Monday, July 13, 2009

Cloud Application Architectures

Holidays in beautiful Umbria (Italy) give the opportunity to do some reading. With a strong interest in clould computing, I read Cloud Application Architectures by Georges Reese this summer. Around the same time last year (2008), I read Programming Amazon Web Services by James Murty.

The book "Programming Amazon Web Services" was really good in 2008. It describes the different Amazon offerings and how to invoke the API's using Ruby. But Amazon is extending its offering a a rapid pace, e.g. with fixed IP addresses and block storages (like NAS). So James Murty's book is in need for a 2nd edition.

"Cloud Application Architecture" goes up the stack to a higher abstraction level and explains how to deploy ("architect") application on the Amazon cloud. Georges Reese has gained practical experience while deploying the Valtira (Web Marketing) application on Amazon.

Reese covers some very interesting topics:
  • Load balancing with software load balancer in the cloud vs. HW load balancer on premise
  • Cost comparison with sample calculation; : making the comparison with operating application on own hardware or in the cloud
  • (High) Availability with some sample calculations
  • Use of stateless application servers
  • (Virtual) Machine images: outweihing generic vs. specific machine images; the use of startup-scripts with user-data
  • Privacy: example on how to separate private information and encrypt it with key generated for each customer/partner/...
  • Database management: outweighing clustering vs replication, whereby replication is usually considered the better option; the slave(s) can be used for read operations and backups; solutions for primary key generation and optimistic locking
  • Data Security: e.g. through file system encryption
  • Network security: security groups as alternative to firewalls, the fact that network intrusion detection cannot be used in Amazon context, why network level encryption still makes sense even if machine cannot see eachother's traffic at Amazon, system hardening (Bastille), Host intruction detection (OSSEC), anti-virus
  • Disaster Recovery, backups, recovery, redundancy,
  • Scaling & capacity planning, the non-sense of auto-scaling
A real joy to read, but sometimes I would have loved that the author went into some more depth. One thing definitely became clear to me: deploying application on the (Amazon) cloud requires specific approaches and skills with obviously a sound and well-thought architecture. Also specific tools will be helpful and needed: Rightscale and enStratus are mentioned in the book. That's probably the reason why Reese is also the CTO of enStratus.

We may expect many more cloud books in the coming months but "Cloud Application Architectures" brings quality content well ahead of the pack.

PS: podcast with interview of George Reese available here, same quality and content

No comments: