UNIT III

Understanding Cloud Services and Applications Infrastructure as a Service (IaaS):

IaaS workloads, Pods, aggregation, and silos;

Defining Infrastructure as a Service (IaaS)

Infrastructure as a Service (IaaS) is a cloud computing service model that provides

virtualized computing resources over the internet. In an IaaS environment, instead of
owning and managing physical hardware, businesses and individuals can rent or lease
virtualized infrastructure components, such as virtual machines (VMs), storage, and
networking, from a cloud service provider. These resources are typically hosted in data
centers and can be accessed and managed remotely.

IaaS workloads

The fundamental unit of virtualized client in an IaaS deployment is called a workload. A

workload simulates the ability of a certain type of real or physical server to do an amount
of work. The work done can be measured by the number of Transactions Per Minute (TPM)
or a similar metric against a certain type of system. In addition to throughput, a workload
has certain other attributes such as Disk I/Os measured in Input/Output Per Second IOPS,
the amount of RAM consumed under load in MB, network throughput and latency, and so
forth. In a hosted application environment, a client’s application runs on a dedicated server
inside a server rack or perhaps as a standalone server in a room full of servers. In cloud
computing, a provisioned server called an instance is reserved by a customer, and the
necessary amount of computing resources needed to achieve that type of physical server is
allocated to the client’s needs.
NOTE:- Diagram shows how three virtual private server instances are partitioned in an
IaaS stack. The three workloads require three different sizes of computers: small, medium,
and large.

Consider a transactional ecommerce (WEBSITE ) system, for which a typical stack contains
the following components:

 Web server
 Application server
 File server
 Database
 Transaction engine

This Website system has several different workloads that are operating: queries against the
database, processing of business logic, and serving up clients’ Web pages

IMP NOTE:- Amazon Web Services offers a classic Service Oriented Architecture (SOA)
approach to IaaS. Where Service Oriented Architecture approach used to building for
distributed apllication .

Infrastructure as a Service (IaaS) is a versatile cloud computing model that can support a
wide range of workloads across different industries and use cases. Here are some common
IaaS workloads:

1. Web Hosting: IaaS is often used to host websites and web applications. Users can
create virtual machines, configure web servers, and scale resources based on traffic
demands.

2. Development and Testing Environments: Developers and quality assurance

teams can use IaaS to quickly provision and manage virtual environments for
software development, testing, and debugging purposes.
 3. Data Storage and Backup: IaaS providers offer scalable and durable storage
solutions that are ideal for data storage and backup. Users can store large amounts
of data and take advantage of features like data redundancy and automatic backups.

4. Big Data and Analytics: IaaS is well-suited for big data processing and analytics
workloads. Users can deploy clusters of virtual machines to analyze large datasets
and run data processing frameworks like Hadoop or Spark.

5. High-Performance Computing (HPC): IaaS can support HPC workloads, such as

scientific simulations, weather forecasting, and molecular modeling, by providing
access to high-performance computing clusters.

6. Virtual Desktop Infrastructure (VDI): Organizations can use IaaS to deploy virtual
desktops for remote or distributed teams, reducing the need for physical hardware
and providing secure access to desktop environments.

7. E-commerce: E-commerce websites and applications can leverage IaaS to handle

spikes in traffic during sales events, ensuring high availability and performance.

8. Container Orchestration: IaaS can be used as the underlying infrastructure for

container orchestration platforms like Kubernetes, enabling the deployment and
management of containerized applications at scale.

These are just some examples of the diverse workloads that can be supported by
Infrastructure as a Service. The flexibility and scalability of IaaS make it a valuable option
for organizations looking to optimize their IT infrastructure and meet specific computing
needs.
Pods, aggregation, and silos

Pods, aggregation, and silos are concepts often used in different contexts, including
technology, business, and organizational structures. Here's an explanation of each term:

1. Pods:

 Technology: In the context of container orchestration, like Kubernetes, a

"pod" is the smallest deployable unit that can contain one or more
containers. Containers within a pod share the same network namespace and
storage volumes, making them suitable for co-located services that need to
communicate closely or share data. Pods are used to group related
containers and ensure they run on the same host.

