You are currently browsing the category archive for the ‘Cloud Computing’ category.

ALM (Application Lifecycle Management) means different things to different people, and these views are largely influenced by tool vendors. IBM users may bias their view of ALM to things that the Rational toolset is good at — say requirements traceability and Java-oriented modelling. Microsoft users may see ALM as being about using TFS (Team Foundation Server) — with Visual Studio integrated sprints, tasks and testing tools. Ruby developers may see ALM as being about distributed source control and behaviour driven development — such as using git and cucumber. (I say may because some of these toolsets and frameworks are very broad — more broad than most of their users are aware).

ALM is everything that is supported by those tools and frameworks — and more. Think, without referencing your favourite tools, about the lifecycle on an application. It starts off with an idea, hopefully gets developed and tested, is deployed to production, and supported and maintained for a few years until it is finally retired. Over that period there are a lot of people, processes, deliverables, expenses, plans and other things that need to be organised, utilised, directed, controlled, disposed of — well, managed, really. In that context pretty much everything is ALM.

Business have, over the years, generalised processes, made them more efficient, and developed specialised tools and skills. The application lifecycle that requires those processes would make use of the existing parts of the business. The obvious ones would be things like financial planning and control, human resources, risk and compliance, and project management. It may be contentious, especially with the public cloud, but established businesses have IT processes too — from operations and support, to capacity planning, security, and (enterprise) architecture. This starts narrowing the scope of what is left to deal with in understanding the ALM processes that are needed, as illustrated below:


In addition, certain technology choices limit how you can manage the application lifecycle. I hesitated making this point, as determining the technology can be part of ALM — but ultimately there will be things that are beyond control and processes that need to be included rather than adapted. If you are developing an app to be deployed on iOS, for example, you have little choice but to manage the deployment of (part of) the app according to Apple’s rules. There are also lower level constraints based on the environment and availability of development skills, at least for most projects. An application developed for Windows Azure in a .NET team is going to coded in Visual Studio, C#, and use the .NET Azure SDK — there is not much that you can do about it apart from completely changing the technology choices, which is not always practical. These technology constraints on being able to define ALM processes is illustrated in the diagram below:


When it comes to understanding the need for ALM on the cloud there are two different scenarios — one for established enterprises and one for startups. With enterprises, there may be a lot of processes and technologies that support application management, but they may be totally irrelevant in the cloud. For example, the existing capex-oriented financial modelling is useless when looking at a pay-per-use pricing model. Years of effort and experience on specific technologies, such as running Oracle databases in an on-premise datacentre, is less applicable for cloud applications. The diagram below depicts the reduced overlap between existing process and technology choices and cloud specific ALM processes:


At the other end of the scale are new business ventures that have few existing business processes and little in the way of fixed technology choices. This means that there is a lot of work to do in terms of defining the cloud specific ALM processes. In a lot of software-oriented startups the distinction between business processes and software processes barely exists because everybody is defining, building, supporting and selling the software itself — the software is the business. If it is a cloud-based software startup, virtually everything is about cloud ALM (and it is fine not to call it that). This lack of existing processes is depicted in the diagram below where the overlap of processes and tools are smaller simply because none exist yet:


The reason for failure (or muted success) of cloud applications has been, and will continue to be for the next few years, a lack of skills in designing, building and operating cloud applications. When looking at the problem in more detail, it is not that people are unskilled in general, they just don’t know how to adapt their skills to a new environment. When we looked at this problem last year, we felt that developing cloud specific skills is not about telling people “This is how you develop cloud applications”, but rather “You know how to develop applications, and this is what you need to do differently on the cloud”. The basis for this method of explaining is to assume application development skills and assume that the business already has some ALM processes (whether formal or not) and hooking into those skills and processes.

The result was a book that I wrote and published –  “CALM – Cloud Application Lifecycle Management”, which looks at what is different in the cloud from the context of various models. Some of these models deal with upfront processes, such as defining the usage lifecycles (lifecycle model). Some deal with overall processes, such as the cost model. Most deal with fundamental design decisions, such as the availability and data models. There are also models that are important to longer-term success of the application, such as the health and operational models.

CALM is licensed as open source, which also means that it is free to download, read and use. It is available on github at, with pdf, mobi (Kindle), and raw html available for download on this share. A print version of the book is also available for purchase on Lulu.

CALM forces implementation teams to ask and answer some difficult questions that are important to successful delivery. I encourage you to have a look at CALM, let others know about it, ask any questions, and give me some feedback on how it can be made better.

Simon Munro


As part of an availability model that I am working on, I got stuck right at the beginning when trying to find a definition that fits. So I went back to base principles to try and decompose what is meant by availability. This is a conceptual view, and separate from the measurement of availability (‘nines’ malarky). Have a look at it and give me some input so that I can refine it further.

Simon Munro


Availability is a term that is so widely used in different contexts that it is very difficult to define in a way that satisfies all audiences. At its most basic, availability is the ability of a system to provide the expected functionality to its users. The expected functionality means that the application needs to be responsive (not frustrating users by taking too long too respond), as well as being able to reliably be able to perform those functions. But that is not enough to understand the full story about availability.

Availability is simplistically viewed as binary — the application is either available at a point in time, or it is not. This leads to a misunderstanding of availability targets (the ‘nines of availability’), the approaches to improving availability and the ability of salespeople to sell availability snake oil off the shelf (see 100% availability offered by Rackspace).

Application availability is influenced by something and has a visible outcome for the consumer, as discussed below.

Availability outcomes

The outcome, or end result, of availability is more than just ‘the site is down’. What does ‘down’ mean? Is it really ‘down’ or is that just the (possibly valid) opinion a frustrated user (that is trying to capture an online claim after arriving late to work because they crashed their car)? The outcomes of availability are those behaviours that are perceived by the end users, as listed below.


The obvious visible indication of an unavailable application is one that indicates to the end user that something has failed and no amount of retrying on the users’ part makes it work. The phrase ‘is down’ is commonly used to describe this situation, which is an obvious statement about the users’ perception and understanding of the term ‘down’, rather than a reasonable indication of failure. The types of failure include,

  • Errors — where the application consistently gives errors. This is often seen on web applications where the chrome all works but the content has an error, or garbage.
  • Timeouts – an application that takes too long to respond may be seen as being ‘down’ by the user or even the browser or service that is calling it.
  • Missing resources – a ‘404 – Not found’ response code can have devastating effects on applications beyond missing image placeholders, missing scripts or style sheets can ‘down’ an application.
  • Not addressable – a DNS lookup error, a ‘destination host unreachable’ error and other network errors can create the perception that an application is unavailable regardless of its addressability from other points. This is particularly common for applications that don’t use http ports and network traffic gets refused by firewalls.

