Welcome!

@CloudExpo Authors: Zakia Bouachraoui, Elizabeth White, Liz McMillan, Pat Romanski, Roger Strukhoff

Related Topics: @CloudExpo, Java IoT, Recurring Revenue

@CloudExpo: Article

Managing IT in a Hybrid Cloud World By @DanKoloski | @CloudExpo #Cloud

Consumption may change, but business expectations of IT do not change

Enterprises and IT organizations around the world are excited about the agility promises of hybrid cloud computing, but they remain concerned about the potential for ungoverned sprawl and its attendant downstream effects such as hidden costs, increased performance risks, and potential security and compliance problems. The good news is that properly planned and architected hybrid clouds don't require organizations to trade agility for governance. Let's explore some of the factors that can ensure success with a hybrid cloud environment.

Consumption may change, but business expectations of IT do not change
Development and line-of-business users often drive initial hybrid cloud demand. The promise of on-demand access to cloud services that can bypass more formal approval and procurement processes is naturally very exciting for IT consumers whose primary job description is "build." Especially as enterprise strive to accelerate innovation, the notion of rapid experimentation and temporary environments becomes increasingly attractive, and there is a tendency to rush both new application development projects and migration of existing production workloads toward cloud services.

But just because IT consumption options have changed doesn't mean that the real-world considerations of enterprise IT have been thrown out the window. On the contrary, the traditional enterprise-level requirements of IT Operations and the CIO's office become even more important when customers choose to outsource some of their IT to a cloud service provider. Think about it -- IT assets aren't just instantiated - they persist over time and have a lifecycle of their own. New applications aren't exempt from performance, service level and security/compliance considerations just because they are "built in the cloud."

Line of business managers or developers who are investigating or even using cloud should make sure their IT operations counterparts are fully appraised of their actions. Similarly, IT operations personnel must evaluate cloud service providers in terms of their current on-premises best practices and not compromise on those requirements.

Basic, siloed performance monitoring isn't enough
Developers who are rushing to embrace Platform-as-a-Service (PaaS) solutions often have the misperception that cloud providers will provide comprehensive performance assurance - but in reality, most cloud providers only provide basic monitoring of their infrastructure resources for compute and PaaS and not for applications and instances deployed using the cloud provider's platforms. This is especially disappointing in that over the past 30+-years of distributed computing, IT operations professionals have built up a huge repository of best practices, frameworks, standards and intellectual property about what it takes to operate large-scale, mission-critical business services on an ongoing basis. Yet when those environments are cloud-based, IT operations is faced with the reality that today most cloud service providers only offer lightweight infrastructure monitoring consoles to their customers that show basic up/down, consumption and top-level performance information. This information, while possibly sufficient for early dev/test cycles of departmental applications, doesn't provide anywhere near the level of visibility, diagnostics or tuning capability that production applications require to deliver meaningful levels of service. This problem is particularly pervasive among IaaS-focused cloud services which may provide VM-level monitoring but treat what's inside the VM as a black box. Furthermore, most vendor-provided tooling isn't integrated with other sources of information such as logs and other cloud applications. Organizations that intend to use the cloud for "serious" application development should make sure their cloud services provide deeper levels of instrumentation on par with what they use for on-premises IT.

It's a hybrid cloud, not a siloed cloud
Many cloud service providers attempt to offer customers operational tooling that is specific to their cloud only, with no linkages back to on-premises IT. This model may be fine for small "cloud-only" organizations, but for organizations of any scale with any existing on-premises IT environment, clouds should represent an extension rather than a new silo. In other words, a hybrid IT estate consisting of on-premises IT assets and cloud-hosted IT assets needs to be treated as one estate rather than two or more. Otherwise, redundant people, processes, skillsets and tools will be required to manage these siloed environments, bringing along hidden costs and limiting workload portability across the estate. Organizations with existing on-premises IT footprints should make sure their cloud services can be managed through the same single pane of glass as their on-premises IT environments, with the same skillsets and processes, and by the same people.

Why should cloud be less secure than on-premises?
The CIO's office and IT Operations departments in every large enterprise have spent most of the last decade instituting governance practices such as managing configuration consistency, largely as a security and compliance measure. Creating gold standard templates, applying rules of engagement for deployment, rectifying drifts and regressions and providing special handling for sensitive data are "table stakes" requirements for any mature IT organization. Yet many cloud service providers offer no such governance capabilities for environments in their clouds - essentially expecting their customers to take a "leap of faith" that every single individual consumer will somehow manually apply corporate standards to cloud environments. Maintaining security of applications and data in an increasingly hacker-filled world is hard enough - but it's absolute madness to throw away those practices just because some instances happen to be hosted in a cloud. Organizations should demand full configuration management, compliance management and governance features from their cloud service provider, on par with what is available for on-premises IT.

