Digital Systems & Technology

Accelerating Time-to-Value Through Hybrid Cloud Automation Reusable design patterns and automated workflows can cut costs and speed deployment. Here’s how to get started.

Executive Summary In search of lower costs and greater operational agility, businesses are hosting ever more workloads on virtualized compute, storage and network resources in the cloud.

By 2020 more than 90% of enterprises will use multiple cloud services and platforms, according to market researcher IDC. 1 More than half of those surveyed by cloud management software provider RightScale plan to use hybrid (public/private) clouds that can offer greater control and security for critical data or applications.2

But without the proper tools and processes, moving to the cloud can saddle the business with a sprawl of

expensive, hard-to-manage and insecure assets. Getting the most value from a move to the hybrid cloud requires:

❙ Proper end-to-end provisioning of workloads across the enterprise to assure they are sized, priced and managed to fit the needs of the business.

❙ A common management platform to give the organization a comprehensive view of price, performance and security across cloud providers.

❙ Agile and automated provisioning of workloads using standard design patterns (organization approved configurations for platforms such as Web servers

Cognizant 20-20 Insights

September 2019

and database servers) to cut the time and cost moving workloads to the cloud.

❙ Consistent, centralized and automated security controls, such as hardening, patching, anti-virus and intrusion detection/prevention.

Manually performing all these functions for each cloud deployment can eliminate the very cost and agility benefits organizations hope to gain from this computing model. While public cloud services have automated much of their internal provisioning processes, they have failed to extend such automation to their customers’ systems and processes, or to workload migration and management across multiple public and hybrid clouds.

In our work with leading enterprises, such “customer-side” automation have cut deployment times from weeks to hours, slashed total cost of ownership by as much as 40%, and provided cross-cloud monitoring and management through a single platform as well as a real-time dashboard that revealed the types, quality and cost of the cloud services users consume.

This white paper describes how automating hybrid cloud migration and management can deliver lower costs and greater flexibility. This results in the following business benefits:

❙ High levels of automation and standardization across infrastructure as a service (IaaS) and platform as a service (PaaS) environments to significantly reduce infrastructure provisioning times.

❙ Average time to provision a new server can be reduced from as long as 12 weeks to as little as one hour for simple patterns and less than a day for more complex patterns, making new servers available more quickly and reducing the cost of provisioning and charging for them.

❙ Faster development and deployment cycles for products and services to increase organizational competitiveness.

Finally, we provide actionable tips for getting started.

Cognizant 20-20 Insights

2 / Accelerating Time-to-Value Through Hybrid Cloud Automation

Cognizant 20-20 Insights

3 / Accelerating Time-to-Value Through Hybrid Cloud Automation

Where cloud automation falls short Leading public cloud providers have taken most of the manual work out of tapping their compute, network and storage resources. With a corporate credit card, any user can quickly create and use internet-based web, application or database instances, such as those needed for e-commerce or for DevOps (combining development and operations functions to speed applications and services to market) along with the storage and networks they require.

Public clouds offer predetermined “T-shirt sizes” for commonly requested combinations of resources, as well as robust tools for defining and monitoring cloud workloads. For example, Google’s Cloud Deployment Manager lets customers specify the resources needed by an application using the YAML3 language to create configuration files. AWS CloudFormation provides a common language for describing and provisioning infrastructure resources in the cloud. Azure Monitor provides performance and utilization data, activity and diagnostics logs, and notifications from Microsoft’s public cloud platform.

But such tools fail to automate much of the work businesses must perform in their own environments to make the most efficient use of

the cloud. This includes integrating their internal systems and processes for authenticating users, securing assets, tracking expenses and monitoring system performance with hybrid clouds. Nor do public cloud providers make it easy to bring their own management functions to the hybrid clouds most enterprises are adopting.

In addition, each provider’s automation tools are proprietary and do not easily interoperate with those used in other public clouds or in hybrid clouds. This means making use of multiple clouds or automating deployment across landing zones within a single cloud provider. These approaches require expensive integration efforts or entail managing multiple clouds through different user interfaces. Either path makes it much harder to get a holistic view of everything from cost to performance to security.

