0%

A comprehensive guide to architecting, managing, implementing, and controlling multi-cloud environments

Key Features

  • Deliver robust multi-cloud environments and improve your business productivity
  • Stay in control of the cost, governance, development, security, and continuous improvement of your multi-cloud solution
  • Integrate different solutions, principles, and practices into one multi-cloud foundation

Book Description

Multi-cloud has emerged as one of the top cloud computing trends, with businesses wanting to reduce their reliance on only one vendor. But when organizations shift to multiple cloud services without a clear strategy, they may face certain difficulties, in terms of how to stay in control, how to keep all the different components secure, and how to execute the cross-cloud development of applications. This book combines best practices from different cloud adoption frameworks to help you find solutions to these problems.

With step-by-step explanations of essential concepts and practical examples, you'll begin by planning the foundation, creating the architecture, designing the governance model, and implementing tools, processes, and technologies to manage multi-cloud environments. You'll then discover how to design workload environments using different cloud propositions, understand how to optimize the use of these cloud technologies, and automate and monitor the environments. As you advance, you'll delve into multi-cloud governance, defining clear demarcation models and management processes. Finally, you'll learn about managing identities in multi-cloud: who's doing what, why, when, and where

By the end of this book, you'll be able to create, implement, and manage multi-cloud architectures with confidence

What you will learn

  • Get to grips with the core functions of multiple cloud platforms
  • Deploy, automate, and secure different cloud solutions
  • Design network strategy and get to grips with identity and access management for multi-cloud
  • Design a landing zone spanning multiple cloud platforms
  • Use automation, monitoring, and management tools for multi-cloud
  • Understand multi-cloud management with the principles of BaseOps, FinOps, SecOps, and DevOps
  • Define multi-cloud security policies and use cloud security tools
  • Test, integrate, deploy, and release using multi-cloud CI/CD pipelines

Who this book is for

This book is for architects and lead engineers involved in architecting multi-cloud environments, with a focus on getting governance right to stay in control of developments in multi-cloud. Basic knowledge of different cloud platforms (Azure, AWS, GCP, VMWare, and OpenStack) and understanding of IT governance is necessary.

