Search

US-12619472-B2 - Overflow of on-premises host workloads onto secure cloud

US12619472B2US 12619472 B2US12619472 B2US 12619472B2US-12619472-B2

Abstract

An embodiment provisions overflow from on-premises cloud workload onto a secure infrastructure provider. The embodiment senses a performance metric of an on-premises cloud. The embodiment deciding, responsive to the sensed performance metric, to scale up, senses a property of an infrastructure provider, responsive to the sensed property, selects the infrastructure provider. The embodiment generates credentials, creates a secure environment, establishes secure communications, and provisions compute hosts in the selected infrastructure provider.

Inventors

  • Gregory R. Hintermeister
  • Truman Brown
  • Jeremy Sheridan Caine

Assignees

  • INTERNATIONAL BUSINESS MACHINES CORPORATION

Dates

Publication Date
20260505
Application Date
20230620

Claims (20)

  1. 1 . A computer-implemented method comprising: sensing a performance metric of an on-premises cloud, deciding, responsive to sensing the performance metric of the on-premises cloud, to scale up, the deciding further comprising: sensing a property of an infrastructure provider, responsive to the sensed property, dynamically selecting the infrastructure provider; dynamically generating a credential in the on-premises cloud for the selected infrastructure provider; dynamically creating a secure environment in the infrastructure provider using the credential; dynamically establishing a secure connection between the on-premises cloud and the selected infrastructure provider; dynamically provisioning a compute host in the selected infrastructure provider, the provisioning causing a secure extension of the on-premises cloud into the selected infrastructure provider, the secure extension appearing as a part of the on-premises cloud to a workload executing in the on-premises cloud; and responsive to determining a need to execute a new workload on the on-premises cloud, scaling up the selected infrastructure provider, moving a portion of the workload to the selected infrastructure provider and executing the portion of the workload on the selected infrastructure provider wherein the portion of the workload moved to the selected infrastructure provider is based on the performance metric of the on-premises cloud accommodating the new workload and wherein the workload is stretched between the on-premises cloud and the selected infrastructure provider.
  2. 2 . The computer-implemented method of claim 1 , wherein the property of the infrastructure provider comprises location, cost, performance metrics or vendor.
  3. 3 . The computer-implemented method of claim 1 , wherein the secure connection is isolated except to connect only the on-premises cloud and the selected infrastructure provider.
  4. 4 . The computer-implemented method of claim 1 , wherein the secure environment in the infrastructure provider further comprises establishing a virtual private cloud.
  5. 5 . The computer-implemented method of claim 1 , wherein the sensed performance metric of the on-premises cloud comprises processor usage, memory usage, or storage usage of the compute hosts.
  6. 6 . The computer-implemented method of claim 1 , further comprising sensing a performance metric of the selected infrastructure provider, deciding, responsive to sensing the performance metric of the selected infrastructure provider to scale down wherein deciding to scale down is based on at least completion of the portion of workload running on a compute host in the selected infrastructure provider, the performance metric of the on-premises cloud and the performance metric of the selected infrastructure provider.
  7. 7 . The computer-implemented method of claim 1 , wherein deciding to scale down comprises: transmitting host data from the selected infrastructure provider to the on-premises cloud over the secure connection; deprovisioning a compute host; and terminating the secure connection.
  8. 8 . A computer program product comprising one or more computer readable storage media, and program instructions collectively stored on the one or more computer readable storage media, the program instructions executable by a processor to cause the processor to perform operations comprising: sensing a performance metric of an on-premises cloud, deciding, responsive to sensing the performance metric of the on-premises cloud, to scale up, the deciding further comprising: sensing a property of an infrastructure provider, responsive to the sensed property, dynamically selecting the infrastructure provider; dynamically generating a credential in the on-premises cloud for the selected infrastructure provider; dynamically creating a secure environment in the infrastructure provider using the credential; dynamically establishing a secure connection between the on-premises cloud and the selected infrastructure provider; dynamically provisioning a compute host in the selected infrastructure provider, the provisioning causing a secure extension of the on-premises cloud into the selected infrastructure provider, the secure extension appearing as a part of the on-premises cloud to a workload executing in the on-premises cloud; and responsive to determining a need to execute a new workload on the on-premises cloud, scaling up the selected infrastructure provider, moving a portion of the workload to the selected infrastructure provider and executing the portion of the workload on the selected infrastructure provider wherein the portion of the workload moved to the selected infrastructure provider is based on the performance metric of the on-premises cloud accommodating the new workload and wherein the workload is stretched between the on-premises cloud and the selected infrastructure provider.
