The only thing missing from the article is an affiliate code on the enstratus link. Then it would be fully clear who wrote it and why. Has anyone not selling something ever uttered the phrase 'deploy best of breed solutions'? I think not.
If my current iaas vendor retains root access then I certainly don't want a more 'managed' solution.
CloudSigma are an IaaS provider who presumably take a different approach.
Overall I think it is a valid point for them to make, especially as it seems that a lot of these restrictions are vendor created.
There is also a lot of comfort in knowing everyone else is running the same kernel and there will be some difficulty in executing various exploits for the hypervisor.
If you have your own admins keeping things up to date and polished, it removes (1) some grief from the customer and (2) allows you to rest more comfortably knowing your admin (theoretically) knows what he's doing.
The author points out that for conventional electric devices, there is no input from the electric company. True. But, if one puts in an industrial facility, the electric company starts caring, because the loads can not be simply ignored (c.f. inductive/reactive loads). That has analogies to the cloud.
There are decided advantages for the customer to have full control, there are decided advantages for the vendor to have full control.
Botnets etc. rely on free hijacked capacity not computing resources bought on an industrial scale on commercial terms. The cloud is no more prone for use as a botnet or other problematic activity than dedicated hardware. Although often touted, I've yet to hear a compelling case for IaaS clouds being any more susceptible to such use than VPS, shared hosting etc. etc.
Likewise, such activity becomes very obvious very quickly and it isn't access inside a customer's cloud server that allows you to spot such activity.
As I say, there are not real reasons not to give customers full control of their cloud servers any more than they have full control of their dedicated servers. In fact, the flexibility of the cloud makes policing it more easy than dedicated hardware without snooping inside customer servers or restricting their ability to control their computing.
In terms of administration, customers can choose to use their own in-house admins or that of a third party and many of our customers do. The point is they done have a choice, with other clouds they have one choice, the cloud vendor as the admin. That's overly restrictive and it isn't surprising why you get such concerns raised over security and control in the cloud.
Thanks for the great feedback by the way.
Best wishes,
Patrick CEO CloudSigma
Definitely. I am a really high CPU user but don't need hardly any storage (I'm doing chess calculations). With bundled resources I always notice I am always over-specced on RAM and storage (in particular). Would be nice to have 'liquid' computing resources. As you say, nice post and nice to see someone doing that.
The main pieces were contributed by Rackspace and NASA, but dozens of other contributors are involved in the project now.
Full disclosure: I work at Rackspace.
