E-Book: Clearing Up the Cloud

Page 1

Clearing Up the Cloud: A COMPREHENSIVE STRATEGY GUIDE FOR EVALUATING THE FUTURE OF YOUR INFRASTRUCTURE An e-book by ADAPTURE

2

ADAPTURE /// Clearing Up the Cloud


Clearing Up the Cloud: A COMPREHENSIVE STRATEGY GUIDE FOR EVALUATING THE FUTURE OF YOUR INFRASTRUCTURE An e-book by ADAPTURE

2

ADAPTURE /// Clearing Up the Cloud



Contents

4

6

Introduction

8

It’s All About the Application

10

Everything is Hybrid Cloud

16

Benefits: How Cloud Enhances Your Operations

26

Considerations: Cloud Isn’t Magic

34

About Us

ADAPTURE /// Clearing Up the Cloud



Introduction

“Cloud is better.” You have probably heard this on numerous occasions from varying sources. Yet, peppered within the accolades, you still come across certain levels of mistrust and skepticism. From one camp, you hear nothing but praise for the technology and generic promises of increased efficiency, greater flexibility, and reduced cost. From the other camp—and all those in between—you’ll hear from naysayers who tout their intrinsic mistrust of cloud security and its architecture, asking you why you would put your data “out there for people to hack it.” As if the dichotomy of voices wasn’t conflicting enough, you have also had to wade through the litany of ambiguous cloud terms that people throw around in conversation. Worse still, this terminology often has a different meaning or purpose depending on who you are speaking to. And unfortunately, that’s just how it is. Due to accelerated market growth and constant technological evolutions, some of cloud’s most basic terminology can be confusing.

We want to set the cloud record straight.

6

ADAPTURE /// Clearing Up the Cloud


We will outline ADAPTURE’s view of cloud while pulling directly from NIST and the Cloud Security Alliance to inform our cloud definitions. In the process, we plan to debunk some of the cloud myths floating around and to rectify some common misconceptions—our goal is to provide you with concrete reference material as you consider a migration to public cloud.

We’ve got a lot of ground to cover, so let’s start clearing up the cloud.


It’s All About the Application

Before we get too far, we need to talk about the lens through which we view all infrastructure conversations—your applications.

You should never get cloud just to get cloud. You need to analyze your applications to determine if cloud is the right fit for your company’s needs. We get it. It’s easy to think about cloud in terms of its infrastructure. After all, one of the primary draws is to replace your existing hardware in some capacities. However, rather than an infrastructure-first approach, you should be looking at cloud and your on-premise systems with an application-first mentality. Where an app resides is not as important as what an app needs. Think carefully about your enterprise applications: »» What do they need to run? »» What do you need them to accomplish? »» Who uses them (both internally and externally)? »» What kind of workloads do you need them to support? »» Are they written to scale up or scale out?

8

ADAPTURE /// Clearing Up the Cloud


While this is obviously not an exhaustive list, these questions should at least get you started down the right path of assessment and analysis. An application-first mentality will help you best determine where you should host your apps, whether it be on bare metal servers, in a private cloud in your own data center, or in multiple public cloud environments.

Cloud is not always the answer. But when it is, you need to be able to determine in what capacity—and in what way—your company should use it. Analyses finished? Excellent work. Still thinking that cloud is the right answer for your application needs? Now we can focus on the infrastructure. Let’s start by defining the basics elements of cloud itself.


Everything is Hybrid Cloud

These are the fundamental categories of cloud i

PUBLIC CLOUD

PRIVATE C

The cloud infrastructure is provisioned for

The cloud infrastructur

open use by the general public. It may be

exclusive use by a s

owned, managed, and operated by a

comprising multiple

business, academic, or government

business units). It may b

organization, or some combination of them.

and operated by the o

It exists on the premises of the cloud provider.

party, or some combina

may exist on or off pre

1

10

THE NIST DEFINITION OF CLOUD COMPUTING: HTTP://NVLPUBS.NIST.GOV/NISTPUBS/LEGACY/SP/N

ADAPTURE /// Clearing Up the Cloud


infrastructure as defined by NIST 1:

CLOUD

HYBRID CLOUD

re is provisioned for

The cloud infrastructure is a composition of

single organization

two or more distinct cloud infrastructures

consumers (e.g.,

(private, community, or public) that remain

be owned, managed,

unique entities, but are bound together by

organization, a third

standardized or proprietary technology that

ation of them, and it

enables data and application portability

emises.

