Cloud, On-Prem, or Both? Rethinking Infrastructure for Modern Engineering

22 June 2025 Darren Benson Cloud Computing, Engineering Leadership, Enterprise, Enterprise IT Strategy, Hybrid Cloud, IT Infrastructure 0

TL;DR

The cloud vs. on-premises debate is not about picking sides. Modern infrastructure is about balancing control, compliance, cost, and agility. Most organisations find themselves somewhere in between, with hybrid approaches becoming the norm. The right answer comes from honest measurement of risk, cost, and operational readiness—not from fashion or vendor marketing.

Introduction: Old Choices, New Stakes

In 2015, Dropbox famously left AWS and saved millions by running its own infrastructure. A decade later, most engineering leaders face a more nuanced choice: cloud, on-prem, or something in between? What matters most is understanding your unique requirements and the trade-offs that go with them.

Cloud-Native: Scale, Speed, and New Risks

A 2023 Flexera report found that enterprises waste up to 30 percent of their cloud spend on underused resources and hidden costs.

Elasticity and Agility Cloud-native architectures allow rapid scaling, global reach, and seamless automation. Managed services—Kubernetes, serverless, integrated CI/CD—enable teams to focus on building, not managing servers.

Developer Velocity and DevEx With managed services and global infrastructure, cloud-native unlocks speed and experimentation, supporting CI/CD and fast iteration.

Hidden Costs and Lock-In But costs can quickly spiral: egress charges, over-provisioned resources, and proprietary integration often lead to surprises. Deep platform adoption makes migration difficult. Vendor lock-in is not just technical—it can affect commercial leverage and the speed of future migrations. Every deep integration into a provider’s platform raises your switching costs.

Security and Compliance Cloud providers have high standards, but responsibility for compliance is shared. For regulated industries, cloud can mean risk, especially for sensitive workloads. Cloud platforms typically deliver new features faster, but that can also mean a steeper learning curve and faster deprecation cycles.

On-Prem: Control, Predictability, and Complexity

Full Control and Data Sovereignty On-premises delivers predictability and control. Regulated sectors (finance, health, government) may require it. Data stays where you want it.

Performance at the Edge For AI/ML and latency-sensitive workloads, proximity to data or edge devices can be decisive. On-prem enables this.

Upfront Cost and Skills Gap CapEx is high and operational discipline is needed. Managing clusters, patching, and hardware lifecycle is non-trivial, and demands specialist talent.

The Kubernetes Effect: Cloud-Native Patterns, Anywhere

Kubernetes has made hybrid architecture a reality. What once required deep provider lock-in can now be run anywhere: on public cloud, in your data centre, or at the edge. With Kubernetes as the control plane, organisations can move workloads with less friction, adopt common tooling, and run cloud-like platforms on-premises.

Local Cloud Stacks Many enterprises now run Rancher, OpenShift, or VMware Tanzu on-prem, offering “private cloud” experiences with integrated CI/CD, self-service environments, and observability. Major vendors like Red Hat (OpenShift), VMware Tanzu, and Rancher now offer mature enterprise support, but differ in ecosystem integrations, support models, and upgrade cadence. Leaders should evaluate vendor maturity and roadmap alignment as part of their platform engineering strategy.

  • Sovereignty and Data Locality: Local stacks enable compliance with data residency laws, without sacrificing DevEx.
  • Operational Consistency: The same workflows, whether on cloud or on-prem, help teams focus on delivery rather than differences between environments.
  • Skills and Complexity: Running Kubernetes at scale is challenging and requires a shift in skills and mindset—SRE, DevOps, and platform engineering become critical disciplines.
  • Cost Control: On-prem Kubernetes is not free—hardware, upgrades, support, and underutilised capacity all need careful measurement (FinOps).

Edge and Multi-Cloud Patterns Kubernetes enables microservices and AI workloads at the edge. Some organisations run core workloads on-prem but “burst” into cloud when needed, maintaining portability and flexibility.

Hybrid: The New Standard

According to the 2023 Google Cloud State of DevOps Report, high-performing teams leveraging cloud-native and hybrid practices deploy code multiple times per day, compared to only once per week or less for traditional on-prem teams. Teams that standardise on cloud-native tools—regardless of whether workloads are in the cloud or on-prem—see up to a 200% increase in deployment frequency and significant reductions in change failure rates. (DORA 2023 Report)

Hybrid is not a compromise; it is the practical response to the demands of regulation, cost, performance, and innovation. Managing workloads across cloud and on-prem is complex. Orchestration, observability, and cost control require investment in tools (Kubernetes, service mesh, OpenTelemetry) and skills (platform teams, SRE, FinOps).

Case Example: Santander, a global bank, adopted a hybrid model with Red Hat OpenShift to keep core and regulatory workloads on-premises, while scaling customer-facing apps in the cloud. This move reduced deployment time for new applications from weeks to minutes, demonstrating how hybrid architectures can deliver both compliance and velocity.  

A Decision Framework for Engineering Leaders

Sample Migration Playbook:

  • Phase 1: Audit existing workloads, classify by sensitivity, performance, and regulatory needs
  • Phase 2: Form a cross-functional platform team to own hybrid tooling and observability
  • Phase 3: Pilot hybrid migration with a non-critical workload, using progressive delivery
  • Phase 4: Expand rollout, using continuous feedback and DORA/SPACE metrics to measure impact

Leaders should consider a workload placement assessment:

  • Map core workloads by regulatory risk, performance sensitivity, and cost profile
  • Set clear success metrics (deployment frequency, lead time, TCO) for each environment
  • Pilot hybrid patterns with cross-functional teams to test both technology and process maturity
  1. What is your risk and compliance profile?
  2. What does total cost look like, including migration and management?
  3. What is your team’s operational maturity?
  4. How fast do you need to adapt and in what direction?

No one architecture fits all. Your context, constraints, and goals should drive the mix.

Leaders should model TCO over a 3- to 5-year period, factoring in not just cloud/on-prem spend but also staffing, support, migrations, and opportunity costs. Even a simple spreadsheet with categories for infra, talent, licensing, and risk mitigation can reveal where the true breakpoints lie.

Hybrid teams should monitor lead time, deployment frequency, and change failure rate (DORA), as well as developer satisfaction and cognitive load (SPACE), to track the real impact of infrastructure choices.

Lessons and Trends

  • AI and Data Gravity: Training large language models or running sensitive inferencing jobs is increasingly being kept close to data sources for performance, cost, and privacy. This is shifting cloud adoption strategies, with many organisations moving their AI training workloads back on-prem or to sovereign cloud.
  • Sovereign and Local Cloud: GDPR and local regulations are pushing infrastructure back within borders, shaping both cloud and on-prem adoption.
  • Platform Engineering: Succeeding with hybrid and Kubernetes means treating platform engineering as a first-class discipline, investing in automation, observability, and talent.
  • Hybrid as Default: The real differentiator is not technology, but execution: clear measurement, visibility, and the ability to adapt.

Conclusion: Engineering for Change

There is no universal answer, and there never will be. Infrastructure strategy is not a one-off decision. The best teams revisit architecture choices quarterly, tracking business, cost, and risk metrics to stay aligned with changing priorities. The future is about understanding your constraints, measuring outcomes, and being ready to adapt as requirements change. Hybrid is here to stay. What matters is not where your workloads run, but how well your team can measure, adapt, and deliver business value – whatever the architecture.

Be the first to comment

Leave a Reply

Your email address will not be published.


*