Moving Apps to the Cloud (Good, Better, Best) – Part 2

First, my apologies for the delay in getting part 2 written, my only excuse is that I really wanted to understand a broader set of options for building Hybrid solutions in the cloud. You know from part 1 that this whole series comes from the lessons learned putting on the TechEd talk in June 2012 which of course was exclusively about moving apps to Windows Azure and how IaaS can play a role in that. What about other cloud vendors? How are they addressing the hybrid solution space?

After a good amount of reading and researching I think I can at least give this topic proper theoretical coverage. Unfortunately, I’ve not yet had the opportunity to put it in to practice and look at these different options side by side but I do believe I can give readers a sense of what I think is interesting and unique about building hybrid solutions in the cloud across the key vendors. Of course I’ll also explain why this is better than pure IaaS and continue upon that theme. Enough with the sales pitch … let’s get it stated.

What are examples of “Hybrid” solutions?

This is the obvious place to start. We must attempt to get a baseline on the types of solutions that would be classified as hybrid.  Saying something is hybrid probably gives folks a very specific initial reference concept. Hybrid means we are trying to do two things in a blended way … think about hybrid vehicles that use gas and electric or genetic hybrids like a Mule that is a hybrid species (horse + donkey). Effectively let’s try and take the best of multiple “things” and come up a better “thing” than what we had when it was pure or homogeneous.

1. PaaS and IaaS Public Cloud Hybrid

This is maybe the most common version of this because it takes things like stateless web tier components and uses stateful database instances.  I see architecture diagrams like this all over the place with Amazon implementations and we’re starting to see it come about with Windows Azure and now Google and their Compute Engine behind the PaaS App Engine.  These tend to happen very naturally based on how the tiers of the application were originally designed.

The web UI tier is usually relatively easy to write in a stateless way whereas the data tier is inherently not.  The Web Tier is typically very resilient as well because of things like load balancers and health probes allowing for simple redirections and retries. The data tier on the other hand is not, you can really see this in the implementations of multi-tenant relational databases in the cloud today. They introduce a lot of complexity and constraints for developers (throttling, size constraints, backup/restore limitations, transient failure conditions, etc.). This leads to a desire to move back to something more familiar which is where IaaS comes to the rescue. This is also exactly the architecture we look at with MSDN/TechNet in our TechEd talk (see diagram above). In this case we actually had a hard constraint blocker (multi TeraByte relational data footprint) which resulted in our need to build it as a hybrid.

2. On Premise and Public Cloud Hybrid

Tons of people I talk to love the idea of cloud computing. It is almost impossible to debate the economics of it for elastic work loads. They however are always challenged by the constraints around compliance and security. This really is the gorilla in the elevator for the cloud today and this hybrid model attempts to provide a solution. Don’t worry so much about compliance in the cloud, use it for those things that don’t have heavy compliance and security demands and connect back into your own data center for accessing  sensitive data or running compliance bound transactions (like credit card transactions that need PCI for example).

Another example of this model is centered around securing and reusing private data. It is very common to find enterprises unwilling to move heavy sets of core data into the public cloud.  Even if you could implement proper encryption at rest capabilities there is still the size and cost associated with moving that data. Add to that key management complexities and the potential on premise uses (like business reporting or existing intranet application consumption) that would be impacted.  There are points of friction all over the place when moving large data sets but with a hybrid model like this you don’t have to choose. To use a golf metaphor … “play it where it lies”.

There are only two solutions that I’ve seen to date that address this and that’s the Site to Site networking capabilities in Windows Azure and the Direct Connect option with Amazon Web Services.  The Amazon technology being the only one in the market today that can go up to 10 GB/sec but the Windows Azure approach (currently in preview) is nipping at their heels with something that may not provide as much bandwidth but still can provide a cost effective solution for a lot of workloads. Taking the concepts of virtual networking into this mode where you extend your corporate data center for on demand public cloud compute power while still mitigating the risk of compliance and security issues certainly has a lot of potential.

3. Private and Public Cloud Hybrid

This really comes down to how you want to leverage your existing virtualization with the public cloud. Many companies have either VMWare or HyperV capabilities today and being able to move those private virtual machines into the cloud is attractive for a number of reasons.  Two reasons I hear all the time are disaster recovery (aka business continuity) and geo-distribution.

Disaster recovery is a huge topic that I will save for another post but I will say that using private cloud VMs and moving them to the public cloud as a fail over can be much more cost effective than say standing up and owning your own stand by data center. I realize that is stating the obvious and definitely easier said than done. Would your security and compliance concerns be the same in a disaster scenario? Could you run in a degraded form and still satisfy your requirements in the event of a disaster? As I said, this is a huge topic but a common one that folks look at with hybrid cloud solutions. Often the driving goal is to blur the lines between the private and public cloud here.  For more on this topic watch the TechEd 2012 talk here.

Geo distribution is another thing that attracts folks to this model.  Assuming you do have private cloud capabilities in your DC what happens when your users start to spread out or even roam? Using the public cloud to stand up pieces of new infrastructure for your services when those changes come about is powerful as well. We cover a scenario in the TechEd talk (see part 1) where an inventory service needs to start servicing customers nationwide but it was blocked by some missing platform features for previous versions of Windows Azure.

Once again, IaaS to the rescue here with a hybrid solution architecture.  The beauty with this in the Windows Azure IaaS model is that the VM format (hyper V .vhd) is preserved between the private and public cloud environments. You can literally set it up move it around and boot from it locally and in the cloud. There are no similar capabilities out there today from other vendors (I have to imagine the new VMWare public cloud offerings will provide this but there isn’t even a roadmap of those yet).

Why is this better than pure IaaS?

Let me get the easy one out of the way,  moving to a hybrid model is better in some cases because you don’t have any other option. Basically as a solution architect you’re just trying to “break through the wall” if you will. Many of the hybrid solution scenarios above describe constraints that can not be done with PaaS or with public cloud in general. Moving to a hybrid model in a lot of cases is simply necessary because of that.  Is that “better”?  Well it is better than staying stuck in a purely on premise infrastructure model that costs you and your business way more than it should to respond to wildly varying demand for compute resources.  It is also better than sitting around waiting for months maybe even years for all the compliance and platform features to exist.

The most interesting solution model to explore as a “better” model than pure IaaS is the one that does start to move pieces and parts to PaaS. This essentially brings up the question of why is PaaS better? The typical answer here is always “of course PaaS is better … I have less code to write”. That is a tough value vs. complexity cost trade off discussion actually. The different PaaS environments do in fact automate certain things for your app but they introduce lots of different constraints at the same time.

You also have to be very careful if you are going to attempt to avoid lock in on any one PaaS vendor. The last part of this series will approach this whole idea that PaaS is the ultimate goal and why. As we do that I also want to look at options from OpenStack which promises freedom to move from vendor to vendor. For now let’s just agree that moving to something with more automation and less application specific horizontal concerns can be better.


The hybrid solution models vary quite a bit so you have to start by making sure you define what type of hybrid solution you want to build and why.  Are you trying to overcome some sort of PaaS constraint or are you avoiding some type of cumbersome data migration effort? The technologies that exist for extending enterprise networks into the public cloud are starting to provide a lot of flexibility here and as the major vendors provide tooling and reference architectures for using IaaS and PaaS together I think we’ll see more and more of these hybrid architectures in practice. At a minimum, the hybrid solutions will be around for the next few years as interim steps to purely managed PaaS solutions or compliance constrained workloads.

This entry was posted in Cloud Computing, IaaS, PaaS, Windows Azure. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s