hamburger icon close icon
Hybrid Cloud Management

Azure Hybrid Cloud:
Azure in Your Local Data Center

The Azure cloud provides extensive hybrid cloud management  functionality, which extends to your on-premise data center. These include migration tools, networking tools, single sign on (SSO) and identity management, and even hybrid storage devices that can be deployed on-premises.

In this post, we’ll explain the Azure hybrid architecture and its main building blocks. In addition, we’ll show how NetApp Cloud Volumes ONTAP can help set up hybrid storage sharing on-premises and Azure-based resources.

In this article, you will learn:

What Is a Hybrid Cloud?

A hybrid cloud is a cloud computing environment composed of one or more public and private clouds. Data, applications, and workloads are shared between these clouds to create a unified system. Hybrid clouds enable you to scale workloads and “burst” into the public cloud when you exceed the resources of your private cloud.

Hybrid clouds also enable you to segregate how and where data is shared and avoid having all your data stored on one public cloud. Using a hybrid cloud, you can take advantage of the scalability and flexibility of a public cloud while maintaining the security of business-critical applications and data.

Azure Hybrid Cloud Features

To help you achieve the benefits of a hybrid cloud, Azure offers services to help you connect your private cloud with their public services. These services include a variety of helpful features.

Run applications seamlessly across on-premises, cloud, and edge environments
Azure enables you to run applications as is or to refactor and take advantage of cloud scalability and portability. It also enables you to create new, cloud-native applications.

Azure Hybrid Cloud supports your applications by enabling you to:

  • Run hybrid apps on-premise—you can use hybrid applications in-house using Azure Stack HCI. This service enables you to run apps in virtualized environments. It enables you to gain cloud benefits while maintaining connectivity and regulatory compliance.
  • Migrate apps to the cloud—Azure provides tools for migrating applications to your public cloud. It also offers the Azure Hybrid Benefit program, which allows you to transfer existing licenses for SQL Server and Windows Server.
  • Enable edge and disconnected scenarios—you can use Azure edge technologies to operate workloads on the periphery of your network. This can enable you to provide consistent experiences for your users regardless of Internet connectivity.
  • Enable DevOps workflows—Azure DevOps offers cloud-native tooling for DevOps pipelines. You can integrate many of the tools you’re already using and connect on-premise and cloud pipelines. This provides a consistent continuous integration and continuous delivery experience. 

Migrate, manage, and analyze data across your hybrid cloud
Azure provides access to high-performance resources as well as enterprise-grade security and availability. It also offers tools for advanced analytics and automated migration. These offerings make moving and managing your data easy and secure. For example, Azure SQL Database Management Instances enable you to move SQL workloads to and from the cloud with zero code changes. 

Build a highly available, fast, secure hybrid network
Creating a hybrid Azure cloud enables you to gain access to one of the largest global networks. On this network, you can optimize connections, up to 100 Gbps, with Azure ExpressRoute. You can also connect to thousands of users and endpoints with managed connectivity through Azure Virtual WAN.

To secure your connections, Azure Firewall and DDoS Protection services are available. You can also take advantage of Azure Front Door Service, which provides a secure and adaptable entry point for your users.

Manage access with a single identity platform
Azure supports secure single sign-on (SSO) for your users across on-premise, cloud, and mobile applications. By federating Active Directory (AD) and Azure AD, you can combine identity management for all environments. This centralizes identity management and promotes standardized access and permissions.

Deliver security across your organization
Azure infrastructure is protected by enterprise-grade security measures and expertise. When you create a hybrid cloud with Azure, you gain access to this expertise. You can also take advantage of several security services for monitoring, encryption, and access control across your environments.

For example, the Azure Security Center dashboard can provide a centralized view of your security status. Another example, Azure Sentinel, lets you harness AI and automation to secure systems and data.

