RightScale Launches 3 Millionth Server

Posted on September 20, 2011 by

Here at RightScale, we’ve just passed the 3 million server milestone.  Driven by our growing customer and free-user base, and their ever-increasing cloud usage, the 3M mark represents a benchmark in the industry, and is noteworthy in three different ways.

First, 3 million is impressive in the data center business.  Many well-known hosting companies house between 50,000 and 100,000 servers, and estimates for the world’s largest computer companies with large data centers range up to 1 million.  (See the DataCenterKnowledge report here.)  It’s difficult to compare our statistic with these installations, since many may be running largely under a pre-cloud operational model.  Nevertheless, launching 3 million is quite a number by any comparative metric, and there’s no question that it was achieved only with new levels of automation and dynamic configuration that are core to RightScale.

The second reason 3M is worth noting has to do with how fast we got there.   After our founding in 2007, it took us about 27 months to reach 1M, another 12 months to reach 2M, and then just 6 months to reach 3M.  That’s more than twice as fast for each subsequent 1M servers.  Likewise, one year ago in Sept. 2010, we had launched 1.5M servers – and we doubled in the last 12 months.

The third reason this milestone matters is that the servers our users launch have increased in power, and persist for a longer duration, as each month passes.  In fact, since January this year server runtime has increased on average 30%. So the trend is clear: companies are running “bigger iron” in the cloud — and keeping it running longer — than ever before.  Here is a graph of the size distribution we recorded this summer:

Certainly, the growth rate we’re tracking for the quantity, power and longevity of servers launched on RightScale remains quite healthy and mirrors the broad adoption of cloud services industry-wide. But equally important is the range of customers driving this growth, representing a wide variety of industries, use cases and services powered by RightScale on the cloud. For example, during the last year:

  • media giant Pearson converted a traditional educational software offering to a SaaS based model that allowed faster onboarding of new customers;
  • consumer goods company American Girl (a division of Mattel) launched their virtual world with a major advertising push behind it and sailed smoothly through the holiday season;
  • online game company Zynga launched new games that consistently broke records;
  • and companies like Amdocs and Trader Media spoke at our User Conference last June about new enterprise services launched on both public and hybrid clouds.

All of these RightScale customers contributed toward the 3M milestone, and we continue to be dazzled by the solutions they achieve using cloud infrastructure. We’re looking forward to the next million servers launched by our customers, and the amazing services they’ll power with them.

Posted in AWS, Cloud Computing, Cloud.com, Eucalyptus, Rackspace | Tagged , , , , | 3 Comments

Microsoft .NET Stack Released

Posted on September 15, 2011 by

This is the Final post in our release series…following both our dashboard and ServerTemplates releases.  Today we’ll talk about a unique solution we now support…let’s get started…

Drum roll please…Introducing the auto-scaling, high availability .NET Stack on Amazon!

Some of you might think, ‘well Finally!’.  As a product manager, I empathize with that sentiment. It was certainly tricky getting this to hum on the cloud. I’m very proud of our team’s work, especially when reviewing the challenges they overcame to get this out the door.  Let’s take a deeper look into some of them.

Database Manager for SQL Server

When I first proposed the SQL Server Database Manager last year to our development team with what ultimately would become our first SQL Server ServerTemplate, I met with mixed reactions.  EVERYONE thought it was a great idea and would be useful to users.  However, a lot of reservations too…doing something like what we have for MySQL with master/slave replication is no easy feat.  Adding in Microsoft complexity with Powershell as well as unexpected Windows behavior in the cloud, the solution seemed out of grasp. Some of the notable questions we asked ourselves:

  • How does MS Licensing work as existing orgs transition to the cloud?  Is SQL Server Standard good enough or will users demand Enterprise?
  • How will we backup data on SQL Server?  Native backups guarantee “sane” backups without service interruptions but take a long time.
  • What are the setup best practices and how do we implement them in the cloud?  Multiple Data / Log Volumes, default monitoring and alerts, backup scheduling, etc…all need to be considered.
  • How do we set up replication with SQL Server?  There are so many supported options, what’s best for cloud?

