Kubernetes and VictoriaMetrics in Mist v4.6

Christos Psaltis profile pic

We are happy to announce the release of Mist Cloud Management Platform v4.6!

Mist v4.6 introduces first class support for Kubernetes and Red Hat OpenShift clusters. There is also initial support, available only from Mist's API, for managed clusters in Google Cloud (GKE) and AWS (EKS).

Kubernetes in Mist's web UI
Kubernetes nodes, pods and containers in Mist's web UI

On the monitoring side, Mist v4.6 brings integration with VictoriaMetrics. You can now choose to store your metrics either there or in InfluxDB.

In the web UI, the biggest addition is a tree view. This is ideal for visualizing machines with some hierarchical relationship, e.g. Kubernetes nodes > pods > containers.

Finally, there are several updates to supported clouds. The biggest addition is support for VEXXHOST, a public cloud with a 100% OpenStack compatible API.

Kubernetes support

Mist v4.6 Kubernetes support matrix

The biggest new feature in Mist v4.6 is the introduction of first class support for Kubernetes clusters. You can now view your nodes, pods and containers across any number of Kubernetes and OpenShift clusters. In preview mode, and only from Mist's API, you can do the same with managed clusters in Google Cloud (GKE) and AWS (EKS).

Our work on this front has just started and future releases will bring additional features and supported flavors. Our end goal is to give you a unified control panel for cloud native, virtualized and bare metal infrastructure.

To get started with Kubernetes in Mist, check out our docs.

VictoriaMetrics integration

VictoriaMetrics logo

Another major new feature in Mist v4.6 is the integration with VictoriaMetrics. VictoriaMetrics is an open source time series database which is ideal for high performance scenarios. It is easy to scale horizontally, clusters are included in the open source version, and runs nicely in Kubernetes clusters thanks to an operator.

Mist's existing integration with InfluxDB is still the default. VictoriaMetrics is just an additional option. Our objective is to give you the freedom to choose the right tool for the job.

To try out VictoriaMetrics, in a fresh Mist installation, edit your settings.py and set DEFAULT_MONITORING_METHOD = "telegraf-victoriametrics". Then restart Mist with docker-compose restart.

Tree view

With the introduction of Kubernetes support we felt that flat listings of machines in the web UI were not enough. Mist v4.6 includes a tree view to better visualize hierarchical relationships between machines, e.g. Kubernetes nodes > pods > containers.

Changes in supported clouds

First of all, Mist v4.6 brings brand new support for VEXXHOST. VEXXHOST provides OpenStack-based public and private cloud solutions. Their APIs are 100% compatible with the community version of OpenStack. This proved extremely helpful for our testing. We can now run our OpenStack test suite using our account on VEXXHOST's public cloud and don't have to maintain additional environments.

The second biggest update is support for Vultr's API v2. We contributed all the relevant work to the latest version of Apache Libcloud.

In terms of minor updates:

  • In OpenStack, you can choose a security group during the machine creation step.
  • In Alibaba Cloud, there is now support for networks.

Behind the scenes

Mist schedules and runs a lot of asynchronous tasks in the background, e.g. polls clouds for changes in your inventory, performs long running operations etc. Over time, this critical part of our stack has gone through several iterations to ensure maximum performance and stability.

In Mist v4.6 we are replacing Celery with Dramatiq and Celery Beat with APScheduler. Although these changes are deep in the core of Mist, you will notice faster response times and more linear performance, especially when managing large fleets of infrastructure.

Finally, Mist v4.6 includes our latest work on Mist's API v2. You can check out the docs here. Our new CLI which leverages API v2 is also moving forward. You can get its latest version from Github. Some features are still missing both from the CLI and API v2 but they are rather stable and ready to use. Their stable versions will be out with the next Mist release.

Conclusion

We are very excited about Mist v4.6 and the major new features it brings, specifically Kubernetes support and VictoriaMetrics integration. We hope you enjoy it as well!

For a quick demo of the Mist platform, you can book a call with me.

If you'd like to try it out for yourselves, sign up for a Mist Hosted Service account and begin your 14-day free trial.

Community Edition users can get the latest version from Mist's GitHub repository.

