Most large, complex organizations, firms and business models will likely use a ‘hybrid cloud’ model. Smaller firms can use a ‘public cloud model’, where the control of the IT stack passes to the Application provider [eg. SaaS]. AWS, Google CE and other IaaS/PaaS providers, offer firms Virtual Private Clouds and the ability to set up a hybrid cloud, or the integration of existing on premises apps and data usage with a secure Cloud model.
A hybrid cloud uses multiple cloud services—any combination of public, private, community, and traditional IT (enterprise) datacenters. Technically, when you connect one cloud to another cloud, or you connect to legacy datacenters and applications, you then have a hybrid cloud. In essence a Hybrid Cloud usually begins as a Private Cloud that later extends integration to use one or more Public Cloud Service, or Platform offerings. Such a deployment model makes sense when firms have sensitive data that cannot be Cloudified, or regulatory requirements mandating data protection, storage etc.
Cloud deployment models are sometimes still an area of confusion. Table 1-1 provides a summary definition of each cloud deployment model. It is based on the NIST cloud model but amended and updated.
Table 1-1. Cloud deployment model definitions
Cloud deployment model
|Public cloud||A cloud service offered to the general public. The cloud provider owns, manages, and operates all computing resources located within the provider’s facilities. Resources available to users are shared across all customers. Some cloud providers now offer higher, government- compliant security upgrades, which might use physically separate resources within provider datacenters. Customization is limited because the cloud is shared across many customers.|
|Private cloud||A cloud infrastructure operated for a single organization. The cloud can be managed by the organization or a third party, and it can be hosted on premises or at a third-party datacenter. Private clouds are typically more customizable than other forms of clouds because they are dedicated to and owned by one customer organization. Many private clouds are deployed within an existing on-premises datacenter.|
|Virtual private cloud (VPC)||A variation of public cloud wherein a segmented compartment of an otherwise public cloud infrastructure is dedicated to one customer. VPC offerings bring some of the price advantages of a large public cloud provider but with a bit more customization, security, and segmentation of VMs, storage, and networking. Variations of VPC include managed and unmanaged VMs and application services.|
|Community cloud||A cloud service that provides for a community of users or organizations with shared interests or concerns. The system is managed by one or more of the organizations, by a central provider, or a combination of the two. Organizations utilizing this cloud service have shared missions, governance, security requirements, and policies. Cloud services can be hosted on-premises at the consumer organization, at peer organization facilities, at a provider, or a combination of these. This community cloud term is often used in marketing to explain the target consumers of the service, although the actual cloud might technically be a VPC, private, or hybrid cloud model.|
|Hybrid cloud||A cloud service that is a combination of two or more of the previously defined deployment models (public, private, VPC, or community). A common example is a private cloud that is connected to one or more third-party public-cloud service providers for certain applications such as email—all integrated by using a common cloud management and automation platform. To manage multiple cloud providers, a cloud management system or cloud-broker system is required.|
Figure 1-2 depicts the relationship of the enterprise (customer) network infrastructure and private (on-premises or off-premises) cloud options. When connected to one or more types of cloud providers, a hybrid cloud is formed. There can be multiple private-or public cloud providers interconnected. Many public cloud providers offer VPC and various other as a service offerings (e.g., IaaS, PaaS, and SaaS) from their public cloud infrastructure.
Figure 1-2. Private, public, and hybrid cloud integration
Analysis and Comparison of Cloud Deployment Models
Each cloud deployment model—public, private, VPC, community, and hybrid— offers distinct advantages and disadvantages. It depends upon the customer requirements to determine which model or combination of models is truly the best for a given customer. Understanding the
The larger the organisation, particularly government entities, the more likely a private cloud will be deployed—conversely, small and medium-sized businesses often cannot afford to purchase or build their own private clouds. Many small businesses also have the advantage of little or no existing investment in infrastructure, so they can more quickly adopt cloud-hosted applications when first forming the organization.
A public cloud service is based on a cloud provider typically offering preconfigured and published offerings. They normally have an online storefront that lists all available products, configurations, options, and pricing. Because the public cloud providers are offering services to the general public and a wide variety of customers, they have implemented their own cloud management platform. The cloud platform and services offered are targeted at the widest group of potential consumers; therefore, customization of the service is normally limited.
The public cloud provider owns, manages, and operates all computing resources located within the provider facilities, and resources available to users are shared across all customers. Customization of a public IaaS application is usually limited to selecting options from a service catalog. Common options include choice of the operating system (OS), the OS version, and the sizing of the VM (processors and storage). Cloud providers often prebundle IaaS VM services into small, medium, large, and extra-large configurations, each with predefined processor, memory, and storage sizes. Customizations to ordering, billing, reporting, or networking might not be accommodated; this is a situation for which a private cloud deployment is more suitable.
Public cloud providers have also entered the virtual private, community, and even private cloud service market—providing more data segregation and customisation for each customer rather than the legacy pure public cloud models. Some public cloud service providers are beginning to blur the lines between public, private, and hybrid cloud through integration back to on-premises enterprise datacenter-based identity, authentication, application publishing, and other services.
A very recent industry trend is public cloud providers launching new hybrid services. These hybrid services focus on integrating traditional enterprise datacenters, typically on a customer’s premises, with public cloud services. This hybrid capability makes it possible for customers to federate authentication systems, synchronize data, support both enterprise and cloud applications, and failover enterprise servers to public cloud VMs.
Some cloud providers offer higher government-level security upgrades, which might use physically separated resources deployed in a segmented compartment within the provider’s datacenters. A public cloud provider that dedicates infrastructure and services to one customer is essentially offering a VPC, but it might market this under the term “community cloud” or a brand name such as “Federal” or “Gov” cloud. In some cases, a cloud provider might offer completely isolated and dedicated network infrastructures for each of its customers purchasing the government-compliant high-security cloud option; however, technically these dedicated cloud infrastructures would be more accurately defined as private or managed private clouds hosted within the provider’s facility.
Private cloud services might begin with the same basic cloud computing services as offered by a public cloud provider, but the service can be hosted at a customer- owned or contracted datacenter. Private clouds offer choices of the cloud services to be deployed, how much integration there is between services, how the management and operations are handled, and the level of security controls and accreditation.
Private cloud is an excellent model for large organizations that have significant existing datacenter and server farm assets, and want to slowly modernize to cloud technologies and processes. The organization can deploy a private cloud within the same datacenter(s) with a longer-term plan to migrate legacy IT systems to the cloud model over time. The customer can then transition applications and data at the discretion of its staff, augmented by IT cloud service integrator or other expertise, as needed.
As soon as you connect a private cloud to another type of cloud (e.g., public), by definition, you now have a hybrid cloud. In addition, if we are going by strict definitions, if you connect existing traditional datacenters, server farms, or applications to the private cloud, you also have formed a hybrid cloud. For this reason, I believe almost all clouds are or will become hybrids and the terms “hybrid,” “private,” and “public” will disappear over time.
Almost all enterprise clouds will become hybrids—using a combination of on- premises IT, private, and public compute and application resources.