Cloud Computing Concepts, Technology & Architecture PDF
Document Details
Uploaded by Deleted User
2013
Thomas Erl, Zaigham Mahmood, and Ricardo Puttini
Tags
Summary
This book provides a thorough and detailed description of cloud computing concepts, architectures, and technologies. It serves as a great reference for both newcomers and experts. The book considers multiple aspects, including technology, architecture, and business value.
Full Transcript
About This eBook ePUB is an open, industry-standard format for eBooks. However, support of ePUB and its many features varies across reading devices and applications. Use your device or app settings to customize the presentation to your liking. Settings that you can customize often include font,...
About This eBook ePUB is an open, industry-standard format for eBooks. However, support of ePUB and its many features varies across reading devices and applications. Use your device or app settings to customize the presentation to your liking. Settings that you can customize often include font, font size, single or double column, landscape or portrait mode, and figures that you can click or tap to enlarge. For additional information about the settings and features on your reading device or app, visit the device manufacturer’s Web site. Many titles include programming code or configuration examples. To optimize the presentation of these elements, view the eBook in single-column, landscape mode and adjust the font size to the smallest setting. In addition to presenting code and configurations in the reflowable text format, we have included images of the code that mimic the presentation found in the print book; therefore, where the reflowable format may compromise the presentation of the code listing, you will see a “Click here to view code image” link. Click the link to view the print-fidelity code image. To return to the previous page viewed, click the Back button on your device or app. 2 Cloud Computing Concepts, Technology & Architecture Thomas Erl, Zaigham Mahmood, and Ricardo Puttini PRENTICE HALL UPPER SADDLE RIVER, NJ BOSTON INDIANAPOLIS SAN FRANCISCO NEW YORK TORONTO MONTREAL LONDON MUNICH PARIS MADRID CAPE TOWN SYDNEY TOKYO SINGAPORE MEXICO CITY 3 Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and the publisher was aware of a trademark claim, the designations have been printed with initial capital letters or in all capitals. The authors and publisher have taken care in the preparation of this book, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for incidental or consequential damages in connection with or arising out of the use of the information or programs contained herein. The publisher offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales, which may include electronic versions and/or custom covers and content particular to your business, training goals, marketing focus, and branding interests. For more information, please contact: U.S. Corporate and Government Sales (800) 382-3419 [email protected] For sales outside the United States, please contact: International Sales [email protected] Visit us on the Web: informit.com/ph The Library of Congress Cataloging-in-Publication data is on file. Copyright © 2013 Arcitura Education Inc. All rights reserved. Printed in the United States of America. This publication is protected by copyright, and permission must be obtained from the publisher prior to any prohibited reproduction, storage in a retrieval system, or transmission in any form or by any means, electronic, mechanical, photocopying, recording, or likewise. To obtain permission to use material from this work, please submit a written request to Pearson Education, Inc., Permissions Department, One Lake Street, Upper Saddle River, New Jersey 07458, or you may fax your request to (201) 236-3290. ISBN-13: 978-0-13-338752-0 ISBN-10: 0-13-338752-6 Text printed in the United States on recycled paper at Courier in Westford, Massachusetts. 11 19 Readers can download high-resolution, full-color versions of all this book’s figures at: www.informit.com/title/9780133387520 Editor-in-Chief Mark L. Taub 4 Managing Editor Kristy Hart Senior Project Editor Betsy Gratner Copy Editor and Development Editor Maria Lee Senior Indexer Cheryl Lenser Proofreaders Maria Lee Williams Woods Publishing Publishing Coordinator Kim Boedigheimer Research Assistant Briana Lee Cover Designer Thomas Erl Compositor Bumpy Design Photos Thomas Erl Dominika Graphics KK Lui Briana Lee 5 Readers can download high-resolution, full-color versions of all this book’s figures at www.informit.com/title/9780133387520 and www.servicetechbooks.com/cloud. 6 Praise for this Book “Cloud computing, more than most disciplines in IT, suffers from too much talk and not enough practice. Thomas Erl has written a timely book that condenses the theory and buttresses it with real- world examples that demystify this important technology. An important guidebook for your journey into the cloud.” —Scott Morrison, Chief Technology Officer, Layer 7 Technologies “An excellent, extremely well-written, lucid book that provides a comprehensive picture of cloud computing, covering multiple dimensions of the subject. The case studies presented in the book provide a real-world, practical perspective on leveraging cloud computing in an organization. The book covers a wide range of topics, from technology aspects to the business value provided by cloud computing. This is the best, most comprehensive book on the subject—a must-read for any cloud computing practitioner or anyone who wants to get an in-depth picture of cloud computing concepts and practical implementation.” —Suzanne D’Souza, SOA/BPM Practice Lead, KBACE Technologies “This book offers a thorough and detailed description of cloud computing concepts, architectures, and technologies. It serves as a great reference for both newcomers and experts and is a must-read for any IT professional interested in cloud computing.” —Andre Tost, Senior Technical Staff Member, IBM Software Group “This is a great book on the topic of cloud computing. It is impressive how the content spans from taxonomy, technology, and architectural concepts to important business considerations for cloud adoption. It really does provide a holistic view to this technology paradigm.” —Kapil Bakshi, Architecture and Strategy, Cisco Systems Inc. “I have read every book written by Thomas Erl and Cloud Computing is another excellent publication and demonstration of Thomas Erl’s rare ability to take the most complex topics and provide critical core concepts and technical information in a logical and understandable way.” —Melanie A. Allison, Principal, Healthcare Technology Practice, Integrated Consulting Services “Companies looking to migrate applications or infrastructure to the cloud are often misled by buzzwords and industry hype. This work cuts through the hype and provides a detailed look, from investigation to contract to implementation to termination, at what it takes for an organization to engage with cloud service providers. This book really lays out the benefits and struggles with getting a company to an IaaS, PaaS, or SaaS solution.” —Kevin Davis, Ph.D., Solutions Architect 7 “Thomas, in his own distinct and erudite style, provides a comprehensive and a definitive book on cloud computing. Just like his previous masterpiece, Service-Oriented Architecture: Concepts, Technology, and Design, this book is sure to engage CxOs, cloud architects, and the developer community involved in delivering software assets on the cloud. Thomas and his authoring team have taken great pains in providing great clarity and detail in documenting cloud architectures, cloud delivery models, cloud governance, and economics of cloud, without forgetting to explain the core of cloud computing that revolves around Internet architecture and virtualization. As a reviewer for this outstanding book, I must admit I have learned quite a lot while reviewing the material. A ‘must have’ book that should adorn everybody’s desk!” —Vijay Srinivasan, Chief Architect - Technology, Cognizant Technology Solutions “This book provides comprehensive and descriptive vendor-neutral coverage of cloud computing technology, from both technical and business aspects. It provides a deep-down analysis of cloud architectures and mechanisms that capture the real-world moving parts of cloud platforms. Business aspects are elaborated on to give readers a broader perspective on choosing and defining basic cloud computing business models. Thomas Erl’s Cloud Computing: Concepts, Technology & Architecture is an excellent source of knowledge of fundamental and in-depth coverage of cloud computing.” —Masykur Marhendra Sukmanegara, Communication Media & Technology, Consulting Workforce Accenture “The richness and depth of the topics discussed are incredibly impressive. The depth and breadth of the subject matter are such that a reader could become an expert in a short amount of time.” —Jamie Ryan, Solutions Architect, Layer 7 Technologies “Demystification, rationalization, and structuring of implementation approaches have always been strong parts in each and every one of Thomas Erl’s books. This book is no exception. It provides the definitive, essential coverage of cloud computing and, most importantly, presents this content in a very comprehensive manner. Best of all, this book follows the conventions of the previous service technology series titles, making it read like a natural extension of the library. I strongly believe that this will be another bestseller from one of the top-selling IT authors of the past decade.” —Sergey Popov, Senior Enterprise Architect SOA/Security, Liberty Global International “A must-read for anyone involved in cloud design and decision making! This insightful book provides in-depth, objective, vendor-neutral coverage of cloud computing concepts, architecture models, and technologies. It will prove very valuable to anyone who needs to gain a solid understanding of how cloud environments work and how to design and migrate solutions to clouds.” —Gijs in ’t Veld, Chief Architect, Motion10 “A reference book covering a wide range of aspects related to cloud providers and cloud consumers. If you would like to provide or consume a cloud service and need to know how, this is your book. The 8 book has a clear structure to facilitate a good understanding of the various concepts of cloud.” —Roger Stoffers, Solution Architect “Cloud computing has been around for a few years, yet there is still a lot of confusion around the term and what it can bring to developers and deployers alike. This book is a great way of finding out what’s behind the cloud, and not in an abstract or high-level manner: It dives into all of the details that you’d need to know in order to plan for developing applications on cloud and what to look for when using applications or services hosted on a cloud. There are very few books that manage to capture this level of detail about the evolving cloud paradigm as this one does. It’s a must for architects and developers alike.” —Dr. Mark Little, Vice President, Red Hat “This book provides a comprehensive exploration of the concepts and mechanics behind clouds. It’s written for anyone