The cloud enables companies to
offload their back-end architecture into remote, virtual environments.
Besides freeing up physical space that would otherwise be used to house
server racks, the cloud allows organizations to hand off the
responsibilities of setting up, hosting, and scaling back-end
architecture to third parties like Amazon Web Services (AWS), Google
Cloud, Microsoft Azure, Heroku, Rackspace, Cloudstack, and others. If
you’re a brand new startup, this means you can forego the time and
expense of setting up a traditional data center. If you’re an
established enterprise, it gives you an opportunity to streamline your
fragmented and siloed data operations so that your onsite computing
power can be devoted to mission-critical problems.
That said, for all its benefits, the cloud isn’t for everyone. The convenience of the public cloud comes with costs, including a reduction in data security and increased latency. For many organizations, particularly those in regulated industries, like finance, or those that require high-performance, low-latency connections for certain functions, the public cloud isn’t a viable option. Many of these organizations have switched to private clouds, which allow them to enjoy some of the benefits of cloud computing without compromising security or performance.
Increasingly, organizations like these are looking to a third option: the hybrid cloud. In this article, we’ll explore what hybrid cloud solutions entail, how they compare to the public cloud, and who you need to set one up.
CLOUD COMPUTING REFRESHER
If you’ve ever used Dropbox for storage, Salesforce for CRM, ADP for payroll, or Gmail for communication, then you’ve used a cloud service (also known as a web service). What ties these different services together is that they don’t require the installation of software (though some services might have standalone apps). Rather than storing data on your own servers and running applications using your own resources, you access cloud services over the internet. The service providers are responsible for building specialized data centers that support their particular service for their clients.
While the above examples are generally considered examples of software-as-a-service (SaaS), there are other cloud services that replace many of the functions of a traditional data center. Amazon Web Services (AWS) is considered an example of infrastructure-as-a-service (IaaS), offering virtual access to storage, computing, scaling, and backup solutions. Additionally, platform-as-a-service (PaaS) providers supply a dev environment, server, and database. What all these cloud services have in common is that they fulfill roles traditionally handled by an on-site data center.
What if your business needs prevent you from using the public cloud? In these cases, many companies opt to create their own private clouds, implemented and managed by their IT departments. These private clouds are fire-walled behind the company’s network, meaning that sensitive information isn’t stored on the public internet.
What Is the Hybrid Cloud?
At its most basic, a hybrid cloud joins together a public and private cloud with an encrypted connection and technology that makes data portable. The key here is that both clouds remain separate, independent entities while also having one or more touch points in common. A hybrid cloud is not the same as simply relying on cloud services for some functions and a private cloud for others.
For some organizations, a hybrid cloud represents an intermediary step between their old on-site data storage and processing setups and transitioning entirely to the public cloud. For others, hybrid cloud solutions enable them to leverage the scalability of cloud computing while maintaining the integrity of their data and ensuring compliance with regulatory mandates and compliance standards.
Architecture of Microsoft hybrid cloud scenarios
Figure 1 shows the Microsoft hybrid cloud stack and its layer, which include on-premises, network, Identity, apps and scenarios, and the category of cloud service (Microsoft SaaS, Azure PaaS, and Azure PaaS).
The Apps and scenarios layer contains the specific hybrid cloud scenarios that are detailed in the additional articles of this model. The Identity, Network, and On-premises layers can be common to the categories of cloud service (SaaS, PaaS, or PaaS).
On-premises
On-premises infrastructure for hybrid scenarios can include servers for SharePoint, Exchange, Skype for Business, and line of business applications. It can also include data stores (databases, lists, files). Without ExpressRoute connections, access to the on-premises data stores must be allowed through a reverse proxy or by making the server or data accessible on your DMZ or extranet.
Network
There are two choices for connectivity to Microsoft cloud platforms and services: your existing Internet pipe and ExpressRoute. Use an ExpressRoute connection if predictable performance is important. You can use one ExpressRoute connection to connect directly to Microsoft SaaS services (Office 365 and Dynamics 365), Azure PaaS services, and Azure PaaS services.
Identity
For cloud identity infrastructure, there are two ways to go, depending on the Microsoft cloud platform. For SaaS and Azure PaaS, integrate your on-premises identity infrastructure with Azure AD or federate with your on-premises identity infrastructure or third-party identity providers. For VMs running in Azure, you can extend your on-premises identity infrastructure, such as Windows Server AD, to the virtual networks (VNets) where your VMs reside.
WHY GO HYBRID?
Now that we’ve covered what the hybrid cloud is, what are its advantages?
Flexibility. The main reason organizations adopt the hybrid cloud approach is that it gives them maximum flexibility to explore new products and business models. If your business needs are continually changing, your development team can benefit from having a private environment on which to build and test new software without having to dramatically rearrange your IT resources and architecture.
