[nickpsecurity]

It's a fair viewpoint. I guess my critical point is control: control over the hardware, its software, legal rights to it, and so on. If they're in control, it's theirs. How can it be myself if outsiders control or own it?

I guess a combo of philosophical and legal.

[stephenr]

I understand your point about control completely!

My highest priority for businesses making these choices is usually slightly more pragmatic, and focuses on avoiding provider lockin - something that you can install and run on your own local hardware, you can also (in most cases) install and run on co-located hardware, on rented hardware, on traditional rented virtual hardware (i.e. VPS) or on "flexible" rented virtual hardware (i.e. AWS, Azure, etc).

[nickpsecurity]

That's a very pragmatic philosophy. I'm especially impressed at your unusual focus on vendor neutrality as a lack of it costs many companies millions in long run (see IBM & COBOL). Since I mostly avoid clouds, I'm not up to date on that end. I'd like to attempt your style of things as an experiment in the future, though.

Do you have a resource or resources for what components, strategies, or platforms are best for the deployment you describe? Something useful for production apps, reliable, and easy to move from dedicated hardware all the way to AWS (or back if necessary). I'm sure there's other readers on my end of things that might be interested as well.

[stephenr]

Thanks. It doesn't always work out - clients/managers often seem to have "all the cool kids are using it" and/or "but it's the cloud, everyone uses the cloud now" mentality, but I try.

I should also emphasise that I'm mostly talking about infrastructure level "lock in" here - e.g. the artificial lock-in AWS creates for their Load Balancer and/or Elastic IP service by giving VMs new IPs on reboot, etc.

I definitely prefer Open Source solutions, but I'm one step more pragmatic in that space too - if a piece of locally-installable but proprietary software does the job and works with open standards (e.g. if you want to use self-hosted atmail) I'm less worried/vocal about that than if you say you want to use Gmail or whatever, but I'd still try to suggest a more open option.

In terms of resources, no sorry I don't have any single resource to go on, besides a basic rule/test:

Can I demonstrate the full stack being implemented, using one or more laptops (e.g. using VMs) on a plane or cruise ship? You could equally say "can i test the full stack while the WAN is disconnected" but that doesn't sound as fun!

I'm actually building my new business around this basic idea - giving smaller companies a better option to keep more control of their tech without the need for a full-time sysadmin (which is often financially impossible even if they wanted to). I genuinely believe the vast majority of things most businesses want/need to achieve can be done with existing Open Source software, its just usually not particularly easy to setup the various pieces, and make them work together.

[nickpsecurity]

That makes sense. It has been done before to a degree. For inspiration, look at Net Integrators Nitix appliance [1]. A UNIX system that was easier to configure, self-managing, largely auto-configed, partly self-healing, automatic backups, HA support, had most applications and a UI to integrate their configuration. It was selling well despite being priced above most SOHO servers. As often with good tech, a big firm (IBM) gobbled it up and rolled the tech into their own stack (Lotus).

A stack like you describe with good traits of Nitix-like solutions could be great for businesses not wanting much IT overhead. Might spread like wild fire so long as you don't sell out or balk over patent suits.

[1] http://www.pcmag.com/article2/0,2817,1734766,00.asp

[stephenr]

Thanks for the vote of confidence and the reference!