interested in delving into the details of how cloud environments function, how they are architected, and how they can impact business. This is the book for any organization seriously considering adopting cloud computing. It will pave the way to establishing your cloud computing roadmap.” —Damian Maschek, SOA Architect, Deutsche Bahn “One of the best books on cloud computing I have ever read. It is complete yet vendor technology neutral and successfully explains the major concepts in a well-structured and disciplined way. It goes through all the definitions and provides many hints for organizations or professionals who are approaching and/or assessing cloud solutions. This book gives a complete list of topics playing fundamental roles in the cloud computing discipline. It goes through a full list of definitions very clearly stated. Diagrams are simple to understand and self-contained. Readers with different skill sets, expertise, and backgrounds will be able to understand the concepts seamlessly.” —Antonio Bruno, Infrastructure and Estate Manager, UBS AG “Cloud Computing: Concepts, Technology & Architecture is a comprehensive book that focuses on what cloud computing is really all about.... This book will become the foundation on which many organizations will build successful cloud adoption projects. It is a must-read reference for both IT infrastructure and application architects interested in cloud computing or involved in cloud adoption projects. It contains extremely useful and comprehensive information for those who need to build cloud-based architectures or need to explain it to customers thinking about adopting cloud computing technology in their organization.” —Johan Kumps, SOA Architect, RealDolmen “This book defines the basic terminology and patterns for the topic—a useful reference for the cloud practitioner. Concepts from multitenancy to hypervisor are presented in a succinct and clear manner. The underlying case studies provide wonderful real-worldness.” 9 —Dr. Thomas Rischbeck, Principal Architect, ipt “The book provides a good foundation to cloud services and issues in cloud service design. Chapters highlight key issues that need to be considered in learning how to think in cloud technology terms; this is highly important in today’s business and technology environments where cloud computing plays a central role in connecting user services with virtualized resources and applications.” —Mark Skilton, Director, Office of Strategy and Technology, Global Infrastructure Services, Capgemini “The book is well organized and covers basic concepts, technologies, and business models about cloud computing. It defines and explains a comprehensive list of terminologies and glossaries about cloud computing so cloud computing experts can speak and communicate with the same set of standardized language. The book is easy to understand and consistent with early published books from Thomas Erl.... It is a must-read for both beginners and experienced professionals.” —Jian “Jeff” Zhong, Chief Technology Officer (Acting) and Chief Architect for SOA and Cloud Computing, Futrend Technology Inc. “Students of the related specialties can fulfill their educational process with very easily understood materials that are broadly illustrated and clearly described. Professors of different disciplines, from business analysis to IT implementation—even legal and financial monitoring—can use the book as an on-table lecturing manual. IT specialists of all ranks and fields of application will find the book as a practical and useful support for sketching solutions unbound to any particular vendor or brand.” —Alexander Gromoff, Director of Science & Education, Center of Information Control Technologies, Chairman of BPM Chair in Business Informatics Department, National Research University “Higher School of Economics” “Cloud Computing: Concepts, Technology & Architecture is a comprehensive compendium of all the relevant information about the transformative cloud technology. Erl’s latest title concisely and clearly illustrates the origins and positioning of the cloud paradigm as the next-generation computing model. All the chapters are carefully written and arranged in an easy-to-understand manner. This book will be immeasurably beneficial for business and IT professionals. It is set to shake up and help organize the world of cloud computing.” —Pethuru Raj, Ph.D., Enterprise Architecture Consultant, Wipro “A cloud computing book that will stand out and survive the test of time, even in one of the fastest evolving areas of technology. This book does a great job breaking down the high level of complexity of cloud computing into easy-to-understand pieces. It goes beyond the basic, often repeated, explanations. It examines the fundamental concepts and the components, as well as the mechanisms and architectures that make up cloud computing environments. The approach gradually builds the reader’s understanding from the ground up. “In a rapidly evolving area like cloud computing, it’s easy to focus on details and miss the big picture. 10 The focus on concepts and architectural models instead of vendor-specific details allows readers to quickly gain essential knowledge of complex topics. The concepts come together in the last part of the book, which should be required reading for any decision maker evaluating when and how to start a transition to cloud computing. Its thorough, comprehensive coverage of fundamentals and advanced topics makes the book a valuable resource to keep on your desk or your eBook reader, regardless if you’re new to the topic or you already have cloud experience. “I highly recommend the book to those looking to implement or evaluate cloud environments, or simply looking to educate themselves in a field that will shape IT over the next decade.” —Christoph Schittko, Principal Technology Strategist & Cloud Solution Director, Microsoft “Cloud Computing: Concepts, Technology & Architecture is an excellent resource for IT professionals and managers who want to learn and understand cloud computing, and who need to select or build cloud systems and solutions. It lays the foundation for cloud concepts, models, technologies, and mechanisms. As the book is vendor-neutral, it will remain valid for many years. We will recommend this book to Oracle customers, partners, and users for their journey toward cloud computing. This book has the potential to become the basis for a cloud computing manifesto, comparable to what was accomplished with the SOA manifesto.” —Jürgen Kress, Fusion Middleware Partner Adoption, Oracle EMEA 11 To my family and friends —Thomas Erl To Zoya, Hanya, and Ozair with love —Zaigham Mahmood To Silvia, Luiza, Isadora, and Lucas —Ricardo Puttini Current Printing: 2019 12 Contents at a Glance Foreword CHAPTER 1: Introduction CHAPTER 2: Case Study Background PART I: FUNDAMENTAL CLOUD COMPUTING CHAPTER 3: Understanding Cloud Computing CHAPTER 4: Fundamental Concepts and Models CHAPTER 5: Cloud-Enabling Technology CHAPTER 6: Fundamental Cloud Security PART II: CLOUD COMPUTING MECHANISMS CHAPTER 7: Cloud Infrastructure Mechanisms CHAPTER 8: Specialized Cloud Mechanisms CHAPTER 9: Cloud Management Mechanisms CHAPTER 10: Cloud Security Mechanisms PART III: CLOUD COMPUTING ARCHITECTURE CHAPTER 11: Fundamental Cloud Architectures CHAPTER 12: Advanced Cloud Architectures CHAPTER 13: Specialized Cloud Architectures PART IV: WORKING WITH CLOUDS CHAPTER 14: Cloud Delivery Model Considerations CHAPTER 15: Cost Metrics and Pricing Models CHAPTER 16: Service Quality Metrics and SLAs PART V: APPENDICES APPENDIX A: Case Study Conclusions APPENDIX B: Industry Standards Organizations 13 APPENDIX C: Mapping Mechanisms to Characteristics APPENDIX D: Data Center Facilities (TIA-942) APPENDIX E: Cloud-Adapted Risk Management Framework APPENDIX F: Cloud Provisioning Contracts APPENDIX G: Cloud Business Case Template About the Authors About the Contributors Index 14 Contents Foreword Acknowledgments CHAPTER 1: Introduction 1.1 Objectives of This Book 1.2 What This Book Does Not Cover 1.3 Who This Book Is For 1.4 How This Book Is Organized Part I: Fundamental Cloud Computing Chapter 3: Understanding Cloud Computing Chapter 4: Fundamental Concepts and Models Chapter 5: Cloud-Enabling Technology Chapter 6: Fundamental Cloud Security Part II: Cloud Computing Mechanisms Chapter 7: Cloud Infrastructure Mechanisms Chapter 8: Specialized Cloud Mechanisms Chapter 9: Cloud Management Mechanisms Chapter 10: Cloud Security Mechanisms Part III: Cloud Computing Architecture Chapter 11: Fundamental Cloud Architectures Chapter 12: Advanced Cloud Architectures Chapter 13: Specialized Cloud Architectures Part IV: Working with Clouds Chapter 14: Cloud Delivery Model Considerations Chapter 15: Cost Metrics and Pricing Models Chapter 16: Service Quality Metrics and SLAs Part V: Appendices Appendix A: Case Study Conclusions Appendix B: Industry Standards Organizations Appendix C: Mapping Mechanisms to Characteristics Appendix D: Data Center Facilities (TIA-942) Appendix E: Emerging Technologies 15 Appendix F: Cloud Provisioning Contracts Appendix G: Cloud Business Case Template 1.5 Conventions Symbols and Figures Summary of Key Points 1.6 Additional Information Updates, Errata, and Resources Visio Stencil and Symbol Legend Patterns, Mechanisms and Metrics Social Media Cloud Certified Professional (CCP) Program CHAPTER 2: Case Study Background 2.1 Case Study #1: ATN Technical Infrastructure and Environment Business Goals and New Strategy Roadmap and Implementation Strategy 2.2 Case Study #2: DTGOV Technical Infrastructure and Environment Business Goals and New Strategy Roadmap and Implementation Strategy 2.3 Case Study #3: Innovartus Technologies Inc. Technical Infrastructure and Environment Business Goals and Strategy Roadmap and Implementation Strategy PART I: FUNDAMENTAL CLOUD COMPUTING CHAPTER 3: Understanding Cloud Computing 3.1 Origins and Influences A Brief History Definitions Business Drivers Capacity Planning Cost Reduction 16 Organizational Agility Technology Innovations Clustering Grid Computing Virtualization Technology Innovations vs. Enabling Technologies 3.2 Basic Concepts and Terminology Cloud IT Resource On-Premise Cloud Consumers and Cloud Providers Scaling Horizontal Scaling Vertical Scaling Cloud Service Cloud Service Consumer 3.3 Goals and Benefits Reduced Investments and Proportional Costs Increased Scalability Increased Availability and Reliability 3.4 Risks and Challenges Increased Security Vulnerabilities Reduced Operational Governance Control Limited Portability Between Cloud Providers Multi-Regional Compliance and Legal Issues CHAPTER 4: Fundamental Concepts and Models 4.1 Roles and Boundaries Cloud Provider Cloud Consumer Cloud Service Owner Cloud Resource Administrator Additional Roles Organizational Boundary 17 Trust Boundary 4.2 Cloud Characteristics On-Demand Usage Ubiquitous Access Multitenancy (and Resource Pooling) Elasticity Measured Usage Resiliency 4.3 Cloud Delivery Models Infrastructure-as-a-Service (IaaS) Platform-as-a-Service (PaaS) Software-as-a-Service (SaaS) Comparing Cloud Delivery Models Combining Cloud Delivery Models IaaS + PaaS IaaS + PaaS + SaaS 4.4 Cloud Deployment Models