2. Aggregation:

 Technology: Aggregation refers to the process of collecting and summarizing

data from multiple sources into a single view or dataset. It's commonly used
in data analysis, reporting, and monitoring to simplify complex data
structures and make it easier to work with the information.

 Business: In a business context, aggregation can also refer to the

consolidation of data or resources to achieve economies of scale. For
example, an aggregator in the travel industry might collect flight and hotel
information from various sources and present it in one place for users to
book conveniently.

3. Silos:

 Technology: In technology and data management, "silos" refer to isolated or

separated systems or databases that do not easily share data or resources
with other systems. This lack of integration can lead to inefficiencies and
difficulties in accessing and utilizing data across different parts of an
organization.

 Business/Organizational: In a broader context, "silos" can refer to isolated

departments or teams within an organization that don't collaborate
effectively with one another. This can lead to communication barriers and
hinder the overall productivity and innovation of the organization.
In summarize, "pods" refer to a technical concept used in container orchestration,
"aggregation" is about collecting and summarizing data or resources from various sources,
and "silos" pertain to isolated or separated systems, departments, or teams that do not
collaborate efficiently.

Platform as a Service (PaaS)

Platform as a Service (PaaS) is a cloud computing service model that provides a platform
and environment for developers to create customized solutions with context of build,
deploy, and manage applications without having to manage the underlying infrastructure.

Ex:- Google’s App Engine

Platforms can be based on specific types of development languages, application

frameworks, or other constructs.A PaaS offering provides the tools and development
environment to deploy applications on another vendor’s application. Often a PaaS tool is a
fully integrated development environment; that is, all the tools and services are part of the
PaaS service. To be useful as a cloud computing offering.

Ex:- Any Webhosting (Third party ) solutions.

PaaS systems must offer a way to create user interfaces, and thus support standards such
as HTLM, JavaScript, or other rich media technologies In a PaaS model, customers may
interact with the software to enter and retrieve data, perform actions, get results, and to
the degree that the vendor allows it, customize the platform involvedThe customer takes
no responsibility for maintaining the hardware, the software, or the development of the
applications and is responsible only for his interaction with the platform. The vendor is
responsible for all the operational aspects of the service, for maintenance, and for
managing the product(s) lifecycle.
PaaS abstracts the complexities of infrastructure management, allowing developers to
focus on coding and application development. Here are key characteristics and components
of Platform as a Service:

1. Application Development Platform: PaaS provides a set of tools, frameworks,

libraries, and runtime environments that developers can use to develop, test, and
deploy their applications. This includes programming languages like Java, Python,
and .NET, as well as databases, web servers, and development tools.

2. Middleware and Services: PaaS often includes middleware services like databases
(DBaaS), messaging systems, caching, and identity management. These services are
pre-configured and readily available for developers, reducing the time and effort
required to set up and manage these components.

3. Scalability and Elasticity: PaaS platforms typically offer automatic scaling

capabilities. Applications can scale horizontally by adding more instances or
vertically by increasing resource allocation, ensuring that the application can handle
varying workloads efficiently.

4. Deployment and Management: PaaS platforms provide tools and services for
deploying applications to the cloud. Developers can easily manage application
lifecycles, update code, and roll back changes as needed.

5. DevOps and Collaboration: PaaS encourages collaboration between development

and operations teams. It often integrates with DevOps tools, enabling continuous
integration and continuous deployment (CI/CD) pipelines for streamlined
application delivery.

6. Abstraction of Infrastructure: PaaS abstracts the underlying infrastructure,

including servers, storage, and networking. Developers don't need to worry about
provisioning, configuring, or maintaining these components, allowing them to focus
solely on application development.

7. Multi-Tenancy: PaaS platforms are typically multi-tenant, meaning multiple users

and applications can share the same underlying infrastructure while remaining
isolated and secure.