(e.g., cloud bursting for load balancing between clouds).

NISTSPECIALPUBLICATION800-145.PDF


Everything is Hybrid Cloud

There are also a few different service models tha defines2 these services models as follows:

SOFTWARE AS A SERVICE (SAAS) The capability provided to the consumer is to use the provider’s applications running on a cloud infrastructure. The applications are accessible from various client devices through either a thin client interface, such as a web browser (e.g., web-based email), or a program interface. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user specific application configuration settings. 2

12

PLATFORM AS (PAA

The capability provided to deploy onto the cl consumer-created or ac created using progra libraries, services, and the provider.3 The co manage or control th infrastructure includin operating systems, o control over the deploy possibly configuratio application-hosting env

THE NIST DEFINITION OF CLOUD COMPUTING: HTTP://NVLPUBS.NIST.GOV/NISTPUBS/LEGACY/SP/N

ADAPTURE /// Clearing Up the Cloud


at describe how cloud can be delivered. NIST

S A SERVICE AS)

d to the consumer is loud infrastructure cquired applications amming languages, d tools supported by onsumer does not he underlying cloud ng network, servers, or storage, but has yed applications and on settings for the vironment.

INFRASTRUCTURE AS A SERVICE (IAAS) The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, and deployed applications; and possibly limited control of select networking components (e.g., host firewalls).

NISTSPECIALPUBLICATION800-145.PDF


Everything is Hybrid Cloud

While there are different deployment categories and service models, it is important for you to understand that cloud versus on-premise is not as black-and-white as you might initially think.

In fact, our experts at ADAPTURE will tell you that “everything is a form of hybrid cloud.” There is very rarely an instance of simply private or public. When you decide to move a greater portion of your operations to cloud, you more than likely will not move to private or public cloud exclusively. You will always, in some capacity, have infrastructure locally, especially networking. For instance, some applications might need to be kept on legacy equipment due to software limitations. You might use Office 365 for file sharing and email platforms, while other select data needs to remain on-premise due to stringent compliance requirements. You may need to rely on public cloud for burstability when workloads overwhelm your on-premise servers. Others may use AWS for failover and redundancy purposes. Whichever way you choose, you will find that you are still using a combination of on-premise hardware, private cloud computing, and/or public cloud infrastructure to best suit the needs of your applications, employees, and end-users.

14

ADAPTURE /// Clearing Up the Cloud


Even now, you are most likely operating off some form of hybrid cloud. If you are using one cloud service—even if the remainder your operations reside in your private data centers—you could be considered “hybrid.” Because you might already be a hybrid company, we should talk about how you can take advantage of the benefits by further investing in hybrid cloud. So, let’s talk about what drew you to cloud infrastructure in the first place.

Benefits: How Cloud Enhances Your Operations On a rudimentary level, cloud’s virtualized infrastructure removes the need to think about hardware entirely. Cloud still relies on physical hardware to operate, of course, but this hardware is designed to be more efficient due to the organic dispersal of VM workloads— when at all possible, every server is used to a full, but healthy capacity. All of this happens behind-the-scenes and is managed by world-class teams that support that infrastructure. The result is that you pay only for what you need, when you need it rather than constantly upgrading and scaling your hardware to your company’s fluctuating needs.


Benefits: How Cloud Enhances Your Oper

Cloud Can Flex More specifically, cloud offers you flexibility, agility, and scalability. We understand that these terms may sound relatively similar, but each term, as defined by experts at ADAPTURE, covers a very specific benefit of cloud technologies.

