Watch out, Amazon Web Services. These younger cloud companies bring new architectures and provisioning methods to the game.
The cloud is old enough, and Amazon Web Services mature enough at age seven, to make you wonder: Could market leader AWS be outflanked by a fresh architecture or a supplier with a more flexible method of provisioning user-designed servers?
So far, cloud vendors have defined services using their own templates, with a given amount of CPU, memory, and storage. Market leaders Amazon, Google, Microsoft, and Rackspace each do it roughly the same way.
But younger companies are trying new architectures and more flexible provisioning methods. In the world of cloud computing, where names like Savvis, Terremark, CSC, and SoftLayer predominate, here's a six-pack of contenders to be the next big name in cloud computing.
DigitalOcean in New York has an architecture that could pose a challenge one day to Amazon, given its heavy reliance on solid-state disks and high-speed provisioning. But the firm has also quickly learned there is more to cloud services than a speedy architecture and new components.
Digital Ocean incorporates 1.92 TBs of solid-state storage per host server, which yields high-speed provisioning for small servers, costing 1.5 cents an hour or just $5 a month. That has appealed to programmer users, particularly members of the Ruby community. DigitalOcean grew fast between January and June 2013, adding 6,996 servers, with AWS one of the few service providers growing faster than that. In the last two months of the year, it added another 6,514 servers, compared to Amazon's 6,269, according to Netcraft, the surveyor of web-facing servers.
DigitalOcean, Netcraft said, was the only cloud service provider that was adding more servers than Amazon: "DigitalOcean is now growing faster than Amazon Web Services… Together the two companies accounted for more than a third of the Internet-wide growth in web-facing computers."
One user, Kenneth White, was able to find 18 GBs of a previous user's data, when he was assigned unwiped SSDs as his storage. In the normal course of events, the data would have been overwritten by the new user, but White decided to look at what a new user would see if he decided to snoop before writing his own data to disk. He informed DigitalOcean that a previous user's data was "leaking" into his own server use, and DigitalOcean responded that it was dismayed at the oversight and it would write code to prevent that from happening in the future, according to Wired.
That was an exchange that took placed between March 26 and April 2. So why was VentureBeat able to report Dec. 30 that DigitalOcean was once again having a problem with data leaks? On Dec. 29, a hacker in Berlin, Jeffrey Paul, posted on GitHub that he had discovered a previous customer's data on his just commissioned DigitalOcean virtual server, setting off a storm of negative comments.
Wiping SSDs appears to have impeded on-boarding new users, according to a blog explaining what went wrong by co-founder Moisey Uretsky. DigitalOcean was growing so fast it appears to have chosen to skip executing a wipe as its default offering and instituted a wipe only upon explicit user request in its place. Many users didn't realize the default had been replaced -- DigitalOcean made no public announcement of the change -- and users neglected to order the wipes. That left DigitalOcean able to more speedily reassign their storage, with the predictable exposure to the previous customer, whose data was still resident on the SSD.
In the interest of "transparency," Uretsky explained in a blog Dec. 30: "This is an issue that we cleared up earlier in the year with scrubbing the drive… However as utilization of our cloud went up, we saw that [default] scrubbing was starting to cause degradation in performance..." The firm decided to make scrubbing an option that had to be designated by the user. After the Dec. 29 blowup, DigitalOcean engineers again "are updating the code base right now to ensure that [scrubbing] will be the default behavior," he wrote.
lt seems that with great growth in the cloud comes great responsibilities, as Amazon could probably testify. Data security is a paramount concern, and DigitalOcean in this initial go-round has shown itself not ready for all the responsibilities that make a large service trustworthy for the long haul. Nevertheless, a company that ranked 568 among cloud suppliers in January 2013 was number 72 by June and 15 by December, according to Netcraft. The young New York firm has speedy servers, bargain-basement prices, and a growing list of tools for developers. If it gets itself straight on disk scrubbing, it will bear watching to see what happens between now and December 2014.
CentriLogic is one of those little companies you've never heard of that remains a long shot. But it looks to be in the right position at the right time.
It's headquartered in Toronto, so it offers entrée to the Canadian market, which has its own protections in place to prevent US cloud suppliers from storing a Canadian citizen's health data, due to the threat of US government snooping.
Also, like Bluelock in Indianapolis, which has a growing disaster recovery business, it's far enough away from the swath of Hurricane Sandy's destruction to make it an attractive location as a backup and disaster recovery site for companies on the East Coast. In the hurricane's aftermath, some companies in the New York metropolitan area found Amazon's US East location in Ashburn, Va., too exposed, even though it continued operating on emergency power through the storm.
CentriLogic has also built out multiple locations. It has a datacenter in Toronto and two in Mississaugua, Ontario; also Rochester and Buffalo, N.Y.; Bracknell, UK; and Hongkong. Last June it acquired Dacentec, with 23,000 square feet of datacenter space near Charlotte, N.C., only one-third of it in use, which has been added to the mix.
It offers a mix of services, in the manner of SoftLayer (acquired in 2013 by IBM), including dedicated physical servers as well as multi-tenant virtual servers and hosting services. That, along with its ability to offer cross-border availability zones, just might make it a preferred partner for those firms looking for a recovery site and a closer tie to Canadian customers.
OVH.com is not a name that trips lightly from cloud-conversant lips, but it's one of Europe's largest cloud suppliers. The privately held company is also a proficient builder of infrastructure, having taken a soup-to-nuts responsibility for the design and production of its cloud servers and infrastructure since it started as a hosting service provider in 1999. That's reminiscent of the approach Google and Amazon took as well.
OVH stands for the nickname of private owner Octave Klaba -- Oles Van Herman -- or On Vous Heberge ("We host you," in French). In Europe, it definitely has geographical reach. While headquartered in Roubaix, France, it has opened facilities in the US and Canada and is one of the largest datacenter chains in Europe. It offers facilities in Germany, Italy, Poland, Spain, Ireland, the UK, the Netherlands, Lithuania, and Finland.
It includes a 100 GB automated backup with its dedicated cloud servers and makes extensive use of SSDs on its dedicated servers. It has deployed IPv6, increased IP address availability for its customers, and implemented Domain Name Service Security Extensions, or DNS SEC, closing another known vulnerability. It has built out its own fiber optic net connecting its centers.
OVH.com is a frequent host to VMware-based workloads, like its European competitor, Colt. It is a proficient supplier that gained unwanted notoriety when Amazon expunged WikiLeaks servers from its facilities in December 2010 and WikiLeaks relocated to OVH.com servers in Europe. OVH.com didn't seek WikiLeaks business but announced it would honor its contract rather than give in to pressure, Klaba said.
OVH.com in the UK was also the home of two BitCoin providers, whose servers were compromised last April. The random number generation of its security algorithm wasn't as powerful as it might have been, and the passwords were broken by a brute force attack.
Nevertheless, OVH is a leading-edge supplier with an ability to extend its services beyond Europe. With concerns mounting over NSA snooping among major web service suppliers, such as Microsoft and Google in the US, it may be positioned for a long-term expansion.
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Cybersecurity Strategies for the Digital EraAt its core, digital business relies on strong security practices. In addition, leveraging security intelligence and integrating security with operations and developer teams can help organizations push the boundaries of innovation.