2.2 Cloud Computing Concepts Flashcards
a type of cloud computing service that offers essential compute, storage, and networking resources on demand, on a pay-as-you-go basis.
• Sometimes called Hardware as a Service (HaaS)
– Outsource your equipment
• You’re still responsible for the management
– And for the security
• Your data is out there, but more within your control
• Web server providers
Infrastructure as a service (IaaS)
a cloud computing model where a third-party provider delivers hardware and software tools to users over the internet. Usually, these tools are needed for application development. A [this] provider hosts the hardware and software on its own infrastructure. • No servers, no software, no maintenance team, no HVAC – Someone else handles the platform, you handle the development • You don’t have direct control of the data, people, or infrastructure – Trained security professionals are watching your stuff – Choose carefully • Put the building blocks together – Develop your app from what’s available on the platform – SalesForce.com
Platform as a service (PaaS)
a software distribution model in which a cloud provider hosts applications and makes them available to end users over the internet. In this model, an independent software vendor (ISV) may contract a third-party cloud provider to host the application.
• On-demand software
– No local installation
– Why manage your own email distribution?
– Or payroll?
• Central management of data and applications
– Your data is out there
• A complete application offering
– No development work required
– Google Mail
Software as a service (SaaS)
a general, collective term that refers to the delivery of anything as a service. It recognizes the vast number of products, tools and technologies that vendors now deliver to users as a service over a network – typically the internet – rather than provide locally or on-site within an enterprise.
• A broad description of all cloud models
– Use any combination of the cloud
• Services delivered over the Internet
– Not locally hosted or managed
• Flexible consumption model
– No large upfront costs or ongoing licensing
• IT becomes more of an operating model
– And less of a cost-center model
– Any IT function can be changed into a service
Anything as a Service (XaaS)
What functions/systems of the cloud are client/customer managed for...? OnPrem IaaS PaaS SaaS
What functions/systems of the cloud are provider managed for...? OnPrem IaaS PaaS SaaS
a third-party company offering a cloud-based platform, infrastructure, application, or storage services. Much like a homeowner would pay for a utility such as electricity or gas, companies typically have to pay only for the amount of cloud services they use, as business demands require. • Provide cloud services – SaaS, PaaS, IaaS, etc. • Charge a flat fee or based on use – More data, more cost • You still manage your processes – Internal staff – Development team – Operational support
Cloud service providers
delivers services, such as network, application, infrastructure and security, via ongoing and regular support and active administration on customers' premises, in their MSP's data center (hosting), or in a third-party data center. • [this] – Also a cloud service provider – Not all cloud service providers are [this] • [this] support – Network connectivity management – Backups and disaster recovery – Growth management and planning • Managed Security Service Provider (MSSP) – Firewall management – Patch management, security audits – Emergency response
Managed service providers
• [this(a)]
– Your applications are on local hardware
– Your servers are in your data center in your building
• [this(b)] / hosted
– Your servers are not in your building
– They may not even be running on your hardware
– Usually a specialized computing environment
On-premises vs. off-premises
defines where the servers you're using are and who manages them. It defines what your cloud infrastructure looks like, what you can change yourself, and whether the services are provided to you or you need to build everything yourself. • Public • Community • Private • Hybrid
Cloud deployment models
• [this(a)]
– a cloud deployment model where computing resources are owned and operated by a provider and shared across multiple tenants via the Internet.
– Available to everyone over the Internet
• [this(b)]
– a shared cloud computing service environment that is targeted to a limited set of organizations or employees (such as banks or heads of trading firms).
– Several organizations share the same resources
• [this(c)]
– a model of cloud computing where the infrastructure is dedicated to a single user organization.
– Your own virtualized local data center
• [this(d)]
– refers to a mixed computing, storage, and services environment made up of on-premises infrastructure, private cloud services, and a public cloud with orchestration among the various platforms.
– A mix of public and private
a) Public vs b) Community vs c) Private vs d) Hybrid -
Cloud deployment models
the delivery of computing services—including servers, storage, databases, networking, software, analytics, and intelligence—over the Internet to offer faster innovation, flexible resources, and economies of scale. • Computing on-demand – Instantly available computing power – Massive data storage capacity • Fast implementation – IT teams can adjust rapidly to change – Smaller startup costs and pay-as-you-go • Not always the best solution – Latency - the cloud is far away – Limited bandwidth – Difficult to protect data – Requires Internet/network connectivity
Cloud computing
a distributed computing framework that brings enterprise applications closer to data sources such as IoT devices or local edge servers. This proximity to data at its source can deliver strong business benefits, including faster insights, improved response times and better bandwidth availability.
• Over 30 billion IoT devices on the Internet
– Devices with very specific functions
– A huge amount of data
• [this]
– Process application data on an edge server
– Close to the user
• Often process data on the device itself
– No latency, no network requirement
– Increased speed and performance
– Process where the data is, instead of
processing in the cloud
Edge computing
a decentralized computing infrastructure in which data, compute, storage and applications are located somewhere between the data source and the cloud. Like edge computing, [this] brings the advantages and power of the cloud closer to where data is created and acted upon.
