Category Archives: amazon web services

Elastic Database Storage Cloud

In an earlier post on is Amazon EC2 right for SAAS, I wrote briefly on whether it would be possible to have proprietary database files in Amazon S3. Based on a recent announcement by EnterpriseDB and further research, I came across Elastra a company, if I understand correctly, provides some kind of a storage virtualization service on top of Amazon S3. See their architecture**.

This is cool technology because, in addition to having elastic compute cloud, it now becomes possible to have elastic database storage cloud. The key is, “database storage” and not ordinary key-value storage that the regular S3 is supposed to be.

Elastra currently has support for MySQL and PostreSQL, the two most popular open-source databases. With this technology, all of a sudden a large-scale database deployment is available to startups as a utility (or as some are calling it as PAAS, platform as a service).

What does it mean to the big players in the database space, mainly Oracle, IBM and Microsoft? Since Amazon EC2 platform is Linux based, Oracle and IBM should be able to soon roll out their own database PAAS on Amazon Web Services infrastructure. Microsoft probably need to figure out how it can enter into this space, especially if they end up acquiring Yahoo!, they would have to deal with a lot of BSD infrastructure as well!

**These guys are using javascript and ajax to load their various tab pages making it difficult to directly link to their technology page. Sometimes, in the effort to make things cool, website developers don’t realize how that impacts their SEO effort, but that’s a different thing. So, if I can’t directly link to their technology page, the next best thing is to hot-link to the architecture diagram but I didn’t want to hot-link either. So, the 2nd next best thing is to link to their image!

Leave a comment

Filed under Amazon EC2, Amazon S3, amazon web services, PAAS

Amazon S3 Security

You can’t call a system secure unless it’s really secure. Any application that does validation on the client side of the browser can’t afford to bypass it on the server side because someone can always programatically post invalid data. Long back when the app servers and http sessions were just coming up, a few e-commerce applications implemented shopping carts and item pricing using html form hidden variables and got hacked.

Anyway, I am trying to understand the security aspect of using Amazon S3, Amazon’s Simple Storage Service. When a system stores a resource locally, it has the control over serving the resource by authenticating the user. However, when using Amazon S3, this is usually not the case. That is, the very reason most people want to use Amazon S3 is for scalability. This can be achieved only if the url points directly to the Amazon S3 servers itself rather than pointing to your own server. If the url is routed through your own server, then you can do a server-side fetching of the resource stored in Amazon S3 after authenticating the user and then send it. But that defeats the purpose completely since your server becomes a bottleneck. Also, in that case, why store it in S3 and not locally?

Amazon S3 offers query-string authentication mechanism. This passes 3 additional URL parameters, your Amazon Web Services Access Key, Expiration and the Signature which is encrypted string of the resource url and a few other details. This guarantees that a resource is not accessible unless the signature is available, but the moment the url is given to one, and anyone else with an access to the url (which can happen in various ways) can also access the resource. So, essentially there is no user level security. The expiration field (which is also part of the signature, encrypted and safe) offers some level of defense, but still may not be good enough for certain class of secure applications.

So, it’s important to understand the limitations of using an OnDemand Service for powering up your applications. Amazon S3 as a personal backup drive is no brainer. Similarly, using it for completely public access also is no issue. Just those applications that require a tight security based on user (and not just based on the resource itself), can’t make use of S3. This issue is not specific to Amazon S3. Any service, with simple operations as those available in Amazon S3 WebServices will have this issue.


Filed under Amazon S3, amazon web services, Security, Web Services

Is Amazon EC2 Right For SAAS?

I just ended up reading about how one company is leveraging Amazon EC2 for it’s hosted applications. That got me thinking on whether that’s the right thing. The proposition that there is no need for a serious admin is far too compelling when the salary for an admin who can manage the network, operating system, database and the middle tier is going to be quite high. But if you are already hiring an admin just to manage the rest of your infrastructure such as internal email, calendar, development environments etc, then may be that same person can do both?

Nevertheless, I want to talk about one interesting aspect of an enterprise SAAS application compared to a website. Say the SAAS is targeted to the US companies. In that case, the typical load on the system is going to be during the 8hr day. Keeping timezone into consideration, say it extends to 12hrs. The rest of the time, the load may be pretty much negligible.

But, just because the load is negligible, it’s won’t be possible to shutdown the instance. With Amazon’s EC2 stating

“Amazon EC2 reduces the time required to obtain and boot new server instances to minutes, allowing you to quickly scale capacity, both up and down, as your computing requirements change.”

would you tell your customers to wait for a few minutes before they can login into the system, should they choose to do some work from home later in the evening?

With the base computational cost of $0.10 an hr, it translates to $72 a month per instance. So, if you have two instances per customer, one for DB and the other for Middletier, that’s essentially a loss of $72 a month just to keep both instances running for that occasional load.

So, when someone is saving thousands of dollars to pay the admin, how does $72/month make a big difference? True. But it does translate to a direct cost to the company availing the SAAS. I don’t consider this necessarily a negative thing for Amazon EC2 or for SAAS vendors choosing EC2. I just thought of the obvious. Next, I need to do some more research on how Amazon’s S3 works with proprietary file formats like those of Oracle if someone is interested in running their database inside Amazon’s Web Service infrastructure. My understanding so far had been that S3 allows saving and retrieving files based on a key. If that’s the case, then it’s not really going to be possible to have proprietary files by databases. Does that limit having to keep the databases to the local disk of 160GB provided by EC2? I am not entirely sure.


Filed under Amazon EC2, amazon web services, SAAS

Google’s PageRank, Amazon’s TrafficRank, LinkInCount

We all know Google’s PageRank plays a key role in the results displayed on the page. However, based on my research, there is no legal way to query up the page rank of a website. Google doesn’t provide a webservice for this.

Today, I came across an Icon displayed on a website that displayed the TrafficRank of that site.
Clicking the link

took me to Amazon where I could see the traffic rank of the website.

After a bit of research, found that Amazon’s webservices provides the TrafficRank and LinkInCount (sort of what PageRank does), and other useful information about a website via WebService interface. They also have sample code in various languages.

Note that most of Amazon’s web services are not free but many of them are reasonbly priced. For example, the UrlInfo webservice which provides the above info is free for the first 10,000 requests per month and currently charging a mere $0.15/1,000 requests there after.

Anyway, I think with Amazon’s service, there is atleast a legal way of obtaining the popularity of a website.

Leave a comment

Filed under amazon web services, Google