We started at the beginning, pushing licensing off to the likes of the service providers (Amazon) and focusing on prototyping our implementation.  One of our developers found that backups using Volume Shadow Services was a better option than SQL Server native backups.  The following is an excerpt from his report:

Now that we have a clear understanding of how to proceed with backups, we tried to figure out best practice configuration — focusing mainly on the volume configuration and management.  We encountered issues attaching EBS volumes before Windows was ‘ready’ which resulted in out of order drive letter assignment.  We solved that, and moved on only to find that Powershell was running as a 32-bit process on the x64 environments…great.  Fixed that too.  Those two issues actually got us pretty far and enabled our first release of a Beta ServerTemplate that supported Standalone backup/restore functionality.

Going through the Beta of our backup/restore ServerTemplate, we learned enough to facilitate building a High Availability SQL Server Solution (that’s what we published recently!).  We focused on a few things:

  • SQL Server Mirroring (Set up, Monitoring and Alerting)
  • Authentication and Data transfer Encryption
  • Failover to the mirror

One key challenge in setting up the mirroring session was waiting.  We had to have not only the mirror server in operational state but also a set of database full and differential backups from the principal to initialize the database on the mirror.  We utilized the RightScale ability to tag servers and locate servers by tag to help automate this whole process.

I recommend you try out our ServerTemplate to see just how much we managed to take off your shoulders for the database management.

IIS Application Server

Phew.  When you think about the complexity of the Database Manager, IIS seems like a walk in the park!  But a lot of work went into this template too.  I went over and chatted with the dev lead whose team built this template to get the inside scoop of the challenges they had to overcome.  Here’s his list:

  • Built with the use case of the scalable app tier in mind
  • Integrate a front-end load balancing solution
  • Figure out how to get the app on the server
  • Figure out how to tell app servers where the db is when they are ready
  • Oh, and of course, best practice configuration of IIS App Servers (this is Microsoft after all)

Doesn’t sound too complicated does it?  Luckily, with standardized images and use of RightScale tags to discover the Database server, it worked pretty well.  Also, based in large part on the design, we were able to get this ServerTemplate to work equally well on both Rackspace and Amazon.  That actually was a cool product win, even though it created more work for our testing team (details of which I went into in my last post).

I encourage you to take a look at this ServerTemplate too.

Together, these two ServerTemplates with either the HAProxy Load Balancer ServerTemplate or Elastic Load Balancing from Amazon make up our .NET Stack.  Take them for a spin, and as always, please send us your feedback.  Enjoy!

Posted in EC2, Microsoft, Rackspace, Releases | Tagged , , ,

RightScale Release: MultiCloud ServerTemplates and RightImages…

Posted on September 8, 2011 by

This is Part Two of our release series.  A couple weeks ago, we announced a lot of goodies and while we’re going to talk about some new stuff today, be sure to come back next week for more about our latest Windows ServerTemplate offerings…

It’s been a R.A.C.E. to the finish line this sprint, but we have some exciting news!  RightScale’s current ServerTemplate release showcases the entire PHP 3-tier stack across the Rackspace Cloud, Amazon’s Elastic Compute Cloud, Cloud.com’s CloudStack and Eucalyptus Systems (hence R.A.C.E).  These new HAProxy Load Balancer, PHP App Server and Database Manager for MySQL 5.1 ServerTemplates are available now in the MultiCloud MarketPlace.

Underneath all these templates, we’re releasing a new CentOS 5.6 MultiCloud Image with RightLink 5.7 for all EC2 regions, Rackspace Cloud Servers, Cloud.com’s CloudStack and Eucalyptus Systems.  For a complete list of ServerTemplates and MultiCloud Images we released, check out our latest release notes.

People often talk about developing for the cloud and associated challenges.  But what about building platforms on which other people develop their apps in the cloud?  It is very challenging building for the “general use case”, but it is even more important when you build for generality that it works well.  A lot of time and effort goes into designing and building our ServerTemplates.  During development, and especially before release, we conduct extensive manual and automated testing cycles where we put our templates through the wringer.  Below is a sample test matrix that represents our checklist for one ServerTemplate.

Notice that we test this one ServerTemplate across 2 separate images in 7 clouds each.  Considering that we released 9 ServerTemplates last week, this makes for quite a few permutations.  Of course, we also find bugs and have to retest rapidly.

