In this long read we take a look at multi-cloud solutions. They have emerged as one of the top cloud computing trends, with businesses wanting to reduce their reliance on only one vendor. This long read is sampled from Jeroen Mulder’s book Multi-Cloud Architecture and Governance.
The term ‘multi-cloud’ refers to the use of two or more cloud computing systems at the same time. This introduction explains why many companies find it advantageous to adopt a multi-cloud strategy, and will provide you with a basic understanding of what’s involved in developing such a strategy.
Understanding multi-cloud concepts
There are multiple definitions of multi-cloud, but a useful one is that stated at https://www.techopedia.com/definition/33511/multi-cloud-strategy: Multi-cloud is referring to the use of two or more cloud computing systems at the same time. The deployment might use public clouds, private clouds, or some combination of the two. Multi-cloud deployments aim to offer redundancy in case of hardware/software failures and avoid vendor lock-in.
The multi-cloud concept raises a crucial question: if my organization deploys IT systems on various cloud platforms, how do I keep control? We want to avoid costs growing over our heads, we don’t want a clear overview on who’s managing the systems and, most important, we don’t want a system sprawl that introduces security risks. Before tackling issues like those, we need to agree on a common understanding of multi-cloud and multi-cloud concepts.
Let’s focus on some topics in the definition given above. First, we need to realize where most organizations come from: traditional datacenters with physical and virtual systems, hosting a variety of functions and business applications. If you want to call this legacy, that’s OK. But do realize that the cutting edge of today is the legacy of tomorrow. Hence, we refer to ‘traditional’ IT when we’re discussing the traditional systems, typically hosted in physical, private owned datacenters. And with that, we already introduce the first problem in the definition that we just gave on multi-cloud.
A lot of enterprises call their virtualized environments private clouds, whether these are hosted in external datacenters or in self-owned, on premises datacenters. What they usually mean is that these environments host several business units that get billed for consumption on a centrally managed platform. You can have long debates on whether this is really cloud, but the fact is that there is a broad description that sort of fits the concept private cloud.
Of course, when talking about cloud, most of us will think of the major public cloud offerings that we have today: Amazon Web Services (AWS), Microsoft Azure, and the Google Cloud Platform. Another definition of multi-cloud would be a best-of-breed solution from these different platforms, creating business added value in the combination of this solution and/or service. So, either a combination of solutions and services in public cloud or combined with private cloud solutions based on technologies and offerings such as VMWare, OpenStack, Google Anthos and Azure Stack.
But merely combining solutions and services from different cloud providers and/or private clouds do not represent a true multi-cloud approach. There’s more to it.
Maybe the best way to explain this is by using the analogy of the smart phone. Let’s assume you are buying a new phone. You take it out of the box and switch it on. Now, what can you do with that phone? First of all, if there’s no subscription with a telecom provider attached to the phone, the user will for surely discover that the functionality is probably very limited. There will be no connection from the phone to the outside world, at least not on a mobile network. An option would be to connect it through a Wi-Fi-device, if Wi-Fi is available. In short, one of the first actions in order to actually use the phone, would be making sure that it has connectivity.
Now we have a brand new smart phone set to its factory defaults and we have it connected to the outside world. Ready to go? Probably not. The user probably wants to have all sorts of services delivered to his or her phone, usually through the use of apps, delivered through online catalogues like an app store. The apps themselves come from different providers, different companies like banks or retailers, and they might even be coded in different languages. Yet by compiling the apps – transforming the code in such a way that it can be read and understood by different devices – they work on different phones with different versions of the operating systems like iOS or Android.
The user will also very likely want to configure these apps to personal needs and wishes. Lastly, the user needs to be able to access data on that phone. All in all, the phone has turned into a landing platform for all sorts of personalized services and data.
The best part is that in principle the user of the phone doesn’t have to worry about updates. Every now and then the operating system will automatically be updated and – wonder of wonders – most of the installed apps will still work perfectly. It might take a day or two for some apps to adapt to the new settings, but in the end they will work. And the data that is stored on the phone or accessed in some cloud directory will also still be available. The whole ecosystem around the smart phone is designed in such a way that from the end user perspective, the technology is completely transparent:
Analogy of the smart phone – a true multi-cloud concept
Well, that is a cloud concept, where the smart phone in our analogy is the actual integrated landing zone, where everything comes together to provide a seamless user experience.
Multi-cloud – more than public and private
There’s a difference between hybrid IT and multi-cloud, but there are different opinions on the definitions. One is that hybrid platforms are homogenous and multi-cloud are heterogenous. Homogenous meaning that the cloud solutions belong to one stack, for instance Azure public with Azure Stack on premises. Heterogenous then would be for instance combining Azure and AWS.
