WHITE PAPER
The What, the Why and the How of Hybrid Cloud
ON
An Osterman Research White Paper
Published April 2016
SPON
sponsored by
sponsored by
sponsored by Osterman Research, Inc. P.O. Box 1058 • Black Diamond, Washington • 98010-1058 • USA Tel: +1 253 630 5839 • Fax: +1 253 458 0934 •
[email protected] www.ostermanresearch.com • twitter.com/mosterman
The What, the Why, and the How of Hybrid Cloud
EXECUTIVE SUMMARY
When we think about “the cloud,” it’s natural to focus on public clouds. But public is not the only type of cloud. Public clouds use proven technology that can also be applied to your own data center. If you use cloud technology in your data center, you can treat it as a private cloud — either on your premises or you exclusively rent someone else’s data center. But cloud technology also makes it easier to mix and match; it also gives you the flexibility to choose where an application is hosted, and to move it later. This then is the essence of hybrid cloud: With the benefit of cloud technology, you can move workloads between public and private clouds — or choose a combination of the two.
ABOUT THIS WHITE PAPER
In this white paper we discuss what hybrid cloud is, why it’s beneficial, and how to take advantage of it. We look at some of the barriers to public-cloud adoption while we cut through unnecessary technicalities to get to the heart of the matter. We also offer a brief overview of the sponsor of this paper and their relevant solutions.
THE WHAT OF HYBRID CLOUD CLOUD IS MORE THAN MERE HOSTED SOFTWARE
People often think that “the cloud” consists of applications that run in someone else’s data center, but there is an important distinction to be made between hosted software-as-a-service (SaaS) and cloud. SaaS is generally focused on an application that runs in a vendor’s data center, while cloud consists of remote computing resources, such as virtual servers, storage and other elements that comprise a computing environment. Cloud is more than just hosting an application elsewhere — it has a unique set of benefits, and is based on a specific type of architecture. SaaS is generally focused on an application that runs in the vendor’s data center, while cloud consists of remote computing resources, such as virtual servers, storage and the other elements of a computing environment. Cloud technology architecture permits the five business benefits of cloud, listed below (for an introduction to the technologies, see the section The How of Hybrid Cloud).
BUSINESS BENEFITS OF CLOUD
How can you tell it’s true cloud, and not just hosting or SaaS? Cloud brings several business benefits; here are our top five:
•
Elasticity, or “on demand” Cloud allows the server “horsepower” applied to a workload to grow and shrink as the demand ebbs and flows.
•
Zero CapEx Public cloud minimizes or eliminates up-front costs, such as the capital expenditure requirements for servers, load balancers and all of the other elements that comprise an on-premises data center, including the facility itself. Instead, the cloud provider sweats its capital by charging you on a “pay-as-you-go” model, typically based on usage.
•
Low OpEx Cloud minimizes operating expenditures because of the inherent economies of scale enabled by the technology.
©2016 Osterman Research, Inc.
1
The What, the Why, and the How of Hybrid Cloud
•
Secure multi-tenancy Your workload can run alongside other workloads — which may or may not be associated with your business — each completely independent of one another, with assured security. This ability to privately share infrastructure with other users is key to reducing operating costs.
•
Fast failover Outages, natural disasters and other disruptive events happen, even in the best IT shop. But cloud can allow workloads to quickly move from a failed data center to a backup location, ensuring uptime is as close to 24x7 as possible. While not all cloud offerings explicitly include this capability, customers can usually enable it. It’s typically far more expensive to use onpremises data centers for disaster recovery and business continuity.
SO WHAT MAKES A CLOUD A HYBRID CLOUD?
