UNIT-1 Introduction & Cloud Infrastructure
UNIT-1 Introduction & Cloud Infrastructure
Unit-1: Syllabus:
Introduction: Network centric computing and network centric content, Peer-to-peer systems,
Cloud Computing: an old idea whose time has come, Cloud Computing delivery models &
Services, Ethical issues, Cloud vulnerabilities, Challenges.
Cloud Infrastructure: Amazon, Google, Azure & online services, open source private clouds.
Storage diversity and vendor lock-in, intercloud, Energy use & ecological impact of data centers,
service level and compliance level agreement, Responsibility sharing, user experience, Software
licensing.
Introduction:
• Cloud computing uses Internet technologies to offer elastic services. The term elastic
computing refers to the ability to dynamically acquire computing resources and support a
variable workload. A cloud service provider maintains a massive infrastructure to support elastic
services.
• The resources used for these services can be metered and the users can be charged only for the
resources they use.
• Economy of scale allows service providers to operate more efficiently due to specialization and
centralization.
• Cloud computing is cost-effective due to resource multiplexing; lower costs for the service
provider are passed on to the cloud users.
• The application data is stored closer to the site where it is used in a device- and location-
independent manner; potentially, this data storage strategy increases reliability and security and,
at the same time, it lowers communication costs.
Cloud computing is a technical and social reality and an emerging technology. The economical,
social, ethical, and legal implications of this shift in technology, in which users rely on services
provided by large data centers and store private data and software on system they do not control,
are likely to be significant. Shown in the figure.
• The Web and the semantic Web are expected to support composition of services.
• The Grid, initiated in the early 1990s by National Laboratories and Universities, is used
primarily for applications in the area of science and engineering.
• Computer clouds, promoted since 2005 as a form of service-oriented computing by large IT
companies, are used for enterprise computing, high-performance computing, Web hosting, and
storage for network-centric content.
The Web opened a new era in data sharing and ultimately led to the concept of network-centric
content. The semantic Web2 is an effort to enable lay people to more easily find, share, and
combine information available on the Web. machines can perform more of the tedious work
involved in finding, combining, and acting upon information on the Web. Several technologies
are necessary to provide a formal description of
1. Concepts,
2. Terms, and
3. Relationships within a given knowledge domain; they include the Resource description
Framework (RDF), a variety of data interchange formats, and notations such as RDF Schema
(RDFS) and the Web Ontology Language (OWL).
In the early 1980s major research organizations such as the National Laboratories and large
companies had powerful computing centers supporting large user populations scattered
throughout wide geographic areas. Then the idea to link such centers in an infrastructure
resembling the power grid was born; the model known as network-centric computing was
taking shape.
The term computing grid is a metaphor for accessing computer power with similar ease as we
access power provided by the electric grid. Software libraries known as middleware have been
furiously developed since the early 1990s to facilitate access to grid services.
The companies promoting cloud computing seem to have learned the most important
lessons from the grid movement.
Computer clouds are typically homogeneous.
An entire cloud shares the same security, resource management, cost and other policies,
and last but not least, it targets enterprise computing.
some of the reasons that several agencies of the US Government, including
1. Health and Human Services (HHS),
2. the Centers for Disease Control (CDC),
3. the National Aeronautics and Space Administration (NASA),
4. the Navy’s Next Generation Enterprise Network (NGEN), and
5. the Defense Information Systems Agency (DISA), have launched cloud computing
initiatives and conduct actual system development intended to improve the efficiency
and effectiveness of their information processing needs.
Network-centric content: The term content refers to any type or volume of media, be it static or
dynamic, monolithic or modular, live or stored, produced by aggregation, or mixed.
Information is the result of functions applied to content.
The creation and consumption of audio and visual content are likely to transform the
Internet to support increased quality in terms of resolution, frame rate, color depth, and
stereoscopic information, and it seems reasonable to assume that the Future Internet3 will
be content-centric.
Computer simulation becomes a powerful tool for scientific research in virtually all areas
of science, from physics, biology, and chemistry to archeology.
Sophisticatedtools for computer-aided design, such as Catia (Computer Aided Three-
dimensional Interactive Application), are widely used in the aerospace and automotive
industries.
The wide spread use of sensors contributes to increases in the volume of data.
Multimedia applications are increasingly popular; the ever-larger media increase the load
placed on storage, networking, and processing systems.
Virtually all applications are network-intensive. Indeed, transferring large volumes of
data requires
high-bandwidth networks; parallel computing, computation steering,4 and data streaming
are examples
of applications that can only run efficiently on low-latency networks.
• The systems are accessed using thin clients running on systems with limited resources.
In June 2011
Google released Google Chrome OS, designed to run on primitive devices and based on
the browser
with the same name.
• The infrastructure supports some form of workflow management. Indeed, complex
computational
tasks require coordination of several applications; composition of services is a basic tenet
ofWeb 2.0.
Peer-to-peer systems
In all models of network-centric computing prior to utility computing, a user maintains direct
control of the software and the data residing on remote systems.
P2P systems can be regarded as one of the precursors of today’s clouds.
New model for distributed computing promoted the idea of low-cost access to storage
and central processing unit (CPU) cycles provided by participant systems;
The resources are located in different administrative domains.
The P2P systems are self-organizing and decentralized, whereas the servers in a cloud are
in a single administrative domain and have a central management.
P2P systems exploit the network infrastructure to provide access to distributed computing
resources.
Once the technological elements were in place, it was only a matter of time until the
economical advantages of cloud computing became apparent.
Due to the economy of scale, large data centers – centers with more than 50,000 systems
– are more economical to operate than medium-sized centers that have around 1,000
systems.
Large data centers equipped with commodity computers experience a five to seven times
decrease of resource consumption, including energy, compared to medium-sized centers .
The networking costs, in dollars per Mbit/s/month, are 95/13 = 7.1 times larger, and the
storage costs, in dollars per Gbyte/month, are 2.2/0.4 = 5.7 times larger for medium-sized
centers.
Medium-sized centers have a larger administrative overhead – one system administrator
for 140 systems versus one for 1,000 systems for large centers.
3. Public cloud. The infrastructure is made available to the general public or a large industry
group and is owned by an organization selling cloud services.
• Vendor lock-in. Once a customer is hooked to one provider, it is hard to move to another. The
standardization efforts at National Institute of Standards and Technology (NIST) attempt to
address this problem.
• Data transfer bottlenecks. Many applications are data-intensive. A very important strategy is to
store the data as close as possible to the site where it is needed. Transferring 1 TB of data on a
1Mbps network takes 8 million seconds, or about 10 days; it is faster and cheaper to use courier
service and send data recoded on some media than to send it over the network. Very high-speed
networks will alleviate this problem in the future; for example, a 1 Gbps network would reduce
this time to 8,000 s, or slightly more than 2 h.
3. Broker
The service consumer, the entity that maintains a business relationship with and uses service
from
service providers;
The service provider, the entity responsible for making a service available to service consumers;
The carrier, the intermediary that provides connectivity and transport of cloud services between
providers and consumers;
The broker, an entity that manages the use, performance, and delivery of cloud services and
negotiates relationships between providers and consumers; and the auditor, a party that can
conduct independent assessment of cloud services, information system operations, performance,
and security of the cloud implementation.
An audit is a systematic evaluation of a cloud system that measures how well it conforms to a
set of established criteria. For example, a security audit evaluates cloud security, a privacy-
impact audit evaluates cloud privacy assurance, and a performance audit evaluates cloud
performance.
Software-as-a-Service (SaaS) gives the capability to use applications supplied by the service
provider
in a cloud infrastructure.
The applications are accessible from various client devices through a thin-client interface
such as a Web browser. Example Web-based email.
The user does not manage or control the underlying cloud infrastructure, including
network, servers, operating systems, storage, or even individual application capabilities,
with the possible exception of limited user-specific application configuration settings.
The SaaS is not suitable for applications that require real-time response or those for which data is
not allowed to be hosted externally. The most likely candidates for SaaS are applications for
which:
• Many competitors use the same product, such as email.
• Periodically there is a significant peak in demand, such as billing and payroll.
• There is a need for Web or mobile access, such as mobile sales management software.
• There is only a short-term need, such as collaborative software for a project.
Platform-as-a-Service (PaaS):
Gives the capability to deploy consumer-created or acquired applications using
programming languages and tools supported by the provider.
The user does not manage or control the underlying cloud infrastructure, including
network, servers, operating systems, or storage.
The user has control over the deployed applications and, possibly, over the application
hosting environment configurations.
Such services include session management, device integration, sandboxes,
instrumentation and testing, contents management, knowledge management, and
Universal Description, Discovery, and Integration (UDDI), a platform-independent
Extensible Markup Language (XML)-based
Registry providing a mechanism to register and locate Web service applications.
PaaS is not particulary useful when the application must be portable, when proprietary
programming languages are used, or when the original hardware and software must be
customized to improve the performance of the application. The major PaaS application areas are
in software development where multiple developers and users collaborate and the deployment
and testing services should be automated.
Infrastructure-as-a-Service (IaaS) :
It is the capability to provision processing, storage, networks, and other fundamental computing
resources.
the consumer is able to deploy and run arbitrary software, which can include operating systems
and applications.
The consumer does not manage cloud infrastructure but has control over operating systems,
storage, deployed applications, and possibly limited control of some networking components,
such as host firewalls. Services offered by this delivery model include: server hosting, Web
servers, storage, computing hardware, operating systems, virtual instances, load balancing,
Internet access, and bandwidth provisioning.
The IaaS cloud computing delivery model has a number of characteristics, such as the fact that
the resources are distributed and support dynamic scaling, it is based on a utility pricing model
and variable cost, and the hardware is shared among multiple users. This cloud computingmodel
is particulary useful when the demand is volatile and a new business needs computing resources
and does not want to invest in a computing infrastructure or when an organization is expanding
rapidly.
A number of activities are necessary to support the three delivery models; they include:
1. Service management and provisioning, including virtualization, service provisioning, call
center, operations management, systems management, QoS management, billing and accounting,
asset management, SLA management, technical support, and backups.
3. Customer services such as customer assistance and online help, subscriptions, business
intelligence, reporting, customer preferences, and personalization.
4. Integration services, including data management and development. This list shows that a
service-oriented architecture involves multiple subsystems and complex interactions among
these subsystems.
Unauthorized access, data corruption, infrastructure failure, and service unavailability are
some of the risks related to relinquishing the control to third-party services, whenever a
problem occurs; it is difficult to identify the source and the entity causing it.
Systems can span the boundaries of multiple organizations and cross security borders, a
process called deperimeterization. As a result ofdeperimeterization, “not only the border
of the organization’s IT infrastructure blurs, also the border of the accountability
becomes less clear”
The complex structure of cloud services can make it difficult to determine who is
responsible in case something undesirable happens.
Some of them have the opportunity to prevent these consequences, and therefore no one
can be held responsible – the so-called “problem of many hands.”
Cloud computing inherits some of the challenges of parallel and distributed computing discussed
in at the same time, it faces major challenges of its own.
1. The three cloud delivery models, but in all cases the difficulties are created by the very
nature of utility computing, which is based on resource sharing and resource
virtualization and requires a different trust model than the ubiquitous user-centric model
we have been accustomed to for a very long time.
2. Ssecurity gaining the trust of a large user base is critical for the future of cloud
computing.
3. It is unrealistic to expect that a public cloud will provide a suitable environment for all
applications.
4. Highly sensitive applications related to the management of the critical infrastructure,
5. Healthcare applications, and others will most likely be hosted by private clouds.
6. Many real-time applications will probably still be confined to private clouds.
7. Some applications may be best served by a hybrid cloud setup; such applications could
keep sensitive data on a private cloud and use a public cloud for some of the processing.
8. Resource Allocation.
9. Maintenance
10. Virtualization.
11. Data Intensive
12. Data Storage
13. Confidence
14. Trust
15. Professional Ehtics.
16. Customer Satisfaction
17. Best service
18. Data Encryption and decryption
19. Special Attention
20. Infrastructure
21. Mainting private inforamtion
Cloud vulnerabilities
Clouds are affected by malicious attacks and failures of the infrastructure (e.g., power
failures).
Such events can affect Internet domain name servers and prevent access to a cloud or can
directly affect
the clouds. For example, an attack at Akamai on June 15, 2004 caused a domain name
outage and a
major blackout that affected Google, Yahoo!, and many other sites.
In May 2009 Google was the target of a serious denial-of-service (DoS) attack that took
down services such Google News and Gmail for several days.
Lightning caused a prolonged downtime at Amazon on June 29 and 30, 2012; the AWS
cloud in the
Eastern region of the United States, which consists of 10 data centers across four
availability zones,
was initially troubled by utility power fluctuations, probably caused by an electrical
storm.
A June 29, 2012 storm on the East Coast took down some Virginia-based Amazon
facilities and affected companies using systems exclusively in this region.
Instagram, a photo-sharing service, was one of the victims of this outage, according to
http://mashable.com/2012/06/30/aws-instagram/.
The recovery from the failure took a very long time and exposed a range of problems. For
example, one of the 10 centers failed to switch to backup generators before exhausting
the power that could be supplied by uninterruptible power supply (UPS) units. AWS uses
“control planes” to allow users to switch to resources in a different region, and this
software component also failed.
The booting process was faulty and extended the time to restart EC2 (Elastic Computing)
and EBS (Elastic Block Store) services.
Another critical problem was a bug in the elastic load balancer (ELB), which is used to
route traffic to servers with available capacity.
A similar bug affected the recovery process of the Relational Database Service (RDS).
This event brought to light “hidden” problems that occur only under special
circumstances.
In mid-2000 Amazon introduced Amazon Web Services (AWS), based on the IaaS delivery
model. In this model the cloud service provider offers an infrastructure consisting of compute
and storage servers interconnected by high-speed networks that support a set of services to
access these resources. An application developer is responsible for installing applications on a
platform of his or her choice and managing the resources provided by Amazon.
Amazon Web Services. Amazon was the first provider of cloud computing; it announced a
limited
public beta release of its Elastic Computing platform called EC2 in August 2006. Figure 3.1
shows the
palette of AWS services accessible via the Management Console.
Elastic Compute Cloud (EC2)1 is a Web service with a simple interface for launching instances
of
an application under several operating systems, such as several Linux distributions, Microsoft
Windows
Server 2003 and 2008, OpenSolaris, FreeBSD, and NetBSD.
An instance is created either from a predefined Amazon Machine Image (AMI) digitally signed
and stored in S3 or from a user-defined image.
The image includes the operating system, the run-time environment, the libraries, and the
application desired by the user. AMI images create an exact copy of the original image but
without configuration-dependent information such as the hostname or the MAC address.
A user can: (i) Launch an instance from an existingAMI and terminate an instance;
(ii) start and stop an instance;
(iii) create a new image;
(iv) add tags to identify an image; and
(v) reboot an instance.
EC2 allows the import of virtual machine images from the user environment to an
instance through
a facility called VM import.
It also automatically distributes the incoming application traffic among multiple instances
using the elastic load-balancing facility.
EC2 associates an elastic IP address with an account; this mechanism allows a user to
mask the failure of an instance and remap a public IP address to any instance of the
account without the need to interact with the software support team.
Simple Storage System (S3) is a storage service designed to store large objects.
It supports a minimal set of functions: write, read, and delete. S3 allows an application to handle
an unlimited number of objects ranging in size from one byte to five terabytes. An object is
stored in a bucket and retrieved via a unique developer-assigned key.
The object names are global. Authentication mechanisms ensure that data is kept secure; objects
can be made public, and rights can be granted to other users. S3 supports PUT, GET, and
DELETE primitives to manipulate objects but does not support primitives to copy, rename, or
move an object from one bucket to another. Appending to an object requires a read followed by a
write of the entire object.
3. The volumes are grouped together in availability zones and are automatically replicated
in each zone.
4. An EC2 instance may mount multiple volumes, but a volume cannot be shared among
multiple instances.
5. The EBS supports the creation of snapshots of the volumes attached to an instance and
then uses them to restart an instance.
6. The storage strategy provided by EBS is suitable for database applications, file systems,
and applications using raw data devices.
Simple DB is a non relational data store that allows developers to store and query data items via
Web services requests. It supports store-and-query functions traditionally provided only by
relational databases. Simple DB creates multiple geographically distributed copies of each data
item and supports high-performance. Web applications; at the same time, it automatically
manages infrastructure provisioning, hardware and software maintenance, replication and
indexing of data items, and performance tuning.
Simple Queue Service (SQS) is a hosted message queue. SQS is a system for supporting
automated workflows; it allows multiple Amazon EC2 instances to coordinate their activities by
sending and receiving SQS messages. Any computer connected to the Internet can add or read
messages without any installed software or special firewall configurations.
Cloud Watch is a monitoring infrastructure used by application developers, users, and system
administrators to collect and track metrics important for optimizing the performance of
applications and for increasing the efficiency of resource utilization. Without installing any
software, a user can monitor approximately a dozen preselected metrics and then view graphs
and statistics for these metrics.
Virtual Private Cloud (VPC) provides a bridge between the existing IT infrastructures of an
organization and the AWS cloud. The existing infrastructure is connected via a virtual private
network (VPN) to a set of isolated AWS compute resources. VPC allows existing management
capabilities such as security Services, firewalls, and intrusion detection systems to operate
seamlessly within the cloud.
Auto Scaling exploits cloud elasticity and provides automatic scaling of EC2 instances. The
service supports grouping of instances, monitoring of the instances in a group, and defining
triggers and pairs of CloudWatch alarms and policies, which allow the size of the group to be
scaled up or down. Typically, a maximum, a minimum, and a regular size for the group are
specified. An Auto Scaling group consists of a set of instances described in a static fashion by
launch configurations.
The Amazon Web Services Licensing Agreement (AWSLA) allows the cloud service provider
to terminate service to any customer at any time for any reason and contains a covenant not to
sue Amazon or its affiliates for any damages that might arise out of the use of AWS the AWSLA
prohibits the use of “other information obtained through AWS for the purpose of direct
marketing, spamming, contacting sellers or customers.” (refer table 3.1)
An availability zone is a data center consisting of a large number of servers. A servermay run
multiple
virtual machines or instances, started by one or more users; an instance may use storage services,
S3,
EBS), and Simple DB, as well as other services provided by AWS (see Figure 3.2). A cloud
interconnect
allows all systems in an availability zone to communicate with one another and with systems in
other
availability zones of the same region.
Table 3.2 summarizes the features and the amount of resources supported by each instance. The
resources supported by each configuration are main memory, virtual computers (VCs) with a 32-
or 64-bit architecture, instance memory (I-memory) on persistent storage, and I/O performance at
two levels: moderate (M) or high (H). The computing power of a virtual core is measured in EC2
compute units (CUs). A main attraction of Amazon cloud computing is the low cost. The dollar
amounts charged for one hour of running Amazon’s services under Linux or Unix and Microsoft
Windows in mid-2012 are summarized in Table 3.3. There are no charges for data transfers from
the user’s site to the Amazon network or within the Amazon network; the charges for data
transfer from the AWS network to the outside world depend on the region. For example, the
charges for the USWest (Oregon) region are shown in Table 3.4.
The data for these services is stored in data centers on the cloud.
The Gmail service hosts emails on Google servers and, provides aWeb interface to access
them and
tools for migrating from Lotus Notes and Microsoft Exchange.
. It supports features such as tables, bullet
points, basic fonts, and text size; it allows multiple users to edit and update the same
document and view
the history of document changes; and it provides a spell checker.
The service allows users to import and export files in several formats, including
Microsoft Office, PDF, text, and OpenOffice extensions.
Google Calendar is a browser-based scheduler; it supports multiple calendars for a user,
the ability
to share a calendar with other users, the display of daily/weekly/monthly views, and the
ability to search
Events and synchronize with the Outlook Calendar.
Google Calendar is accessible from mobile devices.
Event reminders can be received via SMS, desktop popups, or emails. It is also possible
to share your
calendar with other Google Calendar users.
Picasa is a tool to upload, share, and edit images; it provides 1 GB of disk space per user
free of charge. Users can add tags to images and attach locations to photos.
Google Base is a service allowing users to load structured data from different sources to
a central
repository that is a very large, self-describing, semi-structured, heterogeneous
database. It is self
describing
because each item follows a simple schema: (item type, attribute names).
Google Drive is an online service for data storage that has been available since April
2012. It gives
users 5 GB of free storage and charges $4 per month for 20 GB. It is available for PCs,
MacBooks,
iPhones, iPads, and Android devices and allows organizations to purchase up to 16 TB of
storage.
Google Groups allows users to host discussion forums to create messages online or via
email.
Google is also a leader in the Platform-as-a-Service (PaaS) space.
The database for code development can be accessed with Google Query Language
(GQL) with a SQL-like syntax.
The concept of structured data is important to Google’s service strategy.
Google Co-op allows users to create customized search engines based on a set of facets
or categories.
For example, the facets for a search engine for the database research community
available at
http://data.cs.washington.edu/coop/dbresearch/index.html are professor, project,
publication, jobs.
Google has also redefined the laptop with the introduction of the Chromebook, a
purelyWeb-centric
device running Chrome OS.
Cloud-based applications, extreme portability, built-in 3G connectivity, almost instant-
on, and all-day battery life are the main attractions of this device with a keyboard.
Google adheres to a bottom-up, engineer-driven, liberal licensing and user application
development.
philosophy, whereas Apple, a recent entry in cloud computing, tightly controls the technology
stack,