Cloud Price Wars Part 2 - Rise of the Midsize Cloud

As Gartner analyst Lydia Leong pointed out after the first Cloud Price Wars blog, Rackspace just isn’t close to competing with the public cloud giants of Amazon AWS, Microsoft Azure, or Google GCE. The first blog focused on the recent price cuts from top clouds, which put the squeeze on mid-sized cloud offerings from Rackspace, Dimension Data, IBM Softlayer, HP, and regional or specialty clouds.

In a well written look at the competition, Christopher Mims writes “if Amazon’s entire public cloud were a single computer, it would have five times more capacity than those of its next biggest 14 competitors—including Google—combined.”   And it might be closer to 2-3x the capacity of the next 14 competitors combined.  The point is Amazon is still leading the large public cloud market. Google, Microsoft, IBM, and other large firms will throw money at the problem, but what about everyone else? While the big guys duke it out over how low prices can go, what are mid-size and small players to do? How can they stay relevant without losing their shirts?

With the strong customer push for cloud services, the mid-level providers (CSPs), colocation firms, and telecoms looking to get into the cloud market must rapidly adapt to offer something unique to customers.

I'll look what I think are 3 viable strategies for this section of the cloud provider market:
  • Offer differentiated features such as multi-cloud hybrid networking
  • Specialize by industry, compliance standard, region, or special interest
  • Present different prices and/or features
New and better features
As the cloud IaaS market becomes more crowded and competitive, the greater value-add starts moving up the compute stack encroaching on the area usually labeled PaaS.  This shouldn't be interpreted as every small cloud should become a Beanstalk competitor.  Instead the opportunity is to focus on a specific component of IaaS cloud and make it a platform.  The obvious place to start, in my mind, is the network.  Most CSP  do virtual compute and storage well but fall short when it comes to the network. 

The networks CSPs offer to their customers are rarely virtualized, instead just mapping to the underlying physical network.  The first vendors to allow to build a interoperable cloud network will likely attract more enterprise-side customers. For example, enhanced cloud networking can enable protocols denied by competitors, such as multicast.  Offering unique features, such as multicast, can differentiate CSPs entering the cloud marketplace.  Additionally adding high value (see high margin) network services like VPN as a Service and VPC as a Service createssavings for both customers and providers, and accelerate a CSP’s market position.

Horses for courses
One of our CEO’s favorite expressions is “horses for courses” - a British phrase that suggests there is some benefit for specializing.  A horse that runs well on a dirt track might not run well on grass, while a race horse might not race well on longer courses.  In the "cloud stable," the mid-sized cloud providers might actually benefit from specializing based on industry and compliance areas.

There are many enterprise  customers and use cases with solutions looking for perfect fit with a specific cloud provider.  US-based Healthcare firms seeking to meet HIPAA compliance, merchants who must provide proof of secure credit card transactions, and NSA-wary European firms are all looking for a cloud provider with special features beyond what any of the large providers currently offers. There is no definitive “healthcare cloud” or PCI approved provider yet, and a mid-market cloud like Dimension Data or Elastic Host could pivot to go from a cloud generalist also-ran to industry specific linchpin.

Similarly, there is an argument for regional clouds as well.  European firms need to adhere to EU regulations around geographic data residency.  Sprinkle in the post-Snowden worries about NSA leaked data or data centers on foreign soil would like jump at the chance to have a geographically central cloud.  One report estimates the U.S. cloud computing providers might lose $21.5 billion over the next three years - and that loss can go directly to a European provider if they position themselves correctly.  

European cloud providers ElasticHosts, CloudSigma, Interoute, and smaller players are all vying to be the AWS of Europe.  With Germany’s strong feelings about data security, a DeutscheCloud could be a logical solution.  What if European IaaS firms formed a consortium to create a viable EU cloud built on all of the participants’ resources? If the airline alliances can work together to share flights and expand travelers’ frequent flier miles, maybe a European cloud alliance can compete with US based cloud providers.

