CpE402 Chapter5 ver1.3.pdf

Full Transcript

CHAPTER FIVE CLOUD Enabling Technology 1. BROADBAND NETWORKS & INTERNET ARCHITECTURE ◾ Clouds must be connected to a network ◾ Inter-networking: Users’ network must connect to cloud’s network ◾ Public cloud computing relies heavily on the Internet PRIVATE CLOUD NETWORKING ◾ For institutions with in-house private clouds remote users in-office users PUBLIC CLOUD NETWORKING ◾ Resources can be extended by adding public cloud ◾ Places further dependency on the internet to provide connectivity private cloud network in-office users remote users INTER-NETWORKING KEY POINTS ◾ Cloud consumers and providers typically communicate via the internet ◾ Decentralized provisioning and management model is not controlled by the cloud consumers or providers ◾ Inter-networking (internet) relies on connectionless packet switching and route-based interconnectivity ◾ Routers and switches support communication ◾ Network bandwidth and latency influence QoS, which is heavily impacted by network congestion 2. DATA CENTER TECHNOLOGY ◾ Grouping servers together (clusters): ◾ Enables power sharing ◾ Higher efficiency in shared IT resource usage (less duplication of effort) ◾ Improved accessibility and organization ◾ Key components:  Virtualized and physical server resources  Standardized, modular hardware  Automation support: enable server provisioning, configuration, patching, monitoring without supervision… tool/API support is desirable DATA CENTER TECH – KEY COMPONENTS ◾ Remote operation / management ◾ High availability support : **redundant everything** Includes: power supplies, cabling, environmental control systems, communication links, duplicate warm replica HW ◾ Secure design: physical and logical access control ◾ Servers: rackmount, etc. ◾ Storage: hard disk arrays (RAID) ◾ storage area network (SAN): disk array w/ multiple servers (individual nodes w/ disks) and a dedicated network ◾ network attached storage (NAS): inexpensive single node with collection of disks, provides shared filesystems, for NFS, etc. ◾ Network hardware: backbone routers (WAN to LAN connectivity), firewalls, VPN gateways, managed switches/routers 3. VIRTUALIZATION TECHNOLOGY ◾ Convert a physical IT resource into a virtual IT resource ◾ Servers, storage, network, power (virtual UPSs) ◾ Virtualization supports:  Hardware independence  Server consolidation  Resource replication  Resource pooling  Elastic scalability ◾ Virtual servers  Operating-system based virtualization  Hardware-based virtualization VIRTUAL MACHINES ◾ Emulation/simulation of a computer in software ◾ Provides a substitute for a real computer or server ◾ Virtualization platforms provide functionality to run an entire operating system ◾ Allows running multiple different operating systems, or operating systems with different versions simultaneously on the same computer KEY VIRTUALIZATION TRADEOFF ◾ Tradeoff space: What is the “right” level of abstraction in the cloud for sharing resources with users? Degree of Hardware Abstraction Too little Too much Abstraction Concerns:  Overhead  Performance  Isolation  Security ABSTRACTION CONCERNS ◾ Overhead with too many instances w/ heavy abstractions  Too many instances using a heavy abstraction can lead to hidden resource utilization and waste  Example: Dedicated server with 48 VMs each with separate instance of Ubuntu Linux  Idle VMs can reduce performance of co-resident jobs/tasks ◾ “ Virtualization” Overhead  Cost of virtualization an OS instance  Overhead has dropped from ~100% to ~1% over last decade ◾ Performance  Impacted by weight of abstraction and virtualization overhead ABSTRACTION CONCERNS ◾ Isolation  From others: What user A does should not impact user B in any noticeable way ◾ Security  User A and user B’s data should be always separate  User A’s actions are not perceivable by User B TYPES OF ABSTRACTION IN THE CLOUD ◾ Virtual Machines – original IaaS cloud abstraction ◾ OS and Application Containers – seen with CaaS  OS Container – replacement for VM, mimics full OS instance, heavier OS containers run 100s of processes just like a VM  App Container – Docker: packages dependencies to easily transport and run an application anywhere  Application containers run only a few processes ◾ Micro VMs – FaaS / CaaS  Lighter weight alternative to full VM (KVM, XEN, VirtualBox)  Firecracker ◾ Unikernel Operating Systems – research mostly  Single process, multi-thread operating system  Designed for cloud, objective to reduce overhead of running too many OS instances vmWare Cloud and Virtualization Concepts From NDG In partnership with VMware IT Academy www.vmware.com/go/academy Hardware Processor - Also called CPU (Central Processing Unit) RAM - Random Access Memory Read-Only Memory - Non-volatile memory that stores BIOS *BIOS is type of software responsible for turning on (booting) computer Motherboard - Printed Circuit Board (PCB) that holds processor, RAM, ROM, network and Input/Output (I/O) and other components. Chipset - Collection of microchips on motherboard that manage specific functions. Storage - A persistent (non-volatile) storage device such as a Hard Drive Disk or Solid State Drive Software System software is necessary for hardware to function Operating system controls the hardware Application software tells your system to execute a task you want What is Virtualization Virtualization is the “layer” of technology that goes between the physical hardware of a device and the operating system to create one or more copies of the device. What is a VM? Virtualization creates virtual hardware by cloning physical hardware The hypervisor uses virtual hardware to create a virtual machine (VM) A VM is a set of files With a hypervisor and VMs, one computer can run multiple OS simultaneously What is a Hypervisor? Software installed on top of hardware that created virtualization layer Hosts VMs Type 1 Hypervisor – Bare metal hypervisor (VMware ESXi) Type 2 Hypervisor – Hosted hypervisor (VMware Workstation) Virtual Machine Files VMs can be exported and moved to other hosts Files are created by the hypervisor and stored in a directory Example VM files: File Type File Name Description Log File.log Keeps a log