CSharp-Cloudfiles ignores Cloudversion for unspecified AccountName

While building a demo app on Internap’s XIPCloud, I saw unexpected URLs sent by the CSharp-Cloudfiles library.  I changed the code to pass “v1.0” via the Cloudversion argument of UserCredential’s constructor (which is a questionable location in the first place).  Fiddler showed that the URL didn’t change at all.  Regardless of passing is a valid value (e.g., “v1.0”) for the Cloudversion argument or just an empty string, the resulting header always looks like:

GET https://auth.storage.santa-clara.internapcloudl.net/ HTTP/1.1

Why isn’t the Cloudversion appended?  By grokking thru com.mosso.cloudfiles.domain.request.GetAuthentication I found this code:

var uri = string.IsNullOrEmpty(_userCredentials.AccountName) ? _userCredentials.AuthUrl : new Uri(_userCredentials.AuthUrl + “/”
+ _userCredentials.Cloudversion.Encode() + “/”      + _userCredentials.AccountName.Encode() + “/auth”);

This code only includes the provided Cloudversion value when a valid AccountName has also been provided. These values seem orthogonal to me; the resulting URL should include the Cloudversion appropriately when is is provided. Since there don’t seem to be multiple cloud versions available, nor accounts available, it’s not currently a huge problem. But it’s going to bite someone eventually.

Caveat Developer: CSharp-CloudFiles

Rackspace has developed a C# SDK for CloudFiles, which in turn is based on OpenStack Object Storage.  As we’ve used this SDK, csharp-cloudfiles, we’ve encountered some unexpected “issues.”  While we see these issues as flaws, some may consider them to be unintended consequences – we’re open to correction.  Regardless, other developers may benefit from our comments here.

The first item has to do with UserCredentials’ constructors.  com.mosso.cloudfiles.UserCredentials has four constructors:

public UserCredentials(string username, string api_access_key) // AVOID!

public UserCredentials(Uri authUrl, string username, string api_access_key)

public UserCredentials(Uri authUrl, string username, string api_access_key, string cloudversion, string accountname)

public UserCredentials(Uri authUrl, string username, string api_access_key, string cloudversion, string accountname, ProxyCredentials proxyCredentials)

Note that all except the first constructor take the authorization url as the first parameter (authUrl).  It turns out that the authorization url is hard-coded in the first constructor, rendering it useless. This constructor uses https://api.mosso.com/auth (via Constants.MOSSO_AUTH_URL), so it’s only useful if you have valid authorization credentials for that end-point.  Since (it seems) only Rackspace’s internal development team has valid credentials there, they should remove this constructor.

While on the topic it’s important to point out that the authorization url passed in actually becomes part of the UserCredentials’ member data.  Code can retrieve the value from the AuthUrl property, but cannot set the value.  As a matter of fact, all of UserCredentials’ properties are get-only (and their member data fields are readonly)!  The only way to change any of the values is to construct a new UserCredentials.

Ok, so UserCredentials is no memory hog and creating multiples is unlikely in many applications.  The issue is that this class seems to ignore the value of separate concerns.  Why, for example, is proxyCredentials a member of this class?  Are a user, account and authorization url always expected to have a single proxyCredentials?  It seems to us that the endpoint, user credentials and proxy credentials need to be combined when calling down to the REST api, but should be separated for flexibility above that.  We think several of these members should be independent, or at least more flexible by being settable.

What are your thoughts?  We’d like to know; comment below.

Utility Pricing

One of the major tenets of cloud computing is pricing based on utilization – also commonly referred to as pay-for-usepay-as-you-go, or similar.  This tenet proposes that, as with other utilities such as electricity and water, customers will only pay for the amount of cloud computing resources they use.  At first glance, utility pricing may not appear to be a major change.  But this pricing model is not simply a change in pricing, it is antithetical to prior models in the software industry.

A Brief History of Software Pricing

For several decades the up-front license model has dominated the software landscape.  This model typically involved a large price (aka, license fee) in the beginning and annual maintenance fees.  So, if a company wanted to use software create by XYZ Company, they had to pay XYZ’s license fee prior to being able to install or use the software.  The company may also be required to pay XYZ an annual maintenance fee to the tune of 15% to 20% of the license fee.  The benefits of paying for maintenance varied among vendors, but usually involved software updates – bug fixes, upgrades, etc. – some level of technical or other support, etc.

One of the major problems with this pricing model was in determining appropriate pricing.  Customers had difficulty understanding whether prices were reasonable or whether they were being taken for a ride.  I remember a customer wondering how something on a floppy disks could be worth $100,000 when the physical hardware it ran on was less than $5,000.

