Public Cloud Infrastructure
Multi Public Cloud
SAP Cloud Services
Digital Workplace
All the information you need about cloud development and why you should think about an application in the cloud can be found in our compact overview. Our cloud experts have compiled all the important aspects for you and addressed frequently asked questions from our customers to provide you with full insight and complete transparency. Are you only interested in a specific section? No problem, below you can conveniently click on the section that interests you and you will be taken directly there. At the bottom of the page you will also find a whitepaper on Cloud Development with all the information, easy for you to download.
Should I go to a public cloud, a private cloud or a hybrid cloud?
Which public cloud should I use, AWS, Azure or the Google Cloud? Are there any differences?
Can I still change the cloud later?
What about DSGVO, data protection and compliance in the public cloud?
Can I migrate any application to the cloud?
What does a cloud migration / modernization cost?
What steps need to be taken in a cloud migration / application modernization?
Will the costs go down if I run my application in the public cloud?
How do I ensure the availability and operation of my application in the public cloud?
What options does the public cloud offer me in terms of scalability of my application?
How do I train my team so that I can later develop my application in the cloud myself?
Summary
Application development in the cloud is one of the most important growth areas in the IT world due to the advantages that the cloud offers: fast development speed, easier maintenance, scalability, higher reliability, flexible cost model and higher security. However, there are also aspects that need to be considered in order to develop successfully in the cloud.
The development and operation of applications in the cloud, i.e. the use of cloud development, is one of the main growth areas in the entire IT world.
Clouds offer special services that extremely accelerate software development (“Platform-as-a-Service” or “Cloud Native”). Databases and storage space, for example, can be used directly for the application. This drastically reduces the time it takes for an application to “go-live” in development.
In the cloud, many aspects are taken away from the company. Backups are much easier, with intelligent design there is no need to update an operating system, etc.. The focus can then be on the development and operation of the application itself, because the “trappings” are taken off by the cloud and the advantages of cloud development.
With intelligent design of the application, the computational power can be scaled from 0 (no cost) to almost infinity (millions of concurrent users all able to use the application fluidly at the same time).
The cloud providers ensure high availability and corresponding redundancy, even in the event of a fault. A large part of the entire Internet is based on the cloud – a failure would have correspondingly fatal consequences. That’s why high availability is inevitably a key element in the cloud as well as cloud development itself.
The model already mentioned under “Scalability” can be directly applied to costs: The application is not used by anyone (for example, at night), so it scales “to 0” and no costs are incurred. At lunchtime, millions of users are using the app at the same time, so the infrastructure scales accordingly and you pay what you get in terms of performance.
Clouds offer higher security compared to classic hosting in a data center. Security is the central element in all clouds and is ensured on the front line by the respective hyperscalers – with huge teams of experts specializing in exactly this, in a way that a data center could not provide. In addition, backups and recovery are included directly, which is often a bigger issue with classic hosting.
There are three types of clouds and accordingly for cloud development: private clouds, public clouds and hybrid clouds. Private clouds are reserved for a specific organization and offer limited scalability and functionality, while public clouds are operated by hyperscalers such as Amazon, Microsoft and Google and offer unlimited scalability, high speed, security and flexibility. Hybrid clouds combine the advantages of both cloud types to achieve maximum control and speed.
A basic distinction is made between 3 different types of clouds: private clouds, public clouds and hybrid clouds. All 3 variants have different focuses.
A cloud that is provided only to a specific organization and is not available to the public. Compared to the public cloud, the range of functions is more limited, but offers greater flexibility and faster provision of computing power/infrastructure.
Cloud providers such as Amazon AWS, Microsoft Azure and Google GCP, which offer arbitrary scalability and provide the best overall package for most use cases in terms of speed, cost, scalability and security.
A combination of private cloud and public cloud that runs select applications in the private cloud and the majority in the public cloud to combine the benefits of both worlds. The contents are dovetailed to enable smooth interaction.
Download the whitepaper conveniently and easily now, so you can enjoy the information around cloud types and cloud development anytime and anywhere.
