Technical Perspectives Cloud Types Tutorial

3.2 Technical Perspectives Cloud Types

Hello and welcome to Module No. 3 of Cloud Computing course by Simplilearn. In the previous module, we have discussed cloud computing and business value. In this one, we will discuss cloud computing from the technical perspective. The following slide introduces us to the agenda of this module.

3.3 Agenda

In this module, we’ll look at the different types of cloud, various deployment models available in cloud computing and the techniques, and methods associated with cloud deployment. Also, we will learn about the different technical challenges and risks in cloud and the methods to mitigate these challenges and risks. Lastly, we will look into the impact of cloud on application architecture.

3.4 Cloud Deployment Models

Depending upon the organization and the business needs, we need to identify the most suitable deployment model. Every organization has unique operational needs, financial capabilities, and security issues. It is important for us to understand the pros and cons of all deployment models. A public cloud provides instant provisioning on a self-service basis via Internet. Public cloud is usually shared among many organizations and most of the time it operates on a pay-per use model. The service providers offer network, operating systems, servers, and storage space to users. Also, the users can use the software running on their service provider’s environment. It indicates that multiple users can access software from a centralized location. Some advantages of public cloud deployment are: instant provisioning, reduced downtime, reduced cost of installation, minimal network issues, and automatic software upgrades. E.g.: Google, Salesforce. A private cloud, on the other hand, is a dedicated cloud infrastructure owned and shared among users within a single organization. Large organizations build private clouds since they have stringent security compliances to protect data and tight control on the infrastructure. The benefits of private cloud are: owning private data centers, managing and monitoring data, load balancing, increased fault tolerance levels, back-ups, on-demand self-service, elasticity, and metered billing. E.g.: Any government organization which is confidential about data. Hybrid cloud is a combination of both public and private cloud where the organization stores confidential data in-house and moves the rest to cloud. The stringent security of private cloud coupled with the efficiency of public cloud is available in hybrid cloud. The advantages of hybrid cloud are data portability, data scalability, load balancing, and reduced cost of acquiring infrastructure. E.g.: Amazon’s virtual private cloud (VPC) is one of the leading examples of hybrid cloud. Community cloud is used when organizations, having a set of similar security concerns, share hosted computing services. However, the cost of operations in this model could be higher when compared to other deployment models. Also, managing availability of resources, service levels, and same level of security across community might be difficult. E.g.: All government organizations within a particular state might use hybrid cloud.

3.5 Software as a Service SaaS

We have already discussed the different service models in cloud computing. In this slide, we shall look into these models from a technical perspective. Software as a Service or SaaS, as we know it, is highly simplified cloud service. The users have an advantage of using the application of the service provider on cloud infrastructure using a simple web browser and an internet connection. They need to use a simple login and password to access the data. Ability to access it from anywhere anytime makes it independent of both device and location. But in reality, there are limitations too. Not all applications are accessible on a mobile device. More importantly, some applications are, however, not accessible on all browsers. During application development, it is important to consider these constraints. Now let’s look at a few technical aspects in SaaS. The first one is authorization. In every SaaS application, there are several user levels and mostly the first user is the master user who can authorize different level of users and give them varying levels of access and control. The only difference between this and locally driven applications is the way in which the management interface is fundamentally integrated into the user interface. Therefore, the web interface used for the application is also used for managing the rights of users. The next one is application integration. It is necessary with SaaS. Although SaaS application is independently hosted, it might still need to be connected to other applications of the enterprise. Example: HR might need personal details of users, a sales application might need to share order information with financial application. So, all these connections have to be in place. There are two ways in which these connections are typically made: copying the data sets, i.e., upload and download of data or through online retrieval or web services. Integration with user directories for authorization will be discussed later. The last one is application customization. A SaaS application, as we know, is multi-tenant which means that customers of a service provider from different organizations also share the same application from the database. Customization is usually provided by means of add-ons, plugins, or web services. Therefore, the core software remains the same. Also, the service provider has to ensure that information of one user cannot be accessed by others. Let’s next look into Paas or Platform as a Service.

