What is multicloud - A guide to multicloud strategy, management, and multicloud architecture

What is multicloud?

Multicloud is a strategy by which organizations actively choose to consume services from two or more public cloud providers, instead of choosing to utilize a single public cloud provider for all their needs.

What is the difference between hybrid cloud and multicloud?

Gartner defines Hybrid Cloud computing as referring to “policy-based and coordinated service provisioning, use and management across a mixture of internal and external cloud services”, in simplistic terms this means that a hybrid cloud strategy always includes the capability to deploy and maintain services in traditional on-premises environments, as well as within one or more public clouds.

A hybrid cloud strategy may include a multicloud strategy as part of its scope, but a multicloud strategy does not include hybrid cloud, since multicloud refers exclusively to public cloud providers and not to on-premises or private cloud services.

What are the advantages of a multicloud strategy and environment?

There are many different categories of services available from each public cloud provider. Each provider has strengths and weaknesses in specific categories, as well as architectural differences in how they have constructed their services and infrastructure.

Having a multicloud strategy can allow customers to choose from more options and to select the services that best fit the requirements for each workload, whether those requirements relate to features, cost, performance, integrity, or availability of services.

As an example, all 3 public cloud providers have a service for hosting Git repositories: AWS has CodeCommit, Google has Cloud Source Repositories and Microsoft has both Azure DevOps Repo’s and GitHub as part of their suite of Azure services. GitHub is by far the most popular service, regardless of the primary cloud provider chosen by customers, with Azure DevOps Repo’s also being a well-subscribed service, partially due to the Azure DevOps service itself being bundled with subscriptions to Visual Studio as part of Microsoft Developer Network Subscriptions, on the other hand, neither CodeCommit nor Cloud Source Repositories has significant traction in the market, especially among enterprise customers, with customers often using a Microsoft service or other third-party services (such as Atlassian BitBucket or GitLab) instead, due to functionality in these competing products being much wider than the relatively simplistic (albeit well integrated) functionality offered by AWS and Google native services.

Looking at a different angle, there are significant differences in how AWS, Azure, and Google Design both their Infrastructure and Services for availability.

• AWS for example deploys 3 availability zones in every region in which it operates, with there being a distance of between 25km-100km between availability zones. AWS designs almost all its services to take advantage of this infrastructure, deploying instances and copies of data in each of the 3 zones, this helps maintain service in the event of outages and means that AWS has the best record for the reliability of all the public cloud providers. (Source: ZK Research )
  
• Google also uses zones, with its services being designed to distribute service nodes and data across zones for availability. However, it is important to note that Google is not very specific about the distances it maintains between zones and like all cloud providers, does not disclose the locations of its data centers for security reasons.
  
• Microsoft was relatively late to adopt availability zones and does not offer them in all regions. In fact it only began preview of availability zones in a small number of regions during 2017. Regional services before that point were deployed in a single data center or in several data centers that were very close together. Microsoft therefore used region pairs for replication of critical data stored within its managed services, which are built on top of this infrastructure. Additionally, it advised customers building on Azure to replicate data to another region in the same geography. Microsoft’s current strategy is to have 3 availability zones available in at least 1 region in every geography, with other regions potentially remaining as single-zone regions for the foreseeable future. What this means is that Azure services do not always take advantage of availability zones and may be more susceptible to building or location-specific problems with, for example, power, network, or climate conditions.

It's easy to see then, that even the simplest building block services, like virtual machines, storage, and networking on each cloud can have vast differences between public cloud providers. The cost and complexity of building solutions can also vary widely, depending on which cloud provider is selected: for example, customers needing high availability on Azure, in a region without availability zones, might need to factor in the cost and complexity of solutions like Azure Site Recovery or Azure Backup to recover services to another region within the same Geography. Customers in AWS or Google always have the option to use availability zones and can take advantage of them by building clusters that have nodes in each zone, or by utilizing the synchronous replication of storage between the AZ’s to quickly recover services in another zone.

In most organizations, not every workload needs a super high level of availability, so being able to select the lowest cost service that is ‘good enough’, can be advantageous in certain scenarios. Similarly, if you need to replicate data globally anyway, perhaps there is less advantage in having multiple copies of that data in every region and paying a higher cost for that extra redundancy.

What are the possible challenges with a multicloud platform?

