Cloud Computing Notes

By: Saurabh Kailas

September 15, 2024

Contents
1 Cloud Computing Overview 4
1.1 Cloud Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.1.1 Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.1.2 Datacenter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1.1.3 Distributed Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1.2 Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1.2.1 Software As A Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1.2.2 Platform As A Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
1.2.3 Hardware As A Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
1.3 Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
1.3.1 Grid Computing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
1.3.2 Full Virtualization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
1.3.3 Para-virtualization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

2 Cloud Computing Applications 7

2.1 Storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.2 Database As A Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

3 Components 8

4 When You Can Use Cloud Computing? 9

4.1 Compute Clouds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
4.2 Cloud Storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
4.3 Cloud Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

5 When You Shouldn’t Use Cloud Computing? 10

6 Benefits of Cloud Computing 10

7 Limitations of Cloud Computing 10

8 Cloud Computing with the Titans 11

8.1 Google . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
8.2 Microsoft . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
8.3 Amazon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

9 Cloud Computing Services 11

9.1 Infrastructure As A Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
9.1.1 Amazon EC2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
9.1.2 GoGrid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
9.2 Platform As A Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
9.2.1 RightScale . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

1
 9.2.2 Salesforce.com . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
9.3 Software As A Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
9.3.1 Google App Engine and Salesforce . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
9.3.2 Google . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
9.4 Software Plus Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

10 How Those Applications Help Your Business? 13

10.1 Operational Benefits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
10.2 Economic Benefits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
10.3 Tips For Evaluating SaaS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
10.4 Staffing Benefits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

11 Deleting Your Datacenter 15

12 Hardware and Infrastructure 15

12.1 Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
12.1.1 Mobile Clients: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
12.1.2 Thin Clients: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
12.1.3 Thick Clients: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
12.2 Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
12.2.1 Data Leakage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
12.2.2 Offloading Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
12.2.3 Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
12.2.4 Forensics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
12.2.5 Development . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
12.2.6 Auditing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
12.3 Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
12.3.1 Basic Public Internet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
12.3.2 The Accelerated Internet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
12.3.3 Optimized Internet Overlay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
12.3.4 Site-to-Site VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
12.4 Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
12.4.1 Identity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
12.4.2 Integration: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
12.4.3 Mapping: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
12.4.4 Payments: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
12.4.5 Search: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

13 Accessing the Cloud 20

13.1 Platforms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
13.1.1 Web Application Framework . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
13.1.2 AJAX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
13.2 Web Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
13.3 Web APIs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
13.4 Web Browsers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

14 Virtual Machines Provisioning and Migration Services 22

14.1 Introduction and Background . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
14.1.1 Virtualization Technology Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
14.1.2 Public Cloud and Infrastructure Services . . . . . . . . . . . . . . . . . . . . . . . . . 23
14.1.3 Private Cloud and Infrastructure Services . . . . . . . . . . . . . . . . . . . . . . . . . 23
14.1.4 Hybrid Cloud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
14.1.5 High Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
14.2 Virtual Machines Provisioning and Manageability . . . . . . . . . . . . . . . . . . . . . . . . . 23
14.2.1 VM Life Cycle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

2
 14.2.2 VM Provisioning Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
14.3 Virtual Machine Migration Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
14.3.1 Live Migration and High Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
14.3.2 Regular or Cold Migration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
14.3.3 Live Storage Migration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
14.4 The Anatomy of Cloud Infrastructures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
14.4.1 Distributed Management of Virtual Machines . . . . . . . . . . . . . . . . . . . . . . . 25
14.4.2 Reservation-Based Provisioning of Virtualized Resources . . . . . . . . . . . . . . . . . 26
14.4.3 Provisioning to Meet SLA Commitments . . . . . . . . . . . . . . . . . . . . . . . . . 26
14.5 Distributed Management of Virtual Infrastructures . . . . . . . . . . . . . . . . . . . . . . . . 26
14.5.1 VM Model and Lifecycle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

15 References 29

3
1 Cloud Computing Overview
• Cloud Computing is a metaphor for the Internet. It is all the other stuff that makes the network work.
• Cloud Computing allows you to access applications that reside at some other location than your
computer, such as a distant data center.
• In Cloud Computing, another company stores your applications. They handle the costs of servers,
manage the software updates, perform maintenance tasks, etc. Your company does not need to pay
for hardware and maintenance.
• A point of failure is when there is an Internet outage or problems at the ISP, in which case the client
will not be able to access the applications in the cloud.
• In some scenarios, the data may contain sensitive information, so it may not be suitable to store it in
someone else’s machine.
• It is easier to manage and access data that is closer and not under someone else’s control.

1.1 Cloud Components

1.1.1 Clients
• They are the devices that are used by the end users to manage their information in the cloud.
• The clients fall into 3 categories:

– Mobile: Laptops and Smartphones. They have speed and security concerns.
– Thin: They are the clients that do not have internal hard drives. They let the server do all the
work, and they just display the information.
– Thick: It is a computer that uses a web browser to connect to the cloud.
• Some of the advantages of thin clients are listed below.

1. They are cheaper than thick clients since they need less hardware.
2. They last longer before they need to be upgraded.
3. They are managed at the server, so there are lower IT costs and fewer points of failure.
4. They don’t have hard drives, so there are no chances of malware.
5. They cannot operate without the server, so lesser chances of being stolen.

4
1.1.2 Datacenter
• Collection of servers where the applications ar housed.
• There are also virtual servers, which allow clients to use multiple instances of servers. Multiple virtual
servers can be running on one physical server.

1.1.3 Distributed Servers

• The servers need not be housed in the same location; they can be geographically dispersed across
various locations. But, to the client, they should appear as if they are all together.
• This gives more flexibility and security. If one of the sites fails, then the service can be accessed from
a different site. Also, if the cloud needs more hardware, servers can be added at another site and then
made part of the cloud.

1.2 Services
Multitenancy: Resources can be shared by many users. Multiple customers can use the same application.
Device Independence: The systems can be accessed on different hardware.

1.2.1 Software As A Service

• Provides fully developed applications, which are hosted as a service.
• All the upgrades and maintenance are done by the provider.
• The costs can be double-edged. There is an ongoing cost for accessing the software. The more you use
it, the more you are billed. On the other hand, you are only billed based on your usage.

