Multi-cloud is a type of cloud architecture in which an organization uses two or more clouds simultaneously. That, at least, is the simple definition of multi-cloud. Keep reading for a more detailed take on what multi-cloud means, how it works and why organizations are increasingly adopting multi-cloud architectures.
There are three specific forms that multi-cloud architectures can take:
- Private-and-private: You could build a multi-cloud architecture that consists of two or more private clouds that you build using a platform like OpenStack. Private clouds could run on private infrastructure (like an on-prem data center), but they could also be hosted using public cloud infrastructure that is configured in a way that isolates it from the rest of the public cloud environment.
- Public-and-public: A multi-cloud environment could consist of two or more public clouds, like AWS and Azure, that you use simultaneously.
- Private-and-public: You could run a mix of public and private clouds. A private OpenStack cloud running alongside a public cloud like Azure or Google Cloud Platform would also qualify as multi-cloud, for instance.
Why use multiple clouds?
There are a variety of reasons to consider a multi-cloud architecture. The most important include:
- Cost: Using more clouds gives you a greater ability to strike an optimal balance between cloud service features and performance on the one hand, and pricing on the other. This is due to the simple fact that having more clouds gives you more options to choose from.
- Resilience: When you use multiple clouds instead of hosting everything in a single cloud, you will not face a total disruption in the event that one cloud fails. However, it’s important to note that multi-cloud doesn’t automatically guarantee high availability or fault tolerance; you would have to mirror your workloads across multiple clouds, or configure automated workload failover from one cloud to another, to achieve this.
- Privacy and compliance: Leveraging multiple clouds may make it easier to satisfy compliance rules, especially if the rules require data to be stored in a specific geographic region or with specific security features enabled. The more clouds and cloud services you have to choose from, the easier it is to configure a strategy that meets your compliance mandates.
- Vendor-agnosticism: Using multiple clouds doesn’t necessarily mean you won’t become dependent on cloud services from a particular vendor or platform, but it does generally encourage a vendor-agnostic cloud strategy. When you design your workloads to function across multiple clouds, you are less likely to become locked into a specific cloud.
Multi-cloud vs. hybrid cloud
Multi-cloud architectures are similar to hybrid cloud in that hybrid cloud also involves using resources from multiple sources to set up a cloud environment.
However, with hybrid cloud, some resources consist of private servers, while others come from a public cloud. In contrast, multi-cloud architectures don’t have to involve private infrastructure and public cloud infrastructure (although they could if your multi-cloud strategy pairs a private cloud with a public cloud).
Most definitions of hybrid cloud also imply that there is a single control plane that manages both the private and public portions of your cloud environment. This is different from multi-cloud architectures, in which there is not typically a single management layer that controls all parts of the cloud architecture. Multi-cloud architectures can – and often do – involve some level of integration between different clouds, but teams can’t manage everything in a multi-cloud setup through just one tool or platform.
Managing multiple clouds
The way you manage workloads in a multi-cloud architecture depends on which types of workloads you are running, and which types of clouds you are running them on.
If all of your clouds are public clouds, it may be difficult to manage them through a central control plane, because the administrative tools that public clouds offer generally only work within a specific public cloud. You’ll typically need to use management tools from multiple public cloud vendors in this case, combined with third-party solutions that can work across clouds.
In contrast, if you are running multiple private clouds using an open source platform like OpenStack or Kubernetes, it is possible to consolidate them around a single control plane if you create a separate cluster for each cloud.
Kubernetes can also be used to centralize management of a multi-cloud architecture that includes private and public clouds. The caveat here is that all of your multi-cloud workloads would need to be deployed in Kubernetes. Kubernetes can’t be used to manage external resources that are hosted in an independent cloud service – like a VM instance running in AWS EC2 or a storage bucket in AWS S3. You’d have to manage resources like those separately from whichever deployments are hosted in Kubernetes.
Networking for multi-cloud
Like multi-cloud management, configuring networking for multiple clouds depends on the nature of your architecture. If all of your clouds are public clouds, you can use a strategy like VPC peering to enable network connectivity between them.
If you are running a mix of on-prem private clouds and public clouds, you may need to set up site-to-site connections. Services like AWS DirectConnect and Azure ExpressRoute, which provide optimized network connections between private data centers and public clouds, may also be useful in multi-cloud architectures that involve both private and public resources, although they are not strictly necessary.
The major security challenge that organizations face when they adopt multiple clouds is that each cloud typically has its own tooling for managing roles, access controls, encryption and other security features. It’s therefore difficult to consolidate your tooling, unless all of your clouds are managed via a single control plane (like, again, OpenStack or Kubernetes).
To a large extent, securing multiple clouds simply involves coping with this complexity; there is no simple solution for managing security in a simple way across multiple clouds. However, some third-party vendors now offer tools that provide features like a single Identity and Access Management (IAM) framework that can be applied across multiple clouds. Such a solution doesn’t simplify all aspects of multi-cloud security, but it does reduce some of the complexity by eliminating the need to manage a separate IAM framework for each cloud that you use.