Public Clouds Community Clouds Private Clouds Hybrid Clouds Other Cloud Deployment Models CHAPTER 5: Cloud-Enabling Technology 5.1 Broadband Networks and Internet Architecture Internet Service Providers (ISPs) Connectionless Packet Switching (Datagram Networks) Router-Based Interconnectivity Physical Network Transport Layer Protocol Application Layer Protocol Technical and Business Considerations Connectivity Issues Network Bandwidth and Latency Issues 18 Cloud Carrier and Cloud Provider Selection 5.2 Data Center Technology Virtualization Standardization and Modularity Automation Remote Operation and Management High Availability Security-Aware Design, Operation, and Management Facilities Computing Hardware Storage Hardware Network Hardware Carrier and External Networks Interconnection Web-Tier Load Balancing and Acceleration LAN Fabric SAN Fabric NAS Gateways Other Considerations 5.3 Virtualization Technology Hardware Independence Server Consolidation Resource Replication Operating System-Based Virtualization Hardware-Based Virtualization Virtualization Management Other Considerations 5.4 Web Technology Basic Web Technology Web Applications 5.5 Multitenant Technology 5.6 Containerization Containerization vs. Virtualization Benefits of Containers 19 Container Hosting and Pods Fundamental Container Architecture Elements Container Engine Container Build File Container Image Container Networking Address Storage Device 5.7 Case Study Example CHAPTER 6: Fundamental Cloud Security 6.1 Basic Terms and Concepts Confidentiality Integrity Authenticity Availability Threat Vulnerability Risk Security Controls Security Mechanisms Security Policies 6.2 Threat Agents Anonymous Attacker Malicious Service Agent Trusted Attacker Malicious Insider 6.3 Cloud Security Threats Traffic Eavesdropping Malicious Intermediary Denial of Service Insufficient Authorization Virtualization Attack Overlapping Trust Boundaries 20 Container Attack 6.4 Additional Considerations Flawed Implementations Security Policy Disparity Contracts Risk Management 6.5 Case Study Example PART II: CLOUD COMPUTING MECHANISMS CHAPTER 7: Cloud Infrastructure Mechanisms 7.1 Logical Network Perimeter Case Study Example 7.2 Virtual Server Case Study Example 7.3 Cloud Storage Device Cloud Storage Levels Network Storage Interfaces Object Storage Interfaces Database Storage Interfaces Relational Data Storage Non-Relational Data Storage Case Study Example 7.4 Cloud Usage Monitor Monitoring Agent Resource Agent Polling Agent Case Study Example 7.5 Resource Replication Case Study Example 7.6 Ready-Made Environment Case Study Example 7.7 Container CHAPTER 8: Specialized Cloud Mechanisms 21 8.1 Automated Scaling Listener Case Study Example 8.2 Load Balancer Case Study Example 8.3 SLA Monitor Case Study Example SLA Monitor Polling Agent SLA Monitoring Agent 8.4 Pay-Per-Use Monitor Case Study Example 8.5 Audit Monitor Case Study Example 8.6 Failover System Active-Active Active-Passive Case Study Example 8.7 Hypervisor Case Study Example 8.8 Resource Cluster Case Study Example 8.9 Multi-Device Broker Case Study Example 8.10 State Management Database Case Study Example CHAPTER 9: Cloud Management Mechanisms 9.1 Remote Administration System Case Study Example 9.2 Resource Management System Case Study Example 9.3 SLA Management System Case Study Example 9.4 Billing Management System Case Study Example 22 CHAPTER 10: Cloud Security Mechanisms 10.1 Encryption Symmetric Encryption Asymmetric Encryption Case Study Example 10.2 Hashing Case Study Example 10.3 Digital Signature Case Study Example 10.4 Public Key Infrastructure (PKI) Case Study Example 10.5 Identity and Access Management (IAM) Case Study Example 10.6 Single Sign-On (SSO) Case Study Example 10.7 Cloud-Based Security Groups Case Study Example 10.8 Hardened Virtual Server Images Case Study Example PART III: CLOUD COMPUTING ARCHITECTURE CHAPTER 11: Fundamental Cloud Architectures 11.1 Workload Distribution Architecture 11.2 Resource Pooling Architecture 11.3 Dynamic Scalability Architecture 11.4 Elastic Resource Capacity Architecture 11.5 Service Load Balancing Architecture 11.6 Cloud Bursting Architecture 11.7 Elastic Disk Provisioning Architecture 11.8 Redundant Storage Architecture 11.9 Case Study Example CHAPTER 12: Advanced Cloud Architectures 12.1 Hypervisor Clustering Architecture 23 12.2 Load Balanced Virtual Server Instances Architecture 12.3 Non-Disruptive Service Relocation Architecture 12.4 Zero Downtime Architecture 12.5 Cloud Balancing Architecture 12.6 Resource Reservation Architecture 12.7 Dynamic Failure Detection and Recovery Architecture 12.8 Bare-Metal Provisioning Architecture 12.9 Rapid Provisioning Architecture 12.10 Storage Workload Management Architecture 12.11 Case Study Example CHAPTER 13: Specialized Cloud Architectures 13.1 Direct I/O Access Architecture 13.2 Direct LUN Access Architecture 13.3 Dynamic Data Normalization Architecture 13.4 Elastic Network Capacity Architecture 13.5 Cross-Storage Device Vertical Tiering Architecture 13.6 Intra-Storage Device Vertical Data Tiering Architecture 13.7 Load Balanced Virtual Switches Architecture 13.8 Multipath Resource Access Architecture 13.9 Persistent Virtual Network Configuration Architecture 13.10 Redundant Physical Connection for Virtual Servers Architecture 13.11 Storage Maintenance Window Architecture PART IV: WORKING WITH CLOUDS CHAPTER 14: Cloud Delivery Model Considerations 14.1 Cloud Delivery Models: The Cloud Provider Perspective Building IaaS Environments Data Centers Scalability and Reliability Monitoring Security Equipping PaaS Environments Scalability and Reliability 24 Monitoring Security Optimizing SaaS Environments Security 14.2 Cloud Delivery Models: The Cloud Consumer Perspective Working with IaaS Environments IT Resource Provisioning Considerations Working with PaaS Environments IT Resource Provisioning Considerations Working with SaaS Services 14.3 Case Study Example CHAPTER 15: Cost Metrics and Pricing Models 15.1 Business Cost Metrics Up-Front and On-Going Costs Additional Costs Case Study Example Product Catalog Browser On-Premise Up-Front Costs On-Premise On-Going Costs Cloud-Based Up-Front Costs Cloud-Based On-Going Costs Client Database On-Premise Up-Front Costs On-Premise On-Going Costs Cloud-Based Up-Front Costs Cloud-Based On-Going Costs 15.2 Cloud Usage Cost Metrics Network Usage Inbound Network Usage Metric Outbound Network Usage Metric Intra-Cloud WAN Usage Metric Server Usage On-Demand Virtual Machine Instance Allocation Metric 25 Reserved Virtual Machine Instance Allocation Metric Cloud Storage Device Usage On-Demand Storage Space Allocation Metric I/O Data Transferred Metric Cloud Service Usage Application Subscription Duration Metric Number of Nominated Users Metric Number of Transactions Users Metric 15.3 Cost Management Considerations Pricing Models Additional Considerations Case Study Example Virtual Server On-Demand Instance Allocation Virtual Server Reserved Instance Allocation Cloud Storage Device WAN Traffic CHAPTER 16: Service Quality Metrics and SLAs 16.1 Service Quality Metrics Service Availability Metrics Availability Rate Metric Outage Duration Metric Service Reliability Metrics Mean-Time Between Failures (MTBF) Metric Reliability Rate Metric Service Performance Metrics Network Capacity Metric Storage Device Capacity Metric Server Capacity Metric Web Application Capacity Metric Instance Starting Time Metric Response Time Metric Completion Time Metric Service Scalability Metrics 26 Storage Scalability (Horizontal) Metric Server Scalability (Horizontal) Metric Server Scalability (Vertical) Metric Service Resiliency Metrics Mean-Time to Switchover (MTSO) Metric Mean-Time System Recovery (MTSR) Metric 16.2 Case Study Example 16.3 SLA Guidelines 16.4 Case Study Example Scope and Applicability Service Quality Guarantees Definitions Usage of Financial Credits SLA Exclusions PART V: APPENDICES Appendix A: Case Study Conclusions A.1 ATN A.2 DTGOV A.3 Innovartus Appendix B: Industry Standards Organizations B.1 National Institute of Standards and Technology (NIST) B.2 Cloud Security Alliance (CSA) B.3 Distributed Management Task Force (DMTF) B.4 Storage Networking Industry Association (SNIA) B.5 Organization for the Advancement of Structured Information Standards (OASIS) B.6 The Open Group B.7 Open Cloud Consortium (OCC) B.8 European Telecommunications Standards Institute (ETSI) B.9 Telecommunications Industry Association (TIA) B.10 Liberty Alliance B.11 Open Grid Forum (OGF) 27 Appendix C: Mapping Mechanisms to Characteristics Appendix D: Data Center Facilities (TIA-942) D.1 Primary Rooms Electrical Room Mechanical Room Storage and Staging Offices, Operations Center, and Support Telecommunications Entrance Computer Room D.2 Environmental Controls External Electrical Power Provider Interconnection Power Distribution Uninterruptible Power Source (UPS) Power Engine-Generator D.3 Infrastructure Redundancy Summary Appendix E: Cloud-Adapted Risk Management Framework E.1 Security Conservation Principle E.2 The Risk Management Framework Appendix F: Cloud Provisioning Contracts F.1 Cloud Provisioning Contract Structure Terms of Service Service Usage Policy Security and Privacy Policy Warranties and Liabilities Rights and Responsibilities Termination and Renewal Specifications and SLAs Pricing and Billing Other Issues Legal and Compliance Issues Auditability and Accountability Changes in the Contract Terms and Conditions 28 F.2 Cloud Provider Selection Guidelines Cloud Provider Viability Appendix G: Cloud Business Case Template G.1 Business Case Identification G.2 Business Needs G.3 Target Cloud Environment G.4 Technical Issues G.5 Economic Factors About the Authors Thomas Erl Zaigham Mahmood Ricardo Puttini About the Contributors Pamela J. Wise-Martinez, MSc Gustavo Azzolin, BSc, MSc Dr. Michaela Iorga, Ph.D. Amin Naserpour Vinícius Pacheco, MSc Matthias Ziegler Index 29 Foreword by Pamela J. Wise-Martinez The idea of cloud computing isn’t new, or overly complicated from a technology resources and internetworking perspective. What’s new is the growth and maturity of cloud computing methods, and strategies that enable the goals of business agility. Looking back, the phrase “utility computing” didn’t captivate or create the stir in the information industry as the term “cloud computing” has in recent years. Nevertheless, appreciation of readily available resources has arrived and the utilitarian or servicing features are what are at the heart of outsourcing the access of information technology resources and services. In this light, cloud computing represents a flexible, cost-effective, and proven delivery platform for business and consumer information services over the Internet. Cloud computing has become an industry game changer as businesses and information technology leaders realize the potential in combining and sharing computing resources as opposed to building and maintaining them. There’s seemingly no shortage of views regarding the benefits of cloud computing nor is there a shortage of vendors willing to offer services in either open source or promising commercial solutions. Beyond the hype, there are many aspects of the cloud that have earned new consideration due to their