Ticketmaster: 'Self-Inflicted DDoS' Is Our Business
LOS ANGELES -- Open Networking Summit -- The instant popular tickets go on sale on Ticketmaster, the service needs to be ready for staggering demand bursts. For that reason, Ticketmaster principal architect Francis Arigo describes its business model as "self-inflicted DDOS."
Ticketmaster's platform goes from zero to 150 million transactions in minutes when a popular artist like Beyonce puts tickets on sale, Arigo said at a keynote presentation at the conference here Thursday. That demand lasts for five to 30 minutes, until tickets sell out. During that time, Ticketmaster is pounded by both legitimate consumers and by bots run by scalpers looking to make an illegitimate profit on the tickets.
At first, Ticketmaster looked into going entirely to public cloud as an option. Arigo literally sang a song about that; he came onstage wearing a guitar and sang "The Public Cloud Song" to the tune of Tracey Chapman's "Fast Car" ("You've got a fast cloud /and I don't want datacenters anyway." Full lyrics here.)
But the public cloud proved unsuitable to Ticketmaster's business, for reasons already well-known to even the most casual consumer: The public Internet is unreliable. Arigo noted that anybody buying a ticket online doesn't leave that ticket in the cloud; they download the ticket to a mobile wallet. They want the ticket to be available immediately when they need to present it, and they know the public cloud can't deliver those kinds of performance guarantees. Users can't control all hops.
When tens of thousands of NFL fans are trying to enter a stadium before kickoff, the venue needs to stay on a more reliable network or re-architect the client to deal with lost connectivity, Arigo said.
Likewise, higher cost workloads such as search and Kafka are not suited to the public cloud, Arigo said.
Going hybrid provides the best of both worlds, combining the benefits of public cloud and on-premises, Arigo said. With a hybrid approach, Ticketmaster has the dynamic elasticity of public cloud while maintaining service level guarantees of on-premises infrastructure. Developers can go where the cost makes the most sense.
But hybrid cloud has its own challenges, Arigo said. Security becomes at least twice as complex. Infrastructure runs both on-premises and in the cloud, and they both need to sync. Automation is key to taming security. "A good security policy allows developers to deploy fast but still puts guardrails around security and compliance," Arigo said.
And even with hybrid cloud, connectivity is still an issue -- the connection between the public cloud and on-premises infrastructure is WAN connectivity, with latencies. Developers need to keep that connectivity in mind. "When you have a hybrid cloud, it's easy for developer to think of it as one entity -- 'I'm just deploying it,' " Arigo said.
- CenturyLink to Open Source NFVi Orchestrator
- Uber: 'Infrastructure as Code' Drives Growth
- Open Source Zeroes In on the Edge
- LF Networking Gets Ambitious About Open Harmonization
- DANOS Fuels AT&T's White Box Binge
- LFN: Open Source $11B Vendor Opportunity
— Mitch Wagner Editor, Enterprise Cloud, Light Reading