top of page

Build and Design Cross-cloud scaling - on-premises data

Updated: Dec 15, 2023

Many organizations collect and store massive amounts of sensitive customer data. They're frequently prevented from storing sensitive data in the public cloud because of corporate regulations or government policy, but they might want to take advantage of the scalability of the public cloud. The public cloud can handle seasonal peaks in traffic, allowing organizations to pay for exactly the hardware they need, when they need it.

The solution takes advantage of the compliance benefits of the private cloud and combines them with the scalability of the public cloud. The Azure and Azure Stack Hub hybrid cloud provides a consistent experience for developers. This consistency lets them apply their skills to both public cloud and on-premises environments.

This solution allows you to deploy an identical web app to a public and private cloud. You can also access a non-internet routable network that's hosted on the private cloud.

Potential use cases

This solution is applicable in scenarios like these:

  • Your organization uses a DevOps approach or plans to use one soon.

  • You want to implement continuous integration and continuous delivery (CI/CD) practices across an Azure Stack Hub implementation and the public cloud.

  • You want to consolidate the CI/CD pipeline across cloud and on-premises environments.

  • You want to develop apps by using both cloud and on-premises services.

  • You want skills required by developers to be consistent across cloud and on-premises apps.

  • You're using Azure but have developers who are working in an on-premises Azure Stack Hub cloud.

  • Your on-premises apps experience spikes in demand during seasonal, cyclical, or unpredictable fluctuations.

  • You have on-premises components and want to use the cloud to scale them.

  • You want cloud scalability but want your app to run on-premises as much as possible.

Benefits of Cross-Cloud Deployment

Flexibility to choose any provider for any application. Sticking to one provider confines you to using only their services when your needs start to change over time. By deploying applications across multiple providers, you can access innovative technologies quickly and can combine the best from each provider.

This also ensures there are no vendor lock-ins. Lock-in with a particular cloud provider is a result of a business investing so heavily with a cloud provider that migrating away becomes too prohibitively expensive and complex. By spreading the services between different providers, a business has the freedom to deploy new or existing applications in whichever cloud is most beneficial.

Scalability allows your workloads to automatically adjust to spikes and dips in demand. One of the main benefits of public clouds is the automatic—and often limitless—scalability. This can go one step further when you have multiple clouds and want even more scalability and fault tolerance. The same scalability benefits apply when the capacity of a solely on-premise environment needs to expand.

Lower Opex and Capex. There’s no need for upfront payments for infrastructure when using a cloud environment, and the purchase model is pay-as-you-go. Cloud vendors often offer a cost-saving mechanism by enabling customers to make an upfront payment (Capex) in exchange for a much lower ongoing payment (Lower Opex). As the large cloud providers benefit from huge economies of scale, they often pass these savings on to the customer.

Better Resilience. Spreading modern, distributed applications across multiple environments also spreads the risk of downtime. Although uncommon, there have been events of cloud environments going offline in one or more regions. Having applications and services hosted on-premise, and in a mix of public clouds with a solid failover plan, reduces the exposure to vendor outages.

When to use this pattern

  • My organization is using a DevOps approach, or has one planned for the near future.

  • I want to implement CI/CD practices across my Azure Stack Hub implementation and the public cloud.

  • I want to consolidate the CI/CD pipeline across cloud and on-premises environments.

  • I want the ability to develop apps seamlessly using cloud or on-premises services.

  • I want to leverage consistent developer skills across cloud and on-premises apps.

  • I'm using Azure but I have developers who are working in an on-premises Azure Stack Hub cloud.

  • My on-premises apps experience spikes in demand during seasonal, cyclical, or unpredictable fluctuations.

  • I have on-premises components and I want to use the cloud to scale them seamlessly.

  • I want cloud scalability but I want my app to run on-premises as much as possible.


cross cloud scaling

Key Components

  • Azure App Service allows you to build and host web apps, RESTful API apps, and Azure functions.

  • Azure Virtual Network is the fundamental building block for private networks in Azure. Virtual Network enables multiple Azure resource types, like virtual machines (VM), to communicate with each other, the internet, and on-premises networks, all with improved security. This solution also demonstrates the use of additional networking components:

  • App and gateway subnets.

  • A local on-premises network gateway.

  • A virtual network gateway, which acts as a site-to-site VPN gateway connection.

  • A public IP address.

  • A point-to-site VPN connection.

  • Azure DNS to host DNS domains and provide name resolution.

  • Traffic Manager is a DNS-based traffic load balancer. You can use it to control the distribution of user traffic to service endpoints in different datacenters.

  • Application Insights is an extensible application performance management service for web developers who build and manage apps on multiple platforms.

  • Azure Functions enables you to run code in a serverless environment without having to first create a VM or publish a web app.

  • Azure Stack Hub is an extension of Azure that can run workloads in an on-premises environment by providing Azure services in your datacenter.

  • With Azure Stack Hub, you can use the same app model, self-service portal, and APIs enabled by Azure. Azure Stack Hub IaaS supports a broad range of open-source technologies for consistent hybrid cloud deployments. This solution uses a Windows Server VM to host SQL Server, for example.