FLEXIBILITY According to the cloud experts at ADAPTURE, cloud flexibility “enables the creation, deletion, and modification of virtual servers on an as-needed basis,” depending on what your company requires at a given time. The very nature of modern cloud architecture eliminates the previous age’s necessity for siloed hardware environments. For example, instead of your company having thousands of separate servers for individual computing tasks or applications, cloud offers a single platform that gives you the ability to deploy a vast spectrum of applications. At the same time. Inside the same environment. Once you have migrated to cloud, you are no longer limited to the hardware or software that you have in-house, even in the face of extreme growth or sudden market changes.

16

ADAPTURE /// Clearing Up the Cloud


rations


Benefits: How Cloud Enhances Your Op

18

ADAPTURE /// Clearing Up the Cloud


perations

AGILITY Cloud’s agility—or speed-to-market—is the driving force behind its flexibility. As we just mentioned, the cloud enables several applications to run simultaneously within the same environment, but cloud’s agility gives it the speed and efficiency to adapt quickly to the demands of businesses and their market fluctuations. “Ultimately,” Abdalla explains, “agile cloud not only improves operational efficiencies, it also may reduce software development and deployment times.” More specifically, cloud agility grants companies the freedom to spin up or spin down a virtual server immediately (measured in seconds or less) and on demand. Before cloud, if you wanted to run multiple marketing campaigns at the same time, you would have had to purchase a series of new servers to manage the additional computation requirements. Unfortunately, once those campaigns were over, you could be left with idling hardware that costs your business money until the next round of campaigns. However, thanks to agile cloud, you now can pay for the virtual server power you need when you need it, and stop paying for it once you don’t.


Benefits: How Cloud Enhances Your Ope

SCALABILITY Scalability is a feature of cloud services that “enables increased resource utilization for an application in reaction to increased requirements,” says Abdalla. Sometimes referred to as “burstability,” scalability does just that—when end-user demand increases or seasonal workloads intensify, cloud can provide bursts of additional resources as needed. While this kind of rescaling is typically done to a larger size or higher quantity, this same ability to “rise to the occasion” works in reverse. As soon as your company no longer needs the additional resources, the rescaling is brought back down to its original steady state. You are billed only for what you use, for as long as you use it.

Pay Per Use Cloud’s all-inclusive nature—its flexibility, agility, and scalability— effectively eliminates the need for you to manage hardware procurement to keep up with your company’s growth and the evolution of your applications. And you get to use and pay for the resources only when you need them.

In short, cloud will bend when your needs do, so why not let it do all the flexing? And as we will see in the next chapter, cloud can reach into new types of infrastructure and new regions as well.

20

ADAPTURE /// Clearing Up the Cloud


erations


Benefits: How Cloud Enhances Your Ope

Ready Access to Specialized Infrastructure Moreover, because of the extensive computational resources established by cloud providers, you have quick access to specialized infrastructure. Providers like Google and AWS have modified server space for big data analytics and other highlycustomizable workloads. Normally, in the face of highly-specific projects like these, you would need to purchase a series of all new hardware, hire a workforce of experienced technicians to manage it, and then spin up the necessary software (e.g. Hadoop for Big Data) just to accomplish this one project. With cloud, you can access the necessary specialized infrastructure quickly and then spin it back out once you are through. Again, you only pay for what you use for as long as you use it.

The Geography of Cloud We’ve talked about the adaptive benefits of cloud, but what about the geographic advantages that cloud offers through its availability and resiliency?