Luckily we have help with a home-grown automation tool that we call “Virtual Monkey.” The monkey uses the RightScale API to create deployments with servers to test, launches them, runs tests against them, collects the results, shuts everything down, and cleans up. In most cases the tests include entire 3-tier application deployments so we can test the interactions between the servers and ensure things work end-to-end. All in all we launch hundreds of servers a day in various clouds to test these ServerTemplates and make sure they work before we let them loose in the wild.

Not all clouds are created equal…

If you’ve done anything on multiple clouds, you’ll appreciate the behind-the-scenes presented above.  When launching hundreds of servers and developing infrastructure-as-a-service agnostic solutions, small nuances can be big blockers towards expected end-user functionality on the solution.  From security groups on Amazon versus iptables management on Rackspace to volume snapshot API response differences in Eucalyptus and CloudStack, the ServerTemplate needs to be aware and abstract away differences.  Do our customers really care about these differences?  Of course not.  They just expect one solution to work on one cloud type just as well as it works on another cloud type.  You may have noticed that we utilized Chef for many of our recently released ServerTemplates.  Chef allows us to abstract the business logic away from the details of the cloud,  making it easier to propagate the same solution to as many clouds as we can get our hands on.

Wait, each cloud has different profiles for instance types!

But Chef isn’t the only innovation that we use.  We also have to support many ‘by design’ cloud architecture differences. For example, pre-defined instance types.  Instance types in Amazon, while being the same across all regions within Amazon, do not align well to flavors in Rackspace.  Plus, in private clouds, you can either use the default instance types or custom configure to what your application demands.  How then does a specific ServerTemplate correctly configure a new instance for optimal performance?  Seems like that’s (yet another) real prerequisite for proper application setup.

In the specific case of MySQL, our ServerTemplate will auto-tune configuration parameters including innodb_additional_mem_pool_size and table_cache.  The tuning is based off of an instance’s available memory.  Of course this can be overridden on a per-server basis.  This mechanism extends well to our PHP App and Load Balancer ServerTemplates where you override parameter defaults specified in apache2.conf and haproxy_http.

All of this is just the tip of the iceberg.  Check out the ServerTemplates for yourself and let us know what you think.

Posted in Chef, Cloud.com, EC2, Eucalyptus, OpenStack, Rackspace, Releases | Tagged , , , , , , , | 1 Comment

RightScale Release: New MultiCloud API, New Add Server Assistant, and Community Translations

Posted on August 25, 2011 by

This is the first of three posts you’ll be seeing regarding everything we’re releasing over the next couple of weeks. First, we had a new dashboard release tonight, which I’ll tell you about below. Next week, we’re releasing some sophisticated multi-cloud ServerTemplates that work across a few clouds. Finally, we’ll wrap up with how to create an auto-scaling Windows IIS/.NET application on top of our new mirrored Database Manager for SQL Server. Let’s get started…

Add Server and Add Server Array Assistants

First, we’ve created new assistants to simplify the process of creating a server or server array. It’s a big change, requested by our customers, designed to make your life easier in the day-to-day usage of the Dashboard. We worked with a few customers over the last few months to refine this flow, so we know it will be a welcome change. The previous process was getting a little disjointed after a few years of rapid cloud innovation! Learn more about the new assistants shown below.

 

Community Translations

Next, in May of this year, we launched our first language translation for the RightScale Dashboard: Japanese. Back then, we mentioned that we accomplished this through a platform we planned to make available to the community. That time is here. You will now notice a “Help Us Translate” link in the footer:

So how can you help us translate (and why would you)? First, the how. When you click on this link, you’ll be taken to a tool that will allow you to see all the phrases that need to be translated, translate these phrases, and vote on translations that others might have submitted. You can then link back to the Dashboard to see the translations in real-time! To get started, click on the link, read the instructions, and choose your language:

Now, why would you help us? Well, many of you have already offered out of the goodness of your heart, and we appreciate that. If you are someone that needs an incentive, we appreciate that too. That’s why we’re going to give the top translator for each of the following languages an Amazon Kindle: German, Chinese Simplified, Japanese, French, Spanish, and Korean. For how to get started, and for more information on this “Translation Showdown,” read the RightScale Dashboard Translation Guide.