1. Skills shortage
   One major challenge is access to knowledge and skills. There are thousands of available options within the portfolio of services from each of the public cloud vendors, building knowledge and skills within your team and staying up to date with new and evolving services on 2 or 3 public clouds is a significant challenge, hiring and training staff can constitute a significant and continuous investment.
2. Vendor lock-in
   A second major challenge is related to tooling. Every public cloud provider will try to push your organization towards its native tooling, but in most cases this tooling is mostly benefiting the cloud provider, locking you into the cloud providers native services by use of a knowledge gap (if your staff only know how to use the native tool, they will always prefer it) and the fact that the cloud providers tools, usually only support the cloud providers native services well (if they support third party services at all), meaning that managing third-party services, even ones purchased through the cloud providers marketplace, can sometimes exceed the scope of the native tool's capability. Using native tooling can lead to customers having separate internal teams for each public cloud, which independently develop practices and procedures, this leads to a lack of capability to make competitive choices between services. Employing multicloud tools, such as HashiCorp’s Terraform and Vault, as well as tools like CheckPoints Dome9, can help you more easily integrate your cloud resources that specialize on different clouds and even make it easier to cross-train resources to other cloud providers.
3. Networking solutions
   One challenge that is often overlooked until it becomes a major problem, is the challenge of providing network connectivity between customer private networks, spanning different regions in a multicloud environment. AWS, Azure, and GCP have only provided transitive networking solutions that allow connectivity between their own homogenous networks, so connecting large numbers of (as an example) Azure VNET’s to large numbers of AWS VPC’s is still a significant challenge, which usually involves a third-party solution, significant complexity or in the worst cases, both. Further to this, there are still the traditional problems of centralizing management of next-generation firewalls and security policies, as well as allocating your scarce private IPv4 address space in a way that doesn’t restrict the scalability of your cloud environment or cause issues with DNS name resolution.

What does Gartner say about multicloud?

Gartner has identified multicloud as one of the key IT infrastructure trends shaping the industry. According to Gartner, over 80% of public cloud users are working with two or more providers. Gartner has also stated that the key reasons behind this is that organizations want to avoid vendor lock-in or to take advantage of best-of-breed solutions.

Multicloud strategy

Organizations should consider a multicloud strategy for several reasons, whether that is to enable your architects, developers, and application management teams to choose the best available services for operating and managing their specific workloads, or simply as a tactic for negotiating a better discount level in the long term with your cloud vendor of choice, the ability to multi-source your cloud services will provide your organization with much greater flexibility than selecting a single cloud.

As part of your strategy, we recommend that whenever you build or deploy a new workload to the public cloud, you should identify a high-level target architecture, for how you would deploy that same workload to another cloud, there are two key reasons for doing this:

1. The first is that it can help you evaluate which services are the most efficient to deploy your application and help you ensure that you really are selecting the best combination of services to meet your requirements, not just simply following the unconscious (or conscious) bias of the solutions architect.
2. The second key reason, is that it helps you understand your technical debt or level of lock-in, enabling you to plan at the outset, how you would migrate your workload away from the current platform to the next best option. This provides the basis for a contingency plan, which you could invoke (or threaten to invoke) if the relationship with the provider sours or the cost of services were to dramatically increase. In some cases, lock-in is desirable, because tightly integrating to cloud providers native services can significantly reduce the operating costs of running a workload when compared to a more open or standards-compliant solution, but it is important to understand what effort is required to invoke the contingency plan and roughly what the cost of operating the service would be if you ever had to do it.

Multicloud and mergers & acquisitions

Whether or not customers opt to pursue a multicloud strategy today, we recommend that customers should consider the future when defining their strategy and selecting tools. Customers should always consider, what would happen in the event of a merger or acquisition with another company that has chosen a different public cloud. How would you integrate the services of the two companies? How do you place them under common management or billing hierarchies? How do you ensure job security for your staff during and after the merger? Customers should carefully evaluate tools for monitoring, management, and deployment, to ensure that there is the capability of managing or monitoring resources in other clouds, as well as common third-party services, not just the native services.

AWS as part of a multicloud environment

The biggest strength of AWS is that it has the widest array of services of any of the public cloud providers, this means that it offers solutions to problems that other clouds do not, such services might be focused on a very specific industry segment, such as the management of satellites (AWS Ground Station), or could be managed services that wrap around the products of other vendors, such as Amazon RDS for Oracle.

AWS is highly regarded as a mature, reliable, and stable platform, where new services are often added, existing services are often extended, but established services are very rarely retired.

Where AWS can seem less attractive, is that it can sometimes be perceived as expensive compared to other providers, additionally, it lacks a proper directory service for identity, having no real competitor to Azure Active Directory or Google Cloud Identity, with some functionality of these competitors split across several services and other functionality relying on integration with third parties.

