The operation and security of cloud computing era

The cloud computing era has brought a lot of opportunities, but also brought a lot of challenges, some people think that with the popularity of the cloud, operators will eventually disappear. Of course, this argument can not help but some extreme, but the cloud era does bring a lot of differences in operation, but also let operators start to think a lot of problems. In the recently held China Transport and peacekeeping security Conference, we are delighted to see a lot of students willing to meet the challenge, but also a lot of Daniel to share their experience and experiences.

China's first generation of hackers, incumbent Ucloud CEO of the Ti Xinhua for you to analyze the cloud computing era for the operation and security challenges and opportunities. First of all, operators must have some basic quality requirements, including the understanding of Feng Shui, in the engine room site is in the earthquake belt, what wind blows, how local electricity prices are operational dimension to consider; understand the network, in the domestic special network environment, to understand the north-south differences; To have the strength, if necessary, can go to the engine room to move the server , also understand the operating system, understand cyber attack defense and so on ...

But most operators in the company's position is not high, and in the industry's relatively low wages, the reason is still because of the operation of the low threshold, we are not high awareness of operational dimensions. Therefore, Ti Xinhua that, in addition to the above basic knowledge, operational personnel also because of the following three aspects of the quality:

Understand the business, for example, to understand the product of the user is a first-tier city or second-tier city, is the PC or mobile end, in the business has enough knowledge of the situation, can let your work become a leader concern.

Operation, the accident management in operation into process management, and can continue to improve, continuous optimization; operations to be able to do four "first", that is, the first time to find problems, the first time to locate the problem, the first time to solve the problem and the first time feedback problems.

Systematization, to be able to through a variety of systems to assist operation and maintenance work, even to develop their own operation and maintenance system.

Now there are a few bottlenecks in front of everyone, first, the growth of space is limited, in the company's position is not high, the industry's visibility is not high; the second is that cloud computing may lose a lot of the name of the operators, many small start-ups do not even need to carry the dimension, the third is the difficulty of personnel transformation.

Of course, there are many opportunities, for example, the Internet is rapidly changing traditional industries, and the O2O wave that preceded it is a good example of how the operators can help those traditional industries grow fast; the advent of large data opens up a window for everyone, and cloud computing, when you can make an industry do fine, It can be dug into an industry, such as cloud, dnspod, surveillance and security treasures are the best examples.

Ti Xinhua suggested that when you use those free maintenance services, if you can, they pay more to them, let the company know that the operation of the dimension is also valuable. When the development of the students asked how to help Yun-dimensional students, several guests have talked about if you can do devops that is the best, do not appear in this situation:

Lack of products, development and repair, development and maintenance of insufficient operation and maintenance service

Since the cloud is an important theme of this Congress, the nature of the cloud storage content. Han To, from seven cows, introduced some of the practices of seven cows in building cloud storage, and his share was divided into two parts--the underlying storage and the cloud storage built on the former, both of which were designed in very different ways.

The underlying storage has the following difficulties:

Meta-data management

Control of redundancy (the balance point between the number of replicas and the cost)

Repair speed (directly affects the reliability of the storage system, in the seven cattle recovery is a cluster task, the disk data copy loosely stored in the cluster, currently able to do in more than 10 minutes to a few 10 minutes to repair 2 to 3T of data)

Coping with the growth of capacity

Acceptable speed of access

A reasonable and efficient cache

Seven cattle on the network using a conventional gigabit LAN, this is taking into account its maturity and cost, between the cabinet can not guarantee any two points at any time are thousand trillion, or even can not guarantee the full unicom, and the speed between the room, bandwidth costs are high, speed and connectivity can not be guaranteed. Therefore, the location of the data storage needs to have a certain balance, the copy in the same cabinet and different cabinets have advantages and disadvantages, the room is also so.

In the fault area, in addition to the failure as a normal, but also to be able to clearly know what to face the fault, their causes, probability and impact range.

For example, common failures are:

Internal faults in the engine room

Network card (disconnection, spin down)

Network cable (disconnection, spin down)

Switches (overall failure, a-fault, VLAN failure)

Cabinet cascading failure

Machine Room Failure

Regional Network fault (engine room exit broken network)

DNS resolution failure (DNS between servers)

For the fault in the engine room, do not need to put too much resources cost to do additional high availability program.

In the network security, in addition to the necessary basic defense, more important is the business level of protection, the basic principle of public cloud is open, any service can be unconditionally exposed to the public network, the machine room interaction and Customer no difference, not a group of VPN.