Who will win the Hybrid Multi-Cloud War?
The hybrid multi-cloud is radically changing the IT world as we know it. Although the concept is still at its infancy, several opponents are already vying for supremacy over this new cloud world. In this blogpost, we analyze exactly how these rivals differ and where their strengths and weaknesses lie.
2021 will be the year of multi-cloud, with more than 90% of enterprises worldwide adopting combinations of on-prem, public, and private cloud as default environment.
So asserts a recent study by the International Data Corporation - IDC. The forecast underlines how fundamental multi-cloud availability is going to be in the upcoming year. In order to be competitive today in the IT world, as well as to be innovative for the future, companies have to be proficient in the hybrid multi-cloud environment. There is no fleeing the hybrid multi-cloud “trend.”
What is hybrid multi-cloud?
The last 20 years have seen drastic changes in infrastructures and technologies, accompanied by a radical shift in the IT world. If the past was dominated by physical servers and on-prem data centers, the present-day standard is the cloud, defined here as data centers spread around the world and accessed over the public internet. Users and companies don’t have to manage physical servers themselves or run applications on their own machines. Instead, cloud providers make the necessary resources available for each specific task. These days there are hundreds of cloud providers, each with their own unique qualities, prompting the obvious question: Which one should we choose?
The answer: all of them, based on what best fits the customer’s needs of course. Every cloud has different features, and you can pull out the best from each one. This is exactly what a multi-cloud environment is, a combination of public clouds that prevents vendor lock-in, giving you the true freedom to build technology based on business requirements and not the other way around.
Shifting to the cloud doesn’t necessarily mean that on-premises solutions should be abandoned; technology advances faster than the ability of business to keep everything up to date. This shifting time allows companies to mix public cloud resources and infrastructure with private clouds, picking up the best from both worlds. This smart mixture of public and private clouds creates a compound environment referred to as a hybrid cloud.
By itself, neither a hybrid could nor a multi-cloud seems to be enough. What business requires is a synthesis, and hybrid multi-cloud fits the bill.
The hybrid multi-cloud is one step ahead, able to unify resources from on-premises data centers with infrastructures of different public clouds and to make them cooperate, while at the same time managing the whole solution from a “single pane of glass.”
The hybrid multi-cloud concept itself marks a milestone on the path of innovation, declaring the end of an era and laying the foundations for a multi-cloud world and with it a multi-cloud war.
Nowadays, companies are struggling to produce a hybrid multi-cloud solution able to modernize applications, while offering the best experience in terms of performance, security, reliability, availability, and cost. In under a year, a number of products have been announced and released to compete in this “cloud war.” At first glance they might seem similar, but the differences, though small, are crucial in determining who will be the “winner.”
This product from Google presents itself as a modern application platform that lets you build, deploy, and manage applications securely and consistently, in an increasingly hybrid and multi-cloud world. The primary aim is to extend the already existing Google Kubernetes Engine to this new distributed environment offering a single managing tool, the Google Cloud Console, as well as a whole set of new services.
From cluster installation to hybrid-cloud management, from complete Service mesh to Configuration Management, from Cloud Run to extended GKE, the offering is so wide that it definitely deserves a closer look. Much more time and space will be dedicated to this Google Product in a more detailed “Deep dive into Anthos” section.
Red Hat OpenShift
The famous Red Hat product can be described as an Enterprise Kubernetes Application Platform with enforced security and compliance features. With the last release of Openshift, version 4.5, Red Hat has widened its scope to each kind of infrastructure, whether on-prem or spread over data centers and public clouds, all coupled with a new management solution.
VMware Tanzu Portfolio
This new product from VMware is a complete collection of services with the aim of “modernizing your applications and infrastructure to deliver better software to production, continuously.”
This portfolio of services is the result of the combination of brand-new products with different preexisting projects (Pivotal Cloud Foundry, Bitnami Catalog, NSX Service Mesh) that were acquired by VMware and that underwent a “Tanzufication,” meaning they were renamed and empowered with innovative features.
The main aim of this product is to enlarge Kubernetes’s capacity to operate across clouds, both private and public, as well as to make it the underlying software to handle every single resource besides the standard Kubernetes cluster, including virtual machines, databases, and other third-party services.
It should be noted that not all of the products have been released and some of them are strictly beta.
Microsoft Azure Arc
This Microsoft product Azure Arc “enables the deployment of Azure services anywhere and extends Azure management to any public/private infrastructure” while keeping a single managing interface: The Azure Portal.