How to improve your multicloud, self-service workflows with Mist

Christos Psaltis profile pic

Woman using self-service machine

One of the best ways to increase your team's velocity is to provide self-service workflows for any infrastructure required during development, QA, and testing. Everyone should be able to come in, get the resources they need, and proceed with the work at hand in just a few seconds. The simpler the process, the bigger the productivity gain.

Unfortunately, this is easier said than done. In many cases, providing a streamlined experience for developers puts a lot of burden on the shoulders of DevOps and Platform teams. Especially in organizations with multicloud setups, the situation can quickly get out of hand.

Who has control over which resources? How do we avoid breaking the bank when people spin up instances all over the place and then forget them running? How do we simplify the provisioning process so developers don't have to deal with an endless amount of configuration options and ops don't have to deal with supporting them?

In this post, I will go over how Mist can help you address such issues in a quick and easy way. In summary, it all comes down to Mist role-based access controls (RBAC) and constraints. You can think of Mist's RBAC as a cross-cloud IAM service. Each team can have its own set of rules that apply across your entire inventory with just a few clicks.

On top of RBAC, you can then set up advanced policies by combining four types of constraints:

  • Cost constraints allow you to impose cost quotas. They help you stay οn budget and avoid unpleasant surprises in your cloud bills.
  • Expiration constraints allow you to enforce machine leases and take action automatically, shutting down and/or destroying machines, after the lease period has lapsed. Expiration constraints help you reduce machine sprawl and avoid long forgotten VMs running in vain for months.
  • Size constraints give you control over the amount of resources a new or resized machine can have. Size constraints help you avoid a fleet of unnecessary XL instances in AWS or a KVM host with all its resources dedicated to a single VM.
  • Field constraints let you hide and/or suggest reasonable defaults for all provisioning options. Field constraints help you simplify the machine provisioning process for your end users.

Please keep in mind that Mist RBAC and constraints are available only in Mist Hosted Service (HS) and Mist Enterprise Edition (EE).

The easiest way to get started is to sign up for a 14-day free trial of Mist HS. Alternatively, you can book a call for a 30 minute demo.

Multicloud RBAC

Mist's RBAC enables the management of user permissions across infrastructure; public and private clouds, containers, hypervisors, and bare metal servers. Each organization can have any number of teams, each with different access policies.

RBAC policy example
RBAC policy example

For example, let's assume that you are running infrastructure on AWS Frankfurt region and DigitalOcean. You can enforce the following policy for your Dev team:

  • Read-only access to AWS Frankfurt.
  • Full access to DigitalOcean.
  • Full access to all machines tagged as "dev" on AWS Frankfurt AND DigitalOcean.
  • When a member of the team creates a new machine, it will be automatically tagged with the "dev" tag.

For more details you can check out RBAC's documentation.

Cost constraints

Cost constraints, or cost quotas, help you stay within budget and avoid unpleasant surprises in your cloud bills.

Mist supports cost quotas per team and organization. Quotas are checked when users attempt to create, start or resize machines. Mist will compare the current run rate with the relevant quota. The requested action will be allowed only if the run rate is below the quota.

Cost constraints example
Cost constraints example

For example, with cost constraints you can implement the following policy:

  • The Dev team must spend less than $500 per month on machines.
  • The total run rate of all machines in the organization must be less than $2,000 per month.

For more details you can check out our docs on cost constraints.

Expiration constraints

Expiration constraints, or machine leases, help you reduce machine sprawl and avoid long forgotten VMs running in vain for months.

Mist can automatically turn off or destroy machines when their expiration period lapses. Before this action happens, it can also notify relevant team members over email so they have the chance to take action.

Expiration constraints example
Expiration constraints example

For example, with expiration constraints you can implement the following policy:

  • Machines created by members of the Dev team must be set to expire in less than 30 days.
  • By default, machines will expire in 7 days.
  • When a machine expires, Mist will automatically destroy or stop it.
  • The default action will be to automatically destroy the machine.
  • The owner of the machine will receive an email notification 1 day before the machine expires.

For more details you can check out our docs on expiration constraints.

Size constraints

Size constraints help you control the amount of resources a new or resized machine can have. This way, you won't end up with a fleet of unnecessary XL instances in AWS or a KVM host with all its resources dedicated to a single VM.

Some clouds allow you to choose the size of your machine from a list of predefined sizes. Others, allow you to completely customize the amount of CPU cores, RAM and disk a machine has. Mist's size constraints can be applied on both types of clouds.

