What is a hybrid solution?
This is a question we field a lot at Rackspace and there are multiple explanations. The most commonly accepted definition is the composition of Private Cloud (either on customer premise or hosted) with a Public Cloud that have been linked together to offer the benefits provided by the differing technologies. At Rackspace, we initially created a hybrid configuration by connecting dedicated servers with our public cloud. This post discusses some example reference architectures that can be created by connecting workloads hosted on dedicated infrastructure with workloads hosted in the cloud, and the benefits associated with doing this.
Why use a hybrid configuration?
First of all, it depends on your application and the problem you are trying to solve. Take the example of an eCommerce application. These are normally three-tier applications: web server, application server and database servers. The web servers handle mainly the serving of web content, with no data stored on them, and they work together to share the traffic load. Application servers handle all the processing of application requests, and this tier is normally where you want some more powerful servers to handle large numbers of concurrent application requests. No data is normally stored on here either. The final tier is the database server (or database cluster) where your database resides powered by technologies like MySQL and Microsoft SQL Server. This is where most of the work is done, and also where you need the highest levels of data security (especially if you are storing credit card information). So, to get back to the question: “Why hybrid?” Well, as you can see, different application tiers have very specific needs. Web tiers need to scale out quickly to manage higher traffic loads (perfect for the cloud); application servers (depending on the app being used) and database servers sometimes need dedicated compute and memory to handle the large amount of processing; and data needs to be securely stored on single tenant storage devices (better suited for dedicated servers).
How does a hybrid solution fit together?
In order to help you better understand how you can build and use hybrid solutions at Rackspace, we’re going to explore two possible configurations: one for a smaller and relatively simple workload; and another showing a complex workload with a larger number of solution elements. These two configurations were chosen because they fairly represent the composition of the customer base at Rackspace.
Common to both of these solutions is the enabling network connectivity solution called RackConnect that allows web servers to connect to the back-end app and database servers via a private network connection. Once RackConnect is configured, web developers simply need to designate the private IP address and network port of the database server (normally within a database connection string) to create a private connection to the database. Using RackConnect, your private network traffic never traverses the public network, helping to protect it from malicious external attacks.
A differentiating factor of RackConnect is that it uses a hardware firewall or load balancer as your perimeter device, in front of your cloud and dedicated servers (unlike software firewalls in cloud only configurations), ensuring the highest level of protection. This setup allows you to route to the private IP addresses of the servers within your solution on the firewall. The hardware devices such as a Cisco ASA Firewall or F5 Load Balancer are configured and customized by Rackspace Network Security Engineers to fit your solution needs.
Solutions such as the one depicted in the reference architecture are highly suitable for use cases such as e-commerce sites, high traffic blogs and database-driven web applications.
The diagram shows a solution utilizing a Cisco ASA Firewall as the perimeter device for both the cloud and dedicated database server, with traffic being routed from the Internet to the web servers (to serve content) and then, from there, the web servers will query the database via the application servers to deliver data driven content. All of this happens within a secure private network, as traffic hits the public IP on the firewall, and is in turn routed to the private IP of the web server.
Through RackConnect you also have the ability to serve images, videos or other media files from Rackspace Cloud Files. Cloud Files allows you to use the integrated Content Delivery Network (CDN), a solution that publishes and replicates your media files across the globe, to ensure that users browsing your site locally are served media files from a local CDN end-point; instead of traversing the Internet to where the site is hosted. For example, a user browsing your site from Hong Kong will hit your website in the US, but as soon as they need to download a image or video that is embedded in the site, it will request it from a local server in Hong Kong (or closest end-point); dramatically speeding up the browsing experience.
Solutions such as this are highly suitable for mission critical deployments requiring multiple levels of redundancy and/or complex enterprise applications with specific technology requirements.
This reference architecture shows two hardware devices, a Cisco ASA Firewall and a F5 Load Balancer. Once again traffic hits the firewall utilizing the public IP address of your website. After being filtered by the firewall, the traffic will go through to the F5 load balancer where the traffic is balanced, or shared, across multiple web servers. As the cloud is elastic, you are able to spin up additional servers based on web traffic needs. RackConnect ensures that any new cloud servers are automatically added to your load balanced pool. RackConnect will also automatically remove deleted cloud servers when you decide to shrink your environment again based on traffic needs. This is extremely valuable if your web traffic fluctuates frequently or is highly seasonal.
On the dedicated side of the architecture you can also see solutions such as SAN storage or a Private Cloud. All of these elements can be integrated into your environment, depending on your application architecture. Rackspace Storage Architects and Network Engineers will work with you to design the solution that performs best with your application.
We hope that this quick overview of hybrid solutions gives you an indication of how Rackspace can help you leverage various enabling technologies to build a custom solution that can combine the best of both worlds: the elastic and flexible nature of the cloud, and the dedicated performance and security provided by traditional hosting.