Complete the assigned weekly reading and review the case study below (also on page 135 ofyour textbook). Respond to the questions below in a 3-5 page Word document.
Based on an assessment of its internal applications, ATN analysts identify a set of risks. One
such risk is associated with the myTrendek application that was adopted from OTC, a
company ATN recently acquired. This application includes a feature that analyzes telephone
and Internet usage, and enables a multi-user mode that grants varying access rights.
Administrators, supervisors, auditors, and regular users can therefore be assigned different
privileges. The application’s user-base encompasses internal users and external users, such as
business partners and contractors.
The myTrendek application poses a number of security challenges pertaining to usage by
internal staff:
•
•
•
authentication does not require or enforce complex passwords
communication with the application is not encrypted
European regulations (ETelReg) require that certain types of data collected by the
application be deleted after six months
ATN is planning to migrate this application to a cloud via a PaaS environment, but the weak
authentication threat and the lack of confidentiality supported by the application make them
reconsider. A subsequent risk assessment further reveals that if the application is migrated to
a PaaS environment hosted by a cloud that resides outside of Europe, local regulations may
be in conflict with ETelReg. Given that the cloud provider is not concerned with ETelReg
compliance, this could easily result in monetary penalties being assessed to ATN. Based on
the results of the risk assessment, ATN decides not to proceed with its cloud migration plan.
Answer the following questions in a substantive manner:
1. Do you agree with ATN’s decision not to proceed with the cloud migration for the
myTrendek application?
2. Can the following risks be mitigated: no complex passwords; no encryption; data must be
deleted after six months. Please explain.
About This eBook
ePUB is an open, industry-standard format for eBooks. However, support of
ePUB and its many features varies across reading devices and applications. Use
your device or app settings to customize the presentation to your liking. Settings
that you can customize often include font, font size, single or double column,
landscape or portrait mode, and figures that you can click or tap to enlarge. For
additional information about the settings and features on your reading device or
app, visit the device manufacturer’s Web site.
Many titles include programming code or configuration examples. To
optimize the presentation of these elements, view the eBook in single-column,
landscape mode and adjust the font size to the smallest setting. In addition to
presenting code and configurations in the reflowable text format, we have
included images of the code that mimic the presentation found in the print book;
therefore, where the reflowable format may compromise the presentation of the
code listing, you will see a “Click here to view code image” link. Click the link
to view the print-fidelity code image. To return to the previous page viewed,
click the Back button on your device or app.
Cloud Computing
Concepts, Technology & Architecture
Thomas Erl,
Zaigham Mahmood,
and Ricardo Puttini
Upper Saddle River, NJ • Boston • Indianapolis • San Francisco
New York • Toronto • Montreal • London • Munich • Paris • Madrid
Cape Town • Sydney • Tokyo • Singapore • Mexico City
Many of the designations used by manufacturers and sellers to distinguish their
products are claimed as trademarks. Where those designations appear in this
book, and the publisher was aware of a trademark claim, the designations have
been printed with initial capital letters or in all capitals.
The authors and publisher have taken care in the preparation of this book, but
make no expressed or implied warranty of any kind and assume no responsibility
for errors or omissions. No liability is assumed for incidental or consequential
damages in connection with or arising out of the use of the information or
programs contained herein.
The publisher offers excellent discounts on this book when ordered in quantity
for bulk purchases or special sales, which may include electronic versions and/or
custom covers and content particular to your business, training goals, marketing
focus, and branding interests. For more information, please contact:
U.S. Corporate and Government Sales
(800) 382-3419
corpsales@pearsontechgroup.com
For sales outside the United States, please contact:
International Sales
international@pearsoned.com
Visit us on the Web: informit.com/ph
The Library of Congress Cataloging-in-Publication data is on file.
Copyright © 2013 Arcitura Education Inc.
All rights reserved. Printed in the United States of America. This publication is
protected by copyright, and permission must be obtained from the publisher
prior to any prohibited reproduction, storage in a retrieval system, or
transmission in any form or by any means, electronic, mechanical,
photocopying, recording, or likewise. To obtain permission to use material from
this work, please submit a written request to Pearson Education, Inc.,
Permissions Department, One Lake Street, Upper Saddle River, New Jersey
07458, or you may fax your request to (201) 236-3290.
ISBN-13: 978-0-13-338752-0
ISBN-10: 0-13-338752-6
Text printed in the United States on recycled paper at Courier in Westford,
Massachusetts.
First printing: May 2013
Editor-in-Chief
Mark L. Taub
Managing Editor
Kristy Hart
Senior Project Editor
Betsy Gratner
Copy Editor and Development Editor
Maria Lee
Senior Indexer
Cheryl Lenser
Proofreaders
Maria Lee
Williams Woods
Publishing
Publishing Coordinator
Kim Boedigheimer
Research Assistant
Briana Lee
Cover Designer
Thomas Erl
Compositor
Bumpy Design
Photos
Thomas Erl
Dominika Sládkovičová
Graphics
KK Lui
Briana Lee
Readers can download high-resolution,
full-color versions of all this book’s figures at
www.informit.com/title/9780133387520
and
www.servicetechbooks.com/cloud.
Praise for this Book
“Cloud computing, more than most disciplines in IT, suffers from too
much talk and not enough practice. Thomas Erl has written a timely book
that condenses the theory and buttresses it with real-world examples that
demystify this important technology. An important guidebook for your
journey into the cloud.”
—Scott Morrison, Chief Technology Officer, Layer 7 Technologies
“An excellent, extremely well-written, lucid book that provides a
comprehensive picture of cloud computing, covering multiple
dimensions of the subject. The case studies presented in the book provide
a real-world, practical perspective on leveraging cloud computing in an
organization. The book covers a wide range of topics, from technology
aspects to the business value provided by cloud computing. This is the
best, most comprehensive book on the subject—a must-read for any
cloud computing practitioner or anyone who wants to get an in-depth
picture of cloud computing concepts and practical implementation.”
—Suzanne D’Souza, SOA/BPM Practice Lead, KBACE Technologies
“This book offers a thorough and detailed description of cloud computing
concepts, architectures, and technologies. It serves as a great reference
for both newcomers and experts and is a must-read for any IT
professional interested in cloud computing.”
—Andre Tost, Senior Technical Staff Member, IBM Software Group
“This is a great book on the topic of cloud computing. It is impressive
how the content spans from taxonomy, technology, and architectural
concepts to important business considerations for cloud adoption. It
really does provide a holistic view to this technology paradigm.”
—Kapil Bakshi, Architecture and Strategy, Cisco Systems Inc.
“I have read every book written by Thomas Erl and Cloud Computing is
another excellent publication and demonstration of Thomas Erl’s rare
ability to take the most complex topics and provide critical core concepts
and technical information in a logical and understandable way.”
—Melanie A. Allison, Principal, Healthcare Technology Practice,
Integrated Consulting Services
“Companies looking to migrate applications or infrastructure to the cloud
are often misled by buzzwords and industry hype. This work cuts through
the hype and provides a detailed look, from investigation to contract to
implementation to termination, at what it takes for an organization to
engage with cloud service providers. This book really lays out the
benefits and struggles with getting a company to an IaaS, PaaS, or SaaS
solution.”
—Kevin Davis, Ph.D., Solutions Architect
“Thomas, in his own distinct and erudite style, provides a comprehensive
and a definitive book on cloud computing. Just like his previous
masterpiece, Service-Oriented Architecture: Concepts, Technology, and
Design, this book is sure to engage CxOs, cloud architects, and the
developer community involved in delivering software assets on the
cloud. Thomas and his authoring team have taken great pains in
providing great clarity and detail in documenting cloud architectures,
cloud delivery models, cloud governance, and economics of cloud,
without forgetting to explain the core of cloud computing that revolves
around Internet architecture and virtualization. As a reviewer for this
outstanding book, I must admit I have learned quite a lot while reviewing
the material. A ‘must have’ book that should adorn everybody’s desk!”
—Vijay Srinivasan, Chief Architect – Technology, Cognizant
Technology Solutions
“This book provides comprehensive and descriptive vendor-neutral
coverage of cloud computing technology, from both technical and
business aspects. It provides a deep-down analysis of cloud architectures
and mechanisms that capture the real-world moving parts of cloud
platforms. Business aspects are elaborated on to give readers a broader
perspective on choosing and defining basic cloud computing business
models. Thomas Erl’s Cloud Computing: Concepts, Technology &
Architecture is an excellent source of knowledge of fundamental and indepth coverage of cloud computing.”
—Masykur Marhendra Sukmanegara, Communication Media &
Technology, Consulting Workforce Accenture
“The richness and depth of the topics discussed are incredibly
impressive. The depth and breadth of the subject matter are such that a
reader could become an expert in a short amount of time.”
—Jamie Ryan, Solutions Architect, Layer 7 Technologies
“Demystification, rationalization, and structuring of implementation
approaches have always been strong parts in each and every one of
Thomas Erl’s books. This book is no exception. It provides the definitive,
essential coverage of cloud computing and, most importantly, presents
this content in a very comprehensive manner. Best of all, this book
follows the conventions of the previous service technology series titles,
making it read like a natural extension of the library. I strongly believe
that this will be another bestseller from one of the top-selling IT authors
of the past decade.”
—Sergey Popov, Senior Enterprise Architect SOA/Security, Liberty
Global International
“A must-read for anyone involved in cloud design and decision making!
This insightful book provides in-depth, objective, vendor-neutral
coverage of cloud computing concepts, architecture models, and
technologies. It will prove very valuable to anyone who needs to gain a
solid understanding of how cloud environments work and how to design
and migrate solutions to clouds.”
—Gijs in ’t Veld, Chief Architect, Motion10
“A reference book covering a wide range of aspects related to cloud
providers and cloud consumers. If you would like to provide or consume
a cloud service and need to know how, this is your book. The book has a
clear structure to facilitate a good understanding of the various concepts
of cloud.”
—Roger Stoffers, Solution Architect
“Cloud computing has been around for a few years, yet there is still a lot
of confusion around the term and what it can bring to developers and
deployers alike. This book is a great way of finding out what’s behind the
cloud, and not in an abstract or high-level manner: It dives into all of the
details that you’d need to know in order to plan for developing
applications on cloud and what to look for when using applications or
services hosted on a cloud. There are very few books that manage to
capture this level of detail about the evolving cloud paradigm as this one
does. It’s a must for architects and developers alike.”