New MultiCloud API

We’ve been incubating a new API with a few of our largest customers for over half a year now. This API is a complete redesign, and takes into account everything we have learned over the years on how to manage multiple clouds behind a single “pane of glass.” Or in this case, a single set of XML/JSON instructions.

We are making it available today as a public beta, supporting Cloud.com, Eucalyptus, and Rackspace. Not everything that is in API 1.0 is available in this new API yet, but it is burning a hole in our pocket, and will be extremely useful to our customers who want to begin automating their multi-cloud deployments. As we equalize the feature set between this new API and the 1.0 EC2 API, we will move AWS EC2 support into this new API and retire API 1.0.

One new feature here (available on all clouds) is the ability to provision and manage users via the API. You can now list all users in an account, add users, and set their permissions. Coming up in the October release, Enterprise plan customers will also be able to provision new accounts.

Learn more about the new API and how to get started with it.

Release Notes

As always, please read the Release Notes for a detailed list of changes made to the Dashboard and API.  Look out for the ServerTemplate & MultiCloud Image release next week – we have some great solutions coming up for both Linux and Windows cloud administrators.

Enjoy!

Posted in Releases | Tagged , , | 2 Comments

Performing Security Testing in the Cloud

Posted on August 4, 2011 by

[This is Phil Cox's first blog post since he joined us as Director of Security and Compliance. We hope to have more from him to post in the near future! -Thorsten]

Security testing is one aspect of a security program that is often overlooked. Organizations who take security seriously understand that testing systems and applications is just smart business. We felt that one way we could help our customers is to describe the process, and nuances, that we go through during our testing. Since RightScale runs in the cloud, the information should help any RightScale customer accomplish the same tasks on their environment.

Our process is basically broken down into the following steps:

  1. Identify instances and applications that will be tested
  2. Select tools and systems that will be used to perform the testing
  3. Coordinate with the cloud service provider to get authorization for testing
  4. Execute the test
  5. Communicate the results

Below I have outlined some of the practical details of each of these steps.

Identify Targets

Before we start testing, we identify what we want to test. For this particular test, we decided that we would include all of the systems that make up our platform, as well as the main dashboard application. Since we use RightScale to manage RightScale, and one of the main functions of our service is using ServerTemplates™ and RightScripts™ to ensure that systems are deployed consistently, there was a temptation to select a representative sample.

Since this was my first time testing RightScale since becoming the Director of Security and Compliance, we decided to test them all. We figured it is good practice, and provided a “validation” of sorts that we were following the practices we champion. We did however decide to limit the testing to publicly addressable AWS IP addresses. (Note: Anyone trying to be PCI compliant in AWS will likely need to test private IPs as well.)

As for the application, we decided on the entire dashboard, and not just a portion (mostly because I wanted a good overview to have as a baseline).

Select Testing Tools

Along with determining which systems/instances and applications we were testing, we selected tools that would help us automate the testing. We had agreed that a primarily automated vulnerability test (with manual validation) was acceptable, but that the application scanning would require a more manual approach given the complexity of our application. To that end, we had the following basic selection criteria:

  • Vulnerability scanner: Number one criterion was its ability to appropriately identify vulnerabilities. We did not want a lot of false positives, but felt that false negatives would be much worse. A second criterion for the vulnerability scanner, was the flexibility of its reporting mechanism.
  • Application testing: Number one criterion was our ability to use it, not what others think of it. A second criterion for the application testing tool was its ability to test against the framework of our application.

Given those “requirements” we chose three vulnerability scanners that we wanted to evaluate, in hopes of selecting one as the foundation for our ongoing testing program. Those were SAINT, NeXpose, and OpenVAS. Many will point out that there are other tools out there, and I agree, but these were tools I personally have history with, and one is free. We had to start somewhere.

As far as the application testing, I have used Burp Pro for a number of years and am a fan of it, and selected that as an application testing tool of choice. It should be noted that a number of other tools have recently come out that may rival Burp Pro in its functionality, but familiarity of use was important. We wanted to test the application, not the tool.

Where to Run Them?

