Exploring the deployment models – public, private, hybrid, multi, and community

As the cloud is increasingly becoming the default option for many companies, you must choose the cloud model that is most suitable for your needs. Choosing a cloud environment type and a deployment model that aligns with your business goals is a process that you can dive into before you start your cloud journey.

Cloud deployment model

The cloud deployment model is defined by a combination of deployment types that control parameters such as the accessibility, location, and proprietorship of the infrastructure, network, and storage size.

When it comes to cloud deployment models, there are five main types:

• Public
• Private
• Hybrid
• Multi
• Community

We will discuss each of them in detail in the following subsections.

The public cloud

The public cloud deployment is accessible by anyone and is the most commonly used model. The main feature of this deployment type is that you don’t know or own any hardware. The service providers manage the server infrastructure for you, they administer the resources and maintain the hardware, and you are charged on a pay-per-use basis in most cases. Data is created and stored on the servers and these servers are shared between all the consumers:

Figure 1.8 – The public cloud

There are many benefits that businesses can reap from a public cloud deployment model:

• Easy to set up: Most CSPs have intuitive and easy-to-use portals to set up resources.
• No infrastructure maintenance: The CSP is responsible for maintaining the underlying infrastructure.
• Elasticity: It's easy to acquire or release resources to meet your business requirements.
• Highly available: The extensive ecosystem of your provider’s resources provides the required controls to run your workloads with improved uptime.
• Cost-effective: There’s a PAYG model for the services that you use and no upfront investments to purchase hardware or software.

Apart from these benefits, there are a few factors to consider if your requirements resonate with the following points:

• Security and risk mitigation: While the CSPs implement many mechanisms to make the cloud highly secure, your applications and data in the public cloud are only secure with your help. Many CSPs come with native encryption, automation, access control, orchestration, and endpoint security mechanisms to manage risk effectively.
• Prone to large-scale infrastructure events: Cloud service providers strive for high availability, but public clouds have suffered outages in the past that caused huge losses. You must do your research before deciding on the cloud computing provider for your applications that need to have the highest uptime. Irrespective of the cloud provider you choose, it is important to have an enterprise-wide incident management and remediation platform strategy to handle events effectively.
• Standard features a “one-size-fits-all” model: Many cloud service providers offer a standard set of features that cater to most companies. However, you will need to consider additional customizations or workarounds if you have applications that require CSPs to develop complex features. Some primary examples of public cloud models include Amazon Web Services (AWS), Microsoft Azure, IBM Cloud, and Google Cloud.

The private cloud

The private cloud, as its name suggests, is a dedicated cloud model where a specific business or company owns the private cloud. While the architecture of the public and private cloud is similar, the difference is in the way you own and manage the hardware. Most commonly, the hardware will be dedicated to you and you don’t share it with any other users outside your company.

The service provider will provide you with an abstraction layer for all the hardware. Here, you will be able to add new hardware to your cloud but will not be responsible for configuring it, given the semi-automatic nature of the provisioning process. You may choose this model when you have stringent security and compliance restrictions regarding the nature of the applications that you may want to run and are ready to pay high costs for the dedicated setup:

Figure 1.9 – The private cloud

Some of the characteristics of the private cloud model are as follows:

• Increased security: Cloud access through private and secure network links, along with the native antivirus, firewall protection, and encryption mechanisms, makes the private cloud environment more secure.
• Increased regulatory compliance: Due to its security and control benefits, the private cloud can help address regulatory compliance hosting requirements.
• More flexible infrastructure model: Many organizations that are moving their workloads from legacy on-premises to the cloud find it difficult to meet the customization requirements that support their applications. The infrastructure of the private cloud can be configured to provide services and support for such stringent requirements.

