CM5108 – CLOUD

COMPUTING
Compiled and prepared by:
Megha Yawalkar

Department of Computer Engineering

Government Polytechnic Pune
 UNIT – II (CLOUD ARCHITECTURE)
Cloud computing is combination of service-oriented architecture and event-
driven architecture.

(a) Service – oriented architecture

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 2

(b) Event – driven architecture

◦ Reference: Internet

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 3

Cloud Computing architecture
❑ Cloud computing architecture includes components that are used to build
and maintain cloud environment. These resources are pooled by
virtualization and they are connected and communicate through a wide
network.
❑ Components of CC Architecture include:
• A front-end platform (the client or device used to access the cloud)
• One or more back-end platforms (servers and storage)
• A cloud-based delivery methodology
• A network to connect cloud clients, servers, and storage

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 4

Cloud Computing architecture
❑ The CC Architecture is divided into main parts as:
❑ BACK-END
❑ Encompasses a background to run the cloud environment
❑ FRONT-END ❑ It has complete responsibility to run, manage, protect the
❑ User / client-side interface entire cloud environment -> it is the cloud itself….
and/or application ❑ It has sub-components as –
❑ Use to establish a access face ❑ Application – platform or software to perform client
access
for user, with the cloud
❑ Service – three types of services (IaaS, PaaS, SaaS)
environment ❑ Cloud runtime – provision of runtime environment to
❑ It has front-end components execute instructions/ batch of programs
❑ It may includes client ❑ Storage – A scalable data storage
interface such as browsers, ❑ Infrastructure – h/w and s/w units including servers,
server, data storage, thin client, storage, networking devices, virtual machines etc
fat client, tablet, mobile device ❑ Management – rules, policies to manage resources,
etc applications, services and related tools
❑ Security – to data, to applications, to communication
channels
Compiled and prepared by: Megha Yawalkar
CLOUD COMPUTING 5
Cloud Computing architecture
❑ The front-end and back-end are connected with each other through internet connections.

❖The fundamental components of cloud architecture can be further categorized as:

• Virtualization: Clouds are built upon virtualization of servers, storage, and networks. Virtualized resources are a
software-based, or virtual, representation of a physical resource such as servers or storage. This abstraction layer
enables multiple applications to utilize the same physical resources, thereby increasing the efficiency of servers,
storage, and networking throughout the enterprise.
• Infrastructure: Yes, there are real servers. Cloud infrastructure includes all the components of traditional data
centers including servers, persistent storage and networking gear including routers and switches.
• Middleware: As in traditional data centers, these software components such as databases and communications
applications enable networked computers, applications and software to communicate with each other.
• Management: These tools enable continuous monitoring of a cloud environment’s performance and capacity. IT
teams can track usage, deploy new apps, integrate data and ensure disaster recovery, all from a single console.
• Automation software: The delivery of critical IT services through automation and pre-defined policies can
significantly ease IT workloads, streamline application delivery, and reduce costs. In a cloud architecture,
automation is used to easily scale up system resources to accommodate a spike in demand for compute power,
deploy applications to meet fluctuating market demands, or ensure governance across a cloud environment.

Compiled and prepared by: Megha Yawalkar

CLOUD COMPUTING 6
Cloud Computing architecture

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 7

Cloud Computing architecture
1. Management (in Cloud Computing)

Cloud Infrastructure Management

- Managing physical and virtual resources such as servers, storage, and networks
- VIM – Virtual Infrastructure Manager
- Features of VIM
- 1. Virtualization support
- Self-service, On-demand resource provisioning
- Multiple back-end hypervisors
- Storage virtualization
- Interface to Public Clouds
- Virtual networking
- Dynamic resource allocation
- Virtual Clusters
- Reservations and negation mechanism
- High availability and data recovery

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 8

Cloud Computing architecture
2. Infrastructure as a service (IaaS):
- Provides physical and virtual resources access and interface for the same
- Customers access these resources on the Internet using a pay-as-per use model.
- IaaS is offered in three models – Public, Private, and Hybrid
- Services provided by Infrastructure layer are –
- Computing
- Storage
- Network
- Load balancing
- Geographic distribution of data centers
- Variety of user interfaces and APIs to access system
- Specialized components and services that aid particular applications
- Choice of virtualization platforms and operating systems
- Different billing methods and periods (e.g. prepaid, post-paid, hourly, monthly)

