228-4 enterprise systems - lecture 9

7/27/2019 228-4 Enterprise Systems - Lecture 9

1/36

Cloud Computing


2/36

Definition

Cloud computing is a pay -per-use model for enabling available, convenient, on-demand network access to ashared pool of configurable computing resources (e.g.,networks, servers, storage, applications, services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This

cloud model promotes availability.


3/36

What is cloud computing?I dont understand what we would do differently inthe light of Cloud Computing other than change thewordings of some of our ads

Larry Ellision, Oracles CEO

I have not heard two people say the same thing about it [cloud]. There are multiple definitions out there of the cloud

Andy Isherwood, HPs Vice President of European Software Sales

Its stupidity. Its worse than stupidity: its amarketing hype campaign.

Richard Stallman, Free Software Foundation founder

3


4/36

Business attributes Access resources from cloud of available computing

resourcesIs always available and scales automatically to meet demand

Is pay per use: Based on resources consumed

Enables full customer self-serviceNote: Can be provided by 3 rd party (e.g. Amazon) or on own network for v. large organisations (a.k.a private cloud)

Acquire resources on demandRelease resources when no longer needed

Turns capital investment/fixed cost into operating costs/variable costs

Reduced cost take advantage of economies of scale across users of cloud


5/36

Technology attributes

Access computing resources via Internet protocols fromany computer

Reduced system administration overhead: automated provisioning

Increased/matched reliability and security

Acquire resources on demandIncreased utilisation through sharing of resources through virtualisation

or multi-tenancyTo minimise the cost to the provider, clouds rely on a large number of commodity processors. These are cheaper to purchase and consumer less power per unit of processing when compared to high power processors

No longer design deployment environment to meet maximum load


6/36

The NIST Cloud Definition Framework

6

CommunityCloud

PrivateCloud

PublicCloud

HybridClouds

DeploymentModels

Service

Models

EssentialCharacteristics

CommonCharacteristics

Software as a

Service (SaaS)

Platform as a

Service (PaaS)

Infrastructure as

a Service (IaaS)

Resource Pooling

Broad Network Access Rapid Elasticity

Measured Service

On Demand Self-Service

Low Cost Software

Virtualization Service Orientation

Advanced Security

Homogeneity

Massive Scale Resilient ComputingGeographic Distribution

Based upon original chart created by Alex Dowbor - http://ornot.wordpress.com


7/36

OS Virtualisation leads directly to resilient computing,rapid elasticity and advanced security In case of VM based cloud, facilitates measured service as

hypervisor tracks usage

Multi-tenancy provides rapid elasticity


7



Resource Pooling


Measured Service


Low Cost Software


Advanced Security

Homogeneity




8/36

A number of other attributes rely on the scale of investment undertaken by cloud providers Early cloud promoters (e.g. Amazon & Google) had to build

massive scale for their main businesses

Use of open source software and commodity hardwarereduces overall cost to cloud provider


8



Resource Pooling


Measured Service


Low Cost Software


Advanced Security

Homogeneity




9/369

4 Cloud Deployment ModelsPrivate cloud

Cloud infrastructure is operated solely for an organization. It maybe managed by the organization or a third party and may exist onpremise or off premiseTypically only large organisations

Public cloudCloud infrastructure is made available to the 3 rd parties but isowned by an organization selling cloud services

Cloud services designed to be generic and suitable to allcustomersE.g. Amazon, Google, Microsoft, BM etc


10/3610

4 Cloud Deployment ModelsCommunity cloud

Cloud infrastructure is shared by several organizations andsupports a specific community that has shared concerns (e.g.,mission, security requirements, policy, and compliance

considerations)May be managed by the organizations or a third party and mayexist on premise or off premise

Hybrid cloudcomposition of two or more clouds that remain unique andseparate entities but are bound together by standardized or proprietary technology that enables data and applicationportabilityCloud bu rs t ing is the term used to describe the process wherean organisation extend from a private to public cloud


11/36


12/36

Service model architecture

Four main service model architecturesDatastore as a service is not always included although currentlythe most popular use of cloud

Significant differences in the technical and commercial

architectures 12

Infrastructure As A Service (IaaS)

Platform As A Service (PaaS)

Software As A Service (SaaS)

D a

t a s

t o r e a s a s e r v

i c e


13/36

Service model architecture:Datastorage as a servce

Functional: Data storage interfaces can be used by any of the other types or accessed directly

Examples of direct usage: Amazons really simple storage

Commercial: Charged on basis of amount of storage used13




D a

t a s


i c e


14/36

Characteristics of clouddatastore

Cloud based datastore is massively distributed and scalableUtilises large number of commodity servers (a.k.a. nodes)

This implies that the chance of system failure across a large number of nodes is high

Therefore, cloud datastore must cope with node failure

Cloud datastores are typically non-relationalDistribution across a large number of nodes not a good fit to therelational model of databases. Relational databases support joinswhich are hard to implement in a massively distributed way

To address requirement for relational database capabilitiesEither provide relational interfaces to non-relational infrastructure

Allow relational databases to run on a small number of nodes as part of the virtualisation

14


15/36

Characteristics of clouddatastore

Cloud datastores are optimised for large scale data searchE.g. Googles MapReduce (and hadoop an open sourceimplementation) which divide the processing into multiple blocks (Map)and then process each block on one or more nodes (reduce)

Cloud datastores are also appropriate to business intelligenceapplications which require column based processing

E.g. Summing sales in a particular regionIn contrast, relational databases are efficient for record/row level

read/write

15


16/36

Service model architecture:IaaS

Functional: Virtual server instances available for provisioningExamples: Amazons EC2,

