Multi-Cloud API Authorization Challenges

As more and more companies move to a multi-cloud strategy and increase usage of a cloud-native infrastructure, API providers are under a lot of pressure to deliver APIs at scale in multi-cloud environments. At the same time, APIs should follow each company’s security requirements and best practices, no matter the cloud platform. These reasons explain why many providers have such complex API authorization requirements.

Let's assume in a company that multiple teams from different lines of business are building and deploying APIs in the Azure cloud. Different teams use different technologies to build these APIs (e.g., Azure Functions, Node.js). A company might host applications that consume the APIs on the same network, such as a company's AWS account or external SaaS applications.

January 5, 2022

What Does 2022 Have in Store for Cybersecurity and Cloud Security Specialists?

Cloud adoption and industry transformation are accelerating as the world looks for efficiency. Let’s face it, 2022 promises to be another busy year for cybersecurity and cloud security specialists.

According to the 2021 ISC Cybersecurity Workforce Study, we are still short 2.7 million cybersecurity professionals globally. There aren’t enough people to keep up with the rising threat, so we need to deploy automation heavily to tackle it.

December 11, 2021

Cloud Cost Management Alone Won’t Fix Your Cloud Spend Problem

The pay-per-use model of the public cloud seemed too good to be true. And you probably quickly caught onto its catch: analyzing and predicting your cloud costs is like driving blindfolded hoping that the street traffic would stay the same.

A solid cloud cost management strategy and tooling solves this problem – but only partially. Knowing what your costs are and where your costs come from isn’t going to reduce them magically.

September 20, 2021

Multiple Cloud Perspectives and Introduction To Azure Arc

Decoding Multiple Cloud Perspectives

In today’s day and age, business enterprises are finding it difficult to navigate through different complex environments that run across data centers, edge, and multiple clouds. While single cloud still holds relevance, most companies are adopting multi-cloud and hybrid cloud models. However, the terms hybrid cloud and multi-cloud are inconsistently used.

A multi-cloud strategy entails using multiple cloud services from different providers based on their performance levels at certain tasks.

May 27, 2021

Kubernetes Adoption Accelerates but Operational Challenges Persist

Introduction

Kubernetes adoption is on the rise as organizations increasingly get a grasp on what is needed to effectively manage and scale the popular platform.

That’s one of the key takeaways from a recent Traefik Labs survey of 1,097 respondents, the majority of which were software engineers and DevOps professionals. The survey found that the adoption of Kubernetes is at a strong 70%, indicating that the platform is rapidly increasing in adoption. Yet 58% say they run less than half of their business-critical applications on the container-orchestration system, implying room for wider Kubernetes uses throughout most organizations.

April 30, 2021

Building Hybrid Multi-Cloud Event Mesh With Apache Camel and Kubernetes

Part 1 || Part 2 || Part 3

This blog is part two of my three blogs on how to build a hybrid multi-cloud event mesh with Camel. In this part, I am going over the more technical aspects. Going through how I set up the event mesh demo.

January 26, 2021

Oops, We’re Multi-Cloud: A Hitchhiker’s Guide to Surviving

Over the last few years, enterprises have adopted multi-cloud strategies in an effort to increase flexibility and choice and reduce vendor lock-in. According to Flexera's 2020 State of the Cloud Report most companies embrace multi-cloud, with 93% of enterprises having a multi-cloud strategy. In a recent Gartner survey of public cloud users, 81% of respondents said they are working with two or more providers. Multi-cloud makes so many things more complicated that you need a damn good reason to justify this. At Humanitec, we see hundreds of ops and platform teams a year, and I am often surprised that there are several valid reasons to go multi-cloud. I also observe that those teams which succeed are those that take the remodeling of workflows and tooling setups seriously.

What Is Multi-Cloud Computing?

Put simply, multi-cloud means: an application or several parts of it are running on different cloud-providers. These may be public or private, but typically include at least one or more public providers. It may mean data storage or specific services are running on one cloud providers and others on another. Your entire setup can run on different cloud providers in parallel. This is distinct from hybrid cloud services where one component is running on-premise and other parts of your application are running in the cloud.

January 19, 2021

What Does Being Cloud-Native Mean for a Database? [Webinar Sign-up]

Different cloud-native technologies and methodologies – including containers, Kubernetes, microservices, and service meshes – are all being used by organizations today, particularly enterprise developers and DevOps teams, 90% of which say cloud-native is somewhat or very important. As development and DevOps start to become "cloud-native," the database should too. But, what does being cloud-native mean for a database?