of VM activity Disk File.vmdk Stores content of VM’s disk drive Snapshot Files.vmsd and.vmsn Stores information about VM snapshots (saved VM state) Stores information about VM Configuration File.vmx © Network Development Group reserved for use with NDG.tech/vmware content name, BIOS, guest OS, and memory What is a snapshot? Working on a VM and need to save progress or state Snapshots are saved as files in the VM folder (.vmx) What is saved by a snapshot? - State of VM disks - Contents of VM memory - VM settings What is a Data Center? Hardware infrastructure that supports virtualization Focus is on processing large amounts of data What are the three main components? - Compute - Storage - Networks Compute Systems Hardware and operating system software that runs applications Difference between a PC and a server - PCs have user-friendly interface while servers focus on running programs Types of servers: - Tower - Blade server - Rack-mounted server What is the architecture of a server? Networks Transfer data across the data center so devices can communicate What type of hardware is used for networking? Storage Data center storage should have two features: availability and redundancy © Network Development Group reserved for use with NDG.tech/vmware content Storage - RAID Redundant Array of Independent Disks Hard drives linked together to create a large volume of redundant storage What are the three methods of writing to RAID? - Mirroring - Striping - Parity What do the RAID numbers mean (i.e., 0, 1, 5)? Storage - Block vs. File Level Block-Level Storage – Data is written to and accessed from storage volumes (blocks) File-Level Storage – Data is written to disks but accessed from default file system Storage – Types of Data Center Storage DAS – Storage device is directly attached to a server (block-level) NAS – Storage device is attached to a network, servers on the network can access device (file-level) SAN – Clustered storage devices on their own network that servers can connect to (block-level) Common Data Center Storage Protocols Protocol Application SCSI (Internet Small Computer System Interface Medium-sized blade servers, Enterprise servers, DAS FC (Fiber Channel) Enterprise servers, SAN FCoE (Fiber Channel over Ethernet) Enterprise servers, SAN iSCSI (Internet Small Computer System Interface) Enterprise servers, NAS Storage Provisioning Thick provisioning: Disk space is strategically pre-allocated to a server, or a VM. This means that the logical space provided by partitioning is equal to the amount of actual physical space set aside on the physical disk. Benefits of a Virtual Data Center Data centers use a lot of hardware and virtualization makes hardware more efficient Increased computing resources results in higher availability of applications Less labor needed to monitor data center (administrator can monitor from desk using a program) Software-defined data center (SDDC): Hypervisor pools physical data center resources into a virtual data center What is vSphere? Suite of virtualization technology designed for larger enterprise data center management vSphere virtualization tools include: - ESXi: Type 1Hypervisor - vCenter: Management software (installed on management server) - vSphere Client: Program that controls host servers and VMs vSphere What is ESXi? ESXi is VMware’s Type 1 hypervisor software installed directly on the physical server and creates the virtual layer Components of ESXi: - Unix Microkernel - VMware Kernel (VMkernel) vCenter and vSphere Client vCenter: Software installed on a dedicated server to manage ESXi servers and other components of a virtualized data center vSphere Client: Program with a graphical user interface (GUI) that allows data center administrators to connect to vCenter and ESXi remotely Server Virtualization Results in increased efficiency of data center servers because multiple VMs can be hosted on one server Computing resources can be distributed to customers using less hardware Storage Virtualization Storage capacity is pooled and distributed to the VMs - Physical storage devices are partitioned into logical storage (LUNs) - LUNs are used to create a datastore How do VMs access data center storage? - VMs are stored as VMDK (.vmdk) files on datastore - VM configuration files (VM settings) are stored as VMX (.vmx) files Network Virtualization Physical components that make up the physical network are virtualized to create a virtual network What is a vSwitch? - Virtual switch that virtual devices can connect to in order to communicate with each other What is a vLAN? - Virtual Local Area Network that is segmented into groups of ports isolated from one another, creating different network segments Types of Virtual Networks Bridged Network: The host server and the VM are connected to the same network, and the host shares its IP address with the VM NAT: VMs use an IP translated from the host’s IP (using NAT device) and communicate on a private network set up on the host computer Host-only Network: VMs use a private network but do not have translated IP addresses to connect to external network, therefore can only communicate to other VMs on the isolated host network Application and Desktop Virtualization Why use virtualized applications? - Some applications have specific system requirements - VMware Thinapp creates a packaged virtual app, that contains the program and system requirements, and delivers it to the end-user What is desktop virtualization? - Designed to solve computing resource issues faced by the mobile workforce (workers that need computing without the hardware) - VMware Horizon takes the resources needed to create a desktop environment from data centers and delivers it to the end-user’s device Convergence Convergence: Moving from a traditional hardware-based server model to a virtual data center Two strategies: - Containment: Not deploying any existing applications for customers on virtual servers. Maintain applications running on the hardware-based data center. - Consolidation: Moving applications that are running in the old hardware-based data center model using VMware P2V technology The Cloud Cloud computing is the delivery of shared computing resources (software