—Dr. Mark Little, Vice President, Red Hat
“This book provides a comprehensive exploration of the concepts and
mechanics behind clouds. It’s written for anyone interested in delving
into the details of how cloud environments function, how they are
architected, and how they can impact business. This is the book for any
organization seriously considering adopting cloud computing. It will
pave the way to establishing your cloud computing roadmap.”
—Damian Maschek, SOA Architect, Deutsche Bahn
“One of the best books on cloud computing I have ever read. It is
complete yet vendor technology neutral and successfully explains the
major concepts in a well-structured and disciplined way. It goes through
all the definitions and provides many hints for organizations or
professionals who are approaching and/or assessing cloud solutions. This
book gives a complete list of topics playing fundamental roles in the
cloud computing discipline. It goes through a full list of definitions very
clearly stated. Diagrams are simple to understand and self-contained.
Readers with different skill sets, expertise, and backgrounds will be able
to understand the concepts seamlessly.”
—Antonio Bruno, Infrastructure and Estate Manager, UBS AG
“Cloud Computing: Concepts, Technology & Architecture is a
comprehensive book that focuses on what cloud computing is really all
about…. This book will become the foundation on which many
organizations will build successful cloud adoption projects. It is a mustread reference for both IT infrastructure and application architects
interested in cloud computing or involved in cloud adoption projects. It
contains extremely useful and comprehensive information for those who
need to build cloud-based architectures or need to explain it to customers
thinking about adopting cloud computing technology in their
organization.”
—Johan Kumps, SOA Architect, RealDolmen
“This book defines the basic terminology and patterns for the topic—a
useful reference for the cloud practitioner. Concepts from multitenancy to
hypervisor are presented in a succinct and clear manner. The underlying
case studies provide wonderful real-worldness.”
—Dr. Thomas Rischbeck, Principal Architect, ipt
“The book provides a good foundation to cloud services and issues in
cloud service design. Chapters highlight key issues that need to be
considered in learning how to think in cloud technology terms; this is
highly important in today’s business and technology environments where
cloud computing plays a central role in connecting user services with
virtualized resources and applications.”
—Mark Skilton, Director, Office of Strategy and Technology, Global
Infrastructure Services, Capgemini
“The book is well organized and covers basic concepts, technologies, and
business models about cloud computing. It defines and explains a
comprehensive list of terminologies and glossaries about cloud
computing so cloud computing experts can speak and communicate with
the same set of standardized language. The book is easy to understand
and consistent with early published books from Thomas Erl…. It is a
must-read for both beginners and experienced professionals.”
—Jian “Jeff” Zhong, Chief Technology Officer (Acting) and Chief
Architect for SOA and Cloud Computing, Futrend Technology Inc.
“Students of the related specialties can fulfill their educational process
with very easily understood materials that are broadly illustrated and
clearly described. Professors of different disciplines, from business
analysis to IT implementation—even legal and financial monitoring—
can use the book as an on-table lecturing manual. IT specialists of all
ranks and fields of application will find the book as a practical and useful
support for sketching solutions unbound to any particular vendor or
brand.”
—Alexander Gromoff, Director of Science & Education, Center of
Information Control Technologies, Chairman of BPM Chair in
Business Informatics Department, National Research University
“Higher School of Economics”
“Cloud Computing: Concepts, Technology & Architecture is a
comprehensive compendium of all the relevant information about the
transformative cloud technology. Erl’s latest title concisely and clearly
illustrates the origins and positioning of the cloud paradigm as the nextgeneration computing model. All the chapters are carefully written and
arranged in an easy-to-understand manner. This book will be
immeasurably beneficial for business and IT professionals. It is set to
shake up and help organize the world of cloud computing.”
—Pethuru Raj, Ph.D., Enterprise Architecture Consultant, Wipro
“A cloud computing book that will stand out and survive the test of time,
even in one of the fastest evolving areas of technology. This book does a
great job breaking down the high level of complexity of cloud computing
into easy-to-understand pieces. It goes beyond the basic, often repeated,
explanations. It examines the fundamental concepts and the components,
as well as the mechanisms and architectures that make up cloud
computing environments. The approach gradually builds the reader’s
understanding from the ground up.
“In a rapidly evolving area like cloud computing, it’s easy to focus on
details and miss the big picture. The focus on concepts and architectural
models instead of vendor-specific details allows readers to quickly gain
essential knowledge of complex topics. The concepts come together in
the last part of the book, which should be required reading for any
decision maker evaluating when and how to start a transition to cloud
computing. Its thorough, comprehensive coverage of fundamentals and
advanced topics makes the book a valuable resource to keep on your desk
or your eBook reader, regardless if you’re new to the topic or you already
have cloud experience.
“I highly recommend the book to those looking to implement or evaluate
cloud environments, or simply looking to educate themselves in a field
that will shape IT over the next decade.”
—Christoph Schittko, Principal Technology Strategist & Cloud
Solution Director, Microsoft
“Cloud Computing: Concepts, Technology & Architecture is an excellent
resource for IT professionals and managers who want to learn and
understand cloud computing, and who need to select or build cloud
systems and solutions. It lays the foundation for cloud concepts, models,
technologies, and mechanisms. As the book is vendor-neutral, it will
remain valid for many years. We will recommend this book to Oracle
customers, partners, and users for their journey toward cloud computing.
This book has the potential to become the basis for a cloud computing
manifesto, comparable to what was accomplished with the SOA
manifesto.”
—Jürgen Kress, Fusion Middleware Partner Adoption, Oracle EMEA
To my family and friends
—Thomas Erl
To Zoya, Hanya, and Ozair with love
—Zaigham Mahmood
To Silvia, Luiza, Isadora, and Lucas
—Ricardo Puttini
Contents at a Glance
Foreword
Chapter 1: Introduction
Chapter 2: Case Study Background
Part I: Fundamental Cloud Computing
Chapter 3: Understanding Cloud Computing
Chapter 4: Fundamental Concepts and Models
Chapter 5: Cloud-Enabling Technology
Chapter 6: Fundamental Cloud Security
Part II: Cloud Computing Mechanisms
Chapter 7: Cloud Infrastructure Mechanisms
Chapter 8: Specialized Cloud Mechanisms
Chapter 9: Cloud Management Mechanisms
Chapter 10: Cloud Security Mechanisms
Part III: Cloud Computing Architecture
Chapter 11: Fundamental Cloud Architectures
Chapter 12: Advanced Cloud Architectures
Chapter 13: Specialized Cloud Architectures
Part IV: Working with Clouds
Chapter 14: Cloud Delivery Model Considerations
Chapter 15: Cost Metrics and Pricing Models
Chapter 16: Service Quality Metrics and SLAs
Part V: Appendices
Appendix A: Case Study Conclusions
Appendix B: Industry Standards Organizations
Appendix C: Mapping Mechanisms to Characteristics
Appendix D: Data Center Facilities (TIA-942)
Appendix E: Emerging Technologies
Appendix F: Cloud Provisioning Contracts
Appendix G: Cloud Business Case Template
About the Authors
About the Foreword Contributor
About the Contributors
Index
Contents
Foreword
Acknowledgments
Chapter 1: Introduction
1.1 Objectives of This Book
1.2 What This Book Does Not Cover
1.3 Who This Book Is For
1.4 How This Book Is Organized
Part I: Fundamental Cloud Computing
Chapter 3: Understanding Cloud Computing
Chapter 4: Fundamental Concepts and Models
Chapter 5: Cloud-Enabling Technology
Chapter 6: Fundamental Cloud Security
Part II: Cloud Computing Mechanisms
Chapter 7: Cloud Infrastructure Mechanisms
Chapter 8: Specialized Cloud Mechanisms
Chapter 9: Cloud Management Mechanisms
Chapter 10: Cloud Security Mechanisms
Part III: Cloud Computing Architecture
Chapter 11: Fundamental Cloud Architectures
Chapter 12: Advanced Cloud Architectures
Chapter 13: Specialized Cloud Architectures
Part IV: Working with Clouds
Chapter 14: Cloud Delivery Model Considerations
Chapter 15: Cost Metrics and Pricing Models
Chapter 16: Service Quality Metrics and SLAs
Part V: Appendices
Appendix A: Case Study Conclusions
Appendix B: Industry Standards Organizations
Appendix C: Mapping Mechanisms to Characteristics
Appendix D: Data Center Facilities (TIA-942)
Appendix E: Emerging Technologies
Appendix F: Cloud Provisioning Contracts
Appendix G: Cloud Business Case Template
1.5 Conventions
Symbols and Figures
Summary of Key Points
1.6 Additional Information
Updates, Errata, and Resources (www.servicetechbooks.com)
Referenced Specifications (www.servicetechspecs.com)
The Service Technology Magazine (www.servicetechmag.com)
International Service Technology Symposium
(www.servicetechsymposium.com)
What Is Cloud? (www.whatiscloud.com)
What Is REST? (www.whatisrest.com)
Cloud Computing Design Patterns (www.cloudpatterns.org)
Service-Orientation (www.serviceorientation.com)
CloudSchool.com™ Certified Cloud (CCP) Professional
(www.cloudschool.com)
SOASchool.com® SOA Certified (SOACP) Professional
(www.soaschool.com)