  • The solution uses Azure App Service on Azure Stack Hub to host the web app in both environments.

  • The Azure Stack Hub virtual network works exactly like the Azure virtual network. It uses many of the same networking components, including custom hostnames.

  • Azure DevOps is a set of developer services that provides comprehensive application and infrastructure lifecycle management. Azure DevOps includes work tracking, source control, build and CI/CD, package management, and testing solutions.

  • Azure Pipelines is a service that provides CI/CD. You can use it to manage hosted build and release agents and definitions. You can use various code repositories with your development pipeline, including GitHub, Bitbucket, Dropbox, OneDrive, and Azure Repos.


  • For web applications, you can use Azure Front Door instead of Traffic Manager. Azure Front Door works at Layer 7, the HTTP/HTTPS layer, using the anycast protocol with split TCP and the Microsoft global network to improve global connectivity. Your routing method can ensure that Azure Front Door will route your client requests to the fastest and most available application back end.

  • You can use Azure ExpressRoute instead of Azure VPN Gateway. You can use ExpressRoute to connect your local network directly to Azure resources by using a dedicated private network connection.

  • If your repo is in GitHub, you can use GitHub Actions instead of Azure Pipelines.



Global deployment has challenges, like variable connectivity and government regulations that differ by region. Developers can create just one app and deploy it across various regions with different requirements. Deploy your app to the Azure public cloud, and then deploy additional instances or components locally. You can manage traffic among all instances by using Azure.

It's important to think about how to handle networking or power failures. For information about improving resiliency.


  • Compliance and data sovereignty. With Azure Stack Hub, you can run the same service across multiple countries as you would when using a public cloud. Deploying the same app in datacenters in each country allows you to meet data sovereignty requirements. This capability ensures that personal data is kept within each country's borders.

  • Azure Stack Hub security posture. Security requires a solid, continuous servicing process. That's why Microsoft invested in an orchestration engine that applies patches and updates across the entire infrastructure. Thanks to partnerships with Azure Stack Hub original equipment manufacturer (OEM) partners, Microsoft extends the same security posture to OEM-specific components, like the Hardware Lifecycle Host and the software running on it. These partnerships ensure that Azure Stack Hub has a uniform, solid security posture across the entire infrastructure. In turn, you can build and secure your app workloads.

  • Use of service principals via PowerShell, CLI, and the Azure portal. To provide resource access to a script or app, set up an identity for your app and authenticate the app with its own credentials. This identity is known as a service principal. You can use service principals to:

  • Assign permissions to the app identity that are different from user permissions and that are restricted to the app's needs.

  • Use a certificate for authentication when you run an unattended script. For more information about service principal creation and using a certificate for credentials.

  • A single, consistent identity management solution. Azure Stack Hub works with both Azure Active Directory (Azure AD) and Active Directory Federation Services (AD FS). It works with Azure AD in connected scenarios. For environments that don't have connectivity, you can use AD FS as a disconnected solution. Service principals are used to grant access to apps, allowing them to deploy or configure resources through Azure Resource Manager.

Operational excellence

  • A single, consistent development approach. With Azure and Azure Stack Hub, you can use a consistent set of development tools across your organization. This consistency makes it easier to implement CI/CD. Many apps and services deployed in Azure or Azure Stack Hub are interchangeable and can run in either location. A hybrid CI/CD pipeline can help you:

    • Initiate a new build based on commits to your code repository.

    • Automatically deploy your newly built code to Azure for user acceptance testing.

    • Automatically deploy to Azure Stack Hub after your code passes testing.

Performance efficiency

Azure and Azure Stack Hub support the needs of globally distributed businesses.

  • Easy-to-manage hybrid cloud. Microsoft provides integration of on-premises assets with Azure Stack Hub and Azure in one unified solution. This integration eliminates the challenge of managing multiple point solutions and a mix of cloud providers. With cross-cloud scaling, just connect your Azure Stack Hub to Azure with cloud bursting to make your data and apps available in Azure.

    • Eliminate the need to build and maintain a secondary disaster recovery (DR) site.

    • Save time and money by eliminating tape backup. Store up to 99 years of backup data in Azure.

    • Migrate running Hyper-V, Physical (in preview), and VMware (in preview) workloads to Azure to benefit from the economics and elasticity of the cloud.

    • Run compute-intensive reports or analytics on a replicated copy of your on-premises asset in Azure without separation from your production workloads.

    • Burst into the cloud and run on-premises workloads in Azure, with larger compute templates when needed.

    • Create multitier development environments. Replicate live production data to your dev/test environment to keep it in near real-time sync.

  • Cross-cloud scaling with Azure Stack Hub. The key advantage to cloud bursting is that it saves you money. You pay for additional resources only when there's a demand for them. You don't need to spend money on unnecessary extra capacity or try to predict demand peaks and fluctuations.

  • Processing in the cloud. You can use cross-cloud scaling to reduce processing burdens. Moving basic apps to the public cloud distributes loads, freeing up local resources for business-critical apps. You can deploy an app to the private cloud and burst it to the public cloud as needed to meet demand.

16 views0 comments

Recent Posts

See All


bottom of page