Multicloud Adoption Takes Hold in Higher Education

Multicloud Environments Have Advantages and Challenges

Maynard relies on Microsoft Azure, Amazon Web Services and a private cloud. Together, the clouds support a range of applications, with the private cloud providing disaster recovery. In addition to networking, Maynard points to security and cost control as further multicloud challenges.

With security integration among the varied cloud iterations, “there is additional complexity in the rule sets,” he says, and cost control likewise gets complicated when IT teams are tasked with managing use across multiple clouds. “It certainly is an issue, and you have to watch it very, very closely.”

At Penn State, Cloud Services Manager Rick Rhoades and his team rely on AWS, Azure and Google Cloud to run a variety of applications.

“We have people using the cloud for teaching and learning, administrative computing and research,” Rhoades says.

The challenge overall is visibility.

“First, it’s general resource visibility,” he says. “What’s in the cloud? Where is it located? Then there’s security visibility, granting our central security team better visibility into what’s going on in the cloud. The providers generate a lot of that data. It’s about getting all of that data from the different providers into a single pane of glass to allow the security teams to better manage alerts.”

There’s also visibility around cost.

"Budgets are tight across higher ed,” he says. “Where do we have opportunities to save money? Where are the opportunities for reserve capacity of compute and storage?”

At the University of California, San Diego, Executive Director of Enterprise Architecture and Infrastructure Brian DeMeulle also uses AWS, Azure and Google clouds. Like Rhoades, he points to visibility as the big hurdle, especially when it comes to managing costs in a multicloud environment.

“There was a lot that was just put on credit cards and other things. How much are we spending? We had an incident that involved a research group, and we had issues getting access to their accounts because it wasn't centrally managed,” he says.

Best Practices to Effectively Managing Multicloud Environments

These higher education leaders bring to the table a range of technology tools and best practices in their efforts to keep their multicloud infrastructures from sprawling out of control.

To address networking concerns, Maynard utilizes Border Gateway Protocol.

“That’s a dynamic routing protocol that interfaces at our firewall level and sometimes at an external routing level between the sites,” he says. “There’s a great deal of planning that goes into it when you’re running more than one cloud, and we’re effectively running three.”

Maynard has implemented a single-pane-of-glass management tool to consolidate security information generated by the cloud providers, and he uses a mix of AWS native tools and third-party applications to track billing week by week, or even day by day.

Automation tools also play a big role here. Maynard is excited about the possibilities inherent in products like AWS CloudFormation, Red Hat Ansible, Terraform and Azure PowerShell, all of which can ease IT efforts required to manage a multicloud environment.

“We are looking at the use of common automation tools across the environments, using them to build things both in private and public clouds, to stand up and tear down. The use of those tools is critical for that. It comes back to saving labor and doing more with less,” he said.

DIG DEEPER: Learn how to get started with multicloud governance.

Rhoades, likewise, is looking for what he describes as “cloud enablement tools” to help with various aspects of multicloud management.

“There are things like Flexera, Morpheus, VMware CloudHealth and Kion. These tools touch on all those aspects of visibility. They show you what you have in the cloud,” he says. “Some allow you to set a baseline security standard. They also give you insight into cost: Here are places where you can save money, places where you have compute instances that are underutilized, instances where there is an opportunity to resize or refactor your application.”

At UC San Diego, DeMeulle has implemented a centralized management scheme to ensure IT can effectively oversee the school’s various cloud deployments.

“In AWS, for example, we get requests for use of Amazon. Once those have been vetted and we feel they’re appropriate, central IT actually provisions the account and holds the root access to that account,” he says. “We hand the keys over, so to speak, to whoever will be using it, but we control it. If something were to go wrong, we can take control of the account.”

EXPLORE: How higher ed institutions are responding to Google storage limits.

Financial incentives have helped drive acceptance of centralized management. “In higher education, there’s indirect cost recovery, or IDC, which is overhead that is assessed against grant funding that comes in through research,” DeMeulle says.

“Researchers who agree to be centrally managed and provisioned do not have to pay this overhead charge on their grant money,” he says. “So, their money goes a lot further for them.”

Going forward, experts say, university IT leaders will also need to focus on the human element, ensuring they have the right mix of skills on board to support a multicloud environment.

“The cloud vendors have certifications, or ways for IT staff to demonstrate competency in a cloud environment. That’s a starting point,” says Internet2’s O’Brien. “The major cloud providers are a really good resource for cloud-specific training, but there is a gap in that multicloud or cloud-neutral training piece. I would always encourage people to start in a vendor-neutral place.”