While it may be easy to determine that an application that is switched off is unavailable, what about one that performs badly? If, for example, a user executes a search and it takes a minute to respond, would the user consider the application to be available? Would the operators share the same view? Apdex (Application Performance Index) incorporates this concept and has an index that classifies application responsiveness into three categories, namely: Satisfied, Tolerating, and Frustrated. This can form a basis for developing a performance metric that can be understood, and also serves as a basis to acknowledge that in some cases we will experience degraded performance, but should not have too many frustrated users for long or critical periods.


In addition to features being snappy and responsive, users also expect that features can be used when they are needed and perform the actions that they expect. If, for example, an update on a social media platform posts immediately (it is responsive), but is not available for friends to see within a reasonable time, it may be considered unreliable.

Availability influencers

While the availability outcomes receive focus, simply focussing on outcomes, by saying “Don’t let the application go down”, fails to focus effort and energy on the parts of the application that ultimately influence availability. Some of these availability influencers are discussed below.


The most important, and often unconsidered, influence on availability is the quality of the underlying components of the system. Beyond buggy (or not) code, there is the quality of the network (including the users’ own device), the quality of the architecture, the quality of the testing, the quality of the development and operational processes, the quality of the data and many others. Applications that have a high level of quality, across all aspects of the system, will have higher availability — without availability being specifically addressed. An application hosted in a cheap data centre, with jumble of cheap hardware, running a website off a single php script thrown together by copying and pasting off forums by a part time student developer will have low availability — guaranteed.

Fault tolerance

Considering that any system is going to have failures at some point, the degree to which an application can handle faults determines its availability. For example, an application that handles database faults by failing over to another data source and retrying will be more available than one that reports an error.


If a frustratingly slow and unresponsive application can be considered to be unavailable (not responsive or reliable) and this responsiveness is due to high load on the application, then the ability to scale is an important part of keeping an application available. For example, a web server that is under such high load that it takes 20 seconds to return a result (unavailable) may be easily addressed by adding a bunch of web servers.


If a fault occurs and an application needs to be fixed, the time to recovery is an important part of availability. The maintainability of the application, primarily the code base, is a big part of the time that it takes to find, fix, test and redeploy a fixed defect. For example, applications that have no unit tests and large chunks of code that has not been touched in years wouldn’t be able to fix a problem quickly. This is because a large code base needs to be understood, impacts need to be understood and regression tests performed — turning a single line code change into days of delays in getting an important fix deployed.


Modern web based applications don’t have the luxury of downtime windows for planned maintenance that exist in internal enterprise applications (where planned maintenance frequently occurs on weekends). The ability of an application to have updates and enhancements deployed while the application is live and under load is an important aspect of availability. A robust and high quality application will have low availability if the entire system needs to be brought down for a few hours in order to roll out updates.


Assuming that things break, the speed at which they can be fixed is a key influencer of availability. The degree of recoverability in an application is largely up to the operational team (including support/maintenance developers and testers) to get things going again. The ability to diagnose the root cause of a problem in a panic free environment in order to take corrective action that is right the first time is a sign of a high level of operational maturity and hence recoverability.


If availability is measured in seconds of permissible downtime, only knowing that the application is unavailable because a user has complained takes valuable chunks out of the availability targets. There is the need not only for immediate detection of critical errors, but for the proactive monitoring of health in order to take corrective action before a potential problem takes down the application.

I am working with an SME customer at the moment that is big enough to have a high dependency on their website but not big enough to have an operational team available feeding and watering their systems all day, every day. This type of customer is not only common in the self-service cloud, but is the hottest, and probably biggest, target market.

So we’re building an AWS based system that has been architected, from the ground up to be loosely coupled, failure resilient and scalable. We have multiple load balanced and auto-scaled web servers across multiple availability zones. We have mongoDB replica sets across multiple machines and a hot-standby RDS MySQL database. We have Chef, with all its culinary nomenclature of recipes and knife telling all the servers what to do when they wake up. We have leant towards AWS services such as S3 and SQS because of their durability instead of trying to roll our own. We have engineered the system so that even if multiple failures occur that the solution will still serve requests until the next day when someone comes in and fixes things – much like a 747 can have multiple engine failures and still operate adequately without a need to repair or replace any of the engines while in flight.

In a nutshell, we have made all the right technical and architectural decisions to ensure that things will be as automated as possible and if something goes bump in the night, that there is no need to panic.

So we were asked what would happen if something did go horribly wrong at 3am? Something not even related to OS/hardware/network failure. Something not preventable through planned maintenance like disk space or suboptimal indexes. What about something that is the result of a bug in an edge case or bad data coming in over a feed? What do you do when something happens that your automated, decoupled, resilient and generally awesome system falls over for some unknown reason?

You call the person who can fix it.

Calling an expert to look at a problem is something that happens every day (or night) in data centres around the world, whether internal enterprise or public hosting services. Someone is sitting on night shift watching a bunch of blinking lights. When a light flashes orange he sends and email or a text message. When it flashes red he picks up the phone and, according to the script and the directory in front of him, calls the person who is able to fix or diagnose the problem. Apart from the general rudeness you may get when phoning someone up at 3am, the operator making the call can do so with confidence because that person is on call and the script says that they should be notified. If they can’t get hold of someone because they can’t hear their mobile in the nightclub at 3am, the operator is not at a loss as to what to do – the script has a whole host of names of supervisors, operational managers and backup people that are, according to the script, both interruptible and keen to deal with the matter at 3am.

If you are running your system on AWS (or any similar self-service public cloud infrastructure) you don’t have a moist robot who has the scripts or abilities to call people when things go wrong. Sure, you can send a gazillion alert emails, but nobody reads their email at 3am. Even if they do see the email or text message they may think that the other people on the distribution list are going to respond – so they turn over and go back to sleep.

