May I recommend this recent SDxCentral article by Roy Chua, Battle of the Multi-Clouds: SD-WANs, VPNs, and More, that highlights the many approaches that vendors are taking to address hybrid and multi-cloud networking?
He validates that cross-domain (hybrid-cloud, cross-cloud, cross-cluster, cross-VPC) is something that the whole industry recognizes.
In recent posts, we applauded the great leaps forward (part 1 and 2) presented by service mesh. Subsequently, we identified service mesh gaps for applications that cross domains, and outlined multiple use cases for crossing domains.
When you move from one domain to another, you cross into the territory of traditional configuration-based networking that requires specialized skills and knowledge of the underlying network element inventory, IP addresses, and authorization configuration in the target domains.
Why? Because you have to make sure the other domains don’t have overlapping IP address ranges, that flows have the permissions to pass through endpoint filters, subnet firewalls and VPN gateways, and that the right flows are routed only to the correct domain or series of domains.
This brings us to the question: how to retain the great leaps – that is, how to avoid having to insert legacy networking between domains without compromising security - for an application that crosses boundaries. Last week our CTO started sharing Bayware’s take on this question.
Why have even the relatively high-profile SD-WAN vendors turned their attention to this? Because, digital companies achieve leadership via the great applications they build. Application development and deployment drive digital agendas and organization structures alike. And applications increasingly cross cloud boundaries.
In subsequent posts, my colleagues at Bayware and I will start to evaluate the various solutions that Roy mentions relative to the retaining the benefits of the great leaps including application orientation.