The state of IPv6 at Swiss cloud providers
•
1 like•831 views
The document discusses IPv6 support among Swiss cloud providers. It finds that many SaaS, PaaS, and IaaS providers either support IPv6 natively or have plans to add support. However, some major providers like Microsoft Azure and Amazon AWS still only offer partial IPv6 support. The document warns that choosing a provider without IPv6 could require costly migration later and result in inability to access certain services over IPv6. It concludes that IPv6 support should be a procurement requirement for cloud services and long-term contracts.
Report
Share
The state of IPv6 at Swiss cloud providers
- 1. IPv6 at Swiss Cloud Providers IPv6 Business Conference 16.6.2016 Zürich Aarno Aukia VSHN AG - The DevOps Company
- 2. 16.6.2016 VSHN AG | http://vshn.ch 2 Agenda ● About me ● What is Cloud: Defining SaaS/PaaS/IaaS ● How hard is it to add IPv6 after setting up the service? ● State of IPv6 at SaaS-providers ● State of IPv6 at PaaS-providers ● State of IPv6 at IaaS-providers ● Conclusion
- 3. 16.6.2016 VSHN AG | http://vshn.ch 3 About me ● MSc Computer Science ETH Zurich ● Security Operations @ Google ● Co-Founder & CTO @ Atrila GmbH (Security Operations) ● Co-Founder & CTO @ VSHN AG (DevOps & Cloud-Ops) ● @aarnoaukia ● http://about.me/aarno ● Aarno.aukia@vshn.ch ● Talk to me !
- 4. 16.6.2016 VSHN AG | http://vshn.ch 4 DevOps? ● Collaboration: Development (Dev) and Operations (Ops) ● Brings agile software engineering methods to operations – Automation: infrastructure as a code, versioning/rollback – Testing: continuous integration/testing/deployment ● Brings operations engineering experience to developers – Scalability: independent microservices – Production insight: monitoring/logging/metrics ● Together: make the business application owner happier
- 5. 16.6.2016 VSHN AG | http://vshn.ch 5 About VSHN ● Swiss DevOps & Ops Company, 17 people in Zurich ● Building the tools and workflows for self-service ● Managing web applications in any Cloud – We are cloud-agnostic: we run on any public Cloud and on any on-premises Enterprise private Cloud ● We work for Amazee Labs, Liip, Mercedes Benz Switzerland,Migros, SaltCinema, SIX Group, Sherpany, Sobrado, Starticket, Suisa, Taskfleet, zurichopenair.ch, etc.
- 6. 16.6.2016 VSHN AG | http://vshn.ch 6 What is Cloud ? ● Shared computing service ordered, provisioned and used online over the internet ● Software as a Service (SaaS): online application providing business value ● Plattform as a Service (PaaS): hosted software framework for developing applications ● Infrastructure as a Service (IaaS): virtual servers consisting of compute, storage and network
- 7. 16.6.2016 VSHN AG | http://vshn.ch 7 Compare SaaS/PaaS/IaaS On-premises IaaS Infrastructure as a Service PaaS Plattform as a Service SaaS Software as a Service License License License License Application Application Application Application Runtime Runtime Runtime Runtime Security Security Security Security Databases Databases Databases Databases Operating System Operating System Operating System Operating System Virtualization Virtualization Virtualization Virtualization Server Hardware Server Hardware Server Hardware Server Hardware Storage Storage Storage Storage Networking Networking Networking Networking Datacenter Datacenter Datacenter Datacenter Customer managed Service provider
- 8. 16.6.2016 VSHN AG | http://vshn.ch 8 Compare SaaS/PaaS/IaaS - Pizza edition On-premises IaaS PaaS SaaS Dining Table Dining Table Dining Table Dining Table Beverage Beverage Beverage Beverage Electric/Gas usage Electric/Gas usage Electric/Gas usage Electric/Gas usage Oven Oven Oven Oven Toppings Toppings Toppings Toppings Cheese Cheese Cheese Cheese Tomato Sauce Tomato Sauce Tomato Sauce Tomato Sauce Pizza Dough Pizza Dough Pizza Dough Pizza Dough Made at home Take & Bake Pizza delivery Pizzeria restaurant Customer managed Service provider
- 9. 16.6.2016 VSHN AG | http://vshn.ch 9 Compare SaaS/PaaS/IaaS - Car edition On-premises IaaS PaaS SaaS Driver Driver Driver Driver Road Tolls Road Tolls Road Tolls Road Tolls Fuel Fuel Fuel Fuel Garage Garage Garage Garage Tax & Insurance Tax & Insurance Tax & Insurance Tax & Insurance Service & Materials Service & Materials Service & Materials Service & Materials Finance & Depreciation Finance & Depreciation Finance & Depreciation Finance & Depreciation Car Car Car Car Car owned Car leased Car rental Taxi, bus, train, airplane Customer managed Service provider
- 10. 16.6.2016 VSHN AG | http://vshn.ch 10 Compare SaaS/PaaS/IaaS - OSI edition OSI Name Example IaaS PaaS SaaS 7 Application Layer HTTP, HTML, SMTP, ... HTTP HTTP HTTP 6 Presentation Layer SSL, jpg, png SSL SSL SSL 5 Session Layer Socket, pipe, rpc Socket Socket Socket 4 Transport Layer TCP, UDP TCP TCP TCP 3 Network Layer IPv4, IPv6 IPv4/6 IPv4/6 IPv4/6 2 Data Link Layer Ethernet CDMA, ARP Ethernet Ethernet Ethernet 1 Physical Layer Copper Ethernet, Fibre Ethernet Copper, Fibre Copper, Fibre Copper, Fibre Customer managed Service provider
