"The requirements and capabilities that an organization needs when running a production application are very different than one that's catering to developers," says Craig McLellan, cloud architecture author and chief technology officer of Hosting.com.
[Related: ]
[Related: ]
[Related: ]
Tier 1 applications often stand to benefit the most from the efficiency and scalability offered by a cloud environment:
Consolidation and infrastructure efficiency
Faster provisioning of applications and better configuration management
Universal high-availability services
Automated resource optimization, and dynamic scaling of applications.
However, the applications themselves are often the most complex and most critical to a business, and questions around stakeholder buy-in, architecture, and ISV support and licensing must be addressed before taking the plunge. Unlike Tier 2 applications, which can usually be virtualized in a self-contained manner, your Tier 1 applications touch on many people, processes and technologies.
Also, by their very nature, they tend to have been around for a while. They tend to run on legacy hardware, which can make the whole process more challenging.
Look to Your Disaster Recovery Plan First
As a first step, before even considering cloud providers, McLellan recommends CIOs take a look at their disaster recovery plan for the application in question.
"When was the last time you exercised your disaster recovery plan? When did you last test it? The easiest way to migrate your application is to treat it as if it were a disaster recovery exercise," McLellan says. "If you don't have a disaster recovery plan for that particular application, it's going to be very hard to migrate because no one has really thought about how to recover it."
He also notes that applications designed with disaster recovery in mind lend themselves to straightforward migrations, while applications that had disaster recovery plans bolted on after the fact generally lead to much more complex and time-consuming migrations.
"It's important that the customer have a realistic perspective early," he says. "The merits of cloud should still generally outweigh those challenges of migration from a long-term perspective."
Five Signs a Cloud Provider Isn't Ready for Mission-Critical Apps
When it comes time to choose your cloud provider, McLellan says CIOs should look for five signs that service providers are blowing hot air when they claim to be ready to handle your mission-critical applications:
Does the cloud providers pitch focus more on billing and provisioning time rather than reliability? If so, McLellan notes, it's a sign the provider's real focus is providing developer services, not hosting for Tier 1 applications.
Does the provider have a documented change management process that is well understood and adhered to throughout the entire organization? "In a cloud environment, change is inevitable," McLellan says. "If they don't have a change management process that's mature, you can get into a lot of trouble."
Does the provider understand the importance of runbooks, and can they show you examples of runbooks they use today for other customers? Runbooks are a compilation of procedures and operations you expect the hoster to perform. "You need to be very clear on what the role of each party is for each task in the runbook," McLellan says. "The reality is that the large majority of cloud hosters today don't do that because they cater to non-mission-critical workloads where that stuff typically doesn't get documented."
Does the cloud provider offer an SLA for each product it providesmanaged firewall, storage, cloud, etc. or does it offer a single SLA at the application layer? If the host provides SLAs for each product, it becomes difficult for you to appreciate the risk of those SLAs because any individual device can fail at any particular time and trigger one of the SLAs, but the failure of any one of those devices could bring down your entire application. "I believe you should have an SLA at the application layer itself," McLellan says. "Is the application available for its intended users or not? If the host you're working with is not prepared to provide you with an SLA that's easy to understand, it's time to look for a new cloud hoster."
Does the cloud provider offer access to complementary services like patch management, application performance monitoring and so on? "If I'm going to move a mission-critical application to the cloud, I can't just migrate it and hope for the best," McLellan says. "If you're the CIO of a mid-size enterprise with a mission-critical application, you are very concerned with the performance metrics of that application. If the cloud provider doesn't have those tools, you aren't really getting much because you still need to buy those tools. And they can be very expensive tools."
Thor Olavsrud covers IT Security, Big Data, Open Source, Microsoft Tools and Servers for CIO.com. Follow Thor on Twitter @ThorOlavsrud. Follow everything from CIO.com on Twitter @CIOonline and on Facebook. Email Thor at tolavsrud@cio.com