Planning a Hybrid IT Infrastructure using Windows Azure Infrastructure Services (Part 1)

by [Published on 16 May 2013 / Last Updated on 20 Sept. 2013]

In this series of articles, we’re going to look at how a hybrid infrastructure can let you have the best of both worlds when it comes to the cloud and on-premises services.

If you would like to read the other parts in this article series please go to:

Introduction

If you’re in the IT business, your future is cloudy, that’s for sure. That’s because sooner or later, you are almost certainly going to end up using some kind of cloud computing solution. It might be public cloud, private cloud, hybrid cloud, IaaS, PaaS or SaaS, but I can almost guarantee that in the future you’ll be going “to the cloud.” In fact, you might be using some form of cloud service in your datacenters right now – even if you don’t think of it as such.

But going to the cloud doesn’t necessarily mean you have to give up all of your on-premises services. In this series of articles, we’re going to look at how a hybrid infrastructure can let you have the best of both worlds. Something worth talking about before we delve into that, though, is the idea of private cloud. When I go to conferences and when I talk to people in the media and people who are practicing IT these days, and I ask them if their organizations have deployed a private cloud, most of them say “Yes.”

I find this somewhat remarkable, because it’s very difficult to put together a true private cloud using Microsoft’s or any other vendor’s products. Most of them just weren’t designed to do what you need to do to create a true private cloud solution. But it turns out that, in almost all instances, people are just calling a virtualized infrastructure a private cloud, without really understanding what the term implies – or worse, they just rename their current traditional datacenter to “private cloud.”

In both cases, the answers they’re giving me are inaccurate. That’s because in order to have a cloud, you need a cloud infrastructure that will support cloud services, as defined by NIST. This means you need to be able to support the following:

  • Shared or pooled resources
  • Broad network access
  • Elastic resource allocation and deallocation
  • Resource metering
  • Self-service

If your datacenter or hoster offering doesn’t support each of these five characteristics, then you don’t really have a cloud. You have something else that is not a cloud. And you know what? That’s okay. In fact, this article series makes no assumptions regarding whether you have a cloud on premises or not. That’s why the title of this article refers to “Hybrid IT” rather than “Hybrid Cloud.”

What is Hybrid IT?

Most of you have probably heard the term “hybrid cloud” – but do you really know what it means? Many people think of hybrid cloud as the combination of a private and a public cloud, and indeed, that’s a common version – but it’s not the only one. Hybrid cloud is defined by NIST as a system that includes two or more clouds. One might be a private cloud and one might be a public cloud, or one might be a Microsoft public cloud and the second might be an Amazon public cloud. The key here is that it doesn’t have to be only private cloud + public cloud.

However, given the fact that very few organizations have a real private cloud, what do you call it when the organization wants to connect its current virtualization infrastructure or datacenter to a public cloud offering? I’m going to refer to it as “Hybrid IT”. In this case, you don’t need a real cloud on premises. You just connect your traditional on-premises datacenter to a public cloud offering.

Advantages of Hybrid IT

Why would you want to connect a traditional datacenter to the public cloud? Here are some of the advantages of hybrid IT. Hybrid IT can be used in the following circumstances:

  • You can move applications in your current datacenter into a public cloud, thus freeing up datacenter resources for other projects that might not be good candidates for placement in a public cloud.
  • You can “burst” into the public cloud. What this means is that during those times of the year when you need extra resources for a short, well-defined period of time, you don’t need to spend money on new hardware for your datacenter that might go unused after the busy period is over. Instead, you can just stand up some new virtual machines in the public cloud and run the time-limited application on those. When you’re finished with the project, you can simply decommission the virtual machines. This means you only have to pay for what you use and you don’t end up with a lot of costs invested in infrastructure that you might only use for a few weeks in the course of a year.
  • Legacy applications can be moved to the public cloud IaaS. There are a number of reasons you would do this, such as not having the original source code or installation media. You can do a P2V (physical-to-virtual process to migrate a physical server’s OS, applications and data to a VM) and then create new virtual machines in the public cloud IaaS offering.

The foregoing scenarios can help you with your capacity planning, reduce the time required to get an application into production, and can even reduce your total cost of ownership for the application. Also, if you use public cloud IaaS, you can take advantage of your current investments in monitoring and security controls, and apply the same controls that you are currently using on premises.

Microsoft joins the game

We’ve been waiting a long time for it, but Microsoft now has an Infrastructure as a Service offering called Azure Infrastructure Services (the customer preview version was called Azure Virtual Machines and Virtual Networks). It was released to general availability in mid-April. Azure Infrastructure Services enables you to create virtual machines on the Azure infrastructure in a way that’s similar to the method by which you create virtual machines on premises. You can install both Windows and non-Windows operating systems (Linux) in Azure Infrastructure Services VMs and you can install your applications on these machines. You can also create something called an Azure Infrastructure Services Virtual Network and connect that network to your on-premises datacenter. The Azure Infrastructure Services Virtual Network connects to your datacenter using a site to site VPN connection.

