CC Final Exam
Say a SaaS provider favors isolation, describe the runtime model.
-Each client has a separate running copy of the application and a separate data store -The separation between clients is provided by the operating system -More secure; less efficient
What 4 tasks can be found within the Business Layer?
1. Application Facade 2. Business Workflow 3. Business Components 4. Business Entities
What are the 6 Enterprise Architecture layers for IT Architecture?
1. Business Model 2. Business Capabilities 3. IT Applications 4. IT Integration Platform 5. IT Infrastructure Products 6. IT Infrastructure
What 3 tasks can be found within the Data Layer?
1. Data Access Components 2. Data Helpers/Utilities 3. Service Agents
As discussed in class, what are 10 typical capabilities offered by IaaS?
1. Data Center 2. Physical Hardware 3. Compute Instances 4. Image Catalog 5. Storage 6. LAN 7. WAN Connectivity 8. Control Plane and self-service interfaces 9. IAM 10. Support
Describe the 3 step application development process in PaaS.
1. Developers code their applications using common programming languages and development frameworks, such as PHP, Java*, and .NET*. (*No installation kit or server configuration necessary*) 2. The application is pushed to the cloud from a command-line interface or directly from an interactive development environment (IDE) using a plug-in. 3. The PaaS runtime container assesses the application's resource requirements. Then provides elastic scaling, high availability, automatic configuration, load balancing, and management tools. (Typical cloud goodness)
Describe the CC Essential Characteristic, On-Demand Self Service.
A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider.
What is a Cloud Consumer?
A person or organization that maintains a business relationship with, and uses service from, Cloud Providers
What is a Cloud Provider?
A person, organization, or entity responsible for making a service available to interested parties
One of the capabilities offered by IaaS is support, what levels of support are common from providers?
A provider will normally offer customer support for billing and administrative tasks as part of the offering. It may also offer "community" support, where customers can ask questions in the support forums A provider may offer more options for technical support for additional cost
What is a Cloud Broker?
An entity that manages the use, performance and delivery of cloud services, and negotiates relationships between Cloud Providers and Cloud Consumers
Describe the CC Essential Characteristic, Broad Network Access.
Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, tablets, laptops, and workstations).
Describe the CC Essential Characteristic, Rapid Elasticity.
Capabilities can be elastically provisioned and released, in some cases automatically, to scale rapidly outward and inward commensurate with demand. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be appropriated in any quantity at any time.
What is the definition of cloud computing?
Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.
What are two key benefits of IT Architecture?
Consistency and Standardization
With SaaS, how much control does a user have?
Extremely little. The consumer does not manage or control the underlying cloud infrastructure, with the possible exception of limited user specific application configuration settings.
Describe the One Client tool, Many Provider Interop-Portability Model. Sketch how this would look.
Have one client Tool A in a circle. There should be at least two CSPs. Double-headed arrows between each CSP and the client tool. If Cloud Service Provider A and CSP B support the same interface and capabilities, then the customer can seamlessly move between providers, either concurrently or by switching providers
What is a business model in terms of IT Architecture?
How we as an organization create value.
What is the difference between logical layers and physical tiers?
Layers describe the *logical groupings* of the functionality and components in an application; whereas tiers describe the *physical distribution* of the functionality and components on separate servers, computers, networks, or remote locations (the physical hardware)
Why are layers important in Application Architecture? What do they help to do?
Layers help to differentiate between the different kinds of tasks performed by the components, making it easier to create a design that supports reusability of components.
What is IaaS-Centric PaaS?
Offers streamlined deployment of applications on top of the IaaS stack while still retaining full control over the underlying infrastructure. Can pretty much code anything that you want, say if you wanted to program a new game. Example: Windows Azure
What is PaaS?
Platform as a Service. The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages, libraries, services, and tools supported by the provider.
Describe the Logical Isolation of Resources between Clients in SaaS.
Same application could be accessed by multiple clients; however the cloud provider usually provisions unique execution environment to each customer even for the same application. This means that logically they are all isolated.
What is the definition of SaaS? What is the user and provider responsible for?
Software as a Service. Software deployed as a hosted service and accessed over the Internet. With SaaS, a provider licenses an application to customers as a service on demand, through a subscription, in a "pay-as-you-go" model
What is the physical layer of cloud infrastructure?
The physical layer consists of the hardware resources, and typically includes server, storage and network components.
What is the PaaS management layer?
