SHARE
Cloud / February 21, 2023

Migrating to the Cloud: Architecture and Best Practices

This is a transcript of Episode 14: Migrating to the Cloud – Architecture & Best Practices from our podcast seriesNavigating the Cloud Journey.”

In the episode, Jim talks to head of software innovation at Veloce Energy, Arila Barnes. Arila has extensive experience in enterprise software and product management. She is an expert in edge computing and IoT solutions. 

Jim and Arila discuss edge/IoT computing, multi-cloud deployments, machine-to-machine Zero Trust, observability in the cloud, and much more.

Here are a few takeaways from the conversation with Arila. You can listen to the full podcast below.

Jim Mandelbaum: One of the things that comes up quite often … is the concept of edge computing and where that fits into things like Infrastructure as a Service.

Arila: Cloud computing is the new concept that has usually been challenging for me to explain. It started with the computer in the office, computers in the back office, the data centers, and now those data centers. For those computers are made available virtually to all of us through the concept of cloud computing. 

Now, today the new challenges as we bring in devices in factories that have never been connected before. Cars, EV chargers like, storage cabinets, solar panels, and so forth. It becomes interesting of, how you control those assets, how you collect information from them closer to the edge. And that’s where edge computing comes into play, is how close can we move the compute to the assets that we want to manage? And at the same time, keep that connection to the cloud, to the bigger compute power that it provides by leveraging a multitude of data centers behind the scenes. 

Jim: So, when we talk about the edge, moving to the edge, we’re really only talking not about changing what we’re doing in the cloud, but what we’re doing is trying to logically position the data closer to the device. 

Arila: No, the data comes from the device. It’s like positioning the compute and the management of the data closer to the device and figuring out, and that’s the art part, of what’s the best way of orchestrating and balancing what compute you need to do at the edge and what compute makes more sense to do in the cloud. And also, it’s like leveraging what we have learned. Of what companies like Amazon and Google have learned in building cloud services, especially with the advance of Kubernetes. How can you have that kind of management services for compute resources that closer to the assets at the edge, right? So, it’s like how do you manage those services? I can give you one example from AWS. They have this service now, EKS Anywhere. So, what you can do in the cloud, you can also do for your compute at the edge.

Jim: There’s a lot of people that are on the cloud journey somewhere along the way. And one of the things we talk about often is observability in the cloud.

Arila: I think it has become very important to start there as soon as possible versus as an afterthought. And I have some favorite tools that have helped me along in those kinds of scenarios. And I can list quite a few, like New Relic, Datadog, Lacework, and AutoCloud. They’re pretty easy to set up because they’re focused on exactly that, observing what you’re doing and focusing on collecting information that can help you have good visibility of what’s going on as you are building your cloud. Second, they can alert you to issues that happen behind the scenes. And in some cases, even prevent issues from happening in the future as they leverage machine learning AI behind the scenes as you interact with those tools. 

And like I said, one thing is to create the requirements for cloud system. Another to codify it as Infrastructure as Code, but you also need to be able to visualize it and see it. And one tool that’s in my toolbox, it has found a permanent spot, is AutoCloud, because it also gives you time snapshots as you make your journey on the cloud, and as things are happening and as your teams are reacting in that space. So that’s from a startup perspective. But I think at some point you’ll also have better tools like Gigamon and others. 

Jim: You talked about these observability tools, and what’s interesting is that we see a lot of folks that do this as an afterthought.

Let’s say I’m already in the cloud, I’m already moved there, but I haven’t started looking at observability yet.
How do I even begin?

Arila: I’ll tell you what I learned from AWS’s startup accelerator.

So, they partnered with us, and they recommended to try this tool nOps. So nOps is a free service that just does the well-architected framework analysis of what you have. So that’s like step one. Just like I mentioned, any tool, whether it’s nOps or others I mentioned that help you see what you have as you’re building it, it’s critical. And then depending on your resources, you can leverage your internal resources, like your architects, your engineering teams, to reflect on that information and come up with a plan — what’s next? Or you can engage cloud partners, whether it’s from AWS or Google or Azure.

So, I think that’s very important. Like I said, what I have learned is that starting there as soon as possible, as soon as you are prototyping, as soon as you are, like, trying out services to also have kind of that independent audit of observability in place. It’s an “aha” moment and really drives the message.

