markrubens - Fotolia
With the ability to combine private cloud and public cloud services with orchestration between the two, hybrid cloud gives enterprises the best of both worlds. But to fully realize the benefits of hybrid cloud, it's important to implement hybrid cloud management practices that address three key issues: security, account management and billing, and resource provisioning.
Hybrid cloud security should focus on user management, access controls and encryption.
User management typically begins with a directory, such as Active Directory or Lightweight Directory Access Protocol. Users can integrate on-premises directories with cloud-based directories such as Azure Active Directory or AWS Directory Services. Enterprises can host directories in the cloud, but may also want to maintain an on-premises directory that easily integrates with multiple cloud providers when carrying out a hybrid cloud implementation.
Some workloads will run in private and public clouds, and this may affect the way users implement access control policies, roles and groups. For example, when possible, access controls should avoid mention of reference attributes that are proprietary to the public cloud.
Key management is another important security consideration. If your organization doesn't have a public key infrastructure, consider AWS Key Management Service or Microsoft Key Vault. These services act as another line of defense and allow users to manage encryption keys without solely depending on a cloud provider's encryption.
2. Account management and billing
Billing is another area that requires careful attention. No one wants monthly cloud bill surprises, so it's important to have on-demand access to current charges, as well as upcoming billing cycle forecasts.
Third-party services, such as RightScale and Cloudability, offer visibility into cloud expenses. Additionally, these services provide budget alerts and recommendations for instance sizing and cost-allocation reporting. Budget alerts are especially helpful if they consolidate charges from private and public clouds.
There are options for limiting cloud expenses, but these depend on the level of control that an organization wishes to implement. Some third-party tools have controls that prevent resource provisioning once enterprises exceed the allotted budget. This option would work well for development and test environments.
Approach budget controls more cautiously for production instances -- if costs exceed a limit, operational systems can be unintentionally shut down. Unexpected peaks in demand for production systems could be a sign of a successful sales or marketing campaign. Therefore, there is no reason to shut down servers used to sell your products and rain on the parade.
3. Resource provisioning
A main selling point for hybrid clouds is they allow users to run jobs either on-premises or in a public cloud, depending on which is the better option for an organization. And while that may sound simple enough, complications can arise.
Before running any jobs, ensure that suitable machine images are available. One way to deal with this is to use configuration management tools, such as Chef or Puppet, in public and private clouds. Configuration management tools automate the image-build process and reduce the possibility of misconfiguration errors. There's no reason to waste hours of runtime only to find out your machine image is missing a package or is without a library that's needed to execute part of your workflow.
Another option is to deploy your applications using container technology from Docker. Developers and system administrators can easily create containers that include all necessary components and then deploy those containers to repositories. As long as a virtual machine supports Docker, users can deploy containers without concern for lower-level operating system details, such as ensuring the right C++ compiler or Python package is installed on the image.
A third option is using hybrid cloud management platforms such as Abiquo or Red Hat CloudForms. These tools provide self-service portals, request management, quota enforcement, workload lifecycle management, monitoring and policies that control usage and access.
Consider how data flows between applications hosted in the private cloud and those in the public cloud. If you implement a virtual private cloud in the public cloud and phase in a virtual private network between the on-premises and public cloud infrastructure, sensitive and private data may be allowed in the public cloud.
Additionally, monitor the data flow volume. It may be necessary to move large volumes of data from the private cloud to the public cloud, especially when dealing with big data analytics. If this is the case, allocate sufficient time to transfer data to the public cloud.
In some cases, it may be more effective to replicate data between the private and public cloud -- this way data is constantly available in both clouds. Replicating data can help avoid network latency issues, especially with analytics applications. However, the cost of storing data in the cloud has to be weighed against the performance benefits of having replicated data in the cloud.
Security, account management and billing, and resource provisioning are the pillars of effective hybrid cloud management. Security best practices are well established, but accounting, billing and resource provisioning are highly dependent on your particular requirements.
About the author:
Dan Sullivan holds a master of science degree and is an author, systems architect and consultant with more than 20 years of IT experience. He has had engagements in advanced analytics, systems architecture, database design, enterprise security and business intelligence. He has worked in a broad range of industries, including financial services, manufacturing, pharmaceuticals, software development, government, retail and education. Sullivan has written extensively about topics that range from data warehousing, cloud computing and advanced analytics to security management, collaboration and text mining.
Frequently asked hybrid cloud management questions
Top five hybrid cloud tips of 2014
How to keep up with hybrid cloud management software complexity