Introduction to Cloud Computing

contd.
&
Virtual Hardware
IT Applications– Session 12

Contents adapted from Jill West, CompTIA Cloud+ Guide to Cloud Computing, 2nd Edition. 2023 Cengage.
Introduction to Cloud Computing contd.
 Community Cloud

• A community cloud is accessible to multiple organizations with similar concerns, but

not to the general public

• One of the member organizations might host and manage the community cloud
resources either on- or off-premises
− Or it might be provided by a third party
 Cloud Within a Cloud

• Cloud within a cloud is a strategy where customers can migrate their vCenter
virtualization environment onto a public cloud platform

• This approach offers the following advantages:

− Cloud-native technologies
− Unlimited scalability
− Familiarity
− Seamless migration
 Knowledge Check Activity 1-2

An AWS-hosted network using the G Suite productivity apps is an example of what kind
of cloud?

a. Community cloud

b. Cloud-within-a-cloud

c. Hybrid cloud

d. Multi-cloud
 Knowledge Check Activity 1-2: Answer

An AWS-hosted network using the G Suite productivity apps is

an example of what kind of cloud?
Answer: d. Multi-cloud
A multi-cloud model involves using cloud services from multiple vendors
at one time, such as AWS and Google.
 Section 1-3: Cloud Service Models

• This section discusses the most common cloud service models, and it explores
security concerns related to each model
 Common Cloud Service Models (1 of 2)

• SaaS (Software as a Service) – the provision of software through the cloud

• PaaS (Platform as a Service) – an intermediate level of cloud capability that allows

customers to deploy applications on various platforms without having to manage the
lower-layer infrastructure

• IaaS (Infrastructure as a Service) – service that allows consumers to deploy a cloud-

based network with services such as storage, user desktops, network infrastructure
devices, network security devices, and network services
Common Cloud Service Models (2 of 2)
 Service Model Security Concerns (1 of 2)

• SaaS Security Concerns

− Data created, stored, and accessed through SaaS solutions must be encrypted
both at rest (when stored) and in transit (as it travels between the CSP and the
consumer)
− Even when data is encrypted, it can still be compromised through social
engineering attacks that result in unauthorized access to the SaaS products used
to manage that data

• PaaS Security Concerns

− Because PaaS-hosted applications are easily accessed online, they have an
increased vulnerability to hacking attempts
− PaaS providers must ensure that customers don’t have administrative or root
access to servers running PaaS instances
 Service Model Security Concerns (2 of 2)

• IaaS Security Concerns

− IaaS customers must consider similar security concerns as when running their
own, on-prem infrastructure
▪ This includes compliance regulations, audit requirements, and identity
management
 Knowledge Check Activity 1-3

Which cloud service model requires the least skill to use?

a. DRaaS

b. IaaS

c. PaaS

d. SaaS
 Knowledge Check Activity 1-3: Answer

Which cloud service model requires the least skill to use?

Answer: d. SaaS
With SaaS, applications can be accessed from different types of devices
without having to manage any of the underlying infrastructure such as
the network, servers, operating systems, or storage.
 Section 1-4: Cloud Service Providers

• Salesforce hosts a popular SaaS-based CRM system

• The top three leaders in the PaaS and IaaS markets as of 2022 include the following:
− AWS (Amazon Web Services)
− Microsoft Azure
− GCP (Google Cloud Platform)
 PaaS and IaaS Providers

• Other PaaS and IaaS providers include the following:

− Alibaba Cloud
− IBM Cloud
− Oracle Cloud

• You can host your own private cloud using one of the following options:
− OpenStack
− VMware
− Eucalyptus
 Common Cloud Services

• Major CSPs offer basic product types such as configuring a cloud network, hosting
resources on the cloud, and running needed processes

• Major cloud services types may include the following:

▪ Compute
▪ Storage
▪ Networking
▪ Security
▪ Application components
▪ Management tools
 Internet of Things

• The IoT (Internet of Things) is a collection of all devices connected to the Internet
including devices such as refrigerators, garage doors, lamps, etc…

• IoT devices rely on cloud technology to optimize their functionality, as follows:

− Communication – IoT devices generally communicate over the Internet with a
cloud service of some kind
− Storage – IoT generates massive amounts of data, which is often stored in the
cloud
 Knowledge Check Activity 1-4

Which public cloud platform offers the most streamlined integration with Windows
Active Directory?

a. AWS

b. Alibaba

c. Azure

d. Oracle
 Knowledge Check Activity 1-4: Answer

Which public cloud platform offers the most streamlined

integration with Windows Active Directory?
Answer: c. Azure
Azure is designed for seamless compatibility with Microsoft’s other
tools, such as Windows Active Directory
 Common Cloud Computing Problems

