The hybrid cloud is the key driver of the rapidly evolving cloud economic market system. This fact is a function of the multifaceted delivery system made possible by Every Component as a Service (XaaS). The power of the hybrid computing model lies in attributes such as scalability, extensibility, and the manipulation of capital expenditure (CapEx) and operational expenditure (OpEx). The enormous variety of market models the hybrid cloud engenders makes the virtualization of on-demand services accessible to both large and small cap enterprises.
Based on the hybrid cloud, an enterprise can:
- Access different clouds for diverse applications to match business needs;
- Distribute elements of an application to different environments, using both internal and external capacity; and
- Locate applications based on their life cycle stage, allowing development in one location and implementation in another.
The hybrid cloud allows an enterprise to move from controlling computers to controlling services. The outcome is an increase in productivity and a reduction in overhead. With a properly managed hybrid cloud, users can work anywhere on any suitable device.
Facilitating ubiquitous device delivery
The increase in networked devices such as smart phones and tablets plus the adoption of cloud-based services provides a ubiquitous delivery environment that has encouraged many organizations to move to the Bring Your Own Device (BYOD) model. The BYOD model permits user access to corporate resources with the user's own personal devices. The increase in variable and flexible work schedules, telecommuting, and mobile applications are encouraging this growth.
BYOD is compelling IT to reevaluate technology deployment processes. Today's architecture solutions must be designed to meet user and enterprise expectations of working anywhere, anytime, on devices of all types. Embracing BYOD provides an opportunity to reduce cost and improve productivity, so enterprises are rapidly moving to a mobile-friendly enterprise service layer to integrate with mobile apps.
When personal devices are used on the enterprise network, however, security becomes a major concern. Currently, IT uses the managed desktop paradigm, which allows for central management of user applications, but this model doesn't fly in the BYOD environment. IT cannot control which applications or games users decide to install or maintain on their personal devices—a huge security risk.
In an effort to remedy this issue, enterprise application programming interface (API) management was developed—a new approach that allows secure BYOD mobile access to existing enterprise services. This new methodology is an effort to rethink application deployment, allowing the enterprise to move from managing the workstation to adapting to the new user environment. Because tokens are at the heart of API access management, they are also an essential component of enterprise API management. Token management during handshakes acquires the pertinent information related to the granting of access to an API, making the information accessible to other API management components. Enterprise API management creates a secure environment for the use of BYOD.
The network configuration of the hybrid cloud is determined by the array of cloud-based applications used. Software as a Service (SaaS), for example, depends on the private cloud's web browsers. In the case of Infrastructure as a Service (IaaS), the workload actually resides in the cloud. This functionality requires the identification of the virtual machines (VMs) involved. The VMs' IP and Media Access Control (MAC) address are used for identification. Every device in an Ethernet network has a unique MAC address. MAC-based filtering restricts user access to the network based on the MAC address.
Ethernet fabric architecture is perfect for the hybrid cloud, providing better performance, more efficient utilization, and higher levels of availability. Traditional Ethernet architecture may become slow and unresponsive, because in traditional Ethernet network switches, or interswitch links (ISLs), the ISL bandwidth is restricted to a solitary logical connection. Multiple connections are prohibited. Even though the enhancements that link aggregation groups (LAGs) provide allow multiple links between switches, the links have to be manually configured on each port in the LAG, which limits their flexibility. In an Ethernet fabric, the control path replaces the Spanning Tree Protocol with link state routing. What's more, the data path provides equal-cost multipath forwarding.
The hybrid model is wholly dependent on the Internet. The structure of the hybrid cloud formation must be designed to provide the optimal functionality. This approach has to inform every aspect of the architecture and design.
Enterprise data is the basic component of all information processes. It must be properly secured and protected through its entire life cycle—from design and creation through archiving and deletion. Use of the hybrid cloud does not alter this fundamental axiom. Indeed, the life cycle management of your data, if anything, is even more critical in the cloud because of the higher risk of theft, loss, or damage in the cloud environment relative to the protective cocoon you have developed behind your enterprise firewall.