It’s too limiting to think about “The Cloud”. We’re now in the age of interconnected clouds. There many public clouds to choose from, such as Amazon Web Services, IBM Softlayer, or Microsoft Azure. You can also build a private cloud in a data center that’s owned or rented by your organization — typically on your premises (remember: Don’t confuse cloud with hosting, nor with SaaS). So a hybrid-cloud architecture allows IT to choose where data are located, and where that data is processed. Not only can you choose whether to use a private or a public cloud, you can also choose which public cloud to use. And you can revisit those choices, as situations change — for example, moving from public to private; or from Amazon to Softlayer. Moreover, be aware there are varying ways to describe “public” and “private” in the cloud industry.i For example, private clouds can also be built and operated by a cloud service provider, but on your premises.ii This offers similar on-demand, zero-CapEx benefits to those of public cloud. So a hybrid cloud uses a mix of public and private cloud resources. But which mix?
FOUR MAIN CLOUD CHOICE CRITERIA
In a hybrid cloud, IT will choose which cloud resources to use for a workload, aiming to make the best selection. But what do we mean by “best”? In brief, hybrid cloud allows IT to optimize for criteria that include: •
Total cost of ownership (TCO) One public cloud service might cost less for certain workloads than another. And certain large-scale workloads could be less expensive in a private cloud.
•
Performance Interactive workloads might not perform so well from a remote data center. So IT could prefer to host strategic workloads locally in a private cloud, while placing tactical workloads in a public cloud. (There’s more detail in the section, The Laws of Physics.)
•
Scalability Public clouds tend to be more flexible when workloads grow unexpectedly or peak temporarily. This is due to the pay-as-you-go model of most cloud services. Conversely, OpEx falls with reducing usage.
•
Regulation and risk You might need to keep certain workloads in a private data center. This need could come from external regulation, or from your own risk assessment. But situations can change, so planning a hybrid-cloud architecture now allows you to move workloads to a public cloud in the future.
©2016 Osterman Research, Inc.
2
The What, the Why, and the How of Hybrid Cloud
(This is just a brief flavor; we’ll discuss these criteria and more in the next section, The Why of Hybrid Cloud.)
IN SUMMARY
Think of hybrid cloud as a toolbox: The skill is to know which of the many tools in the box to use, and when to switch tools — or even to use several tools at once. In the survey we conducted for this white paper, we asked users which of 14 criteria would affect their decision to site an application in either a private or public cloud, either positively or negatively. Survey respondents felt strongly that regulation and risk would tend to dissuade them from using a public cloud. Conversely, respondents also felt that many of those same criteria are a positive for choosing private cloud. Respondents also said TCO would have a positive impact on their private cloud choice. However, the respondents were split when asked about other criteria, with no significant trend of opinion. Figure 1 shows the top drivers perceived as negative for a public cloud choice. Concerns around the safety of sensitive and confidential data are the leading negative drivers away from public cloud, with over half of respondents (56%) expressing it, while Figure 2 indicates that the majority of organizations (62%) believe the safety of sensitive and confidential information is a reason to adopt private cloud. Figure 1 Reasons Not to Choose a Public Cloud % Responding Negative Drivers Toward Public Cloud
Source: Osterman Research, Inc.
Figure 2 shows the top drivers perceived as positive for a private cloud choice (either run by the organization’s IT team or by a third party on premises).
©2016 Osterman Research, Inc.
3
The What, the Why, and the How of Hybrid Cloud
Figure 2 Reasons to Choose a Private Cloud % Responding Positive Drivers Toward Public Cloud
Source: Osterman Research, Inc.
We also asked users whether they thought their applications are more or less secure in a public cloud, compared to a conventional, on-premises architecture. The survey respondents showed a preference for the security of an on-premises application, as shown in Figure 3. While a substantial proportion of survey respondents believe the cloud is less secure, it is important to note that most leading cloud providers enjoy economies of scale, as well as a reputation to defend, and so can typically afford very robust physical and logical security capabilities more easily than most organizations that manage infrastructure on-premises. Figure 3 Perceptions About the Security of Applications Managed in a Public Cloud Relative to those Managed On-Premises
Source: Osterman Research, Inc.
©2016 Osterman Research, Inc.
4
The What, the Why, and the How of Hybrid Cloud
THE WHY OF HYBRID CLOUD
In the previous section, we talked about the four main criteria IT can use to decide whether a workload should be in a public or private cloud: cost, performance, scaling, and regulation/risk. In this section, we’ll look in more detail at why you might choose public, private or both.
