CLOUD COMPUTING

Bharati Vidyapeeth (Deemed to be University)

College of Engineering, Pune

B. Tech. Sem. VIII: Electronics & Telecommunication Engineering

SUBJECT: - CLOUD COMPUTING

Course Objectives:
1. To introduce the fundamentals of Cloud computing, its technologies, Challenges and
Applications
2. To give Insights into virtualization technologies and Architecture.
3. To know the relationship between Cloud and SOA.
4. To classify and evaluate Cloud Security Issues.
5. To appreciate the emergence of clouds as the next generation computing paradigm.
6. To appreciate the evolution of clouds from the existing technologies.

Course Outcomes:
On successful completion of this course, students will be able to:
1. Adapt different types of virtualizations and increase resource utilization.
2. Describe and demonstrate the underlying principles of different Cloud Service Models.
3. Build a private cloud using open-source technologies.
4. Examine and explain the core issues of cloud computing such as resource management and
security.
5. Develop applications on Cloud Platforms.
6. Develop real world web applications and deploy on commercial cloud.

E&TC Department BVDUCOE Page. 1

 CLOUD COMPUTING

Bharati Vidyapeeth (Deemed to be University)

College of Engineering, Pune
Department of Electronics and Tele- Communication
B.Tech (Electronics & Telecommunication) Semester VIII Summer 2024
Subject- CLOUD COMPUTING
Student Name -

Student PRN -

Student Roll No. –

Index
____________________________________________________________________________

Sr. Name of Experiment Page No. Date Marks Faculty Avg.

No. (25) Signature Mark
s
1 Study of Cloud Computing & 03 -05
Architecture

2 Installation and Configuration of 06 – 11

virtualization using KVM

3 Study and implementation of 12 – 15

Infrastructure as a Service

4 Study and implementation of 16 – 18

Storage as a Service

5 Study and implementation of 19 – 22

identity management

6 Study Cloud Security management 23 – 32

7 Case study on Amazon 33 – 35

EC2/Microsoft Azure/Google Cloud
Platform
8 Deploy web applications on 36 - 40
commercial cloud. Technology:
Google appEngine/ Windows Azure
9 To launch virtual machine using 41 - 45
VMWare

E&TC Department BVDUCOE Page. 2

 CLOUD COMPUTING

EXPERIMENT NO: 1

Experiment 1: Study of Cloud Computing & Architecture

Aim: To study cloud architecture and cloud computing model.

Objectives: From this experiment, the student will be able to

 provide an overview of concepts of Cloud Computing .
 To encourage students to indulge into research in Cloud Computing.

Outcomes: The learner will be able to

 understand and appreciate cloud architecture.
 analyze the local and global impact of computing on
individuals, organizations, and society.
 recognize the need for, and an ability to engage in life-long learning.

Hardware / Software Required: Ubuntu operating system, Internet

Theory:

Cloud computing enables companies to consume compute resources as a utility -- just like
electricity -- rather than having to build and maintain computing infrastructures in-house. Cloud
computing promises several attractive benefits for businesses and endusers.
Three of the main benefits of cloud computing include:
• Self-service provisioning: End users can spin up computing resources for almost anytype of
workload on-demand.
• Elasticity: Companies can scale up as computing needs increase and then scale downagain as
demands decreases.
Pay per use: Computing resources are measured at a granular level, allowing users to pay only for
the resources and workloads they use.
Cloud computing services can be Private, Public or Hybrid.
Private cloud services are delivered from a business' data center to internal users. This model offers
versatility and convenience, while preserving management, control and security. Internal
customers may or may not be billed for services through IT chargeback.

In the Public cloud model, a third-party provider delivers the cloud service over the Internet.
Public cloud services are sold on-demand, typically by the minute or thehour. Customers
only pay for the CPU cycles, storage or bandwidth they consume. Leading public cloud
providers include Amazon Web Services (AWS), Microsoft Azure, IBM/SoftLayer and Google
Compute Engine.
Hybrid cloud is a combination of public cloud services and on-premises private cloud
– with orchestration and automation between the two.
Companies can run mission-critical workloads or sensitive applications on the privatecloud while
using the public cloud for workloads that must scale on-demand. The goal of hybrid cloud is to
create a unified, automated, scalable environment which takes advantage of all that a public cloud
infrastructure can provide, while still maintaining control over mission-critical data.

