Achieving Digital Transformation Using Hybrid Cloud E-Book

Achieving Digital Transformation Using Hybrid Cloud

Design standardized next-generation applications for any infrastructure

Vikas Grover

Ishu Verma

Praveen Rajagopalan

BIRMINGHAM—MUMBAI

Achieving Digital Transformation Using Hybrid Cloud

Copyright © 2023 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Group Product Manager: Preet Ahuja

Publishing Product Manager: Suwarna Patil

Senior Editor: Romy Dias

Technical Editor: Irfa Ansari

Copy Editor: Safis Editing

Project Coordinator: Ashwin Kharwa

Proofreader: Safis Editing

Indexer: Tejal Daruwale Soni

Production Designer: Prashant Ghare

Marketing Coordinator: Rohan Dobhal

First published: June 2023

Production reference: 1190623

Published by Packt Publishing Ltd.

Livery Place

35 Livery Street

Birmingham

B3 2PB, UK.

ISBN 978-1-83763-369-2

www.packtpub.com

I would like to dedicate this book to everyone who gave me an opportunity, and supported me, in working on emerging technologies and 5G architecture. I have been blessed to find like-minded people and while working with them, I never feel alone. Together, as a tech community, we have a huge impact on businesses and technologies.

– Vikas Grover

This book is dedicated to my father, Chhedi Lal Verma, who was an avid reader and inspired us all with his selfless dedication to everything he put his heart into.

– Ishu Verma

I dedicate this book to all the authors in the world. Writing to convey a message, sharpen the flow, and avoid repetition is immensely challenging, no matter what genre!

– Praveen Rajagopalan

Contributors

About the authors

Vikas Grover is a leading expert in open source technologies and has worked with a diverse range of clients from the finance and telecommunications sectors, providing innovative solutions in areas such as derivatives, credit cards, payments, telecom OSS/BSS, and the private cloud. He is a respected speaker at industry events. Vikas is dedicated to helping others succeed, guided by his personal motto, “Helping others get what they want is the key to getting everything you want in life.”

Acknowledging the journey that led to the creation of his book, I express gratitude to my wife and two sons – Iraj and Aveer - for their unwavering support, as well as my co-authors, whose collaboration and teamwork were essential to bringing this book to life.

Ishu Verma is a technology advocate at Red Hat focused on emerging technologies such as edge computing, IoT, and AI/ML. He enjoys working with fellow open source hackers to work on ideas for next-gen open source technologies to benefit various industry verticals such as telco and industrial. Before Red Hat, Ishu worked at Intel and Wind River Systems on IoT gateways, embedded processors, platforms, and software.

He is a frequent blogger and speaker at open source and industry forums. Ishu resides in the Valley of the Sun, Arizona with his wife and two boys.

I would never have thought about co-authoring a book until my dear colleague Fatih Nar introduced me to Vikas Grover, so I’m grateful to them both for thinking of me for this book. Praveen Rajagopalan brings exceptional technical and business depth to this book.

I’m indebted to the open source community and particularly my Red Hat colleagues Rimma Iontel, Hanen Garcia, and William Henry for their work on the design patterns used in this book.

I’m also thankful to the Packt team for their guidance and support in bringing this book to fruition.

Finally, huge credit to my wife, Sandhya, and my boys, Sahil and Akul, for their support and understanding during the long hours spent researching, writing, and rewriting.

Praveen Rajagopalan has over 20 years of experience in the field of information technology and started his professional career as a DevOps engineer. Praveen is currently a customer engineer at Google Cloud, helping enterprises with their digital transformation journey, which includes cloud transformation and application modernization across many different industry verticals. Recently, he has found passion in helping Google Cloud’s customers explore SaaS as a business model and helping them transform their applications to run as SaaS on Google Cloud. Praveen’s passion is to solve core business-impacting problems and help enterprises become more agile and accelerate their growth. Praveen currently lives in Silicon Valley with his wife and daughter.