• Suitable for software that performs simple tasks and does not need to interact a lot with other systems.
• Some applications that benefit from SaaS are:
1. Customer Resource Management: Used by businesses to manage their interactions with
current and potential customers.
2. Video Conferencing: Users can host or join meetings from any device with an Internet con-
nection.
3. IT Service Management: Companies do not need to maintain complex IT infrastructures.
SaaS provides ITSM platforms, which can be accessed globally by IT teams.
4. Accounting: Businesses can manage their finances from anywhere in the world. Suitable for
small businesses that cannot afford their own servers.
5. Web Analytics: Collect website data.
6. Web Content Management: Create, manage, and publish digital content.
• Some of the benefits of SaaS are:

– Costs less than buying the application.

– Non-steep learning curve since most people are familiar with the Internet.
– Lesser salary overhead because there is fewer staff since the applications are farmed out.
– Better marketing since the entire world is open to the SaaS providers.
– More bandwidth. The applications can be accessed with low latencies and high speeds.
– SaaS applications can be easily customized. They give an organization exactly what it wants.
• Some of the obstacles of SaaS are:

5
 – Customer pays a vendor to use an application. Once they do, they may be unable to port the
application to a different vendor. Even if they are able to do so, the old vendor will charge a lot.
– Organizations with specific computational needs might not be able to find the application through
SaaS. They might need to buy the software and install it on their local machines.

1.2.2 Platform As A Service

• PaaS provides all the resources that are needed to build an application from the Internet without
requiring any software to be installed.
• Some of the services that PaaS provides are application design, development, testing, deployment, and
hosting.
• PaaS is found in one of three different types of systems:

1. Add-On Development Facilities: It allows existing SaaS applications to be customized.

2. Stand-Alone Environments: It only supports general developments. It does not include de-
pendencies on SaaS applications.
3. Application Delivery-Only Environments: It only supports hosting-level services. It does
not include development, debugging, and testing.

• Some of the obstacles of PaaS are:

– It lacks portability and interoperability among the providers. If you develop an application with
one cloud provider, you won’t be able to move it to another provider. Or, you will be able to do
so but at a high price.
– If the provider goes out of business, your data and applications will be lost.

1.2.3 Hardware As A Service

• SaaS and PaaS provide applications to the customers. On the other hand, HaaS provides the hardware
so that your organization can put whatever it wants on it.
• HaaS allows the users to rent resources such as:

1. Server Space
2. Network Equipment
3. CPU Cycles
4. Memory
5. Storage Space

• HaaS involves the following:

– Service Level Agreements: This is an agreement between the provider and the client that
guarantees a certain level of performance from the system.
– Computer Hardware: These are the resources that are being rented out.
– Network: Hardware for firewalls, routers, and load balancing.
– Internet Connectivity: Allows clients to access the rented hardware.
– Utility Computing Billing: The customers are billed based on how many resources are being
used.

6
1.3 Infrastructure
1.3.1 Grid Computing
• Here, a single problem is solved by using the resources of many computers.
• It uses a program that can divide and send pieces of the program to thousands of computers.
• This method is appealing because it is cost-effective since it can solve problems that need a lot of
computing power by simply sharing the resources of several computers. Each computer contributes
with its unused computing power.
• In Grid Computing, a large project is divided among multiple computers. On the other hand, Cloud
Computing is the opposite; it allows multiple smaller applications to run at the same time.
• In Grid Computing, the resources are managed by different entities. On the other hand, in Cloud
Computing they are managed by a single provider.

1.3.2 Full Virtualization

• Here, a complete installation of one machine is run on another.
• The cloud services are provided in a fully virtualized format.
• This method is appealing because it allows the sharing of a computer system among multiple users,
isolates these users from one another and emulates hardware on another machine.

1.3.3 Para-virtualization
• Here, multiple OS can run on a single hardware system.
• In full virtualization, the entire system is emulated, whereas para-virtualization does not emulate the
hardware; instead, it uses a modified guest OS that communicates with the hypervisor.

• Para-virtualization runs better than full virtualization because not all the elements are emulated. Also,
many different OS can run simultaneously.
• It works best in:
1. Disaster Recovery: In case of a disaster, the guest instances can be moved to other hardware.
2. Migration: It is easier to move to a new system because the guest instances can be removed
from the underlying hardware.
3. Capacity Management: It is easier to add more processing power in a virtualized environment.

2 Cloud Computing Applications

2.1 Storage
• The advantage of using cloud computing as a storage space is that you don’t need to buy the equipment,
pay to run it, or pay to cool it.

7
 • There are also distributed databases, which physically disperse the data among different hardware.
But, for the client, all the data appears to be located in the same place.
• The advantages of distributed databases are:
– If there is a fault in one system, it will only affect the data that is stored in that system, not the
entire database.
– The load is balanced among the servers.
– The data can be placed near the location with the greatest demand, which will improve the
performance.
– It is cheaper to create a network of smaller computers with the same power as a single large
computer.
– There is more flexibility. The systems can be changed without harming the entire database.
• The disadvantages of distributed databases are:
– Complexity. It requires extra work to maintain the system.
– Labor costs. the complexity requires more workers.
– Security. The database fragments and the sites where they are stored must be secured.
– Integrity. If the database is too complex or changes quickly, it will be difficult to maintain the
integrity of the database.

2.2 Database As A Service

The benefits of DaaS are:
1. Ease of Use: There is no need to buy, install, or maintain the equipment.

2. Power: Even though the database is not housed locally, it is still easy to create and manage the
databases.
3. Integration: The database can be easily integrated with other services, such as calendars, emails,
and people.
4. Management: Usually, large databases need to be constantly pruned and optimized, which is expen-
sive. For this, cloud providers use off-shore labor pools. So, you may be using the service in Chicago,
the physical servers are in Washington, and the database administrator is in the Philippines.

3 Components
There are two main components in client/server computing:
1. Servers: They house the organization’s applications.
2. Thin or Light Clients: They display the results. They do not have hard drives.
Thin clients use an application program to communicate with the servers. The servers do the processing and
send the results back to the thin clients.