Frankly, software vendors had a hard time with license pricing as well.  Should it be based on total investment divided by the number of expected sales?  That doesn’t work.  Value-based pricing – charging a customer based on the value they would recognize with the software – is better, but how do you determine the value? Should customers receive a refund if that value isn’t recognized? Etc., etc., etc.

At some point businesses began analyzing the cost of software across its user base, and the concept of per-seat pricing entered the picture.  Software vendors began pricing their software accordingly, especially since $132.40 per seat sounds so much more affordable than $100,000.

Utility Pricing Is A Major Shift

Up-front and Per-Seat pricing, however, are fundamentally different than utility pricing.  Up-front and (most) Per-Seat pricing are predominantly based on expected usage.  If you expect to run the software on 5 machines, you may have to buy 5 up-front licenses.  If you expect 5 users to access the software, you have to buy 5 per-seat licenses. Utility pricing, however, is a historical view based on actual usage.

Utility pricing is so different, in fact, that it represents a substantial threat to prior pricing models.  More specifically, vendors providing utility pricing models will increasingly win deals over those vendors stuck in the up-front and even per-seat pricing models.  For one, customers believe that utility pricing is more equitable than older models. Although it may seem odd, the most significant factor driving utility pricing may be the US Tax Code.

Previous: Introduction Next: Utility Pricing & the US Tax Code

Cloud Computing & Pricing – Introduction

Earlier today I began writing a response to someone else’s tweet on cloud computing’s possible migration toward volume pricing.  I knew the response would take more than a tweet-length, I began a new blog entry.  After quite a while of writing, I realized my little response had become a spew-fest — too many explanation and details intertwined, and too long for reading.

So, I took a step back and considered how to reorganize the information and offer it for other’s critique. I’ve decided to craft a short blog series which I hope will convey:

  • Utility Pricing (What Is Utility Pricing? How Is It Different?)
  • Why Cloud Computing Hosts Should Provide Rich Metrics
  • How Utility Pricing Enable Myriad Pricing Models

I’ll provide links to each as they’re completed, so check back soon.

OpenStack Storage: Not Just for Rackspace Anymore

From yesterday’s CloudScaling blog: OpenStack Object Storage Moves Beyond Rackspace.  This post reiterates that OpenStack was initially created by Rackspace and NASA, that Rackspace has been offering cloud-based storage via OpenStack, and that CloudScaling has recently assisted another company develop a commercial offering using OpenStack.

At first glance, I suspected the unnamed company was Internap and referred to their XIPCloud offering.  But CloudScaling’s blog refers to the company as “a Tier 1 ISP.”   The last I checked, Internap was Tier 2 at best, although it has good relationships with, and subs to, most Tier 1’s.

Regardless, this is good news for OpenStack.  The first major, outside adopter is often the most difficult.  If this second adopter has commercial success, others will quickly follow.  Let’s hope that adopters will also pony up development and test resources as well — OpenStack certainly needs it, particularly in language SDKs (PHP, Java, .NET, etc.)

Analysis: CloudReplica’s Unlimited VM Instances Model

When I first saw the announcement (HT HPCInTheCloud) that CloudReplica is offering unlimited

When I first saw CloudReplica Announces Unlimited Virtual Machine Licensing (HT HPCInTheCloud), my first thought was that they might start driving down VM and Instance pricing in the cloud.  As I read further, however, I realized that’s not the case.

The trigger for my disappointment was the final paragraph of the announcement:

CloudReplica’s unlimited virtual machine license for Standard Edition is priced at $1,500 per month and is available immediately. Support is available for an unlimited number of Windows virtual machines using VMware or Microsoft® Hyper-V™ Server 2008 R2 virtualization platforms.

Hmmm. $1,500 / month.  How does that compare with other solutions?

VM Type Monthly Account Fee Cost/Hr Cost/Month VM Count Total Monthly Cost
CloudReplica Unlimited $1,500.00
Amazon EC2 Small $0.12 $87.60 17 $1,489.20
Large $0.48 $350.4 4 $1,401.60
Rackspace Cloud Server 1 GB $100 $0.08 $58.40 23 $1,443.20
2 GB $100 $0.16 $116.80 11 $1,384.80

In order to realize the cost benefits of “unlimited,” you might want to consider CloudReplica if you have (or need) more than 17 Small Instance VMs at Amazon or more than 23 of Rackspace’s 1 GB instances.  That’s a bunch of VMs to manage!  If you are using Amazon’s Large Instance or Rackspace’s next step up, 2 GB Cloud Server, the comparatives drop to 4 and 11.

