Introduction to Over the years, with the vigorous development and landing of cloud computing technology, more and more companies have chosen to use cloud computing technology to help them quickly complete the digital transformation of their business, so as to better adapt to market changes and win more Large market space.
Author|Hao Shuwei
Flexera's "RightScale2021 State of the Cloud Report" pointed out that 92% of large enterprises adopt a hybrid cloud strategy. Gartner also stated in a report that in the future 90% of medium and large enterprises will use a hybrid cloud architecture to manage their infrastructure.
Over the years, with the vigorous development and landing of cloud computing technology, more and more companies choose to use cloud computing technology to help them quickly complete the digital transformation of their business, so as to better adapt to market changes and win greater market space. . Among them, a large number of companies choose to deploy their business in the cloud for reasons such as reducing technology development and operation and maintenance costs, and enjoying instant services anytime, anywhere. Some companies choose to deploy their business in the cloud due to data sovereignty and security and privacy considerations. Build your own proprietary cloud platform in your own internal data center environment; enterprise users who have requirements for both public and proprietary clouds will choose to build a hybrid cloud architecture.
is what requires a hybrid cloud architecture
Enterprise's own business security considerations
For enterprise users, especially large-scale enterprise users, there is a certain risk of entrusting the company's key "lifeline" business to an external cloud vendor for protection. Although public cloud vendors usually provide safe and reliable redundant solutions to ensure the uninterrupted service of enterprise users, it is not without accidents. Using a hybrid cloud solution can ensure that enterprise users have both A and B solutions to choose and switch at the same time, ensuring business stability to the utmost extent.
Regulatory requirements for data sovereignty and security privacy
Some laws and regulations or the company’s own security policies have rigid requirements for the location where their corporate data is stored or resided. For example, the EU’s "General Data Protection Regulation" (GDRP) and other digital supervision measures for data controllers and data processors, For example, corporate policies require that data can only reside in designated locations for the purpose of protecting data privacy and security, and so on. Hybrid cloud cloud architecture can help enterprise users meet this type of demand.
Enjoy the service features of cloud vendors
There are certain differences in the quality of services provided by local cloud and public cloud vendors. This difference is reflected in all aspects and depends on the actual needs and considerations of users. For example, the difference in geographic coverage. Business users usually provide services in the local cloud. The services provided by cloud vendors in a specific area are better in terms of access delay. Business users have important customers in this area and are interested in cloud services. If there are high requirements for the access delay, enterprise users will choose to deploy services in this area on the public cloud, and other services will continue to be deployed on the local cloud.
Cost optimization
The local cloud lacks flexible capacity expansion and contraction capabilities in infrastructure, and it is impossible to rationally arrange basic computing resources according to actual needs during business peaks and troughs, resulting in a large amount of waste of resources and increased costs. However, the cloud is flexible, agile, and on-demand. The feature of expansion and contraction can make up for this shortcoming of the local cloud.
Follow technological innovation
Regarding the technological innovation and evolution of high-precision technologies such as artificial intelligence, machine learning, and the Internet of Things, cloud vendors are usually able to provide corresponding cloud services in the first time, and enterprise users can use these at a lower cost. Cloud services, and promote the company's own technological innovation and development, hybrid cloud architecture allows companies to use the best cloud services anytime, anywhere.
evolution of hybrid cloud architecture 1614efa31a7428
Public cloud and local cloud are two different clouds. They have different infrastructures, different capabilities and features, and different API interfaces. To build a hybrid cloud architecture, on the one hand, cloud providers need to spend a lot of effort in adapting and integrating clouds. In terms of platform capabilities, on the other hand, users cannot really switch cloud service providers on demand under this architecture. Instead, it is another form of binding. The various defects of traditional hybrid cloud have made this cloud architecture unable to form a standardized ecosystem, which is why we have always been unable to build unified management and unified delivery for this cloud architecture.
The emergence of Kubernetes has brought the hybrid cloud architecture into the 2.0 era. A number of Kubernetes features and related ecosystems provide possibilities for the standardization of hybrid clouds:
- Cloud native technology represented by Kubernetes shields the differences in infrastructure. At present, various cloud vendors and a large number of data centers have implemented these technologies, making it possible to apply "define once, deploy everywhere".
- Kubernetes' standardized and declarative API simplifies the deployment of applications, makes application delivery more and more standardized and unified, and supports the use of the same way to describe and orchestrate applications on different clouds
- Grid service technology can span multiple Kubernetes clusters to achieve unified traffic management and service governance, so that application services under the hybrid cloud architecture are unified to a control plane for management.
In the cloud-native era, cloud-native technologies represented by Kubernetes have promoted the arrival of an application-centric hybrid cloud architecture. Kubernetes has become the de facto basis for enterprise multi-cluster management.
