Are you too late to go cloud native?
You’re never too late to choose a cloud native approach, no matter what stage of cloud maturity or digital transformation...
When working with cloud architecture, it’s important to see the world from different perspectives. In software development, we often use personas, and that works very well for cloud architecture as well. However, I tend to use views from different roles and their perspectives. In this story I will use three views.
Developers working against cloud environments are a de facto DevOps in the sense that they need programmable platforms for scaling, testing, availability, deployment etc. However most developers do not have years of system operations experience under their belt so it’s therefore important to remove things like networking from their view.
The network administrator role in the cloud is extremely important. At first glance it might seem that the role has become less important since you now can create complex networks with declarative infrastructure as code and the hyperscalers have virtually unlimited capacity. However a network is one unit ( mostly ) and trying to align multiple dev teams on network management is a recipe for failure. It is also not only a single vendor public cloud network, but very often also hybrid and multi-cloud. The role of the network administrator is to provide networking as a service, that should just be there for every use case.
The final view is that of the security architect. This view is all about ensuring and proving that all the controls are in place to be compliant with company security policy and standards.
As an example: the company network policy is:
Developer view on networking
Network Administrators view on networking
Security Architects view
A shared VPC makes it possible to separate the network´s control plane into its own project. This project is called the host project. Your workloads will run in service projects. A VM in a service project can place a NIC in a subnet belonging to a VPC in the host project. There are three controls that will decide:
Who in what project can use what subnet.
With just the shared VPC we have solved the following requirements.
Learn more at: nordcloud.com/multi-cloud/google-cloud-platform/
Let’s discuss how we can help with your cloud journey. Our experts are standing by to talk about your migration, modernisation, development and skills challenges.