How to choose an IaaS provider: 4 criteria you should pay attention to
According to Gartner, 45% of small organizations and 40% of large global companies are planning to move their business processes to the cloud over the next three years. And all of them, regardless of size, will have to decide which provider to choose.
Today we decided to tell, based on our experience and the experience of our customers, what aspects you should pay attention to when choosing a reliable IaaS-provider.
/ photo Kin Lane CC
')
Almost all failures in data centers are due to errors in the design, testing, maintenance or operation of the object. Therefore, when choosing a supplier, you need to pay attention not only to the available basic characteristics of virtual servers. It is important to assess the infrastructure of the provider, its reliability.
Traveling through data centers and independently checking all aspects is very labor-intensive. Therefore, the most affordable way to verify an IaaS provider is to make sure that certification is available.
The standard classification of the Uptime Institute data center is a tier system of data center performance indicators (from Tier I to Tier IV). Since the 1990s, it has been the industry benchmark for providers and a sign of proper design and implementation of data center systems.
It estimates such parameters as duplication of critical systems, fault tolerance, availability of backup components, etc. For example, a data center with cooling supply redundancy, in which if one of the existing air-conditioning units fails, the device must be replaced with a spare one, it will be classified as Tier II.
A higher class, Tier III or Tier IV, will receive a data center to which the backup will be automatically connected in the event of a cooling system failure. Therefore, such data centers support parallel repair, which increases the level of availability of services.
The “IT-GRAD” cloud is located in Tier III certified data centers. All engineering systems have been duplicated here and there are several power distribution channels. For example, in the Moscow DataSpace data center, power is backed up using the N + 1 scheme.
However, we must understand that the classification of data centers on the UI system is not built on the principle “from the worst to the best.” The main task of the data center and provider is to provide quality service for the business, to solve its problem. That is, correspond in terms of objectives and scale. Therefore, small enterprises, for which the presence of redundant systems is uncritical, are quite suitable for a data center with a basic Tier I or Tier II level with redundant components.
Larger companies for which simple infrastructure is undesirable even for a short time should pay attention to data centers with a confirmed Tier III class (for such data centers, the allowable downtime is about 1.6 hours per year).
If we talk about certificates such as Tier +, we recommend that you treat them more carefully. In the official standard UI, these advantages are not fixed. However, this does not prevent many companies from adding commercial offers to the class designation. Plus says that, perhaps, one of the infrastructure elements is made according to a more reliable scheme, but it has almost no effect on its operation and fault tolerance. As a buyer, this does not give you big advantages, and the price of the offer usually increases in such cases.
In addition to the UI certificate, you should also pay attention to the physical security of the data center perimeter. One of the most hard-to-reach data centers in the world is the Visa (Tier IV UI standardization) site. The data center is surrounded by a drainage pond, which serves as a pit. To gain access to the data center premises, employees have to put a finger on the sensors at each door so that the system reads biometric data.
In most cases, of course, you should not strive for maximum security. However, there are three points that need to be taken into account: bandwidth, surveillance cameras, protected "cells" for server racks.
For example, the data center Xelent, in which part of the IT-GRAD cloud infrastructure is deployed in St. Petersburg, has an access control system (ACS). Visitors and vehicles are subject to mandatory registration and verification on the territory of the data center.
The territory itself is equipped with two hundred surveillance cameras, and the monitoring system includes 5 security perimeters. IT-GRAD servers are under the “supervision” of cameras around the clock. In this case, all racks are located in a separate room, protected by high-strength gratings and inaccessible to outsiders.
After verifying the reliability and security of the data center provider, it is important to evaluate the service level agreement ( SLA ), which should ensure that pre-specified requirements are met. It prescribes quantitative indicators of measuring the quality of service ( QoS ). For example, availability, response time and network bandwidth.
The standards prescribed in ISO / IEC 19086 can be a good starting point for studying. You can also read the recommendations provided by the National Institute of Standards and Technology ( NIST ).
And then we briefly summarize a few points that special attention should be paid to the SLA:
As part of the signed SLA, the supplier is responsible for downtime, breakdowns, the consequences of planned work and emergency situations. And in this case, it must promptly respond to all failures and restore the infrastructure to work. To make sure of this, you should evaluate the work of technical support (hours of operation, what tools it uses) and the availability of additional services responsible for data integrity (in particular, backup systems).