22

ADAPTURE /// Clearing Up the Cloud


erations

Geographic availability means just what it says. Public cloud providers have established data centers all over the world, enabling you to spin up workloads in almost every conceivable region. If you need better proximity to a certain site or client base, you can establish nodes in the closest datacenter, decreasing round-trip times and increasing workflow. If you have clients in the EU with regional storage requirements, you can replicate and spin up the necessary applications in an EU-based datacenter to meet compliance standards. Large public cloud grants you global reach for application and service. Geographic resiliency, on the other hand, still uses data centers in various regions, but deploys this global reach for failover purposes. Say, for instance, you house your main cloud operations in AWS in US-East4. However, if for some reason that region goes down for any amount of time, you will need to have made plans for service continuity and failover. Namely, by replicating or backing up your operations in a different region, like US-West1—a region that is far enough away from the original to mitigate the chances of both regions failing at the same time—your company will experience little to no disruption of service when failures occur.


Benefits: How Cloud Enhances Your Ope

Remote Locations and Security To some degree, cloud’s geographic spread enables adaptability in addition to increased security. And while we don’t have time in this installment to cover the entirety of cloud security, we can certainly cover the elements most relevant to our current conversation. For instance, public cloud regions span the globe, but their physical data centers are often established in obscure, remote areas (often more remote than your own corporate locations). These decisions are tactical in nature. Through choosing remote locations, public cloud providers are surreptitiously layering physical security on top of their existing cybersecurity protocols, making any physically-based attack more difficult to execute. More importantly, however, public cloud providers have extensive security teams at each of their locations, which monitor the premises 24/7.

They have one job: protect and secure the infrastructure. Public cloud offers you access to entire teams who have dedicated their careers strictly to physical and digital security. You have an entire business to run, with countless other areas that demand

24

ADAPTURE /// Clearing Up the Cloud


erations

your attention. Rather than allotting only a percentage of your resources to asset security, why not let public cloud grant you 100% dedication?

More to Be Discovered Much like the list of application questions we asked you at the beginning of this eBook, this list of cloud benefits is by no means an exhaustive inventory. But it’s a good start in giving a general overview of what cloud can do for your company. That is, if cloud is the right fit for your applications. Just think, if the high speeds of technological advancement continue as they have in recent years, that list of benefits is sure to continue to grow as more offerings are made available. And we are excited to discover those added benefits with you.

But to be fully comprehensive in our analysis, we need to talk about the potential drawbacks of cloud.


Considerations: Cloud Isn’t Magic

We will be the first to admit that cloud is not always the best solution. It’s not perfect. We warned you before not to get cloud “just to get cloud”—even if it does seem to be all the current rage in the IT industry. Careful evaluation of cloud benefits in congruence with its drawbacks is an essential step in the decision-making process, and any good argument welcomes counterarguments for its own validity. Let’s take the time to weigh the cons of cloud against its pros.

26

ADAPTURE /// Clearing Up the Cloud



Considerations: Cloud Isn’t Magic

Cloud Gives You Less Control By nature, public cloud can only grant you limited control. You must operate in the context of the cloud provider’s environment and supported features. For instance, if you specifically wanted Dell servers, Intel processors, and Samsung SSDs, you’d be out of luck because you no longer get to choose what hardware your applications run on. The same can be said for hardware services and maintenance. Your knowledge and say-so is limited to what the public cloud provider allows and shares with you. Similarly, you have limited visibility at the infrastructure level. You are only able to see what your provider decides to share with you about your uptimes, the number of instances that you are running and where, how stable they all are, etc. Moreover, you are limited in your ability to troubleshoot your underlying infrastructure. In some cases, troubleshooting and smart-hacks can be implemented at the physical server level to enhance performance, but that ability is lost once you migrate your applications to cloud. There is only so much troubleshooting that can be done virtually. On the bright side, because of the highly flexible nature of cloud, you may be able to avoid troubleshooting specific instance problems, opting instead to kill them and spin up a new one if it goes awry—that’s the cloud version of “just restart it”.

28

ADAPTURE /// Clearing Up the Cloud


Percentages and Guarantees In addition to lack of control and visibility, public cloud cannot always guarantee uptime. While there are uptime guarantees as the regional level— although at 99.95% they’re lower than what you might see in wholly-owned hardware—there is no guarantee for specific instances within that region (see S3’s recent outages following human error and inadequate failover protocols). Essentially, there is no guarantee that your particular VM will be running even a minute from now. This is where the architecture of your applications comes into play. (You’re still taking an applicationfirst approach, right?) To mitigate service and data interruptions, your applications must be built to survive instances being killed and spinning back up on a different server. Check out NetFlix’s Simian Army for an example of the type of resiliency required. If your application is architected such that it expects to always be running, then cloud may not be your answer.


