Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
Public Cloud as part of Cloud native strategy
Alan David Wilson
What does it mean to be cloud native?
Are all cloud types (hybrid, public, private) not the same?
When seeing a public cloud provider should you just go with the biggest?
Security, Privacy and Performance
Business Case for public cloud
Is it time to consider Public Cloud,as part of my cloud native strategy?
What does it mean to be Cloud Native?
Ability to scale up, and down, to match demand automatically.
Pay only for what you use
Breaking down the monoliths (Virtualization & containers)
What does it mean to be cloud native?
What does it mean to be Cloud Native?
Ability to scale up, and down, to match demand automatically.
Pay only for what you use
Breaking down the monoliths (Virtualization & containers)
Re-Architect & Transform at your pace
What does it mean to be cloud native?
OPPORTUNITY
Today Celcom manages 6 IT Clouds
OS / Bare Metal (HP UX, IBM AIX, SUN, Xen)
Hardware
Oracle Cloud OSVMware Cloud OS Huawei Cloud OSMicrosoft Azure Google GCP
OS/ IaaS OS/ IaaSOS/ IaaS
Cisco and EMC Hardware Oracle HardwareHuawei Hardware
AppApp
OS/ IaaS
App
OS/ IaaS
App
Network Functions
Cisco Hardware
App App
Physical Stack Oracle StackVMware Stack Huawei Stack Microsoft Azure GCP
On-Premise Bare Metal Public Cloud
Legend: Infra OS App / Svc
Private Cloud
Celcom Cloud COE
AWS
OS/ IaaS
App
AWS
72% of IT landscape virtualized
What does it mean to be cloud native?
VMWARE Huawei FusionSphere
Exadata
Oracle Cloud
AzureCloud
GCP AWSIBM, SUN, HP
etc
Today Celcom manages 6 IT Clouds
OS / Bare Metal (HP UX, IBM AIX, SUN, Xen)
Hardware
Oracle Cloud OSVMware Cloud OS Huawei Cloud OSMicrosoft Azure Google GCP
OS/ IaaS OS/ IaaSOS/ IaaS
Cisco and EMC Hardware Oracle HardwareHuawei Hardware
AppApp
OS/ IaaS
App
OS/ IaaS
App
Network Functions
Cisco Hardware
App App
Physical Stack Oracle StackVMware Stack Huawei Stack Microsoft Azure GCP
On-Premise Bare Metal Public Cloud
Legend: Infra OS App / Svc
Private Cloud
Celcom Cloud COE
AWS
OS/ IaaS
App
AWS
72% of IT landscape virtualized
Is Celcom Cloud
Native?
What does it mean to be cloud native?
VMWARE Huawei FusionSphere
Exadata
Oracle Cloud
AzureCloud
GCP AWSIBM, SUN, HP
etc
Cloud types (hybrid, private, public)
Private – 5 Bedroom house
• Own Property• Mortgage• Renovate/Expand• Facilities for personal use• 100% of maintenance cost• Security: lock & key
Public – 2 Bedroom Condo• Rent Property• Low cost of entry• No Expansion• Shared Facilities (Gym, Swimming
pool)• Shared Maintenance Costs• Security: Guards, CCTV, reception,
gates, lock & key
• Benefits of both worlds, however:
• Overheads of both worlds• May not be able to live fully
public cloud
Hybrid
Are all cloud types (hybrid, public, private) not the same?
ROLEROLE
Migration to full Hybrid multi-cloud A journey thru maturity levels driven by Business, Application and Consumption factors
Unified Hybrid Cloud Orchestration
Migration to off client premise DC
CAPEX reductionPublic Cloud Maturity of Platform / Tools
Reduced FTEs
On premise DC
TTM and Agility
WHY? AzureCloud
GCP AWS
Are all cloud types (hybrid, public, private) not the same?
ROLEROLE
Migration to full Hybrid multi-cloud A journey thru maturity levels driven by Business, Application and Consumption factors
Unified Hybrid Cloud Orchestration
What goes to public, What goes to private? Interworking ?
Migration to off client premise DC
CAPEX reductionPublic Cloud Maturity of Platform / Tools
Reduced FTEs
Application factors
Legacy applications
Network sensitive
applications
Cloud native applications
Business continuity
Regulation & compliance
Business factors
Static / Dynamic
High/low rate of change
Consumption style
On premise DC
TTM and Agility
WHY?
WHAT ?
AzureCloud
GCP AWS
Are all cloud types (hybrid, public, private) not the same?
ROLEROLE
Migration to full Hybrid multi-cloud A journey thru maturity levels driven by Business, Application and Consumption factors
Low Risk 1st HybridDeployment
Hybrid IT Becomes Mainstream
Use a Secondary Public Cloud
Initial Public Cloud Deployment
Private Cloud + Single Public Cloud
Provider
Private Cloud + Single Public Cloud
Provider
Private Cloud + Multiple Public Cloud Provider
Low risk app, less complex integration to
on prem
More critical apps, high complexity integration
Special use cases specifically met by 2nd
cloud provider
Gain maturity with new hybrid operating model
Optimize hybrid ops model for critical business services
Basic multi cloud brokering, revised ops
model
Single Public CloudProvider
Low risk, no Integration standalone apps
Gain initial maturity on public cloud
Private Cloud + Multiple Public Cloud
Provider
Complex Multi Cloud Workloads
Advanced multi cloud brokering, common
multi cloud ops framework
Multi Cloud Is the Norm
Increasing Hybrid Cloud Maturity Levels
Unified Hybrid Cloud Orchestration
What goes to public, What goes to private? Interworking ?