  9. 9 . The computer program product of claim 8 , wherein the property of the infrastructure provider comprises location, performance metrics or vendor.
  10. 10 . The computer program product of claim 8 , wherein the secure connection is isolated to connect only the on-premises cloud and the selected infrastructure provider.
  11. 11 . The computer program product of claim 8 , wherein the secure environment in the infrastructure provider further comprises establishing a virtual private cloud.
  12. 12 . The computer program product of claim 8 , wherein the sensed performance metric of the on-premises cloud comprises processor usage, memory usage, or storage usage of the compute host.
  13. 13 . The computer program product of claim 8 , further comprising sensing a performance metric of the selected infrastructure provider, deciding, responsive to sensing the performance metric of the selected infrastructure provider to scale down wherein deciding to scale down is based on at least completion of the portion of workload running on a compute host in the selected infrastructure provider, the performance metric of the on-premises cloud and the performance metric of the selected infrastructure provider.
  14. 14 . The computer program product of claim 8 , wherein deciding to scale down comprises: transmitting host data from the selected infrastructure provider to the on-premises cloud over the secure connection; deprovisioning the compute hosts; and terminating the secure connection.
  15. 15 . A computer system comprising a processor and one or more computer readable storage media, and program instructions collectively stored on the one or more computer readable storage media, the program instructions executable by the processor to cause the processor to perform operations comprising: sensing a performance metric of an on-premises cloud, deciding, responsive to sensing the performance metric of the on-premises cloud, to scale up, the deciding further comprising: sensing a property of an infrastructure provider, responsive to the sensed property, dynamically selecting the infrastructure provider; dynamically generating a credential in the on-premises cloud for the selected infrastructure provider; dynamically creating a secure environment in the infrastructure provider using the credential; dynamically establishing a secure connection between the on-premises cloud and the selected infrastructure provider; dynamically provisioning a compute host in the selected infrastructure provider, the provisioning causing a secure extension of the on-premises cloud into the selected infrastructure provider, the secure extension appearing as a part of the on-premises cloud to a workload executing in the on-premises cloud; and responsive to determining a need to execute a new workload on the on-premises cloud, scaling up the selected infrastructure provider, moving a portion of the workload to the selected infrastructure provider and executing the portion of the workload on the selected infrastructure provider wherein the portion of the workload moved to the selected infrastructure provider is based on the performance metric of the on-premises cloud accommodating the new workload and wherein the workload is stretched between the on-premises cloud and the selected infrastructure provider.
  16. 16 . The computer system of claim 15 , further comprising sensing a performance metric of the selected infrastructure provider, deciding, responsive to sensing the performance metric of the selected infrastructure provider to scale down wherein deciding to scale down is based on at least completion of the portion of workload running on a compute host in the selected infrastructure provider, the performance metric of the on-premises cloud and the performance metric of the selected infrastructure provider.
  17. 17 . The computer system of claim 15 , wherein deciding to scale down comprises: transmitting host data from the selected infrastructure provider to the on-premises cloud over the secure connection; deprovisioning the compute host; and exiting the secure connection.
  18. 18 . The computer system of claim 15 , wherein the secure connection is isolated to connect only the on-premises cloud and the selected infrastructure provider.
  19. 19 . The computer system of claim 15 , wherein the secure environment in the infrastructure provider comprises establishing a virtual private cloud.
  20. 20 . The computer system of claim 15 , wherein the sensed performance metric of the on-premises cloud comprises processor usage, memory usage, or storage usage of the compute host.

