Showing results for 
Search instead for 
Did you mean: 
Create Post

Cloud in practice. Practical cloud experiences from IT pros to IT pros

Level 12

Cloud Dollars.png

The Cloud! The Cloud! Take us to the Cloud it’s cheaper than on-premises, why? Because someone in marketing told me so!  No, but seriously. Cloud is a great fit for a lot of organizations, a lot of applications, a lot of a lot of things! But just spitting ‘Cloud’ into the wind doesn’t make it happen, nor does it always make it a good idea.   But hey, I’m not here to put Cloud down (I believe that’s called Fog) nor am I going to tout it unless it’s a good fit.   However, I will share some experiences, and hopefully you’ll share your own because this has been a particular area of interest lately, at least with me but I’m weird about things like deep tech and cost benefit models.

The example I’ll share is one which is particularly dear to my heart. It’s dear because It’s about a Domain Controller!   Domain Controllers are for all intents and purposes, machines which typically MUST remain on at all times, yet don’t necessarily require a large amount of resources.  So when you compare a domain controller running On-Premises let’s say as a Virtual Machine in your infrastructure it carries with it an arbitrary cost aggregated and then taken as a percentage of the cost of your Infrastructure, Licensing, allocated resources, and O&M Maintenance cost for Power/HVAC and other.   So how much does a Domain Controller running as a Virtual Machine run inside your data center? If you were not to say, “It Depends” I might be inclined not to believe you, unless you do detailed charge back for your customers.

Yet, we’ve stood up that very same virtual machine inside of Azure, let’s say a standard Single Core, Minimal memory A1-Standard instance to act as our Domain Controller.   Microsoft Azure pricing for our purposes was pretty much on the button, coming in at around ~$65 per month.   Which isn’t too bad, I always like to look at 3 years at a minimum for the sustainable life of a VM just to contrast it to the cost of on-premises assets and depreciation.   So while $65 a month sounds pretty sweet, or ~$2340 over three years I have to also consider other costs which I might not normally be looking at.  Egress network bandwidth, Cost of backup (Let’s say I use Azure backup, that adds another $10 a month, so what’s another $360 for this one VM)

The cost benefits can absolutely be there if I am under or over a particular threshold, or if my workloads are historically more sporadic and less ‘always-on, always-running’ kind of services.

An example of this, is we have a workload which normally takes LOTS of resources and LOTS of cores and runs until it finishes.   We don’t have to run it too often (Quarterly) and allocating those resources, obtaining the assets while great, they’re not used every single day.   So we spin up a bunch of Compute or GPU Optimized jobs and when it might have taken days or weeks in the past we can get it done in hours or days, which means we get results and we release the resources once we get our data dumped out.

Certain workloads will tend to be more advantageous to others to be kept on-premises or hosted exclusively in the cloud, whether sporadically or all the time.   That really comes down to what matters to you, your IT and your support organization.

This is where I’m hoping you my fellow IT Pros can share your experiences (Good, Bad, Ugly) about workloads you have moved to the Clouds, I’m preferable to an Azure, Google or Amazon as they’ve really driven things down to a commoditized goods and battle amongst themselves, whereas an ATT, RackSpace, and other ‘hosted’ facility type cloud can skew the costs or benefits when contrasted to the “Big Three”

So what has worked well for you, what have you loved and hated about it. How much has it cost you? Have you done a full shift taking ALL your workload to a particular cloud or Clouds. Have you said ‘no more!’ and taken workloads OFF the Cloud back On-Premises? Share your experiences so that we may all learn!

P.S., We had a set of Workloads hosted Off-Premises in Azure which were brought wholly back in house as the high performance yet persistent always-on nature of the workloads was costing 3x-4x more than if we had simply bought the Infrastructure and hosted it internally. (Not every workload will be a winner )

Thanks guys and look forward to hearing your stories!


Interesting experiences you us something more to think about.

Level 13

so what happens when your internet goes down?

Level 21

When most people think of cloud they think of hyper-scalers such as Azure, Google and Amazon; however, those are not a one-top-shop solution and you still really need to know what you are doing to leverage those.  We are a hosting provider and we specialize in designing, building and supporting hybrid environments targeted for each clients specific needs.  We have partnered with Microsoft as a COSN partner to be able to build hybrid in to Azure.

What we have found is that for most clients the hyper-scalers only makes sense for specific use cases in terms of cost, complexity, flexibility and performance.

Level 12

It is definitely something which needs to be thought about and how it impacts near term and long term vs seeing the short term 'wow, it's only this much per month!' without realizing what the cost is over the life of a service or application (some applications or services never having a sunset)

Level 12

Are you saying in regards to the Domain Controller or just in general? 

