MODULE 3

Cloud Infrastructure Mechanisms

7.1 Logical Network Perimeter
7.2 Virtual Server
7.3 Cloud Storage Device
7.4 Cloud Usage Monitor
7.5 Resource Replication
7.1. Logical Network Perimeter
• Defined as the isolation of a network environment
from the rest of a communications network, the
logical network perimeter establishes a virtual
network boundary that can encompass and isolate a
group of related cloud-based IT resources that may be
physically distributed.
• This mechanism can be implemented to:

• isolate IT resources in a cloud from non-authorized users

• isolate IT resources in a cloud from non-users
• isolate IT resources in a cloud from cloud consumers
• control the bandwidth that is available to isolated IT resources
• Logical network perimeters are typically established via network
devices that supply and control the connectivity of a data center and
are commonly deployed as virtualized IT environments that include:

• Virtual Firewall – An IT resource that actively filters network traffic to

and from the isolated network while controlling its interactions with the
Internet.

• Virtual Network – Usually acquired through VLANs, this IT resource

isolates the network environment within the data center infrastructure.
The symbols used to represent a virtual firewall (top) and a virtual
network (bottom).
Two logical network perimeters surround the cloud consumer and
cloud provider environments.
A logical network layout is established through a set of logical network perimeters using
various firewalls and virtual networks.
 7.2. Virtual Server
• A virtual server is a form of virtualization software that emulates a
physical server.

• Virtual servers are used by cloud providers to share the same physical
server with multiple cloud consumers by providing cloud consumers
with individual virtual server instances
The first physical server hosts two virtual servers, while the second physical server hosts one
virtual server.
 • As a commodity mechanism, the virtual server represents the most
foundational building block of cloud environments.

• Each virtual server can host numerous IT resources, cloud-based solutions,

and various other cloud computing mechanisms.

• The instantiation of virtual servers from image files is a resource allocation

process that can be completed rapidly and on-demand

• Cloud consumers that install or lease virtual servers can customize their
environments independently from other cloud consumers that may be using
.
virtual servers hosted by the same underlying physical server.
• A virtual server that hosts a cloud service being accessed by Cloud Service
Consumer B, while Cloud Service Consumer A accesses the virtual server
directly to perform an administration task.
• Fig . depicts several virtual servers running over physical servers, all of
which are jointly controlled by a central VIM.
• The following virtual server packages are offered to cloud consumers.
Each package has different pre-defined performance configurations and limitations:
• Small Virtual Server Instance – 1 virtual processor core, 4 GB of virtual RAM, 20 GB of storage space in
the root file system
• Medium Virtual Server Instance – 2 virtual processor cores, 8 GB of virtual RAM, 20 GB of storage space in
the root file system
• Large Virtual Server Instance – 8 virtual processor cores, 16 GB of virtual RAM, 20 GB of storage space in
the root file system
• Memory Large Virtual Server Instance – 8 virtual processor cores, 64 GB of virtual RAM, 20 GB of storage
space in the root file system
• Processor Large Virtual Server Instance – 32 virtual processor cores,
16 GB of virtual RAM, 20 GB of storage space in the root file system
• Ultra-Large Virtual Server Instance – 128 virtual processor cores, 512GB of virtual RAM, 40 GB of storage
space in the root file system
Additional storage capacity can be added to a virtual server by attaching
7.3. Cloud Storage Device

• The cloud storage device mechanism represents storage devices that are designed
specifically for cloud-based provisioning. Instances of these devices can be
virtualized, similar to how physical servers can spawn virtual server images.

• Cloud storage devices are commonly able to provide fixed-increment

capacity allocation in support of the pay-per-use mechanism.

• Cloud storage devices can be exposed for remote access via cloud storage
services.
Cloud Storage Levels
Cloud storage device mechanisms provide common logical units of data storage,
such as:

• Files – Collections of data are grouped into files that are located in folders.
• Blocks – The lowest level of storage and the closest to the hardware, a
block is the smallest unit of data that is still individually accessible.
• Datasets – Sets of data are organized into a table-based, delimited, or
record format.
• Objects – Data and its associated metadata are organized as Web-based
resources.

Each of these data storage levels is commonly associated with a certain type of
technical interface which corresponds to a particular type of cloud storage
device
and cloud storage service used to expose its API
• Different cloud service consumers utilize different technologies to
interface with virtualized cloud storage devices.
 Different cloud service consumers utilize different
technologies to interface with virtualized cloud storage
devices.
7.4. Cloud Usage Monitor

• The cloud usage monitor mechanism is a lightweight and autonomous

software program responsible for collecting and processing IT
resource usage data.

• Depending on the type of usage metrics they are designed to collect

and the manner in which usage data needs to be collected, cloud
usage monitors can exist in different formats.
• Here we describe three common agent based implementation formats.
Each can be designed to forward collected usage data to a log database
for post-processing and reporting purposes.
• Monitoring Agent
• A monitoring agent is an intermediary, event-driven program that
exists as a service agent and resides along existing communication
paths to transparently monitor and analyze data flows.

• This type of cloud usage monitor is commonly used to measure

network traffic and message metrics.
• A cloud service consumer sends a request message to a cloud service
(1) The monitoring agent intercepts the message to collect relevant
usage data
(2) before allowing it to continue to the cloud service
(3a) The monitoring agent stores the collected usage data in a log database
(3b). The cloud service replies with a response message
(4) that is sent back to the cloud service consumer without being intercepted by the monitoring
agent (5).
• Resource Agent

• A resource agent is a processing module that collects

usage data by having event-driven interactions with
specialized resource software This module is used to
monitor usage metrics based on pre-defined,
observable events at the resource software level, such
as initiating, suspending, resuming, and vertical
scaling.
The resource agent is actively monitoring a virtual server and detects
an increase in usage
(1). The resource agent receives a notification from the underlying resource
management program that the virtual server is being scaled up and stores the
collected usage data in a log database, as per its monitoring metrics (2).
• Polling Agent

• A polling agent is a processing module that collects cloud service usage

data by polling IT resources. This type of cloud service monitor is
commonly used to periodically monitor IT resource status, such as
uptime and downtime.
• A polling agent monitors the status of a cloud service hosted by a virtual
server by sending periodic polling request messages and receiving
polling response messages that report usage status “A” after a number
of polling cycles, until it receives a usage status of “B” (1), upon which
the polling agent records the new usage status in the log database (2).
7.5. Resource Replication
• Defined as the creation of multiple instances of the same IT resource,
replication is typically performed when an IT resource’s availability
and performance need to be enhanced.

• Virtualization technology is used to implement the resource

replication mechanism to replicate cloud-based IT resources
• The hypervisor replicates several instances of a virtual
server, using a stored virtual server image.
7.6. Ready-Made Environment
• The ready-made environment mechanism is a defining component of
the PaaS cloud delivery model that represents a pre-defined, cloud-
based platform comprised of a set of already installed IT resources,
ready to be used and customized by a cloud consumer.

• These environments are utilized by cloud consumers to remotely

develop and deploy their own services and applications within a
cloud. Typical ready-made environments include pre-installed IT
resources, such as databases, middleware, development tools, and
governance tools.
• A cloud consumer accesses a ready-made environment
hosted on a virtual server.