How Organizations Are Thinking About Multi-Cloud Networking

The inaugural HashiCorp State of Cloud Strategy Survey explored the specific challenges related to the core workflows of the cloud-adoption journey: provisioning, security, application deployment, and networking. In this post, we’ll take a closer look at some of the networking-specific insights revealed in our survey of 3,200+ practitioners and decision makers from the HashiCorp opt-in contact database. It turns out that service mesh — and service mesh as a service — is a surprisingly high priority for many organizations, though most are not yet ready to run large production environments of a service mesh. And we saw that networking security concerns focus on data protection, data theft, and regulatory compliance. We’ll also talk in this blog about how HashiCorp is delivering capabilities to help with some of the respondents’ most critical concerns.

»Service Mesh Is Here

If you’ve seen recent surveys from organizations like the Cloud Native Computing Foundation (CNCF) or have attended recent cloud conferences (including HashiConf), then you’ve likely heard about service mesh. For a quick refresher, service mesh is an architecture for securely automating service-to-service connections through the use of sidecar proxies. Over the past couple of years, we’ve invested a lot into Consul’s service mesh capabilities, trying to make it easier for organizations to implement and utilize a service mesh for all of their environments.

But how top-of-mind is service mesh for organizations? According to the survey, it’s actually pretty high on the priority list:

• 68% of respondents are at some level of implementation when it comes to service mesh
• However, only 10% have actually completed their implementations
• 28% are in the “planning” and “vendor selection” stages, while 30% are in the “trial” or “implementation in progress” stages.

What’s really interesting here is the relatively even split when it comes to maturity. 28% are planning for it, 30% are actively working on it, and 32% aren’t planning for it yet (10% are already done).

We can infer that while service mesh is a popular topic, most organizations are not yet ready to run large production environments of a service mesh. That said, when we asked where respondents expected to be in 12 months, 49% said they expected to either be completed with or in the process of implementing their service mesh. Another 26% expected to be in the planning stages. Clearly, folks are already making plans for service mesh and expecting to make quick progress towards full implementation. At HashiCorp, we pay close attention to the implications of these efforts, and what tools and capabilities we can provide to help.

»Service Mesh as a Service

Drilling deeper into the survey data reveals some additional interesting trends. For respondents who consider themselves to be in the planning, vendor selection, or trialing stages of their service mesh strategy, 41% state that their biggest obstacles are staff/skilling issues and too many manual processes. It’s no surprise then to see that 52% of these same respondents plan to either purchase some sort of commercial solution or run OSS as a service. In thinking about how HashiCorp can help, it’s here that we see the benefits of something like HashiCorp Cloud Platform (HCP) Consul, which can help address those gaps around skills and manual processes, while still providing the benefits of commercial options, including support, compliance, management, and more.

»What About Non-Mesh Users?

Around now you might be asking yourself, “Well, wait. 32% said they weren’t planning on using service mesh at all? What about them?”

This number makes it clear that service mesh is full of amazing capabilities, but we cannot assume that all environments will go all-in on a service mesh. Part of HashiCorp’s goal in creating Consul-Terraform-Sync (CTS) is to give users a way to add automation to non-service-mesh environments using Consul as a centralized source of truth for application information and HashiCorp Terraform’s robust provider ecosystem. That’s important because 47% of the non-mesh-using respondents still noted that deficiencies in skills and staffing and having to deal with manual processes were hindering their cloud networking initiatives. CTS helps alleviate some of those concerns by reducing the need for ticketing systems and accelerating the delivery lifecycle in a secure and automated way.

»How Security Fits In

In addition to concerns around skills and manual processes, you might also wonder about security concerns: are those also inhibiting service mesh adoption?” The answer is often yes.

When slicing the data to focus on respondents who don’t consider service mesh a focus, 44% named security as a top-three concern inhibiting their cloud program. Their top related security concerns center around data protection and regulatory compliance. This indicates that controlling access to sensitive data and enforcing governance policies is critical for future cloud networking solutions. HashiCorp’s work here gives these types of users the option of using Consul-Terraform-Sync integration with Terraform Enterprise, which has long been trusted to enforce compliance and governance standards for organizations.

Interestingly, though, security is even more top of mind for organizations exploring service mesh. More than half (51%) of organizations in the planning, vendor selection, and trial phases of their service mesh journey cited security as one of their top three concerns. Within that group, data protection is still the top security concern, but data theft is number two.

Trusting a service mesh with important data is likely met with some skepticism in many enterprises. Service meshes are distributed by nature, making the surface area to protect much larger. This is where having strong access controls (ACLs) and enforcing mutual-TLS connections between applications becomes critical. Ensuring that operators are implementing secure best practices is a must for organizations looking to alleviate these concerns. Again, our own HCP Consul offers a possible solution.

»Next Steps

To recap, the service mesh trend is clearly top of mind for many users, but they have challenges around staffing their teams with people that have the requisite skills. Services like HCP Consul can help bridge that gap and give users the support they need to get their service mesh implementations to where they want to be.

For users not exploring service mesh, solutions like Consul-Terraform-Sync can still help address the skill gaps highlighted in the survey. For more information about HashiCorp Consul, visit our documentation site. For more insights into networking in cloud and multi-cloud environments — and much more — check out the full HashiCorp State of Cloud Strategy Survey.

Related posts

• HashiCorp State of Cloud Strategy Survey: Welcome to the Multi-Cloud Era
• Survey Finds Both Offensive, Defensive Drivers for Multi-Cloud
• Cloud Budgets Busted: Almost 40% Overspent Last Year
• When Free Isn’t Good Enough — Why Companies Buy Infrastructure Tools