You would think that it there is a business out there that will do this monitoring for you out of Bangalore or somewhere else where people to do monitoring are cheap. We want cheap people to do the monitoring because, by virtue of running on AWS, we are trying to do things as cheap as possible, so cheap is good. Granted, those people doing the monitoring won’t be able to restore and database and rerun transaction logs unsupervised at 3am, but we wouldn’t want them to and neither would we want that from our traditional hosting provider (because we are cheap, remember). So if we contracted in someone for first line support we would (at least) get people who have a script, a list of contact people, telephone and a friendly demeanour.

But what would those monitoring people offer that we can’t automate? Surely if they’re not doing much application diagnosis and repair then the tasks that they perform can be automated? What you get from moist robot monitoring, that you don’t get with automated alerts, is a case managed synchronous workflow. Synchronous because you pick up the phone and if no one answers you know to go to the next step; unlike emails where you don’t know if anyone has given it any attention. Workflow is the predefined series of steps to go through for each event. And case managed gives you the sense of ownership of a problem and the responsibility to do what you can (contacting people and escalating) in order to get it resolved.

But we’re engineers who like to automate things; surely even this can be automated?

Obviously there is an engineering solution to most things in life, and the Automated First Line Support system (AFLS) would look something like this…


You need some things to measure in order to pick up if something has gone wrong. This could be simple things that we are used to from something like Amazon CloudWatch which can monitor infrastructure level problems – cpu load, memory, io etc. You can also monitor generic application metrics such as those monitored by New Relic – page response times, application errors, requests per minute, cache hits, ISS application pool memory use, database query times and, in New Relic’s case, important metrics such as the overall Apdex on the system. You will also need to build custom metrics that are coded into the system. Say, for example, the system imported data; you could measure the number of rows imported per second. You can measure the number of failed login attempts, abandoned baskets, comments added; anything really that is important to the running of the system.


Once you are collecting a whole lot of data you need to be able to do something with it. Id’ be loath to talk about a “rules engine” but you would need some DSL (Domain Specific Language) to figure out how to trigger things. It gets tricky when you consider temporality (time) and other automated tasks. Consider a trigger that looks something like this

When Apdex drops below 0.7 and user load is above mean and an additional web server has already been added and the database response times are still good and we haven’t called anybody in the last ten minutes about some other trigger and this has continued for more than five minutes, then run workflow “ThingsAreFishy”

On Duty Schedule

Before any workflow runs you need to have a handle of who (as in real people) are on duty and can be called. This could be the primary support contact person, a backup, their supervisor, the operational manager and even, if all else fails, the business owner who can drive to someone’s house and get them out of bed. The schedule has to be maintained and accurate. You don’t want a call if you are off duty. A useful feature of the schedule would also be the ability to record who received callouts so that remuneration can be sorted out.

Voice Dialler and IVR System

You would need the AFLS to be able to make calls and talk to the person (possibly very slowly at 3am) and explain what the problem is. This is fairly easy to do and products and services exist that will translate your workflow steps and messages into voice. It would also be useful to have IVR acknowledgement prompts as well “Press 1 if you can deal with the problem… Press 2 if you want me to wake up Bob instead… Press 3 if you will look at it but are too drunk to accept responsibility for what happens”

“I’m Fixing” Mode

The AFLS will need to detect when it should not be raising triggers. If you are doing a 4am Sunday deployment (as the lowest usage period) and are bouncing boxes like ping-pong balls, the last thing you want is an automaton to phone up your bosses boss and tell him that all hell is breaking loose.

Host Platform Integration

Some triggers and progress data will need to come from the provider of the platform. If there is a major event in a particular data centre all hell may be breaking loose on your system as servers fail over to another data centre. Your AFLS will need to receive a “Don’t Panic. Yet.” message from the hosting providers’ system in order to adjust your triggers accordingly. There is no point in getting out of bed if the data centres router went down for three minutes and now, five minutes later, when you are barely awake, everything is fine.


All of this needs to hang together in an easy to use workflow system and GUI that allows steps and rules to be defined for each of your triggers. The main function of the workflow is not diagnosis or recovery, but bringing together the on-duty schedule and the voice dialler to get hold of the right person. It would also be great if workflows could be shared, published and even sold in a “Flow Store” (sorry Apple, I got it first) so that a library of workflows can be built up and tweaked by people either much smarter than you are or more specialised with specific triggers that you are monitoring.


The AFLS should cost a few (hundred maybe) dollars per server per month. None of that enterprise price list stuff will do.

Self Service

Like everything else that we are consuming on the public cloud, it needs to be easy to use and accessible via a web control panel.

Is anybody building one of these?

Obviously you don’t want to build something like this yourself; otherwise you land up with an Escheresque problem of not being able to monitor your monitor. Automated First Line Support (AFLS) needs to be build and operated by the public cloud providers such as Amazon, Google or Microsoft (Do you see, @jeffbarr, that I put an ‘A’ in the front so that you can claim it for Amazon). Although they may want someone from their channel to do it, you still need access to the internal system APIs to know about datacentre events taking place.

Unfortunately the likes of AWS and Google don’t have full coverage of metrics either and need something like New Relic to get the job done. Either New Relic should expose a broader API or they should get bought by Amazon; I’m for the latter because I’m a fan of both.

Regardless of who builds this, it has to be done. I’ve just picked up this idea from the aether and have only been thinking about the problem for a day or two. No doubt that somebody has given this a lot more attention than me and is getting further than a hand-wavey blog post. As the competitive market heats up, it is imperative that the mega public clouds like AWS, Azure and GAE, that traditionally don’t have monitoring services and aren’t used to dealing directly with end users do some sort of AFLS. If they don’t, the old school hosters that are getting cloudly, like Rackspace are going to have a differentiator that makes them attractive. Maybe not to technical people, but to the SME business manager who has to worry about who gets up at 3am.

Update: @billlap pointed out that PagerDuty does SMS and voice alerts on monitoring – looks like it does a lot of the stuff that is needed.

Simon Munro


An investigation triggered by the lack of support of spatial data in SQL Azure has left me with the (unconfirmed) opinion that although requested by customers, the support of spatial data in SQL Azure may not be good enough to handle the requirements of a scalable solution that has mapping functionality as a primary feature.

Update: SQL Azure now has spatial support. The arguments made in this post are still valid and use of spatial features in SQL Azure should be carefully considered.