In the case of the domain controller, you treat that like what would happen at a remote site which for whatever reason loses access to its DC.  It looks for an alternate route or you lose access period.    All services which live in the Cloud using a Cloud DC would continue to operate. And all services living at a remote site using a local DC would use that DC.  It's essential that you have multiple/redundant options, including in that multiple paths of access to your services.   Including standard Broadband, LTE and whatever your normal cost carrier access to your remote datacenter or Cloud service.

All of that said, what do you do when a massive DDoS hits (like it did a few weeks back, which impacted DNS services to Twitter, Spotify and other services?) In those situations, you do nothing and you're down. So you build as many options as you can afford to make your environment more reliable and resilient, especially if you're looking at an off-premises solution.

Hopefully that addressed your question or you didn't have a completely different direction by what you asked.

Level 13

We've got poor internet access in a lot of our offices here in the is not unusual for them to be down for a day or two while techs get dispatched...

Level 12

That's a great point and I've been in those situations myself.

We've had people say, "Let's consolidate data center operations" and they actually tried that for remote sites like that.

Those sites would go down. We then came back and said, "Hey, why did you consolidate these sites which have poor connections" and then turned it back to on-premises gear so as to not let this happen.

That's absolutely a use-case that shouldn't be under-valued that some sites NEED to have equipment at them because outages do happen.

Level 20

Considering that netflix and many other huge sites run off of the big three... it's probably nice for a lot of people.  I know many games are hosted out of AWS too.  Our workloads must remain in our own private cloud for the most part because of what they are but I can now see some limited less sensitive workloads being vMotioned out one day.


It would be interesting to see what a small server hosted in the cloud would run....

I've got a few pet projects I'd like to experiment with but don't have a spare server at home to work with and would like to keep it separate from my home network in general.

I can see a market for small installations as such....

We have a new large computing workload coming into production in the next year. Its the kind of workload that goes from very big, up to stupid and insanely large. The only upside is its predictable. If we do X, we need Y.  We priced out MS Azure, Google, Amazon and running it our data center for the first 3 years based on today's prices. If running at on premises equals 100% cost, MS and google were at 94% and 96% respectively, and Amazon was 138%.

That is not what I was expecting.

Now going forward running it local might get a little cheaper after 3 years, but at some point we need to replenish hardware. We also know that today's cloud prices will likely drop over time. But how you pay for it matters, is it an operating cost or a capital expense? Most places like operating costs, we don't. We like capital costs. Costs that aren't reoccurring. (A children's hospital gets lots of one time funding.)

All of this means that just looking at the cost to do the computing cloud is not always the best. Ironically, we will likely go with Amazon. The work we need to do was written in a way that the implementation and on going application maintenance costs are significantly less there than anywhere else.

Its getting harder and harder to make the smart choice.

Cloud-based availability and security issues have not been resolved to my satisfaction.

The Cloud provider must:

  • Prove your resources within their facility remain highly available.  Six 9's is not unreasonable to demand--it's your business, and can your business survive without domain controllers?
  • Be secure to the point of Six 9's.  Again, you've lost physical control of your domain controllers by placing them in the cloud.  What can you do without them?  If nothing, you must add costs for a resilient and highly-available solution to cover your business needs when your Cloud-based DC's become unavailable for any reason.
  • Allow you to monitor availability, errors, performance, etc. just as you would your own internal DC's.  Without that monitoring, reporting, and alerting, how can you be proactive or predictive?
  • Insure your access and HA uptime to your Cloud-based DC's by providing you SLA's that have teeth in them.  Penalties for loss of access, for security breaches, for any outage whatsoever, must be in play, and they must be large enough penalties to cover your losses while ensuring the Cloud provider will take your data and its secure access by authorized entities seriously.
  • Provide for full reporting of security events, allow security probing and testing, and must support those security tests from points that are both inside AND outside the Cloud provider's environment.

Asking us to trust someone's word that their Cloud is highly available AND secure--well, that's asking a LOT.


The most important part of cloud is six 9's of availability, and that factors in a requirement of HA. This also means that people like Microsoft are not even vaguely close to six 9's, either - without investing a similar amount to what a company would invest to simply implement a private cloud on their own. Remember they've had service outages and times where a specific farm is interrupted which also means nobody can move their environment out of that farm or spin it up somewhere else (without paying an arm and a leg).


Smoke and mirrors, clouds and is the appearance (marketing) of one thing while in the end pretty much the same thing but under someone else's control.

Level 14

Still not a fan of giving up control. 

About the Author
Founder at Remedy8 Security, Technology Evangelist, vExpert, EMC Elect, BDA, CISSP, MCT, Cloud, Ninja, Vegan, Father, Cat, Humorist, Author