8
4 When You Can Use Cloud Computing?
Depends on a number of factors, such as:
• Cost/Benefit Ratio

• Speed of Delivery
• How much capacity you will use?
• Whether your data is regulated?
• Your organization’s corporate and IT structure.

There are 3 major implementations of cloud computing, which are discussed below.

4.1 Compute Clouds

• Allows to access applications maintained on a provider’s equipment.
• Amazon EC2, Google App Engine, and Berkeley Open Infrastructure for Network Computing.
• Allow access to highly scalable, inexpensive, and on-demand computing resources that run the code
that they are given.

• Suitable for organizations of any size, but large organizations avoid it since it doesn’t offer standard
management, monitoring, and governance capabilities.

4.2 Cloud Storage

• More than 100 vendors offer cloud storage.

• Allow to store data on a vendor’s equipment. Used to maintain files off-site.

• THe problem is cost and security.
• Most used cloud storage is Amazon S3.

4.3 Cloud Applications

• Applications that are hosted and managed on the cloud and are delivered to the users via a browser.
• There is no need for the customers to install and run the applications on their own computers.

• Some examples are:

– Peer-to-Peer Applications, such as BitTorrent and Skype.

9
 – Web Applications, such as YouTube.
– SaaS, such as Google Apps.
– Software plus Services, such as Microsoft Online Services.

5 When You Shouldn’t Use Cloud Computing?

1. Minding the Details: Avoid placing sensitive data on the cloud. If there is a breach, then all this
data will be compromised.
2. Legislative Issues: Consider the fact that there are certain laws and policies that allow governments
to freely access the information on the cloud without the consent of the owner.
3. Geographical Concerns: Sometimes you may not be allowed to post on to the cloud. For example,
if you are in Canada and want to post some data to the American cloud, you might not be allowed to
do so.
4. Hardware Dependencies: It is possible that you may not find your precise hardware requirements
in the cloud, in which case it is better to use an on-site solution.
5. Server Control: If your application requires full control over everything, such as CPU, memory, and
hard drives, then the cloud is not an optimal solution. In the cloud, all these resources are managed
by the provider.

6. Cost: Initially, it is less expensive to run an application on the cloud, but overtime it might be cheaper
to buy the application outright.
7. Integration with Existing Applications: If you have two applications that need to work together,
avoid separating them into local and cloud.
8. Latency Concerns: In the cloud, the data is geographically dispersed across various different servers,
so it might take some time for you to receive the data. So, if you need the data instantaneously, then
the cloud is not an optimal solution.

6 Benefits of Cloud Computing

1. Scalability: There is no need to buy, install, and configure new equipment. You can simply buy more
CPU cycles or storage. This also gives lesser cost.
2. Simplicity: A cloud solution allows an application to be started immediately while also costing a
fraction of an on-site solution.
3. Knowledgeable Vendors: There are many different good vendors, such as Amazon, Google, Mi-
crosoft, IBM, and Yahoo.
4. More Internal Resources: Since the non-critical data is off-loaded to the cloud, then the IT staff
will be freed and they can focus on more important tasks.

7 Limitations of Cloud Computing

Storing sensitive information on the cloud is one of the main risk issues. The provider will have full control
over this data. As a solution, you can encrypt your data before sending it to a third-party.
In some cases, the applications themselves are not ready to be used on the cloud. They may not be working
at their fullest ability or they may not be working at all.

10
8 Cloud Computing with the Titans
8.1 Google
• Google App Engine: It allows developers to build web applications on the same infrastructure as
Google’s own applications.
• Some of the features of Google App Engine include:
– It makes it easier to deploy web applications by dynamically providing computing resources as
needed.
– It provides replication and load balancing to handle large amounts of traffic.
– It allows developers to use Google’s own APIs for functionalities such as authentication and email.
• Google Web Toolkit: It allows to develop and debug applications in Java and deploy them in
Javascript. It avoids the headaches associated with AJAX, such as browser incompatibilities.

8.2 Microsoft
• Windows Azure: It is a cloud-based OS that allows developers to host and manage web applications
by providing them with on-demand computing and storage resources. It supports standards such as
REST, SOAP, and XML.

• SQL Services: It adds SQL Server capabilities to the cloud, which in turn allows the storage of
structured, semi-structured, and unstructured data. It provides features such as search, relational
queries, synchronization, and integration of data.
• Windows Live: It is a set of online services that allow customers to communicate and exchange
information with each other. It includes e-mail, instant messaging, and photo-sharing. It can be
integrated with third-party services, such as Twitter and LinkedIn.

8.3 Amazon
• Amazon EC2: Amazon Elastic Compute Cloud. It provides a web interface that allows customers to
control their computing resources. It takes very less time to obtain and boot a new server, making it
highly scalable. It allows to run Windows-based applications on Amazon’s cloud computing platform.
• Amazon SimpleDB: It allows to store, process, and query data sets on the cloud. It requires no
schema, automatically indexes the data, and provides simple APIs for storage and access.
• Amazon SQS: Amazon Simple Queue Service. It provides a queue for storing messages as they travel
between computers. This allows data to be moved between distributed components without getting
the data lost or requiring each component to be available.

9 Cloud Computing Services

9.1 Infrastructure As A Service
It is also known as Everything as a Service. Here, the client is using the cloud provider’s machine. The client
is using a virtualized server and running software on it. The cloud provider manages the IT infrastructure,
such as storage, server, and networking resources, and delivers them to the clients via virtual machines,
which are accessible through the Internet. It is suitable for small and mid-sized companies that cannot
afford their own IT infrastructure. Two of the most relevant ones are Amazon Elastic Compute Cloud
(EC2) and GoGrid.

11
9.1.1 Amazon EC2
• It has a simple web interface that allows businesses to obtain and configure capacity with minimum
friction.
• It allows organizations to have control over the computing resources and run on Amazon’s computing
environment.
• It has a quick scaling capacity, both up and down, based on the computing requirements.
• It allows the clients to pay for only the capacity they actually use.
• It runs on Windows and SQL Server.
• AWS delivers additional features that automate the customer usage of EC2, such as:
– Load Balancing: It allows the customers to balance the incoming requests and distribute the
traffic across multiple EC2 compute instances.
– Auto-Scaling: It automatically grows and shrinks the EC2 compute capacity based on the
requirements.
– Monitoring: The customers can monitor the operation metrics of Amazon EC2.
– Management Console: It provides a simple web interface where the customers can access and
manage their AWS cloud resources.

