In nature, things seek a balance that is sustainable. In the case of rivers, if there is too much pressure from water flowing, they either flood or open streams to let off the pressure. Both are technically examples of erosion, but we’re not here to discuss that particular natural process, we’re here to consider the case of a stream off a river when there is something changing the natural balance. Since I grew up around a couple of man-made lakes – some dug, some created when the mighty AuSable River was dammed, I’ll use man-made lakes as my examples, but there are plenty of more natural examples – such as earthquakes – that create the same type of phenomenon.
Now that I’ve prattled a bit, we’ll get down to the science. A river will sometimes create off-shoots that run to relieve pressure. When these off-shoots stay and have running water, they’re streams or creeks. Take the river in the depiction below:
The river flows right to left, and the stream is not a tributary – it is not dumping water into the river, it is a pressure relief stream taking water out. These form in natural depressions when, over time, the flow of a river is more than erosion can adjust for. They’re not at all a problem, and indeed distribute water away from the source river and into what could be a booming forest or prime agricultural land.
But when some event – such as man dredging a man-made lake – creates a vacuum at the end of the stream, then the dynamic changes. Take, for example the following depiction.
When the bulbous lake at the top is first dug, it is empty. The stream will have the natural resistance of its banks removed, and will start pulling a LOT more water out of the river. This can have the effect of widening the stream in areas with loose-packed soil, or of causing it to flow really very fast in less erosion-friendly environments like stone or clay. Either way, there is a lot more flowing through that stream.
Make the lake big enough, and you can divert the river – at least for a time, and depending upon geography, maybe for good. This happens because water follows the path of least resistance, and if the pull from that gaping hole that you dug is strong enough, you will quickly cause the banks of the stream to erode and take the entire river’s contents into your hole.
And that is pretty much what public cloud adoption promises to do to your Internet connection. At 50,000 feet, your network environment today looks like this:
Notice how your Internet connection is comparable to the stream in the first picture? Where it’s only taking a tiny fraction of the traffic that your LAN is utilizing? Well adding in public cloud is very much like digging a lake. It creates more volume running through your Internet connection. If you can’t grow the width of your connection (due to monthly overhead implications), then you’re going to have to make it go much faster.
This is going to be a concern, since most applications of cloud – from storage to apps – are going to require two-way communication with your datacenter. Whether it be for validating users or accessing archived files, there’s going to be more traffic going through your WAN connection and your firewall.
Am I saying “don’t use public cloud”? Absolutely not. It is a tool like any other, if you are not already piloting a project out there, I suggest you do so, just so you know what it adds to your toolbox and what new issues it creates. But the one thing that is certain, the more you’re going “out there” for apps and data, the more you’ll need to improve performance of your Internet connections.
Mandatory plug: F5 sells products like WOM, EDGE Gateway, and WAM to help you improve the throughput of your WAN connection, and they would be my first stop in researching how to handle increased volumes generated by cloud usage… But if you are a “Vendor X” shop, look at their WAN Optimization and Web Acceleration solutions.
Don’t wait until this becomes an actual problem rather than a potential one – when you set up a project team to do a production project out in the public cloud, along with security and appdev, make sure to include a WAN optimization specialist, so you can make certain your Internet connection is not the roadblock that sank the project.
This is also the point where I direct your attention to that big firewall in the above diagram. Involve your security staff early in any cloud project. Most of the security folks I have worked with are really smart cookies, but they can’t guarantee the throughput of the firewall if they don’t know you’re about to open up the floodgates on them. Give them time to consider more than just how to authenticate cloud application users.
I know I’ve touched on this topic before, but wanted it to be graphically drawn out, so you got to see my weak MS-Paint skills in action, and hopefully I gave you a bit more obvious view of why this is so important.