Cloud Module 1 - Fundamental Cloud Computing

What technology innovation lead to Cloud Computing?

(GriCluVir) 1. Grid Computing Technology 2. Clustering Technology 3. Virtualization Technology

Inter-Cloud

The *Inter-Cloud* model is based on an architecture comprised of two or more inter-connected clouds.

Business Cost Metrics - cost of capital

The cost of capital is a value that represents the cost incurred by raising required funds. For example, it will generally be more expensive to raise an initial investment of $150,000 than it will be to raise this amount over a period of three years. The relevancy of this cost depends on how the organization goes about gathering the funds it requires. If the cost of capital for an initial investment is high, then it further helps justify the leasing of cloud-based IT resources.

(True/False) AWS EC2 is a form of IaaS

true.

Goals & Benefits Cloud Computing - Proportional Costs

Measured Usage characteristic represents a feature-set that allows measured operational expenditures (directly related to business performance) to replace anticipated capital expenditures. A cloud's Measured Usage characteristic represents a feature-set that allows measured operational expenditures (directly related to business performance) to replace anticipated capital expenditures. This is also referred to as proportional costs.

Business Cost Metrics - on-going costs

On-going costs represent the expenses required by an organization to run and maintain IT resources it uses.

Goals & Benefits Cloud Computing - Increased Availability

Outages limit the time an IT resource can be "open for business" for its customers, thereby limiting its usage and revenue generating potential.

Goals & Benefits Cloud Computing

PARIS 1. *Proportional Costs* 2. Increased *Availability* 3. Increased *Reliability* 4. Reduced *Investments* 5. Increased *Scalability*

What is PCI DSS? And what issue does it pose?

PCI DSS stands for: Payment Card Industry Data Security Standard and it requires that cardholder data be stored in separated network segments (pke: separated from what?) Cloud consumers unaware of the location of data or IT resources hosted by cloud providers may not be able to comply with such regulations and policies.

Why are Service Agents important for Cloud Computing?

Service agents ore important to cloud computing. Especially for providing runtime monitoring and Load balancing functions. Examples: 1. The automated scaling listener 2. The pay-per-use monitor

cloud service consumer

The *cloud service consumer* is a temporary runtime role assumed by a software program when it accesses a cloud service.

What does "On-Premise" mean

The term on-premise (or "on-premises") is used to qualify an IT resource that is not remotely accessible via a cloud, but instead resides within an internal IT enterprise environment.

cloud characteristics

(OMUMER) - on-demand usage - multitenancy (& Resource Pooling) - ubiquitous access - measured usage - elasticity - resilient computing

Elasticity

*Elasticity is the automated ability of a cloud to gracefully and transparently scale IT resources*, as required in response to runtime conditions or as pre-determined by the cloud consumer or cloud provider. Elasticity is often considered a core justification for the adoption of cloud computing, primarily due to the fact that it is closely associated with the Reduced Investment and Proportional Costs benefit. Cloud providers with vast IT resources can offer the greatest range of elasticity.

Multitenancy

*The characteristic of a software program that enables an instance of the program to serve different consumers (tenants) whereby each is isolated from the other, is referred to as multitenancy*. A cloud provider pools its IT resources to serve multiple cloud service consumers by using multitenancy models that frequently rely on the use of virtualization technologies. Through the use of multitenancy technology, IT resources can be dynamically assigned and reassigned, according to cloud service consumer demands. *Resource pooling allows cloud providers to pool large-scale IT resources to serve multiple cloud consumers.* Different physical and virtual IT resources are dynamically assigned and reassigned according to cloud consumer demand, typically followed by execution through statistical multiplexing. Resource pooling is commonly achieved through multitenancy technology, and therefore encompassed by this multitenancy characteristic.

Cloud Provider

*The organization that provides cloud-based IT resources is the cloud provider.* When assuming the role of cloud provider, an organization is responsible for making cloud services available to cloud consumers, as per agreed upon SLA guarantees. The cloud provider is further tasked with any required management and administrative duties to ensure the on-going operation of the overall cloud infrastructure.

Ubiquitous access

*Ubiquitous Access represents the ability for a cloud service to be widely accessible*. Establishing ubiquitous access for a cloud service can require support for a range of devices, transport protocols, interfaces, and security technologies. To enable this level of access generally requires that the cloud service architecture be tailored to the particular needs of different cloud service consumers.