increased service capability and potential efficiencies. The ability to demonstrate transforming results in cloud computing to resolve traditional business problems using information technology management best practices now exists. In the case of economic impacts, the principle of pay-as-you-go and computer agnostic services are concepts ready for prime time. We can measure performance as well as calculate the economic and environmental effects of cloud computing today. The architectural change from client-server to service orientation led to an evolution of composable and reusable code; though the practice had been around for many years, it is now the de facto approach used to lower cost and identify best practices and patterns for increasing business agility. This has advanced the computer software industry’s design methods, components, and engineering. Comparatively, the wide acceptance and adoption of cloud computing is revolutionizing information and technology resource management. We now have the ability to outsource hardware and software capabilities on a large-scale to fulfill end-to-end business automation requirements. Marks and Lozano understood this emergence and the need for better software design: “...we now have the ability to collect, transport, process, store, and access data nearly anywhere in nearly arbitrary volume.” The limitations depend largely on how “cloudy” or cloud-aware the service/component is, and hence the need for better software architecture. (Eric A. Marks and Roberto Lozano [Executive Guide to Cloud Computing]). The reusable evolution through service architecture reinforces a focus on business objectives as opposed to the number of computing platforms to support. As a viable resource management alternative, cloud computing is fundamentally changing the way we think about computing solutions in retail, education, and public sectors. The use of cloud computing architecture and standards are driving unique ways in which computing solutions are delivered, as well as platform diversity to meet bottom-line business objectives. Thomas Erl’s body of work on service technology guided the technology industry through eloquent illustrations and literature over the past decade. Thomas’ brilliant efforts on principles, concepts, patterns, and 30 expressions gave the information technology community an evolved software architecture approach that now forms a foundation for cloud computing goals to be successfully fulfilled in practice. This is a key assertion, as cloud computing is no longer a far-reaching concept of the future, but rather a dominant information technology service option and resource delivery presence. Thomas’ Cloud Computing: Concepts, Technology & Architecture takes the industry beyond the definitions of cloud computing and juxtaposes virtualization, grid, and sustainment strategies as contrasted in day to day operations. Thomas and his team of authors take the reader from beginning to end with the essential elements of cloud computing, its history, innovation, and demand. Through case studies and architectural models they articulate service requirements, infrastructure, security, and outsourcing of salient computing resources. Thomas again enlightens the industry with poignant analysis and reliable architecture-driven practices and principles. No matter the level of interest or experience, the reader will find clear value in this in-depth, vendor-neutral study of cloud computing. Pamela J. Wise-Martinez, Inventor and Chief Architect Department of Energy, National Nuclear Security Administration (Disclaimer: The views expressed are the personal views of the author and are not intended to reflect either the views of the U.S. Government, the U.S. Department of Energy, or the National Nuclear Security Administration.) 31 Acknowledgments In alphabetical order by last name: Ahmed Aamer, AlFaisaliah Group Randy Adkins, Modus21 Melanie Allison, Integrated Consulting Services Gabriela Inacio Alves, University of Brasilia Marcelo Ancelmo, IBM Rational Software Services Kapil Bakshi, Cisco Systems Toufic Boubez, Metafor Software Antonio Bruno, UBS AG Dr. Paul Buhler, Modus21 Pethuru Raj Cheliah, Wipro Kevin Davis, Ph.D. Suzanne D’Souza, KBACE Technologies Yili Gong, Wuhan University Alexander Gromoff, Center of Information Control Technologies Chris Haddad, WSO2 Richard Hill, University of Derby Michaela Iorga, Ph.D. Johan Kumps, RealDolmen Gijs in ’t Veld, Motion10 Masykur Marhendra, Consulting Workforce Accenture Damian Maschek, Deutshe Bahn Claynor Mazzarolo, IBTI Charlie Mead, W3C Steve Millidge, C2B2 Jorge Minguez, Thales Deutschland Scott Morrison, Layer 7 Amin Naserpour, HP Vicente Navarro, European Space Agency Laura Olson, IBM WebSphere Tony Pallas, Intel Cesare Pautasso, University of Lugano 32 Sergey Popov, Liberty Global International Olivier Poupeney, Dreamface Interactive Alex Rankov, EMC Dan Rosanova, West Monroe Partners Jaime Ryan, Layer 7 Filippos Santas, Credit Suisse Christoph Schittko, Microsoft Guido Schmutz, Trivadis Mark Skilton, Capgemini Gary Smith, CloudComputingArchitect.com Kevin Spiess Vijay Srinivasan, Cognizant Daniel Starcevich, Raytheon Roger Stoffers, HP Andre Toffanello, IBTI Andre Tost, IBM Software Group Bernd Trops, talend Clemens Utschig, Boehringer Ingelheim Pharma Ignaz Wanders, Archimiddle Philip Wik, Redflex Jorge Williams, Rackspace Dr. Johannes Maria Zaha Jeff Zhong, Futrend Technologies Special thanks to the CloudSchool.com research and development team that produced the CCP course modules upon which this book is based. 33 Chapter 1. Introduction 1.1 Objectives of This Book 1.2 What This Book Does Not Cover 1.3 Who This Book Is For 1.4 How This Book Is Organized 1.5 Conventions 1.6 Additional Information The past couple of decades saw the business-centric concept of outsourcing services and the technology- centric notion of utility computing evolve along relatively parallel streams. When they finally met to form a technology landscape with a compelling business case and seismic impacts on the IT industry as a whole, it became evident that what resultantly was termed and branded as “cloud computing” was more than just another IT trend. It had become an opportunity to further align and advance the goals of the business with the capabilities of technology. Those who understand this opportunity can seize it to leverage proven and mature components of cloud platforms to not only fulfill existing strategic business goals, but to even inspire businesses to set new objectives and directions based on the extent to which cloud-driven innovation can further help optimize business operations. The first step to succeeding is education. Cloud computing adoption is not trivial. The cloud computing marketplace is unregulated. And, not all products and technologies branded with “cloud” are, in fact, sufficiently mature to realize or even supportive of realizing actual cloud computing benefits. To add to the confusion, there are different definitions and interpretations of cloud-based models and frameworks floating 34 around IT literature and the IT media space, which leads to different IT professionals acquiring different types of cloud computing expertise. And then, of course, there is the fact that cloud computing is, at its essence, a form of service provisioning. As with any type of service we intend to hire or outsource (IT-related or otherwise), it is commonly understood that we will be confronted with a marketplace comprised of service providers of varying quality and reliability. Some may offer attractive rates and terms, but may have unproven business histories or highly proprietary environments. Others may have a solid business background, but may demand higher rates and less flexible terms. Others yet, may simply be insincere or temporary business ventures that unexpectedly disappear or are acquired within a short period of time. Back to the importance of getting educated. There is no greater danger to a business than approaching cloud computing adoption with ignorance. The magnitude of a failed adoption effort not only correspondingly impacts IT departments, but can actually regress a business to a point where it finds itself steps behind from where it was prior to the adoption—and, perhaps, even more steps behind competitors that have been successful at achieving their goals in the meantime. Cloud computing has much to offer but its roadmap is riddled with pitfalls, ambiguities, and mistruths. The best way to navigate this landscape is to chart each part of the journey by making educated decisions about how and to what extent your project should proceed. The scope of an adoption is equally important to its approach, and both of these aspects need to be determined by business requirements. Not by a product vendor, not by a cloud vendor, and not by self-proclaimed cloud experts. Your organization’s business goals must be fulfilled in a concrete and measurable manner with each completed phase of the adoption. This validates your scope, your approach, and the overall direction of the project. In other words, it keeps your project aligned. Gaining a vendor-neutral understanding of cloud computing from an industry perspective empowers you with the clarity necessary to determine what is factually cloud-related and what is not, as well as what is relevant to your business requirements and what is not. With this information you can establish criteria that will allow you to filter out the parts of the cloud computing product and service provider marketplaces to focus on what has the most potential to help you and your business to succeed. We developed this book to assist you with this goal. —Thomas Erl 1.1. Objectives of This Book This book is the result of more than two years of research and analysis of the commercial cloud computing industry, cloud computing vendor platforms, and further innovation and contributions made by cloud computing industry standards organizations and practitioners. The purpose of this book is to break down proven and mature cloud computing technologies and practices into a series of well-defined concepts, models, and technology mechanisms and architectures. The resulting chapters establish concrete, academic coverage of fundamental aspects of cloud computing concepts and technologies. The range of topics covered is documented using vendor-neutral terms and descriptions, carefully defined to ensure full alignment with the cloud computing industry as a whole. 35 1.2. What This Book Does Not Cover Due to the vendor-neutral basis of this book, it does not contain any significant coverage of cloud computing vendor products, services, or technologies. This book is complementary to other titles that provide product- specific coverage and to vendor product literature itself. If you are new to the commercial cloud computing landscape, you are encouraged to use this book as a starting point before proceeding to books and courses that are proprietary to vendor product lines. 