Building Blocks of the Azure Hybrid Cloud Solution

For an Azure hybrid cloud to function optimally, you need to combine several services. These services are in addition to networking and security measures. Below are some of the most commonly used services:

  • Azure Arc—enables you to extend Azure management tools and services to any architecture. With it, you can run and manage Azure data services across your environments.
  • Azure Stack—enables you to develop, deploy, and run cloud-compatible applications across environments. You can operate these applications either on or offline.
  • Azure IoT Edge—a fully managed service that enables you to run workloads in containers on Internet of Things (IoT) edge devices. Running these workloads on the edge limits communication delays, allows faster response to changing demands, and enables offline operations.
  • Azure Sphere—provides turnkey security for IoT devices. It enables you to protect privacy, data, and infrastructure while ensuring the physical safety of devices.
  • Azure StorSimple - a series of devices that are deployed on-premise and synchronize data to the Azure cloud. Devices are available in three deployment options: StorSimple Physical Array, Virtual Array, and Cloud Appliance.

How the Azure Hybrid Cloud Architecture Works

There are several architectures you can use to set up a hybrid cloud environment depending on your existing infrastructure and needs.

Hybrid Cloud with Azure Stack

To create a hybrid cloud using Azure Stack, you can create a Virtual Private Network (VPN) tunnel for connectivity. This tunnel allows communications between components in the public cloud and on-premises. With hybrid identity management, you can ensure that users and applications apply the same security and restrictions across environments. The combination of this connectivity and security enables you to smoothly run workloads both on-premise and in the cloud with minimal application changes.

Hybrid Cloud with Azure StackSource: Azure

Modern Data Warehouse Architecture

If you’d prefer to use a data warehouse architecture to create your hybrid cloud, you can use Azure Data Factory. Data Factory enables you to create, schedule, and orchestrate data processing workflows across environments. It provides features for advanced analytics, dashboards, and operational reports to help you manage and monitor these workflows.

Modern Data Warehouse ArchitectureSource: Azure

Data flow in a hybrid data warehouse works as follows:

  1. Using Data Factory, you combine your data in Azure Blob Storage. This includes structured, semi-structured, and unstructured data.
  2. With Azure Databricks analytics services, you then cleanse and transform the data stored in Blob Storage.
  3. Once your data is processed, you can move it to Azure Synapse Analytics to create a combined data hub. The native connectivity between Databricks and Synapse Analytics enables you to easily move and access data at scale.
  4. Once your data is stored in Azure Data Warehouse, your hub, you can create operational and analytical dashboards and reports. These tools enable you to derive data insights and apply insights to your users through Azure Analysis Services.

Connect On-premises Networks to Azure

A third architecture option involves connecting on-premise networks to your Azure environment. This is commonly done with either a VPN gateway or ExpressRoute.

  • VPN gateway—communications between on-premise and Azure components occurs through a secured IPSec VPN tunnel. This is operated with Azure Virtual Network (VNet) services.

Connect On-premises Networks to AzureSource: Azure

  • ExpressRoute—communication between on-premise and Azure components occurs through a third-party connectivity provider. This connection is private and dedicated to your environment.

Azure Hybrid Cloud Storage with Cloud Volumes ONTAP

NetApp Cloud Volumes ONTAP, the leading enterprise-grade storage management solution, delivers secure, proven storage management services on AWS, Azure and Google Cloud. Cloud Volumes ONTAP supports up to a capacity of 368TB, and supports various use cases such as file services, databases, DevOps or any other enterprise workload.

NetApp Cloud Volumes ONTAP for Azure cloud is an alternative to hybrid deployment with Azure StorSimple, which will reach end of life (EOL) by 2022. Cloud Volumes ONTAP caters to workloads deployed in Azure that need access to cloud storage over NAS and SAN protocols. It provides a single pane view to manage ONTAP systems on-premises as well as in Azure, and offers the benefit of data fabric architecture, with the same data management experience in multi-cloud and hybrid environments.

New call-to-action
Yifat Perry, Technical Content Manager

Technical Content Manager

-