Arc is a Kubernetes-based product, not a Kubernetes enterprise. This makes this product unique among competitors, but also exposes it to other constraints and weaknesses. Being a Kubernetes-based product means that it can be extended wherever a Kubernetes cluster can be found, making it available in the whole hybrid multi-cloud environment. Arc allows you to deploy Azure services upon each of these clusters but doesn’t permit the cluster provisioning itself. This last point in particular makes Azure Arc more of an in-guest solution, with little integration in the underlying infrastructure. Surprisingly, one of its strengths is that it is not strictly dependent on Kubernetes. It can also manage other kinds of resources outside of Microsoft cloud, such as virtual machines, for which it claims to offer wide support.
It is important to note that this product is still in preview and some information about it may not be verified with hands-on experience.
- Hybrid multi-cloud
All four products represent a hybrid multi-cloud solution, and even though they can all handle this environment, each one performs it uniquely.
- Enterprise Kubernetes
In order to modernize applications, three of the four products utilize an extension of the open source project Kubernetes, each one developing its own Kubernetes Enterprise solution.
Anthos wants to extend Google Kubernetes Engine to become a hybrid tool to manage Kubernetes clusters in each infrastructure available, making it possible not only to manage existing clusters but even to create new ones out of Google Cloud.
OpenShift is well known to be one of the strongest Kubernetes distributions available on the market, able to guarantee Kubernetes’s performance, reliability, and portability as well as to ensure security and compliance.
Tanzu offers a new Kubernetes Enterprise solution born from its predecessor, Pivotal Container Service, called Tanzu Kubernetes Grid, which is enforced with a brand new Project Pacific. This allows Kubernetes to manage not only clusters but even Virtual Machines, databases, and other third-party services, always maintaining the same common Yaml syntax. Tanzu has improved its Kubernetes proposal through a new product, Tanzu Mission Control, enabling the user to connect existing Kubernetes clusters to a single managing interface as well as to create new clusters on every existing public cloud.
Azure Arc doesn’t comprise a Kubernetes Enterprise but because of that is not entirely dependent on Kubernetes, since it is useful for VM management as well.
- Serverless solution
Serverless computing refers to an execution model where the provider is responsible for executing a piece of code by dynamically allocating the resources and the only charge directly depends on the resources used to run the code.
Both Google and Red Hat offer this serverless solution: the former in Cloud Run for Anthos, the latter in OpenShift Serverless. Cloud Run for Anthos provides a flexible serverless development platform on Google Kubernetes Engine. It is built on top of Knative, an open source project that supports serverless workloads on Kubernetes. OpenShift Serverless, like its predecessor, is built on top of Knative and allows users to deploy and run event-driven applications that will start based on an event trigger, scaling resources as needed.
VMware has partnered with Google and other industry leaders to develop Knative and run functions on top of Kubernetes. VMware also introduced an alpha version of Project riff for running functions particularly focused on event streams. In the end, VMware is not currently providing a solution to run serverless workloads on its own infrastructure, even though some projects are being developed.
No discussion of serverless solutions should fail to mention Tanzu Application Service, a product created from the previously existing Pivotal Application Service that allows the source code of an application to be pushed on the cloud and deployed on top of an ad hoc infrastructure, making it accessible worldwide. Even though it can’t be considered technically serverless, it is a fast way to deploy code onto the cloud, without having to worry about building the underlying infrastructure.
Microsoft is proposing a serverless solution on its cloud but hasn’t enlarged this product to the multi-cloud environment, and it hasn’t acquired a Kubernetes serverless approach yet.
- Single management interface
Three of the four products offer a single interface where the user can both manage and provide resources. Azure Arc is, at the moment, the only one which doesn’t allow for provision of Kubernetes clusters out of its own cloud, but instead guarantees the ability to create, manage, and monitor virtual machines and databases side by side with Azure services, in different public clouds, while accessing those through the Azure Console.
- Configuration management
Configuration management is a process for maintaining computer systems, servers, and software in a desired, consistent state. It is a way to make sure that the state which is active on a system reflects the desired state described in the linked repository in its totality.
Anthos, Azure Arc, and Tanzu have a configuration management tool included in the product’s set, whereas Red Hat OpenShift relies on Red Hat Ansible Automation Platform to maintain consistency between resources in the architecture.
Google proposes Anthos Configuration Management to apply common configuration across all infrastructures, including custom policies, both on-premises and across clouds.
VMware’s crown jewel is called Tanzu Mission Control (TMC). It provides lifecycle management for Kubernetes clusters from a single point of control. It allows users to attach existing clusters and take control of them, as well as to create clusters on different clouds. TMC’s Cluster Groups make it possible to apply policies and configurations to multiple clusters, and Workspaces enable management of the Access Control of an application that belongs to different namespaces, clusters, or clouds.