Size constraints example
Size constraints example

For example, let's assume that your RBAC policy allows members of your Dev team to create machines only in AWS Oregon and Linode. You can apply the following size constraints:

  • In AWS Oregon, team members will be able to use only t3-small and t3-medium sizes.
  • In Linode, team members will be able to use any size except the very big Dedicated 512GB.

For more details you can check out our docs on size constraints.

Field constraints

With constraints on fields you can hide and/or suggest reasonable defaults for all provisioning options. This helps you simplify the machine provisioning process for your end users.

Below is Mist's default create machine web form for DigitalOcean. As you will notice, you need to provide several details. Some are optional and some are required. The required fields are noted with an asterisk (*).

Default machine create form
Default machine creation form

With field constraints you can e.g.:

  • Hide all optional fields to simplify provisioning.
  • Allow only the use of an Ubuntu 21.04 x86 image.
  • Hide the image field since there will be no other options available.
Machine create form after applying filed constraints
Simplified machine creation form after applying field constraints

For more details you can check out our field constraints docs.

Conclusion

Self-service workflows in multicloud setups should not be a pain. In this post, I went over how Mist can help you implement a number of complicated scenarios in a quick and efficient way.

We will be happy to assist with setting up your own policies and answer any questions you might have. Reach out to support@mist.io or book a call via calendly.

Are You Multicloud? Understanding "Island" and "Russian doll" deployments

Christos Psaltis profile pic

Originally published at The New Stack

Russian dolls

Unfortunately, multicloud is a poorly defined term in the industry. There are some use cases that are unambiguously multicloud setups - for example, running simultaneously in Amazon Web Services, Google Cloud Platform and Azure. But there are also many gray areas - where is the line between multicloud and hybrid cloud? What are the functional differences between the two?

At Mist.io, when we think about multicloud and the complexity it brings to deployments we don't actually think in terms of number of vendors or public cloud providers but rather our ability to manage the entire deployment with a single API and get a global view of the deployment in one place. This means that an organization could be having a multicloud-like experience even on just one cloud provider.

There are two deployment patterns we see, one that we call "island" deployments and the other "Russian doll" deployments, both of which behave very much like multicloud even if there is only one cloud provider involved. Both patterns involve deployments on a single cloud that nonetheless require separate management and end up having many of the same complexities as operating in multiple public cloud providers. Most users with an island deployment or Russian doll deployment would almost certainly not say that they were using multicloud, and yet they have to deal with many of the same issues that someone in multiple public cloud environments would.

Here's more about the two deployment patterns, why organizations use them and the complexities they create.

"Island" deployments

Many organizations segment their workloads to such an extent that they are essentially different clouds. The API calls might be the same, but there are different accounts, different use cases, different people connecting to each cloud and running different types of workloads.

If you have three completely independent Kubernetes clusters, one for production, one for staging and one for development, are you in multiple clouds or a single cloud?

In another example, OpenStack users rarely upgrade old deployments, and as a result, end up using multiple versions of OpenStack. When you consider that they might have production, staging and dev environments for each version of OpenStack, the number of OpenStack installations can easily get into the double digits. Is that still a single cloud?

Each AWS region has its own regional API endpoint, and you can't manage all of your resources across different AWS regions in a single API call. So are you multicloud if you have multiple AWS regions?

While these scenarios don't meet the usual definition of "multicloud", they present many of the same challenges, like lacking central management and visibility capabilities. If you have this "island" approach, you might not be technically multicloud, but your actual experience of managing your cloud environment(s) will be more similar to a multicloud approach than to a single cloud environment.

"Russian doll" deployments

This is more frequently seen in bare metal clouds, but can apply to any public cloud that allows nested virtualization. For example, I could create some AWS instances and then install OpenStack on top of those instances. At Mist.io, we're doing something like this with Equinix Metal. We get bare metal from Equinix, then install VMWare vSphere on top of that, then OpenStack and then Kubernetes. We need all of these environments so we can test our integrations, and we use this environment for our testing and QA.

So is this one cloud? Or four? We have only one vendor, but there are a lot of environments on top of what that vendor is providing. Just because everything depends on the bare metal doesn't mean that I can control all of the environments from a single API endpoint.

