Intro to Hybrid Cloud for the Private Cloud Audience

imageLet’s say that you have your private cloud the way you want it. You’ve got the self-service, the metered services, the elasticity and the pooled resources and it’s running just the way you want. But then one day the boss comes in and says “we’re expecting a big spike in utilization next month and we need to get things going by next week”. ACK! There’s no way you’re going to be able to go through the procurement and installation processes that fast. What to do?

That’s where the hybrid cloud comes in. In this article, Michael Lubanski talks about hybrid cloud and how it can solve this and other problems you’ll encounter now and in the future. This is a great introduction to hybrid cloud, so if you’re not already a hybrid cloud expert, take ten minutes over coffee and give this a read.

Thanks! –Tom.

imageWhat is a Hybrid Cloud?

By now, you know what a Private Cloud is and what it can provide.  You should also have an idea of what Public Cloud entails.  Popular public clouds include Microsoft Windows Azure and Amazon Web Services.  The key difference between the two is in the name of the cloud itself – Private vs. Public.  While a Private Cloud is dedicated to only you, a Public Cloud is shared amongst many companies. 

You may have also heard of a Hosted Cloud.  A Hosted Cloud may be hosted by a service provider, yet still a dedicated Private Cloud; the main difference being the physical location of the hardware behind the cloud.  A Hoster will “host” the hardware in their datacenter instead of inside a customer’s datacenter, but still dedicate it to the customer.

A Hybrid Cloud is simply a combination of two or more different cloud platforms that can be used together.  A Hybrid Cloud is comprised of pieces of a Private, Public or Hosted cloud all interconnected and working together.

How does a Hybrid Cloud work?

Just having a Private Cloud and a Public Cloud does not give you a Hybrid Cloud.  The key is the connection between the two.  This is often achieved with a Virtual Private Networking (VPN) solution where resources from one cloud can securely communicate with resources in another cloud.  Rather than being two different clouds, they can now act together as one, exchanging data between servers in each location.  When this secure connection is in place to share data between the clouds, you then have a Hybrid Cloud.

With this in place, you can now increase the capacity of your cloud simply by requesting new resources from your Public Cloud provider and adding them to your trusted network or VPN connection, instead of having to purchase new servers for your Private Cloud.  These two clouds can also be federated so that security authentication can take place within the Hybrid Cloud.  For example, an Active Directory domain controller can be maintained in the Public Cloud space to authenticate resources, while securely synchronizing with the Active Directory domain controllers in the Private Cloud over the secure connection.

Do I need a Hybrid Cloud?  What are the benefits?

There are four main benefits of a Hybrid Cloud:

  • The ability to add additional capacity to your network without the capital costs of additional compute, storage and network purchases.
  • The ability to add additional capability to your network that your Public Cloud provider can supply, if your Private Cloud does not.  For example, Microsoft recently announced Windows Azure Media Services, for the creation, management, and distribution of media to a global audience.
  • A lower cost model with a pay-per-use subscription paradigm instead of incurring large, long-term capital expenditures.
  • Near-instant on-demand provisioning of resources.  Provisioning new resources in a Hybrid Cloud is easier and faster versus the traditional build out of resources in a datacenter.  It’s the difference between a few clicks on a website versus purchase a server, wait for delivery, build the server, wait till it’s racked, install the server, wait till it’s ready, configure the server, wait till it’s done, then put the server into production.  It’s a matter of minutes versus weeks.

Let’s use the scenario of the National Football League.  On Super Bowl Sunday, the NFL expects a huge increase in viewership and usage of its websites – and  To meet this increased demand, the NFL can either purchase additional capacity for its Private Cloud or additional capacity at a Public Cloud provider.  Adding capacity to a Private Cloud is both a capital expense (initial purchase) and operating expense (on-going maintenance). 

Adding capacity to a Public Cloud is a temporary expense, e.g., the increased capacity to manage Super Bowl Sunday can be released after the event concludes.  This temporary expense makes Public Cloud usage quite attractive when companies need temporary resources to survive a spike in demand, without a big increase in infrastructure in its Private Cloud.  However, all of the data and content for the websites already sit in the NFL Private Cloud and there is no time to rebuild everything in a Public Cloud.  This is exactly where a Hybrid Cloud provides benefits:

  1. “Rent” additional capacity from a Public Cloud provider.
  2. Establish a VPN connection to form the Hybrid Cloud between the Public Cloud provider and the NFL Private Cloud.
  3. Synchronize content and data to the new capacity to manage the increased demand.
  4. After the Super Bowl concludes, pull back or delete any data residing in the Public Cloud portion of the Hybrid Cloud.
  5. Dissolve the Hybrid Cloud, cease using the rented resources and stop paying the rent.

Sounds great, but should I be concerned about anything?

When working with a Hybrid Cloud, it is important to remember a few key elements.  The primary one is data security.  If synchronizing data between Private Cloud resources in a company-owned datacenter and Public Cloud resources in a who-knows-where it-is-but-not-company-owned datacenter, it is important to think about the type of data being stored in the Hybrid Cloud.  Does the NFL want college football scores synched to Public Cloud resources?  Sure, why not.  Does the NFL want the social security number of all of its employees synched to Public Cloud resources?  No!  Therefore, it’s important to understand what kind of data will be stored in the Public Cloud through the VPN connection and the Hybrid Cloud.

The second concern is data loss and data backup.  Once data resides in the Public Cloud, it is not necessarily guaranteed safe and you must still be concerned with data integrity or data loss.  Having a backup copy of data that resides in the Public Cloud stored in a Private Cloud or Hosted Cloud would be a wise move.  If, however, the data in your Public Cloud is just a copy of data that already exists in the Private Cloud, it may not be necessary. 

Back to the example of the NFL, if they “bursted” out their site with a Hybrid Cloud, the data on the Public Cloud side is mostly likely identical to the data in the Private Cloud, especially if it is just being used for scale-out purposes.  In that scenario, any data loss in the Public Cloud would have minimal effect as the same data exists in the Private Cloud, too.  The main point here is that any data stored in the Public Cloud must be considered for some kind of data backup or retention solutions, if it is any different from the data in the Private Cloud.  Remember that you always have the option to move data back to the Private Cloud at any time.

What other concerns can you think about when using a Hybrid Cloud ?

Michael Lubanski
Americas Private Cloud Center of Excellence Lead
Microsoft Services

So, can you think of other concerns you would have with a hybrid cloud? What other questions would you have when it came to the security issues of connecting your private cloud to a public or hosted cloud? Would you segment the private cloud components away from the rest of your network? What kind of IDS/IPS would you need? Would you deploy the VPN as a “wide open” site to site VPN, or would you configure the VPN gateway to only allow the required protocols? Send us your comments or put them in the discussion box at the bottom of this article. Thanks!

Tom Shinder
Principal Knowledge Engineer, SCD iX Solutions Group
Follow me on Twitter:

Go Social with Private Cloud Architecture!
Private Cloud Architecture blog
Private Cloud Architecture Facebook page
Private Cloud Architecture Twitter account
Private Cloud Architecture LinkedIn Group
Private Cloud TechNet forums
TechNet Private Cloud Solution Hub
Private Cloud on the TechNet Wiki