Table of Contents

  1. Multi-Cloud Architecture and Governance
  2. Why subscribe?
  3. Contributors
  4. About the author
  5. About the reviewers
  6. Packt is searching for authors like you
  7. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the color images
    5. Conventions used
    6. Get in touch
    7. Reviews
  8. Section 1 – Introduction to Architecture and Governance for Multi-Cloud Environments
  9. Chapter 1: Introduction to Multi-Cloud
    1. Understanding multi-cloud concepts
    2. Multi-cloud – more than just public and private
    3. Multi-cloud as a true mixed zone
    4. Setting out a real strategy for multi-cloud
    5. What would be the best solution for my business requirements?
    6. Introducing the main players in the field
    7. Public clouds
    8. Private clouds
    9. Summary
    10. Questions
    11. Further reading
  10. Chapter 2: Business Acceleration Using a Multi-Cloud Strategy
    1. Analyzing the enterprise strategy for the cloud
    2. Industry position
    3. Enterprise core competence
    4. Long-term planning
    5. Financial structure
    6. Fitting cloud technology to business requirements
    7. Business planning
    8. Financial planning
    9. Technical planning
    10. IT4IT
    11. Keeping track of cloud developments – focusing on the business strategy
    12. Foundation architecture
    13. Cost of delay
    14. Benefit of opportunity
    15. Creating a comprehensive business roadmap
    16. Mapping the business roadmap to the cloud-fit strategy
    17. The Twelve-Factor App
    18. Summary
    19. Questions
    20. Further reading
  11. Chapter 3: Getting Connected – Designing Connectivity
    1. Connectivity is king – connectivity concepts in multi-cloud
    2. VPN
    3. Understanding concepts of direct connectivity
    4. Managed dedicated connectivity through telecom companies or brokers
    5. Designing a network topology for multi-cloud – thinking ahead
    6. Prerequisites for creating a network design
    7. Understanding network protocols in multi-cloud
    8. Summary
    9. Questions
  12. Chapter 4: Service Designs for Multi-Cloud
    1. Introducing the scaffold for multi-cloud environments
    2. Identity and access management (IAM)
    3. Security
    4. Cost management
    5. Monitoring
    6. Automation
    7. Cloud adoption stages
    8. Stage 1 – defining a business strategy and business case
    9. Stage 2 – creating your team
    10. Stage 3 – defining the architecture
    11. Stage 4 – engaging with cloud providers; getting financial controls in place
    12. Stage 5 – building and configuring the landing zone
    13. Stage 6 – assessment
    14. Stage 7 – migrating and transforming
    15. Translating business KPIs into cloud SLAs
    16. Using cloud adoption frameworks to align between cloud providers
    17. Understanding identities and roles in the cloud
    18. Creating the service design and governance model
    19. Requirements
    20. RAID
    21. Service decomposition
    22. Roles and responsibilities
    23. Processes
    24. Costs
    25. Security
    26. Summary
    27. Questions
    28. Further reading
  13. Chapter 5: Managing the Enterprise Cloud Architecture
    1. Defining architecture principles for multi-cloud
    2. Business principles
    3. Security and compliance
    4. Data principles
    5. Application principles
    6. Infrastructure and technology principles
    7. Principles for usability
    8. Principles for processes
    9. Transition and transformation
    10. Creating the architecture artifacts
    11. Creating a business vision
    12. Enterprise architecture
    13. Principles catalog
    14. Requirements catalog
    15. High-level design
    16. Low-level design
    17. Working under architecture for multi-cloud and avoiding pitfalls
    18. Stage 1 – security architecture
    19. Stage 2 – architecture for scalability
    20. Stage 3 – architecture for availability
    21. Stage 4 – architecture for operability
    22. Stage 5 – architecture for integration
    23. Pitfalls in architecture
    24. Change management and validation as the cornerstone
    25. Validating the architecture
    26. Summary
    27. Questions
    28. Further reading
  14. Section 2 – Getting the Basics Right with BaseOps
  15. Chapter 6: Designing, Implementing, and Managing the Landing Zone
    1. Understanding BaseOps and the foundational concepts
    2. Defining and implementing the base infrastructure – the landing zone
    3. Defining standards and policies for the base infrastructure
    4. Managing the base infrastructure
    5. Defining and managing infrastructure automation tools and processes (Infrastructure as Code and Configuration as Code)
    6. Defining and implementing monitoring and management tools
    7. Supporting operations
    8. Creating a multi-cloud landing zone and blueprint
    9. Configuring the landing zone on Azure
    10. Creating a landing zone in AWS
    11. Creating the landing zone in GCP
    12. Managing the landing zone using policies
    13. Managing basic operations in AWS
    14. Managing basic operations in Azure
    15. Managing basic operations in GCP
    16. Orchestrating policies for multi-cloud
    17. Global admin galore – the need for demarcation
    18. Summary
    19. Questions
    20. Further reading
  16. Chapter 7: Designing Resilience and Performance
    1. Starting with business requirements
    2. Understanding data risks
    3. Understanding application risks
    4. Understanding technological risks
    5. Exploring solutions for resiliency in different cloud propositions 
    6. Working with AWS backup and disaster recovery
    7. Creating backup plans in GCP
    8. Optimizing your multi-cloud environment
    9. Using Trusted Advisor for optimization in AWS
    10. Optimizing environments using Azure Advisor
    11. Optimizing GCP with Cloud Trace and Cloud Debugger
    12. Performance KPIs in a public cloud – what's in it for you?
    13. Summary
    14. Questions
    15. Further reading
  17. Chapter 8: Defining Automation Tools and Processes
    1. Cross-cloud infrastructure automation
    2. Automation processes using a code repository and workflows
    3. Exploring automation tools
    4. Azure Automation
    5. AWS OpsWorks
    6. Automation in Google Cloud Platform
    7. Exploring other automation tools
    8. Architecting automation for multi-cloud
    9. Summary
    10. Questions
    11. Further reading
