Contact Us
SaaS Log InXRay Login
hybrid cloud

Application connectivity in a hybrid cloud

Nastel Technologies®
May 20, 2022

A successful hybrid cloud architecture is one that addresses how to build, deploy, manage and connect a hybrid mix of applications across a hybrid infrastructure environment. These applications will span multiple infrastructure footprints—across cloud providers and customer datacenters and multiple Kubernetes clusters, as well as systems that run on vendor management systems (VMSs), bare metal and edge environments.


The requirements for application connectivity bring together concepts and technologies that have previously been considered distinct. An ideal hybrid cloud networking solution must address traffic concerns in a unified way, managing the low-level global networking infrastructure and the higher-level application connectivity concerns. Kubernetes and Linux containers provide the foundation for connecting applications that run on that platform to end users, to other application services on the same platform, and to services that run outside of the platform.


But the requirements for more seamless application connectivity in a hybrid cloud environment go beyond that. Application connectivity requires service isolation, authorization, rate limiting and traffic policies that can be configured by the application developers to protect their application.


Building, deploying and managing applications is greatly simplified with Red Hat OpenShift, an enterprise Kubernetes platform. To scale this across clusters and multiple cloud providers, Red Hat Advanced Cluster Management for Kubernetes includes capabilities that unify multicluster management, provide policy-based governance and extend application life cycle management.


In this article, we look at how Red Hat OpenShift, Red Hat OpenShift Service Mesh and Red Hat OpenShift API Management can provide a comprehensive solution for connecting applications across hybrid cloud environments. As hybrid cloud platforms continue to evolve, there are opportunities to provide next-generation application connectivity capabilities for multicluster and multicloud application deployments.


Understanding application connectivity

Applications require connectivity. Whether you’re building a front-end application that gets used directly by end users via a user interface or application programming interface (API), or one of the multitude of back-end services that support those user-facing applications, it is important to provide more reliable connectivity throughout.


Key things to consider when considering application connectivity in a hybrid cloud environment include:

  • Connecting application services to users: How do you make your applications available to end users and manage access to those applications in a more secure fashion, while delivering a great user experience and meeting the needs of the business?
  • Connecting services to other services: How do you connect all of the back-end services that support your application and deliver higher levels for the security and performance of those connections, while dealing with increasingly distributed application environments?
  • Connecting and consuming third-party services: How do you connect your applications to services from leading third-party cloud service providers, without limiting where your application can run or restricting innovation to a single provider?


Addressing these questions is key to delivering a great application experience.


Connectivity requires more than Kubernetes

While Kubernetes provides a platform for orchestrating and managing cloud-native applications, application connectivity requires additional capabilities.


Connecting Kubernetes applications to end users

In a Kubernetes cloud-native environment, the notion of an “application” is loosely defined.  Applications may consist of one or more Kubernetes services, where each service is a proxy that fronts one or more pods running application instances in containers. Regardless of how many pods or services make up your application, ultimately you want to help users access that application.


Kubernetes Ingress exposes routes from outside the cluster to services within the cluster, supporting a north-south traffic pattern. Ingress integrates with your domain name system (DNS) to give services externally-reachable URLs, to load balance traffic, to terminate secure sockets layer/transport layer security (SSL/TLS), and to offer name-based virtual hosting. Red Hat OpenShift supports standard Kubernetes Ingress load balancing as well as Red Hat OpenShift Routes, which was an earlier implementation of the same concept.


In addition to network-layer accessibility of an application endpoint, clients also require an application-layer contract in the form of an API. This API contract needs to be discoverable by clients outside the Kubernetes cluster and to support self-service registration for authorized access and greater security functionality via OpenID Connect and OAuth.


When application APIs are part of a customer-facing product, detailed usage analytics and monetization are vital to measure business impact and charge for consumption. Red Hat OpenShift API Management, powered by Red Hat 3scale API Management, provides these capabilities as both a managed service offering and on-premise software solution.


Connecting Kubernetes services to other Kubernetes services

Typically a front-end application is a service deployed on Kubernetes and exposed to end users via Ingress. That front-end service typically needs to connect to other services running on Kubernetes—often to many of them—to do anything useful. While Kubernetes services help you connect to those pods and Kubernetes manages the health of pod instances, you will need more than Kubernetes to have reliable application interactions.


Every Kubernetes cluster will require a networking solution to manage the actual connectivity of services in this east-west traffic pattern. The Kubernetes Container Networking Interface (CNI) allows users to connect their choice of software-defined networking (SDN) options. Red Hat OpenShift includes a default Red Hat OpenShift SDN, while also helping users to take advantage of third-party certified SDN options.


But in a distributed microservices-based application architecture, developers and operations teams will often need to go further to enhance the security posture of service-to-service communications, diagnose issues and manage the rollout of new services. Red Hat OpenShift Service Mesh provides a uniform way to connect, manage and observe microservices-based applications.


This article originally appeared on, to read the full article, click here.

Nastel Technologies is the global leader in Integration Infrastructure Management (i2M). It helps companies achieve flawless delivery of digital services powered by integration infrastructure by delivering tools for Middleware Management, Monitoring, Tracking, and Analytics to detect anomalies, accelerate decisions, and enable customers to constantly innovate, to answer business-centric questions, and provide actionable guidance for decision-makers. It is particularly focused on IBM MQ, Apache Kafka, Solace, TIBCO EMS, ACE/IIB and also supports RabbitMQ, ActiveMQ, Blockchain, IOT, DataPower, MFT, IBM Cloud Pak for Integration and many more.


The Nastel i2M Platform provides:


Write a comment
Leave a Reply
Your email address will not be published. Required fields are marked *
Comment * This field is required!
First name * This field is required!
Email * Please, enter valid email address!

Schedule your Meeting


Schedule your Meeting


Schedule a Meeting to Learn More