‘Hybrid cloud’ inherits benefits of both private/on-premise, and public cloud solutions. Enterprises, whether small or large, are rapidly moving their IT infrastructures to the cloud. The cloud shift proportion is anticipated to be 28% by 2022 per Gartner within enterprise IT spending.
While the public cloud adoption rate is significant, it’s inevitable to not have private cloud strategy due to sensitive business-critical applications. Thus, it becomes more prudent to adopt hybrid cloud solution which can cater IT needs of organisations across sizes and sectors.
Hybrid cloud has multifaceted design and implementation considerations. Before we chalk out an effective hybrid cloud implementation strategy, let’s have a glance at the types of cloud computing offerings.
Infrastructure as a service (IaaS) is the cloud computing offering where vendors provide underlying infrastructures such as servers, storage and networking. Popular offerings include AWS (Amazon Web Services) Elastic compute cloud (EC2), Microsoft Azure VMs and Google cloud platform (GCP) Google Compute Engine (GCE).
Platform as a Service (PaaS) provides the development environment to organisations along with servers and storage. This essentially means having development and testing tools in-built/pre-installed, and would only require to develop, manage, and deploy the applications.
AWS Elastic Beanstalk, Microsoft Azure App Service, GCP App Engine are few prominent PaaS cloud offerings.
Software as a Service (SaaS) is the service in which the complete software is hosted on the vendor’s cloud and given access over the public internet to end-users.
Salesforce CRM, Office 365 and Gmail are widely deployed SaaS offerings.
Function as a Service (FaaS) is the cloud service which allows users to develop and maintain applications without worrying about the underlying infrastructure. The cloud provider takes care of compute servers, storage, and networking based on the application need which follows a serverless computing model.
AWS Lambda, Azure function, and GCP functions are some of FaaS cloud computing offerings.
Container as a Service (CaaS) enables cloud service platforms to provide containers, cluster management, and compute instances for better fault tolerance, load sharing and auto-scaling.
Amazon Elastic Kubernetes (EKS), Azure Kubernetes Service (AKS), and Google Kubernetes Engine (GKE) are fully integrated container orchestration cloud computing services.
Hybrid Cloud Implementation – What factors to consider?
Hybrid cloud provides flexibility to an organisation to move an application between the private and public cloud. There are numerous approaches to hybrid cloud implementation, but the underlying design principles remain the same. We need to have the following considerations in mind while designing the hybrid cloud solution:
Migration: Moving traditional data centre applications to a private/on-prem cloud
Connectivity: Having a reliable wide area network (WAN) between private and public cloud
Portability: Developing applications commonly to run across private/public clouds
Policy Management: Limiting business-sensitive applications to private cloud
Performance: Considering the application quality of experience and load balancing
Storage: Detaching storage from computing for easy application movement
Compatibility: Choosing compatible private and public cloud APIs/services
High availability: Designing for fault tolerance
Security: Implementing security at every stage of the solution
Management: Ensuring centralised management for both on-prem and public cloud
Hybrid Cloud Implementation – How to build a Hybrid cloud?
There is no single strategy to build a hybrid cloud. Organisations with traditional data centres can choose to add adequate virtualisation and invest in cloud management software which will provide a single glass pane view for all the resources across the private and public cloud. Smaller organisations will benefit more from a hybrid cloud solution where private/on-prem comes from the same vendor.
The compatibility of applications across the private and public cloud is a daunting task and is the key to have a successful hybrid cloud solution. An on-prem application built for hyper-V or KVM hypervisor might not work well with AWS EC2. The application built for one operating system with a particular configuration might perform poorly with another operating system in the public cloud. The security and integrity of data is another challenge which needs to be addressed.
In short, we have the following common challenges to address while building a hybrid cloud:
- API compatibility
- High operational cost to maintain a private cloud
- Enhanced complexity
A typical hybrid cloud will consist of on-prem bare metal/virtualised cloud; supported by IaaS of a public cloud. In IaaS, the organisation needs to keep the operating system in mind while developing and packaging any application. However, if the application development environment is built upon CaaS (container as a service), it will help overcome all shortcomings listed above.
With a container, the application can be deployed anywhere, irrespective of the underlying platform, operating system. Major cloud providers (AWS, Azure, GCP) support dockers which provide a well-defined mechanism to package the application into images. Dockers do provide a standard runtime (refer to CaaS diagram) as agreed by the development community.
Thus, an effective hybrid cloud is built using docker/container technology where:
- Application movement is seamless across both public and on-prem cloud.
- Application portability is no longer a concern
- The maintenance of application becomes less complex
- The operational cost is brought down significantly
Hybrid Cloud – How Kubernetes impacts it?
Kubernetes is container orchestration framework which allows dynamic upward scaling, automatic deployments, and manages multiple containerised applications. It builds a cluster of containers running on different hardware. An effective hybrid cloud strategy which is built around CaaS will be supplemented by Kubernetes to automate the workloads.
Kubernetes provides the following requirements (in addition to CaaS) for Hybrid cloud solutions which makes it more desirable hybrid cloud strategy:
High Availability: Containers in the cluster can fail, and restart without loss of access.
Auto Scaling: Adds more containerised application based on the demand.
Load balancing: Allows application load to be balanced.
Isolation: Helps prevent undesired interactions of applications.
Kubernetes can run on both on-prem and public cloud. It is well supported by major on-prem (OpenStack) and public cloud vendors (AWS, Azure, GCP). The management of Kubernetes services between on-prem and public clouds are facilitated by technologies (VMware Tanzu, Azure Arc, Google Anthos) which push out the control plane to on-premises.
Hybrid Cloud – Security Considerations
Though the solution has multiple security aspects integrated, the administrator needs to be cautious of the following facts while implementing the hybrid cloud:
- Restrict the business-critical application data to the on-prem cloud. Apply appropriate control policies and firewall to protect such data.
- Implement data encryption to protect data across the public cloud.
- Implement security for web applications and accesses using SSL/TLS.
- Deploy infrastructure on the cloud with security added at every stage.
- Keep user access security and compliance in check, and enforce single IdAM (Identity access management).
- Choose hardware/devices which have inbuilt security support in HW.
Hybrid cloud provides a great deal of flexibility to an organisation with futuristic expansion capabilities and affordable solution offering. Kubernetes is an appropriate launching vehicle for hybrid cloud and makes it a feasible solution.
However, Kubernetes or no-Kubernetes, if your company is investing in the cloud then hybrid cloud is the most suitable strategy for you at this hour.
Written by Ashish Kumar, Cloud Deployment Expert. Ashish is a freelance contributor at fastnforward.technaura.com.
For further articles, please read further: