Beruflich Dokumente
Kultur Dokumente
SOLUTIONS
Krish Raghunundhun
02-06/11/2015
Email: raghunk@telkomsa.net
Cell: +27 81 765 4733
Lesson 2 – Cloud Computing
Architecture and Virtualization
3
Cloud Computing Architecture
5
Cloud Computing Architecture (2..2)
• Front End
– The front end refers to the
client part of cloud computing
system. It consists of interfaces
and applications that are
required to access the cloud
computing platforms, Example -
Web Browser.
• Back End
– The back End refers to the
cloud itself. It consists of all the
resources required to provide
cloud computing services. It
comprises of huge data
storage, virtual machines,
security mechanism, services,
deployment models, servers,
etc.
6
Cloud Computing Infrastructure (1..5)
7
Cloud Computing Infrastructure (2..5)
• Hypervisor
– Hypervisor is a firmware or low-level program that acts as a Virtual
Machine Manager. It allows to share the single physical instance of
cloud resources between several tenants.
• Management Software
– It helps to maintain and configure the infrastructure.
8
Cloud Computing Infrastructure (3..5)
• Deployment Software
– It helps to deploy and integrate the application on the cloud.
• Network
– It is the key component of cloud infrastructure. It allows to connect
cloud services over the Internet.
– It is also possible to deliver network as a utility over the Internet, which
means, the customer can customize the network route and protocol.
9
Cloud Computing Infrastructure (4..5)
• Server
– The server helps to compute the resource sharing and offers other
services such as resource allocation and de-allocation, monitoring the
resources, providing security etc.
• Storage
– Cloud keeps multiple replicas of storage. If one of the storage resources
fails, then it can be extracted from another one, which makes cloud
computing more reliable.
10
Cloud Computing Infrastructure (5..5)
Infrastructural Constraints
• Virtualization • Application
delivery
solution
Transparency Scalability
Intelligent
Security
Monitoring
11
Cloud Deployment models (1..10)
12
Public Cloud Model (2..10)
13
Public Cloud Model (3..10)
• Benefits
14
Private Cloud Model (4..10)
15
Private Cloud Model (5..10)
16
Private Cloud Model (6..10)
• Benefits
17
Hybrid Cloud Model (7..10)
18
Hybrid Cloud Model (8..10)
• Benefits
19
Community Cloud Model (9..10)
20
Community Cloud Model (10..10)
21
Cloud Architecture – Layers (1..7)
22
Cloud Architecture (2..7)
23
Cloud Architecture (3..7)
24
Cloud Architecture (4..7)
25
Cloud Architecture (5..7)
26
Cloud Architecture (6..7)
27
Cloud Architecture (7..7)
28
Anatomy of the Cloud
29
Anatomy of the Cloud (2..13)
Application 1. Application: The upper layer is the application layer. In this layer, any
applications are executed.
Platform 2. Platform: This component consists of platforms that are responsible
for the execution of the application.
Virtualized 3. Infrastructure: The infrastructure consists of resources over which the
infrastructure other components work. This provides computational capability to the
user.
Virtualization 4. Virtualization: Virtualization is the process of making logical
components of resources over the existing physical resources.
Server/storage/ 5. Physical hardware: The physical hardware is provided by server and
datacenters storage units.
30
Network Connectivity in Cloud Computing
(3..13)
31
Network Connectivity in Cloud Computing
(4..13)
32
Applications on the Cloud (5..13)
Web
applications
Stand-alone Cloud
applications applications
33
Applications on the Cloud (6..13)
Web
applications
Stand-alone Cloud
applications applications
34
Applications on the Cloud (7..13)
Web
applications
Stand-alone Cloud
applications applications
35
Applications on the Cloud (8..13)
• Cloud Applications
– Three broad access or service models, Software as a Service (SaaS),
Platform as a Service (PaaS), and Infrastructure as a Service (IaaS).
– A cloud application is different from other applications; they have
unique features. A cloud application usually can be accessed as a web
application but its properties differ.
36
Cloud application features (9..13)
Elasticity
Heterogeneous
cloud platform
Quantitative
measurement
On-demand service
37
Cloud application features (10..13)
Quantitative
measurement
On-demand service
38
Cloud application features (11..13)
• Heterogeneous cloud
Multitenancy platform: Any type of
application can be deployed in
Cloud Application Features
On-demand service
39
Cloud application features (12..13)
• Quantitative measurement:
Multitenancy The user is usually offered
services based on certain
Cloud Application Features
Elasticity charges
Heterogeneous
cloud platform
Quantitative
measurement
On-demand service
40
Cloud application features (13..13)
41
Use Case Scenarios (1..6)
42
Use Case Scenarios (2..6)
Requirements
• Identity: The cloud service must
authenticate the end user.
• An open client: Access to the cloud
service should not require a particular
platform or technology.
• Security: Security (including privacy)
is a common requirement to all use
cases, although the details of those
requirements will vary widely from
one use case to the next. A full
discussion of security in cloud
computing is beyond the scope of
this paper.
• SLAs: Although service level
agreements for end users will usually
be much simpler than those for
enterprises, cloud
43
Use Case Scenarios (3..6)
44
Use Case Scenarios (4..6)
Requirements
• Identity: The cloud service must
authenticate the end user.
• An open client: Access to the cloud
service should not require a particular
platform or technology.
• Federated identity: In addition to basic
the identity needed by an end user, an
enterprise user is likely to have an
identity with the enterprise.
• Location awareness: Depending on the
kind of data the enterprise is managing
on the user's behalf, there might be legal
restrictions on the location of the physical
server where the data is stored.
45
Use Case Scenarios (5..6)
• Requirements
– Identity: The cloud service must authenticate the end user.
– An open client: Access to the cloud service should not require a
particular platform or technology.
– Federated identity: In addition to basic the identity needed by an end
user, an enterprise user is likely to have an identity with the enterprise.
– Location awareness: Depending on the kind of data the enterprise is
managing on the user's behalf, there might be legal restrictions on the
location of the physical server where the data is stored.
– Metering and monitoring: All cloud services must be metered and
monitored for cost control, chargebacks and provisioning.
– Security: Any use case involving an enterprise will have more
sophisticated security requirements than one involving a single end
user.
46
Use Case Scenarios (6..6)
• Requirements
– A Common File Format for VMs: A VM created for one cloud vendor’s
platform should be portable to another vendor’s platform.
– Common APIs for Cloud Storage and Middleware: The enterprise use
cases require common APIs for access to cloud storage services, cloud
databases, and other cloud middleware services such as message
queues.
– Data and Application Federation: Enterprise applications need to
combine data from multiple cloud-based sources, and they need to
coordinate the activities of applications running in different clouds.
– SLAs and Benchmarks: In addition to the basic SLAs required by end
users, enterprises who sign contracts based on SLAs will need a
standard way of benchmarking performance.
– Lifecycle Management: Enterprises must be able to manage the
lifecycle of applications and documents.
47
Building Scalable Architecture (1..3)
48
Building Scalable Architecture – Example (2..3)
49
Building Scalable Architecture – Example (3..3)
50
Managing the Cloud (1..2)
51
Managing the Cloud (2..2)
52
Architecture Overview (Re-cap)
Essential
Characteristics
Service
Models
Development
Models
53
Cloud Architecture – Examples (1..7)
56
Amazon Elastic Beanstalk architecture (4..7)
57
Amazon Web Services cloud (5..7)
58
Amazon Web Services cloud (6..7)
59
Salesforce’s platform (7..7)
60
Virtualization
1. Introduction to Virtualization
2. Hypervisor
3. Virtualization Elements
What is Virtualization?
62
Video 1_Virtually Speaking- What is Virtualization
Video 2_Virtualization Example
63
Cloud Services Models
64
Traditional versus Virtualized System (1..3)
65
Traditional versus Virtualized System (2..3)
66
Traditional versus Virtualized System (3..3)
67
After virtualization…
68
Benefits
69
Drawbacks
70
Virtualization Opportunities
71
Approaches to Virtualization (1..5)
72
Approaches to Virtualization (2..5)
73
Full virtualization (3..5)
74
Paravirtualization (4..5)
75
Hardware-Assisted Virtualization (5..5)
76
Hypervisor (1..5)
77
Hypervisor (2..5)
78
Hypervisor Types (3..5)
79
Two types of hypervisors (4..5)
• Definitions
– Hypervisor (or VMM – Virtual Machine Monitor) is a software layer that
allows several virtual machines to run on a physical machine
– The physical OS and hardware are called the Host
– The virtual machine OS and applications are called the Guest
VMware ESX, Microsoft Hyper-V, Xen VMware Workstation, Microsoft Virtual PC,
Sun VirtualBox, QEMU, KVM
80
Bare-metal or hosted? (5..5)
• Bare-metal
– Has complete control over hardware
– Doesn’t have to “fight” an OS
• Hosted
– Avoid code duplication: need not code a process scheduler,
memory management system – the OS already does that
– Can run native processes alongside VMs
– Familiar environment – how much CPU and memory does a VM
take? Use top! How big is the virtual disk? ls –l
– Easy management – stop a VM? Sure, just kill it!
• A combination
– Mostly hosted, but some parts are inside the OS kernel for
performance reasons
– E.g., KVM
81
Load Balancer (1..3)
82
Load Balancer (2..3)
84
Virtual Server (1..2)
85
Virtual Server (2..2)
86
Virtual CPU
87
Virtual Disk (1..2)
88
Virtual Disk (2..2)
89
Virtual Network
90
Virtual Switch (1..2)
91
Virtual Switch (2..2)
92
Virtual RAM
93
Virtual Infrastructure Manager
• Virtualized IT resource
management is often supported
by virtualization infrastructure
management (VIM) tools that
collectively manage virtual IT
resources and rely on a
centralized management
module, otherwise known as a
controller, that runs on a
dedicated computer.
• The VIM coordinates the server An example of a VIM and a VM image
hardware so that virtual server repository within a resource
management system.
instances can be created from
the most expedient underlying
physical server.
94
Virtualization Monitor (1..2)
95
Virtualization Monitor (2..2)
96
Virtualization Security
Cloud vs Virtualization
98
Leveraging Virtualization in the Cloud
99
Virtualization Simplified
100
Host OS versus Bare Metal
• Host OS
– Boot from operating system
– Hypervisor loaded as application or service
– Provides greater flexibility
• Bare metal
– Minimal boot strap built into hypervisor
– Typically Linux or BSD derivative
– Typically more difficult to upgrade
101
Flexibility of Abstraction
102
What about security
103
The lack of an Air Gap
104
Which is more secure
105
Security gains and loses experienced when
moving to virtualization
106
Things to look out for
107
Physical vs Logical Partitions
• Physical
– Physical resource is dedicated to VW
– Severely limits flexibility
– Arguably more secure
• Logical
– Physical resources are logically segregated
– Simplifies capacity tuning
– Arguably less secure
108
Potential Data Misplacement
109
Applying Security
110
Layers with Virtualization
111
Cloud Standards
113
Standards
114
Standards
115
Standards
116
Standards
117
Complete Quiz 1
118
119