Maintaining a well-performing cloud architecture is a challenge for customers to migrate businesses to the cloud, use cloud resources, and manage cloud resources. Stability, security, performance, and cost management are the most common and important factors in building cloud applications. Based on years of experience in serving customers in different industries, Alibaba Cloud has summarized the best practices of Alibaba Cloud architecture design into a series of methodologies and design principles to build Alibaba Cloud Well-Architected Framework. It helps you build well-performing cloud architectures. For more information, see Alibaba Cloud Well-Architected Framework.
The design guidelines expand Alibaba Cloud Well-Architected Framework into four architectures that cover dozens of cloud networks in different scenarios:
Data center networks: Design networking services and architectures related to virtual private clouds (VPCs), including single-VPC networks and intra-region multi-VPC networks. Based on such design, east-west traffic in the cloud is well protected and enterprise businesses use the same Internet ingress and egress.
Application delivery networks: Design networking services and architectures related to the delivery of Layer 4 and Layer 7 applications. For example, use Server Load Balancer (SLB) to build an application delivery network that contains Elastic Compute Service (ECS) and Container Service for Kubernetes (ACK), use data center servers to build an application delivery network, and use Global Accelerator (GA) to accelerate access to wide-area networks (WANs).
Global networks: Design networking services and architectures related to inter-region networks or hybrid-cloud networks, including multi-cloud or hybrid-cloud networks built by using Express Connect circuits, inter-region cloud networks, and networks between branch offices and cloud resources by using IPsec-VPN connections or SD-WAN technologies.
Intelligence O&M for cloud networks: Integrate services with Network Intelligence Service (NIS) and CloudMonitor to quickly identify and fix network issues based on alerting, inspection, and observation mechanisms. These services can protect your networks against potential risks and improve network performance.
To meet customer requirements for the preceding network frameworks, Alibaba Cloud designed the following key benefits and best practices based on the pillars of Alibaba Cloud Well-Architected Framework:
Stability: Stability is a key factor to designing a well-performing cloud network. Enterprises use cloud networks to access cloud resources and provide services. If the cloud network is not stable, service interruptions may occur and cause adverse impacts. For such enterprises, the stability of cloud networks determines user experience. Reducing the impacts caused by the failure of a single network component is a key factor in maintaining stability for businesses.
Security and compliance: Security is one of the benefits of public clouds. Network attacks, such as DDoS attacks and intrusions, can compromise sensitive data of enterprises. Security is a mandatory requirement for cloud networks to eliminate data leaks and abuse. Some industries or regions have strict data protection laws and regulations. Enterprises must meet network security requirements and compliance requirements.
Excellent performance and scalability: Performance and scalability are important advantages of public clouds. Applications and services of enterprises often experience traffic spikes and flats. Scalable networks can automatically scale in and scale out resources based on traffic volumes to ensure service quality. The performance and scalability of a network are critical influential factors to service continuity.
Operations excellence (observability): Compared with traditional IT architectures, services and features in cloud environments are more complex and abstract. Traditionally, parameters and underlying resources are manually configured. As the number of parameters and influential factors rapidly increases, automation tools are required to assist in making decisions and designing observable networks.
Operations excellence (custom services): Help enterprises to implement features such as infrastructure as code (IaC), automatic O&M, and automatic configurations.