Transcript Cloud Computing

Cloud Computing
Definition
“Cloud computing is a pay-per-use model for enabling
available, convenient, on-demand network access to a
shared pool of configurable computing resources (e.g.,
networks, servers, storage, applications, services) that
can be rapidly provisioned and released with minimal
management effort or service provider interaction. This
cloud model promotes availability.”
What is cloud computing?

I don’t understand what we would do differently in
the light of Cloud Computing other than change the
wordings of some of our ads
Larry Ellision, Oracle’s CEO

I have not heard two people say the same thing
about it [cloud]. There are multiple definitions out
there of “the cloud”
Andy Isherwood, HP’s Vice President of European Software Sales

It’s stupidity. It’s worse than stupidity: it’s a
marketing hype campaign.
Richard Stallman, Free Software Foundation founder
3
The Big Switch (N. Carr)

Thesis: IT will follow the same evolution as electricity


Initially businesses had their own generators but this
consolidated towards centralised providers of
generation/distribution
Is the cloud the end of high-end PC? IT business
network?

Why build your own network if you can use a cloud based
network
4
Business attributes
•
•
Access resources from cloud of available computing
resources

Is always available and scales automatically to meet demand

Is pay per use: Based on resources consumed

Enables full customer self-service

Note: Can be provided by 3rd party (e.g. Amazon) or on own network for
v. large organisations (a.k.a private cloud)
Acquire resources on demand

Release resources when no longer needed

Turns capital investment/fixed cost into operating costs/variable costs

Reduced cost – take advantage of economies of scale across users of
cloud
Technology attributes
•
•
Access computing resources via Internet protocols from
any computer

Reduced system administration overhead: automated provisioning

Increased/matched reliability and security
Acquire resources on demand

Increased utilisation through sharing of resources through virtualisation
or multi-tenancy

To minimise the cost to the provider, clouds rely on a large number of
‘commodity’ processors. These are cheaper to purchase and consumer
less power per unit of processing when compared to high power
processors

No longer design deployment environment to meet maximum load
The NIST Cloud Definition Framework
Hybrid
Clouds
Deployment
Models
Service
Models
Private
Cloud
Software as a
Service (SaaS)
Community
Cloud
Public
Cloud
Platform as a
Service (PaaS)
Infrastructure as
a Service (IaaS)
On Demand Self-Service
Essential
Characteristics
Common
Characteristics
Broad Network Access
Rapid Elasticity
Resource Pooling
Measured Service
Massive Scale
Resilient Computing
Homogeneity
Virtualization
Geographic Distribution
Low Cost Software
Advanced Security
Service Orientation
7
Based upon original chart created by Alex Dowbor - http://ornot.wordpress.com
The NIST Cloud Definition Framework
•
OS Virtualisation leads directly to resilient computing,
rapid elasticity and advanced security
•
•
In case of VM based cloud, facilitates measured service as
hypervisor tracks usage
Multi-tenancy provides rapid elasticity
On Demand Self-Service
Essential
Characteristics
Common
Characteristics
Broad Network Access
Rapid Elasticity
Resource Pooling
Measured Service
Massive Scale
Resilient Computing
Homogeneity
Virtualization
Geographic Distribution
Low Cost Software
Advanced Security
Service Orientation
8
Based upon original chart created by Alex Dowbor - http://ornot.wordpress.com
The NIST Cloud Definition Framework

A number of other attributes rely on the scale of
investment undertaken by cloud providers
•

Early cloud promoters (e.g. Amazon & Google) had to build
massive scale for their main businesses
Use of open source software and commodity hardware
reduces overall cost to cloud provider
On Demand Self-Service
Essential
Characteristics
Common
Characteristics
Broad Network Access
Rapid Elasticity
Resource Pooling
Measured Service
Massive Scale
Resilient Computing
Homogeneity
Virtualization
Geographic Distribution
Low Cost Software
Advanced Security
Service Orientation
9
Based upon original chart created by Alex Dowbor - http://ornot.wordpress.com
4 Cloud Deployment Models

Private cloud



Cloud infrastructure is operated solely for an organization. It may
be managed by the organization or a third party and may exist on
premise or off premise
Typically only large organisations
Public cloud



Cloud infrastructure is made available to the 3rd parties but is
owned by an organization selling cloud services
Cloud services designed to be ‘generic’ and suitable to all
customers
E.g. Amazon, Google, Microsoft, BM etc
10
4 Cloud Deployment Models

