FELHŐ ALAPÚ TECHNOLÓGIÁK

(VIRTUALIZÁCIÓ)
BH-MIT065-[NL]-EA
Dr. Nyikes Zoltán
docens
nyikes.zoltan@uni-milton.hu

1. Előadás
Main topics
01 What Is Cloud Computing? 07 Strategies for Cloud Adoption
02 Cloud Models 08 Applications in the Cloud
03 Service Models 09 Cloud Service Rollout
04 Current Cloud Technologies 10 Cloud Service-Level Management
05 Cloud Business Value 11 Security in the Cloud
06 Cloud Infrastructure Planning 12 Privacy and Compliance
1 What Is Cloud Computing?
The "terrible truth"?
01.01 Defining cloud computing
• network-accessible computing resource pools
• hardware-independent framework for future growth and development
• resources and processing power available to each can be adjusted on the fly to meet demand
• allowing an organization to
• spin up a proof-of-concept application
• expand that to a full prototype, and then
• roll it out for full use
without having to worry about whether existing hardware, data centre space, power, and cooling are capable of handling the load
Cloud ≈philosophy &
architecture concept
Separate
• application
• OS
• DB
• HW

from each other

Networking and functions bridging various
parts of the enterprise over the Internet
Almost anything can be hosted in the cloud,
from databases and applications to complete
virtual infrastructures encompassing data
storage, networking, and all components of
the server environment. The cloud can also
host virtualized user desktop environments
available from any networked client device,
whether or not the client has sufficient local
resources to host the virtualized desktop
environment and its various applications.
Key Attributes of Cloud Computing
• Network accessible
• Sustainable
• Managed through self-service on-demand
NIST SP 800-145
five essential characteristics:
Cloud computing is a model for 1) on-demand self-service
enabling ubiquitous, convenient, 2) broad network access
3) resource pooling
on-demand network access to a 4) rapid elasticity
shared pool of configurable 5) measured service
computing resources (e.g., three service models:
1) SaaS
networks, servers, storage, 2) PaaS
applications, and services) that 3) IaaS
can be rapidly provisioned and four deployment models:
1) private
released with minimal 2) community
management effort or service 3) public
4) hybrid
provider interaction.
01.02 Understanding distributed
application design
• Standard APIs
• XML web services
• Just-in-time (JIT) inventory management
• Location and type of hardware supporting a software application can shift from moment to moment –
organization’s services adapt to these changes with a flexible link between services, resources,
networking, and storage without interruption or be rapidly transferred to data centres outside of the
affected area
01.03 Understanding resource
management automation
• Make sure that equipment has sufficient resources for peak load periods but then must power and cool
those systems even when they are minimally utilized (periodic and cyclical resource requirements)
• Deal with botnets and distributed denial-of-service (DDOS) attacks
01.04 Understanding virtualized
computing environments
• Cloud hosting providers use virtualization to
• expand capacity
• provision new services
• automate deployment
• enhance capacity expansion speed
• improve operations refresh
• The focus is on how the business uses
technology rather than on the technology itself
• Server virtualization allows multiple systems to
run on a more powerful server (multitenancy)
• System resources can be fully utilized before
another server is brought online
• Reduce operating costs and data centre cooling
requirements
01.05 Understanding high-performance
computing models
• Separating individual procedures into multiple
simultaneous processes that are sent out to
individual computers, which then complete their
portion
• Individual results are combined later to provide
the complete final result
• More resources to be dedicated to an
application that is present on its host server
alone
• New technologies are emerging that can also
dedicate per-core resources to individual
processes
01.06 Understanding cloud computing
technologies
• Workstations
• Thin clients
• Mobile clients
• Servers
• Other cloud services
2 Cloud Models
 Precursor technologies:
Mainframes & Terminal services servers
Mainframe
• storage, CPU, memory centralised
• dumb terminals
• all terminal has some time-slot of CPU-time

Terminal services server

• storage, CPU, memory centralised
• thin client
• the user environment is running on the server
but available in a local window – as it were
installed locally
Everything happens on the [mainframe │ terminal services server], nothing in the [dumb terminal │ thin client]
In case of a client failure, → get another client
Precursor technologies:
Application servers
• Based on the terminal server idea, but it
provides only access to an application
• Thin client sees an application, not the whole
desktop
 Precursor technologies:
Web applications
• Sitting on the web, users access it via a web
browser
• Nothing application-specific is installed locally

Client hardware/software crash → move to another machine with a browser installed on

 Precursor technologies:
Clustering & Load balancing
• (WEB applications store data in database cluster)
• Servers in the cluster might have different
• hardware (processor, memory)
• OS
• network speed
• site
• Application domain:
• active directory (authentication)
• storage (“just data”)

Sever failure → the affected server is no longer offered

Precursor technologies:
Virtualisation
System failure
• physical server: reinstall everything from scratch
• OS
• DBMS
• application
• data

