Private vs. Public vs. Hybrid Cloud: Which One to Choose?
Most enterprise IT departments now manage applications across multiple environments in a dizzyingly complex overall IT architecture. They also must constantly reevaluate their unique mix of on-premises, private cloud and public cloud infrastructure to meet new business goals and determine how applications can be migrated to the public cloud in a cost-effective way.
This is no small feat. Dozens or even hundreds of applications built at different times, in different languages, and by different teams need to be evaluated for migration to the cloud, which often requires deep knowledge of the existing IT infrastructure as well as the public cloud resources that could replace these functions.
Ultimately, enterprises must determine the hosting solution that suits each application: on-premises, private cloud, public cloud, or hybrid cloud. Below we outline some basic considerations and cloud comparisons, as well as best practices for how to integrate and manage these complex deployments.
By now, most organizations understand the cost benefits of an IaaS provider like Amazon Web Services, including a low and predictable cost of ownership and a shift from a capital expenditure to an operating expenditure. This makes it possible to significantly reduce an organization’s upfront costs, its ongoing costs of IT labor and potentially its tax liability.
The technical benefits are equally attractive: scalability, automated deployments, and greater reliability, to name a few. There are also very few technical limitations that would prevent an organization from moving their infrastructure to AWS; almost every function a traditional resource supports in the private cloud or in a data center could be replicated in AWS.
These application tiers are especially well suited to the public cloud:
- Long-term storage, including tape storage, which has significantly more cost-effective solutions in AWS (Glacier and Storage Gateway’s Virtual Tape Library)
- Data storage of any kind, especially if you are currently hosting physical media that fails often or needs to be replaced (S3 is an infinitely expandable, low-cost storage resource)
- The web tier of an application that is bursty or highly seasonal (EC2, Auto Scaling, ELBs)
- The web tier of an application that is mission-critical or latency-intolerant (Custom Auto Scaling groups and automated deployments with Puppet scripts)
- Any new application that demand is uncertain for, especially for micro sites or other interactive properties for marketing and ad campaigns
- Testing environments, due to the fact that it is so much easier to spin up and down instances for load testing.
Enterprises must then decide whether they want to manage their public cloud infrastructure themselves or outsource it to a managed cloud services provider. A managed cloud services provider can maintain the entire cloud infrastructure (web servers, application servers, load balancing, custom fail over scripts) and some may also be able to integrate with on-premises or private cloud solutions to provide a single monitoring interface.Note that compliance requirements no longer necessitate a private cloud solution rather than a public cloud solution. AWS has been on the leading edge of compliance in the cloud for several years, and while there is lingering skepticism, the adoption of AWS cloud by the largest and most complex healthcare and financial institutions is a indication of the degree to which AWS ensures compliance and security in the cloud. We presented at Amazon re:Invent on the architecture required for HIPAA-compliant deployments.
Although there are many advantages to the public cloud, enterprises very rarely deploy 100% of their applications into the public cloud. Logistically, it is often much simpler to move from your on-premises environment to a private cloud than from on-premises to public cloud.Private cloud environments can be configured to support any application, just as your datacenter currently hosts it. Private cloud is an especially attractive option if certain features in legacy applications prevent some applications from operating well in the public cloud.Here are some indicators that your application would be a good candidate for maintenance in a private cloud:
- You are using Oracle RAC (shared storage) and require dedicated infrastructure for compliance. The shared storage equivalent in AWS, RDS, is not HIPAA-compliant.
- You need high performance access to a file system, as in a media company that creates or produces large video files.
- An application is poorly written and infrequently used, and therefore not worth the effort of migrating to the public cloud.
- The application has very predictable usage patterns and low storage costs.
- An application is unstable and heavily trafficked, but current IT staff is unfamiliar with the application. This may instead be a case for partial rewriting in the cloud.
- The engineering team responsible for maintaining the application is not equipped for migrating the application in a cost-effective time frame. This may instead be a case for bringing on a managed cloud service provider.
A private cloud solution can be implemented in your on-premises datacenter with a virtualization layer such as VMware, though many mid-sized and large enterprises let a managed private cloud services provider maintain servers, storage, network, and application infrastructure.
While cloud-based infrastructure has many advantages, there are some applications that would see little to no cost benefit from migrating to the cloud. This is usually the case when you have invested significant capital in on-premise infrastructure, such as high-performance databases, that are specially configured to support that application.Here are some situations where on-premises infrastructure might work best for your application:
- The cost savings of cloud storage and compute resources do not outweigh significant capital in on-premise solutions
- Your application already sees high performance and high availability from custom infrastructure
- You produce large multimedia files that your in-house staff needs low-latency access to for editing purposes
- An email platform that is high-volume, time-sensitive, and confidential. For example, some brokerage houses send very large volumes of email early each trading day.
Applications that meet these requirements are often not well-suited to the cloud. Often it would be wiser financially to maintain the infrastructure until its value has depreciated.
Ninety percent (90%) of enterprises say they are going to pursue a hybrid cloud solution this year. As explained above, enterprise architecture is often so complex that a hybrid cloud solution — where public, private or on-premises infrastructure supports a single application — is the best solution.
Hybrid architectures are especially attractive for large organizations that want to explore the flexibility and scalability of the public cloud. An audit will not always reveal how an application will perform in the public cloud, so enterprises choose to test a single tier in the public cloud while maintaining key infrastructure on their private cloud or dedicated infrastructure.
A hybrid system is also a good solution if there is institutional hesitancy about the security of the public cloud for sensitive data (whether this is justified or not). Frankly, it is often easier to convince internal executive or IT teams to experiment with cloud solutions rather than adopt them wholesale. Maintaining veteran IT staff and legacy applications on legacy infrastructure while opening new lines of business in the cloud is a cost-effective solution that also manages institutional risk.
Finally, an important thing to understand about hybrid environments is that they are only as strong as the integrations that unite them. Performance monitoring, regular testing, and data ingress and egress procedures will reveal future areas of difficulty as well as signal when and how to further evolve the application. The team orchestrating the infrastructure is almost always more important than the specific type of cloud solution you chose.