Cloud computing used to mean you had tghe ability to spin up virtual servers in public clouds, like Amazone Web Services (AWS) or Microsoft Azure. But in just a short half-decade the cloud has evolved to encompass almost any aspect of computing a general business user might require. From those virtual servers to using a third-party cloud service, like Salesforce Lightning, to mirroring entire data centers across multiple public hosters, it's all cloud computing. Complicating matters further, not every workload is suited to the cloud, which has most businesses moving only part of their IT operation cloud-wards while leaving the rest in their on-site facilities. And no matter which aspect of cloud or on-site computing you're talking about, if it spans your premises boundaries, it's a hybrid cloud; and shouldering the management and security duties for one can be a nightmare if you're not careful.
In this article, we'll walk you through what you need to consider before building your hybrid cloud, which services you should look into connecting, and how to manage everything via one cohesive console. Although the terminology and technology involved in this process can be a bit intimidating, especially for small to midsize business (SMB) owners without much technical experience, it's important to remember one important thing: the cloud is just another word for the internet.
A public cloud is managed by a third party, a private cloud is managed by your internal team, and a hybrid cloud is a combination of both. So, in essence, by adopting a hybrid cloud, what you've done is outsourced the storage of some of your data and apps to a third party, while maintaining control over sensitive apps and data within your own internal network.
Before you go whole hog into the public cloud, it's important to determine what exactly you hope to accomplish. If all you need is the ability to clear some data capacity associated with software and apps from your hardware, then Software-as-a-Service (SaaS) apps should suit your needs quite well. In fact, most of you are probably already using SaaS-based tools. This is an easy fix that won't require much manpower or financial investment.
For those of you who need the majority of your digital assets to live elsewhere, you should look into a Platform-as-a-Service (PaaS) solution. These tools let you store all of your hardware, operating systems (OSes), databases, and any web-based software in the cloud. PaaS is a major investment that is most typically associated with mid- and large-sized companies.
However, if you're just looking to host some of your servers, data, and OSes in the cloud, you'll want to look into an Infrastructure-as-a-Service (IaaS) platform. This is the most common form of public cloud used among hybrid cloud adopters, especially small companies. For the sake of our audience, we'll be approaching the rest of this article from the perspective of a potential IaaS cloud adopter.
Choosing What to Store in a Private Cloud
As I previously mentioned, no one will care more about your data security than you will. Think of it this way: If you found a sack of money, would you trust someone to hold onto that money for you or would you want to keep hold of it yourself? This is the basic, unsophisticated explanation for why most companies choose to store sensitive data on their own private clouds.
However, let's adjust the metaphor to take into account the resources that most small businesses have at their disposal. Let's say you find a sack of money but you don't have any safe place to put it, and a reliable colleague with access to Fort Knox offers to hold the money for you while also giving you unfettered access to your cash. You'd be silly not to put your money in the vault, especially if you trust your colleague.
Most SMBs don't have the security chops or financial resources to build out that Fort Knox-level protection. Those who do have the skills and money to do so are better off keeping sensitive data in a private cloud. The data that isn't sensitive but still occupies too much real estate in your network should be offloaded to your public cloud.
Choosing a Public Cloud Service
Tools such as Amazon Web Services (AWS) and Microsoft Azure provide the physical servers, switches, and storage arrays on which your information is managed. If a piece of hardware breaks, it's not your responsibility to find a new home for your workloads.
Public clouds are also a lot more flexible than internal clouds. If your company is expecting a sudden influx of traffic, you can spin up and then spin back down once the rush ends, and you'll pay for only the capacity you used. However, if you run your own private data center, you'll have to purchase new hardware, expand the capacity of your cloud, and then you're stuck with equipment and bandwidth you don't need anymore.
So, if you agree that a public cloud service makes sense for you, there are many things to consider before choosing a vendor. Does it operate on 10 Gigabit Ethernet? Does it work with Linux? Is it based on OpenStack architecture? Your IT team needs to get together to determine which specific attributes are most important to your organization, and then run down a checklist to see which vendors offer these particular services. AWS is our Editors' Choice for public cloud services but it isn't based on OpenStack and it can be quite expensive. Conversely, Rackspace is OpenStack-compatible but it doesn't offer nearly the breadth of services that AWS provides.
Choosing a public cloud service isn't as easy as scrolling down a specifications sheet and choosing the most impressive numbers. You'll truly be partnering with your vendor to ensure the performance and security of your business data, so lay out your wants and needs, meet with each individual vendor, and choose based on compatibility.