1.3. Who This Book Is For This book is aimed at the following target audience: IT practitioners and professionals who require vendor-neutral coverage of cloud computing technologies, concepts, mechanisms, and models IT managers and decision makers who seek clarity regarding the business and technological implications of cloud computing professors and students and educational institutions that require well-researched and well-defined academic coverage of fundamental cloud computing topics business managers who need to assess the potential economic gains and viability of adopting cloud computing resources technology architects and developers who want to understand the different moving parts that comprise contemporary cloud platforms 1.4. How This Book Is Organized The book begins with Chapters 1 and 2 providing introductory content and background information for the case studies. All subsequent chapters are organized into the following parts: Part I: Fundamental Cloud Computing Part II: Cloud Computing Mechanisms Part III: Cloud Computing Architecture Part IV: Working with Clouds Part V: Appendices Part I: Fundamental Cloud Computing The four chapters in this part cover introductory topics in preparation for all subsequent chapters. Note that Chapters 3 and 4 do not contain case study content. Chapter 3: Understanding Cloud Computing Following a brief history of cloud computing and a discussion of business drivers and technology innovations, basic terminology and concepts are introduced, along with descriptions of common benefits and challenges of cloud computing adoption. Chapter 4: Fundamental Concepts and Models Cloud delivery and cloud deployment models are discussed in detail, following sections that establish common 36 cloud characteristics and roles and boundaries. Chapter 5: Cloud-Enabling Technology Contemporary technologies that realize modern-day cloud computing platforms and innovations are discussed, including data centers, virtualization, containerization, and Web-based technologies. Chapter 6: Fundamental Cloud Security Security topics and concepts relevant and distinct to cloud computing are introduced, including descriptions of common cloud security threats and attacks. Part II: Cloud Computing Mechanisms Technology mechanisms represent well-defined IT artifacts that are established within an IT industry and commonly distinct to a certain computing model or platform. The technology-centric nature of cloud computing requires the establishment of a formal level of mechanisms to be able to explore how solutions can be assembled via different combinations of mechanism implementations. This part formally documents 20 technology mechanisms that are used within cloud environments to enable generic and specialized forms of functionality. Each mechanism description is accompanied by a case study example that demonstrates its usage. The utilization of the mechanisms is further explored throughout the technology architectures covered in Part III. Chapter 7: Cloud Infrastructure Mechanisms Technology mechanisms foundational to cloud platforms are covered, including Logical Network Perimeter, Virtual Server, Cloud Storage Device, Cloud Usage Monitor, Resource Replication, Ready-Made Environment and Container. Chapter 8: Specialized Cloud Mechanisms A range of specialized technology mechanisms is described, including Automated Scaling Listener, Load Balancer, SLA Monitor, Pay-Per-Use Monitor, Audit Monitor, Failover System, Hypervisor, Resource Cluster, Multi-Device Broker, and State Management Database. Chapter 9: Cloud Management Mechanisms Mechanisms that enable the hands-on administration and management of cloud-based IT resources are explained, including Remote Administration System, Resource Management System, SLA Management System, and Billing Management System. Chapter 10: Cloud Security Mechanisms Security mechanisms that can be used to counter and prevent the threats described in Chapter 6 are covered, including Encryption, Hashing, Digital Signatures, Public Key Infrastructures (PKI), Identity and Access Management (IAM) Systems, Single Sign-On (SSO), Cloud-Based Security Groups, and Hardened Virtual Server Images. Part III: Cloud Computing Architecture 37 Technology architecture within the realm of cloud computing introduces requirements and considerations that manifest themselves in broadly scoped architectural layers and numerous distinct architectural models. This set of chapters builds upon the coverage of cloud computing mechanisms from Part II by formally documenting 29 cloud-based technology architectures and scenarios in which different combinations of the mechanisms are documented in relation to fundamental, advanced, and specialized cloud architectures. Chapter 11: Fundamental Cloud Architectures Fundamental cloud architectural models establish baseline functions and capabilities. The architectures covered in this chapter are Workload Distribution, Resource Pooling, Dynamic Scalability, Elastic Resource Capacity, Service Load Balancing, Cloud Bursting, Elastic Disk Provisioning, and Redundant Storage. Chapter 12: Advanced Cloud Architectures Advanced cloud architectural models establish sophisticated and complex environments, several of which directly build upon fundamental models. The architectures covered in this chapter are Hypervisor Clustering, Load Balanced Virtual Server Instances, Non-Disruptive Service Relocation, Zero Downtime, Cloud Balancing, Resource Reservation, Dynamic Failure Detection and Recovery, Bare-Metal Provisioning, Rapid Provisioning, and Storage Workload Management. Chapter 13: Specialized Cloud Architectures Specialized cloud architectural models address distinct functional areas. The architectures covered in this chapter are Direct I/O Access, Direct LUN Access, Dynamic Data Normalization, Elastic Network Capacity, Cross-Storage Device Vertical Tiering, Intra-Storage Device Vertical Data Tiering, Load-Balanced Virtual Switches, Multipath Resource Access, Persistent Virtual Network Configuration, Redundant Physical Connection for Virtual Servers, and Storage Maintenance Window. Note that this chapter does not contain a case study example. Part IV: Working with Clouds Cloud computing technologies and environments can be adopted to varying extents. An organization can migrate select IT resources to a cloud, while keeping all other IT resources on-premise—or it can form significant dependencies on a cloud platform by migrating larger amounts of IT resources or even using the cloud environment to create them. For any organization, it is important to assess a potential adoption from a practical and business-centric perspective in order to pinpoint the most common factors that pertain to financial investments, business impact, and various legal considerations. This set of chapters explores these and other topics related to the real-world considerations of working with cloud-based environments. Chapter 14: Cloud Delivery Model Considerations Cloud environments need to be built and evolved by cloud providers in response to cloud consumer requirements. Cloud consumers can use clouds to create or migrate IT resources to, subsequent to their assuming administrative responsibilities. This chapter provides a technical understanding of cloud delivery models from both the provider and consumer perspectives, each of which offers revealing insights into the 38 inner workings and architectural layers of cloud environments. Chapter 15: Cost Metrics and Pricing Models Cost metrics for network, server, storage, and software usage are described, along with various formulas for calculating integration and ownership costs related to cloud environments. The chapter concludes with a discussion of cost management topics as they relate to common business terms used by cloud provider vendors. Chapter 16: Service Quality Metrics and SLAs Service level agreements establish the guarantees and usage terms for cloud services and are often determined by the business terms agreed upon by cloud consumers and cloud providers. This chapter provides detailed insight into how cloud provider guarantees are expressed and structured via SLAs, along with metrics and formulas for calculating common SLA values, such as availability, reliability, performance, scalability, and resiliency. Part V: Appendices Appendix A: Case Study Conclusions The individual storylines of the case studies are concluded and the results of each organization’s cloud computing adoption efforts are summarized. Appendix B: Industry Standards Organizations This appendix describes industry standards organizations and efforts in support of the cloud computing industry. Appendix C: Mapping Mechanisms to Characteristics A table is provided, mapping cloud characteristics to the cloud computing mechanisms that can help realize the characteristics. Appendix D: Data Center Facilities (TIA-942) A brief overview and breakdown of common data center facilities in reference to the TIA-942 Telecommunications Infrastructure Standard for Data Centers. Appendix E: Cloud-Adapted Risk Management Framework An overview of the Cloud-Adapted Risk Management Framework (CRMF) that is part of the NIST Cloud Computing Security Reference Architecture. Appendix F: Cloud Provisioning Contracts The actual agreements signed between cloud provider vendors and cloud consumer organizations are distinct legal contracts that encompass a range of specific terms and considerations. This appendix highlights the typical parts of a cloud provisioning contract, and provides further guidelines. Appendix G: Cloud Business Case Template 39 This appendix provides a checklist of items that can be used as a starting point for assembling a business case for the adoption of cloud computing. 1.5. Conventions Symbols and Figures This book contains a series of diagrams that are referred to as figures. The primary symbols used throughout the figures are individually described in the symbol legend located on the inside of the book cover. Full-color, high-resolution versions of all figures in this book can be viewed and downloaded at www.servicetechbooks.com/cloud/figures and www.informit.com/title/9780133387520. Summary of Key Points For quick reference purposes, each of the sections within Chapters 3 through 6 in Part I, “Fundamental Cloud Computing,” concludes with a Summary of Key Points sub-section that concisely highlights the primary statements made within the section, in bullet list format. 