Why abstraction and automation are critical to hybrid IT
Hybrid IT breeds complexity.
There’s no doubt that hybrid IT is already a reality for enterprises. The new research we carried out through 451 Research found that large organisations today are using every kind of hybrid IT:
But this is just the tip of the iceberg. It doesn’t mean organisations have six different sorts of IT to co-ordinate. They have multiple instances of each kind, based on different technologies, from different vendors. And each platform has a different way of doing things.
The last thing an organisation wants, is to have to do provisioning, operational management, and reporting in a different way for each kind of IT it wants to use. That would be far too complex, and the extra costs would probably cancel out the advantages.
Abstraction reduces this complexity
Abstraction simplifies the problem by separating generic functions from the specifics of the underlying infrastructure.
It allows common elements to be handled in a consistent manner regardless of the workload they form part of, or the platform they’re running on.
With abstraction, you write rules once in the universal language of open APIs and put them in libraries so that all your different kinds of hybrid IT can understand and act on them.
This makes the issue of orchestrating many different kinds of physical and virtual infrastructure, from different vendors, much simpler. And crucially, it avoids the problem of getting locked into one vendor’s way of doing things.
An example of abstraction
A good example of a common element that can be abstracted to work more easily across many operating environments is identity management.
Enterprises generally prefer systems access rights to be based on their central directory. This sits behind their walls, on their security, and is the ‘one truth’ about who everyone is, what their corporate login details are, and what resources they’re allowed to access.
But different types of cloud and physical IT each need to be told in a different way how to execute those instructions. To avoid having to create individual instructions for each of them, you can federate identity management across them all.
At Dimension Data we use a capability called Service Layer to listen to the enterprise’s Active Directory, notice any additions or changes, and automatically execute workflow processes to provision access across all the venues involved.
Benefits of automation
Once you’ve abstracted your common processes, the next step in getting hybrid IT to deliver the speed of execution you desire, is to automate them.
Automation accelerates execution and reduces operating costs, but it also helps ensure compliance and lowers risk of error. Our approach at Dimension Data is to automate as much as possible:
- Discovery – the existence and condition of assets in the estate
- Provisioning – orchestrating multiple clouds and physical on-premise infrastructure
- Operational management – monitoring, incident diagnosis, ticketing, and vendor liaison
- Security – vulnerability scanning, hardening, analytics, and reporting
- DevOps – the development, testing, and releasing of continuous software enhancements
- Migration – the process of moving a workload from one deployment model to another
In addition to the obvious advantages, automation also brings its own challenges. The skills it calls for are different from traditional operational management, and it can require – and indeed trigger – cultural change within the IT department.
Approaches to automation
When we began developing our own abstraction and automation capability over three years ago, we took what turned out to be a far-sighted decision to base it on a micro-services architecture.
Our platform consists of lots of micro-services interconnected by APIs. The level of granularity at which we abstract makes it very easy to integrate new technologies as they come out, without having to rewrite the platform.
Abstraction aids competitiveness
We help financial services company, Alexander Forbes, meet their customers’ ever-changing demands, by providing their IT as a managed service using an automated abstraction layer with a micro-services architecture.
Watch their story.
The alternative to a platform approach, would be to integrate several dozen different point solutions. The trouble with that is these point solutions, by definition, are specific to a particular product or vendor. So if you wanted to move clouds, you’d have to build it all over again.
Do it once and for all
Most enterprises today have pockets of Azure, Amazon Web Services, and other public cloud providers, all of which are orchestrated in different ways.
For example, AWS uses a proprietary tool called Cloud Formations which only works for AWS, not Azure, any other clouds, or physical IT. Using it tends to indoctrinate developers into doing things the AWS way, which then makes it harder to move to another cloud provider later.
Vendor lock in is to be avoided, as it puts you at risk of price change, technical stagnation, or strategic misalignment with your supplier. It undercuts the very reason you turned to hybrid IT in the first place: the freedom to use whatever service makes commercial and operational sense at the time.
Partnering with an impartial integrator with an existing abstraction and integration capability gets around the disadvantages of either over-commitment to a single vendor, or having to develop your own capability. It’s quicker and cheaper to get going, more efficient and economical to operate, and if you want to change clouds, it’s easy.