and/or data) on-demand through the internet Types of Cloud Computing Cloud computing is categorized into different service models. The major types of cloud computing are: Software as a Service (SaaS) Platform as a Service (PaaS) Infrastructure as a Service (IaaS) Cloud Deployment Models Cloud deployment includes an emphasize on where the hardware or software is running and who is controlling it. Private Cloud Community Cloud Public Cloud Hybrid Cloud vMotion Move running virtual machines from one ESXi host to another ESXi host without service interruption (live migration) Increases availability of data and computing resources Storage vMotion Move the disks and configuration files of a running virtual machine from one datastore to another datastore without service interruption Increases availability of storage High Availability (HA) Pools servers (hosts) and the VMs that reside on them in a cluster so that in the event of a failure, the virtual machines on a failed host are restarted on alternate hosts Distributed Resource Scheduler (DRS) What problem does DRS solve? HA clusters need to be monitored and managed. DRS implements a shared management interface so that the cluster’s resources can be monitored and managed vSphere Storage Distributed Resource Scheduler provides the same solution for storage clusters Fault Tolerance (FT) A secondary copy of that virtual machine and its files is created on another ESXi host and datastore Using FT, the transfer to a different server is seamless and will not be noticeable to the end-user Replication vSphere Replication makes copies of VMs in a different physical location, useful for data protection and disaster recovery Works with vSphere Client to allow admins to monitor VSAN VMware VSAN (Virtual Storage Area Network) virtualizes existing storage in data center servers Creates a hyper-converged infrastructure; integrated virtualized data center components from one vendor (i.e., VMware) (Do you recall what a converged infrastructure is?) Interacts with vSphere to create one layer of virtualization software, which is managed by the vCenter management layer NSX Suite of virtualization solutions for data center networking VMware NSX creates a ‘software network’ on top of the physical network that can be divided up into many virtual networks Virtual networking components included VMware Cloud Foundation Suite of virtualization solutions for data center migration VMware Cloud Foundation makes it easy to transition from an existing system to a virtual data center Can be used to virtualize on-premises or to migrate off-premises to cloud environments such as Amazon Web Services (AWS) vCloud Automation Center Cloud management product to quickly deliver and easily manage the personalized infrastructure, applications, and services for business needs Individuals can have access to a userfriendly self-service portal to create their own machines Ability to deliver services on different platforms such as AWS and Azure CloudHealth Analyze and report your cloud costs, usage, performance, and security Monitor groups of resources or specific resources such as CPU, memory, and disk usage Software-Defined Storage Concepts From NDG In partnership with VMware IT Academy www.vmware.com/go/academy The Data Center Data centers exists for the sole purpose of storing data Modern data centers consist of multiple layers o Management Layer o Virtual Layer o Physical Layer Network Layer Compute Layer Storage Layer The Data Center Data Centers must provide Availability and Redundancy. Availability - The expectation that the storage is online and running, making it accessible. Redundancy - The duplication of critical components in a system to provide a back-up in the event of a failure in the original location. Storage Concepts in the Data Centers Abstraction - In a complex system or piece of software, focusing on the most relevant details and hiding what can be ignored. Array - Data storage that is made up of multiple storage devices and cache memory. Block Storage (or Block-Level Storage) - Data is saved in fixed-sized volumes called ‘blocks’; each block is treated as an individual storage device, has a unique identifier, and has its own file system. Deploy - To install, test, and run hardware or software in a live environment. Storage Concepts in the Data Centers File Storage (or File-Level Storage) - Data is saved in files and folders in a hierarchical system of directories and sub-directories; in order to be accessed, the storage drives must be configured with the Network File System (NFS) for Unix/Linux systems or Server Message Block (SMB) for Microsoft Windows systems. Logical - Virtual; not physical. Mirror - To make an exact copy of data from one storage device drive to another storage device in real-time. This serves to prevent data loss in the event of a hardware failure. This is also known as RAID 1. Storage Concepts in the Data Centers Object - with vSAN, an object is a virtual machine disk (VMDK) file, a snapshot (a copy of a VMDK taken at a specific point in time), or the virtual machine home folder. Object Storage (or Object-Based Storage) - Data is bundled together with its metadata (information such as date created, size, and author) and a unique identifier. Policy - A set of rules about the storage requirements of virtual machines and the applications they run. Storage Concepts in the Data Centers RAID (Redundant Array of Independent Disks) - Storage that is made up of multiple hard drives. The same data is stored across different disks. The method by which this data is stored is classified by RAID levels. ○ RAID 0- Striping with no fault tolerance or redundancy. Designed for speed. ○ RAID 1- Mirroring with no striping. Designed for reliability. ○ There are other RAID formats that utilize both striping and mirroring. Stripe - To divide a piece of data into equally-sized units which are then spread across multiple storage devices; no copies of the data are made. This is often referred to as RAID 0. Local Disk Storage Has a 1:1 relationship between storage device and personal device or server 3 types of Local Disk Storage: ○ Hard Disk Drives (HDDs) - Utilizes a platter and magnets