Organizations are migrating workloads to the public cloud, as well as implementing private clouds in-house. As these forms of cloud computing take hold, large and small businesses are focused on a hybrid cloud strategy to bridge the two models.
What is hybrid cloud?
A hybrid cloud is an amalgamation of technologies which include on premises, in-house or third-party private cloud, and public cloud services. These various technologies are connected through a WAN and integrated through orchestration techniques to create a single seamless logical entity that moves workloads between local, private and public clouds as computing needs or cost models change. Ideally, a hybrid cloud provides businesses with greater flexibility and alternatives for workload deployment without unwanted tradeoffs, such as migrating traditional VM workloads to cloud instances or developing cloud-native applications tied to a specific provider's services.
Hybrid clouds can be challenging to build and maintain. An enterprise has no direct control over the public cloud, so it must architect a private cloud to be compatible with the intended public cloud (or multiple clouds). Compatibility includes suitable compute, storage and networking hardware, along with compatible virtualization and private cloud software, such as OpenStack, to provide desired private cloud services. This requires substantial expertise from enterprise cloud architects.
The most critical consideration is to implement a private cloud software stack that is compatible with the target public cloud's APIs and services. Without this compatibility, workloads and data cannot move seamlessly from private to public clouds and back.
Hybrid cloud benefits
Even though there's considerable investment and effort involved, there are five main benefits of hybrid cloud that make it worthwhile for enterprises.
1. Cost control. A business must be prudent about the workloads and services that run in its private cloud.
A private cloud is deployed on data center infrastructure that the enterprise controls and operates, and this requires a significant investment of capital, equipment and talent to deploy and maintain. Although a private cloud can parse and provision local resources in a cloud-like manner, the private cloud infrastructure is still finite.
An enterprise can mitigate costs with a connection between its private cloud and a public cloud. The connection helps smooth spikes in demand, drawing upon public cloud resources when local demand stresses capacity. Similarly, the public cloud suits temporary, experimental or general-purpose workloads the company does not want to source, set up and manage in-house. Use finite private cloud resources for critical data and workloads -- or simply run workloads where the costs are lowest.
The cost benefits of hybrid cloud also provide clarity on where the money goes. A hybrid cloud can make it easy to divide IT consumption into capital and operational costs. Enterprises can use tools to monitor cloud usage, and obtain detailed reports on utilization -- and the cost of cloud services -- by department and workload.
2. Flexibility and scalability. Agility is a core premise of cloud computing. A private cloud provides some provisioning and scaling agility, but the amount of available resources in a physical data center is still limited. In contrast, public cloud users can immediately deploy compute and storage instances, as well as related services, without constraints on resources. However, moving a local workload to the public cloud often demands at least some migration prep work.
Consistency is one of the main benefits of hybrid cloud. It is easier to create, shift and scale workloads and resources if the private cloud offers instance types and services that are similar to the chosen public cloud. This consistency enables enterprises to provision and use private cloud resources when it's appropriate and cost-effective, then easily draw upon resources from the public cloud when necessary.
3. Security. Security is a core focus for many enterprise IT teams -- data and the workloads that access it are vital business assets. A main security concern in public cloud is that the infrastructure is the exclusive property of the provider. The user cannot see or control this cloud infrastructure. Additionally, the cloud provider takes on responsibilities to secure users' environments in the cloud, but is rarely responsible when a breach or other malicious activity occurs.
In many cases, the best way to protect data is to keep it on premises. The most sensitive data and critical applications stay within the owned data center on a private cloud where the organization's IT staff maintain and safeguard the assets. With a combined public and private environment, enterprises gain some amount of common hybrid cloud oversight. Best practices and tools -- such as Trend Micro Deep Security, McAfee Hybrid Cloud Security products and IBM hybrid cloud infrastructure -- can help organizations monitor, discover and report security issues across hybrid cloud environments.
4. Compliance. One advantage of public cloud is its global reach and abundant nature. Ideally, networking, storage and computing technologies support most workload operations from data centers located almost anywhere. It should not matter where a workload resides in the public cloud provider's fleet of data centers. However, national boundaries can come into play, with regulatory limitations on where companies store data and operate computing workloads. This complicates the move to purely public cloud for some multinational organizations.