Notification Service
Chapter 2: Case Study Background
2.1 Case Study #1: ATN
Technical Infrastructure and Environment
Business Goals and New Strategy
Roadmap and Implementation Strategy
2.2 Case Study #2: DTGOV
Technical Infrastructure and Environment
Business Goals and New Strategy
Roadmap and Implementation Strategy
2.3 Case Study #3: Innovartus Technologies Inc.
Technical Infrastructure and Environment
Business Goals and Strategy
Roadmap and Implementation Strategy
Part I: Fundamental Cloud Computing
Chapter 3: Understanding Cloud Computing
3.1 Origins and Influences
A Brief History
Definitions
Business Drivers
Capacity Planning
Cost Reduction
Organizational Agility
Technology Innovations
Clustering
Grid Computing
Virtualization
Technology Innovations vs. Enabling Technologies
3.2 Basic Concepts and Terminology
Cloud
IT Resource
On-Premise
Cloud Consumers and Cloud Providers
Scaling
Horizontal Scaling
Vertical Scaling
Cloud Service
Cloud Service Consumer
3.3 Goals and Benefits
Reduced Investments and Proportional Costs
Increased Scalability
Increased Availability and Reliability
3.4 Risks and Challenges
Increased Security Vulnerabilities
Reduced Operational Governance Control
Limited Portability Between Cloud Providers
Multi-Regional Compliance and Legal Issues
Chapter 4: Fundamental Concepts and Models
4.1 Roles and Boundaries
Cloud Provider
Cloud Consumer
Cloud Service Owner
Cloud Resource Administrator
Additional Roles
Organizational Boundary
Trust Boundary
4.2 Cloud Characteristics
On-Demand Usage
Ubiquitous Access
Multitenancy (and Resource Pooling)
Elasticity
Measured Usage
Resiliency
4.3 Cloud Delivery Models
Infrastructure-as-a-Service (IaaS)
Platform-as-a-Service (PaaS)
Software-as-a-Service (SaaS)
Comparing Cloud Delivery Models
Combining Cloud Delivery Models
IaaS + PaaS
IaaS + PaaS + SaaS
4.4 Cloud Deployment Models
Public Clouds
Community Clouds
Private Clouds
Hybrid Clouds
Other Cloud Deployment Models
Chapter 5: Cloud-Enabling Technology
5.1 Broadband Networks and Internet Architecture
Internet Service Providers (ISPs)
Connectionless Packet Switching (Datagram Networks)
Router-Based Interconnectivity
Physical Network
Transport Layer Protocol
Application Layer Protocol
Technical and Business Considerations
Connectivity Issues
Network Bandwidth and Latency Issues
Cloud Carrier and Cloud Provider Selection
5.2 Data Center Technology
Virtualization
Standardization and Modularity
Automation
Remote Operation and Management
High Availability
Security-Aware Design, Operation, and Management
Facilities
Computing Hardware
Storage Hardware
Network Hardware
Carrier and External Networks Interconnection
Web-Tier Load Balancing and Acceleration
LAN Fabric
SAN Fabric
NAS Gateways
Other Considerations
5.3 Virtualization Technology
Hardware Independence
Server Consolidation
Resource Replication
Operating System-Based Virtualization
Hardware-Based Virtualization
Virtualization Management
Other Considerations
5.4 Web Technology
Basic Web Technology
Web Applications
5.5 Multitenant Technology
5.6 Service Technology
Web Services
REST Services
Service Agents
Service Middleware
5.7 Case Study Example
Chapter 6: Fundamental Cloud Security
6.1 Basic Terms and Concepts
Confidentiality
Integrity
Authenticity
Availability
Threat
Vulnerability
Risk
Security Controls
Security Mechanisms
Security Policies
6.2 Threat Agents
Anonymous Attacker
Malicious Service Agent
Trusted Attacker
Malicious Insider
6.3 Cloud Security Threats
Traffic Eavesdropping
Malicious Intermediary
Denial of Service
Insufficient Authorization
Virtualization Attack
Overlapping Trust Boundaries
6.4 Additional Considerations
Flawed Implementations
Security Policy Disparity
Contracts
Risk Management
6.5 Case Study Example
Part II: Cloud Computing Mechanisms
Chapter 7: Cloud Infrastructure Mechanisms
7.1 Logical Network Perimeter
Case Study Example
7.2 Virtual Server
Case Study Example
7.3 Cloud Storage Device
Cloud Storage Levels
Network Storage Interfaces
Object Storage Interfaces
Database Storage Interfaces
Relational Data Storage
Non-Relational Data Storage
Case Study Example
7.4 Cloud Usage Monitor
Monitoring Agent
Resource Agent
Polling Agent
Case Study Example
7.5 Resource Replication
Case Study Example
7.6 Ready-Made Environment
Case Study Example
Chapter 8: Specialized Cloud Mechanisms
8.1 Automated Scaling Listener
Case Study Example
8.2 Load Balancer
Case Study Example
8.3 SLA Monitor
Case Study Example
SLA Monitor Polling Agent
SLA Monitoring Agent
8.4 Pay-Per-Use Monitor
Case Study Example
8.5 Audit Monitor
Case Study Example
8.6 Failover System
Active-Active
Active-Passive
Case Study Example
8.7 Hypervisor
Case Study Example
8.8 Resource Cluster
Case Study Example
8.9 Multi-Device Broker
Case Study Example
8.10 State Management Database
Case Study Example
Chapter 9: Cloud Management Mechanisms
9.1 Remote Administration System
Case Study Example
9.2 Resource Management System
Case Study Example
9.3 SLA Management System
Case Study Example
9.4 Billing Management System
Case Study Example
Chapter 10: Cloud Security Mechanisms
10.1 Encryption
Symmetric Encryption
Asymmetric Encryption
Case Study Example
10.2 Hashing
Case Study Example
10.3 Digital Signature
Case Study Example
10.4 Public Key Infrastructure (PKI)
Case Study Example
10.5 Identity and Access Management (IAM)
Case Study Example
10.6 Single Sign-On (SSO)
Case Study Example
10.7 Cloud-Based Security Groups
Case Study Example
10.8 Hardened Virtual Server Images
Case Study Example
Part III: Cloud Computing Architecture
Chapter 11: Fundamental Cloud Architectures
11.1 Workload Distribution Architecture
11.2 Resource Pooling Architecture
11.3 Dynamic Scalability Architecture
11.4 Elastic Resource Capacity Architecture
11.5 Service Load Balancing Architecture
11.6 Cloud Bursting Architecture
11.7 Elastic Disk Provisioning Architecture
11.8 Redundant Storage Architecture
11.9 Case Study Example
Chapter 12: Advanced Cloud Architectures
12.1 Hypervisor Clustering Architecture
12.2 Load Balanced Virtual Server Instances Architecture
12.3 Non-Disruptive Service Relocation Architecture
12.4 Zero Downtime Architecture
12.5 Cloud Balancing Architecture
12.6 Resource Reservation Architecture
12.7 Dynamic Failure Detection and Recovery Architecture
12.8 Bare-Metal Provisioning Architecture
12.9 Rapid Provisioning Architecture
12.10 Storage Workload Management Architecture
12.11 Case Study Example
Chapter 13: Specialized Cloud Architectures
13.1 Direct I/O Access Architecture
13.2 Direct LUN Access Architecture
13.3 Dynamic Data Normalization Architecture
13.4 Elastic Network Capacity Architecture
13.5 Cross-Storage Device Vertical Tiering Architecture
13.6 Intra-Storage Device Vertical Data Tiering Architecture
13.7 Load Balanced Virtual Switches Architecture
13.8 Multipath Resource Access Architecture
13.9 Persistent Virtual Network Configuration Architecture
13.10 Redundant Physical Connection for Virtual Servers Architecture
13.11 Storage Maintenance Window Architecture
Part IV: Working with Clouds
Chapter 14: Cloud Delivery Model Considerations
14.1 Cloud Delivery Models: The Cloud Provider Perspective
Building IaaS Environments
Data Centers
Scalability and Reliability
Monitoring
Security
Equipping PaaS Environments
Scalability and Reliability
Monitoring
Security
Optimizing SaaS Environments
Security
14.2 Cloud Delivery Models: The Cloud Consumer Perspective
Working with IaaS Environments
IT Resource Provisioning Considerations
Working with PaaS Environments
IT Resource Provisioning Considerations
Working with SaaS Services
14.3 Case Study Example
Chapter 15: Cost Metrics and Pricing Models
15.1 Business Cost Metrics
Up-Front and On-Going Costs
Additional Costs
Case Study Example
Product Catalog Browser
On-Premise Up-Front Costs
On-Premise On-Going Costs
Cloud-Based Up-Front Costs
Cloud-Based On-Going Costs
Client Database
On-Premise Up-Front Costs
On-Premise On-Going Costs
Cloud-Based Up-Front Costs
Cloud-Based On-Going Costs
15.2 Cloud Usage Cost Metrics
Network Usage
Inbound Network Usage Metric
Outbound Network Usage Metric
Intra-Cloud WAN Usage Metric
Server Usage
On-Demand Virtual Machine Instance Allocation Metric
Reserved Virtual Machine Instance Allocation Metric
Cloud Storage Device Usage
On-Demand Storage Space Allocation Metric
I/O Data Transferred Metric
Cloud Service Usage
Application Subscription Duration Metric
Number of Nominated Users Metric
Number of Transactions Users Metric
15.3 Cost Management Considerations
Pricing Models
Additional Considerations
Case Study Example
Virtual Server On-Demand Instance Allocation
Virtual Server Reserved Instance Allocation
Cloud Storage Device
WAN Traffic
Chapter 16: Service Quality Metrics and SLAs
16.1 Service Quality Metrics
Service Availability Metrics
Availability Rate Metric
Outage Duration Metric
Service Reliability Metrics
Mean-Time Between Failures (MTBF) Metric
Reliability Rate Metric
Service Performance Metrics
Network Capacity Metric
Storage Device Capacity Metric
Server Capacity Metric
Web Application Capacity Metric
Instance Starting Time Metric
Response Time Metric
Completion Time Metric
Service Scalability Metrics
Storage Scalability (Horizontal) Metric
Server Scalability (Horizontal) Metric
Server Scalability (Vertical) Metric
Service Resiliency Metrics
Mean-Time to Switchover (MTSO) Metric
Mean-Time System Recovery (MTSR) Metric
16.2 Case Study Example
16.3 SLA Guidelines
16.4 Case Study Example
Scope and Applicability
Service Quality Guarantees
Definitions
Usage of Financial Credits
SLA Exclusions
Part V: Appendices
Appendix A: Case Study Conclusions
A.1 ATN
A.2 DTGOV
A.3 Innovartus
Appendix B: Industry Standards Organizations
B.1 National Institute of Standards and Technology (NIST)
B.2 Cloud Security Alliance (CSA)
B.3 Distributed Management Task Force (DMTF)
B.4 Storage Networking Industry Association (SNIA)
B.5 Organization for the Advancement of Structured Information
Standards (OASIS)
B.6 The Open Group
B.7 Open Cloud Consortium (OCC)
B.8 European Telecommunications Standards Institute (ETSI)
B.9 Telecommunications Industry Association (TIA)
B.10 Liberty Alliance
B.11 Open Grid Forum (OGF)
Appendix C: Mapping Mechanisms to Characteristics
Appendix D: Data Center Facilities (TIA-942)
D.1 Primary Rooms
Electrical Room
Mechanical Room
Storage and Staging
Offices, Operations Center, and Support
Telecommunications Entrance
Computer Room
D.2 Environmental Controls
External Electrical Power Provider Interconnection
Power Distribution
Uninterruptible Power Source (UPS)
Power Engine-Generator
D.3 Infrastructure Redundancy Summary
Appendix E: Emerging Technologies
E.1 Autonomic Computing
E.2 Grid Computing
Service Grids
Appendix F: Cloud Provisioning Contracts
F.1 Cloud Provisioning Contract Structure
Terms of Service
Service Usage Policy
Security and Privacy Policy
Warranties and Liabilities
Rights and Responsibilities
Termination and Renewal
Specifications and SLAs
Pricing and Billing
Other Issues
Legal and Compliance Issues
Auditability and Accountability
Changes in the Contract Terms and Conditions
F.2 Cloud Provider Selection Guidelines
Cloud Provider Viability
Appendix G: Cloud Business Case Template
G.1 Business Case Identification
G.2 Business Needs
G.3 Target Cloud Environment
G.4 Technical Issues
G.5 Economic Factors
About the Authors
Thomas Erl
Zaigham Mahmood
Ricardo Puttini
About the Foreword Contributor
Pamela J. Wise-Martinez, MSc
About the Contributors
Gustavo Azzolin, BSc, MSc
Amin Naserpour
Vinícius Pacheco, MSc
Matthias Ziegler
Index
Foreword by Pamela J. Wise-Martinez
The idea of cloud computing isn’t new, or overly complicated from a technology
resources and internetworking perspective. What’s new is the growth and
maturity of cloud computing methods, and strategies that enable the goals of
business agility.
