And this doesn't show the other Microsoft cloud services that have even worse reliability.
At my company we invested a lot of time trying to make Azure Service Bus and Visual Studio Online work. Both were so dreadfully unreliable as to be unusable.
For IAAS providers, you should care about the uptime of the regions (datacenter) that you are planning to use and the uptime of the specific services that your vms will use within those datacenters. In particular, I recommend paying close attention to the monthly/quarterly uptime trend in addition to aggregate uptime numbers.
And if you really care, try and find out the datacenter(s) your providers will be using and find out the historic performance of their different infrastructure and redundancy providers, and how often they actually test and upgrade their systems.
Look at the difference now when I filter by region and add the region data to the chart... it clearly shows just how hard these comparisons can be:
Provider Uptime Outages Regions Total Downtime
---------------------- -------- ------- -------- --------------
Google Compute Engine 100% 0 1 0 hours
Amazon EC2 99.9984% 7 3 0.13 hours
Microsoft Azure VMs 99.942% 56 6 2.89 hours
You disingenuously left out the Region column from your copy of the table from the article you linked, which entirely alters the meaning of "Total Downtime". Any explanation for that?
That said, I'm a GCP certified engineer. I love GCP, but I can see Google losing the cloud war to Microsoft solely in that Microsoft has a more comprehensible offering (UI and libraries/services) and, most importantly, knows how to market its platform.
There was a pretty painful, several-hour Azure outage recently, but 102 outages is over an order of magnitude higher than my Pingdom/Clicky uptime data for a few sites in US East last year.
When a company trumpets some bold statements for marketing purposes, I immediately think about the worst or most far-fetched interpretation of their language. I wonder if their marketing people are being coy and the honest truth is, in some ways, the opposite or far less than what they are saying.
We run 50+ linux server on azure (west europe) and it's a nightmare, vm reboot unplanned,VHD diseappear. Timeout or unreachable blob files on HDInsight (with PIG)... Slow load balancer not really configurable. Website slow++.
I won't recommand it... Very hard for us to keep a professional SLA.
Is it feasible for you to evaluate an AWS deployment? I'd be very interested in the numbers you mention if we could compare them to something directly.
* MS is managing said Key Vault, meaning they may well be under pressure from the NSA to provide access, without a warrant, and without a target knowing said access was requested.
* The local SSD storage can really only be used for temporary or cache based workloads... if your image ships to another machine in the case of failover, you'll lose that data. It's not a bad thing, but the High Performance (SSD backed) disk storage is still waiting for general availability, been on the wait list for preview for a while.
* The ready ubuntu+docker VM is cool, but I think it's more cool that CoreOS is generally available in the box now.
We run all our ec2 instances on ephemeral disk instances. Historically running on ebs was a great way to ensure application downtime.
Ephemeral drives mean you need to change the design of your application to be able to withstand full loss of machines. But it's really not that hard. A good replicated database (riak, cassandra) spanning multiple availability zones gets you 95% of the way there.
"In another embodiment, a data storage system receives a request from a third party to access a user's stored, encrypted data, where the data is stored in the data storage system according to a predefined policy. The encryption on the data prevents the storage system from gaining access to the encrypted data, while the policy allows the encrypted data to be released upon receiving a threshold number of requests from verified third parties." - Cloud key escrow system, Microsoft Corporation
I think Microsoft is doing a good job of reinventing themselves. Azure and Office 365 really are good products. The Linux support on Azure is great and Office 365 runs well on my Android and iOS devices, support on OS X is OK, and the web version of Office 365 is sometimes handy on my Linux laptop.
As far as privacy on their key store goes, I tend to trust Microsoft and Google more than average corporations.
I'm paying for Microsoft Office for the first time ever (when I've used it in the past it has been provided by school or work) because I can use Office on non-Microsoft platforms now. I can start an Excel document on Windows 8, edit it later on RHEL, and view it on the go on my iPhone. It's the era of the cloud. That's how things should be. It doesn't matter what system I'm running.
I'm interested to hear you've had a good run with O365 - or organisation (100 people) have been using it for 3 years and it's a nightmare, weekly outages, very poor performance, browser compatibility problems with anything that's not IE, missing emails and to top it off absolutely shocking support.
