Organizations are migrating workloads to the public cloud, as well as implementing private clouds in-house. As these forms of cloud computing take hold, large and small businesses are focused on a hybrid cloud strategy to bridge the two models and form a hybrid cloud environment.
What is hybrid cloud?
A hybrid cloud is an amalgamation of technologies which include an on-premises data center, in-house or third-party private cloud, and public cloud services. These various technologies are connected through a WAN and integrated through orchestration techniques to create a single seamless logical entity that moves workloads between private infrastructure and public clouds as computing needs or cost models change. Ideally, a hybrid cloud provides businesses with competitive advantages such as greater flexibility and alternatives for workload deployment -- without unwanted tradeoffs such as migrating traditional VM workloads to cloud instances or developing cloud-native applications tied to a specific provider's services.
Hybrid clouds can be challenging to build and maintain. An enterprise has no direct control over the public cloud, so it must architect a private cloud to be compatible with the intended public cloud (or multiple clouds). Compatibility includes suitable compute, storage and networking hardware, along with compatible virtualization and private infrastructure software, such as OpenStack to provide desired private cloud services. This requires substantial expertise from enterprise cloud architects and engineers.
The most critical consideration is to implement a private cloud software stack that is compatible with the target public cloud's APIs and services. Without this compatibility, workloads and data cannot move seamlessly from private to public clouds and back.
What are the benefits of a hybrid cloud?
Even though there's considerable investment and effort involved, there are five main benefits of hybrid cloud that make it worthwhile for enterprises.
- Cost control. A business must be prudent about the workloads and services that run in its private infrastructure.
A private cloud is deployed with on-premises data center infrastructure that the enterprise controls and operates, and this requires a significant investment of capital, equipment and talent to deploy and maintain. Although a private cloud can parse and provision local resources in a cloudlike manner, the private cloud infrastructure is still finite.
An enterprise can mitigate costs with a connection between its private cloud and a public cloud. When local demand stresses capacity, the business draws upon additional resources of the public cloud to help smooth those spikes in demand. Similarly, the public cloud suits temporary, experimental or general-purpose workloads the company does not want to source, set up and manage in-house, such as disaster recovery (DR). Use finite private cloud resources for critical workloads and data, or simply run workloads where the costs are lowest.
Public cloud resources and services can also help to reduce the hardware costs within an on-premises data center. For example, a business that uses a server within a public cloud doesn't purchase or maintain that server locally.
The cost benefits of hybrid cloud also provide clarity on where the money goes. A hybrid cloud can make it easy to divide IT consumption into capital and operational costs. Enterprises can use tools to monitor cloud usage and obtain detailed reports on utilization -- and the cost of cloud services -- by department, manager, workload or other criteria.
- Flexibility and scalability. Agility is a core premise of cloud computing. A private cloud provides some provisioning and scaling agility, but the amount of available resources in a physical data center is still limited. In contrast, public cloud users can immediately deploy compute and storage instances, as well as related services, without constraints on resources. However, expect at least some migration prep work to move a local workload from private infrastructure to the public cloud.
Consistency is one of the main benefits of hybrid cloud. It is easier to create, shift and scale workloads and resources if the private cloud offers instance types and services that are similar to those available in the chosen public cloud. This consistency enables enterprises to provision and use private cloud resources when it's appropriate and cost-effective, then easily draw upon additional resources from the public cloud when necessary.
- Security. Security is a core focus for many enterprise IT teams -- data and the workloads that access it are vital business assets. A main security concern in public cloud is that the infrastructure is the exclusive property of the cloud provider. The user cannot see or control the entire cloud infrastructure. Additionally, the cloud provider takes on responsibilities to secure users' environments in the cloud, but is rarely responsible when a breach or other malicious activity occurs.
In many cases, the best way to protect data is to keep it on premises. The most sensitive data and critical workloads stay within the owned data center on a private infrastructure where the organization's IT staff maintain and safeguard the assets. With a combined public and private environment, enterprises gain some common hybrid cloud oversight. Best practices and tools -- such as Trend Micro Deep Security, McAfee Hybrid Cloud Security products and IBM hybrid cloud infrastructure -- can help organizations monitor, discover and report security issues across the hybrid cloud environments.
- Compliance. One advantage of public cloud is its global reach and abundant nature. Ideally, networking, storage and computing technologies support most workload operations from data centers located almost anywhere -- even at the network edge. It should not matter where a workload resides in the public cloud provider's fleet of data centers. However, national boundaries can come into play, with regulatory limitations on where companies store data and operate computing workloads. This complicates the move to purely public cloud for some multinational organizations.
