Unit 3 New
Unit 3 New
Cloud computing is the latest emerging concept in which we provide the distribution of
computing resources as a service. Different types of clouds are available to us, such as
public, private, hybrid, etc. There are different cloud computing models like IaaS, PaaS,
SaaS, etc.
Four different types of cloud deployment models exist. These deployment models
vary depending on how they are implemented, how they are hosted, and who has
access to them. Although all cloud deployment options are based on the same
virtualization idea (the separation of resources from bare metal infrastructure), they
vary in terms of location, storage capacity, accessibility, and other factors. One should
evaluate the various levels of security that Public, Private, Hybrid, and Community
Clouds offer and the level of management necessary depending on the type of data
you are working with.
Public Cloud
Public clouds are run by third parties (Cloud Service Providers, CSP in short) who offer
cloud services to the general public over the internet with pay-as-you-go invoicing
options. They provide ways to reduce the cost of IT infrastructure and develop it into a
viable choice for managing peak demands on local infrastructure. Small firms can
launch their operations without making significant initial investments by depending
solely on public infrastructure for their IT requirements, making public clouds the go-to
choice for these companies. Multitenancy is one of the essential properties of public
clouds. A public cloud is designed to service many users, not just one particular client.
A user needs a virtual computing environment that is distinct from other users and
most likely isolated. Examples include Microsoft, Google App Engine, IBM SmartCloud
Enterprise, Amazon elastic compute cloud (EC2), and Windows Azure Services
Platform.
Private Cloud
Private clouds are distributed systems that operate on private infrastructure and give
users access to computer resources that are dynamically allocated. Private cloud
users/organizations receive exclusive infrastructure that is not shared with any other
users/organizations. There may be additional plans that regulate cloud usage and
proportionally charge the various departments or areas of an organization in place of
the pay-as-you-go model used in private clouds. When using a private network, the
security and control levels are at their maximum. The costs are borne entirely by one
person or organization; they are not distributed among any other people or
organizations. The user is responsible for managing the Private Cloud, and the CSP
UNIT -3 Cloud Computing Architecture
does not offer any cloud management services. HP Data Centers, Ubuntu, Elastic-
Private cloud, Microsoft, and other companies offer private clouds.
Private clouds are used to do specific tasks, including reliable clustering, data
replication, system monitoring and maintenance, disaster recovery, and other uptime
services. When deploying and running applications in accordance with third-party
compliance standards, specific procedures must be in place. Given the public cloud,
this is not feasible, but on the other side, it is completely possible to implement
an SLA in the case of a private cloud. There are also a few limitations in using private
clouds on a large scale. The private cloud is reachable only in a specific location. The
accessible range is thus minimal. Since client data and other sensitive information do
not transfer outside the private infrastructure, security issues in the private cloud are
reduced. Consequently, managing and running cloud services requires competent
personnel.
Hybrid Cloud
A hybrid cloud is created by merging the resources of the public cloud and the private
cloud. For the same reasons, it is also known as heterogeneous clouds. The inability
of private deployments to scale on demand and effectively handle peak loads is a
significant disadvantage. Thus public clouds are required in such cases. As a result, a
hybrid cloud utilizes the functionality of both public and private clouds. Because it is
created through a distributed system, it is less expensive than other clouds. It
minimizes the latency of the data transfer process while being effectively quick and
inexpensive. The most crucial factor is security. Because it uses a distributed system
network, hybrid clouds are completely safe and secure.
Community Cloud
Community clouds are distributed systems built by combining the capabilities of many
clouds to cater to the unique requirements of a particular industry, community, or
business sector. However, it is challenging for companies to split up their
responsibilities. Companies that share concerns or tasks in a community cloud pool
their infrastructure resources. A company or a third party may control the cloud.
There are a few limitations to using community clouds as well. Not all businesses
should choose community cloud. The private cloud has better security features as
compared to hybrid clouds. Additionally, using hybrid clouds could be difficult when
UNIT -3 Cloud Computing Architecture
there is a lack of teamwork. All community members share a limited amount of data
storage and bandwidth.