– A cloud that’s close to your data
– Cloud + Internet of Things - [this]
• A distributed cloud architecture - Extends the cloud
• Distribute the data and processing
– Immediate data stays local - No latency
– Local decisions made from local data
– No bandwidth requirements
– Private data never leaves - Minimizes security concerns
– Long-term analysis can occur in the cloud - Internet
only when required
Fog computing
Cloud computing's inherent strengths are elasticity, ability to automate infrastructure management, enhanced reliability and reduced cost. Good cloud architecture is reliable, high performing, cost efficient, and most importantly secure. • On-demand computing power – Click a button • Elasticity – Scale up or down as needed • Applications also scale – Access from anywhere • How does it all happen? – Planning and technology
Designing the cloud
a virtual desktop computing model that runs on the resources stored on a central server instead of a computer’s resources. Normally [thin] take the form of low-cost computing devices that heavily rely on a server for computation.
• Basic application usage
– Applications actually run on a remote server
– Virtual Desktop Infrastructure (VDI),
– Desktop as a Service (DaaS)
– Local device is a keyboard, mouse, and screen.
• Minimal operating system on the client
– No huge memory or CPU needs
• Network connectivity
– Big network requirement
– Everything happens across the wire
Thin client
he creation of a virtual – rather than actual – version of something, such as an operating system (OS), a server, a storage device or network resources. [this] uses software that simulates hardware functionality to create a virtual system.
– Run many different operating systems on the
same hardware
• Each application instance has its
own operating system
– Adds overhead and complexity
– [this] is relatively expensive
Virtualization
an OS-level virtualization method used to deploy and run distributed applications without launching an entire virtual machine (VM) for each app. Multiple isolated applications or services run on a single host and access the same OS kernel. – Contains everything you need to run an application – Code and dependencies – A standardized unit of software • An isolated process in a sandbox – Self-contained – Apps can’t interact with each other • [this] image – A standard for portability – Lightweight, uses the host kernel – Secure separation between applications
Application containerization
[This(a)] are an architectural style for web applications, where the functionality is divided up across small web services.
[this(b)] are the frameworks through which developers can interact with a web application.
• Monolithic applications
– One big application that does everything
• Application contains all decision making processes
– User interface
– Business logic
– Data input and output
• Code challenges
– Large codebase
– Change control challenges
• [this(b)]
• [this(b)] is the “glue” for the microservices
– Work together to act as the application
• Scalable
– Scale just the microservices you need
• Resilient
– Outages are contained
• Security and compliance
– Containment is built-in
Microservices and APIs (Application Programming Interfaces)
a way to build and run applications and services without having to manage infrastructure. Your application still runs on servers, but all the server management is done by a cloud service provider.
• Function as a Service (FaaS)
– Applications are separated into individual, autonomous
functions
– Remove the operating system from the equation
• Developer still creates the server-side logic
– Runs in a stateless compute container
• May be event triggered and ephemeral
– May only run for one event
• Managed by a third-party
– All OS security concerns are at the third-party
Serverless architecture
acts as a Regional virtual router for traffic flowing between your virtual private clouds (VPCs) and on-premises networks. [this] scales elastically based on the volume of network traffic.
• Virtual Private Cloud (VPC)
– A pool of resources created in a public cloud
• Common to create many VPCs
– Many different application clouds
• Connect VPCs with a transit gateway
– And users to VPCs
– A “cloud router”
• Now make it secure
– VPCs are commonly on different IP subnets
– Connecting to the cloud is often through a VPN
Transit gateway
a system rule that specifies resources and actions for a particular access feature. [this] is either a server or file that can be accessed through the system, and an action is to “allow” or “deny” a resource or to perform or not perform a function.
• Assigning permissions to cloud resources
– Not the easiest task
– Everything is in constant motion
• Specify which resources can be provisioned (Azure)
– Create a service in a specific region,
deny all others
• Specify the resource and what actions are
permitted (Amazon)
– Allow access to an API gateway from an
IP address range
• Explicitly list the users who can access the
resource (Amazon)
– Userlist is associated with the resource
Resource policies
an approach to managing multiple suppliers of services (business services as well as information technology services) and integrating them to provide a single business-facing IT organization. • Many different service providers – The natural result of multisourcing • Every provider works differently – Different tools and processes • SIAM is the integration of these diverse providers – Provide a single business-facing IT organization Database • An evolving set of processes and procedures
Service Integration and Management (SIAM)
the managing and provisioning of infrastructure through code instead of through manual processes. With [this], configuration files are created that contain your infrastructure specifications, which makes it easier to edit and distribute configurations.
• Describe an infrastructure
– Define servers, network, and applications as code
• Modify the infrastructure and create versions
– The same way you version application code
• Use the description (code) to build other application
instances
– Build it the same way every time based on the code
• An important concept for cloud computing
– Build a perfect version every time
Infrastructure as code (IaC)
