Click here to close now.


Microservices Expo Authors: Carmen Gonzalez, Liz McMillan, Jason Bloomberg, Lori MacVittie, Tim Hinds

Related Topics: @CloudExpo, Java IoT, Microservices Expo, Open Source Cloud, Containers Expo Blog, Apache

@CloudExpo: Article

Bursting the Cloudbursting Bubble

Cloudbursting is mostly marketing vaporware, & even as the Cloud marketplace matures, may only be of limited applicability

You're the widget product manager for Widgetco, who sells about 500 widgets per day on your Web site, some days a dozen more, some days a dozen less. Everything is fine until you pick up a copy of USA Today. Right there on the front page, in brilliant color-on-newsprint, is Justin Bieber. And what is the Biebster holding in his hand? One of your widgets.

Dream scenario? No, you think, more like nightmare scenario. Widgetco hosts its Web site in its own data center, as it has done since 1997. It can take maybe, say, a thousand or two transactions per day at most. But sure enough, Bieber Fever crashes your site, on the one day you could make your entire quarterly sales quota, if only you could fulfill the demand.

You should have listened to your CIO, who recommended Cloudbursting as a way of dealing with unexpected spikes in demand. Cloudbursting is being able to maintain on-premise or Private Cloud capacity for normal capacity requirements, while a Public Cloud automatically handles excess demand. Cloudbursting is supposed to be an economical way of leveraging the Public Cloud, because you only pay the Cloud provider when you require excess capacity. On normal days, however, your existing, already-paid-for infrastructure handles the load quite well.

A straightforward value proposition, right? Any on-premise or Private Cloud-based app that is subject to spikes in demand that existing infrastructure can't handle should be able to benefit, so the argument goes. Unfortunately, however, Cloudbursting has a number of problems, making it challenging for even the most suitable scenarios-and furthermore, such scenarios are rarer than you think. Bottom line: Cloudbursting is mostly marketing vaporware, and even as the Cloud marketplace matures, may only be of limited applicability.

A Closer Look at Cloudbursting
Cloudbursting depends upon workload migration: when your on-premise system bogs down, you must move your entire application to the Cloud-data, business logic, and user interface. Over an Internet connection to the Cloud. Even the most basic workloads might take hours to migrate, and in the meantime, your customers are left out in the cold.

The obvious way to mitigate the workload migration problem is to set up a copy of your application environment in the Cloud ahead of time. That way when the Bieber effect kicks in, all you need to do is fire up the Cloud copy and reconfigure your DNS to direct traffic to it, right?

Not so fast. First you'll need to synchronize your data. There are tools for that, true, but it still takes time, and you now have the challenge of maintaining the true version of the data. For example, let's say you have 5,000 widgets in inventory (as reported by your ERP application) when your site goes down. You can't migrate the whole ERP to the Cloud, so you copy over your master inventory table. Now you're fulfilling orders in the Cloud as well as on-premise, since your on-premise site has recovered now that you've lightened its load. The result? Each site sells 3,000 widgets before the next data synchronization cycle, and once again you're in trouble.

OK, so that won't work either. Instead, you integrate the Cloud app with your ERP system, so that you can handle orders in real time, instead of waiting to synchronize your data. In other words, you set up a Hybrid Cloud. Yes, you can do that-after all, many organizations are moving to Hybrid Cloud models-but then you ask yourself: does it really make sense to put in all the time and effort to set up a Hybrid Cloud solely for handling Cloudbursting? If you're going to all that trouble, why not keep the Cloud-based app live all the time?

There's the rub with Cloudbursting: you might think you're saving money by only using a Public Cloud for handling peak demand, but in reality, you get better Total Cost of Ownership by using the Cloud all the time, either via a Hybrid model, or by migrating your entire app to the Cloud. The Hybrid model provides additional benefits as well, namely a measure of failover, increasing your overall availability. It's always better to have two (or more) geographically distributed instances of an app serving your customers, in case something happens to one of them. And if you want to offer seamless availability, you should have all the instances running at once, with a load balancer distributing the traffic. Chances are, you can get load balancing from the Cloud provider as well.