Multi-cloud
Using a variety of cloud platforms and services, businesses are accelerating the next
stage of their digital transformation by accelerating the creation of new apps and app
transformation. Since multi-clouds best serve their business goals and application
requirements, companies are choosing to deploy apps on public, private, and edge
clouds. The use of multi-clouds ensures enterprise sovereignty and prevents vendor
lock-in. Concerns about total cloud spending, data sovereignty, vendor
dependence, and lock-in are growing. As a result, businesses will keep dispersing
their estate throughout various surroundings.
Applications need to be deployed to the edge, closer to physical objects and users, to
achieve the next generation of improvements in automation, efficiency, and improved
consumer experiences in the logistics, retail, and manufacturing sectors. Multi-clouds
encourage the growth of the distributed workforce because it is the new reality for
businesses. The emerging hybrid workforce problem is to secure, manage, and enable
workers and their devices to be productive wherever.
Refer to the below table to study the important features of each of the models and see
an outline of what each one can achieve for you:
Feature Public
Private Cloud Community Cloud Hybrid Cloud
compared Cloud
Security and
Low High Comparatively Higher High
Privacy
Control over
Very Less High High High
the data
UNIT -3 Cloud Computing Architecture
Feature Public
Private Cloud Community Cloud Hybrid Cloud
compared Cloud
The following are the types of cloud services that are available.
Software as a service (SaaS) is another cloud computing model. One can avoid
complicated software and hardware maintenance by just accessing software over the
Internet rather than installing and maintaining it.
UNIT -3 Cloud Computing Architecture
Anything-as-a-Service (XaaS)
Anything as a Service (XaaS) refers to a broad class of cloud computing and remote
access services. It acknowledges the enormous variety of modern services, tools, and
technologies that are offered to users online. In essence, every IT function may be
turned into a service for use by businesses. Instead of being paid for upfront or through
a license, the service is paid for using a flexible consumption approach.
• It is fast and easier to retrieve saved information from anywhere at any time.
• It is very expensive to buy and set up all hardware and software-related things to
perform a small operation. Thankfully cloud computing comes to the rescue and
helps in a lot of cost-cutting.
• It is easier to obtain a backup when using cloud computing.
• Database Security is one of the major benefits associated with using cloud
computing.
Although there are many positives in favor of using cloud computing, some factors,
such as good internet connection and dominance of the cloud operator, may act as
limiting factors when deciding to use cloud computing.
• Security: Cloud resources may have more security flaws than traditional on-
premise data centers due to the usage of APIs, cloud-based credentials, and on-
demand services that make it simpler for attackers to gain unauthorized access.
• Costs: Although using the cloud might offer computing capabilities for a fraction
of the price of buying them outright, costs for cloud services can rise
dramatically as consumption increases. Always check the billing information
before signing up for a cloud service to understand how services are metered
and whether you may set caps or receive notifications when usage exceeds your
preferred limits. Additionally, since certain providers' billing practices are not
always clear, it is important to investigate how billing information is conveyed.
• Data persistence: Users of the cloud occasionally want to make sure that the
personal data they have provided to cloud service providers is deleted. However,
UNIT -3 Cloud Computing Architecture
erasing data from cloud resources and verifying such erasure can be laborious,
challenging, or even impossible tasks.
Platforms for cloud computing can also modify their functionality according to
proprietorship. The set of problems and needs may vary depending on the
organization's size and type of work. Therefore, cloud computing platforms use their
scalability to adapt to specific circumstances. For instance, some companies don't
require a lot of discretion and favor a more unrestricted information flow. On the other
hand, other industries choose a more secure platform. The financial and national
security sectors are among these. Thus different cloud computing platforms based on
proprietorship have emerged to cater to these demands.
