Monday, April 13, 2009

JDO makes a come back

Back in, I think, 2002 I went to JavaOne and the most over-subscribed sessions were on JDO, literally queues out of the room. Since then it sort of died a death and with the Hibernate/EJB 3.0 approach taking over the OO persistence layer surely the battle was lost.

Just kicking off a Google App Engine 4 Java (thank you Google, I can code like a human being again) session I note with some amusement that they've picked JDO as the persistence layer. It makes sense for what they do and the sort of store they provide but I still find it quite funny that I'm now dusting off those JDO pieces that back in 2002 I was sure would be the future but about which I was proven wrong.

Until today ;)

Technorati Tags: ,

Friday, April 10, 2009

Kill the LEDs

LEDs are much more efficient than traditional bulbs and can be better than the new energy efficient ones as well.

But there are certain LEDs out there that are just a complete and utter waste of time, I'm talking about those that are INSIDE computers. No idea if there are any inside the MacBook Pro I'm using now but I know there are a bunch inside my home PC. I'm not complaining about external LEDs that are meant to actually convey something just those that are either excessive or inside something. Over in the data centre there are even more, lots and lots of LEDs that flash away all day long in rack-mounted kit that no-one will look at unless there is a problem.

But I hear you cry and LED uses very little power lets say its a 10mA at 5v, it is a pitifully small amount of power, 50mW and half the time they are off before they flash on again so the average usage is only 25mW/hr.

Nothing at all. But then there aren't just one are there? There are ruddy loads. Lets take a switching rack, just one. 4 sets of 10 boards all slipped in with about 4 external LEDs per board. Internally however there are around 20 LEDs on the board, these are LEDs that are NEVER seen outside of a test lab and there you don't rely on the LEDs you start using some proper kit.

So 20 x 4 x 10 x 25 = 20,000 mW/hr or 20W/hr.

Suddenly its looking quite a bit more interesting, across the data centre we are now talking about potentially kilowatts an hour of electricity powering all of these LEDs that no-one cares about. Even the ones on the outside should be added to this list. Why are they flashing all the time? Why not just have them activated when someone needs to test them, a remote (or even local) switch that allows them to start flickering away if required. In a lights out DC environment it really is pointless to have these flashing lights all the time.

Now I don't know many LEDs go into normal blade or rack-mounted kits these days but they do seem to have quite a few LEDs that could disappear. I've made the comment before that these flashing lights symbolise everything that stands in the way of the progress of cloud computing.

So like the environmentalists who got hotels to stop washing everything every day by showing them it could save them money I say that people who support cloud should object to these flashing lights on environmental grounds.

LEDs in data centres are a small part of the power consumption in a data centre but that doesn't mean we shouldn't make that small step. So lets start the campaign by asking hardware suppliers "how many internal LEDs does that product have" and asking what the power consumption of those LEDs actually is.

They aren't needed so lets turn off the flashing lights.

Technorati Tags: ,

You stole my flashing lights

"I don't understand the hardware, I don't understand the software, but I can see the flashing lights"

This sums up the basic problem with cloud adoption and over the last week or so its been even clearer while chatting with some clients and journalists around the issues of cloud.

Simply put the current regulatory, compliance and security world is basically based around that statement.

Security folks don't understand what your application does, but they understand networks, networks are physical things, they understand SSO and how to VLAN and physical LANS and they love the physical separation as its obvious how the security is maintained.

Accountancy folks don't understand any of this but they can look at the data centre, count the flashing lights and know all is good. They can also "audit" this physical environment and feel happily secure that the flashing lights are kept safe by a good bunch of process that makes sure that the flashing lights don't talk to the wrong flashing lights.

Lawyers are retarded by the legal lag that in many cases appears to struggle with the idea of the computer and digital information let alone the concept of the internet and cloud computing. Again its about the physical separation as this is what makes it easiest.

Hardware manufacturers play to the flashing light meme as well, I was in a DC recently and made a comment about the compliance challenges and how people seem to like flashing lights and the chap said "Good point, I mean we even put them on the BOARDS for some reason and in a rack you can't even see those lights".

This is the world that cloud computing really comes against. Worries that "one virtual machine could break into another one on the same processor", concerns that virtual separation is just like stabbing a condom with holes, concerns that because you can't physically audit the separation and that some of the cloud providers won't allow you to stomp around their data centres that in fact everything is insecure.

Before FUDmeisters jump up and scream about "being safe" let me ask you this... when was the last time you demanded a third party audit of your electricity supplier to prove that they wouldn't blast you with 300MV at 1MA? When was the last time your asked for a third party audit on your telco provider to prove they were not eavesdropping on your calls? What about the postal service or delivery company that ship your packages?

IT is of course completely and utterly different.... or is it just that because people have been beguiled by the flashing lights and the physicality and don't want to recognise the new challenges that they really should be addressing. Armadillo security (hard on the outside, soft on the inside) has long been a flaw in many company security approaches and virtualisation just makes that approach more obviously flawed. Approaches like Jericho aim to address the problems of business interaction.

The larger challenge however is in the audit and legal areas, being blunt many of the rules laid down today by legislators or auditors are based on a lack of understanding of the mid-90s and have no hope of applying to the new distributed IT environments. Take the need for an independent 3rd part audit of a cloud providers data-centres including how they provision, manage security and ensure availability. The problem is that IT is treated not as a utility, which is what cloud aims for, but as a physical asset that must be proven in the same way as oil reserves or cash.

The shift to treating IT as a utility needs to overcome these legal, accountancy and security objections and those of the intenral IT department. But to be clear these objections are already being worked around and in time will be overcome. The four FUDMeisters of the cloudpocalyse will lose this battle overtime but the quicker that the regulatory and accountancy rules are changed to recognise the shift of IT into a utility the better.

They can't have the flashing lights, and they need to deal with their loss.

Technorati Tags: ,