Hyperscale Cloud in China? Microsoft? Mooncake? Alibaba Cloud? Gotchas, pitfalls and directions to successfully navigate it

When Westerners think of hyperscale cloud providers, the usual suspects that come to mind are named Amazon Web Services, Microsoft Azure, Google Cloud Platform, Oracle, and IBM Cloud. Seldom do you hear another name, which tends to be odd since it is already the world’s third-biggest cloud service provider according to the numbers: Alibaba Cloud. And with yearly revenue growth between 60 and 140%, they sure are catching up fast.

 

Blog_AWS-vs-GCP-vs-Azure-vs-Alibaba

 

However, to operate a cloud within China there are some hoops you need to jump and you have to collaborate with the regional administration. Provisioning and relocation times, thus, are fundamentally increased, in no little part since tasks must be directed by the local partners. The truth of the matter is that, while it is conceivable, receiving a cloud foundation that does not have a physical presence in China places organizations that operate in China at a colossal detriment.

 

Nonetheless, things are not always so easy to understand, operate in the far east for Westerners.

firewall-4

The Golden Shield Project, more informally known as the great firewall of China, along with a list of administrative complexities, tends to complicate things a lot for western organizations wanting to set up cloud services inside the borders of the Asian superpower.

Any online-operation, self-hosted or in the cloud, will require an internet content provider (ICP) license issued by the Chinese ministry of industry. This is required for anything from a simple website to a large content delivery network. Obtaining an ICP license might take 5-30 days. Not having an ICP license will usually lead to the operation being blocked in China, defeating the purpose of setting up there.

 

public-cloud-h1-2018-02.png

 

A greater difficulty is the tendency of the great firewall to block connection to outside cloud services. This usually means that cloud applications set up inside China’s network can not have a direct data connection with anything on the outside, including your organization’s very own services or applications. Keep in mind that this also applies to operations close to, but not inside, mainland China. Even though Microsoft has set up it’s „Mooncake“ premises in Hong Kong, these are still filtered by and may even be blocked wholly by the great firewall if attempting to connect there from mainland China, this adds additional complexity to the mix and sets additional requirements for those looking to establish themselves with navigating the regulatory requirements.

 

While Alibaba Cloud (Aliyun) is currently operating from 18 datacentres around the world, on six continents, over 70 countries and 2500+ nodes, even the services from Aliyun cannot readily connect hosting inside mainland China to the outside. While the great firewall’s rules and operations are not an exact science, and many a researcher has spent a lot of time figuring out what gets blocked and what doesn’t, there is no clear cut answer. As a result, whether hosting with a local provider like Alibaba Cloud or Microsoft, there is no surefire way to tell if you will have unrestricted traffic flow through the golden shield or not. Due to the very dynamic nature in which the firewall operates, it’s even possible to have a worst-case scenario where the connection is working only temporarily. Whilst Aliyun might provide assistance in establishing connections between inside and outside-mainland datacentres, it is important to keep in mind that this is a service that comes without a factual warranty, so pairing up with a established Cloud whether Microsoft Azure or Alibaba Cloud is a necessity and absolutely pivotal for local success, united with experienced partners that can assist with navigating the regulatory and adhering to and adopting the necessary compliance.

 

2018-06-27_09592
Microsoft expanding datacenter capacity for Azure in China

 

In conclusion, companies and global organizations with activities in China may face an added complexity in their cloud projects underlining the importance of gathering the necessary licenses/permits to ensure compliance and successful deployment of cloud services behind the Golden Shield.

However enticing it might be to attempt and dispatch a business operation in China, any genuine endeavor requires an expert and dedicated approach to fully understand and use the difficulties and opportunities that emerge in the far east.

Did you enjoy the article? Want me to explore it further or if you have any questions, input or suggestions shoot me a message in the comments or over on twitter @UlvBjornsson

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s