For example, in IT-GRAD, technical support works around the clock without holidays and weekends. We use the ITILv3 methodology and ITSM / MOF practices, as well as the IaaS resource-service model in conjunction with the monitoring system into which the ServiceNow ITSM system is integrated. All this gives a more detailed assessment of the quality of infrastructure work.
/ photo Dennis van Zuijlekom CC
As for emergency situations, many IaaS providers, as already noted, offer a backup service for data protection. Providers often provide such services in the BaaS format, which helps companies to minimize costs (including specialized hardware devices).
For example, for working with backups, IT-GRAD clients receive special agent distribution kits for backing up data from required applications. If the customer has his own equipment that can be used to store backups, we offer a hybrid backup model that allows you to reduce backup windows and recovery time. At the same time, if a client uses NetApp storage , it has the ability to configure data backup as often as necessary. We explained how to restore corporate data using NetApp SnapCenter, in one of our materials .
Let's sum up what was said about choosing an IaaS provider:
PS What else do we write in the First blog about corporate IaaS:
PPS Fresh posts from our blog on Habré:
Today we decided to tell, based on our experience and the experience of our customers, what aspects you should pay attention to when choosing a reliable IaaS-provider.
/ photo Kin Lane CC
')
We look at Tier
Almost all failures in data centers are due to errors in the design, testing, maintenance or operation of the object. Therefore, when choosing a supplier, you need to pay attention not only to the available basic characteristics of virtual servers. It is important to assess the infrastructure of the provider, its reliability.
Traveling through data centers and independently checking all aspects is very labor-intensive. Therefore, the most affordable way to verify an IaaS provider is to make sure that certification is available.
The standard classification of the Uptime Institute data center is a tier system of data center performance indicators (from Tier I to Tier IV). Since the 1990s, it has been the industry benchmark for providers and a sign of proper design and implementation of data center systems.
It estimates such parameters as duplication of critical systems, fault tolerance, availability of backup components, etc. For example, a data center with cooling supply redundancy, in which if one of the existing air-conditioning units fails, the device must be replaced with a spare one, it will be classified as Tier II.
A higher class, Tier III or Tier IV, will receive a data center to which the backup will be automatically connected in the event of a cooling system failure. Therefore, such data centers support parallel repair, which increases the level of availability of services.
The “IT-GRAD” cloud is located in Tier III certified data centers. All engineering systems have been duplicated here and there are several power distribution channels. For example, in the Moscow DataSpace data center, power is backed up using the N + 1 scheme.
However, we must understand that the classification of data centers on the UI system is not built on the principle “from the worst to the best.” The main task of the data center and provider is to provide quality service for the business, to solve its problem. That is, correspond in terms of objectives and scale. Therefore, small enterprises, for which the presence of redundant systems is uncritical, are quite suitable for a data center with a basic Tier I or Tier II level with redundant components.
Larger companies for which simple infrastructure is undesirable even for a short time should pay attention to data centers with a confirmed Tier III class (for such data centers, the allowable downtime is about 1.6 hours per year).
If we talk about certificates such as Tier +, we recommend that you treat them more carefully. In the official standard UI, these advantages are not fixed. However, this does not prevent many companies from adding commercial offers to the class designation. Plus says that, perhaps, one of the infrastructure elements is made according to a more reliable scheme, but it has almost no effect on its operation and fault tolerance. As a buyer, this does not give you big advantages, and the price of the offer usually increases in such cases.
Evaluate the physical security of the data center
In addition to the UI certificate, you should also pay attention to the physical security of the data center perimeter. One of the most hard-to-reach data centers in the world is the Visa (Tier IV UI standardization) site. The data center is surrounded by a drainage pond, which serves as a pit. To gain access to the data center premises, employees have to put a finger on the sensors at each door so that the system reads biometric data.
In most cases, of course, you should not strive for maximum security. However, there are three points that need to be taken into account: bandwidth, surveillance cameras, protected "cells" for server racks.
