By Hao Shuwei
Flexera's 2021 State of the Cloud Report pointed out that 92% of large enterprises adopt hybrid cloud strategies. Gartner also said in a report that 90% of large and medium-sized enterprises will use hybrid cloud architecture to manage infrastructure in the future.
Over the years, the rapid development and launching of cloud computing technology have caused more enterprises to use cloud computing to digitalize their businesses to better adapt to market changes and obtain more market share. A large number of enterprises deploy their businesses on the cloud in the hope of reducing the costs of technology development and O&M and enjoying instant services anytime and anywhere. Some enterprises build private cloud platforms in their internal data center environments to ensure data sovereignty and security. Enterprises with needs for public and private clouds can build hybrid cloud architecture.
Risks may occur if enterprises, especially large ones, entrust the key lifeline businesses to an external cloud service provider. Public cloud service providers usually provide secure and reliable redundancy solutions to ensure the service continuity of enterprises, but unexpected events occur occasionally. Hybrid cloud enables enterprise users to select and switch between solutions A and B, maximizing their business stability.
Some laws and regulations or the security policies of companies have mandatory requirements for the location where enterprises store their data. For example, the General Data Protection Regulation (GDRP) of the European Union exerts digital regulatory measures on data controllers and processors. Some corporate policies require that data can only reside in designated locations to ensure data privacy and security. Hybrid cloud architecture can help enterprise users meet this kind of demand.
The quality of service provided by the local cloud and public cloud service providers differ. These differences are reflected in all aspects, depending on the needs and considerations of the users. Let's take the difference in regional coverage as an example. Enterprise users usually provide services in the local cloud. However, if the service provided by a cloud service provider has lower access latency in a specific region, the enterprise user has important customers in this region, and high requirements for access latency is needed. They can deploy their services in this region in the public cloud and other services in the local cloud.
The local cloud lacks flexible scaling capabilities in infrastructure and cannot reasonably arrange basic computing resources according to needs during peak and trough periods. This increases resource waste and cost. The public cloud offers flexible and agile services and supports on-demand scaling, making up for the disadvantage of the local cloud.
Cloud service providers can provide corresponding cloud services for the innovation and evolution of cutting-edge technologies, such as artificial intelligence, machine learning, and the Internet of Things. Enterprise users can use these cloud services at a lower cost to promote technological innovation and development. Hybrid cloud architecture allows enterprises to adopt the best cloud services anytime and anywhere.
The public cloud and the local cloud are different in infrastructures, capabilities, and API interfaces. Building hybrid cloud architecture requires cloud service providers to work hard to adapt to and integrate with cloud platforms. Besides, users cannot switch cloud service providers based on their demands in this architecture, which is another form of binding. Various shortcomings of traditional hybrid clouds have prevented this cloud architecture from forming a standardized ecosystem. This also explains why we have been unable to build unified management and delivery for this cloud architecture.
The emergence of Kubernetes marks the 2.0 era of hybrid cloud architecture. Multiple features of Kubernetes and the associated ecosystem provide the possibility for the standardization of hybrid clouds:
In the cloud-native era, cloud-native technologies represented by Kubernetes have driven the advent of application-centric hybrid cloud architectures. Kubernetes has become the base of multi-cluster management for enterprises.
Users can build business architecture with high availability at a low cost from the dimensions of infrastructure services and the Kubernetes container platform. However, businesses that require higher disaster recovery capabilities need regional disaster recovery capabilities such as active geo-redundancy.
Users can build multiple clusters in different regions of a single cloud service provider or build multiple clusters in different regions of offline IDCs and online cloud vendors to deploy the active geo-redundancy of business applications. The following figure shows the Active-Active deployment of container clusters in IDC and on the public cloud in a hybrid cloud scenario. In the active geo-redundancy architecture, the business load of an application is deployed on multiple clusters at the same time. A global DNS service is used to forward the requests to the corresponding backend clusters. If one of the clusters fails and cannot process requests, the DNS service automatically processes and forwards requests only to healthy clusters.
Service visitors are widely distributed for enterprise users that develop international businesses. Poor network experiences in other regions may be brought about if the server is deployed in a specific region.
In this scenario, you can deploy clusters in multiple regions and forward user requests to the nearest cluster using intelligent DNS. Thus, network latency is minimized. For example, in the following figure, an application service is deployed in Kubernetes clusters in Beijing, Chengdu, and Hong Kong. User requests from the North China regions are parsed and forwarded to the Kubernetes cluster in Beijing, users from the Southwest China regions go to the Kubernetes cluster in Chengdu, and users from overseas go to the Kubernetes cluster in Hong Kong. This minimizes network latency caused by distance and brings consistent service experiences to users in different regions.
Typically, faults can be isolated easier in multiple small-scale clusters rather than in one large-scale cluster. Clusters may be unable to process requests due to disk and network faults. You can confine and isolate faults in a certain cluster to avoid chain reactions by using multiple clusters.
Isolation is usually needed for different businesses. Kubernetes provides the namespace mechanism to realize security isolation, but the isolation is the only logical soft isolation. Different namespaces can still communicate with each other on the network and compete for resources. Further configurations on network isolation policies and resource limits are required.
You can physically implement complete business isolation by deploying different businesses in different Kubernetes clusters. The security and reliability of such deployment is higher than the isolation using namespaces. For example, you can deploy independent clusters for different departments in an enterprise and use multiple clusters to deploy development, test, and production environments separately.
Migration to the cloud is the trend of the times. However, enterprises may use hybrid cloud architecture to ensure control over data and data security. Some enterprises use hybrid cloud and multi-cluster architectures to ensure data sovereignty, reduce costs, and increase regional coverage. Hybrid cloud and multi-cluster architectures have become the new normal for enterprises to migrate to the cloud.
Hao Shuwei, Technical Expert of Alibaba Cloud Container Service and a core member of the Cloud-Native Distributed Cloud Team, focuses on the research of cloud-native technologies, such as unified management and scheduling in cloud-native multi-cluster scenarios, hybrid clusters, and application delivery and migration.
Click this link to learn about the User Guide for Hybrid Cloud Clusters of Alibaba Cloud Container Service for Kubernetes (ACK)
Istio-Based Exploration and the Practice of the Comprehensive-Procedure Canary Solution
Cloud Future, New Possibilities – Green, Ubiquitous, Trusted Computing
489 posts | 48 followers
FollowAlibaba Cloud Community - April 8, 2022
Alibaba Cloud Community - May 16, 2022
Alibaba Developer - May 21, 2021
Alibaba Clouder - July 15, 2020
Alipay Technology - November 6, 2019
Hologres - July 13, 2021
489 posts | 48 followers
Follow
Bastionhost
A unified, efficient, and secure platform that provides cloud-based O&M, access control, and operation audit.
Learn More
Managed Service for Grafana
Managed Service for Grafana displays a large amount of data in real time to provide an overview of business and O&M monitoring.
Learn More
Hybrid Cloud Solution
Highly reliable and secure deployment solutions for enterprises to fully experience the unique benefits of the hybrid cloud
Learn More
Hybrid Cloud Storage
A cost-effective, efficient and easy-to-manage hybrid cloud storage solution.
Learn MoreMore Posts by Alibaba Cloud Native Community