Looking back, the phrase “utility computing” didn’t captivate or create the stir in
the information industry as the term “cloud computing” has in recent years.
Nevertheless, appreciation of readily available resources has arrived and the
utilitarian or servicing features are what are at the heart of outsourcing the access
of information technology resources and services. In this light, cloud computing
represents a flexible, cost-effective, and proven delivery platform for business
and consumer information services over the Internet. Cloud computing has
become an industry game changer as businesses and information technology
leaders realize the potential in combining and sharing computing resources as
opposed to building and maintaining them.
There’s seemingly no shortage of views regarding the benefits of cloud
computing nor is there a shortage of vendors willing to offer services in either
open source or promising commercial solutions. Beyond the hype, there are
many aspects of the cloud that have earned new consideration due to their
increased service capability and potential efficiencies. The ability to demonstrate
transforming results in cloud computing to resolve traditional business problems
using information technology management best practices now exists. In the case
of economic impacts, the principle of pay-as-you-go and computer agnostic
services are concepts ready for prime time. We can measure performance as well
as calculate the economic and environmental effects of cloud computing today.
The architectural change from client-server to service orientation led to an
evolution of composable and reusable code; though the practice had been around
for many years, it is now the de facto approach used to lower cost and identify
best practices and patterns for increasing business agility. This has advanced the
computer software industry’s design methods, components, and engineering.
Comparatively, the wide acceptance and adoption of cloud computing is
revolutionizing information and technology resource management. We now have
the ability to outsource hardware and software capabilities on a large-scale to
fulfill end-to-end business automation requirements. Marks and Lozano
understood this emergence and the need for better software design: “…we now
have the ability to collect, transport, process, store, and access data nearly
anywhere in nearly arbitrary volume.” The limitations depend largely on how
“cloudy” or cloud-aware the service/component is, and hence the need for better
software architecture. (Eric A. Marks and Roberto Lozano [Executive Guide to
Cloud Computing]).
The reusable evolution through service architecture reinforces a focus on
business objectives as opposed to the number of computing platforms to support.
As a viable resource management alternative, cloud computing is fundamentally
changing the way we think about computing solutions in retail, education, and
public sectors. The use of cloud computing architecture and standards are
driving unique ways in which computing solutions are delivered, as well as
platform diversity to meet bottom-line business objectives.
Thomas Erl’s body of work on service technology guided the technology
industry through eloquent illustrations and literature over the past decade.
Thomas’ brilliant efforts on principles, concepts, patterns, and expressions gave
the information technology community an evolved software architecture
approach that now forms a foundation for cloud computing goals to be
successfully fulfilled in practice. This is a key assertion, as cloud computing is
no longer a far-reaching concept of the future, but rather a dominant information
technology service option and resource delivery presence.
Thomas’ Cloud Computing: Concepts, Technology & Architecture takes the
industry beyond the definitions of cloud computing and juxtaposes
virtualization, grid, and sustainment strategies as contrasted in day to day
operations. Thomas and his team of authors take the reader from beginning to
end with the essential elements of cloud computing, its history, innovation, and
demand. Through case studies and architectural models they articulate service
requirements, infrastructure, security, and outsourcing of salient computing
resources.
Thomas again enlightens the industry with poignant analysis and reliable
architecture-driven practices and principles. No matter the level of interest or
experience, the reader will find clear value in this in-depth, vendor-neutral study
of cloud computing.
Pamela J. Wise-Martinez,
Inventor and Chief Architect
Department of Energy, National Nuclear Security Administration
(Disclaimer: The views expressed are the personal views of the author and are
not intended to reflect either the views of the U.S. Government, the U.S.
Department of Energy, or the National Nuclear Security Administration.)
Acknowledgments
In alphabetical order by last name:
• Ahmed Aamer, AlFaisaliah Group
• Randy Adkins, Modus21
• Melanie Allison, Integrated Consulting Services
• Gabriela Inacio Alves, University of Brasilia
• Marcelo Ancelmo, IBM Rational Software Services
• Kapil Bakshi, Cisco Systems
• Toufic Boubez, Metafor Software
• Antonio Bruno, UBS AG
• Dr. Paul Buhler, Modus21
• Pethuru Raj Cheliah, Wipro
• Kevin Davis, Ph.D.
• Suzanne D’Souza, KBACE Technologies
• Alexander Gromoff, Center of Information Control Technologies
• Chris Haddad, WSO2
• Richard Hill, University of Derby
• Michaela Iorga, Ph.D.
• Johan Kumps, RealDolmen
• Gijs in ’t Veld, Motion10
• Masykur Marhendra, Consulting Workforce Accenture
• Damian Maschek, Deutshe Bahn
• Claynor Mazzarolo, IBTI
• Steve Millidge, C2B2
• Jorge Minguez, Thales Deutschland
• Scott Morrison, Layer 7
• Amin Naserpour, HP
• Vicente Navarro, European Space Agency
• Laura Olson, IBM WebSphere
• Tony Pallas, Intel
• Cesare Pautasso, University of Lugano
• Sergey Popov, Liberty Global International
• Olivier Poupeney, Dreamface Interactive
• Alex Rankov, EMC
• Dan Rosanova, West Monroe Partners
• Jaime Ryan, Layer 7
• Filippos Santas, Credit Suisse
• Christoph Schittko, Microsoft
• Guido Schmutz, Trivadis
• Mark Skilton, Capgemini
• Gary Smith, CloudComputingArchitect.com
• Vijay Srinivasan, Cognizant
• Daniel Starcevich, Raytheon
• Roger Stoffers, HP
• Andre Toffanello, IBTI
• Andre Tost, IBM Software Group
• Bernd Trops, talend
• Clemens Utschig, Boehringer Ingelheim Pharma
• Ignaz Wanders, Archimiddle
• Philip Wik, Redflex
• Jorge Williams, Rackspace
• Dr. Johannes Maria Zaha
• Jeff Zhong, Futrend Technologies
Special thanks to the CloudSchool.com research and development team that
produced the CCP course modules upon which this book is based.
Chapter 1. Introduction
1.1 Objectives of This Book
1.2 What This Book Does Not Cover
1.3 Who This Book Is For
1.4 How This Book Is Organized
1.5 Conventions
1.6 Additional Information
The past couple of decades saw the business-centric concept of outsourcing
services and the technology-centric notion of utility computing evolve along
relatively parallel streams. When they finally met to form a technology
landscape with a compelling business case and seismic impacts on the IT
industry as a whole, it became evident that what resultantly was termed and
branded as “cloud computing” was more than just another IT trend. It had
become an opportunity to further align and advance the goals of the business
with the capabilities of technology.
Those who understand this opportunity can seize it to leverage proven and
mature components of cloud platforms to not only fulfill existing strategic
business goals, but to even inspire businesses to set new objectives and
directions based on the extent to which cloud-driven innovation can further help
optimize business operations.
The first step to succeeding is education. Cloud computing adoption is not
trivial. The cloud computing marketplace is unregulated. And, not all products
and technologies branded with “cloud” are, in fact, sufficiently mature to realize
or even supportive of realizing actual cloud computing benefits. To add to the
confusion, there are different definitions and interpretations of cloud-based
models and frameworks floating around IT literature and the IT media space,
which leads to different IT professionals acquiring different types of cloud
computing expertise.
And then, of course, there is the fact that cloud computing is, at its essence, a
form of service provisioning. As with any type of service we intend to hire or
outsource (IT-related or otherwise), it is commonly understood that we will be
confronted with a marketplace comprised of service providers of varying quality
and reliability. Some may offer attractive rates and terms, but may have
unproven business histories or highly proprietary environments. Others may
have a solid business background, but may demand higher rates and less flexible
terms. Others yet, may simply be insincere or temporary business ventures that
unexpectedly disappear or are acquired within a short period of time.
Back to the importance of getting educated. There is no greater danger to a
business than approaching cloud computing adoption with ignorance. The
magnitude of a failed adoption effort not only correspondingly impacts IT
departments, but can actually regress a business to a point where it finds itself
steps behind from where it was prior to the adoption—and, perhaps, even more
steps behind competitors that have been successful at achieving their goals in the
meantime.
Cloud computing has much to offer but its roadmap is riddled with pitfalls,
ambiguities, and mistruths. The best way to navigate this landscape is to chart
each part of the journey by making educated decisions about how and to what
extent your project should proceed. The scope of an adoption is equally
important to its approach, and both of these aspects need to be determined by
business requirements. Not by a product vendor, not by a cloud vendor, and not
by self-proclaimed cloud experts. Your organization’s business goals must be
fulfilled in a concrete and measurable manner with each completed phase of the
adoption. This validates your scope, your approach, and the overall direction of
the project. In other words, it keeps your project aligned.
Gaining a vendor-neutral understanding of cloud computing from an industry
perspective empowers you with the clarity necessary to determine what is
factually cloud-related and what is not, as well as what is relevant to your
business requirements and what is not. With this information you can establish
criteria that will allow you to filter out the parts of the cloud computing product
and service provider marketplaces to focus on what has the most potential to
help you and your business to succeed. We developed this book to assist you
with this goal.