Azure as part of a multicloud environment

Azure’s key strengths are its tight integration with Azure Active Directory, which Microsoft 365 customers already use. Other key strengths are the Developer Tools, as well as the strong offerings in the Internet of Things space, additionally Microsoft is often able to provide competitive offerings when migrating Microsoft workloads from on-premise and is uniquely able to offer some extended support offerings as enticements for companies to move legacy workloads to Azure.

Weaknesses of Azure include its reliability compared to other cloud providers, especially in regions that lack availability zones, which also highlights a second weakness which is the inconsistency across regions, meaning that it may be necessary to maintain different localized infrastructure as code templates or automation scripts for deployments of the same application, due to the architectural differences between regions.

Customers should consider Azure for Migration workloads, especially if the current on-premises architecture utilizes a cold or warm standby site for Business Continuity.

Google Cloud Platform as part of a multicloud environment

GCP’s biggest strengths are in its analytics and machine learning services and in catering to developers, data scientists, and data engineers with advanced tooling. Of the main public cloud providers, Google has the most consistent API model, tools, and GUI portal, meaning that it is very attractive to developers, particularly the younger generation of developers and those who have worked in start-ups within the last 5 years.

Google has invented several key technologies that are widely adopted across all major public clouds today, including Kubernetes, TensorFlow, and the 'Go' programming language, it, therefore, has extremely well-integrated services for running these types of modern workloads on its platform. GCP’s building block compute, storage and network services are also well-differentiated, with GCP’s global network infrastructure probably being the most advanced and lowest latency of the major cloud providers, Google Compute Engine also offers features such as live migration, something not offered by Amazon's EC2 service or Azure’s Virtual Machines. GCP also offers a service called Anthos, that allows customers to deploy google managed container workloads on to compute instances in other public clouds and even to on-premises.

A weakness of Google Cloud is that it is not available in as many locations as AWS or Azure, it also has fewer service options in most categories and tends to favor either its home-grown technology or a single option based on an open-source project, in places where other clouds may offer several different options to give customers more choice.

Alibaba as part of a multicloud environment

A key strength of Alibaba Cloud is its total dominance in the Chinese market, while AWS and Azure both have a small footprint in China, their Chinese infrastructure is distinctly separate from their global infrastructure that serves all other countries.

Alibaba however does not suffer from these restrictions that have forced AWS and Azure to segregate their Chinese Infrastructure, as it was designed and built inside China, in compliance with Chinese government rules, this makes it able to straddle both sides of the great firewall much more easily. Some customers even use the Alibaba network infrastructure to connect services that are both inside and outside of China, including services deployed on other public clouds.

A key weakness for Alibaba is its relatively small footprint and low level of adoption outside of China, with companies serving Chinese customers being the main adopters. Another point to consider is that some companies based in other countries also have an issue with the Chinese government’s involvement in Alibaba.

What does SoftwareOne offer in the multicloud space?

SoftwareOne is a leading specialist in public cloud, with a proven track record on multiple cloud platforms: Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) in particular. We support our clients throughout their entire cloud journey:

• For organizations that are considering migrating to the cloud, we offer vendor-agnostic advisory services that help you evaluate your options, such as which workloads would offer the most value to your business if migrated to the cloud. Our capabilities range from assessment of your existing applications, infrastructure, and compliance requirements, to selecting the most appropriate cloud services and designing the target architecture. We also offer a wide range of managed services that ensure our clients always have access to the competence they need to get the most out of their cloud investments. Learn more about our cloud migration assessment, which provides you with actionable insights to start your cloud journey.
• For organizations looking to build new services in the cloud, we can help you define your architecture and select appropriate building blocks, from the range of cloud services on offer, either from your cloud providers of choice or from the services available in the market. We help you build services with the right balance of cost efficiency, performance, and availability
• For organizations that would like to validate their cloud strategy, we can offer a vendor-agnostic assessment of their cloud strategy, to ensure that they have processes in place to select the right services and to ensure that the organization is capable of managing, governing, and securing the entire environment, through a combination of internally developed skills, technology, and third-party services.
• For organizations that would like to validate their purchasing agreements with cloud providers, we can offer an assessment of your agreement during the negotiation stage, to ensure that it makes sense for you as a customer, does not overcommit you on spending, and fits with your strategy for using cloud services. We can also review established agreements, to help you take advantage of discounts and benefits that you may not already be using and to ensure that you can honor any commitments that you have made.
• For organizations that would like to streamline their existing multicloud infrastructure, we can support with a Well Architected assessment of your workloads to uncover possibilities for cost optimization, security, and governance improvements, as well as offer managed services to ensure continuous cost-optimization of your cloud services.