to store 1s by magnetizing and 0s by demagnetizing. Spinning platter can cause data loss in the event of abrupt shutdown. These are known for their large amount of storage at an affordable price. ○ Solid State Drives (SSDs) - Utilizes transistors to store data in electrical charges. Transistors that conduct current have a value of 1 and a chain that doesn’t conduct current has a value of 0. Faster than HDDs, but more expensive. ○ Optical Disk Drives (ODDs) - Utilizes a laser to read 0s and 1s from a spinning disk. CDs, DVDs, Blu-Ray discs. Inexpensive, and highly portable. Local Disk Storage Protocols A protocol is the language that local disk storage uses to communicate with a device. Several commonly seen protocols are: o Small Computer System Interface (SCSI) o Serial Attached SCSI (SAS) o Serial Advanced Technology Attachment (SATA) o Universal Serial Bus (USB) o Fibre Channel (FC) Servers may need an adapter to communicate with local storage. This adapter is known as a Host Bus Adapter (HBA). Network-Attached Storage (NAS) NAS is connected to a Local Area Network (LAN). Each authorized user on the network can access the data on the NAS. Can be considered a “Personal Cloud” or “Private Cloud”, where the storage is located on site rather than remotely. NAS will have its own IP address. Capable of RAID configurations. Uses TCP/IP to send information through the network. File System Protocols often used are NFS for Linux/Unix, SMB for Windows, and Apple Filing Protocol (AFP) for Apple devices. Storage Area Network (SAN) Runs alongside a LAN and can serve several different physical locations. Gives access to block level storage; is capable of file level storage can be obtained via the servers’ operating systems. Does not need to be in the same physical location as the servers. Can be off-site storage. Allows for easy and immediate scalability. Prevents network bottlenecking by running alongside LANs. Frees up computing resources on servers. Storage Area Network A SAN consists of 3 layers: ○ ○ ○ Host Layer- Made up of servers which grant access to files to users. Fabric Layer- Contains the physical equipment and cabling of the SAN. Storage Layer- Consists of the actual physical storage devices. Several protocols a SAN may utilize are: Fibre Channel (FC) - High speed. Fibre Channel over Ethernet (FCoE) - Cheaper alternative to FC. Internet Small Computer Systems Interface (iSCSI) - Uses IP, good for SMB. ATA over Ethernet (AoE) - Simplified protocol, good for economical networks. ○ InfiniBand (IB)- Very high speed, often utilized between super-computers. ○ ○ ○ ○ Virtualized Storage Virtualized storage gives VMs the storage they require to host their operating system and applications. The Virtual Disks of a VM are stored on a ‘datastore’. A partition on the physical drive is created, forming a space called a Logical Unit Number (LUN). A datastore is made up of one or more volumes, which are made up of one or more LUNs. File Systems give names and metadata to stored data. VMware utilizes either VMFS or NFS file systems. Virtual Machine File System (VMFS) Developed for use by VMware. Allows multiple servers to read/write at the same time. As a Clustered File System (CFS), it is simultaneously mounted on multiple servers. Allows multiple VMs to share a single file system. Can be linked to a single SAN LUN or span multiple SAN LUNs. Each VM is encapsulated into a small set of files in a single directory. This makes mirroring and recovery much simpler in the event of a disaster. Network File System (NFS) IP-based file sharing protocol utilized by NAS systems. Uses file-level access, the storage device is controlled by the NAS. NFS has three components: client, server, and protocol. Files appear to be local to the client machine. While typically used on Unix/Linux and MacOS, it is OS Independent. Useful for freeing up resources and transferring files between different operating systems. VMware vSphere supports NFS version 3 over TCP/IP. Virtual Volumes Virtual Volumes (VVOL)s are an industry wide standard focused on increasing the flexibility of virtual storage. VVOLs allow a focus on VMs for storage management, rather than being limited to LUNs. They encapsulate virtual disks and other virtual machine files on a physical storage device without using a file system. A VVOL is created every time a virtual machine is created, cloned, or a snapshot is made of it. Unlike LUNs, VVOLs can have their size and number adjusted. ESXi hypervisors must use protocol endpoints to access VVOLs. VVOLS VVOLs can broadly be classified into five types: ○ Config-VVOLs- Contain V M X (primary configuration file), NVRAM (file that contains the state of the virtual machine’s BIOS), and log files. ○ Data-VVOLs- Contain data related to VMDKs (virtual disk drives that store the contents of the VM’s storage device) and delta files (such as snapshots). ○ Mem-VVOLs- Contain data related to memory snapshots. ○ Swap-VVOLs- Contain information about swap files. ○ Other-VVOLs- A generic type of VVOL containing files relating to particular vSphere features. Virtualized Storage Area Networks (vSAN) vSAN is included in the ESXi hypervisor. Virtualizes the physical storage resources of ESXi hosts and pools them into a vSAN datastore. vSAN datastores are accessible to all hosts in the vSAN cluster. Virtual routing and switching reduces need for physical networking equipment, such as cabling. Requires at least one flash-based storage device per disk group. Software-Defined Storage (SDS) “Virtualized storage with a storage management interface.” Storage Virtualization is only a piece of the SDS stack. SNIA states that SDS must include: ○ Automation ○ Standard Interfaces ○ Virtualized Data Path ○ Scalability ○ Transparency SDS allows a greatly increased amount of flexibility in storage options. Advantages of Software-Defined Storage Separation of hardware and software eliminates the necessity to use proprietary products. This allows most hardware to be used and allows the software to be upgraded independently. Storage can be allocated specifically to certain amounts per application, increasing resource efficiency. SDS is capable of prioritizing where