—Thomas Erl
1.1. Objectives of This Book
This book is the result of more than two years of research and analysis of the
commercial cloud computing industry, cloud computing vendor platforms, and
further innovation and contributions made by cloud computing industry
standards organizations and practitioners. The purpose of this book is to break
down proven and mature cloud computing technologies and practices into a
series of well-defined concepts, models, and technology mechanisms and
architectures. The resulting chapters establish concrete, academic coverage of
fundamental aspects of cloud computing concepts and technologies. The range
of topics covered is documented using vendor-neutral terms and descriptions,
carefully defined to ensure full alignment with the cloud computing industry as a
whole.
1.2. What This Book Does Not Cover
Due to the vendor-neutral basis of this book, it does not contain any significant
coverage of cloud computing vendor products, services, or technologies. This
book is complementary to other titles that provide product-specific coverage and
to vendor product literature itself. If you are new to the commercial cloud
computing landscape, you are encouraged to use this book as a starting point
before proceeding to books and courses that are proprietary to vendor product
lines.
1.3. Who This Book Is For
This book is aimed at the following target audience:
• IT practitioners and professionals who require vendor-neutral coverage of
cloud computing technologies, concepts, mechanisms, and models
• IT managers and decision makers who seek clarity regarding the business
and technological implications of cloud computing
• professors and students and educational institutions that require wellresearched and well-defined academic coverage of fundamental cloud
computing topics
• business managers who need to assess the potential economic gains and
viability of adopting cloud computing resources
• technology architects and developers who want to understand the different
moving parts that comprise contemporary cloud platforms
1.4. How This Book Is Organized
The book begins with Chapters 1 and 2 providing introductory content and
background information for the case studies. All subsequent chapters are
organized into the following parts:
• Part I: Fundamental Cloud Computing
• Part II: Cloud Computing Mechanisms
• Part III: Cloud Computing Architecture
• Part IV: Working with Clouds
• Part V: Appendices
Part I: Fundamental Cloud Computing
The four chapters in this part cover introductory topics in preparation for all
subsequent chapters. Note that Chapters 3 and 4 do not contain case study
content.
Chapter 3: Understanding Cloud Computing
Following a brief history of cloud computing and a discussion of business
drivers and technology innovations, basic terminology and concepts are
introduced, along with descriptions of common benefits and challenges of cloud
computing adoption.
Chapter 4: Fundamental Concepts and Models
Cloud delivery and cloud deployment models are discussed in detail, following
sections that establish common cloud characteristics and roles and boundaries.
Chapter 5: Cloud-Enabling Technology
Contemporary technologies that realize modern-day cloud computing platforms
and innovations are discussed, including data centers, virtualization, and Web-
based technologies.
Chapter 6: Fundamental Cloud Security
Security topics and concepts relevant and distinct to cloud computing are
introduced, including descriptions of common cloud security threats and attacks.
Part II: Cloud Computing Mechanisms
Technology mechanisms represent well-defined IT artifacts that are established
within an IT industry and commonly distinct to a certain computing model or
platform. The technology-centric nature of cloud computing requires the
establishment of a formal level of mechanisms to be able to explore how
solutions can be assembled via different combinations of mechanism
implementations.
This part formally documents 20 technology mechanisms that are used within
cloud environments to enable generic and specialized forms of functionality.
Each mechanism description is accompanied by a case study example that
demonstrates its usage. The utilization of the mechanisms is further explored
throughout the technology architectures covered in Part III.
Chapter 7: Cloud Infrastructure Mechanisms
Technology mechanisms foundational to cloud platforms are covered, including
Logical Network Perimeter, Virtual Server, Cloud Storage Device, Cloud Usage
Monitor, Resource Replication, and Ready-Made Environment.
Chapter 8: Specialized Cloud Mechanisms
A range of specialized technology mechanisms is described, including
Automated Scaling Listener, Load Balancer, SLA Monitor, Pay-Per-Use
Monitor, Audit Monitor, Failover System, Hypervisor, Resource Cluster, MultiDevice Broker, and State Management Database.
Chapter 9: Cloud Management Mechanisms
Mechanisms that enable the hands-on administration and management of cloudbased IT resources are explained, including Remote Administration System,
Resource Management System, SLA Management System, and Billing
Management System.
Chapter 10: Cloud Security Mechanisms
Security mechanisms that can be used to counter and prevent the threats
described in Chapter 6 are covered, including Encryption, Hashing, Digital
Signatures, Public Key Infrastructures (PKI), Identity and Access Management
(IAM) Systems, Single Sign-On (SSO), Cloud-Based Security Groups, and
Hardened Virtual Server Images.
Part III: Cloud Computing Architecture
Technology architecture within the realm of cloud computing introduces
requirements and considerations that manifest themselves in broadly scoped
architectural layers and numerous distinct architectural models.
This set of chapters builds upon the coverage of cloud computing mechanisms
from Part II by formally documenting 29 cloud-based technology architectures
and scenarios in which different combinations of the mechanisms are
documented in relation to fundamental, advanced, and specialized cloud
architectures.
Chapter 11: Fundamental Cloud Architectures
Fundamental cloud architectural models establish baseline functions and
capabilities. The architectures covered in this chapter are Workload Distribution,
Resource Pooling, Dynamic Scalability, Elastic Resource Capacity, Service Load
Balancing, Cloud Bursting, Elastic Disk Provisioning, and Redundant Storage.
Chapter 12: Advanced Cloud Architectures
Advanced cloud architectural models establish sophisticated and complex
environments, several of which directly build upon fundamental models. The
architectures covered in this chapter are Hypervisor Clustering, Load Balanced
Virtual Server Instances, Non-Disruptive Service Relocation, Zero Downtime,
Cloud Balancing, Resource Reservation, Dynamic Failure Detection and
Recovery, Bare-Metal Provisioning, Rapid Provisioning, and Storage Workload
Management.
Chapter 13: Specialized Cloud Architectures
Specialized cloud architectural models address distinct functional areas. The
architectures covered in this chapter are Direct I/O Access, Direct LUN Access,
Dynamic Data Normalization, Elastic Network Capacity, Cross-Storage Device
Vertical Tiering, Intra-Storage Device Vertical Data Tiering, Load-Balanced
Virtual Switches, Multipath Resource Access, Persistent Virtual Network
Configuration, Redundant Physical Connection for Virtual Servers, and Storage
Maintenance Window. Note that this chapter does not contain a case study
example.
Part IV: Working with Clouds
Cloud computing technologies and environments can be adopted to varying
extents. An organization can migrate select IT resources to a cloud, while
keeping all other IT resources on-premise—or it can form significant
dependencies on a cloud platform by migrating larger amounts of IT resources or
even using the cloud environment to create them.
For any organization, it is important to assess a potential adoption from a
practical and business-centric perspective in order to pinpoint the most common
factors that pertain to financial investments, business impact, and various legal
considerations. This set of chapters explores these and other topics related to the
real-world considerations of working with cloud-based environments.
Chapter 14: Cloud Delivery Model Considerations
Cloud environments need to be built and evolved by cloud providers in response
to cloud consumer requirements. Cloud consumers can use clouds to create or
migrate IT resources to, subsequent to their assuming administrative
responsibilities. This chapter provides a technical understanding of cloud
delivery models from both the provider and consumer perspectives, each of
which offers revealing insights into the inner workings and architectural layers
of cloud environments.
Chapter 15: Cost Metrics and Pricing Models
Cost metrics for network, server, storage, and software usage are described,
along with various formulas for calculating integration and ownership costs
related to cloud environments. The chapter concludes with a discussion of cost
management topics as they relate to common business terms used by cloud
provider vendors.
Chapter 16: Service Quality Metrics and SLAs
Service level agreements establish the guarantees and usage terms for cloud
services and are often determined by the business terms agreed upon by cloud
consumers and cloud providers. This chapter provides detailed insight into how
cloud provider guarantees are expressed and structured via SLAs, along with
metrics and formulas for calculating common SLA values, such as availability,
reliability, performance, scalability, and resiliency.
Part V: Appendices
Appendix A: Case Study Conclusions
The individual storylines of the case studies are concluded and the results of
each organization’s cloud computing adoption efforts are summarized.
Appendix B: Industry Standards Organizations
This appendix describes industry standards organizations and efforts in support
of the cloud computing industry.
Appendix C: Mapping Mechanisms to Characteristics
A table is provided, mapping cloud characteristics to the cloud computing
mechanisms that can help realize the characteristics.
Appendix D: Data Center Facilities (TIA-942)
A brief overview and breakdown of common data center facilities in reference to
the TIA-942 Telecommunications Infrastructure Standard for Data Centers.
Appendix E: Emerging Technologies
Autonomic computing and grid technology are briefly discussed as two primary
technologies anticipated to influence cloud computing.
Appendix F: Cloud Provisioning Contracts
The actual agreements signed between cloud provider vendors and cloud
consumer organizations are distinct legal contracts that encompass a range of
specific terms and considerations. This appendix highlights the typical parts of a
cloud provisioning contract, and provides further guidelines.
Appendix G: Cloud Business Case Template
This appendix provides a checklist of items that can be used as a starting point
for assembling a business case for the adoption of cloud computing.
1.5. Conventions
Symbols and Figures
This book contains a series of diagrams that are referred to as figures. The
primary symbols used throughout the figures are individually described in the
symbol legend located on the inside of the book cover. Full-color, highresolution versions of all figures in this book can be viewed and downloaded at
www.servicetechbooks.com and www.informit.com/title/9780133387520.
Summary of Key Points
For quick reference purposes, each of the sections within Chapters 3 through 6 in
Part I, “Fundamental Cloud Computing,” concludes with a Summary of Key
Points sub-section that concisely highlights the primary statements made within
the section, in bullet list format.
1.6. Additional Information
These sections provide supplementary information and resources for the Prentice
Hall Service Technology Series from Thomas Erl.
Updates, Errata, and Resources (www.servicetechbooks.com)
Information about other series titles and various supporting resources can be
found at the official book series Web site: www.servicetechbooks.com. You are
encouraged to visit this site regularly to check for content changes and
corrections.
Referenced Specifications (www.servicetechspecs.com)
This site provides a central portal to the original specification documents created
and maintained by primary standards organizations, with a section dedicated
exclusively to cloud computing industry standards.
The Service Technology Magazine (www.servicetechmag.com)
The Service Technology Magazine is a monthly publication provided by Arcitura
Education Inc. and Prentice Hall and is officially associated with the Prentice
Hall Service Technology Series from Thomas Erl. The Service Technology
Magazine is dedicated to publishing specialized articles, case studies, and papers
by industry experts and professionals.
