How to define your multi cloud strategy (And compare services)
Organisations are transitioning to the cloud and there's no avoiding it, but why rely on one single provider? Cloud providers offer a wide range of different services (storage, networking, microservices etc.) with different pricing systems; dynamic pricing, pay-as-you-go and subscription based just to name a few. This has led to the concept of a multi cloud solution. Multi cloud eliminates the reliance on one single cloud provider. Not to be confused with hybrid cloud, which I’ll speak about later in this article, multi cloud uses two or more clouds simultaneously to provide a highly available service. For example, running the application on AWS’ Elastic Kubernetes Service (EKS) and the database on Azure SQL Database.
Now more than ever organisations are looking into a multi cloud solution, for a plethora of different reasons but the most notable are the following:
Avoid vendor lock-in - I’d say this is the main reason for most companies venturing into multi cloud. Due to lack of standardisation, it's easy for the industry leader to slowly raise prices - especially if you’re using vendor specific service (e.g. Amazon’s Kinesis). Not only pricing, having all your data locked-in one place also isn’t advisable.
Data governance and compliance - Every CTO/Technical Director/Ops Manager’s favourite 4 lettered acronym, GDPR. It is essential whatever your business that you are compliant with the different regulations around the world. 66% of all countries have some form of data protection regulation. Whilst the top three vendors all offer almost worldwide coverage, two of the largest countries, Russia and China sometimes require a multi cloud solution with a local vendor.
Pricing and feature optimisation - In theory, multi cloud allows you to take advantage of the best-in-breed solutions of each provider. One may be best for hosting virtual machines, another has the greatest number of services and an alternative could be the cheapest. This all depends on the company's needs and budget.
One point to note, multi cloud isn’t an easy solution to get running and doesn't ensure everything will be smooth. Having all resources on standby with another provider comes with cost, plus the knowledge needed for operating and maintaining multiple providers is required.
Multi cloud vs hybrid cloud
The main difference between a hybrid and multi cloud is the use of a private cloud or on-premises equipment. With multi cloud your application typically runs in the cloud across two or more public clouds (e.g. AWS and Azure). Hybrid cloud incorporates “traditional IT” in the sense of on premises or a private cloud. Multi clouds don’t necessarily include a private cloud but there's nothing stopping it from doing so.
Can a Hybrid cloud also be a multi cloud? The short answer is yes it can. Incorporating another cloud provider into your already existing hybrid cloud transforms it into a multi cloud. Both allow organisations to achieve the following:
Increase redundancy and disaster recovery
Multi cloud architecture within AWS, Azure and Google
With almost a third (32%) of the $150 Billion market share, it’s common knowledge that Amazon Web Services (AWS) is the industry leader. Azure (20%), Google Cloud (9%) and IBM Cloud (5%) collectively only just surpass the giant. AWS was first to market back in 2006 and have dominated ever since for a few different reasons. They are constantly innovating, whilst regularly cutting costs to stay competitive with their rivals. In the past 12 months they’ve realised that if they want to stay in first place their “one cloud provider to rule them all” proverb had to go and in December, 2020 quietly entered the multi cloud ecosystem.
As of writing this article they only offer a “Hybrid Cloud” and don’t state multi cloud anywhere on their website. They dislike the term so much that until recently, they didn’t even allow sponsors to say “mult cloud” when presenting at their re:Invent premises. This doesn’t mean they don’t have multi cloud services though. For example, their ECS and EKS Anywhere service can be used to manage containers and Kubernetes on both Azure and Google Cloud.
The goal of AWS Hybrid Cloud is to combine your on-premises resources with their cloud, and in return you’re rewarded with assisted migration and ensured business continuity during disasters. Some applications need to remain on premises due to low latency or local data processing requirements. AWS realised this and created AWS Outposts - a physical 42U rack (smaller 1U and 2U mountable servers coming later this year) which is placed in your datacenter/premises which then connects to the nearest AWS region. This strategy offers the same infrastructure, services, API and tools for creating a quality hybrid cloud solution.
Unlike AWS, Azure is full on multi cloud and has always offered a hybrid solution architecture strategy. Azure focus heavily on being able to innovate anywhere in a consistent and flexible manner across on-premises, multi cloud and edge environments. Azure’s Arc platform has two key uses; bringing Azure management capabilities to any infrastructure and enabling Azure services to run anywhere. Many organisations are looking for a seamless way to integrate their VMs to the cloud. Azure has a partnership with VMware and together have made Azure VMware Solution, with the goal of migrating VMware workloads with minimal complexity.
Due to the increase in remote working becoming the norm, Microsoft services such as Teams and Office 365 have been utilised more than ever. On one hand this was good for their business as it meant more users, and hence more revenue, which leads to system development and upgrades. But last year there were times where they struggled with capacity and in worst cases outages occurred. The ability to integrate existing networks via IPsec tunnels and Microsoft services, like Active Directory, into Azure to create a hybrid cloud with a central management panel is very appealing.