APPLICATION LIFECYCLE
Put simply, you can think of the lifecycle of an enterprise application in five typical phases. Usually, each phase suggests a natural location for the workload: •
Prototyping and early development phase Initial development work is typically done on-premises — often simply running on developers’ own desktop machines, as opposed to “proper” servers. (A public cloud can also be appropriate, however.)
•
Later development and Beta-test phase As development matures, and as components from several developers are integrated, IT teams usually find it better to use a public cloud, to avoid CapEx — and to test that the workload can successfully be moved from one cloud to another. (It can sometimes be appropriate to use a private cloud, depending on risk or regulation, for example.)
•
Pilot and Gamma-test phase Initial live use of the application by a small, select group of sympathetic users will typically be in a public cloud. As part of this pilot phase, the IT team can gain experience about how the application scales, which will help decide where the next phase should be sited. (Again, it can sometimes be appropriate to use a private cloud.)
•
Majority production phase The main period of the application’s use, by the largest number of its users. During this phase, the application can be located in a public or a private cloud, depending on our four main criteria, plus the other considerations below.
•
Legacy phase Many enterprise applications remain important to a small group of users after they are otherwise “obsolete” — perhaps for archival purposes, or to service a niche need. Typically, you’d run these legacy workloads in a public cloud, because of the desirability of service continuity at low cost.
In our survey, we asked users which phases of its lifecycle they would be comfortable hosting an application in a public cloud. We also asked about the phases for which they would never be comfortable using a public cloud. Results broadly mirror our suggestions above: Survey respondents were very happy to use a public cloud for prototyping, development and pilot, but significantly less inclined to host an application in a public cloud during the majority production phase. Indeed, the only phase when a significant number of respondents would never use a public cloud is in majority production, as shown in Figure 4.
©2016 Osterman Research, Inc.
5
The What, the Why, and the How of Hybrid Cloud
Figure 4 Phases of the Application Lifecycle With Which Decision Makers Would be Comfortable or Uncomfortable Using a Public Cloud
Source: Osterman Research, Inc.
We also asked a series of other questions seeking respondents’ attitudes to deployment. The most notable conclusion: they were more likely to deploy onpremises or in a private cloud if the application was considered “critical and internalfacing.” For example, once a critical, customer-facing application had been thoroughly vetted and was fully operational, 38% of respondents told us they would deploy it in either a public or hybrid cloud; for a critical, internal-facing application, however, only 22% would do so. This suggests many IT managers still aren’t fully confident that a public cloud can provide the same quality of service – or security – as conventional deployments. It’s also notable that more than twice as many respondents said they were unsure how they’d deploy a “thoroughly vetted and fully operational” application, compared with an initial deployment. We also wanted to understand how organizations might choose to deploy an application, depending on the sensitivity of the information that it would manage. As shown in Figure 5, organizations deploying systems that manage customer-facing information are open to deploying it in a public cloud initially — and even more so once the system had been fully vetted. However, this is not the case for systems that manage highly confidential information, such as intellectual property, as shown in Figure 6.
©2016 Osterman Research, Inc.
6
The What, the Why, and the How of Hybrid Cloud
Figure 5 Preferences for Deploying a Customer-Facing Application
Source: Osterman Research, Inc.
Figure 6 Preferences for Deploying a System That Manages Highly Confidential Information or Intellectual Property
Source: Osterman Research, Inc.
HYBRID CLOUD LETS YOU OPTIMIZE FOR TCO Public clouds price their services differently to one another. And those prices can change. So, the ability to easily switch your cloud service provider is valuable protection against lock-in. Naturally, the cost models of public and private cloud are completely different. As a rough rule of thumb, a small-to-medium-sized workload on a public cloud service will
©2016 Osterman Research, Inc.