Most people who have an "island" or "Russian doll" deployment would say they aren't in multiple clouds. But that doesn't take into account how complicated these types of set-ups can be, and how much they resemble the situation when working with multiple cloud environments. There are similar challenges related to cross-environment visibility, management and control.

When discussing the challenges and complexities around operating in multiple cloud environments, it's important to remember that some application architectures, even in a single cloud, present many of the same issues as a true multicloud deployment. This is one of the reasons the best way to think about multicloud is not as a yes/no binary but as a spectrum, with some architectures being "pure' single cloud, some being clearly multicloud and many falling in a gray area in between. Doing so will help organizations not just be more successful with true multicloud deployments but also with their deployments on a single cloud that are nested and/or highly segmented.

Mist on the DigitalOcean Marketplace

DigitalOcean logo

We are happy to announce that Mist is now available on the DigitalOcean Marketplace. You can spin up our open source Community Edition and begin managing your multicloud infrastructure in just a few minutes!

Follow the instructions below to get started.

Instructions

  1. Go to Mist's marketplace listing and click on Create Mist Droplet.

  2. Fill in the options required. We recommend a Droplet with at least 4 vCPUs and 8GB of RAM. Provisioning will take a few minutes. In the meantime, you can check out a video demo of Mist.

  3. Once the Droplet is running, connect to it over SSH with ssh root@your_droplet_public_ipv4.

  4. Go to the Mist folder with cd /mist and check if all Mist containers are up. This normally happens a couple of minutes after boot. You can check the status with docker-compose ps.

  5. Once all containers are up, run docker-compose exec api sh. This will drop you in the shell of a Mist container.

  6. In the shell, add an admin user with ./bin/adduser --admin myEmail@example.com. This will prompt you to enter a password.

  7. Everything is now ready. Visit http://your_droplet_public_ipv4:80 and login with the email and password you specified above.

  8. Once you log in to Mist, click on the Add your Clouds button, select DigitalOcean from the list of supported providers. You will need to provide your DigitalOcean API token and then click Add cloud. If you do not have an API token, read here how you can create one.

You are all set!

Your DigitalOcean cloud has been added and your resources will be auto-discovered by Mist in a few seconds.

You can repeat step (8) above to add more DigitalOcean accounts to Mist. You can also add any number of other clouds you are managing by following the relevant instructions. Mist supports more than twenty public and private clouds, hypervisors, container hosts and even bare metals.

Mist dashboard with DigitalOcean cloud added
Mist dashboard with DigitalOcean cloud added

Please note that new users will not be able to create an account through Mist's sign up form. We turn this off for security reasons. If you would like to enable it, edit ./settings/settings.py and set ALLOW_SIGNUP_EMAIL = True. Then, restart Mist with docker-compose restart.

In some cases, such as user registration, forgotten passwords, user invitations etc, Mist needs to send emails. By default, Mist is configured to use a mock mailer. For more information about mail mock and how to set up Mist with your existing email server, check out our docs.

If you would like to use a custom domain for your Mist installation, you will need to update Mist's CORE_URI.

Finally, it is strongly recommended to enable TLS.

We would love to hear your feedback at support@mist.io or on Github.

Object storage and enhanced multicloud governance in Mist v4.5

Dimitris Moraitis profile pic

We are happy to announce the release of Mist Cloud Management Platform v4.5!

First of all, Mist v4.5 introduces support for object storage. Also, it enhances your multicloud governance thanks to new ways of controlling who provisions what. Finally, this release includes support for Ansible v2 playbooks and a pleasant surprise for Kubernetes users.

AWS S3 bucket in Mist
An AWS S3 bucket in Mist

For a glimpse into the future of Mist, you can check out the docs for the upcoming version 2 of our RESTful API. You can also install and try out the Mist CLI. Both of these are under heavy development and not feature complete yet. They will be ready later this summer with the release of Mist v5. In the meantime, we would love to hear your thoughts and comments at support@mist.io.

Object storage support

Our first iteration includes a read-only view of AWS S3 and OpenStack Swift buckets. Future releases will extend support to more clouds and add more functionality. Our end goal is to help you manage all your buckets, across clouds, from a single point.

This feature is not enabled by default. To enable it, go to the relevant cloud page and toggle the Object Storage switch. In a few moments, Mist will auto-discover your buckets in that cloud.

