A hybrid cloud network, enabling project teams to automatically create their own virtual cloud on AWS with on-premises connectivity via a self-service portal. Here’s how.
The adoption of cloud technology has skyrocketed in the last few years. At Porsche, we are increasingly moving IT environments and data operations into the cloud — such as our digital service platform My Porsche. Hitherto, our individual project teams have been very self-sufficient, with each team building its own solution — in a way reinventing the wheel again and again. We wanted to find a way to streamline this process and make the cloud migration much simpler and faster, allowing project teams to automatically create their own virtual cloud on AWS via a self-service portal. Our solution, the Porsche Cloud Network Reference model (CNR), is one of the pillars of our Porsche Turbo Cloud Journey — enabling teams to build virtual data centers with private on-premises connectivity requirements with the touch of a button.
The Porsche Cloud Network Reference model
In a nutshell, the Porsche Cloud Network Reference model is a fully automated hybrid network infrastructure for AWS cloud, implemented as Infrastructure as Code (IaC). It integrates CNR AWS resources into the Porsche global network, providing network services and routing between Porsche on-premises and CNR AWS resources. Prior to CNR, planning and building a hybrid environment would have taken weeks. Thanks to CNR, IT teams can now easily set up a virtual private cloud (VPC) within minutes. The CNR service is provided by the network department. The network operation team offers 24/7 end-to-end support and can, when needed, directly troubleshoot within the VPCs.
The Porsche Cloud Network Reference model consists of five core elements
1. CNR Management Plane: A fully automated Continuous Integration (CI) and Continuous Delivery (CD) pipeline for the deployment of the solution modules. CNR provides a user-friendly self-service interface that allows the fully automatic creation of VPCs with hybrid connectivity. Furthermore, private VPC IP ranges are automatically polled from the internal IPAM system and advanced maintenance tasks can be performed by the network operation team using automated pipelines. AWS VPC configuration is kept on-premises (e.g. for disaster recovery).
2. A virtual DNS service that enables hybrid domain name resolution between on-premises and cloud-internal instances. CNR uses the internal namespace for private DNS names and subdomains are used to distinguish between cloud vendors, regions and VPCs.
3. The AWS Transit Gateway, which acts as a communication hub connecting the customer VPCs to the on-premises data center of Porsche AG via high-performance, encrypted VPN connections. The CNR architecture scales up to hundreds of VPCs and 50 Gbit/s per region.
4. The virtual private clouds (VPCs), i.e. the virtual private infrastructure that is made available to customers in the cloud. These VPCs are available in different T-shirt sizes and offer internal customers the following standardized functionality:
- Subnets for private and public services in 3 AWS Availability Zones for best possible availability
- Internet connectivity via a NAT gateway for private subnets and for public services via the Internet gateway
- On-premises connectivity via an automated attachment to the AWS Transit Gateway and routing configuration
- Routing for access to the Internet and on-premises networks
5. An AWS Direct Connect connection between the Porsche network and the AWS network via a co-location data center in Frankfurt with automatic failover. This enables us to offer our internal IT customers the best possible performance combined with very high availability at a low cost. We launched the Porsche Cloud Network Reference model in November 2020 and are now introducing it internally. A big thank you to our partners at IsarNet AG and Rackspace Technology, who helped and supported us in the development of the CNR and without whom this project wouldn’t have been possible.
While there are certain areas and solutions that need to stay in on-premises data centers for a long time to come, e.g. due to data protection or availability, there are many projects and IT issues that need the best of both worlds: on-premises data centers and the cloud. The Porsche Cloud Network Reference model provides the tailored solution for this, carrying on our Porsche DNA: The combination of tradition and innovation.