Hybrid IT is almost a given for anyone planning to take advantage of the benefits of cloud computing. For most midsize organizations, there will be good arguments for placing different applications and functions in different locations, perhaps due to differing security, compliance, governance or accessibility requirements. We’ve touched on some of the challenges and opportunities offered by hybrid IT and the need to manage a blended solution – but what about the practicalities? What things should be taken into account while developing and managing your hybrid deployment?
1. Demand management and capacity planning
Demand management, or scaling, is the first thing you must consider to meet client demand on any specific application. There are many methods of scaling an application, be it in "AWS or Azure, but an important question to ask yourself is how far you need to take the principals of scaling and automation.
The starting point for existing applications should be to consider lift and shift into cloud hosting as the cost of transformation may not always be justifiable. Cloud transformation should be assessed on a case-by-case basis since it’s important to consider if change will bring significant benefits and whether an unpredictable usage pattern exists to justify the costs.
Configuration management tools can reduce the necessary number of manual steps, and Ensono applies toolsets across hybrid solutions to provide a common approach to builds and tasks across the enterprise. The right tool needs to be applied for the job at hand, as not everything can be automated, and it’s important to know the limits of the technology and appropriately adapt. For instance, configuration management may not be fast enough to deliver scale on-demand, and where rapid scaling is required, Ensono uses baked-in Amazon Machine Images (AMI) which allow for almost instant scaling.
2. Insight and reporting
In order to capture, analyze and act on the data points that are picked up, you’ll need to consider your insight and reporting. Creating a monitoring toolset that can comprehensively cover a hybrid mix can fall somewhere between ripping out all of your existing toolsets and making the choice to not adopt any cloud specific toolsets at all.
If you already have a monitoring toolset, our advice is to first try extending what you have. If it’s not as solid as you need, you may have to consider replacement. Monitoring across a hybrid solution can be extremely complex; it’s compounded by the demands of cloud native technologies such as auto scaling or remote desktop status (RDS), where you cannot place agents on elastic load balancing (ELB) or RDS instances.
Consider accommodating additional scaling instances where cloud native tools may be the only solution, to give your teams visibility into what is happening. Bear in mind that cloud native toolsets can extend back into the enterprise, and experience shows us that it’s important to build in end-to-end visibility from the outset.
To ensure that you’re giving yourself as much visibility as possible, for as long as possible, across your hybrid data center, it’s advisable to create co-existence between your current tooling and cloud specific tooling. This will help to retain existing levels of insight, but it will also allow you to capture cloud-specific events that aren’t possible with on-premise tools.
3. Security and compliance
Security and compliance are always of great importance for an enterprise organization, and one of the most common questions is “how can I transition my existing security practices?”
Most enterprises will have employed information security and compliance teams to build a specific security framework around IT operations; these teams need reassurances that the privately hosted policies they have spent a considerable period of time defining will remain in place within hybrid IT deployments.
Some of the key differences for security and compliance within a hybrid approach are that cloud security protocols can be hard to fit into a traditional enterprise model. For example, auto scaling instances can crash and burn when they’re not needed, resulting in the loss of all logs, and therefore compliance issues.
Ensono has changed how we use configuration management tools and compliance audits to adapt to the new hybrid model and allow scaling and deployment with appropriate controls. Our privilege access management system provides location-independent role-based access control and compliance with single-click access diagnostic tools and device history.
Security and compliance is an important area to define up front, including understanding where data is held and how you get it back if it moves or if the location is compromised. There also needs to be a clear policy for storing confidential or personal data in the cloud. Where possible, you should look to ensure that your existing policies can be retained while understanding what is different in the new environment and how you can adjust tools and processes to comply with the policies that your organization stipulates.
4. Operational governance
Over the last several years, we have been brought into a number of inflight AWS transition projects that were in danger of being terminated. The common characteristic? They had all been led by developers who brought a number of very functional tools and technologies into the mix. Unfortunately, this meant these tools and technologies had not always been designed or implemented with operational best practices in mind, and these projects had hit a series of barriers midway through implementation.
We were able to step in to redesign and transform certain solution elements, ultimately delivering a supportable solution that was underpinned by the operational rigor expected of an enterprise business.
One of the biggest hurdles to overcome is the merging of development and operations while balancing competing demands and responsibilities between cloud developers and technology managers. In the search for new and innovative solutions that will enable the business to win, serve and retain customers, developers are increasingly turning to multiple cloud platforms for the infrastructure and services they need.
As they build different types of applications, on different clouds and legacy platforms, developers want frictionless access to multiple clouds without the responsibility for finding the best ones or monitoring, governing and controlling them. This falls to the operations team, and this is where Ensono’s expertise can help strike the right balance from the start, so that development is not constrained and the necessary operational rigor and design practices are firmly in place.