The decision for private, public or hybrid cloud depends on the specific cloud development use case. A combination of private and public cloud is often the best solution, whereby new business models and modern applications/services can be developed in the public cloud and existing applications and workloads can be migrated to the public cloud. It is important that the private and public clouds harmonize with each other.
You have already guessed: A blanket answer to this question is not possible because it depends on the specific application. But one thing can be said in general terms: Relying exclusively on a private cloud leaves a lot of potential on the street. Relying exclusively on the public cloud can make sense if the structures within the organization are in place for this:
A combination of private cloud and public cloud is often the most realistic scenario – the hybrid cloud. New business models and modern applications/services are developed directly in the public cloud. Existing applications and workloads that are a good fit are migrated to the public cloud to take full advantage. Legacy applications and particularly sensitive data and applications remain in the private cloud and are migrated either successively or not at all – depending on the company’s governance/policy.
It is important that the private cloud world and the public cloud world correspond and harmonize ideally with each other.
The three main hyperscalers all offer similar benefits, such as rapid and secure application development and scalability. The choice of hyperscalers depends on what services and applications are already in place in the enterprise and what the scalability, security and pricing requirements are. Weighing the pros and cons and a decision matrix with the service provider’s recommendations can help with the choice.
There are some differences between the 3 most relevant hyperscalers – again, it all depends on what (a) is already there and (b) is to be done. Basically, it can be said that applications can be developed and operated quickly, securely, flexibly, cost-effectively and scalably on all 3 hyperscalers. All 3 hyperscalers have numerous data centers, both in Germany, Europe and around the world. All 3 hyperscalers offer virtually unlimited compute power and scalability. All 3 hyperscalers offer numerous services for rapid software development.
Often the question of choice does not even arise because a cloud is already established in the company and framework agreements exist. In this case, the issue has already been resolved and the next steps are:
This is often done in sparring with business owners and architects on the company side and the service provider’s experts on the other side. Here it is important to match the technical requirements of the company with the planned architecture of the application:
Conveniently and easily download the whitepaper now, so you can enjoy the information around AWS, Google Cloud and Azure anytime, anywhere.
By adhering to certain design principles, portability between different cloud providers can be enabled. Tools such as Terraform and Infrastructure as Code enable automated setup of environments and applications. However, completely automated switching between cloud providers rarely makes sense and involves higher costs. It is advisable to clarify together with the service provider which degree of portability is desired and to take this into account already in the design of the application.
In principle, the cloud can be changed at a later point in time, but certain principles must be taken into account in the design of the application. Through tools such as Terraform (Infrastructure as Code, IaC), for example, the complete environment and the application itself can be set up and made available automatically – without a single click. Such procedures make it considerably easier to carry out a possible change at a later date. However, to be fair, it must also be said: A 100 % automated switch from one cloud to another is possible, but rarely makes sense and involves higher costs in design and implementation.
We therefore recommend that, prior to implementation, the degree of portability desired should be discussed in detail with the service provider and taken into account in the design of the application.
Security in the public cloud and cloud development is important and depends on several factors. Public cloud providers invest in the security of their infrastructure and services, but the security of applications and data also depends on the user’s own security measures.
Important aspects of public cloud security: infrastructure security, data encryption, identity and access management, monitoring, compliance and certifications. Cloud security is a shared responsibility between provider and user, with the user responsible for application and data security. Best practices should be applied to proactively protect security.
Some important aspects at a glance:
Public cloud providers invest in protecting their data centers and networks to ensure high security for their customers. These include physical security measures, access controls, network security and security monitoring.
To ensure data protection in the public cloud, providers offer encryption for both data at rest (stored data) and data in transit (transferred data). Users can and should consider additional encryption measures for particularly sensitive data.
Public cloud providers provide services that allow users to manage their authentication and authorization policies. This enables control over who can access which resources and services in the cloud.
To detect and respond to potential security incidents, cloud providers offer monitoring and logging services that allow users to continuously monitor your cloud resources and identify potential threats.