This lack of automation imposes real costs on enterprises. RightScale survey of cloud users found that only a minority have implemented automated policies to optimize cloud costs, such as shutting down unused workloads or selecting lower-cost clouds or regions.4 Conversely, a lack of automation impacts organizational agility, potentially resulting in business disruption from competitors.

Public clouds offer predetermined ‘T-shirt sizes’ for commonly requested combinations of resources, as well as robust tools for defining and monitoring cloud workloads.

Cognizant 20-20 Insights

4 / Accelerating Time-to-Value Through Hybrid Cloud Automation

How automation can help

Hybrid cloud customers can use automation in many ways to reduce costs and maximize agility. They can automate pre-provisioning workflows such as budgetary and security approvals, determining if a user has the right to access the requested resources and assuring the resources provisioned in the cloud meet all applicable business and technical requirements. They can

also automate post-provisioning tasks, such as integrating the cloud with directories that track users and other assets, system monitoring, patching and accounting systems, and third-party security monitoring and penetration testing tools and services. To make the cloud as easy and inexpensive as possible to use, they can deliver cloud resources as an easy-to-consume item in their service catalog (see Figure 1).

Each provider’s automation tools are proprietary and do not easily interoperate with those used in other public clouds or in hybrid clouds. This means making use of multiple clouds or automating deployment across landing zones within a single cloud provider.

Figure 1

How automation reduces cloud management cost and effort Manual steps eliminated by automated hybrid cloud management.

SINGLE USERINTERFACE

CURRENT/TRANSFORMED STATE ~ THREE DAYS

PREVIOUS STATE ~ 45-60 DAYS

PROCESSWORKFLOW

COMPLEX TASKS AUTOMATED

POSTPROVISIONING

ONE-TOUCH AUTOMATION

Service Catalog >ARM/CloudFormation Template > PowerShell > Puppet >IaaS/PaaS

ServiceNowtriggers tasks to the approvers (with SLAs, escalations & reminders).

ServiceNow, ARM/CFN/VRAtriggers automation in cloud platform.

End user fills a cloud IaaS Provisioning Service Catalogue.

PROVISIONING AUTOMATION

PowerShellBootstrap script joins the device to domain and installs Puppet.

POLICY AUTOMATION

Puppet/GitHubAutomates all post- provisioning tasks.

WORKFLOWAUTOMATION

INFRASTRUCTUREDEVOPS

Process CompletionEmails the user the details & sets the ticket status to be resolved in Service Now.

End user fills a non-standard request.

Set the ticket status to resolve in ServiceNow.

TSR gets created and assigned to a queue.

Team chases for all the required approvals.

Team creates new request to cloud team once all approvals are in place.

Cloud operate team does the provisioning.

L1 L1 L1 L3 L1 L3 L1

End user raises multiple new requests to get access.

Platform team works on post-provisioning tasks.

Email the ticket requestor with the details.

Decision to be taken leading to additional activities in sequence

Cognizant 20-20 Insights

True customer-side automation would:

❙ Allow users to choose and integrate their choice of commercially available and proprietary application monitoring, management, provisioning and metering tools.

❙ Provide automated end-to-end self-service provisioning that masks the dozens of required steps (such as the choice of the proper security

zone and enforcement of server naming conventions) behind a single click.

❙ Create and maintain an automation catalog that offers users a range of preconfigured design patterns (see Figure 2) designed to meet various business needs.

❙ Address critical needs for security and ongoing cost management.

Services

Provisioned Cloud platform(s) Automated processes.

Server

Azure Single VM Deployment

Automatically provision a VM (Windows, RHEL, CentOS, SLES) across multiple regions, meeting required SLAs.

Azure High Availability (HA) and DR

Automated provisioning of two VMs connected to an internal load balancer with ASR.