3.6 Platform as a Service PaaS

As we all know, SaaS is the easiest way to deploy cloud service. But PaaS is arguably the most dynamic. It acts as a gateway to wide range of applications. PaaS enables us to create applications and services which can be accessed by means of other applications. As already mentioned, PaaS is used to create a spectrum of applications which are categorized as niche, dedicated or specific and general. Niche includes very specific data sets and databases which handle very specific functions. Example: Google maps API. Dedicated are those that focus on a very specific domain and still allows some programming. E.g.: force.com accompanies Salesforce.com but it can be used, for example, by a website to enter new customers into Salesforce domain. Lastly, general purpose are those which provide general purpose programming platform with general functions such as database and messaging at the discretion of the programmer. E.g.: Microsoft Azure We know broadly what PaaS is used for. But how does it actually work? Platforms are accessed through web service which functions as Application Programming Interface (API) that behaves like a web server and can be accessed through URLs. These URL encode operations and the parameters for these calls are also part of the URL. It can also be transmitted using HTTP POST operation. PaaS applications are to be used by other applications from anywhere on the net. As we saw, PaaS is used for creating a range of applications. In other words, PaaS is a way to make Rich Internet Applications (RIA). RIA is nothing but a web application very similar to a desktop application. It can be delivered by a site-specific-browser, via a browser plug-in or virtual machines. The webpage which loads initially displays few images and in the background it executes JavaScript that makes calls to web services. It uses XML as the data format for queries and formats. This brings in more graphics and images and this is called AJAX (Asynchronous JavaScript and XML). They are used in maps. PaaS is also used as a back-end to applications. For example, a web application can be built using force.com that acts on database within Salesforce.com. Technically, the server hosting web application makes a call to force.com platform for access to the customer database. This example places emphasis on the need for authentication and authorization mechanism. In this example, the customer needs to authenticate himself or herself to web server, i.e., login to the web server and this authentication has to be done in collaboration with PaaS service. In the next slide, we will discuss Infrastructure as a service or IaaS.

3.7 Infrastructure as a Service IaaS

In Infrastructure as a Service, as we know, the consumers have the capability to provision – processing, storage, network, and other fundamentals computing resources where they can deploy and run arbitrary software themselves. IaaS resembles a typical data center with all components although, in reality, IaaS could actually be different locations. Here, we will cover various technical aspects like virtualization layer, virtual machines, content distribution networks, cloud storage, image manufacturing, and cloud management providers. Virtualization layer: In a typical server environment there are number of layers of technology. Virtualization adds an additional layer which isolates the software components of the stack from hardware layers. There are multiple ways in which this layer can be built. So what can an additional virtualization layer do? This layer allows the underlying physical server hardware to be shared and allows us to create multiple virtual machines (VMs) which appear to be fully functional servers. The VMs are completely independent of each other in every sense. They can be powered on and off separately. Also, we can install a different operating system in each VM to create a virtual server. For example, one VM can have one physical server running a Windows 2003 virtual server, a 2008 virtual server, and a Linux virtual server completely independent of each other These operating systems are called guest operating systems and they actually have all the components of a physical server. However, we need to remember that this is, in reality, a virtual hardware and it is being provided by virtualization layer. Now we know what a virtualization layer is and what it can do, let’s take a look at what a virtual machine is. A VM is nothing but a virtual container which acts like a physical server onto which we can load an operating system and applications. As we discussed earlier, there can be more than one VM within a virtualization layer. Content distribution network (CDN): CDN is a way to bring every website-content closer to the web browser of the end-user to prevent any lag. By using a CDN, the content in the website, say images, are served from cloud centers to a closer web browsers. Instead of one centralized location consisting of the website, the users are directed to a server nearby depending upon the location of their web browser. Cloud storage: Cloud-based storage in not only available in IaaS but also in PaaS and SaaS. In IaaS, storage is very essential or servers won’t run without it. E.g.: Amazon, Microsoft Azure. In SaaS, the data is accessed through websites. Websites offer storage on demand. E.g.: Dropbox, Google docs, and Box.net. All these examples differ in functionality but the commonality is that they are all accessed through a website. In PaaS, data is accessed through web services and this is more suitable for infrastructure components. E.g.: A simple HTTP request can be used to retrieve data from cloud storage. This request mentions that host on which the file resides, the name of file, an authorization field, which is computed from a number of data elements. The storage service then checks if the requester has the access to the file. Image manufacturing: In a traditional IT system, applications are created out of individual servers, each of which is also crafted to realize its task. Unlike IaaS, servers are mostly available as a virtual appliance, such as, a web server. Creating a virtual appliance, or in other words, image manufacturing is a process which can be a bottleneck for IT if it is not automated. Handcrafting a configured software image from a list of required software components and configuration details can be automated. Cloud management: A cloud consumer is most likely to provision cloud services from a list of cloud providers while deploying a rapidly changing set of services. Independent services exist that can audit and manage this process. Example: Monitoring performance, uptime of cloud services, tracking cloud spending, validating security and compliance objectives and managing deployment of cloud components