GreenQloud has also found their niche with their 100% renewable geothermal and hydropower powered data centers in Iceland. For customers with the solid commitment to reduce carbon, GreenQloud is the only cloud competing on the green platform. There are probably more special interest areas out there beyond just industry, region, or ethos as well.

Rethink pricing - from tables to matrix
Cloud is not the only industry to lack true pricing and service comparison - wireless providers with “family”, “unlimited mobile data”, and “true nationwide” plans are impossible to sort by feature alone.  CSPs allocate and provision resources differently from one another and don't publish performance information for prospective cloud users to compare.  This adds to the confusion around what cloud specific terms mean for the performance of an application deployment (see AWS ECU vs GCE vCPU).  Where are the cloud brokers the analysts have been promising for the last few years?  Give me CloudComparisonMatrix.com!

As AppZero CEO Greg O’Connor points out, cloud pricing is not following Moore’s Law in the same way that cloud infrastructure. The pricing model, dubbed “Bezos’s law,” tracks Amazon’s price cuts over the years. Mr. O’Connor writes  “over the history of cloud, a unit of computing power price is reduced by 50 percent approximately every three years.” After the recent cuts, the data prove that enterprises should switch to public cloud to save data center costs.

Enterprise-friendly comparisons for pricing and features can attract customers who hesitate to buy cloud resources by set amount. Richard Davies, CEO of ElasticHosts, got some recent buzz after he cheekily tweeted pundits and journalists with his firm’s new pricing “ElasticHosts launched unique containerized, usage-only cloud servers today - users pay for server load, not instance size.”

There is probably a considerable market demand for more specific pricing as well.  Users would react well to finer granularity pricing, where they can pay per minute instead of per hour.  The slow uptake of cloud might also point to the need for smaller image sizing for first deployments and very small use cases that only need a micro instance instead of an AWS small, medium or large.  I’d argue that this might also be contributing to the popularity of things like Docker, that allow for smaller size things in cloud.

Where will mid-level cloud providers shake out? We’re eagerly awaiting the Gartner Magic Quadrant on Cloud IaaS, due out in May.

Bleeding Heart for the Heartbleed

Source: http://xkcd.com/1354/
Thankfully VNS3 supported versions 2.7, 3.0, 3.01, 3.03, and 3.04 were not affected by the OpenSSL TLS heartbeat read overrun (CVE-2014-0160) better known now as the "Heartbleed."

I feel for all the providers whose products are/were compromised.

I feel for all the users who may have been negatively impacted.

I feel for the OpenSSL Software Foundation (OSF) team members who have contributed to the project.

I feel for all those who will now walk the long road ahead of rebuilding trust, rebuilding systems, and quantifying the potential damage caused by the OpenSSL Heartbleed.

The heartbeat bug and the disclosure timeline will prove to be quite a disruptive event in the consumer technology and enterprise IT markets.  More on that in a minute...


How did we escape this potential blood bath?

We, like most of the sane world, take advantage of open source software for use in our internal systems as well as in our product offering, VNS3 the cloud network appliance.  CohesiveFT extensively tests and vets all aspects of the VNS3 system before making a new version generally available.  Additionally we, like most of the responsible ISVs/service providers, take advantage of the downstream Linux providers' practice of just including fixes for security vulnerabilities in certain security libraries like OpenSSL.  The result of which is feature freeze on what we spent time and energy testing while still benefiting from the ongoing security patches coming out of the open source project.


I <3 Open Source and OpenSSL


Many are quick to blame open source or the guys (and possibly girls) behind the OpenSSL Software Foundation (OSF), this is wrong.  If you're one of those people, stop reading this blog, take a deep breath, and go pound sand.

Open source powers the world, it's a fact and we move on.  Moreover, open source projects are great places for security libraries to live.  The openness means vulnerabilities are more easily and quickly patched plus the transparency of the code means the projects' provenance is guaranteed and auditable.  If you're worried about big brother peaking into your secure systems, anything proprietary is likely already cracked and in many cases with the compensated help of the provider/vendor.

