Surviving the Cloud Wars: A Pragmatic Strategy for Norwegian Enterprises
Let’s have an honest conversation about the "Cloud." If you listen to the sales reps from Seattle or Redmond, the on-premise server is dead, and the only future is putting your entire infrastructure on a credit card billed by the hour. But as we approach the end of 2015, the honeymoon phase is ending for many CTOs.
The reality? Vendor lock-in is the new technical debt.
I recently audited a setup for a media firm in Oslo. They migrated everything to AWS eu-central-1. It worked fine until their bandwidth bill arrived. They were paying a premium for outbound traffic that would have been negligible on a standard dedicated link. Furthermore, with the current legal uncertainty surrounding the Safe Harbor agreement (Maximillian Schrems is currently making waves in the ECJ), relying solely on US-owned infrastructure is becoming a compliance risk for Norwegian companies handling sensitive data.
The solution isn't to abandon the cloud. It's to stop treating it as a religion and start treating it as a utility. This is the case for the Hybrid Architecture.
The Architecture: Burst vs. Core
The most resilient infrastructure strategy available today (Q4 2015) leverages the strengths of different providers. We call this the "Burst vs. Core" model.
- The Burst Layer (Public Cloud): Use AWS or Azure for auto-scaling front-end web servers. These handle unpredictable traffic spikes. If you get mentioned on a major news outlet, you scale out.
- The Core Layer (Specialized VDS): Place your database, caching layers (Redis/Memcached), and internal APIs on high-performance Virtual Dedicated Servers (VDS). This gives you predictable pricing, higher I/O performance, and data sovereignty.
The Latency Argument: Oslo vs. Frankfurt
Physics doesn't care about your SLA. The round-trip time (RTT) from Oslo to Frankfurt (AWS) is roughly 25-30ms. The RTT to a local datacenter in Norway is often under 2ms.
For a stateless web server, 30ms is fine. For a database executing 500 queries to generate a single page view, that latency compounds fast. By hosting your MySQL or PostgreSQL master node on a CoolVDS instance in Norway, you slash that application wait time. We use KVM virtualization specifically to ensure that your RAM and CPU cycles aren't stolen by a "noisy neighbor," a common plague in oversold public cloud environments.
Technical Implementation: Bridging the Gap
The challenge with hybrid cloud is networking. How do you securely connect your AWS front-end to your CoolVDS back-end? In 2015, the industry standard is a site-to-site VPN. While hardware appliances like Cisco ASA are an option, a well-tuned OpenVPN setup on Linux is cost-effective and robust.
Here is a battle-tested configuration for the bridge. Do not use default settings; encryption overhead can kill throughput.
# /etc/openvpn/server.conf on your CoolVDS Interface node
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0
# CRITICAL for performance on high-bandwidth links:
cipher AES-256-CBC
auth SHA256
sndbuf 393216
rcvbuf 393216
push "sndbuf 393216"
push "rcvbuf 393216"
keepalive 10 120
comp-lzo
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
verb 3
Pro Tip: Adjustsndbufandrcvbufbased on your link speed. The values above are optimized for a 1Gbps uplink, which comes standard on our Enterprise VDS plans. If you don't tune these buffers, OpenVPN will cap out around 20-30Mbps regardless of your hardware.
Orchestration with Ansible
Managing servers across two providers sounds like a headache, but tools like Ansible (currently version 1.9) make it trivial. You don't need an agent installed on the remote servers, just SSH keys.
Structure your inventory file to respect the provider boundaries:
[frontend:children]
aws_instances
[data:children]
coolvds_instances
[aws_instances]
web01 ansible_ssh_host=52.x.x.x
web02 ansible_ssh_host=52.x.x.y
[coolvds_instances]
db01 ansible_ssh_host=185.x.x.x
redis01 ansible_ssh_host=185.x.x.y
This allows you to push code updates to the AWS frontend while simultaneously rotating database backups on the CoolVDS backend with a single `ansible-playbook` command.
Data Sovereignty and The "Patriot Act" Factor
We cannot ignore the legal landscape. The Norwegian Data Protection Authority (Datatilsynet) is increasingly vigilant about how personal data of Norwegian citizens is handled. While US providers promise compliance, the US Patriot Act allows US agencies to demand access to data stored by US companies, regardless of where the server is physically located.
Hosting your core database on CoolVDS—a Norwegian entity subject to Norwegian law—adds a significant layer of legal protection. It allows you to tell your clients: "Your data lives in Norway, stays in Norway, and is protected by Norwegian law." In the enterprise sector, this assurance is often worth more than the raw hardware cost.
TCO Comparison: Public Cloud vs. CoolVDS
Let's look at the monthly costs for a high-performance database server with 4 vCPUs, 16GB RAM, and SSD storage.
| Feature | Major Public Cloud (Frankfurt) | CoolVDS (Oslo) |
|---|---|---|
| Compute (4 vCPU, 16GB RAM) | $160.00+ / mo | $65.00 / mo |
| Storage (100GB High IOPS SSD) | $25.00 (Provisioned IOPS extra) | Included (NVMe) |
| Bandwidth Out | $0.09 / GB | Unmetered (Fair Use) |
| Total Monthly | ~$250.00 | $65.00 |
The difference is staggering. Public cloud charges you for the privilege of auto-scaling. But a database rarely needs to auto-scale; it needs raw, consistent I/O performance and stability. Paying a premium for elasticity you don't use on your database layer is bad business.
Conclusion
Don't fall into the trap of thinking you must choose one provider. The smartest CTOs in 2015 are building hybrid networks that leverage the scale of the giants and the privacy and performance of local specialists.
If you are ready to secure your data and lower your TCO, build your core where it counts. Don't let slow I/O or legal ambiguity kill your project.
Deploy your high-performance database node on CoolVDS today. Instances provision in 55 seconds.