Cloud Resource Administrator

- A cloud resource administrator is the *person or organization responsible for administering a cloud-based IT resource* (including cloud services). - The cloud resource administrator can be (or belong to) the cloud consumer or cloud provider of the cloud within which the cloud service resides. - Alternatively, it can be (or belong to) a third-party organization contracted to administer the cloud-based IT resource.

Organizational boundary

- An *organizational boundary* represents the *physical perimeter that surrounds a set of IT resources that are owned and governed by an organization*. - The organizational boundary does not represent the boundary of an actual organization, only an organizational set of IT assets and IT resources. Similarly, clouds have an organizational boundary.

Resilient computing

- Resilient computing is *a form of failover that distributes redundant implementations of IT resources across physical locations*. - IT resources can be pre-configured so that if one becomes deficient, processing is automatically handed over to another redundant implementation. - Within cloud computing, the characteristic of resiliency can refer to redundant IT resources within the same cloud (but in different physical locations) or across multiple clouds. - Cloud consumers can increase both the reliability and availability of their applications by leveraging the resiliency of cloud-based IT resources.

Measured usage

- The measured usage characteristic represents *the ability of a cloud platform to keep track of the usage of its IT resources*, primarily by cloud consumers. - Based on what is measured, the cloud provider can charge a cloud consumer only for the IT resources actually used and/or for the timeframe during which access to the IT resources was granted. In this context, measured usage is closely related to the on-demand characteristic. - Measured usage is not limited to tracking statistics for billing purposes. It also encompasses the general monitoring of IT resources and related usage reporting (for both cloud provider and cloud consumers). - Therefore, measured usage is also relevant to clouds that do not charge for usage (which may be applicable to the private cloud deployment model described in the upcoming Cloud Deployment Models section).

On-demand usage

A cloud consumer can unilaterally access cloud-based IT resources giving the cloud consumer the freedom to self-provision these IT resources. Once configured, usage of the self-provisioned IT resources can be automated, requiring no further human involvement by the cloud consumer or cloud provider. This results in an *on-demand usage* environment. Also known as "on-demand self-service usage," this characteristic enables the service-based and usage-driven features found in mainstream clouds.

Cloud Consumer

A cloud consumer is an organization (or a human) that has a formal contract or arrangement with a cloud provider to use IT resources made available by the cloud provider.

Trust boundary

A trust boundary establishes a *logical perimeter* wherein IT resources are trusted from a security perspective. When an organization assumes the role of cloud consumer to access cloud-based IT resources, it needs to extend its trust beyond the physical boundary of the organization to include parts of the cloud environment. A *trust boundary* is a logical perimeter that typically spans beyond physical boundaries to represent the extent to which IT resources are trusted. When analyzing cloud environments, the trust boundary is most frequently associated with the trust issued by the organization acting as the cloud consumer.

Why is a Cloud Resource Administrator not called a Cloud Service Administrator?

Because the CRA manages Cloud Resources that are not necessarily services.

Define Cloud Computing

Cloud computing is a specialized form of distributed computing that introduces utilization models for *remotely provisioning scalable and measured IT resources.*

Why doesn't the role "Cloud Resource Owner" exist?

Of course there is an owner of cloud resources: the cloud provider. However, a cloud service can be owner by either the cloud provider or a cloud consumer.

Cloud Service Consumer

The *cloud service consumer* is a temporary runtime role assumed by a software program when it accesses a cloud service. The *cloud consumer* uses a *cloud service consumer* to access a cloud service. The cloud service consumer is a service consumer that accesses a cloud service.

Cloud Service Owner

The person or organization that legally owns a cloud service is called a cloud service owner. The cloud service owner can be the cloud consumer, or the cloud provider that owns the cloud within which the cloud service resides.

(T/F) Google App Engine is a PaaS product

True.

(True/False) A cloud resource administrator is a role assumed by a (group of) human(s), not a software program

True. In diagrams, when we show the workstation symbol remotely accessing an IT resource (such as the virtual server in the diagram to the right), we refer to this as the "cloud resource administrator". However, it is implied that the workstation being used by the human to perform the administration task is using a software program that technically is acting as a cloud service consumer.

Service Consumer (Software Role)

When a software program accesses a service it is labeled as a service consumer. A service consumer is therefore a temporary runtime role assumed by a software program. To distinguish between service consumers that access on-premise and cloud-based services, those that access cloud services are further qualified as cloud service consumers.

How can you mitigate governance risks and issues?