E&TC Department BVDUCOE Page. 3

 CLOUD COMPUTING

Types of cloud computing:

IT people talk about three different kinds of cloud computing, where different services are being
provided for you. Note that there's a certain amount of vagueness about how these things are
defined and some overlap between them.
1. Infrastructure as a Service (IaaS) means you're buying access to raw computing hardware
over the Net, such as servers or storage. Since you buy what you need and pay-as-you-go, this is
often referred to as utility computing. Ordinary web hosting is a simple example of IaaS: you
pay a monthly subscription or a per-megabyte/gigabyte fee to have a hosting company serve up
files for your website from their servers.
2. Software as a Service (SaaS) means you use a complete application running onsomeone else's
system. Web-based email and Google Documents are perhaps the best-known examples. Zoho is
another well-known SaaS provider offering a variety of office applications online.
3. Platform as a Service (PaaS) means you develop applications using Web-based tools so they
run on systems software and hardware provided by anothercompany. So, for example, you might
develop your own ecommerce website but have the whole thing, including the shopping cart,
checkout, and payment mechanism running on a merchant's server. Force.com (from
salesforce.com) and the Google App Engine are examples of PaaS.
4. Advantages and disadvantages of cloud computing
Advantages: The pros of cloud computing are obvious and compelling. If your business is selling
books or repairing shoes, why get involved in the nitty gritty of buying and maintaining a
complExperiment computer system? If you run an insurance office, do you really want your sales
agents wasting time running anti-virussoftware, upgrading word-processors, or worrying about
hard-drive crashes? Do you really want them cluttering your expensive computers with their
personal emails, illegally shared MP3 files, and naughty YouTube videos—when you couldleave
that responsibility to someone else? Cloud computing allows you to buy in only the services you
want, when you want them, cutting the upfront capital costs of computers and peripherals. You
avoid equipment going out of date and other familiar IT problems like ensuring system security
and reliability. You can add extra services (or take them away) at a moment's notice as your
business needs change. It's really quick and easy to add new applications or services to your
business without waiting weeks or months for the new computer (and its software)to arrive.
Disadvantages: Instant convenience comes at a price. Instead of purchasing computers and
software, cloud computing means you buy services, so one-off, upfront capital costs become
ongoing operating costs instead. That might work outmuch more expensive in the long-term.
If you're using software as a service (for example, writing a report using an online word processor
or sending emails through webmail), you need a reliable, high- speed, broadband Internet
connection functioning the whole time you're working. That's something we take for granted in
countries such as the United States, butit's much more of an issue in developing countries or rural
areas where broadband is unavailable.
If you're buying in services, you can buy only what people are providing, so you may be restricted
to off-the-peg solutions rather than ones that precisely meet yourneeds. Not only that, but you're
completely at the mercy of your suppliers if they suddenly decide to stop supporting a product
you've come to depend on. (Google, for example, upset many users when it announced in
September 2012 that its cloud-based Google Docs would drop support for old but de facto standard
Microsoft Office file formats such as .DOC, .XLS, and .PPT, giving a mere one week's notice of
the change—although, after public pressure, it later extended the deadline by three months.)
Critics charge that cloud-computing is a return to the bad-old days of mainframes and proprietary
systems, where businesses are locked into unsuitable, long-term arrangements with big, inflexible

E&TC Department BVDUCOE Page. 4

 CLOUD COMPUTING

companies. Instead of using "generative" systems (ones that can be added to and extended in
exciting ways the developers never envisaged), you're effectively using "dumb terminals" whose
uses are severely limited by the supplier. Good for convenience and security, perhaps, but what
will you lose in flexibility? And is such a restrained approach good for the future of the Internet
as a whole? (To see why it may notbe, take a look at Jonathan Zittrain's eloquent book The Future
of the Internet— And How to Stop It.)