Enabling object storage support
Enabling object storage support

The largest portion of this feature was contributed by active community members. A special thank you to Sergey, Vova and Denis!

Enhanced multicloud governance

Mist gives you fine-grained control over provisioning and lifecyle policies across more than 20 infrastructure platforms. This is done through Mist's RBAC and constraints.

For example, Mist admins can specify that team A will be able to create new machines only in AWS US-East, will have a quota of $1,000/month and machines will expire and auto-shutdown three days after launch.

In Mist 4.5 we add two new types of constraints:

  • Allowed and Disallowed machine sizes. Allowed sizes become the only available options for your team members. If you just want to exclude some, mark them as disallowed.
  • You can also control which fields of the machine provisioning form are visible and their default values. This helps limit available options and simplify the provisioning process for your end users.

To configure constraints, your only option until recently was JSON. Mist v4.5 keeps the JSON interface but also adds a more user-friendly web form.

Add constraint form
Mist's add constraint form

For more details on constraints, check out our documentation.

Ansible v2

Mist v4.5 includes an Ansible upgrade and a relevant architectural change. You can now upload and execute Ansible v2 playbooks from Mist's script section. Playbook execution is done from a short-lived container, created on the fly for this purpose. This adds another layer of isolation and increases the overall security of the platform.

Other updates

In terms of other changes and updates:

  • Helm chart for installing Mist in a Kubernetes cluster. Mist Community Edition can be installed in Kubernetes clusters for some time now but the process was lacking and was not documented. In Mist v4.5, we adapted the Helm chart of our Enterprise Edition and you can now use it as seen in our docs on Github.
  • Configurable portal name in automated emails. In several occasions, Mist sends automated emails e.g. for notifications, rule triggers etc. By changing the PORTAL_NAME parameter in your settings.py all automated emails will mention the portal name you chose. This is available only in Mist Community and Enterprise editions.
  • Email notification when creating an API token. When you create a new Mist API token, Mist will send an automated email notification to the relevant user's address. This is meant as an additional security precaution.

Conclusion

Mist v4.5 brings object storage support, more fine-grained provisioning policies, support for Ansible v2 playbooks, and several minor features and enhancements. We hope you enjoy it!

For a guided tour of the Mist platform, please reach out to demo@mist.io.

If you'd like to try it out for yourselves, sign up for a Mist Hosted Service account and begin your 14-day free trial.

Community Edition users can get the latest version from Mist's GitHub repository.

Running an open source multicloud with Ubuntu, LXD, and Mist

Christos Psaltis profile pic

Originally published on the Ubuntu blog.

Mist and ubuntu logos
Image source

One of the advantages that Ubuntu brings to the cloud equation is improving an organization's ability to run in multiple clouds. Running containers on top of Ubuntu further increases portability. Mist is an open-source multicloud management platform that helps teams centrally manage and control their Ubuntu instances across many different cloud environments and/or bare metal. This removes some of the operational and financial barriers to running applications in multiple clouds.

One recent example of how Mist works with Ubuntu came from a customer who runs a WordPress hosting service in Europe. This company is extremely security conscious and wanted a completely open-source stack. They run in multiple public clouds as well as on bare metal, and completely isolate their customers' workloads.

This customer was already using Ubuntu and LXD, both chosen for their baked-in security and robustness, and both open-source. LXD is a container and VM management tool that allows users to create, run, and maintain containers as if they were VMs, and VMs as if they were their own cloud. LXD uses pre-made images available for a range of Linux distributions and is built around a powerful, but simple, REST API. A good tool for orchestration of 'single-cloud' virtual environments.

However, the customer still needed to have visibility and control over the entire stack, from LXD down to the cloud environment, and they needed a way to centrally manage all of their deployments in different clouds. For both general monitoring as well as to make changes around access control if someone joined the team, was reassigned, or left.

They adopted Mist to get a unified view of their entire setup and to be able to centrally control certain aspects of their deployments. Here are some of the things that Ubuntu users get by layering Mist on top:

Spin up Ubuntu instances anywhere, from one dashboard. Instead of having to toggle between environments to spin up Ubuntu instances in different public and private clouds, you can spin new instances up from a single dashboard.

