

Brightbox release new cloud service pricing - wlll
http://blog.brightbox.co.uk/posts/pricing-for-brightbox-cloud-and-last-call-for-private-beta

======
asharp
Interesting offering, looks damn cool ^_^.

There are a few interesting questions raised, though.

Are you guys using local disks or SAN?

Are you guys using Eucalyptus?

Also, it's interesting that you charge less for incoming data then outgoing. I
understand that standard asym links are cheaper upload then download, due to
them being basically "slack" cap from Adsl tails/etc. Why is your outbound
data more expensive then?

How are you securing KVM?

(assuming somebody from there is around, or that anybody else would have
answers....)

~~~
jeremyjarvis
> Are you guys using local disks or SAN?

No SANs, anywhere! :)

> Are you guys using Eucalyptus?

It's our own stack. Eucalyptus afaik doesn't handle zones as geographically
distinct datacentres and, when we looked at it a long time ago, had some
pretty worrying SPOFs.

> Why is your outbound data more expensive then?

Transit is symmetrical, and incoming bandwidth is less utilised compared to
outgoing so we charge less for it.

> How are you securing KVM?

In what sense?

(Co-founder at Brightbox)

~~~
asharp
> No Sans

Ephemeral disks? Or persistent local?

> Our own stack

Very cool ^_^ How do you deal with geographic zones? Are they silod?

> Bandwidth

Ok, makes perfect sense. Thanks.

> Securing KVM

Do you use cfgroups/selinux to deal with compromise of a kvm domain? I've seen
quite a few vulnerabilities coming out on the debian/etc. security mailing
lists.

~~~
comice
> Ephemeral disks? Or persistent local?

Persistent local disks (hardware raid6 15k rpm). More storage options on the
roadmap too.

> Very cool ^_^ How do you deal with geographic zones? Are they silod?

Our zones are different datacenters in different buildings, with completely
different power supplies, UPSes and backup generators.

> Do you use cfgroups/selinux to deal with compromise of a kvm domain?

cgroups currently, selinux in development.

(full disclosure: I'm a Brightbox bod too!)

~~~
asharp
> persistent disks How do you then deal with people who create an instance and
> then don't run it. Unless i'm mistaken, you'd be forced to either unbalance
> for storage or VM usage.

> cgroups currently How do you protect the kernel from something like
> CVE-2011-2212?

Quite cool otherwise :)

~~~
rednaught
Not sure what distro he is using but Debian and RHEL have patches for this.

[http://security-tracker.debian.org/tracker/source-
package/qe...](http://security-tracker.debian.org/tracker/source-package/qemu-
kvm) <http://security-tracker.debian.org/tracker/CVE-2011-2212>
<https://rhn.redhat.com/errata/RHSA-2011-0919.html>

~~~
asharp
I know of this. The interesting question it brings up is how do you keep a
cloud like this patched and up to date without dropping SLA?

~~~
rednaught
Patching is normally considered part of scheduled or emergency maintenance and
therefore doesn't count against the SLA for uptime. This is fairly standard in
the hosting/ISP world.

So much of this can be automated now that it is not a problem. As a provider
myself, I allow customers to pick their patch day/time. They can even manually
push patches themselves and be present to test when the service comes back up.
Proactive maintenance(datacenter, networking, hardware, OS, and
appptack/utils) should be considered a way of life these days if you're a
provider. If customers don't understand or agree with that, then there are
plenty of providers who don't keep up-to-date offerings that they can migrate
to.

------
thehodge
About time :), Have been testing since the alpha and am really happy with the
service

~~~
strowger
perhaps they ran out of gravy

------
alexro
What do they offer that AWS doesn't? They don't look like cheap either

~~~
rahoulb
No lock-in - easy to take your images and use them elsewhere.

~~~
oldpatricka
In what sense is there less lock in with Brightbox than with EC2? I've run EC2
images on other IaaS clouds, and it's easy to pull an image out with
ec2-download-bundle.

~~~
rahoulb
Oh. When I tried (admittedly a while ago) I couldn't get it working elsewhere
and found a few others who had the same problem.