Azure Oracle DB (Active/Passive) on IaaS

Oracle DB in Azure VM (one in each region) with Data Guard to achieve near-real-time data replication across databases.

AWS HA instances across multiple regions

A set of EC2 instances provisioned on both regions connected via separate load balancers within the region. HA across regions achieved via a global traffic manager.

Network AWS Load Balancer Automated provisioning of AWS classic, network, and application load balancers.

Figure 2

How cloud design patterns speed applications & services to market

5 / Accelerating Time-to-Value Through Hybrid Cloud Automation

Hybrid clouds can’t begin cutting your organization’s costs and increasing its agility until workloads are migrated and integrated with existing management, security and chargeback platforms and processes.

6 / Accelerating Time-to-Value Through Hybrid Cloud Automation

Automation: Getting started Hybrid clouds can’t begin cutting your organization’s costs and increasing its agility until workloads are migrated and integrated with existing management, security and chargeback platforms and processes. Automating these processes requires understanding and meeting the full range of management, financial and security issues the cloud raises for customers.

Based on our work with leading organizations worldwide, our recommendations for embracing automated hybrid cloud management include the following actions:

❙ Create reusable automated workflows for common processes such as approval and access control.

❙ Minimize the number of blueprints and canned images included in common cloud workloads to optimize management and governance overhead. This might involve, for example, limiting the number of Linus blueprints to include only RHEL, SUSE Linux and CentOS, and limiting Windows blueprints to Windows Server 2012 and 2016. Other required functions or features can be easily provisioned in a modular fashion on the base image.

❙ Use automated tools for provisioning and configuration of all management agents during the “post-provisioning” stage. For example, install monitoring, antivirus, backup and patching agents, and associated configuration activities, using a configuration management tool. Similarly, automate activities for service account creation, assigning permissions, etc. as part of the overall provisioning request itself.

❙ Create an efficient pipeline to reduce the time required to create, deploy and manage infrastructure as code. In a client situation, we used the GitHub code repository, the Jenkins open source automation server, Artifactory repository manager and the Puppet software configuration management tool that uses “infrastructure-as-a-code” principles to provision infrastructure in an agile fashion.

❙ Automate processes not only within your organization but with third parties such as cloud providers. For example, use API calls to integrate with third-party providers responsible for role-based access control and network provisioning.

Cognizant 20-20 Insights

Cognizant 20-20 Insights

7 / Accelerating Time-to-Value Through Hybrid Cloud Automation

Cutting costs, increasing agility for a UK energy utilityOur Automated Platform, an integrated automation ecosystem, helped a UK-based utility increase its agility and cut its costs to better compete with nimble, digital-only competitors. The company had been restrained by the lack of a single management platform across its multiple private and public clouds and the manual effort required to create, manage, secure and troubleshoot thousands of servers and platform-as-a-service instances.

We migrated and digitally enabled roughly 130 business services, freed IT personnel from routine functions through automation and a simplified converged infrastructure, and enhanced security through managed controls and services across the public and private cloud. Our Automation Platform enabled greater agility and faster turnaround through automated builds and approval workflows, automated deployment of monitoring, and configuration and security controls, as well as complete high availability and disaster recovery.

This allows the utility to:

❙❙ Cut operating costs and manage spend more efficiently and proactively by monitoring multiple clouds in real time through a single platform with advanced analytics of performance and chargebacks.

❙❙ Reduce downtime and support costs through automated incident creation.

❙❙ Reduce time-to-market for new services and increase application reliability by allowing users to create their own cloud instances with a single click from more than 35 fully automated standard design patterns.

Quick Take

Endnotes1 ‘IDC FutureScape: Worldwide Cloud 2018 Predictions’ Oct 2017 - IDC FutureScape – Doc #US42014717, https://www.idc.

com/research/viewtoc.jsp?containerId=US42014717.

2 2 RightScale 2018 State of the Cloud Report, https://www.suse.com/media/report/rightscale_2018_state_of_the_cloud_report.pdf.

