Private cloud. Hyperconverged infrastructure. Multicloud. Software-defined networking. The diversity and agility of cloud architecture allows organizations to deliver more business results. Innovation in cloud architecture means it’s a challenge for IT leaders to stay on top of the latest developments. For a quick update and to come up-to-speed on changes in cloud architecture, we talked to David Hines, VP of Architecture and Engineering at TierPoint, about what’s new with:
- Cloud architecture
- Private clouds and hyperconverged infrastructure (HCI) architecture
- Multitenant and public cloud architecture
- Multicloud and hybrid cloud architecture
- Disaster Recovery as a Service (DRaaS) architecture
- Cloud security architecture
- Networking architecture
What is cloud architecture?
Interviewer: In this series, we’ll explore cloud architecture. To start, what is cloud architecture?
David: The Cloud is really the abstraction of traditional physical servers as software objects within a large distributed compute environment. Cloud architecture often is used to describe a utility compute model – that is, computing resources are charged based on a customer’s usage – like electricity, gas, water, and other metered services. Utility computing started with timeshares on mainframes when computers were expensive. When prices dropped, businesses chose individual systems – PCs and servers. Individual systems are great for isolation and customization, but not an efficient use of compute and storage, and power and cooling. Cloud architectures are also at their base level an abstraction of computer operating systems and applications that can co-exist as independent entities within a distributed compute ecosystem. In other words, IT organizations can create an instance of their common IT service systems that look, act and behave like the physical systems they are most familiar with. However, these resources are in fact software constructs using the aggregate computing power of a cloud.
The utility compute model abstracts the underlying systems. That’s good. Business leaders want to run a business – not buy and manage hardware and on-premises data centers (at least they shouldn’t!) So, cloud architecture allows providers – such as AWS, Microsoft Azure, Google and other cloud hosting providers – to give users what they want: processing power, memory, and storage to crunch their numbers, run their applications, and drive their businesses forward – quickly.
Cloud providers build out all the individual compute and storage systems, and layer on their operating systems, control mechanisms, and interfaces – and present the cloud resources to end-users who use the cloud service like a utility to get their work done.
Overall, the cloud architecture is much more efficient. The consumer doesn’t have to procure and maintain physical devices, and resources are well utilized.
Key cloud components
Interviewer: What components make up the cloud?
David: Compute, storage, and network. We need compute to get work done, so that’s the primary component of cloud architecture: processing power. Typically, compute architecture is composed of racks of servers with many, many processors and the memory that goes with it.
Storage is the second component because you need somewhere for data to live – more and more data every day.
The network, the third component, is how data gets from point A to point B. I need a network between myself, the storage where my data lives day to day, and the processors and memory banks for computing – so the data can be transported from place to place. Without a network, you would have to manually compute instructions on a CPU and input them locally at the box.
Each of these components, of course, has many levels of complexity and relationships to other components but at the most basic level, these are the core components of the cloud.
Private cloud and hyperconverged infrastructure (HCI)
Interviewer: What is most compelling about private cloud and hyperconverged infrastructure?
David: Private cloud architecture came about because individual servers weren’t well utilized – but individual servers had advantages, such as isolation and focus on a performance or uptime requirement of a business. Often a hyperscale cloud (or public cloud) can’t meet all the requirements of the business – so businesses build private clouds. Hypervisors from vendors like VMware, Microsoft, and Nutanix let businesses combine servers, networks, and storage systems into a private cloud.
A hosted private cloud delivers better equipment utilization and a less siloed infrastructure – while also helping enterprises meet performance, availability and compliance requirements. It’s called a private cloud because it’s dedicated fully to one enterprise, but otherwise, it’s like a public or hyperscale cloud – the private cloud architecture abstracts the hardware, storage, and network from the consumers, who are presented with a utility model for consumption.
Hyperconverged infrastructure, or HCI, takes that abstraction to another level. HCI does away with the individual, specialized components – and instead uses well-designed, high-density servers and a basic network switch architecture. HCI piles storage disks into the individual servers – and a basic interconnectivity model with a switch stack moves into the server, too.
All the advanced features of hyperconverged infrastructure are software-defined. The software creates resiliency, the performance, and distribution models, where a more typical architecture would use hardware components.
Also read: Hyperconvergence vs. Convergence: Benefits, Differences and Use Cases
Multitenant and public cloud architecture
Interviewer: What is multitenant cloud architecture and is public cloud architecture an extreme multitenant architecture?
David: Multitenant cloud architecture is somewhere midway between a public cloud and a private cloud. An enterprise might build its own multitenant cloud and carve it up so that all organizations within that enterprise can consume it. For comparison, Public cloud server farms are thousands of servers in an individual stamp and hundreds of thousands of servers per region.
Organizations can’t see or access the infrastructure, applications, and data belonging to other organizations in the multitenant cloud – because each organization’s applications and data pools are kept in segregated environments. A multitenant architecture across an enterprise protects private information – human resources, security, and finance, for example. The business may need applications separated for performance or compliance reasons, too.
Multitenant architecture also works for cloud hosting providers. TierPoint provides multitenant cloud services for use by our customers. The multitenant model is like a private cloud for a single customer, but on a larger scale serving many customers, with segmentation and isolation between the tenants. With this model, customers benefit by sharing in the architecture’s high-speed network, redundancies, and fast storage.
This also means that customers don’t need to front the costs for this option like they would with a private cloud.
How multitenant cloud differs from public cloud
Interviewer: How is multitenant cloud architecture different from a public cloud?
David: A public cloud or hyperscaler takes multitenancy to the extreme. Consumers can spin up a resource, consume it for a short time, and spin it down. They are in, and then they are out – like renting a hotel room, they don’t pay for the room when they don’t use it. Hyperscalers tend to be massive in scale – global – much larger than a multitenant architecture.