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 9

Cloud Computing architecture
2. Infrastructure as a service (IaaS): FEATURES

A. Geographic presence –
A. to improve availability and responsiveness
B. “availability zones” and “regions” for Amazon EC2 service, insulated from failures
B. User interfaces and access to servers –
A. Provision of multiple access means
B. Abstractions are provided through it
C. GUI, CLI, Web Service APIs
C. Advance reservation of capacity-
A. Allows user to request for an IaaS provider to reserve resources for specific time duration, so
ensuring availability of it a time of need
B. E.g. Amazon Reserved Instances
D. Automatic scaling and load balancing –
A. Elasticity is key feature of cloud computing
B. Scaling up and down to meet varying load. Automatic scaling
E. Service level agreement
F. Hypervisor and Operating system choice
Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 10
Cloud Computing architecture
2. Infrastructure as a service (IaaS): FEATURES

E. Service level agreement –

A. offered by IaaS Provider
B. Statements to provide QoS at predefined cost
C. Availability and performance guarantee

F. Hypervisor and Operating system choice –

A. variety of OS and Hypervisors to extended requests from various users/ customers

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 11

Cloud Computing architecture
2. Infrastructure as a service (IaaS): EXAMPLES

❑ AMAZON WEB SERVICES –

❑ It pioneered the introduction of IaaS to clouds in 2006.
❑ It offers variety of cloud services – S3, EC2, CloudFront etc
❑ What EC2 offers – multiple data centres available in US and Europe, CLI, Webservices, Web
based console user interfaces, advanced reservation of capacity which guarantees
availability of 1 and 3 years, 99.5% availability SLA, per hour pricing, support to multiple OS,
automatic scaling, load balancing

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 12

Cloud Computing architecture
3. Platform as a service (PaaS):

❑ In PaaS commonly a deployment or deployment environment is offered as a service. In this users

are allowed to create and run their applications with little or no concern with low-level details of
platform.

❑ Like IaaS it also offer some infrastructures like data storage and memory caches etc

❑ PaaS allows you to avoid the expense and complexity of buying and managing software licenses,
the underlying application infrastructure and middleware, container orchestrators such
as Kubernetes or the development tools and other resources.

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 13

Cloud Computing architecture
4. Software as a service (SaaS): Introduction, Features, Example(s)

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 14

Challenges and risks:
1. Security, Privacy, and Trust –
➢ Information security –
➢ Network security –
➢ Data privacy – privacy to entire cloud stack
➢ Legal and regulatory issues – as data centers are spread across the world

2. Data lock-in and standardization –

1. Standard methods are required to store data so that it can be migrated or removed out too
any other providers as and when required by the customers
2. Standardization is required so that the migration and storage can be done in uniform way
without taking overhead of standard forms and data types etc.
3. Availability, Fault-tolerance, and disaster recovery –
1. Availability – It is big challenge to provide high level availability of service and all over
performance
2. Fault-tolerance – SLA includes QoS requirements
3. Disaster recovery – a set-up is required so as to ensure disaster recovery.
4. Resource management and Energy – efficiency –

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 15

Cloud Deployment Models:
➢The deployment is the way in which a cloud is designed to
provide service(s). The deployment model changes as per
the requirement set between CSP and the customer; and
hence the deployment model is most probably user –
specific.

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 16

Cloud Deployment Models: - PUBLIC CLOUD
➢ Open to use by general public / organizations / institutes etc. i.e. it’s
services can be subscribed by general public

➢ Omnipresent over the internet

➢ Cloud environment is present in the premises of the CSP

➢ CSP has potentially large computing and storage resources

➢ Communication links are implemented over a public network

➢ Cloud services are available to diverse pool of clients

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 17

Cloud Deployment Models: - PUBLIC CLOUD

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 18

Cloud Deployment Models: - PUBLIC CLOUD

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 19

Cloud Deployment Models: - PUBLIC CLOUD
1. Workload locations are hidden from public/USER:
❖ In public scenario, CSP may migrate workload or storage or
processing at any point of time.
❖ Workload can be migrated to any data center where cost is low
❖ If locations restrictions policies are not used then CSP can relocate
the entire cloud anywhere at any point of time.
2. Risks from multi-tenancy:
❖ A singe service may be shared by any combination of subscribers
so it may arise a security, privacy, and availability issue

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 20

Cloud Deployment Models: - PUBLIC CLOUD
• Dependencies/ Considerations –
• Network dependency – network links to be considered, internet
infrastructure is to be considered,
• Limited visibility to data and control over data
• Unlimited resource availability – as per requirement resources are
provisioned. Infinite scaling up and scaling down is possible
• Low up-front cost to mitigate this cloud
• Restrictive default SLA

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 21

Cloud Deployment Models: - PRIVATE CLOUD
➢ Implemented for exclusive use any organization

➢ Owned, managed, and operated by the organization or by third party

or by combinations

➢ On or off premises

➢ Examples: Amazon VPC, Microsoft ECI data center, Ubuntu enterprise

cloud, Eucalyptus, VMWare Cloud Infrastructure suite etc

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 22

Cloud Deployment Models: - PRIVATE CLOUD
➢ Implemented for exclusive use any organization

➢ Owned, managed, and operated by the organization or by third party

or by combinations

➢ On or off premises

➢ Examples: Amazon VPC, Microsoft ECI data center, Ubuntu enterprise

cloud, Eucalyptus, VMWare Cloud Infrastructure suite etc.