information is stored and moving it to optimal media depending on usage. SDS greatly reduces the complexity of storage solutions, as well as the required overhead for storage administrators. Types of Software-Defined Storage Several types of SDS exist, these may include, but are not limited to: Hypervisor-based - A storage hypervisor that helps manage multiple pools of storage. Ex: VMware’s vSAN technology. Hyper-Converged Infrastructure Package - This option packages compute, storage, networking, and virtualization in the same hardware. Container-based - Software-Defined Storage that is specifically built for container environments such as Docker. Software-Defined Storage Model VMware’s SDS model prioritizes the application, allowing the storage to fit the needs of the application, rather than the application conforming to the limitations of storage. This means that in addition to simplifying the storage process, reducing costs, and increasing flexibility, the SDS model also removes waste; applications get exactly what features from storage that they require in the lines of performance, capacity, protection, and so on. Virtual Data Plane In virtualization, “plane” refers to a specific level or layer in an organization’s IT structure. The Virtual Data Plane stores data for later retrieval and applies data services before passing it to the Policy-Driven Control Plane. The Virtual Data Plane also applies the policy selected to the objects in the Virtual Datastore. The Virtual Data Plane is delivered through vSAN x86 for hyper-converged storage, or through vSphere virtual volumes for external storage SAN and NAS. Policy-driven Control Plane Serves as the bridge between applications and infrastructure, creating standardized management and automation. Ensures that legal compliance is met through the life-cycle of the application Grants “perspectives” which are visible to different roles in a typical IT environment (application administrator, storage administrator, data protection administrator, business operations, etc.). This is more efficient than each role relying on its on set of proprietary management tools. The control plane is programmed through public APIs. Storage Policy-based Management VMware vSphere SPBM automates the provisioning and monitoring of services based on the policies set to them. Can allocate storage based on need, re-optimizing as need changes. The default storage policy is compatible with any vSAN datastore in the vCenter server. Policies can be applied to VMs or individual disks. It is highly recommended that you do NOT edit the settings of the default storage policy. Instead, clone the default storage policy and use it as a template. Virtual Data Services Data services applied by the Virtual Data Plane may include: ○ Compression- Reducing the size of files to conserve space. ○ Replication- The continuous copying of data as a backup safety feature. ○ Caching- Temporarily storing frequently used information for quick access. ○ Snapshots- Images of a system taken to conserve a specific point in time. ○ Deduplication- Removing redundant information to conserve space. ○ Encryption- Encoding data so that it remains secure to only those authorized. Data services are applied on a per-VM basis, allowing you to customize and change services as need arises. The Control plane manages resource allocation for storage services. Hyper-Converged Infrastructure Compute, Storage, Networking, and Management are integrated to run as software on the hypervisor. Run on non-proprietary servers with common management tools. The common way to achieve this is to run third-party storage software in the VM that sits on top of the hypervisor. This comes at a cost of resources and performance. VMware implements storage software into the hypervisor itself, causing convergence inside the hypervisor rather than on top of it. This increases performance and resource efficiency. Benefits of an HCI Model Virtualization with a hypervisor, combined with hyper-converged storage, a single set of management tools, and a wide compatibility with various hardware. Hyper-Convergence offers several benefits: ○ Fewer resources will be consumed, particularly when using storage software converged inside the hypervisor. ○ Increased performance and reduced latency. ○ Simpler hardware setup with single management interface. ○ Reduced cost via increased storage efficiency and fewer hardware purchases. ○ Improved security via software-based security, often built into modern HCI. ○ Industry-leading hypervisor makes 99.999% availability possible. ○ Improved scalability and flexibility. Software Stack Components VMware’s HCI is made up of three industry-leading solutions: ○ VMware vCenter Server- A unified server management software that provides a centralized platform for controlling your VMware vSphere environments. ○ VMware vSphere- The world’s leading server virtualization software and the heart of a modern software-defined data center (SDDC). This software helps users run, manage, connect and secure their applications in a common operating environment across clouds. Advanced security features integrated into the hypervisor and powered by machine learning provide better protection against and response times for security incidents. ○ VMware vSAN- The only vSphere embedded, flash-optimized storage for virtual machines and containers. It joins all storage devices in a vSphere cluster into a shared data pool. vSAN-powered HCI lowers storage costs by approximately 40% or more compared to traditional server and storage architectures. Storage Policies Management Virtual Machine Storage Policies are sets of rules that define how the vSAN stores files for the VM. Storage policies contain data placement rules and data service rules. Storage policies can be applied during any phase of a VM’s cycle. When a VM is cloned or migrated, a new storage policy can be applied, or it can carry over the original. During application, the SPBM will list which datastores are compatible with the current policy. Application Programming Interfaces (APIs) APIs allow applications to speak to one another. APIs can serve as software intermediaries between the user interface