In the public cloud model, everyone can use the cloud as per their requirements. This
model adopts the pay-per-usage model to store and access information through the
Internet. The cloud service provider manages and controls the computer resources
(CSP) in a public cloud. Examples include Microsoft, Google App Engine, IBM
SmartCloud Enterprise, Amazon elastic compute cloud (EC2), and Windows Azure
Services Platform. Owning a public cloud is much less expensive than doing so for a
private or hybrid cloud. While using a public cloud, one need not bother about
maintenance-related things because the cloud service provider takes care of the
public cloud. It is also a fact that integration is simpler with public clouds. Therefore, it
offers customers a superior level of flexibility. The public cloud is very scalable,
depending on the amount of processing power needed. There is no cap on the number
of users because it is open to everyone. Due to the internet-based nature of public
cloud services, they are location agnostic. But there are some limitations while using
the public cloud as well. For example, security might be a concern since resources are
shared publicly on public clouds, making them less secure. The performance also
depends on factors like the speed of the internet connection.
Private clouds are also known as internal or corporate clouds. Organizations use
private clouds to operate their own data centers, either internally or through a third
party. Opensource tools like Eucalyptus and OpenStack can be used to deploy private
clouds. The National Institute of Standards and Technology (NIST) divides private
clouds into the following categories based on location and management : On-premise
private cloud and Outsourced private cloud. The users benefit from a high level of
security and privacy thanks to private clouds. Private clouds provide superior
performance with faster speeds and more storage space. It makes it possible for the IT
staff to rapidly assign and supply IT resources on demand. Because the organization
manages the cloud, it has total control over it. As a result, the organization doesn't
UNIT -3 Cloud Computing Architecture
need to rely on anyone. It is appropriate for businesses focusing on data security and
needing a separate cloud for personal use. There are a few limitations to using private
clouds as well. Cloud service management and operation demand skilled personnel.
Only the organization can access the private cloud; thus, the operational area is
constrained. Private clouds are inappropriate for businesses with a large user base,
businesses without a ready-made infrastructure, and businesses without enough staff
to maintain and operate the cloud.
Hybrid clouds are a combination of public and private clouds. The security provided by
hybrid clouds lies somewhere between public and private clouds. This is because only
users within the business can access services running on a private cloud, while anyone
can access those running on a public cloud. Examples include Amazon Web Services,
Office 365 (MS Office on the Web and One Drive), and the Google Application Suite
(Google Apps like Google Drive and Gmail). Hybrid clouds are beneficial for
organizations that need more security than public clouds. It is easy and quick to
provide new goods and services with hybrid cloud technology. Thus hybrid clouds offer
a great way to lower the risk. A hybrid cloud provides secure resources thanks to the
private cloud and flexible resources thanks to the public cloud. But there are a few
limitations to using hybrid clouds as well. For example, the security features in hybrid
clouds are inferior to those in private clouds. The requirement for handling many
deployment models makes managing a hybrid cloud challenging. The reliability of the
service depends on the cloud service provider.
The following are the different types of cloud platform technologies that are available
to us.
AWS
One of the most well-liked cloud computing platforms for developing interactive web
solutions for your company is Amazon Web Services (AWS). AWS's architecture is so
flexible you may save costs by using only the services you need. AWS offers a variety of
extensive cloud IaaS services, ranging from whole computing stacks to virtual
computing, storage, and networking. Elastic Compute Cloud (EC2) and Simple
Storage Service (S3) are two of AWS's well-known computing offerings and on-
demand storage services. The end user can customize the virtual hardware they
receive from EC2 to serve as the foundational architecture for deploying computing
systems in the cloud. It will probably have access to various virtual hardware
configurations, such as GPU and cluster instances.
The EC2 instances are deployed using either the web services API, which is accessible
for many programming languages, or the AWS console, a comprehensive Web gateway
UNIT -3 Cloud Computing Architecture
for accessing AWS services. The ability to save an explicit running instance as an image
is another feature of EC2 that enables users to design their system deployment
templates. These templates are kept in S3, which also provides on-demand persistent
storage. S3 is organized neatly into buckets that hold objects that can grow with
attributes and are saved in binary form. Users can store items of any size, from little
files to entire disc images. Accessing them from any location is also possible.
Additionally, various services, such as networking support, caching systems, DNS,
database support, and others, can be incorporated into virtual computing systems
using EC2 and S3.
