- No category
Cloud Computing: Benefits, Models, and Architecture
advertisement
UNIT I Cloud Computing Cloud computing is the on-demand delivery of IT resources over the Internet with pay-as-you-go pricing. Cloud Computing is the delivery of computing services—including servers, storage, databases, networking, software, analytics, and intelligence—over the Internet (“the cloud”), to offer faster innovation, flexible resources, and economies of scale. Benefits of Cloud Computing Faster time to market: You can spin up new instances or retire them in seconds, allowing developers to accelerate development with quick deployments. Cloud computing supports new innovations by making it easy to test new ideas and design new applications without hardware limitations or slow procurement processes. Scalability and flexibility: Cloud computing gives your business more flexibility. You can quickly scale resources and storage up to meet business demands without having to invest in physical infrastructure. Companies don’t need to pay for or build the infrastructure needed to support their highest load levels. Likewise, they can quickly scale down if resources aren’t being used. Cost savings: Whatever cloud service model you choose, you only pay for the resources you actually use. This helps you avoid overbuilding and overprovisioning your data center and gives your IT teams back valuable time to focus on more strategic work. Better collaboration: Cloud storage enables you to make data available anywhere you are, anytime you need it. Instead of being tied to a location or specific device, people can access data from anywhere in the world from any device—as long as they have an internet connection. Advanced security : Despite popular perceptions, cloud computing can actually strengthen your security posture because of the depth and breadth of security features, automatic maintenance, and centralized management. Reputable cloud providers also hire top security experts and employ the most advanced solutions, providing more robust protection. Data loss prevention: Cloud providers offer backup and disaster recovery features. Storing data in the cloud rather than locally can help prevent data loss in the event of an emergency, such as hardware malfunction, malicious threats, or even simple user error. Limitations of cloud computing Of course, like any technology, there are pros and cons to cloud computing. For example, one of the most common drawbacks of cloud computing is that it relies on an internet connection. Traditional computing uses a hardwired connection to access data on servers or storage devices. With cloud computing, a bad connection could keep you from accessing the information or applications you need. Even top cloud service providers can experience downtime due to a natural disaster or slower performance caused by an unforeseen technical issue that might impact connectivity. You could be blocked from accessing cloud services until the problem is resolved. Other disadvantages of cloud computing include: risk of vendor lock-in less control over underlying cloud infrastructure concerns about security risks like data privacy and online threats integration complexity with existing systems unforeseen costs and unexpected expenses The good news is that you can address most of these disadvantages by doing your research and carefully evaluating cloud service providers and their service models. Many of the issues that arise when migrating to cloud result from a lack of clear understanding about what providers offer, pricing models, and what security tasks remain the responsibility of the customer. In addition, choosing an open cloud platform can give you more flexibility and freedom to build and operate where you need and seamlessly integrate with the services you want. Types of Cloud Computing The main three types of cloud computing are public cloud, private cloud, and hybrid cloud. Within these deployment models, there are four main services: infrastructure as a service (IaaS), platform as a service (PaaS), software as a service (SaaS), and serverless computing. Cloud deployment models When adopting cloud architecture, there are three different types of cloud deployment models that help deliver cloud computing services: public cloud, private cloud, and hybrid cloud. Public cloud Public clouds deliver resources, such as compute, storage, network, develop-and-deploy environments, and applications over the internet. They are owned and run by third-party cloud service providers like Google Cloud. Private cloud Private clouds are built, run, and used by a single organization, typically located on-premises. They provide greater control, customization, and data security but come with similar costs and resource limitations associated with traditional IT environments. Hybrid cloud Environments that mix at least one private computing environment (traditional IT infrastructure or private cloud, including edge) with one or more public clouds are called hybrid clouds. They allow you to leverage the resources and services from different computing environments and choose which is the most optimal for the workloads. When talking about types of cloud deployment, you may also hear the term multicloud environment. In fact, industry research shows that nearly 90% of companies are now considered multicloud, meaning they combine cloud services from at least two different cloud service providers, whether public or private. Adopting a multicloud approach gives you greater flexibility to choose the solutions that best suit your specific business needs and also reduces the risk of vendor lock-in. While multicloud and hybrid cloud are sometimes used interchangeably, a hybrid cloud approach can be considered multicloud, but only if it makes use of services from multiple public cloud providers. Types of cloud services: IaaS vs. PaaS vs. SaaS vs. serverless models Within the cloud deployment models, there are several types of cloud services, including infrastructure, platforms, and software applications. Cloud service models are not mutually exclusive, and you can choose to use more than one in combination or even all of them at once. Here are the three main cloud service models: Infrastructure as a Service (IaaS) IaaS delivers on-demand infrastructure resources, such as compute, storage, networking, and virtualization. With IaaS, the service provider owns and operates the infrastructure, but customers will need to purchase and manage software, such as operating systems, middleware, data, and applications. Platform as a Service (PaaS) PaaS delivers and manages hardware and software resources for developing, testing, delivering, and managing cloud applications. Providers typically offer middleware, development tools, and cloud databases within their PaaS offerings. Software as a Service (SaaS) SaaS provides a full application stack as a service that customers can access and use. SaaS solutions often come as ready-to-use applications, which are managed and maintained by the cloud service provider. Serverless computing Serverless computing in cloud service models is also called Function as a Service (FaaS). This is a relatively new cloud service model that provides solutions to build applications as simple, eventtriggered functions without managing or scaling any infrastructure. Cloud Architecture Cloud architecture refers to how various cloud technology components, such as hardware, virtual resources, software capabilities, and virtual network systems interact and connect to create cloud computing environments. It acts as a blueprint that defines the best way to strategically combine resources to build a cloud environment for a specific business need. Cloud architecture is a key element of building in the cloud. It refers to the layout and connects all the necessary components and technologies required for cloud computing. Migrating to the cloud can offer many business benefits compared to on-premises environments, from improved agility and scalability to cost efficiency. While many organizations may start with a “lift-and-shift” approach, where on-premises applications are moved over with minimal modifications, ultimately it will be necessary to construct and deploy applications according to the needs and requirements of cloud environments. Cloud architecture dictates how components are integrated so that you can pool, share, and scale resources over a network. Think of it as a building blueprint for running and deploying applications in cloud environments. Cloud architecture components Architecture of cloud computing is the combination of both SOA (Service Oriented Architecture) and EDA (Event Driven Architecture). Client infrastructure, application, service, runtime cloud, storage, infrastructure, management and security all these are the components of cloud computing architecture. The cloud architecture is divided into 2 parts, i.e. Frontend and Backend Frontend Frontend of the cloud architecture refers to the client side of cloud computing system. Means it contains all the user interfaces and applications which are used by the client to access the cloud computing services/resources. For example, use of a web browser to access the cloud platform. Backend Backend refers to the cloud itself which is used by the service provider. It contains the resources as well as manages the resources and provides security mechanisms. Along with this, it includes huge storage, virtual applications, virtual machines, traffic control mechanisms, deployment models, etc. Following are the components of Cloud Computing Architecture Client Infrastructure – Client Infrastructure is a part of the frontend component. It contains the applications and user