Migration to off client premise DC
CAPEX reductionPublic Cloud Maturity of Platform / Tools
Reduced FTEs
Application factors
Legacy applications
Network sensitive
applications
Cloud native applications
Business continuity
Regulation & compliance
Business factors
Static / Dynamic
High/low rate of change
Consumption style
On premise DC
TTM and Agility
WHY?
WHAT ? HOW?
AzureCloud
GCP AWS
Are all cloud types (hybrid, public, private) not the same?
© 2018. Proprietary & Confidential. All Rights Reserved.
Migration Attractiveness
Speed of Innovation
Leverage Cloud SaaS Migration Attractiveness
Spee
d of
Inno
vatio
n
Migration Attractiveness
How to select which workloads to migrate to cloud based on business risk, cost, innovation and agility
Clear win on agility/Innovation and least risk to go cloud
Double down on Public Cloud!
Not much room for innovation nor impact to digital CX, High migration
risk. Be cautious, can migrate last based on
risk/cost profile
Complex to migration but potential for
innovation high – Can be 2nd wave of
migration!
Even if super attractive to go Cloud,
if it does not really help in agility and CX.. Be selective – 3rd wave
Are all cloud types (hybrid, public, private) not the same?
Should you just go with the biggest?When seeing a public cloud provider should you just go with the biggest?
BIG CLOUD CO
No.This should be treated the same way you would source any IT asset that you need for your organization.
Should you just go with the biggest?When seeing a public cloud provider should you just go with the biggest?
BIG CLOUD CO
Identify your pain points, what problem are you trying to solve? (problem statement)
List down all your organizations needs in order to solve the problem identified (requirements)
Identify potential solutions that can meet your needs
Evaluate each of the proposals (biggest is not always best, need to look at requirement fit, cost, security and other factors perinate to your organization)
No.This should be treated the same way you would source any IT asset that you need for your organization.
If unsure still, come talk to us at Celcom, We’ve experience in most major cloud providers.
Security, Privacy on the cloud
Where would you keep this?
Especially if it belonged to your customer?
Security, Privacy and Performance
Security, Privacy on the cloud
Where would you keep this?
Especially if it belonged to your customer? At a private self owned
placeIn a public, shared place known for it’s security?
Security, Privacy and Performance
Security, Privacy on the cloud
Where would you keep this?
Especially if it belonged to your customer? At a private self owned
placeIn a public, shared place known for it’s security?
Locks Front door, back door & window locks Front door, back door, windows, inner door, safe room, Safe, inner cage…$$
Security, Privacy and Performance
Security, Privacy on the cloud
Where would you keep this?
Especially if it belonged to your customer? At a private self owned
placeIn a public, shared place known for it’s security?
Locks Front door, back door & window locks Front door, back door, windows, inner door, safe room, Safe, inner cage…
CCTV & Burglar Alarm Optional Investment Full CCTV, regularly tested, offsite monitoring 24x7x365 incident response
$$
$
Security, Privacy and Performance
Security, Privacy on the cloud
Where would you keep this?
Especially if it belonged to your customer? At a private self owned
placeIn a public, shared place known for it’s security?
Locks Front door, back door & window locks Front door, back door, windows, inner door, safe room, Safe, inner cage…
CCTV & Burglar Alarm Optional Investment Full CCTV, regularly tested, offsite monitoring 24x7x365 incident response
Security Guard Optional Investment (perhaps a dog?) Always multiple guards 24x7x365
$$
$
$$
Security, Privacy and Performance
Security, Privacy on the cloud
Where would you keep this?
Especially if it belonged to your customer? At a private self owned
placeIn a public, shared place known for it’s security?
Locks Front door, back door & window locks Front door, back door, windows, inner door, safe room, Safe, inner cage…
CCTV & Burglar Alarm Optional Investment Full CCTV, regularly tested, offsite monitoring 24x7x365 incident response
Security Guard Optional Investment (perhaps a dog?) Always multiple guards 24x7x365
Experience in fighting off an attack ? Fully trained for event and may have had to fend off an actual attack
$$
$
$$
?
Security, Privacy and Performance
Security, Privacy on the cloud
Where would you keep this?
Especially if it belonged to your customer? At a private self owned
placeIn a public, shared place known for it’s security?
Locks Front door, back door & window locks Front door, back door, windows, inner door, safe room, Safe, inner cage…
CCTV & Burglar Alarm Optional Investment Full CCTV, regularly tested, offsite monitoring 24x7x365 incident response
Security Guard Optional Investment (perhaps a dog?) Always multiple guards 24x7x365
Experience in fighting off an attack ? Fully trained for event and may have had to fend off an actual attack
Certificates ? CCBSO, ISO27001, PCIDSS, etc
$$
$
$$
?
$$
Security, Privacy and Performance
Security, Privacy on the cloud
Where would you keep this?