Microsoft Azure
Microsoft Azure is a platform where users may create cloud-based applications and a
cloud operating system. Microsoft Azure has been a solid solution for businesses trying
to transform their operations since its initial release in 2010 digitally. Given Microsoft's
vast range of services, Azure has been recognized as one of the best cloud service
platforms available. Typically, a scalable runtime environment is offered for distributed
and web applications. Roles, which specify a distribution unit for applications and
express the application's logic, are the central organizing principle for the organization
of applications in Azure. In addition to supporting application execution, Azure offers
several other services, including networking, caching, content delivery, and storage
support. The wide range of services provided is adequate to suit the needs of any
business in any industry. Azure enables you to run services on the cloud or integrate
them with any of your current infrastructures.
ready cloud computing platform for data processing. The Yahoo Cloud architecture
relies heavily on Hadoop to handle several corporate business operations. Yahoo now
runs the biggest Hadoop cluster in the world and is accessible to academic
institutions.
Salesforce
The cloud computing platform Force.com allows users to create social enterprise
applications. The platform is the foundation for customer relationship management
Software as a Service (SaaS) known as Salesforce.com. With Force.com, you may
build applications by assembling ready-to-use blocks, and a full complement of
components covering all of an enterprise's operations is accessible. Force.com offers
assistance with everything from arranging the data to formulating business rules and
user interfaces. Through Web services technologies, this platform, which is hosted in
the Cloud, provides access to all of its capabilities, including those utilized in the
hosted apps.
Cloud Linux
Cloud Linux is the best option if you would rather create your own IT infrastructure
than rely on a third-party service. It's a cloud platform for setting up your internal
infrastructure; it's not a typical cloud services provider. It is a Linux-based operating
system, as is evident from the name. Even though working with Cloud Linux presents
many difficulties, it also offers several benefits and advantages, such as total control,
flexibility, security, and in-depth customization.
IBM Cloud
Frontend
The front end serves as the user's gateway to cloud services. It comprises the user
interface, typically accessible through web browsers or specialized applications. This
interface allows users to interact with various cloud resources and services, such as
deploying virtual machines, managing storage, and accessing applications.
Backend
The resource pool comprises servers, storage devices, and networking equipment
collectively providing computing resources, while the networking infrastructure
facilitates efficient communication between various components. The storage
infrastructure offers scalable and redundant storage solutions for users to store and
retrieve data. Compute Nodes, whether physical or virtual servers are responsible for
executing applications and processing data.
Service Models:
1. User Interface (Frontend): The user interface serves as the entry point for users
to interact with cloud services. It can be a web browser, command-line interface
(CLI), or application through which users access and manage various resources.
2. User Authentication and Authorization: Ensures secure access to cloud
resources by verifying user identities and managing permissions. Authentication
validates user credentials, while authorization determines the actions a user is
allowed to perform.
3. Frontend Processor: Manages incoming user requests from the front end and
directs them to the appropriate backend services. It serves as a mediator, making
communication easier between the backend infrastructure and the user
interface.
4. Virtualization Layer: Utilizes virtualization technologies to create and manage
virtual instances of computing resources. This layer enables the operation of
several virtual machines on a single physical server, optimising hardware
utilization.
5. Resource Pool: It consists of the virtual and physical resources that serve as
cloud computing's building blocks. Servers, storage units, and networking
hardware provide on-demand computing resources.
6. Networking Infrastructure: It permits communication between the various
cloud architecture components. This comprises switches, routers, and other
networking hardware that makes sure data moves through the cloud environment
effectively.
7. Storage Infrastructure: Offers scalable and redundant storage solutions to meet
the diverse needs of users. Cloud storage allows for the secure and flexible
management of data, accommodating changing storage requirements.
8. Compute Nodes: Physical or virtual servers responsible for executing
applications and processing data. Compute nodes are crucial for providing the
computing power needed to run applications and services within the cloud.
9. Security Services: It includes a variety of security techniques to protect data
and infrastructure, including intrusion detection systems, firewalls, and
encryption. Security services are essential to preserve the confidentiality and
integrity of data stored in the cloud.