Community cloud



Cloud infrastructure is shared by several organizations and
supports a specific community that has shared concerns (e.g.,
mission, security requirements, policy, and compliance
considerations)
May be managed by the organizations or a third party and may
exist on premise or off premise
Hybrid cloud


composition of two or more clouds that remain unique and
separate entities but are bound together by standardized or
proprietary technology that enables data and application
portability
Cloud bursting is the term used to describe the process where
an organisation extend from a private to public cloud
11
Client access architecture

Client access via browser of Web Services

Independent of type of cloud computing
Clients
Access via
Browser
Or
web-service
(SOAP or REST)
Platform
VM
App 1
App 1
App
server
DB
App Server
Database
Or
OS
OS
Server
Storage
Network
Network
Storage
12
Datastore as a service
Service model architecture

Platform As A Service (PaaS)
Infrastructure As A Service (IaaS)
Four main service model architectures


Software As A Service (SaaS)
Datastore as a service is not always included although currently
the most popular use of cloud
Significant differences in the technical and commercial
architectures
13
Datastore as a service
Service model architecture:
Datastorage as a servce

Platform As A Service (PaaS)
Infrastructure As A Service (IaaS)
Functional: Data storage interfaces can be used by any of the other
types or accessed directly


Software As A Service (SaaS)
Examples of direct usage: Amazon’s really simple storage
Commercial: Charged on basis of amount of storage used
14
Characteristics of cloud
datastore

Cloud based datastore is massively distributed and scalable


This implies that the chance of system failure across a large number
of nodes is high


Therefore, cloud datastore must cope with node failure
Cloud datastores are typically non-relational


Utilises large number of commodity servers (a.k.a. nodes)
Distribution across a large number of nodes not a good fit to the
relational model of databases. Relational databases support “joins”
which are hard to implement in a massively distributed way
To address requirement for relational database capabilities


Either provide relational interfaces to non-relational infrastructure
Allow relational databases to run on a small number of nodes as part of15
the virtualisation
Characteristics of cloud
datastore

Cloud datastores are optimised for large scale data search


E.g. Google’s MapReduce (and hadoop – an open source
implementation) which divide the processing into multiple blocks (Map)
and then process each block on one or more nodes (reduce)
Cloud datastores are also appropriate to business intelligence
applications which require ‘column’ based processing


E.g. Summing sales in a particular region
In contrast, relational databases are efficient for record/row level
read/write
16
Datastore as a service
Service model architecture:
IaaS

Platform As A Service (PaaS)
Infrastructure As A Service (IaaS)
Functional: Virtual server instances available for provisioning


Software As A Service (SaaS)
Examples: Amazon’s EC2,
Commercial: Charged on basis of number /scale of instances as
well as usage profile
17
Example: Amazon EC2


Amazon provides a range of
general purpose support
services accessible via VMs
Examples of these services
include


Simple Queue Service: Limited
messaging system for
communications between VMs
S3: Cloud storage service
18
Example: Amazon EC2

Other examples of these services (cont)




SimpleDB: Non-relational database
Elastic MapReduce: large scale search and text processing
infrastructure
Flexible payment service: enabling website payments
Mechanical Turk: outsourcing marketplace
19
Amazon EC2 options and
pricing

Aws.amazon.com/ec2
20
Datastore as a service
Service model architecture:
PaaS

Platform As A Service (PaaS)
Infrastructure As A Service (IaaS)
Functional: Application development and deployment environment


Software As A Service (SaaS)
Provides programming APIs as well as underlying infrastructure
Commercial: Metering and billing based on application usage –
typically CPU consumption/datastore consumption
21
Example: Google AppEngine

Platform uses multiple tenancy on
the single infrastructure


Provides general purpose support
services



Benefit of charging only on usage and
not on number of instance (as with IaaS)
Includes infrastructure services such as
database
Also includes application level interfaces
such as video conferencing
Provides both server and client side
APIs to develop Google AppEngine
applications
22

Provides a platform which is proprietary
Example: Microsoft Azure Services

Access to the Microsoft platform as a cloud based
platform

Provides a platform which is proprietary
Source: Microsoft Presentation, A Lap Around Windows Azure, Manuvir Das
23
Datastore as a service
Service model architecture:
SaaS

