Introduction to Cloud Computing

System & Software Engineering

Prof. Dr. Yann Pollet

Conservatoire National des Arts et Métiers
Chaire d’intégration des systèmes
 Summary
• What is Cloud Computing?
• Cloud concepts and models
• Cloud computing offers
• Dimensions for offers evaluation
• A example of IaaS: AWS (Amazon Web Services)
• Migrating to the cloud
• Conclusion

2
 What is Cloud Computing?
• Principle: moving on a distant hardware infrastructure code or computer
resources classically deployed on the machines of user organization
• « Access though a network and on demand to virtualized and
mutualized computer resources » (NIST)
• More generally “background technologies and commercial models
used to deliver computer capabilities under the form of an On demand
service” (CLUSIF)

Cloud provider

Your company
3
Other companies
 And why Cloud Computing…?
• The user organization is discharged from the tasks of acquisition,
administration, and evolution of computing equipment
– A company can concentrate on its own business, and has no longer to take
care of technical aspects, independent of this business
• The company only sees virtualized resources, “infinitely” extensible,
and only pay for what it uses
– Computing equipment would be reduced to client computers!
• Applications and their data are deported sur highly powerful hardware
distant infrastructures (data centers), mutualized between several
client companies
– Economies of scale
• → Concept of « utility computing »
– Computer resource become a « commodity », exactly like energy, gas,
water, … …

4
 Different deployment models
• Cloud infrastructures are offered by specialized providers →
Public Clouds
– Mutualization of many clients on the same computer equipment
– Very huge networks of machines: 103, 105 (Google , Microsoft)
– Repartition at world scale on data centers
– Automatized administration → economies of scale
– All communications goes though Internet
– Logic of externalization
• A company may build a cloud infrastructure by itself and for its
own use → Private Clouds
• It exists possibilities Virtual Private Clouds hosted by a public
provider
• It also exists Mutualised Clouds and Hybrid Clouds
5
 Finally…
• Cloud Computing is at the same time :
– A set of technologies
– A new approach of software deployment
– A new economic model
• Remarks:
– The principle is not really new
– Cloud Computing is mostly an evolution of already existing technologies
– The commercial offer is mainly based on a new use and a combination
of technologies
– Most commercial offers (Amazon, SalesForce, …) have now a very
high level of maturity
– Dissemination in companies is constantly increasing
– It exists several factors of risks for the clients that limits adoption of
Cloud 6
 The origins of Cloud Computing
• Concept initially developed by the well-known Amazon
company:
– Very huge networks of server machines spread at world scale,
initially dedicated to its own need : data centers
– High Know-how regarding automatized administration
– → Idea : to rent these hardware infrastructures to client companies
aiming at being discharged of technical aspects
– At the beginning: a trial version of Elastic Computing Cloud (EC2) in
2006: access to « flexible » computer resources
• Term « Cloud Computing » first used in 2007
• Offers ranges from the simple provision of infrastructure
services (storage, execution of algorithms) to that of full
applications
7
 Context (1)
• At the beginnings was mainframe…:
– Computer equipment of a company was just a unique enormous
computer (“mainframe” technology)
– Users worked on simple terminals and accessed to distant
computing and storage resources provided by the mainframe
– Own by a big companies / organizations, or hosted by another
organization
• Cloud is a similar vision, but at contrary with a use of highly
distributed networks of machines
• History of computer science if a cycle of centralizations /
decentralizations
• → Cloud provides virtualized facilities of computing and
storage with an On-demand built platform, and a usability
associated to an illusion of centralization 8
 Context (2)
• Some pre-existing offers:
– ASP (Application Service Provider) (end 90’)
• Distant applications hosted and maintained by a provider
• New economic model
• Limited ergonomics (old fashion Web interfaces)
– Hosting of on-line Web sites
• The provided may offer you a Web server or a complete execution
platform (Web server, SGBD, application server, …)
• New needs:
– Growing use of mobile terminals, (smartphones, tablets,
generalization of nomadic Information Systems → separating
user client computers and workspace
• And new technological possibilities
– High speed Internet
– RIA (Rich Internet Application) → Web application may have a
usability comparable to this of classical stand-alone applications
9
– Computer virtualization
 Cloud technology
Evolution of virtualization by hypervisor providing:
• Automatized allocation
– Placement of virtual execution units on a real network of host machines → “On-
demand” booking of resources
• Continuity of exploitation
– Hardware failures are probable on a very huge network of machines
– Continuous monitoring of hardware resources
– Replications, automated re allocations, …
• Security
– Security of dataflows between client et data centers (confidentiality, integrity)
– Protection of hosted datasets
– Isolation between clients
• Accounting of resources consummations for billing