Methodology (briefly)

As you should expect, the above analysis is not exhaustive.  Each vendor not only has different pricing levels, but unique pricing models as well.  Some charge for bandwidth consumption (ingress / egress), while some don’t.  Some charge differently for Linux instances than Windows.  Only Windows pricing was considered in this analysis since that is what CloudReplica offers.

The instance types used for comparison in this analysis were:

VM Type RAM (GB) Local Storage (GB) Comments
CloudReplica ? ? ? Web site unclear on sizes.
Amazon EC2 Small 1.7 160
Large 7.5 850 BIG jump from Small
Rackspace Cloud Server 1 GB 1.0 40
2 GB 2.0 80

Better Management Certificates for Azure

As I wrote earlier this week, the Silverlight-based Management Portal may be the best feature of Azure’s 1.3 release.  It is a handsome UI, Azure components are far easier to access, and (most importantly) the amount of time required for common tasks is sharply reduced.

This post is only partly about the Management Portal, however.  The certificate generating code in the Azure Tools for VS 2010 is also involved.

The Problem

Although it’s nice to be able to create the necessary management certificate from within Visual Studio, the resulting certificate naming is confusing.  The following dialog shows an existing certificate and the selection for creating a new certificate.

AzVSTools - Certificate Selection

When this tool creates a certificate, it sets the Friendly Name you entered and sets Issued By to Windows Azure Tools.  No big deal, right?  Right – until you add the certificate via the Azure Portal….

Azure Mgmt - Mgmt Certs with Comments

This view of the portal shows the Management Certificates, but you can’t really tell which is which.  For example, which of the two certificates corresponds to the one with Friendly Name: Deployment Credentials in the Azure Tools dialog?  You really can’t tell unless you are able to distinguish them by their thumbprints or validity dates.  Why doesn’t Deployment Credentials  appear in one of the fields?  Well, let’s take a quick look at the certificate in Certificate Manager (certmgr.msc).

CertMgr - Personal Certs - Windows Azure Tools-Deployment Credentials

When Azure Tools created the certificate, it set Windows Azure Tools in the Issued To and Issued By fields.  The name I provided the tool appears in the Friendly Name field.  I’m glad that I can distinguish the certificate in my local store with the friendly name, but it’s only known in my local store.  That’s the problem: Friendly Name is not part of the certificate; it’s metadata associated with the certificate, and only locally.

What’s A Better Way?

Instead of using the Azure Tools to create a certificate, use the MakeCert tool.  Azure only accepts certain certificates (X.509, 2k-bits, SHA1, etc.), so you have to provide a few specific parameters.  Here’s a sample command line:

makecert -sky exchange -r -n “CN=<CertName>” -pe –a sha1 -len 2048 -ss My “<CertFileName>”

where CertName specifies the name you want to appear in Name field in Management Certificates of the management portal, and CertFileName specifies where to store the certificate file on your local drive.

Now, when you upload the certificate to the management portal, you can easily distinguish the certificates.

Azure Mgmt - Mgmt Certs - Better Names2

Then, when you Publish from Visual Studio, simply choose the appropriate certificate from the list.

AzVSTools - Certificate Selection2

Admittedly, the Friendly Name isn’t set, but you have no trouble distinguishing between certificates in either Visual Studio or Azure’s Management Portal.

BIG Release of Azure Components This Week!

Windows Azure SDK 1.3 (a.k.a., November release) has just been released.  You can download just the SDK, but if you’re using Visual Studio, use the Windows Azure Tools for Visual Studio instead.  This package, VSCloudService.exe, includes the SDK package.

The major features / benefits of this release include:

  • Management Portal – the new Silverlight-based portal may be the most significant improvement of this release.  Managing Roles, Storage, Service Bus, Access Control, etc. are so much easier to access, and the portal’s performance improvements make a substantial impact on management tasks.
  • Full IIS – Finally! Each Web Role can host multiple sites – web apps, services.  Additionally, developers can now install IIS modules as well (some apps haven’t been migrated due to dependence on 3rd party or custom modules)
  • Remote Desktop – I’ve been looking forward to this for a while!  Being able to connect to Azure Roles and VMs via RDP is going to make a huge difference in so many ways – configuration, deployment, debugging, etc.
  • Windows Server 2008 R2 – Azure Roles and VMs can now be based on R2 which brings in IIS 7.5, ability to restrict what apps can run via AppLocker, PowerShell 2.0 for better administration and automation.
  • Elevated Role Privileges – I’m not so sure this is a really good idea, but it’s in now.  Azure Roles allow running with administrator privileges (sounds like “running with scissors”).  I can imaging some scenarios in which a Worker Role does a bit of admin level work, or a Web Role hosting a custom administrative portal.  But, in general, devs need to be very careful with this “feature.”
  • Multiple Admins – Multiple Live IDs can be assigned admin privileges in an Azure account.  This provides better traceability when you’re doing around-the-clock administration.  But it may also introduce risk of “stepping on each other’s toes” problems.