Map Your Data Flow
As you begin to store you data where it needs to be stored, you've got to figure out the fastest, most secure, and most affordable way to funnel data between your public and private clouds as well as any on premises storage you may have. Work with your IT team to determine the right routes for data exchanges, and automate any processes that repeat themselves.
However, if implementing the public cloud, aggregating your data from both clouds, and syncing the systems become too complex, you might want to look into a cloud services broker. You can hire someone to fill this role, you can ask your vendor to provide an expert, or you can hire an external brokerage firm to manage the integration process.
What's critical here isn't just where data lives, but which data for which workload. Architecting a cloud is very similar to building an n-tier application with the added complication that those tiers can be anywhere. That's not only an issue from the perspective of behind and beyond the firewall, it's also an issue of where the data is geographically. Running an Internet of Things (IoT) app where your compute resources are in New York can be considerably more difficult if your data stores wind up in Utah no matter what your cloud provider says.
Then there's the issue of data protection and backup. The hybrid cloud model is probably the most effective architecture in this regard especially for SMBs looking to save money. No other deployment model gives you as many options with regards to security, redundancy, and easy disaster recovery. But it's also one of the most complex, spanning everything from virtual server clusters to fully mirrored software defined data centers. In the hybrid cloud, data flow and protection are truly devops disciplines, so make sure you've got access to this kind of expertise, which will also affect your choice of management tools.
Building a Management Platform
Only after you've mapped out all the preceding steps should you begin to seriously evaluate a management platform for your hybrid cloud. While there are vendors that'll try and sell you on a "single pane of glass" management stack (notably Amazon and Microsoft), what you're really looking for are several key IT tools:
- An infrastructure management platform that should cover managing and allocating virtual infrastructure resource pools, though it doesn't necessarily have to encompass your core hypervisor,
- A network monitoring platform that contains premises-spanning tools to monitor packets both beind and beyond the firewall,
- A security platform that'll probably consist of several tools covering identity management, backup and data protection, as well as perimeter defense and threat analysis.
An application performance monitoring (APM) tool might be a good idea, too, but most of these are aimed at only certain kinds of apps and useful primarily to developers. If you're using a large portfolio of third-party managed SaaS apps, like Salesforce or Oracle NetSuite , then you may not be able to find an APM tool that'll cover what you need to manage across all your workloads from a single console. In this case, you'll need to pick what's right for you.
In fact, unless you opt for the one-vendor strategy, you'll need to pick what's best for your company in any case, and that largely boils down to the choice of commercial versus open source. Buying an all-up stack from a single vendor will get your management tools and also your hybrid cloud, deployed more quickly, but it'll limit your long-term options in some cases. It might also be cheaper in the very long-run, but that math will be highly individual to every organization and workload scenario - be very careful here.
Tying together multiple commercial tools can swing either way on the cost meter, though in general you can save money if you're careful and forward-thinking; and, it can leave open doors when it comes to future business needs and feature requirements. The trick is the integration cycle. Skimping on this tedious process can really bite you later in the deployment project, but going through it initially is well and truly the definition of "chore." A proper integration process requires not just mapping features across different vendors' tool sets to make sure all your needs are covered, it means auditing your IT management tasks and trouble incidents over at least the last year to identify where your IT operation needs strong tools, then deploying test versions of all your candidate tools, then running testing scenarios of all your day-to-day IT tasks as well as that year-long list of unexpected trouble situations to see how your proposed tool stack gels "under load."
After that, you should consult with someone who has had experience managing workloads similiar to yours across cloud premises and using the apps in your organization's portfolio to get a handle on what new kinds of trouble can come your way once the hybrid cloud is live. Then test your proposed stack against those. That's a ton of work and most IT shops won't have enough time to complete it before the hybrid cloud needs to be running. So your real-life chore will be choosing what's most critical from this long list and at least making sure that not only does the testing get done on this sub-set, but the results from that testing are done early enough to factor into your purchasing decisions.
The open source question can add even more wrinkles depending on which tools you decide to evaluate. Many are run with just as much support expertise as commercial vendors these days, though their revenue model is different, which means you'll need to factor in new and different CFO math. From an IT perspective, if you're wanting to rely on open source tools that require a lot of technical expertise, which many devops-oriented tools do, then be sure you have that expertise locked down before making your decision. There's a skills gap in IT today and much of it surrounds effective devops personnel, so you need to be careful and realistic or you'll wind up jumping on a wagon you can't drive.
If the cloud is on your horizon in any way at all, and these days it should be, then a hybrid cloud is more than likely in your future. The trick isn't building one, the trick is building it carefully yet quickly enough to address business needs without locking yourself into an architecture that hurts more than it helps. Following the steps outlined above can help and stay tuned to PCMag as we publish more helpful build guides in the near future.