I don't defend all the choices of the guys at OSF, there are definitely some issues with their commercial plan (they're no RedHat).  But they fight the good fight and have provided a serious amount of value over the life of the project across all geographies.  Regardless of the fallout from this bug, we'll still be net positive as a result efforts as a whole.

It's ECON 3545-001 Environmental Economics at CU-Boulder all over again (yes, I'm a Buffalo).  The market has failed to assign appropriate value to the OpenSSL project.  There some some ridiculous estimates about OpenSSL market share (see apache and nginx) yet it's "4 guys and a dog" struggling to keep up with the code base and some commercial projects.  Unfortunately the weeks immediately following a major security hole disclosure isn't the best time to ask for $.  Maybe I'll followup with a post in a couple months to solicit corporate contributions to OSF.  (I am a OpenSSL contributor).


NFV can be Lifesaving Nitro*


What will be the nitroglycerin for old man Internet's recent heart attack?  The Heartbleed bug is real, the fallout is and will be real, the NSA is real and has been listening.  Now what?

It's time to apply what we've learned.  In the event VNS3 was affected by the bug, we could have built and delivered a new image (for all our supported public cloud and virtual environments) in a matter of hours.  Our customers would have simply swapped in the new image with total potential downtime limited to minutes, if any.  Wait what?  Yeah instance based NFV is the future for a number of reasons but let's focus on the fact that is software not hardware given the topic of conversation... Bugs.

Do some hardware providers really burn in OpenSSL in to their chips?  Maybe, but I hope not.  Bruce Schneier, a cybersecurity researcher and cryptographer, was recently quote in the Wall Street Journal seemed to think so when he said, "the upgrade path is going to involve a trash can, a credit card, and a trip to Best Buy."  That's a little sensationalist especially given that Cisco and Juniper are saying software patches will be out soon as opposed to saying new replacement hardware devices will be shipping in early Q2.  But the fact is customers are still waiting for some patches and the all clear.

Exploring the hypothetical is fun when you're sitting around a table with some whiskey and some buddies, but it's less useful when talking enterprise IT strategy.  Typically a real world event is needed to help us look at our decisions from a different point of view - enter the Heartbleed.   I argue that this type of exploit makes the case for running a tight, limited, high performance and isolated VMware stack in the corporate DMZ.  Just run a rack of vSphere with it's own dedicated set of switches. Run all your DMZ edge network devices as NFV appliances.  Make your DMZ a micro cloud.  If anything on the DMZ edge is compromised or vulnerable, the fact that it's an instance-based NFV appliance means it's quickly and easily replaced.  Turn on aes-ni support on the Intel chips (why public cloud don't do this already is straight silliness) running your DMZ micro cloud and you'll even have some nice savings on any encryption overhead. 

The bottom line is this - as an NFV vendor, I'm incentivized to get my customer new images.  Hardware vendors are "fire and forget."  The major difference is additional unit manufacturing cost (and delivery cost).  I as a virtual appliance vendor have a unit and delivery cost of $0 and that means every time I have a new version, I want to get it into my customer's hands ASAP.  Latest and greatest means I'm happy because my customers are happy keeping up with my new hotness.


*Added Bonus - NFV won't kill you if you're using Viagra


Ask a Cloud Networking Expert: Why is multicast disabled in the cloud? How can you re-enable UDP multicast?

Multicast: one to many
In networking, multicast is the delivery of a message or information to a group of computers simultaneously in a single transmission from the source.

IP multicast is a technique for one-to-many communication over IP infrastructure in a network.  Multicast uses network infrastructure efficiently by requiring the source to send a packet only once, even if it needs to be delivered to a large number of receivers.

The most common transport layer protocol to use multicast addressing is User Datagram Protocol (UDP).  UDP multicast is widely deployed in enterprises, commercial stock exchanges, and multimedia content delivery networks.  Multicast is mostly used in enterprises for service discovery.