9.1.2 GoGrid
• Service provider of Windows and Linux cloud-based server hosting.
• Offers 32-bit and 64-bit editions of Windows Server 2008 within its cloud computing infrastructure.
• It is the first IaaS provider to offer Windows Server 2008 in the cloud.
• It allows to quickly and easily create, deploy, load-balance, and manage Windows and Linux cloud
servers within minutes.

9.2 Platform As A Service

Here, we build the applications, which are then hosted by the cloud provider. It allows us to deploy
applications without having to buy servers on which to house them. It avoids the cost, complexity, and need
for building and maintaining applications on-premise.

9.2.1 RightScale
• It is compatible with many different cloud providers, such as FlexiScale, GoGrid, Mosso, and CloudFS.
• It provides a management dashboard to deploy and manage the applications.
• Provides built-in redundancy, fault tolerance, and geographical distribution of resources.

9.2.2 Salesforce.com
• Offers Force.com as its on-demand platform.
• Force.com has Visualforce technology, which allows customers to design any app for any user anywhere.
It provides the world’s first User-Interface As A Service.
• Visualforce allows customers to create user experiences without any software and hardware require-
ments.
• Visualforce includes the following features:

12
 – Pages: They are the design definition of the UI. They are created using HTML, AJAX, and Flex.
Visualforce automatically detects the user’s device and adjusts the settings and configurations
accordingly.
– Components: Allow to create reusable interface elements.
– Logic Controllers: Used for building UI behavior. Used for interactions among the components.

9.3 Software As A Service

Unlike PaaS, where you can develop your own application, SaaS provides the application for you. This
application is hosted on the provider’s servers.
• SaaS: Provider supplies the application.
• PaaS: Provider supplies mechanisms to develop your application.
Google and Salesforce provide both PaaS and SaaS. Not only can you build an application, but you can also
allow others to use the application you developed. Salesforce’s Force.com allows the creation of applications,
and Google’s APIs allow the integration of these applications with Google Apps.

9.3.1 Google App Engine and Salesforce

• Salesforce and Gmail: It allows sending, receiving, and storing email communication easily. It
allows the recording of interactions with customers.
• Salesforce and Google Docs: It allows to create, manage, and share online documents, spreadsheets,
and presentations for online collaboration.
• Salesforce and Google Calendar: Sales tasks and deadlines.
• Salesforce and Google Talk: Allows communication with colleagues and customers instantly.

9.3.2 Google
Google provides SaaS to store sensitive data. It has one of the largest networks of distributed data centers.
In Google, security falls under 3 main categories:
• People: Google has an Information Security team that handles the defense systems, security review
processes, and security plans.
• Process: Each Google application is constantly reviewed for security.
• Technology: The data in Google’s applications is distributed across multiple servers, which makes it
difficult to read the data in case there is a breach. Also, it can rapidly distribute updates and changes.

9.4 Software Plus Service

Microsoft provides S+S. Here, you can run some software on-site and reach out to the cloud for some
additional services. It allows data to be stored on-site.

10 How Those Applications Help Your Business?

10.1 Operational Benefits
• Reduced Cost: The technology is paid incrementally, saving your organization money in the long
run.
• Increased Storage: We can store more data on the cloud than on a private network. It is also easy
to add extra storage in the cloud.

13
 • Automation: The applications are kept up-to-date and maintained by the provider; there is no need
for your IT staff to intervene manually.
• Flexibility: Testing and deploying applications is easy. It is also easy to switch between applications.
• Better Mobility: The users can access the cloud from anywhere with an Internet connection.
• Better Use of IT Staff: The IT staff need not worry about updates and issues; they can focus on
more important tasks other than maintenance.

10.2 Economic Benefits

• People: Since we are moving to the cloud, fewer staff are required.
• Hardware: If we require more storage, then it will simply increase our subscription costs; there is no
need to buy new equipment. If we need more computational cycles, we can simply buy them from the
provider rather than buying more servers.
• Pay-As-You-Go: You only pay for what you use. This is an analogy for leasing a car.
• Time-To-Market: The cloud can get applications up and running in a fraction of the time than
conventional methods.

10.3 Tips For Evaluating SaaS

• Time-To-Value: It is the ability to shorten the time to get a new application up and running.
• Trial Period: Most providers offer a 30-day free trial period, where you can decide whether the
product suits your requirements or not.
• Low Entry Costs: It has low costs to get started using it.
• Services: There is no need to buy hardware, install, configure, and maintain software. If the provider
cannot guarantee these, we can simply switch to another provider.
• Wiser Investment: Since you only pay for what you use, there is no long-term financial commitment,
so there is a lesser monetary risk.
• Security: The provider has a staff dedicated to ensuring the data is kept safe and secure.

10.4 Staffing Benefits

• For the Customer:
– No software install nor maintenance.
– Shorter deployment time.
– Worldwide availability since the users can access your applications from anywhere.
– Adherence to Service Level Agreements. If you report any bugs, the vendor will fix them
– The upgrades are done by the provider.
– Your organization saves more money.
• For the Provider:
– The provider owns the domain.
– It is a predictable revenue steam. It is easy to get a handle on forecasting revenues based on
subscriptions.
– The provider can study how their SaaS is being used and make changes based on what the
customers want.
– Have incremental patch fixes and rollouts rather than a single humongous rollout.

14
11 Deleting Your Datacenter
What and when to remove when moving to the cloud? You can backup the data, but as you are using the
cloud, the data will change, so the backup will not be up to date.
Companies can have a centralized management of multiple desktops in the cloud, which provides higher
efficiency and lower costs than traditional desktop management.
Hypervisors allow desktops to operate independently of network access.
Sensitive information can be moved to the cloud if the user is happy with the vendor’s security measures.
Large files should be kept on-site if you store more than you access. Infrequently accessed files should be
stored on-site, or else it will increase the bill.