interfaces which are required to access the cloud platform. In other words, it provides a GUI( Graphical User Interface ) to interact with the cloud. Application : Application is a part of backend component that refers to a software or platform to which client accesses. Means it provides the service in backend as per the client requirement. Service: Service in backend refers to the major three types of cloud based services like SaaS, PaaS and IaaS. Also manages which type of service the user accesses. Runtime Cloud: Runtime cloud in backend platform/environment to the Virtual machine. provides the execution and Runtime Storage: Storage in backend provides flexible and scalable storage service and management of stored data. Infrastructure: Cloud Infrastructure in backend refers to the hardware and software components of cloud like it includes servers, storage, network devices, virtualization software etc. Management: Management in backend refers to management of backend components like application, service, runtime cloud, storage, infrastructure, and other security mechanisms etc. Security: Security in backend refers to implementation of different security mechanisms in the backend for secure cloud resources, systems, files, and infrastructure to end-users. Internet: Internet connection acts as the medium or a bridge between frontend and backend and establishes the interaction and communication between frontend and backend. Database: Database in backend refers to provide database for storing structured data, such as SQL and NOSQL databases. Example of Databases services include Amazon RDS, Microsoft Azure SQL database and Google CLoud SQL. Networking: Networking in backend services that provide networking infrastructure for application in the cloud, such as load balancing, DNS and virtual private networks. Analytics: Analytics in backend service that provides analytics capabilities for data in the cloud, such as warehousing, business intelligence and machine learning. Benefits of cloud architecture: Cost-effective : Instead of investing upfront costs for servers, you can opt to use the infrastructure of a cloud service provider. Dynamic provisioning allows you to further optimize spending by paying only for the computing resources you use. Faster time to market : You no longer need to wait to procure, set up, and configure computing infrastructure. Cloud architectures enable you to get up and running fast, so you spend more time focusing on developing and delivering new products. Scalability : Cloud architectures give you more flexibility to scale computing resources up (or down) based on your infrastructure requirements. You can easily scale to meet higher demand, whether from growth or seasonal spikes in traffic. Accelerated transformation : Cloud-native architectures like Kubernetes let you make the most of cloud services and automated environments to speed up modernization and drive digital transformation. More innovation : Cloud architectures allow you to leverage the latest technologies for storage, security, analytics, and AI like machine learning. High availability : Applications run and managed on cloud architectures benefit from highperformance computing resources that ensure continuous availability, regardless of fluctuating loads. Strong security : Cloud service providers consistently upgrade and improve their security mechanisms with expert professionals and the latest technologies to help secure your data, systems, and workloads. 4 layers of cloud architecture: Cloud is the outcome of several layers of cloud architecture intelligently placed over one another. Before we move towards the various layers, take a look at the more general picture of cloud layers below - Hardware Layer: This bottom most layer of cloud architecture, the hardware layer, primarily deals with all the hardware powering clouds. The hardware includes but is not restricted to routers, servers, switches, power and cooling systems. Infrastructure Layer: Also called the virtualization layer, the infrastructure layer is where all the servers are pooled together into one. Platform Layer: The platform layer comprises the operating system and other requisition structures and is based over the infrastructure layer. Application Layer: As the name suggests, the application layer - the topmost layer - contains applications that directly interact with the end-user. Four types of cloud architecture: Public cloud architecture: In a public cloud architecture, computing resources are owned and operated by a cloud services provider. These resources are shared and redistributed across multiple tenants via the Internet. Advantages of the public cloud include reduced operating costs, easy scalability, and little to no maintenance. Private cloud architecture: Private cloud refers to a cloud that is owned and managed privately, usually in a company’s own on-premises data center. However, the private cloud can also span to include multiple server locations or leased space in geographically scattered colocation facilities. Although typically more expensive than public cloud solutions, private cloud architecture is more customizable and can offer stringent data security and compliance options. Hybrid cloud architecture: A hybrid cloud environment combines the operating efficiencies of the public cloud and the data security capabilities of the private cloud. By utilizing both public and private cloud architectures, hybrid clouds help consolidate IT resources while enabling organizations to migrate workloads between environments depending on their IT and data security requirements. Multi-cloud architecture: A multi-cloud architecture is one that uses multiple public cloud services. The advantages of a multi-cloud environment include greater flexibility to choose and deploy the cloud services that are most likely to satisfy varying organizational requirements. Another upside is reduced reliance on any single cloud services vendor for greater cost savings and a lower likelihood of vendor lock-in. Additionally, multi-cloud architecture may be required to support microservices-based containerized applications, where services exist on multiple clouds. System Models For Distributed and Cloud Computing. (Refer text book 1 page numbers from 24 to 36) Distributed and cloud computing systems are built over a large number of autonomous computer nodes. These node machines are interconnected by SANs, LANs, or WANs in a hierarchical manner. With today’s networking technology, a few LAN switches can easily connect hundreds of machines as a working cluster. A WAN can connect many local clusters to form a very large cluster of clusters. Massive systems are considered highly scalable, and can reach web-scale connectivity, either physically or logically. Massive systems are classified into four groups: Clusters : A distributed systems cluster is a group of machines that are virtually or geographically separated and that work together to provide the same service or application to clients. It is possible that many of the services you run in your network today are part of a distributed systems Cluster Distributed Services: P2P Networks : In a P2P system, every node acts as both a client and a server, providing part of the system resources. Peer machines are simply client computers connected to the Internet. All client machines act autonomously to join or leave the system freely. This implies that no masterslave relationship exists among the peers. No central coordination or central database is needed. The system is self-organizing with distributed control. Computing Grids :This is the use of widely distributed computer resources to reach a common goal. A computing grid can be thought of as a distributed system with non-interactive workloads that involve many files. Grid computing is distinguished from conventional high-performance computing systems such as cluster computing in that grid computers have each node set to perform a different task/application. Grid computers also tend to be more heterogeneous and geographically dispersed than cluster computers. Internet clouds :The idea is to move desktop computing to a service-oriented platform using server clusters and huge databases at data centers. Cloud computing leverages its low cost and simplicity to benefit both users and providers. Machine virtualization has enabled such costeffectiveness. Cloud computing intends to satisfy many user Virtualized resources from data centers to form an Internet cloud, provisioned with hardware, software, storage, network, and services for paid users to run their applications. NIST Cloud Computing Reference Architecture The National Institute of Standards and Technology (NIST) has been designated by Federal Chief Information Officer (CIO) Vivek Kundra with technical leadership for US government (USG) agency efforts related to the adoption and development of cloud computing standards. The goal is to accelerate the federal government‟s adoption of secure and effective cloud computing to reduce costs and improve services. The NIST strategy is to build a USG Cloud Computing Technology Roadmap which focuses on the highest priority USG cloud computing security, interoperability and portability requirements, and to lead efforts to develop standards and guidelines in close consultation and collaboration with standards bodies, the private sector, and other stakeholders. The NIST cloud computing reference architecture focuses on the requirements of “what” cloud services provide, not a “how to” design solution and implementation. The reference architecture is intended to facilitate the understanding of the operational intricacies in cloud computing. It does not represent the