Conclusion:-

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

________________________

Assessment of the Experiment / Assignment:

Timely Submission Presentation Understanding Total Signature of Teacher

(07) (06) (12) (25) with date

E&TC Department BVDUCOE Page. 5

 CLOUD COMPUTING

EXPERIMENT NO: 2

Experiment 2. Installation and Configuration of virtualization using KVM.

Aim: Installation and Configuration of virtualization using KVM

Objectives: From this experiment, the student will be able to,

 Understand the concepts of virtualization.
 Understand KVM architecture and its configuration.

Outcomes: The learner will be able,

 To analyze user models and develop user centric interfaces.
 To analyze the local and global impact of computing on individuals,
organizations,and society.
 To engage in life-long learning development and higher studies.
 To understand, identify, analyze and design the problem, implement and validate
thesolution including both hardware and software.
Hardware / Software Required: Ubuntu operating system, open- s o u r c e software
KVM, Internet.

Theory:
Virtualization is software that separates physical infrastructures to create various dedicated
resources. It is the fundamental technology that powerscloud computing.
The technology behind virtualization is known as a virtual machine monitor (VMM) or virtual
manager, which separates compute environments from the actual physical infrastructure.
Virtualization makes servers, workstations, storage and other systems independent of the physical
hardware layer. This is done by installing a Hypervisor on top of the hardware layer, where the
systems are then installed.
There are three areas of IT where virtualization is making headroads, network virtualization, storage
virtualization and server virtualization:
Network virtualization is a method of combining the available resources in a network by splitting
up the available bandwidth into channels, each of which is independent from the others, and each
of which can be assigned (or reassigned) to a particular server or device in real time. The ideais
that virtualization disguises the true complexity of the network by separating it into manageable
parts, much like your partitioned hard drive makes it easier to manage your files.
Storage virtualization is the pooling of physical storage from multiple network storage devices into
what appears to be a single storage device that is managed from a central console. Storage
virtualization is commonly used in storage area networks (SANs).
Server virtualization is the masking of server resources (including the number and identity of
individual physical servers, processors, and operating systems) from server users. The intention is
to spare the user from having to understand and manage complicated details of server resources
while increasing resource sharing and utilization and maintaining the capacity to expand later.
Virtualization can be viewed as part of an overall trend in enterprise IT that includes autonomic
computing, a scenario in which the IT environment will beable to manage itself based on perceived
activity, and utility computing, in which computer processing power is seen as a utility that clients
can pay for only as needed. The usual goal of virtualization is to centralize administrative tasks
while improving scalability and workloads.

E&TC Department BVDUCOE Page. 6

 CLOUD COMPUTING

Procedure:

Installation Steps :
1. #sudo grep -c "svm\|vmx" /proc/cpuinfo
2. #sudo apt-get install qemu-kvm libvirt-bin bridge-utils virt-manager
3. #sudoadd
userrait
#sudoadduserrait
libvirtd
After running this command, log out and log back in as rait
4. Run following command after logging back in as rait and you should
see anempty list of virtual machines. This indicates that everything is working
correctly. #virsh -c qemu:///system list
5. Open Virtual Machine Manager application and Create Virtual
Machine#virt-manager
Result:
SNAPSHOTS
Step 1 : #sudo grep -c "svm\|vmx" /proc/cpuinfo

Step 2 : #sudo apt-get install qemu-kvm libvirt-bin bridge-utils virt-manager

E&TC Department BVDUCOE Page. 7

 CLOUD COMPUTING

Step 3 : #sudoadduserrait
After running this command, log out and log back in as rait

Step 4 : #sudoadduserraitlibvirtd
After running this command, log out and log back in as rait

Step 5 : Open Virtual Machine Manager application and Create Virtual Machine
#virt-manager as shown below

