Public cloud - Private cloud - Hybrid cloud: Which one to choose?

Public cloud - Private cloud - Hybrid cloud: Which one to choose? Below we outline some basic considerations and cloud comparisons, as well as best practices for how to integrate and manage these complex deployments.

Public cloud

By now, most organisatons understand the cost benefits of an IaaS provider like Amazon Web Services, including a low and predictable cost of ownership and a shift from a capital expenditure to an operating expenditure. This makes it possible to significantly reduce an organisaton’s upfront costs, its ongoing costs of IT labor and potentially its tax liability.

The technical benefits are equally attractive: scalability, automated deployments, and greater reliability, to name a few. There are also very few technical limitations that would prevent an organisaton from moving their infrastructure to AWS; almost every function a traditional resource supports in the private cloud or in a data centre could be replicated in AWS.

These application tiers are especially well suited to the public cloud:

  • Long-term storage, including tape storage, which has significantly more cost-effective solutions in AWS (Glacier and Storage Gateway’s Virtual Tape Library)
  • Data storage of any kind, especially if you are currently hosting physical media that fails often or needs to be replaced (S3 is an infinitely expandable, low-cost storage resource)
  • The web tier of an application that is bursty or highly seasonal (EC2, Auto Scaling, ELBs)
  • The web tier of an application that is mission-critical or latency-intolerant (Custom Auto Scaling groups and automated deployments with Puppet scripts)
  • Any new application that demand is uncertain for, especially for microsites or other interactive properties for marketing and ad campaigns
  • Testing environments, due to the fact that it is so much easier to spin up and down instances for load testing.

Enterprises must then decide whether they want to manage their public cloud infrastructure themselves or outsource it to a managed cloud services provider. A managed cloud services provider can maintain the entire cloud infrastructure (web servers, application servers, load balancing, custom failover scripts) and some may also be able to integrate with on-premises or private cloud solutions to provide a single monitoring interface.

Note that compliance requirements no longer necessitate a private cloud solution rather than a public cloud solution. AWS has been on the leading edge of compliance in the cloud for several years, and while there is lingering skepticism, the adoption of AWS cloud by the largest and most complex healthcare and financial institutions is a indication of the degree to which AWS ensures compliance and security in the cloud. We presented at Amazon re:Invent on the architecture required for HIPAA-compliant deployments here.

Private cloud

Although there are many advantages to the public cloud, enterprises very rarely deploy 100% of their applications into the public cloud. Logistically, it is often much simpler to move from your on-premises environment to a private cloud than from on-premises to public cloud.

Private cloud environments can be configured to support any application, just as your data centre currently hosts it. Private cloud is an especially attractive option if certain features in legacy applications prevent some applications from operating well in the public cloud.

Here are some indicators that your application would be a good candidate for maintenance in a private cloud:

  • You are using Oracle RAC (shared storage) and require dedicated infrastructure for compliance. The shared storage equivalent in AWS, RDS, is not HIPAA-compliant.
  • You need high performance access to a file system, as in a media company that creates or produces large video files.
  • An application is poorly written and infrequently used, and therefore not worth the effort of migrating to the public cloud.
  • The application has very predictable usage patterns and low storage costs.
  • An application is unstable and heavily trafficked, but current IT staff is unfamiliar with the application. This may instead be a case for partial rewriting in the cloud.
  • The engineering team responsible for maintaining the application is not equipped for migrating the application in a cost-effective time frame. This may instead be a case for bringing on a managed cloud service provider.

A private cloud solution can be implemented in your on-premises data centre with a virtualisation layer such as VMware, though many mid-sized and large enterprises let a managed private cloud services provider maintain servers, storage, network, and application infrastructure.

Hybrid cloud

Ninety percent (90%) of enterprises say they are going to pursue a hybrid cloud solution this year. As explained above, enterprise architecture is often so complex that a hybrid cloud solution where public, private or on-premises infrastructure supports a single application is the best solution.

Hybrid architectures are especially attractive for large organisatons that want to explore the flexibility and scalability of the public cloud. An audit will not always reveal how an application will perform in the public cloud, so enterprises choose to test a single tier in the public cloud while maintaining key infrastructure on their private cloud or dedicated infrastructure.

A hybrid system is also a good solution if there is institutional hesitancy about the security of the public cloud for sensitive data (whether this is justified or not). Frankly, it is often easier to convince internal executive or IT teams to experiment with cloud solutions rather than adopt them wholesale. Maintaining veteran IT staff and legacy applications on legacy infrastructure while opening new lines of business in the cloud is a cost-effective solution that also manages institutional risk.

Finally, an important thing to understand about hybrid environments is that they are only as strong as the integrations that unite them. Performance monitoring, regular testing, and data ingress and egress procedures will reveal future areas of difficulty as well as signal when and how to further evolve the application. The team orchestrating the infrastructure is almost always more important than the specific type of cloud solution you chose.