7
The What, the Why, and the How of Hybrid Cloud
cost significantly less than the equivalent workload in an on-premises private cloud that you own. When you analyze the total cost-of-ownership (TCO) — including such line items as amortized capital costs, fully-loaded people costs, and the cost of power — a workload typically needs to be extremely large for it to make financial sense to run it in-house. As workloads grow, there typically comes a “crossover” point, at which the TCO of private cloud is lower than public. A good example: Dropbox’s recent disclosure that it has moved the bulk of its 500 petabytes of customer file storage from a public cloud to a custom, on-premises file system, — the company made this move because of favorable economics, compared with the public cloud it was previously using.iii It’s important to note that different cloud service providers have varying ways of charging for usage, including time-based accounting, network charges, tiered storage rates, etc. There isn’t space in this paper to detail all the differences. From our survey, it’s clear that the IT decision makers and influencers we surveyed perceive TCO as an important driver of hybrid-cloud decisions. When asked about locating an application in a public or a private cloud, TCO was a fairly strong positive driver (36%) and an extremely weak negative one (12%).
HYBRID CLOUD PERMITS SPLIT USER POPULATIONS
In many cases, IT teams wish to segment their users into two or more groups. Hybrid cloud is a good way to support this type of deployment, either by dividing users into private- and public-cloud groups, or spreading them among more than one public cloud with differing characteristics. For example, in many organizations there’s a small, important group that requires a higher service-level agreement than the majority of users. This is the so-called “executive-floor server” scenario, in which IT wants to provide the most reliable and responsive service to its most important users. In this case, IT provides these few users a private cloud, no-expense-spared service — compared with the perfectly respectable, yet low cost public-cloud service that 99.9% of users receive.
HYBRID CLOUD AND TEMPORARY SCALING
Some applications have vastly variable requirements at different times. This might be due to unforeseen events — for example, a natural disaster causing a high rate of insurance claims. Or it could be a regular, planned-for event — for example, retail workloads around Black Friday. But it can be difficult or expensive for a typical data center to cope with growth that’s fast, temporary or unexpected. As we mentioned earlier, public clouds are inherently better at scaling up and down in response to demand. But what if your workload runs in your private cloud? In that case, it’s possible to temporarily augment it with public-cloud resources during those peak times . This is known as “cloudbursting” by some in the industry.iv In our survey, IT managers showed a significant preference for public cloud when the ability to quickly scale is important (39% of respondents).
HYBRID CLOUD IMPROVES UPTIME
Hybrid cloud lets you avoid a single point of failure; it helps you recover from disaster and continue to run your business. Many public clouds permit regional duplication in case of failure. And for the ultimate in reassurance, you can duplicate or distribute a workload across several separate cloud services. For example, the Apple iCloud service uses a hybrid mixture of its own private cloud, plus at least three public clouds — Google GCP, Microsoft Azure and Amazon Web Services.v
©2016 Osterman Research, Inc.
8
The What, the Why, and the How of Hybrid Cloud
Similarly, in case of disaster, a conventional on-premises application can be temporarily replaced by a public cloud. In simple terms, you create your own disaster-recovery service by mirroring a private cloud instance to a standby public cloud instance, or to another private cloud some distance away. Attention to disaster-recovery and business-continuity reduces unplanned downtime, but what about planned downtime? The ability to upgrade and patch workloads while they continue running is an inherent advantage of a cloud architecture (although there are other ways to achieve this in a non-cloud environment — e.g., sophisticated storage systems). This is what some in the industry are calling immutability or phœnix servers. It’s an important capability in “always on” environments. The beauty of this pattern is that it doesn’t require the application to be designed to support online upgrading — legacy, monolithic workloads can still be highly available. Simplistically, it involves cloning or re-provisioning the running workload to be upgraded, performing the upgrade, replicating changes made during the upgrade process from the live instance to the new one, and then cutting over to the new instance, with no noticeable service interruption.vi In our survey, IT managers showed a significant belief that a private cloud is a good place to site a workload if reliability and uptime are important (41% of respondents).