and the server database or website. APIs are only accessible by developers; they are not user-facing. APIs give developers access to assets to develop new software without starting from scratch. Public APIs are considered open and are shared outside of the owner-organizations. Private APIs are restricted to use only within the owner-organization. Hyper-Converged Storage vSAN There are two types of vSAN clusters: o “All Flash” vSAN clusters are made up entirely of SSDs and PCI-E storage devices. These are extremely high performance. o “Hybrid” vSAN clusters combine server-attached flash devices for caching purposes and magnetic drives for storage. These are more cost effective. Combines all the storage from ESXi hosts into a single pool of storage. It then allocates this storage to VMs based on their policies. vSAN is an enterprise-class storage solution for any virtualized application that allows seamless integration with vSphere and the entire VMware stack. Attributes of vSAN Ease of use. vSAN provies step by step guidance on how to create a vSAN cluster, in addition to scaling up with new drives or scaling out with new hosts at a moment’s notice without disruption. vSAN integration into the ESXi hypervisor simplifies management and removes the need for dedicated hardware and complicated networking. vSAN is designed to utilize the newest developments in flash technology to maximize performance. This couples with the ability to use industry standard hardware, rather than proprietary hardware. Attributes of vSAN Deduplication and Compression both help to reduce the amount of storage required and aid in getting the most out of your storage solutions. The VMware Update Manager (VUM) brings increased efficiency to the update process by centralizing all updates in a single location and scanning for issues post-update. Storage Policy-based Management allows VMs to get precisely what they need out of your storage hardware, no more and no less. This increases storage efficiency. vSAN works extremely well with both APIs and SDKs. Attributes of vSAN vSAN encryption is the industry’s first native HCI encryption solution. This can be enabled or disabled easily, and does not require self-encrypting drives. vSAN offers replication, continuously copying data from one server to another to minimize disruption in the event of a failure. The Snapshot feature vSAN offers allows you to save the state of a VM at a specific point in time. This is useful in a wide variety of situations, not limited to testing and developing. Cloning a VM creates a copy with its own MAC address and ID. Any changes made to the clone will not affect the original VM. Attributes of vSAN vSAN contains a Quality of Service feature that can throttle the amount of Input/Output Operations per Second (IOPS). This prevents one VM from consuming all available resources and ensures that all VMs can access the resources they need. Cache Layer and Capacity Layer vSAN architecture utilizes two layers: ○ Cache Layer- Used for read caching and write buffering, this is for “hot” data. ○ Capacity Layer- Used for long term storage, this is for “cold” data. The Cache Layer must always consist of a flash device, such as an SSD. The Capacity Layer may contain all flash devices in an “All Flash” format, or one or more magnetic devices in a “Hybrid” format. vSAN organizes disks into disk groups. A disk group will contain 1 drive on the Cache Layer and 1-7 devices on the Capacity Layer. A vSAN host can contain up to 5 disk groups. Object and Component Layout Virtual Machines contain five types of objects: ○ VM Home- Stores all virtual machine configuration files. ○ VMDK- This is the Virtual Machine’s disk file. ○ VM Swap- Reduces the amount of memory the host must reserve for VM operations. Created when the VM powers on. ○ Snapshot- A copy of the VM’s state at a specific point in time. ○ Memory- A backup of the VM’s memory stored on the host file system. An object is created for each virtual disk. These objects are logical and are mirrored across the cluster. Object and Component Layout A vSAN cluster can store and manage tens of thousands of objects. Objects are striped into components. A single component can not exceed 255GB. If an object is larger, it is striped into multiple components. Policies can also affect the number of components and object is striped into. Objects and components can reside on different hosts. Components make up the ‘leaves’ of the object tree. Summary of vSAN Benefits Ease of configuration, provisioning, and management. Due to being embedded in the hypervisor, configuration and installation are performed with a few clicks in the vSphere Client. Flexibility and Agility both in meeting changes in demand (both with application needs and scaling needs). Savings accrued from being able to use industry standard x86 hardware rather than proprietary, custom hardware. Higher performance, lower latency reduced resource consumption and need, increased security, streamlined operations, and potential 99.999% availability all granted from using HCI. VIRTUALIZATION MANAGEMENT ◾ Virtual infrastructure management (VIM) tools ◾ Tools that manage pools of virtual machines, resources, etc. ◾ Private cloud software systems can be considered as a VIM ◾ Considerations: ◾ Performance overhead  Paravirtualization: custom OS kernels, I/O passed directly to HW w/ special drivers ◾ Hardware compatibility for virtualization ◾ Portability: virtual resources tend to be difficult to migrate cross-clouds VIRTUAL INFRASTRUCTURE MANAGEMENT (VIM) ◾ Middleware to manage virtual machines and infrastructure of IaaS “clouds” ◾ Examples  OpenNebula  Nimbus  Eucalyptus  OpenStack VIM FEATURES ◾ Create/destroy VM Instances ◾ Image repository  Create/Destroy/Update images  Image persistence ◾ Contextualization of VMs  Networking address assignment  DHCP / Static IPs  Manage SSH keys VIM FEATURES - 2 ◾ Virtual network configuration/management  Public/Private IP address assignment  Virtual firewall management ⚫ Configure/support isolated VLANs (private clusters) ◾ Support common virtual machine managers (VMMs)  XEN, KVM, VMware  Support via libvirt library VIM FEATURES - 3 ◾ Shared “Elastic” block storage  Facility to create/update/delete VM disk volumes  Amazon EBS  Eucalyptus SC  OpenStack Volume Controller 4. MULTI-TENANT APPLICATIONS ◾ Each tenant (like in an apartment) has their own view of the application ◾ Tenants are unaware of their neighbors ◾ Tenants can only access their data, no access to data and configuration that is not their own ◾ Customizable features  UI, business process, data model, access control ◾ Application architecture  User isolation, data security, recovery/backup by tenant, scalability for a tenant, for tenants, metered usage, data tier isolation MULTI-TENANT APPS - 2 ◾ Forms the basis for SaaS (applications) 5. WEB SERVICES/WEB ◾ Web services technology is a key foundation of cloud computing’s “as-a-service” cloud delivery model ◾ SOAP – “Simple” object access protocol  First generation web services  WSDL – web services description language  UDDI – universal description discovery and integration  SOAP services have their own unique interfaces ◾ REST – instead of defining a custom technical interface REST services are built on the use of HTTP protocol ◾ HTTP GET, PUT, POST, DELETE HYPERTEXT TRANSPORT PROTOCOL (HTTP) ◾ An ASCII-based request/reply protocol for transferring information on the web ◾ HTTP request includes:  request method (GET, POST, etc.)  Uniform Resource Identifier (URI)  HTTP protocol version understood by the client  headers—extra info regarding transfer request ◾ HTTP response from server  Protocol version & status code   Response headers  Response body REST: REPRESENTATIONAL STATE TRANSFER ◾ Web services protocol ◾ Supersedes SOAP – Simple Object Access Protocol ◾ Access and manipulate web resources with a predefined set of stateless operations (known as web services) ◾ Requests are made to a URI ◾ Responses are most often in JSON, but can also be HTML, ASCII text, XML, no real limits as long as text-based ◾ HTTP verbs: GET, POST, PUT, DELETE, … SOAP and REST SOAP and REST are two Internet data exchange mechanisms. Two applications share data by using an API that defines communication rules. SOAP and REST are two different approaches to API design. SOAP approach is highly structured and uses XML data format. REST is more flexible and allows applications to exchange data in multiple formats. Similarities between SOAP and REST? It’s challenging to share data between applications developed using many different programming languages, architectures, and platforms because they have different data formats. Both SOAP and REST attempt to solve this problem. You can use SOAP and REST to build APIs or communication points between diverse applications. The terms web service and API are used interchangeably. However, APIs are the broader category. Web services are a special type of API. Here are other similarities between SOAP and REST: They both describe rules and standards on how applications make, process, and respond to data requests from other applications They both use HTTP, the standardized internet protocol, to exchange information They both support SSL/TLS for secure, encrypted communication How do SOAP APIs and REST APIs work? SOAP is an older technology that requires a strict communication contract between systems. New web service standards have been added over time to accommodate technology changes, but they create additional overheads. REST was developed after SOAP and inherently solves many of its shortcomings. REST web services are also called RESTful web services. SOAP APIs SOAP is a protocol that defines rigid communication rules. It has several associated standards that control every aspect of the data exchange. For example, here are some standards SOAP uses: Web Services Security (WS-Security) specifies security measures like using unique identifiers called tokens Web Services Addressing (WS-Addressing) requires including routing information as metadata WS-ReliableMessaging standardizes error handling in SOAP messaging Web Services Description Language (WSDL) describes the scope and function of SOAP web services When you send a request to a SOAP API, you must wrap your HTTP request in a SOAP envelope. This is a data structure that modifies the underlying HTTP content with SOAP request requirements. Due to the envelope, you can also send requests to SOAP web services with other transport protocols, like TCP or Internet Control Message Protocol (ICMP). SOAP APIs and SOAP web services always return XML documents in their responses. // SOAP REQUEST POST /InStock HTTP/1.1 Host: www.bookshop.org Content-Type: application/soap+xml; charset=utf-8 Content-Length: nnn The Fleamarket October 31, 2023 TCSS462/562:(Software Engineering for) Cloud Computing [Fall 2023] School of Engineering and Technology, University of Washington - Tacoma L10.11 4 // SOAP RESPONSE POST /InStock HTTP/1.1 Host: www.bookshop.org Content-Type: application/soap+xml; charset=utf-8 Content-Length: nnn 10.95 October 31, 2023 TCSS462/562:(Software Engineering for) Cloud Computing [Fall 2023] School of Engineering and Technology, University of Washington - Tacoma L10.11 5 // WSDL Service Definition Returns the day-of-week name for a given date October 31, 2023 TCSS462/562:(Software Engineering for) Cloud Computing [Fall 2023] School of Engineering and Technology, University of Washington - Tacoma L10.11 6 REST APIs REST is a software architectural style that imposes six conditions on how an API should work. These are the six principles REST APIs follow: 1. Client-server architecture. The sender and receiver are independent of each other regarding technology, platforming, programming language, and so on. 2. Layered. The server can have several intermediaries that work together to complete client requests, but they are invisible to the client. 3. Uniform interface. The API returns data in a standard format that is complete and fully useable. 4. Stateless. The API completes every new request independently of previous requests. 5. Cacheable. All API responses are cacheable. 