1.6. Additional Information These sections provide supplementary information and resources. Updates, Errata, and Resources Information about other series titles and various supporting resources can be found at www.arcitura.com/books. Visio Stencil and Symbol Legend Visit www.arcitura.com/notation to download a symbol legend and a Visio stencil with many of the symbols from the figures in this book. Patterns, Mechanisms and Metrics Access online content dedicated to technology mechanisms, design patterns and associated metrics and concepts at patterns.arcitura.com. Also, join the Patterns, Mechanisms and Metrics LinkedIn Group for regular updates. Social Media Connect with the Prentice Hall Service Technology Series from Thomas Erl via Facebook, Twitter and LinkedIn. Visit www.arcitura.com/community for more information. Cloud Certified Professional (CCP) Program This text book is an official part of the Cloud Certified Professional (CCP) curriculum from Arcitura Education. Learn more at www.arcitura.com/ccp. 40 Chapter 2. Case Study Background 2.1 Case Study #1: ATN 2.2 Case Study #2: DTGOV 2.3 Case Study #3: Innovartus Technologies Inc. Case study examples provide scenarios in which organizations assess, use, and manage cloud computing models and technologies. Three organizations from different industries are presented for analysis in this book, each of which has distinctive business, technological, and architectural objectives that are introduced in this chapter. The organizations presented for case study are: Advanced Telecom Networks (ATN) – a global company that supplies network equipment to the telecommunications industry DTGOV – a public organization that specializes in IT infrastructure and technology services for public sector organizations Innovartus Technologies Inc. – a medium-sized company that develops virtual toys and educational entertainment products for children Most chapters after Part I include one or more Case Study Example sections. A conclusion to the storylines is provided in Appendix A. 2.1. Case Study #1: ATN ATN is a company that provides network equipment to telecommunications industries across the globe. Over the years, ATN has grown considerably and their product portfolio has expanded to accommodate several acquisitions, including companies that specialize in infrastructure components for Internet, GSM, and cellular 41 providers. ATN is now a leading supplier of a diverse range of telecommunications infrastructure. In recent years, market pressure has been increasing. ATN has begun looking for ways to increase its competitiveness and efficiency by taking advantage of new technologies, especially those that can assist in cost reduction. Technical Infrastructure and Environment ATN’s various acquisitions have resulted in a highly complex and heterogeneous IT landscape. A cohesive consolidation program was not applied to the IT environment after each acquisition round, resulting in similar applications running concurrently and an increase in maintenance costs. In 2010, ATN merged with a major European telecommunications supplier, adding another applications portfolio to its inventory. The IT complexity snowballed into a serious obstruction and became a source of critical concern to ATN’s board of directors. Business Goals and New Strategy ATN management decided to pursue a consolidation initiative and outsource applications maintenance and operations overseas. This lowered costs but unfortunately did not address their overall operational inefficiency. Applications still had overlapping functions that could not be easily consolidated. It eventually became apparent that outsourcing was insufficient as consolidation became a possibility only if the architecture of the entire IT landscape changed. As a result, ATN decided to explore the potential of adopting cloud computing. However, subsequent to their initial inquiries they became overwhelmed by the plenitude of cloud providers and cloud-based products. Roadmap and Implementation Strategy ATN is unsure of how to choose the right set of cloud computing technologies and vendors—many solutions appear to still be immature and new cloud-based offerings continue to emerge in the market. A preliminary cloud computing adoption roadmap is discussed to address a number of key points: IT Strategy – The adoption of cloud computing needs to promote optimization of the current IT framework, and produce both lower short-term investments and consistent long-term cost reduction. Business Benefits – ATN needs to evaluate which of the current applications and IT infrastructure can leverage cloud computing technology to achieve the desired optimization and cost reductions. Additional cloud computing benefits such as greater business agility, scalability, and reliability need to be realized to promote business value. Technology Considerations – Criteria need to be established to help choose the most appropriate cloud delivery and deployment models and cloud vendors and products. Cloud Security – The risks associated with migrating applications and data to the cloud must be determined. ATN fears that they might lose control over their applications and data if entrusted to cloud providers, leading to incompliance with internal policies and telecom market regulations. They also wonder how their existing legacy applications would be integrated into the new cloud-based domain. To define a succinct plan of action, ATN hires an independent IT consulting company called CloudEnhance, 42 who are well recognized for their technology architecture expertise in the transition and integration of cloud computing IT resources. CloudEnhance consultants begin by suggesting an appraisal process comprised of five steps: 1. A brief evaluation of existing applications to measures factors, such as complexity, business-criticality, usage frequency, and number of active users. The identified factors are then placed in a hierarchy of priority to help determine the most suitable candidate applications for migration to a cloud environment. 2. A more detailed evaluation of each selected application using a proprietary assessment tool. 3. The development of a target application architecture that exhibits the interaction between cloud-based applications, their integration with ATN’s existing infrastructure and legacy systems, and their development and deployment processes. 4. The authoring of a preliminary business case that documents projected cost savings based on performance indicators, such as cost of cloud readiness, effort for application transformation and interaction, ease of migration and implementation, and various potential long-term benefits. 5. The development of a detailed project plan for a pilot application. ATN proceeds with the process and resultantly builds its first prototype by focusing on an application that automates a low-risk business area. During this project ATN ports several of the business area’s smaller applications that were running on different technologies over to a PaaS platform. Based on positive results and feedback received for the prototype project, ATN decides to embark on a strategic initiative to garner similar benefits for other areas of the company. 2.2. Case Study #2: DTGOV DTGOV is a public company that was created in the early 1980s by the Ministry of Social Security. The decentralization of the ministry’s IT operations to a public company under private law gave DTGOV an autonomous management structure with significant flexibility to govern and evolve its IT enterprise. At the time of its creation, DTGOV had approximately 1,000 employees, operational branches in 60 localities nation-wide, and operated two mainframe-based data centers. Over time, DTGOV has expanded to more than 3,000 employees and branch offices in more than 300 localities, with three data centers running both mainframe and low-level platform environments. Its main services are related to processing social security benefits across the country. DTGOV has enlarged its customer portfolio in the last two decades. It now serves other public-sector organizations and provides basic IT infrastructure and services, such as server hosting and server colocation. Some of its customers have also outsourced the operation, maintenance, and development of applications to DTGOV. DTGOV has sizable customer contracts that encompass various IT resources and services. However, these contracts, services, and associated service levels are not standardized—negotiated service provisioning conditions are typically customized for each customer individually. DTGOV’s operations are resultantly becoming increasingly complex and difficult to manage, which has led to inefficiencies and inflated costs. 43 The DTGOV board realized, some time ago, that the overall company structure could be improved by standardizing its services portfolio, which implies the reengineering of both IT operational and management models. This process has started with the standardization of the hardware platform through the creation of a clearly defined technological lifecycle, a consolidated procurement policy, and the establishment of new acquisition practices. Technical Infrastructure and Environment DTGOV operates three data centers: one is exclusively dedicated to low-level platform servers while the other two have both mainframe and low-level platforms. The mainframe systems are reserved for the Ministry of Social Security and therefore not available for outsourcing. The data center infrastructure occupies approximately 20,000 square feet of computer room space and hosts more than 100,000 servers with different hardware configurations. The total storage capacity is approximately 10,000 terabytes. DTGOV’s network has redundant high-speed data links connecting the data centers in a full mesh topology. Their Internet connectivity is considered to be provider-independent since their network interconnects all of the major national telecom carriers. Server consolidation and virtualization projects have been in place for five years, considerably decreasing the diversity of hardware platforms. As a result, systematic tracking of the investments and operational costs related to the hardware platform has revealed significant improvement. However, there is still remarkable diversity in their software platforms and configurations due to customer service customization requirements. Business Goals and New Strategy A chief strategic objective of the standardization of DTGOV’s service portfolio is to achieve increased levels of cost effectiveness and operational optimization. An internal executive-level commission was established to define the directions, goals, and strategic roadmap for this initiative. The commission has identified cloud computing as a guidance option and an opportunity for further diversification and improvement of services and customer portfolios. The roadmap addresses the following key points: Business Benefits – Concrete business benefits associated with the standardization of service portfolios under the umbrella of cloud computing delivery models need to be defined. For example, how can the optimization of IT infrastructure and operational models result in direct and measurable cost reductions? Service Portfolio – Which services should become cloud-based, and which customers should they be extended to? Technical Challenges – The limitations of the current technology infrastructure in relation to the runtime processing requirements of cloud computing models must be understood and documented. Existing infrastructure must be leveraged to whatever extent possible to optimize up-front costs assumed by the development of the cloud-based service offerings. Pricing and SLAs – An appropriate contract, pricing, and service quality strategy needs to be defined. Suitable pricing and service-level agreements (SLAs) must be determined to support the initiative. 