...building hybrid clouds that can support any device from anywhere
Let’s say that you have your private cloud the way you want it. You’ve got the self-service, the metered services, the elasticity and the pooled resources and it’s running just the way you want. But then one day the boss comes in and says “we’re expecting a big spike in utilization next month and we need to get things going by next week”. ACK! There’s no way you’re going to be able to go through the procurement and installation processes that fast. What to do?
That’s where the hybrid cloud comes in. In this article, Michael Lubanski talks about hybrid cloud and how it can solve this and other problems you’ll encounter now and in the future. This is a great introduction to hybrid cloud, so if you’re not already a hybrid cloud expert, take ten minutes over coffee and give this a read.
By now, you know what a Private Cloud is and what it can provide. You should also have an idea of what Public Cloud entails. Popular public clouds include Microsoft Windows Azure and Amazon Web Services. The key difference between the two is in the name of the cloud itself – Private vs. Public. While a Private Cloud is dedicated to only you, a Public Cloud is shared amongst many companies.
You may have also heard of a Hosted Cloud. A Hosted Cloud may be hosted by a service provider, yet still a dedicated Private Cloud; the main difference being the physical location of the hardware behind the cloud. A Hoster will “host” the hardware in their datacenter instead of inside a customer’s datacenter, but still dedicate it to the customer.
A Hybrid Cloud is simply a combination of two or more different cloud platforms that can be used together. A Hybrid Cloud is comprised of pieces of a Private, Public or Hosted cloud all interconnected and working together.
Just having a Private Cloud and a Public Cloud does not give you a Hybrid Cloud. The key is the connection between the two. This is often achieved with a Virtual Private Networking (VPN) solution where resources from one cloud can securely communicate with resources in another cloud. Rather than being two different clouds, they can now act together as one, exchanging data between servers in each location. When this secure connection is in place to share data between the clouds, you then have a Hybrid Cloud.
With this in place, you can now increase the capacity of your cloud simply by requesting new resources from your Public Cloud provider and adding them to your trusted network or VPN connection, instead of having to purchase new servers for your Private Cloud. These two clouds can also be federated so that security authentication can take place within the Hybrid Cloud. For example, an Active Directory domain controller can be maintained in the Public Cloud space to authenticate resources, while securely synchronizing with the Active Directory domain controllers in the Private Cloud over the secure connection.
There are four main benefits of a Hybrid Cloud:
Let’s use the scenario of the National Football League. On Super Bowl Sunday, the NFL expects a huge increase in viewership and usage of its websites – www.nfl.com and www.superbowl.com. To meet this increased demand, the NFL can either purchase additional capacity for its Private Cloud or additional capacity at a Public Cloud provider. Adding capacity to a Private Cloud is both a capital expense (initial purchase) and operating expense (on-going maintenance).
Adding capacity to a Public Cloud is a temporary expense, e.g., the increased capacity to manage Super Bowl Sunday can be released after the event concludes. This temporary expense makes Public Cloud usage quite attractive when companies need temporary resources to survive a spike in demand, without a big increase in infrastructure in its Private Cloud. However, all of the data and content for the websites already sit in the NFL Private Cloud and there is no time to rebuild everything in a Public Cloud. This is exactly where a Hybrid Cloud provides benefits:
When working with a Hybrid Cloud, it is important to remember a few key elements. The primary one is data security. If synchronizing data between Private Cloud resources in a company-owned datacenter and Public Cloud resources in a who-knows-where it-is-but-not-company-owned datacenter, it is important to think about the type of data being stored in the Hybrid Cloud. Does the NFL want college football scores synched to Public Cloud resources? Sure, why not. Does the NFL want the social security number of all of its employees synched to Public Cloud resources? No! Therefore, it’s important to understand what kind of data will be stored in the Public Cloud through the VPN connection and the Hybrid Cloud.
The second concern is data loss and data backup. Once data resides in the Public Cloud, it is not necessarily guaranteed safe and you must still be concerned with data integrity or data loss. Having a backup copy of data that resides in the Public Cloud stored in a Private Cloud or Hosted Cloud would be a wise move. If, however, the data in your Public Cloud is just a copy of data that already exists in the Private Cloud, it may not be necessary.
Back to the example of the NFL, if they “bursted” out their www.nfl.com site with a Hybrid Cloud, the data on the Public Cloud side is mostly likely identical to the data in the Private Cloud, especially if it is just being used for scale-out purposes. In that scenario, any data loss in the Public Cloud would have minimal effect as the same data exists in the Private Cloud, too. The main point here is that any data stored in the Public Cloud must be considered for some kind of data backup or retention solutions, if it is any different from the data in the Private Cloud. Remember that you always have the option to move data back to the Private Cloud at any time.
What other concerns can you think about when using a Hybrid Cloud ?
Thanks! Michael Lubanski Americas Private Cloud Center of Excellence Lead Microsoft Services email@example.com
So, can you think of other concerns you would have with a hybrid cloud? What other questions would you have when it came to the security issues of connecting your private cloud to a public or hosted cloud? Would you segment the private cloud components away from the rest of your network? What kind of IDS/IPS would you need? Would you deploy the VPN as a “wide open” site to site VPN, or would you configure the VPN gateway to only allow the required protocols? Send us your comments or put them in the discussion box at the bottom of this article. Thanks!
Tom Tom Shinder firstname.lastname@example.org Principal Knowledge Engineer, SCD iX Solutions Group Follow me on Twitter: http://twitter.com/tshinder Facebook: http://www.facebook.com/tshinder
Go Social with Private Cloud Architecture! Private Cloud Architecture blog Private Cloud Architecture Facebook page Private Cloud Architecture Twitter account Private Cloud Architecture LinkedIn Group Private Cloud TechNet forums TechNet Private Cloud Solution Hub Private Cloud on the TechNet Wiki
Thanks for sharing