Mist create vm

Centrally control role-based access (RBAC) for your entire setup. Many organizations, like the customer noted above, choose an all open source stack for security and privacy reasons. Privacy and legal compliance can also be a reason organizations need to operate in more than one cloud environment. With Mist, it's easy to control RBAC for the entire suite of servers from one place, decreasing the likelihood of errors and the accompanying security exposure.

Mist control role-based access

Automatically set up workflows from one dashboard. Instead of managing workflows separately for each cloud environment, the organization can automate workflow creation and operation in a way that is cloud agnostic. This gives developers a standard, repeatable process to follow regardless of cloud environment and reduces the likelihood of errors.

Mist script

Optimize cloud costs. Operating in more than one cloud can get very expensive. Mist helps companies track, understand and control their cloud spend across multiple providers, so that multicloud doesn't become a major business liability.

Mist cost analytics

The customer discussed above adopted containers and LXD specifically for portability and the ability to run in multiple cloud environments. Combining Ubuntu, LXD, and Mist to centrally manage these environments enabled this company to take advantage of the portability that containers offer, while controlling their cloud costs. Mist makes running in multiple clouds practical, so companies can run in multiple environments without running up huge bills or spending too much engineering time on cloud management.

How to know if you need multicloud - and succeed if you do

Christos Psaltis profile pic

Originally published at DevOps.com

Abstract cloud

There are many good reasons for running in multiple clouds, as well as times when multicloud environments are unavoidable due to organizational history or legal reasons. However, operating in multiple clouds adds complexity, increases operational overhead and can become expensive. Organizations should only pursue it when they have clear business reasons for doing so.

In this article, I'm going to cover some common situations when organizations can get value out of multicloud as well as strategies for success. Because multicloud is hard, the first question organizations should ask themselves is, "Do we really need multicloud?". So, the first order of business is to outline when technology leaders are better off avoiding multicloud altogether.

When multicloud is a bad idea

A single application and its data should never span multiple clouds, if it can be avoided. Here are some common reasons organizations adopt a multicloud approach when they would be better off avoiding it.

Short-term bursting (in hybrid cases). "I'll just tap into a public cloud if my private cloud suddenly needs extra capacity."

Disaster recovery. "Let's run this application on AWS and Google in case one of them disappears overnight."

Staying cloud-agnostic. "By running on multiple clouds, we are no longer locked in."

In all the cases above, network latency and egress cost will hurt your application and your business. In the best-case scenario, you will spend a lot of time and effort prematurely optimizing for unlikely scenarios.

Unless you're perfectly prepared, please, don't go there.

When multicloud is a necessary evil

There are also plenty of times when multicloud is a drag on the engineering organization and a drag on the business - but can't be avoided. Here are totally legitimate reasons to have a multicloud setup that will still require more effort to maintain than operating in a single cloud.

Mergers and acquisitions. Some organizations can end up operating in public clouds and private clouds as they acquire other companies. The effort required to migrate everything to one cloud provider often isn't worth it, so everyone continues using the same cloud they used pre-acquisition.

Legal. Depending on the type of data you gather and the jurisdictions you operate in, you may have to worry about where your cloud provider has regions available. There will be times when you need a data center in multiple jurisdictions; none of the cloud providers are in all of them. In those cases, you don't have much choice, you need to be multicloud.

If you need to use multiple cloud providers, either for legal reasons or because of mergers, it's best to focus on making multicloud management as painless as possible - while still accepting that it will not be as smooth an experience as running all workloads in a single cloud.

When multicloud is a solid strategic move

There are also some very good reasons to adopt a multicloud approach on purpose. For example:

Facilitating engineering speed. Engineering speed is paramount. Companies who focus on using multicloud to become cloud-agnostic and avoid lock-in often sacrifice development velocity, but if the organization instead uses multicloud to allow everyone on the team to use the tools and environment they are most comfortable with, it can increase velocity.

Best-of-breed tooling. The cloud providers' offerings are not totally identical. Multicloud can let organizations use the best tools from each cloud provider; for example, machine learning technology from Google, compute from AWS and business intelligence from Azure.

Better customer experience. Especially if latency is a big concern, a multicloud approach can help organizations get physically closer to users, providing a better customer experience.

There is a common thread here: When evaluating whether or not you have a legitimate need for multicloud, the key question is whether you will be fulfilling a psychological need, a theoretical need (in other words, something that you do not actually need at this moment but might at some future date) or a concrete legal or technical need that you can easily describe. If there are no concrete legal, technical or business reasons for pursuing multicloud, don't. There are costs to pursuing multicloud, so organizations that won't actually reap benefits from it shouldn't attempt it.