Public cloud providers have certifications and security audits to prove compliance with standards. Companies should consider the compliance requirements of your industry and ensure that the chosen provider meets them. Security in the public cloud is a shared responsibility between provider and user. Companies should adopt best practices, establish a specific security plan with their service provider, and proactively protect their data.
In the public cloud and cloud development, the GDPR is important. Providers such as AWS, GCP and Azure meet the requirements. Companies should pay attention to GDPR compliance and implement security measures. A data protection impact assessment may be necessary to identify risks.
The GDPR is important for companies in the EU and those doing business with EU citizens. In the public cloud, GDPR, data protection and compliance are critical to meeting regulatory requirements.
Most major public cloud providers have adapted their services to the GDPR and offer tools to provide GDPR-compliant services. It is important to choose a GDPR-compliant cloud provider and sign a data processing agreement.
Companies should ensure that they enter into appropriate Data Processing Agreements (DPAs) with their cloud providers that govern the processing of personal data in accordance with the GDPR rules.
DSGVO and data protection in the public cloud require secure storage and transfer of personal data. Companies should know where their data is processed and that the transfer is secure. Regional data storage options can help ensure compliance with privacy laws.
Companies must implement appropriate security measures to protect personal data in the cloud. This includes encryption, access controls, monitoring and regular security audits. Public cloud providers have implemented comprehensive security measures.
In some cases, a data protection impact assessment is necessary to identify risks when processing personal data in the public cloud. Companies ultimately bear the responsibility for adherence to the GDPR and compliance in the cloud. A GDPR-compliant cloud provider and appropriate security measures and data protection policies are important steps to meet compliance requirements and gain the trust of customers and partners.
The three hyperscalers AWS (Amazon Web Services), GCP (Google Cloud Platform) and Azure (Microsoft Azure) are leading providers of public cloud services and attach great importance to data protection, DSGVO and compliance.
Download the whitepaper conveniently and easily now, so you can enjoy the information around hyperscalers and DSGVO anytime and anywhere.
The suitability of an application for cloud migration depends on various factors, such as the current architecture, the technologies used and the specific requirements of the application. Some application types that are well suited for cloud migration include scalable, stateless applications and applications on microservices architectures. However, it is possible in principle to migrate a wide range of applications to the cloud. A careful analysis of the application and its requirements is necessary to evaluate the suitability of an application for cloud migration.
In principle, it is possible to migrate a wide range of applications to the cloud. However, the suitability of an application for cloud migration depends on various factors, such as the current architecture, the technologies used and the specific requirements of the application.
Some application types that are well suited for cloud migration include:
However, there are also application where cloud migration can be more difficult or less useful:
Deciding whether an application is suitable for cloud migration requires a careful analysis of the application and its requirements, and a consideration of the potential benefits and challenges that cloud migration can bring.
There are a few terms that are important on the path to cloud migration. Application Modernization means the updating of applications, while Application Transformation means a fundamental adaptation to new requirements. Cloud Native is an approach to developing applications specifically for the cloud environment. Lift & Shift is a strategy for migrating applications to the cloud without making changes to the application itself.
On the way to the cloud, you encounter many terms that can be quite confusing at first. Some of the terms we encounter most often when guiding our customers’ Cloud Journey are as follows:
App modernization improves existing applications to keep pace with latest technologies and requirements. The upgrade may include architecture, platform, database, user interface and functionality. The aim of the migration is to transfer to a more modern platform with retained functions and business processes. Benefits include improved usability, higher performance, security and scalability.
App transformation refers to the fundamental change of applications to adapt them to new business requirements. This can include revising business processes, integrating new technologies, migrating data, and customizing the user interface. The goal is to align the application with the business needs and vision of the organization to improve efficiency, performance and agility.
Cloud Native applications are built specifically for cloud environments and take advantage of the cloud to perform and scale better. The architecture consists of microservices packaged in containers that use automated processes to deploy, scale and manage applications. The benefits are greater scalability, agility and flexibility, and faster time to market.
