The Cloud is Ephemeral

Sunday, January 1, 2012 

Never trust your business, applications, or critical data to a cloud service because you are at the mercy of the provider both for security and availability, neither of which are terribly likely. Cloud services are the .coms of the 2nd decade of the 21st century, they come and go and with them so go your data and possibly your entire enterprise. Typically the argument is that larger brands are safer, that a company like Google would not wipe out a service leaving their customers or partners high and dry, that they would be safe.

That would be a false assumption.

“The cloud is great when and while your desired application is present – assuming it’s secure and robust – but you are at the mercy of the provider for longevity.”

It is necessary to understand the mathematics of serial risk to evaluate the risk-weighted cost of integrating a cloud-provisioned service into a business. It is important to note that this is entirely different from integrating third party code, which just as frequently becomes abandonware; while abandonware can result in substantial enterprise costs in engineering an internally developed replacement, a could service simply vanishes when the provisioning company “pivots” or craters, instantly breaking all dependent applications and even entire dependent enterprises: it is a zero day catastrophe.

Serial risks create an exponential risk of failure. When one establishes a business with N critical partners, the business risk of failure is mathematically similar to RAID 0. If each business has a probability of failure of X%, the chances of the business failing is 1-(1-X/100)^N. If X is 30% and your startup is dependent on another startup providing, say, a novel authentication mechanism to validate your cloud service, then the chances of failure for your startup rise from 30% to 51%. Two such dependencies and chances of failure rise to 64% (survival is a dismal 36%).

Posted at 22:34:08 UTC

Category: odd

I knew Windows could be buggy but…

Monday, November 2, 2009 

Reminiscent of the apocryphal first “bug” I opened up my old laptop and saw some ants crawling out of it.


and then more.

and more.

So I got the vacuum and started sucking them up.

And more.

and more.

So I took out the battery and found something that actually startled me. Kind of like the Alien’s den in miniature.


Amazingly the computer booted fine.

For the first time in my computer history I used Raid ON my computer rather than configuring RAID in my computer.

Posted at 02:00:10 UTC

Category: funnyoddphototechnology

Updating an IBM 366

Friday, May 15, 2009 

Today I’m updating an IBM 366-8863 to be a new home server because not having a quad 64 bit Xeon box with 24G of RAM and 6 x 72G SAS RAID 10 in your house would be like watching tv on a black and white CRT or something… and it was $350 on eBay so who could resist?  It will replace the old 5500 M20 and save 3U in the rack and probably a lot of power for a decent NAS box.

IBM eSeries x336

Unlike the 335, the 366 does not have a floppy drive.  There’s actually room in the cas right behind the IBM logo, next to the lightpath diagnostics and above the optical drive…  maybe I should get out my dremel and start looking for a 266Mhz 64bit PCI-X floppy controller.

The 366 is supported by the IBM Bootable Media Creator, which is a new thing for me.  This tool gathers all of the most recent firmware updates for the servers you specify (or all supported ones) and creates a single bootable disk (the 335 is not supported).   The tool found 23 updates for the 8863, though the versions are not all the same as you get doing the one-by-one download (there’s an option to select manually, but the integrated one-click approach is much easier).

All you do is download the creator tool for the OS of your choice, execute it, specify the systems you want to support, let it gather the updates and build the disk and it will even burn the disk for you.  Once the update disk is burned, you simply boot with it into a GUI (which supports normal mouse keyboard) and a few restarts later you have a fully patched machine.

The only thing left is to use the latest ServeRAID disk to update your ServeRAID configuration.

Nice job IBM!  This sort of thing is why I like IBM machines.  Plus they’re black.  And they have the built in  KVM/console controller over IP (remote supervisor II).

Posted at 18:45:49 UTC

Category: FreeBSDtechnology

Updating an IBM 335

Sunday, May 10, 2009 

I’m bringing up an old IBM 335 for use as a pfSense Firewall.  It is a fine computer, with almost everything you’d want except dual power supplies (the 336 has those plus 64 bit hardware).

IBM 335 Server

The first step is updating the machine:

  • BIOS to 1.15: download the flash image, it writes itself to a floppy, boot with that floppy and flash the BIOS.  I had to go through a bunch of 1990’s era software disks until I found a few floppies that would format without errors.  This also updates the LSI 1030 disk controller.
  • Internal Diagnostics to 1.07: these are disk images (.img) diskcopy didn’t seem to do the right thing on my XP box, so I used diskwriter 0.9 to create the disks.  You boot off the BIOS update disk then select update diagnostics.
  • Configure the disks with ServeRAID.   I didn’t flash the BIOS on the controller, but I did reformat the disks and set them up as RAID 1.
  • Update the System Management Processor to 1.06.  This is a self-booting floppy.
  • Update the Broadcom NetXtreme NICs to 209h.  This is a self-booting floppy that creates a RAM disk then runs the update.  The command for the 335 is UPDATE 8830

This gets the core hardware up to date.  You might also want to flash the firmware in the disks, though I did not as my box is loaded with unsupported disks.  Plus 36GB SCSI disks aren’t exactly going through a lot of teething pains these days.

Then I installed pfSense from the LiveCD (verify the hash).  This is pretty effortless.  The only important bit of data is to set up the NICs: in the 335 under FreeBSD bge0 is the lower port and bge1 is the upper port.

At a later date I will install a 73P9265 Remote Supervisor II adapater, but the cable I have (73P9312) is for newer boxes.  The 335 needs the 02R1661: oddly it is cheaper to buy the cable with a card than just the cable.  This will probably need flashing of the firmware, but is a nice tool with remote KVM and a lot of other slick features.

Posted at 23:09:31 UTC

Category: FreeBSDtechnology