International Service Technology Symposium
(www.servicetechsymposium.com)
This site is dedicated to the International Service Technology Symposium
conference series. These events are held throughout the world and frequently
feature authors from the Prentice Hall Service Technology Series from Thomas
Erl.
What Is Cloud? (www.whatiscloud.com)
A quick reference site comprised of excerpts from this book to provide coverage
of fundamental cloud computing topics.
What Is REST? (www.whatisrest.com)
This Web site provides a concise overview of REST architecture and constraints.
REST services are referenced in Chapter 5 of this book as one of the possible
implementation mediums for cloud services.
Cloud Computing Design Patterns (www.cloudpatterns.org)
The cloud computing design patterns master catalog is published on this site.
The mechanisms described in this book are referenced as implementation
options for various design patterns that represent established practices and
technology feature-sets.
Service-Orientation (www.serviceorientation.com)
This site provide papers, book excerpts, and various content dedicated to
describing and defining the service-orientation paradigm, associated principles,
and the service-oriented technology architectural model.
CloudSchool.com™ Certified Cloud (CCP) Professional
(www.cloudschool.com)
The official site for the Cloud Certified Professional (CCP) curriculum dedicated
to specialized areas of cloud computing, including technology, architecture,
governance, security, capacity, virtualization, and storage.
SOASchool.com® SOA Certified (SOACP) Professional
(www.soaschool.com)
The official site for the SOA Certified Professional (SOACP) curriculum
dedicated to specialized areas of service-oriented architecture and serviceorientation, including analysis, architecture, governance, security, development,
and quality assurance.
Notification Service
To be automatically notified of new book releases in this series, new
supplementary content for this title, or key changes to the aforementioned
resource sites, use the notification form at www.servicetechbooks.com or send a
blank e-mail to notify@arcitura.com.
Chapter 2. Case Study Background
2.1 Case Study #1: ATN
2.2 Case Study #2: DTGOV
2.3 Case Study #3: Innovartus Technologies Inc.
Case study examples provide scenarios in which organizations assess, use, and
manage cloud computing models and technologies. Three organizations from
different industries are presented for analysis in this book, each of which has
distinctive business, technological, and architectural objectives that are
introduced in this chapter.
The organizations presented for case study are:
• Advanced Telecom Networks (ATN) – a global company that supplies
network equipment to the telecommunications industry
• DTGOV – a public organization that specializes in IT infrastructure and
technology services for public sector organizations
• Innovartus Technologies Inc. – a medium-sized company that develops
virtual toys and educational entertainment products for children
Most chapters after Part I include one or more Case Study Example sections. A
conclusion to the storylines is provided in Appendix A.
2.1. Case Study #1: ATN
ATN is a company that provides network equipment to telecommunications
industries across the globe. Over the years, ATN has grown considerably and
their product portfolio has expanded to accommodate several acquisitions,
including companies that specialize in infrastructure components for Internet,
GSM, and cellular providers. ATN is now a leading supplier of a diverse range
of telecommunications infrastructure.
In recent years, market pressure has been increasing. ATN has begun looking for
ways to increase its competitiveness and efficiency by taking advantage of new
technologies, especially those that can assist in cost reduction.
Technical Infrastructure and Environment
ATN’s various acquisitions have resulted in a highly complex and heterogeneous
IT landscape. A cohesive consolidation program was not applied to the IT
environment after each acquisition round, resulting in similar applications
running concurrently and an increase in maintenance costs. In 2010, ATN
merged with a major European telecommunications supplier, adding another
applications portfolio to its inventory. The IT complexity snowballed into a
serious obstruction and became a source of critical concern to ATN’s board of
directors.
Business Goals and New Strategy
ATN management decided to pursue a consolidation initiative and outsource
applications maintenance and operations overseas. This lowered costs but
unfortunately did not address their overall operational inefficiency. Applications
still had overlapping functions that could not be easily consolidated. It
eventually became apparent that outsourcing was insufficient as consolidation
became a possibility only if the architecture of the entire IT landscape changed.
As a result, ATN decided to explore the potential of adopting cloud computing.
However, subsequent to their initial inquiries they became overwhelmed by the
plenitude of cloud providers and cloud-based products.
Roadmap and Implementation Strategy
ATN is unsure of how to choose the right set of cloud computing technologies
and vendors—many solutions appear to still be immature and new cloud-based
offerings continue to emerge in the market.
A preliminary cloud computing adoption roadmap is discussed to address a
number of key points:
• IT Strategy – The adoption of cloud computing needs to promote
optimization of the current IT framework, and produce both lower shortterm investments and consistent long-term cost reduction.
• Business Benefits – ATN needs to evaluate which of the current
applications and IT infrastructure can leverage cloud computing
technology to achieve the desired optimization and cost reductions.
Additional cloud computing benefits such as greater business agility,
scalability, and reliability need to be realized to promote business value.
• Technology Considerations – Criteria need to be established to help choose
the most appropriate cloud delivery and deployment models and cloud
vendors and products.
• Cloud Security – The risks associated with migrating applications and data
to the cloud must be determined.
ATN fears that they might lose control over their applications and data if
entrusted to cloud providers, leading to incompliance with internal policies and
telecom market regulations. They also wonder how their existing legacy
applications would be integrated into the new cloud-based domain.
To define a succinct plan of action, ATN hires an independent IT consulting
company called CloudEnhance, who are well recognized for their technology
architecture expertise in the transition and integration of cloud computing IT
resources. CloudEnhance consultants begin by suggesting an appraisal process
comprised of five steps:
1. A brief evaluation of existing applications to measures factors, such as
complexity, business-criticality, usage frequency, and number of active
users. The identified factors are then placed in a hierarchy of priority to
help determine the most suitable candidate applications for migration to a
cloud environment.
2. A more detailed evaluation of each selected application using a proprietary
assessment tool.
3. The development of a target application architecture that exhibits the
interaction between cloud-based applications, their integration with ATN’s
existing infrastructure and legacy systems, and their development and
deployment processes.
4. The authoring of a preliminary business case that documents projected
cost savings based on performance indicators, such as cost of cloud
readiness, effort for application transformation and interaction, ease of
migration and implementation, and various potential long-term benefits.
5. The development of a detailed project plan for a pilot application.
ATN proceeds with the process and resultantly builds its first prototype by
focusing on an application that automates a low-risk business area. During this
project ATN ports several of the business area’s smaller applications that were
running on different technologies over to a PaaS platform. Based on positive
results and feedback received for the prototype project, ATN decides to embark
on a strategic initiative to garner similar benefits for other areas of the company.
2.2. Case Study #2: DTGOV
DTGOV is a public company that was created in the early 1980s by the Ministry
of Social Security. The decentralization of the ministry’s IT operations to a
public company under private law gave DTGOV an autonomous management
structure with significant flexibility to govern and evolve its IT enterprise.
At the time of its creation, DTGOV had approximately 1,000 employees,
operational branches in 60 localities nation-wide, and operated two mainframebased data centers. Over time, DTGOV has expanded to more than 3,000
employees and branch offices in more than 300 localities, with three data centers
running both mainframe and low-level platform environments. Its main services
are related to processing social security benefits across the country.
DTGOV has enlarged its customer portfolio in the last two decades. It now
serves other public-sector organizations and provides basic IT infrastructure and
services, such as server hosting and server colocation. Some of its customers
have also outsourced the operation, maintenance, and development of
applications to DTGOV.
DTGOV has sizable customer contracts that encompass various IT resources and
services. However, these contracts, services, and associated service levels are not
standardized—negotiated service provisioning conditions are typically
customized for each customer individually. DTGOV’s operations are resultantly
becoming increasingly complex and difficult to manage, which has led to
inefficiencies and inflated costs.
The DTGOV board realized, some time ago, that the overall company structure
could be improved by standardizing its services portfolio, which implies the
reengineering of both IT operational and management models. This process has
started with the standardization of the hardware platform through the creation of
a clearly defined technological lifecycle, a consolidated procurement policy, and
the establishment of new acquisition practices.
Technical Infrastructure and Environment
DTGOV operates three data centers: one is exclusively dedicated to low-level
platform servers while the other two have both mainframe and low-level
platforms. The mainframe systems are reserved for the Ministry of Social
Security and therefore not available for outsourcing.
The data center infrastructure occupies approximately 20,000 square feet of
computer room space and hosts more than 100,000 servers with different
hardware configurations. The total storage capacity is approximately 10,000
terabytes. DTGOV’s network has redundant high-speed data links connecting the
data centers in a full mesh topology. Their Internet connectivity is considered to
be provider-independent since their network interconnects all of the major
national telecom carriers.
Server consolidation and virtualization projects have been in place for five years,
considerably decreasing the diversity of hardware platforms. As a result,
systematic tracking of the investments and operational costs related to the
hardware platform has revealed significant improvement. However, there is still
remarkable diversity in their software platforms and configurations due to
customer service customization requirements.
Business Goals and New Strategy
A chief strategic objective of the standardization of DTGOV’s service portfolio
is to achieve increased levels of cost effectiveness and operational optimization.
An internal executive-level commission was established to define the directions,
goals, and strategic roadmap for this initiative. The commission has identified
cloud computing as a guidance option and an opportunity for further
diversification and improvement of services and customer portfolios.
The roadmap addresses the following key points:
• Business Benefits – Concrete business benefits associated with the
standardization of service portfolios under the umbrella of cloud
computing delivery models need to be defined. For example, how can the
optimization of IT infrastructure and operational models result in direct
and measurable cost reductions?
• Service Portfolio – Which services should become cloud-based, and which
customers should they be extended to?
• Technical Challenges – The limitations of the current technology
infrastructure in relation to the runtime processing requirements of cloud
computing models must be understood and documented. Existing
infrastructure must be leveraged to whatever extent possible to optimize
up-front costs assumed by the development of the cloud-based service
offerings.
• Pricing and SLAs – An appropriate contract, pricing, and service quality
strategy needs to be defined. Suitable pricing and service-level agreements
(SLAs) must be determined to support the initiative.
One outstanding concern relates to changes to the current format of contracts and
how they may impact business. Many customers may not want to—or may not
be prepared to—adopt cloud contracting and service delivery models. This
becomes even more critical when considering the fact that 90% of DTGOV’s
current customer portfolio is comprised of public organizations that typically do
not have the autonomy or the agility to switch operating methods on such short
notice. Therefore, the migration process is expected to be long term, which may
become risky if the roadmap is not properly and clearly defined. A further
outstanding issue pertains to IT contract regulations in the public sector—
existing regulations may become irrelevant or unclear when applied to cloud
technologies.