Security. Protected, confidential, and sensitive information can be stored on a private cloud while still leveraging resources of the public cloud to run apps that rely on that data. This is especially important for businesses that store sensitive data for their customers. (Think health care providers and payroll processors, for example.)
Stability. Even the biggest and most reliable cloud service providers have downtime. By keeping certain functions accessible and on-site, organizations insulate themselves from network failures. Another concern (currently hypothetical) involves the erosion of net neutrality, which could lead some ISPs to throttle speeds for certain traffic-intensive sites and services. For services that require an extremely high degree of availability (like social networks), ensuring stability is a major consideration.
Reduced latency. For certain high-speed functions, it’s impractical to run apps in the public cloud. Keeping some processing jobs on-site allows businesses to allocate their computing resources more effectively. Financial firms that handle high-volume trades and businesses that rely on real-time analytics are two examples of organizations that could benefit from keeping certain functions on a private cloud.
Cost effectiveness. As IT’s role has grown, so too have the demands placed on the data center. When data centers are forced to do too many things, efficiency suffers. You could invest money in upgrading your computing or storage, but why not offload the non-essential tasks onto a cloud-storage system? That way, you can dedicate your on-site resources to your most important tasks.
GETTING YOUR CLOUDS TO COMMUNICATE
The main feature of hybrid cloud environments is that applications and services that operate across different systems have to be able to exchange data. Each of these systems may have its own rules about how data can be stored and moved, based on business rules, regulatory mandates, and technical specifications. In order to achieve the efficiencies and savings of the hybrid cloud, these different workloads—which can include daily batch processes, real-time transactions, high-performance analysis, and more—need to behave as if they’re part of a single, unified system.
One of the best ways to integrate different cloud environments is via APIs. APIs allow a piece of software to connect with another piece of software without needing to access the underlying code. It does this via abstraction, presenting just the rules and interfaces needed to connect to the service. For hybrid cloud environments, abstraction provides another key advantage: It controls exactly what parts of your system are visible to outside developers. This way, you can protect the integrity of sensitive data on your private cloud while still allowing web services to access it as necessary.
All the major cloud service providers supply their own APIs to allow their customers to build workloads that take advantage of cloud storage and computing services. However, these APIs may require substantial programming in order to get them working with your system, and in the case where you’re using multiple cloud services, you should expect competing cloud APIs to be incompatible. Services like RightScale, Scalr, IBM WebSphere Cast Iron, and Morpheus provide a further layer of abstraction via templates and management tools that finesse these different APIs in order to integrate workloads.
SOME EXAMPLES OF HYBRID CLOUD ENVIRONMENTS
No two hybrid cloud setups are the same. Here are a few ways different organizations can take advantage of the hybrid cloud.
An e-commerce site relies on Salesforce in the public cloud to manage its customer relationship management (CRM) functions while also using a private cloud to test and build new analytics products based on that data.
A parts manufacturer relies on a private cloud to collect and analyze billions of points of data coming in from IoT sensors but also needs to enable customers on the public cloud to see real-time order-status updates that depend on that sensor data.
A major health care provider needs the ability to compartmentalize patient data in compliance with HIPAA while also enabling patients the ability to access some of their information through the provider’s web app.
A video-streaming service does not have the computing power on-site to handle weekend binge-watching. During these high-traffic periods, the company can “burst” some of their processes onto a public cloud service to ensure availability even as their traffic spikes.
THINGS TO CONSIDER WHEN MOVING TO A HYBRID CLOUD
Moving to a hybrid cloud can save money and make your organization more efficient and agile. That said, changing your IT infrastructure can be a complex and expensive undertaking. Before moving to a hybrid cloud, you should carefully weigh your options and make sure you have the personnel, resources, and time to make the switch.
Setup and customization. Who’s responsible for making sure that your web services are properly connected to your in-house operations? Integration can be a tricky and time-consuming process, so make sure you’ve allocated time for customization and testing.
Data transfer. Organizations should expect to incur a fee when moving their data onto the cloud, especially if there are large amounts of it.
Management. How will you manage your hybrid cloud environment? Especially when your workloads are abstracted from the hardware they run on, it’s critical to make sure that resources are efficiently assigned based on business needs and availability. Modeling out your workloads should give you some sense of how much CPU, disk, and memory resources are needed.
Storage and maintenance. Think carefully about how your data could grow. Are you a Big Data company that needs an extremely scalable storage solution? Or do you just need access to resources during peak times?
Compliance. If you’re in a regulated industry or handle sensitive data regularly, you’ll probably want to audit your cloud service to make sure it meets your specific needs.
Workloads. There are many different types of workloads, some of which are better suited to the cloud than others. Are you running batch workloads that can run in the background or overnight over the public cloud? Or do you need high-powered real-time analytics workloads that require all the computing power in your data center? The answer will help inform how you set up and manage your hybrid cloud.