system architecture of a specific cloud computing system; instead it is a tool for describing, discussing, and developing a system-specific architecture using a common framework of reference. The design of the NIST cloud computing reference architecture serves the following objectives: to illustrate and understand the various cloud services in the context of an overall cloud computing conceptual model; to provide a technical reference to USG agencies and other consumers to understand, discuss, categorize and compare cloud services; and to facilitate the analysis of candidate standards for security, interoperability, and portability and reference implementations. Fig.: NIST Cloud Computing Reference Architecture NIST cloud computing reference architecture, which identifies the major actors, their activities and functions in cloud computing. The diagram depicts a generic high-level architecture and is intended to facilitate the understanding of the requirements, uses, characteristics and standards of cloud computing. NIST cloud computing reference architecture defines five major actors: cloud consumer, cloud provider, cloud carrier, cloud auditor and cloud broker. Each actor is an entity (a person or an organization) that participates in a transaction or process and/or performs tasks in cloud computing. Interactions between the Actors in Cloud Computing Cloud Consumer The cloud consumer is the principal stakeholder for the cloud computing service. A cloud consumer represents a person or organization that maintains a business relationship with, and uses the service from a cloud provider. A cloud consumer browses the service catalog from a cloud provider, requests the appropriate service, sets up service contracts with the cloud provider, and uses the service. The cloud consumer may be billed for the service provisioned, and needs to arrange payments accordingly. Cloud consumers need SLAs to specify the technical performance requirements fulfilled by a cloud provider. SLAs can cover terms regarding the quality of service, security, remedies for performance failures. A cloud provider may also list in the SLAs a set of promises explicitly not made to consumers, i.e. limitations, and obligations that cloud consumers must accept. A cloud consumer can freely choose a cloud provider with better pricing and more favorable terms. Typically a cloud provider‟s pricing policy and SLAs are non-negotiable, unless the customer expects heavy usage and might be able to negotiate for better contracts. Depending on the services requested, the activities and usage scenarios can be different among cloud consumers. The following Figure presents some example cloud services available to a cloud consumer Example Services Available to a Cloud Consumer SaaS applications in the cloud and made accessible via a network to the SaaS consumers. The consumers of SaaS can be organizations that provide their members with access to software applications, end users who directly use software applications, or software application administrators who configure applications for end users. SaaS consumers can be billed based on the number of end users, the time of use, the network bandwidth consumed, the amount of data stored or duration of stored data. Cloud consumers of PaaS can employ the tools and execution resources provided by cloud providers to develop, test, deploy and manage the applications hosted in a cloud environment. PaaS consumers can be application developers who design and implement application software, application testers who run and test applications in cloud-based environments, application deployers who publish applications into the cloud, and application administrators who configure and monitor application performance on a platform. PaaS consumers can be billed according to, processing, database storage and network resources consumed by the PaaS application, and the duration of the platform usage. Consumers of IaaS have access to virtual computers, network-accessible storage, network infrastructure components, and other fundamental computing resources on which they can deploy and run arbitrary software. The consumers of IaaS can be system developers, system administrators and IT managers who are interested in creating, installing, managing and monitoring services for IT infrastructure operations. IaaS consumers are provisioned with the capabilities to access these computing resources, and are billed according to the amount or duration of the resources consumed, such as CPU hours used by virtual computers, volume and duration of data stored, network bandwidth consumed, number of IP addresses used for certain intervals. Cloud Provider A cloud provider is a person, an organization; it is the entity responsible for making a service available to interested parties. A Cloud Provider acquires and manages the computing infrastructure required for providing the services, runs the cloud software that provides the services, and makes arrangement to deliver the cloud services to the Cloud Consumers through network access. For Software as a Service, the cloud provider deploys, configures, maintains and updates the operation of the software applications on a cloud infrastructure so that the services are provisioned at the expected service levels to cloud consumers. The provider of SaaS assumes most of the responsibilities in managing and controlling the applications and the infrastructure, while the cloud consumers have limited administrative control of the applications. For PaaS, the Cloud Provider manages the computing infrastructure for the platform and runs the cloud software that provides the components of the platform, such as runtime software execution stack, databases, and other middleware components. The PaaS Cloud Provider typically also supports the development, deployment and management process of the PaaS Cloud Consumer by providing tools such as integrated development environments (IDEs), development version of cloud software, software development kits (SDKs), deployment and management tools. The PaaS Cloud Consumer has control over the applications and possibly some the hosting environment settings, but has no or limited access to the infrastructure underlying the platform such as network, servers, operating systems (OS), or storage. For IaaS, the Cloud Provider acquires the physical computing resources underlying the service, including the servers, networks, storage and hosting infrastructure. The Cloud Provider runs the cloud software necessary to makes computing resources available to the IaaS Cloud Consumer through a set of service interfaces and computing resource abstractions, such as virtual machines and virtual network interfaces. The IaaS Cloud Consumer in turn uses these computing resources, such as a virtual computer, for their fundamental computing needs Compared to SaaS and PaaS Cloud Consumers, an IaaS Cloud Consumer has access to more fundamental forms of computing resources and thus has more control over the more software components in an application stack, including the OS and network. The IaaS Cloud Provider, on the other hand, has control over the physical hardware and cloud software that makes the provisioning of these infrastructure services possible, for example, the physical servers, network equipments, storage devices, host OS and hypervisors for virtualization. A Cloud Provider‟s activities can be described in five major areas, as shown in following Figure, a cloud provider conducts its activities in the areas of service deployment, service orchestration, cloud service management, security, and privacy. Cloud Provider - Major Activities Cloud Auditor A cloud auditor is a party that can perform an independent examination of cloud service controls with the intent to express an opinion thereon. Audits are performed to verify conformance to standards through review of objective evidence. A cloud auditor can evaluate the services provided by a cloud provider in terms of security controls, privacy impact, performance, etc. Auditing is especially important for federal agencies as “agencies should include a contractual clause enabling third parties to assess security controls of cloud providers” [4] (by Vivek Kundra, Federal Cloud Computing Strategy, Feb. 2011.). Security controls [3] are the management, operational, and technical safeguards or countermeasures employed within an organizational information system to protect the confidentiality, integrity, and availability of the system and its information. For security auditing, a cloud auditor can make an assessment of the security controls in the information system to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to the security requirements for the system. The security auditing should also include the verification of the compliance with regulation and security policy. For example, an auditor can be tasked with ensuring that the correct policies are applied to data retention according to relevant rules for the jurisdiction. The auditor may ensure that fixed content has not been modified and that the legal and business data archival requirements have been satisfied. A privacy impact audit can help Federal agencies comply with applicable privacy laws and regulations governing an individual‟s privacy, and to ensure confidentiality, integrity, and availability of an individual‟s personal information at every stage of development and operation Cloud Broker As cloud computing evolves, the integration of cloud services can be too complex for cloud consumers to manage. A cloud consumer may request cloud services from a cloud broker, instead of contacting a cloud provider directly. A cloud broker is an entity that manages the use, performance and