3.8 IaaS (contd.)

Creating a virtual server in cloud requires a series of steps. First, login to the management account. Then select a machine image, which is similar to the hard disk of a server that has been freshly installed, often with application stack. It is, therefore, a ‘disk image’ to be installed on a ‘machine’. Next, select credentials for logging in to the server that will be created. After this, select firewall settings for the virtual server. Lastly, select an instance type to indicate the level of resources available to the server, including processor speed, memory available, and storage. Once this process has been completed, a new working virtual server will be ready which can be accessed over the Internet, or in the case of a private cloud, only through private network. In the next slide, we will discuss techniques and pitfalls associated with cloud computing.

3.9 Techniques and Methods

Cloud deployments shares many similarities with IT system deployments, but they also have many differences. Let us look at some important techniques and some pitfalls associated with cloud computing. Broadly, we will look into networking, automation and self-service, federated identity, and increased importance of standards. The next slide introduces us to the concept of networking with respect of cloud computing.

3.10 Networking

Cloud computing is solely dependent on networking. For any cloud deployment to be successful, network connectivity has to be taken into consideration. Key dimensions of network design that relate to cloud computing are location, bandwidth, latency tolerance, firewalls and access control, and redundancy. Let’s look at each of these factors in details. Location: In a typical network design, there is a single point of control connecting the access network of client PC, server network or data center, and the external connections for business client. Amidst, this there is a firewall zone too. But in cloud, this single point of connect is completely removed. Clients can access the services from all locations and the same holds true for servers and business partners. Bandwidth: The speed at which data moves over a connection is called bandwidth. Local network connections are said to have much higher bandwidths than wide-area connections. Cloud moves processing away from a local network. As a result, available bandwidth becomes an issue. Delay tolerance: It is similar to what we saw in bandwidth. As the locations become more spread out, the transmission delays also increase. Not all applications can accommodate this. Firewalls and access control: In cloud, there is a need for multiple touch points between a company network and the Internet, unlike the firewalls which are confined to a single location. Resilience: Cloud computing is capable of creating new components that can break-down or become unstable. At the same time, cloud services create new techniques for introducing redundancy. For example, it is better to store data in more than one single location. In the next slide, we will discuss automation and self-service.

3.11 Automation and Self Service

IT systems were traditionally built by using engineering diagrams and work orders, which were organized by IT operations. Currently, cloud service models allow the same to be done by means of self-service websites and web services. Self-service improves workflow but in order to enjoy the benefits of cloud computing completely, the workflow provisioning has to change. If an organization has not adopted a proper workflow, the company can cause the operational costs to increase. Therefore, automation is the key. Automation is the key to reducing operational expenses. It is implemented differently in different organization, according to their existing capabilities and business needs. An ideal set-up is when, the business requirements are keyed into an orchestration tool, or in other words, a function that automatically configures entire application server stacks, provisions, and de-provisions servers, as the load varies automatically. While IaaS-based systems are deployed on a large scale, capacity management is still tied to a single server. Shortage of server can lead to under-performance and adding more servers leads to over-abundance which reflects on cost. Therefore, it is important to manage performance and capacity adequately. This can be automated by using auto-scaling software, but the software needs to be overseen manually to ensure the cost does not exceed a prescribed limit. One way to assist scaling is by purchasing VM using a simple credit card. It takes barely a few minutes. Unlike the manual procedure, it does not require us to wait for weeks or months. But, this doesn’t fit into a regular procedure of a company’s procurement process. So, it is important to device ways to do this. For example, test and development teams should be given the authority to start and stop the services on cloud. The next slide discusses federated identity.

