There has been a recent trend where organisations are moving their software infrastructure back to on-premise datacenters or private clouds. Even cloud providers like AWS and GCP have an on-premise version. Although this might seem surprising, it's not new.
This has happened before. In fact, in one of my early days projects , one such organisation had migrated from cloud to on-premise after almost a year of being live on cloud. They even postponed one of their major releases and invested almost a year on this migration. This talk will feature that story.
Today I am going to share why organisations are opting to move from serverless back to the on-prem servers despite having all the ease of accessibility, technologies and advantages of cloud.
This will include what I have experience on some of my projects in domains like banking & fintech and retail & e-commerce. I would also share why even public cloud providers are providing an on-premise version of their service and what must be kept in mind before making that choice.
Here are the 5 biggest driving factors for organisation to migrate from serverless to servers:
The On Premise Driving Factors
Compliance & Regulations:
Majority of global compliance and regulations depend on the data localization laws of respective countries. For instance, India’s data localization law expects all payment systems data to reside within the country. Similarly, Indonesia’s OJK mandates public services companies must maintain all PII and data centers data within the country.
So many organisations chose to host infra in their own data centers, either they don't have a cloud provider region available within their country or just to simplify the long audit process involved in certifying a cloud infrastructure.
IP Protection:
Data privacy and confidentiality, data sharing policies is another reason which drives organisations towards on-premise or a hybrid setup. Especially when it comes to cloud managed services, data is often cached or backed up in different regions(countries). Even with SaaS for vulnerability scanning or monitoring the control panel can be hosted in some different country than the actual one.
So for security of data and other intellectual property, its would be better to have well defined and detailed NDA with all service providers - cloud, SaaS anything.
Disaster Recovery:
Very often cloud providers in specific regions cannot simply provide the RTO and RPOs that the organisation needs. These are the two benchmarks that decide, in an event of a disaster like earthquake, tsunami or any other natural calamity as below:
How fast can your infra recover -> RTO (Recovery Time Objective) &
How much can it recover -> RPO (Recovery Point Objective)
With an on-premise DC/DRC setup, RTO/RPO can be measured and confirmed better with regular DR drills since we have full control over the infrastructure.
On cloud it's only possible on the compute level since you cannot take an az down.
Vendor Lock-in:
Don’t put all eggs in one basket.
Reduce truck/risk factor.
These two factors are enough to drive an organisation towards self managed on-premise setup. This is true for most data/storage services.
Cost:
Sometimes these services might have some hidden service charges, these are mostly cases where cloud providers(like GCP) do not host the software themselves, instead partner with third parties to manage it for them.
So it is important to discuss the pricing model in detail with your cloud vendor and get a quotation only when the pricing is clear.
Many startups recently have moved to self managed on premise data centers from the cloud just for this one factor.
Conclusion:
Everyone loves control and especially when it comes to their intellectual property since data is the new gold.
Cloud providers have understood this and importance of having an on-premise infra.
That is why they themselves provides on-premise options such as Outposts by AWS, Anthos by GCP and so on.
Hope this article was useful and help you arrive at the right decision while hosting your infrastructure.
If you like this article, I am sure you will find 10-Factor Infrastructure even more useful. It compiles all these tried and tested methodologies, design patterns & best practices into a complete framework for building secure, scalable and resilient modern infrastructure.
Don’t let your best-selling product suffer due to an unstable, vulnerable & mutable infrastructure.
Thanks & Regards
Kamalika Majumder
Comments