Description

BACKGROUND The present invention relates generally to cloud computing. More particularly, the present invention relates to a method, system, and computer program for overflow of on-premises host workloads onto secure cloud. Cloud computing technology has evolved significantly over the past few years. Distributed cloud is a public cloud computing service that lets users run public cloud services in multiple locations—the user's own data centers, other cloud providers' data centers, third-party data centers or colocation centers, and on-premises and manage from a control plane. Distributed cloud provides the ideal foundation for edge computing-running services and applications closer to where data is created. On-premises cloud enable the user to deploy, manage, and control the user's app workloads on a vendor distributed cloud provider's cloud running in the on-premises data center such as in scenarios where either internal policy or external regulatory mandate preclude use of a public cloud. However, on-premises distributed cloud still uses on-premises infrastructure and based on workload and performance demands, it is difficult to provision new hosts in the on-premises location at the scale required by the workload due to the limitations of data center space and physical hardware. SUMMARY The illustrative embodiments provide for the overflow of on-premises cloud workloads onto a secure infrastructure provider. An embodiment includes sensing a performance metric of an on-premises cloud, deciding, responsive to sensing a performance metric of the on-premises cloud, to scale up. The embodiment also includes sensing a property of an infrastructure provider, responsive to the sensed property, selecting the infrastructure provider. The embodiment also includes generating a credential in the on-premises cloud for the selected infrastructure provider. The embodiment also includes creating a secure environment in the infrastructure provider using the credential. The embodiment also includes establishing secure communication between the on-premises cloud and the selected infrastructure provider. The embodiment includes provisioning a compute host in the selected infrastructure provider. The embodiment also includes the provisioning causing a secure extension of the on-premises cloud into the selected infrastructure provider, the secure extension appearing as a part of the on-premises cloud to a workload executing in the on-premises cloud. Other embodiments of this aspect include corresponding computer systems, apparatus, and computer programs recorded on one or more computer storage devices, each configured to perform the actions of the embodiment. An embodiment includes a computer usable program product. The computer usable program product includes a computer-readable storage medium, and program instructions stored on the storage medium. An embodiment includes a computer system. The computer system includes a processor, a computer-readable memory, and a computer-readable storage medium, and program instructions stored on the storage medium for execution by the processor via the memory. BRIEF DESCRIPTION OF THE DRAWINGS The novel features believed characteristic of the invention are set forth in the appended claims. The invention itself, however, as well as a preferred mode of use, further objectives, and advantages thereof, will best be understood by reference to the following detailed description of the illustrative embodiments when read in conjunction with the accompanying drawings, wherein: FIG. 1 depicts a block diagram of a computing environment in accordance with an illustrative embodiment; FIG. 2 depicts a block diagram of an on-premises distributed cloud in accordance with an illustrative embodiment; FIG. 3 this figure depicts a block diagram processing environment of an Overflow Scaler module in accordance with an illustrative embodiment; FIG. 4 depicts a flow chart of an operation of the Overflow Scaler module 200 in accordance with an illustrative embodiment; FIG. 5 depicts a flow chart of an operation of the Overflow Scaler module in accordance with an illustrative embodiment; FIG. 6 depicts a diagram of an example of a cloud computing environment in accordance with an illustrative embodiment; FIG. 7A depicts a flowchart diagram of an example Virtual Private Network (VPN) process in accordance with an illustrative embodiment; FIG. 7B depicts a flowchart diagram of an example Virtual Private Network (VPN) process in accordance with an illustrative embodiment. DETAILED DESCRIPTION Distributed cloud provides the ideal foundation for edge computing-running services and applications closer to where data is created. On-premises cloud enables the user to deploy, manage, and control the user's app workloads on a vendor distributed cloud provider's cloud running in the on-premises data center such as in scenarios where either internal policy or external regulatory mandate preclude use of a public cloud. However,