Not in my wildest dreams would I have imagined co-authoring a book. I reflect back on my professional career with profound gratitude and thank the Almighty and his grace for the current state of my life. Let me start by thanking my wife, Roshni, and daughter, Manasa, for being very supportive of this endeavor and encouraging me throughout the journey. Your cooperation and understanding, sacrificing winter holidays and weekends, helped me to focus and deliver on my commitments. I would also like to thank my co-authors, Vikas and Ishu, for their collaboration and knowledge sharing. I enjoyed working on my chapters and my research helped me to sharpen my knowledge. It also gave me an opportunity to reflect and reminisce on my professional experience.

About the reviewers

As a specialist in transformation projects, Mario Mendoza possesses extensive experience in a variety of business and technology areas.

As a team lead in Red Hat’s Iberia solution architect team, he currently manages close relationships with first-line customers in order to help them adopt DevOps, hybrid, and multi-cloud architectures, AppDev and cloud-native solutions, as well as application modernization.

I’d like to thank all my colleagues and managers I’ve been learning from for more than 30 years, and all those companies who gave me an opportunity and had confidence in me to share their needs, accept challenges, and build successful solutions, with perseverance along the way.

And thank you, Yolanda, my wife, for your infinite patience during the long journeys, projects, and days when I left you, and our daughters, alone.

Sunny Goel is a senior delivery principal at Slalom who has 15 years of experience in architecting, designing, implementing, and deploying enterprise-level applications in hybrid and multi-cloud environments for customers across industries. He is an ex-AWSer and has helped customers globally to migrate and modernize their workloads on the AWS platform. He holds a B.Tech in computer engineering from Kurukshetra University. He is a multi-cloud certified specialist who loves to explore new technologies. He is an active contributor to open source projects focused on cloud-native and observability services. He is also a trusted advisor who collaborates effectively with diverse stakeholders, from C-level executives to developers across multiple teams.

I’d like to thank my family – especially my wife, who pushed me to pursue this opportunity and supported me throughout while I was juggling multiple things on the professional front. It was a great learning experience for me. Also, I’m deeply grateful to all the people and communities out there who are working tirelessly to produce amazing content for the tech community to learn about cloud computing, DevOps, and security-related topics.

Valentina Rodriguez Sosa is a Principal Architect at Red Hat, focused on OpenShift and container adoption. She helps customers to achieve their modernization and adoption goals by creating solutions and patterns that can be replicated across any organization. She has over 16 years of experience across various companies and organizations, from small start-ups to 600,000-employee technology companies, defining system architectures and developing enterprise software. She also has a Master’s in Computer Science and is pursuing an MBA with certifications in Kubernetes, the cloud, cloud-native, the Spring Framework, and best practices for software development.

Table of Contents

Preface

Part 1: Containers, Kubernetes, and DevOps for Hybrid Cloud

1

Adopting the Right Strategy for Building a Hybrid Cloud

Exploring cloud computing – types and service delivery models

Defining the hybrid cloud

Variations in the hybrid cloud – homogeneous and heterogeneous

Hybrid cloud use cases

Understanding the benefits of hybrid cloud computing

Hybrid cloud strategies

Addressing compliance considerations

Automating security measures

Finding the right balance between public and private clouds

Evaluating available tools and technologies

Summary

Further reading

2

Dealing with VMs, Containers, and Kubernetes

Introduction to VM and containers

VMs

Containers

Anatomy of containers

About OCI and Docker

The differences between VMs and containers

Container orchestration

Why do we need container orchestration?