I have been asked to investigate the viability of developing a greenfields application in Azure as an option to the currently proposed traditional hosting architecture.  The application is a high load, public facing, map enabled application and the ability to do spatial queries is on near the top of the list of absolute requirements.  The mapping of features from the traditionally hosted architecture is fine until reaching the point of SQL 2008’s spatial types and features which are unsupported under SQL Azure – triggering further investigation.

It would seem that the main reason why spatial features are not supported in SQL Azure is because those features make use of functions which run within SQLCLR, which is also unsupported in SQL Azure.  The lack of support for SQLCLR is understandable to a a degree due to how SQL Azure is setup – messing around with SQLCLR on multitenant databases could be a little tricky.

The one piece of good news is that some of the assemblies used by the spatial features in SQLCLR are available for .NET developers to use and are installed into the GAC on some distributions (R2 amongst them) and people have been able to successfully make use of spatial types using SQL originated/shared managed code libraries.  Johannes Kebeck, the Bing maps guru from MS in the UK, has blogged on making use of these assemblies and doing spatial oriented work in Azure.

So far, it seems like there may be a solution or workaround to the lack of spatial support in SQL Azure as some of the code can be written in C#.  However, further investigation reveals that those assembles are only the types and some mathematics surrounding them and the key part of the whole process, a spatial index, remains firmly locked away in SQL Server and the inability to query spatial data takes a lot of the goodness out of the solution.

No worries, one would think – all that you need to do is get some view into the roadmap of SQL Azure support for SQL 2008 functionality and you can plan or figure it out accordingly.  After all, the on the Microsoft initiated, supported and sanctioned SQL Azure User voice website, the feature ‘Support Spatial Data Types and SQLCLR’ comes out at a fairly high position five on the list with the insightful comment ‘Spatial in the cloud is the killer app for SQL Azure. Especially with the proliferation of personal GPS systems.’ The SQL Azure team could hardly ignore that observation and support – putting it somewhere up there on their product backlog.

When native support for spatial data in SQL Azure is planned is another matter entirely and those of us on the outside can only speculate.  You could ask Microsoft directly, indirectly or even try and get your nearest MVP really drunk and, when offered the choice between breaking their NDA and having compromising pictures put up on Facebook, will choose the former.

Update: You use your drunk MVP to try and glean other information as it was announced that SQL Azure will support spatial data in June 2010 and (see comments below).  This is not a solution to all geo-aware cloud applications, so I encourage you to read on.

I have n-th hand unsubstantiated news that the drastic improvements for spatial features in SQL 2008 R2 were made by taking some of the functionality out of SQLCLR functions and putting them directly into the SQL runtime which means that even a slightly deprecated version of SQL Azure based on R2, which I think is inevitable, would likely have better support for spatial data.

Update:  In the comments below, Ed Katibah from Microsoft, confirms that the spatial data support is provided by SQL CLR functionality and not part of the R2 runtime.

In assessing this project’s viability as an Azure solution, I needed to understand a little bit more about what was being sacrificed by not having SQL spatial support and am of the opinion that it is possibly a benefit.

Stepping back a bit, perhaps it is worthwhile trying to understand why SQL has support for spatial data in the first place.  After all, it only came in SQL 2008, mapping and other spatial applications have been around longer than that and, to be honest, I haven’t come across many solutions that use the functionality.  To me, SQL support of spatial data is BI Bling – you can, relatively cheaply (by throwing a table of co-ordinates against postal codes and mapping your organizations regions) have instant, cool looking, pivot tables, graphs, charts and other things that are useful in business.  In other words, the addition of spatial support adds a lot of value to existing data,  whose transactions do not really have a spatial angle.  The spatial result is a side effect of (say) the postal code, which is captured for delivery reasons rather than explicit BI benefits.

The ability to pimp up your sales reports with maps, while a great feature that will sell a lot of licences, probably belongs as a feature of SQL Server (rather than the reporting tool), I question the value of using SQL as the spatial engine for an application that has spatial functionality as a primary feature.  You only have to think about Google maps, streetview and directions with the sheer scale of the solution and the millions of lives it affects and ask yourself whether or not behind all the magic there is some great big SQL database serving up the data.  Without knowing or Googling the answer, I would suggest with 100% confidence that the answer is clearly ‘No’.

So getting back to my Azure viability assessment, I found myself asking the question.

If SQL Azure had spatial support, would I use it in an application where the primary UI and feature set is map and spatially oriented?

But before answering that I asked,

Would I propose an architecture that used SQL spatial features as the primary spatial data capability for a traditionally hosted application where the primary UI and feature set is map and spatially oriented?

The short answer to both questions is a tentative no.  Allow me to provide the longer answer.

The first thing to notice about spatial data is that things that you are interested in the location of don’t really move around much.  The directions from Nelsons Column to Westminster Abbey are not going to change much and neither are the points of interest along the way.  In business you have similar behaviour – customers delivery addresses don’t move around much and neither do your offices, staff and reporting regions.  The second thing about spatial data is the need to have indexes so that queries, such as the closest restaurants to a particular point, can be done against the data and spatial indexes solve this problem by providing tree like indexing in order to group together co-located points.  These indexes are multidimensional in nature and a bit more complex than the flatter indexes that we are used to with tabular data.

Because of the slow pace at which coastlines, rivers, mountains and large buildings move around, the need to have dynamically updated spatial data, and hence their indexes, is quite low.  So while algorithms exist to add data to spatial indexes, the cost of performing inserts is quite expensive, so in many cases indexes can be rebuilt from scratch whenever there is a bulk modification or insert of the underlying data.

So while SQL Server 2008 manages spatial indexes as with any other index, namely by updating the index when underlying data changes, I call into question the need for having such functionality for data that is going to seldom change.

If data has a low rate of change, spatial or not, it becomes a candidate for caching, and highly scalable websites have caching at the core of their solutions (or problems, depending on how much they have).  So if I were to scale out my solution, is it possible to cache the relatively static data and the spatial indexes into some other data store that is potentially distributed across many nodes of my network?  Unfortunately, unlike a simple structure like a table, the data within a spatial index (we are talking about the index here and not the underlying data) is wrapped up closely to the process or library that created it.  So, in the case of SQL Server, the spatial index is simply not accessible from anywhere other than SQL Server itself.  This means that I am unable to cache or distribute the spatial indexes unless I replicate the data to another SQL instance and rebuild the index on that instance.