Legal contracts, when combined with SLAs, technology inspections, and monitoring, can mitigate governance risks and issues. A cloud governance system is established through SLAs, given the "as-a-service" nature of cloud computing. A cloud consumer must keep track of the actual service level being offered and the other warranties that are made by the cloud provider.

Give some examples of how service agents are called

(HILF) Depending on the development platform you are working with, service agents may be called "handlers", "interceptors", "listeners", "filters", etc.

Delivery Models

(IPS) - *IaaS*: Infrastructure as a Service - *PaaS*: Platform as a Service - *SaaS*: Software as a Service

SLA Characteristics

(PARSR) - *Performance*: capacity, response time, and delivery time guarantees - *Availability*: up-time, outages, service duration - *Reliability*: minimum time between failures, guaranteed rate of successful responses - *scalability*: capacity fluctuation and responsiveness guarantees - *resilience*: mean-time to switchover and recovery

Service quality metric characteristics

(QREC) - *Quantifiable* — The unit of measure is clearly set, absolute, and appropriate so that the metric can be based on quantitative measurements. - *Repeatable* — The methods of measuring the metric need to yield identical results when repeated under identical conditions. - *Easily Obtainable* — The metric needs to be based on a non-proprietary, common form of measurement that can be easily obtained and understood by cloud consumers. - *Comparable* — The units of measure used by a metric need to be standardized and comparable. For example, a service quality metric cannot measure smaller quantities of data in bits and larger quantities in bytes.

Challenges of Cloud Computing

(SPOM) - increased security vulnerabilities - limited portability between cloud providers - reduced operational governance control - multi-regional compliance and legal issues

Business Cost Metrics

(U O SILC sounds like "You owe Silk") Common types of metrics used to evaluate the estimated costs and business value of leasing cloud-based IT resources when compared to the purchase of on-premise IT resources: - *u*p-front costs - *o*n-going costs - *s*unk costs - *i*ntegration costs - *l*ocked-in costs - cost of *c*apital

Common functions performed by Service Agents

(VaLoRoSec) - validation - logging - routing - security-related processing

Explain difference "on-premise" and "cloud-based"

(don't really understand this :s ) It is important to use the terms *"on-premise"* and *"cloud-based"* correctly within the context of a private cloud. Even though the private cloud may physically reside on the organization's premises, IT resources it hosts are still considered "cloud-based" as long as they are made remotely accessible to cloud consumers. IT resources hosted outside of the private cloud by the departments acting as cloud consumers are therefore considered "on-premise" in relation to the private cloud-based IT resources.

cloud

*A cloud refers to a distinct IT environment that is designed for the purpose of remotely provisioning scalable and measured IT resources. * The term originated as a metaphor for the Internet which is, in essence, a network of networks providing remote access to a set of decentralized IT resources. Prior to cloud computing becoming its own formalized IT industry segment, the symbol of a cloud was commonly used to represent the Internet in a variety of specifications and mainstream documentation of Web-based architectures. This same symbol is now used to specifically represent the boundary of a cloud environment.

cloud service

*A cloud service is any IT resource that is made remotely accessible via a cloud*. Unlike other IT fields that fall under the service technology umbrella - such as service-oriented architecture - the term "service" within the context of cloud computing is especially broad. A cloud service can exist as a simple Web-based software program with a technical interface invoked via the use of a messaging protocol, or as a remote access point for administrative tools or larger environments and other IT resources. The driving motivation behind cloud computing is to provide IT resources as services that encapsulate other IT resources, while offering functions for clients to use and leverage remotely. A multitude of models for generic types of cloud services have emerged, most of which are labeled with the "as-a-service" suffix.

active service agent

*Active service agents* perform an action upon intercepting and reading the contents of a message. The action typically requires making changes to the message contents (most commonly message header data and less commonly the body content) or changes to the message path itself

IT Resource

*An IT resource* is a *physical or virtual IT-related artifact* that can be either software based, such as a virtual server or a custom software program, or hardware-based, such as a physical server or a network device.

passive service agent

*Passive service agents* do not change message contents. Instead, they read the message and may then capture certain parts of its contents, usually for monitoring, logging, or reporting purposes.