10
Advantages, drawbacks, risks
 The issue of provisioning
• Server load is usually not uniform with time
• Cyclic activities. E.g: Pic daily activity peek
• Difficulty of forecasting future user needs. Ex: new service, new product
• Necessity of dimensioning the server equipment based on of
maximum load
→ Heavy investments for very punctual load
→ with risks of under dimensioning
Ressources Used ressources Ressources
Capacity Capacity

Load
Load

Time Time
Highest provisioning Over- provisioning
Ressources Ressources

Capacity Capacity

Load Load

Time Time 12
Under-provisioning Under and over provisioning
 The concept of elasticity
• Increase or decrease of virtual resources at any instant
• Physical resources are mutualized → Equilibrate global required
load
• 1. At first, book just what is necessary, then 2. adjust to support
the required load
Resources Unused resources Resources
Capacity
Capacity

Load Load

Time Time

« Static » Datacenter Datacenter virtualized on the cloud

13
 The concept of elasticity (2)
• Evolution by discrete steps in the case of physical machines
• → Meet the load requirement with “elastic” virtual resources

Resources Resources

Capacity Capacity
Forecast

Load Load

Time Time

Classical hosting: low optimization With cloud: dynamic optimization

14
 Benefits for clients et for providers
• For the client :
– Reduced costs
• Resources are paid only when they are necessary
• Investment costs (CAPEX) are transformed in exploitation costs (OPEX)
– Focus on business
• Better usage of manpower
– Adaptation to actual needs
• Immediate scaling → gain in money, gain in public image
• For the provider :
– Reduce costs → economical interest
• Mutualization → « multitenant » architectures
• Automatize technical exploitation
• Geographical locations may be optimized
– Exploit company assets
• Know-how about automated exploitation of very big sets of servers
• Use already existing data centers
15
 Drawbacks, risks
• Security regarding data flows
– Flows of private data
– Expose company internal resources on Internet!
• Security regarding storage
– Confidentiality
– Storage reliability
• Reversibility
– “What to do if I want to leave my cloud provider?”
– Technical dependency to host platform. Eg: API
• Contractual aspects
– Commitment of provider
Modifications of provided service: QoS (Quality of Service), …
– “Where are my programs and my data? Outside my country?”
Country of hosting is not always known. What about local legislation?
16
Cloud Computing concepts

Three basic models : IaaS, PaaS, SaaS

 Basic characteristics
• Characteristics of computer virtualization:
– Mutualization of resources
• Sharing resources of a same physical machine between several users
and applications
– Abstraction on localization
• An application is « on a virtual server » (that may be a part of a bigger
machine)
• It may be easily moved, and continue to be used exactly in the same way
– Elasticity
• At any instant, it is possible to easily assign to an application new extra
resources (within the limit of physical infrastructure)

• Cloud is idem, but at a larger scale :

– Several thousand, maybe hundred of thousands of servers
– Servers distributed on several countries and continents
– Mutualization on a big number of companies (N x103) 18
 Cloud specific characteristics
• Billing with respect to use : « Pay as you go »
– User only pays what for the used resources
– Price may depend on reserved resources and/or measured
consumption
• Self service
– A user can (via a portal) very easily
• Book resources
• Modify reservations
• Resources are immediately available, without any human intervention
on provided side
• Open API
– API remotely accessible to control cloud configuration
– In general, using REST Web Services
– Remote interactions with hosted applications

