Infrastructure as a Service (IaaS) has fundamentally altered how we purchase, deploy, and manage IT infrastructure. For instance, provisioning infrastructure has gone from a complex, time-consuming process that culminated in crawling around dusty data center floors and plugging in new hardware to making a few keystrokes in a portal or even an automated API call, bringing thousands of hardware resources to bear.
When selecting an IaaS vendor, there are a number of considerations that should not be ignored. Here are seven important points to keep in mind when choosing an IaaS vendor.
Buying infrastructure was relatively easy -- you'd pick your OS, buy the appropriate box, load up your applications, and then have access to the entire stack should anything need updating or modifying. IaaS gets a bit blurrier, as offerings range from what amounts to an outsourced data center, all the way to platform-oriented providers where you have minimal visibility into the underlying hardware and OS.
There can be benefits to both scenarios depending on your needs -- just ensure you know what you're buying, and that your expectations around what infrastructure you can 'touch' versus what's restricted to the provider align.
In most IaaS models, the applications you run on the outsourced infrastructure will likely require some level of modification. In the simplest cases, this might be limited to extra administrative steps when deploying new applications; in the more complex cases, this could require code-level modification to applications to support your IaaS provider's ability to turn applications on and off and move them between infrastructure components. There's obviously a cost to these modifications, so make sure you understand the impact of any tweaks that your IaaS provider requires.
Various levels of application and infrastructure management have allowed vendors to repackage and resell offerings from various parties. In the best case, this allows for getting the right combination of services at the right price. In the worst case, a vendor might be simply 'reselling' someone else's infrastructure. This will become readily apparent when there's a problem, and your vendor can't do anything other than serve as a middleman.
Make sure you ask the vendor what their process looks like for responding to incidents, and try to tease out whether that vendor actually 'owns' the infrastructure they're selling you, or if they're merely an intermediary who might be subject to different SLAs and support procedures than what you think you're buying.
Every vendor, IaaS providers included, has 'world-class' support during the sales process, but the story can suddenly change once you become a paying customer. What reporting and monitoring will be available to check the status of your infrastructure? How quickly can you provision or reallocate resources? Is that fancy control panel really a front-end for a slow, manual process? What Service Level Agreements (SLAs) are in place to ensure infrastructure problems are rapidly resolved? Be sure to get answers to all of these questions.
Make sure you understand how your data are protected, and what redundancies are available should your IaaS provider have an outage. Some IaaS providers can create entire 'copies' of your infrastructure and associated applications, while others merely provide some limited hardware redundancy. For smaller IaaS providers in particular, understand where they have key points of failure and what scenarios might knock out significant portions of your infrastructure, as well as how to mitigate these effects should they occur.
IaaS pricing can initially look very attractive, especially compared to procuring and maintaining your own infrastructure. However, in some cases, expected savings from migrating to IaaS never materialize. It can be almost too easy to provision new infrastructure on an IaaS platform, allowing developers and app admins to provision resources that are ultimately not needed.
Make sure you not only understand your IaaS vendor's pricing structure, but also what options you have for monitoring and tracking the resources you're using and deactivating unneeded resources when necessary.
Before IaaS became commonplace, the data center was a relatively unregulated domain. Now, concerns around everything from privacy to security have engendered regulations that cover what data you can store, where you can store it, and how it needs to be secured.
Even a simple web application can be subject to data privacy regulations, so make sure you understand the regulations you are subject to, and ensure your IaaS provider can deliver. Just because you've outsourced your infrastructure doesn't absolve you of responsibility for complying with government and industry mandates.
Unless you're engaging in a 'lift and shift' operation where an IaaS provider essentially buys your infrastructure and takes over its management, you'll need a plan for how to retire or repurpose your existing infrastructure. This is often a key element of the business case supporting an IaaS migration, but an easy part of the plan to defer and endlessly delay as you focus on migration to the new infrastructure, ultimately eroding the benefits spelled out in your business case.