Technology Transformation
Public cloud has delivered elastic computing to enterprises by offering on-demand resources to accommodate the burst computing needs. The ultimate business goal is to become the
outsourcing party that powers the enterprise backend virtual datacenters. Unfortunately, this promise has not yet been successful. Although many cloud service providers offer various IaaS and PaaS solutions at attractive price and performance levels, the reality is that they operate as segregated Cloud Islands. The challenge enterprises face is how to federate those distributed cloud islands with their corporate computing environments together as a unified infrastructure. To efficiently and easily deploy applications in the cloud, it is imperative to have a single control layer spanning multiple cloud islands that shields applications from the infrastructure
complexity below.
THE INFRASTRUCTURE COMPLEXITY BELOW
The complexity below comes from the disparate infrastructure implementations in each cloud island. Each cloud island is designed and managed by an independent IT administration enforcing its own security policies over its network infrastructure. Security policies in datacenters or corporate environments naturally block federation since these policies are deliberately protecting against external traffic by design to begin with. These policies in most enterprises are considered sacred and too risky to tamper with for good reasons. For example, in enterprises with intensive legacy infrastructure it is difficult to track down all impacts of a change to security policies, making it risky for an IT administrator to approve any change. Additionally, compute and network virtualization technologies inside one Cloud Island are not designed to support federation with another Cloud Island managed by a different IT
administrator. Therefore, creating a single control layer across cloud islands without changing
infrastructure or compromising security policies is beyond the scope of conventional virtualization technology.
The missing piece in the cloud solutions today is a unified hybrid infrastructure that spans across multiple cloud islands - a single pane of glass that lets enterprise control and manage everything including computing, security, network, data transport and protection across on-premise
datacenters, private and public clouds. The hybrid infrastructure solution, most importantly, should decouple from the cloud islands below and does not need to make change to any of the underlying infrastructures.
THE STATE OF VIRTUALIZATION TECHNOLOGY
Virtualization technology has made great advancements in the recent decade, chronologically from server virtualization, to IO virtualization, and to the most recent network virtualization. These technologies have significantly improved operational efficiencies in pubic cloud
datacenters by virtualizing the lower level stacks. However, these technologies are limited to a confined domain, such as a public cloud datacenter, that is managed by a single IT
administration. These technologies do not enable a unified hybrid infrastructure that extends
across cloud islands managed by multiple IT administration parties.
THE NEW ERA OF VIRTUALIZATION – INFRASTRUCTURE VIRTUALIZATION
The solution is to virtualize the infrastructure. Virtual Hybrid Infrastructure (VHI) is the secure virtual layer that abstracts the network, computing, security and management in a hybrid computing environment and presents it to the applications above as a single programmable layer. This virtual layer, by definition, overlays and connects multiple cloud islands.
Just as network virtualization within a datacenter decouples workloads from the physical network underneath, the VHI decouples workloads from the disparate infrastructure
requirements for security, connectivity, and federation on the top.
The Benefits of Infrastructure Decoupling
As described earlier, the VHI abstracts segregated cloud islands and adds a cloud network, security, and management layer on top of the infrastructure. It uses the physical resources in the lower layers of the infrastructure, without re-engineering them, and intelligently provisions the virtual resources in the virtual layer. This has several far reaching benefits.
VHI significantly reduces IT overhead in building new infrastructures that work on top of
legacy enterprise infrastructure and most cloud service provider environments. VHI promotes zero touch to any of the legacy infrastructure therefore reducing costs.
VHI enables high reproducibility by decoupling the virtual infrastructure design from the
lower level physical resources. Similar to the concept of virtual machine in a file, VHI is defined completely in software. Therefore, the infrastructure implementation based on VHI can be reproduced very easily. IT administrators can swap the lower level components in and out without impacting the applications and policies running on top of a VHI
implementation.
VHI allows independence with lower cost when enterprises federate with public cloud.
THE END OF KLUDGING LEGACY INFRASTRUCTURE
Market research indicates that for every $1 invested in new infrastructure, $8 is spent
maintaining legacy infrastructure. All global enterprises have their corporate network, security,
and computing environments customized specifically to suit their business applications over time. It is very difficult and with high costs to modify or change any part of the configuration to facilitate connection to the public cloud without impacting on-going operations. Enterprises in such a predicament should consider infrastructure virtualization technology to build their hybrid cloud – to use the existing infrastructure without changing it, by implementing the new
requirements in the virtual layer. VHI does not need to touch the network, firewalls, or even
hypervisors in the existing enterprise infrastructure. It does not require a VPN to connect to the cloud datacenter either. It is software that operates on the edge of the network and in the OS of the servers that are provisioned in this virtual infrastructure. VHI is deployed as an add-on layer in the hybrid environment offering a new set of services for network, security, and management using legacy infrastructure. Enterprise IT investment into a hybrid cloud is best spent on building
a VHI rather than on modifying existing infrastructure to connect to the public cloud.
without interfering the lower level implementation and controls owned by the cloud service provider under the cloud. This model achieves the ‘separation of duties’ for control between the enterprise and the cloud administrations in a hybrid cloud environment.
Virtual Services
VHI enables tremendous opportunities to simplify cloud infrastructure deployments and application provisioning and paves the path for new infrastructure service offerings for cloud operations. VHI allows enterprise to control cloud infrastructure provisioning, security, and operations in the virtualization layer with consistent policies across the hybrid deployment, decoupled from the public cloud datacenter implementation as well as the enterprise on premise infrastructures. This virtualization layer significantly reduces the effort required to deploy new services that are closely coupled with the cloud infrastructure.
infrastructure are distributed amongst many tools and components, VHI aggregates provisioning and control to a central point with a single pane of glass for management. VHI can also apply to the same effect even in single administration environments like the enterprise datacenter, which have grown complex over time and have many control and provisioning points.
Self-Service Virtual Hybrid Infrastructure
Since VHI operates as an overlay fabric on top of the enterprise and cloud datacenter infrastructures and does not require the IT administration’s constant attention, it enables corporate IT to offer a self-service operation model to business lines within the enterprise. The business line IT can easily provision the virtual resources in a VHI implementation to support their applications running in the hybrid environment and completely ignore the under layer complexity.
VHI can be implemented on Zentera Cloud Federation Platform™ running in a gateway appliance. A virtual appliance powered by Zentera can be deployed on premise or in the cloud
automatically via an online web service. The VHI implementation, being decoupled from the underlying physical infrastructure, can be operated and controlled like an app by the user. A single appliance can deploy VHI to cover a hybrid deployment end-to-end across multiple cloud datacenters and enterprise sites worldwide.