19
 Three service models
Three basic categories of offer

Provides ready-to-use applications

Application
Application SaaS accessible via the Web
Application The client has only client to configure /
Software as a Service parametrize application, without any
installation
Web Progr. Appl DBMS Provides a virtual environment of
server langu server PaaS execution
age
The client develops his/her own
Operating System
Platform as a Service applications based on this environment

IaaS Provides virtualized hardware

resources
Infrastructure as a Service Virtual servers, spaces of storage

Classical “on premise” Deployment 20

 IaaS: Infrastructure as a Service
• The solution provides virtualized hardware infrastructures
– Virtual servers, storage spaces, …
– Access at Operating System level
• At any time, the user may ask for new on-demand resources
– Configurations are specified by user in function of business needs
– Can add or remove servers at any instant
• But client is in charge of software configurations
– Client executes his/her own company applications and/or software
packages, that should be compatible with the solution of virtualization
– Requires skills in system administration Users

• Designing extensible Use of Create and remove required

applications Internet virtual machines
architectures remains
the responsibility of user Applications IaaS
Eg: Amazon AWS offer Virtual server Virtual server Storage
spaces

Hypervisors 21
Persistance

Datacenters
 PaaS: Platform as a Service
• The solution provides a virtualized environments of execution
• The client develops his/her own applications the will run on this specific
environment
Ex: A LAMP Platform (Linux, Apache, MySQL, PHP)
• The cloud solution takes in charge hosting and execution of applications
• Standard programming languages, but solution-specific API
• Infrastructure (hardware, OS) is no more visible
→ The cloud solution takes in charge dimensioning required resources
• In general, Web N tiers applications
Users
Use of
applications
Eg: Google Appl Engine
Internet

Applications PaaS

Virtualized execution Platform

Virtualisation layer 22

Datacenters
 SaaS: Software as a Service
• The solution provides a ready-to-use application, accessed via a
Web interface
– Client has only to configure application, without any installation
– Office applications, general purpose applications (CRM, accountancy, …)
Eg: Salesforce.com
• or Generic services accessed using API
– Enable the development of “composite” applications
User of
– Eg: Google Maps Platform application Parameters

Internet

SaaS
Virtualised Application

Virtualisation layer
23
Datacenters
 « XaaS » offers : remarks
• The more an offer has a high level of abstraction, the more it is
specific
• IaaS: comparable to a classical deployment
• PaaS: provide high level services for execution
– Ex: development of a Web application: providing a pre-configured platform
with a Web server, a DBMS, a programming language, …
– Provide associated development kits
– Developer is constrained by the provided environment
– If domain requirements are too far from what the cloud platform provides,
the development become difficult, even impossible
• SaaS : complete application, offered as it is
• An SaaS solution may be based on a PaaS platform, that may rely by
itself on an IaaS infrastructure
• Other possible service models : Storage as a Service, BDaaB, CaaS,
Mobile Backend as a Service (MBaaS) 24
 Actor’s responsibilities
Remain to be built by client

Example : G Suite,
Salesforce.com, …
End users Application
SaaS Application

Execution Example : Microsoft

Application Azure, Force.com, Google
Platform
developers PaaS App Engine, …

Example : Microsoft
Administrators Azure, Amazon EC2,
infra
IaaS opérateurs
d’hébergement, …

25
 Cloud offers

Actors, services, products

 Offers

• Public clouds
– Provides a service
– Main actors, others providers…
• Software packages for cloud computing
– Enable a company to deploy and operate its own cloud platform
• Cloud Management Platform (CMP)
– Orchestration, multi clouds configuration management, hybrid
cloud, …