HYBRID CLOUD ALLOWS HYBRID STORAGE Some types of workload might benefit from storing different types of data in different clouds. For example, Dropbox stores user files in a public cloud, but stores the files’ metadata in its own data centers (although as noted earlier, Dropbox recently repatriated most of the files, thanks to improved economies of scale). In addition, regulatory issues or legal restrictions might limit the location for storing and/or processing the data of some customers, but not others — for example Dropbox will continue to use a public cloud service for its customers in certain countries, such as Germany.
THE HOW OF HYBRID CLOUD A BRIEF OVERVIEW OF CLOUD TECHNOLOGY
A true cloud is marked by a specific technology, which differentiates cloud from simple hosting or SaaS. That technology defines cloud, and it enables hybrid cloud. Any cloud needs some way to package up the applications to be run in the cloud; this is known in the jargon as virtualization. Such a technology lets the packaged workload run in your own private cloud or in a shared, public cloud. One of these packages can be run in a cloud environment, on any size of physical hardware available in the cloud data center. Crucially, virtualization also allows these packages to share a physical machine, and to be moved between physical machines — even between data centers — with essentially no interruption of service. Virtualization also ensures the workload’s secure independence from other workloads. It also offers a management framework for controlling how the workload runs.
PLANNING IS CRITICAL
As with many areas of IT and business, proper planning is crucial. While it’s impossible to fully predict the future, the reality of many data-center environments is one of fragile, legacy, “spaghetti” infrastructure. Such disjoint chaos can be difficult to unravel — not to mention expensive. That’s why it’s important to build a solid foundation on which to grow your hybrid-cloud future.
©2016 Osterman Research, Inc.
9
The What, the Why, and the How of Hybrid Cloud
The good news is there’s now a reasonably mature market of tools and services to help build your foundation. The early pioneers have already trodden the path, flattening down the major obstacles.
FOCUS ON FRAMEWORKS
As well as the base-level virtualization technologies that enable hybrid cloud, we recommend choosing appropriate frameworks. These will help you manage your workloads, and help you move them between clouds. In addition, storage and database vendors are increasingly offering frameworks to help migrate and mirror large, live data sets across clouds. For example, several popular cloud-storage architectures are based on the OpenStack framework.
AVOID LOCK-IN
We mentioned earlier that a hybrid cloud architecture allows you to avoid being locked in to a single public cloud service provider. The scenario to avoid is being stuck on an under-performing or over-charging cloud. When you approach IT from a hybrid cloud mentality, you naturally give yourself the option to move a workload in the future. However, it’s important to fully understand your cloud provider’s approach to its customers’ data. This is a critical consideration, since there are varying levels of ease/difficulty/expense with which data can be retrieved from a cloud provider, such as when data needs to be moved to another provider. If you wish to switch cloud providers, these types of issues might unexpectedly prevent your move, not to mention the potential for regulatory compliance failures. You should also clearly determine and specify who manages what as a service: Infrastructure, platforms, data and applications can all be managed by some cloud providers.
THE PSYCHOLOGY OF TERMINOLOGY
But IT managers shouldn’t underestimate the potential for confusion or inflated expectations among peers and internal, line-of-business customers. Confusion can arise thanks to the varied understanding of the word “cloud” — it can mean different things to different people. So, take care not to make assumptions about your audience’s level of knowledge. Similarly, by recasting existing, internal IT capability as “private cloud,” you risk setting unrealistic expectations. When referring to legacy workloads as “cloud”, take care lest your audience compares your performance against consumer cloud services. In our survey, the respondents were split when asked about service performance of public vs. private cloud, with no significant trend of opinion.
THE BAD NEWS: THE LAWS OF PHYSICS
And finally, no discussion of cloud would be complete without a realistic recognition of physical limits. With some types of workloads, interactive performance is critical to user satisfaction. However, the speed of light imposes an absolute limit on how quickly a server can respond — known as latency. In essence, the further away from the user a cloud service is, the poorer the perceived performance. Moving a performance-critical workload from an on-premises data center to a remote cloud might add unacceptable latency. This could make your choice of cloud service provider more complex. Also, the bulk data transfer speed between a user and a public cloud service is likely to be worse than with an on-premises data center.