For now, we keep it very simple: a hybrid environment is combines an on-premises stack – a private cloud – with a public cloud. It is a very common deployment model within enterprises. Some years ago numerous reports appeared stating that by 2020 most enterprises would have transformed their IT to the public cloud. It was the magic year: 2020 and a lot of organizations developed Cloud Strategies 2020. It certainly did have a nice ring to it, but magical? Not really. These same organizations soon discovered that it was not that easy to migrate all their systems to a public cloud. Some systems would have to remain on premises, for a variety of reasons.
Two obvious reasons were security and latency. To start with the first, about sensitive data and privacy. Data that may not be hosted outside a country – or certain regional borders, like the EU. Data that may not be accessible in whatever way to – it’s just an example – US-based companies, which in itself is already quite a challenge in the cloud domain. Regulations, laws, guidelines, and compliancy rules often prevent companies moving their data off premises, even though public clouds offer frameworks and technologies to protect data at the very highest level.
Latency is reason number two to keep systems on premises. One example that probably everyone can relate to are print servers. Print servers in public cloud might not be a good idea. The problem with print servers is the spooling process. The spooling software accepts the print jobs and controls the printer where the print assignment has to be sent to. It then schedules the order in which print jobs are actually sent to that printer. Although print spoolers have been improved massively over the last years, it still takes some time to execute the process. Print servers in public cloud might cause delay in that process. Fair enough: it can be done, it will work if configured in the right way, in a cloud region close by the sending PC and receiving printer device, plus accessed through a proper connection.
You get the idea: there are functions and applications that are highly sensitive for latency. One more example: retail companies have warehouses where they store their goods. When articles are purchased, the process of order picking starts. Articles are labeled in a supply system so that the company can track how many of a specific article are still in stock, where the articles originate from and where they have to be sent to. For this functionality, articles have a bar code or QR that can be scanned through RFID or suchlike. These systems have to be close to the production floor in the warehouse or – if hosted in the cloud – accessible through really high speed, dedicated connections on fast responsive systems.
These are pretty simple and easy to understand examples, but it really starts to live if you think about medical systems used in surgery rooms, or systems controlling power plants. It is not that obvious to have an all public cloud, cloud-first, or cloud-only strategy for quite a number of companies and institutions. That goes for hospitals, utility companies, and also for companies in less critical environments.
Yet, all these companies discovered that application development was way more agile in public cloud. Usually that’s where cloud adoption starts: with developers creating environments and apps in public clouds. It’s where hybrid IT is born. Private systems in private datacenters for critical production systems to host applications with sensitive data and/or need to be on premises for latency reasons. Public cloud to enable fast, agile development of new applications.
Multi-cloud as a true mixed zone
From the analogy with the smart phone, it should be clear that with multi-cloud we’re also talking about services, much more than just hosting systems in a private datacenter and a public cloud. This would mainly be Infrastructure as a Service (IaaS), where organizations run virtualized and non-virtualized, physical machines in that private cloud and virtual machines in the public cloud.
QuickBooks Mac is ideal for any sized business on an iOS platform that has less than $1 million in annual revenue and doesn’t need to give more than three users access to QuickBooks. When it comes to the features included, QuickBooks Mac is almost identical to QuickBooks Pro. You can connect your bank accounts, invoice customers, and pay bills, just like you can in the Pro, Premier, and Enterprise versions. Unfortunately, QuickBooks Mac does not come in industry-specific versions like QuickBooks Premier and Enterprise do.
In multi-cloud, we are also talking about Platform as a Service (PaaS) and Software as a Service (SaaS). In multi-cloud, it can become much more a mixed mode, just as on our smart phone that holds data on the device itself, stores and retrieves data from other sources, connecting remotely to apps or hosting the apps on the phone, making use of services through APIs in those apps.
In multi-cloud, we can do exactly the same, leveraging functions and applications running in virtual machines on a private system with SaaS-functionality connecting over the internet from a third-party provider, for example to execute specific data analytics. The data may still reside in a private environment, where the runtime environment is executed from a public cloud source. Or the other way around, in case of running models against data lakes that are fed with data streams from different sources, where the results of these models are delivered to private systems.
That is what multi-cloud is all about. Leveraging applications, data, and services from different cloud platforms and using different delivery models such as PaaS and SaaS. It might include hybrid IT, but it is more of a mixed mode, in order to create additional business added value by combining and optimizing cloud solutions. The next question is: how can organizations create that optimum in combining services and by doing that, bring that added value to their business?
Let’s dive into the definition of a real multi-cloud strategy.
Setting out a real strategy for multi-cloud
The most common reason for organizations to adopt a multi-cloud strategy is a classic one: to avoid lock-in. Organizations simply do not want to be locked in to one platform or a single service. However, that isn’t really a strategy. It would be more the outcome of a strategy.
A strategy initiates from the business and the business goals. Business goals, for example, might be:
- Creating more brand awareness
- Releasing products to the market faster
- Improving the margin
Business strategies often start with increasing revenue as a business goal. In all honesty: that should indeed be a goal, otherwise you’ll be out of business before you know it. The strategy should be focusing on how to generate and increase revenue.