So while I respect the functionality that SQL Server offers with spatial indexing, I question the value of having to access indexed data in SQL server just because it seems to be the most convenient place to access the required functionality (at least for a Microsoft biased developer).  If my application is map oriented (as opposed to BI bling), how can I be sure that I won’t run into a brick wall with SQL server with spatial indexes in particular.  SQL server is traditionally known as a bottleneck with any solution and putting my core functionality into that bottleneck, before I have even started and without much room to manoeuvre is a bit concerning.

I should be able to spin up spatial indexes wherever I want to and in a way that is optimal for a solution.  Perhaps I can have indexes that focus on the entire area at a high level and can generate lower level ones as required.  Maybe I can pre-populate some indexes for popular areas or if an event is going to take place in a certain area.  Maybe I am importing data points all of the time and don’t want SQL spending time churning indexes as data, which I am not interested in yet, is being imported.  Maybe I want to put indexes on my rich client so that the user has a lighting fast experience as they scratch around in a tiny little part of the world that interests them.

In short, maybe I want a degree of architectural and development control over my spatial data that is not provided my SQL’s monolithic approach to data.

This led me to investigating other ways of dealing with spatial data (generally), but more specifically spatial indexes.  Unsurprisingly there are a lot of algorithms and libraries out there that seem to have their roots in a C and Unix world.  The area of spatial indexing is not new and a number of algorithms have emerged as popular mechanisms to build spatial indexes.  The two most popular are R-Tree (think B-Tree for spatial data) and Quadtree (where a tree is built up by dividing areas into quadrants).

There is a wealth of information on these fairly well understood algorithms and event Microsoft’s own implementations do not fall far from these algorithms.  Bing maps uses ‘QuadKeys’ to index tiles, seemingly referring to the underlying Quadtree index.  (SQL Server is a bit different though, it uses a four level grid indexing mechanism that is non recursive and uses tessellation to set the granularity of the grid.)

So if all of this spatial data stuff is old hat, surely there are some libraries available for implementing your own spatial indexes in managed code?  It seems that there are some well used open source libraries and tools available.  Many commercial products and Sharpmap, an OSS GIS library, make use of NetTopologySuite, a direct port of the Java based JTS.  These libraries have a lot of spatial oriented functions, most of which only make vague sense to me, including a read only R-Tree implementation.

Also, while scratching around, I got the sense that Python has emerged as the spatial/GIS language of choice (it makes sense considering all those C academics started using Python).  It seems that there are a lot of Python libraries out there that are potentially useful within a .NET world using IronPython.

It is still early in my investigation, but I can’t help shaking the feeling that making use of SQL 2008 for spatial indexing because that is the only hammer that Microsoft provides is not necessarily the best solution.  This is based on the following observations:

  • Handling of spatial data is not new – it is actually a mature part of computer science.  In fact SQL server was pretty slow to implement spatial support.
  • An RDBMS like SQL or Oracle may be a good place to store data, but not necessarily the best place to have your indexes.  The SQL bias towards data consistency and availability are counter to the demands of spatial data and their indexes.
  • In order to develop a map oriented solution, a fine degree of control over spatial data may be required to deliver the required functionality at scale.

While I am not against OSS, evaluating libraries can be risky and difficult and I am stunned at the lack of support for spatial data in managed code coming out of Microsoft.  Microsoft needs to pay attention to the demand for support of spatial data for developers (not just database report writers).  The advent of always connected geo-aware mobile devices and their users’ familiarity with maps and satnav, will push the demand for applications that are supportive of geographic data.  It is not unlikely to picture the teenager demand for a map on their mobile devices that shows the real time location of their social network.

To support this impending demand, Microsoft needs to make spatial data a first class citizen of the .NET framework (system.spatial).  It wouldn’t take much, just get some engineers from SQL and Bing maps to talk to each other for a few weeks.  Microsoft, if you need some help with that, let me know.

In the meantime I will walk down the road of open source spatial libraries and let you know where that road leads.



On 1 February 2010, when Microsoft Azure officially goes into production, the CTP version will come to an end.  In an instant, thousands of Azure apps in some of the remotest corners of the Internet, built with individual enthusiasm and energy, will wink out of existence – like the dying stars of a discarded alternative universe.

Sadly, the only people that will notice are the individual developers who took to Azure, figured out the samples and put something, anything, out there on The Cloud and beamed like proud fathers and remembering their first Hello World console app.  For the first time we were able to point to a badly designed web page that was, both technically and philosophically, In The Cloud.  Even though the people that we showed barely gave it a second look (it is, after all, unremarkable on the surface) we left it up and running for all the world to see.

Now, Microsoft, returning to its core principles of being aggressively commercial, is taking away the Azure privilege and leaving the once enthusiastic developers feeling like petulant children the week after Easter – where the relaxing of the chocolate rations has come to an end.  Now, developers are being asked to put in their credit cards to make use of Azure – even the free one.  Now I don’t know about anyone else’s experiences, but in mine ‘free’ followed by ‘credit card details please’ smells like a honey trap.

So its not enough that we have to scramble up the learning curve of Azure, install the tools and figure things out all on our own time, we now also have to hand over our credit card details to a large multinational that has a business model that keeps consumers at an arms length, is intent on making money, and may give you a bill for an indeterminable amount of computing resources consumed – all for which you are personally liable.

Gulp! No thanks, I’ll keep my credit card to myself if you don’t mind.

The nature of Azure development up until now and until adoption becomes mainstream is that most Azure development has no commercial benefit for the developers.  While some companies are working on Azure ‘stuff’, there is very little in the way of Azure apps out there in the wild and even fewer customers who are prepared to pay for Azure development… yet.  A lot of the Azure ‘development’ that I am aware of has been done by individuals, in their own time, on side projects as they play with Azure to get on the cloud wave, enhance their understanding or simply try something different.

While I understand Microsoft’s commercial aspirations, the financial commitments expected from Azure ‘hobbyists’ run the risk of choking the biggest source of interest, enthusiasm and publicity – the after hours developer.  Perhaps the people in the Azure silo who are commenting ‘Good riddance to the CTP developers, they were using up all of these VM’s and getting no traffic’ have not seen the Steve Ballmer ‘Developers! Developers! Developers!’ monkey dance that (embarrassingly) acknowledges the value of the influence that developers who are committed to a single platform (Windows).

