At the 2016 AWS Summit in New York we addressed lots of questions about what the move to the Cloud means to HVR. Numerous long-time HVR clients have started the move to the Cloud, and many new opportunities consider the Cloud as their starting point. How can HVR’s architecture be applied to the Cloud, either in a hybrid scenario with some systems still on-premises and others in the Cloud, or in a Cloud-only setup?
Architecture for Flexible Cloud Deployment
HVR uses a distributed architecture. We recommend clients install a copy of the HVR Software executables on the database server for optimum performance and efficiency. By default HVR will compress data across the wire between installations of HVR. In the Cloud clients may use Cloud Database services such as Amazon Redshift, RDS or Azure SQL, for which installation on the database server is simply not an option. In these cases an installation of HVR’s binaries should be available as close to the database server as feasible, i.e. in the same availability zone. From HVR’s perspective the Cloud is simply another end-point in the replication setup, and with that inter-Cloud replication is a setup that simply runs in the Cloud only.
Firewall settings for Cloud Integration
In an HVR setup, the hub always initiates the communication. A hub on-premises requires a TCP/IP port into the Cloud to be opened, and a hub in the Cloud requires opening a TCP/IP port into the on-premises data center. The latter may initially cause the network administrator to cringe, but we see more and more clients consider this option.
Traditionally with HVR the use of encryption is optional. Because cloud data integration is often performed on a public internet connection, encryption cannot be optional in such a scenario. HVR enables SSL encryption using a custom public/private key. Connections that don’t use the correct key will simply not work.
Finally, an important concept HVR supports to facilitate Cloud deployments is the use of a proxy. A proxy is another installation of HVR that runs a proxy service. The proxy specifies the rules to allow connections, and the required use of SSL encryption within these (if any). An on-premises proxy server allows for opening up the firewall for just a single server on-premises e.g. in a DMZ to enable connections to get into the local data center.