Load balancing. In distributed computing environments, load balancing ensures that no single machine gets overwhelmed with requests. Typically, the load balancer sits in front of the servers and uses an algorithm to distribute workloads efficiently.
That said, for all its benefits, the cloud isn’t for everyone. The convenience of the public cloud comes with costs, including a reduction in data security and increased latency. For many organizations, particularly those in regulated industries, like finance, or those that require high-performance, low-latency connections for certain functions, the public cloud isn’t a viable option. Many of these organizations have switched to private clouds, which allow them to enjoy some of the benefits of cloud computing without compromising security or performance.
Increasingly, organizations like these are looking to a third option: the hybrid cloud. In this article, we’ll explore what hybrid cloud solutions entail, how they compare to the public cloud, and who you need to set one up.
CLOUD COMPUTING REFRESHER
If you’ve ever used Dropbox for storage, Salesforce for CRM, ADP for payroll, or Gmail for communication, then you’ve used a cloud service (also known as a web service). What ties these different services together is that they don’t require the installation of software (though some services might have standalone apps). Rather than storing data on your own servers and running applications using your own resources, you access cloud services over the internet. The service providers are responsible for building specialized data centers that support their particular service for their clients.
While the above examples are generally considered examples of software-as-a-service (SaaS), there are other cloud services that replace many of the functions of a traditional data center. Amazon Web Services (AWS) is considered an example of infrastructure-as-a-service (IaaS), offering virtual access to storage, computing, scaling, and backup solutions. Additionally, platform-as-a-service (PaaS) providers supply a dev environment, server, and database. What all these cloud services have in common is that they fulfill roles traditionally handled by an on-site data center.
What if your business needs prevent you from using the public cloud? In these cases, many companies opt to create their own private clouds, implemented and managed by their IT departments. These private clouds are fire-walled behind the company’s network, meaning that sensitive information isn’t stored on the public internet.
What Is the Hybrid Cloud?
At its most basic, a hybrid cloud joins together a public and private cloud with an encrypted connection and technology that makes data portable. The key here is that both clouds remain separate, independent entities while also having one or more touch points in common. A hybrid cloud is not the same as simply relying on cloud services for some functions and a private cloud for others.
For some organizations, a hybrid cloud represents an intermediary step between their old on-site data storage and processing setups and transitioning entirely to the public cloud. For others, hybrid cloud solutions enable them to leverage the scalability of cloud computing while maintaining the integrity of their data and ensuring compliance with regulatory mandates and compliance standards.
Architecture of Microsoft hybrid cloud scenarios
Figure 1 shows the Microsoft hybrid cloud stack and its layer, which include on-premises, network, Identity, apps and scenarios, and the category of cloud service (Microsoft SaaS, Azure PaaS, and Azure PaaS).
The Apps and scenarios layer contains the specific hybrid cloud scenarios that are detailed in the additional articles of this model. The Identity, Network, and On-premises layers can be common to the categories of cloud service (SaaS, PaaS, or PaaS).
On-premises
On-premises infrastructure for hybrid scenarios can include servers for SharePoint, Exchange, Skype for Business, and line of business applications. It can also include data stores (databases, lists, files). Without ExpressRoute connections, access to the on-premises data stores must be allowed through a reverse proxy or by making the server or data accessible on your DMZ or extranet.
Network
There are two choices for connectivity to Microsoft cloud platforms and services: your existing Internet pipe and ExpressRoute. Use an ExpressRoute connection if predictable performance is important. You can use one ExpressRoute connection to connect directly to Microsoft SaaS services (Office 365 and Dynamics 365), Azure PaaS services, and Azure PaaS services.
Identity
For cloud identity infrastructure, there are two ways to go, depending on the Microsoft cloud platform. For SaaS and Azure PaaS, integrate your on-premises identity infrastructure with Azure AD or federate with your on-premises identity infrastructure or third-party identity providers. For VMs running in Azure, you can extend your on-premises identity infrastructure, such as Windows Server AD, to the virtual networks (VNets) where your VMs reside.
WHY GO HYBRID?
Now that we’ve covered what the hybrid cloud is, what are its advantages?
Flexibility. The main reason organizations adopt the hybrid cloud approach is that it gives them maximum flexibility to explore new products and business models. If your business needs are continually changing, your development team can benefit from having a private environment on which to build and test new software without having to dramatically rearrange your IT resources and architecture.
Security. Protected, confidential, and sensitive information can be stored on a private cloud while still leveraging resources of the public cloud to run apps that rely on that data. This is especially important for businesses that store sensitive data for their customers. (Think health care providers and payroll processors, for example.)