The hybrid cloud allows you to put some data in the cloud while maintaining other data behind your firewall, allowing you to maintain control of data deemed too sensitive to be entrusted to others. Because there is no absolute litmus test to determine whether you should move specific data into the cloud, before moving any of your data, you must institute a sound data-management policy to ensure its protection. Control of your data in the cloud starts with determining exactly which parts of your data should be allowed to migrate.
The physical location of data may be critical when compliance is a consideration. Although you may have everything properly secured, compliance requirements necessitate that you have proof. Several regulations demand that the precise location of your data be documented; in some instances, these regulations require that it be maintained within the country. When dealing with international cloud services providers, this requirement can present a significant challenge.
Confidentiality is also critical. What happens if an e-discovery request is issued? Will your cloud service provider simply hand over your data? What about backups? Is your supplier backing up your data properly? What is the disaster recovery plan? How will your data be recovered after a natural disaster or any other critical failure? What about your supplier's staff: Are the supplier's recruitment and vetting procedures adequate for the security of your data? There are many questions that you need to answer for your enterprise before handing over control of your data. For each classification of data, you will need to assess the perils related to pushing it into the cloud.
The hybrid cloud offers a vast array of solutions, but the many options can make it difficult for an enterprises to create the most appropriate and beneficial solution for its business model. To assist in the decision-making process, many cloud providers have begun partnering with other providers to enhance their service offerings and provide best-in-class solutions. Partnering in the cloud provides an array of computing and communication capabilities. The main purpose of cloud partnering is the provisioning of capabilities by either referring potential clients or actually creating production enhancements.
As Figure 1 shows, partnering delivers services using a relationship that can be cooperative. This cooperation helps to minimize some of the problems when working through various vendors that do not coordinate their interactions.
Figure 1. Partnering in the cloud
Partnering, however, provides only a loose coupling rather than an integrated solution. A more efficient and effective union is created with a federated cloud. The federated cloud is a closer relationship than a simple partnering. With a federation, the boundaries between the clouds are removed.
The federated cloud can bring private, public, and other hybrid clouds together, leveraging them as a single offering. It is an integrated approach to cloud computing that allows you to adapt your deployments to match business needs. In short, the federated cloud is a world that reconfigures the old way of working to aggregate skills and assets in the interest of an optimal response to contemporary society and especially commerce and the general social economy. A federated cloud is the organization and administration of multiple external and internal cloud computing services that are aggregated to fulfill specific business needs. See Figure 2.
Figure 2. Federated cloud
Transforming command and control with cloud federation
Federation provides the necessary management, financial, and technological assets on demand required to propel an agency farther and faster. Federated cloud computing mitigates the fragmented data, application, and infrastructure silo issues associated with the traditional business model. With IT as a Service, IT frees itself to build services as a utility that can be automated to enhance command and control, delivering maximum benefit to users.
The concept of command and control in its cloud computing role is much more flexible than the traditional command-and-control structures we have grown accustomed to. The classical form of command and control focuses on those responsible for command in the military sense. The federated cloud is a partnership in the legal fiscal sense. There is no single commander as in classical military history.
Federated command and control must meet the performance expectations and obligations stipulated by the various service level agreements (SLAs). The terms of the SLAs must be strictly observed, almost like a functionally localized constitution custom designed to accommodate the requirements and needs of the client parties. The integral parts of a given cloud federation must have a degree of agency autonomy that can be contracted with other agencies to form an aggregate, apex agency of voluntary cooperating enterprises. As more or less equal members of the federated cloud cooperating in a common enterprise, its very agency structure makes it a distinct form of the traditional command-and-control structures. The federated cloud must be designed and deployed so that the system itself demonstrates a significant degree of computing autonomy in critical system maintenance, security, authentication, and related essential functions. The command and control must be integral to the architecture and the code developed. The aggregated knowledge and technology of a federated cloud, properly managed with an appropriate SLA, means that any enterprise can easily cope with the contemporary business and political environment.