Roles and boundaries

(BOS ==> TO SCAP SC) Boundaries - *T*rust Boundary - *O*rganizational Boundary Roles (Organization) - Cloud *S*ervice Owner - Cloud *C*onsumer - Cloud Resource *A*dministrator - Cloud *P*rovider Roles (Software) - *S*ervice Consumer - *C*loud Service Consumer

Business Drivers

(COC) 1. *Capacity Planning*: Planning for capacity can be challenging because it requires estimating usage load fluctuations. There is a constant need to balance peak usage requirements without unnecessary over-expenditure on infrastructure. An example is outfitting IT infrastructure to accommodate maximum usage loads which can impose unreasonable financial investments. In such cases, moderating investments can result in under-provisioning, leading to transaction losses and other usage limitations from lowered usage thresholds. 2. *Organizational Agility*: An IT enterprise often needs to respond to business change by scaling its IT resources beyond the scope of what was previously predicted or planned for. For example, infrastructure may be subject to limitations that prevent the organization from responding to usage fluctuations-even when anticipated-if previous capacity planning efforts were restricted by inadequate budgets. 3. *Cost Reduction & Operating Overhead Reduction*: A direct alignment between IT costs and business performance can be difficult to maintain. The growth of IT environments often corresponds to the assessment of their maximum usage requirements. This can make the support of new and expanded business automations an ever-increasing investment.

(True/False) Cloud Computing must either be introduced completely or not at all to be beneficial to a company

(False) It is important to note that cloud computing can be incorporated to different measures and extents - an IT enterprise can put some all 0r none of its IT resources in a cloud.

(True/False) Every IT resource is directly available (remotely accessible) to consumers.

(False) Not every IT resource that resides inside a cloud needs to be made directly available to consumers. A *cloud-based IT resource* can be remotely accessed or *it can support the remote access of other cloud-based IT resources*.

(T/F) Saleforce Sales Cloud 2 is a SaaS product

True.

service agent

*Service agents are event-driven programs designed to intercept messages at runtime.* There are active and passive service agents, both of which are common in cloud environments. Cloud-based environments rely heavily on the use of system-level and custom service agents to perform much of the runtime monitoring and measuring required to ensure that features, such as elastic scaling and pay-for-use billing, can be carried out instantaneously.

Public Cloud

- A *public cloud* is a publicly accessible cloud environment owned by a third-party cloud provider. - The IT resources on public clouds are usually provisioned via the previously described cloud delivery models and are generally offered to cloud consumers at a cost or are commercialized via other avenues (such as advertisement). The cloud provider is responsible for the creation and on-going maintenance of the public cloud and its IT resources.

technology innovation - Web/Clustering

- Because Web applications were commonly made available to a wide, public user-base, they often became demand-driven and tended to be "spiky" in their usage loads. - The back-end technology architectures that evolved in support of Web-based applications therefore introduced the need for: ...- load balancing ...- server farms ...- clustered servers ...- clustered databases - These technology advances became relevant to the manner in which clouds provide IT resources.

Business Drivers - *Cost Reduction & Operating Overhead Reduction*

- Beyond the initial investment required to establish needed IT infrastructure, the actual cost of ownership needs to be considered. - For organizations with fluctuating or unpredictable usage requirements it can be overly expensive to own and operate IT infrastructure that can accommodate usage peaks. but is, for the most part, underutilized. - Overtime, the administration demands can unnecessarily increase operating costs, making the IT department itself more of a burden upon the organization.

Business Drivers - *Capacity Planning*

- Capacity planning is an unavoidable responsibility for most IT enterprises. requiring that future demands on IT infrastructure be planned for and accommodated. - Capacity planning can be very challenging because it can require estimating usage load fluctuations. - There is a constant need to balance peak usage requirements without unnecessarily over-spending on IT infrastructure. - To accommodate maximum usage loads may require too high of an investment. To moderate the investment may result in lost transactions and other usage limitations due to lower usage thresholds.

Business Cost Metrics - locked-in costs

- Cloud environments can impose portability limitations. - When performing a metrics analysis over a longer period of time, it may be necessary to take into consideration the possibility of having to *move from one cloud provider to another*. - Due to the fact that cloud service consumers can become dependent on proprietary characteristics of a cloud environment, there are locked-in costs associated with this type of move. - Locked-in costs can further *decrease the long-term business value of leasing cloud-based IT resources*.