So you've convinced your CIO that Cloudbursting might not be the best alternative. Instead, you're discussing moving your entire site to the Cloud when your CEO walks into the room. Her concern is for compliance and security. You're taking customer credit card numbers, so you must be PCI compliant. And everybody knows Public Clouds are less secure than Private ones, right?

The problem here is that if these concerns are valid then they rule out Cloudbursting as well. Being PCI compliant except during peak demand is just another way of saying you're not PCI compliant. On the other hand, if your Public Cloud provider offers PCI compliance, then it would apply equally well to Cloudbursting as to a Hybrid approach or migrating to the Public Cloud. The same argument applies to security concerns.

There are a few more pitfalls to Cloudbursting worth mentioning. If you're thinking of putting your app in a Private Cloud and using a Public Cloud for Cloudbursting, then what you're really saying is that you didn't plan your Private Cloud properly in the first place. After all, what's the point in setting up a Private Cloud unless it can provide sufficient elasticity to meet your needs? You might as well just stick to a traditional on-premise hosted environment.

You also need to work through the details of the Cloudbursting event itself. Does your on-premise app need to fail for Cloudbursting to take place, or do you have a way of bursting as your existing app nears a critical threshold, but before it actually goes down? The latter requires careful management, and even with all the appropriate management tools in place, you may still have a failure-based scenario. The question then is whether the on-premise failure will impede your ability to successfully Cloudburst. For example, if the Bieber effect causes your database server to crash requiring a reboot, you may not be able to synchronize your data in order to begin the Cloudbursting. In other words, you've designed your Cloudbursting to fail just when you need it.

The ZapThink Take
Let's say you've made it to this point in this ZapFlash and you're still not convinced. You remain confident that Cloudbursting is practical in your situation. OK, then, what kind of situations might be appropriate for Cloudbursting?

Our Widgetco example required some legacy integration, which obviously complicates Cloudbursting enormously. Cloudbursting would clearly be more suitable for standalone applications that didn't require such integration. But on the other hand, you would only need Cloudbursting if you have an app that is susceptible to spikes in demand-and virtually all such apps have public-facing Web interfaces. And thirdly, Cloudbursting would clearly not be appropriate for any app that should obviously be entirely Cloud-based from the get go, namely a SaaS or PaaS app.

We've essentially crossed off every kind of application from the list. Any sort of app that processes customer transactions is out of consideration, because they either require legacy integration or should run as SaaS apps in order to process transactions in the Cloud. All that remain are free, public-facing Web applications that have unpredictable traffic patterns and yet have an on-premise component that you don't want to move to the Cloud. You have one minute to think of one. Ready? Go!

Image credit: oskaree

More Stories By Jason Bloomberg

Jason Bloomberg is the leading expert on architecting agility for the enterprise. As president of Intellyx, Mr. Bloomberg brings his years of thought leadership in the areas of Cloud Computing, Enterprise Architecture, and Service-Oriented Architecture to a global clientele of business executives, architects, software vendors, and Cloud service providers looking to achieve technology-enabled business agility across their organizations and for their customers. His latest book, The Agile Architecture Revolution (John Wiley & Sons, 2013), sets the stage for Mr. Bloomberg’s groundbreaking Agile Architecture vision.

Mr. Bloomberg is perhaps best known for his twelve years at ZapThink, where he created and delivered the Licensed ZapThink Architect (LZA) SOA course and associated credential, certifying over 1,700 professionals worldwide. He is one of the original Managing Partners of ZapThink LLC, the leading SOA advisory and analysis firm, which was acquired by Dovel Technologies in 2011. He now runs the successor to the LZA program, the Bloomberg Agile Architecture Course, around the world.

Mr. Bloomberg is a frequent conference speaker and prolific writer. He has published over 500 articles, spoken at over 300 conferences, Webinars, and other events, and has been quoted in the press over 1,400 times as the leading expert on agile approaches to architecture in the enterprise.