Once we determined the tools that we wanted to use, we had to figure out where we wanted to run them:

  • SaaS
  • Instance in the same cloud
  • Instance in a different cloud
  • Traditional hosting environment
  • Physical system on our network

We chose the “Instance in the same cloud” for a couple of reasons:

  • Flexibility: We were able to install multiple tools to evaluate and test
  • Eating our own dog food: RightScale is all about configuring and managing systems, so what better way for us to help our customers be able to deploy scanning systems than to do it ourselves
  • Bandwidth cost: By using an instance within the same availability zones on AWS, bandwidth was not an issue
  • Access to internal IPs: By running in the same cloud (AWS region) we can test internal IP addresses

Once we decided to build our own, we downloaded a trial version of SAINT, the community version of NeXpose, and followed the Ubuntu installation directions for OpenVAS. Then we wrote some RightScripts to automate the majority of the install and we were “cooking with gas” so to speak.

Get Authorization from Cloud Provider

Once we identified all our instances we were going to test, and had our testing sources (one in our case), per the AWS usage agreement, we needed to get authorization from AWS to perform the testing.
AWS provides a form that we filled out to request penetration testing of instances. We had to supply the AWS instance IDs and IPs that we obtained earlier, as well as the source of the testing. AWS uses this to create a ticket that AWS security team will get, and subsequently white list the account so the IDS systems are not triggering alerts during the testing. This prevents getting nasty emails about policy violation as well as port blocking, which would affect the test results.

AWS security responded back within a couple of days with approval for the scanning. It is interesting to note that it appears it is the vulnerability scanning that this applies to, for all intents and purposes you should make this request for application-based scanning as well, but it’s been my experience that testing the application does not cause abuse reports to be generated within AWS. During the testing, launching and relaunching of the scanner we did accidentally perform a number of scans from an IP address other than the one we provided to AWS and we did receive two abuse notices.

Probably the biggest point to note with respect to testing instances running in AWS is that instance size must be medium or greater. AWS policy does not allow pen testing, including port/service scanning, of smalls or below, presumably because they want to avoid that the testing degrades the other VMs on the same host. It should be noted, that we were just testing in AWS, depending on your cloud service provider, what you need to provide as far as what you are testing will vary. For AWS, we provided the instance ID as well as the public IP that will be tested, and the source of the testing.

For AWS, the quickest way to get the list of all AWS instance IDs and associated IPs is to use the rest_connection API. It can be used to programmatically generate a list of the instances and associated IP addresses that will be the targets of testing. We ignored the security groups in this test and hit all the “well known ports” that the tools scan. An alternative would be to only test the accessible ports.

Execute the Test

Once we obtained the authorization for the testing, we coordinated with the ops team to make sure they were ready for any potential problems. Once we got their “we are a go” signal, we commenced the testing. The general methodology looked something like this:

  1. A sequential vulnerability scan, using each of the scanners. For both SAINT and NeXpose, we utilized the “exploit” portion of the tools (when it existed) on any noted vulnerability. (Note that we performed multiple scans with each scanner over the course of our 3 weeks of testing.)
  2. General walk through and Burp Pro “passive” testing of the entire dashboard. Attempting to get an overall feel for the testing tool with the dashboard, and basically doing a full manual spider of the site.
  3. Next we specifically performed testing of our session state mechanism, looking for entropy, manipulation, and injection flaws.
  4. We then stepped through each of the dashboard’s main function areas, “Reports,” “Manage,” “Design,” “Clouds” and “Settings,” looking for well-known attack vectors. In particular focusing on identifying Cross Site Scripting and Request Forgers (XSS and CSRF), Injection, parameter manipulation, and other common web app exposures. See the OWASP testing guide for a good discussion of things that should be tested for in web applications.

Note that all testing we performed was done in both an authenticated state as well as an unauthenticated state.

As stated earlier, we made the decision that the vulnerability scanning portion of our testing would be mostly automated, and the application testing mostly manual. It took us approximately 3 weeks to identify the systems, get the authorization, and perform the testing. About 2 weeks of that was dedicated to the manual app testing.

A Bit More on the Application

It could be argued, that the bulk of “cloud” security testing should revolve around the application. This is not to say that making sure supporting services like Apache and MySQL versions are patched is not important (it is, just ask Sony), but meaning that much of the exposure to your data will come through the application. Taking the time to assess the mechanisms protecting the application is critical. For example:

  • Are the security groups appropriate?
  • Do you have appropriate controls on who can access API calls or make security related changes via the UI?
  • Does your authorization mechanism enforce appropriate controls via all interfaces?