6. Code on demand. The API response can include a code snippet if required. You send REST requests using HTTP verbs like GET and POST. Rest API responses are typically in JSON but can also be of a different data format. REST - 2 ◾ App manipulates one or more types of resources. ◾ Everything the app does can be characterized as some kind of operation on one or more resources. ◾ Frequently services are CRUD operations (create/read/update/delete)  Create a new resource  Read resource(s) matching criterion  Update data associated with some resource  Destroy a particular a resource ◾ Resources are often implemented as objects in OO languages REST ARCHITECTURAL ADVANTAGES ◾ Performance: component interactions can be the dominant factor in user-perceived performance and network efficiency ◾ Scalability: to support large numbers of services and interactions among them ◾ Simplicity: of the Uniform Interface ◾ Modifiability: of services to meet changing needs ( even while the application is running) ◾ Visibility: of communication between services ◾ Por tability: of services by redeployment ◾ Reliability: resists failure at the system level as redundancy of infrastructure is easy to ensure REST JSON EXAMPLE ◾ USDA Lat/Long Climate Service Demo ◾ Just provide a Lat/Long // REST/JSON // Request climate data for Washington { "parameter": [ { "name": "latitude", "value":47.2529 }, { "name": "longitude", "value":-122.4443 } ] } Key differences: SOAP vs REST Design The SOAP API exposes functions or operations, while REST APIs are data-driven. For example, consider an application with employee data that other applications can manipulate. The application's SOAP API could expose a function called CreateEmployee. To create an employee, you would specify the function name in your SOAP message when sending a request. However, the application's REST API could expose a URL called /employees, and a POST request to that URL would create a new employee record. Flexibility SOAP APIs are rigid and only allow XML messaging between applications. In SOAP, the application server has to maintain the state of each client. This means it has to remember all previous requests when processing a new request. REST is more flexible and allows applications to transfer data as plain text, HTML, XML, and JSON. REST is also stateless, so the REST API treats every new request independently of previous requests. Performance SOAP messages are larger and more complex, which makes them slower to transmit and process. This can increase page load times. REST is faster and more efficient than SOAP due to the smaller message sizes of REST. REST responses are also cacheable, so the server can store frequently accessed data in a cache for even shorter page load times. Scalability The SOAP protocol requires applications to store the state between requests, which increases bandwidth and memory requirements. As a result, it makes applications expensive and challenging to scale. REST permits stateless and layered architecture, which makes it scalable. For example, the application server can pass the request to other servers or allow an intermediary (like a content delivery network) to handle it. Security SOAP requires an additional layer of WS-Security to work with HTTPS. WS-Security uses additional header content to ensure only the designated process in the specified server reads the SOAP message content. This adds communication overheads and negatively impacts performance. REST supports HTTPS without additional overheads. Reliability SOAP has error handling logic built into it, and it provides more reliability. REST requires you to try again in case of communication failures, and it’s less reliable. When to use SOAP vs REST? Overall application design Modern applications like mobile apps and hybrid applications work better with REST APIs. REST gives you the scalability and flexibility to design applications using modern architecture patterns like microservices and containers. However, if you need to integrate or extend legacy systems that already have SOAP APIs, you may be better off continuing with SOAP. Security Public APIs have lower security requirements and demand greater flexibility so anyone can interact with them. So, REST is a better choice when you build public APIs. Conversely, some private APIs for internal enterprise requirements (like data reporting for compliance) may benefit from the tighter security measures in WS-Security of SOAP. ACID compliance Do your API users require stringent consistency and data integrity across a chain of transactions? For instance, finance transactions require an entire batch of data updates to fail if even one update fails. SOAP has built-in compliance for atomicity, consistency, isolation, and durability (ACID). And SOAP may be better suited for high data integrity requirements. In this case, REST APIs may require additional software modules to enforce the state at the server or database level. GRAPHQL ◾ GraphQL provides an alternative to RESTful APIs ◾ Instead of requiring a remote client to call multiple endpoints to obtain separate data, a GraphQL server provides a single aggregated (combined) endpoint and responds with precisely the data a client asks for. GRAPHQL - 2 ◾ GraphQL is responsible for fetching data that a client requests from multiple databases, storage engines, or services (including FaaS AWS Lambda functions) ◾ For remote mobile clients, reduces the # of client service calls (round-trips) by aggregating them together  Only pay for the cost of network latency between the client and server one time ◾ Initially created by Facebook in 2012, and released as open source in 2015 ◾ Supports reading and writing data, and also subscribing to updates GRAPHQL - 3 ◾ GraphQL service consists of types with fields then provides functions to resolve data for each field ◾ The collection of types and fields is the schema definition ◾ Functions that retrieve and map data are called resolvers ◾ Data sources: SQL, NoSQL, services, Lambdas GRAPHQL - 4 GraphQL requires a server to implement schemas using resolvers ◾ The server is typically hosted in the cloud near the databases and services ◾ Open source:  Apollo Server – build and run GraphQL APIs w/ Node.js  Express GraphQL – also Node.js based  Hot Chocolate – create GraphQL APIs for.NET ◾ Managed solutions:  AWS AppSync  Google Apigee  Azure API Management  IBM API Connect ◾