Why would you not want to use Cloud Computing

Question

Our company is considering moving from hosting our own servers to EC2 and I was wondering if this was a good idea.

I have seen a lot of stuff about can cloud computing (and specifically EC2) do x, or can it do y, but my real question is why would you NOT want to use it?

If you were setting up a business, what are the reasons (outside of cost) that you would choose to go through the trouble of managing your own servers?

I know there are a lot of cost calculations you can put in regarding bandwidth, disk usage etc, but there are of course, other costs regarding maintenance of your own server. For the sake of this discussion I am willing to consider the costs roughly equal.

I seem to remember that Joel Spolsky wrote a little blur on this at one time, but I was unable to find it.

Anyone have any reasons?

Thanks!

Answer 1

The big one is: if Amazon goes down, there's nothing you can do to bring it back up.

I'm not talking about doomsday scenarios where the company disappears. I mean that you're at the mercy of their downtime, with little recourse of your own.

Answer 2

Lack of control.

Answer 3

Unanswered security questions.

Really, do you want your IP out there, where you're not the one in control of it?

Answer 4

• Security -- you don't know what is being done to your data
• Dependency -- your business is now directly intertwined with the provider

Answer 5

Highly sensitive data might be better to control yourself. And there's legislation; some privacy sensitive information, for example, might not leave the the country.

Also, except for Microsoft Azure in combination with SDS, the data stores tend to be not relational, which is a nuisance in certain cases.

Answer 6

Putting your software on someone else's cloud represents handing over some control. They might institute a file upload size limit, or memory limits which could ruin your application. A security vulnerbility in their control panel could get your site hacked.

Answer 7

Maybe concern that that big a company will more likely be approached by an Agent Smith from the government to spy on everyone that a little small provider somewhere.

Big company - more customers - more data to aggregate and recognize patterns - more resources to organize a sophisticated watch system.

Maybe it's more of a fantasy but who ever knows?

If you don't have a paranoia it doesn't mean yet that you are not being watched.

Answer 8

Most cloud computing environment are at least partially vendor specific. There's no good way to move stuff from one cloud to another without having to do a lot of rewriting. That sort of lock-in puts you at the mercy of one vendor when it comes to downtime, price increases, etc. If you rent or own your own servers, hosting providers and colos are pretty much interchangeable. You always have the option of moving somewhere else.

This may change in the future, as these things become standardized, but for now tying yourself to the cloud means tying yourself to a specific vendor.

Answer 9

Cloud computing has brought parallel programming a little closer to the masses, but you still have to understand how best to use it - otherwise you're going to waste compute cycles and bandwidth.

Re-architecting your application for most efficient use of a cloud computing service is non-trivial.

Answer 10

I can think of several reasons why not use EC2 (and I am talking about EC2, not grid comp in general):

• Reliability: Amazon makes no guarantee as to the availability / down time / safety of EC2
• Security: Amazon does not makes any guarantee as to whom it will disclose your data
• Persistence: ensuring persistence of your data (that includes, effort to set up the system) is complicated over EC2
• Management: there are very few integrated management tools for a cloud deployed on EC2
• Network: the virtual network that allows EC2 instances to communicates has some quite painful limitations (latency, no multicast, arbitrary topological location)

And to finish that:

• Cost: on the long run, if you are not using EC2 to absorb peak traffic, it is going to be much more costly than investing into your own servers (cheapo servers like Supermicro cost just a couple of hundred bucks...)

On the other side, I still thing EC2 is a great way to soak up non-sensitive peak traffic, if your architecture allows it.

Answer 11

Security issues are not relevant if your application does its own encryption. Amazon is then storing encrypted data that they have no way of decrypting.

But in addition to the uptime issues, Amazon could decide to increase their prices to whatever they want. If you're dependent on them, you'll just have to pay it.

Answer 12

There are different kinds of cloud computing with lots of different vendors providing it. It would make me nervous to code my apps to work with a single cloud vendor. that you specifically had to code for..amazon and Microsoft I believe you need to specifically code for that platform - maybe google too.

