Insights Into Google Compute Engine

snydeq writes "The Compute Engine announcement at Google I/O made it clear that Google intends to take Amazon EC2 head on. Michael Crandell, who has been testing out Compute Engine for some time now, divulges deeper insights into the nascent IaaS, which, although enticing, will have a long road ahead of it in eclipsing Amazon EC2. 'Even in this early stage, three major factors about Google Cloud stood out for Crandell. First was the way Google leveraged the use of its own private network to make its cloud resources uniformly accessible across the globe. ... Another key difference was boot times, which are both fast and consistent in Google's cloud. ... Third is encryption. Google offers at-rest encryption for all storage, whether it's local or attached over a network. 'Everything's automatically encrypted,' says Crandell, 'and it's encrypted outside the processing of the VM so there's no degradation of performance to get that feature.'"

Re:Encryption detail?

[PTBarnum]

I haven't seen any technical details yet, but I'd guess that the advantages of encryption would be (1) fewer people at Google will have access to the keys than to the data (2) an outside attacker who gets access to the raw data also needs to attack the key store (3) if by malice or mistake a disk is not properly wiped before being removed from the data center, it will be harder to get data off of it.

It's hard to see this as being worse than no encryption; even if it is easier to get the key than to get the encrypted data, you still need both to do anything with the data.

Re:Google LAN

[Trepidity]

That's why web neutrality is a nonsense concept from my perspective - if companies can build their own infrastructure

The problem is that it's really only a handful of Google-sized companies who can do so. The worry with net neutrality is that the traditional ability of smaller players to participate will be eroded, if you can no longer buy access to the internet as a leaf node via an ISP, and then have your traffic treated equally once you're on the network.

Who is the troll?

[nurb432]

Google has a clear track record of yanking the rug out from under people who adopt their non-core products.

Unfortunately it's a valid concern.

Re:Who is the troll?

[icebike]

Actually, its not a valid concern.

Google shuts down projects that have no clear path to making money, like Wave, Buzz and Others.

As far as I know none of these had any monitization mechanism other than pushing ads in your face.

Compute has a price schedule published right up front, and its about the twice the cost of the electricity to power a comparable computer, but with zero capital investment. Their data storage prices and bandwidth prices are also published, and are reasonable. You really couldn't afford to even put your legacy machines into production at these prices.

Clearly they expect this project to cover its own costs, and make use of excess capacity in their data centers.

Google can build a processor in house cheaper than Dell or any white-box company. With a gazillion of them on hand, they can provision them fast, swap them in when there is trouble, and they do it day in and day out. So chances are they are simply reselling the in house expertise they already have. None of this is going away any time soon, and they always need to maintain excess capacity for their own needs, so why not market that.

With a clear path to making money on this project baked in at the start, the only thing that would kill it is lack of customers. Hell I'm thinking of renting a couple cores just for playing around with.

Encryption in the cloud is worthless

[gweihir]

And these people are truly unethical claiming anything different. Encrypting something before you put it into the cloud is another story. But the only use for encryption at rest in the Google cloud would be is somebody were to steal disks from their data-centers. Somehow I do not see that happening.

What they really intend is IMO to run a smoke-screen with regard to the fact that the cloud-provider is the real, major security risk and that no technological measures can help here, unless you do your own encryption before putting anything in the cloud and then only for cloud storage. Nothing at all can be done to secure cloud computing against the cloud provider. And Google is known to cooperate with the various authorities in the countries they do business in.