How to succeed

Multicloud is hard. Here's how to increase your chances of success so you can get the business benefits of better tooling or better customer experiences from your multicloud deployments.

Use a cloud management platform. Getting a single pane of glass for all your deployments is critical to managing multiple clouds without pulling your hair out. This abstraction, however, comes at the cost of supporting very deep and cloud provider-specific use cases, for example, using obscure service X.

Standardize workflows with Terraform and Ansible. You need to have processes that are as repeatable and predictable as possible. Even with standardized workflows, you still have to adjust for each environment, but the more standardization the better.

Use Kubernetes. Kubernetes lets you abstract the infrastructure layer and move workloads around more easily, even across clouds. The caveat here is that you have to adopt microservices and deal with the increased complexity of managing Kubernetes and its underlying infrastructure.

Each of the above approaches has its merits and flaws. They are not mutually exclusive, and you should not treat them like they are. Be prepared to mix and match depending on your needs.

Weigh the costs and benefits

Sometimes companies are not realistic about their technical capacity or what their needs are. They want the ability to do the latest thing they read about without thinking about whether or not that technology or approach will provide business benefits.

Multicloud adds a huge amount of complexity to your deployment. If multicloud truly is essential, however, use tools and platforms that hide that complexity from users and can simplify the management process.

Get started with CloudSigma in Mist

CloudSigma logo

Our recent Mist v4.4 release includes a brand new integration with CloudSigma. The goal is to help CloudSigma users manage their multicloud and hybrid setups from a single pane of glass. Even if you use only CloudSigma, you can still get value. You can connect multiple accounts across regions to Mist and manage them centrally.

Specifically for CloudSigma, with Mist you can:

  • Get a list of your VMs. Listings include all metadata information, e.g. public & private IPs, runtime information, attached drives etc.
  • Start, stop, reboot and delete VMs.
  • Create new VMs.
  • List, create and destroy volumes.
  • Attach volumes to VMs and detach them.

You can also leverage features that are common to all our supported clouds, e.g. tags, ownership metadata, expiration dates, cost quotas, role-based access controls, shell, scripts, orchestration, monitoring, rules, audit logs etc.

How to connect CloudSigma to Mist

Mist add CloudSigma cloud form
Adding a CloudSigma cloud to Mist

You can connect CloudSigma to Mist in five simple steps:

  1. Log in Mist.
  2. Go to Mist's add cloud form at https://mist.io/clouds/+add and click the CloudSigma logo.
  3. Type a name for your cloud, and put your CloudSigma username and password in the respective fields.
  4. Choose your region from the dropdown menu.
  5. Click the ADD CLOUD button.

In a few seconds, Mist will auto-discover the resources in your account and will show you a cost estimate for them. You are ready to go!

Try it yourself

The easiest way to try this is by signing up for a Mist Hosted Service account. All new users get a 14-day free trial.

If you are interested in our open source Community Edition, you can get the latest version from Mist's GitHub repository.

For a guided tour of the entire Mist platform, please reach out to demo@mist.io.

The True Meaning of "Open Cloud"

Christos Psaltis profile pic

Originally published at The New Stack.

Mountains and clouds

What exactly does open mean when it's applied to the cloud? In the modern software engineering world, there's a tendency to value "openness" over all else, and sometimes we act as if the "open" in open source can be just as easily applied to other parts of the engineering stack.

But open source and open clouds are totally different concepts, even if they both contain the word "open." Even if a cloud provider claims to have an open cloud, it should be obvious to everyone that the cloud infrastructure is not maintained by a global community of volunteers who do not monetize their efforts.

Cloud "openness" is often misunderstood, sometimes because companies intentionally mislead us about what is and is not open, sometimes because as an industry we try to oversimplify very complex offerings and technology. Word choice hurts us, too. The linguistic similarities with "open source", and the fact that "open" and "closed" are usually presented as binary options rather than a spectrum, make it easier to misconstrue the realities of an "open" cloud.

Oversimplifying and/or misunderstanding what openness really means in the context of a cloud environment can lead organizations to make poor decisions about technology choices, leading to wasted time and wasted money. Here's what organizations should consider when they think about how to evaluate how open a cloud is - and whether or not that even matters.

