PCMag Playbook: Getting Started with Hybrid Cloud
Cloud computing used to mean you had tghe ability to spin up virtual servers in public clouds, like Amazone Web Services (AWS) or Microsoft Azure. But in just a short half-decade the cloud has evolved to encompass almost any aspect of computing a general business user might require. From those virtual servers to using a third-party cloud service, like Salesforce Lightning, to mirroring entire data centers across multiple public hosters, it's all cloud computing. Complicating matters further, not every workload is suited to the cloud, which has most businesses moving only part of their IT operation cloud-wards while leaving the rest in their on-site facilities. And no matter which aspect of cloud or on-site computing you're talking about, if it spans your premises boundaries, it's a hybrid cloud; and shouldering the management and security duties for one can be a nightmare if you're not careful.
In this article, we'll walk you through what you need to consider before building your hybrid cloud, which services you should look into connecting, and how to manage everything via one cohesive console. Although the terminology and technology involved in this process can be a bit intimidating, especially for small to midsize business (SMB) owners without much technical experience, it's important to remember one important thing: the cloud is just another word for the internet.
Some Definitions
A public cloud is managed by a third party, a private cloud is managed by your internal team, and a hybrid cloud is a combination of both. So, in essence, by adopting a hybrid cloud, what you've done is outsourced the storage of some of your data and apps to a third party, while maintaining control over sensitive apps and data within your own internal network.
Before you go whole hog into the public cloud, it's important to determine what exactly you hope to accomplish. If all you need is the ability to clear some data capacity associated with software and apps from your hardware, then Software-as-a-Service (SaaS) apps should suit your needs quite well. In fact, most of you are probably already using SaaS-based tools. This is an easy fix that won't require much manpower or financial investment.
For those of you who need the majority of your digital assets to live elsewhere, you should look into a Platform-as-a-Service (PaaS) solution. These tools let you store all of your hardware, operating systems (OSes), databases, and any web-based software in the cloud. PaaS is a major investment that is most typically associated with mid- and large-sized companies.
However, if you're just looking to host some of your servers, data, and OSes in the cloud, you'll want to look into an Infrastructure-as-a-Service (IaaS) platform. This is the most common form of public cloud used among hybrid cloud adopters, especially small companies. For the sake of our audience, we'll be approaching the rest of this article from the perspective of a potential IaaS cloud adopter.
Choosing What to Store in a Private Cloud
As I previously mentioned, no one will care more about your data security than you will. Think of it this way: If you found a sack of money, would you trust someone to hold onto that money for you or would you want to keep hold of it yourself? This is the basic, unsophisticated explanation for why most companies choose to store sensitive data on their own private clouds.
However, let's adjust the metaphor to take into account the resources that most small businesses have at their disposal. Let's say you find a sack of money but you don't have any safe place to put it, and a reliable colleague with access to Fort Knox offers to hold the money for you while also giving you unfettered access to your cash. You'd be silly not to put your money in the vault, especially if you trust your colleague.
Most SMBs don't have the security chops or financial resources to build out that Fort Knox-level protection. Those who do have the skills and money to do so are better off keeping sensitive data in a private cloud. The data that isn't sensitive but still occupies too much real estate in your network should be offloaded to your public cloud.
Choosing a Public Cloud Service
Tools such as Amazon Web Services (AWS) and Microsoft Azure provide the physical servers, switches, and storage arrays on which your information is managed. If a piece of hardware breaks, it's not your responsibility to find a new home for your workloads.
Public clouds are also a lot more flexible than internal clouds. If your company is expecting a sudden influx of traffic, you can spin up and then spin back down once the rush ends, and you'll pay for only the capacity you used. However, if you run your own private data center, you'll have to purchase new hardware, expand the capacity of your cloud, and then you're stuck with equipment and bandwidth you don't need anymore.
So, if you agree that a public cloud service makes sense for you, there are many things to consider before choosing a vendor. Does it operate on 10 Gigabit Ethernet? Does it work with Linux? Is it based on OpenStack architecture? Your IT team needs to get together to determine which specific attributes are most important to your organization, and then run down a checklist to see which vendors offer these particular services. AWS is our Editors' Choice for public cloud services but it isn't based on OpenStack and it can be quite expensive. Conversely, Rackspace is OpenStack-compatible but it doesn't offer nearly the breadth of services that AWS provides.
Choosing a public cloud service isn't as easy as scrolling down a specifications sheet and choosing the most impressive numbers. You'll truly be partnering with your vendor to ensure the performance and security of your business data, so lay out your wants and needs, meet with each individual vendor, and choose based on compatibility.
Map Your Data Flow
As you begin to store you data where it needs to be stored, you've got to figure out the fastest, most secure, and most affordable way to funnel data between your public and private clouds as well as any on premises storage you may have. Work with your IT team to determine the right routes for data exchanges, and automate any processes that repeat themselves.
However, if implementing the public cloud, aggregating your data from both clouds, and syncing the systems become too complex, you might want to look into a cloud services broker. You can hire someone to fill this role, you can ask your vendor to provide an expert, or you can hire an external brokerage firm to manage the integration process.
What's critical here isn't just where data lives, but which data for which workload. Architecting a cloud is very similar to building an n-tier application with the added complication that those tiers can be anywhere. That's not only an issue from the perspective of behind and beyond the firewall, it's also an issue of where the data is geographically. Running an Internet of Things (IoT) app where your compute resources are in New York can be considerably more difficult if your data stores wind up in Utah no matter what your cloud provider says.
Then there's the issue of data protection and backup. The hybrid cloud model is probably the most effective architecture in this regard especially for SMBs looking to save money. No other deployment model gives you as many options with regards to security, redundancy, and easy disaster recovery. But it's also one of the most complex, spanning everything from virtual server clusters to fully mirrored software defined data centers. In the hybrid cloud, data flow and protection are truly devops disciplines, so make sure you've got access to this kind of expertise, which will also affect your choice of management tools.
Building a Management Platform
Only after you've mapped out all the preceding steps should you begin to seriously evaluate a management platform for your hybrid cloud. While there are vendors that'll try and sell you on a "single pane of glass" management stack (notably Amazon and Microsoft), what you're really looking for are several key IT tools:
- An infrastructure management platform that should cover managing and allocating virtual infrastructure resource pools, though it doesn't necessarily have to encompass your core hypervisor,
- A network monitoring platform that contains premises-spanning tools to monitor packets both beind and beyond the firewall,
- A security platform that'll probably consist of several tools covering identity management, backup and data protection, as well as perimeter defense and threat analysis.
An application performance monitoring (APM) tool might be a good idea, too, but most of these are aimed at only certain kinds of apps and useful primarily to developers. If you're using a large portfolio of third-party managed SaaS apps, like Salesforce or Oracle NetSuite , then you may not be able to find an APM tool that'll cover what you need to manage across all your workloads from a single console. In this case, you'll need to pick what's right for you.