➢ There are two scenarios for Private Cloud

➢ (a) On-site private cloud AND (b) Outsourced Private Cloud

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 23
Cloud Deployment Models: - PRIVATE CLOUD (On-Site)
➢ The security perimeter extends around both the subscriber’s on-site resources and the
private cloud’s resources.
➢ Security perimeter does not guarantees control over the private cloud’s resources but
subscriber can exercise control over the resources.

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 24

Cloud Deployment Models: - PRIVATE CLOUD (On-Site)
• Dependencies/ Considerations –
• Network dependency – network links to be considered, internet
infrastructure is to be considered,
• Subscriber need to possess IT Skills
• Workload locations are hidden from clients
• Risks from multitenancy
• Data import, export and performance limitations
• Potentially strong security from external threats
• Significant to high up-front cost to mitigate to private cloud (on-site)
• Limited resources

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 25

Cloud Deployment Models: - PRIVATE CLOUD (Outsourced)
➢ Outsourced private cloud has two security perimeters, one implemented by a cloud
subscriber (on the right) and one implemented by a provider.
➢ Two security perimeters are joined by a protected communications link.
➢ The security of data and processing conducted in the outsourced private cloud depends on
the strength and availability of both security perimeters and of the protected communication
link.

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 26

Cloud Deployment Models: - PRIVATE CLOUD (Outsourced)
• Dependencies/ Considerations –
• Network dependency – network links to be considered, internet
infrastructure is to be considered,
• Workload locations are hidden from clients
• Risks from multitenancy
• Data import, export and performance limitations
• Potentially strong security from external threats
• Modest to Significant up-front cost to mitigate to private cloud (on-
site)
• Extensive resources are available

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 27

Cloud Deployment Models: - COMMUNITY CLOUD
• Cloud infrastructure is provisioned for exclusive use by a specific community of
consumers from organizations that have shared concerns (e.g., mission, security
requirements, policy, and compliance considerations). It may be owned, managed, and
operated by one or more of the organizations in the community, a third party, or some
combination of them, and it may exist on or off premises.

Examples of Community Cloud:

Google Apps for Government

Microsoft Government Community
Cloud

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 28

Cloud Deployment Models: - COMMUNITY CLOUD (ON-SITE)

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 29

Cloud Deployment Models: - COMMUNITY CLOUD (ON-SITE)
➢ Community cloud is made up of a set of participant organizations. Each
participant organization may provide cloud services, consume cloud
services, or both
➢ At least one organization must provide cloud services
➢ Each organization implements a security perimeter
➢ The participant organizations are connected via links between the
boundary controllers that allow access through their security perimeters
➢ Access policy of a community cloud may be complex
–Ex. :if there are N community members, a decision must be made, either
implicitly or explicitly, on how to share a member's local cloud resources with
each of the other members
–Policy specification techniques like role-based access control (RBAC),
attribute-based access control can be used to express sharing policies.

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 30

Cloud Deployment Models: - COMMUNITY CLOUD (ON-SITE)
• Dependencies/ Considerations –
• Network dependency – network links to be considered, internet
infrastructure is to be considered
• Subscribers need IT skills
• Workload locations are hidden from clients
• Data import, export and performance limitations
• Potentially strong security from external threats
• Highly variable up-front cost to mitigate to community cloud (on-
site)

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 31

Cloud Deployment Models: - COMMUNITY CLOUD (OUTSOURCED)

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 32

Cloud Deployment Models: - COMMUNITY CLOUD (OUTSOURCED)
• Dependencies/ Considerations –
• Network dependency – network links to be considered, internet
infrastructure is to be considered
• Workload locations are hidden from clients
• Risks from multi-tenancy
• Data import, export and performance limitations
• Potentially strong security from external threats
• Modest to significant up-front cost to mitigate to private cloud (on-
site)
• Extensive resources are available

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 33

Cloud Deployment Models: - HYBRID CLOUD
The cloud infrastructure is a composition of two or more distinct cloud infrastructures
(private, community, or public) that remain unique entities, but are bound together by
standardized or proprietary technology that enables data and application portability

Examples:

VMWare vCloud
Microsoft Azure

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 34

Cloud Deployment Models: - HYBRID CLOUD
A hybrid cloud is composed of two or more private, community, or public clouds.
They have significant variations in performance, reliability, and security properties depending upon
the type of cloud chosen to build hybrid cloud. It can be extremely complex. A hybrid cloud may
change over a time with constituent clouds leaving or joining

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 35