Stability. Even the biggest and most reliable cloud service providers have downtime. By keeping certain functions accessible and on-site, organizations insulate themselves from network failures. Another concern (currently hypothetical) involves the erosion of net neutrality, which could lead some ISPs to throttle speeds for certain traffic-intensive sites and services. For services that require an extremely high degree of availability (like social networks), ensuring stability is a major consideration.
Reduced latency. For certain high-speed functions, it’s impractical to run apps in the public cloud. Keeping some processing jobs on-site allows businesses to allocate their computing resources more effectively. Financial firms that handle high-volume trades and businesses that rely on real-time analytics are two examples of organizations that could benefit from keeping certain functions on a private cloud.
Cost effectiveness. As IT’s role has grown, so too have the demands placed on the data center. When data centers are forced to do too many things, efficiency suffers. You could invest money in upgrading your computing or storage, but why not offload the non-essential tasks onto a cloud-storage system? That way, you can dedicate your on-site resources to your most important tasks.
GETTING YOUR CLOUDS TO COMMUNICATE
The main feature of hybrid cloud environments is that applications and services that operate across different systems have to be able to exchange data. Each of these systems may have its own rules about how data can be stored and moved, based on business rules, regulatory mandates, and technical specifications. In order to achieve the efficiencies and savings of the hybrid cloud, these different workloads—which can include daily batch processes, real-time transactions, high-performance analysis, and more—need to behave as if they’re part of a single, unified system.
One of the best ways to integrate different cloud environments is via APIs. APIs allow a piece of software to connect with another piece of software without needing to access the underlying code. It does this via abstraction, presenting just the rules and interfaces needed to connect to the service. For hybrid cloud environments, abstraction provides another key advantage: It controls exactly what parts of your system are visible to outside developers. This way, you can protect the integrity of sensitive data on your private cloud while still allowing web services to access it as necessary.
All the major cloud service providers supply their own APIs to allow their customers to build workloads that take advantage of cloud storage and computing services. However, these APIs may require substantial programming in order to get them working with your system, and in the case where you’re using multiple cloud services, you should expect competing cloud APIs to be incompatible. Services like RightScale, Scalr, IBM WebSphere Cast Iron, and Morpheus provide a further layer of abstraction via templates and management tools that finesse these different APIs in order to integrate workloads.
SOME EXAMPLES OF HYBRID CLOUD ENVIRONMENTS
No two hybrid cloud setups are the same. Here are a few ways different organizations can take advantage of the hybrid cloud.
An e-commerce site relies on Salesforce in the public cloud to manage its customer relationship management (CRM) functions while also using a private cloud to test and build new analytics products based on that data.
A parts manufacturer relies on a private cloud to collect and analyze billions of points of data coming in from IoT sensors but also needs to enable customers on the public cloud to see real-time order-status updates that depend on that sensor data.
A major health care provider needs the ability to compartmentalize patient data in compliance with HIPAA while also enabling patients the ability to access some of their information through the provider’s web app.
A video-streaming service does not have the computing power on-site to handle weekend binge-watching. During these high-traffic periods, the company can “burst” some of their processes onto a public cloud service to ensure availability even as their traffic spikes.
THINGS TO CONSIDER WHEN MOVING TO A HYBRID CLOUD
Moving to a hybrid cloud can save money and make your organization more efficient and agile. That said, changing your IT infrastructure can be a complex and expensive undertaking. Before moving to a hybrid cloud, you should carefully weigh your options and make sure you have the personnel, resources, and time to make the switch.
Setup and customization. Who’s responsible for making sure that your web services are properly connected to your in-house operations? Integration can be a tricky and time-consuming process, so make sure you’ve allocated time for customization and testing.
Data transfer. Organizations should expect to incur a fee when moving their data onto the cloud, especially if there are large amounts of it.
Management. How will you manage your hybrid cloud environment? Especially when your workloads are abstracted from the hardware they run on, it’s critical to make sure that resources are efficiently assigned based on business needs and availability. Modeling out your workloads should give you some sense of how much CPU, disk, and memory resources are needed.
Storage and maintenance. Think carefully about how your data could grow. Are you a Big Data company that needs an extremely scalable storage solution? Or do you just need access to resources during peak times?
Compliance. If you’re in a regulated industry or handle sensitive data regularly, you’ll probably want to audit your cloud service to make sure it meets your specific needs.
Workloads. There are many different types of workloads, some of which are better suited to the cloud than others. Are you running batch workloads that can run in the background or overnight over the public cloud? Or do you need high-powered real-time analytics workloads that require all the computing power in your data center? The answer will help inform how you set up and manage your hybrid cloud.
Load balancing. In distributed computing environments, load balancing ensures that no single machine gets overwhelmed with requests. Typically, the load balancer sits in front of the servers and uses an algorithm to distribute workloads efficiently.