If you are a geek like me then you find yourself perusing various articles about the magic and wonders of Cloud Computing. Potentially, your company has been exploring the value of advancing most or all of your on-premise services to the cloud. You might realize the cloud is ubiquitous but moving to the unfamiliar can cause hesitation in taking advantage of moving your systems to a cloud architecture.
Here are the top three areas to understand when assessing the feasibility of cloud infrastructure.
Security is YOUR company’s responsibility. Cloud providers will allow you the freedom to do how you want to implement your remote authentication process. Review your security policies thoroughly and improve if you need to. Work closely with your clients and compliance officer to design secured access between your local network and your cloud resources.
Choose certificate-based and use multi-factor authentication. Avoid using self-signed certificates and use the most secured hashing algorithm for encrypting traffic. VPN connections to the cloud must at least run on IKEv2 with SHA256. Consider implementing SDWAN. Just be mindful of the disadvantages of using proprietary protocols over open standard ones.
If you don’t have a dedicated manpower resource to manage your security, you’ll need to get one. Your cloud security will be as weak as your technical knowledge resource.
Cloud cost is very dynamic. Understanding the revenue model the cloud providers do will surely help you make the best decision. One cloud provider can give you cheaper compute costs but kill you on your VPN traffic utilization costs. When selecting a cloud provider, understand what your usage behaviors are. Are you going to require low compute resources but heavy VPN sessions? Have you studied all alternatives on the services you will use?
You can either end up underutilizing a resource or underestimating your cost. You don’t want to end up spending more than what you need or end up paying more than your projected costs.
A well thought of Cost-Benefit Analysis also needs to be in place. Don’t forget the second-word “Benefit.” Each company values cloud services differently, so value the benefits for your needs accurately, and you should be good.
There are several options to minimize cost over the cloud. Edge computing, Serverless computing, Function-as-a-Service, Platform-as-a-Service, Hosted Kubernetes Services are some of the options that could be a cheaper option over a dedicated self-managed Virtual Machine. Of course, your applications may need to be rewritten to run efficiently over these different computing frameworks.
We have recently completed the development and testing of a Chrome Extension for social media platforms. We decided to run their application using Python over a self-managed Kubernetes Cluster. Microservices architecture using the Python-Flask framework and a socket connection to the clustered master-master MariaDB in order to optimize response time and handle more concurrent API requests was in place as well.
These allowed us to minimize our initial cost with better response time, we have tested one node with three pods to handle about 20,000 transactions in 15minutes. We can easily scale up by adding master to our database cluster, adding nodes and pods to the Kubernetes cluster seamlessly. Removing the TCP/IP stack on the database connection has added about 30% of transactions to the application.
3. Managing Change.
One of the most difficult tasks during cloud migration is managing the paradigm shift on all levels. Applications may need to be re-written, additional network routing protocols may need to be in place, additional firewall configurations, additional licenses to manage, a new authentication process, and tons of other things.
Internet provider latency and capacity might take precedence over other things in terms of priority. Review your services and make an educated decision on making them resilient, efficient, and secure.
CI/CD tools like Jenkins, Terraform, Github Actions may need to be added to your existing application release process to allow for release automation and better version management. In another recent project of ours, an automation tool for a global childcare brand, we are introducing the use of Jenkins, GitHub Action, and Terraform to automate code release to the production environment.
Plan your migration carefully. Start with services that are non-critical and move the others by phases. This is where the Hybrid Cloud could become very handy. You don't need to tear down your existing on-premise infrastructure.
Do you have hesitations and fears about going to the cloud? We don’t believe that one size fits all in cloud migration. We can help you on your journey to the cloud.
Stay tuned for more technical deep-dive discussions on this space.
About the Author
Jojo Baldeo has been working on private clouds since 2007. He has helped companies run their private and hybrid cloud efficiently and securely. Limitless team has technical capabilities to implement and maintain microservices infrastructure, Kubernetes cluster, database cluster, and secure applications on the cloud.