A dangerous bug was identified in a popular SSL/TLS library that powers many of the web servers in the internet. This bug – called Heartbleed – allows attackers to retrieve data stored in a server’s memory and access sensitive information.

CenturyLink Cloud wants you to be aware of one impacted area which was identified through our comprehensive assessment: OpenVPN software. The Linux distribution used for OpenVPN does not yet have an updated, patched package available to remediate this vulnerability. We are actively pursuing other solutions and will have an update on this issue shortly. [Please see update and action items below]

As this issue is related to OpenVPN client software, we believe it is important to detail what type of communication between users/machines may be affected by this vulnerability.

  Control Portal system is *NOT affected, so there is no need to change your password to the web site.

  Site to site VPN tunnels from customer premise equipment to CenturyLink Cloud data centers are *NOT affected.

  Site to site VPN tunnels between customer servers in a particular CenturyLink Cloud data center to other customer servers in a remote CenturyLink Cloud  data center are *NOT affected.

 ...

Read on...

Recent history has shown that after a cloud provider is acquired, the pace of innovation slows and there’s a loss of focus (and staff). If you don’t believe me, check out the release notes (if you can find them!) of some recently acquired cloud companies. It’s not pretty. I’m here to say that we’re different.

140 days ago, the acquisition of Tier 3 by CenturyLink was described as a "transformational deal for the industry." Instead of randomizing Engineering post-acquisition with unnecessary process, and haphazard integrations with legacy and redundant products, we’ve actually accelerated pace of development on our go-forward platform, CenturyLink Cloud. In the past four months, we’ve maintained our software release cadence, grown our team, expanded our data center footprint, actively integrated with our parent company, and solidified a game-changing vision that has retained and attracted a phenomenal set of customers.

We update our cloud platform every month with new, meaningful capabilities. Only a very small subset of cloud providers can make that claim. In the past 140 days, we’ve shipped over 1,200 features, enhancements, and fixes. This includes a new high performance server class, faster virtual machine provisioning, new reseller services, a major user interface redesign, a compelling monitoring/alerting service,...

Read on...

The CenturyLink Cloud team has brought two new data centers online.  Customers can now deploy virtual resources in Santa Clara, CA (UC1) and Sterling, VA (VA1) sites.  This brings our total count of federated data centers to 11 - six in the US, two in Canada, two in the UK, and one in mainland Europe.  Expect more investment in this footprint in the months to come.

There is something special about these new sites, our first new locations since the acquisition.

When CenturyLink acquired Tier 3, it was a big investment for the parent company.

The message to the market was clear: Cloud is CenturyLink’s growth engine for the future.  We’re investing in a cloud-first platform that can solve enterprise IT jobs better than any other provider.

How do we solve them better?

By offering a superior breadth of managed services and infrastructure…with unmatched integration between products.

These new locations are a major milestone towards this vision.  Three reasons why:

Read on...

CenturyLink the Cloud Development Center contributes ElasticLINQ to the community

Today I’m pleased to announce that the developers of the CenturyLink Cloud Development Center are contributing ElasticLINQ to the community. ElasticLINQ is a tool for those who wish to find and retrieve documents from Elasticsearch and easily convert those documents into .NET classes.

ElasticLINQ will help developers ease the transition from relational databases to distributed NoSQL systems. Using the same query language for SQL and NoSQL makes the transition simpler. This code was created by .NET devs for .NET devs and today we’ve made it available on GitHub under the Apache 2 license.

Who might use it? Any company looking to write for or port software into a distributed cloud environment could benefit from these technologies.  A typical use case is devs who are using Elasticsearch as a full-featured search system for an existing NoSQL database (such as a document storage system like Couchbase).  They will use ElasticLINQ to give them LINQ syntax to query documents stored in Elasticsearch.

This is a familiar use case for our CenturyLink Cloud engineering team here in Seattle.  ElasticLINQ was one of the outputs of our efforts to transition from MS SQL Server. Our team uses Couchbase and...