Challenges of Cloud Computing - limited portability between cloud providers

- Due to a lack of established industry standards within the cloud computing industry, public clouds are commonly *proprietary* to various extents. - For cloud consumers that have custom-built solutions with dependencies on these proprietary environments, it can be *challenging to move from one cloud provider to another*.

technology innovation - *Grid Computing*

- Grid computing emerged in the 90's to introduce the concept of "computing as a networked utility." - With a grid you could plug into a pool of shared computing power the same way you would plug an appliance into a shared power grid. - this concept led to the notion of "pay-as-you-go" computing and further formed the basis of "elasticity" - both of which establish fundamental characteristics of a cloud (as explained later in the Characteristics of a Cloud section). - Note the use at grid computing specifically within cloud platforms is still classified as on "emerging technology." as explained in Module 2: Cloud Technology Concepts.

Goals & Benefits Cloud Computing - Increased Scalability

- IT resources can be *flexibly acquired* from a cloud provider, almost instantaneously and at a wide variety of usage levels. - By scaling with cloud-based IT resources, cloud consumers can leverage this flexibility to *increase their responsiveness* to foreseen changes and unforeseen changes. - This holds true for when a cloud consumer needs to *scale* IT resources, based on current requirements.

Business Drivers - *Organizational Agility*

- Organizational agility represents the responsiveness of an organization in the face at business change. - In many cases. an IT enterprise needs to respond to business change by being able to scale its IT resources beyond what may have been previously predicted or planned for. - In other cases. changing business needs or priorities may require that IT resources be more available and/or reliable than they previously have been. - The ability for an IT enterprise to be responsive to these and other types of changes helps enable it to increase an organization's overall agility.

What are common IT Resources?

- Physical Server - Virtual Server - Software Program - Service - Storage Device - Network Device

Challenges of Cloud Computing - increased security vulnerabilities

- Responsibility over data security becomes shared with the cloud provider - Cloud provider's privileged access to cloud consumer data; The extent to which the data is secure is now limited to the security controls and policies applied by both the cloud consumer and cloud provider - Attack surface is bigger - The remote usage of IT resources requires an expansion of trust boundaries by the cloud consumer to include an external cloud. - Unless the cloud consumer and cloud provider support the same or compatible security technologies. it can be difficult to establish a security architecture that spans the trust boundary without introducing vulnerabilities. - Furthermore. because cloud-based IT resources can be shared. there can be overlapping trust boundaries from different cloud consumers (as illustrated on the following page).

What are the fundamental concepts of cloud computing?

- Service - Cloud Service - IT Resource - Service Agent (Active/Passive) - Virtualization - On-Premise - Cloud - Scaling (horizontal/vertical)

IaaS: Infrastructure as a Service

- The IaaS delivery model represents a self-contained IT environment comprised of infrastructure-centric IT resources that can be accessed and managed via cloud service-based interfaces and tools. - This environment can include hardware, network, connectivity, operating systems, and other "raw" IT resources. - In contrast to traditional hosting or outsourcing environments, with IaaS, IT resources are typically virtualized and packaged into bundles that simplify up-front runtime scaling and customization of the infrastructure.

SLA Characteristics - Performance

- The maximum performance of an IT resource represents the capacity up to which the IT resource is able to perform its functions. - The determination of this capacity (the performance rating) of a given IT resource depends on its type and purpose. - For example, a Web service's performance rating could be specified in calls per seconds and the response time for each call. - A development environment, on the other hand, may measure capacity in the maximum number of concurrent users that can be supported.

Challenges of Cloud Computing - multi-regional compliance and legal issues

- Third-party cloud providers will frequently establish data centers in affordable or convenient geographical locations. - Cloud consumers will often not be aware of the physical location of their IT resources and data when hosted by public clouds. For some organizations, this can pose serious legal concerns pertaining to industry or government regulations that specify data privacy and storage policies. For example, some UK laws require personal data belonging to UK citizens to be kept within the United Kingdom (pke: this is a real good joke: GCHQ scans everything and then shares it with the NSA anyway :D). Most regulatory frameworks recognize that cloud consumer organizations are ultimately responsible for the security, integrity, and storage of their own data, even when it is held by an external cloud provider.

technology innovation - Virtualization

- Virtualization is an established technology that has enabled hardware owners to repeatedly leverage physical servers for wide, concurrent usage. - Virtualization further helped realise the notion of "server elasticity," by allowing one physical server to host a variable number of "virtual" servers. - Virtualization is a key technology in modern cloud computing environments and is introduced in the upcoming Fundamental Terminology and Concepts section.