delivery of cloud services and negotiates relationships between cloud providers and cloud consumers. In general, a cloud broker can provide services in three categories [9]: Service Intermediation: A cloud broker enhances a given service by improving some specific capability and providing value-added services to cloud consumers. The improvement can be managing access to cloud services, identity management, performance reporting, enhanced security, etc. Service Aggregation: A cloud broker combines and integrates multiple services into one or more new services. The broker provides data integration and ensures the secure data movement between the cloud consumer and multiple cloud providers. Service Arbitrage: Service arbitrage is similar to service aggregation except that the services being aggregated are not fixed. Service arbitrage means a broker has the flexibility to choose services from multiple agencies. The cloud broker, for example, can use a credit-scoring service to measure and select an agency with the best score. Cloud Carrier A cloud carrier acts as an intermediary that provides connectivity and transport of cloud services between cloud consumers and cloud providers. Cloud carriers provide access to consumers through network, telecommunication and other access devices. For example, cloud consumers can obtain cloud services through network access devices, such as computers, laptops, mobile phones, mobile Internet devices (MIDs), etc. The distribution of cloud services is normally provided by network and telecommunication carriers or a transport agent, where a transport agent refers to a business organization that provides physical transport of storage media such as high-capacity hard drives. Note that a cloud provider will set up SLAs with a cloud carrier to provide services consistent with the level of SLAs offered to cloud consumers, and may require the cloud carrier to provide dedicated and secure connections between cloud consumers and cloud providers. Cloud deployment models In cloud computing, we have access to a shared pool of computer resources (servers, storage, programs, and so on) in the cloud. You simply need to request additional resources when you require them. Getting resources up and running quickly is a breeze thanks to the clouds. It is possible to release resources that are no longer necessary. This method allows you to just pay for what you use. Your cloud provider is in charge of all upkeep. What is a Cloud Deployment Model? Cloud Deployment Model functions as a virtual computing environment with a deployment architecture that varies depending on the amount of data you want to store and who has access to the infrastructure. Types of Cloud Computing Deployment Models The cloud deployment model identifies the specific type of cloud environment based on ownership, scale, and access, as well as the cloud’s nature and purpose. The location of the servers you’re utilizing and who controls them are defined by a cloud deployment model. It specifies how your cloud infrastructure will look, what you can change, and whether you will be given services or will have to create everything yourself. Relationships between the infrastructure and your users are also defined by cloud deployment types. Different types of cloud computing deployment models are described below. Public Cloud The public cloud makes it possible for anybody to access systems and services. The public cloud may be less secure as it is open to everyone. The public cloud is one in which cloud infrastructure services are provided over the internet to the general people or major industry groups. The infrastructure in this cloud model is owned by the entity that delivers the cloud services, not by the consumer. It is a type of cloud hosting that allows customers and users to easily access systems and services. This form of cloud computing is an excellent example of cloud hosting, in which service providers supply services to a variety of customers. In this arrangement, storage backup and retrieval services are given for free, as a subscription, or on a per-user basis. For example, Google App Engine etc. Public Cloud Advantages of the Public Cloud Model Minimal Investment: Because it is a pay-per-use service, there is no substantial upfront fee, making it excellent for enterprises that require immediate access to resources. No setup cost: The entire infrastructure is fully subsidized by the cloud service providers, thus there is no need to set up any hardware. Infrastructure Management is not required: Using the public cloud does not necessitate infrastructure management. No maintenance: The maintenance work is done by the service provider (not users). Dynamic Scalability: To fulfill your company’s needs, on-demand resources are accessible. Disadvantages of the Public Cloud Model Less secure: Public cloud is less secure as resources are public so there is no guarantee of high-level security. Low customization: It is accessed by many public so it can’t be customized according to personal requirements. Private Cloud The private cloud deployment model is the exact opposite of the public cloud deployment model. It’s a one-on-one environment for a single user (customer). There is no need to share your hardware with anyone else. The distinction between private and public clouds is in how you handle all of the hardware. It is also called the “internal cloud” & it refers to the ability to access systems and services within a given border or organization. The cloud platform is implemented in a cloud-based secure environment that is protected by powerful firewalls and under the supervision of an organization’s IT department. The private cloud gives greater flexibility of control over cloud resources. Private Cloud Advantages of the Private Cloud Model Better Control: You are the sole owner of the property. You gain complete command over service integration, IT operations, policies, and user behavior. Data Security and Privacy: It’s suitable for storing corporate information to which only authorized staff have access. By segmenting resources within the same infrastructure, improved access and security can be achieved. Supports Legacy Systems: This approach is designed to work with legacy systems that are unable to access the public cloud. Customization: Unlike a public cloud deployment, a private cloud allows a company to tailor its solution to meet its specific needs. Disadvantages of the Private Cloud Model Less scalable: Private clouds are scaled within a certain range as there is less number of clients. Costly: Private clouds are more costly as they provide personalized facilities. Hybrid Cloud By bridging the public and private worlds with a layer of proprietary software, hybrid cloud computing gives the best of both worlds. With a hybrid solution, you may host the app in a safe environment while taking advantage of the public cloud’s cost savings. Organizations can move data and applications between different clouds using a combination of two or more cloud deployment methods, depending on their needs. Hybrid Cloud Advantages of the Hybrid Cloud Model Flexibility and control: Businesses with more flexibility can design personalized solutions that meet their particular needs. Cost: Because public clouds provide scalability, you’ll only be responsible for paying for the extra capacity if you require it. Security: Because data is properly separated, the chances of data theft by attackers are considerably reduced. Disadvantages of the Hybrid Cloud Model Difficult to manage: Hybrid clouds are difficult to manage as it is a combination of both public and private cloud. So, it is complex. Slow data transmission: Data transmission in the hybrid cloud takes place through the public cloud so latency occurs. Community Cloud It allows systems and services to be accessible by a group of organizations. It is a distributed system that is created by integrating the services of different clouds to address the specific needs of a community, industry, or business. The infrastructure of the community could be shared between the organization which has shared concerns or tasks. It is generally managed by a third party or by the combination of one or more organizations in the community. Community Cloud Advantages of the Community Cloud Model Cost Effective: It is cost-effective because the cloud is shared by multiple organizations or communities. Security: Community cloud provides better security. Shared resources: It allows you to share resources, infrastructure, etc. with multiple organizations. Collaboration and data sharing: It is suitable for both collaboration and data sharing. Disadvantages of the Community Cloud Model Limited Scalability: Community cloud is relatively less scalable as many organizations share the same resources according to their collaborative interests. Rigid in customization: As the data and resources are shared among different organizations according to their mutual interests if an organization wants some changes according to their needs they cannot do so because it will have an impact on other organizations. Multi-Cloud We’re talking about employing multiple cloud providers at the same time under this paradigm, as the name implies. It’s similar to the hybrid cloud deployment approach, which combines public and private cloud resources. Instead of merging private and public clouds, multi-cloud uses many public clouds. Although public cloud providers provide numerous tools to improve the reliability of their services, mishaps still occur. It’s quite rare that two distinct clouds would have an incident at the same moment. As a result, multi-cloud deployment improves the high availability of your services even