The truth is that a lot of you refuse to learn how windows works at a deep level, at least as deep as you know UNIX. Then it doesn't work like UNIX... and then you're angry.
I have seen similar horror stories from AWS customers. They probably weren't early adopters like people on HN...who now have the kinks worked out.
MS should stop trying to impress the HN crowd. And unless you own stock in these companies you need to stop investing so much personal emotion in how they are doing compared to each other. AWS isn't some scrappy upstart from a Horatio Alger novel. MS isn't the Empire from Star Wars. And none of them give a damn about you.
The term "open" only appears once in the article on this line (aside from the title):
> Building on our openness with the availability of the first Docker Image in the Microsoft Azure Marketplace
What the hell does "building on our openness" even mean in that context? I've read it several times and it makes no sense. It is great that they added Docker images (really) but maybe someone technical at Microsoft should start to proofread what nonsense that the marketing department spews out.
Does anyone have any opinions on Google Cloud? We are investigating moving to Google Cloud but I personally am a bit skeptical because they appear to be a distinct #4 behind AWS, Azure and Rackspace. I'm worried that Google Cloud will not get the revenues they want and they will close up shop, like they've done with their other products that were wildly successful. I don't see Google having the same level of commitment as Bezos, who will believe in something and then see it through come hell or high water.
Does Google Cloud have the same functionality and flexibility that AWS or Azure have?
I really don't see how Google would exit the cloud service business. It's a core competence of theirs.
People have been saying "I'd rather stick with Evernote than Keep" as well. And less than 2 years later, Keep is still there and being updated (with not that many users I think), while Evernote had just laid off 20 people.
I also think most of Google's "spring cleaning" projects have been small projects that made no money - as in they didn't even have a business model (such as Reader). The cloud business seems to be pretty straightforward - we give you this, you pay us that.
The major problem with Google Cloud is you don't when they will be blocked in China (that is 20% of the Internet population, or if you don't care). On the other hand, Microsoft and Amazon have better communication with the China gov.
I actually think Azure is nice platform, but they've effectively priced me out.
What I mean is that if I want a basic VPS on Azure it costs ~10€/mo to run the server for the month, but there are many VPS providers who offer a lot better hardware for same price.
I guess Azure is meant for bigger needs than mine where you can run 100-200€/mo by default and then scale up when needed, but since my little blog + test/dev server won't need to be scaled it just seems too expensive.
If you plan on building something, but your needs are not there yet you may want to apply for a BizSpark account that covers $150/mo if I'm not wrong. OTOH for a blog you may want to check the PaaS offerings (e.g. Azure Websites).
The metrics they use are not the same, so I am not sure if the AWS option is something dedicated vs the MSFT one is something you share? Is there something different from AWS that is more comparable?
I think the AWS Cloud HSM is dedicated, but not sure. They look to be about the same.
If you don't need FIPS, AWS also has the new KMS service which is way cheaper than Cloud HSM.
I've been using Azure Websites to host 10 web apps monitoring with nodeping and have not had noticeable downtime in 2014. Maybe it's just their IaaS and not the PaaS
Whenever I hear about Microsoft, I just think irrelevant.
Am I bad?
Sometimes I think I might have missed out on something, but in 30+ years of programming I've never done any real development on it (unless you count java), and I often go months without encountering it (except for remote desktop occasionally).
I think it was good to have competition Apple/Linux/Google, but it doesn't seem like they've kept up.
I recently had to use the Azure various APIS like ServiceBus.
It's a complete failure once you get lost in bugs, missing or hard to find API documentation or examples like `var serviceBusService = azure.createServiceBusService();` WELL Mister API Designer you failed!
A very important issue with Key Vault is: what to do when the Hardware Security Module dies? All electronics fail or stop working at some point. How do you make backups of keys that were on the HSM?
You don't. Keys on an HSM never leave the HSM, is how I think it should work. But your keys in the HSM can encrypt secrets, separate from the HSM's keys, but stored with the same service. You could potentially distribute secrets to multiple HSM-backed services. It's equally possible that the service itself distributes your secrets amongst multiple HSMs.
