Orchestration provides powerful capabilities to enterprise IT. It not only accelerates and standardizes IT-related tasks, but supports the extensive menu of self-service activities needed to run a cloud.
Orchestration first emerged to help IT professionals cope with the demands of virtual infrastructure. And now, with the increased adoption of hybrid cloud, orchestration continues to play a critical role in maintaining uniformity across IT environments.
Here's a breakdown of the basic concepts and best practices associated with hybrid cloud orchestration.
What is orchestration?
Orchestration defines a given process, usually expressed as a series of discrete steps that lead to a desired outcome. When coupled with automation, orchestration unshackles IT from much of the everyday provisioning of traditional data center operations.
The emergence of virtualization and then cloud -- which enables users to provision VM instances directly via a self-service model -- made manual IT processes even more impractical. Orchestration and automation tools, such as Chef, Puppet and Ansible, ensure that a certain process, like server setup, occurs consistently each time with minimum human intervention. More complex orchestration tasks might weave together multiple processes through the use of what's called runbooks or playbooks.
In addition to eliminating manual processes, automation and orchestration also enhance security, reduce troubleshooting and improve an organization's compliance related to IT activities.
The move from virtualization to cloud is only possible with orchestration. When a user wants to spin up an instance within a private or public cloud, orchestration provisions resources, connects services, deploys applications and handles other tasks needed to accommodate that request.
How does hybrid cloud affect orchestration?
With resources that span private and public infrastructure, hybrid cloud creates another level of abstraction that an orchestration platform must accommodate.
For example, an OpenStack private cloud might implement orchestration with Heat, while a public cloud platform, such as Microsoft Azure, has its own native orchestration tools. And there is no guarantee that the templates, workflows, plug-ins and other orchestration components within those two environments will work together natively. Enterprises, in this case, might need to adopt an additional, third-party hybrid cloud orchestration platform, such as Cloudify or Linux Foundation's OPEN-Orchestrator, which are based on the Topology and Orchestration Specification for Cloud Applications (TOSCA).
The role of TOSCA in hybrid cloud integration
The whole point of hybrid cloud orchestration is to use one platform to manage tasks across public and private clouds, but orchestration processes can vary dramatically within each of those environments. And these differences make it difficult to create uniform orchestration tools.
The most common way to overcome these differences is to add another level of abstraction, such as TOSCA, that enables organizations to explicitly describe and define the architectural components of each application. With TOSCA, an organization can create descriptions for resources such as VMs, containers, microservices and databases, including the unique requirements and dependencies of each.
Hybrid cloud orchestration tools compatible with TOSCA can then parse these descriptions to determine the most desirable deployment targets for those resources. Then, these tools can drive the corresponding actions required to achieve the orchestrated outcome.
Hybrid cloud orchestration demands a broad view of an IT environment, as well as the ability to take action based on that view. For example, it's not enough to simply orchestrate a new VM instance. In a hybrid cloud, an orchestration tool must determine the best place to deploy the instance, based on factors such as cost, workload importance, performance and availability demands, and security requirements.
What makes up a typical hybrid cloud orchestration stack?
There is no single stack or framework to orchestrate a hybrid cloud, but here is an example of what one might include:
- Lowest level: Includes the local and public cloud resources -- such as compute, storage and networks -- that require orchestration.
- Second level: Consists of hypervisors, such as Microsoft Hyper-V, VMware ESXi and Linux Kernel-based Virtual Machine, as well as container engines, like Docker, that are generally installed in the data center. These collectively provide the virtualization foundation upon which the private cloud is built.
- Third level: Houses the private cloud software, such as Apache CloudStack and OpenStack. Organizations that use containers might implement Kubernetes as a container orchestration tool at this level.
- Top level: Includes the hybrid cloud orchestration tool. IT teams can install this tool locally, as they would with a system like Cloudify, or it might be delivered as a managed service, like Platform9.
What are some challenges with hybrid cloud orchestration?
Even though orchestration must be coupled with automation to be effective, the actual effort required to implement and maintain orchestration is hardly automatic.
For IT teams, the deployment of the orchestration tool is usually the easy part. Deciding which processes to orchestrate -- and how -- is difficult, as these needs are unique to an organization. Carefully evaluate your IT processes, translate them into actionable code and update them as business and user needs change.
Orchestration tools can also cause problems, especially in hybrid cloud, where the platform must adequately support both the private and public infrastructure. Many hybrid cloud orchestration tools remain relatively immature, so expect some bugs, as well as periodic updates that could affect existing runbooks. What's more, to ensure high performance of these tools, IT teams might first need to optimize the software and the local hardware that supports it.
Security is not a significant concern in private clouds, where traffic and activity are confined to a local data center. But hybrid cloud orchestration tools can create additional risk, as they use APIs that aren't always encrypted. This could potentially expose traffic on the WAN or require the addition of separate encryption.
Finally, don't overlook network connectivity. Private cloud orchestration merely requires a LAN, but once an IT team extends orchestration to public cloud, it needs a reliable and responsive WAN connection. In some cases, an existing internet connection between the public and private clouds might be adequate. However, most enterprises will opt for a redundant, high-speed internet connection or a dedicated low-latency connection to the public cloud, such as a direct connect.