What is a public cloud?

Public cloud refers to on-demand computing services that are managed by third-party providers, shared by multiple customers, and are accessible via public internet or private network connections.

Why use a public cloud

Enterprises are turning to public cloud for business transformations. Compared to private cloud or on-premise data centers, public cloud provides the following advantages:

• No upfront cost, and instead, a pay-as-you-go cost model
• No maintenance on facility, hardware, networking, and virtualization technologies
• Instant access to global network data centers
• Scalability and elasticity to have organic growth or shirk off workloads on demand
• Having access to the latest technologies which are unavailable in private cloud or on-premise due to resource constraints

How public clouds work

Public cloud service providers (CSPs) have multinational, high-bandwidth redundant networks connecting data centers across the globe. Underlying resources, such as compute, storage, and networking, are logically isolated to all customers, presented as virtual resources. This type of sharing is called multi-tenancy. 

Public CSPs may operate in locally separated locations within the same geographic region. These locations are called availability zones. Each availability zone is inter-connected with high-speed, low-latency networks composed of one or more highly available physical data centers. Using multiple availability zones in the same region gives application resilience within that region.

Enterprises choose public cloud regions and availability zones based on their proximity and data residency compliance requirements.

Examples of public clouds

Every day, we interact with emails, files, and streaming content that are stored in the public cloud, like when we send messages on Gmail, or share and save files on OneDrive, or watch movies on Netflix.. 

Even when interacting with virtual assistants (eg, Alexa), your question is uploaded to the cloud and sent to an ML/AI algorithm that may use severless computing to perform the search on your behalf, before playing it back to you.  All of this happens in applications developed in the public cloud.

Public cloud deployment models

The three most common public cloud deployment models are:

• Infrastructure-as-a-Service (IaaS): CSPs take care of physical data centers, facilities, networking, servers, storages, etc. Public cloud IaaS provides virtualized computing, storage, and networking which are similar to on-premise virtualization environments. For enterprises with on-premise data centers, lifting and shifting existing physical or virtualized servers is usually the first step when moving to the public cloud. This deployment model also provides full access to the operating system if required. Occasionally, CSPs may provide direct access to underlying hardware (bare metal), but most other times, IaaS refers to virtualized environments.
• Platform-as-a-Service (PaaS): Like IaaS, CSPs take care of physical data centers, facilities, networking, servers, and storages. Unlike IaaS, CSPs also take care of operating systems and provide a platform (developing tools, database management, business analytics), so application developers could focus on building, running, and managing codes, without the worry of low-level details, such as OS, platform, hardware patching, updates etc.
• Software-as-a-Service (SaaS): This refers to software applications hosted in the cloud. Users access SaaS applications via a web browser or via an API and only have control over their own data.

Public cloud providers

These are the major public CSPs:

• Amazon Web Service (AWS)
• Microsoft Azure
• Google Cloud (GCP)
• Oracle Cloud (OCI)
• Alibaba Cloud

Pros of public clouds

Time to market

Public clouds have very low entry points. Anyone with a credit card can instantly create their cloud environments and spin up resources to provide immediate access to the internet. Oftentimes, CSPs even provide a free usage tier of services to entice developers to have a test run of their application and further reduce frictions towards cloud adoption. Public cloud providers take care of physical data centers, hardwares, and virtualization softwares, which would all take time and effort for an enterprise to establish and maintain. In turn, public CSPs offload all these burdens to help their customers start deploying applications that actually matter to business value.

CapEx and OpEx

Public cloud is well-known for its pay-as-you-go pricing model. PAYG is attractive because it spares businesses from paying capital expenditure (CapEx) to acquire real estate, hardware, networking, and virtualization software to establish your own data center. Enterprises would also have to hire an operational team to handle the maintenance of all these facilities 

As for operating expenditure (OpEx), you will only need to pay this for the duration of the resource lifecycle. For example, if you create a virtual machine in a public cloud and stop it after three hours, you will only need to pay for three hours of computing cost (and potentially a data transfer fee).ut if you keep the virtual machine, you will have to pay for persistent costs, such as disk storage and public IPs.  If you choose to delete the virtual machine and any related resources, then you will no longer need to pay any more. 

For long running workloads, public CSPs normally offer reserved term pricing that you pay ahead of time per month, year or per couple of years. The longer the commitment, the lower the overall cost. Many businesses prefer OpEx than CapEx due to easier accounting and its fully tax-deductible nature.

Scalability and elasticity

Public CSPs usually have the resources to create cross-multinational, high-speed connected data centers and acquire hardware that leverages the advantage of volume purchase. Public cloud customers will have immediate access to all these data centers around the globe that have unparalleled capacity. Due to the use of virtualization technology, all public cloud customers are sharing these pools of resources. Since not all customers will use peak capacity of the resources simultaneously, the loads are shared between customers, giving them the flexibility to scale out when needed, and scale back in when usage drops. These types of elasticity work wonders when combined with the PAYG pricing model.