Kubernetes – a container orchestration tool

OpenShift

AWS EKS

Azure Kubernetes Service (AKS)

VMware Tanzu Kubernetes Grid (TKG)

HashiCorp Nomad

Google Kubernetes Engine (GKE)

Docker Swarm

CI/CD on the hybrid cloud

Summary

Further reading

3

Provisioning Infrastructure with IaC

Infrastructure provisioning overview

Virtualizing hardware with SDI

Provisioning IaaS

Provisioning and managing infrastructure with IaC

Imperative and declarative frameworks

Imperative and declarative framework tools for IaC

Considerations for IaC

Accelerating IT service delivery with DevOps

CI/CD

Continuous testing

Continuous operations

Monitoring and observability

Automating delivery and deployment with GitOps

Push versus pull deployments

Enabling GitOps using Argo CD

Best practices for GitOps

Summary

Further reading

4

Communicating across Kubernetes

Pod design patterns

The sidecar pattern

The adapter pattern

The ambassador pattern

Container-to-container communication

Pod-to-pod communication

Pods with multiple interfaces

Pod-to-service communication

External-to-service communication

How to discover pods and services

How to publish services

How to stitch multiple K8s clusters

Submariner – using layer 3 networking

Skupper – using a common application network (layer 7)

Service meshes

Federation of service meshes

Summary

Further reading

Part 2: Design Patterns, DevOps, and GitOps

5

Design Patterns for Telcos and Industrial Sectors

Applying design patterns for operational excellence

Telco

Creating your own pattern

Defining a framework

Cloud-friendly

A common application platform

Consistent management

Automation

Summary

Further reading

6

Securing the Hybrid Cloud

Understanding the core security principles

Different components of security in the hybrid cloud

The infrastructure layer

The platform layer

The application layer

Configuring security within a hybrid cloud environment

Configuring identity

Securing the Kubernetes platform

Configuring network security

Kubernetes network security

Establishing private connectivity

Protection of data

Kubernetes data security

Securing hybrid cloud operations

Compliance and governance

Summary

7

Hybrid Cloud Best Practices

Guidelines for a cloud strategy

Understanding various architectural considerations

Development and deployment of hybrid cloud

Infrastructure as Code

Configuration as Code

Policy as Code

DevOps

What do we mean by the economics of hybrid cloud?

Business case

CapEx versus OpEx

ROI and TCO

Various pitfalls of hybrid cloud

Complexity

Implementation

Network connectivity

Security certification

Observability

Cost

Summary

Index

Other Books You May Enjoy

Part 1: Containers, Kubernetes, and DevOps for Hybrid Cloud

The book is focused on hybrid cloud, and the first part of the book is specifically dedicated to exploring topics that will help you to build a foundation for a hybrid cloud strategy that is effective and efficient. It delves into the use of containers and Kubernetes to manage application deployment. These four chapters provide a comprehensive understanding of hybrid cloud and its components, making it a valuable resource for anyone interested in the field.

Here is a list of the chapters that will be included in this section:

1

Adopting the Right Strategy for Building a Hybrid Cloud

Cloud adoption brings benefits in the areas of developer productivity, cost, business agility, and innovation. By now, most organizations have some cloud footprint. But every organization is not able to reap maximum rewards from cloud adoption.

As organizations progress on their cloud adoption journey, they realize that each cloud brings its own strengths and weaknesses and some of the applications need to be in their own private data center or in multiple clouds.

With various public cloud providers and computing and delivery models, the cloud seems to bring limitless options when defining architecture. As an IT leader, you can easily get overwhelmed with design options to drive significant rewards from the cloud.

Your business and technical requirements can surely guide you to make design decisions, but with ever-changing needs, unforeseen future demands, and security and control requirements, many organizations choose to go with a bit of both worlds – public and private cloud – and are adopting a hybrid cloud.

In this chapter, we will cover the following topics to provide you with an overview of a hybrid cloud, including its benefits and use cases and the key benefits to consider while defining the hybrid cloud strategy for your organization:

Exploring cloud computing – types and service delivery models

Cloud computing is a versatile technology that offers different types of services and consumption models. I will list the main types of cloud computing models and service delivery models here:

Here is an illustration of the cloud computing model and the service delivery model:

Figure 1.1 – Cloud computing model and service delivery model

The different cloud computing and cloud service delivery models offer different levels of performance, security, and cost-effectiveness. The public cloud model and the SaaS model are undoubtedly the most popular and widely adopted cloud computing and service delivery models, respectively. The following are the advantages of the public cloud and SaaS service model:

Organizations of all sizes and industries appreciate the convenience of adjusting their resources based on demand and only paying for what they use.