What is an SLA

- a Service Level Agreement (SLA) is a document that describes *quality-of-service features, behaviors, and limitations (QuBeLi)* of a service. - it is a *human-readable* part of a service contract that extends the technical service contract

Give some example of operational governance issues related to loss of control over it

- network latency due to distance to region of cloud provider - cloud provider goes out of business - cloud provider is bought - unannounced incompatible software upgrade (only unreliable cloud providers do this) - unreliable network between reliable networks of the cloud provider and cloud consumer

Give some examples of *up-front costs*

- on-premise environments: hardware, software and labor required for deployment - cloud-base environments: labor costs required to assess and set up a cloud environment

Give some examples of *on-going costs*

- on-premise: licensing fees, electricity, insurance, and labor - cloud-based: virtual hardware leasing fees, bandwidth usage fees, licensing fees and labor

Business Cost Metrics - integration costs

-Integration testing is a form of testing required to measure the effort required to make IT resources compatible and interoperable within a foreign environment, such as a new cloud platform. -Depending on the cloud deployment model and cloud delivery model being considered by an organization, there may be the need to further *allocate funds to carry out integration testing and additional labor related to enable interoperability* between cloud service consumers and cloud services. - These expenses are referred to as *integration costs*. - High integration costs can make the option of *leasing cloud-based IT resources less appealing*.

Community Cloud

A *community cloud* is similar to a public cloud except that its access is limited to a specific community of cloud consumers. The community cloud may be jointly owned by the community members or by a third-party cloud provider that provisions a public cloud with limited access. The member cloud consumers of the community typically share the responsibility for defining and evolving the community cloud. Membership in the community does not necessarily guarantee access to or control of all the cloud's IT resources. Parties outside the community are generally not granted access unless allowed by the community.

Hybrid Cloud

A *hybrid cloud* is a cloud environment comprised of two or more different cloud deployment models. Hybrid deployment architectures can be complex and challenging to create and maintain due to the potential disparity in cloud environments and the fact that management responsibilities are typically split between the private cloud provider organization and the public cloud provider.

Private Cloud

A *private cloud* is owned by a single organization. Private clouds enable an organization to use cloud computing technology as a means of centralizing access to IT resources by different parts, locations, or departments of the organization. When a private cloud exists as a controlled environment, the problems described in the Risks and Challenges section do not tend to apply. The use of a private cloud can change how organizational and trust boundaries are defined and applied. The actual administration of a private cloud environment may be carried out by internal or outsourced staff.

SaaS: Software as a Service

A software program positioned as a shared cloud service and made available as a "product" or generic utility represents the typical profile of a SaaS offering. The SaaS delivery model is typically used to make a reusable cloud service widely available (often commercially) to a range of cloud consumers. An entire marketplace exists around SaaS products that can be leased and used for different purposes and via different terms. A cloud consumer is generally granted very limited administrative control over a SaaS implementation. It is most often provisioned by the cloud provider, but it can be legally owned by whichever entity assumes the cloud service owner role. For example, an organization acting as a cloud consumer while using and working with a PaaS environment can build a cloud service that it decides to deploy in that same environment as a SaaS offering. The same organization then effectively assumes the cloud provider role as the SaaS-based cloud service is made available to other organizations that act as cloud consumers when using that cloud service.

Virtual Server

A virtual server is a form of virtualization software that emulates a physical computer (a physical server). Each physical server can host multiple virtual servers. To a cloud consumer, a virtual server appears as an independent physical server.

Virtual Private Cloud

Also known as a "dedicated cloud" or "hosted cloud," this model results in a self-contained cloud environment hosted and managed by a public cloud provider, and made available to a cloud consumer. (from wiki) A *Virtual Private Cloud (VPC)* is an on demand configurable pool of shared computing resources allocated within a public cloud environment, providing certain level of isolation between the different organizations (denoted as users hereafter) using the resources. The isolation between one VPC user and all other users of the same cloud (other VPC users as well as other public cloud users) is achieved normally through allocation of a Private IP Subnet and a virtual communication construct (such as a VLAN or a set of encrypted communication channels) per user.

Business Cost Metrics - sunk costs

An organization will often have existing IT resources that are already paid for and operational. The prior investment that has been made in these on-premise IT resources is referred to as *sunk costs*. When comparing up-front costs together with significant sunk costs, it can be more difficult to justify the leasing of cloud-based IT resources as an alternative.

Why is an SLA so importance?

Because cloud environments intentionally hide back-end implementation details about cloud services, the guarantees expressed in SLAs become very important to cloud consumers.