3.12 Federated Identity

We are able to access information systems by means of digital identities, such as, usernames and passwords. Multiple services are used from different providers. There is a need to separate identity management from providing services. This is done through so called ‘identity providers’. Identity management is nothing but managing our identity. For example, Google manages our identity. It ensures that no one misuses our credentials by generating a mail which says that our login details have been used to access our account from a different location.. This is identity management. Identity providers are those who allow using Open ID or Open Identification, i.e., ability to login using our Gmail or Facebook password to access Quora. Using them reduces the number of accounts and passwords that users have to remember. They are also called as ‘issuing parties’ since they issue credentials. SaaS providers act as a ‘relying party’ since they have to rely on the issuing part. However, deciding access rights or authorization rests with relying party. This process works in two different ways, a SaaS provider can either accept from multiple identity providers, and this is called identity federation. Or, users can use their digital identities at multiple SaaS providers. Facebook and Twitter are examples of identity providers. Some SaaS providers allow the use of company-identity credentials, such as, those residing in Microsoft’s Active Directory. An analogy for identity provider is government using driver license as identity cards. The next slide is about the roles of standardization.

3.13 Roles of Standardization

Organizations that adopt cloud computing need to invest time in the ensuring the right amount of standardization that is needed for the organization. When standardization is used properly, it improves the interconnection and inter-operability between different services. But, at the same time if it is overdone, standardization also restricts innovation and taking up superior solutions, for example, standardizing on a particular version of software or an outdated interconnection standard. But usually, companies adopt standardization when they support some business-related objectives, such as, interconnectivity between services which we just discussed. This increases the functionality. Standardization also facilitates exit strategy. It will be easier to switch between providers when the need arises and take the data and software investments as needed. This sort of portability mitigates risk and improves the negotiating power with providers. Some key standardization areas are data formats (XML, JSON), data storage (move data from cloud to cloud), standard virtual machine images (move machine from cloud to cloud), standard API (provisioning services to prevent lock-in), and identity information standards (OAuth, OpenID, SAML for security exchange). The following slide shows the challenges and risks associates with cloud computing.

3.14 Challenges and Risks

Cloud computing not only eliminates risks, such as, lack of capacity or slow deployment, but also introduces new risks. These risks are due to its technical characteristics in a networked environment, openness of systems, and resource sharing. Few risks to deal with are application performance, cloud storage, data replication alternatives, and security technical. The next slide is about application performance.

3.15 Application Performance

In cloud, we know that applications are hosted remotely and this leads to several problems with a high demand on bandwidth between the application server and the client. But, before we get into the details, let’s understand bandwidth and latency clearly. Network bandwidth: As we discussed earlier in the module, network bandwidth is the amount of data that can be transmitted across a link in a specific amount of time. It is measured in bits per sec and, this can be increased by buying or leasing expensive equipment. Network latency: It is the amount of time taken for the data to be transmitted from one end of the link to the other. It is measured in seconds. Equipment used can influence latency for a significant distance but it is finally determined by the distance travelled between the two network end points. Although, we can reduce latency by establishing a more direct route, minimum latency is a factor which is taken into consideration while designing. Investing in expensive equipment later will not affect tangible change. Impact of latency: Suppose an application is executed remotely from a client server, it will limit the maximum performance obtained by users. For instance, if server-side application is hosted in the US and the user is based in Malaysia, it will take a minimum of at least 20 milliseconds for the application to respond. Although, this time might not sound significant, it is a noticeable lag for most users. Application performance challenges: One major challenge for cloud is the impact of network characteristics on application performance. Latency can be acceptable or unacceptable depending upon the application’s business usage and the application architecture. It is very common to see application perform at its best in a data center and fail in a wide area network. This is because, the application is hosted on both client-side and server-side, where there is extensive exchange of messages. The failure occurs as there are numerous round-trips between both ends for application to respond. At say, 0.1 millisecond for each round trip, performance is fine but at 200 milliseconds each, the slowness of the application becomes completely unbearable. IaaS and PaaS also differ in other performance dimensions, such as, CPU speed and storage-access speed. For application with high intensity processing or data access, it is important to evaluate number of providers before finalizing on one. In the following slide, we will discuss data replication.

