How to secure a multi-cloud architecture

WavebreakMediaMicro - Fotolia


Fortify a DR strategy with automated failover in multi-cloud

Disasters happen, but they don't have to bring business to a halt. With the right mix of tools and testing strategies, active-active failover in multi-cloud keeps things running.

For certain enterprises -- such as financial institutions -- outages can cost as much as a million dollars per hour, not to mention the negative impact on customers and public relations. A multi-cloud disaster recovery plan can help mitigate such losses. Public cloud providers have data centers in different geographical regions, so, in the event of a man-made or natural disaster, another provider's cloud is unlikely to be affected, or as affected.

Even before cloud, organizations could achieve this kind of disaster recovery (DR) by placing back-up sites miles away from primary sites. This model is called active-active failover, and involves two sites that run exact copies of platforms, applications, storage and other required components.

Cloud makes active-active failover less expensive, since it eliminates the need to purchase your own hardware and software for a backup location. However, the setup of active-active automated failover in multi-cloud is a bit more complex.

Automated failover and scaling challenges

The first challenge is to create platform analogs, or duplicates of platforms on two or more brands of public infrastructure as a service (IaaS) clouds. While Amazon Web Services (AWS) and Azure offer similar platforms, such as Linux and Windows, they might not offer exactly the same configurations.

Continuously look for ways to improve the failover process.

Typically, you must rely on similar platforms and configurations for active-active failover. It's OK if the environments aren't exact duplicates, but test the failover process completely.

The second challenge lies in the cloud and configuration management systems that enable the automated failover. These tools sit above two or more IaaS clouds and provide autoscaling capabilities, as well as automate the failover from the primary IaaS cloud to a secondary backup IaaS cloud.

Picking the right technology here is critical. No single tool provides scaling and failover capabilities, configuration management and automated replication of applications and data. You'll likely need to compromise and use several tools. For example, cloud failover tools include CloudSigma, and some data replication tools are built into cloud-based databases, such as Oracle. Autoscaling capabilities are usually part of the cloud platform itself, such as AWS Auto Scaling. However, for multi-cloud, you'll need to invest in a third-party cloud management platform, such as those from CA Technologies, Cisco or Hewlett Packard Enterprise, to monitor and scale across cloud environments.

You need to test at the component level to ensure the application can automatically scale when a workload experiences additional load. Test your failover strategy monthly with prebuilt scripts to simulate a failure with the primary platform, as well as a failure with the backup platform. Continuously look for ways to improve the failover process, as well as the ability to auto scale on both the primary and the secondary IaaS clouds. See if new tools or processes can reduce latency or the amount of time it takes to restore and get back to production.

New technologies support automated failover in multi-cloud

New opportunities continue to arise with emerging technology. This includes serverless and containers, which can potentially help organizations establish these automated capabilities in multi-cloud beyond today's more traditional technologies.

Serverless computing eliminates admins' worries about the amount and configuration of public IaaS resources, such as storage and compute. However, while serverless systems exist on most public clouds, including AWS and Azure, compatibility and portability between these systems is challenge, because providers uses different programming languages and data.

Containers hold more promise. They are portable across major public cloud providers, including AWS, Azure and Google. Containers also have some capabilities for automated failover and scaling already built in through container orchestration and clustering subsystems, such as Kubernetes.

Next Steps

Test your cloud disaster recovery plan

Three pieces of advice for cloud DR

Explore these automated cloud backup tools and services

Dig Deeper on High availability and disaster recovery