UNIT -3 Cloud Computing Architecture
Benefits of Cloud Computing Architecture
Cloud computing architecture offers many advantages that have revolutionized how
businesses and individuals manage and deploy computing resources. Here are key
benefits that make cloud computing a transformative solution:
1. Cost Efficiency: Cloud computing removes the need for large initial hardware
and infrastructure investments. Pay-as-you-go access to computer resources
allows users to maximize savings and make sure that fees correspond with real
usage.
2. Scalability and Flexibility: The seamless scalability provided by cloud
architecture makes it simple for users to increase or decrease resource capacity
in response to demand. Because of this flexibility, companies may adjust to
shifting workloads without having to make major resource provisioning or
planning decisions. Cloud services are accessible to users from any location
with an internet connection. This improves cooperation and makes remote work
easier, giving people and enterprises flexibility and mobility.
3. Resource Optimization: In cloud computing, virtualization and resource pooling
maximize hardware utilization. A single physical server can support several
virtual instances, increasing efficiency and minimizing the environmental effect
of wasted resources. Cloud service providers typically offer robust infrastructure
with redundancy and failover mechanisms. This ensures high availability and
reliability, minimizing downtime and disruptions to services.
4. Security Measures: Cloud providers implement advanced security measures,
including encryption, firewalls, and identity management, to protect data and
infrastructure. Many providers adhere to stringent compliance standards,
enhancing overall data security. Cloud services often handle system updates,
patches, and maintenance tasks automatically. This reduces the burden on users
and ensures that applications and infrastructure are running on the latest, most
secure versions.
5. Global Reach: Cloud computing allows businesses to reach a global audience
without the need for physical infrastructure in multiple locations. Content
delivery networks (CDNs) ensure low-latency access to data and applications
from various geographical regions.
6. Elasticity for Peak Loads: Businesses can handle peak workloads and seasonal
demands by leveraging the elasticity of cloud resources. Scaling up during high-
demand periods and scaling down during quieter times optimizes costs and
performance. Cloud providers offer automated backup and disaster recovery
solutions. Data is regularly backed up and stored in geographically dispersed
locations, ensuring resilience against data loss and disasters.
• Hybrid cloud setups are made up of a mix of public and private cloud
services from various vendors.
For privacy reasons, most businesses keep data on private cloud servers, while using
public cloud apps for less sensitive data at a reduced cost.
UNIT -3 Cloud Computing Architecture
Firewall is the central part of cloud architecture. The firewall protects the network and
the perimeter of end-users. It also protects traffic between various apps stored in the
cloud.
Access control protects data by allowing us to set access lists for various assets. For
example, you can allow the application of specific employees while restricting others.
It's a rule that employees can access the equipment that they required. We can keep
essential documents which are stolen from malicious insiders or hackers to
maintaining strict access control.
We understand how the cloud computing security operates to find ways to benefit your
business.
More than 90% of malware comes via email. It is often reassuring that employee's
download malware without analysingit. Malicious software installs itself on the
network to steal files or damage the content once it is downloaded.
Ransomware is a malware that hijacks system's data and asks for a financial ransom.
Companies are reluctant to give ransom because they want their data back.
Data redundancy provides the option to pay a ransom for your data. You can get that
was stolen with minimal service interruption.
Many cloud data protection solutions identify malware and ransomware. Firewalls
keep malicious email out of the inbox.
DDoS Security
Distributed Denial of Service (DDoS)is flooded with requests. Website slows down
the downloading until it crashes to handle the number of requests.
DDoS attacks come with many serious side effects. Most of the companies suffering
from DDoS attacks lose $ 10,000 to $ 100,000. Many businesses damage reputation
when customers lose confidence in the brand. If confidential customer data is lost
through any DDoS attack, we may face challenges.
The severity of these side effects, some companies shut down after the DDoS attacks.
It is to be noted that the last DDoS attack lasted for 12 days.
UNIT -3 Cloud Computing Architecture
Cloud security service monitors the cloud to identify and prevent attacks. The cloud
service providers protectthe cloud service users in real time.
Threat to detect
Cloud computing detects advanced threats by using endpoint scanning for threats at
the device level.