• + Development tools

27
 Cloud public: main actors
• Amazon
– On-line marketplace on the Web, now leader in cloud computing
– Initiator of IaaS in 2006 with S3 et EC2
– Amazon’s revenue in its classical activity would become lower than this related to cloud
computing!
• Google
– Internet Google’s dominance in Internet domain not transposed on cloud market
– Google cloud platform: Google App Engine (PaaS), Compute Engine (IaaS), …,
G Suite (SaaS)
• Microsoft
– Azure: both IaaS and PaaS
– “Touchy” positioning
– Complement to .NET and classical software tools → Commercial tools of development
• Salesforce
– CRM software package editor, pioneer in SaaS (2007), very specific offer
– Integration with on premise software packages
• Rackspace, IBM, GoGrid, Yahoo, HP, …. 28
 Amazon AWS
• At the beginning, a pure IaaS offer
– Virtual Servers, created using predefined models
– Various types of on-demand created stockage areas
• Evolution: progressive adding PaaS functionalities :
– Software bus of integration
– Relational Database Management System
– NoSQL Database
– CDN (Content Delivery Network)
– …
• Monitoring, dynamic adaptation of configurations (autoscaling)
– Using rules, defined by user
• AWS : set of complementary products, with functionalities
accessible as services
• Continuous enrichment…
29
 Google App Engine
• One of the most important PaaS offers
• Simple and predesigned solution to develop Web applications at a very
high scale, hosted in Google infrastructure
• A solution already integrated, not a set of individual components
– High level: no servers to administrate!
– Reduce efforts of development : a large part of the solution is already built
– Python, Java, …, many languages
– Development tools and tests on a simple computer
• But less general
– Not relevant for many applications
• Major advantages
– Extensibility, transparence to infrastructure
– Entry cost very low, free to start
– Access to company data with Secure data connector
• Drawbacks:
– Very high dependence to Google environment
– No possibility to integrate COTS software packages in the application
30
Software packages of Cloud Computing
• Software package to build his/her own solution of cloud
• Mostly Open-source software packages
• CloudStack
– Software Apache foundation
• OpenStack
– Initiated as a common project involving NASA ans Rackspace (2010)
– The managed by OpenStack foundation
• Eucalyptus
– At the beginning an academic research project on Virtual Grid (William
Marsh Rice University)
– Integrated to Gnu/Linux Ubuntu 0.04 distribution

31
An example: Eucalyptus architecture
• To build IaaS open-source cloud computing solutions
• Support AWS API, management of Eucalyptus or Amazon
virtual machines
• Virtualization based on Xen
Applications
Navigators
API
HTTP SOAP or REST

cloud Controler Walrus

Cluster A Cluster B

Cluster controler Stockage Stockage

Cluster controler
controler controler
Local network Local network

Node Node Node Node Node Node

controler controler controler controler controler controler 32
Evaluation of a Cloud Computing
offer
 Offers evaluation : criteria
Offers are not equivalent! → 14+x dimensions of comparison
1. Types of provided resources
– In most cases, execution and storage
– In general, may vary on an independent way
2. Level of virtualization / abstraction
– Type of interfaces presented to user
3. Generality / Flexibility
– Vary at the inverse of abstraction level
– Different levels from execution of any program to providing of a domain
specific framework
4. Usability
– Linked to abstraction level
5. Support to reuse
– Portage of existing applications
– Linked to level of generality 34
 Offers evaluation : criteria (2)
6. Scaling
– Key challenge for applications hosted sur le cloud
– Support to the designer?
7. Integration
– Degree of independence between components of the offer
– A too high independence may complexify the use
8. Standardization
– CCIF (Cloud Computing Interoperability Forum): coalition of companies (IBM,
Sun, Cisco and Intel, ..)
– Open source (Google, Amazon and IBM)
– Proposition of Cloud Data Management Interface (CDMI)
9. Reversibility (Lock-in)
– One major obstacle to cloud adoption
– Open source projects. Eg: AppDrop interface compatible App Engine
– The adoption of standard interfaces only solve a part of problems
– Recuperation of hosted data?
10. Interoperability
35
 Offers evaluation : criteria (3)
11. SLA (Service Level Agreement)
– Very important for user
– In general, commitment on a given level of availability. Eg: « at least 99.95% »
– Compensation. Ex: 10% of the price if annual summ not conformant
12. Redundancy
– Confidence regarding le storage of private data
13. Security
14. Billing
• Other aspects
– Software licenses
– Geodiversity
– Audit
– Reliability
– Resources sharing