Mr. Bloomberg’s previous book, Service Orient or Be Doomed! How Service Orientation Will Change Your Business (John Wiley & Sons, 2006, coauthored with Ron Schmelzer), is recognized as the leading business book on Service Orientation. He also co-authored the books XML and Web Services Unleashed (SAMS Publishing, 2002), and Web Page Scripting Techniques (Hayden Books, 1996).

Prior to ZapThink, Mr. Bloomberg built a diverse background in eBusiness technology management and industry analysis, including serving as a senior analyst in IDC’s eBusiness Advisory group, as well as holding eBusiness management positions at USWeb/CKS (later marchFIRST) and WaveBend Solutions (now Hitachi Consulting).

@MicroservicesExpo Stories
Containers have changed the mind of IT in DevOps. They enable developers to work with dev, test, stage and production environments identically. Containers provide the right abstraction for microservices and many cloud platforms have integrated them into deployment pipelines. DevOps and Containers together help companies to achieve their business goals faster and more effectively.
All we need to do is have our teams self-organize, and behold! Emergent design and/or architecture springs up out of the nothingness! If only it were that easy, right? I follow in the footsteps of so many people who have long wondered at the meanings of such simple words, as though they were dogma from on high. Emerge? Self-organizing? Profound, to be sure. But what do we really make of this sentence?
Containers are revolutionizing the way we deploy and maintain our infrastructures, but monitoring and troubleshooting in a containerized environment can still be painful and impractical. Understanding even basic resource usage is difficult - let alone tracking network connections or malicious activity. In his session at DevOps Summit, Gianluca Borello, Sr. Software Engineer at Sysdig, will cover the current state of the art for container monitoring and visibility, including pros / cons and li...
The web app is agile. The REST API is agile. The testing and planning are agile. But alas, data infrastructures certainly are not. Once an application matures, changing the shape or indexing scheme of data often forces at best a top down planning exercise and at worst includes schema changes that force downtime. The time has come for a new approach that fundamentally advances the agility of distributed data infrastructures. Come learn about a new solution to the problems faced by software organ...
With containerization using Docker, the orchestration of containers using Kubernetes, the self-service model for provisioning your projects and applications and the workflows we built in OpenShift is the best in class Platform as a Service that enables introducing DevOps into your organization with ease. In his session at DevOps Summit, Veer Muchandi, PaaS evangelist with RedHat, will provide a deep dive overview of OpenShift v3 and demonstrate how it helps with DevOps.
Achim Weiss is Chief Executive Officer and co-founder of ProfitBricks. In 1995, he broke off his studies to co-found the web hosting company "Schlund+Partner." The company "Schlund+Partner" later became the 1&1 web hosting product line. From 1995 to 2008, he was the technical director for several important projects: the largest web hosting platform in the world, the second largest DSL platform, a video on-demand delivery network, the largest eMail backend in Europe, and a universal billing syste...
Docker is hot. However, as Docker container use spreads into more mature production pipelines, there can be issues about control of Docker images to ensure they are production-ready. Is a promotion-based model appropriate to control and track the flow of Docker images from development to production? In his session at DevOps Summit, Fred Simon, Co-founder and Chief Architect of JFrog, will demonstrate how to implement a promotion model for Docker images using a binary repository, and then show h...
Application availability is not just the measure of “being up”. Many apps can claim that status. Technically they are running and responding to requests, but at a rate which users would certainly interpret as being down. That’s because excessive load times can (and will be) interpreted as “not available.” That’s why it’s important to view ensuring application availability as requiring attention to all its composite parts: scalability, performance, and security.
There once was a time when testers operated on their own, in isolation. They’d huddle as a group around the harsh glow of dozens of CRT monitors, clicking through GUIs and recording results. Anxiously, they’d wait for the developers in the other room to fix the bugs they found, yet they’d frequently leave the office disappointed as issues were filed away as non-critical. These teams would rarely interact, save for those scarce moments when a coder would wander in needing to reproduce a particula...
