By 2023, 80 percent of new application starts will be in the Cloud, and some exuberant analysts are predicting that the creation of new, on-premise data centers will end by 2025. In addition, enterprises are migrating existing workloads to the Cloud at a rapid pace. There are five, global leaders in Cloud services – Amazon AWS, Microsoft Azure, Google Cloud, IBM Cloud, Alibaba – and many other regional and national companies with credible offerings. Selecting the right Cloud provider can be challenging. Here are the things you should consider when selecting a Cloud services partner:
- What Is Your Migration + Modernization Strategy?
Most enterprises have multiple, important applications that they would like to move the Cloud. Moving them there can be tricky. We recommend performing a detailed application portfolio analysis and then creating an official Cloud strategy for the enterprise before embarking on any migration + modernization efforts. Your enterprise should answer the following questions:
- Technology – The current state of each application – Is it well architected? What’s the state of the code? Can the current technology stack be migrated to the Cloud?
- Talent – What skills are required to move each application? Do you have them in-house, or can you easily acquire them?
- Time and Cost – How long would it take to move the application? What would it cost?
- Commercial Alternatives – Are there commercial-off-the-shelf alternatives that could accomplish the same thing for the same or a lower cost?
- Priorities & Impact – Which applications are the most important to the business? Which application moves would have the biggest impact?
- Low Hanging Fruit – Which applications are the easiest to move for the most impact?
As you think through your migration + modernization strategy, you should take into account two additional things:
- The objective is to optimize your applications to run in the Cloud, not just move them there.
- Not every application is a candidate for migration. Sometimes, you have to build something new – in the Cloud, of course – or buy a COTS solution.
The Perils and Benefits of Vendor Lock-In
There’s no doubt about it: The major Cloud providers make it easier to develop new or migrate existing applications. That’s, because, in addition to computing power, they offer services and tools that benefit both developers and operations professionals. These capabilities span the application development lifecycle – for example:
- Access to leading databases
- Managed infrastructure – including autoscaling and descaling
- Container management
- Access to APIs and API management
- A large number of analytics and data science tools
- Embedded security
- Support for vertical industry data standards and regulations
Many of these capabilities designed to create vendor lock-in. They either are proprietary services offered by the Cloud provider or implemented in a proprietary way. The vendor wants your enterprise to rely on their services exclusively and to increase the cost and time it takes to move your applications to a new Cloud platform. There are some advantages to working with a single Cloud provider:
- You can optimize all of the workloads to work on one platform – taking full advantage of the provider’s IaaS and PaaS tools.
- You can develop deep Cloud management skills on the platform.
- You are likely to gain pricing advantages based on the volume of business you do on the platform.
There are also major disadvantages to a single provider strategy:
- A deep reliance on proprietary features and services could make it expensive and time consuming to switch providers later.
- Your provider may change its roadmap in ways that are not aligned with your business and technical goals.
- Competing providers may introduce unique services that your provider can’t or won’t match.
Enterprises are increasingly relying on Multi-Cloud strategies to minimize the risk of vendor lock-in and gain the ability to select the best features and services from each provider. Lock-in is still possible, but less likely; however, enterprises sometimes create so many Cloud instances across multiple providers that they lose track of all of the Cloud resources they are using.
- Cloud providers embrace open source products and services but proceed with caution.
Open source products and services have been a huge boon both for vendors, which provide commercial support and enhancements to the base products, and enterprises, who gain access to new technologies at a lower cost. There are risks with open source, however. Technologies, such as containerization, might improve the performance of an application, but it requires a high level of technical knowledge to implement popular container technologies, such as Kubernetes.
Some large organizations that depend on best-of-breed architectures may therefore benefit from an open source-centric, Multi-Cloud approach, because it can provide the flexibility to implement and change infrastructures and platforms quickly. Note, however, that this approach requires significant investment in technical talent and comes with a high amount of risk. Open source tools generally succeed when there is a groundswell of support from working technologists. They fail quickly if there is no groundswell or if new open source solutions come along that are better or more modern – leaving developers and the enterprises they work for stranded.
Therefore, our advice is to use open source tools that are backed by commercial level support if:
Your Cloud application is mission-critical.
Your enterprise will be using the same technology stack across multiple Cloud development efforts the technology is core to the applications.
All of the major Cloud providers offer commercial level support for the open source products such as kubernetes in their portfolio – AKS on Azure, EKS on AWS, or GKE on GCP – which enables enterprises to embrace open source without accepting the risk and time associated with building your own platform. These services do, however, entail some vendor lock-in. In addition, there are commercially supported versions of the most popular open source products that are run on Cloud platforms but are not part of the service provider’s offerings – for example, Cloudera, Cloudbees Jenkins, Confluent (Kafka) etc.
- You need technical talent with Cloud-specific skills.