8. Cost-Efficiency: PaaS often follows a pay-as-you-go pricing model, where users are
billed based on the resources and services they consume. This can result in cost
savings compared to managing on-premises infrastructure.

9. Security and Compliance: PaaS providers implement security measures and

compliance standards to protect applications and data. However, users are still
responsible for securing their application code and configurations.

10. Vendor Lock-In: Adopting a specific PaaS platform may tie developers to that
provider's ecosystem and APIs. Careful consideration is needed to assess the
potential vendor lock-in and the portability of applications.
Software as a Service (SaaS): SaaS characteristics, Open SaaS and SOA, Salesforce.com
and CRM SaaS;

Software as a Service (SaaS) is a cloud computing model that delivers software applications
over the internet on a subscription basis. In this model, software is hosted and maintained
by a third-party provider, making it accessible to users from any device with an internet
connection.

Software as a Service (SaaS) applications are cloud-based software solutions. These

applications cover a wide range of functionality and are accessible from various devices
with an internet connection.

 Microsoft 365 (formerly Office 365): Includes software like Word, Excel,
PowerPoint, and cloud-based collaboration tools.
 Google Workspace (formerly G Suite): Offers applications like Google Docs,
Sheets, and Gmail for productivity and communication.
 Salesforce: A popular CRM platform that helps businesses manage sales, customer
interactions, and marketing.
 WordPress.com: A popular platform for website creation and content
management.
 Google Analytics: Provides web analytics and reporting on website and app
performance.
 SAP Business ByDesign: A cloud-based ERP solution for small and medium-sized
enterprises.
 Zoom: A widely used video conferencing and communication platform.

SaaS characteristics
All Software as a Service (SaaS) applications share the following characteristics:

1. The software is available over the Internet globally through a browser on demand.

2. The typical license is subscription-based or usage-based and is billed on a recurring

basis. In a small number of cases a flat fee may be changed, often coupled with a
maintenance fee.

Table below shows how different licensing models compare.

3. The software and the service are monitored and maintained by the vendor, regardless of
where all the different software components are running. There may be executable client-
side code, but the user isn’t responsible for maintaining that code or its interaction with the
service.

4. Reduced distribution and maintenance costs and minimal end-user system costs
generally make SaaS applications cheaper to use than their shrink-wrapped versions.

5. Such applications feature automated upgrades, updates, and patch management and
much faster rollout of changes.

6. SaaS applications often have a much lower barrier to entry than their locally installed
competitors, a known recurring cost, and they scale on demand (a property of cloud
computing in general).

7. All users have the same version of the software so each user’s software is compatible
with another’s. 8. SaaS supports multiple users and provides a shared data model through a
single-instance, multi-tenancy model.

SaaS ecosystem offers advantages such as reduced upfront costs, ease of deployment, and
accessibility. It is widely used by businesses of all sizes and has transformed the way
software is delivered and consumed.

Open SaaS and SOA

Open SaaS (Open Software as a Service): Open SaaS refers to a specific approach within the
Software as a Service (SaaS) model that emphasizes flexibility, customization, and
openness. Unlike traditional SaaS solutions that offer fixed, closed, and often proprietary
software, Open SaaS provides a more open and extensible platform. This allows users to
tailor the software to their specific needs and integrate it with other applications or
services.

Key characteristics of Open SaaS include:

1. Customization: Open SaaS platforms allow users to customize and configure the
software to meet their unique requirements. This might include adjusting
workflows, adding new features, or modifying existing ones.

2. Integration: Open SaaS solutions offer open APIs (Application Programming

Interfaces) that enable seamless integration with other software and services. This
is particularly valuable for businesses that rely on multiple software tools.

3. Community Collaboration: Open SaaS often fosters a community of developers

and users who can contribute to the platform's development and share
customizations and extensions.

