Is the Cloud actually greener?

This week, I returned from an amazing family adventure holiday in Morocco, where the country’s wonderful culture and fascinating history made it (I hope!) an unforgettable experience for my kids. However, recent droughts there have had severe consequences on the country’s agriculture, economy, and water resources. Reduction in rainfall over the past two years has impacted crops, increased food prices, and water scarcity, affecting millions of people and raising concerns about long-term sustainability.

During one of many hours on the minibus, travelling between regions, my family asked me about the cloud and what impact it has on the environment. This has obviously been a massive topic over the past few years, prompting the hyperscalers to take a very public stance on the matter, for example, the re:Invent 2021 sustainability announcement by AWS.

We all know that cloud computing has become an essential part of modern life, changing the way we work, play, and communicate arguably faster than any other time in history! I would suggest that there are a huge number of sustainability benefits to adopting the cloud, but that doesn’t mean it’s environmental impact is zero. As with all things, we should be looking at the pros, cons and mitigations.

Just some of the Pros

The cloud allows businesses to reduce energy consumption and hardware waste significantly. By using shared cloud resources, organisations can get rid of their low-utilisation, on-premises hardware footprint, unused redundant kit for HA and DR, etc, all of which requires electricity, cooling, shipping, maintenance, etc. Cloud providers typically use state-of-the-art, energy-efficient data centres with huge economies of scale to minimise the overall carbon footprint.

Speaking of which – economies of scale! Hyperscalers benefit from massive economies of scale, making it more efficient for them to build, manage and maintain data centres. They have the budgets to invest in advanced technologies and energy-efficient infrastructure, leading to a lower environmental impact compared to small-scale, on-premises solutions (of even traditional colo).

On-demand scalability in the cloud allows organisations to optimise resource utilisation and remove the need for over-provisioning of hardware for peak demand or HA/DR. This not only reduces waste, ensuring only necessary compute resources are used, but reduces the TCO and frees up budget to be used elsewhere!

Something perhaps overlooked at times is that the cloud increasingly enables remote working, thereby providing better work/life balance for people and reducing the environmental impact of commuting. Greenhouse gas emissions from vehicles have a massive impact, which (especially in temperate countries) can be mitigated by more work from home. Furthermore, with the ubiquity of 4G and 5G mobile communications, this provides access to compute resources from remote locations where they would not have otherwise been available. This will likely increase utilisation and impact, but will help people all over the world benefit their lives and will likely lead to further innovation that will benefit the environment.

Lastly, as bonkers as it is to even needing to remind people of this in 2023, cloud computing virtually forces users to adopt virtualisation, utilising resources far more efficiently than traditional full-fat tin. It’s mind boggling how many companies are still uncomfortable virtualising heavy workloads such as databases today, despite all of the classic concerns being mitigated.

Remote village in Moroccan mountains

A Few Risks

The largest risk, but possibly the one which may have its own mitigations, comes from increased adoption. The increasing popularity of cloud computing means that the demand for data centre resources is rising massively. As more businesses move their operations to the cloud, energy consumption of centralised, cloud data centres will continue to grow (whilst reducing that of local), but beyond that, the innovation of all those very clever humans who have found new ways to utilise this new technology is likely further driving up utilisation beyond our traditional baselines.

The location choice for data centres can have a significant impact on the environment. In regions where electricity is generated using fossil fuels, cloud computing indirectly contributes to higher greenhouse gas emissions, and cooling data centres in hot climates can be super energy-intensive. If data sovereignty is not an issue, then utilising compute regions close to natural energy / cooling can help to mitigate this.

Inefficient development practices and code bloat further add to the risk landscape. The availability of virtually unlimited resources in the cloud may inadvertently reduce the drive for developers to write efficient code. Promoting clean development practices and optimisation is essential to minimise energy consumption. We should be fostering a culture of efficiency and sustainability right from the early stages of developer education to ensure this issue doesn’t continue to creep into the cloud. The growing trend of of microservices architectures may actually help here, encouraging developers to think small and efficient modules, but that remains to be seen!

One of the fastest growing users of energy and hardware is Cryptocurrencies. The massive amounts of power used to not only generate new coins, but also manage transactions on the chain, are a significant concern. Dedicated crypto hardware, such as ASICs, can help reduce energy consumption and those specifically designed for cryptocurrency mining are more energy-efficient compared to general-purpose hardware like GPUs. I would hope that the miners will adopt these more, if only for their own benefits, if not for the environment!