12 Hardware and Infrastructure

Below are listed the equipment needed on the user’s end and how it should be configured to best interact
with the cloud.

12.1 Clients
There are different types of clients that can be used to connect to the cloud. A combination of these can be
used based on requirements.

12.1.1 Mobile Clients:

• Examples are laptops and smartphones.
• Mobile clients have speed and security concerns.

• A mobile client can access the cloud from anywhere, so there might not be an optimized connection.
• But, not all applications require speedy connections. A mobile client will not be inputting gigabytes
of data.
• There are also security concerts. If a laptop gets stolen, then all the information it contains will be
compromised. On the other hand, if the data is maintained in the cloud and the users have only a few
files on their laptops, then only some of the data will get compromised in case the laptop is stolen.

12.1.2 Thin Clients:

• Thin Clients are computers without hard drives or DVD-ROM drives. They only display what’s on
the server.
• Thin Clients are cheaper, less expensive to maintain, and use less energy than thick clients.

• Thin Clients provide high-level security since they do not store any data. All the data is stored in
either a data center or on the cloud, so there is no risk of physical breach.

12.1.3 Thick Clients:

• Thick Clients are used when the user wants to maintain some files on their own machines or run
applications that don’t exist on the cloud.

• Thick Clients are more vulnerable to attacks than thin clients because they store the data on their
hard drives. So, if the machine gets stolen, then the data gets compromised.
• There is also a reliability issue. If a thin client fails, we can simply plug in another thin client. On the
other hand, if a thick client fails, then the OS, the data, and the configurations will be lost.

15
12.2 Security
There are several security benefits in a cloud solution.

12.2.1 Data Leakage

• The biggest benefit is the centralization of data.

• Using thick clients, the files can be downloaded and main-

tained on the hard drives, so there will be multiple lap-
tops with non-encrypted files. On the other hand, thin
clients provide better-centralized storage, which lessens the
chances of data leakage.

• The clients that store the data (thick) are more prone to
data leakage than clients with no permanent storage (thin).
• Centralization also provides better monitoring since all the
data is located in one place.

12.2.2 Offloading Work

• Another security benefit is that you don’t have to do it yourself; the cloud provider provides adequate
security.

• There are many paying clients, so the cloud provider can do more since he has more money. It also
increases the reputation of the provider.
• It will also save costs for your organization since there is no need to have IT security staff.

12.2.3 Logging
• Logging can also be improved.

• In the cloud, providers can add as much memory as needed to extend logging.
• Logging refers to the process of recording and storing information about the operation of applications.

12.2.4 Forensics
• If there is a breach, the cloud provider will respond to the incident will lesser downtime than if you
had to do it locally.

• In a cloud solution, if there is a problem, the virtual machine can be cloned and analyzed in offline
mode.
• On the other hand, if there is an issue in a company, then the IT staff need to take the server down,
investigate and resolve the problem quickly, and get the server back online with as much less downtime
as possible.

12.2.5 Development
Security vendors are actively developing products that can apply to virtual machines and the cloud.

16
12.2.6 Auditing
Compliance: Prior to SaaS, compliance could be managed by a few tasks:
• Identify the users and their access privileges.

• Identify sensitive data.

• Identify where it is located.
• Identify how it is encrypted.
• Document this information for regulators and auditors.

SaaS makes these steps complicated. If compliance-sensitive data is stored with a SaaS provider, then it is
difficult to determine where this data is actually stored; it could be on the provider’s equipment or one of
the provider’s partners’ equipment. SaaS has a lot of regulations for service providers.

PCI Appendix A: Requirement A.1 of Appendix A has 4 sub-provisions that regulate how data is
maintained by a service provider.
• Requirement A.1.1 Unauthorized Exposure: In the cloud, your data will sit on the same server
as other client’s data. But, each client should only be able to access their own data. No entity other
than your organization should be able to view your data.
• Appendix A.1.2 Credentials Management: The access controls should be handled by the service
provider. These controls should only allow the data owner to access it, and they should protect the
data from others. The problem is that the authentication credentials are stored on the provider’s
servers, so if there is a breach at the provider, then the data and the credentials will be compromised.
Also, when a user leaves your organization, their credentials must be revoked. The best method is to
have a direct connection with the organization’s directory services to authenticate into the SaaS.
• Appendix A.1.3 Logging: The logs and audit trails should be used for investigating incidents.
• Appendix A.1.4 Reporting: The provider should provide timely forensic investigation in case there
is a breach.

Web Application Breaches: The service providers must follow the Open Web Application Security
Project (OWASP) guidelines for secure application development.

VPN:
• The more applications get offloaded to the cloud, the fewer
things you have to worry about in-house.

• With applications being moved to the cloud, the employ-

ees can be telecommuters by using a VPN to connect to
the cloud. Thus, the organization will be saving money on
leasing space and utilities.
• A secure remote access can be achieved using an SSL VPN,
which stands for Secure Sockets Layer Virtual Private Net-
work. SSL VPN is a VPN that can be used with a standard
web browser. It does not require installing any software.

• The advantages of SSL VPN over the traditional IPSec (Internet Protocol Security) are:
– It does not require any software to be installed.
– It has lesser overhead.

17
 – It has lesser maintenance overhead, and it is easy to use.
• An SSL VPN also ensures that the end users comply with the organization’s security policies. Some
of these measures are:
– An antivirus software should be running.
– Verifying whether the OS patches have been installed.
– Checking to see if there are any malware or bots running.

Key Management:
• With cloud storage, you can encrypt the data
before you store it and set up the data to be
destroyed when the storage key is destroyed.

• This process is secure, but it requires a lot of

keys. These keys are kept track and managed by
the key management server.
• Some of the keys this server tracks include:
Transport Keys, Authentication Keys, Autho-
rization Tokens, File Encryption Keys, Hard-
ware Storage Keys, Revocation Keys, and Cer-
tificates.

12.3 Network
There are 4 different levels of connectivity in order for the cloud to deliver its best resources.

12.3.1 Basic Public Internet

• This is the most basic choice for cloud connectivity.
• It is basic; there are no extras such as TCP acceleration, advanced compression, or application-specific
optimization.

