Is Multicloud Ready to Become the Cornerstone of DevOps?
Today’s IT reality is distributed and heterogeneous, from the applications to the infrastructure they run on. Organizations are navigating how to deliver apps across any combination of data centers, public clouds and to the edge without compromising reliability, security or performance.
They are trying to answer such questions as: what’s the best way to speed up business innovation? How can we deliver apps and services faster to improve the customer experience? Is it possible to maximize cloud advantages while avoiding the tradeoffs of the past that slowed deployments down?
Multicloud adoption is indeed accelerating, but so are the associated challenges of extending operations beyond a data center or a single cloud service provider. Nearly 78% of 1,200 respondents in a survey sponsored by Canonical, the company behind Ubuntu, reported their organization had at least one hybrid or multicloud use case in production.
This number is likely higher than reported when teams consider software-as-a-service (SaaS) or third-party managed services — those beyond what they directly manage themselves, Canonical reported. However, the DevOps team members who were surveyed identified new challenges with managing the sprawl of diverse bare metal, virtual machine and Kubernetes technologies.
Learning to effectively manage the operations in this context is a key challenge. Organizations are consequently seeking to improve automation through application rather than configuration management, according to the study.
All told, 30% of the respondents said trying out operators is on their organization’s “to-do list,” with 17% experimenting with them, and 14% using them in production, the study said.
This article explores the broader influence of the growing multicloud trend on DevOps teams, as organizations lay the groundwork for an evolving approach to app delivery and DevOps in general.
Getting Started with Multicloud
While multicloud computing will become increasingly essential for DevOps success, it is important not to become so dazzled by its potential that we miss the big picture. There is always the possibility of error by moving too fast.
Better to remain focused on how multicloud will not only improve operations, but also meet specific business goals. The use and adoption of multicloud environments must offer tangible benefits in terms of business, output and productivity, “to make sure we don’t lose track of what we’re trying to do in the first place,” said Edward Hieatt, senior vice president of VMware Tanzu.
“If you take the app-modernization conversation, I’m the kind of person who says ‘Hey, don’t just take the shortcut because you’re too frustrated and just lift and shift, but actually pay attention to the different dimensions of consideration for ROI and have a disciplined approach — and make progress quickly,’” Hieatt said.
“It’s an evolving art towards how to make it possible to embrace multicloud.”
What DevOps teams should not do when expanding operations to multicloud environments is needlessly introduce complexities that might, for example, hinder application delivery or limit the user experience. The challenge is even greater as organizations seek to deliver apps and services across different types of network infrastructures and across multicloud environments.
“Along with the advantages of multicloud come challenges: your enterprise architecture is way more distributed and your workloads are way more diverse and cloud native,” with more apps deployed in edge environments, said VMware CEO Raghu Raghuram during October’s VMworld, the company’s annual user conference.
“You’re running on different clouds — but each one of them has its own siloed tools and systems, which makes it even more difficult to manage, connect and secure these applications running on that,” Raghuram said.
Indeed, whether an organization’s application delivery for multicloud environments is viable or not “must be viewed through the lens of what enables and optimizes the business,” said Amir Khan, chairman of the board, CEO and founder of Alkira, a multicloud network-as-a-service (NaaS) provider.
Large organizations might rely on different clouds for their product lines. But, Khan noted, that “doesn’t mean the same application is running across multiple clouds, even though the organization is still multicloud.” In such situations, the cloud choices need to be carefully matched to the particular needs of specific apps and the teams that support them.
“To enable further growth and simplicity, products need to offer more value with less work required from the customer,” Khan said. “This is why ‘as-a-service’ offerings are doing so well in the current landscape.”
Kubernetes and Multicloud
Most organizations (nearly 46%, according to the Canonical survey) do not use the container orchestrator Kubernetes in production yet. However, use cases have begun to emerge in which DevOps teams are starting to take advantage of Kubernetes distributed architecture to better manage multicloud operations.
The use of service mesh, such as open source Linkerd, with Kubernetes can support “sophisticated multicloud infrastructure,” said William Morgan, CEO and co-founder of Buoyant and creator of Linkerd.
“With Kubernetes as a ‘portability layer’ between clouds, and with Linkerd as a cross-cluster traffic routing mechanism that’s able to transparently span clouds and on-premises environments, the basic mechanics are in place,” Morgan said. “While I wouldn’t call it easy, it is certainly easier today than it’s ever been for multiclouds.”
With VMware’s Tanzu for Kubernetes, for example, it is possible to select on-premises deployments in parallel with multiple clouds, said Bryan Kelly, software engineer at healthcare IT services provider Cerner and a member of the VMware Tanzu Vanguards, which consist of active customers, cloud users, and practitioners in the DevOps community.
“We’re doing work in disparate geopolitical regions, and because of contractual obligations for certain locations, and some customers require a data center instead of cloud operations,” Kelly said. “So, when it comes to Tanzu, there is no problem — we just run Tanzu on vSphere on-premises instead of on the cloud.”