TLDR

So to respond to the question posed by the title of this post, I believe the answer is yes, but there are some key considerations to ensure it remains so.

To make cloud computing a truly sustainable solution, we need to advocate for the use of renewable energy sources by cloud providers and the drive for net-zero carbon emissions in our cloud platforms (not just through buy carbon credits, but through actual change). Harnessing solar, wind, and hydroelectric power can enable cloud providers to decrease their dependence on fossil fuels and shrink their carbon footprint, but this will always be region-specific and impacted by data sovereignty regulations.

As consumers of the cloud, we have a crucial role to play by opting for cloud service providers that prioritise eco-friendly practices as well as adopting those ourselves, from architecture to development, fostering a culture of well-architected sustainability in our own organisations.

AWS, Cloud , , , , , , , , ,

TekBytes #5: The Current State of Cloud Security

Discussing the concept of Cloud Security over breakfast with my kids (yup – poor kids I hear you say!), I was thinking about the current state as one of constant (and accelerating) evolution and improvement. As more businesses adopt cloud computing, the need for robust and effective security measures has become increasingly important. While cloud hyperscalers have made significant investments in securing their platforms, the responsibility for implementing and maintaining effective security measures ultimately falls on customers or those they entrust to manage their platforms on their behalf.

Challenges

There are many challenges that businesses face when it comes to cloud security and far too many to go into in a TekBytes thought of the day, but let’s look at a few.

One major challenge is the lack of visibility and control over the infrastructure and data that are hosted in the cloud. This can make it very difficult to identify and address security vulnerabilities and threats. Another challenge is the complexity of cloud security, which can be exacerbated by the use of multiple cloud providers, each with their own security protocols and standards. Finally, we have a huge lack of skills in the market, and those few people with the skills are constantly being tempted by offers of outrageous salaries, so retaining your talented teams is really tough!

Despite these, there have been really significant advancements in cloud security in recent years. The hyperscalers have implemented many new security measures, such as encryption, improved access controls and policies, significantly better monitoring tools, to help protect their platforms and their customers’ data. Post-Covid, with customers moving to the cloud in even larger numbers, it’s also great to see that customers have become more aware of the importance of cloud security and are taking steps to prioritise it.

The threat landscape for cloud security continues to evolve, with new and extremely sophisticated attacks emerging all the time. Businesses need to keep up and be proactive in their approach to cloud security.

Tips

So, a couple of quick tips to think about if you haven’t already started taking your cloud security seriously?

  1. Implement multi-factor authentication (MFA). A bit like when you hear sports commentators or coaches talking about a losing team, the common thread is simply not doing the fundamentals / basics well. One of the most effective ways to improve cloud security is to require MFA for all users accessing cloud resources (not just root). Lack of MFA is like leaving your car door unlocked and crying out to have your vehicle taken for a Ferris Bueller-style joy ride!
  2. Regularly review and update security policies. It’s important for businesses to regularly review and update their security policies to ensure they are aligned with current best practices and standards, and these best practices are constantly evolving. Things like access controls, password policies, data encryption, and incident response plans. By keeping security policies up-to-date and ensuring that all employees are aware of them, businesses can significantly reduce the risk of security breaches.
  3. Investigating the used of third-party security tools and services. Tools (if properly implemented) provide additional layers of protection, such as threat detection and monitoring, vulnerability scanning, data encryption, etc. Engaging security experts one-off or regularly to provide recommendations for improving their security posture, or simply outsourcing management of their cloud estates.

I’m genuinely hopeful that the emerging (and frankly astounding) improvements in artificial intelligence will have a positive and significant impact on businesses who don’t or can’t spend the time and resources to protect themselves and their customers effectively. If they don’t we’re only going to see a proliferation of more high profile and high impact cases in the news!

Cloud , , , , , ,

TekBytes #4: Why I’ve Switched to Simple Markdown in WordPress

I’m always looking for ways to improve my workflow and productivity; most recently I’ve started using Markdown for as many projects as I can, so using Markdown in WordPress is no exception!