Typical usage scenarios of cloud native hybrid cloud multi-cluster
Live more in different places-cross-regional disaster recovery
Although from the perspective of infrastructure services and the Kubernetes container platform, users can build a high-availability application business architecture at low cost, but for some businesses that require higher disaster tolerance capabilities, they also need to use regional-level capacity such as multiple activities in different places. Disaster capacity to achieve.
Users can build multiple clusters in different regions of a single cloud vendor, or they can build multiple clusters in different regions of offline IDC and online cloud vendors to realize the remote deployment of business applications. The following figure shows the active-active deployment of container clusters in IDC and public cloud in a hybrid cloud scenario. In a remote multi-active architecture, the business load of the application is deployed on multiple clusters at the same time, and then a global DNS is used The service forwards the request to the corresponding back-end cluster. When one of the clusters fails to process the request, the DNS service will automatically process the request and only forward the request to the healthy cluster.
low latency-visit
For users engaged in globalized international business, the service's visitors are widely distributed. If the server is deployed in a certain area, it will inevitably cause a problem of poor network experience in other areas.
In this scenario, we can choose to deploy clusters in multiple regions, and forward user requests to the nearest cluster for processing through intelligent DNS resolution to minimize the delay caused by the network. For example, in the figure below, an application service is deployed in Kubernetes clusters in Beijing, Chengdu, and Hong Kong. User requests from the North China region will be intelligently resolved to the Kubernetes cluster in Beijing, and user requests from the Southwest region will be intelligently resolved to For the Kubernetes cluster in Chengdu, user requests from overseas will be intelligently resolved to the Kubernetes cluster in Hong Kong, which can minimize network delays caused by geographic distance and bring a consistent service experience to users everywhere.
Reduce the explosion radius
Under normal circumstances, multiple small-scale clusters are easier to perform fault isolation than a large-scale cluster. Clusters may be unable to process requests due to disk, network, and other failures. Using multiple clusters can limit and isolate the failures to a certain cluster, avoiding a greater chain reaction.
Business isolation
Different businesses usually need to do business isolation. Although Kubernetes itself also has a namespace mechanism to help users perform security isolation, this is only a logical soft isolation. Different namespaces can still communicate with each other on the network, and there is also resource preemption. The problem requires further configuration of network isolation strategies and resource quotas.
Choosing to deploy different services in different Kubernetes clusters can physically isolate the services completely, and the security and reliability are higher than using namespace isolation. For example, different departments within the enterprise deploy their own independent clusters, and use multiple clusters to separately deploy development/test/production environments.
Summary
Going to the cloud is the general trend. Some enterprise customers will adopt a hybrid cloud architecture based on data sovereignty and security and privacy considerations; and some enterprise customers will choose hybrid cloud plus multiple clusters based on data sovereignty, cost optimization, and improved geographic coverage. Architecture. Hybrid cloud and multi-cluster architecture has become the new normal for enterprises to go to the cloud.
If you want to learn more about enterprise IT solutions, application scenarios and usage methods under the integration of cloud native and hybrid cloud, please click to read the original text to understand, or nail the QR code to join the "Alibaba Cloud Container Service ACK User Group":
Book donation benefits
- What do you think is the biggest challenge facing modern IT?
- What are your concerns about cloud native technology?
- What application scenarios do you expect cloud-native technology in the hybrid cloud architecture, and why?
If you want to express your own opinions on any of the above issues, you are welcome to post in the message area and discuss with you before 18:00 on September 17th. Alibaba Cloud Native Official Account will select the top 3 comments and give them a thumbs-up. Alibaba Cloud Container Service Technical Expert Hao Shuwei's new book "Multi-cloud and Hybrid Cloud: Cloud Native Multi-cluster and Application Management". Looking forward to your exchange!
__Author's profile__
__Hao Shuwei, Alibaba Cloud container service technology expert, a core member of the cloud-native distributed cloud team, focuses on the research of cloud-native technologies such as unified management and scheduling of cloud-native multi-clusters, hybrid clusters, application delivery and migration. __Click to read the original text to learn about Alibaba Cloud Container Service "ACK Hybrid Cloud Cluster User Guide"
Copyright Notice: content of this article is contributed spontaneously by Alibaba Cloud real-name registered users. The copyright belongs to the original author. The Alibaba Cloud Developer Community does not own its copyright and does not assume corresponding legal responsibilities. For specific rules, please refer to the "Alibaba Cloud Developer Community User Service Agreement" and the "Alibaba Cloud Developer Community Intellectual Property Protection Guidelines". If you find suspected plagiarism in this community, fill in the infringement complaint form to report it. Once verified, the community will immediately delete the suspected infringing content.
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。