Lift & Shift is a strategy for migrating applications to the cloud without making changes to the application itself. The goal is to take advantage of the cloud without reengineering the application. One example is the migration of virtual machines or databases to the cloud. However, an application that is not optimized for the cloud can lead to higher costs and poorer performance.
The choice of cloud architecture depends on the specific requirements and goals. The main options are: virtual machines(VMs), platform-as-a-service(PaaS), software-as-a-service(SaaS), containers and Kubernetes. Enterprises can combine these options to best meet their cloud development needs.
The choice of architecture depends on your specific requirements and goals. Here you get an overview of the most important options:
If you need full control over operating systems and applications, VMs are a good choice. With VMs, you can run a variety of operating systems and applications running on the same physical host.
If you want to focus on application development instead of worrying about infrastructure, consider PaaS. PaaS provides a fully managed platform for application development, including scaling and maintenance.
If you need a fully managed application and don’t need complete control over infrastructure, consider SaaS. SaaS applications are hosted and managed by vendors, so you only pay for what you use.
If you want to simplify application deployment, containers are a good choice. Containers provide lightweight virtualization where applications and their dependencies can run in isolated containers.
If you need container orchestration, consider Kubernetes. Kubernetes provides a platform for automating container deployment, scaling and management. All cloud providers offer a managed Kubernetes environment, so running containers in Kubernetes requires less effort.
It should be noted that these options are not necessarily mutually exclusive and can be combined individually. In many cases, companies use a combination of technologies and architectures to best meet their needs.
The cost of a cloud migration or modernization depends on a number of factors, including planning and consulting, implementation and migration, training and education, ongoing costs, and maintenance and support. It is important to perform a detailed cost analysis before beginning the cloud development project to gain a better understanding of the expected total cost and potential cost savings.
The cost of a cloud migration or modernization varies widely depending on the scope and complexity of the project, the resources available and the specific requirements of the application. In general, the total expense is made up of various factors:
The planning phase, including assessing current infrastructure, creating a migration plan and selecting the right cloud platform, can vary depending on the complexity and size of the project. The cost of external consulting services can also account for a significant portion.
The actual migration or modernization of the application requires time and resources to adapt the application to the cloud environment, migrate data and systems, and test the application in the new environment. Depending on the scope of the project and the complexity of the application, the cost of this step can vary greatly. Detailed information on migration and modernization can be found in the following section “What steps need to be taken for a cloud migration / application modernization?”.
Adoption of cloud technologies often requires training and education for the internal team to ensure you have the skills to manage and, if necessary, evolve the application in the cloud. The cost of training and workshops depends on the number of employees involved and the depth of knowledge required.
After migration or modernization, there are ongoing costs for using the cloud infrastructure, such as storage, computing power, bandwidth and services used. These costs vary depending on the provider, consumption and selected billing model. It is important to understand and regularly review the cost structure of your chosen cloud provider to identify potential cost savings. Here, the Public Cloud Group can support you with specific offers for cost management on all hyperscalers.
Maintenance and support costs can also vary depending on whether maintenance is internal or external and what service level agreements (SLAs) are in place.
Since the cost of a cloud migration or modernization depends on many factors, it is important to perform a detailed cost analysis before starting the project to get a better understanding of the expected total cost and potential cost savings.
Download the whitepaper conveniently and easily now, so you can enjoy the information around cloud costs and their reduction anytime and anywhere.
The steps for a successful cloud migration are customized. Basic milestones include assessing the existing application and IT infrastructure, selecting the appropriate cloud platform, developing a migration and modernization plan, migrating or modernizing the application, optimization and monitoring, and training the team. A training program is important to ensure that the team has the necessary knowledge.
The steps for a successful cloud migration or application modernization in cloud development can vary depending on the company and requirements and are individually coordinated depending on the needs.
Basic milestones on the Cloud Journey that have stood the test of time are as follows:
An assessment of the existing application and IT infrastructure is the first step for a successful cloud migration or application modernization. For example, the architecture is evaluated in terms of scalability and security, and non-functional requirements are considered.
