At each stage, you’ll see a list of the advantages of the various approaches to hybrid cloud and a concise list of best practices. Everything in the documents is very much rooted in the author’s hands-on experience with designing these types of systems.
Authentication and single sign-on in hybrid cloud
Managing authentication and authorization in a hybrid environment generally means matching your existing, on-premises identity system with how it’s done in GCP. For example, you might already run Active Directory on-premises. How can you map your user identities to GCP identities so that your users don’t have to sign in separately to your on-premises services and to GCP?
In a three-part series, Federating Google Cloud Platform with Active Directory, Johannes tackles the topic of integrating Active Directory with Cloud Identity using Google Cloud Directory Sync. This series discusses how to deal with various Active Directory topologies (such as single or multi-forest), and how to perform Windows-integrated authentication and single sign-on (SSO) for apps running on GCP.
“Rip and replace” with GKE
There’s another approach to moving systems to the cloud. If you’re modernizing a complex website to a refactored, container-based microservices platform (Google Kubernetes Engine, or GKE) on GCP, check out Migrating a monolithic application to microservices on GCP, from solutions architect and DevOps engineering veteran Theo Chamley.
As an example in this solution, Theo uses an e-commerce site. You’ll see how to perform the migration feature by feature, avoiding the risks of a large-scale, all-at-once migration. During the migration itself, the application has a hybrid architecture, where some features are in the cloud and some are still on-premises. After the migration is finished, the complete application is hosted in the cloud, but it still interacts with back-end services that remain on-premises. In addition to describing the architecture of various steps in this migration, you’ll see how to take advantage of a variety of GCP services as part of the process, including Cloud Interconnect.
Wait, there’s more
Several other solutions architects have also been writing about hybrid architectures to share best practices and offer advice. Here are a few to check out: