v

Cloud Portability: Why it Matters and What to Think About

Featuring real-life examples from Puppet customers

2 Cloud Portability: Why it Matters and What to Think About

When we talk about cloud portability, we're really talking about the ability to put workloads wherever it makes most sense, both technically and economically. You may want to start out with one cloud vendor and then switch to another, once you have a better idea of what your cloud needs are. You should be able to launch a new application (or migrate an existing one) with any cloud vendor offering services and pricing that work best for your organization — or host them in your own data center, if that pencils out the best.

You should also be able to count on your cloud provider and cloud infrastructure for disaster recovery and backup, both for the sake of your own business and to meet your service-level agreements (SLAs) with customers and partners. And you should be able to ensure your applications and data are secure, no matter where you run and host them.

Wherever you choose to deploy software that's important to your business, you need to:

• Control costs.

• Stay flexible and avoid vendor lock-in.

• Ensure compliance with your organization's security requirements.

• Have the ability to scale quickly as needed, when the business demands it.

Let's take a look at each of these areas.

In Cloud and the Enterprise: Benefits, Pitfalls, and How Puppet Helps, we discussed the reasons why enterprise companies — including a number of our customers — make a move to the cloud. In this ebook, we’re focusing on one specific consideration for organizations moving to the cloud: portability, and why it should matter to you.

3 Cloud Portability: Why it Matters and What to Think About

Controlling costsCloud services pricing can fluctuate as market conditions change, and a vendor entering a new market will often offer aggressive pricing. It's not just pricing that vendors compete on, but also new features and packages to attract new customers, and keep the renewals coming in.

Whether you're changing back and forth quickly, or you choose to use a couple of different cloud services for different parts of your business, you will want to make sure your cloud usage is controlled by your organization's policies. You also need to make sure you have complete visibility into the state of all your applications, services and configurations — wherever they exist.

That's where Puppet's infrastructure automation works so well: It allows you to keep constant visibility into the state of every piece of your infrastructure, and control over it, whether it's located in the public cloud or your own physical data center. You can see which cloud resources are still running, and determine whether they're needed or not. That visibility helps you control costs.

“We have to size our systems to meet anticipated load at those times. But to have all those resources for 365 days of the year is expensive...we started exploring the cloud to see if we could move some of our workload there during peak periods.”

Veerakishore Vellanki Director of IT infrastructure 1-800-Flower.com

1-800-Flowers.com bursts to the cloud during holiday periods, when there’s a big upsurge in gift purchasing activity — and therefore, much heavier workloads.

4 Cloud Portability: Why it Matters and What to Think About

Flexibility and avoiding vendor lock-inIt's becoming quite common for companies to use multiple cloud providers because of issues like costs, data sovereignty laws and SLAs. In fact, IDC's January 2016 CloudView Survey1 of 409 North America-based organizations described as heavy cloud users (i.e., using clouds for multiple applications) found that 74 percent of those surveyed described their cloud strategy as hybrid. That is, they were using, or planning to use, multiple public and/or private cloud options.

There are many good reasons for a company to use multiple cloud providers:

• Failover options if a cloud vendor's service goes down.

• Making sure you're getting the best deal for your needs at any given time.

• Ability to provide the right menu of services to your users.

1 IDC: North American Enterprise Hybrid Cloud Managers Prioritize Automation and Orchestration, April 2016 - Doc # US41177116

5 Cloud Portability: Why it Matters and What to Think About

Highly visible outages like the Amazon Web Services (AWS) event of February 2017 illustrate the importance of the first point about failover options, and the second — getting the best deal for your needs — is obvious, too. What's less obvious — at least until you're actually using a cloud service — are any trade-offs between different cloud vendors' practices. For example, at the time of writing this ebook, AWS bills for its EC2 service by the hour, while Google Compute Services bills by the minute for its equivalent service. This difference in billing practices might matter to your business, depending on how your applications consume cloud services.

Your various work groups will notice these trade-offs. Giving them the ability to switch from one service to another can help teams avoid obstructions and slowdowns. In the same IDC CloudView Survey cited previously, 65 percent of IT decision makers who had hybrid or multi-cloud environments said they planned to use automation to give their users application portability across different cloud services. And 58 percent said they planned to offer users self-service catalogs spanning multiple cloud service offerings from different vendors2.

“Whether our customer chooses to have their IT with Amazon or Google or Azure, it doesn’t really matter to us, because we use Puppet to manage the whole base layer of those systems.”

Jerry Caupain IT architect KPN

KPN, the largest telco and IT service provider in The Netherlands, uses Puppet to provide a standardized management platform for any cloud service its customers prefer.

2 IDC: Multicloud Management Priorities: Automation, Portability, and Unified Self-Service, July 2016 - Doc # US41587016

6 Cloud Portability: Why it Matters and What to Think About

Ensure compliance with your security policies … and your customers' policiesMany organizations identify security as one of their biggest concerns about moving to the cloud. How can you make sure your applications and data will remain secure when they're living on servers outside your own four walls?

“We have a number of customers that have very strict security requirements. Not every customer has the same security requirements. So on a customer-by-customer basis, we can apply whatever security policy they need at the OS side with Puppet Enterprise.”