While there are many benefits of using the private cloud model, make sure you learn more about the following limitations before choosing the private model:

• Increased costs: The private cloud model can be more expensive than the public cloud because of the infrastructure expenses that you have to spend.
• Maintenance and deployment: Continuous deployment and maintenance require additional setup and staff, which can be time-consuming.
• Limited remote access: The private cloud has limited remote access, so mobile users may not be able to connect to the cloud whenever they want. Some examples of CSPs that provide the private cloud include Amazon, IBM, Cisco, Dell, Red Hat, Rackspace, Microsoft Azure, Red Hat OpenStack, and VMware.

The hybrid cloud

The hybrid model is a combination of on-premises, private cloud, and/or public cloud services that lets you get value from all the features of all the models. This model allows you to mix and match the other models’ capabilities to best suit your business requirements.

The hybrid cloud deployment model facilitates data and application portability to safeguard and control your assets strategically. Being able to balance multiple deployment models not only safeguards the controls but helps maximize the benefits of cost and resource utilization. Many organizations are evaluating this as a transitional model that eases you into the public cloud over a longer period:

Figure 1.10 – The hybrid cloud

The following are the benefits of the hybrid cloud model:

• Improved speed: The mobility between cloud models gives you greater speed and agility for innovation and speed to market. You don’t have to be limited to your private on-premises environment and can expand your workload quickly to test, prototype, and launch new solutions.
• Business continuity: The hybrid model helps reduce potential downtime and impacts in the event of a failure or a disaster. You get improved business continuity and can continue with business operations when you opt for the hybrid model as a backup option during interruptions.
• Improved security and privacy: Due to security restrictions or data protection requirements, few companies cannot operate only in the public cloud. This model provides an improved security model platform for mission-critical applications with sensitive data on-premises while you’re running the remaining applications in the public cloud.
• Improved risk management: You get more control over your data and improved security, which means you can reduce data exposure. You get to standardize cloud storage and implement stronger security controls to manage risk effectively.

The following are a few limitations to consider before choosing the hybrid model:

• Managing multiple vendors and platforms: You will have to keep track of and manage multiple vendors and platforms to have effective computing environments. Having runbooks, workflows, and processes with a good team understanding and effective coordination of vendors is a must to make sure your environments are running without interruptions.
• Hardware costs: The cost that’s associated with hardware procurement, setup, maintenance, and installation of the hybrid cloud infrastructure is high. Organizations will have to prepare for this upfront cost, as well as train their IT staff to cope with the cloud and on-premises expenses.
• Security: On-premises and the cloud require different approaches to secure your applications. Using a blend of public, private, and/or on-premises makes it difficult to be free of intrusion risks.
• Lack of visibility: Hybrid increases the number of environments that the operations teams need to keep track of and achieve a clear view of. Management becomes difficult if you don’t have a good understanding of the current infrastructure and operations, which leads to missed opportunities regarding potential issues.

Multi-cloud

Cloud providers recommend many design patterns to achieve high availability for applications running on the cloud. When you are using more than one cloud provider at a time to achieve high availability, you are using the multi-cloud deployment model. Companies may also use the multi-cloud option when they need a specific service from a CSP X and another specific service from a CSP Y.

The multi-cloud approach involves adopting a mixture of services from multiple cloud providers, sharing workloads between them, and picking services that meet specific business needs to achieve greater flexibility and reliability:

Figure 1.11 – Multi-cloud

The following are the advantages that businesses can reap while using the multi-cloud approach:

• Multiple best-in-class cloud providers: Each cloud provider has its strengths and weaknesses when it comes to providing features that you need to use for your applications. The foremost benefit of the multi-cloud strategy is the ability to take advantage of the unique best-in-class services that each cloud provider offers. You get to pick and enable your developers to focus on innovation and unblock any limitations that a specific cloud provider may have.
• Avoid vendor lock-ins: Many businesses worry about getting locked into a specific cloud provider or infrastructure and pricing model when using a single cloud provider strategy. You have greater flexibility in choosing the multi-cloud to leverage the best of the services that the cloud providers offer. You get to pick the vendor that has a specialized and evolved set of services.
• Risk mitigation and enhanced resiliency: Continuous availability is a key aspect for any business that runs mission-critical workloads. You get the option to run your applications and store data on multiple clouds to fall back on and restore in the event of a service outage.
• Flexibility and scalability: Multiple cloud vendors invest in a higher amount of space, security, and protection to offer a perfect place for your businesses to process and store information. With the right expertise at hand and having a good multi-cloud operations runbook, you can achieve greater scalability, which allows your applications to scale the storage or compute up or down based on the ongoing demand.