E&TC Department BVDUCOE Page. 8

 CLOUD COMPUTING

Step 6 : Create a new virtual machine as shown below

E&TC Department BVDUCOE Page. 9

 CLOUD COMPUTING

Step 7 : Install windows operating system on virtual machine

Step 8: Installation of windows on virtual machine

E&TC Department BVDUCOE Page. 10

 CLOUD COMPUTING

Step 9: Installation of windows 7 on virtual machine

Conclusion:-

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

________________________

Assessment of the Experiment / Assignment:

Timely Submission Presentation Understanding Total Signature of Teacher

(07) (06) (12) (25) with date

E&TC Department BVDUCOE Page. 11

 CLOUD COMPUTING

EXPERIMENT NO: 3

Experiment 3. Study and implementation of Infrastructure as a Service

Aim: To study and implementation of Infrastructure as a Service

Objectives: From this experiment, the student will be able to,

 Understand concepts of virtualization and to use cloud as Infrastructure as a services.
 Learn the technique and its complexity
 Understand the importance of this technique from application point of view

Outcomes: The learner will be able,

 To match the industry requirements in the domains of Database management,
Programming and Networking with limited infrastructure.
 To analyze the local and global impact of computing on individuals, organizations,
and society.
 To use current techniques, skills, and tools necessary for computing practice.

Hardware / Software Required: Ubuntu operating system, Virtual machine, WAMP/ZAMP

server, Any tool or technology can be used for implementation of web application e.g., JAVA,
PHP, etc.

Theory:

Infrastructure as a Service (IaaS) is a form of cloud computing that provides virtualized computing
resources over the internet. IaaS is one of the three main categories of cloud services, alongside Software
as a Service (SaaS) and Platform as a Service (PaaS).

In an IaaS model, a cloud provider hosts the infrastructure components traditionally present in an on-
premises data center, including servers, storage, and networking hardware, as well as the virtualization or
hypervisor layer. The IaaS provider also offers a range of services to accompany those infrastructure
components. These can include detailed billing, monitoring, log access, security, load balancing, and
clustering, as well as storage resiliency, such as backup, replication, and recovery.

These services are typically billed on a pay-as-you-go basis, and users can scale services up and down
according to requirements. IaaS provides users with the highest level of flexibility and management
control over their IT resources and is most like traditional on-premises data centers.

Procedure:

1. Preparation:
Understand the basics of virtualization, as it is the foundation of IaaS.
Choose a cloud provider (e.g., AWS, Azure, Google Cloud Platform).
Set up an account with the provider.
2. Set Up Virtual Networks:
Create a virtual network (VPC for AWS, VNet for Azure) within the cloud provider’s console.
Define your subnets and IP ranges.

E&TC Department BVDUCOE Page. 12

 CLOUD COMPUTING

Configure the internet gateway and route tables to ensure connectivity.

3. Deploy Virtual Machines:
Select the appropriate machine images (AMIs for AWS, VM images for Azure) that you want to use.
Choose your instance type based on the resources you need (CPU, memory, storage).
Launch instances and configure security groups or firewall rules to control access.
4. Configure Storage:
Set up storage accounts if necessary (such as S3 for AWS, Blob Storage for Azure).
Attach storage volumes to your virtual machines for additional space or for specific data requirements.
5. Install Necessary Software:
Access your instances via SSH (for Linux) or Remote Desktop (for Windows).
Install any necessary middleware, services, or databases needed for your experiment.
6. Networking and Load Balancing:
If needed, implement load balancers to distribute traffic across your instances.
Set up any necessary DNS records for domain name resolution.
7. Automation and Scaling:
Implement auto-scaling policies to handle different loads.
Use infrastructure as code tools (such as AWS CloudFormation, Azure Resource Manager templates, or
Terraform) for automating the deployment.
8. Monitoring and Maintenance:
Use the cloud provider’s monitoring tools to track performance, set up alerts, and monitor costs.
Regularly check the security groups and network ACLs for any unnecessary open ports.
Backup and Recovery:
9. Implement backup policies.
Plan for disaster recovery scenarios.
10. Cleanup:
Once the experiment is over, make sure to terminate all instances and services to avoid incurring further
costs.
Remove any unnecessary data backups or archives.