If you haven’t seen or used Markdown before; it’s a super-lightweight markup language that allows you to add formatting elements as you go by using special syntax. For example, if you want to make a section of text display in italic, simply put an asterisk at the start of the word or sentence. When the output is then parsed, your *Italics* then becomes Italics).

Why is this useful?
  • Like an XML file, it’s open, super portable and easily readable across many applications, operating systems and web platforms (think Reddit, GitHub, Stack Exchange, Confluence, etc).
  • It saves time when editing simple documents as you don’t have to go back and highlight/modify formatting, just add the syntax as you go, often with the use of one or two characters at the start of a line. Simple examples might be a bulleted list, where you add an asterisk *, or an H1 heading where you add a single hash symbol #.
  • It’s fantastic for writing documentation where you might want to insert a quick code snippet or command just like this!
  • Due to the very simple notation, it’s far quicker than writing HTML and can be substituted for HTML on many publishing platforms.
  • If Git is already part of your workflow, it makes for easy collaboration with others (ideal for Devs!) and you can use GitHub for both version control and easy access from anywhere to your in-progress content.
  • Learning and practising with Markdown opens up future opportunities to move to various publishing platforms such as Jekyll, Hugo, etc. I might even think about giving the site a facelift sometime soon!
  • New skill to master, init?
Markdown Block - Activate Markdown
Using Markdown in WordPress
You’ve sold me! How do I start?

I don’t know why WordPress didn’t enable it in the default code, but it does come as part of Jetpack (which I assume 90% of sensible WordPress Users are using!). If you want to adopt it to your blogging workflow your site too, simply install Jetpack, then enable it under Settings → Writing.

You can find detailed instructions here:
WordPress Support – Enable Markdown in WordPress

Here’s a quick intro to how to use Markdown:
Markdown – Getting Started

After writing a couple of draft posts with it so far, I have to say I’m pretty happy with it. The next step is to find a decent plugin for linking to GitHub, enabling me to write/edit posts in my favourite text editor (VSCode, Sublime Text, Atom depending on my mood), then push them up via Git!

Scripting , , , , , ,

Answer Honestly: Are you Ersatz Cloud Native?

As we approach the middle of the year, I’ve been in the full-on strategic planning mode the last couple of weeks and cloud native is a major focus for me! As part of this, I was looking at industry trends and a particular type of organisation caught my eye.

Most organisations often aspire to increase agility, to respond quicker to their customers and market demands, to innovate. However, many organisations have years of technical debt, monolithic application stacks and shrinking IT budgets. IT is still too often seen as a cost centre instead of an opportunity to become a profit centre and agent for growth.

These organisations have one thing in common; they see lifting and shifting to the cloud as the silver bullet.

I thought Cloud was the silver bullet?

Now don’t get me wrong, cloud is AWESOME! It does help to address some of the challenges identified, but anyone who has been working in this space for any length of time will tell you cloud is an enabler, not the solution.

Moving your workloads to cloud is like moving your business from your garage to a shiny new workshop, with an array of amazing tools hanging on the wall just begging to help you with your next project.

You have room to breathe, so your innovation is now limited by your imagination, far more than your square footage! If you come up with an idea that turns out quickly to be garbage, there’s a handy industrial skip out the back, meaning you don’t have to wait 2 weeks until the next grey bin day to get rid of it!

Of course, that doesn’t mean it’s a free-for-all! You still need to understand the tools, how they work to achieve outcomes faster and what problems they solve, lest you accidently lop off a finger!

Sounds great! Am I Cloud Native now then?

Here’s the key – unless we re-evaluate everything we do today and adopt new ways of working, we are simply not going to realise the benefit of working out of our shiny new workshop, with our huge array of tools!

In the real world this means your entire process from whiteboard ideation to deployment, the ongoing lifecycle of applications and everything / everyone / every process that touches them!

To me, cloud native means a set of technologies, the methodologies and processes to manage them and a state of mind which needs to permeate an organisation!

If you’ve simply lifted and shifted your existing estate and dropped it into the cloud, you’re not cloud native, you’re simply running VMs in a different data centre.

Much like the famed elevator from Lemony Snicket, VMs in the cloud are simply playing at being Cloud, or more accurately, Ersatz Cloud Native.

Further Reading:

I wrote another brief post on cloud native considerations a while back:
The Complexity of Public Cloud Architecture

Architecture, Cloud , , , , , ,