Although there are many advantages of using multiple cloud vendors, building and managing a multi-cloud architecture can have its downsides:

• Building the expertise: The need for cloud computing expertise is growing at a rapid pace. Many companies are having trouble recruiting cloud professionals that have the knowledge and skillset of a single cloud provider. It is a challenge to find network specialists, security experts, architects, and engineers that have expertise in multiple clouds. Within your organization, you will need to plan out how you will recruit the right workforce and develop their skill set on multiple cloud platforms to build, secure, manage, and operate your applications across multiple clouds.
• Cost tracking and optimization: Each cloud provider has a specialized set of tools and reporting platforms to help you manage the financial costs of your resources running on their cloud. Consolidating these costs and having a good handle on their pricing model to navigate through the math and pricing structures is recommended when you’re operating on multiple clouds.
• Increased complexity on operations: Many companies find moving to the cloud a long and daunting task. In addition to that, managing workloads on multiple clouds may add to the complexity if it’s not planned well. With your applications and their resources spread across multiple clouds, operational management such as patching, monitoring, logging, and backing up your resources are all details that you have to consider when planning.
• Security risks: It is important to understand the blast radius of security attacks when it comes to applications that are deployed on multiple clouds. Considering how well you configure, manage, alert, log, and respond to such security breaches must be accounted for. Many companies use third-party tools to manage their approaches on encryption keys, identity and access controls, and resource policies.
• Compliance: Creating a shared responsibility model with multiple cloud providers can be a daunting task. Simplifying how vulnerabilities are managed and solving compliance challenges can be a few drivers that can add complexity.

The community cloud

The community cloud, although less popular than the previously discussed models, is a hybrid form of a private cloud that has a similar architecture and the ability to use security and privacy controls. Organizations get to run their workloads on a shared platform where multiple consumers can work on projects and applications that may belong to specific industry segments. Businesses such as health care companies, financial institutions, governments, research, education, and even large manufacturing companies are ideal industries for community cloud environments:

Figure 1.12 – Community cloud

Let’s look at some of the advantages of adopting a community cloud strategy:

• Convenience and control: The community cloud offers the same flexibility as a public cloud environment and has the same security levels and privacy as a private cloud. This makes it accessible for a specific set of organizations and gives you much more confidence in the platform, as you can govern your applications with industry-tailored flexibility.
• Security and privacy: The community deployments are similar to that of the private cloud, where you can control security at more granular levels. This ensures that secure transactions align with regulatory protocols.
• Availability and reliability: Community clouds provide the same level of services to ensure the availability of your data and applications at all times. Replicating your data and applications in multiple locations enables you to implement redundant infrastructure for your critical applications where availability and reliability are topmost priorities.

However, there are a few concerns regarding the community cloud approach that you will want to identify and evaluate before adopting this model:

• Limited storage and bandwidth: Data storage and bandwidth are shared among other organizations, which limits the community members to a finite amount of data storage and bandwidth.
• Not a “one-size-fits-all” model: The community cloud approach is a new model that has recently started evolving as more and more businesses are finding a fit for their use cases. Small, medium, and large businesses must still evaluate this on a case-by-case basis, given that many public cloud providers are offering services that cater to the requirements of every business.

Comparison between the different cloud deployment models

The following comparison matrix shows how each model fairs when it comes to parameters such as security, risk management, reliability, scalability, and cost:

Table 1.1 – Deployment model comparison matrix

The preceding table can be used as a cheat sheet as you evaluate various deployment models and determine which model will be best suited for your business’s requirements.