In-Depth
Optimizing and Accelerating the Cloud
Does moving to the cloud mean you give up control of your application's performance?
By Alan Murphy, Senior Technical Marketing Manager, F5 Networks
One of the continual drawbacks to moving mission-critical applications into the cloud is maintaining control over how those applications perform once moved outside the corporate data center. When an application is in-house, the enterprise IT department has control over the application and networking infrastructure. They have complete flexibility to monitor application performance and make any necessary changes to deal with a lagging application. IT can typically spin up and provisioning new application resources such as servers and new app instances to handle a strained load. Local networks can be managed to handle the growth in application traffic with larger and faster pipes or more efficient use of existing network resources.
In a multi-data-center scenario, WAN links between branch offices can be optimized and designed to carry only necessary WAN traffic. Offloading application services to a dedicated WAN optimization appliance is another common WAN management tool for controlling application performance and speed -- guaranteed application response time and available bandwidth -- that is typically required for user-facing applications. All of these options are available to enterprise IT to help accelerate and manage applications -- when all application resources can be controlled in the data center.
Many of these performance management options are not available once an application is moved into the cloud, however, because IT loses control over critical application infrastructure. One of the benefits of cloud computing is the ability to provision new application resources based on demand, but that only addresses one part of the application performance puzzle. Starting with resources closest to the application, enterprise IT typically has little control over (and often no visibility into) the LAN conditions at the cloud provider's data center.
More advanced cloud providers do provide some type of management dashboard, but customers are beholden to the provider's ability to provide real-time data that can be implemented as part of a larger auto-provisioning system, and customers are rarely able to deploy their own application and network management solutions inside the cloud.
Visibility into a cloud provider's WAN connectivity is even murkier; many application performance stats -- a key metric in measuring service-level agreements (SLAs) -- are not real-world, user-based metrics and don't adequately reflect the way users are interacting with applications in the cloud.
This lack of insight and control has always been an issue with traditional non-managed, co-located, and hosting provider networks, but customers were at least able to bring in their own solutions as needed. Unfortunately, moving a hardware-based solution into a cloud platform normally isn't a feasible option, yet controlling the application-running environment becomes more critical with cloud providers due to the pure nature of scalable cloud resources: dynamic provisioning.
IT is being asked to move mission-critical resources into the cloud with little ability to control the performance and availability of those resources. There is no guarantee that another cloud customer on the same, shared segment won't spin up 1,000 virtual machines, pushing massive amounts of application traffic over and through the cloud provider's network. In fact, this specific scenario has led to criticism of cloud computing and storage providers, particularly when malicious customers have used the flexibility and limitless computing power of the cloud to launch denial-of-service attacks -- even when a simple human error results in massive outages.
Moving an application into the cloud, however, doesn't mean you give up application management control. New options from application and network performance vendors -- as well as from the cloud providers -- are allowing enterprise IT to safely move applications outside of the data center while still maintaining the level of control and availability required for customer-facing and production applications. Traditional hardware solutions for offloading and optimizing WAN traffic, for example, aren't typically available in the cloud model and most software-based solutions today are designed to optimize the network transport rather than the application. Since network control is rarely available to cloud customers at any level it makes more sense to focus on controlling -- optimizing, securing, and managing availability -- the applications in the cloud.
Factor in application performance and availability when moving to a cloud-based environment. Most of the benefits of cloud computing are lost if and when the applications begin to suffer on the cloud-provider's LAN or over the WAN. To address these challenges, focusing on application acceleration rather than network acceleration is a critical management consideration with cloud-based application deployments. Because IT doesn't control the cloud infrastructure, the focus needs to shift to total control of the applications across the internal and external networks. Although traditional hardware solutions don't apply to typical cloud environments, there are options available for deploying the same application-centric solutions from within the cloud.
Implementing a cloud-based or virtual Application Delivery Controller (ADC) -- a software appliance that's designed to manage application performance, availability, and delivery over the network -- can be critical in taking back control over a particular part of the shared LAN. Deploying an ADC into the cloud along with the applications will enable a known set of performance standards and configurations, such as application availability SLAs, to be provisioned in the cloud and will bring some level of application control over the remote network back to the enterprise.
Software ADCs typically include network optimization and management tools as well, and these tools can be used to bring some amount of control over the WAN connections between the internal data center and the cloud as well as between end-users and the cloud. Using an ADC in the cloud is just one example of maintaining as much control over applications as possible regardless of where those applications reside. Managing application delivery over cloud-based LAN and WAN with an ADC enables the enterprise IT administrator to guarantee application access times and helps control speeds and feeds into and out of the remote cloud network.
Advanced application awareness across all products and sophisticated WAN optimization and management can help maintain application standards -- even if the applications are floating around in the cloud.
Alan Murphy is a senior technical marketing manager at F5 Networks.