Google Cloud is no different and has a product called Anthos which provides both multi cloud and hybrid cloud solutions. Although Google is simpler than AWS and Azure, it is still very powerful. It does lag behind in terms of features but was/is built extremely well using the same technology as their search engine and Gmail suite. As they own Android it is greatly the preferred platform for all Android developers. Considering that Google created Kubernetes it comes as no surprise that their GKE (Google Kubernetes Engine) is the leading K8s service available. Their Anthos platform permits application modernisation and development, allowing you to innovate without being locked-in to a single vendor. Great for tying on premise and cloud clusters together, enabling you to be able to manage them anywhere. A prime example is Major League Baseball. They use Anthos to run workloads simultaneously on the cloud and on the edge with on-premises data centers at their ballparks. Allowing them to run their applications anywhere.
How are multi cloud solutions managed?
Before going any further you need to decide how you’re going to manage your multi cloud system. Managed services provides organisations with the tools and procedures which allow them to monitor, maintain and secure applications across multiple clouds. A central control panel is needed for automation, this gives teams such as Dev and Ops a platform for coherent building and management of applications. For example, Ops can spin up a new Kubernetes cluster in multiple clouds and Dev can push a new container to all with a single command which saves time and specific vendor knowledge. The use of a control panel also adds a single unified way of visualizing the setup which is vital.
In a similar way to cloud vendors, management providers are racing to offer the widest range of features. Below are a few of the leading suppliers:
Scalr - Gartner named multi cloud manager, Scalr is great for visualizing usage and helping you understand your cloud costs. A strong focus on allowing users to select the best cloud service for their needs without the risk of vendor lock-in. Backed by NASA JPW and the FDA it’s safe to say the platform is secure. The clean, modern GUI is also among the favourites. Reading organisations reviews, a common theme seems to be the lack of monitoring features. But nonetheless, it's a great platform with large organisations in mind.
Flexera Optima - Flexera’s offering provides a range of tools and features that simplify the cost and usage across multiple cloud providers. Their template-based provisioning, orchestration and automation with terrific monitoring and management creates an ideal platform for managing your multi cloud solution. Over the past couple of years, they’ve been relentlessly acquiring business to improve existing features and offer new services. One standout feature is the capability to review and forecast your expenditures.
IBM MCMP - IBM’s Multi Cloud Management Platform enables organisations to simply manage environments across multiple clouds. With a heavy focus on Kubernetes, where visualization is key, you can manage your clusters seamlessly across all providers. Easily scale operations which leads to faster development of services to market.
It might be worthwhile having an extra tool for advanced reporting and monitoring for extra peace of mind. Software like Cloudhealth and Cloudcheckr can achieve this, giving upgraded reporting, billing, management, and usage alerts.
What to consider across multi cloud security?
Threat landscapes are constantly evolving. It is essential when adapting a multi cloud strategy that you consider the right security framework. This will protect your organisation and maximise the full value of the solution. Although it isn’t necessarily possible to prevent every possible attack, the use of a well deployed security strategy will greatly reduce the risk to data, applications, and your architecture as a whole. Whilst all cloud vendors all have extensive availability, outages do occur. Having your application deployed across multiple clouds provides excellent resilience and disaster recovery.
AWS has a strong focus on security, with their four-stage process of prevention, detection, response and remediation. With world class security experts constantly monitoring their systems and developing security services, such as GuardDuty their intruder detection, for users to utilise.
Microsoft’s Azure offers a range of built-in security services to protect your cloud architecture, which help to identify threats quickly allowing you the time to respond. Their Azure Security Center strengthens your cloud security. Within the Security Center you can use Azure Defender to protect your hybrid cloud. With 3,500 security experts you can ensure Azure is as protected as can be.
Google Cloud’s security model guarantees your organisation will be secure and compliant with regulations around the globe. They encrypt all data whether it's in transit or resting and can only be accessed by authorised personnel with the correct encryption keys. GCP also offers Cloud Audit Logs which further helps with security, auditing and compliance.
SD WAN SASE (Secure Access Service Edge) should be implemented to help with branch offices and remote workers. Fortinet’s Secure SD WAN ensures all connections are secure without a compromise to application performance. Their solution directly integrates with the cloud vendors security services and can all be managed through the Fortinet Fabric Management Centre.
Natural disasters are inevitable. Despite vendors' data centers doing their best to protect themselves from fires, earthquakes and hurricanes, they still occur. The best strategy for cloud disaster recovery is to have your backups in one neat pile of data stored on at least one additional cloud provider. Google even offers automated backups to Amazon S3 which ensures that essential applications and data are stored in more than one location.
In the grand scheme of things, it’s still early days for multi cloud, implementation isn’t easy and takes a great amount of time, money and effort. Large companies with extensive infrastructure that need the added level of redundancy and world-wide availability should already be looking into it. I’d be surprised if most organisations aren’t already running some sort of multi cloud. E.g. Running their application on AWS whilst using Azure’s Office 365 to provide services like Word and Teams to their remote workers. If you don’t have a specific reason for full multi cloud, I’d suggest steering clear. The main thing to do is to examine your technical aspirations with your resource allowance (workers, time, and budget.)