Items like these are things that will be critical for long-term protection of information. Make sure that you include them in your testing regiment.

Communicate Results

We are an Agile shop, so frequent communication is part of our culture, and we leveraged that to provide feedback from the testing to the appropriate engineering or ops teams as we uncovered potential threats. This allowed us to create records of our testing results, as well as provided timely information to be fed into our sprint process. At the completion of the testing, we wriote a summary report and included details of the vulnerabilities from each of the tools as appendices. Even though the information is already fed into the appropriate groups, including details along with the final report allowed stakeholders the ability to review the overall testing methodology and findings, as well as dig down into the details of any vulnerabilities found.

Your process may vary, and you may have a much more formal reporting requirement. The most important part is to get the appropriate information to the people who can get the system services or applications fixed in a timely manner.

Summary

The process of identifying targets, maintaining testing tools, coordinating with cloud service providers, and communicating those results should be formalized within your organization. Security testing should become an integral part of the IT culture. There will always be issues, as nothing is absolutely secure, but trying to stay ahead of the curve is a worthy cause. With a formal process, you can make it a regular occurrence, thus enhancing your security program and likely meeting many practical as well as compliance requirements.

One side note about the testing is that for all practical purposes, it was exactly the same methodology and tools that I have used previously in non-cloud environments. So I encourage you to roll up your sleeves and implement a testing program for your infrastructure and applications.

Posted in AWS, Cloud Computing, EC2 | Tagged , , ,

RightScale Release: Rackspace Linux ServerTemplate Support, Windows 2008R2, PostgreSQL 9

Posted on June 14, 2011 by

When a systems or software engineer is learning a new language, a plethora of examples to learn from is invaluable. The cloud currently feels like a new software language to many – new constructs, better tools, rewritten rules. RightScale has always provided training to help people jump into this new world, and this release continues the education.

In it, you will find concrete examples of how to maintain advanced database architectures in the cloud, how to auto-scale Windows .NET applications, and even how to move database information between clouds. With your feedback, these examples will become production solutions that you can extend and modify. Before you know it, you’re a sysadmin rock star for your organization – people will wonder how you accomplish such magic.

Don’t hold back your secrets. ;-)

Rackspace ServerTemplate Support for Linux

On the heels of our Windows ServerTemplate Support for Rackspace, we’re elated to also bring you Linux ServerTemplate support – starting with CentOS. We have a few templates available for you to start with: a Base ServerTemplate that works across many clouds, a LAMP ServerTemplate with backups to CloudFiles, and a Database Manager for MySQL that takes snapshot backups to CloudFiles. These templates are all new and part of the public beta – please provide feedback and let your sales rep know if you’re experimenting.

With this release, you now have most of the Management (monitoring, user controls, auto-scaling, etc.) and Configuration (RightImages, ServerTemplates) aspects of our product available for Rackspace. We’re close to wrapping up our API support as well, and will be adding more RightImages, OSes, and ServerTemplates from here on out.

MultiCloud Magic

Let’s point out something important about the new Database Manager for MySQL that I mentioned in the Rackspace section above: it also works on Amazon.

This is one of our newer templates specifically designed to adapt to different clouds.  It is based off of another new MultiCloud ServerTemplate, the Storage Toolbox, which allows you to set up an LVM filesystem on instance drives or attachable volumes.  It also helps you take snapshot backups of your filesystem and upload it to the clouds object storage (in the MySQL case, to AWS S3 or Rackspace CloudFiles).

For the RightScale User Conference this week in New York, I demonstrated a database server running on the Rackspace Cloud, taking backups to Amazon S3, and restoring to a warm EC2 server.  I could have also gone the other way using Rackspace CloudFiles, or moved between Amazon regions using S3.

Magic? Nope. Here’s a tutorial so you can try it yourself.

CloudStack CentOS RightImages

Let’s move from MultiCloud to multi-hypervisor. With this release, CentOS RightImages are now available on all popular hypervisors for Cloud.com CloudStack clouds. We have RightImages for KVM, Xen Server, and VMWare ESX. Contact your sales rep for access to these private cloud images.