A common use case of IP multicast is for applications used to create High Performance Computing Grids (HPC).  Another common use case is with call centre routing software, used to route a call to the next available agent.
\
So why is multicast disabled in public clouds?  
Sending one source pack to every host in the network it very “chatty.” Multicast scales to a larger receiver population by not requiring prior knowledge of who or how many receivers there are.   If you think about public cloud networks, you’re usually on a shared VLAN or LAN in a multi tenant environment.  Allowing a “chatty” protocol to span over the cloud network could have a serious impact on the performance of the cloud as a whole.  For this reason, multicast is usually disabled without an option to re-enable.

So it’s no wonder our customers and cloud partners such as AWS come to us and ask us for help with moving multicast applications to the cloud.

We solved the problem.
Our customers use VNS3 to create their own network which is overlaid on top of the cloud native network, this gives them back control with the added benefit of end to end encryption.  It also allows multicast traffic to pass thought the VNS3 network.  Here’s the details:

VNS3 re-enables multicast in cloud networks by creating its own sealed network, which is overlaid on top of the existing cloud network.  Think of it this way: you consume a server from AWS and it has an ETH0 network interface card (NIC), the IP on this NIC is assigned to you by AWS from either your private VLAN pool (VPC) or from the great un-washed shared VLANs (EC2 Classic).  This IP and NIC is connected to the AWS cloud network. It is at this point that an AWS firewall (somewhere) blocks the traffic from spanning the LANs looking for other hosts to discover.

By using a VNS3 overlay network, your instance is configured with a second virtual tunneled interface (TUN0), and this interface is logically connected the the VNS3 Manager.  In this respect, the VNS3 Manager becomes the host’s switch.  This tunneled VNS3 overlay interface is free from any AWS firewall conditions, because it is inside your control and inside the VNS3 sealed overlay network.

Attaching other servers to the the VNS3 Manager means that multicast packets can now flow from your first server through the VNS3 Manager and then on any other servers.  The same logic applies if your create any VPN connection to the VNS3 Manager, via IPsec or BGP.

Real customer examples.
So far we have gathered a wide and varied collection of customer use cases where the customer needed to use multicast applications in the cloud.  I think for me the most interesting is use case is HPC grid bursting, here’s a quick preview:


Source: this guy

Expert Profile


Name: Sam Mitchell
Title: Senior Solution Architect
Favorite Snack: Edamame
Credentials: As Senior Cloud Solutions Architect, Sam leads all technical elements of the sales cycle in the UK and internationally.  Sam runs demos, technical qualification, technical account management of proof of concepts, technical and competitive positioning, RFI/RFP responses and proposals.

Before CohesiveFT, Sam was a Cloud Solution Architect at  IBM Platform Computing. He was also a Lead Architect at SITA, where he headed up OSS BSS Architecture, Design and Deployment activities on SITA's cloud offerings.

Vote for VNS3 in 2 categories for the 2014 DCS Awards

Please Take a Moment to Vote for VNS3 for Security and Networking Product of the Year
Vote for VNS3 in Datacentre Solutions Awards: Datacentre ICT Security Product of the Year and Datacentre ICT Networking Product of the Year
CohesiveFT has been shortlisted for two Datacentre Solutions Awards: Datacentre ICT Security Product of the Year and Datacentre ICT Networking Product of the Year.
The security and networking category nominations highlight our virtual networking product’s versatility - See the customer use cases that got us nomiated. 
VNS3 helps enterprises regain control of security in any virtualized environment, including public clouds. Control data pathways and data encryption security with the VNS3 all-in-one network device. 
VNS3 is different from other SDN and NFV solutions by creating customer controlled overlay networks over top of underlying network backbones. Learn more & please vote!
Cheers,
The CohesiveFT Team

Cloud Price Wars

The race to $0 is heating up in the IaaS space

  • March 25th - Google fires the first salvo in the pricing wars at their Google Cloud Platform Live event by reducing GCE by 32% across all sizes, regions, and classes.
  • March 26th - AWS quickly responds by reducing EC2, S3, RDS, ElastiCache, and Elastic MapReduce pricing effective April 1st.
  • March 31st - Microsoft wants to play too and after renaming Windows Azure to Microsoft Azure, they are cutting prices on compute by up to 35% and storage by up to 65%.
Bingo. Bango. Bongo...  Hey Rackspace, where you at?