A public cloud is a more mature software-defined model than multitenancy – and highly engineered. Under the hood, a hyperscale public cloud is CPUs, memory banks, storage systems, and networks – like any other cloud architecture. Typically presented through API or software interfaces, a public cloud allows users to have an atomic choice about what to consume, how it is consumed, and the time in which they consume it.
Multicloud and hybrid cloud architecture
Interviewer: What is hybrid cloud architecture? And why is multicloud architecture becoming so popular?
David: Hybrid cloud environments have been a popular choice for all kinds of businesses. Many businesses depend on on-premises IT infrastructure, such as a mainframe or computing infrastructure in their own data center. But many IT leaders see the advantages of cloud architecture and want to use both. But no one wants to build islands or siloes, so hybrid connectivity links IT infrastructure in the enterprise to IT infrastructure in the cloud. That’s a hybrid architecture: on-premises, plus cloud.
When you put multicloud versus hybrid, multicloud comes out on top. There are many types of clouds – private cloud, multitenant cloud, hyperscale public clouds – and many businesses depend on all three, plus on-premises infrastructure such as mid-range and mainframe systems. Each type of cloud has different strengths. An enterprise might use AWS for a mobile platform, Azure for enterprise IT desktops and Azure Active Directory, a mainframe in an enterprise data center, and a data center service provider like TierPoint for colocation (colo).
Multicloud architecture interconnects these clouds and other IT environments and brings them together in a single IT ecosystem. The goal is to make a multicloud architecture seem like a single entity, so users won’t be inconvenienced – and so IT can manage it, secure it and work with it over time in an agile/dynamic way.
Disaster Recovery as a Service (DRaaS) architecture
Interviewer: How do cloud architecture and DRaaS fit together?
David: DRaaS, or Disaster Recovery as a Service, is a key component of any business. Fire, storm, and theft all require a recovery plan – and always have, even before computers. DRaaS providers help companies with their disaster recovery plans, and there’s no need to buy all the standby equipment, set up a physical recovery site and then have it sit unused. A million dollars of duplicate equipment is expensive insurance – and no longer necessary.
Recovery is now moving to the cloud, or multiple clouds, and gets abstracted by utility computing providers offering DRaaS solutions. A vendor can protect hundreds or thousands of customers – and achieves economies of scale, which brings down the cost for everyone. The customer doesn’t get hit by a large investment upfront – until they need to failover, and often for only a short time.
Another benefit of DRaaS architecture is the expertise of the DRaaS vendor. Even mature IT shops often don’t fully understand how their applications are interdependent and how to be successful in moving the apps from one place to the other – so the Disaster Recovery as a Service provider acts as a trusted adviser for the organization establishing a DR plan. As a DRaaS provider, TierPoint has deep expertise and a skilled team to help our customers build successful recovery plans.
Cloud security architecture
Interviewer: Many businesses are concerned about cloud security architecture. How can a business protect a cloud infrastructure?
David: Cloud security architecture is an interesting topic because security architecture has changed so much. Compute, data, systems, and networks all used to live within a data center on-premises – with physical security controls. The physical security architecture was well understood, but now security architecture is abstracted. With multicloud and globally distributed systems, IT must be able to manage the ingress and egress of data from components in a multicloud architecture – a huge challenge.
- Instead of security at the edge of a network with firewalls, security is happening at each endpoint – users, servers, applications, and databases, for example. Endpoint security watches for intrusion, vulnerabilities and malware.
- Encryption is protecting data, no matter where it is or what network its traversing.
- SIEM, security incident and event management systems, look at metadata – and use AI and machine learning to identify abnormal behavior.
Cloud security providers like TierPoint can help. With the visibility, AI and machine learning of SIEM, more than security can be improved. Confidentiality, integrity, availability of data (the CIA triad) can all be improved, too.
Networking architecture
Interviewer: How is networking architecture changing?
David: As clouds evolved, there was a lot of physicalities involved in networking. Cables were run from point A to point B, with ports on a switch, ports on a firewall, and ports on a router. With network architecture, we typically think in terms of LANs and WANs (L2 and L3 networks). But now there’s multicloud – getting data to and from cloud systems that aren’t on the native/in-house built enterprise LAN or WAN.
As well, physical networks can’t keep up with the business agility enabled by clouds, so now we’re seeing a move to software-defined network (SDN) architecture, which is a step past network function virtualization (NFV) and gives networks even more flexibility.
Network function virtualization replaced physical switches, physical routers, and cables with cloud resources. NFV virtualizes the physical components but NFV still requires stitching of the individual components together via L2 and L3 networks (be they physical or virtual).
Software-defined networking (SDN) lets us define entire network stacks and control the flow of bits. Network architecture is no longer bound by the traditional models of a switch or a firewall or load balancer or router as individual components. We can now emulate many if not all those functions inside a software-defined network stack without instantiating any individual physical or virtual device (element). The benefits of specialized or custom hardware have shifted to rapidly evolving and updating software-defined constructs
Infrastructure as code is moving beyond simple network function virtualization. As an innovative network provider, TierPoint is building a networking platform that can be consumed as a software-defined network stack, reducing the cost of operations and delivering faster results for our customers. It started with how we connect customers from data center to data center, and then from data center to public cloud or hyperscaler, and now into the data center, enabling our colo customers to use a single link dynamically.
A series on cloud architecture
In the coming months, we’ll dive deeper into each of these topics. Interested in learning the basics of cloud computing? Read our Strategic Guide to Cloud Computing: from Virtualization to Digital Transformation.
Are you ready to discuss your approach to cloud architecture? Contact us today.