While it can be difficult to achieve, multi-cloud visibility improves the overall quality of experience for monitoring and minimizes security risks. Specific tools can help organizations gain that visibility.
In general, monitoring is the gathering of information about the status of IT elements. Visibility focuses on the behavior of a complex system in the present and over time. Gain a greater understanding of visibility, how it plays into multi-cloud management and best practices to follow.
Visibility in cloud computing
Visibility is defined by the relationship between mission requirements and supporting operations actions in addition to cloud resources and resource commitments. Multi-cloud visibility can be related to these relationships.
While each public cloud is a complex system, multi-cloud is a system of systems; its status and behavior cannot be easily derived by summing monitoring or observability -- the process of determining the state of a complex system -- data from each of the clouds involved. A top-down or application-centric approach is critical in creating an actionable view of multi-cloud behavior.
Public cloud providers offer a variety of services, including container hosting and orchestration, but some higher-level features stop at the cloud boundary, which fragments visibility. Any multi-cloud visibility strategy improves when admins use a common technology for cloud hosting. For example, a single Red Hat or VMware container framework deployed in both a data center and multiple clouds will be easier to adapt to visibility requirements than one that uses cloud-provider-specific technology for each cloud.
How to obtain multi-cloud visibility
There are two ways to gain multi-cloud visibility:
Sum the monitoring/observability data available for each cloud
Preferably this is done onto a single pane of glass. Assume that the multi-cloud is functional if all its components are functional. The first approach works for multi-clouds where each cloud hosts its own applications and nothing scales or redeploys across cloud provider boundaries. The advantage of this approach is that no special multi-cloud tools are required, just a means of making all clouds visible.
Determine how applications and components are deployed and governing rules
In this second approach, multi-cloud is a collective platform where the rules for deployment of application components will vary based on many factors. These factors are not visible to the individual cloud environments, but the state of resources influence them in each cloud. Multi-cloud visibility should start with the hosting technology that applies these rules. Often, this looks like a multi-cloud DevOps or orchestration tool, such as Google's Anthos.
Benefits of multi-cloud visibility
Visibility is an essential part of a multi-cloud strategy to create continuity, as well as ensure applications remain online. Below are some benefits that make it a critical feature.
Multi-cloud visibility maximizes application uptime and quality of experience (QoE). In turn, this maximizes the business value of the applications themselves. It improves the efficiency of the IT operations team, reducing labor and error rate.
Helps capacity planning and performance management
Because visibility aims at predicting future cloud application state, it can also be a valuable tool in capacity planning and performance management. An organization that knows the rules for scaling enables them to assess how differences in application usage would impact QoE. It also suggests remedies to add capacity to one or more of the clouds or to change scaling rules to allocate capacity that's already available.
Increases awareness to attacks
Any change in application configuration and workflow creates potential changes in the attack surface of an application. Knowing when these changes are happening is highly valuable. Multi-cloud visibility as it relates to scaling and redeployment policies is an element in security management. This particular driver is most likely found where multi-cloud is used as a common resource pool with cross-provider migration of components.
Highlights unusual behavior
The impact of multi-cloud visibility on security is difficult to assess. If you think of security as a combination of vulnerability management and exploit protection, though, visibility can play a role. Visibility may help security by highlighting unusual patterns of usage or application behavior. Where security issues can result in changes in application usage or database access, admins can collect this information and make it visible, along with security components' performance and availability.
Multi-cloud visibility tools
To select a multi-cloud visibility tool, start with an understanding of how your organization uses multi-cloud. Look for applications that cross cloud boundaries in a static way or through scaling or redeployment. If you have that, your multi-cloud should be considered a common resource. If not, then it's a parallel resource set.
There are tools available to support both visibility strategies and several different focuses.
Security. OpsCompass and ScienceLogic are helpful because they support monitoring/observability and security in the major public clouds.
Orchestration. For top-down scaling and redeployment centricity in multi-cloud visibility, look to the tools capable of orchestrating multi-cloud resource pools. For containers, Google Anthos, Red Hat OpenShift and VMware Tanzu all provide the necessary tools. For DevOps purposes, Ansible, Chef and Puppet are good options.
Good multi-cloud visibility starts by classifying the nature of multi-cloud usage and the extent to which a single hosting model is deployed across clouds. When your multi-cloud is used as a common resource pool, you'll need to start with a common visibility framework that supports cross-cloud operations. When you use each cloud in your multi-cloud independently, all you'll need is a tool to centralize the visualization of cloud status.
Visibility is more than tools. It starts with that critical question of missions and supporting operations. If there's a place where top-down thinking and planning is critical, multi-cloud visibility is it.