Cloud Cuckoo Land: When Cloud Customers Get Locked In
April 01, 2016

Sven Dummer
Loggly

Back in the day when the word “cloud” was only used for those things in the sky, software typically ran on local machines sitting in local datacenters. Often, this software was licensed from a vendor on a per-seat basis. Vendors tried their best to make customers renew their license agreements, and vendor lock-in was a common phenomenon.

Such lock-in could be caused by a variety of factors: sometimes purposely caused by the vendors by making migration to competing products unnecessarily hard, sometimes caused by customers being naïve and betting too much of their software stack or infrastructure on the products of one single vendor.

Over the past decade, two factors have made it significantly easier to escape that legacy lock-in model. Free/open-source software has reached a level of maturity and adoption in almost every area of the industry, offering more and more valid alternatives to commercial products.

Secondly, the commoditization of cloud computing removed the need for companies to run their own datacenter.

A Storms A-Brewin'

Cloud providers often claim to offer the perfect escape path from legacy vendor lock-in by providing modular solutions in which customers only pay for what they use, instead of being tied into complex, long-term, per-seat licensing agreements.

However, most cloud providers (in particular the big players) have extended their portfolio over the past few years, offering a broad variety of services that go beyond computing and storage. They provide everything from load balancing and DNS, to messaging, monitoring, log management, analytics, databases, and much more.

It's very tempting for customers to replace more and more components running in their own colos with these in-cloud solutions. Why? Because they typically are easy to set up and they remove the costs of hardware ownership and datacenter footprint.

It's also an easy purchase because a contract with the cloud provider is already in place, and adding (or removing) a service is not much more than a mouse click — no need to negotiate with a sales rep over complicated long-term license agreements like it used to be with many legacy, on-premise solutions (and no need for the provider to deal with selling through fear attempts and related nuisances).

I Can See Clearly Now …

With so many advantages, it is easy to be blind to (or willingly ignore) that these services have huge lock-in potential, and many providers probably exist for exactly that reason. The more of these services a customer uses, the more difficult it is to move their application stack from one cloud provider to another, or to their own datacenter or a hybrid solution.

Whenever companies make decisions to move services to the cloud, it is worth it to thoroughly review the architecture specifically from the perspective of potential vendor lock-in. It might also be worth it to go with solutions that live and function outside of a specific vendor's cloud, even if it is less convenient and maybe more expensive. It's not unlikely that today's convenience and savings will turn into a nightmare and cost explosion tomorrow. There is no such thing as a harmless, one-vendor dependency, not even in the most comfortable and fluffiest cloud.

Sven Dummer is Senior Director of Product Marketing at Loggly.

Share this

Industry News

December 06, 2022

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the graduation of Argo, which will join other graduated projects such as Kubernetes, Prometheus, and Envoy.

December 06, 2022

Wib announced API PenTesting-as-a-Service (PTaaS) designed to help organizations proactively cover the latest PCI-DSS 4.0 mandates for testing application security, APIs, and vulnerabilities in Business Logic.

December 05, 2022

Harness announced Harness Cluster Orchestrator to allow customers to optimize their Kubernetes cloud workload costs and realize up to 90% cloud cost savings with Amazon Elastic Compute Cloud (Amazon EC2) Spot instances from Amazon Web Services (AWS).

December 01, 2022

Salesforce introduced a new Automation Everywhere Bundle to accelerate end-to-end workflow orchestration, automate across any system, and embed data and AI-driven workflows anywhere.

December 01, 2022

Weaveworks announced that Flux, the original GitOps project, has graduated in the Cloud Native Computing Foundation (CNCF®).

December 01, 2022

Tigera announced enhancements to its cluster mesh capabilities for managing multi-cluster environments with Calico.

December 01, 2022

CloudBees achieved the Amazon Web Service (AWS) Service Ready Program for Amazon Elastic Compute Cloud (Amazon EC2) Spot Instances.

November 30, 2022

GitLab announced the limited availability of GitLab Dedicated, a new way to use GitLab - as a single-tenant software as a service (SaaS) solution.

November 30, 2022

Red Hat announced an expansion of its open solutions publicly available in AWS Marketplace.

November 30, 2022

Sisense announced the availability of the Sisense CI/CD Git integration module.

November 29, 2022

Codenotary announced TrueSBOM for Serverless, a self-updating Software Bill of Materials (SBOM) for applications running on AWS Lamda, Google Cloud Functions and Microsoft Azure Functions that is made possible by simply adding one line to the application source code.

November 29, 2022

Code Intelligence announced its open-source Command-Line Interface (CLI) tool, CI Fuzz CLI, now allows Java developers to easily incorporate fuzz testing into their existing JUnit setup in order to find functional bugs and security vulnerabilities at scale.

November 29, 2022

Parasoft announced the 2022.2 release of Parasoft C/C++test with support for MISRA C:2012 Amendment 3 and a draft version of MISRA C++ 202x.

November 28, 2022

Kasm Technologies announced the release of Kasm Workspaces v1.12, providing major enhancements to its portfolio of digital workspaces delivering Desktop as a Service (DaaS), Virtualized Desktop Infrastructure (VDI), Remote Browser Isolation (RBI), Open-Source Intelligence Collection (OSINT), Training/Sandboxes, and Containerized Application Streaming (CAS).

November 28, 2022

Cloud4C has achieved Amazon Web Services (AWS) DevOps Competency status.