4. Flexibility: Users have the flexibility to adapt the software to evolving business
needs, which is beneficial for industries and organizations with specialized
requirements.
Service-Oriented Architecture (SOA): Service-Oriented Architecture (SOA) is an
architectural style for designing and building software systems. It focuses on organizing
software components as services, which are independent, self-contained units of
functionality. These services can communicate with each other over a network, and they
are designed to be reusable and interoperable. SOA principles are not limited to SaaS; they
can be applied in various software development contexts, including on-premises systems.

Key concepts in SOA include:

1. Services: Services in SOA are modular, self-contained, and well-defined units of

functionality. They can be accessed and used by other software components.

2. Interoperability: SOA emphasizes the importance of making services

interoperable, allowing different software systems to communicate and work
together seamlessly.

3. Reusability: Services are designed to be reusable across various applications and

scenarios, reducing duplication of effort and improving efficiency.

4. Standards: SOA often relies on standardized protocols and technologies to enable

communication and integration between services.

A considerable amount of SaaS software is based on open source software. When open
source software is used in a SaaS, you may hear it referred to as Open SaaS.

The advantages of using open source software are that systems are much cheaper to deploy
because you don’t have to purchase the operating system or software, there is less vendor
lock-in, and applications are more portable.

The popularity of open source software, from Linux to APACHE, MySQL, and Perl (the
LAMP platform) on the Internet, and the number of people who are trained in open source
software make Open SaaS an attractive proposition.

The impact of Open SaaS will likely translate into better profitability for the companies that
deploy open source software in the cloud, resulting in lower development costs and more
robust solutions.
Three essentials components:

 An interactive user interface, which is usually created with HTML/XHTML, Ajax,

JavaScript, or CSS.
 Web services that can be accessed using an API, and whose data can be bound and
transported by Web service protocols such as SOAP, REST, XML/HTTP, XML/RPC,
and JSON/RPC.
 Data transfer in the form of XML, KML (Keyhole Markup Language), JSON (JavaScript
Object Notation), or the like.

Salesforce.com and CRM SaaS .

Salesforce.com is a well-known provider of Customer Relationship Management (CRM)

software delivered as a Software as a Service (SaaS). Salesforce is a pioneer and one of the
market leaders in the CRM industry, offering a wide range of cloud-based CRM solutions for
businesses of all sizes. Here's an overview of Salesforce and its CRM SaaS offerings:

Salesforce.com: Salesforce.com, often referred to simply as Salesforce, is a cloud-based

customer relationship management software company founded in 1999. It has grown to
become one of the most prominent SaaS providers, particularly in the CRM domain.
Salesforce's CRM platform is known for its flexibility, scalability, and extensive set of
features. Key aspects of Salesforce.com include:

1. CRM Solutions: Salesforce offers a suite of CRM solutions that cover sales,
marketing, customer service, and analytics. These solutions are designed to help
businesses manage and analyze customer interactions and data.
 2. Cloud-Based Delivery: Salesforce CRM is delivered as a cloud service, allowing
users to access it from anywhere with an internet connection. This cloud-based
approach eliminates the need for businesses to set up and maintain on-premises
CRM software and infrastructure.

3. Customization: Salesforce provides extensive customization options, enabling

businesses to tailor the CRM platform to their specific needs. This includes creating
custom fields, workflows, and applications.

4. Integration: Salesforce offers a wide range of pre-built integrations and an open

API, making it easy to connect with other business applications, including marketing
automation, e-commerce, and productivity tools.

5. Automation: Salesforce CRM includes automation features, such as workflow

automation and process automation, to streamline repetitive tasks and improve
efficiency.

6. AI and Analytics: Salesforce incorporates artificial intelligence (AI) and analytics to

help businesses make data-driven decisions, predict customer behaviors, and
optimize their sales and marketing efforts.

7. Community and Marketplace: Salesforce has a thriving community of users,

developers, and partners. The Salesforce AppExchange is a marketplace for third-
party applications and integrations built on the Salesforce platform.