That said, I recently jettisoned my own dedicated servers and moved to Rackspaces Mosso Cloud platform (which have no proprietary coding necessary) and I am really, really pleased with it so far. Cut my costs in half, and performance is way better than before. My sql server databases are now running on 64Bit enterprise SQL server versions with 32G of ram - that would have cost me a fortune on my previous providers infrastructure.

As far as being out of luck when the cloud is down, that was true if my dedicated server went down - it never did, but if there was a hardware crash on my dedicated server, I am not sure it would be back on-line any quicker than rackspace could bring their cloud back up.

Answer 13

This is kind of like the "Why would you use Linux" comment I received from management many years ago. The response I got was that it is a solution in search of a problem.

So what are your goals and objectives in moving to EC2?

I'd be interested to know if you'd still want to move to a cloud, if it was your own.

Answer 14

Some questions to ask:

What is the expected uptime, and how does downtime affect your business? What sort of service level agreement can you get, what are the penalties for missing it, and how confident are you that the SLA uptime goals will be met? (They may be better or worse at keeping the systems up than you are.)

How sensitive is the data you're proposing to put into the cloud? Again, we get into the questions of how secure the provider promises to be, what the contractual penalties and indemnities are, and how confident you are that the provider will live up to the agreement. Further, there may be external requirements. If you deal with health-related data in the US, you are subject to very strict requirements. If you deal with credit card data, you also have responsibilities (contractual, not legal).

How easy will it be to back out of the arrangement, should service not be what was expected, or if you find a better deal elsewhere? This includes not only getting your data back, but also some version of the applications you've been using. Consider the possibilities of your provider going bankrupt (Amazon isn't going to go bankrupt any time soon, but they could split off a cloud provider which could then go bankrupt), or having an internal reorganization. Bear in mind that a company in serious trouble may not be able to live up to your expectations of service.

How much independence are you going to have? Are you going to be running their software or software you pick? How easy will it be to reconfigure?

What is the pricing scheme? Is it possible for the bills to hit unacceptable levels without adequate warning?

What is the disaster plan? Ideally, it's running your software on servers in a different location from where the disaster hit.

What does your legal department (or retained corporate attorney) think of the contract? Is there a dispute resolution mechanism, and, if so, is it fair to you?

Finally, what do you expect to get out of moving to the cloud? What are you willing to pay? What can you compromise on, and what do you need?

Answer 15

Depends how much you trust your own infrastructure in comparison to a 3rd party cloud service. In my opinion, most businesses (at least not IT related) should choose the later.

Answer 16

Another thing you lose with the cloud is the ability to choose exactly what operating system you want to run. For example, the latest Fedora Linux kernel available on EC2 is FC8, and the latest Windows version is Server 2003.

Answer 17

Besides the issues raised regarding dependability, reliability, and cost is the issue of data ownership. When you locate data on someone else's server, you no longer control who views, accesses, modifies, or uses that data. While the cloud operators can limit your access, you possess no way of limiting theirs or limiting who they give access to. Yes, you can encrypt all the data on the server but you lack any way of knowing who possesses root access to the server itself and any means to stop others from downloading your encrypted data and cracking it open. You lose control over your data; depending on what type of apps you are running and the proprietary nature of the data involved, this could engender corporate security and/or liability risks.

The other factor to consider is what would happen to your company if Amazon and/or EC2 were to suddenly vanish overnight. While a seemingly preposterous position, it could happen. Would you be able to quickly fill the hole and restore service, or would your potentially revenue generating apps languish while the IT staff scramble to obtain servers and bandwidth to get them back online? Also, what would happen to your data? The cloud hard drive holding all your information still exists, somewhere, and could pose a potential liability risk depending on the information you stored there--items such as personal information, business transaction records etc.

If I was starting my own business now, I would go through the hassle of purchasing and maintaining my own severs so I retained data ownership. I could control root access to the hardware, as well as control who can access and modify the data.

Answer 18

Besides what has already been said here, we have to consider uniformity across the business. Are all of you applications going to be hosted in the cloud, or only most? Is most enough to pull the trigger on using the cloud when you still have to have personnel to handle a few special servers?

In particular, there might be special hardware that you need to communicate with such modems to accept incoming data, or voice cards that make automated phone calls. I don't know how such things could be handled in a cloud environment.