Database Manager for PostgreSQL

Many of you asked for a Database Manager for PostgreSQL 9 since replication issues from previous Postgres versions have been resolved. Well, the team took the structure of our MySQL Manager on Amazon and managed to replace MySQL with PostgreSQL – so you’re in luck! Full master-slave support, use of EBS volumes, assisted DNS failover, etc. Read the setup guide to get started.

Windows

Earlier this year, we released our first ever Database Manager for Microsoft SQL Server. We received great feedback, adding smart volume configuration with best practice disk configuration for system and user databases.  Now, not only are master, msdb and temp on EBS Volumes, but we create default locations so your database data and log files are directed to separate EBS volumes.  We coordinate simultaneous volume snapshots so we have sane and consistent backups that can be used for disaster recovery purposes with built-in restore RightScripts.  We also optimally configure SQL Server for you, enabling mixed authentication mode and creating an equal number of tempdb data files to the number of CPUs on the server. Check out the beta for our Manager for Microsoft SQL Server.

We’re also pleased to announce the Microsoft IIS Application Server, which can be used in an Array to serve as an auto-scaling .NET application tier. The ServerTemplate has built in Powershell-based RightScripts to register to either the AWS Elastic Load Balancer or to HAProxy.  In a similar vein to our other Application Servers in the MultiCloud Marketplace, this ServerTemplate will automatically download and deploy your application code and connect to a local or remote database server. Together with the Database Manager for Microsoft SQL Server, you can quickly get a multi-tier .NET app up and running in the cloud – get started with this setup guide.

Of course, both of these ServerTemplates are powered by RightScale RightImages.  We’ve enhanced our RightImages as part of this release to include support for Windows Server 2008 R2, bringing our total number of RightImages on Windows to 70!

There’s More!

We’ve added Nginx-based PHP and Rails Application servers too. To see the rest, please read the May and  June release notes for details and starting points.

Enjoy!

Posted in EC2, Rackspace, Releases | Tagged , , , , , ,

Commercial Support for OpenStack on the Horizon

Posted on May 25, 2011 by

A change that was very palpable at the recent OpenStack conference is that a number of major industry players are readying commercial offerings around implementing OpenStack clouds. Today Citrix officially threw its hat into the ring announcing “Project Olympus” that lets any customer build a private or public cloud based on “a Citrix-certified version of OpenStack and a cloud-optimized version of Citrix XenServer”. Citrix is also working closely with Dell and RackSpace in their offering to provide reference architecture and hardware as well as deployment services. The top-level bit here is that the commercial side of OpenStack continues to see healthy growth and there is little doubt that there will be a number of solid commercial offerings around OpenStack soon.  Where there’s real cloud usage, of course, you’ll also find RightScale – and we’re working closely with Citrix and other OpenStack providers to share our experience and enable RightScale support for their cloud offerings.

Citrix’s OpenStack announcement is especially notable given that it comes from the company that provides the hypervisor that has the longest history and powers more virtual servers than any other in the cloud today: Xen. So it will be interesting to see what it means to have a “cloud optimized version of XenServer” under the covers of Citrix’s OpenStack. That also brings another question to the forefront: what will it mean to have several flavors of OpenStack? Citrix uses the phrase “version of OpenStack”, Jim Curry (RackSpace) uses the phrase “OpenStack distribution”, and Barton George (Dell) also uses “OpenStack Distro.” It is clear they’re not just talking about a little packaging since, for example, Citrix states “Project Olympus will come pre-integrated with the Citrix Cloud Networking fabric.” In other words, it will have functionality different from ‘stock’ OpenStack.

From a selfish point of view I’m wondering how many versions or distros of OpenStack we will have to support and how compatible they will be with one-another? Of course, to be fair, other private cloud offerings also contain variants such as having multiple networking modes that differ substantially from one-another and that we support. This form of flexibility is a clear need. But for the larger community it will be intereting to see how things play out. At this point, my expectation is that this represents healthy differentiation and innovation in the OpenStack community, and we’ll continue to work with the various vendors to ensure we can support the architectures they’re implementing.

With the advent of these commercial OpenStack offerings, we’re witnessing a new emergence of reference architectures and an ecosystem of major players who can deliver complete IaaS solutions to enterprises and service providers who want to stand up and deliver clouds that can be managed by RightScale. Ultimately, that means more choice for our customers.

Posted in EC2 | Tagged , | 3 Comments