Commercial: Charged on basis of number /scale of instances aswell as usage profile

16




D a

t a s


i c e


17/36

Example: Amazon EC2

Amazon provides a range of general purpose supportservices accessible via VMs

Examples of these servicesincludeSimple Queue Service: Limitedmessaging system for communications between VMs

S3: Cloud storage service

17


18/36

Example: Amazon EC2

Other examples of these services (cont)SimpleDB: Non-relational databaseElastic MapReduce: large scale search and text processinginfrastructureFlexible payment service: enabling website paymentsMechanical Turk: outsourcing marketplace

18


19/36

Amazon EC2 options andpricing

Aws.amazon.com/ec2

19


20/36

Service model architecture:PaaS

Functional: Application development and deployment environmentProvides programming APIs as well as underlying infrastructure

Commercial: Metering and billing based on application usage typically CPU consumption/datastore consumption

20




D a

t a s


i c e


21/36

Example: Google AppEnginePlatform uses multiple tenancy onthe single infrastructure

Benefit of charging only on usage andnot on number of instance (as with IaaS)

Provides general purpose supportservices

Includes infrastructure services such asdatabase

Also includes application level interfacessuch as video conferencing

Provides both server and client side APIs to develop Google AppEngineapplications

Provides a platform which is proprietary21


22/3622

Example: Microsoft Azure Services

Access to the Microsoft platform as a cloud basedplatform

Provides a platform which is proprietary

Source: Microsoft Presentation, A Lap Around Windows Azure, Manuvir Das


23/36

Service model architecture:SaaS

Functional: End user interaction with the Applications function Allows for customisation of UI and workflowsOften uses mult-tenancy databases

Commercial: typically billing based on number of users23




D a

t a s


i c e


24/36

Example: Salesforce.comProvides complete application accessiblefrom the cloud

Infrastructure is hidden from the user

Software can be configured to supportcustomer specific requirements

Supports customisation through configurationdriven languageScope for customisation is limited

Uses multi-tenancy architectureEssential a platform for a specific class of application

Configuration results in a change to both UI andunderlying database schema for that customer 24


25/36

Examples of configuration

UI actions (such as entering an email address) can have customised scriptsassociated with them which perform workflow or validation logic Workflow defines the sequence of steps through the UI screens Validation logic enforces rules about information entered based on customer

specific standards or context specific restraints (i.e. What can be entered giventhe current workflow)

These may not effect the database schema definition and therefore can bedeployed only to that customers UI 25


26/36

Examples of configuration

UI definitions (or associated workflows) may also requiremodifications/extensions to the database schema

Through multi-tenancy/multi-schema approach, the metadata definingthe schemas specific to that customer is modified without impacting onthe baseschema or the other customers deployed schemas

26


27/36

27

Different types of SaaS

Type 1: Ad-Hoc/CustomType 2: ConfigurableType 3: Configurable, Multi-Tenant-EfficientType 4: Scalable,Configurable, Multi-Tenant-Efficient

27Source: Microsoft MSDN Architecture Center


28/36

28

Different types of SaaSType 1: Ad-Hoc/CustomEach customer (or tenant) hasthere own instance of theapplication which can becustomised on an individual basisLevel 1 SaaS is equivalent toapplication hosting

28


29/36

29

Different types of SaaSType 2: Configurable

A single application base iscustomised for eachcustomer/tenantCustomisation is deployed withineach instance of the applicationDeployment of upgrades across theinstance will require roll-out to eachinstance

29


30/36

30

Different types of SaaSType 3: Configurable, Multi-Tenant-Efficient

A single application base andinstance is customised for eachcustomer/tenantCustomisation is deployed at run-time within each instance of theapplicationSingle instance is more resourceefficient than multiple instancesDeployment of upgrades made to asingle instance

30


31/36


32/36

Conclusions: Understanding thedifferent service model architectures

Different levels of abstractionOS: Amazon EC2

Application development framework : Google AppEngine Applicaton customisation: Salesforce

Similar to languagesHigher level abstractions can be built on top of lower ones

EC2 Azure AppEngine

Lower-level,More flexibility,

More managementScalability through configuration

Higher-level,Less flexibility,

Less managementAutomatically scalable

32

Salesforce.com

IAA S PAA S SAA S


33/36

Cloud and security

33


34/36

34

General Security ChallengesSecurity/data control is the most often cited issue withmigration to the cloud

Issues include:Trusting vendors security model Customer inability to respond to audit findings(dependent on service provider to modify service)

Obtaining support for investigationsIndirect administrator accountabilityProprietary implementations cant be examined Loss of physical control


35/36

35

Cloud Security Challenges Part 1

Data dispersal and international privacy lawsEU Data Protection Directive and U.S. Safe Harbor programExposure of data to foreign government and data subpoenasData retention issues

Mostly addressed by cloud vendor providing geographicspecific services

Clear data ownership

Quality of service guaranteesReliability of cloud service providers service in the context of enterprise level quality of service commitments (typically withrequired recovery times in seconds or minutes)Potential for massive outages


36/36

Cloud Security Challenges Part 2

Dependence on secure hypervisors (for IaaS) or Multi-tenancy (in both PaaS and SaaS)

Attraction to hackers (high value target)

Security of virtual OSs in the cloud

Encryption needs for cloud computingEncrypting access to the cloud resource control interfaceEncrypting administrative access to OS instancesEncrypting access to applicationsEncrypting application data at rest

Lack of public PaaS/SaaS version controlChanges to the service may occur with out explicit agreementfrom the customer unlike tightly controlled lifecyclemanagement within an enterprise

228-4 enterprise systems - lecture 9

Documents