Also in this round of updates are a couple of betas and CTP.

  • Extra Small Instance – in BETA – at just 5 cents per compute hour, the Extra Small Instance is less than half the cost of the Small Instance (12 cents per compute hour). At the time of this writing, the Extra Small Instance is comprised of 1.0 GHz CPU, 768 MB RAM, 20 GB local storage and “low” I/O Performance.
  • Virtual Machine Role – in BETA – Now you can define and manage your own virtual machine. Based on the (very) little info I have right now, the VM is based on a differencing disk over a Windows 2008 Server R2 VM.  That limits the options of what to run in the VM.  IMO, this is the last check-box for Azure qualifying as Infrastructure as a Service (IaaS).
  • Azure Connect – in CTP – Connect provides the ability to create a virtual network between multiple devices. For example, if companies A & B want two of their systems to communicate with each other, those systems connect to Azure, establish the private network, and then communicate directly between A & B.  I really want to test this one out!

NetFlix Cloud Architect on Cloud Computing

ReadWriteCloud has a good article based on a CloudScaling interview with NetFlix’s Cloud Architect, Adrian Cockcroft.  Although the article is predominately about why NetFlix is using Amazon Web Services (AWS), there are several good themes that apply to cloud computing in general.

With regard to cloud architecture, Cockcroft said getting into the Google mindset was the biggest challenge,

“You have to assume that the hardware and underlying services are ephemeral, unreliable and may be broken or unavailable at any point, and that the other tenants in the multi-tenant public cloud will add random congestion and variance. In reality you always had this problem at scale, even with the most reliable hardware, so cloud ready architecture is about taking the patterns you have to use at large scale, and using them at a smaller scale to leverage the lowest cost infrastructure.” – Adrian Cockcroft, emphasis added

This is one of the major stumbling blocks for developers who fall for promises around easily migrating web apps to the cloud.  Yes, you can migrate them easily, but don’t expect to get scalability from them until they’re architected for elasticity, random failures, etc.

With regard to the politics of cloud computing,

“The next challenge is a political one. Cockcroft says a CIO would prefer to build data centers than become irrelevant to internal customers.” – Alex Williams

Cockcroft’s opinion on internal private clouds is straight-forward and accurate,

“…only the biggest organizations should be building datacenters to host clouds, and they should be offering them publicly. If you are doing internal cloud and you have a dominant internal customer then you are doing it wrong, because you have to choose between baking in a lot of unused extra capacity or the risk that at some point that customer will blow up your cloud.”- Adrian Cockcroft, emphasis added

Both articles (Netflix’s Advice on Moving to Amazon Web Services and Cloud Innovators: Netflix Strategy Reflects Google Philosophy) are worth reading.  As usual, I’m interested to see your comments.

Cheat Sheet: Cloud Computing Predictions for 2011

It’s that time of year for big, bold predictions what will occur next year.  I won’t pretend to be much of a prognosticator.  Instead, I’ll distill a few down so you don’t have to read so many.

First up is James Staten of Forrester Research: Cloud predictions for 2011: Gains from early experiences come alive

Notables

  • Most companies building internal private clouds will fail
  • Predicts that hosted private clouds will outnumber internal private by 3 to 1
  • Cloud economics will kick in
  • Information is power & will be profit center, but BI gap will widen

Next, Gordon Haff article on CNET: Cloud-computing predictions for 2011

Notables

  • Standardization will remain elusive
  • Security-related discussions will become more specific (from the current ‘generic’)
  • Start-up acquisitions continue; rounding out existing portfolios

Corp. piece: Quest Software Unveils 2011 Predictions for Cloud Computing…

Notables

  • Competition for market dominance heats up — Amazon, Google & Microsoft top the market today
  • IT will go for cloud-based email first
  • Federation: about a third of IT survey respondents will use identity federation by end of 2011
  • Tech investments switch from cost-cutting back to opportunistic