Cloud Migration Insights
The most spoken topic - some have succeeded their intended plans, few are re-evaluating options and others are still skeptical on moving their workloads on to the cloud. There seems to be a cloud around the cloud migration- lets demystify.
Many businesses and CIOs boldly take out giant leap to be first when new technology surfaces and later pull back after months, some will carefully evaluate and learn from others mistakes and then move and still others read these articles to decide upon making the right decision and best approaches. Let’s consider many varied solutions, options – current and future and let’s abridge complexity in this article for you to make the right decision.
The Cloud Journey
The article will give you basic approach, strategic options, new players and future of cloud for any organization to migrate core systems and will discuss various options without being any vendor agnostic.
I assume you go through all the different phase
1. Study Phase 2. Analyze Phase 3. Test Phase 4. Decision Phase 5. Migration Phase
Design and decide on your own cloud DC strategy in choosing the one below,
1. On Prem Private Cloud (Centralize or Regional)
2. Hybrid Cloud (On Prem and Public)
3. Public (Exclusive and Secured)
4. Public (Open & Shared)
5. Public (Dual Vendor)
A small note on Multi-Cloud Strategy where your run the applications across different cloud vendors, the choice depends on workloads, only caution is to equip your cloud support team to manage the complexity of shift from one to another.
“significant are the challenges for cloud migration including modernization, these challenges are not insurmountable”
Different Cloud Services: IaaS/PaaS/SaaS and the future FaaS
As we are well aware of IaaS, PaaS and SaaS, Faas (Function as a Service) is the concept of serverless computing via serverless architectures. Software developers can leverage this to deploy an individual “function”, action, or piece of business logic. They are expected to start within milliseconds and process individual requests and then the process ends. The technology is moving from Monolithic to Microservice to FaaS.
Other Cloud Options
Hybrid cloud is an enterprise IT strategy that involves operating certain workloads across different infrastructure environments, be it one of the major public cloud providers, a private cloud, or on-premise, typically with a homegrown orchestration layer on top. “Enterprises rely on a hybrid technology approach to take advantage of their on-premises investment and, at the same time, utilise cloud innovation.
AWS signalled its first serious move into hybrid deployments launch of Outposts, Google Cloud made a splash in April 2018 when it announced the general availability of Anthos.
Virtual machines and containers differ in several ways, but the primary difference is that containers provide a way to virtualize an OS so that multiple workloads can run on a single OS instance. With VMs, the hardware is being virtualized to run multiple OS instances. Containers’ speed, agility, and portability make them yet another tool to help streamline software development.
Open Source Cloud Platforms
Going Open Source and options:
Open source software for creating private and public clouds.
OpenStack software controls large pools of compute, storage, and networking resources throughout a datacenter, managed through a dashboard or via the OpenStack API. OpenStack works with popular enterprise and open source technologies makes it ideal for heterogeneous infrastructure. Hundreds of the world’s largest brands rely on OpenStack to run their businesses every day, reducing costs and helping them move faster.
Cloud Foundry is an open source cloud computing platform originally developed in-house at VMware. It is now owned by Pivotal Software, which is a joint venture made up of VMware, EMC, and General Electric.
Cloud Foundry is optimized to deliver Faster application development and deployment, its highly scalable, devops friendly, reduce human error and multitenant options.
Cloud Outages – Planning cautiously
Almost all or most Cloud provider had their share of cloud outages related to Domain Controller Issues, Latency Issues, Proxy Issues, DNS Issues, Human Error, Database/ System faulty Script or other network outages – we need to ensure some serious investment around resiliency, test on a periodic basis these plans, and during real outage recover quickly from an alternate site.
Many imagine when I move on to the cloud I am auto resilient, Never!
You need to build your own resiliency at the Application layer, Middle Ware Layer, Data Layer, Compute layer, Network Layer, Proxy Layer and at your last mile device layer. Yes of course it depends on the Service you choose, for example, in IaaS, you have your compute layer resiliency already built in, and for PaaS; you have your Compute and your Data resiliency built in, but beyond that, you have to plan and build it.