The provisioning of all native services and add-ons is initiated from the management tier. A management layer allows control over the deployed applications and the configuration settings of the platform. Includes the abilities to deploy and manage the lifecycle of the applications. This encompasses pushing, starting, and stopping of applications.
What 2 tasks can be found within the Presentation Layer?
UI Components Presentation Logic Components
Considering the venturebeat diagram of function/layer ownership per cloud service model, what functions does the service provider manage and what does the user manage for IaaS?
User: 1. Applications 2. Data 3. Runtime 4. Middleware 5. O/S Provider: 6. Virtualization 7. Servers 8. Storage 9. Networking
What are the 3 parts of the PaaS model?
1. Infrastructure Tier 2. Platform 3. Management Layer
Describe the Multiple client tools, single provider Interop-Portability Model. Sketch how this would look.
Have two client Tools A and B in a circle. There should be one CSP. Double-headed arrows between each tool and the CSP. If the customer wishes to use or migrate to a different tool (from Tool A to Tool B), then CSP A must publish a description of the interface for different tool vendors to implement
Describe the Multiple Tools, Many Providers Interop-Portability Model. Sketch how this would look.
Have two client Tools A and B in a circle. There should be two CSPs. Double-headed arrows between each tool and each CSP (so 4 sets of arrows). Open interfaces enable choice of tools and providers No need to change tools when changing providers, and choice of tools are possible
Describe the "Indirect migration of data/app/workload" Interop-Portability Model. Sketch how this would look.
Have a Customer downloading from CSP A. The customer then uploads to CSP B. -Customer Downloads data/app/workload from one cloud and uploads to another -The download and upload protocol/method need not be the same -Portability happens if CSP B can make sense and utilize the uploaded content AND the customer observes a level of fidelity
Describe the "Direct migration of data/app/workload" Interop-Portability Model. Sketch how this would look.
Have a customer send a request to CSP A. CSP A then does a Transfer to CSP B. - Customer requests migration of data/app/workload from A to B - CSP A and CSP B have some agreed transfer interface - Portability happens if CSP B can make sense and utilize the transferred content AND the customer observes a level of fidelity
With PaaS, how much control does a user have?
Moderate control. The consumer does not manage or control the underlying cloud infrastructure, but has control over the deployed applications and possibly configuration settings for the application-hosting environment.
What is the concern about integrating an SaaS application? How is this concern managed?
The issue is that the more applications, the more data dependencies are created. Integrating a SaaS application into your environment will create data dependencies that require data to be synchronized and moved between the SaaS application and one or more in-house applications. To solve this, an integration broker is used to manage data movement and system integration.
Describe the CC Essential Characteristic, Resource Pooling.
The provider's computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. Examples of resources include storage, processing, memory, and network bandwidth.
Considering the venturebeat diagram of function/layer ownership per cloud service model, what functions does the service provider manage and what does the user manage for PaaS?
User: 1. Applications 2. Data Provider: 3. Runtime 4. Middleware 5. O/S 6. Virtualization 7. Servers 8. Storage 9. Networking
Describe the Data Center capability offered by IaaS. (Who provides the data center?)
Usually the service provider will host the infrastructure in its data center. The provider may own or lease its data center, or it may use a colocation facility Regardless of the mode of ownership, the *provider* is responsible for ensuring that the physical environment meets the service delivery commitments (as established in SLA)
Considering the venturebeat diagram of function/layer ownership per cloud service model, what functions does the service provider manage and what does the user manage for SaaS?
(User Manages Nothing) Provider: 1. Applications 2. Data 3. Runtime 4. Middleware 5. O/S 6. Virtualization 7. Servers 8. Storage 9. Networking
Say a SaaS provider favors efficiency, describe the runtime model.
-The SaaS application concurrently serves multiple clients and saves data in a combined database -The separation of clients should be accounted for during the design and engineering of the application itself -Less secure; more efficient
What is Interoperability?
-The ability of two or more systems or applications to exchange information and to mutually use the information that has been exchanged. -In practice: Two systems A and B interact with each other in order to achieve some objective. That objective could be to copy data from A to B for instance.
What is Portability?
-The ability to move data and application between systems and for the data/application to be usable with minimum adjustments. -Does not concern the mechanism of *how* data and apps get between system, but rather on the fidelity of data and apps received and whether they are useable without (or with minimum) modification
What are 5 scenarios discussed in class where SaaS could make sense?