It comes as no surprise that the number one feature voted for in the Microsoft initiated ‘Windows Azure Feature Voting Forum’ is ‘Make it less expensive to run my very small service on Windows Azure’ followed by ‘Continue Azure offering free for Developers’ – the third spot has less than a quarter as many votes.  But it seems that nobody is listening – instead they are rubbing their hands in glee, waiting for the launch and expecting the CTP goodwill to turn into credit card details.

Of course there is a limp-dicked ‘free’ account that will suggestively start rubbing up against your already captured credit card details after 25 hours of use (maybe).  There is also some half-cocked free-ish version for MSDN subscribers – for those that are fortunate enough to get their employers to hand over the keys (maybe).  So there are roundabout ways that a developer can find a way of getting themselves up and running on the Azure platform but it may just be too much hassle and risk to bother.

Personally, I didn’t expect it to happen this way, secretly hoping that @smarx or someone on our side would storm the corporate fortress and save us from their short sightedness and greed.  But alas, the regime persists – material has been produced, sales people are trained and the Microsoft Azure army is in motion.  There won’t even be a big battle.  Our insignificant little apps will simply walk up, disarmed, to their masters with their heads hung in shame and as punishment for not being the next killer app, they will be terminated – without so much as a display of severed heads in the town square.

Farewell Tweetpoll, RESTful Northwind, Catfax and others.

We weren’t given a chance to know you.  You are unworthy.



In part 1 of this series I discussed the base technologies (virtualisation, shared resources, automation and abstracted services) that are at the base of cloud computing.  Part 2 discusses the new computing models (Public Cloud, Utility Pricing, Commodity Nodes and Service Specializations) that have emerged as a result of the base technologies. Part 3 lists some of the business value that can be extracted from these new models.

This part explores some of the emerging business models, and hence target markets, that may be able to make use of the business value on offer.

Part 4 : Emerging Business Models


Rogue Enterprise Departments

The most boring and barely mentioned group are the rogue enterprise departments that are fed up with the inability of internal IT to meet their needs. Cloud computing allows them to build a solution quickly, under the radar and with low financial risk simply by putting in their own effort and whipping out their credit cards. But how does this facilitate the emergence of new business models? It allows enterprises, by being entrepreneurial at the departmental level, to collectively become more competitive, innovative and respond to market needs. Products can be developed quicker, cheaper and able to fail if they don’t work.

Do you want to quickly spin up a sales campaign app to pitch a new offering? There’s an app for that. Do you want to offer post sales extended warranties via a coupon in the packaging that can be redeemed online? Maybe there is an app for that too.

I think that the market for rogue enterprise cloud applications is larger than people think and the concerns and barriers from corporate risk, security and governance will be forced to adjust.

Small and Medium Business

Some cloud vendors, particularly Microsoft, believe that the largest market is the small to medium sized businesses that should rather be using cloud computing than traditional hosting. The immediate and more obvious benefits are for the smaller businesses to operate solutions that, for a low cost, have enterprise scale features such as high availability, responsiveness and reliability. It allows smaller businesses to compete head on with their larger competition by having high quality customer facing solutions or better systems for staff in the field, logistics, billing or other business processes.

What will be interesting over the next few years (probably more than five years) is how these smaller businesses start linking up to each other in value chains and providing more business services via the cloud.


The cloud start-up dream is to become the next Youtube or Twitter and cloud computing plays to the ambitious (and sometimes unrealistic) plans of start-ups. A start-up can use its limited funding on development and marketing without wasting it on unnecessary hardware that it would need if it Oprah mentioned them, but probably never will. A start-up can, using cloud computing, still operate from the founders’ garage as their role models did ten to twenty years ago, but operate a huge international web property. While most start-ups will never achieve their lofty dreams, cloud computing is there to support them if they do make it. Although it is unlikely to be 100% correct the first time, a properly architected cloud oriented solution could scale sufficiently to handle growth and avoid the infamous ‘fail whale’.

Emerging Markets

Finally, cloud computing is destined to provide the architectural basis for new products offered by first world organizations to emerging markets. If there is an economic shift towards countries such as India, China and Brazil, the delivery of products by organizations based in New York and London will need to be radically different, low cost and innovative. It is likely that many products will be able to be delivered via the Internet, but emerging markets do not have first world infrastructure, so delivery will have to be done using mobiles, simple interfaces, low bandwidth and low latency. Also, due to such a high dependency on a mobile device and the low margins for each sale, the (possibly free) ecosystem needs to be social, viral and low cost in delivery and marketing terms. There are many smart people around the world thinking about these products, not from a cloud computing perspective (yet), but from their own desires to open up and penetrate new markets. Products that may be delivered would be something like simple life insurance products delivered using a mobile phone on a pay-as-you-go basis. A $2 premium rate text gives you $500 of funeral cover.

Emerging markets can also take advantage of sophisticated first world individuals or social groups. Imagine a system that provides, again via a mobile device, microfinance (say $20 loans) funded by individuals in $1 increments across the United States. ‘Want to lend $10 and get $12 back? There’s an app for that.’

Relating back to the cloud computing model, there are literally billions of people that are able to be serviced by large multinationals if the product and the price is right. These products cannot use traditional delivery channels (mail, branches or call centres) as the margins are pennies. The only way to deliver them is using sophisticated, reliable and low cost IT – and that is where cloud computing plays a role.

Change and Interest

What we understand the cloud computing market to be today is different from what the reality will be 5-10 years from now – at the very least because there is confusion and conflicting messages. Hype cannot be sustained within a vacuum and there definitely is interest in cloud computing fuelling the hype, which means that there probably is a demand. Beyond the marketing material and shallow articles in the mainstream media, leaders in business are sitting down and conversing with people who know something about cloud computing and finding compelling arguments that apply to their particular business and situation.

Businesses are reeling from the financial crisis – manufacturing, shipping, travel, services, media and just about every single sector is looking at how they need to do things differently, look at new markets, manage costs, take less risks, be more responsible and many other items on the boardroom agenda that would never have been table a few years ago. Individuals are feeling the threat of collapsing industries, unemployment, financial insecurity and diminishing prospects. They too are feeling the need to do things differently and have a yearning for change. It is causing them to be more entrepreneurial, to create new businesses, to try and change enterprises from within and to elect a President that offers hope and change.