8. Security and Compliance: Salesforce places a strong emphasis on security and

compliance, providing tools and features to protect customer data and ensure
regulatory compliance.

Salesforce CRM offers several editions tailored to different business needs and sizes,
including small businesses, mid-sized enterprises, and large corporations.

Identity as a Service (IDaaS): Identity, Networked identity service classes, Identity

system codes of conduct, IDaaS interoperability; Compliance as a Service (CaaS).

Defining Identity as a Service (IDaaS)

Identity as a Service (IDaaS) is a cloud-based service that provides identity and access
management solutions as a service. IDaaS is designed to help organizations manage and
secure user identities and control access to their systems and resources. It offers a range of
features and tools for identity verification, authentication, authorization, and user
provisioning, all delivered via the cloud. Here are the key components and aspects of IDaaS:

1. User Authentication: IDaaS platforms offer various authentication methods,

including username and password, multi-factor authentication (MFA), single sign-on
(SSO), and biometrics, to verify the identity of users accessing applications and
systems.
 2. Authorization and Access Control: IDaaS solutions enable organizations to define
and enforce access policies, ensuring that users have the appropriate permissions to
access specific resources. This includes role-based access control (RBAC) and fine-
grained access controls.

3. Single Sign-On (SSO): SSO allows users to access multiple applications and services
with a single set of login credentials. With IDaaS, users can authenticate once and
gain access to multiple resources without the need to re-enter their credentials.

4. Identity Federation: IDaaS supports identity federation, which allows users to

access resources across multiple organizations without the need to create separate
accounts for each organization. Federation is often used for business-to-business
(B2B) and business-to-consumer (B2C) scenarios.

5. Security and Compliance: IDaaS solutions offer security features like encryption,
threat detection, and real-time monitoring to protect user identities and data. They
also help organizations comply with data privacy and regulatory requirements.

6. Multi-Tenancy: IDaaS providers offer multi-tenancy support, allowing

organizations to manage user identities for different departments, subsidiaries, or
customers within a single platform.

IDaaS is particularly valuable for businesses and organizations looking to enhance security,
streamline user management, and provide a better user experience for both employees and
customers.

What is an identity?

An identity refers to the digital representation of a user, service, or entity that is interacting
with cloud resources and services. Identity management in the cloud is crucial for
controlling access, ensuring security, and managing permissions within cloud
environments.

1. User Identity: User identities are associated with individual users or employees
who need access to cloud resources. User identities are typically linked to user
accounts, which are used to authenticate and authorize access.

2. Single Sign-On (SSO): SSO is a mechanism that allows users to access multiple
cloud services and applications with a single set of login credentials. It simplifies the
authentication process and enhances security by reducing the need for users to
remember multiple passwords.

3. Access Control: Identity and access management (IAM) is a critical aspect of cloud
security. It involves defining policies and rules that specify what each identity (user
or service) is allowed to do within the cloud environment. These permissions are
typically defined using roles, groups, and policies.
 4. Multi-Factor Authentication (MFA): MFA adds an additional layer of security to
identity verification by requiring users to provide multiple forms of authentication,
such as something they know (password) and something they have (a mobile app or
hardware token).

5. Token-Based Authentication: In the cloud, access to resources is often controlled

using tokens. When a user or service is authenticated, they receive a token that can
be presented to gain access to resources. These tokens are short-lived and can be
revoked if needed.

6. Role-Based Access Control (RBAC): RBAC is a method for controlling access based
on roles and permissions. Users or services are assigned roles, and these roles
determine what actions they can perform within the cloud environment.

Networked identity service classes refer to different categories or types of identity

services used to manage and control access to resources, applications, and data in a
networked environment. These services help organizations establish and maintain secure
and efficient identity and access management solutions. Here are some common networked
identity service classes:

 Identity as a Service (IDaaS) may include any of the following:

 Authentication services (identity verification)
 Directory services l Federated identity
 Identity governance
 Identity and profile management
 Policies, roles, and enforcement
 Provisioning (external policy administration)
 Registration
 Risk and event monitoring, including audits
 Single sign-on services (pass-through authentication)

Identity system codes of conduct

Identity system codes of conduct are ethical guidelines and principles that organizations,
service providers, and individuals involved in identity management should follow. These
codes of conduct help ensure the responsible and ethical use of identity information and
systems, as well as protect the privacy, security, and rights of individuals.