• virtual server: restore/reload the whole server

from backed-up images
02.01 Evolving from virtualization to the
cloud
Server virtualization
•Consolidate server resources into smaller numbers of more robust host hardware components
•Organizations concentrate across a smaller number of physical hosts with a lower percentage of
potential resources left idle and consuming power when unused
•Hardware independence allows organizations to purchase best-cost alternatives and avoid vendor lock-
in
•Improves disaster recovery and business continuity efficiency
•Costs at this level are managed as capital expenses
Distributed virtualization
Extending the virtualization, using technologies that can
• transfer operations between automated systems, organizations
• increase the flexibility of their server infrastructure and the
operational resources available to virtual machines
Improved flexibility:
• Virtualization of data storage across distributed storage area network (SAN) infrastructures
• Interoperation of application component services through service-oriented architectural (SOA) integration
• Automatic load-management utilities that can migrate virtualized server instances from one host to another
based on total resource load
Costs at this level are managed as mixed capital and operational expenses, providing greater
resistance to
• capacity overruns and
• server node loss through
• automated failover and resource capacity levelling
Private clouds
•Resident upon hardware located in local data centres but running cloud infrastructural software
•Self-service resource allocation and consumption metering for cost recovery billing models
•Standard platform for application development and availability even when the hardware remains
heterogeneous
•Transforms IT toward a utility business model
(allocate resources based on service performance,
not on projections of planned resource needs)
•Enhancing the flexibility of resource assignment while
still relying on local server resources
•Mild efficiencies of scale can be achieved at this stage
•Costs remain both capital and operational
(because tech refresh comes only from the organization itself)
Hybrid clouds
• Extend resource pool beyond the systems present
in local data centres
• Bridge local private clouds with other cloud offerings
• Allows organizations to
• retain total control over data resources that are critical, sensitive or transformative to their business operations while transferring
less-sensitive operations to more efficient public cloud service providers
• develop a greater capacity for response to peak loads and unanticipated demands
• Billing continues to develop along with the utility model, allowing the load to determine the cost as
operational expenses and internal billing for cost recovery
• Capital expenses are reduced because only key services might be retained
• Model for mid-transition between local and public cloud services, allowing developers to test
applications using local resources with very low latency and locally controlled high-capacity networking
Public clouds
•Operate like public power production systems,
bringing industrial-scale cost efficiencies and
hosting location flexibility to organizations
•Leverage efficiencies of scale and mobility of hosting to facilitate green initiatives to reduce the
carbon footprint or power consumption
•IT expands as a business component with a smaller dedicated server support staff required for
daily operations
•Eliminate private cloud components in favour of externally provided public cloud environments
•Total elimination of data centre resources is not a near-term target — it is the end state of
today’s virtualization taken to its full potential.
•Capital expenses for IT focus on client access technologies, while applications, services, and
infrastructural elements become operational expenses alone.
Resistance Due to
Perceived (?) Loss of Control
• Security and control over data play a significant role in plans for cloud computing initiatives
• Opponents idea that “if you cannot touch it, you no longer own it”
• Offsite hosting and outsourcing taking components out of the local data centre
• Infrastructure and operations staff must evolve their skill sets along with the organization’s
transformation to remain viable
02.02 Planning organization roles in the
cloud #1
Existing role to be transformed:
• Capacity planners
• must instead understand the cost related to performance data and operational thresholds necessary for business services
and understand the critical assets
• Network Operation Centre (NOC) staff
• must develop new strategies for monitoring and managing nonlocal data centres and across multiple systems
• Vendor management staff
• must understand and negotiate and handle shortfalls and exceptions
• negotiate hybrid and public cloud service-level contracts, update or extend them to meet changes in service-level
requirements over time
• mix of financial management skills needed to aid in chargeback and cost-recovery billing based on service resource
consumption
• Support desk staff
• need to develop a greater understanding of networking to identify the source of cloud access issues for remote services
• aiding users during the transfer from traditional to cloud computing models while both systems coexist and then providing
client access support management of incidents and problems that will continue until the technology matures significantly
beyond today’s systems
02.02 Planning organization roles in the
cloud #2
New, Cloud specific roles:
• Cloud architect
• technical professional
• responsible for reinventing the enterprise as it migrates to the cloud
• Cloud service manager
• business person
• responsible for financial management, including pricing, service levels, and service classes
02.03 Identifying cloud deployment
models and scope modifiers
Bursting at the Seams
• Cloud bursting is a hybrid cloud implementation
where local private cloud resources are used to
support an application until a spike in demand
exceeds local resource limits
• At this point, the app “bursts” out of the private
cloud into designated public cloud resources to
manage the overrun
• Designated cloud providers must be running a
compatible platform to support cloud bursting
from the private cloud
Model Scope Modifiers
• Beyond the NIST model, organisations may choose to host
• private
• community
• parts of hybrid
• clouds either
• on-site
• outsourced to a hosting provider
Multitenancy
• A particular hosting server sharing
workloads from multiple clients or services
are separated only by access policies
configured on the cloud server software
• Attacks on one service could overwhelm
resources available to an unrelated service if
multitenancy planning is not imposed to
isolate key services
Model Scope Modifiers—On-site private
clouds
• Traditional data centre extended to include cloud services on site
• The organisation’s traditional network and IT support will continue to be involved
in cloud support
• The cloud services will conceal operational details such as workload location and
multitenancy on individual host systems, but they can provide enhanced control
over resource monitoring and flexibility with dedicated virtualisation hosts or
physical server hosting scenarios
• Costs may be high if new data centres are required or data centre conversion is
required for the new private cloud, and local resource constraints will still be
present if not coupled to external services for cloud bursting.
Model Scope Modifiers—On-site
community clouds
• A private cloud is expanded to provide services to a community
of related organisations
• Operates as a private cloud to the hosting organisation but as a
remote partitioned public cloud to the other organisations in the
same community
• Only a limited scope of requestors access
• improve the security of community clouds
• resource limitations and high costs are still retained
• Community’s networks and resource requirements may vary
widely from the hosting organisation’s standards; they can
create variable costs in addition to those of the private cloud
model
Model Scope Modifiers—Outsourced
community clouds
• Carry the same issues as their on-site community cloud counterparts and gain the same advantages as
their outsourced private equivalents — data centre costs will be lower
• Outsourcing operating expenses may be higher than for self-hosted alternatives
• All organisations access the outsourced community cloud as a remote partitioned public cloud
(because no organisation in the community will host the outsourced resources)
Model Scope Modifiers—Public clouds
• Continue the evolution of virtualisation, extending the outsourced community
cloud to services available to authorised access from the organisational,
community, and general public security requestors
• All access will be remote, while operational details such as workload location and
multitenancy are concealed beyond the organisation’s monitoring scope
• Typically carry the lowest up-front costs because they rely on existing data centres,
creating very large resource pools
• Despite the high degree of elasticity, they require management to ensure that
rising demands do not generate unexpected cost overruns
• SLAs and other contractual agreements also present challenges for the
organisation when dealing with public cloud services
Model Scope Modifiers—Hybrid clouds
• Can bridge other models for cloud computing and will include all of the same limitations and
advantages
• Additional requirement for standardisation and compatibility between on-site, outsourced, and public
components
• Require more management than the other models but allows to align resources with business
requirements to gain the best solution to meet all of their various needs
Hybrid as a Surface Rather than an Axis
HYBRID CLOUDS MIGHT BE BUILT AS