Developers reuse services across different business processes to save time and costs.
They can assemble applications much faster with SOA than by writing code and
performing integrations from scratch.
Efficient maintenance
It’s easier to create, update, and debug small services than large code blocks in
monolithic applications. Modifying any service in SOA does not impact the overall
functionality of the business process.
Greater adaptability
Interoperability
Each service in SOA includes description documents that specify the functionality of
the service and the related terms and conditions. Any client system can run a service,
regardless of the underlying platform or programming language. For instance, business
processes can use services written in both C# and Python. Since there are no direct
interactions, changes in one service do not affect other components using the service.
Loose coupling
Clients or service users in SOA need not know the service's code logic or
implementation details. To them, services should appear like a black box. Clients get
the required information about what the service does and how to use it through service
contracts and other service description documents.
Granularity
Services in SOA should have an appropriate size and scope, ideally packing one
discrete
business function per service. Developers can then use multiple services to create a
composite service for performing complex operations.
Service
Services are the basic building blocks of SOA. They can be private—available only to
internal users of an organization—or public—accessible over the internet to all.
Individually, each service has three main features.
Service implementation
The service implementation is the code that builds the logic for performing the specific
service function, such as user authentication or bill calculation.
Service contract
The service contract defines the nature of the service and its associated terms and
conditions, such as the prerequisites for using the service, service cost, and quality of
service provided.
Service interface
In SOA, other services or systems communicate with a service through its service
interface. The interface defines how you can invoke the service to perform activities or
exchange data. It reduces dependencies between services and the service requester.
For example, even users with little or no understanding of the underlying code logic can
use a service through its interface.
UNIT -3 Cloud Computing Architecture
Service provider
The service provider creates, maintains, and provides one or more services that others
can use. Organizations can create their own services or purchase them from third-
party service vendors.
Service consumer
The service consumer requests the service provider to run a specific service. It can be
an entire system, application, or other service. The service contract specifies the rules
that the service provider and consumer must follow when interacting with each other.
Service providers and consumers can belong to different departments, organizations,
and even industries.
Service registry
Communication protocols
Services communicate using established rules that determine data transmission over
a network. These rules are called communication protocols. Some standard protocols
to implement SOA include the following:
Middleware
Features and Capabilities
1. Unified messaging
2. Provisioning and monitoring
3. Dynamic scaling
4. Management and control tools
5. Dynamic scaling
6. Flexible service quality
7. Secure communication
8. Integration with other tools
Structure and working of the Message Queue in MOM:
MOM Deployment
The above diagram is a message-oriented middleware-based distributed system
deployment that offers a service-based approach to inter-process communication.
The messaging of MOM is the same as the postal service.
The Architecture of Message Oriented Middleware:
Types of middleware:
1. Database Middleware
2. Application Server Middleware
3. Messaging middleware
4. Message-oriented Middleware
5. Transaction processing middleware
Roles of message-oriented middleware
1. The message distribution is enabled over complex IT systems.
UNIT -3 Cloud Computing Architecture
2. It servers as a connector for two different applications or platforms.
3. MOM helps in implementing the delivery of messages across different IT
organizations.
4. It will create a distributed product that is compatible with the various OS.
5. MOM allows various software components can talk to each other.
6. It is a type of middleware that consists of several lines that are connected to
different applications.
7. It connects different technologies involving message origination and delivery
destination.
8. It links front and back-end systems.
Example:
MQTT(Message Queuing for Telemetry Transport): Most MQ systems and protocols
are aimed at backed and enterprise applications and these types of technologies are
not suited for constrained devices like sensor nodes. Such devices are typically
constrained in terms of memory, bandwidth, and power.
MQTT is a message-oriented protocol aimed at applications like wireless sensor
networks, M2M(mobile 2 mobile) and ultimately the internet of things(a large number
of nodes and applications loosely through a messaging system).
Advantages
1. Loose coupling
2. Scalability
3. Fast
4. Reliability
5. Availability
Disadvantage
1. Requires extra component in the architecture
2. Poor programming abstraction
3. One-to-one communication for queue abstraction
4. Not implemented for some platform