Hybrid cloud doesn't magically coalesce out of a primordial soup of public and private cloud services. It takes some planning and forethought to make it all work. But in the end, it's worth the trouble.
That's the gist of the latest work from the Hurwitz Group, a book titled Hybrid Cloud for Dummies, (Offered through the IBM developer site.) Its authors, Judith Hurwitz, Marcia Kaufman, and Daniel Kirsch, observe that to make the best connections, you need a blend of the right tools, technology and talent.
"Integrating best practices combined with new innovative technologies is a key to a well-executed hybrid cloud," they point out. "There are a number of enabling technologies that have to be put in place in order to enable a hybrid cloud to operate to support changing business requirements."
Here's how it may all work, in a hypothetical scenario for hybrid cloud the authors lay out:
"A company may use its data center to manage customer transactions. Those transactions are then connected with a public cloud where the company has created a web-based, front-end, and a mobile interface to allow customers to buy products online. The same company may use a third-party managed service that checks credit for anyone paying on an installment plan. There may also be a series of public cloud-based applications that control customer service details. In addition, the company may need to use extra compute capabilities from a public cloud provider during peak holiday periods. In addition, the company will use a public cloud to experiment with prototype business models."
Here are seven key elements to making a hybrid cloud a well-connected hybrid cloud:
Integration. Hybrid cloud requires integration on many levels, the authors state. "What services do you need to integrate data and process in your hybrid environment? You need to integrate data across your own company and with partner data and public data sources." This may consist of social media data, third-party data, and internal corporate data. But it integration isn't just limited to data -- applications need to be integrated as well, they add.
Data localization. In many cases, for various reasons from regulations to performance concerns, data will need to stored and maintained either on-premises or close to the organization's physical location.
Operational visibility and management. While customers want to see applications as coming from one single well-managed environment, IT managers and administrators need to be able to see all the working components behind the services -- whether on-premises or coming from somebody else. "Accomplishing this task requires a platform that's able to discover the underlying services and infrastructure," the Hurwitz analysts state. "It must be able to monitor those services so there's clear visibility so the entire environment can be controlled in a predictable manner.This means being able to monitor and control not just internal services but those services that are owned and controlled by third-party public cloud vendors or managed services providers."
Workload management. This is key when managing and offering a set of pooled resources that come from both inside and outside the walls of the enterprise. "Managing workloads is foundational to the cloud," the authors point out, adding that cloud service providers tend to create a multi-tenant environment to support the deployment of these resources." In addition, policies and business rules are needed to understand and monitor information about workloads. "For example, it will be important to determine where a workload needs to be located for either performance or compliance requirements."
Security. Security should be managed based on an "open governance model," the Hurwitz team advocates. "Security is an essential component of the unified architecture for a hybrid cloud. The increase in connection points adds a multitude of vulnerabilities to the applications and overall IT environment. It is hard for many companies to keep abreast of changing security risks. Even the most experienced security expert is always playing catch up with the last security threats." They recommend a consistent and comprehensive security strategy, which may include "using a cloud-based development platform with built-in security services" that even less-experienced administrators will be able to safely manage.
DevOps: It's extremely important to be able to manage application lifecycles -- from development to deployment to upgrades -- no matter where they are coming from. "Organizations need a single unified way to manage and synchronize applications and data across public and private clouds." The authors recommend, for example,"a single federated catalog and operations console for public and private PaaS."
Portability. With change as the only constant these days, organizations need to be able to move applications and services from any environment to any other environment -- no matter of its cloud or on-premises. Vendor choice should not matter as much as it used to. "With emerging standards and open technologies,you become less dependent on one implementation of a cloud and gain interoperability no matter which vendor's services you use," the authors state. Container technology and microservices are making this kind of fluid movement possible.