36
An example of IaaS cloud :
Amazon AWS
The AWS service model
 The components of AWS offer
Set of complementary products, with functionalities accessed as services:
Infrastructure level services
• On-demand allocation of virtual servers: Elastic Compute Cloud (EC2)
• Data Storage: Simple Storage Service (S3), Elastic Block Store (EBS), Elastic
File System (EFS)

• Message bus: Simple Queue Service (SQS) Plateform level services

• Relational Data Base: Relational Database Service (RDS)

• NoSQL storage : SimpleDB, DynamoDB
• Configurations monitoring and dynamic adaptation : Cloud Watch,
Autoscaling

• Many other functionalities: CloudFront (Content Delivery Network), Elastic

Load Balancing, Elasticache, Identity and Access Management, Simple
Notification Service, … 38
 AWS basic resources

• Types of resources:
– Virtual execution units : EC2 instances
• Looks like hardware machines where your application code may be deployed
– Storage areas. Three kinds of areas: 1. S3 Objects, 2. EBS
volumes, 3. Virtual File Systems EFS
– Private virtual networks
– Permanent IP addresses
• Manipulation: create, read proprieties, modify, remove
– Interactive console
– Command Language : CLI
– REST Services(+ SOAP services)
– API (programming language : Java, .NET, NodeJS, PHP, Python, Ruby,
C++, …
39
 The EC2 service
Administration Management
MMI Applications Console

• EC2: Elastic Compute Cloud Service Web

Internet
• On-demand hosting Service
EC2 Service
• Enable allocation of virtual servers
– Installing and running applications EC2 Instances
Parameters1

– An instance is associated et an AWS account

Parameters1

– Access by the mean of a couple of keys system (PKI)

• An EC2 instance is a virtual server machine :
– Guarantees required capacities of CPU, memory, bandwidth
– Preinstalled Operating System and software packages, in
accordance with an image specified by user
– Virtualization → Real infrastructure is totally hidden (open-source
Xen virtualization)
– Various models of billing
40
 EC2: Creation of an instance
Amazon
Instance Machine Image Mode of
Localization
• Characteristics of an instance type (AMI) billing

– Specified using parameters Tags

– With default values name= value

Associaed to Instance Owns
Instance
• Main characteristics: Acount Instance name= value

– Hardware configuration → Type of instance name= value

– Software configuration → AMI (Amazon Machine Image)

– Model of billing
– Localization
– Tags : list of pairs (name, value) → system tags, personalized tags
– Associated pairs of keys, virtual network, etc.
• Example in CLI:
aws ec2 run-instances --image-id amiXXX --count 1
--instance-type t2.micro --key-name MyKeysPair
41
 Amazon Machine Images
• Defines a software configuration Instance
Instance
Creates Instance
– Preinstalled Operating System
AMI Physical Server 1
– Defines additional components Creates

• Eg: Web server, application server, DBMS, …., user Instance

user application, data files, …. Physical Server 2

– Existing library of AWS AMIs

– One may create private or public personalized AMI, even
commercial AMI
– An instance has a root volume→ main disk with a File System
containing specified AMI
– AMI associated to a hardware configuration → instance type

42
 Types of instances
• An instance is created based on an instance type
– Defines a hardware capability : CPU, quantity of RAM, disk, bandwidth
– Depends of what is needed. Eg: processing oriented, network oriented
– Defines price per second
• Various families : t, m, …
• Each family include several types
– t1, t2, t3, … m1, m2, ….
• Un type is characterized by:
– Hardware capabilities
– Ability to a brief extensibility (on an interval of time, based on an acquired
quantity of credits) (Eg: t2 and t3, but not m5)
– A kind of root volume