more. Advantages of the Multi-Cloud Model You can mix and match the best features of each cloud provider’s services to suit the demands of your apps, workloads, and business by choosing different cloud providers. Reduced Latency: To reduce latency and improve user experience, you can choose cloud regions and zones that are close to your clients. High availability of service: It’s quite rare that two distinct clouds would have an incident at the same moment. So, the multi-cloud deployment improves the high availability of your services. Disadvantages of the Multi-Cloud Model Complex: The combination of many clouds makes the system complex and bottlenecks may occur. Security issue: Due to the complex structure, there may be loopholes to which a hacker can take advantage hence, makes the data insecure. Factors Public Cloud Private Cloud Initial Setup Easy Scalability and Flexibility CostComparison High Community Hybrid Cloud Cloud Complex, Complex, Complex, requires a requires a requires a professional professional professional team to setup team to setup team to setup High Fixed High Cost-Effective Costly Reliability Low Data Security Low Data Privacy Low Low High High Distributed cost among members High High High Between public and private cloud High High High Cloud Computing Service Models There are three main types of service models of cloud computing. Each type of cloud computing provides different levels of control, flexibility, and management so that you’ll select the proper set of services for your needs. The three Cloud Service Models are as follows: Infrastructure as a Service (IaaS) Platform as a Service (PaaS) Software as a Service (SaaS) Infrastructure As A Service (IaaS) It is the most flexible type of cloud service which lets you rent the hardware and contains the basic building blocks for cloud and IT. It gives complete control over the hardware that runs your application (servers, VMs, storage, networks & operating systems). It’s an instant computing infrastructure, provisioned and managed over the internet. IaaS gives you the very best level of flexibility and management control over your IT resources. It is almost like the prevailing IT resources with which many IT departments and developers are familiar. Examples of IaaS are virtual Machines or AWS EC2, Storage or Networking. DigitalOcean, Amazon Web Services (AWS), Microsoft Azure, Google Compute Engine (GCE), Rackspace, and Cisco Metacloud. Benefits of IaaS IaaS is an efficient and cost-effective way to deploy, operate, and scale your IT infrastructure. It’s easy to set up and configure, so you can start using it quickly. And because it’s available as a service from an external provider, you don’t have to worry about building and maintaining your own infrastructure. IaaS offers the following benefits: Cost savings: IaaS is more cost-effective than building your own data center. You pay only for what you need — storage space, CPU power, bandwidth, and other resources. This makes it easier to scale up or down as needed. On-demand access: You can instantly provision new resources whenever they’re needed without having to invest in new hardware and software or hire additional IT staff members. The cloud provider takes care of all the maintenance and upgrades required to keep your servers online 24/7 with 99 percent uptime guarantees (or better). Flexibility: With cloud computing, you can easily add more resources when demand increases without having to upgrade equipment or hire more IT professionals. IaaS Use-Cases Here are some common IaaS use cases: IaaS is useful for backing up, storing, and recovering data and also helps in managing fluctuating storage needs. It is cheaper and faster to set up test and development environments with IaaS. Companies working with Big Data often use IaaS as it allows them to significantly increase their computing power. IaaS can be an optimal basis for some complex web projects, particularly for sites with profoundly fluctuating traffic, as a website hosted in the cloud can profit from the verbosity rendered by a massive network of physical servers and demand scalability to manage unpredictable demands Due to its stability, IaaS can be a better alternative for complex tasks which include millions of variables or calculations and in general, might require the use of supercomputers or clusters. Users can easily access high-end apps with IaaS. They can run graphic-intensive applications without any latency issues as the cloud servers offer superior performance and in addition to this, they will have increased productivity because the app will run with great speed. The application deployment over the cloud can be done in less time with IaaS. You can scale up or down the apps based on unpredictable demands. Moreover, all your infrastructure and storage requirements are borne by the providers so that you can easily deploy the applications. Disadvantages of laaS Limited infrastructure control: Although IaaS providers normally handle upkeep, upgrades, and management of the underlying infrastructure, this might also imply that users have less control over the environment and might not be able to make some adjustments. Security issues: Users must take responsibility for protecting their data and apps, which can be very demanding. Restricted access: Owing to legal regulations, cloud computing may not be available in some states or nations. Platform As A Service (PaaS) PaaS is a cloud service model that gives a ready-to-use development environment where developers can specialize in writing and executing high-quality code to make customized applications. It helps to create an application quickly without managing the underlying infrastructure. For example, when deploying a web application using PaaS, you don’t have to install an operating system, web server, or even system updates. However, you can scale and add new features to your services. This cloud service model makes the method of developing and deploying applications simpler and it is more expensive than IaaS but less expensive than SaaS. This helps you be more efficient as you don’t get to worry about resource procurement, capacity planning, software maintenance, patching, or any of the opposite undifferentiated work involved in running your application. Examples of PaaS: Elastic Beanstalk or Lambda from AWS, WebApps, Functions or Azure SQL DB from Azure, Cloud SQL DB from Google Cloud, or Oracle Database Cloud Service from Oracle Cloud. Benefits of PaaS PaaS is an easy way to build an application, and it offers a lot of benefits. Here are just a few: Faster development time – You don’t have to build infrastructure before you can start coding. Reduced costs – Your IT department won’t need to spend time on manual deployments or server management. Enhanced security – PaaS providers lock down your applications so that they’re more secure than traditional web apps. High availability – A PaaS provider can make sure your application is always available, even during hardware failures or maintenance windows. PaaS Use-Cases There are multiple use cases for PaaS, in a wide range of business contexts. Some of them are: PaaS is useful for companies developing, running, and managing app programming interfaces and microservices. The same goes for the development of new APIs and complete API management. PaaS is suitable for setting up and managing an organization’s database. It offers a scalable, secure, and on-demand platform to create, administer, and maintain databases. PaaS tools allow for advanced analysis of business data, to identify patterns, make predictions, and ultimately make more qualified and data-driven decisions. These tools can help companies predict behaviors and events for better planning. PaaS supports various programming languages, application environments, and tools, which allows connectivity and integrations required in IoT deployments. PaaS can be a delivery mechanism for communication and collaboration which means that features like voice, chat, and videos can be added to applications built on the PaaS cloud service model. Disadvantages of Paas Limited infrastructure control: Although PaaS providers normally handle upkeep, upgrades, and management of the underlying infrastructure, this might also imply that users have less control over the environment and may not be able to make certain adjustments. Dependency on the provider: Customers rely on the PaaS provider to maintain the platform’s scalability, availability, and dependability; however, this poses a risk if the provider encounters disruptions or other problems. Restricted flexibility: The usefulness of PaaS solutions for some organizations may be limited if they cannot handle particular workloads or applications. Software As A Service (SaaS) SaaS provides you with a complete product that is run and managed by the service provider. The software is hosted online and made available to customers on a subscription basis or for purchase in this cloud service model. With a SaaS offering, you don’t need to worry about how the service is maintained or how the underlying infrastructure is managed. It would help if you believed how you’d use that specific software. Examples of SaaS: Microsoft Office 365, Oracle ERP/HCM Cloud, SalesForce, Gmail, or Dropbox. Benefits of SaaS The benefits of SaaS are numerous and varied. Many businesses have already made the switch to SaaS, but some are still skeptical about making the change. Here are some of the top reasons why you should consider switching to SaaS: Lower Total Cost of Ownership: One of the biggest benefits of SaaS is that it lowers your total cost of ownership (TCO) by eliminating hardware expenses and maintenance costs. There is no longer a need