• horizontal hybrid models: provide to different • vertical hybrid models: bring together all
access groups services required for a particular task, such as
• database
• web interface
• payment application
• shipping management applications
supporting an e-purchase service
02.04 Including future cloud models
• As cloud computing matures, additional models
will undoubtedly evolve to meet arising needs.
• Cloud-based disaster recovery and backup are
expanding traditional data center and core IT
functions
• Users can often access cloud services entirely
within their web browsers, bypassing many
controls of information provisions in the
enterprise environment (Shadow IT)
• Regulatory mandates and legal requirements for
accountability and responsibility require
additional planning and user training, such as
European Union’s GDPR & Safe Harbor privacy
principles, and U.S. CLOUD Act impact the
adoption of mobile data services
03 Service Models
03.01 Categorizing cloud services
Cloud providers group their offerings into three primary “aaS” categories according to their level
of abstraction, identified by NIST by these designations
• Software as a Service (SaaS)
• Platform as a Service (PaaS)
• Infrastructure as a Service (IaaS)
Service models
A typical depiction of the cloud service
models, depicting their relationship as a
hierarchical model with each layer consuming
elements of layers lower in the model
Cloud service models aligned with their
principle consuming populations
03.02 Software as a Service
03.03 Platform as a Service
03.04 Infrastructure as a Service
Big Data
General rule-of-thumb application to any data set that cannot be processed in a reasonable
amount of time due to its size or complexity
Traditionally, supercomputers have been necessary to manage big data
Modern data analytics have expanded the potential use for big data into everyday office
environments
03.05 Emerging Cloud
Database as a Service capabilities
Cloud services have not lost access to their
basic functions, and they gain significant
advantages leveraging them in the age of
“big data” through distributed computing
cloud functions and services such as
• Database as a Service (DBaaS)
• Data Mining as a Service (DMaaS)
• Data Warehousing as a Service (DWaaS),
and
• other cloud-specific forms of database
management that are being developed
03.06 Everything as a Service
Many cloud providers also offer other
’as a Services’
These are sometimes described as XaaS
– ’Anything as a Service’, such as
• DaaS – Database as a Service
• DRaaS – Disaster Recovery as a Service
• BaaS – Backup as a Service
• Storage as a Service
…any many more
Vendor Lock-In?
Vendor lock-in and proprietary lock-
in both refer to the condition in
which an organization finds itself
relying on a proprietary technology
base that restricts future migration
to alternative solutions without high
costs for transition of supportive
technologies
Organizations seeking agility must be
careful to manage vendor lock-in
constraints in long-range planning
How to avoid vendor Lock-In?
Summary