Having built and managed data center environments, provided hosting and managed 3rd party hosted solutions, I have seen a very broad spectrum of hosting options, and the benefits and pitfalls of each. Sometimes there are deals that appear to be too good to be true, and many times they are. Once you drill down into the details you can usually find where the corners have been cut to market to a certain budget.
These cuts and sacrifices are not necessarily a bad thing, but you need to ensure that you understand their impacts, and that if you are fine with them, you can save some $’s, but not necessarily avoid the headaches. You will find that you generally get what you pay for, and that if you make fully informed choices you will get the exact environment you need, for a reasonable budget.
Not many people have the time to drill down into the nitty gritty of each hosted solution, so I thought I would discuss what to look for, why it’s important, and more importantly (to save your valuable time), what to ask in order tho get that information.
We’re going to look at five main areas to consider when evaluating a hosting environment:
1. Monitoring
2. Backup strategies
3. Hosting environment hardware and options
4. Security
5. Other topics of interest not covered by the above mentioned.
We’re not going to tackle cloud computing or specialized hosting, each of which deserve their own discussions.
Lets start with monitoring. I hate getting late night calls for support. I’d rather either foresee a problem coming at me and avoid it in the first place, or at least know exactly what the cause of the issue is if I am called. A good monitoring system will provide all this and much, much more.
Hosting companies will tell you that they monitor your environment to ensure that SLA’s are met, and to ensure that there is fast response if an issue is detected. That sounds excellent in theory, but lets drill down a bit and see what they are monitoring (and how effectively), what they are not, and what the differences are between the two, so that you can judge which points are critical to you, and which are not.
In general when a hosting company monitor your servers, they check:
1. Are the servers up? By pinging the IP address of the server they will know when a server is up and connected to the network.
2. Are the services and applications that should be running available? By pinging the port of each service (on each server) that should be in use, one can see whether that service is up and responding.
This is fine as far as it goes, but better monitoring systems will check more than just a services availability (by performing a Network Protocol Layer 4 ping request), and will also check to ensure “that the service is available and working as it should be”. A good monitoring system will perform a Network Protocol Layer 7 query upon each service to ensure that not only is it up, but that it is also responding correctly to requests.
For example, when a web server (Apache, IIS, etc) is hung, it will still respond correctly to a Layer 4 ping, but it will not serve the requested content to a valid Layer 7 request. So while a simple monitoring system would think that the service is up, a better monitoring system will make a specific layer 7 web request (say for a specific web page) and then check the server response to ensure that the page is being served correctly. A notification error message will be issued in such a case to notify staff of the issue.
Another example is for a database service, where a hung or corrupted database will still respond normally to a Layer 4 ping request and the monitoring system will think all is fine, a Layer 7 request consisting of a valid SQL query will fail if the correct data is not provided, and issue an alert as a result.
Therefore by using more intelligent Layer 7 monitoring, a service issue will be noticed by your team before it is brought to your attention by an angry customer, and the issue has a better chance of being rectified sooner.
Another area to watch for in regards to monitoring is server health monitoring. Whilst a ping will let you know it is connected, it will not tell you when the servers CPU, memory or Hard disk I/O gets stressed and the servers performance starts to degrade. Proper monitoring of your hardware will provide you with advanced health information and can be used to pro-actively warn you of an upcoming disaster. Is drive storage more than 90% full?, is CPU of Database server almost always pegged? If so is it time to check the queries (for runaways or inefficient queries) or to upgrade to a new or more powerful Database server?
In summary, if you don’t run an e-commerce site, or mission critical web application where uptime and/or optimum performance is critical then the simple Layer 4 monitoring provided by many hosting providers could well be fine. If not, ask the hosting provider if they provide better monitoring (a negotiation point if they do). If they do not, consider whether you can provide some more sophisticated monitoring yourself, by either leveraging your own internal monitoring system, implementing some of the fine commercial or open source solutions out there yourselves, or look to a 3rd party monitoring provider if you don’t have your own in house technical resources.
Questions to ask regarding monitoring:
What do you monitor (ports/services/hardware)?
How do you monitor them (Layer 4 pings? or Layer 7 queries?
What is the escalation path on issues?
Do we (the client) get notification or reports of issues or monthly statistics?
Next time: “Backup Strategies, does one package really fit all?”
[...] more here: Custom Application Development » What to Look for in a Hosting … Share and [...]