Read on...

Elasticity and quick provisioning are hallmarks of any good cloud platform. Cloud customers have gotten used to rapidly acquiring right-sized resources that fit a given workload. No longer do developers have to build the biggest (physical) server possible just to avoid requests to resize later on. Rather, provision for what you need now, and adjust the capacity as the usage dictates. But how do you know when it’s time to size up?

The CenturyLink Cloud engineering team just released a monitoring and alert service (alongside our powerful server UI redesign) that gives you the data you need! We designed this feature with three things in mind:

 1. Offer a simple, straightforward toolset that users can understand and take advantage of quickly.

 2. Deliver reliable, accurate statistics that reflect the current state of a server.

 3. Provide multiple ways to identify that an alert was fired.

Together, these three principles kept us focused on delivering a service that met market need. Let’s take a look at how the new monitoring and alert service applies each principles.

Simple Setup

It’s easy to get lost in a sea of rarely-used options offered by a monitoring platform. Instead, we focused on ease of setup, a common theme...

Read on...

Today, we announced the availability of Hyperscale instances, a new service that combines our high-end compute with 100% flash storage.  Before we jump into how customers can use the service, let’s take a minute to think about the characteristics of applications and architectures deployed today. 

Here are 5 key attributes we’ve noticed:

Now, think about most applications running in enterprise data centers.  In all 5 cases, it’s almost the exact opposite.

That’s NoSQL vs. relational databases in a nutshell.  The folks at MongoDB sum it up pretty well:

If you’re a CIO, it’s simple.  The more relational systems you have, the slower you can respond to the market.  Relational databases will always have their place.  But most of the innovation happening in the next 5 years will be on NoSQL platforms.

Of course, the public cloud is...

Read on...

Multitenancy – the concept of using a single (software) platform to serve multiple customers – is a key aspect of nearly every cloud computing platform. Pooling resources results in lower costs for all parties, greater efficiencies, and faster innovation for customers. Are there risks and tradeoffs with this model? Sure, but every technology paradigm has them.

 In this blog post, we’ll look at some core principles for successful multitenancy, see how the CenturyLink Cloud provides tenant isolation, and review the ways that CenturyLink Cloud customers create isolation within their own account. The goal is to simply help customers understand what to look for when assessing multi-tenant environments to run their workloads, SaaS applications, and more.

Core Principles

Any service provider delivering a multi-tenant environment must adhere to these six commandments:

 1. Thou shalt isolate tenants within their own network. This one applies mainly to infrastructure-as-a-service (IaaS) providers who promise secure computing environments. Software-as-a-Service (SaaS) customers on a platform like Salesforce.com don’t have this issue as customers do not have access to low level network traffic. When granting virtual machine access to users, the service provider has to ensure that there’s no opportunity to intercept network traffic from other customers.

 2. Thou shalt not...

Read on...

These days where everything is offered up “as a service,” we run the risk of turning “as a service” into a meaningless marketing tag. Most everyday someone out there comes up with a new “as a service” offering forcing even the government to officiate guidelines for IaaS, PaaS, and SaaS. In this blog, I’d like to explore the true meaning of Infrastructure as a Service (IaaS) and see what it means for us as enterprises and developers.

What Does IaaS Mean?

As defined by the government, Infrastructure as a Service allows consumers to provision processing, storage, network, and other fundamental computing resources on demand. To these provisioned resources, consumers can deploy and run arbitrary software including operating systems and applications. Without having to manage or worry about the underlying cloud infrastructure, consumers can control operating systems, storage, their deployed applications, and even in some limited way control networking components like host firewalls.

Before Amazon’s EC2 offering, many hosting companies like Rackspace had already offered compute resources on demand. But what’s so different about the AWS offering that triggered a whole IT revolution?

Why’s Amazon IaaS Strategy Successful?