Roadmap and Implementation Strategy
Several assessment activities were initiated to address the aforementioned issues.
The first was a survey of existing customers to probe their level of
understanding, on-going initiatives, and plans regarding cloud computing. Most
of the respondents were aware of and knowledgeable about cloud computing
trends, which was considered a positive finding.
An investigation of the service portfolio revealed clearly identified infrastructure
services relating to hosting and colocation. Technical expertise and infrastructure
were also evaluated, determining that data center operation and management are
key areas of expertise of DTGOV IT staff.
With these findings, the commission decided to:
1. choose IaaS as the target delivery platform to start the cloud computing
provisioning initiative
2. hire a consulting firm with sufficient cloud provider expertise and
experience to correctly identify and rectify any business and technical
issues that may afflict the initiative
3. deploy new hardware resources with a uniform platform into two different
data centers, aiming to establish a new, reliable environment to use for the
provisioning of initial IaaS-hosted services
4. identify three customers that plan to acquire cloud-based services in order
to establish pilot projects and define contractual conditions, pricing, and
service-level policies and models
5. evaluate service provisioning of the three chosen customers for the initial
period of six months before publicly offering the service to other
customers
As the pilot project proceeds, a new Web-based management environment is
released to allow for the self-provisioning of virtual servers, as well as SLA and
financial tracking functionality in realtime. The pilot projects are considered
highly successful, leading to the next step of opening the cloud-based services to
other customers.
2.3. Case Study #3: Innovartus Technologies Inc.
The primary business line of Innovartus Technologies Inc. is the development of
virtual toys and educational entertainment products for children. These services
are provided through a Web portal that employs a role-playing model to create
customized virtual games for PCs and mobile devices. The games allow users to
create and manipulate virtual toys (cars, dolls, pets) that can be outfitted with
virtual accessories that are obtained by completing simple educational quests.
The main demographic is children under 12 years. Innovartus further has a social
network environment that enables users to exchange items and collaborate with
others. All of these activities can be monitored and tracked by the parents, who
can also participate in a game by creating specific quests for their children.
The most valuable and revolutionary feature of Innovartus’ applications is an
experimental end-user interface that is based on natural interface concepts. Users
can interact via voice commands, simple gestures that are captured with a
Webcam, and directly by touching tablet screens.
The Innovartus portal has always been cloud-based. It was originally developed
via a PaaS platform and has been hosted by the same cloud provider ever since.
However, recently this environment has revealed several technical limitations
that impact features of Innovartus’ user interface programming frameworks.
Technical Infrastructure and Environment
Many of Innovartus’ other office automation solutions, such as shared file
repositories and various productivity tools, are also cloud-based. The on-premise
corporate IT environment is relatively small, comprised mainly of work area
devices, laptops, and graphic design workstations.
Business Goals and Strategy
Innovartus has been diversifying the functionality of the IT resources that are
used for their Web-based and mobile applications. The company has also
increased efforts to internationalize their applications; both the Web site and the
mobile applications are currently offered in five different languages.
Roadmap and Implementation Strategy
Innovartus intends to continue building upon its cloud-based solutions; however,
the current cloud hosting environment has limitations that need to be overcome:
• scalability needs to be improved to accommodate increased and less
predictable cloud consumer interaction
• service levels need to be improved to avoid outages that are currently more
frequent than expected
• cost effectiveness needs to be improved, as leasing rates are higher with
the current cloud provider when compared to others
These and other factors have led Innovartus to decide to migrate to a larger,
more globally established cloud provider.
The roadmap for this migration project includes:
• a technical and economic report about the risks and impacts of the planned
migration
• a decision tree and a rigorous study initiative focused on the criteria for
selecting the new cloud provider
• portability assessments of applications to determine how much of each
existing cloud service architecture is proprietary to the current cloud
provider’s environment
Innovartus is further concerned about how and to what extent the current cloud
provider will support and cooperate with the migration process.
Part I: Fundamental Cloud
Computing
Chapter 3: Understanding Cloud Computing
Chapter 4: Fundamental Concepts and Models
Chapter 5: Cloud-Enabling Technology
Chapter 6: Fundamental Cloud Security
The upcoming chapters establish concepts and terminology that are referenced
throughout subsequent chapters and parts in this book. It is recommended that
Chapters 3 and 4 be reviewed, even for those already familiar with cloud
computing fundamentals. Sections in Chapters 5 and 6 can be selectively
skipped by those already familiar with the corresponding technology and
security topics.
Chapter 3. Understanding Cloud Computing
3.1 Origins and Influences
3.2 Basic Concepts and Terminology
3.3 Goals and Benefits
3.4 Risks and Challenges
This is the first of two chapters that provide an overview of introductory cloud
computing topics. It begins with a brief history of cloud computing along with
short descriptions of its business and technology drivers. This is followed by
definitions of basic concepts and terminology, in addition to explanations of the
primary benefits and challenges of cloud computing adoption.
3.1. Origins and Influences
A Brief History
The idea of computing in a “cloud” traces back to the origins of utility
computing, a concept that computer scientist John McCarthy publicly proposed
in 1961:
“If computers of the kind I have advocated become the computers of the
future, then computing may someday be organized as a public utility just as
the telephone system is a public utility. … The computer utility could become
the basis of a new and important industry.”
In 1969, Leonard Kleinrock, a chief scientist of the Advanced Research Projects
Agency Network or ARPANET project that seeded the Internet, stated:
“As of now, computer networks are still in their infancy, but as they grow up
and become sophisticated, we will probably see the spread of ‘computer
utilities’ …”.
The general public has been leveraging forms of Internet-based computer
utilities since the mid-1990s through various incarnations of search engines
(Yahoo!, Google), e-mail services (Hotmail, Gmail), open publishing platforms
(MySpace, Facebook, YouTube), and other types of social media (Twitter,
LinkedIn). Though consumer-centric, these services popularized and validated
core concepts that form the basis of modern-day cloud computing.
In the late 1990s, Salesforce.com pioneered the notion of bringing remotely
provisioned services into the enterprise. In 2002, Amazon.com launched the
Amazon Web Services (AWS) platform, a suite of enterprise-oriented services
that provide remotely provisioned storage, computing resources, and business
functionality.
A slightly different evocation of the term “Network Cloud” or “Cloud” was
introduced in the early 1990s throughout the networking industry. It referred to
an abstraction layer derived in the delivery methods of data across
heterogeneous public and semi-public networks that were primarily packetswitched, although cellular networks used the “Cloud” term as well. The
networking method at this point supported the transmission of data from one
end-point (local network) to the “Cloud” (wide area network) and then further
decomposed to another intended end-point. This is relevant, as the networking
industry still references the use of this term, and is considered an early adopter
of the concepts that underlie utility computing.
It wasn’t until 2006 that the term “cloud computing” emerged in the commercial
arena. It was during this time that Amazon launched its Elastic Compute Cloud
(EC2) services that enabled organizations to “lease” computing capacity and
processing power to run their enterprise applications. Google Apps also began
providing browser-based enterprise applications in the same year, and three
years later, the Google App Engine became another historic milestone.
Definitions
A Gartner report listing cloud computing at the top of its strategic technology
areas further reaffirmed its prominence as an industry trend by announcing its
formal definition as:
“…a style of computing in which scalable and elastic IT-enabled capabilities
are delivered as a service to external customers using Internet
technologies.”
This is a slight revision of Gartner’s original definition from 2008, in which
“massively scalable” was used instead of “scalable and elastic.” This
acknowledges the importance of scalability in relation to the ability to scale
vertically and not just to enormous proportions.
Forrester Research provided its own definition of cloud computing as:
“…a standardized IT capability (services, software, or infrastructure)
delivered via Internet technologies in a pay-per-use, self-service way.”
The definition that received industry-wide acceptance was composed by the
National Institute of Standards and Technology (NIST). NIST published its
original definition back in 2009, followed by a revised version after further
review and industry input that was published in September of 2011:
“Cloud computing is a model for enabling ubiquitous, convenient, ondemand network access to a shared pool of configurable computing
resources (e.g., networks, servers, storage, applications, and services) that
can be rapidly provisioned and released with minimal management effort or
service provider interaction. This cloud model is composed of five essential
characteristics, three service models, and four deployment models.”
This book provides a more concise definition:
“Cloud computing is a specialized form of distributed computing that
introduces utilization models for remotely provisioning scalable and
measured resources.”
This simplified definition is in line with all of the preceding definition variations
that were put forth by other organizations within the cloud computing industry.
The characteristics, service models, and deployment models referenced in the
NIST definition are further covered in Chapter 4.
Business Drivers
Before delving into the layers of technologies that underlie clouds, the
motivations that led to their creation by industry leaders must first be
understood. Several of the primary business drivers that fostered modern cloudbased technology are presented in this section.
The origins and inspirations of many of the characteristics, models, and
mechanisms covered throughout subsequent chapters can be traced back to the
upcoming business drivers. It is important to note that these influences shaped
clouds and the overall cloud computing market from both ends. They have
motivated organizations to adopt cloud computing in support of their business
automation requirements. They have correspondingly motivated other
organizations to become providers of cloud environments and cloud technology
vendors in order to create and meet the demand to fulfill consumer needs.
Capacity Planning
Capacity planning is the process of determining and fulfilling future demands of
an organization’s IT resources, products, and services. Within this context,
capacity represents the maximum amount of work that an IT resource is capable
of delivering in a given period of time. A discrepancy between the capacity of an
IT resource and its demand can result in a system becoming either inefficient
(over-provisioning) or unable to fulfill user needs (under-provisioning). Capacity
planning is focused on minimizing this discrepancy to achieve predictable
efficiency and performance.
Different capacity planning strategies exist:
• Lead Strategy – adding capacity to an IT resource in anticipation of
demand
• Lag Strategy – adding capacity when the IT resource reaches its full
capacity
• Match Strategy – adding IT resource capacity in small increments, as
demand increases
Planning for capacity can be challenging because it requires estimating usage
load fluctuations. There is a constant need to balance peak usage requirements
without unnecessary over-expenditure on infrastructure. An example is outfitting
IT infrastructure to accommodate maximum usage loads which can impose
unreasonable financial investments. In such cases, moderating investments can
result in under-provisioning, leading to transaction losses and other usage
limitations from lowered usage thresholds.