In working with IDaaS software, evaluate IDaaS applications on the following basis:

 User control for consent: Users control their identity and must consent to the use
of their information.
 Minimal Disclosure: The minimal amount of information should be disclosed for an
intended use.
 Justifiable access: Only parties who have a justified use of the information
contained in a digital identity and have a trusted identity relationship with the
owner of the information may be given access to that information.
  Directional Exposure: An ID system must support bidirectional identification for a
public entity so that it is discoverable and a unidirectional identifier for private
entities, thus protecting the private ID.
 Interoperability: A cloud computing ID system must interoperate with other
identity services from other identity providers.
 Unambiguous human identification: An IDaaS application must provide an
unambiguous mechanism for allowing a human to interact with a system while
protecting that user against an identity attack.
 Consistency of Service: An IDaaS service must be simple to use, consistent across
all its uses, and able to operate in different contexts using different technologies.

IDaaS interoperability
 User authentication
 Authorization markup languages

Interoperability in the context of Identity as a Service (IDaaS) refers to the ability of

different IDaaS solutions, identity providers, and identity-related systems to work together
seamlessly and exchange identity information and authentication data effectively. It is
crucial for ensuring that users can access various applications, services, and resources
across multiple platforms
Cloud computing IDaaS applications must rely on a set of developing industry standards to
provide interoperability. The following are among the more important of these services:

 User centric authentication (usually in the form of information cards): The

OpenID and CardSpace specifications support this type of data object.
 The XACML Policy Language: This is a general-purpose authorization policy
language that allows a distributed ID system to write and enforce custom policy
expressions. XACML can work with SAML; when SAML presents a request for ID
authorization, XACML checks the ID request against its policies and either allows or
denies the request.
 The SPML Provisioning Language: This is an XML request/response language that
is used to integrate and interoperate service provisioning requests. SPML is a
standard of OASIS’s Provision Services Technical Committee (PSTC) that conforms
to the SOA architecture.
 The XDAS Audit System: The Distributed Audit Service provides accountability for
users accessing a system, and the detection of security policy violations when
attempts are made to access the system by unauthorized users or by users accessing
the system in an unauthorized way
User authentication

OpenID is a developing industry standard for authenticating “end users” by storing their digital identity
in a common format.

Any software application that complies with the standard accepts an OpenID that is authenticated by a
trusted provider. A very impressive group of cloud computing vendors serve as identity providers (or
OpenID providers Facebook, Google etc

These are samples of trusted providers and their URL formats: l

 Blogger: .blogger.com or .blogspot.com

 MySpace: myspace.com/
 Google: https://www.google.com/accounts/o8/id
 Google Profile: google.com/profiles/ l
 Microsoft: accountservices.passport.net/ l
 MyOpenID: .myopenid.com l
 Verisign: .pip.verisinglabs.com l
 WordPress: .wordpress.com l Yahoo!: openid.yahoo.com

Authorization markup languages

Authorization markup languages are used to define and manage access control policies within various
systems and applications. These markup languages provide a standardized way to specify permissions
and access rights for users or entities within a given system. Here are some of the commonly used
authorization markup languages:

1. XACML (eXtensible Access Control Markup Language): XACML is an OASIS standard that
provides a flexible and extensible framework for access control policies. It allows administrators
to define policies for authorization, including rules for granting or denying access based on
various attributes and conditions.

2. SAML (Security Assertion Markup Language): SAML is an XML-based standard for exchanging
authentication and authorization data between parties, particularly between an identity
provider (IdP) and a service provider (SP). While SAML is primarily focused on authentication, it
includes authorization-related assertions as well.
3. ABAC (Attribute-Based Access Control): ABAC is a model for access control where access
decisions are based on attributes associated with the user, the resource, and the environment.
While not a specific markup language, ABAC policies can be expressed using languages like
XACML.