Learn how Couchbase maximizes cloud-native technologies' advantages by natively integrating using the Couchbase Autonomous Operator to deliver a geo-distributed database platform, providing a hybrid, multi-cloud database solution for organizations. Couchbase Autonomous Operator enables developers and DevOps teams to run Couchbase as a stateful database application next to their microservices applications on a Kubernetes platform, which frees organizations from cloud vendor lock-in and supports hybrid and multi-cloud strategies.

December 2, 2020December 23, 2020

Lessons Learned from the November AWS Outage

Context, Analysis, and Impact

Amazon’s internet infrastructure service experienced a multi-hour outage on Wednesday, November 25th, that affected a large portion of the internet.
More than 50+ companies were impacted, including Roku, Adobe, Flickr, Twilio, Tribune Publishing, and Amazon’s smart security division, Ring, in its region covering the eastern U.S.
Business impacts, as reported by The Washington Post, included:
- New account activation and the mobile app for streaming media service Roku became hampered.
- Target-owned Shipt delivery service could receive and process some orders, though it stated that it was taking steps to manage capacity because of the outage.
- Photo storage service Flickr tweeted that customers couldn’t log in or create an account because of the AWS outage.

Root Cause Analysis by AWS: It started with Amazon Kinesis but started impacting a long list of services. You can read the RCA document by AWS, which is also summarized below:

Lessons Learned

#1: Don't Put All Your Eggs in One Basket

Using a single Cloud Service Provider can be counter-productive in these scenarios.
Think and strategize for Hybrid-Cloud or Private Cloud; or Multi-Cloud, particularly during peak season.

#2: Hope for the Best and Plan for the Worst

Don't just rely on a cloud provider's availability and multi-region fail-over strategy; build your own resiliency and disaster recovery approach.
Practice disaster recovery in production or similar systems by using innovative approaches in active-active setup across the multi-cloud or hybrid-cloud scenarios.

#3: Monitoring and Observability Are Not Static

Be innovative in exploring monitoring and observability patterns. For example, if AWS is reporting an outage on their status page, your monitoring system should get into action and inform the incident resolution team to start analyzing the impact.
Keep ready the services dependency graph; though mostly supported by tools, you should keep it dynamic and prepared to assess the impact when it happens and map it to business functionalities to report it to your business team accurately.

#4: Invest in Emerging Techniques, like Chaos Engineering

This failure indicates that even internet giants like AWS are still maturing in implementing practices like chaos engineering. So, start putting chaos engineering practices into the roadmap.
For example, if a bulkhead pattern could have been utilized in the AWS outage scenario, the outage would have been limited to Kinesis services only.

To conclude, being proactive when outages occur, having a response team equipped for unplanned outages, and improving continuously from lessons learned along the way are essential techniques to help keep the impact limited. Also, having a multi-cloud or hybrid-cloud strategy is food for thought to keep the business running.

June 16, 2020

Multi-Cloud and Edge Offer Massive Value but Major Challenges Persist

The increasing adoption of IoT, AI, and machine learning is changing the distribution of apps and data, which are rapidly being deployed at multi-cloud and edge environments. By 2022, Gartner expects more than 50% of enterprise data will be created and analyzed at locations like multiple clouds and the edge rather than centralized data centers. Multi-cloud and edge deployments are supporting critical new use cases, but organizations are currently facing considerable problems in achieving the transition to these highly distributed environments.

A recent global survey of more than 400 IT decision-makers shines light on the issues facing organizations as they look to support apps and data across multiple clouds and edge environments, while also revealing more about what organizations specifically look to gain from these deployments. Let’s start with multi-cloud.

March 10, 2020

Hybrid Cloud: Balancing On-Premises and Cloud Service Providers

If you think multi-cloud applications are already very flexible, wait until you really explore the advantages offered by hybrid multi-cloud. Hybrid multi-cloud, or simply hybrid cloud, combines cloud computing resources with on-premises infrastructure. There are a lot of reasons why the hybrid cloud is highly beneficial.

When you have a lot of data to process, for instance, relying on a hybrid cloud environment provides the best balance between performance and flexibility. In specific applications such as vision AI, the hybrid cloud lets users benefit from real-time, on-premises processing while keeping the system open and flexible enough using the cloud.

