Welcome!

@CloudExpo Authors: Yeshim Deniz, Zakia Bouachraoui, Liz McMillan, Pat Romanski, Elizabeth White

Related Topics: @CloudExpo, Microservices Expo, Microsoft Cloud, Containers Expo Blog, Machine Learning , Cloud Security

@CloudExpo: Blog Feed Post

The Limits of Cloud: NICS and Nets

Cloud is great at many things. At other things, not so much

Understanding the limitations of cloud will better enable a successful migration strategy.

You might have noticed that in general, enterprise-grade networking solutions aren't always available for general deployment in public cloud environments.

You might also have noticed that when you provision a compute instance in a public cloud environment you get one public (and usually one private) IP address.

I'll stop for a moment and let you consider the relationship between these two facts.

Many mature enterprise-grade networking solutions require at least two network interfaces – one for traffic (data plane) and one for management (control plane) and often suggest a third for optimal, best-practice deployment. It's been a long time since I've seen mature networking solutions that don't employ segregated management networks. Those solutions that sit inline and that are in the line of fire, as you will, from concentrated network and application-layer attacks, absolutely need segregated management as a means to control the solution and mitigate an in-progress attack or sudden spike in utilization that might be overwhelming the primary network.

whatclouddoesrightandwrong

The use of a separate management network also ensures that the control plane is secured from general access.

Generally speaking, it's been considered a best-practice to use a separate, secured management network for critical network components since the web exploded.

Unfortunately, most cloud environments don't support this capability for customers. While certainly cloud is the largest example of control-data plane separation, such environments are designed to transport control of provider functions and service-control, not customer-deployed solutions. Thus the instances provisioned by the customer are expected to exist on the data plane because management functions (control plane) are handled through the provider's framework / API.

That means vendors of mature, enterprise-grade networking solutions have few options for cloud-enabling their solutions when NICs (and networks) are limited. Amazon EC2 is one such environment; it currently does not support multiple IP addresses per instance. Simply AMI-enabling a networking solution that requires a separate management network is not going to be enough.

That's why you see enterprise-class networking solutions becoming available for Amazon AWS, but only in its Virtual Private Cloud (VPC) environment. In the VPC environment instances are able to take advantage of more advanced networking capabilities familiar to enterprise operations such as control over IP address ranges, creation of subnets, and configuration of routes and network gateways.

Rackspace, on the other hand, is moving toward enabling multiple networks capable of broadcasting and multicasting through its evolving support for OpenStack. Such capabilities will enable customers to take advantage of mature networking solutions within its environment. There are restrictions, of course, as will be the case with any provider, but in general such a move toward enabling advanced networking within open cloud environments is a positive one.

What this all means is that when considering cloud providers and migration of applications (and their supporting infrastructure) it is critical to seek out and understand what advanced networking capabilities are – or aren't – available for each provider you are evaluating. Infrastructure support is a key component for many enterprise-class applications now being considered for migration to the cloud and not all clouds will be able to equally support the advanced networking services necessary.

Read the original blog entry...

More Stories By Lori MacVittie

Lori MacVittie is responsible for education and evangelism of application services available across F5’s entire product suite. Her role includes authorship of technical materials and participation in a number of community-based forums and industry standards organizations, among other efforts. MacVittie has extensive programming experience as an application architect, as well as network and systems development and administration expertise. Prior to joining F5, MacVittie was an award-winning Senior Technology Editor at Network Computing Magazine, where she conducted product research and evaluation focused on integration with application and network architectures, and authored articles on a variety of topics aimed at IT professionals. Her most recent area of focus included SOA-related products and architectures. She holds a B.S. in Information and Computing Science from the University of Wisconsin at Green Bay, and an M.S. in Computer Science from Nova Southeastern University.

CloudEXPO Stories
DXWorldEXPO | CloudEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.
Machine learning provides predictive models which a business can apply in countless ways to better understand its customers and operations. Since machine learning was first developed with flat, tabular data in mind, it is still not widely understood: when does it make sense to use graph databases and machine learning in combination? This talk tackles the question from two ends: classifying predictive analytics methods and assessing graph database attributes. It also examines the ongoing lifecycle for machine learning in production. From this analysis it builds a framework for seeing where machine learning on a graph can be advantageous.'
DXWorldEXPO LLC announced today that Telecom Reseller has been named "Media Sponsor" of CloudEXPO | DXWorldEXPO 2018 New York, which will take place on November 11-13, 2018 in New York City, NY. Telecom Reseller reports on Unified Communications, UCaaS, BPaaS for enterprise and SMBs. They report extensively on both customer premises based solutions such as IP-PBX as well as cloud based and hosted platforms.
Daniel Jones is CTO of EngineerBetter, helping enterprises deliver value faster. Previously he was an IT consultant, indie video games developer, head of web development in the finance sector, and an award-winning martial artist. Continuous Delivery makes it possible to exploit findings of cognitive psychology and neuroscience to increase the productivity and happiness of our teams.
Enterprises are striving to become digital businesses for differentiated innovation and customer-centricity. Traditionally, they focused on digitizing processes and paper workflow. To be a disruptor and compete against new players, they need to gain insight into business data and innovate at scale. Cloud and cognitive technologies can help them leverage hidden data in SAP/ERP systems to fuel their businesses to accelerate digital transformation success.