With a hybrid cloud, a business can operate sensitive workloads in its private cloud and move data to and from the public cloud as the regulatory landscape changes, or as data and workloads evolve. For example, an organization can collect personally identifiable customer data in a private cloud, sanitize it in-house and send it to a public cloud application for processing or analysis such as a big data processing project.
Business continuity -- the ability of a business to continue to function -- is often a primary element of regulatory compliance. Another way that a hybrid cloud enhances business continuity is to support application, data and DR tasks which insures against system failures, security issues, and physical disasters.
- Uniformity. Lastly, hybrid clouds, in theory, support greater standardization in IT management practices. However, in practice, organizations often struggle to create that uniformity. IT staff does not want to assemble and operate a private infrastructure framework, then develop workflows and cobble together services that are hopefully consistent enough with a public cloud provider to make the hybrid setup work. That's a time-consuming, error-prone and expensive endeavor.
Public cloud providers have become more sensitive to the importance and benefits of hybrid cloud, as well as the challenges to integrate private and public environments. Top cloud providers offer various services that focus on hybrid needs:
- Microsoft Azure Stack enables a business to deploy Azure capabilities in on-premises systems.
- AWS Outposts similarly offers capabilities for a hybrid cloud setup based on AWS services.
- Google Anthos doesn't directly extend GCP services on premises; it uses Kubernetes, containers and plugins to deploy services and workloads in different locations.
- VMware Cloud on AWS is a partnership designed so users can integrate their on-premises VMware environments with Amazon's cloud.
As public cloud providers embrace hybrid cloud management, businesses don't need to construct a complete environment top to bottom. Instead, they simply extend the virtualized data center into familiar services in the cloud.
What are the disadvantages of a hybrid cloud?
Although the potential benefits of a hybrid cloud can be compelling, there are also numerous hybrid cloud disadvantages to consider, mainly related to complexity issues.
Architectural complexity. It's a detailed undertaking to design and implement a hybrid cloud, and often requires the service of a skilled cloud architect. While the underlying hardware can be relatively straightforward, the private infrastructure software stack can be complicated to master. Cloud architects must build resources and services within that private tech stack and understand the intended public cloud so that resources and services align and interoperate. This raises the bar for change management and software stack patches and upgrades.
Security complexity. Hybrid clouds can be strikingly difficult to configure and secure. IT staff must implement and manage not only authentication and security for private (local) workloads and data, but also comprehensive authentication and access control for public cloud resources and services. Security settings for the two realms must remain consistent and complementary, and a change in one cloud may need to be reflected in the other. Oversights or errors can expose vital data and critical workloads to unauthorized access and loss.
Troubleshooting complexity. Problems in a hybrid cloud environment can be troublesome to isolate and mitigate. Administrators rely on detailed logs and tools to identify problems, and the troubleshooting process can vary between private systems and public clouds, depending on where the actual trouble occurs. Efficient troubleshooting can require the services of highly experienced administrators and cloud engineers. For example, a private cloud offers complete visibility into the private infrastructure and software stack, while a public cloud only offers the visibility and control that is supported by native providers' and third-party tools.
Hybrid cloud considerations
Enterprises can adopt several tactics to help mitigate the disadvantages of a hybrid cloud and enhance the success of any hybrid cloud project.
Understand security. The team responsible to implement and manage a hybrid cloud environment should master cloud configuration and security. Invest in the training and expertise to secure the private infrastructure, as well as the intended public cloud -- those configurations must work together seamlessly, but the knowledge base for that cannot be gleaned overnight. Some organizations spend considerable time and effort to experiment and run proof-of-principle deployments before they architect a deployment for production. Enterprises also should carefully document and manage security to maintain business and regulatory compliance.
Use encryption. Data is an organization's most valuable asset. Encrypting that data at rest and in flight can help to mitigate loss or theft when intruders manage to slip past a security vulnerability. Today, comprehensive encryption should be standard practice within both private and public cloud storage.
Move workloads with care. Hybrid clouds' flexibility doesn't eliminate the need for strategic decisions about workload deployment. Not all workloads are appropriate for each cloud type. Business and regulatory concerns may demand that some critical workloads remain in a local data center, while other workload types may be suitable or ideal for public cloud deployment. Organizations must understand where that line is for their own business and industry and make deployment decisions accordingly.
Use automation and orchestration. Clouds are not intended to be manually controlled entities. Private infrastructure, public clouds and the hybrid clouds created from them depend on substantial automation to implement services and resources as uniform and consistent processes. Automation is matched with orchestration that carries out the automated tasks with little, if any, human intervention.