This talk was presented on DevOps.com 21-July-2016
Handling The Realities of Hybrid Cloud
Mark Nunnikhoven Vice President, Cloud Research @marknca
How do you manage 2+ environments?
Use existing, slower processes?
How hard do you fight to break silos?
Tools for each environment?
Challenges
Data Center Cloud
Data Center Cloud
Data Center Cloud
Data Center Cloud
Data Center Cloud
Data Center Cloud
High level of rigour
Primarily manual5—7 year lifecycle
Silo-based workflow
Data Center
Code enforces process
Highly automated
On-demand resources
Collaborative workflow
Cloud
Data Center Cloud
Data Center
Network
VirtualizationOS
DB
App
Security
Data Center Workflow
Data Center Workflow
Unique process
Specific delivery timelinesWork queue
Individual tooling
Cloud
OS
Security
Cloud Workflow
Network Virtualization DB Security
API
AppOrchestration
Cloud Workflow
Accessible via API or orchestration
On-demand delivery
Common tooling
The Journey
Breaking Silos - Excuses
Can’t automate/provide self-serviceNo time/too much work
Too many conflicts
ITIL
Unifying Processes
Self-service is critical
Break timeline linkages
Solution isolation
Automate rigour
Operations
Visibility/mapping across environments
Same tooling for troubleshooting
Unified logging & analysis
Access at similar levels in similar ways
Capable of scale (size & time)
Security
Visibility across environments
Controls independent of environment
Unified logging & analysis
Capable of scale (size & time)Clear responsibilities & ownership
Tactics
Data Center Cloud
Data Center Cloud
Push cloud tools into the data center
Tooling
Start with orchestration tools
Automate DC infrastructure, pre-provision if can’t be automated
Unified logging & asset mapping
Consistent security controls
Data Center Cloud
Clearly define operational & security responsibilities
Responsibilities
Clearly defined
Well understood SLA
Include external providers
Data Center Cloud
Cloud first process, exceptions for DC
Process
Design for cloud environment, make exceptions as small as possible
Expect pushback, be empathetic
Consistently is crucial
Data Center Cloud
Security as a unified layer
Security
Controls need to integrate with CSP
Traditional perimeter is gone
Applied as close as possible to data/workload
Unified controls between environments
Goals
Aim for one set of processes
Push cloud tools to DC
Security as a unified layer
Remember, this is hard. You’re not going to get it right the 1st time
Work together, iterate quickly
Questions?
Reach me on Twitter @marknca
Learn more at devops.com
Learn more about cloud security at; trendmicro.com/awstrendmicro.com/azure
Top Related