to buy servers or hire IT professionals to maintain or monitor them, which results in fewer upfront costs and reduced maintenance fees over time. Better Security: Another benefit of SaaS is improved security. Since most services are hosted on secure servers in data centers with 24/7 monitoring, there’s less chance for hackers to gain access or steal your data. This makes SaaS a more secure option for storing sensitive information than other options like on-premise software or local servers. In fact, according to Gartner’s 2017 Magic Quadrant report, “Software as a service (SaaS) offerings provide better security than self-hosted software does.” SaaS Use-Cases Pop-up live events are well-suited to SaaS models, specifically live sports and esports tournaments, where the event’s temporary nature only requires services for a few hours a day in a week. SaaS brings new benefits for content owners looking to take their content directly to the consumer (D2C), with deployments covering everything from the Customer Management Systems (CMS), subscriber management systems, and user experience. SaaS helps in delivering applications that can be widely distributed and accessed. For example, Google’s Gmail is a fully managed email-based application and is most easily accessed over the internet without requiring you to install any software on your local device to be able to use it. Disadvantages of Saas Limited customization: SaaS solutions are usually less customizable than software that is hosted on-premises. As a result, customers may not be able to customize the program to meet their unique requirements and may be forced to operate within the platform limitations of the SaaS provider. Dependency on Internet connectivity: Since SaaS solutions are usually cloud-based, a steady Internet connection is necessary for them to operate as intended. Users who need to access the software offline or in places with spotty connectivity may find this troublesome. Security issues: Although SaaS providers are in charge of ensuring the security of the information kept on their servers, security incidents and data breaches are still a possibility. Limited control over data: Organizations who must maintain stringent control over their data for regulatory or other reasons may be concerned that SaaS providers may have access to a user’s data. Characteristics Of Cloud Service Model Multi-Tenant: Multi-tenancy is an architecture in which a single instance of a software application serves multiple customers. Each customer is called a tenant. Self-Sevice: Self-service cloud computing is a private cloud service where the customer provisions storage and launches applications without an external cloud service provider. With a self-service cloud, users access a web-based portal to request or configure servers and launch applications. Elastic (Scale-Up | Scale-Down): Elasticity is the ability to grow or shrink infrastructure resources dynamically as needed to adapt to workload changes in an autonomic manner, maximizing the use of resources. This can result in savings in infrastructure costs overall. Web-Based: It means you can access your resources via Web-Based applications. Automated: Most of the things in the Cloud are automated, and human intervention is less. Pay As You Go Model: You only have to pay when utilizing cloud resources. Modern Web-Based Integration: It allows you to configure multiple application programs to share data in the cloud. In a network that incorporates cloud integration, diverse applications communicate either directly or through third-party software. Secure: Cloud services create a copy of the data that you want to store to prevent any form of data loss. If one server loses the data by any chance, the copy version is restored from the other server. Cloud Infrastructure Cloud Infrastructure is the collection of hardware and software elements such as computing power, networking, storage, and virtualization resources needed to enable cloud computing. Cloud infrastructure types usually also include a user interface (UI) for managing these virtual resources. Infrastructure as a Service, or IaaS, is a prominent and accessible example of this model. With IaaS, a team or enterprise acquires the computing infrastructure it needs over the Internet, including computing power (whether on physical or, more likely, virtual machines), storage, and plenty of related needs such as load balancers and firewalls. They do this in lieu of provisioning and managing their own physical infrastructure. Instead, they lease the resources they need from the IaaS provider. While this is a well-known example, cloud infrastructure, or cloud architecture, encompasses a larger range of platforms and environments, including private and hybrid clouds. In a cloud computing architecture, cloud infrastructure refers to the back-end technology elements found within most enterprise data centers -- servers, persistent storage and networking equipment - but on a much greater scale. Some large cloud providers, including hyperscale cloud companies, such as Facebook and LinkedIn, form partnerships with vendors to design custom infrastructure components that are optimized for specific needs, such as power efficiency or workloads that include big data and AI. Servers Major public cloud providers, such as Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform, offer services based on shared, multi-tenant servers. This model requires massive compute capacity to handle unpredictable changes in user demand and to optimally balance demand across fewer servers. As a result, cloud infrastructure typically consists of high-density systems with shared power; often, these are multisocket and multicore servers. Storage Additionally, unlike most traditional data center infrastructures, cloud infrastructure typically uses locally attached storage -- both solid-state drives (SSDs) and hard disk drives (HDDs) -- instead of shared disk arrays on a storage area network. These persistent storage systems are aggregated using a distributed file system (DFS) designed for a particular storage scenario, such as object, big data or block. Decoupling the storage control and management from the physical infrastructure via a distributed file system simplifies scaling. It also helps cloud providers match capacity to users' workloads by incrementally adding compute nodes with the requisite number and type of local disks, rather than in large amounts via a large storage chassis. Networking Cloud computing depends upon high-bandwidth connectivity to transmit data, so cloud infrastructure also includes typical equipment for local area networks, such as switches and routers, as well as virtual networking support and load balancing to distribute network traffic. Public vs. private vs. hybrid cloud architectures Cloud infrastructure is present in each of the three main cloud computing deployment models: private cloud, public cloud and hybrid cloud. Private cloud In a private cloud, an organization typically builds and owns the cloud infrastructure components and houses them within its own data center. This setup is a single-tenant environment, meaning the organization is the only one using the dedicated infrastructure and services. This architecture seeks the best of both worlds: versatility and convenience of cloud-delivered services, with the tighter control, management and security that come with data center ownership. Organizations may choose a private cloud infrastructure because their computing needs are irregular and would be too costly to run in a public cloud model. They may require greater control or security over infrastructure assets, critical applications or sensitive data or must meet specific regulatory and governance requirements. Public cloud In a public cloud model, the cloud infrastructure components are owned by a third-party public cloud provider, and these resources are shared among customers in multi-tenant environments. Customers pay for services and capabilities based on core infrastructure resources -- central processing unit (CPU) cycles, storage, bandwidth, etc., as well as higher-level services -- but do not own or manage those underlying resources themselves. Cloud providers sell these services on demand, typically per minute or hour, often through long-term commitments. Hybrid cloud A hybrid cloud consists of a mix of both models to form a single logical cloud for the user. A business can rely on a private cloud to run certain workloads or sensitive applications or host private sensitive data, while it runs other apps and data in a public cloud. Public cloud resources also can be tapped to handle bursts or spikes in demand to provide flexibility for private cloud use. A related model is a multi-cloud model, in which an enterprise uses multiple cloud providers. This may be to run services concurrently for resiliency or migrate apps between providers. Most organizations seeking a cloud computing model rely on a public cloud provider, which has vastly more resources and expertise to design, build and manage a cloud infrastructure. These providers acquire infrastructure components -- sometimes with design input -- and customers select levels of abstracted resources, such as compute, sized virtualized instances and storage. They also provide higher-level services for self-service, orchestration, integration, security, reporting and billing, to name a few. However, some organizations may require their own private cloud and choose to be responsible for the full stack, from the hardware to management and the applications and workloads that run on it. For them, building a private cloud infrastructure on premises requires the following: a standardized architecture