• The advantages of this solution are:

– It has a large audience. Anyone with access to the Internet can use this solution.
– It is highly fault-tolerant.
– It has many different provider options.
– It provides confidentiality through encrypted access via either SSL-based or HTTPS-based.
– It is cost-effective.
• The disadvantages of this solution are:
– It lacks end-to-end Quality of Service (QoS), which makes end-to-end Service-Level Agreements
(SLAs) difficult to reach.
– It provides poor response over high latency connections.
– It can have downtimes that are out of your control, such as cable cuts and problems at the ISP.

18
12.3.2 The Accelerated Internet
• We can use advanced application delivery features on top of the Internet connection. This will benefit
both the cloud provider and the client.
• Network-related functions can be offloaded from the server, providing a cloud improvement of 20 to 50
percent.
• We can use SSL termination, TCP connection management, dynamic caching, and prefetching results,
which will provide a 50 percent performance increase for the end users.
• This method is oriented towards the cloud provider, but it also benefits the end users.

• At the cloud, it requires the installation of a server-side appliance. At the end user, it requires the
installation of a downloadable client.

12.3.3 Optimized Internet Overlay

• This approach allows the customers to connect to the cloud via the Internet, but there is an enhance-
ment at the provider’s cloud. Some of these enhancements are listed below.

– Optimized real-time routing, which avoids slow-downs.

– An SSL session can be stopped so that the protocols and payload can be optimized and re-
encrypted.
– Some application logic can reside on the POP (Point of Presence), which allows for better scala-
bility, fault tolerance, and response time.
– Content that is frequently accessed can be stored in and delivered from local caches.
• Some disadvantages of this method are:
– It is as much as 4 times costlier than public Internet connectivity.
– There is a strong vendor lock-in if the application is distributed into the carrier’s network.

12.3.4 Site-to-Site VPN

• We can use a private Wide Area Network (WAN), such as a VPN connection. This provides confiden-
tiality and guaranteed bandwidth.
• The problem is that private WANs are less reliable than Internet connections.

19
12.4 Services
The different services you need to run based on your provider and organization are listed below.

12.4.1 Identity
• An application needs to know its users. For this, the application asks for a digital identity (a series of
bytes) to describe the user.

• This information allows the application to determine who the user is and what he/she is allowed to do.
• Applications that reside in-house use an Active Directory to provide this information. On the other
hand, clouds have their own identity services.
• Amazon Cloud Services: Sign-in using an Amazon-defined entity.

• Google’s App Engine: Requires a Google account.

• The identity services need not be proprietary. For example, we have OpenID, which allows users to
log in to many services using the same digital identity.
• OpenID is in the form of a URL. It is used by Google, IBM, Microsoft, and Yahoo.

12.4.2 Integration:
• Amazon’s Simple Queue Service (SQS) allows applications to exchange messages via queues in the
cloud. SQS replicates messages across several queues. It does not guarantee in-order delivery.
• Another example of cloud-based integration is BizTalk Services. Instead of queues, it uses a relay
service in the cloud which allows applications to communicate through firewalls. Since cloud-based
integration requires communication through different organizations, it is important to tunnel through
firewalls.

12.4.3 Mapping:
• Hotel and Restaurant websites show their locations. Provides customized directions to the end users.
• Mapping databases are offered as a cloud application. Some examples of such service providers are
Google Maps and Microsoft’s Virtual Earth. They allow the embedding of maps on web pages.

12.4.4 Payments:
• You can use services that allow credit cards or use PayPal.

12.4.5 Search:
• We can embed search options in a website.
• Microsoft’s Live Search allows applications to submit searches and then get the results back.
• Searching can also be limited to the organization, such as searching for a movie on a website with a
movie database. We can search for what’s stored in the company’s database as well as the Web.

13 Accessing the Cloud

13.1 Platforms
A platform is how a cloud computing environment is delivered to you.

20
13.1.1 Web Application Framework
• A framework reduces the overhead that is associated with web development. It provides a set of
libraries that are already written, saving time and energy for the developers.
• Common Gateway Interface: CGI allows external applications to interface with web servers.

13.1.2 AJAX
• AJAX stands for Asynchronous JavaScript and XML.
• It is a set of web development techniques that allow to create interactive web applications.
• AJAX allows applications to retrieve data asynchronously; that is, it is being done in the background,
so it does not interfere with the display and behavior of the data.

• AJAX includes the following technologies:

– HTML and CSS for presentation.
– Document Object Model (DOM) for dynamic display of data and interaction with data.
– XML for data interchange and XSLT for data manipulation.
– XML HttpRequest object for asynchronous communication.
– JavaScript to bring all these technologies together.
• The advantages of AJAX are:
– Some applications may have multiple pages with the same information. If these pages are hard-
coded, it would require writing the same information into each and every page. AJAX avoids this
by allowing an application to retrieve new information and adjust how the content is presented.
This reduces the bandwidth and load times.
– Asynchronous requests allow the browser to respond more quickly to user inputs.
– Connections to the server are also reduced since the scripts and style sheets are downloaded only
once.
• The disadvantages of AJAX are:
– Dynamically created web pages do not show up in the browser’s history, so clicking on the back
button will not display the previously seen page.
– Dynamically created web pages cannot be bookmarked.
– Some browsers do not support AJAX. They may also have JavaScript disabled.
– There is no standard to test AJAX applications.

13.2 Web Applications

Your provider has a set of applications that you can use. You can find an application that someone else has
already created and use it. If you don’t see an application that you want, you can ask the provider; they
may have it offline somewhere, or they can point you to it.
Google Apps includes webmail services, calendaring, and instant messaging, Google Docs, and Google
Spreadsheets.

21
13.3 Web APIs
• An Application Programming Interface is a set of instructions for accessing a web-based program.
Software companies release their APIs so that developers can design products based on their services.
• APIs allow one program to speak with another without the user having to be involved. For example,
when you buy something at Amazon and enter your credit card information, Amazon sends this
information to a remote application that verifies whether it is correct or not.
• An API is similar to SaaS because developers don’t have to start from scratch every time they write
a program.
• An API is written as a series of XML messages.