1. "Vanilla" offerings where the solution is largely undifferentiated. Most firms may use the same software because is is a fundamental requirement for doing business, but does not itself confer an competitive advantage 2. Applications where there is significant interplay between the organization and the outside world 3. Applications that have a significant need for web or mobile access 4. Software that is only to be used for a short term need 5. Software where demand spikes significantly
What are the 5 aspects of the Public Cloud Risk model?
1. Agility 2. Availability 3. Security 4. Supplier 5. Compliance
Who are the 5 common consumers of PaaS?
1. Application Developers 2. Application Testers 3. Application Deployers 4. Application Administrators 5. Application End Users
A venturebeat diagram was often used in class to showcase what the service provider managed and what the user manages between Packaged Software, IaaS, PaaS, and SaaS. What are the 9 functions/layers that are apart of this diagram?
1. Applications 2. Data 3. Runtime 4. Middleware 5. O/S 6. Virtualization 7. Servers 8. Storage 9. Networking
What are 4 different use cases, as discussed in class, where SaaS wouldn't be the best option?
1. Applications where extremely fast processing of real time data is required. Example includes flight control systems or factory robot controls 2. Applications which involve bulk consumer data. 3. Applications where legislation or other regulation does not permit data being hosted externally 4. 'Critical' applications
Describe all four levels of service-centric IT.
1. At level 1, the enterprise user needs are rudimentarily addressed by a collection of *siloed applications* 2. At level 2, the enterprise user needs are better addressed through a service portfolio, each consisting of related applications offering a more complete set of functionalities 3. Level 3 is about service-portfolio optimization. The service portfolio is enhanced with additional options coming from SaaS providers, allowing the enterprise to further optimize its IT strategy and cost-allocation decisions 4. At level 4, in-the-cloud and on-premise services are seamlessly *integrated*, offering a platform for composing applications closely aligned with business tasks
What are 5 different use cases, as discussed in class, for SaaS?
1. Business logic 2. Collaboration - Applications in this area help teams of people work together, either within or between organizations. Examples include calendar systems, email, screen sharing, collaborative document authoring, conference management, and online gaming 3. Office productivity 4. Software tools 5. Learning management system
Who are the 5 cloud actors?
1. Cloud Consumer 2. Cloud Provider 3. Cloud Auditor 4. Cloud Broker 5. Cloud Carrier
Policy and Organizational Risks is one of the major categories of Cloud Computing risks, what are the 5 risk areas within this domain? Briefly describe them.
1. Forced lock-in with the cloud provider - Lack of standard technologies and portability 2. Loss of governance -Unclear roles and responsibilities 3. Compliance challenges - Storage of data in multiple jurisdictions and lack of transparency about this 4. Co-tenancy risks - Lack of resource isolation, Hypervisor vulnerabilities 5. Cloud service termination or failure - Poor provider selection
What are 5 benefits of SaaS?
1. High adoption rate 2. Lower initial costs 3. Reduced administration 4. Painless upgrades 5. Seamless scalability
What are the 3 types of PaaS?
1. IaaS-Centric PaaS 2. SaaS-Centric PaaS 3. Generic PaaS
What are the 7 common types of cloud IaaS?
1. Internal Private Cloud 2. Outsourced Private Cloud 3. Hosted Private Cloud 4. Virtual Private Cloud 5. Public Cloud with Dedicated Compute 6. Public Cloud 7. Community Cloud
What are 4 of the modules that can be present in an Integration Broker Pipeline?
1. Security 2. Transform 3. Orchestrate 4. Route
What are 8 common (NON-ESSENTIAL) characteristics of Cloud Computing?
1. Massive Scale 2. Resilient Computing 3. Homogeneity 4. Geographic Distribution 5. Virtualization 6. Service Orientation 7. Low Cost Software 8. Advanced Security
What are 5 essential characteristics of Cloud Computing?
1. On Demand Self-Service 2. Broad Network Access 3. Rapid Elasticity 4. Resource Pooling 5. Measured Service
What two tasks can be found within the Services Layer?
1. Service Interfaces 2. Message Types
Cloud Computing Risks can be grouped into 3 major categories, what are those categories?
1. Policy and Organizational Risks 2. Technical Risks 3. Legal Risks
What are 4 considerations for SaaS readiness?
1. Technical considerations 2. Financial considerations 3. Political considerations 4. Legal considerations
For PaaS, what is the Cloud Provider's scope of control?
1. The cloud provider has NO control over Applications (like mail) 2. The cloud provider has admin control over Middleware like Java 3. The cloud provider has total control over O/S 4. The cloud provider has total control over hardware
What is the cloud provider's scope of control for SaaS?