44 One outstanding concern relates to changes to the current format of contracts and how they may impact business. Many customers may not want to—or may not be prepared to—adopt cloud contracting and service delivery models. This becomes even more critical when considering the fact that 90% of DTGOV’s current customer portfolio is comprised of public organizations that typically do not have the autonomy or the agility to switch operating methods on such short notice. Therefore, the migration process is expected to be long term, which may become risky if the roadmap is not properly and clearly defined. A further outstanding issue pertains to IT contract regulations in the public sector—existing regulations may become irrelevant or unclear when applied to cloud technologies. Roadmap and Implementation Strategy Several assessment activities were initiated to address the aforementioned issues. The first was a survey of existing customers to probe their level of understanding, on-going initiatives, and plans regarding cloud computing. Most of the respondents were aware of and knowledgeable about cloud computing trends, which was considered a positive finding. An investigation of the service portfolio revealed clearly identified infrastructure services relating to hosting and colocation. Technical expertise and infrastructure were also evaluated, determining that data center operation and management are key areas of expertise of DTGOV IT staff. With these findings, the commission decided to: 1. choose IaaS as the target delivery platform to start the cloud computing provisioning initiative 2. hire a consulting firm with sufficient cloud provider expertise and experience to correctly identify and rectify any business and technical issues that may afflict the initiative 3. deploy new hardware resources with a uniform platform into two different data centers, aiming to establish a new, reliable environment to use for the provisioning of initial IaaS-hosted services 4. identify three customers that plan to acquire cloud-based services in order to establish pilot projects and define contractual conditions, pricing, and service-level policies and models 5. evaluate service provisioning of the three chosen customers for the initial period of six months before publicly offering the service to other customers As the pilot project proceeds, a new Web-based management environment is released to allow for the self- provisioning of virtual servers, as well as SLA and financial tracking functionality in realtime. The pilot projects are considered highly successful, leading to the next step of opening the cloud-based services to other customers. 2.3. Case Study #3: Innovartus Technologies Inc. The primary business line of Innovartus Technologies Inc. is the development of virtual toys and educational entertainment products for children. These services are provided through a Web portal that employs a role- playing model to create customized virtual games for PCs and mobile devices. The games allow users to create and manipulate virtual toys (cars, dolls, pets) that can be outfitted with virtual accessories that are obtained by completing simple educational quests. The main demographic is children under 12 years. Innovartus further has a social network environment that enables users to exchange items and collaborate with others. All of 45 these activities can be monitored and tracked by the parents, who can also participate in a game by creating specific quests for their children. The most valuable and revolutionary feature of Innovartus’ applications is an experimental end-user interface that is based on natural interface concepts. Users can interact via voice commands, simple gestures that are captured with a Webcam, and directly by touching tablet screens. The Innovartus portal has always been cloud-based. It was originally developed via a PaaS platform and has been hosted by the same cloud provider ever since. However, recently this environment has revealed several technical limitations that impact features of Innovartus’ user interface programming frameworks. Technical Infrastructure and Environment Many of Innovartus’ other office automation solutions, such as shared file repositories and various productivity tools, are also cloud-based. The on-premise corporate IT environment is relatively small, comprised mainly of work area devices, laptops, and graphic design workstations. Business Goals and Strategy Innovartus has been diversifying the functionality of the IT resources that are used for their Web-based and mobile applications. The company has also increased efforts to internationalize their applications; both the Web site and the mobile applications are currently offered in five different languages. Roadmap and Implementation Strategy Innovartus intends to continue building upon its cloud-based solutions; however, the current cloud hosting environment has limitations that need to be overcome: scalability needs to be improved to accommodate increased and less predictable cloud consumer interaction service levels need to be improved to avoid outages that are currently more frequent than expected cost effectiveness needs to be improved, as leasing rates are higher with the current cloud provider when compared to others These and other factors have led Innovartus to decide to migrate to a larger, more globally established cloud provider. The roadmap for this migration project includes: a technical and economic report about the risks and impacts of the planned migration a decision tree and a rigorous study initiative focused on the criteria for selecting the new cloud provider portability assessments of applications to determine how much of each existing cloud service architecture is proprietary to the current cloud provider’s environment Innovartus is further concerned about how and to what extent the current cloud provider will support and cooperate with the migration process. 46 47 Part I: Fundamental Cloud Computing Chapter 3: Understanding Cloud Computing Chapter 4: Fundamental Concepts and Models Chapter 5: Cloud-Enabling Technology Chapter 6: Fundamental Cloud Security The upcoming chapters establish concepts and terminology that are referenced throughout subsequent chapters and parts in this book. It is recommended that Chapters 3 and 4 be reviewed, even for those already familiar with cloud computing fundamentals. Sections in Chapters 5 and 6 can be selectively skipped by those already familiar with the corresponding technology and security topics. 48 Chapter 3. Understanding Cloud Computing 3.1 Origins and Influences 3.2 Basic Concepts and Terminology 3.3 Goals and Benefits 3.4 Risks and Challenges This is the first of two chapters that provide an overview of introductory cloud computing topics. It begins with a brief history of cloud computing along with short descriptions of its business and technology drivers. This is followed by definitions of basic concepts and terminology, in addition to explanations of the primary benefits and challenges of cloud computing adoption. 3.1. Origins and Influences A Brief History The idea of computing in a “cloud” traces back to the origins of utility computing, a concept that computer scientist John McCarthy publicly proposed in 1961: “If computers of the kind I have advocated become the computers of the future, then computing may someday be organized as a public utility just as the telephone system is a public utility.... The computer utility could become the basis of a new and important industry.” In 1969, Leonard Kleinrock, a chief scientist of the Advanced Research Projects Agency Network or ARPANET project that seeded the Internet, stated: “As of now, computer networks are still in their infancy, but as they grow up and become sophisticated, we will probably see the spread of ‘computer utilities’...”. The general public has been leveraging forms of Internet-based computer utilities since the mid-1990s 49 through various incarnations of search engines (Yahoo!, Google), e-mail services (Hotmail, Gmail), open publishing platforms (MySpace, Facebook, YouTube), and other types of social media (Twitter, LinkedIn). Though consumer-centric, these services popularized and validated core concepts that form the basis of modern-day cloud computing. In the late 1990s, Salesforce.com pioneered the notion of bringing remotely provisioned services into the enterprise. In 2002, Amazon.com launched the Amazon Web Services (AWS) platform, a suite of enterprise- oriented services that provide remotely provisioned storage, computing resources, and business functionality. A slightly different evocation of the term “Network Cloud” or “Cloud” was introduced in the early 1990s throughout the networking industry. It referred to an abstraction layer derived in the delivery methods of data across heterogeneous public and semi-public networks that were primarily packet-switched, although cellular networks used the “Cloud” term as well. The networking method at this point supported the transmission of data from one end-point (local network) to the “Cloud” (wide area network) and then further decomposed to another intended end-point. This is relevant, as the networking industry still references the use of this term, and is considered an early adopter of the concepts that underlie utility computing. It wasn’t until 2006 that the term “cloud computing” emerged in the commercial arena. It was during this time that Amazon launched its Elastic Compute Cloud (EC2) services that enabled organizations to “lease” computing capacity and processing power to run their enterprise applications. Google Apps also began providing browser-based enterprise applications in the same year, and three years later, the Google App Engine became another historic milestone. Definitions A Gartner report listing cloud computing at the top of its strategic technology areas further reaffirmed its prominence as an industry trend by announcing its formal definition as: “...a style of computing in which scalable and elastic IT-enabled capabilities are delivered as a service to external customers using Internet technologies.” This is a slight revision of Gartner’s original definition from 2008, in which “massively scalable” was used instead of “scalable and elastic.” This acknowledges the importance of scalability in relation to the ability to scale vertically and not just to enormous proportions. Forrester Research provided its own definition of cloud computing as: “...a standardized IT capability (services, software, or infrastructure) delivered via Internet technologies in a pay-per-use, self-service way.” The definition that received industry-wide acceptance was composed by the National Institute of Standards and Technology (NIST). NIST published its original definition back in 2009, followed by a revised version after further review and industry input that was published in September of 2011: “Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model is composed of five essential characteristics, three service models, and four deployment models.” 