13.4 Web Browsers

Internet Explorer, Firefox, Safari, and Google Chrome.

14 Virtual Machines Provisioning and Migration Services

14.1 Introduction and Background
In IaaS, the cloud provider provides virtualized computing resources over the Internet. In order to provide
IaaS, the provider must first set up the physical infrastructure in their data centers.
Provisioning: It is the process of setting up and configuring the necessary resources to make them ready
for use.
• Previously, when there was a need for a new server, the IT administrator had to manually follow
certain procedures, such as getting a new machine, formatting it, installing the OS, and installing the
required services. Now, with IaaS, all the above steps can be performed in a matter of minutes by
using a self-service interface. This is an analogy for machine provisioning.
• Previously, when we wanted to upgrade a server or perform some maintenance tasks, it required a lot
of time and effort because they are expensive operations. Now, with IaaS, these operations can be
performed easily and take very less time. This is an analogy for migration services.

14.1.1 Virtualization Technology Overview

• Virtualization is the abstraction of the four com-

puting resources: storage, processing power,
memory, and network or I/O.
• It is similar to Emulation, where a system pre-
tends to be another system. The difference is
that, in virtualization, a system pretends to be
two or more of the same system.
• The Virtualization Layer, also known as Hyper-
visor, lies on top of the Physical Server Layer.
It partitions the physical resources into multi-
ple virtual machines. It schedules and allocates
these resources. It makes each VM feel as if it
owns the underlying physical resources.
• Virtualization provides on-demand cloning and
live migration services, which improve reliability.

22
14.1.2 Public Cloud and Infrastructure Services
Public Cloud Computing involves accessing resources through web services managed by third-party providers.
For example, we have Amazon EC2, which provides IaaS. These services can be accessed through web services,
such as SOAP and REST, AWS management console, or command-line.
EC2 provides hundreds of pre-made AMIs (Amazon Machine Images) with different OS and software.

14.1.3 Private Cloud and Infrastructure Services

Private Cloud provides the same functionality as Public Cloud but uses private resources; that is, the
resources are solely dedicated to a single organization rather than being shared with others.
While a public cloud is like a shared service where multiple companies use the same infrastructure, a private
cloud is like having your own private data center, so you have full control over its resources and data, so
there is high security and compliance with internal policies.
An example of a private cloud provider is OpenNebula.

14.1.4 Hybrid Cloud

This is a third type of cloud setup, where non-critical services are outsourced to the public cloud, whereas
critical ones are kept internal.

14.1.5 High Availability

• It refers to a system’s ability to maintain continuous operation even during disruptions.

• It ensures that the services hosted by a virtual machine remain operational.

• There should be the least possible amount of planned and unplanned downtime.
• When a server fails, the system will restart the affected virtual machines in different servers quickly
with the least possible disruption.

14.2 Virtual Machines Provisioning and Manageability

14.2.1 VM Life Cycle

• The lifecycle of a virtual machine starts with a

request that is sent to the IT department stating
the requirement for creating a new server.

• The IT department processes this request by go-

ing through the servers’ resource pool and find-
ing a suitable server based on the requirements.
• Then, the IT department starts the provisioning
of the virtual machine.

• Once the virtual machine is provisioned and

started, it provides the required services for a
particular time period, which is specified in the
Service-Level Agreement.

• After this time period, the virtual machine is

released and its resources are freed.

23
14.2.2 VM Provisioning Process
1. First, select a server from the pool of avail-
able servers and an appropriate operating sys-
tem template.
2. Then, load the selected OS, drivers, middleware,
and the applications needed for the service.
3. Then, customize the machine (IP address and
gateway) and configure the network and storage
resources.

4. Finally, the virtual machine is ready to start.

Virtual machines can also be provisioned by us-
ing a predefined VM template or cloning an ex-
isting VM.

14.3 Virtual Machine Migration Services

A migration service is the process of moving a virtual machine from one host server to another. Here, all
the components of the machine are virtualized completely (CPU, memory, storage disks, and networking).
So, the entire state of the virtual machine is represented by a set of movable files.
There are 3 different migration techniques, which are listed below.

14.3.1 Live Migration and High Availability

• It is also known as hot migration.
• Here, a virtual machine is moved from one physical host to another while being powered on.
• The entire process takes place in the order of milliseconds without causing any noticeable effect for the
end user.
• The advantage of this technique is that if there are any issues, they can be addressed without causing
any service disruptions by simply moving the virtual machine to a different host server.
• Live migration can also be used for load balancing.

The steps involved in a live migration, including how the memory and virtual machine states are transferred
from host A to host B, are given below.
• Stage 0: Pre-Migration. Here, there is an active VM on physical host A. Another physical host is
selected for the migration (destination).
• Stage 1: Reservation. Here, a request is issued to transfer an OS from host A to host B. A container
is also initialized at host B.
• Stage 2: Iterative Pre-Copy. In the first iteration, all the pages are transferred from A to B. In
subsequent iterations, only the pages dirtied in the previous transfer are copied.
• Stage 3: Stop-and-Copy. Here, the OS instance at A is suspended, and the network traffic is
redirected to B. Also, any remaining pages are transferred. At the end of this state, there is a suspended
copy of the VM at both A and B.
• Stage 4: Commitment. Here, B tells A that it has received a consistent OS image. A responds to
this message as a commitment and discards the original VM. Host B becomes the primary host.
• Stage 5: Pre-Activation. Finally, the VM at host B is now activated.

24
14.3.2 Regular or Cold Migration
• Here, a powered-off virtual machine is migrated.
• Live migration requires shared storage for the virtual machines, but cold migration does not. Also, in
live migration, there are CPU compatibility checks, whereas in cold migration there are not.
• First, the configuration files, log files, and disks of the virtual machine are moved from the source to
the destination host’s storage area. Then, the virtual machine is registered with the new host. Then,
the virtual machine is deleted from the old host.

14.3.3 Live Storage Migration

• Here, the configuration files and disks of a running virtual machine are moved to a new data store
without disrupting the service of the virtual machine.

14.4 The Anatomy of Cloud Infrastructures

IaaS providers share the following characteristics:
• They provide on-demand provisioning of computation resources. That is, they allocate the resources
to the applications as needed.
• They use virtualization technologies to lease these resources.