Access to cutting-edge technologies

Public cloud gives customers immediate access to some of the latest technologies which are normally impossible to obtain on-premise due to resource constraints and complexity. Examples of these technologies include machine learning, artificial intelligence, and Big Data analytics. Since all these services are frequently updated by the CSPs, customers will have early access to all the innovations.

Automation and DevOps

Public cloud providers give customers the ability to programmatically create and maintain resources in the cloud, either via a REST API or some type of domain-specific language, such as CloudFormation for AWS, or ARM or Bicep for Azure. Many enterprises adapt to multi-cloud and choose cloud-agnostic tools such as Terraform or Pulumi. These Infrastructure as Code tools help create a prescribed environment that can be used as a template to quickly launch a landing zone for SaaS providers. 

Cons of public clouds

Loss of visibility and control

Public CSPs handle the underlying hardware, virtualization software, and networking of multi-tenant shared environments. This means you are losing some of the common tool sets that are familiar in the on-prem environment, such as ping, traceroute, and packet capture. Some cloud routes have system routes, and effective routes can only be evaluated on a running instance; there’s no way to get an effective route from PaaS services that are not relying on a running instance. 

Different CSPs have different tools to collect logs and metrics, which could be costly and missing vital data for in-depth analysis. To make sense of it, customers have to build a complex data analysis framework around the raw data. Commonly, there are minutes of delay between data ingestion to data ingestion to analytics tools, which further delays mean time to resolve or mean time to innocence. This effect is compounding exponentially when dealing with multi-cloud.

Lack of common architecture

Although public CSPs tend to be conceptually similar and provide similar features, the building blocks of each provider are different. Each CSP publishes their own reference architectures, which have different features and results. This creates a captive effect, meaning an application developed in one cloud could get locked in due to architectural differences. When there is an innovative design in networking, this normally results in a rearchitect and redeployment of the entire networking stack.

Talent gap

Enterprises are struggling to hire, train, and retain staff that know how to build and manage applications in specific clouds. For networking engineers that are comfortable with on-premise networking, when a business wants to get into various clouds at lightning speed, learning the differences between CSPs and keeping up with innovations that are not standardized is extremely challenging. Using an editor to create code, putting it into a repository, integrating it into the CICD pipeline, and participating in testing are normally foreign concepts to a networking engineer.

Security

Shared tenancy provides logical segmentation between public cloud customers, while private cloud and on-premise provide greater control over configurations and physical isolation. Public cloud may not be a good fit for companies that require stricter data compliance. In on-premise data centers, where the internet is perceived as unsafe, multi-tier firewalls could be deployed at the edge to protect internal trusted resources. However, the cloud’s networking architecture is inherently flat, and you are just one public IP away from the internet. 

Movement to the cloud has accelerated the zero trust principle, in which businesses must consider a multi-layered security approach. The move to public cloud also raises the following networking challenges: How do you encrypt traffic during transit for non-secure protocols? How do you segment traffic? How do you steer traffic towards next-generation firewalls in an active-active manner for thousands of subnets? How do you enforce intelligent ingress and egress security policies?

Cost

Much like tap water, if you let it run unchecked, you will end up with a huge bill. Public cloud providers each offer their own pricing calculation and cost monitoring tools, such as AWS Cost Explorer, Azure Pricing Calculator and Azure Cost Management, and GCP Cost Management. However, due to the huge number of service offerings, each service is charged differently based on different units of usage. This creates challenges for organizations that are using central billing and chargeback models. 

Enterprises must constantly monitor their cloud bills and re-evaluate their architecture to ensure balance between cost-effective design and features. Enterprises also need to consider hidden costs, such as long mean time to resolution due to lack of visibility and control. Other costs include hiring and training staff who are specialized in different clouds, the added complexities of managing inter-connected clouds, and having to use multiple highly trained professionals to resolve routing issues.

Shadow IT and technical debt

Due to the skills gap and complexity of building a secure cloud environment, many enterprise ITs are lagging behind business initiatives. Projects may get rushed to be delivered on time, which results in a poorly designed, unsecure environment that creates technical debts which accumulate overtime. And sometimes, business units will simply swipe the credit card and spin up their own cloud environment, entirely bypassing enterprise IT policy and management and again, leading to technical debt.

Multi-tenancy

While public cloud providers have huge data centers, all the resources are shared amongst its customers. This means noisy neighbors can affect sustainable performance by taking away these resources.

Centralized Management

Each public cloud provider creates a different management panel, utilizing different tools and different views; these may require host-level agents to be deployed to obtain necessary metrics and logs. For enterprises going to multi-cloud, having to jump between management panels, or even having to have separate teams to manage individual clouds, would be costly and inefficient.

Aviatrix is built in the cloud, for the cloud, and addresses many of the challenges our customers are facing during their cloud journey. To learn more about how Aviatrix helps our customers speed up their cloud adoption, schedule a demo with us.