There has been quite a buzz over the last year surrounding the Cloud Service-Level Agreement (SLA). What should be in one, whether uptime is the central priority for an SLA, and how to deal with breaches, among other topics. One of the knottiest challenges with Cloud SLAs, however, remains as knotty as ever: what do you do if your Cloud Service Provider‘s Cloud Service Provider (CSP) breaches their agreement with your CSP?
Here’s the most common scenario: you’re using some SaaS or PaaS offering, and everything is going fine, until it stops working. You ping your CSP and they lay the blame on their IaaS provider. Such an eventuality cropped up during Amazon Web Services’ outages in 2011 and 2012, affecting dozens of SaaS and PaaS providers who run in the Amazon IaaS Cloud. But such an outage could hit any IaaS provider, large or small. So, what do you do?
There are two sides to this question. On the business side, the question centers on liability. Who gets the blame — given the party at fault may have to pay penalties? And if the IaaS CSP is at fault, thus owing some penalty to your SaaS or PaaS CSP, do they have to pass along a slice of the pie to you, the end customer? There’s no easy way to answer such questions, and the only winners here are probably going to be the lawyers.
The other side of the question, of course, is the technical side. You require some combination of uptime, fault tolerance, elasticity, and other performance characteristics from your CSP, and they in turn require some possibly different combination from their CSP. Unfortunately, however, these characteristics don’t necessarily line up neatly. For example, your CSP’s IaaS provider must deliver sufficient capacity for all of your CSP’s customers, not just for you. Just as your CSP must divvy up memory and storage space across its customer base, so too must it divide up performance characteristics — only dividing up something like elasticity is very different from dividing up a specific amount of RAM.
It would be fabulous if I had the answers to these challenges, but unfortunately, I have no secret sauce to offer here. The bottom line is that it will require hard work and care to hammer out Cloud SLAs. Don’t shortchange the process.