Feeds

I floated a site into the cloud, and it didn't rain down in chunks...

My baby steps migration

Application security programs and practises

WAR on the Cloud, part 1: The "cloud" is still somewhat in its novelty phase as with virtualisation and (say) XML of yesteryear, when simply waving them at an application would magically make all your troubles drop away, like sessions on a crashing web server.

All of these technologies do have their value, just not as panacea.

For example, in the cloud you are likely to pay for every resource you use – CPU, bandwidth, storage, etc – which makes you vulnerable to ambush bills, in the worst case from a targeted DoS attack on your cloud-hosted sites, whereas typical conventional hosting arrangements have most costs capped.

Also, in the cloud access to storage is a complicated affair: if you have a variable number of front-ends, how do they coordinate safe access to writable data? For those operations that suit a database then maybe its concurrency controls are sufficient, but not every app can afford transaction overhead. And getting data in and out of the cloud is likely to be chargeable too.

I have a moderately busy website that gets a few million unique visitors per year (depending on how you count 'em) and that I have already distributed to mirrors in data centres in the UK, US, India and Australia, with a dedicated (expensive) machine in each location on Solaris and Linux. This hand-crafted "cloud" already works fairly well. Downtime on a single instance doesn't have much impact on the total number of daily visitors, and users are automatically bounced to a "closer" mirror where it will improve responsiveness.

For the two main mirrors in the UK and US having a dedicated box makes sense; they are fairly busy most of the time and I can hang other services on them such as DNS secondaries.

The two other boxes are relatively under-utilised and expensive both in terms of money and indeed energy (think carbon footprint) but, as it stands, the technology is too heavyweight to share a box on conventional JSP hosting services.

I wanted to test the waters and see if I could migrate one or both into the cloud, but keep geographically close to end users around AsiaPac.

Baby steps

Rather than try to do this all in one huge "big bang", probably involving changing a significant chunk of the 60k lines of Java in my site, it made sense to first test the ease with which a much simpler site, for example a static Apache or simple JSP/Java site, can be put up within an existing cloud environment, such as Amazon's.

In the first instance Amazon's "AWS Free Usage Tier" looked like a good place to start, with the right price, and setting up an AWS (Amazon Web Services) account took a few minutes.

awseclipse

A few minutes' reading in the AWS FAQs suggested that the "AWS Elastic Beanstalk" could be the right place for my site to end up, since it accepts WAR (Web ARchive) files that I already build, and offers automatic scalability and so on, which is more than I currently achieve with my home-brew technology.

Since I already develop my site/app in Java with Eclipse, the first step was to download the appropriate plugin from Eclipse, which includes the AWS SDK and a bunch of other stuff. The site also has some useful short explanatory videos such as this one on getting started with the AWS Elastic Beanstalk.

Eight steps to building an HP BladeSystem

More from The Register

next story
Sysadmin Day 2014: Quick, there's still time to get the beers in
He walked over the broken glass, killed the thugs... and er... reconnected the cables*
Apple fanbois SCREAM as update BRICKS their Macbook Airs
Ragegasm spills over as firmware upgrade kills machines
Amazon Reveals One Weird Trick: A Loss On Almost $20bn In Sales
Investors really hate it: Share price plunge as growth SLOWS in key AWS division
SHOCK and AWS: The fall of Amazon's deflationary cloud
Just as Jeff Bezos did to books and CDs, Amazon's rivals are now doing to it
EU's top data cops to meet Google, Microsoft et al over 'right to be forgotten'
Plan to hammer out 'coherent' guidelines. Good luck chaps!
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.