The profitable use of federated cloud structures lies in the understanding the risk-opportunity interaction involved with the switch to federated computing. To neutralize as much of the risk as possible and to harvest as much of the benefits as feasible, the enterprise or individual entrepreneur must have in place an overall computing architecture that is a reflection of their business strategy and structure. Doing so requires retooling and rethinking how the intellectual, material, and human capital of the enterprise is arranged, oriented, and organized to respond to the realities of the switch to the federated cloud. A big part is having the proper management strategy for interaction with those providing the cloud services. The subscriber to the service must understand the nature of the services contracted, the rights and responsibilities built into the SLA agreement, and most of all, have a strategic and tactical plan specific to his or her needs and computing expectation. If necessary, the subscriber to the service should be prepared to remedy any deficiencies that may arise.
Hybrid cloud technology along with XaaS allows you to tap into the requisite variety required to utilize ubiquitous devices and manage the mushrooming array of resources and services they make possible. The federated cloud is the most effective expression of the hybrid cloud. The development of the federated computing model has introduced an avalanche of services requiring new ways of organizing and controlling the underlying infrastructure. The development of a less rigid, centralized alternative form of the traditional command-and-control approach to managing and deploying computing resources is central to the efficacy of the federated model. The federated cloud is in all probability the closest approximation to the perfect application of William Ross Ashby's law of requisite variety. As he stated in rather bold language, ". . . only variety can destroy variety." The variety that federated cloud computing offers is probably our best response to the stochastic nature of global society.
- Cloud computing fundamentals (Grace Walker, developerWorks, December 2010) introduces the basics of cloud computing construction, including the three basic components of the cloud: IaaS, Platform as a Service, and SaaS.
- Hybrid Cloud Integration or No Cloud is an Island (Marc-Thomas Schmidt, developerWorks, October 2011) describes the challenges involved with the integration of private and public clouds.
- Connecting to the cloud, Part 1: Leverage the cloud in applications (Mark O'Neill, developerWorks, April 2009) examines a few of the offerings from the major cloud platform vendors.
- Connecting to the cloud, Part 2: Realize the hybrid cloud model (Mark O'Neill, developerWorks, April 2009) explains how to implement a hybrid cloud application that combines local application components with cloud computing.
- Connecting to the Cloud, Part 3: Cloud governance and security (Mark O'Neill, developerWorks, June 2009) examines governance and security for cloud computing using the hybrid cloud application example begun in the previous parts.
- Review the information provided by the article New developerWorks survey shows dominance of cloud computing and mobile application development and see where cloud computing will be in the next few years.
- Explore developerWorks Cloud computing, where you can find valuable community discussions and learn about new technical resources related to the cloud.
- In IBM Smart Business Cloud Computing, get valuable business advice to enhance performance and efficiency in the cloud.
- Read a collection of reports that outline the future directions of cloud computing from a symposium held in Brussels on 23 January 2010 titled The Future of Cloud Computing.
- Learn about the Cloud4SOA initiative, which aims to combine three fundamental and complementary computing paradigms: cloud computing, service-oriented architectures, and lightweight semantics.
- Find valuable risk management information developed by the European Network and Information Security Agency.
- Read Cloud Computing - A Primer for a basic understanding of cloud computing.
- Read the cloud computing white papers developed by Cisco Systems Cloud Computing for Cisco's view of networks in the cloud.
- Stay current with developerWorks technical events and webcasts focused on a variety of IBM products and IT industry topics.
- Follow developerWorks on Twitter.
Get products and technologies
- Evaluate IBM products in the way that suits you best: Download a product trial, try a product online, use a product in a cloud environment, or spend a few hours in the SOA Sandbox learning how to implement service-oriented architecture efficiently.
- Get involved in the My developerWorks community. Connect with other developerWorks users while exploring the developer-driven blogs, forums, groups, and wikis.
Dig deeper into Cloud computing on developerWorks
Get samples, articles, product docs, and community resources to help build, deploy, and manage your cloud apps.
Crazy about Cloud? Sign up for our monthly newsletter and the latest cloud news.
Software development in the cloud. Register today to create a project.
Deploy public cloud instances in as few as 5 minutes. Try the SoftLayer public cloud instance for one month.