43
 Root volume of an instance
Instance
type
• An instance has one or several disks
• Their number and characteristics depends on type
EC2 Instance
• The root volume contains software specified by AMI
• The root volume depends on type:
– Local disk → removed with instance removal (same
duration of life). Instance storage → required backups (S3)
– EBS Volume, hardware-independent of instance, permanent
regarding instance’s life (faster to create)
– An instance based on an EBS volume may be terminated
and its work resumed later using another instance

44
 Regions and availability zones
• Data centers are spread on different geographical areas, called regions
– 16 regions: Europe, Canada, Asia, South America, ….
• Regions are subdivided in Availability zones (AZ)
• An AZ correspond to an independence in terms of real life equipments
– A simultaneous breakdown of two different zones has a very low probability
– Data centers of a same AZ are linked by high-speed networks

• A resource may by created in a region and a specified AZ →

enables user to control availability
– Creation near users
– Redundancies, … Région 1 Région 2
Zone 1.1 Zone 1.2 Zone 2.1 Zone 2.2

Serveurs Serveurs Serveurs Serveurs

physiques physiques physiques physiques

Zone 1.3 Zone 2.3

Serveurs Serveurs
physiques physiques 45
Parc matériel
 EC2: models of billing (cost)
• Various needs, that may be variables over time
– Eg: development, production, peaks of loads in production, …
• → Various models of billing, adapted to different contexts
• Principe : initial payment + cost per second, depending on billing mode,
fixed at instance creation
• On-demand and planned instances
– Cost depending on time, without long term engagement
– Enable to support peaks of loads
• Reserved instances
– Booked for a limited amount of time (Eg: 1 year, 3 years)
– Initial payment, the reduced price at use
– Several types : light, moderate, intensive use
• Spot instances
– Offers on unused Amazon EC2 machines capability. Enables executing
instances as long as one’s offer is higher current price
– Current price changes depending on offers and demands
• + Dedicated hosts and instances 46
 Life cycle of an instance
• States of an instance
• Different lifecycles, depending on instance type

Start
AMI Waiting
Restart

Reboot Stop
Rebooting Active Stopping Stopped

End Instances based on EBS volumes only

Termination
in progress

Terminated
47
 Communications between instances
• At creation time, an instance gets a public IP address, stable during its
lifetime
• Communication with external world: functionality of firewall
IP-level rules:
– Permits traffic on the base of protocol (TCP, UDP, …), destination port
and IP address of source
– It is possible to accept only connexions going from company’s computers
(IP interval), even from a specific computer
– Instances may appear or disappear → no internal rules based on IP
addresses
Group-level rules
– Traffic between EC2 instances
– An instance belongs to one or several security groups → defined at
instance creation time, not modifiable
– No distinction of protocols, ports and IP adresses
Customers of IP
organization Security group A Security group B
Firewall
Organization IP Instance Instance Instance
48
IP
 Elastic IP addresses
• An instance automatically get a public and stable IP address
– Used to communicate with hosted applications, to administrate server, …
• If this instance is removed, and then re created later, it get a
different IP address (it is not the same instance!)
• Propagation in DNS is not immediate (it may take several hours) →
no continuity for outside users
• → An Amazon elastic IP address is an IP address, public, routable
– Allocated to a client independently from instances
– Persistent related to instances
– The client may assign an elastic IP adress to an instance, and then re
assign it to another instance
– It is a simple (but not automatic) way to alternate a server and a backup
server
• Specific billing AWS EC2
Instance 1
Elastic Instance 2
49
IP
 EC2: Synthesis on costs

• Cost: comparison with classical hosting

• If continuous use, the price is not only lower with EC2
• Even with partial time use, the solution with classical servers is
often better on economic point of view
Prix = i PYear booked servers + i ri. POn demand servers

• Become better with use of elasticity

– Peaks of loads on short time periods
– At the scale of hour, EC2 is better!
– The solution you choose should depend on requirements of reactivity