Platform As A Service (PaaS)
Infrastructure As A Service (IaaS)
Functional: End user interaction with the Application’s function



Software As A Service (SaaS)
Allows for customisation of UI and workflows
Often uses mult-tenancy databases
Commercial: typically billing based on number of users
24
Example: Salesforce.com

Provides complete application accessible
from the cloud


Software can be configured to support
customer specific requirements



Infrastructure is hidden from the user
Supports customisation through configuration
driven language
Scope for customisation is limited
Uses multi-tenancy architecture


Essential a platform for a specific class of
application
Configuration results in a change to both UI 25and
underlying database schema for that customer
Examples of configuration

UI actions (such as entering an email address) can have customised scripts
associated with them which perform workflow or validation logic
•
•

Workflow defines the sequence of steps through the UI screens
Validation logic enforces rules about information entered based on customer
specific standards or context specific restraints (i.e. What can be entered given
the current workflow)
These may not effect the database schema definition and therefore can be
deployed only to that customers UI
26
Examples of configuration

UI definitions (or associated workflows) may also require
modifications/extensions to the database schema

Through multi-tenancy/multi-schema approach, the metadata defining
the schemas specific to that customer is modified without impacting on
the ‘base’schema or the other customers’ deployed schemas
27
Different types of SaaS




Type 1: Ad-Hoc/Custom
Type 2: Configurable
Type 3: Configurable, MultiTenant-Efficient
Type 4: Scalable,
Configurable, Multi-TenantEfficient
Source: Microsoft MSDN Architecture Center
28
28
Different types of SaaS

Type 1: Ad-Hoc/Custom

Each customer (or tenant) has
there own instance of the
application which can be
customised on an individual basis
Level 1 SaaS is equivalent to
application hosting

29
29
Different types of SaaS

Type 2: Configurable

A single application base is
customised for each
customer/tenant
Customisation is deployed within
each instance of the application
Deployment of upgrades across the
instance will require roll-out to each
instance


30
30
Different types of SaaS

Type 3: Configurable, MultiTenant-Efficient

A single application base and
instance is customised for each
customer/tenant
Customisation is deployed at runtime within each instance of the
application
Single instance is more resource
efficient than multiple instances
Deployment of upgrades made to a
single instance



31
31
Different types of SaaS

Type 4: Scalable,
Configurable, Multi-TenantEfficient

Uses a tenant load balancer to
balance load between multiple
instances



Similar to a hypervisor
Should provide superior scalability
and efficiency
Requires deployment of upgrades
to made to multiple instances
32
32
Conclusions: Understanding the
different service model architectures

Different levels of abstraction
OS: Amazon EC2
Application development framework : Google AppEngine
Applicaton customisation: Salesforce




Similar to languages
Higher level abstractions can be built on top of lower ones

Lower-level,
More flexibility,
More management
Scalability through configuration
Higher-level,
Less flexibility,
Less management
Automatically scalable
33
EC2
IAAS
Azure
AppEngine
PAAS
Salesforce.com
SAAS
Cloud and security
34
General Security Challenges

Security/data control is the most often cited issue with
migration to the cloud
Issues include:
 Trusting vendor’s security model
 Customer inability to respond to audit findings
(dependent on service provider to modify service)
 Obtaining support for investigations
 Indirect administrator accountability
 Proprietary implementations can’t be examined
 Loss of physical control
35
Cloud Security Challenges Part 1
Data dispersal and international privacy laws





EU Data Protection Directive and U.S. Safe Harbor program
Exposure of data to foreign government and data subpoenas
Data retention issues
Mostly addressed by cloud vendor providing geographic
specific services
Clear data ownership
Quality of service guarantees




Reliability of cloud service providers’ service in the context of
enterprise level quality of service commitments (typically with
required recovery times in seconds or minutes)
Potential for massive outages
36
Cloud Security Challenges Part 2
Dependence on secure hypervisors (for IaaS) or Multitenancy (in both PaaS and SaaS)


Attraction to hackers (high value target)

Security of virtual OSs in the cloud

Encryption needs for cloud computing




Encrypting access to the cloud resource control interface
Encrypting administrative access to OS instances
Encrypting access to applications
Encrypting application data at rest
Lack of public SaaS version control


Changes to the service may occur with out explicit agreement
from the customer – unlike tightly controlled lifecycle
management within an enterprise
37