1. The cloud provider has admin control over applications. 2. The cloud provider has TOTAL control over Middleware, O/S, and Hardware.
For PaaS, what is the User's scope of control?
1. The user has admin control over Applications (like mail) 2. The user has the ability to program to interfaces with Middleware like Java. These are made available to them by the provider. 3. The user has NO control over O/S 4. The user has NO control over hardware
What is the user's scope of control for SaaS?
1. The user has very little admin control and some user level control over applications. 2. The user has NO control over Middleware, O/S, and Hardware.
What are 5 characteristics of SaaS?
1. Web access to commercial software 2. Software is managed from a central location 3. Software delivered in a "one to many" model - multitenancy 4. Users not required to handle software upgrades and patches 5. Application Programming Interfaces (APIs) allow for integration between different pieces of software
What is the definition of PaaS? What is the user and provider responsible for?
A Platform-as-a-Service (PaaS) cloud provides a toolkit for conveniently developing, deploying, and administering application software and that can potentially be accessed from any point in the Internet. PaaS clouds will typically provide a set of software building blocks and a set of development tools such as programming languages and supporting run-time environments that facilitate the construction of high-quality, scalable applications. Vendor manages runtime down, only Applications and Data managed by user.
What is the definition of cloud infrastructure?
A cloud infrastructure is the collection of hardware and software that enables the five essential characteristics of cloud computing. The cloud infrastructure can be viewed as containing both a physical layer and an abstraction layer.
Describe the Storage capability offered by IaaS.
A compute instance needs access to files or block storage; at minimum, it requires a boot volume with an operating system. Eg. AWS Elastic Block Store This type of storage is distinct from what is commonly known as "cloud storage," which is object-based, API-accessible storage. Eg. Box
What is a Cloud Auditor?
A party that can conduct independent assessment of cloud services, information system operations, performance and security of the cloud implementation
What is a service? How are they seen as part of our models?
APIs, fetches, etc. Conceptually, the services can be seen as components of the overall solution. However, internally, each service is made up of software components, just like any other application, and these components can be logically grouped into presentation, business, and data layers.
Describe the Service Layer.
An OPTIONAL layer that does not interact with users. When an application must provide services to other applications, as well as implementing features to support clients directly, a common approach is to use a services layer that exposes the business functionality of the application
What is an Integration Broker? What does it do?
An essential part of the Enterprise Application Integration (EAI) framework, it integrates in-house applications and SaaS applications. It has a Pipeline architecture with modules, which can be added or removed on customer need, that perform specific integration operations
Describe the Image Catalog capability offered by IaaS. (Who provides the images?)
An image catalog contains, at minimum OS images that are supplied by the provider — for instance, Linux and Windows images More advanced image catalogs may contain images that are supplied by the subscriber or third parties; images may include other software in addition to the OS
Describe the Compute Instances capability offered by IaaS. (Who provides the instances?)
An instance can be a virtual machine or a bare-metal server. If virtual machines, the service provider is responsible for operating the virtualization management and hypervisor layer
What is a Cloud Carrier?
An intermediary that provides connectivity and transport of cloud services from Cloud Providers to Cloud Consumers
What is the Multiple Deployment model for PaaS?
Applications are hosted in the private cloud, and the public cloud is used to develop and test applications.
Where did the term cloud in cloud computing come from?
Cloud is often used in technical diagrams to represent a network without showing any details. Cloud denotes an abstraction of services from underlying infrastructure.
Describe the CC Essential Characteristic, Measured Service.
Cloud systems automatically control and optimize resource use by leveraging a metering capability (e.g., storage, processing, bandwidth, and active user accounts). Resource usage can be monitored, controlled, and reported, providing transparency for both the provider and consumer of the utilized service.
Describe the "Temporary migration of workload" Interop-Portability Model. Sketch how this would look.
Here, Customer connects to CSP A only. CSP A then has double arrow connections to CSP B and C, representing that the provider can offload the workload to the other providers. -Customer uses service(s) of CSP A only -CSP A may migrate some or all of the workload to another CSP, without the customer being aware. Eg. temp scaling out to meet demand -Typically the other CSP (B and C) will be public clouds -Having the same interface and understanding the same workload data and metadata enables CSP A to chose more than one public CSP
What is the definition of IaaS? What is the user and provider responsible for?
IaaS is a cloud computing service where the service provider is responsible for everything below the operating system (OS) layer i.e., compute, storage and networking resources. The subscriber is responsible for managing the operating system and everything above it, such as middleware, data and applications.
