adam121 - Fotolia
Sometimes it makes sense to run applications in the cloud and on-premises. In other cases, you might want to use Amazon Web Services to handle bursts in demand that on-premises hardware cannot accommodate. There are tools available to help manage workloads between the two environments.
Platform configuration tools such as Chef and Puppet build machine images and deploy application code to help ensure consistency. This won't help much if you are running on-premises applications directly on server operating systems, instead of in a virtualized environment. In Amazon Web Services (AWS), you can deploy applications using a container service, like Docker.
Docker allows users to create an easily redeployed operating environment on different servers. For example, you could build an application in a development environment, save it as a Docker image and then move it to a testing server. Once the testing is done, the same image can be promoted to the production environment. Docker provides a lightweight, isolated container with all the application code and necessary dependencies; developers don't have to deal with mismatches between application dependencies and libraries or packages installed on the target server.
Docker can run more images on a server than full guest OSes. Amazon Elastic Container Service also allows IT teams to run Docker images without having to manage workloads, such as EC2 instances, to host Docker containers.
Security could be an issue for users who share authentication and authorization information between on-premises and cloud applications. Use an existing, on-premises directory service as a foundation for managing identities and roles and then take advantage of the integration between Active Directory and AWS Identity Access Management service.
Carefully review authorizations, especially related to AWS products such as Amazon Simple Storage Service (S3). If your cloud application makes use of S3, you will need bucket policies and access controls. Presumably, your on-premises application will have the same authentication but will be implemented according to the authorization mechanism of the on-premises storage system.
Docker on AWS: It's not you, it's me
Keeping up with technology: Learn Puppet automation
AWS cloud management smoothed by third-party tool
Dig Deeper on AWS instances strategy and setup
Related Q&A from Dan Sullivan
Docker's recent upgrade introduced support for hardware signing and in the future, automated security analysis on Docker images. Expert Dan Sullivan ... Continue Reading
Cisco's new project Contiv automates operational policies for containerized applications in the cloud. Expert Dan Sullivan explains the benefits of ... Continue Reading
Dropbox API abused by attackers posing as legitimate users in a huge spear phishing campaign. Expert Dan Sullivan explains how to mitigate the risks ... Continue Reading