This article originally appeared in SDxCentral on August 25th.
Let’s start with a couple of questions for the CIO reader.
First, should your enterprises work with a single cloud provider? Most likely your answer will be “No!” And for good reason.
Second, will hybrid (not necessarily cloud) be part of your data center’s future in the next few years? Here the answer is not as clear-cut. And in the absence of an obvious answer, new questions come to mind – what should I do with my current data center and how might this public cloud environment be incorporated into the mix?
Aside from dealing with their current on-premises resources, there is at least one good reason for enterprises to want to keep resources on premises – vendor lock-in. As an IT leader, your responsibility for the data and for business continuity force you to think long term. You need to maintain control and be able to move your IT assets based on your business needs at any time.
This consideration, combined with the current reality of having an on-premises data center to take care of, in most cases will launch you on the hybrid cloud journey. Leaders that see the half-full glass of this change will also see how this move forces their team to learn and innovate.
There are other incentives for building a hybrid cloud. Some enterprises simply want to use the public cloud to accommodate bursty workloads, and may want to migrate everything except for mission-critical applications and sensitive data repositories. Regardless of your incentive, it’s important to be aware of potential challenges lurking ahead.
No Common Ground
There are lots of use cases for workload mobility between the different environments. It can be a need to simply migrate from on-premises to Azure or to allow the flexibility of using the public cloud for test and staging environments. However, from the basic terminology of each environment component, all they want to know is how the different cloud environments are operated and what an API call looks like.
One of the major issues is that enterprises and technology solution providers are looking for a common denominator to provide a unified user experience. But this approach seems to never hold, if only due to the pace at which the different platforms are evolving. As our CTO, Nati Shalom, wrote in a recent blog post:
“The result is that relying on this layer of abstraction comes with a high toll of compromising on the least common denominator, one size fits all model, and thus losing many of the benefits that modern clouds provide today. And we are rarely one size fits all.” Read more
Lack of Expertise
A recent survey shows that 32% percent of cloud users find a lack of resources and expertise to be their chief challenges when adopting cloud. Moving from a single infrastructure to a myriad of clouds creates a great challenge for IT leaders and their teams – they need to acquire more skills and fast. However, look at how clouds such as Amazon and Openstack have evolved in just a few years. The environment changes so quickly that they are in an endless race to keep up with their data centers and, in parallel, learn and adopt totally different environments. But it doesn’t end there. Implementing a hybrid environment means trying to tie these together into a single, well-automated and well-performing environment.
Finally, knowledge is costly. Overcoming this knowledge gap means hiring professionals or closing deals with cloud managed service providers (MSPs), as well as investing in training and educating the existing team. Time to market is of essence, because your competitors are already there.
As mentioned above, one of the drivers is to keep mission-critical workloads and data on the organization’s premises. However, when you open a door from your on-premises environment to the public cloud multi-tenant environment, you expand your attack surface. Just to be clear, this doesn’t mean the public cloud is less secure. It’s just another environment you are utilizing, which means there will be more “security points of failure”.. Therefore, implementing security best practices such as RBAC across the environment, as well as protecting the data with replicas on a secondary site, are highly important.
In addition, running a highly distributed environment is key. New initiatives in the security world are introducing more capabilities on that front. These allow you to automate security around individual components within an environment (e.g., a single application tier or even a specific container). The more detailed the level of security granularity, the better equipped you are to divide et impera vulnerabilities and attacks.
The Network Element
Obviously, the network is a fundamental component when dealing with hybrid or multi-cloud environments. Application developers tend to assume that all components of an application are in close proximity to each other. For example, they might see it as a given that the database tier is near the middle-tier servers. However, every administrator knows that linking between two disparate environments often causes huge headaches.
A network topology must be planned, factoring in its security and the potential latency between the different layers, both between internal and external resources. Mature cloud providers, such as Amazon and Microsoft, already recognize the importance of connectivity and have developed their own hybrid cloud network solutions, DirectConnect and ExpressRoute, respectively. As shown below, these are private, dedicated, low-latency network tunnels from the public cloud vendor’s data center through a telco or a data center facility (such as Equinix) directly to your on-premises environment.
Running an Application
Finally, the discussion is about migrating not a single server, but a whole application stack. Many tools that aim to support the hybrid environment complexity tend to look at hybrid management from an operational perspective, focusing their solutions on the underlying infrastructure. And they are missing the point.
Orchestrating a deployment of application stack resources involves more than just resource provisioning, and the infrastructure is only one element in running an application.
Running an application on a hybrid environment includes, for example, containers to facilitate workload mobility. This means using an orchestration solution that abstracts the application from the underlying infrastructure and allows its process to run on each of the environments. This layer should also support configuration management, monitoring, and so on.
Final Note: Paving the Innovation Road
VMware has been an integral part of enterprise IT for over a decade. Nonetheless, with no better cloud alternative presented by this vendor, enterprises are broadening their horizons, utilizing Amazon, Azure and OpenStack. With this movement, enterprise IT should continue to seek ways to utilize at least two cloud platforms.
In addition, as the role of the enterprise IT team changes from an operational entity to an innovative element, it can take the lead in creating the competitive advantage of its organization. The diversity can be challenging, but can also pave the road to innovation. Hybrid cloud can help R&D organizations’ development testing to better use the public cloud, as it forces operations to strive for full automation, and finally pushes IT to learn and adopt modern technologies and designs such as containers and microservices.