Come for a group discussion and sharing on challenges in moving to the cloud and ask questions about moving to the cloud.
If you're in RWC, join us in Cardinal Hall C314, across from the 3rd floor lounge.
Not naming names, but including business unit for identifier. Current pain points:
ISO: pushing towards containerization, pain point: high cost. Entire hardware spend annually due to 100% utilization tools. For infrequent workloads, cloud is quite good.
VPUE IT: moving into AWS. Working with TCG for consultation of moving into cloud.
Java Developer: want to know what kind of challenges when moving into the Cloud.
SHC/TDS/SOM: On prem infra that's not part of app. Eg: src control, build servers. App runtime dependencies to on-prem resources(eg: LDAP)
Internal Audit: Controls - how is cloud readiness evaluated.
1st topic: Cost
Lift and shift with known, steady usage may not necessarily be cost effective. But a green field app may use cloud native primitives to rearchitect and archive savings that way. Does require actual dev work. Feed back from GSB: many data sync processes would cost more in cloud due to data storage costs and processing costs.
Be aware that there are commitment discounts in cloud, to the tune of ~40% cost savings for VMs.
Q: Are there hidden costs?
A: Keep an eye on instances, in case malicious or forgetful parties spin up and not spin down.
Perhaps non fiscal? Develop more devops model and become responsible for operational aspects that another team used to take on.
Rearchitecting the application to take advantage of cloud natives (serverless functions/micro-services) is another cost
Q: When moving to cloud, does the application require significant code rewrite?
A: It depends on the application itself. Lift & Shift is no code change, but may not be cost effective in cloud.
2nd topic: Security Concerns
Similar to on-prem, but have a new attack surface on the cloud control plane. There will be new tools for security. Because cloud is so easy to start, people often neglect the security aspects. A lot of compromised cloud systems because people just don't know to take security into account.
Caveat: if adopting modern devops workflow, there's additional factor of the AWS credentials on the dev's workstation.
From ISO: New tool (Wiz) that will help in detecting security issues in cloud.
Be aware that the cloud user themselves would be the security engineer.
Feedback from UIT ET: Cloud is cheaper and more efficient for their usage (adding workloads into an existing Kubernetes cluster), but more upfront effort to adopt due to rearchitecting.
Q: Are there private networks talking to cloud?
A: VPN tunnel to connect an application to SOM's network. When needing to set up the tunnel, please find a networking expert. UIT Networking does provide a prepackaged offering for site-2-site VPN to AWS. Not so prepackaged for Azure but still there as an offering. And TBD on Google.
Feedback from UIT ET: Most expensive aspect (for them) is the storage (GCP NFS/Filestore offering due to minimum of 1TB allocation).
3rd topic: Cloud Readiness
Q: How do you determine cloud readiness?
A: Service Center: Decide what you're trying to get out of the migration. Look at the cloud offerings and what's attractive.
ISO: What on-prem services do you rely on, and can it be managed from the cloud?
ET: Learning of how infrastructure is pieced together. eg: IaC (Terraform)
Q: How did you get buy-in to move to cloud?
A: SOM: on-prem was collapsing on its own weight, won't meet customer needs. Big draw: GCP Big Query. No longer worry if data is processed in timely fashion. However did have high bills in beginning. Beware: Big Query has different pricing models.
More Cloud Conversation
- #cop-cloud channel on Slack
- Weekly Office Hours: http://tcg.sh/oh