designed to share IT resources, provide scalability and elasticity for workloads, and ensure policy-based configurations and governance; on-premises hardware and software from which to abstract resource capabilities, such as compute, virtualization and containers, storage and networking; and additional management functions, such as integrations, orchestration, security, reporting and chargeback. The specific tech stack for a private cloud depends upon the chosen provider. A business can build a private cloud using its preexisting hardware and vendor-provided software or choose a vendor to provide both the software and hardware components. Alternatively, an enterprise can create a private cloud off premises using cloud providers' resources: In a hosted private cloud, a service provider hosts and manages cloud services for a single customer on dedicated infrastructure -- hardware, networking and software. A managed private cloud extends the hosted option, where the provider additionally manages other services, such as identity management. A virtual private cloud is a walled-off environment in a public cloud where workloads are isolated from other customers but still run on multi-tenant servers. An extension of this concept involves on-premises infrastructure that is controlled by the cloud provider; examples include AWS Outposts, Azure Stack and Google Anthos. Advantages of using cloud infrastructure Using a cloud infrastructure presents several benefits for customers compared with procuring and managing in-house infrastructure. Of these benefits, cost and security are particular advantages for using a public cloud provider. Flexibility. Customers can procure resources that are rapidly accessible and self-manage the resources to better align to business needs. This is particularly valuable to burst on-premises workloads into the cloud to utilize extra resources. Reliability. Cloud providers' expansive infrastructure and redundancy options through availability zones deliver reliability at a scale beyond any single customer's in-house resources. Outages are rare but do occur, so customers should plan cloud usage based on their workloads' reliability and uptime requirements. Cost. Using cloud infrastructure eliminates upfront capital costs associated with on-premises infrastructure and instead follows a consumption-based model. This pay-per-usage model charges users only for the infrastructure services they consume, generally on an hourly, weekly or monthly basis. Additionally, the large capital expenditures for on-premises infrastructure investments is converted to a smaller, recurring and predictable operational expense. Security. Initial concerns about the security of public cloud resources have diminished. Cloud providers constantly invest in and improve their abilities to protect their infrastructure from security threats. Most cloud security issues can be traced to user misconfigurations of individual services, rather than external bad actors. Disadvantages of cloud infrastructure At the same time, there are several challenges to consider when using a cloud infrastructure. Shared security. Although cloud providers are vigilant to secure their cloud infrastructure, it's exceedingly complex to oversee that scale of infrastructure and services. Moreover, the shared responsibility model means providers only secure their infrastructure -- customers are responsible for protecting their workloads and data through proper configuration, access controls and monitoring. Visibility and management. The virtualization layer of a cloud infrastructure generally means customers do not have visibility into the actual physical hardware upon which their workloads run. Public cloud providers do offer dedicated hardware and bare-metal servers, which provide control over the entire server stack and also typically higher performance but at higher costs. Out-of-control costs. A pay-as-you-go model works for cloud customers as long as they closely allocate and monitor the services they use. Overprovisioning, inactive resources and failure to understand service dependencies all can quickly add up to unexpected cloud costs. Customers must diligently monitor and manage cloud use as they consume increasingly granular, complex and integrated cloud services. Cloud infrastructure management processes and tools There is a vast array of tools to provision and manage cloud infrastructure resources. Cloud platform providers offer numerous performance and pricing tiers for compute, storage, networking, monitoring, analytics, AI and machine learning, and more. Examples of compute and storage services include AWS Elastic Compute Cloud, Simple Storage Service and Glacier; Microsoft Azure VMs, Azure Files and Blob Storage; and Google Compute Engine, Filestore and Persistent Disk. ARCHITECTURAL DESIGN OF COMPUTE AND STORAGE CLOUDS A Generic Cloud Architecture Design Cloud architecture is intended to process massive amounts of data with a high degree of parallelism. The following are the major design goals of a cloud architecture: Scalability – cloud can be easily expanded by adding more servers and enlarging the network connectivity accordingly. Virtualization - The cloud management software needs to support both physical and virtual machines Efficiency - The hardware and software systems are combined to make it easy and efficient to operate. Reliability - Data can be put into multiple locations. In such a situation, even if one of the data centers crashes, the user data is still accessible. Security in shared resources and shared access of data centers also pose another design challenge. C louds support Web 2.0 applications. Cloud management receives the user request, finds the correct resources, and then calls the provisioning services which invoke the resources in the cloud. Enabling Technologies for Clouds The key driving forces behind cloud computing are the ubiquity of broadband and wireless networking, falling storage costs, and progressive improvements in Internet computing software. Cloud users are able to demand more capacity at peak demand, reduce costs, experiment with new services, and remove unneeded capacity, whereas service providers can increase system utilization via multiplexing, virtualization, and dynamic resource provisioning. Cloud-Enabling Technologies in Hardware, Software, and Networking Fast platform Deployment – flexible deployment of cloud resources Virtual clusters on demand – to be provided and cluster need to be reconfigured as workload changes Multitenant techniques –refers distributing software to a large no. of users simultaneously Massive data processing –internet search and web services required this process Web-scale communication – support for e-commerce, education, social networking, medical care etc. Distributed storage –large scale storage of data in distributed storage Licensing and billing services Rapid progress in multicore CPUs, memory chips, and disk arrays has made it possible to build faster data centers with huge amounts of storage space. Resource virtualization enables rapid cloud deployment and disaster recovery. Service-oriented architecture (SOA) also plays a vital role. Today’s clouds are designed to serve a large number of tenants over massive volumes of data. The availability of large-scale, distributed storage systems is the foundation of today’s data centers. Of course, cloud computing is greatly benefited by the progress made in license management and automatic billing techniques in recent years. A Generic Cloud Architecture Figure shows security-aware cloud architecture. The Internet cloud is envisioned as a massive cluster of servers. These servers are provisioned on demand to perform collective web services or distributed applications using data-center resources. The cloud platform is formed dynamically by provisioning or deprovisioning servers, software, and database resources. Servers in the cloud can be physical machines or VMs. In addition to building the server cluster, the cloud platform demands distributed storage and accompanying services. The cloud computing resources are built into the data centers, which are typically owned and operated by a third-party provider. We need to build a framework to process large-scale data stored in the storage system. This demands a distributed file system over the database system. Other cloud resources are added into a cloud platform, including storage area networks (SANs), database systems, firewalls, and security devices. Web service providers offer special APIs that enable developers to exploit Internet clouds. Monitoring and metering units are used to track the usage and performance of provisioned resources. The software infrastructure of a cloud platform must handle all resource management and do most of the maintenance automatically. Software must detect the status of each node server joining and leaving, and perform relevant tasks accordingly. In general, private clouds are easier to manage, and public clouds are easier to access. The trends in cloud development are that more and more clouds will be hybrid. Layered Cloud Architectural Development The architecture of a cloud is developed at three layers: infrastructure, platform, and application, as demonstrated in figure. These three development layers are implemented with virtualization and standardization of hardware and software resources provisioned in the cloud. The services to public, private, and hybrid clouds are conveyed to users through networking support over the Internet and intranets involved. It is clear that the infrastructure layer is deployed first to support IaaS services. This infrastructure layer serves as the foundation for building the platform