Last month, my partners in crime – Carmen DeArdo from Nationwide, Lee Reid, my colleague from IBM and I wrote a 3-part series of blog posts on We titled our posts the Simple Math, Calculus and Art of DevOps. I would venture to say these are must-reads for any organization adopting DevOps. We examined all three ascpects – the Cultural, Automation and Process improvement side of DevOps. One of the key underlying themes of the three posts was the need for Cultural change – things like t...
In today's digital world, change is the one constant. Disruptive innovations like cloud, mobility, social media, and the Internet of Things have reshaped the market and set new standards in customer expectations. To remain competitive, businesses must tap the potential of emerging technologies and markets through the rapid release of new products and services. However, the rigid and siloed structures of traditional IT platforms and processes are slowing them down – resulting in lengthy delivery ...
Overgrown applications have given way to modular applications, driven by the need to break larger problems into smaller problems. Similarly large monolithic development processes have been forced to be broken into smaller agile development cycles. Looking at trends in software development, microservices architectures meet the same demands. Additional benefits of microservices architectures are compartmentalization and a limited impact of service failure versus a complete software malfunction....
Containers are changing the security landscape for software development and deployment. As with any security solutions, security approaches that work for developers, operations personnel and security professionals is a requirement. In his session at @DevOpsSummit, Kevin Gilpin, CTO and Co-Founder of Conjur, will discuss various security considerations for container-based infrastructure and related DevOps workflows.
It is with great pleasure that I am able to announce that Jesse Proudman, Blue Box CTO, has been appointed to the position of IBM Distinguished Engineer. Jesse is the first employee at Blue Box to receive this honor, and I’m quite confident there will be more to follow given the amazing talent at Blue Box with whom I have had the pleasure to collaborate. I’d like to provide an overview of what it means to become an IBM Distinguished Engineer.
The cloud has reached mainstream IT. Those 18.7 million data centers out there (server closets to corporate data centers to colocation deployments) are moving to the cloud. In his session at 17th Cloud Expo, Achim Weiss, CEO & co-founder of ProfitBricks, will share how two companies – one in the U.S. and one in Germany – are achieving their goals with cloud infrastructure. More than a case study, he will share the details of how they prioritized their cloud computing infrastructure deployments ...
Opinions on how best to package and deliver applications are legion and, like many other aspects of the software world, are subject to recurring trend cycles. On the server-side, the current favorite is container delivery: a “full stack” approach in which your application and everything it needs to run are specified in a container definition. That definition is then “compiled” down to a container image and deployed by retrieving the image and passing it to a container runtime to create a running...
Between the compelling mockups and specs produced by analysts, and resulting applications built by developers, there exists a gulf where projects fail, costs spiral, and applications disappoint. Methodologies like Agile attempt to address this with intensified communication, with partial success but many limitations. In his session at DevOps Summit, Charles Kendrick, CTO and Chief Architect at Isomorphic Software, will present a revolutionary model enabled by new technologies. Learn how busine...
If you are new to Python, you might be confused about the different versions that are available. Although Python 3 is the latest generation of the language, many programmers still use Python 2.7, the final update to Python 2, which was released in 2010. There is currently no clear-cut answer to the question of which version of Python you should use; the decision depends on what you want to achieve. While Python 3 is clearly the future of the language, some programmers choose to remain with Py...
Internet of Things (IoT) will be a hybrid ecosystem of diverse devices and sensors collaborating with operational and enterprise systems to create the next big application. In their session at @ThingsExpo, Bramh Gupta, founder and CEO of, and Fred Yatzeck, principal architect leading product development at, discussed how choosing the right middleware and integration strategy from the get-go will enable IoT solution developers to adapt and grow with the industry, while at th...
As we increasingly rely on technology to improve the quality and efficiency of our personal and professional lives, software has become the key business differentiator. Organizations must release software faster, as well as ensure the safety, security, and reliability of their applications. The option to make trade-offs between time and quality no longer exists—software teams must deliver quality and speed. To meet these expectations, businesses have shifted from more traditional approaches of d...