©2016 Osterman Research, Inc.
10
The What, the Why, and the How of Hybrid Cloud
Similarly, when considering the migration of a workload between clouds, you should think carefully about how much bandwidth is available to transfer the virtualized workload and/or its data, and how the use of that bandwidth is charged. As we mentioned earlier, different service providers use different accounting models for data transfer. Internet speeds have improved immeasurably since he said it in 1981, but Professor Andrew S. Tanenbaum’s classic computer-science moral still holds true:vii
Never underestimate the bandwidth of a station wagon full of tapes hurtling down the highway.
SUMMARY Cloud architectural techniques offer huge value when used in your own data center. Plus, they permit you to easily move and share workloads between your data center and public cloud services. The benefits are clear: Hybrid cloud allows you to save money, while meeting business and regulatory needs. And early adopters have already flattened the pathways for you. However, there’s the danger of terminology confusion within the organization. And hybrid cloud isn’t a magic wand that can fix a badly planned or poorly performing application. Nevertheless, the shift to cloud is all-but inevitable, so grasp the opportunity.
SPONSOR OF THIS WHITE PAPER Move to the cloud—securely.
Cloud computing has changed the way business is conducted. Elastic compute, storage, and application usage increase innovation and collaboration for all lines of business. With an ever-growing number of connected devices, the cloud provides the ability to scale up or down to respond quickly to changing market conditions. Yet many organizations are hesitant to fully leverage the cloud, citing concerns about compliance, data loss, and unauthorized access. Cloud security solutions from Intel Security help organizations safely and confidently enable cloud services. Rather than adopting the security practices and policies of each cloud vendor, Intel Security solutions enable businesses to extend and apply their own access and security policies across any cloud.
www.intelsecurity.com @IntelSecurity
Our hybrid cloud security portfolio offers enterprises the secure visibility of workloads on-premises and off-premises, unified protection that can be deployed across all cloud infrastructures, and centralized management that provides coordinated detection of targeted attacks for faster remediation. www.intelsecurity.com/cloudsecurity
©2016 Osterman Research, Inc.
+1 888 847 8766
11
The What, the Why, and the How of Hybrid Cloud © 2016 Osterman Research, Inc. All rights reserved. No part of this document may be reproduced in any form by any means, nor may it be distributed without the permission of Osterman Research, Inc., nor may it be resold or distributed by any entity other than Osterman Research, Inc., without prior written authorization of Osterman Research, Inc. Osterman Research, Inc. does not provide legal advice. Nothing in this document constitutes legal advice, nor shall this document or any software product or other offering referenced herein serve as a substitute for the reader’s compliance with any laws (including but not limited to any act, statute, regulation, rule, directive, administrative order, executive order, etc. (collectively, “Laws”)) referenced in this document. If necessary, the reader should consult with competent legal counsel regarding any Laws referenced herein. Osterman Research, Inc. makes no representation or warranty regarding the completeness or accuracy of the information contained in this document. THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND. ALL EXPRESS OR IMPLIED REPRESENTATIONS, CONDITIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE DETERMINED TO BE ILLEGAL.
REFERENCES i ii iii iv v vi vii
blog.softlayer.com/tag/definition (one attempt to define “public” and “private” cloud) dincloud.com/blog/what-are-the-many-types-of-cloud (another attempt) www.richi.uk/cwa/3044261 (author’s roundup of Dropbox hybrid-cloud news) intel.ie/content/www/ie/en/cloud-computing/cloud-bursting-infographic.html (cloudbursting) www.richi.uk/cwa/3045439 (author’s roundup of Apple hybrid-cloud news) chadfowler.com/2013/06/23/immutable-deployments.html (immutability) Tanenbaum and Wetherall, Computer Networks, 5th ed., Pearson, 2011, sec. 2.2.1
©2016 Osterman Research, Inc.
12