4. ALFA (Abbreviated Language for Authorization): ALFA is a specialized language designed for
writing access control policies for XACML. It simplifies the process of defining policies by
providing a more human-readable and concise syntax.

5. REL (Request and Evaluation Language): REL is used in the context of XACML and is a language
for specifying the authorization requests and decision evaluation logic. It allows for specifying
the conditions under which a request should be granted or denied.

6. NGAC (Next Generation Access Control) Policy Language: NGAC is a policy language used to
define access control policies based on attributes and relationships. It provides a framework for
defining and enforcing fine-grained access control policies.
Compliance as a Service (CaaS) is a cloud-based service model that focuses on helping
organizations manage and maintain compliance with relevant regulatory, industry-specific,
and internal requirements. CaaS leverages cloud technology and services to streamline and
automate compliance processes, making it more efficient and cost-effective for businesses.
Here are key aspects and features of Compliance as a Service:

In order to implement CaaS, some companies are organizing what might be referred to as
“vertical clouds,” clouds that specialize in a vertical market. Examples of vertical clouds
that advertise CaaS capabilities include the following:

 Athenahealth (http://www.athenahealth.com/) for the medical industry

 Bankserv (http://www.bankserv.com/) for the banking industry
 ClearPoint PCI Compliance-as-a-Service for merchant transactions under the
Payment Card Industry Data Security Standard
 FedCloud (http://www.fedcloud.com/) for government
 Rackserve PCI Compliant Cloud (http://www.rackspace.com/; another PCI CaaS
service)
Capacity Planning: Capacity planning is a critical process in IT and infrastructure
management that involves assessing and managing resources to ensure that a system or
application can meet performance and scalability requirements. To effectively conduct
capacity planning, it's essential to define baselines, metrics, and consider various aspects of
system and network capacity. Here are key concepts related to capacity planning:

Capacity planning is an iterative process with the following steps:

1. Determine the characteristics of the present system.

2. Measure the workload for the different resources in the system: CPU, RAM, disk,
network, and so forth.
3. Load the system until it is overloaded, determine when it breaks, and specify what is
required to maintain acceptable performance. Knowing when systems fail under
load and what factor(s) is responsible for the failure is the critical step in capacity
planning.
4. Predict the future based on historical trends and other factors.
5. Deploy or tear down resources to meet your predictions.
6. Iterate Steps 1 through 5 repeatedly.

Defining Baseline and Metrics

A baseline represents the reference point or starting level for measuring performance,
utilization, or any other relevant metric related to an IT system or infrastructure

Key components of a baseline include:

 Resource Utilization: CPU, memory, disk, network usage, etc.

 Performance Metrics: Response times, throughput, transaction rates, etc.
 Workload Patterns: Usage patterns during peak and off-peak times.

Developers create cloud-based applications and Web sites based on a LAMP solution stack,
let’s use those applications for example

 Linux, the operating system

 Apache HTTP Server (http://httpd.apache.org/), the Web server based on the work
of the Apache Software Foundation
 MySQL (http://www.mysql.com), the database server developed by the Swedish
company MySQL AB, owned by Oracle Corporation through its acquisition of Sun
Microsystems
 PHP (http://www.php.net/), the Hypertext Preprocessor scripting language
developed by The PHP Group

LAMP is good to use as an example because it offers a system with two applications
(APACHE and MySQL) that can be combined or run separately on servers.
Baseline Measurements:

Let’s assume that a capacity planner is working with a system that has a Web site based on
APACHE, and let’s assume the site is processing database transactions using MySQL.