layer of the cloud for supporting PaaS services. In turn, the platform layer is a foundation for implementing the application layer for SaaS applications. Different types of cloud services demand application of these resources separately. The infrastructure layer is built with virtualized compute, storage, and network resources. The platform layer is for general-purpose and repeated usage of the collection of software resources. This layer provides users with an environment to develop their applications, to test operation flows, and to monitor execution results and performance. Virtualized cloud platform serves as a “system middleware” between the infrastructure and application layers of the cloud. The application layer is formed with a collection of all needed software modules for SaaS applications. Service applications in this layer include daily office management work, such as information retrieval, document processing, and calendar and authentication services. The application layer is also heavily used by enterprises in business marketing and sales, consumer relationship management (CRM), financial transactions, and supply chain management. In general, SaaS demands the most work from the provider, PaaS is in the middle, and IaaS demands the least. Market-Oriented Cloud Architecture Cloud providers consider and meet the different QoS parameters of each individual consumer as negotiated in specific SLAs. Market-oriented resource management is necessary to regulate the supply and demand of cloud resources. The designer needs to provide feedback on economic incentives for both consumers and providers. The purpose is to promote QoS-based resource allocation mechanisms. Figure shows the high level architecture for supporting market-oriented resource allocation in a cloud computing environment. Users or brokers submit service requests to the data center and cloud to be processed. The SLA resource allocator acts as the interface between the data center/cloud service provider and external users/brokers. When a service request is first submitted the service request examiner interprets the request for QoS requirements before determining whether to accept or reject the request. The request examiner ensures that there is no overloading of resources, after that it assigns requests to VMs and determines resource entitlements for allocated VMs. The Pricing mechanism decides how service requests are charged. Pricing serves as a basis for managing the supply and demand of computing resources within the data center and facilitates in prioritizing resource allocations effectively. The Accounting mechanism maintains the actual usage of resources by requests so that the final cost can be computed and charged to users. In addition, the maintained historical usage information can be utilized by the Service Request Examiner and Admission Control mechanism to improve resource allocation decisions. The VM Monitor mechanism keeps track of the availability of VMs and their resource entitlements. The Dispatcher mechanism starts the execution of accepted service requests on allocated VMs. The Service Request Monitor mechanism keeps track of the execution progress of service requests. Multiple VMs can be started and stopped on demand on a single physical machine to meet accepted service requests, hence providing maximum flexibility to configure various partitions of resources on the same physical machine to different specific requirements of service request. Quality of Service Factors There are critical QoS parameters to consider in a service request, such as time, cost, reliability, and trust/security. QoS requirements cannot be static and may change over time due to continuing changes in business operations. Negotiation mechanisms are needed to respond to alternate offers protocol for establishing SLAs. Commercial cloud offerings must be able to support customer-driven service management based on customer profiles and requested service requirements. Commercial clouds define computational risk management tactics to identify, assess, and manage risks involved in the execution of applications with regard to service requirements and customer needs. The system incorporates autonomic resource management models that effectively self-manage changes in service requirements to satisfy both new service demands and existing service obligations, and leverage VM technology to dynamically assign resource shares according to service requirements. Architectural Design Challenges We will identify six open challenges in cloud architecture development. 1—Service Availability and Data Lock-in Problem The management of a cloud service by a single company is source of single points of failure. Multiple cloud providers are to be used to achieve HA. Even if a company has multiple data centers located in different geographic regions, it may have common software infrastructure and accounting systems. Therefore, using multiple cloud providers may provide more protection from failures. Another availability obstacle is distributed denial of service (DDoS) attacks which make services unavailable to intended users. Some utility computing services offer SaaS providers the opportunity to defend against DDoS attacks by using quick scale-ups. Software stacks have improved interoperability among different cloud platforms, but the APIs itself are still proprietary. The obvious solution is to standardize the APIs so that a SaaS developer can deploy services and data across multiple cloud providers. This will rescue the loss of all data due to the failure of a single company. In addition to mitigating data lock-in concerns, standardization of APIs enables a new usage model in which the same software infrastructure can be used in both public and private clouds. Such an option could enable “surge computing,” in which the public cloud is used to capture the extra tasks that cannot be easily run in the data center of a private cloud. 2—Data Privacy and Security Concerns Current cloud offerings are essentially public (rather than private) networks, exposing the system to more attacks. Many obstacles can be overcome immediately with well understood technologies such as encrypted storage, virtual LANs, and network middleboxes (e.g., firewalls, packet filters). Many nations have laws requiring SaaS providers to keep customer data and copyrighted material within national boundaries. Traditional network attacks include buffer overflows, DoS attacks, spyware, malware, rootkits, Trojan horses, and worms. In a cloud environment, newer attacks may result from hypervisor malware, guest hopping and hijacking, or VM rootkits. Another type of attack is the manin-themiddle attack for VM migrations. In general, passive attacks steal sensitive data or passwords. Active attacks may manipulate kernel data structures which will cause major damage to cloud servers. 3—Unpredictable Performance and Bottlenecks Multiple VMs can share CPUs and main memory in cloud computing, but I/O sharing is problematic. It is required to improve I/O architectures and operating systems to efficiently virtualize interrupts and I/O channels. Internet applications continue to become more data-intensive. If we assume applications to be “pulled apart” across the boundaries of clouds, this may complicate data placement and transport. Data transfer bottlenecks must be removed, bottleneck links must be widened, and weak servers should be removed for minimizing the cost. 4—Distributed Storage and Widespread Software Bugs The database is always growing in cloud applications. The opportunity is to create a storage system that will not only meet this growth, but also combine it with the cloud advantage of scaling arbitrarily up and down on demand. This demands the design of efficient distributed SANs. Data centers must meet programmers’ expectations in terms of scalability, data durability, and HA. Data consistence checking in SAN-connected data centers is a major challenge in cloud computing. Large-scale distributed bugs cannot be reproduced, so the debugging must occur at a scale in the production data centers. No data center will provide such a convenience. One solution may be a reliance on using VMs in cloud computing. The level of virtualization may make it possible to capture valuable information in ways that are impossible without using VMs. Debugging over simulators is another approach to attacking the problem, if the simulator is well designed. 5—Cloud Scalability, Interoperability, and Standardization GAE automatically scales in response to load increases and decreases; users are charged by the cycles used. AWS charges by the hour for the number of VM instances used, even if the machine is idle. In order to save the money, scale up and down must happen quickly. Open Virtualization Format (OVF) describes an open, secure, portable, efficient, and extensible format for the packaging and distribution of VMs. 6—Software Licensing and Reputation Sharing Many cloud computing providers originally relied on open source software because the licensing model for commercial software is not ideal for utility computing. An opportunity would be to create reputation-guarding services similar to the “trusted email” services currently offered (for a fee) to services hosted on smaller ISPs. Cloud providers want legal liability to remain with the customer, and vice versa. This problem must be solved at the SLA level.
0
advertisement
Related documents
Download
advertisement
Add this document to collection(s)
You can add this document to your study collection(s)
Sign in Available only to authorized usersAdd this document to saved
You can add this document to your saved list
Sign in Available only to authorized users