This Post Post to StumbleUpon Stumble This Post

Tags: , , , , , , ,
Posted in Data Center | No Comments »

Sun, The Clouds, And The IBM Blue Sky

Thursday, April 9th, 2009

In a front page article in the April 6th Wall Street Journal, we’re told that an IBM/Sun merger would result in IBM owning 42% of the $53 billion server hardware market, based on 2008 factory revenue numbers provided by IDC.

idcservermarketWith already a third of the market in hand, it hardly seems likely that IBM could be interested in Sun for the hardware.  Such a  move wouldn’t give IBM much of an edge against close rival HP in the corporate space.  Outside of academia and other niches where workloads push performance envelopes to the limit, Sun is just not a big player in corporate computing.  The sales figures make that pretty obvious.

Clearly, it’s not about market share – IBM is after something else.

Press pause on that thought for a moment and think about how many times you’ve read about cloud computing recently. Personally, I’ve reached the saturation point, because the word has been commandeered by marketing departments and spun to mean whatever fits a vendor’s product line.

A short history lesson tells us all we need to know about cloud computing.  In the 1800′s  power generation was the responsibility of  those who needed it. Be it steam, water, or electricity, if I had factory with electrical machinery and lights, I had to generate my own power, and if you needed power, so did you.   And both of us had the hassles of building, operating, and maintaining a power generation infrastructure which, by the way, was not our core business.    Power was necessary to the operation, but it was not the product or service we delivered for profit.

Eventually Edison and Westinghouse figured out how to transmit electricity, and entrepreneurs realized if they could build a Really Big Generator and implement a delivery method, they could sell power to industrial users.    The case from the entrepreneurs to business was clear: “Let us worry about the hassles of generating power so you can focus on your core business, and oh by the way, it’s going to cost a lot less than doing it yourself.”

Fast forward to the present…has the light just come on (pun intended)?   Cloud computing is nothing more than the name-du-jour for the centralization of computing resources so that they can be delivered as a utility service.  Nothing more, nothing less.

So what’s this got to do with IBM?   The answer lies in the rest of the electrical power generation story.  History shows that small generation companies were indeed started and did successfully deliver power to local business for profit.  The model worked, in fact so well that consolidation soon began to take place within the new electric “utility” industry.  Those in the business realized that the biggest fish was really going to win big.   Moreover, the biggest players early in the game were positioned to be the biggest winners after the first big wave of electrical utility consolidations was complete.

It appears that IBM knows its history and wants to be a big player early in the cloud computing game.  Sun is already way ahead of  IBM in the race to deliver computing as a utility.   Amazon and Google were out there first to be sure, but at this early stage in the cycle there is still plenty of room, and it seems like IBM wants to be an early player – a Very Big early player.   IBM may be hoping to paint the clouds in the sky IBM blue in an effort to create a lot of green for its shareholders.

At this point it would not be Al Franken-esque to ask “How does this affect me?”

Like the early days of power generation, most businesses are all still “generating their own power” with their own in-house infrastructures.   When so-called “cloud” computing really goes mainstream, those days will be over.    Cost will inevitably drive the equation in favor of the utility model.

When I first began suggesting this several years ago, I quickly achieved madman status in the eyes of some of my peers and business associates, but it’s getting closer to becoming reality every day.

martyfeldman

Begin to think how your job will change when your server room is gone.    You will still need to keep things running, but the way you do it will be very different. Will your business cards also change?  Perhaps to an address in the clouds?

If you want to get some early comfort working in a cloud before it’s thrust upon you, I know of a good hosting data center where you can get your feet wet.

Post to Twitter Tweet This Post to Delicious Delicious Post to Digg Digg This Post Post to StumbleUpon Stumble This Post

Tags: , , , , , ,
Posted in Cloud Computing, Hosting | 2 Comments »


Twitter links powered by Tweet This v1.6.1, a WordPress plugin for Twitter.