The appropriate cloud platform should be chosen to meet the requirements of the application. Various factors such as existing programming languages and databases, scalability and security, internal company infrastructure and experience level of the development or operations team play a role.
A migration plan should be created that defines steps, expected costs, resource requirements, timeline and risks of migrating or modernizing the application to the cloud.
Once all requirements are met, the actual migration can begin. Depending on the requirements and the agreed process model, this is done step by step or holistically.
After migration or modernization, the application should be automatically monitored and optimized to ensure that it works optimally. Monitoring is designed to detect problems early to proactively prevent malfunctions. Optimization offers opportunities for cost reduction, e. g., through rightsizing or fine-tuning cloud-native services.
Targeted training program for the application team is important to ensure that the team has the necessary knowledge. A handover workshop can help cover important topics, while other workshops can provide an introduction to cloud-native development. The Public Cloud Group offers corresponding workshops here.
Pure hardware costs should not be the main factor in deciding whether or not to use the public cloud. There are benefits such as reduced management overhead, secure systems and flexibility/agility. A public cloud and cloud development enables rapid response to market changes and application requirements. With the right optimization, operating costs in the cloud can even be cheaper than in your own data center.
If we reduce the pure cost of running an application to the cost of hardware, then by all means. However, this approach falls short and should not be the main factor in deciding for or against the use of the public cloud. There are some benefits beyond just looking at hardware costs. These include:
By reducing the effort required to manage infrastructure, employees can focus more on generating added value for customers and thus on the core of their activities.
Almost every day there are new patches and updates for firmware and software used to host applications. If these are not kept up to date, security gaps arise that can make a system insecure and thus a security risk for the company, their (customer) data and thus also the company’s reputation. Avoiding this requires a lot of time and good management, which is handled by the hyperscaler when using the public cloud. The result is always secure and up-to-date systems.
Having built an application once and then running it forever is no longer enough today. The market is changing rapidly and the requirements for applications are also continuously evolving. For example, scaling applications depending on the number of users of the application. This is precisely the aspect for which the use of a public cloud is excellent. The large number of services and tools that can be used and scaled as needed within a very short period of time allows a company to react and use the full potential.
There are significantly more reasons to opt for a public cloud and cloud development than the pure cost consideration, but with proper optimization of the systems, they can additionally be cheaper than running the applications in your own data center.
A pure lift & shift (“all VMs to the cloud”) often results in higher costs, so modernizing the applications and adapting them to the advantages of the cloud is a frequently chosen, sensible and cost-saving path.
To ensure high availability and operational security of applications in the public cloud, some best practices should be followed. These include scalability, resilience, monitoring and logging, security and automation. Automation reduces errors and speeds recovery in the event of failures.
Ensuring the availability and operation of applications in the public cloud requires some specific measures to ensure that they always run smoothly and are highly available. Here are some best practices to keep in mind when deploying to the public cloud:
One of the main advantages of the public cloud and cloud development is its ability to scale. Scaling applications can ensure that they meet the increasing demands of growing user numbers. Automated scaling capabilities and automatic load balancing are easy to set up and manage in the public cloud, but depend on the architecture of the application and the infrastructure chosen.
The public cloud offers several options for resiliency, such as multi-zone deployments and multi-region deployments. Distributing applications across multiple zones or regions can ensure that it is still available if one area fails.
Continuous monitoring of the application is essential to minimize potential downtime. A central monitoring system makes it possible to detect faults, performance problems and other potential malfunctions.
To ensure high availability and operational reliability, security aspects such as data protection, network security, authentication and authorization must also be taken into account.
Automation
Automation of processes such as provisioning, scaling, and recovery of resources and applications reduces the likelihood of failures and speeds recovery should outages occur despite all measures.
Conveniently and easily download the whitepaper now, so you can enjoy the information anytime, anywhere.