3.16 Data Replication

Organizations provision application from multiple cloud service providers. In such situations, it is highly challenging to keep the master data of all these applications synchronized. Some examples of typical master data set are customer account information, catalogue data, and user identities. Different approaches can be used to attain data synchronization. Replicate: Replicate the master copy to all the applications. This is not as simple as it sounds. It requires careful attention in order to maintain the right frequency of the replication process. Also, continuous processing of all the changes outside the master copy should be done. All Directions: Synchronize all the changes in all directions. Again, this is not a simple process either. This demands crafting of a careful process design. Usage of professional tools may be very helpful in this regard. Real time lookup: Instead of duplicating data, it is looked up as and when needed from the official source. This way the data always remains up to date. But, the applications might have a lag due to round-trip delays. Also, network traffic may increase because of the continual need to look up for the data. Now, we will discuss security technical and cloud storage.

3.17 Security Technical and Cloud Storage

Security in cloud computing differs from traditional IT systems, primarily, in two ways. Unlike the old days, there is no network perimeter between the organization’s users, servers, and the network. In cloud, servers have individual firewalls, which is part of the service offering or they are part of a virtual private network (VPN). Another difference is that, cloud-service providers operate on a larger scale than organization’s IT departments. Security available at their disposal is much more sophisticated. The challenge with cloud storage is that, it is not as fast as the local disks. As data volumes grow larger, this becomes a serious threat. This is not only the case in cloud. It is highly relevant to any normal operation and when there are imports and exports. For normal operation, data has to be physically close to any processing that is done. Moving large datasets or complete VMs in and out of cloud can create serious trouble. The next slide discusses the implications for applications.

3.18 Implications for Applications

Cloud computing brings a new set of implications to the applications. Let us look at the impact on application development process. Like any software development process, cloud also involves translating functional and non-functional requirements into a complete working solution. The building blocks in cloud are quite different from typical application development. Cloud provides a large ecosystem of pre-built components which can be readily used. Performance requirements and scalability risk are mitigated. But, consequently new risks arise. The traditional method of designing, building, ordering hardware, and installing is not changed. In cloud, we purchase existing services and components which means, all that we do is configure existing services. This holds true for SaaS, IaaS, and PaaS. The responsibilities of IT department change completely because of this. We will discuss more about this next module. |In the next slide, we will discuss the implications on application architecture.

3.19 Impact on Application Architecture

Application architecture defines how an application is sub-divided into components, along with the relationship between these components, and their relationship with other applications. Traditionally, applications are built in layers: clients, presentation, business logic, and database. Application development with cloud can change all these layers completely. Building blocks: The building blocks for applications can exist outside the typical boundary of a company, and in cloud. This is true for SaaS, where most of the applications will be in cloud. It is true of IaaS as well since the application components exist as services in cloud. Target platform: When building blocks are developed, the target platform can be in cloud. With IaaS, components might deviate in a number of ways from a typical data center equivalent E.g., models which are available to scale them. Service-oriented architecture: Cloud encourages a service-oriented architecture, where information is transferred between applications and application components by means of web services. Therefore, SaaS uses solutions and add-ons with cloud. PaaS uses service-oriented architecture and uses existing components. Lastly, IaaS uses the cloud as a target platform. In the next slide, we will summarize whatever we have learnt so far.

3.20 Summary

Let’s summarize what we have learnt in this module. Now we are able to identify different types of cloud computing, various deployment models in cloud, and techniques and methods of cloud deployment. We can also recognize the technical challenges and risks involved in cloud computing and determine the methods to mitigate them. Finally, we have discussed the impact of cloud on application architecture and application development process. This brings us to the end of this module. Please answer the questions that are provided in the following slides to evaluate your understanding of this topic. In the next module, we will discuss the steps that are required for successful adoption of cloud computing.

  • Disclaimer
  • PMP, PMI, PMBOK, CAPM, PgMP, PfMP, ACP, PBA, RMP, SP, and OPM3 are registered marks of the Project Management Institute, Inc.

We use cookies on this site for functional and analytical purposes. By using the site, you agree to be cookied and to our Terms of Use. Find out more

Request more information

For individuals
For business
Name*
Email*
Phone Number*
Your Message (Optional)

By proceeding, you agree to our Terms of Use and Privacy Policy

We are looking into your query.
Our consultants will get in touch with you soon.

A Simplilearn representative will get back to you in one business day.

First Name*
Last Name*
Email*
Phone Number*
Company*
Job Title*

By proceeding, you agree to our Terms of Use and Privacy Policy