"Open" is a spectrum

The openness of any platform, cloud or service is a measure of how locked in customers are, which itself is little more than a calculation of how much it would cost, in terms of time, money and headache, to migrate off of the platform or cloud.

Cloud providers might talk about being "open", but there are no completely open clouds. After all, while talking about how open their clouds are, all the cloud providers charge for egress traffic.

This can't be just about their own cost of maintaining the underlying technology: ingress traffic is free. If the dedication to a truly open cloud were real, moving out would be just as free as moving in.

One of the problems with the term "open cloud" is that it encourages people to think of "openness" as a binary: either a cloud is open or it is closed. But openness is a spectrum, not a binary. The extremes of completely open or completely closed don't exist: Migration costs are never zero. It is also never impossible to migrate off a cloud or platform, though it can be extremely expensive.

What factors make a cloud more or less open

So how do we evaluate where on the openness spectrum a particular cloud is? The most open of open clouds will always have the following characteristics:

  • Built on open source
  • Facilitate data openness, including having tools that make it easier to access, process and move data
  • Use open APIs, use standard interfaces and adopt open standards.

However, even a cloud that meets all of those requirements is not fully "open", in other words, the cost of migrating off that cloud would not be zero. Here are the factors that organizations should evaluate to see where a particular cloud or other platform falls on the openness spectrum:

How much glue is holding the open source components together? Just because a cloud is based on open source does not mean that creating the same experience or functionality elsewhere is easy. There are always custom, proprietary scripts holding everything together and making the open source software easier to use and more reliable. The more proprietary glue the less open the cloud.

Data portability. Data has gravity. Moving data can be both time-consuming and costly. How easy it is to move data out of a cloud environment is one of the most important factors when determining how open the cloud is.

Additional services. All of the cloud providers offer all kinds of add-on services, from secrets management to monitoring and logging. Each service you use increases your lock-in, making it harder for you to migrate elsewhere. The more proprietary services you use, the less open the cloud is. Some services will be more open than others, and it's useful to evaluate openness not just of the entire cloud provider but also of each individual service the organization uses.

What skills are required? Lastly, there is a skills component to cloud openness. Not all organizations have highly skilled engineering teams. The more sophisticated your team, the easier it would be to move away from any particular cloud and the less reliant the organization is on managed services.

Making better choices

When organizations buy into the idea of a binary open/closed cloud, they are skipping over all the details about what makes a cloud more or less open, and ultimately failing to thoroughly evaluate what is and is not important for their organization. Good decision making always requires a complete understanding of both the available options as well as the organization's strengths, weaknesses and priorities.

It would be a mistake to assume that the more open a cloud is the better. For many - probably most - organizations, worrying about cloud lock-in is a distraction that can prevent the engineering team from taking advantage of the cloud's agility, speed and cost savings. Sure, a few companies might derive a competitive advantage from infrastructure management, but they are rare. In most cases, organizations who insist on making their cloud environment as open as possible find themselves spending valuable engineering time managing open source software and rolling their own services that could be purchased off-the-shelf from the cloud provider.

Instead of thinking about whether or not a cloud is open, an engineering leader should evaluate your organization's priorities: Where is openness important? Where is it not? How well do the services you consume from your cloud provider fit with your organization's priorities? That will give you a better place to start when evaluating which cloud provider has the right balance of open source, proprietary programs, out-of-the-box services and barriers to migrating away and ultimately lead to better cloud-related business decisions.

Mist joins the Cloud Native Landscape by CNCF

Dimitris Moraitis profile pic

Mist has joined the Cloud Native Landscape by CNCF. You can find us under the Provisioning, Automation & Configuration section.

The Cloud Native Landscape by CNCF
The Cloud Native Landscape by CNCF

The Landscape visualizes the cloud native space. Although it is hard to accurately map such a complicated ecosystem, this curated list can help newcomers and veterans alike. Veterans can use it to discover tools that they did not know yet. Newcomers can quickly drill down to their area of interest and begin their exploration from there.

To learn more about the Landscape and how to navigate it, we propose you begin from this post by Catherine Paganini in the The New Stack. This is the first in a series of articles that drill down into the details of each Landscape layer.

If you would like to see firsthand how Mist can help with your cloud native needs:

Load more