Challenges of Cloud Computing - reduced operational governance control

Cloud consumers are usually allotted a level of governance control that is lower than that over on-premise IT resources. This reduced level of governance control can introduce risks associated with how the cloud provider operates its cloud, as well as the external connections that are required for communicate between the cloud and the cloud consumer. Consider the following examples: - An unreliable cloud provider may not maintain the guarantees it makes in the SLAs that were published for its cloud services. This can jeopardize the quality of the cloud consumer solutions that rely on these cloud services. - Longer geographic distances between the cloud consumer and cloud provider can require additional network hops that introduce fluctuating latency and potential bandwidth constraints.

What kind of cloud consumers typically need PaaS?

Common reasons a cloud consumer would use and invest in a PaaS environment include: - The cloud consumer wants to extend on-premise environments into the cloud for scalability and economic purposes. - The cloud consumer uses the ready-made environment to entirely substitute an on-premise environment. - The cloud consumer wants to become a cloud provider and deploys its own cloud services to be made available to other external cloud consumers

virtualization

Data centers consist of both physical and virtualized IT resources. The physical IT resource layer refers to the facility infrastructure that houses computing/networking systems and equipment, together with hardware systems and their operating systems (Figure 1). The resource abstraction and control of the virtualization layer is comprised of operational and management tools that are often based on virtualization platforms that abstract the physical computing and networking IT resources as virtualized components that are easier to allocate, operate, release, monitor, and control.

(True/False) A cloud service is either a Web Service or a REST service

False. A cloud service can exist as: 1. a traditional service (WS or Rest) accessed via a published service contract and messaging, or 2. a software program remotely accessed via other means (such as communicating with a software program on a server using a proprietary protocol)

(True/False) a cloud must be web-based

False. A cloud can exist with the use of any remote access protocols that allows for access to its IT resources

(True/False) Virtualization is a requirement for a Cloud

False. Even though the provisioning of virtual IT resources by clouds is very common, it is not an absolute requirement. *A cloud can also provide remote access directly to physical IT resources*.

Why would one cloud provider lease IT resources from another cloud provider? Give an example.

For example, a cloud consumer may have a legal requirement for data to be physically stored in a specific region (for which the cloud provider needs to contract a different cloud provider).

service

From an implementation perspective, a service is a software program that can be remotely invoked via a published technical interface (or API) referred to as a *service contract*.

How are future downtimes estimated?

Future downtimes are estimated by assigning the event that causes a downtime a probability for its occurrence and the time it would take to bring up the IT resource again. The percentage is calculated as follows: 1. Multiply the probability of downtime by the actual estimated downtime. 2. Divide the value by a measured period of time. 3. Multiply the value by 100. 4. Deduct the value from a 100.

Explain complexity of Hybrid Clouds

Hybrid deployment architectures can be complex and challenging to create and maintain due to the potential disparity in cloud environments and the fact that management responsibilities are typically split between the private cloud provider organization and the public cloud provider.

What is the big difference between IaaS and Paas on one hand and SaaS on the other?

IaaS and PaaS provide consumers with administrative control over the cloud service or its IT resources, whereas SaaS only gives *usage control* over the cloud service.

Explain the difference between "classic hosting" and "IaaS"

In contrast to traditional hosting or outsourcing environments, with IaaS, IT resources are *typically virtualized* and *packaged into bundles that simplify up-front runtime scaling and customization* of the infrastructure.

SLA Characteristics - Redundancy and Resilience

It is important to note that the availability, reliability and performance of an IT resource can be made more resilient by providing redundant implementations of the IT resource. For example. a web service with an availability rating at 90% that has redundant implementation also with an availability rating at 90% will have a combined reliability rating at nearly 100% because there is a very low probability that both implementations will be unavailable at the same time.

Deployment Models

PuHyPriCo - *Public Cloud* - *Hybrid Cloud* - *Private Cloud* - *Community Cloud* - *Virtual Private Cloud* / *dedicated cloud* / *Hosted Cloud* - *Inter-Cloud*

SLA Characteristics - Reliability

Reliability represents the probability that an IT resource performs its intended functions without failure under pre-defined conditions. A common formula for calculating the reliability rating of on IT resource, is to take the number of successful executions of its function(s) and divide that value by the number of attempts made to execute those function(s).