  18. Chapter 9: Defining and Using Monitoring and Management Tools
    1. Defining monitoring and management processes
    2. Cloud health
    3. Cloud performance
    4. Governance
    5. Security
    6. Cloud usage (analytics)
    7. Exploring monitoring and management tools
    8. Azure Monitor and Lighthouse
    9. AWS CloudWatch and Control Tower
    10. Google Cloud Platform's Cloud Monitoring and Operations Suite
    11. VMware's Tanzu
    12. Other end-to-end monitoring tools
    13. Consolidating and interpreting data from monitoring systems
    14. Discovering the single-pane-of-glass view
    15. Summary
    16. Questions
    17. Further reading
  19. Section 3 – Cost Control in Multi-Cloud with FinOps
  20. Chapter 10: Managing Licenses
    1. Types of license agreements
    2. Software licenses in cloud platforms
    3. Managing licenses and contracts
    4. Using third-party brokers for licenses
    5. Setting up an account hierarchy
    6. Summary
    7. Questions
    8. Further reading
  21. Chapter 11: Defining Principles for Resource Provisioning and Consumption
    1. Avoiding Amex Armageddon with unlimited budgets
    2. The provisioning and consumption of resources in public cloud platforms
    3. Deploying resources in Azure using ARM
    4. Deploying resources in AWS using OpsWorks
    5. Deploying resources in GCP using Deployment Manager
    6. Benefits of cloud provisioning
    7. The provisioning and consumption of resources in on-premises propositions
    8. Setting guidelines and principles for provisioning and consumption
    9. Using the Azure pricing calculator
    10. Using the AWS calculator
    11. Using the GCP instance pricing
    12. Design example for resource planning
    13. Controlling resource consumption using cost alerts
    14. Summary
    15. Questions
    16. Further reading
  22. Chapter 12: Defining Naming Conventions and Tagging
    1. Creating a naming convention
    2. Naming convention standards in Azure
    3. Naming convention standards in AWS
    4. Naming convention standards in GCP
    5. Creating a tagging convention
    6. Defining tags in Azure
    7. Defining tags in AWS
    8. Defining tags in GCP
    9. Implementing naming and tagging
    10. Managing naming and tagging conventions
    11. Summary
    12. Questions
    13. Further reading
  23. Chapter 13: Validating and Managing Bills
    1. Exploring billing options and using cost dashboards
    2. Using cost management and billing in Azure
    3. Using AWS Cost Management for billing
    4. Using billing options in GCP
    5. Validating invoices
    6. Centralizing billing in multi-cloud
    7. Summary
    8. Questions
    9. Further reading
  24. Section 4 – Security Control in Multi-Cloud with SecOps
  25. Chapter 14: Defining Security Policies
    1. Understanding security policies
    2. Understanding security frameworks
    3. Defining the baseline for security policies
    4. Implementing security policies
    5. Implementing security policies in Azure Security Center
    6. Implementing security policies in AWS Security Hub
    7. Implementing security policies in GCP Security Command Center
    8. Managing security policies
    9. Summary
    10. Questions
    11. Further reading
  26. Chapter 15: Implementing Identity and Access Management
    1. Understanding identity and access management
    2. Using a central identity store with Active Directory
    3. Designing access management across multi-cloud
    4. Exploring Privileged Access Management (PAM)
    5. PAM on cloud platforms
    6. Enabling account federation in multi-cloud
    7. Summary
    8. Questions
    9. Further reading
  27. Chapter 16: Defining Security Policies for Data
    1. Storing data in multi-cloud concepts
    2. Exploring storage technologies
    3. Understanding data protection in the cloud
    4. Understanding data encryption
    5. Securing access, encryption, and storage keys
    6. Using encryption and keys in Azure
    7. Using encryption and keys in AWS
    8. Using encryption and keys in GCP
    9. Securing raw data for big data modeling 
    10. Summary
    11. Questions
    12. Further reading
  28. Chapter 17: Implementing and Integrating Security Monitoring
    1. Understanding SIEM and SOAR
    2. Differentiating SIEM and SOAR
    3. The role of SOC
    4. Setting up the requirements for integrated security
    5. Implementing the security model
    6. Exploring multi-cloud monitoring suites
    7. Exploring SIEM solutions from Splunk, LogRythm, and Rapid7
    8. Implementing SecOps with VMware and ServiceNow
    9. Introducing cloud-native SIEM with Azure Sentinel
    10. Summary
    11. Questions
    12. Further reading
  29. Section 5 – Structured Development on Multi-Cloud Environments with DevOps
  30. Chapter 18: Designing and Implementing CI/CD Pipelines
    1. Understanding CI/CD and pipelines
    2. Getting started with CI/CD
    3. Working under version control
    4. Using push and pull principles in CI/CD
    5. Pushing the code directly to the master
    6. Pushing code to forks of the master
    7. Best practices while working with CI/CD
    8. Designing the multi-cloud pipeline
    9. Exploring tooling for CI/CD
    10. Working with Azure DevOps
    11. Working with AWS CodePipeline
    12. Working with Google Cloud Build
    13. Summary
    14. Questions
    15. Further reading
  31. Chapter 19: Introducing AIOps in Multi-Cloud
    1. Understanding the concept of AIOps
    2. Optimizing cloud environments using AIOps
    3. Exploring AIOps tools for multi-cloud
    4. Summary
    5. Questions
    6. Further reading
  32. Chapter 20: Introducing Site Reliability Engineering in Multi-Cloud
    1. Understanding the concept of SRE
    2. Working with risk analysis in SRE
    3. Applying monitoring principles in SRE
    4. Applying principles of SRE to multi-cloud – building and operating distributed systems
    5. Summary
    6. Questions
    7. Further reading
  33. Assessments
    1. Chapter 1
    2. Chapter 2
    3. Chapter 3
    4. Chapter 4
    5. Chapter 5
    6. Chapter 6
    7. Chapter 7
    8. Chapter 8
    9. Chapter 9
    10. Chapter 10
    11. Chapter 11
    12. Chapter 12
    13. Chapter 13
    14. Chapter 14
    15. Chapter 15
    16. Chapter 16
    17. Chapter 17
    18. Chapter 18
    19. Chapter 19
    20. Chapter 20
  34. Other Books You May Enjoy
    1. Leave a review - let other readers know what you think
54.173.214.79