There are two important overall workload metrics in this LAMP system:

1. Page views or hits on the Web site, as measured in hits per second
2. Transactions completed on the database server, as measured by transactions per
second or perhaps by queries per second

System Metrics: System metrics are quantitative measures that assess the performance
and resource utilization of a system. Common system metrics include CPU utilization,
memory usage, disk I/O, network bandwidth, and response time.

A machine instance (physical or virtual) is primarily defined by four essential resources:

1. CPU
2. Memory (RAM)
3. Disk
4. Network connectivity
Load Testing: Load testing involves simulating user or application traffic to evaluate how a
system performs under different levels of load. It helps determine how well a system can
handle increased workloads.

Load testing seeks to answer the following questions:

1. What is the maximum load that my current system can support?

2. Which resource(s) represents current system that limits the system’s performance?
This parameter is referred to as the resource ceiling. Depending upon a server’s
configuration
3. Can I alter the configuration of my server in order to increase capacity?
4. How does this server’s performance relate to your other servers that might have
different characteristics?

You may want to consider these load generation tools as well:

 HP LodeRunner (https://h10078.www1.hp.com/cda/hpms/display/main/
hpms_content.jsp?zn=bto&cp=1-11-126-17^8_4000_100__)
 IBM Rational Performance Tester (http://www-01.ibm.com/software/
awdtools/tester/performance/)
 JMeter (http://jakarta.apache.org/jmeter)

Resource Ceilings:Resource ceilings are predefined limits set for various system resources
(e.g., CPU, memory, disk space) to prevent resource exhaustion and maintain system
stability.
Server and Instance Types: Server and instance types refer to the specifications of the
hardware or virtual machines (VMs) used to host applications and services. These
specifications include CPU, memory, storage, and network capacity.

An Amazon Machine Instance (AMI) is described as follows:

 Micro Instance: 633 MB memory, 1 to 2 EC2 Compute Units (1 virtual core, using 2 CUs for short
periodic bursts) with either a 32-bit or 64-bit platform
  Small Instance (Default): 1.7GB memory, 1 EC2 Compute Unit (1 virtual core with 1 EC2
Compute Unit), 160GB instance storage (150GB plus 10GB root partition), 32-bit platform, I/O
Performance: Moderate, and API name: m1.small
 High-Memory Quadruple Extra Large Instance: 68.4GB of memory, 26 EC2 Compute Units (8
virtual cores with 3.25 EC2 Compute Units each), 1,690GB of instance storage, 64-bit platform,
I/O Performance: High, and API name: m2.4xlarge
 High-CPU Extra Large Instance: 7GB of memory, 20 EC2 Compute Units (8 virtual cores with 2.5
EC2 Compute Units each), 1,690GB of instance storage, 64-bit platform, I/O Performance: High,
API name: c1.xlarge

Network Capacity and Scaling: Network capacity refers to the ability of a network
infrastructure to handle data traffic, including bandwidth, latency, and packet processing
capacity. Monitoring network metrics is essential for capacity planning.

If any cloud-computing system resource is difficult to plan for, it is network capacity. There
are three aspects to assessing network capacity:

1. Network traffic to and from the network interface at the server, be it a physical or
virtual interface or server
2. Network traffic from the cloud to the network interface
3. Network traffic from the cloud through your ISP to your local network interface
(your computer)

Cloud’s network performance, which is a measurement of WAN traffic. A WAN’s capacity is a function of
many factors: l Overall system traffic (competing services)

1. Routing and switching protocols l Traffic types (transfer protocols)

 2. Network interconnect technologies (wiring)
3. The amount of bandwidth that the cloud vendor purchased from an Internet backbone provider

Scaling: Scaling involves adjusting the capacity of a system or network to accommodate

changing workloads. It can be vertical scaling (adding more resources to an existing
component) or horizontal scaling (adding more instances or nodes).

Effective capacity planning requires continuous monitoring of system metrics, load testing
under various conditions, and adjusting resources and infrastructure as needed to ensure
optimal performance and scalability. It's an ongoing process that helps organizations avoid
performance issues, downtime, and resource bottlenecks as their systems grow and evolve.