I’ve run the numbers on Azure Infrastructure Services and those calculations indicate that, depending on your deployment, you can end up saving a lot of money compared to running your own virtualization infrastructure. Azure Infrastructure Services is also very easy to use. If you have light requirements, you can use the Azure Infrastructure Services portal to create and manage your virtual machines and virtual networks. If you plan on larger deployments in Azure Infrastructure Services, then you’ll probably want to use PowerShell to help automate some tasks. And if you’re planning on going “all in” with Azure Infrastructure Services, then you can create your own portals and solutions using the REST (Representational State Transfer) APIs that have been made available by Microsoft.

Planning an Azure IaaS Hybrid IT Deployment

Before you jump head first into the Azure Infrastructure Services waters, you’ll want to make sure you do things in a very deliberate and mindful fashion. If this is your first foray into the cloud, you need to take care to make sure your cloud infrastructure doesn’t just “grow that way” the way your current on-premises datacenter might have done. This is an opportunity to make your IT infrastructure “lean and mean” so that it can be the model of a well architected datacenter that you always wanted, but just couldn’t seem to accomplish.

First let’s look at some questions you need to ask yourself while you’re still in the planning stages. You need to consider how you’re going to handle the following challenges before you jump into the Azure Infrastructure Services cloud and begin your Hybrid IT adventure:

  • How will you address business continuity? How does your hybrid IT infrastructure work with your current business continuity plans? What might you need to change in order to integrate the Azure Infrastructure Services infrastructure with your business continuity plans?
  • Hybrid IT is likely going to lead to some consolidation of your hardware, network, management and monitoring systems, and software stacks. How will you handle this consolidation? What will you consolidate first, and what might you not consolidate?
  • How will you extend your monitoring, security and management systems into the cloud? Are these applications tolerant of jitter and latency? If so, are there any mitigations, such as putting some of those systems or components of those systems into the Azure Infrastructure Services infrastructure?
  • How will you find personnel with cloud experience to deploy and run your new hybrid infrastructure? Will you hire new people with this experience, or will you train your own people and run proof of concept deployments so that they can gain the requisite cloud experience?
  • How will you leverage Azure Infrastructure Services in your disaster recovery plan? Will you use Azure Infrastructure Services as a disaster recovery site in the event that your on-premises datacenters become unavailable? How will you approach this?
  • How will you handle the security issues that are inherent in public cloud computing? Will you put all of your applications in the public cloud? Probably not. Will you start with low business impact applications? This is more likely. Think about how you will assess applications for candidacy for placement in the Azure Infrastructure Services cloud and the expected order and timeframes of deployment.

The Planning and Design Process

To answer the questions we posed above, you should take a very organized approach to your new Hybrid IT design. One way to approach the problem is to use a system like the following, which is what we’ll use in this article series:

  • Start with a self-assessment. Gather information about your network and applications so that you have a holistic view of your infrastructure. This will make it much easier to answer the questions you’ll ask when you start connecting your on-premises infrastructure to the Azure Infrastructure Services.
  • After you complete your self-assessment, the next step is to start learning about Azure Infrastructure Services and hybrid IT principles and operations. You’ll want to discover whether there are any valuable patterns that have been shared by the community and you’ll want to learn how the system works and perhaps come up with your own patterns that the community might adopt.
  • When you have a good understanding of hybrid IT and Azure Infrastructure Services, you will be ready to begin the design process. There are many different options available to you, but you need to select the options that enable your specific requirements. You also need to understand what limitations you might place on yourself if you select a particular option, because often it’s you’ll discover that two options can be mutually exclusive.
  • After you complete your design, you’ll be ready to get started with a pilot project. You’ll want to stand up the virtual machines, create the virtual networks, and connect the Azure Infrastructure Services virtual network to your on-premises network. Then you’ll want to instantiate your applications on the new virtual machines and see how things work.
  • Finally, once everything is set up and working, you’ll want to be able to manage your hybrid infrastructure. You need to determine which tools you will use to manage and monitor both sides of the hybrid IT solution.

Summary

We will cover each of the areas discussed above in subsequent installments of this article series. By the time we finish the series, you will have a good understanding of what’s required to begin your trek into Hybrid IT and we hope you’ll be able to avoid making mistakes that you might have otherwise made. See you then! –Deb.

If you would like to read the other parts in this article series please go to:

The Author — Deb Shinder

Deb Shinder avatar

DEBRA LITTLEJOHN SHINDER, MCSE, MVP (Security) is a technology consultant, trainer and writer who has authored a number of books on computer operating systems, networking, and security.

Latest Contributions

Advertisement

Featured Links