- 11. 16.6.2016 VSHN AG | http://vshn.ch 11 How hard is it to enable IPv6 ? ● SaaS: usually accessed over provider URL – https://service.com – Service provider can add IPv6 at his discretion – No changes needed by customer ● Customer can't influence IPv6 implementation by provider – If customer suddenly needs IPv6 → change providers
- 12. 16.6.2016 VSHN AG | http://vshn.ch 12 How hard is it to enable IPv6 ? ● PaaS: usually accessed over customer URL – https://customer.com – Usually done with DNS CNAME → service provider can add IPv6 at his discretion – Customer application needs to be changed if hardcoded to use client IPv4 address ● Customer can't influence IPv6 implementation by provider – If customer suddenly needs IPv6 → change providers
- 13. 16.6.2016 VSHN AG | http://vshn.ch 13 How hard is it to enable IPv6 ? ● IaaS: – Reconfigure each server and load-balancer to add IPv6 – change internal service discovery (DNS/AD) – Customer application needs to be changed if hardcoded to use client IPv4 address ● Customer can't influence IPv6 implementation by provider – If customer suddenly needs IPv6 → change providers
- 14. 16.6.2016 VSHN AG | http://vshn.ch 14 State of IPv6 at SaaS-providers Service Status Comments http://doodle.com OK Since 2011 https://mail.google.com OK All Google applications since 2012 http://office365.com OK Sharepoint & Skype opt-in http://sobrado.ch OK http://starticket.ch OK http://local.ch OK http://www.zh.ch OK http://www.securesafe.com NO http://swisscloudcomputing.com NO Planned for 2017 Etc. see http://dashboard.swissipv6council.ch/
- 15. 16.6.2016 VSHN AG | http://vshn.ch 15 State of IPv6 at PaaS-providers Service Status Comments http://cyon.ch NO Planned http://flow.ch NO Planned http://hostpoint.ch NO http://metanet.ch NO http://switchplus.ch NO https://azure.microsoft.com/ NO https://aws.amazon.com/ NO http://heroku.com NO Swisscom App Cloud NO
- 16. 16.6.2016 VSHN AG | http://vshn.ch 16 State of IPv6 at PaaS-providers - 2 Service Status Comments http://appuio.ch OK https://cloud.google.com/appengine/ OK http://iway.ch OK
- 17. 16.6.2016 VSHN AG | http://vshn.ch 17 State of IPv6 at IaaS-providers - 1 Service Status Comments https://azure.microsoft.com/ NO https://cloud.google.com/compute/ NO http://everyware.ch NO http://innofield.ch NO Planned http://exoscale.ch NO Planned End 2016 http://cloudsigma.ch NO http://safeswisscloud.ch NO Planned End 2016 Swisscom Enterprise Cloud NO http://4net.ch NO
- 18. 16.6.2016 VSHN AG | http://vshn.ch 18 State of IPv6 at IaaS-providers - 2 Service Status Comments https://aws.amazon.com/ LB Public load balancers only http://procloud.ch OK No customers are using it, only IPv4 used internally http://aspectra.ch OK Opt-in http://cloudscale.ch OK http://metanet.ch OK Opt-in http://nexellent.ch OK Opt-in http://avectris.ch OK Opt-in, currently only DNS deployed http://iway.ch OK http://nine.ch OK http://digitalocean.com OK http://linode.com OK http://rackspace.com OK https://www.switch.ch/engines/ OK CH-Edu customers only
- 19. 16.6.2016 VSHN AG | http://vshn.ch 19 State of IPv6 at (swiss) cloud providers ● Many (swiss) cloud providers support IPv6 natively and by default ● If you are committing to a provider for 1+ years you need to require IPv6 in the tender/contract – Neglect will be costly later on any service ● CEO of swiss IPv4-only Hosting provider: – 'Wir bieten shared Webhosting (Bezug von DomainFactory.de) und Mailhosting (Bezug von Green.ch) an. [..] Generell gehen wir davon aus, dass unsere Anbieter State-of-the-art Technologie einsetzen.'
- 20. 16.6.2016 VSHN AG | http://vshn.ch 20 Risks due to missing IPv6 ● Customer bears cost to configure/migrate to IPv6 if not specified in contract beforehand ● SaaS: communication over IPv6 may be impossible or performance impacted due to CGN (LinkedIn, Facebook) ● PaaS: your investment in adapting your software to the PaaS needs to be written off if you need to migrate ● IaaS – You can't access external APIs over IPv6 – Your public service can't be accessed over IPv6 or performance may be impacted due to CGN – Long-term-contracts and implementation effort increase amount of potential write-off
- 21. 16.6.2016 VSHN AG | http://vshn.ch 21 Conclusion ● IPv6 needs to be a procurement requirement for cloud services as well as for hardware, application/software or ISP/internet access services ● Long-term-contracts without IPv6 are risky ● Choose an cloud-provider that supports IPv6 now because the migration effort later will be huge ! ● No roadmap = no future ● Questions ? ● Thank you - please get in touch if you have questions later !
- 22. 16.6.2016 VSHN AG | http://vshn.ch 22