Multi-tenancy and bad landlords

So there’s been a lot of discussion about multi-tenancy recently and what it means for cloud providers and users. To put it simply: multi-tenancy is highly desirable to providers because they can provide a service or a platform (such as WordPress) and cram a kajillion users into it without having to constantly customize it, modify it or otherwise do much work to sell it individually. The reality is that whether or not users like multi-tenancy, the providers love it, so it’s here to stay.

So what happens when you have a bad, or just unlucky landlord? In the last few months has had a number of outages:

What Happened: We are still gathering details, but it appears an unscheduled change to a core router by one of our datacenter providers messed up our network in a way we haven’t experienced before, and broke the site. It also broke all the mechanisms for failover between our locations in San Antonio and Chicago. All of your data was safe and secure, we just couldn’t serve it.

And more recently:

If you tried to access TechCrunch any time in the last hour or so, you probably noticed that it wasn’t working at all. Instead, you were greeted by the overly cheery notice “ will be back in a minute!” Had we written that message ourselves, there would have been significantly more profanity.

So what can we do to support this leg (availability) of the A-I-C triad of information security?

I don’t honestly know. It’s such a service/provider specific issue (do they control DNS? do you control DNS? can you redirect to another provider with the same service who has a recent copy of your data? If you do so can you then export any updates/orders/etc. back to your original provider when they come back? etc.) that pretty much any answer you’ll get is useless unless it’s specifically tailored to that provider or service.

If you have an answer to this, please post it in the comments.

Backups and security for cloud applications

Backups, the thing we all love to hate, and hate to love. Recreating data is rarely cheap, especially if it involves detailed analysis and combination. So we back it up.

Take for example this blog, it’s based on WordPress; which is about as standard and supported as you can get for a blog. Backing up the entire blog isn’t that bad, just grab a copy of the database and you are mostly good to go, except for the minor things like custom web pages and CSS files. So what is one to do? Well the obvious thought is to outsource your cloud service backups to a cloud service backup service.

Update: Trend Micro appears to be getting in on the secure online backup thing.

Put your chauffeur on the upgrade treadmill

I don’t know if anyone here remembers the “Billion Dollar Brain” by Len Deighton. One scene that stuck with me is General Midwinter making his minion (a chauffeur or bodyguard, I can’t remember which) do his time on the exercise bike for him and asking “how many miles did we bike today?”

Wouldn’t it be great if we were all rich enough to hire someone to do the horrible chores that have to be done every day (or weekly) like exercising in order to keep our bodies fit?

This is one of the more appealing aspects of Software-as-a-service (SaaS). In fact this blog is a perfect example of upgrade and maintenance avoidance. Rather than hosting the blog in-house and having to maintain and upgrade WordPress every few weeks we decided to simply outsource it to Now there are some downsides; we can’t run all the plugins we’d like to (basically you get what WordPress gives you and you learn to like), but on the upside I will never have to upgrade a WordPress plugin or WordPress itself ever again (which is a security disaster waiting to happen as many have found out).