Goals & Benefits Cloud Computing - Increased Reliability

Runtime failures that are not immediately corrected can have a more significant impact during high-volume usage periods. Not only is the IT resource unable to respond to customer requests, its unexpected failure can decrease overall customer confidence.

scaling

Scaling, from an IT resource perspective, represents the ability of the IT resource to *handle increased or decreased usage demands*. The following are types of scaling: 1. *Horizontal Scaling* - scaling out and scaling in 2. *Vertical Scaling* - scaling up and scaling down

PaaS: Platform as a Service

The PaaS delivery model represents a pre-defined "ready-to-use" environment typically comprised of already deployed and configured IT resources. Specifically, *PaaS relies on (and is primarily defined by) the usage of a ready-made environment that establishes a set of pre-packaged products and tools* used to support the entire delivery lifecycle of custom applications.

Horizontal Scaling

The allocating or releasing of IT resources that are of the same type is referred to as horizontal scaling (Figure 1). The horizontal allocation of resources is referred to as *scaling out* and the horizontal releasing of resources is referred to as *scaling in*. Horizontal scaling is a common form of scaling within cloud environments.

SLA Characteristics - Availability

The availability of an IT resource is the probability that it will be accessible. The probability value is generally expressed with a percentage representing the amount of time that the IT resource is accessible during a given period. The percentage is calculated as follows: 1. Divide the amount of hours the IT resource was unavailable (within a measured period) by the total amount of hours within the measured period. 2. Multiply the value by 100. 3. Deduct the value from 100.

What is the driving motivation behind cloud computing?

The driving motivation behind cloud computing is to provide IT resources as services that encapsulate other IT resources, while offering functions for clients to use and leverage remotely. A multitude of models for generic types of cloud services have emerged, most of which are labeled with the "as-a-service" suffix.

What kind of cloud consumers typically need IaaS?

The general purpose of an IaaS environment is to provide cloud *consumers with a high level of control and responsibility over its configuration and utilization*. The IT resources provided by IaaS are generally not pre-configured, placing the administrative responsibility directly upon the cloud consumer. This model is therefore *used by cloud consumers that require a high level of control* over the cloud-based environment they intend to create.

Goals & Benefits Cloud Computing - Reduced Investments

The most common economic rationale for investing in cloud-based IT resources is in the reduction or outright elimination of up-front IT investments, namely hardware and software purchases and ownership costs.

How to mitigate the "limited portability between cloud providers" challenge?

This challenge can be mitigated if cloud consumers can build solutions based on industry standards and if cloud providers support these industry standards.

What's the issue with accommodating for maximum usage loads?

To accommodate maximum usage loads may require too high of an investment.

What's the issue with moderating the usage loads investments?

To moderate the investment may result in lost transactions and other usage limitations due to lower usage thresholds.

(True/false) Vertical scaling is less common in cloud environments + explain why or why not.

True. Vertical scaling is less common in cloud environments due to the downtime required while the replacement is taking place.

(T/F) on-going costs for cloud-based IT resources often exceed on-going costs of on-premise IT resources

True. especially over a longer period of time

Business Cost Metrics - up-front costs

Up-front costs are associated with the initial investments that organizations need to make in order to fund the IT resources they intend to use. This includes both the costs associated with obtaining the IT resources, as well as expenses required to deploy and administer them.

Vertical Scaling

When an existing IT resource is replaced by another with higher or lower capacity, vertical scaling is considered to have occurred (Figure 2). Specifically, the replacing of an IT resource with another that has a higher capacity is referred to as *scaling up* and the replacing an IT resource with another that has a lower capacity is considered *scaling down*. *Vertical scaling is less common in cloud environments due to the downtime required while the replacement is taking place.*

Even if you have tight legal agreements with a public cloud provider what can still go wrong?

With public clouds, there is always a risk that the cloud provider will be acquired or may go out at business, potentially resulting in an inability to fulfill legal obligations.

Why is virtualization primarily used in Cloud Computing?

Within cloud environments, virtualization technology is primarily utilized to replicate multiple virtual images of the same physical server for remote access by consumers.

(True/False) The cloud is a modern name for the internet

false. It is important to distinguish the term "cloud" and the cloud symbol from the Internet. As a specific environment used to remotely provision IT resources, a cloud has a finite boundary. There are many individual clouds that are accessible via the Internet. Whereas the Internet provides open access to many Web-based IT resources, a cloud is typically privately owned and offers access to IT resources that is metered.

For what kind of delivery models is the Limited Portability especially relevant?

for PaaS and IaaS