What is IaaS?
Infrastructure as a Service. The capability provided to the consumer is to provision processing, storage, networks, etc where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications.
What is iPaaS? (No, I'm not talking about Chicago transportation here.)
Integration Platform as a Service. Pretty much having someone handle the Integration Broker. Cloud services enabling development, execution and governance of integration flows connecting any combination of on premises and cloud-based processes, services, applications and data Example vendors - Dell Boomi, MuleSoft
What is Generic PaaS?
It's just regular PaaS like you'd expect. Offers application platform that consists of a set of language runtimes, frameworks, services, and other components an application can be programmed to.
Considering the IT Architecture model, can the IT Architecture layer drive the business?
No, the business model should always drive the business. The IT Architecture model should be looked at from a top-down perspective.
What is SaaS-Centric PaaS?
Offers clear focus on productivity and simplicity which are mostly restricted and tailored to a specific SaaS solution. Similar to legos, as long as the lego (block of code) exists, you can build. Simplicity and productivity. Very restrictive on portability. Example: Force.com
What is the service stack in PaaS?
Part of the Platform. Just like all other services, refers to APIs and Fetches and the like. The services stack is divided into native and add-on services. Native services are hosted and operated by the PaaS vendor typically co-located to the PaaS environment inside the same infrastructure. Add-ons are provisioned from within the PaaS with the add-on provider and are directly billed as additional part of platform fees.
What is the runtime stack in PaaS?
Part of the Platform. The runtime stack includes the basic runtimes offered by the PaaS, i.e. the programming languages that applications can be written in.
What is SaaS?
Software as a Service. The capability provided to the consumer is to use the provider's applications running on a cloud infrastructure, which are accessible from various client devices through either a thin client interface, such as a web browser (e.g., web-based email), or a program interface.
What is the PaaS infrastructure tier?
The PaaS infrastructure tier abstracts the physical infrastructure and adds another layer on top of IaaS capabilities or directly abstracts the bare hardware. A PaaS vendor typically offers several deployment regions or at least the appropriate region for the application's customer base.
What is the abstraction layer of cloud infrastructure?
The abstraction layer consists of the software deployed across the physical layer, which manifests the essential cloud characteristics.
In a PaaS model, what must the vendor provide to users?
The cloud provider maintains an (1) inventory of applications (2) a set of development tools, and (3) a set of execution environments For reference only: (The development tools might include programming languages, compilers, interfaces, testing tools, and mechanisms to deploy an application once it's finished) (An execution environment can be a physical computer, a virtual machine, storage resources, and programs that can service client requests)
Describe the IAM capability offered by IaaS. (Who is responsible for what?)
The provider will provide mechanisms for logging into the Web-based portal, and authenticating against the API The access permissions are usually controlled via role-based access control (RBAC)
What is the PaaS platform?
The platform is the main deliverable of a PaaS offering and includes the application hosting environment delivered as a service. It includes two stacks: the runtime stack and the service stack. Both stacks can be combined via bindings.
Describe the Self Services and Interfaces capability offered by IaaS. (Who is responsible for what?)
The provider provides self-service interfaces to the subscriber in the form of a Web-based portal, and an API The subscriber can then use the API to implement additional automation
Describe the Physical Hardware capability offered by IaaS. (Who provides the physical hardware?)
The service provider will own and operate all the hardware associated with the offering. Hardware includes servers, storage arrays and network devices In some cases (private cloud IaaS offering), the subscriber can choose as well as own hardware
Describe the LAN capability offered by IaaS. (Who is responsible for the LAN?)
There must be a LAN between compute instances, as well as a LAN between compute instances and any network-attached storage devices The provider is responsible for LAN operations. Many providers offer higher-level networking functions as well, such as load-balancing, network security, and DNS
Describe the Presentation layer.
This layer contains the user-oriented functionality responsible for managing user interaction with the system, and generally consists of components that provide a common bridge into the core business logic encapsulated in the business layer.
Describe the Business Layer.
This layer implements the core functionality of the system and encapsulates the relevant business logic.
Describe the Data Layer.
This layer provides access to data hosted within the boundaries of the system, and data exposed by other networked systems.
Describe the WAN capability offered by IaaS. (Who is responsible for the WAN?)
When the offering is hosted in the provider's data center, the provider is responsible for connecting the offering to the subscriber's chosen telecommunications provider, so that the subscriber can obtain private connectivity If the offering is hosted in the subscriber's data center, the subscriber is normally responsible for the WAN