Jim: Observability clearly is the takeaway right now. We can’t protect what we can’t see, right? That’s the reality. And then we look at it from a security perspective, it’s around protecting what you can’t see, you don’t know what’s happening. But also think about all these people that are looking at Zero Trust initiatives. There’s so many that are focused on Zero Trust, and I know you have a background in that as well. And I think one of the interesting things with observability is how do you validate your Zero Trust project without having observability to validate that what you’ve done is actually working? So, I, I think that’s an important takeaway that a lot of us have. 

Jim: You’ve done a lot of development for the cloud. So, one of the things I find interesting is this risk-based or risk-averse base of moving to the cloud. How does somebody look at this and say, I’m going to do a lift and shift, or I’m going to modernize. There are these terms of rewrite or reskill my code. Maybe you can address that a little bit.

Arila: Sure. So, the cloud can be a very scary place because you’re no longer in control. Like it is, you’re delegating the control to the cloud providers. So basically, you’re trusting the data center, IT departments for the clouds, versus your own. It also gives you an opportunity to take advantage of highly skilled, highly motivated engineers that are always on the cutting edge and learning from not just your business but other businesses as well. And it also depends on the business objectives and what they’re trying to do with going to the cloud. Is it to reduce operations cost? Is it to reduce attrition? Is it to reduce challenge hiring talent? Is it to enter into new markets? Is it to accelerate innovations? And there’s different strategies in each of those scenarios. 

So, lift and shift, it’s what people will try to do when they want to minimize risk. That’s like baby steps. Okay, I’ll identify an application or workload and see how or what it will take to move it from my data center to a cloud. And iterate on that and learn from it and apply to other applications. So usually that’s just reducing the cost and preparing for the next type of strategies, whether it’s that I have saved money on compute and on IT staff, how can I modernize or transform my digital assets? 

And that’s a starting point that also gives opportunity to reskill your staff. So, you don’t need any more data administrators in your team because you’re not managing databases like you did before when you own the data center. However, those are highly skilled people that with reskilling, for example, in technologies around data engineering, can bring new value — unlocking data from various assets and providing new insights even faster than has previously been possible.

Jim: When we talk about Zero Trust, as we start looking at these machine-to-machine type communications that are happening, what are your thoughts on monitoring and how do you secure it? 

Arila: It’s actually, companies already thinking in that space. And I was fortunate enough to meet one in the open-source space, Teleport. And it’s providing the same concept around Zero Trust by providing identity for the machine. You want to always make sure you have identified the person or human interacting with the machines of the system. How you bring those same kind of concepts down to identifying a machine and making sure it’s authorized to interact with the other machine with the system. And that is very interesting to me in the energy space, as I mentioned, it’s a heterogeneous systems like Veloce provides, for example, storage and infrastructure. However, we want to work with many different manufacturers of EV chargers and how do we make sure we can trust, at the grid edge, all our partners do not create a vulnerability that can be exploited.

Jim: Yeah. And again, it’s, it all goes down to what you said. It’s the Zero Trust. I wanna say the trust but verify statement, right? It’s get observability…

Arila: I like that better. I actually don’t like the term Zero Trust because it goes against encouraging building relationships. As we build our trusted relationships, what’s the best way to validate at the speed of light and that’s where technology helps us under the no Zero Trust label. 

Jim: All right. I wanna thank my guest, Arila Barnes, today. Thank you very much. This was a lot of fun. Everybody: If you have any questions or you’re looking to reach out, I encourage you to go to the Gigamon Community. There is a podcast section where you can go to, and you can ask questions of myself or my guests. Arila, as a parting thing, are there any recommendations for our guests if they wanna learn more about what we were talking about? 

Arila: I recently came across a really cool book put together by Tracy Bannon. She’s a cloud architect focused on cybersecurity, and it’s called “Reinventing Cybersecurity,” and has the collective wisdom of a lot of other cybersecurity experts that look at that space all the way from cloud to edge and in between. 

Jim: Wonderful. I guess we’ll add that to the reading list. Thank you very much, and I appreciate you joining me. 

Resources

Featured Webinars

Hear from our experts on the latest trends and best practices to optimize your network visibility and analysis.

CONTINUE THE DISCUSSION

People are talking about this in the Gigamon Community’s Hybrid/Public Cloud group.

Share your thoughts today


Back to top