Workload portability needs to be a two-way street
Cloud service providers are winning customers with very simple-sounding "snapshot," "migrate" and "lift and shift" offerings to move instances from on-premises IT to clouds. But customers often forget to consider, what if, in the future, they want to move some environments back on-premises? For most cloud service providers who have no on-premises IT business, this use case is unthinkable and threatening, yet for customers in the real world, it's arguably the most important way to avoid lock-in and preserve business flexibility. Even those cloud service providers who do offer some kind of bi-directional migration often do so by placing undue infrastructure requirements on customers - basically forcing them to retrofit their on-premises data centers to match the bill of materials resident in the cloud data center. They do so freely because in the end they aren't interested in actually allowing customers to move environments back...they are just "checking the box" on bi-directionality. Enterprises need to think ahead to the reality that the relative percentages of their hybrid estate hosted on-premises or in the cloud will fluctuate over time. Organizations should require bi-directional platform workload portability from cloud service providers, regardless of infrastructure considerations.

Conclusion - treat hybrid cloud as one cloud
All of the issues mentioned above can be avoided technically. Cloud vendors exist today, especially in the platform-as-service space that can cover the needs of Development, IT Operations, DevOps and the CIO's office for the full spectrum of workloads and use cases, from departmental dev/test to mission-critical production. However, not every vendor can do this, and doing it well is not easy, so many cloud service providers simply do not. Prospective hybrid cloud consumers, especially at the enterprise level, need to think ahead and demand enterprise-class monitoring, governance, migration and security capabilities from their cloud providers, and should "vote with their wallet" when cloud providers can't provide those capabilities. If they choose wisely, they can achieve a true hybrid cloud environment instead of a sprawling set of many environments.

More Stories By Dan Koloski

Dan Koloski is Senior Director, Product Management and Business Development at Oracle. Dan Koloski is a software industry expert with broad experience as both a technologist working on the IT side and as a management executive on the vendor side. Dan currently manages the Central Product Management organization for Oracle's Systems and Applications Management group, which produces the Enterprise Manager family of products. Dan's role also includes partner and ecosystem activities.

Previously, Dan was CTO and Director of Strategy for the Web BU at Empirix, which he helped spin out and sell to Oracle in 2008. Dan holds a B.A. from Yale University and an M.B.A. from Harvard Business School.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


CloudEXPO Stories
The precious oil is extracted from the seeds of prickly pear cactus plant. After taking out the seeds from the fruits, they are adequately dried and then cold pressed to obtain the oil. Indeed, the prickly seed oil is quite expensive. Well, that is understandable when you consider the fact that the seeds are really tiny and each seed contain only about 5% of oil in it at most, plus the seeds are usually handpicked from the fruits. This means it will take tons of these seeds to produce just one bottle of the oil for commercial purpose. But from its medical properties to its culinary importance, skin lightening, moisturizing, and protection abilities, down to its extraordinary hair care properties, prickly seed oil has got lots of excellent rewards for anyone who pays the price.
The platform combines the strengths of Singtel's extensive, intelligent network capabilities with Microsoft's cloud expertise to create a unique solution that sets new standards for IoT applications," said Mr Diomedes Kastanis, Head of IoT at Singtel. "Our solution provides speed, transparency and flexibility, paving the way for a more pervasive use of IoT to accelerate enterprises' digitalisation efforts. AI-powered intelligent connectivity over Microsoft Azure will be the fastest connected path for IoT innovators to scale globally, and the smartest path to cross-device synergy in an instrumented, connected world.
There are many examples of disruption in consumer space – Uber disrupting the cab industry, Airbnb disrupting the hospitality industry and so on; but have you wondered who is disrupting support and operations? AISERA helps make businesses and customers successful by offering consumer-like user experience for support and operations. We have built the world’s first AI-driven IT / HR / Cloud / Customer Support and Operations solution.
ScaleMP is presenting at CloudEXPO 2019, held June 24-26 in Santa Clara, and we’d love to see you there. At the conference, we’ll demonstrate how ScaleMP is solving one of the most vexing challenges for cloud — memory cost and limit of scale — and how our innovative vSMP MemoryONE solution provides affordable larger server memory for the private and public cloud. Please visit us at Booth No. 519 to connect with our experts and learn more about vSMP MemoryONE and how it is already serving some of the world’s largest data centers. Click here to schedule a meeting with our experts and executives.
Darktrace is the world's leading AI company for cyber security. Created by mathematicians from the University of Cambridge, Darktrace's Enterprise Immune System is the first non-consumer application of machine learning to work at scale, across all network types, from physical, virtualized, and cloud, through to IoT and industrial control systems. Installed as a self-configuring cyber defense platform, Darktrace continuously learns what is ‘normal' for all devices and users, updating its understanding as the environment changes.