Especially if it belonged to your customer? At a private self owned
placeIn a public, shared place known for it’s security?
Locks Front door, back door & window locks Front door, back door, windows, inner door, safe room, Safe, inner cage…
CCTV & Burglar Alarm Optional Investment Full CCTV, regularly tested, offsite monitoring 24x7x365 incident response
Security Guard Optional Investment (perhaps a dog?) Always multiple guards 24x7x365
Experience in fighting off an attack ? Fully trained for event and may have had to fend off an actual attack
Certificates ? CCBSO, ISO27001, PCIDSS, etc
Insurance For a million dollar necklace? Included in banks service
$$
$
$$
?
$$
$$
Security, Privacy and Performance
Key
Cons
ider
atio
ns
Privacy on the cloudPDPA.• Know the local law – What can be stored,
what cannot be stored, what precautions are required
ISO 27018• AIM for better security standards than
what the law requires
Anonymize Data• Know what tools, such as Data
Anonymization can help. example Azure Cloud App Security
Location• Know what Zone your data will be stored in• Usually selectable from most cloud
providersKe
y Co
nsid
erat
ions
Und
erst
and
your
Res
pons
ibili
ties
Customer is responsible for•Data (you decide where to put it)•Customer Consent•Policy
Cloud provider•Infrastructure & Physical Security•Security tools (maybe chargeable)
Und
erst
and
your
resp
onsib
ilitie
sSecurity, Privacy and Performance
Performance on the cloudSuggest to Migrate in Waves as you learn a lot! About how your systems work and yes some adjustments will be necessary along the way. Plus keep in mind you’re a telco! Networks is what we do
Wave 6: Systems were slow, but everything in cloud was showing green, we even put extra CPU, extra memory and fast disks
Then we took a look at the network link.
Security, Privacy and Performance
Performance on the cloudSuggest to Migrate in Waves as you learn a lot! About how your systems work and yes some adjustments will be necessary along the way. Plus keep in mind you’re a telco! Networks is what we do
Wave 6: Systems were slow, but everything in cloud was showing green, we even put extra CPU, extra memory and fast disks
Then we took a look at the network link.
Wave 8: We had resolved our routing challenges and increased the link capacity to the cloud. Now a huge spike every Saturday at 4am?
Ah! We need to re-invent how we do DB backups when on cloud
Security, Privacy and Performance
Understanding the Key Cost Drivers
Data center (Building)
Network (leased lines)
Power & Utilities
Security (Physical & Digital, OS Patch)
Servers (Physical Infra)
Support costs (People, 24x7x365) Typically Serves Customer of 1
Traditional Data Centre Model
Typically Serves many Customers
Disaster Recovery (requires all of the above again!)
• Subscription Costs• Leased line Costs• Data extraction Costs (egress)
Business Case for public cloud
What are the Benefits?Business Case for public cloud
Quantifiable Benefits Non Quantifiable Benefits
Asset Depreciation – Is it time to make a hardware investment? (Cost Avoidance)
Opportunity to discover and sunset old forgotten about assets
Opportunity to rearchitect a new data center, better security in virtualized world
Enabler for Agile and DevOps as VMs can be provisioned via self service within minutes
Real time on line dashboards for cost consumption
Better understanding of how applications and their traffic works.
Autoscaling – Do you have a workload that has high peak loads, but low average load.
Right sizing – Using Autoscaling, you maybe able to downsize a number of environments hence paying only for what you use.Disaster Recovery – Critical systems no longer require duplicated hardware to be on all the time, DR systems can be in a standby offline state and activated only in the event of a DR.
Overheads of running on prem (infrastructure maintenance, OS Patching etc)
Take things in small waves So you learn. You will have to learn about security, networking, sizing, deployments, everything infra related!
Take an Evolutionary approach to your architecture (On cloud it’s software defined, so you can scrap what doesn’t work and try again) oh and by the way, you’re going to have to learn SDN anyhow for 5G
Timing. If you’ve just made a huge investment (tech refresh, new hardware etc) these assets take time to depreciate, this will impact your business case.
Security is not taken for granted, but the cloud providers have access to the worlds experts on the subject, use them and challenge them!
Have ethical hackers or independent agency attempt to breach your on prem and your cloud deployment
this gives you a baseline for security gaps in both. Build the cost of closing these gaps into your business case.
Summary: Is it time to Consider Public Cloud?Yes, but plan your journey!
These are some of the key lessons learned from Celcom’s Journey to public cloud
Business Case for public cloud
THANK YOU NO part of this presentation may be circulated, quoted, or reproduced for distribution without the prior written consent of Celcom AXIATA Berhad. The information contained in this presentation is proprietary and is for Celcom AXIATA Berhad’s Internal Use.
The information is not meant to be comprehensive and any material contained in this presentation is provided "As-is" and without warranties of any kind; either expressed or implied for the fullest extent permissible pursuant to the applicable Malaysian Law(s).