50
 S3: Object storage
• Service to get a very high availability permanent storage
– Historically, le first AWS service with EC2
• S3 enable the storage on « S3 objects»
– “Object” Storage, content between 0 et 5 Terabytes
– Object = name (key), + content + metadata
– Red, Written et modified as a whole: → put and get operations
– May be shared, independently from instances
– Access by an instance, an external application, or a navigator
– Implicitly replicated on several datacenters, on an asynchronous way
Not ACID, latency (a few seconds)
– Metadata: automatically filled (Eg: date of creation), or filled by user
• Billing depending on the stored volume, flow and number of
requests (very low prices)
51
 S3: Object storage (2)
Accesses by PUT et GET operations

Client

Services Web

AWS URL
EC2 S3
Bucket
Data
PUT URL
Instance Objet S3
Content
GET
Data

Different classes of storage : Amazon S3 Standard, Amazon S3 standard IA

52
(Infrequent acsses), Amazon Glacier, …
 S3: User buckets
• User bucket: S3
– Logical area of S3 objects storage
– Analogous to a directory, but with a unique level url url url
– Identified by a unique name
• Search for an object: S3 « Objects »
– List content of a bucket → list of W3 objects Bucket
– Objects whose names begins by a given string (prefix) → Simulate a
subdirectory
E.g.: Object with name « /MyDocuments/Reports/toto.docx »
• Access to S3 object content with an URL
E.g.: http://myBucket.s3.amazonaws.com/myPicture.jpg
– From an application via REST, or directly in HTTP from a navigator
Manipulating buckets
– Create: aws s3 mb s3://moncompartiment – region eu-west-3
– Remove : aws s3 rb s3://moncompartiment
– List : aws S3 ls
53
 S3: Access rights to objects

– An S3 object has access rights (who may read, write, ….)

– By default, it is only accessed by its creator
– Rights are expressed under the form of Access Control Lists
called ACP (« P » = Policy)
– Rights are explicitely given to a user on a positive way (grant)
– A grant apply on:
• An action on the objet itself: read, write
• An action on its ACL list : read_acp or write_acp
• No notion of group
• Except for two predefined groups : AllUsers, AuthenticatedUsers

54
 EBS: Elastic Block Store
• Need for permanent storage, independent from instances
– S3 don’t provide File System functionalities
• → An EBS logical disk simulate a partition on a SAN
– That may be mounted on an instance then on another one
– Provide a direct disk access:
• Managed in RAID1 mode (reliable for simple failures)
• Not the same level of reliability than S3 storage
– Based on a unique availability zone

AWS EC2 EBS

Instance 2
ABS
Volume 1
Instance 1 EBS
Volume 2
Instance
storage
55
 EBS: backups
• Backups EBS disks contents
• Solution: backup of EBS on S3 objects
– Integrated backup tool
– “snapshots” at a instant of copy
– Consistent snapshot independent from the duration of copy operation
– Writes may continue during copy → transparent internal mechanisms of
replication
– Backups by increments : a backup only write update blocs
– If EBS includes a relational database, no transaction are allowed during
copy
• A consistent disk state is not necessarily a database consistent state!
• E.g.: execute a « Flush tables with read lock » on MySQL

AWS
EC2 EBS S3
Compartiment

Instance Attach / detach Volume Backup

EBS 1 Objet S3
Attach / detach
Volume Restore
EBS 2 56
 EFS File Systems
• EFS : Elastic File System
• Storage device analogous to a NAS
• Support NFS protocol and POSIX permissions
• May be shared between applications running and different instances
→ “Cooperating” instances
• More expensive than EBS volumes

EFS EC2 EBS S3

Bucket
Instance 1 EBS Objet S3
EFS 1
Volume 1 S3 Object 1

EBS
Volume 2
EFS 2 Instance 2 S3 Object 2
EBS
Volume d’instance Volume 3
57
 SQS: message service
• MOM Service (Message Oriented Middleware)
– Asynchronous : participants don’t know each others Instance
– Reliable messaging with weak coupling Instance