Single Point of Failure
One is to ensure the cloud provider have enough resiliency and you have other disaster recovery procedures kicking in, the other thing is your own Single point of failure. One company had recent outage in Aug 2019 when the poorly configured Proxy did not allow connections over the internet and all Exchange Online Users using that Proxy were impacted. In another case, where the Network last mine device was carelessly placed during a regular monitoring the device lost the connections. I can go on talking about UPS failures, Power Outages, Cooling Issues impacting Data center, Rack Power Panel issues, Human errors and Bad change implementing causing outages.
Cloud Migration Tools
While significant are the challenges for cloud migration including modernization, these challenges are not insurmountable! Cloud migration tools like Chef allows you to define configurations and requirements as platform agnostic code, ensuring you have the ability to quickly and consistently deploy your solutions onprem or in the cloud, without having to re-invent your processes for each.
Future Cloud Platforms:
Unikernels are specialized, single-address-space machine images constructed by using library operating systems. Unikernels provide many benefits compared to a traditional OS, including improved security, smaller footprints, more optimization and faster boot times.
Container-as-a-Service (CaaS) is an offering from cloud providers which provides container orchestration and compute resources. The framework can be used by the developers through an API or a web interface for easy management of container.
IT leaders are searching for a more cost-efficient way to rent computing power and rather than managing a cloud architecture, they now wish to go serverless. Only when resources need to be provisioned, the cloud is called upon to do this job. Internet of Things (IoT) can be a good example of such event-based computing.
Artificial intelligence and Cloud IT Infra
Artificial intelligence is being embedded into Cloud IT infrastructure to help streamline workloads and automate repetitive tasks. Some have gone as far as predicting that as AI becomes more sophisticated, private and public cloud instances will rely on these AI tools to monitor, manage, and even self-heal when an issue occurs. AI tools can help streamline the way data is ingested, updated, and managed, so financial institutions can more easily offer accurate real-time data to clients. The same process can also help flag fraudulent activity or identify other areas of risk.
Future Options to consider for Data Security
Homomorphic encryption –
Securing Data in the cloud based on Fully Homomorphic Encryption (FHE) is a new and potential form of security that allows computing on encrypted data without decrypting it first.
Computing enables data scientists to unlock sensitive data for their machine learning and analytical models while meeting their organization’s privacy, security, and compliance requirements.
To ensure fool proof security for cloud storage security research has been made on quantum key cryptography. Since the quantum key distribution is unconditionally secure we propose a new scheme known as CloudQKDP (Quantum Key Distribution Protocol for Cloud Computing) which exploits the benefits of quantum mechanisms to secure cloud storage and data dynamics.
Pricing commitment long term:
Ensuring you don’t get pleased with 1-2 years cost commitment and declare your success, but negotiate for long term, where possible 8-10 years and your success depends on the minimum to zero Incident, better agility over legacy systems – of Couse your user/admins say new systems are faster, feature rich, less complex and they are predictive Self-Healing Systems.
Constant Vendor evaluation:
You cannot leave your cloud migration when done and have great success post migration for it to run alone, but need to constantly evaluate the possibility of any changes to strategy of your company and the vendor, does the vendor; provide the capability of the newer technologies and it priced at reach, and vendor financials are healthy for you to stay invested.
Ensuring Cloud DC and your DC Safe from attacks
Every day nearly 4000 websites become victims of a DDoS attack. And, while many sites have back up and start running within hours, the damage to both revenue and customer trust can devastate a business for years. All organizations suffer from DDoS attacks at some point in time, so it's crucial to have a cloud protection stack in place. Network DDoS attacks, such as SYN Flood and DNS Amplification attacks, are quickly growing in size. So you need to get your Security & Network experts to study your cloud provider platform on how the protection is built and recovery procedures.