The promise of cloud hosted infrastructure sounds tempting. Someone else manages your database, you pay only for what you need, and the database can scale up with your business as it grows. However, the pricing for cloud hosted databases is optimized for non-RADIUS use cases which can result in surprisingly high operational costs when used as part of a RADIUS ecosystem.
Many cloud providers such as AWS offer database hosting services which seem reasonably priced at a first glance. They also typically offer additional benefits over a “self hosted” system such as security, tiered support, and scalability. This combination makes cloud hosted databases a sensible choice for many organizations.
That said, some of our clients have been blind-sided with high cloud costs for their hosted RADIUS databases. Why does this happen?
Most uses of cloud databases are for reads
A typical use-case for cloud databases is to store large amounts of data, and to do many queries. The data is updated occasionally, but not often. In many cases, reads outnumber writes one hundred to one.
Write operations are more expensive
The main issue with hosted databases is that the pricing models are based on the use-cases where database read operations strongly outnumber the database writes. In some cases, write operations can cost five times as much as read operations!
This model is fine if most of what you need to do is query a customer database or inventory system, and only occasionally do writes. However, the database usage pattern in a RADIUS ecosystem can be the exact opposite of this scenario, with the number of writes at least equal to the number of reads, and sometimes more.
For example, if you need to keep track of session data for accounting purposes, or if you keep your historical data separate from your live data, each RADIUS accounting packet results in one database read, and one database write. For an ISP with a million users, this can be a million read/write cycles, every ten minutes, 24 hours a day, seven days a week. The database write costs alone can quickly reach tens of thousands of dollars a month. This expense would be over and above the cost of storing hundreds of gigabytes of accounting data.
These numbers are enormous when you consider a comparison with a more conventional cloud storage scenario where reads outnumber writes by 100 times, a RADIUS server has closer to 1-1 read/write distribution. Which means that using RADIUS in the cloud can be hundreds of times more expensive than a non-RADIUS use-case!
The performance is artificially throttled
Some cloud hosting companies will also artificially throttle throughput at lower price tiers. This means that a smaller database will get slower performance, forcing the customer to pay for more storage than they need, in order to get the performance they want.
In RADIUS systems, it is common to expect performance of thousands of reads/second to authenticate users, even with relatively small databases. In the artificially throttled cloud model, you cannot get this level of throughput unless you pay for more storage capacity which then also permits higher throughput.
Coupling the pricing for performance with storage capacity means that customers have to choose the most expensive option to get the functionality they need from the cloud. The alleged “benefits of the cloud” turn out to have their costs, just like any other solution. In fact, we have seen several clients need to unnecessarily inflate the size of their databases simply to get better performance.
Shared resources are throttles resources
In many cases, it is possible to use a cloud virtual machine (VM), but not the cloud database. You can install your own database, and get a much better cost / performance ratio. There is still the downside that the cloud VM is using shared resources, and performance might just drop to near-zero for periods of time! If another VM on the same physical system is using large amounts of CPU time, disk IO, or network connectivity, then other VMs on the system can get “starved” of resources.
While such a cloud system may be “up” for purposes of monitoring, its performance will be minimal. So it might as well be “down”, as it cannot handle the load it normally needs to process.
What to do instead
If your organization is exploring cloud storage because you don’t want the overhead of managing your own database, and “cloud is cheaper”, there are other options.
We often recommend that our clients set up their own database and put it on their own hardware. They can then simply store their data server in a third party data center, which will provide physical security and temperature control. The data center will typically only charge for traffic, not storage because you are using your own hardware. This pricing model is often much truer to the promise of paying for “only what you need” than most cloud storage providers.
Need more help?
Network RADIUS has been helping clients around the world design and deploy their RADIUS infrastructure for 20 years. We specialize in complex systems and have seen pretty much every variation and problem out there. If you want help from the people who wrote FreeRADIUS, visit our quote page to contact us for a consultation.