• They provide a public and simple remote interface for managing these resources.
• They use a pay-as-you-go cost model.
• They operate data centers large enough to provide unlimited capacity of resources to their clients.

14.4.1 Distributed Management of Virtual Machines

How do we manage virtual machines? Managing VMs has additional problems that do not arise when
managing jobs. Some of them are:
• Setting a custom software environment for the virtual machines.
• Setting and managing networking for interrelated virtual machines.

25
 • Reducing the overhead associated with using virtual machines.
There is also a problem of selecting and scheduling the computational resources. Currently, the VM-based
resource scheduling follows a static approach, where the resources are allocated greedily based on immediate
availability without considering future needs.
To efficiently schedule resources, the virtual infrastructure managers should take advantage of the VM’s
ability to suspend, resume, and migrate.

14.4.2 Reservation-Based Provisioning of Virtualized Resources

• How to deal with situations where the demand for resources is known beforehand?
• Commercial cloud providers, such as Amazon, have enough resources to provide an illusion of unlimited
capacity, so the resources can be requested exactly when needed without causing any problems.

• On the other hand, when there is a finite capacity, we need a better solution. Reserving the resources
beforehand is not an optimal solution because it will cause the resources to be underutilized and it
makes it difficult to schedule other requests around this reservation.

14.4.3 Provisioning to Meet SLA Commitments

• A company can deploy an application on an IaaS cloud provider. Here, the cloud consumer is the
service owner, that is, the company that developed the application. The end users are the service
users, which are the users accessing the application.
• The service owners have high-level SLAs with the end users, which cover guarantees such as the
timeliness with which the services will respond. The cloud providers are not exposed to the SLAs
between the service owners and the end users.
• There are low-level SLAs between the cloud provider and the service owner, where they agree on
satisfying the resource allocation requests.

14.5 Distributed Management of Virtual Infrastructures

A VI Manager allows to manage VMs in a pool of physical resources.
OpenNebula: It is a virtual infrastructure engine that can manage groups of interconnected virtual ma-
chines.

14.5.1 VM Model and Lifecycle

In OpenNebula, a virtual machine has the following attributes:
• Capacity, in terms of memory and CPU.

• A set of NICs that are attached to one or more virtual networks.

• A set of disk images. The image files may be transferred to the physical machine where the VM is
running.
• A state or recovery file.

The lifecycle of a virtual machine in OpenNebula is given below:

1. Resource Selection:
• OpenNebula receives a request for a VM.
• A placement plan is created using the default scheduler following a rank scheduling policy.
• This policy prioritizes resources that are most suitable for the VM.

26
 • More complex scheduling policies are supported using the Haizea Lease Manager.
2. Resource Preparation:
• Here, the disk images of the VM are transferred to the target physical resource.
• In the boot process, the VM is contextualized; that is, it is customized to work in the specific
environment.
3. VM Creation:
• Here, the VM is booted by the resource hypervisor.
• The hypervisor is a software that creates and manages VMs on a physical resource.

4. VM Migration:
• A VM can be migrated to a more suitable resource, such as for optimization of power consumption.
5. VM Termination:

• Before a VM is terminated, OpenNebula transfers the VM’s disk images to a known location so
that the changes made to the VM can be used in the future if needed.
OpenNebula manages VM’s lifecycle in 3 different areas: virtualization, image management, and networking.
1. Virtualization:

• OpenNebula manages virtual machines by interfacing with the physical resource virtualization
technologies. It uses pluggable drivers to interact with these technologies.
• These drivers translate commands into a format that can be understood by virtualization tech-
nologies.
• When managing VMs, OpenNebula uses high-level commands, such as ”start VM” and ”stop
VM”. These commands are translated by the drivers so that they can be understood by the VM
managers.
• The advantage of separating the OpenNebula core from the virtualization technologies using a
driver-based architecture is that if we want to add any additional support for the VM managers,
we simply need to write a driver for it.

2. Image Management:

• Virtual machines have a set of virtual disks (images) that contain the OS and any additional
software that is required by the VM.

27
 • Image Repository: It is a local (or remote) storage medium that contains the base images of
the VM. A base image is a template containing the OS and configurations and can be used to
create a new VM. It can be accessed from the OpenNebula front end.
• Virtual Machine Directory: It is a directory on the cluster node where the VM is running. It
contains deployment files needed by the hypervisor to boot the VM, the images being used and
saved, and checkpoints.
• A VM image goes through the following steps in its lifecycle:
(a) Preparation: Here, changes are made to the machine’s image so that it is ready to perform
its intended function. OpenNebula assumes that a VM’s images are prepared and placed in
the image repository.
(b) Cloning: Here, the image is taken from the image repository and placed in the VM directory
in the node where the VM is going to run. The original image is not taken; only a clone (copy)
of it is taken.
(c) Save / Remove: If the save qualifier is disabled, then once the VM is shut down, all of its
images and their changes will be discarded. On the other hand, if the qualifier is enabled,
then the images will be saved for later use.

3. Networking:
• Services that are deployed in the cloud require multiple inter-related virtual machines. Virtual
Application Networks (VANs) are used to link them.
• OpenNebula dynamically creates these VANs and tracks the MAC addresses that were leased to
the VM.
• See figure below. Here, there are two physical hosts, A and B. Each has 2 network interfaces, so
there are 2 physical networks. One physical network connects the hosts using a switch, and the
other one connects them to the Internet. There are 3 different VANs. One is mapped on top of
the public Internet network, which will give the VMs access to the Internet. The other two are
mapped on top of the private physical network and allow hosts A and B to communicate with
each other.

28
15 References
References
[1] Rajkumar Buyya, James Broberg, and Andrzej Goscinski. Cloud Computing Principles and Paradigms.
Wiley Publications, 2013.
[2] Ronald L. Krutz and Russell Dean Vines. Cloud Security: A Comprehensive Guide to Secure Cloud
Computing. Wiley Publications, Inc., 2010.
[3] Toby Velte, Anthony Velte, and Robert Elsenpeter. Cloud Computing: A Practical Approach. McGraw
Hill, 2017.

29