Assuring Cloud Migrations

Author: Keshava Raju - Head of Solutions - NFV & Cloud Assurance, Spirent Communications

Almost all enterprise customers have deployed & operating the virtualized data center and they are in a path of transforming & consolidating their virtual data centers into the Cloud. This is also known as Application / Cloud Migration.

Cloudification offers tremendous benefits: greater agility, shorter time-to-market, lower costs, high on ROI and the potential to avoid vendor lock-in.  Enterprises chooses the right cloud adoptions based on benefits such as ROI, operational efficiency, performance of the applications, resiliency, better user experience, etc. Enterprises have a wide range of choices as to how they want to migrate, provision, and configure critical workloads in the cloud. However, as business applications migrate to the cloud, reliability, and performance become even more critical and for enterprises and NEMs, it is crucial to test the infrastructure that is moving from enterprise on-premises to the cloud – all with flexibility, stability, and improved deployment & provisioning.

Today, enterprises have a mix of cloud models – public (IaaS/PaaS/SaaS), dedicated, private and hybrid. Many enterprise applications and next generation services, particularly those that use Private 5G / 5G and SASE technologies span a mix of multi-cloud environments—edge clouds, private clouds, and increasingly public clouds.

Public cloudsoffer an increasingly attractive alternative for Communication Service Providers (CSPs). We are witnessing growing partnerships between service providers such as Reliance JIO, Bharti Airtel, Singtel, AIS, Telstra & many more with public cloud providers Google Cloud (GCP), Microsoft Azure and Amazon Web Services (AWS). These cloud providers are connecting their services directly to the 5G networks in the carrier’s data center. As carrier networks connect with public clouds, the public cloud edge is moving closer to the end customer.

Private cloudsare gaining traction, as enterprise invest in cloud-native networks to bring down the cost of running networks & services and avoid vendor lock-in. To gain consistency between their data centers and the edge in their private clouds, network providers are evolving from Virtualization (VMs) to Cloud-Native (Containers & Micro-services).

Testing the Cloud

If cloud infrastructure’s performance is poor, applications hosted on that cloud infrastructure cannot perform to serve better user experience.

Many case studies around the world has shown that app migrations are AS-IS or gets refactored or rehosted, in any case the application in the on-premises (platform A) was performing to deliver better user experience because the on-prem DC was tuned to offer high performance. But, the new target cloud (platform B) is a completely different & new platform and therefore the concern about their application performance in the target cloud is obvious to the enterprise customers. Application migration for every customer may pose challenges, such as; it can be time consuming or have performance issues in the target cloud, which could lead to roll back and risking outages.

While considering migration, decision makers need to be confident that public cloud infrastructure can handle intended workloads, and that latency on critical inter-application interfaces will not increase. In order to assure successful cloud migrations, it is necessary to have a solution capable of validating & assuring cloud infrastructure performance in multiple dimensions: compute, memory, storage, and network. With everything disaggregated, it is important to test at every layer of the cloud; testing approach must be considered from two aspects: horizontal and vertical.

Horizontal visibility

It is important to test each segment or domain individually (of the multi-clouds) and then assess the end-to-end service performance across segments. Without this visibility, it could take months to launch a service.  For this testing, cloud test agents (load generators) can be spun-up at key points in each of these segments to test individual functions, before they are put into the live network to make sure that the end-to-end services is working as expected and meets better user experience SLAs. Also, security vulnerabilities exist in every area: Internet, Data Center, SD-WAN, therefore, cloud providers and carriers need to validate the infrastructure of security operations, including functions that are inspecting traffic and enforcing policies.

Before running live traffic over these services, wrap-around testing techniques should be used to create incidences that will trigger these traps and send information to upstream monitoring and SIEM (security Information and event management) systems. The result is end-to-end visibility that includes assessments of performance and security concerns.

Vertical visibility

The vertical aspect is the one that poses a new challenge for cloud providers, as they move towards cloudification. The new world of cloud has layers from different vendors. What’s more, the elements of the stack could be swapped out at any time and therefore require constant testing. Test and assurance isolate the different layers using virtualized & container-based test agents and methodologies. Test agents can surround the virtual/container application to test the function itself, or replace the VM/container, mimicking the load of the VM/container application to assess the performance of the infrastructure components. Here, too, being able to instantiate test agents helps to understand if each layer is performing its function well enough to deliver the SLAs needed.

The network security paradigm is changing, too. In the cloud network, traffic flows do not necessarily pass through a perimeter which serves as a location for security controls. In response, new means for achieving the desired security controls are evolving. For example, networks are shifting to distributed models with security localized and optimized to protect the resource, and all of this leads to a new attitude towards building the network. Service providers are now adopting continuous integration and continuous delivery (CI/CD) practices, converging labs, pre-production & production networks.

Automation and Analytics

Automation is the next important aspect of the solution. Continuous integration, continuous testing, and continuous delivery (CI/CT/CD) methods enable and deliver the agility that is a key ingredient for success. There needs to be a closed-loop analytics platform that can ingest and understand the performance of the entire cloud network that is delivering the service to the customer. Test platform leverages ML and AI techniques to tie together all the network data from various sources, proactively predict service degradations, pinpoint root causes, and drive remediation actions. By turning data into actionable insights rapidly reduces mean time to repair (MTTR) and unnecessary escalations. Agile, automated testing and assurance solutions provide a roadmap for exploiting the advantages of cloud networks, while navigating the complexities of the hybrid cloud environment in the race to deliver a secure and quality experience to customers.