And this isn't the start of the price wars either.  Things started in 2012 and continued through 2013 (see RightScale's solid cloud price analysis for 2013).  The above is just the most reactive back-and-forth we've seen yet.

Is there margin at $0?

Fiduciary responsibility will govern the cloud providers' behavior over time.  Some might operate at a loss for a period, but if their margin doesn't rebound over time, their stock prices will drop.  Those in management making the negative margin decisions will be replaced.  At least that's the idea...

Source: finance.yahoo.com

So where is all this pass through savings coming from?  What's really reducing providers' cost to provide cloud:

  • Economies of scale, 
  • maturity in the technology, 
  • reduction in human cost to admin/monitor, and 
  • energy savings (bulk buy contracts, reduced heat and advances in data center cooling) 

It's interesting to bring in Moore's Law into the conversation as Google does in their pricing announcement.  Our CEO, Patrick Kerpan, and I were recently talking about this over burritos.  At some point the total data center square footage a particular provider has built out will be able to accommodate all future demand.  This assumes, of course, that the provider continues to utilize their data center space with the latest hardware to operate their cloud offering.

I am guessing that the 4 bigs in the market (AWS, Rackspace, Microsoft, and Google) all have an estimate of when that will happen, if it hasn't already passed.  That removes a significant source of cost when providing cloud services.  Couple that with the the other reductions in cost and path to cloud absolute zero starts to take shape.

This race to zero also creates a huge benefits to cloud users. Now someone else is spending their capital to chase Moore's Law for you.  This means cloud users stop spending capital on compute and storage which restructures what and how they spend on network hardware and bandwidth.

What does it mean for the smaller provider?

Unfortunately as the bigs continue to push the prices down on storage and compute, pressure to follow suit increases on the smaller cloud providers.  Their smaller size often prevents them from following the larger market peers lower and lower.  It's unfortunate because some of the smaller guys are doing the most interesting things in order to differentiate (industry and geographic targeting, application container virtual instances a la Docker, etc.).

So what's the little guy to do?  Try to position as premium targeted providers? Differentiate from what could be described at the big dumb commodity clouds?  Perhaps. I would say it's time for the smaller players to start talking about consolidation.  Dimension Data or HP is best positioned to gobble up some littles to solidify themselves as the 5th and perhaps last big cloud player.

What does it mean for everyone else?

Party time!... Responsible party time.  It means no one provider has the market power to drive price.  Also no one market leader has the power to regulate an ecosystem (see my AWS Bio-Dome post).  This would translate into lower costs, greater choice, and freedom from lock-in.  Yes, I just used the FUD buzz work lock-in. 

That's the good - but let's not get ahead of ourselves.  Price wars does not a commodity make.  There is still massive difference in basic cloud offerings both in fact and market perception.
  • Storage - persistent, ephemeral, vs ss
  • Instance sizes - while no human sin is unique each deployed application must need different server specs
  • Geo location - where is the big European cloud with multiple eu regions?
  • API - lets not get into a religious debate here
  • Network - to VLAN or not to VLAN
  • Network - what controls are offered to the user
  • Network - hybrid cloud connectivity options
  • Network - encryption and isolation choices
  • Network - ok I work at a network company...

The point is this is all a good thing.  The other large players in the IaaS market seem ready to finally challenge AWS in real time.  While its not pure competition, it's a start. The cloud market is finally catching up to the marketing.
Related Posts Plugin for WordPress, Blogger...