Leading public cloud service providers and SaaS offerings such as Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), and Salesforce, respectively, have seen significant growth in recent years, catering to the needs of small start-ups and large enterprises alike.

However, it’s important to consider that both models come with their fair share of drawbacks, and depending on an organization’s background and goals, there can be differing views on the cloud.

While some visionary leaders are confident in the cloud’s potential and are willing to invest heavily to offset rising cloud costs through product growth, others see cloud costs as a significant threat to their company’s sustainability. For them, the fear of losing valuation due to soaring cloud expenses is a constant worry.

When approached with the right strategy, the cloud can offer numerous benefits to organizations. Not only does it enable better management of IT costs but it can also promote business growth by streamlining automation and reducing time to market.

However, it’s important to note that each organization’s approach to cloud adoption may vary in order to achieve the best results. One common mistake is when IT management treats cloud adoption as simply another IT system upgrade or uses a one-size-fits-all approach.

Designing a successful cloud infrastructure requires careful planning and foresight. While we can’t always predict future needs, it’s crucial to design with agility in mind, allowing applications to adapt quickly to meet evolving client demands while still maintaining cost-effectiveness.

Defining the hybrid cloud

The public cloud’s pay-as-you-go offerings can be enticing, but for various reasons such as security, intellectual property, and cost of ownership, organizations need to preserve their existing workloads and assets in private data centers.

These factors, along with the growing use of edge computing, make a hybrid cloud a necessary solution to meet current and future needs. But before diving into the hybrid cloud, it’s important to dispel a common misconception.

Some organizations may run certain workloads on public cloud providers such as AWS, GCP, or Azure while running other workloads in their private data centers. While these workloads are running in both public and private cloud environments, this hosting setup is not truly a hybrid cloud. Instead, these environments are isolated silos.

A true hybrid cloud is about creating a consistent platform across multiple environments.

According to the Gartner Glossary, “hybrid cloud computing refers to policy-based and coordinated service provisioning, use, and management across a mixture of internal and external cloud services.”

The National Institute of Standards and Technology (NIST) defines hybrid cloud as “the cloud infrastructure [which] is a composition of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load balancing between clouds).” [Source: NIST SP 800-145]

In our words, a hybrid cloud is a pool of computing power, storage, and services that is available from multiple environments, including the following:

The ratio of consumption between private and public clouds varies based on the industry you’re in, and it evolves as per compliance needs and time.

Variations in the hybrid cloud – homogeneous and heterogeneous

Variations in the hybrid cloud are entirely possible. You can have the following:

Choosing between these two is based on your needs and strategy.

When you run the same technology stack in both public and private clouds, it’s homogeneous. Traditionally, a single software vendor, such as Red Hat or VMware, provides a software stack including the operating system, hypervisor, and management layers for both clouds.

But when you run different components from different vendors and integrate them, that would be a heterogeneous cloud. You would have public cloud providers, such as AWS and Azure, and private cloud capabilities would come from Red Hat, VMware, and so on, and would be integrated with the public cloud at different levels.

Both come with pros and cons. While homogeneous can bring ease of usage but vendor lock-in, heterogeneous can provide more control and some complexity. You will want to consider various aspects before choosing which one you would like to implement:

Ultimately, it’s about the appropriate platform for your respective applications. Organizations are looking at the cloud from economics, security, and use case points of view.

It is not always possible to move every workload to the public cloud. Organizations are also mindful of losing control of data and applications. Also, moving everything to the public cloud would mean that organizations are limited to the capabilities of the public cloud and costs can go out of control.

A hybrid cloud, on the other hand, will have resources distributed across on-premises, private, and public cloud environments.

This means a balanced approach where organizations get the speed and scale of the public cloud with the security and cost-effectiveness of the private cloud.

