freshidea - Fotolia
The transition from a private cloud to a hybrid cloud platform can be a difficult undertaking. Successfully blending a private and public cloud into a hybrid entity requires a careful consideration of factors, including security, software platform compatibility, data usage requirements and management. When properly navigated, IT pros and their organizations can derive the best of both public and private clouds.
Securing a hybrid cloud
Security typically involves comprehensive encryption of data, as well as the use of virtual private networks. The idea is that all data should be encrypted in the local private cloud, and kept encrypted as it moves across the internet to public cloud resources and services. No service or employee with the public cloud provider should possess encryption keys or otherwise be able to decrypt data moved to the public cloud.
Ultimately, the goal of security in a hybrid cloud platform is to ensure that data can move back and forth to the public cloud with no means of exposing the private cloud to a breach. Any data at rest should be similarly protected.
The software platforms used in private and public clouds must be compatible. Compatibility issues often start with the underlying hypervisor, so it's important to employ compatible hypervisors. For example, if a private cloud employs a hypervisor such as KVM or VMware vSphere, and the intended public cloud uses a hypervisor such as Xen, a conversion tool will be needed to enable private cloud workloads to run on the public cloud -- and vice versa.
The choice of a private cloud stack is perhaps even more complicated. Tools such as Eucalyptus and OpenStack enable the construction of a private cloud and the establishment of cloud services, but it's important to ensure that the private cloud stack -- and the resulting services -- will interoperate with the intended public cloud.
There is no single source for heterogeneous hybrid cloud construction, and multiple platforms might be required. It might be possible to create a hybrid cloud platform using the services of a public cloud provider -- such as Azure hybrid cloud -- but this creates vendor lock-in, which might be undesirable for organizations seeking the ability to use multiple public cloud providers.
Data usage requirements
It's important to understand the data present in the private cloud and how that data can be moved or exchanged with a public cloud. Some data might simply be too sensitive to move to a public cloud or to share with public cloud workloads. Other data might be suitable for migration, but only during certain times of day or during certain usage levels. This takes significant insight into the nature and value of business data, as well as the organization's security and compliance posture.
Finally, the creation and use of a hybrid cloud platform demand copious management. On one level, hybrid clouds require high degrees of automation and reporting. Much of the automation is based on policies that can be created and refined over time as business needs mature. But a hybrid cloud platform requires a deeper means of monitoring the exchanges between private and public resource pools.
For example, hybrid management must know what is present and running in the private cloud, what is present and running in the public cloud, the relative availability and performance of workloads in both environments, and must limit activities that might trigger undue costs -- such as excessive movement of data to and from the public cloud.
Dig Deeper on Cloud deployment and architecture
Related Q&A from Stephen J. Bigelow
Fog computing vs. edge computing -- while many IT professionals use the terms synonymously, others make subtle but important distinctions between ... Continue Reading
Learn how load balancing in the cloud differs from a traditional network traffic distribution, and explore services available from AWS, Google and ... Continue Reading
Access management is critical to securing the cloud. Understand the differences between AWS IAM roles and users to properly restrict access to AWS ... Continue Reading