50 This book provides a more concise definition: “Cloud computing is a specialized form of distributed computing that introduces utilization models for remotely provisioning scalable and measured resources.” This simplified definition is in line with all of the preceding definition variations that were put forth by other organizations within the cloud computing industry. The characteristics, service models, and deployment models referenced in the NIST definition are further covered in Chapter 4. Business Drivers Before delving into the layers of technologies that underlie clouds, the motivations that led to their creation by industry leaders must first be understood. Several of the primary business drivers that fostered modern cloud- based technology are presented in this section. The origins and inspirations of many of the characteristics, models, and mechanisms covered throughout subsequent chapters can be traced back to the upcoming business drivers. It is important to note that these influences shaped clouds and the overall cloud computing market from both ends. They have motivated organizations to adopt cloud computing in support of their business automation requirements. They have correspondingly motivated other organizations to become providers of cloud environments and cloud technology vendors in order to create and meet the demand to fulfill consumer needs. Capacity Planning Capacity planning is the process of determining and fulfilling future demands of an organization’s IT resources, products, and services. Within this context, capacity represents the maximum amount of work that an IT resource is capable of delivering in a given period of time. A discrepancy between the capacity of an IT resource and its demand can result in a system becoming either inefficient (over-provisioning) or unable to fulfill user needs (under-provisioning). Capacity planning is focused on minimizing this discrepancy to achieve predictable efficiency and performance. Different capacity planning strategies exist: Lead Strategy – adding capacity to an IT resource in anticipation of demand Lag Strategy – adding capacity when the IT resource reaches its full capacity Match Strategy – adding IT resource capacity in small increments, as demand increases Planning for capacity can be challenging because it requires estimating usage load fluctuations. There is a constant need to balance peak usage requirements without unnecessary over-expenditure on infrastructure. An example is outfitting IT infrastructure to accommodate maximum usage loads which can impose unreasonable financial investments. In such cases, moderating investments can result in under-provisioning, leading to transaction losses and other usage limitations from lowered usage thresholds. Cost Reduction A direct alignment between IT costs and business performance can be difficult to maintain. The growth of IT environments often corresponds to the assessment of their maximum usage requirements. This can make the support of new and expanded business automations an ever-increasing investment. Much of this required 51 investment is funneled into infrastructure expansion because the usage potential of a given automation solution will always be limited by the processing power of its underlying infrastructure. Two costs need to be accounted for: the cost of acquiring new infrastructure, and the cost of its ongoing ownership. Operational overhead represents a considerable share of IT budgets, often exceeding up-front investment costs. Common forms of infrastructure-related operating overhead include the following: technical personnel required to keep the environment operational upgrades and patches that introduce additional testing and deployment cycles utility bills and capital expense investments for power and cooling security and access control measures that need to be maintained and enforced to protect infrastructure resources administrative and accounts staff that may be required to keep track of licenses and support arrangements The on-going ownership of internal technology infrastructure can encompass burdensome responsibilities that impose compound impacts on corporate budgets. An IT department can consequently become a significant— and at times overwhelming—drain on the business, potentially inhibiting its responsiveness, profitability, and overall evolution. Organizational Agility Businesses need the ability to adapt and evolve to successfully face change caused by both internal and external factors. Organizational agility is the measure of an organization’s responsiveness to change. An IT enterprise often needs to respond to business change by scaling its IT resources beyond the scope of what was previously predicted or planned for. For example, infrastructure may be subject to limitations that prevent the organization from responding to usage fluctuations—even when anticipated—if previous capacity planning efforts were restricted by inadequate budgets. In other cases, changing business needs and priorities may require IT resources to be more available and reliable than before. Even if sufficient infrastructure is in place for an organization to support anticipated usage volumes, the nature of the usage may generate runtime exceptions that bring down hosting servers. Due to a lack of reliability controls within the infrastructure, responsiveness to consumer or customer requirements may be reduced to a point whereby a business’ overall continuity is threatened. On a broader scale, the up-front investments and infrastructure ownership costs that are required to enable new or expanded business automation solutions may themselves be prohibitive enough for a business to settle for IT infrastructure of less-than-ideal quality, thereby decreasing its ability to meet real-world requirements. Worse yet, the business may decide against proceeding with an automation solution altogether upon review of its infrastructure budget, because it simply cannot afford to. This form of inability to respond can inhibit an organization from keeping up with market demands, competitive pressures, and its own strategic business goals. 52 Technology Innovations Established technologies are often used as inspiration and, at times, the actual foundations upon which new technology innovations are derived and built. This section briefly describes the pre-existing technologies considered to be the primary influences on cloud computing. Clustering A cluster is a group of independent IT resources that are interconnected and work as a single system. System failure rates are reduced while availability and reliability are increased, since redundancy and failover features are inherent to the cluster. A general prerequisite of hardware clustering is that its component systems have reasonably identical hardware and operating systems to provide similar performance levels when one failed component is to be replaced by another. Component devices that form a cluster are kept in synchronization through dedicated, high-speed communication links. The basic concept of built-in redundancy and failover is core to cloud platforms. Clustering technology is explored further in Chapter 8 as part of the Resource Cluster mechanism description. Grid Computing A computing grid (or “computational grid”) provides a platform in which computing resources are organized into one or more logical pools. These pools are collectively coordinated to provide a high performance distributed grid, sometimes referred to as a “super virtual computer.” Grid computing differs from clustering in that grid systems are much more loosely coupled and distributed. As a result, grid computing systems can involve computing resources that are heterogeneous and geographically dispersed, which is generally not possible with cluster computing-based systems. Grid computing has been an on-going research area in computing science since the early 1990s. The technological advancements achieved by grid computing projects have influenced various aspects of cloud computing platforms and mechanisms, specifically in relation to common feature-sets such as networked access, resource pooling, and scalability and resiliency. These types of features can be established by both grid computing and cloud computing, in their own distinctive approaches. For example, grid computing is based on a middleware layer that is deployed on computing resources. These IT resources participate in a grid pool that implements a series of workload distribution and coordination functions. This middle tier can contain load balancing logic, failover controls, and autonomic configuration management, each having previously inspired similar—and several more sophisticated—cloud computing technologies. It is for this reason that some classify cloud computing as a descendant of earlier grid computing initiatives. Virtualization Virtualization represents a technology platform used for the creation of virtual instances of IT resources. A layer of virtualization software allows physical IT resources to provide multiple virtual images of themselves so that their underlying processing capabilities can be shared by multiple users. 53 Prior to the advent of virtualization technologies, software was limited to residing on and being coupled with static hardware environments. The virtualization process severs this software-hardware dependency, as hardware requirements can be simulated by emulation software running in virtualized environments. Established virtualization technologies can be traced to several cloud characteristics and cloud computing mechanisms, having inspired many of their core features. As cloud computing evolved, a generation of modern virtualization technologies emerged to overcome the performance, reliability, and scalability limitations of traditional virtualization platforms. As a foundation of contemporary cloud technology, modern virtualization provides a variety of virtualization types and technology layers that are discussed separately in Chapter 5. Technology Innovations vs. Enabling Technologies It is essential to highlight several other areas of technology that continue to contribute to modern-day cloud- based platforms. These are distinguished as cloud-enabling technologies, the following of which are covered in Chapter 5: Broadband Networks and Internet Architecture Data Center Technology (Modern) Virtualization Technology Web Technology Multitenant Technology Service Technology Each of these cloud-enabling technologies existed in some form prior to the formal advent of cloud computing. Some were refined further, and on occasion even redefined, as a result of the subsequent evolution of cloud computing. Summary of Key Points The primary business drivers that exposed the need for cloud computing and led to its formation include capacity planning, cost reduction, and organizational agility. The primary technology innovations that influenced and inspired key distinguishing features and aspects of cloud computing include clustering, grid computing, and traditional forms of virtualization. 3.2. Basic Concepts and Terminology This section establishes a set of basic terms that represent the fundamental concepts and aspects pertaining to the notion of a cloud and its most primitive artifacts. Cloud A cloud refers to a distinct IT environment that is designed for the purpose of remotely provisioning scalable and measured IT resources. The term originated as a metaphor for the Internet which is, in essence, a network of networks providing remote access to a set of decentralized IT resources. Prior to cloud computing 54 becoming its own formalized IT industry segment, the sy