Search
Cloud architecture decisions made today will shape the future of an enterprise for years to come. As organizations manage their cloud journeys, finding the best way to architect their cloud environments is critical for success. When architected and implemented well, the potential benefits include mitigating risk, reducing costs, improving speed to market, and providing a strategic platform for growth. Organizations that are not strategic in their planning around cloud digital transformation risk losing out on efficiency, effectiveness, and return-on-investment gains.
Fundamental principles guide flexible and effective cloud architecture. A well-architected cloud should:
For building scalable and reliable workloads, service-oriented architectures (SOAs) that reuse software components via service interfaces save resources and effort. Today, organizations increasingly take a microservices approach to cloud architecture, moving away from monolithic architectures and instead breaking down applications into smaller, more specific components. A microservices approach provides independent deployments and scaling, and allows changes to be made to one component without impacting others. Right-sizing cloud environments that support systems and applications can reduce costs. To do this, organizations must monitor deployments and examine performance metrics to identify inefficiencies or excess capacity. Performance metrics can influence decisions about how cloud services should be changed or selected. Organizations can also use the cloud to implement advanced and emerging technology, like NoSQL databases, quickly. Serverless architecture services eliminate traditional web servers and host code so organizations do not have to manage physical assets.
Creating asynchronous interactions between loosely coupled IT components can further improve resilience. When systems do not need immediate responses from each other, using a proxy to create and consume events rather than having components directly interact with each other is more efficient and effective. Message queue systems and streaming data platforms are examples of these types of tools.
Cloud environments that recover quickly from failure use distributed system design, have strong recovery plans in place, and adapt to changing requirements. Reliable cloud environments institute mechanisms to automatically monitor and repair workloads, test how workloads might fail, and validate recovery procedures. To minimize disruption if workloads fail, cloud architectures should scale horizontally, perform auto-scaling when demand exceeds capacity, and modify infrastructure through automation.
Other design principles that help organizations better manage cloud environments include structuring workloads so they can be modified easily and iteratively. Small changes made iteratively reduce risk, failure, and disruption. In addition, practicing operations as code allows organizations to update and manage infrastructure and workloads just like they would their applications. Scripting operations procedures helps automate execution, allowing operational monitoring to follow events as they occur and respond in real time to resolve issues.
Organizations must design cloud environments to respond to potential failures without impacting workloads and services. Cloud workloads should be designed based on reliability requirements, and workloads requiring high reliability should have resiliency built in through architecture best practices.
When selecting availability zones or regions, location selection and design must ensure uninterrupted operations in the event of a failover. Some services, such as load balancing, auto scaling, and multi-region traffic routing, can assist with failover, and automated tools can perform remediation and resolution when failures occur. Organizations that create stateless services are better able to restart cloud environments when remediation is needed. There is a shift when performing restarts in the cloud, as entire resources should be replaced rather than fixed or troubleshot. Organizations need to provision enough capacity based on availability zones selected or designed. A good failover practice is building systems that are statically stable by provisioning enough instances in each zone to handle workloads if one zone goes down.
Data and system backup and restore also need to be architected based on an organization’s requirements. Defining disaster recovery (DR) strategy based on business requirements or service level agreements supports better architectures should a failure occur.
Organizations must implement a strong identity foundation by ensuring least privilege access to perform job functions and enforcing separation of duties with appropriate authorization for each interaction with cloud resources. Centralized identity management is an advantage.
Organizations should also have mechanisms in place that provide traceability of cloud workloads, such as monitoring, alerts, audit capabilities, and integration of log and metric collection with systems to automatically investigate and remediate. Many organizations use a defense-in-depth approach in the cloud, protecting data in transit and at rest like they would with on-premise security. Cloud service providers and other vendors offer automated security tools that enhance detection, investigation, and recovery in the cloud. Controls that are defined and managed as code are efficient, effective, and enhance scalability.
Common industry-specific and firm-specific priorities that drive architecture considerations include:
Project-specific considerations that impact the architecture and design of cloud solutions include:
An effective cloud strategy takes skillful planning, and architecture considerations should be an integral part of its development and execution. Each organization must determine its own journey to cloud transformation and strive to support the process immediately and in the longer term. Defining key priorities and understanding business drivers and needs are critical first steps, and architecture considerations should be based on these priorities.
The choices are daunting—from initial decisions around what aspects of cloud make sense for the organization to determining how to effectively manage organizational change, embrace cloud transformation, reduce disruption, and ensure optimal deployment. Successful transformation from on-premise infrastructure to cloud-based solutions requires expertise in solution architecture and cloud strategy, along with an understanding of the organization’s enterprise architecture standards and objectives.
Guidehouse is a global consultancy providing advisory, digital, and managed services to the commercial and public sectors. Purpose-built to serve the national security, financial services, healthcare, energy, and infrastructure industries, we collaborate with leaders to outwit complexity and achieve transformational changes that meaningfully shape the future.