YubiHSM back in the day, I recall reading, was designed so that you'd want two HSMs, one generates random secrets, the other stores the secrets using keys that never leave the device, if I recall correctly. And the reason it needed two is that the generator would leak parts of its keys with the random data it produced, I think, and so to securely store them, you needed a second device with key generating turned off. I could be out to lunch here, never bought a YubiHSM nor do I have experience with corporate ones. My point, is that there are different uses for HSMs, and it's easy enough to have an insecure use of HSMs, even as simple as generating secrets and storing secrets on the same device.
As to what to do if the key is lost, I suppose it's time to re-issue. :) The goal is to not make too many backups: keeping a key secret is more important than ensuring the key is widely available, right? So it's a balance....
Board-level changes at Microsoft over the last year or two have placed a higher priority on platform-agnostic cloud services, vs. Windows. Hence new versions of Windows that are free, but collect usage data from bundled services, like Google does.
Sure, you can make that assumption. Even with an HSM protecting things, they still own and manage the HSM, not you. But then the same can be said for everything else you run in Microsoft's cloud or any other service provider, really. Once I read that the NSA would sometimes take computers from transport and modify them, I realized the NSA is the type of persistent threat you simply can't avoid. It can't be helped in this day and age.
[+] [-] panarky|11 years ago|reply
Oh, that's right, how about more uptime?
Source: https://cloudharmony.com/status-1year-of-compute-group-by-re...And this doesn't show the other Microsoft cloud services that have even worse reliability.
At my company we invested a lot of time trying to make Azure Service Bus and Visual Studio Online work. Both were so dreadfully unreliable as to be unusable.
[+] [-] 23david|11 years ago|reply
And if you really care, try and find out the datacenter(s) your providers will be using and find out the historic performance of their different infrastructure and redundancy providers, and how often they actually test and upgrade their systems.
Look at the difference now when I filter by region and add the region data to the chart... it clearly shows just how hard these comparisons can be:
https://cloudharmony.com/status-1year-of-compute-in-america_...[+] [-] mindstab|11 years ago|reply
http://www.computerworld.com/article/2865802/verizon-warns-e...
[+] [-] gamblor956|11 years ago|reply
[+] [-] mcgwiz|11 years ago|reply
[+] [-] nickbauman|11 years ago|reply
[+] [-] Encosia|11 years ago|reply
[+] [-] vidarh|11 years ago|reply
[+] [-] Avitas|11 years ago|reply
[+] [-] mobiplayer|11 years ago|reply
[+] [-] erazor42|11 years ago|reply
Maybe it's because we run linux server ?
One good point is cheap blob, slow but cheap.
[+] [-] clebio|11 years ago|reply
[+] [-] tracker1|11 years ago|reply
* MS is managing said Key Vault, meaning they may well be under pressure from the NSA to provide access, without a warrant, and without a target knowing said access was requested.
* The local SSD storage can really only be used for temporary or cache based workloads... if your image ships to another machine in the case of failover, you'll lose that data. It's not a bad thing, but the High Performance (SSD backed) disk storage is still waiting for general availability, been on the wait list for preview for a while.
* The ready ubuntu+docker VM is cool, but I think it's more cool that CoreOS is generally available in the box now.
[+] [-] helper|11 years ago|reply
Ephemeral drives mean you need to change the design of your application to be able to withstand full loss of machines. But it's really not that hard. A good replicated database (riak, cassandra) spanning multiple availability zones gets you 95% of the way there.
[+] [-] xnull1guest|11 years ago|reply
https://www.google.com/patents/US20120321086
Anyone here speak patentese?
[+] [-] mark_l_watson|11 years ago|reply
As far as privacy on their key store goes, I tend to trust Microsoft and Google more than average corporations.
[+] [-] freehunter|11 years ago|reply
[+] [-] mrmondo|11 years ago|reply
[+] [-] alttab|11 years ago|reply
[+] [-] sudioStudio64|11 years ago|reply
I have seen similar horror stories from AWS customers. They probably weren't early adopters like people on HN...who now have the kinks worked out.
MS should stop trying to impress the HN crowd. And unless you own stock in these companies you need to stop investing so much personal emotion in how they are doing compared to each other. AWS isn't some scrappy upstart from a Horatio Alger novel. MS isn't the Empire from Star Wars. And none of them give a damn about you.