Despite multicloud’s advantages, it remains a work in progress — especially in Kubernetes environments.
“While Kubernetes and Linkerd can solve a huge set of challenges when it comes to multicloud, the fact remains that managing infrastructure in multiple places is harder than managing it in just one,” Morgan said. “Entering the multicloud world requires facing this fact head-on, and seeking to minimize the cost while still accepting it will always be there.”
Serving DevOps Working at the Edge
Companies that serve DevOps teams are beginning to think about how best to meet those teams’ requirements as their work expands to multicloud environments.
For instance, VMware, a leader in the Kubernetes platform space that has publicly tied its future to serving multicloud customers, recently introduced VMware Edge as a way to help streamline deployment strategies and the management of edge deployments across multiple clouds — and locations.
Consisting of a virtual machine and container-based stack, VMware Edge offers DevOps teams the ability to manage and secure edge-native apps at the far edge (VMware defines “far edge” as devices and data that are located on the customer’s premises).
“This stack can accommodate real-time workloads all the way down to the microseconds that you would need in the base station of a cell site, but it can also run in the context of a single domain or a single enterprise across tens of thousands to hundreds of thousands of locations,” said Sanjay Uppal, senior vice president and general manager for VMware’s service provider and edge departments, at VMworld.
VMware Edge is but one manifestation of VMware’s aim to abstract the complexities of multicloud management.
“The thing that we’re laying out at VMware now is that, in fact, you shouldn’t have to care which cloud companies are on,” Hieatt said. “But it does take tooling and products, which we’ve built in the portfolio to do that.”
“If you have that system defined — and we’re all playing by those rules of what the abstraction level is — it is possible to abstract away which cloud you’re on.”
While DevOps operations teams will obviously need to lay the groundwork for multicloud infrastructure, developers should ideally not be concerned about whether their apps are deployed in multicloud environments, or even whether they will run in containerized or Kubernetes environments.
“The developer definitely shouldn’t care what Kubernetes flavor they’re using with respect to a multicloud system when moving applications into production — this may actually help to clarify where the abstraction should sit,” Hieatt said.
“So, I actually sometimes see the relief on their faces. It’s like, ‘Oh, OK, we can now claim that that abstraction should be at least above that layer, right?’”
Meeting the Skills Gap Challenge
Multicloud can improve application delivery reach — by meeting the needs of localized and dispersed edge use cases, for example — but what it should not do is slow down the development cycle. Meeting rapid deployment cadences for multicloud environments, for example, requires additional in-house expertise and automation than traditional production pipelines need.
One way to help reduce the skills needed for multicloud infrastructure deployments is by investing in infrastructure-as-code (IaC) tooling, said Rich Lane, chief strategy officer at Netenrich, a digital transformation and security operations company in San Jose, Calif.
“This is the only way to handle the complexities of multiple cloud providers, given they all have their own taxonomy of management and deployment,” Lane said. “A DevOps team does not want to be hamstrung by having to take manual actions for scaling when automation is readily available.”
Keeping Apps Secure in Multicloud
Security, always a threat for any environment, is especially challenging when operations are extended across multiple clouds, said Douglas Murray, CEO at Valtix, a provider of cloud native network security services in Santa Clara, Calif.
“Historically, one of the biggest obstacles to multicloud has been security,” Murray said. “Each cloud has a proprietary security stack, and organizations are ill-equipped to handle the learning curve required of each.”
“To achieve the promise of multicloud, organizations need solutions that can abstract critical security functions like firewall, intrusion prevention and traffic monitoring across each cloud into a single policy plane.”
September’s Amazon Web Services (AWS) outage incident, for example, showed how customers that depended on AWS as their sole cloud provider could have avoided service disruptions, in theory, had they mitigated their risk by extending their operations across multiclouds.
However, in practice, massive customer outages still occurred among large companies with a multicloud presence, such as Netflix. If anything, such recent high-profile outages and the wider security-attack vectors that multiple clouds represent, show how “companies don’t have a firm handle on the complexities of their own applications,” said Archie Agarwal, founder and CEO at security tool provider ThreatModeler.
“It is very rare that one person or team understands the threat landscape of the entire application, system or appliance across multicloud environments,” Agarwal said. “Organizations need to better understand how their systems work and what type of threats the architecture may be prone to.
Security should thus “shift left” and begin at the very beginning of the development process.
“It is far more challenging and resource-intensive to re-engineer security after the fact than it is to weave it into the design and build from the start.”
Still, despite the associated challenges, the long-term prospects that multicloud offers organizations are promising. Already, it is possible to maximize multicloud advantages while avoiding the tradeoffs that slowed down DevOps teams in the past, Murray said.
“When organizations shift to a cloud-first perspective, they can achieve multicloud agility by leveraging a wide range of cloud native platforms for security, operations and other functions,” Murray said. “Business agility decreases, and costs go up when organizations stick with legacy data center tools forklifted to the cloud.”