So while Information Technology has evolved at its usual (rapid) pace, change has swept across the world and something within cloud computing has resonated with that change and amplified the impact that cloud computing could have on the way we sell, buy, develop and interact with each other. Where cloud computing may have been an interesting technology sideshow in years gone by, the promise that it offers (which admittedly it may not be able to deliver on) has caught the attention of business leaders.

So people are listening, leaning forward in their chairs and conjuring up scenarios where cloud computing may work for them. They are talking, arguing, writing and conversing about a set of technologies that will fundamentally rock our approach to IT.

The question is, are you part of that conversation?

Simon Munro


In part 1 of this series I discussed the base technologies (virtualisation, shared resources, automation and abstracted services) that are at the base of cloud computing.  Part 2 discusses the new computing models (Public Cloud, Utility Pricing, Commodity Nodes and Service Specializations) that have emerged as a result of the base technologies.

This part tries to understand the business value that can be extracted from these new models.  After all, without value that can be easily understood by the business, there is little point in deploying cloud computing technology.

Part 3 : Business Value


Fail Cheap and Fail Fast

As a combination of a number of factors, the ability to try out an idea that can ‘Fail Cheap and Fail Fast’ facilitates the creation of business cases where the IT component does not become a burden if the endeavour is unsuccessful. In the cloud, if a business does not succeed there are no expensive paid for servers sitting around idle and no hosting contracts that are paid for, but unused, like gym memberships. In the cloud, the initial financial commitment is lower and the monthly burn rate controllable. If it does not work, you simply cancel the agreement and stop paying.

Handling Growth

The ability of cloud computing solutions to handle growth allows time, effort and money on things that are more important during the initial stages, rather than on hardware and licenses that are going to sit around doing nothing for a while. It is common for the purse-holders, when receiving a request for budget to ask “How does this help revenue this quarter?” and planned, prudent and reasonable infrastructure purchases simply do not generate revenue until sales pick up. So having a platform in place to be able to demand additional resources when necessary negates the need for up front purchases. An important observation however, is that this only makes sense if growth is expected. A website that is expected to be small or self constrained (such as a corporate time keeping application that has a finite number of users) may be better suited to a Plain Ol’ Web (POW) app and forgo the cloud computing engineering costs.

Cyclic Demand

The reason why Amazon is a cloud provider is because they needed a lot of hardware to handle sales during the Christmas season, which sat idle for the rest of the year, and this spare capacity started to be sold off on the cloud. Many businesses have similar situations where there is peak or cyclic (per day, season etc.) demand, such as the Christmas rush, or unpredictable demand, where the site is suddenly mentioned by Oprah. Peak demand periods are important for businesses. It is often the time when the first time customers, which have cost a lot of marketing money to attract, who visit the site and expect a positive experience. Cloud computing caters specifically and overtly to the handling of peak demand periods.

Managing Risk

Due to features that are part of cloud computing solutions, a lot of risk can be taken care of out of the box, so in many respects cloud computing can be seen as part of the solution to managing risk – operational, reputational, disasters and so on. Although cloud computing security could increase risk many other fundamental requirements and features of cloud computing platforms, such as backups, availability, patching, load balancing, scalability and others (in an automated, zero touch manner) does tick some risk management boxes.

Time to Market

In a competitive market, a product’s development cycle and time to market is key to the viability and planning of a product. Having to pad the launch by a few months because of the provisioning of IT could scupper the entire product proposal. While IT has a tendency and history of not delivering on time, cloud computing can, in some cases, reduce the time to deliver, particularly if the alternative involves a long hardware, software and networking procurement process.

Operational Expenditure

Because the cloud computing is about consumption of units of computing that are billed monthly (or daily, or some other period), the idea that computing costs are operational expenditure rather than capital expenditure is often touted as a benefit of cloud computing. While true and relevant in some cases, financial models and needs of businesses cannot be generally applied. Different businesses have different (and complex) financial models that may or may not find the capex of IT hardware a decisive issue.

Enterprise IT Backlog

Lurking within all businesses is the dissatisfaction in the rate of delivery of centralised IT which seldom has the skills and resource bandwidth to cope with the torrent of new business requirements and applications. Rather than having their particular needs sit for months or years in the enterprise IT backlog, disgruntled and impatient business units are taking their budgets to external organizations for fulfilment. The tradition of getting and external development company to develop bespoke solutions and force enterprise IT to install and support it will be replaced by development, support and operations being completely off site. Leaving internal IT in the dark and toothless. has ridden this demand and many cloud providers will cater to these rogue bespoke solutions.

Domain Specific Clouds

Hollywood studios have a need to do a lot of CG rendering towards the end of movie production when time is running out. Having the necessary horsepower sitting around for when it is needed is expensive and quickly becomes redundant so studios hand rendering over to third parties that have huge capacities to take on particular jobs. While not cloud computing per se (for example, I am sure they ship data on rather large hard disks rather than use the internet) the idea of having specialised processing service that offer more than just computing power is beginning to be embraced into the cloud computing landscape and the term ‘Domain Specific Cloud’ is being tossed around. A more common example is data mining, which addresses a whole lot of services including forensics, fraud detection, deduplication and other value added services that are a lot more than just raw computing.

So what are these new ways of doing business that are emerging as a result of the value that can be realised from cloud computing?

Continue to part 4 : ‘Emerging Business Models’

Simon Munro


In part 1 of this series I discussed the base technologies (virtualisation, shared resources, automation and abstracted services) that are at the base of cloud computing.  This part deals with how those base technologies have allowed us to envision and adopt new computing models that are central to the cloud computing movement.

Part 2 : Computing Models


Public Cloud

From the perspective of the consumer, as long as they satisfy the requirements, any external supplier can provide the demanded computing as the cost and effort of building on premise on demand computing facilities may be overkill for many businesses. As a result, large providers of computing resources are stepping in to provide cloud computing to anybody that wants it and is willing to pay. This does not disqualify the value proposition of the private cloud, but it is the public cloud providers, such as Amazon, that have been pushing the change in computing models.