[+] [-] davexunit|11 years ago|reply
[+] [-] Someone1234|11 years ago|reply
> Building on our openness with the availability of the first Docker Image in the Microsoft Azure Marketplace
What the hell does "building on our openness" even mean in that context? I've read it several times and it makes no sense. It is great that they added Docker images (really) but maybe someone technical at Microsoft should start to proofread what nonsense that the marketing department spews out.
[+] [-] api|11 years ago|reply
[+] [-] panarky|11 years ago|reply
http://en.wikipedia.org/wiki/Glasnost
[+] [-] martco|11 years ago|reply
perestroika: ORIGIN Russian, literally ‘restructuring.’
[+] [-] steven2012|11 years ago|reply
Does Google Cloud have the same functionality and flexibility that AWS or Azure have?
[+] [-] higherpurpose|11 years ago|reply
People have been saying "I'd rather stick with Evernote than Keep" as well. And less than 2 years later, Keep is still there and being updated (with not that many users I think), while Evernote had just laid off 20 people.
I also think most of Google's "spring cleaning" projects have been small projects that made no money - as in they didn't even have a business model (such as Reader). The cloud business seems to be pretty straightforward - we give you this, you pay us that.
[+] [-] 23david|11 years ago|reply
[+] [-] tszming|11 years ago|reply
[+] [-] unknown|11 years ago|reply
[deleted]
[+] [-] Morphling|11 years ago|reply
What I mean is that if I want a basic VPS on Azure it costs ~10€/mo to run the server for the month, but there are many VPS providers who offer a lot better hardware for same price.
I guess Azure is meant for bigger needs than mine where you can run 100-200€/mo by default and then scale up when needed, but since my little blog + test/dev server won't need to be scaled it just seems too expensive.
[+] [-] mobiplayer|11 years ago|reply
[+] [-] egsec|11 years ago|reply
ASW Cloud HSM - http://aws.amazon.com/cloudhsm/pricing/
Azure Key Vault - http://azure.microsoft.com/en-us/pricing/details/key-vault/
The metrics they use are not the same, so I am not sure if the AWS option is something dedicated vs the MSFT one is something you share? Is there something different from AWS that is more comparable?
[+] [-] count|11 years ago|reply
[+] [-] ktavera|11 years ago|reply
[+] [-] toddkaufmann|11 years ago|reply
I think it was good to have competition Apple/Linux/Google, but it doesn't seem like they've kept up.
[+] [-] unknown|11 years ago|reply
[deleted]
[+] [-] vvoyer|11 years ago|reply
It's a complete failure once you get lost in bugs, missing or hard to find API documentation or examples like `var serviceBusService = azure.createServiceBusService();` WELL Mister API Designer you failed!
[+] [-] mrmondo|11 years ago|reply
[+] [-] venaoy|11 years ago|reply
[+] [-] lstamour|11 years ago|reply
YubiHSM back in the day, I recall reading, was designed so that you'd want two HSMs, one generates random secrets, the other stores the secrets using keys that never leave the device, if I recall correctly. And the reason it needed two is that the generator would leak parts of its keys with the random data it produced, I think, and so to securely store them, you needed a second device with key generating turned off. I could be out to lunch here, never bought a YubiHSM nor do I have experience with corporate ones. My point, is that there are different uses for HSMs, and it's easy enough to have an insecure use of HSMs, even as simple as generating secrets and storing secrets on the same device.
As to what to do if the key is lost, I suppose it's time to re-issue. :) The goal is to not make too many backups: keeping a key secret is more important than ensuring the key is widely available, right? So it's a balance....
[+] [-] helper|11 years ago|reply
[+] [-] Aoyagi|11 years ago|reply
[+] [-] walterbell|11 years ago|reply
[+] [-] wmf|11 years ago|reply
[+] [-] MichaelGG|11 years ago|reply
[+] [-] higherpurpose|11 years ago|reply
[+] [-] lstamour|11 years ago|reply
For more on the HSM service and how it works: http://blogs.technet.com/b/kv/
[+] [-] StudyAnimal|11 years ago|reply