• Some common issues found in cloud computing include the following:

− Connectivity issues - no access
− Latency - slow or delayed connectivity
− Capacity - not handling demand
− Security - threats to integrity
Virtual Hardware
 Section 2-1: Virtualization Technologies

• Virtualization is a virtual, or logical, version of something rather than the actual, or

physical, version

• Physical machines can be divided into pieces that support several virtual systems

• These virtual systems are called virtual machines

 Virtual Machines (1 of 2)

• VMs (virtual machines) have their own OS (operating system), and all the VMs on a
physical computer share the same hardware resources

• The VM is considered a guest on the physical computer and the physical computer is
the host

• A hypervisor, also called a VMM (virtual machine manager), creates and manages the
VM and manages hardware resource allocation and sharing between a host and any of
its guest VMs

• A single physical machine with robust hardware can take the place of an entire rack
of physical servers through the use of virtualization
Virtual Machines (2 of 2)
 Hypervisors (1 of 2)

• A type 1 hypervisor is installed directly on the firmware of the physical machine

− Sometimes referred to as a “bare-metal” hypervisor

• A type 2 hypervisor is installed over an existing OS as an application and then guest

OSs are installed inside the hypervisor

• A type 1 hypervisor is faster, more powerful, and more secure than a type 2
hypervisor

• For a CPU to support virtualization by a hypervisor, the CPU must have the HAV
(hardware-assisted virtualization) feature turned on in the motherboard’s UEFI/BIOS
setup
− On Intel chips, this feature is called VT (Virtualization Technology) and on AMD
chips, it is called AMD-V (AMD virtualization)
Hypervisors (1 of 3)
 VM Configuration (1 of 4)

• CPUs
− vCPUs (virtual CPUs) are a logical thread of processing power allotted to VMs
− Through a process called CPU scheduling, the hypervisor schedules a VMs access
to the physical CPU cores available on the host machine
− The best practice when creating a VM is to start with one vCPU

• GPUs
− A GPU (graphics processing unit) is designed to handle high volumes of parallel
functions
− When allocating GPU resources to VMs, you can take one of these two approaches:
▪ Pass-through or Virtual (or shared)
 VM Configuration (2 of 4)

• Memory
− vRAM (virtual RAM) is a host’s physical memory reserved for a VM’s use
− Ensure the host machine has enough physical memory
− Ensure each VM can reserve sufficient memory for the OS and applications
installed on it

• Storage
− Most hypervisors allow for dynamic storage configuration for VMs
− Problem occurs when VMs or the host use up most of its allotted storage space
− A solution might be to overcommit storage and add more physical disks to expand
available space
VM Configuration (3 of 4)
 VM Configuration (4 of 4)

• Device Drivers
− VMs can also be given access to attached peripheral devices, however, the VM will
need its own copy of the device’s driver
− Three types of drivers are available:
▪ Generic
▪ Vendor
▪ Open source
 Section 2-2: Virtualized Processing and
Memory
• Virtual processing and virtual memory might require extensive configuration to reach
an optimal level of functioning for your VMs
 CPU Management (1 of 4)

• You must understand the differences of the following CPU cores:

− With a single core (pre 2002), a single CPU chip had a single core
▪ The core performs one task at a time and the series of tasks the core
performs is called a thread
− Logical core (2002) processors can perform hyperthreading (HT), which allows a
single physical core to schedule two tasks at the same time
▪ This process appeared to the computer as two logical cores
− Multicore (2005) – AMD released their first dual-core processor
▪ By 2007, Intel released a quad-core processor
CPU Management (2 of 4)
 CPU Management (3 of 4)

• Oversubscription Ratio
− You can overcommit (oversubscribe) the number of vCPUs to available threads
with the understanding that most VMs won’t use all their vCPUs at any given time
− The number of vCPUs to available threads is called the overcommitment ratio
− For maximum performance, find the “sweet spot” for the overcommitment ratio
that depends on the type of tasks running in the VMs
− A common overcommitment ratio for active VMs is three vCPUs per thread (logical
core) on the host
▪ It is written as 3:1
 CPU Management (4 of 4)

• Optimizing CPU Allocation

− SMT (simultaneous multi-threading) can significantly increase the number of
vCPUs a host can support, but there are cases where disabling SMT results in
performance improvements
▪ If tasks running simultaneously on multiple logical cores tend to use many of
the same resources, you might be creating a bottleneck
− Another reason to minimize vCPU allocation is volume-based licensing, which is
calculated based on the number of logical CPU cores used to execute the
software
Thank You!