Because of the benefits the hybrid cloud brings and organizations’ requirements, we are witnessing offerings by the public cloud that accommodate existing investments in private data centers. Some examples include VMware Cloud on AWS, VMware on Azure, and SAP on Google Cloud.

Many enterprises want to port on-premises virtual machines to the public cloud. The following diagram, taken from AWS, is a high-level component architecture reflecting VMware Cloud on AWS:

Figure 1.2 – VMware architecture on AWS

Not only that, but public cloud providers have also built extensions that push cloud solutions to organizations’ private data centers. For example, AWS Outposts provides a hybrid experience by extending the AWS infrastructure, services, and APIs to on-premises in a fully managed offering. Google Anthos, Azure Stack, are also similar offerings by cloud providers:

Figure 1.3 – AWS Outposts for on-premises

On a heterogeneous hybrid cloud, we have seen technologies and platforms from Red Hat, Pivotal Cloud Foundry (acquired by VMware), Nutanix, and so on that provide abstraction layers and create hybrid environments across distinct technology platforms.

Making public and private clouds work together should not be an afterthought. Create a comprehensive plan that accounts for applications, automation, management, and technology stack.

Increasing footprint

In terms of stats, Gartner reckons that “by 2026 cloud spending is forecasted to exceed $1 trillion USD worldwide, exceeding all other IT markets. The drivers for this healthy state of affairs include cloud variations (such as hybrid IT and multiclouds. By 2020, 75% of organizations will have deployed a multicloud environments), which are now at the center of where the cloud hype currently is.”

Enterprises adopt different clouds because no one size fits all:

Figure 1.4 – Multi-cloud adoption by enterprises

This also brings in interesting questions that every architect and developer working in enterprise should try and find an answer to. Do you know which different clouds are adopted in your company and what percentage of applications in your organizations are portable and can run almost anywhere?

From various trends and reports, it is clear that companies looking at their future are choosing the hybrid cloud to take advantage of existing on-premises investments and the public cloud’s scalability. A hybrid cloud provides the best of both worlds by giving the control and ability to innovate. This can be complex and thus organizations need a strategy to determine which workloads will reside where.

Hybrid cloud use cases

Hybrid cloud has emerged as a popular solution for organizations looking to balance the benefits of public and private clouds while addressing the data security requirements, compliance needs for regulated applications, and performance and computing needs for applications running at remote edge locations. Here are four use cases that showcase the versatility and flexibility of the hybrid cloud in different industries:

Understanding the benefits of hybrid cloud computing

A hybrid cloud provides a flexible solution. Many organizations have embraced and adopted the hybrid cloud. If we take an example of a cable company, Comcast (the world’s largest cable company), as per a technical paper published by Comcast for SCTE-ISBE, Comcast serves tens of millions of customers and hosts hundreds of tenants in eight regions and three public clouds. This is a great testimony of using a hybrid cloud for mission-critical workloads that need to run at scale.

Hybrid cloud is more popular than ever and some of the reasons that organizations are adopting a hybrid cloud are as follows:

For example, consider a telecommunications company that offers mobile services. By investing in and owning the latest advancements in wireless technology, the company can differentiate itself from other providers and offer a more seamless, high-speed network experience to its customers. This could result in more loyal customers and a stronger market position, giving the company a competitive edge in the telecommunications industry.

A hybrid cloud is a great option when your organization is looking to benefit from the best of different computing worlds, and by adopting an open architecture, open source technologies, and vendor-agnostic solutions, you can increase your preparedness for hybrid and unseen future needs.

Hybrid cloud strategies

To benefit from a hybrid cloud, it’s important to have consistency and standardization while using distinct combinations. This can be achieved through the following:

Your applications can reap significant benefits from such a setup where UI/UX runs on a public cloud and applications and databases run on a private cloud to comply with security and compliance needs or to manage costs.

When setting up the strategy for a hybrid cloud, key things to consider include the following: