Feeds

Inside Amazon's web services

SLAs for us but not for you, says Amazon's CTO

3 Big data security analytics techniques

In 2006, Amazon.com launched several web services aimed at developers: the Simple Storage Service (S3) offering unlimited internet storage, the Simple Queue Service for reliable message delivery, and the Elastic Compute Cloud (EC2) which lets developer create and manage virtual server instances programmatically.

They are innovative, keenly priced on a pay-as-you-go basis, and generally work as advertised. At the same time it seems incongruous to be selling books one day, and web services the next. Not according to Amazon’s CTO, Werner Vogels Mugshot of Werner Vogels, Amazon’s CTO., who spoke to us at the London QCon last month.

“Amazon is a technology platform, not just an internet bookshop,” he says. “You might see Amazon’s secret sauce as being personalization, or recommendation, but what really makes Amazon operate is to be able to scale.” Amazon’s web services open its platform to third-parties as well as making use of spare capacity.

A barrier to adoption of Amazon’s web services is the absence of any SLA (Service Level Agreement), making some businesses reluctant to entrust data or critical services to Amazon. “They are absolutely correct,” says Vogels, with disarming frankness. “You have to understand that this is a nascent business. So we have to figure out on our side how to give these guarantees. It doesn’t make sense to guarantee things, and then not be able to meet those guarantees. It is better to explain to people that there are no guarantees at the moment, except high level statements that it is fast and reliable, instead of lying to them.”

That said, has anyone lost data? Have there been outages? “We’ve lost nobody’s data. We’ve had a few performance blips that didn’t affect everyone,” Vogels tells me. “We try to avoid that with Amazon.com also, where any outage has significant financial impact. We try to deploy the same techniques around S3 and EC2.”

In compensation for the lack of an SLA, Amazon’s services are inexpensive. For example, S3 costs $0.15 per GB per month, and $0.20 per GB of data transferred, while EC2 server instances are $0.10 per instance per hour, for a server said to be equivalent to 1.7 GHz x86 processor with 1.75GB of RAM. There are no up-front costs. Is Amazon committed to low prices in future? “Yes, absolutely. For these things to make sense they need to be cheap,” says Vogels. “It’s the model of utility computing that will drive the development of these kinds of systems.”

Amazon’s web service APIs have changed little since their first release, though Vogels hints at some future enhancements. He mentions WebDAV as an interesting area. Another common request concerns authentication and billing. “Some developers would really like us to handle their own customer authentication, and that we would bill those customers directly for their use of S3.”

Currently you have to sign up as a developer, even if you are really the end user of an S3 application. “Are there still things missing? Yes. Will Amazon address those? Maybe. But we first need to make sure that these basic services, storage, CPU, communication, and queuing, operate solidly. There’s a lot to learn still,” says Vogels.

How Amazon implements SOA

Amazon’s internal development uses a model of small teams. Each team owns a small part of the business, which they build as a service. “There is a service oriented architecture internally, but we did that before service orientation was a buzzword,” says Vogels. Teams are autonomous, which means that within reason they choose their own preferred language and tools. “We expect our engineers to be smart enough to not go off and do really crazy things,” Vogels told us. “There is still a lot of Perl, but there isn’t that much that is completely built out of Perl. Then there is C++ and Java. There is also a growing Ruby community within Amazon. Then there are the containers, whether it is JBoss or Tomcat, or homegrown stuff.

“We trust our engineers to make the right choices. They also have to manage it. They are in the full cycle. So they have to limit their technology choices. That is a very good motivator to make the right choices.”

The existence of diverse technologies internally suggests that interoperability is an issue. “We have very strict guidelines around what a service is,” says Vogels. “There is a contract between clients and servers that describes network-independent access mechanisms. But it also clearly describes SLAs. At Amazon we’re very rigid about SLAs between clients and servers. So the interoperability is through standard mechanisms, some of them are home-grown protocols, others are standard REST and web services, but the description of it is fixed, meaning that services cannot change APIs one day after another, because there are quite some dependencies internally.”

It is ironic that Amazon relies on SLAs internally, but will not offer them to its customers. Nevertheless, there is a lot to like in Amazon’s affordable on-demand computing.

For more information on Amazon’s web services, see here. ®

Top three mobile application threats

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Inside the Hekaton: SQL Server 2014's database engine deconstructed
Nadella's database sqares the circle of cheap memory vs speed
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
IRS boss on XP migration: 'Classic fix the airplane while you're flying it attempt'
Plus: Condoleezza Rice at Dropbox 'maybe she can find ... weapons of mass destruction'
Ditch the sync, paddle in the Streem: Upstart offers syncless sharing
Upload, delete and carry on sharing afterwards?
New Facebook phone app allows you to stalk your mates
Nearby Friends feature goes live in a few weeks
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.