Cost Reduction
A direct alignment between IT costs and business performance can be difficult to
maintain. The growth of IT environments often corresponds to the assessment of
their maximum usage requirements. This can make the support of new and
expanded business automations an ever-increasing investment. Much of this
required investment is funneled into infrastructure expansion because the usage
potential of a given automation solution will always be limited by the processing
power of its underlying infrastructure.
Two costs need to be accounted for: the cost of acquiring new infrastructure, and
the cost of its ongoing ownership. Operational overhead represents a
considerable share of IT budgets, often exceeding up-front investment costs.
Common forms of infrastructure-related operating overhead include the
following:
• technical personnel required to keep the environment operational
• upgrades and patches that introduce additional testing and deployment
cycles
• utility bills and capital expense investments for power and cooling
• security and access control measures that need to be maintained and
enforced to protect infrastructure resources
• administrative and accounts staff that may be required to keep track of
licenses and support arrangements
The on-going ownership of internal technology infrastructure can encompass
burdensome responsibilities that impose compound impacts on corporate
budgets. An IT department can consequently become a significant—and at times
overwhelming—drain on the business, potentially inhibiting its responsiveness,
profitability, and overall evolution.
Organizational Agility
Businesses need the ability to adapt and evolve to successfully face change
caused by both internal and external factors. Organizational agility is the
measure of an organization’s responsiveness to change.
An IT enterprise often needs to respond to business change by scaling its IT
resources beyond the scope of what was previously predicted or planned for. For
example, infrastructure may be subject to limitations that prevent the
organization from responding to usage fluctuations—even when anticipated—if
previous capacity planning efforts were restricted by inadequate budgets.
In other cases, changing business needs and priorities may require IT resources
to be more available and reliable than before. Even if sufficient infrastructure is
in place for an organization to support anticipated usage volumes, the nature of
the usage may generate runtime exceptions that bring down hosting servers. Due
to a lack of reliability controls within the infrastructure, responsiveness to
consumer or customer requirements may be reduced to a point whereby a
business’ overall continuity is threatened.
On a broader scale, the up-front investments and infrastructure ownership costs
that are required to enable new or expanded business automation solutions may
themselves be prohibitive enough for a business to settle for IT infrastructure of
less-than-ideal quality, thereby decreasing its ability to meet real-world
requirements.
Worse yet, the business may decide against proceeding with an automation
solution altogether upon review of its infrastructure budget, because it simply
cannot afford to. This form of inability to respond can inhibit an organization
from keeping up with market demands, competitive pressures, and its own
strategic business goals.
Technology Innovations
Established technologies are often used as inspiration and, at times, the actual
foundations upon which new technology innovations are derived and built. This
section briefly describes the pre-existing technologies considered to be the
primary influences on cloud computing.
Clustering
A cluster is a group of independent IT resources that are interconnected and
work as a single system. System failure rates are reduced while availability and
reliability are increased, since redundancy and failover features are inherent to
the cluster.
A general prerequisite of hardware clustering is that its component systems have
reasonably identical hardware and operating systems to provide similar
performance levels when one failed component is to be replaced by another.
Component devices that form a cluster are kept in synchronization through
dedicated, high-speed communication links.
The basic concept of built-in redundancy and failover is core to cloud platforms.
Clustering technology is explored further in Chapter 8 as part of the Resource
Cluster mechanism description.
Grid Computing
A computing grid (or “computational grid”) provides a platform in which
computing resources are organized into one or more logical pools. These pools
are collectively coordinated to provide a high performance distributed grid,
sometimes referred to as a “super virtual computer.” Grid computing differs
from clustering in that grid systems are much more loosely coupled and
distributed. As a result, grid computing systems can involve computing
resources that are heterogeneous and geographically dispersed, which is
generally not possible with cluster computing-based systems.
Grid computing has been an on-going research area in computing science since
the early 1990s. The technological advancements achieved by grid computing
projects have influenced various aspects of cloud computing platforms and
mechanisms, specifically in relation to common feature-sets such as networked
access, resource pooling, and scalability and resiliency. These types of features
can be established by both grid computing and cloud computing, in their own
distinctive approaches.
For example, grid computing is based on a middleware layer that is deployed on
computing resources. These IT resources participate in a grid pool that
implements a series of workload distribution and coordination functions. This
middle tier can contain load balancing logic, failover controls, and autonomic
configuration management, each having previously inspired similar—and
several more sophisticated—cloud computing technologies. It is for this reason
that some classify cloud computing as a descendant of earlier grid computing
initiatives.
Virtualization
Virtualization represents a technology platform used for the creation of virtual
instances of IT resources. A layer of virtualization software allows physical IT
resources to provide multiple virtual images of themselves so that their
underlying processing capabilities can be shared by multiple users.
Prior to the advent of virtualization technologies, software was limited to
residing on and being coupled with static hardware environments. The
virtualization process severs this software-hardware dependency, as hardware
requirements can be simulated by emulation software running in virtualized
environments.
Established virtualization technologies can be traced to several cloud
characteristics and cloud computing mechanisms, having inspired many of their
core features. As cloud computing evolved, a generation of modern
virtualization technologies emerged to overcome the performance, reliability,
and scalability limitations of traditional virtualization platforms.
As a foundation of contemporary cloud technology, modern virtualization
provides a variety of virtualization types and technology layers that are
discussed separately in Chapter 5.
Technology Innovations vs. Enabling Technologies
It is essential to highlight several other areas of technology that continue to
contribute to modern-day cloud-based platforms. These are distinguished as
cloud-enabling technologies, the following of which are covered in Chapter 5:
• Broadband Networks and Internet Architecture
• Data Center Technology
• (Modern) Virtualization Technology
• Web Technology
• Multitenant Technology
• Service Technology
Each of these cloud-enabling technologies existed in some form prior to the
formal advent of cloud computing. Some were refined further, and on occasion
even redefined, as a result of the subsequent evolution of cloud computing.
Summary of Key Points
• The primary business drivers that exposed the need for cloud
computing and led to its formation include capacity planning, cost
reduction, and organizational agility.
• The primary technology innovations that influenced and inspired key
distinguishing features and aspects of cloud computing include
clustering, grid computing, and traditional forms of virtualization.
3.2. Basic Concepts and Terminology
This section establishes a set of basic terms that represent the fundamental
concepts and aspects pertaining to the notion of a cloud and its most primitive
artifacts.
Cloud
A cloud refers to a distinct IT environment that is designed for the purpose of
remotely provisioning scalable and measured IT resources. The term originated
as a metaphor for the Internet which is, in essence, a network of networks
providing remote access to a set of decentralized IT resources. Prior to cloud
computing becoming its own formalized IT industry segment, the symbol of a
cloud was commonly used to represent the Internet in a variety of specifications
and mainstream documentation of Web-based architectures. This same symbol is
now used to specifically represent the boundary of a cloud environment, as
shown in Figure 3.1.
Figure 3.1. The symbol used to denote the boundary of a cloud environment.
It is important to distinguish the term “cloud” and the cloud symbol from the
Internet. As a specific environment used to remotely provision IT resources, a
cloud has a finite boundary. There are many individual clouds that are accessible
via the Internet. Whereas the Internet provides open access to many Web-based
IT resources, a cloud is typically privately owned and offers access to IT
resources that is metered.
Much of the Internet is dedicated to the access of content-based IT resources
published via the World Wide Web. IT resources provided by cloud
environments, on the other hand, are dedicated to supplying back-end processing
capabilities and user-based access to these capabilities. Another key distinction
is that it is not necessary for clouds to be Web-based even if they are commonly
based on Internet protocols and technologies. Protocols refer to standards and
methods that allow computers to communicate with each other in a pre-defined
and structured manner. A cloud can be based on the use of any protocols that
allow for the remote access to its IT resources.
Note
Diagrams in this book depict the Internet using the globe symbol.
IT Resource
An IT resource is a physical or virtual IT-related artifact that can be either
software-based, such as a virtual server or a custom software program, or
hardware-based, such as a physical server or a network device (Figure 3.2).
Figure 3.2. Examples of common IT resources and their corresponding symbols.
Figure 3.3 illustrates how the cloud symbol can be used to define a boundary for
a cloud-based environment that hosts and provisions a set of IT resources. The
displayed IT resources are consequently considered to be cloud-based IT
resources.
Figure 3.3. A cloud is hosting eight IT resources: three virtual servers, two cloud
services, and three storage devices.
Technology architectures and various interaction scenarios involving IT
resources are illustrated in diagrams like the one shown in Figure 3.3. It is
important to note the following points when studying and working with these
diagrams:
• The IT resources shown within the boundary of a given cloud symbol
usually do not represent all of the available IT resources hosted by that
cloud. Subsets of IT resources are generally highlighted to demonstrate a
particular topic.
• Focusing on the relevant aspects of a topic requires many of these
diagrams to intentionally provide abstracted views of the underlying
technology architectures. This means that only a portion of the actual
technical details are shown.
Furthermore, some diagrams will display IT resources outside of the cloud
symbol. This convention is used to indicate IT resources that are not cloudbased.
Note
The virtual server IT resource displayed in Figure 3.2 is further discussed
in Chapters 5 and 7. Physical servers are sometimes referred to as
physical hosts (or just hosts) in reference to the fact that they are
responsible for hosting virtual servers.
On-Premise
As a distinct and remotely accessible environment, a cloud represents an option
for the deployment of IT resources. An IT resource that is hosted in a
conventional IT enterprise within an organizational boundary (that does not
specifically represent a cloud) is considered to be located on the premises of the
IT enterprise, or on-premise for short. In other words, the term “on-premise” is
another way of stating “on the premises of a controlled IT environment that is
not cloud-based.” This term is used to qualify an IT resource as an alternative to
“cloud-based.” An IT resource that is on-premise cannot be cloud-based, and
vice-versa.
Note the following key points:
• An on-premise IT resource can access and interact with a cloud-based IT
resource.
• An on-premise IT resource can be moved to a cloud, thereby changing it to
a cloud-based IT resource.
• Redundant deployments of an IT resource can exist in both on-premise and
cloud-based environments.
If the distinction between on-premise and cloud-based IT resources is confusing
in relation to private clouds (described in the Cloud Deployment Models section
of Chapter 4), then an alternative qualifier can be used.
Cloud Consumers and Cloud Providers
The party that provides cloud-based IT resources is the cloud provider. The party
that uses cloud-based IT resources is the cloud consumer. These terms represent
roles usually assumed by organizations in relation to clouds and corresponding
cloud provisioning co…