3 3 YAML is a human-friendly data standard for data serialization, which translates data structures into a format that allows them to be stored, transmitted and reconstructed in different computing environments.

4 4 Op cit. RightScale 2018.

Cognizant 20-20 Insights

Getting the most from the cloudOrganizations move to elastic, on-demand cloud environments to cut costs and speed new products and services to market. But without proper automated tools and processes, they can find themselves spending too much money and time managing a mix of on-premise and public clouds.

Automated workflows and standard system images not only cut management costs, but allow users to provision their own systems while meeting corporate cost, security and other requirements.

8 / Accelerating Time-to-Value Through Hybrid Cloud Automation

Cognizant 20-20 Insights

9 / Accelerating Time-to-Value Through Hybrid Cloud Automation

About the authors

Mohit Mehta Vice President, Cloud and Infrastructure Services

Mohit Mehta is a technology thought leader in Digital Systems & Technology, and currently heads Cognizant’s Cloud & Infrastructure strategic business unit in the UK and Ireland. Mohit has extensive experience in managing, structuring and advising on business transformational initiatives within digital systems and technology, including enterprise cloud transformation. His previous experience includes incubation and growth of Cognizant’s Technology, Media & Communication business in UKI and serving as a market maker for large transformation deals for another global services company. Mohit can be reached at Mohit.Mehta@cognizant.com | www.linkedin.com/in/mehtamo/.

Sreekanth Sreekumaran Nair Associate Director, Enterprise IT Automation

Sreekanth Sreekumaran Nair is an automation evangelist at Cognizant, with primary experience in consulting, architecture and design of public cloud, cloud automation, ML/AI platforms, service assurance and application performance management tooling solutions. With 14 years of experience in digital systems, technology and automation, he has a bachelor’s degree in electronics and communications engineering from Kerala University, India. Sreekanth can be reached at Sreekanth.Sreekumar@cognizant.com | www.linkedin.com/in/sreekanthsreekumar/.

© Copyright 2019, Cognizant. All rights reserved. No part of this document may be reproduced, stored in a retrieval system, transmitted in any form or by any means,electronic, mechanical, photocopying, recording, or otherwise, without the express written permission from Cognizant. The information contained herein is subject to change without notice. All other trademarks mentioned herein are the property of their respective owners.

Codex 4840

World Headquarters

500 Frank W. Burr Blvd.Teaneck, NJ 07666 USAPhone: +1 201 801 0233Fax: +1 201 801 0243Toll Free: +1 888 937 3277

European Headquarters

1 Kingdom Street Paddington Central London W2 6BD EnglandPhone: +44 (0) 20 7297 7600 Fax: +44 (0) 20 7121 0102

India Operations Headquarters

#5/535 Old Mahabalipuram RoadOkkiyam Pettai, ThoraipakkamChennai, 600 096 IndiaPhone: +91 (0) 44 4209 6000Fax: +91 (0) 44 4209 6060

Digital Systems & Technology Consulting Cognizant’s Digital Technology Consulting (DTC) Practice provides advisory consulting infused with cross-functional capabilities to enable enter-prise-wide digital transformation. DTC’s core capabilities span the software and platform landscape. We leverage Agile/DevOps, security and automation to enable businesses to unlock digital capabilities across their front, middle and back offices. Our objective is to help clients eradicate release weekends by enabling continuous delivery. This ultimately helps them to achieve improved end-customer experiences, lower operating costs, improve time to market, enhance operational stability and create a happier workplace. To learn more, visit us at www.cognizant.com/consulting.

About Cognizant Cognizant (Nasdaq-100: CTSH) is one of the world’s leading professional services companies, transforming clients’ business, operating and technology models for the digital era. Our unique industry-based, consultative approach helps clients envision, build and run more innovative and efficient business-es. Headquartered in the U.S., Cognizant is ranked 193 on the Fortune 500 and is consistently listed among the most admired companies in the world. Learn how Cognizant helps clients lead with digital at www.cognizant.com or follow us @Cognizant.