Considerations: Cloud Isn’t Magic

Varied Performance and Limitations Performance also matters, and a move to cloud does not always guarantee faster computation times (depending on your existing infrastructure and how your applications are architected). Cloud might enable you to scale out more and move you geographically closer to your end-users, but at the same time, it introduces other issues like increased network traffic that may cause a hang-up in service if you’re not prepared for it. The fact of the matter is that the fastest possible way to run an application might be to install it on its own dedicated, bare-metal server. But the other side of that reality is that very few corporations have the budget (or need) for that level of hardware procurement and maintenance. As such, many turn to cloud and its ability to scale out architecture for thousands of instances to make their companies collectively faster.

While cloud is not a guarantee for the fastest solution, just like virtualization, it’s certainly more practical with real-world budget pressures. If the servers in your fully-owned data center are nearing time for replacement, a move to cloud infrastructure will almost always

30

ADAPTURE /// Clearing Up the Cloud


guarantee that your VMs will be running on ever-newer hardware, that there will be faster upgrades, and that there will be more consistent maintenance than you can plausibly support in your own on-premise environments. With these additions, speeds might actually improve compared to your current environment.

The (Obvious) Limits of Physics Don’t forget that speed is only as fast as its carrier.

Because cloud providers use fiberoptic networks, your instances are literally limited to the speed of light. As fast as that is (299,792,458 meters per second to be exact), light can only traverse from AWS Europe to East-US-2 in so much time. In the end, physics gets in the way. And once again we feel compelled to say: cloud isn’t magic. It can’t help you break the laws of physics.


Considerations: Cloud Isn’t Magic

32

ADAPTURE /// Clearing Up the Cloud


Misplaced Responsibility Despite the hype surrounding cloud, it is not a universal solution for data center woes—as much as we’d like it to be. What many people fail to consider is the residual responsibility that you carry even when the great majority of their processes are moved to the cloud. Depending on your platform—SaaS vs. PaaS vs. IaaS—you will still have varying levels of security, application, and software responsibilities. For example, if you make your applications porous to public internet and fail to instate the proper security protocols (i.e Password123 is not a secure login), then the subsequent hackings and infiltrations are your responsibility, not the cloud provider.

The cloud provider many even shut down instances or services if you pose a threat to their infrastructure or other clients. Cloud can be the solution to many of your hardware and processing headaches, but it is by no means a magic wand or a cure-all. Cloud may help your systems run faster and more efficiently, but it does not eliminate the need for hard work, both before and after the migration itself. As we’ve already established, cloud’s performance—depending on your applications— can be a mixed bag, so extensive testing must be run before fully committing to a cloud migration. And once that migration is completed, many responsibilities remain for the consumer.

Cloud computing is not equivalent to autopilot. At least not yet.


Cloud Clarity? Now that we’ve walked through some common initial questions, infrastructure definitions, the pros, and the cons, do you feel like you have a bit more clarity within the cloud ? Have you started vetting your applications and running the necessary diagnostics on your systems? Do you think that, in the end, the benefits outweigh the cons? If so, what drawbacks are you willing to mitigate to make cloud a reality?

It’s okay if you don’t have all the answers quite yet. Cloud migrations don’t happen all at once, so you shouldn’t make a snap decision either. Your organization’s move towards the cloud is a journey, and we’re here to help you every step of the way.

34

ADAPTURE /// Clearing Up the Cloud


Want to discuss your options for effectively deploying your applications in the cloud? Call 1 (888) 551-6344 and speak to of our ADAPTURE cloud specialists. We’ll guide you through the process and find the right cloud balance for you.