For example, the data center Xelent, in which part of the IT-GRAD cloud infrastructure is deployed in St. Petersburg, has an access control system (ACS). Visitors and vehicles are subject to mandatory registration and verification on the territory of the data center.
The territory itself is equipped with two hundred surveillance cameras, and the monitoring system includes 5 security perimeters. IT-GRAD servers are under the “supervision” of cameras around the clock. In this case, all racks are located in a separate room, protected by high-strength gratings and inaccessible to outsiders.
Pitfalls SLA
After verifying the reliability and security of the data center provider, it is important to evaluate the service level agreement ( SLA ), which should ensure that pre-specified requirements are met. It prescribes quantitative indicators of measuring the quality of service ( QoS ). For example, availability, response time and network bandwidth.
The standards prescribed in ISO / IEC 19086 can be a good starting point for studying. You can also read the recommendations provided by the National Institute of Standards and Technology ( NIST ).
And then we briefly summarize a few points that special attention should be paid to the SLA:
- When assessing the level of service availability, do not forget to check the time period in order not to get a conditional idle time per month, rather than several minutes per year. Also check the agreed service uptime (SVR) - a provider, for example, can guarantee the availability of 99.95% applications only from 8 am to 10 pm on workdays;
- Exceptions and exemptions are the clause in which the conditions are set that exempt the supplier from his duties. This may include a sub-clause stating that the provider is not liable if the malfunction caused the software installed by the client independently;
- Examine the SLA-defined values ​​for quality measures of accessibility, such as mean recovery time ( MTTR ) and mean time between failures ( MTBF );
- Check with the IaaS provider where its area of ​​responsibility ends when there are network delays or packet losses, in case of problems with the network, contact your Internet provider promptly;
- Estimate the size and rules for the provision of monetary compensation for non-compliance with the terms of service. Including in the case of hacking and obtaining information of the company by third parties.
We evaluate the work of technical support and add. services
As part of the signed SLA, the supplier is responsible for downtime, breakdowns, the consequences of planned work and emergency situations. And in this case, it must promptly respond to all failures and restore the infrastructure to work. To make sure of this, you should evaluate the work of technical support (hours of operation, what tools it uses) and the availability of additional services responsible for data integrity (in particular, backup systems).
For example, in IT-GRAD, technical support works around the clock without holidays and weekends. We use the ITILv3 methodology and ITSM / MOF practices, as well as the IaaS resource-service model in conjunction with the monitoring system into which the ServiceNow ITSM system is integrated. All this gives a more detailed assessment of the quality of infrastructure work.
/ photo Dennis van Zuijlekom CC
As for emergency situations, many IaaS providers, as already noted, offer a backup service for data protection. Providers often provide such services in the BaaS format, which helps companies to minimize costs (including specialized hardware devices).
For example, for working with backups, IT-GRAD clients receive special agent distribution kits for backing up data from required applications. If the customer has his own equipment that can be used to store backups, we offer a hybrid backup model that allows you to reduce backup windows and recovery time. At the same time, if a client uses NetApp storage , it has the ability to configure data backup as often as necessary. We explained how to restore corporate data using NetApp SnapCenter, in one of our materials .
Let's sum up
Let's sum up what was said about choosing an IaaS provider:
- The data center offered by the IaaS provider for cloud deployment must be certified in accordance with the requirements of fault tolerance according to the international system UI (classes from Tier I to Tier IV). At the same time, one should be careful with the “+” sign next to the data center class. Such a designation is absent in the standard classification, it does little, but may be the cause of the price cheat;
- When checking the physical reliability of the site, special attention should be paid to three points: access control, surveillance cameras, the location of racks;
- SLA must guarantee the level of availability of services and the procedure for monetary compensation in case of non-compliance with the terms of service provision. You also need the configuration of the virtual infrastructure to meet your needs;
- Pay attention to the availability and working conditions of additional services. For example, a backup service can serve as a guarantee against failures and loss of information.
PS What else do we write in the First blog about corporate IaaS:
- Distributed firewall in vCloud Director 8.20: solution features
- 9 useful tips for a smooth transition to the cloud
- IaaS: First steps after renting cloud infrastructure
PPS Fresh posts from our blog on Habré:
Source: https://habr.com/ru/post/359407/
All Articles