Sean Milichamp Vice president of IT Secure-24

Secure-24 delivers a range of managed cloud services to companies and public-sector organizations all over the world.

7 Cloud Portability: Why it Matters and What to Think About

“We’ve developed a couple of [Puppet] modules to enforce certain security benchmarks.And we are helping customers achieve certain levels of compliancy. For PCI DSS compliancy, for instance, Puppet plays a really important part by enforcing the desired state.”

Jerry Caupain IT architect KPN

By automating provisioning and management of cloud infrastructure, you can make sure the same security policies you apply to your private cloud machines and physical machines are also applied to your public-cloud resources. Manual provisioning is not really secure, because it's prone to human error. It's also slow and inefficient, and leads to shadow IT — developers pulling out their credit cards and renting cloud machines so they don't have to wait for IT to get their work done. These machines may not be configured according to your security policies, opening up more risk.

If, however, your IT team creates and provides a standard, automated way to spin up and manage cloud servers, you reduce both risks and costs. Your organization can move faster and more efficiently; you can enforce security policies (and other policies, too). Even better, you can build a self-service interface for developers and others in your organization to get the cloud resources they need, putting an end to shadow IT.

8 Cloud Portability: Why it Matters and What to Think About

Scale quickly, when the business demands itA common reason for companies to adopt a cloud strategy is the need to scale up when workloads peak. Many companies have seasonal increases in sales or other user demand. Just think about holiday buying seasons for retailers; tax-return deadlines for government revenue agencies and tax-preparation firms; and course registration periods for universities.

Then there are periods of high demand you can't predict, but do have to plan for — emergencies like tornadoes, ice storms, bridge collapses or internet outages. On a happier note, your product or service could be touted on social media by a much-followed celebrity. You don't want to blow this opportunity because you don't have enough capacity to deal with a flood of online orders, downloads or inquiries.

“One of our goals is to rapidly build the whole application stack in the cloud — internal or external, or hybrid — and to tear it down and build it back again as and when we need it. How can you do all that, including the required customization, without an automation tool like Puppet?”

Magesh Ruthrapathy Vice President of IT 1-800-Flowers.com

9 Cloud Portability: Why it Matters and What to Think About

Before the wide availability of cloud services, organizations simply built or rented enough data center capacity to deal with expected peak demand. But that's a costly solution. Cloud looks like a great, flexible answer, until you realize that you can't manage cloud manually in these circumstances. You need to be able to automate moving workloads to the cloud, and expand them there, too. Automation is especially important if you want to make sure all your cloud resources are configured in line with your security policies, and that you're fulfilling your SLAs.

Here's where a solution like Puppet really proves itself. With Puppet, you can create a standard way to spin up new cloud resources, so that your configurations for security and SLAs are built right in. And these configurations can be continually enforced for the entire life of the cloud resources. Furthermore, you can see every resource you have, and how it's being used, so you can keep cloud usage — and costs — under control.

“The big win here was just being able to treat AWS EC2 instances as regular old VMs, and let Puppet Enterprise do its magic.”

Richard Guest Platform Manager GNS Science

GNS Science, the company that operates GeoNet, New Zealand’s nationwide geological hazard monitoring service, moved its mobile alert system to Amazon Web Services (and other cloud providers) with the help of Puppet Enterprise. That move saved on operating costs, while giving GNS the ability to quickly scale notification services during an event such as an earthquake or tsunami.

10 Cloud Portability: Why it Matters and What to Think About

Organizations that have turned to the cloud for the flexibility it offers (as well as for backup and disaster recovery) soon find that they lose the agility and flexibility they want if they rely on manual processes to migrate to the cloud and expand there.

It’s also difficult to move workloads quickly and nimbly from one cloud provider to another if you have no automated way to do so.

Puppet helps by providing a standard, automated way to deploy applications to any environment that best suits your business needs. Because it works with all major cloud providers — including Amazon Web Services, Microsoft Azure, Google Compute Engine, OpenStack, and VMware infrastructure — Puppet lets you define your workloads in code that’s reusable across different cloud providers. Plus, Puppet works with multiple operating systems, including Windows, Linux and multiple *nix OSes, allowing you to take a standard approach to automating deployment of all your infrastructure, and the applications that run on your infrastructure.

Cloud portability & Puppet Enterprise

11 Cloud Portability: Why it Matters and What to Think About

Once you have modeled your infrastructure in Puppet code — written your middleware configurations, your application service requirements and security policies in Puppet — it’s easy to move back and forth between a physical environment, a virtualized environment, and one or more cloud environments.

If you don’t have a vendor-agnostic configuration management tool, you will likely have to model your applications for each cloud provider you choose to work with. That means hand-rolling a set of configuration files for every new setup, and shuffling a lot of code. That’s a lengthy process, and one prone to human error.

When you use Puppet, getting yourself set up in a new cloud is automated, with your configurations and policies set as you want them. And because all your infrastructure is modeled in the same language — one that’s vendor-agnostic and flexible enough to live in just about any cloud — you can run in any environment that makes sense for your business, using your preferred operating systems, monitoring tools, testing tools and more.

You can learn more about how Puppet can help you in the cloud by checking out our cloud solution page. Or email us: sales@puppet.