How do you get from business goals to defining an IT strategy? That is where enterprise architecture comes into play. The most commonly used framework for enterprise architecture is TOGAF (The Open Group Architecture Framework). The core of TOGAF is the ADM-cycle: the Architecture Development Method. Also, in architecting multi-cloud environments, ADM is applicable. The ground principle of ADM is B-D-A-T: the cycle of business, data, applications, technology. This perfectly matches the principle of multi-cloud, where the technology should be transparent. Businesses have to look at their needs, define what data is related to those needs, and consider how this data is processed in applications. This is translated into technological requirements, finally driving the choice of technology, integrated in the architectural vision:
The ADM cycle in TOGAF enterprise architecture framework
The good news is that multi-cloud offers organizations flexibility and freedom of choice. That also brings a risk: lack of focus. Therefore, we need a strategy. Most companies adopt cloud and multi-cloud since they are transforming, from a more or less traditional environment to a digital future. Is that relevant for all businesses? The answer is yes. In fact, more and more businesses come to the conclusion that IT is a core activity.
In that respect times have changed over the past few decades. At the end of the nineties, and even at the beginning of the new millennium, a lot of companies outsourced their IT, since it was not considered to be a core activity. That has changed dramatically over the last ten years or so. Every company is now a software company – a message that was rightly quoted by Microsoft CEO Satya Nadella, following an earlier statement by the father of software quality Watts S. Humphrey, who had already claimed at the beginning of the millennium that every business is a software business.
Both Humprey and Nadella are right. Take banks as an example: they have been transforming to become, more and more, IT companies. They deal with numerous data streams, execute data analytics, and develop apps for their clients. A single provider might not be able to deliver all the required services, hence these companies look for multi-cloud, best-of-breed solutions to fulfill these requirements.
These best-of-breed solutions might contain the traditional type of workloads with classic server-application topologies, but will more and more shift to the use of PaaS, SaaS, container, and serverless solutions in an architecture that focuses increasingly on microservices and cloud-native.
Of course, businesses evolve and so does technology. This is translated into a roadmap, driven by the business but including the technical possibilities and opportunities over a certain period of time. Such a roadmap will typically comprise a number of stages, beginning with a current state of the environment, shifting to industry standard solutions that are immediately available, to a future state with cutting edge technology.
We have one final remark to make when it comes to setting out a multi-cloud strategy. It concerns security, which should always be a key topic in every strategy and in every roadmap derived therefrom. All the public clouds and leading cloud technology providers have adopted security-by-design principles and offer a wide variety of very good solutions in information security. It’s fair to say that, for example, Azure, AWS, and GCP are likely the best secured platforms in the world. But it doesn’t take away your responsibility for determining the security standards, frameworks, principles, and rules that specifically apply for your type of business. Using multi-cloud for hosting businesses might lower the risk of attacks taking down the whole environment, but it also adds complexity.
True multi-cloud is more than a hybrid platform, and will likely blend different cloud solutions such as IaaS, PaaS, SaaS, containers, and serverless in a platform that we can consider to be a best-of-breed mixed zone where the solution aligns optimally with business strategy. Here, enterprise architecture comes into play, with business requirements leading at all times and enabled by appropriate use of data, applications, and lastly technology. Enterprise architecture methodologies like TOGAF are good frameworks in translating a business strategy into an IT-strategy, including roadmaps.
All of the major public and private cloud platforms have advantages, disadvantages, dependencies and even specific use cases. Hence, we see enterprises experimenting with and deploying workloads in more than one cloud. That’s not just to avoid cloud vendor lock-in: it’s mainly because it’s not a case of ‘one size fits all’.
In short, it should be clear that it’s really not about cloud first. It’s about cloud fit, and how to get the best out of the ever-increasing variety of cloud solutions.
A comprehensive guide to architecting, managing, implementing, and controlling multi-cloud environments
○ Deliver robust multi-cloud environments and improve your business productivity
○ Stay in control of the cost, governance, development, security, and continuous improvement of your multi-cloud solution
○ Integrate different solutions, principles, and practices into one multi-cloud foundation
Delve into industrial digital transformation and learn how to implement modern business strategies powered by digital technologies as well as organization and cultural optimization.
○ Identify potential industry disruptors from various business domains and emerging technologies
○ Leverage existing resources to identify new avenues for generating digital revenue
○ Boost digital transformation with cloud computing, big data, artificial intelligence (AI), and the Internet of Things (IoT)
Plan and design robust security architectures to secure your organization’s technology landscape and the applications you develop.
○ Leverage practical use cases to successfully architect complex security structures
○ Learn risk assessment methodologies for the cloud, networks, and connected devices
○ Understand cybersecurity architecture to implement effective solutions in medium-to-large enterprises