With a hybrid cloud, a business can operate sensitive workloads in its private cloud and move data to and from the public cloud as the regulatory landscape changes, or as data and workloads evolve. For example, an organization could collect personally identifiable customer data in a private cloud, sanitize it, and send it to a public cloud application for processing or analysis.
5. Uniformity. Lastly, hybrid clouds, in theory, support greater standardization in IT management practices. However, in practice, organizations often struggle to create that uniformity. IT staff does not want to assemble and operate a private cloud, based on OpenStack or another framework, then develop workflows and cobble together services that are hopefully consistent enough with a public cloud provider to make hybrid work. That's a time-consuming, error-prone and expensive endeavor.
Public cloud providers have become more sensitive to the importance and benefits of hybrid cloud, as well as the challenges of integrating private and public environments. Today, top cloud providers offer various services that focus on hybrid needs. One example is Microsoft Azure Stack, which enables a business to deploy Azure capabilities in on-premises systems. AWS Outposts similarly offers capabilities for a hybrid cloud setup based on AWS services. Another option is VMware on AWS, a partnership designed so users can integrate their on-premises VMware environments with Amazon's cloud. With public cloud providers on board with hybrid cloud management, businesses don't need to construct a complete environment top to bottom. Instead, they simply extend the virtualized data center into familiar services in the cloud.
Disadvantages of hybrid cloud
Although the potential benefits of a hybrid cloud can be compelling, there are also numerous hybrid cloud disadvantages to consider, mainly related to complexity issues.
Architectural complexity. The design and implementation of a hybrid cloud is a detailed undertaking, and often requires the service of a skilled cloud architect to implement properly. While the underlying hardware can be relatively straightforward, the private cloud software stack can be complicated to master. Cloud architects must build resources and services within that private cloud stack, and have a mastery of the intended public cloud so that resources and services align properly. This raises the bar for change management and software stack patches and upgrades.
Security complexity. Hybrid clouds can be strikingly difficult to configure and secure. IT staff must implement and manage not only authentication and security for private cloud (local) workloads and data, but also comprehensive authentication and access control for public cloud resources and services. Security settings for the two realms must remain consistent and complementary, and a change in one cloud may need to be reflected in the other. Oversights or errors can expose vital data and workloads to unauthorized access and loss.
Troubleshooting complexity. Problems in a hybrid cloud can be troublesome to isolate and mitigate. Administrators rely on detailed logs and tools to identify problems, and the troubleshooting process can vary between private and public clouds, depending on where the actual trouble is pinpointed. Efficient troubleshooting can require the services of highly experienced administrators and cloud engineers. For example, a private cloud offers complete visibility into the underlying hardware and software stack, while a public cloud only offers the visibility and control that is supported by the public cloud provider's tools.
Hybrid cloud considerations
Enterprises can adopt several tactics to help mitigate the disadvantages of a hybrid cloud and enhance the success of any hybrid cloud project.
Understand security. The team responsible to implement and manage a hybrid cloud deployment should master cloud configuration and security. It's worth investing in the training and expertise to secure the private cloud as well as the intended public cloud -- those configurations must work together seamlessly, but the knowledge base cannot be gleaned overnight. Some organizations will spend considerable time and effort to experiment and run proof-of-principle deployments before they architect an actual deployment for production. Enterprises also should carefully document and manage security to maintain business and regulatory compliance.
Use encryption. Data is an organization's most valuable asset, and encrypting that data at rest and in flight can help to mitigate loss or theft when intruders manage to slip past a security vulnerability. Today, comprehensive encryption should be standard practice within both private and public cloud storage.
Move workloads with care. Hybrid clouds' flexibility doesn't remove the need for strategic decisions about workload deployment. Not all workloads are appropriate for each cloud type. Business and regulatory concerns may demand that some workloads remain in a local data center, while other workload types may be entirely suitable for public cloud deployment. Organizations must understand where that line is for their own industry and make deployment decisions accordingly.
Use automation and orchestration. Clouds are not intended to be manually-controlled entities. Both private and public clouds, as well as the hybrid clouds that are created from them, depend on a substantial amount of automation to ensure that services and resources are implemented as uniform and consistent processes. Automation is matched with orchestration which actually carries out the automated tasks.