I believe the difference is rooted in Amazon’s service centered culture as revealed in Steve Yegge’s post and...

Read on...

We’re big fans of Cloud Foundry, open-source platform as a service.  Why?  Two reasons: the level of abstraction it offers enterprise developers, and the portability across cloud providers. This combination means faster development and deployment of multi-language web applications.  And Cloud Foundry is backed by a thriving ecosystem of hosting providers.

It’s our goal to make the Public Cloud solution the cloud of choice for enterprise developers interested in Cloud Foundry.  To that end, we’re excited to announce an important milestone.

Today, we’re pleased to announce the beta availability of BOSH on the CenturyLink Cloud.

BOSH is a crucial tool for deploying and managing Cloud Foundry at scale. It is supported on AWS, OpenStack, and vSphere and vCloud Director – and now CenturyLink Cloud.

Getting started with BOSH on the CenturyLink Public Cloud is easy - just set up a Micro-BOSH server configured for CenturyLink Pubic Cloud, then use the standard BOSH command line tools!  Check out how to get started here. Support is based on the BOSH July 2013 snapshot and is Ubuntu only.

We are confident enterprises and devs will like the “better together” combination of BOSH, Cloud Foundry and CenturyLink Cloud.  Here are five reasons why:

Read on...

Today, Dell chose CenturyLink Cloud for their partner program due to our cloud’s extensive reseller capabilities.  These features, first launched as Tier 3’s Reseller Edition, include account management, APIs, SSO via SAML, extensive re-branding and more (details here and here). CenturyLink’s approach to reseller enablement gives Dell a completely rebranded public cloud offering overnight – no engineering required on their side.

This is big news for us, and we’re excited to be working with Dell.

Now, let’s explore this idea of partnerships for public cloud a little more.

Developers and IT increasingly turn to new-school cloud vendors for their infrastructure.  Common sense on the eve of 2014.  But this shift was not anticipated by most SIs, MSPs, and hardware OEMs 5 years ago.

How have these vendors responded?  The results are mixed.  Many are still refining their cloud strategy, and wrestling with the build, buy, partner calculus.

The industry isn’t sitting still – far from it.  But there’s plenty of time for vendors who missed out on the first wave of cloud to capitalize on the second wave.  But as CenturyLink CTO Jared Wray recently wrote, building cloud is hard.  It takes a specific set of engineering skills that are in high demand.

Consequently, we’re seeing...

Read on...

Today at Dell World, Dell announced that CenturyLink has joined the Dell Cloud Partner Program.

So what does this news mean for Dell customers?  Simple: you now have easy access to a high performance, highly resilient public cloud, with extensive self-service capabilities.  And you will be supported by Dell and the CenturyLink Cloud team every step of the way.

Here are five key benefits you can take advantage of immediately on this platform:

Read on...

Last year, we made 12 predictions about what would happen in the cloud space in 2013. As the year comes to a close, it’s only fair for us to assess our hits and misses to see how well we did.

Recap and Scorecard

PREDICTION #1: 2013 will be the year of cloud management software.

REALITY: Hit. We saw this come true on multiple fronts. First, cloud management providers Enstratius and ServiceMesh were acquired by Dell and CSC, respectively. Tier 3 – known for the sophisticated management software that runs our IaaS – was acquired by CenturyLink. On top of this, Gartner estimates that a new vendor enters the cloud management space every month, and nearly every cloud provider is constantly beefing up their own management offerings. This shows the strategic value of comprehensive management capabilities in a cloud portfolio. Customer adoption of these platforms is also on the rise and Gartner sees 60% of Global 2000 enterprises using cloud management technology (up from 30% in 2013).

PREDICTION #2: While the largest cloud providers duke it out on price and scale, smaller cloud providers see that enterprise adoption really depends on tight integration with existing tools and processes.

REALITY: Mixed. Of course, cloud prices definitely...

Read on...