Cloud development offers many ways to scale applications, including horizontal and vertical scaling, load balancing, container orchestration and serverless computing. Horizontal scaling involves adding new instances, while vertical scaling increases resources such as CPU and memory. Load balancers distribute traffic across multiple instances, container orchestration systems simplify application scaling and management, and serverless computing runs code without server management. The choice of the best scaling strategy depends on the specific requirements and architecture of the application.
The public cloud offers numerous options for increasing the scalability of applications and dynamically adapting resource consumption to requirements.
Some of the key scaling options in the public cloud include:
Horizontal scaling involves adding new instances of an application or infrastructure components to spread the load and increase performance. Cloud providers typically offer auto-scaling tools that automatically start or shut down new instances based on predefined rules and metrics, such as CPU utilization or number of requests.
Vertical scaling increases or decreases resources, such as CPU, memory, or I/O, for existing instances to improve performance and efficiency. This is especially useful for applications that are not easily scalable horizontally. In the public cloud, vertical scaling is often easy to do by adjusting the size of the instances.
Load balancers distribute traffic across multiple instances of an application or infrastructure components to ensure even load distribution and avoid bottlenecks. Elastic load balancers are available in the public cloud that scale dynamically to adapt to traffic and the number of instances backed up.
Containers provide lightweight virtualization and allow applications and their dependencies to run in isolated environments. Container orchestration systems like Kubernetes can simplify the scaling and management of applications in the public cloud by automatically adding or removing containers to balance load and increase availability.
Serverless computing, such as AWS Lambda, Google Cloud Functions, or Azure Functions, allows code to run without managing servers. These services scale automatically to meet application requirements and are typically billable on an event or request basis.
The public cloud offers a wide range of scaling options that make it possible to optimize application performance and availability while keeping costs under control. The choice of the best scaling strategy depends on the specific requirements and architecture of the application.
There are several ways to build knowledge on cloud and cloud development. One of the ways is the theoretical approach, where hyperscalers offer various structured learning content and certificates are awarded. The consulting approach offers lectures and training sessions conducted by consultants to delve deeper into specific topics. One practical approach is to use sandboxes provided by major cloud providers to try out their services. The joint “team” approach, where developers and consultants work together on the implementation of projects, offers a combination of theoretical and practical approach and enables a continuous exchange of knowledge.
There are several ways to build up knowledge in order to be able to develop applications in the cloud yourself:
Each hyperscaler offers different “learning paths”. These are structured learning contents compiled for specific target groups. They cover all the basic information needed to get started with cloud and also cloud development. To check whether the knowledge is available, certificates can be obtained. However, the purely theoretical approach usually falls short, as challenges arise in practice that cannot all be covered by training material.
Consultants are another way to gain knowledge on specific topics. Knowledge is imparted through lectures and training sessions, which can then be deepened with practical exercises and the support of the consultant. For the most part, however, this approach only covers a few topics in depth, which falls short in some cases for further development of the application.
For teams with a focus on trying things out on their own, the major cloud providers offer sandboxes. These are environments where interested parties can “play around” and try out the services. Predominantly, a certain number of credits is available to use the services over a period of time. During this time, the services can be tested and experience can be gained with them. However, due to the many different services, the purely practical approach can also lead to excessive demands on the teams.
In our opinion, the best approach is to combine theoretical principles with practice and implement a real project. Therefore, we often work together with the customer to implement their applications. Through this approach, which we refer to as “team leasing”, we ensure a continuous exchange of knowledge. On the one hand, this is relevant for us because we can understand the technical contexts of our customers more quickly and have a contact person for these topics.
On the other hand, the customer has the opportunity to benefit from our experience in cloud development and thus quickly build the necessary knowledge for further development already during the creation of the application. This approach can be varied depending on the project and team size. For example, we can integrate developers from our customers into existing teams that have product owners as team members in addition to developers. This allows topics from the field of agile project management to be taught in addition to the purely technical topics.
Download the whitepaper conveniently and easily now, so you can enjoy the information about Cloud Development anytime and anywhere.