Utility Pricing

If consumers require computing resources on demand, it is logical to expect that they only want to pay for those resources when they need them and while they are in use. The pricing of cloud computing is still in its infancy and sometimes quite complicated, but the idea is that consumers pay as they would for any utility like electricity, rather than pay for a whole lot of physical assets that they may or may not use. This has the potential to radically change how businesses serve customers and process data as planning is done and decisions are made based, not on upfront costs, but on dynamic usage cycles and different types and rates of billing.

Commodity Nodes

Providers of these on-demand resources would, for technical and practical reasons, rather not provide highly specialised resources. It is very difficult to provide an expensive and depreciating high-end server with loads of memory and fast IO or to provide a machine with a sophisticated graphics processor. Without the provision of specialised components, regardless of the underlying infrastructure (which may or may not be assembled out of high-end components) the resources provided are straightforward an anaemic. This changes application architectures because dedicated and powerful single node servers are not available and architects cannot make assumptions about the availability and reliability of individual nodes.

Service Specializations

There is a difference between a consumer that requires an email service and one that requires a database service so providers of computing resources need to cater to different markets. Because of the underlying approach and technology, providers generally have one particular service abstraction and the different cloud specializations, IaaS, SaaS, PaaS and others have emerged and used to identify the class of cloud computing offering.

If we consider that cloud computing is simply a logical progression of IT technologies, what is it that grabbed the attention of the market and caused vendors to invest so much money in new products and huge datacentres? The reason is that cloud computing opens up new ways of conducting and operating a business and using technology to tackle new markets.

Before looking at the types of businesses that are intrigued by cloud computing, we need to understand the value that businesses see in the cloud. While technologists may find it surprising, not everybody wants to play with cloud computing just because it is shiny and new. It seems that businesses want value in the form of cost savings, reduced risk, increased turnover, and others in order to move systems and infrastructure onto the cloud.

Continue to part 3 : ‘Business Value’

Simon Munro


The cloud is hype.

It is the hype around a logical step in the progression of IT and somehow the term ‘The Cloud’ has stuck in the minds of vendors, the media and, to a lesser extent, the customer.

Unlike most terms that we IT is used to, ‘The Cloud’ is not specific – a customer is never going to want to ‘buy a cloud’ and nobody can, with any authority, say what the cloud is. Disagreement exists on the definition of the cloud and cloud computing – academics, vendors, analysts and customers all disagree to varying degrees. This creates confusion as well as opportunities – where every blogger, journalist, vendor, developer and website can slap a cloud sticker on their product, service, website, marketing material and even the forehead of their marketing VP, and deem it to be ‘The Cloud’ or ‘<some new form> Cloud’.

In a world of no definitions, any definition is valid.

So while I am loathe to add yet another definition to the world of cloud computing, it seems that any conversation about cloud computing starts with some common understanding about what the base concepts and principles are.  I tackled the question which asks “If cloud computing is based on existing technologies, why has it suddenly become important and talked about only recently?”.

I believe that the answer is that the base technologies have matured, leading to new computing models, which business is able to realise the value and finally it leads to new computing models based, if you trace it back, to the technologies which we talk about as being part of cloud computing. 

I have written an essay on this an broken it down into four parts, reflecting the layers and progression, and I will post this over the next few days.

Part 1 : Base Technology


At its most basic, cloud computing is about rapidly providing and disposing of computer resources quickly, easily and on demand.

Think about Mozy backup – you can get backup for your PC in a few minutes without having to go out and buy a backup disk, plug it in, power it up, install drivers, format, etc. Instead, you download a piece of software, put in your credit card details and ta-da, you have a good backup solution until you don’t want it anymore, in which case you simply cancel the service and you don’t have an external disk lying around that needs to be disposed of. The Mozy example demonstrates computing resources (backup) provisioned rapidly (no waiting for hardware and no hardware setup) that is almost immediately available and can be disposed of just as fast. It is, by a broader definition, Cloudy.

Unfortunately, instantly providing computing resources is not easy as one would think (as anyone who has seen data centre lead times is aware), so the seemingly simple objective of providing computing resources utilises some base technologies that are generally considered part of cloud computing.

It is the base technologies that have gradually matured over time that have given us the ability to achieve the goal of utilizing computing resources easily, and the following four are the primary influencing technologies.


Obviously, if you want resources and want them now, it doesn’t make sense to have to physically get a new machine, install it in a rack, plug it in and power it up. So a virtual machine that can be spun up within a couple of minutes is key to the ability to provide for the demand. Virtualization also forces the removal of specialized equipment on which software may depend by providing a baseline, non-specialized, machine abstraction.

Shared Resources

Individual resource consumers do not want to buy their resources up front – it would go against the idea of ‘on demand’. So it makes sense that it would be better to create a pool of resources that are potentially available to everyone and are allocated and de-allocated to individual consumers’ needs.  Multi-tenancy is a further concept behind the sharing of resources, where multiple customers can share a single physical resource at the same time.  Virtual machines running on the same physical hardware is an example of multi-tenancy.


In order to make all of these shared, virtualized resources available on demand, some automation tools need to sit between the request for a resource and the fulfilment of the request – it has to be zero touch by an expensive engineer. Sending an email and waiting for someone in operations to get around to it is not exactly rapid provisioning. So a big part of cloud computing are the tools and infrastructure to spin up machines, bring new hardware online, handle failures, patch software, de-allocate and decommission machines and resources etc.

Abstracted Services

Computing resources need not be limited to specific low level hardware resources such as an addressable memory block or a spindle on a disk – not only is it generally unnecessary, but technically impossible if coupled with quick, on demand resources. A fundamental technology advancement of the cloud is the increased use and availability of abstracted computing resources (consumed as services). While virtual machine is an abstraction of a much more complicated physical layer, the abstractions become much higher-level where resources are exposed as services, so a consumer doesn’t ask for a specific disk, but rather requests resources from a storage service where all of the complicated stuff is abstracted away and taken care of.

These technical solutions to the demand problem have, in turn, had some interesting side effects on existing models of computing. The public cloud, utility pricing, commodity nodes and service specializations have emerged as rediscovered computing models that are driving the adoption of cloud technologies.

Continue to part 2 : ‘Computing Models’

Simon Munro


More posts from me

I do most of my short format blogging on So head over there for more current blog posts on cloud computing

RSS Posts on

  • An error has occurred; the feed is probably down. Try again later.