February 13, 2020

How Cloud Computing Is Changing in the Near Future

When multi-cloud approaches, 5G and containerization end, cloud computing will see some big interruptions.

A recent survey by Virtuousness showed that 86% of companies turn to a multi-cloud solution. Multi-cloud approaches reached a new level of acceptance in 2018. Yet despite significant adoption, in 2019, the dominance of multi-cloud companies will likely continue to increase as businesses try to avoid vendor lock-in, allowing them to be agile in implementing the most appropriate cloud technology across different departments and functions.

December 6, 2019

10 Things You Should Expect From a Container Registry

Ten things that should be on your container registry wish list.

Container registry technology is picking up steam with microservices architecture, with current Google trends indicating clear growth in this area. While there is no disagreement that a registry is needed; it is clear you need a robust one to deliver your container images to customers effectively. We should, however, set what our expectations should be when working with a container registry. Here are ten things to look for in a container registry.

You may also enjoy: Container Registries — A Battle Royale

1. Consumer-Centricity

When you create a container image, you definitely need a registry so your consumers can effectively consume both the first version, as well as subsequent versions. With continuous image updates, customers must be notified of the new versions so they can easily pull these new images in an effective and seamless fashion.

July 26, 2019

Solving the Pains of Polyglot Persistence With Distributed SQL

Today’s microservices rely on data with different models and read/write access patterns. Polyglot persistence, first introduced in 2008, states that each such data model should be powered by an independent database that is purpose-built for that model. This post highlights the loss of agility that microservices development and operations suffer when adopting polyglot persistence. We review how distributed SQL serves as an alternative approach that doesn’t compromise this agility.

E-Commerce Example

July 12, 2019

Cloud-First is Often a Mistake. Here’s Why.

For some enterprises, a “cloud-first” policy can seem like a no-brainer, especially when compared to the quagmire of traditional data center infrastructure. Yet new software-defined infrastructure solutions like hyperconverged infrastructure (HCI) also offer IT agility, as well as greater security and control than what’s available in a public cloud. Perhaps surprisingly, many actually cite cost as the key incentive for using public cloud, despite the fact that, in most cases, it is significantly more expensive than on-premises HCI solutions like Enterprise Cloud.

IDC published a study that found predictable workloads, which account for the majority of all enterprise workloads, on average were about twice as expensive to run in the public cloud as compared to running on-premises on Nutanix. And a 2018 IDC survey entitled Cloud Repatriation Accelerates in a Multicloud World reported that 80 percent of organizations had repatriated applications out of the public cloud back to on-premises, and that 50 percent of all public cloud applications installed today will move back on-premises over the next two years.

June 18, 2019

New Functionality for Hybrid Multi-Cloud Strategies

During the opening keynote at TIBCO NOW in Chicago, Matt Quinn, COO at TIBCO, introduced the new functionality TIBCO is providing to organizations with hybrid multi-cloud strategies.

This is in response to what TIBCO is seeing with clients and prospects seeking simplification with cloud-native architecture.

May 7, 2019

5 Ways to Improve Your IT Infrastructure

No matter how up-to-date your datacenter may seem, there’s always room for improvement. Growing means consistently examining your existing infrastructure for weak spots and asking if what you have in place is not only meeting the demands of your business today, but also setting you up for success in the increasingly multi-cloud focused future.

If you’re ready for an infrastructure revamp, here are a few recommendations to help you along your journey.

April 25, 2019

The Open Cloud for The Future

When cloud computing emerged, the question on many organization leaders' minds was whether to adopt it at all. Eventually, the question became not whether, but when. Now it’s which cloud tools and platforms to use—and how to ensure they work together seamlessly and securely. One of the great opportunities of the recent movements in technology is the ability to combine and integrate different tools, services, and cloud platforms. We are entering a future marked by openness and interoperability: According to recent research, 82 percent of enterprises have a hybrid cloud strategy, running applications in an average of 1.5 public clouds and 1.7 private clouds, and IDC predicts increasing adoption of hybrid cloud architectures. That’s good news for businesses. Open architectures protect companies from vendor lock-in, add critical redundancies, and enable IT leaders to tap the best solutions to meet their unique business needs without arbitrary constraints that impede progress.

The Cloud was built to help companies succeed in this open, multi-cloud world. Our commitment to openness ensures seamless user experiences across multiple environments and empowers our customers to choose the right tools and platforms to meet their business needs.