There’s no substitute for technical talent that understands the entire Cloud application lifecycle and has worked on successful applications that operate on your Cloud platform of choice. You need to assess the Cloud capabilities of the technical talent within your organization and the availability of Cloud talent for your platforms of choice in the geographic area. There is pretty good chance that your talent base will fall short. Here’s what you can do to address your talent gaps:
- Invest in Cloud training and certifications for your Cloud platforms of choice – provided by the vendors or third parties. Note that learning how Azure works is a lot easier if the techie already has a deep knowledge of AWS and vice versa.
- Identify must-fill Cloud positions and aggressively recruit. Your gold star candidates are people with experience on your Cloud platform of choice, who has built applications with tools you prefer over many years. You aren’t likely to find many of these, so your goal should be to hire a team that, together, fills in all the technical needs and cross-train each other to improve your knowledge base rapidly.
- Prioritize your Cloud development efforts – per the section Migration + Modernization strategy above. Few enterprises have the level of Cloud – or technical – talent they need to do all the projects they want to do.
- Even if the price is high, hire consultants with deep skills in Cloud platforms, tools, and development techniques to augment your teams and improve your likelihood of success. Ensure that those ace consultants transfer knowledge along the way, so that, if you want to go it alone on the next project, you’ll be able to do it.
- Leverage partners to get smarter faster and improve your likelihood of success.
It’s unlikely that your enterprise will be able to pull off a large-scale Cloud migration + modernization effort without help from one or more partners. Your partners are likely to fall into the following categories:
- Cloud infrastructure, architecture, and DevOps experts who can ensure that your applications are built to take advantage of a Cloud platform’s services and perform well in operation.
- Software development firms with experience building high performance applications in the Cloud. It’s even better if they have built similar applications in your industry.
Since your potential partners will likely have done multiple projects with your Cloud provider of choice, they often have greater insight into the issues enterprises face in using the platform. If you can find partners who are Cloud platform agnostic – meaning that they can work equally well with all of the leading platforms – it’s a bonus, because it would increase the likelihood of success for a Multi-Cloud strategy. It would also enable your enterprise to form a stable partnership that spans multiple projects.
- Carefully examine Cloud provider approaches to security and compliance.
Your data may be subject to legal and compliance mandates depending on the type of content, where your enterprise is located, where the data is located, and what industry your enterprise is in. There are a multitude of data laws and regulations, such as GDPR, ISO 27001, PCI DSS, and HIPAA, that prescribe harsh penalties for non-compliance. Certifications, such as SOC 2, at various levels of the technology stack may help organizations meet such requirements. You should make sure that your Cloud providers of choice can support compliance with the laws, regulations, and industry mandates that apply to your enterprise. In addition, you should feel comfortable that your Cloud providers have the security resources and processes to protect your application at the platform and infrastructure layers. Note that it’s still your responsibility to be secure inside your own applications.
- Watch those Costs, Terms, and Conditions.
Cloud costs can spiral out of control if you don’t pay attention. Here are the steps you can take to control Cloud costs and understand the terms and conditions involved in your Cloud provider contract:
- Manage and monitor public cloud computing costs – When you have an application deployed in the public cloud, you need to keep an eye on your used resources. Top providers offer native Cloud cost management and monitoring tools. There are also Cloud monitoring tools that are more granular and specialized. If you don’t leverage these tools, your enterprise could spend a lot of money on unused or unnecessary Cloud resources. Typical cost accelerators include cloud sprawl, overprovisioning, and wrong instance types. Best practices to remedy these issues include continuous and efficient resource management and rightsizing.
- Prepare for Multi-Cloud costs – When using multiple public Cloud providers, integration between providers can lead to unexpected fees. Plan your application deployments to see where you might incur additional costs. You should also look at your bill to see what you are charged for access, CPU, and storage. The ability to track spending across more than one cloud is invaluable; incorporate the native billing tools from providers into your Multi-Cloud cost management strategy, but remember that third-party tools offer more cross-platform capabilities.
- Understand the Service Level Agreement – Every Cloud provider will offer your enterprise a Service Level Agreement (SLA), which contains basic performance and uptime guarantees. The SLA will be less rigorous than a typical IT outsourcing contract and is non-negotiable. It’s up to your enterprise to pick the service level regime and compensation levels for failure to comply that meets your needs (better guarantees will cost you extra).
In a nutshell, an API is a set of functions that allows the sharing of data between independently run applications. Over the past 24 months, more enterprises have begun to modernize their applications by adopting an API (Application Programming Interface) first...
Deloitte, OPTIMOZ and USCIS discuss the patterns and anti-patterns for achieving the right-sized API governance approach for your organization from the show floor at Google Cloud Next ’19. https://youtu.be/eUT-MgG7yv0
At Optimoz, we spend a lot of our time helping companies migrate their important applications to the Cloud. It’s harder than you might think. Most Cloud applications are built using technologies and tools that weren’t mainstream five years ago. Cloud...
Driven by the power of the Cloud, the software development process – and development lifecycles - is transforming. Downtime is becoming a thing of the past with highly available architectures and immutable infrastructure. The scale of utilization is increasing as...