– Limited fonctionnalités
– Only messages queues de
• A message should be read and processed Bus de messages
• Right management at user level
• Messages size limitation (256 k.O)
• Reliability:
– A message can’t be lost
– But no guarantee on delivery order, on multiple deliveries, and delay
– A not processed message is remove after N days
• Billing with number of operations, free inside the same region
• Integration bus : communications between instances or between
an instance and an external application running on a concrete
machine 58
 Monitoring and dynamic adaptation
• Cloud Watch (ACW)
– Monitoring of EC2 instances, Load balancers (LB)
– Information retrieving with dimensions, metrics, et measures
– « Pull » mode
• Auto Scaling
– Automated scalling of an EC2 instance set under pre-specified
conditions
– Triggers using métrics, with definition of limits
– Automatically add or remove instances depending on needs →
« élastic » plateform
– Scaling group : set of instances that executes the same
application, under the control of a Load Balancer

Load Balancer ACW AAS

Mesures Triggers
59
 Some other services
• Load Balancing (ELB):
– Equilibrates load: Distribute incoming requests towards an instance
or another depending on loads
• Relational Dabase Service (RDS)
– Access to a Relational Database (MySQL, Oracle, Microsoft SQL
Server or PostgreSQL), with automated scalling
• SimpleDB, DynamoDB
– NoSQL Databases
• CloudFront
– Content Delivery Network
• Identity and Access Management, Simple Notification
Service, ….

60
 A synthesis of concepts
Users Organization
Customers

Applications Administration
Navigator Navigator (classical console
deployment)

Internet
IP élastique

EFS EC2 EBS S3 Auto- CloudWat

SQS
File Systems Scaling ch
AZ1 Volumes EBS
EFS
Instances

AZ2 S3 objects
Instances

AZ1 : availability zone 1 Virtual Infrastructure

AZ2 : availability zone 2 61
 10 obstacles and opportunities
10 obstacles to cloud adoption:
1. Continuity of service and availability
2. Data lock-in
3. Confidentiality of stored data and auditability
4. Bottlenecks (data transfer)
5. Predictability of performances
6. Extensibility of storage
7. Correction of software bugs
8. Speed of scaling
9. « Sharing of reputation »
10. Software licenses for software packages

62
Migrating to the cloud …
 Company applications
Different applications in an organization: two extreme cases:
• Strategical applications → very difficult to move
– Constitute the specific know-how of the company
– Important flow between them and other applications of the I.S.
– Possibly specific software and/or hardware environments
– Possible legal constraints. E.g.: Banking
• Commodity tools
Generic tools, standard functionalities, reduced flow
– Collaboratives applications : messaging, calendar, document sharing, …
– Human Resources management: salaries, vacation, …
– Customer relationship management
– Financial management, accountancy, …
• Between the two, business applications
– Domain generic
64
– Depend on business area
 Transition to the cloud
• Deployment Analysis function of genericity / business criticity
• 1. Commodity applications
Enable to evaluate adequation of cloud model to the specific
context of the organization
– 1.a. Use of an external service via an API
E.g/: For geographical maps: Mappy or Google Maps
– 1.b. Use of an SaaS application
• 2. Domain generic business applications :
– Move to SaaS model, if available
• 3. Move strategical applications, if possible, considering
company constraints
– May be decided only after a very serious study
– PaaS or IaaS Mode 65
 Conclusion
• Various offers that implements the concept of “computing as a utility”
• “Fast elasticity” is a real need of companies
• On provider side, reduction of costs by economy of scale (factor 5 to 7…)
• Remarks:
– Offers are very variables in their principles…
– Technologically is mature, more and more used by companies
– It remains major obstacles to adoption at a larger scale by companies
• Some technical trends:
– Applications cut into a mobile client part and a cloud part. The cloud part has
to immediately adapt to load. The client part should be able to continuer even if
it is disconnected
– Software infrastructure aware of the fact it is no more running on a physical
machine but on a virtual environment
– Hardware evolution with an integrated design at the scale of a “container”,
automatic standby, native support of virtualization, …
– Intensive use of hybrid cloud 66