Azure Arc allows users to “standardize the change control” with a declarative configuration management system that permits the adoption of the usual “set of cloud practices” on-premises.
- Service mesh
A service mesh is a configurable, low latency infrastructure layer designed to handle a high volume of network-based interprocess communication among application infrastructure services using application programming interfaces (APIs). A service mesh’s main goal is to manage traffic between microservices while applying security policies and collecting telemetry data.
The best-known service mesh architecture nowadays is Istio, backed by Google, IBM, and Lyft, and it is only supported by a single container orchestration framework, Kubernetes.
Google, Red Hat, and VMware are providing in their solution a service mesh tool, developed as an extension of Istio to be well integrated into Kubernetes clusters.
Microsoft has not announced a service mesh integration over the Kubernetes clusters management yet.
- Virtual machine approach
With the release of its new product, Google has the specific goal of modernizing infrastructure and taking another step towards innovation. Google’s product doesn’t seem to support virtual machines, instead offering a way to migrate VMs directly into containers running on GKE clusters, through “Anthos Migrate.” As Urs Hölzle stated: “It’s not just lift-and-shift. It’s really more of modernizing or containerizing applications. The power of Anthos Migrate is that the destination can be anywhere that runs Anthos, it’s not about taking a VM and moving it to the cloud. It’s about moving it to an Anthos-managed cloud.”
It is explicitly the intent of Google to “modernize” with a strong focus on containerization and Kubernetes migration. Between the contenders, Anthos seems to be the only one to provide this kind of help to container migration.
On the other side, Azure’s motto may be read as: “no pressure on innovating, let’s give business the time it needs.”
Microsoft wants to ensure support for Linux and Windows VMs wherever they are maintained, on-prem or on the public cloud, without pressuring the business to migrate virtual machines and private computing to containers and the cloud.
Any virtual machine on any infrastructure can be linked to Azure Portal through Arc and can be managed there like an Azure cloud resource. Microsoft is the only one of the challengers under consideration here to provide this kind of feature.
- Kubernetes all-in-one software
VMware Tanzu’s product has achieved the goal of abstracting Kubernetes from the infrastructure in order to work on every type of platform. At the same time, through Tanzu Project Pacific, they are following a specific path to innovate the Kubernetes tool. VMware is proposing a software solution that puts Kubernetes at the center and makes it the main control tool. The same exact Yaml syntax that has always been used to create clusters, is now the means to create virtual machines, databases, and other third-party services in the whole hybrid multi-cloud environment.
At this moment, it may be premature to choose one product over another, since all four of the presented services are still at an early stage. It will take some time to understand what is just “marketing and business” and what constitutes the real features of the solution. In any case, it is already possible to get an idea of what’s coming next and what is already available, and it isn’t hard at all to realize how crucial it is, especially when it comes to making a choice that fits business needs.
ti&m has already moved towards the hybrid multi-cloud. Not only are we offering OpenShift clusters for application hosting, but we are also adding Anthos to our portfolio of products and planning to comprehensively include Azure Arc and Tanzu as well. At the beginning of this year, ti&m strengthened its partnership with Google carrying out an Anthos installation, the first ever in Switzerland, and designing an operational Anthos lab environment to demonstrate the features to the public. You can contact me to try them out.
The “multi-cloud war” has just begun. What will determine the winner is not buzzwords in online titles but the users’ reviews and feedback about the “real” products.
Trust in a relationship is a must and this is not only holds true for private lives but also in the virtual life. While trustworthiness for established authentication protocols is mainly based on agreement between entities, certificates and keys, trust in the identity delegation context is ambiguous because the owner might not be the consumer of the API. This post addresses some trust concerns when introducing protocols based on identity delegation that de-facto lead to an identity paradigm shift.find more information
Using Kubernetes is simple, for example as a managed service such as Azure Kubernetes Service (AKS) and especially for first-day operations. In the long term, you want to gain visibility into the cluster and monitor certain events – this applies to non-managed service clusters, too.find more information
Wie man agiles Arbeiten auch spielerisch erlernen kann, haben wir bei der Axpo gezeigt. Wir bauten einen Marsrover mit agilen Methoden. Was gar nicht so einfach war, jedoch gut gemeistert wurde.find more information
How a differentiated cloud strategy is supporting the digital transformation of SBB.find more information
Die Schweiz hat mit der App Builders Konferenz einmal mehr bewiesen, dass sie ein iOS-Land ist. In diesem Artikel geht es um die Impressionen der „App Builders Switzerland 2016“, der ersten Schweizer Konferenz von Entwicklern für Entwickler in Europa.find more information