How to prepare your IT environment for new hybrid and multicloud scenarios

Many companies are engaged in the diffusion and adoption of applications that can work in different environments: on-premises, across multiple public clouds and at the edges. Such an approach requires adequate preparation of the corporate IT environment to ensure compliance and efficient management of large-scale server systems, of applications and data, while maintaining high agility. In this article, the main aspects to be taken into consideration for the adoption of hybrid and multicloud technologies are introduced, in order to best meet the business needs.

The reasons that lead to the adoption of hybrid and multicloud solutions

There are many reasons why customers choose to deploy their digital assets in hybrid and multicloud environments. Among the main ones we find:

  • Minimize or remove data lock-in from a single cloud provider
  • Presence of business units, subsidiary companies or acquired companies that have already made choices to adopt different cloud platforms
  • Different regulatory and data sovereignty requirements in different countries
  • Need to improve business continuity and disaster recovery by distributing workloads between two different cloud providers
  • Needs to maximize performance by allowing applications to run close to where users are

What aspects to consider?

There are several options for preparing an IT environment suitable for hosting hybrid and multicloud deployments, reason why before setting up your Azure environment or any other public cloud, it is important to identify how the cloud environment should support your scenario:

Figure 1 – Diagram showing how different customers distribute workloads between cloud providers

In the image above, each dark blue point represents a workload and each blue circle is a business process, supported by a separate environment. Depending on the cloud-mix, a different configuration of the Azure environment may be required:

  • Hybrid-first customer: most of the workloads remain in place, often in a combination of hosting models with traditional and hybrid resources. Some specific workloads are deployed on the edge, in Azure or other cloud service providers.
  • Azure-first customer: most of the workloads reside in Azure. However, some workloads remain local. Furthermore, certain strategic decisions lead some workloads to reside in the edges or in multicloud environments.
  • Multicloud-first customer: most workloads are hosted on a public cloud other than Azure, such as Amazon Web Services (AWS) or Google Cloud Platform (GCP). However, some strategic decisions have led some workloads to be placed in Azure or at the edges.

Depending on the hybrid and multicloud strategy you decide to undertake for applications and data, this will have to direct certain choices.

How to prepare the Azure environment

Microsoft Azure is an enterprise-grade cloud service provider and best able to support public environments, hybrid and multicloud.

To prepare an IT environment and make it effective for any hybrid and multicloud deployment, the following key aspects should be considered:

  • Network topology and connectivity
  • Governance
  • Security and compliance
  • Automation disciplines, development experiences and DevOps practices

When dealing with the issue of preparing your IT environment for new hybrid and multicloud scenarios, it is advisable to define the Azure "Landing Zone" which represents, in the cloud adoption journey, the point of arrival. It is an architecture designed to allow you to manage functional cloud environments, contemplating the following aspects:

  • Scalability
  • Security governance
  • Networking
  • Identity
  • Cost management
  • Monitoring

The architecture of the Landing Zone must be defined based on specific business and technical requirements. It is therefore necessary to evaluate the possible implementation options of the Landing Zone, thanks to which it will be possible to meet the deployment and operational needs of the cloud portfolio.

Figure 2 – Conceptual example of an Azure landing zone

What tools to use?

Cloud Adoption Framework

The Cloud Adoption Framework of Microsoft provides a rich set of documentation, guidelines for implementation, best practices and helpful tools to accelerate your cloud adoption journey. Among these best practices, which it is advisable to adopt and which it is advisable to specifically decline for the various customers according to their needs, there is one specific section concerning hybrid and multicloud environments. This section covers the different best practices that can help facilitate various cloud mixes, ranging from environments totally in Azure to environments where the infrastructure at the Microsoft public cloud is not present or is limited.

Azure Arc as an accelerator

Azure Arc consists of a set of different technologies and components that allow you to have a single control mechanism to manage and govern all your IT resources in a coherent way, wherever they are. Furthermore, with Azure Arc-enabled services, you have the flexibility to deploy fully managed Azure services anywhere, on-premises or in other public clouds.

Figure 3 –  Azure Arc overview

TheAzure Arc-enabled servers Landing Zone, present in the Cloud Adoption Framework, allows customers to increase security more easily, governance and compliance status of servers deployed outside of Azure. Together with Azure Arc, services like Microsoft Defender for Cloud, Azure Sentinel, Azure Monitor, Azure Policy and many others can be extended to all environments. For this reason Azure Arc should be considered as an accelerator for your Landing Zones.

Azure Arc Jumpstart has grown a lot and allows you to better evaluate Azure Arc, with over 90 automated scenarios, thousands of visitors per month and a very active open source community sharing their knowledge about Azure Arc. As part of Jumpstart, ArcBox was developed, an automated sandbox environment for everything related to Azure Arc, deployable to customers' Azure subscriptions. As an accelerator for the landing zone of Azure Arc-enabled servers it has been developed ArcBox per IT pro, which serves as a sandbox automation solution for this scenario, with services like Azure Policy, Azure Monitor, Microsoft Defender for Cloud, Microsoft Sentinel and more.

Figure 4 – Architecture of ArcBox per IT pro

Conclusions

The adoption of consistent operating practices across all cloud environments, associated with a common control plan, allows you to effectively address the challenges inherent in hybrid and multicloud strategies. To do this, Microsoft provides various tools and accelerators, one among which is Azure Arc which makes it easier for customers to increase security, the governance and compliance status of IT resources deployed outside of Azure.

Please follow and like us: