Your Data in the Cloud

Posted on21/10/2010 par

The main goal of cloud computing is to deliver IT infrastructure as a service, i.e. to supply computational resources as if they were electricity or water. Amazon Web Services (AWS) is one of the companies committed to this goal.

However, a provider’s commitment to the goal of cloud computing doesn’t mean that your data is safe in that particular cloud. Notably, the elements listed bellow could lead to damaging data losses :

  • Human mistakes : we believe this risk to be more important with AWS than with a standard hosting solution. For example, you could easily stop an instance whose root device is instance-store, which would lead to a complete system deletion. Terminating by mistake an ongoing instance with the AWS management console is, in our opinion, too easy. However, AWS Identity and Access Management (IAM) (still in Beta) could assuage some of those problems.
  • Server security weakness : in AWS, as the server used for computation purposes is the one you are building; you are thus accountable for its security. Note that Amazon does provide some advice to prevent your server and your data from being compromised.
  • Application vulnerabilities : Unexpected bugs could lead to data modification / deletion.

Amazon’s great SLA is about delivering computation, network, storage… not data security nor backup plans. Explicit backup strategies should be designed if you do not want your cloud experience to become a stormy one.

The two following posts will review the OS backup strategies that can be used easily with Amazon Elastic Compute Cloud (EC2). There are currently two different root devices for EC2 images, also called Amazon Machine Images (AMI) :

  • EBS backed AMI : where the root device is stored in Elastic Block Store (EBS).
  • instance-store : (also called S3 backed AMI)where the root device is copied locally over the machines that launch it.

EBS is destined to replace instance-store. Instances on that root device are quicker to start, can be a hundred times bigger (1 TB), can be stopped and restarted later (ie persist). They are also more expensive.

In both cases the backup strategy consists in creating an image or a snapshot of your system and save it on the Amazon Simple Storage Service (Amazon S3). Nevertheless, we will see that the tools used to perform this operation differ depending on the instance root device you are using.

No Comments »

No comments yet.

Leave a comment

We do not sell the e-mail addresses we collect.