Installation Steps: (https://docs.openstack.org/devstack/latest/guides/single-machine.html)

Add use useradd -s /bin/bash -d /opt/stack -m stack
apt-get install sudo -y
echo "stack ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
login as stack user
Download DevStack
sudoapt-getinstallgit-y|| sudoyuminstall-ygit
gitclonehttps://git.openstack.org/openstack-dev/devstackcddevstack
Run DevStack
Now to configure stack.sh. DevStack includes a sample in
devstack/samples/local.conf. Create local.conf as shown below to do the
following:

1. Set FLOATING_RANGE to a range not used on the local network, i.e.

192.168.1.224/27. This configures IP addresses ending in 225-254 to be used as
floating IPs.

E&TC Department BVDUCOE Page. 13

 CLOUD COMPUTING

2. Set FIXED_RANGE and FIXED_NETWORK_SIZE to configure the internal

address space used by the instances.
3. Set FLAT_INTERFACE to the Ethernet interface that connects the host to your
local network. This is the interface that should be configured with the static IP address
mentioned above.
4. Set the administrative password. This password is used for
the admin and demo accounts set up as OpenStack users.
5. Set the MySQL administrative password. The default here is a random
hExperiment stringwhich is inconvenient if you need to look at the database
directly for anything.
6. Set the RabbitMQ password.
7. Set the service password. This is used by the OpenStack services (Nova, Glance, etc)
to authenticate with Keystone.

local.conf should look something like this:

[[local|localrc]]
FLOATING_RANGE=192.168.1.224/27
FIXED_RANGE=10.11.12.0/24
FIXED_NETWORK_SIZE=256
FLAT_INTERFACE=eth0
ADMIN_PASSWORD=supersecret
DATABASE_PASSWORD=iheartdatabases
RABBIT_PASSWORD=flopsymopsy

Run DevStack:

SERVICE_PASSWORD=iheartksl

./stack.sh
A seemingly endless stream of activity ensues. When complete you will see a summary of stack.sh’s
work, including the relevant URLs, accounts and passwords to poke at your shiny new OpenStack.

Using OpenStack
At this point you should be able to access the dashboard from other computers on the local network. In
this example that would be http://192.168.43.29/ for the dashboard (aka Horizon). Launch VMs and if
you give them floating IPs and security group access those VMs will be accessible from other machines
on your network

E&TC Department BVDUCOE Page. 14

 CLOUD COMPUTING

Conclusion:-

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

________________________

Assessment of the Experiment / Assignment:

Timely Submission Presentation Understanding Total Signature of Teacher

(07) (06) (12) (25) with date

E&TC Department BVDUCOE Page. 15

 CLOUD COMPUTING

EXPERIMENT NO: 4

Experiment 4: Study and implementation of Storage as a Service

Aim: To study and implementation of Storage as a Service

Objectives: From this experiment, the student will be able to

 To make the students understand use of cloud as Platform, Storage as a services.

 To learn the efficient tools to implement the technique

Theory:

Storage as a Service (STaaS) is a cloud computing model where a service provider rents out storage space
to users over the internet. This model enables businesses and users to store data in the cloud, making it
accessible from any internet-connected device. STaaS allows for scalability, so users can expand or
reduce storage based on their needs, and it is cost-effective because it typically operates on a pay-per-use
basis. It also ensures that data management, maintenance, and backup are handled by the service provider.

Procedure:

Choose a Provider: Select a cloud service provider offering STaaS like AWS S3, Azure Blob Storage, or
Google Cloud Storage.

Create an Account: Sign up for an account with your chosen cloud provider and create a storage service
instance.

Set Permissions: Configure the access permissions and security settings to define who can access the
stored data.

Create Storage Containers: Depending on the provider, create buckets (in AWS) or containers (in Azure)
to hold your data.

Upload Data:

Use the provider’s management console or API to upload files to your storage container.
Optionally, organize data with folders or prefixes.
Access Control:

Implement security measures such as encryption and access control lists.

Assign roles for different levels of access if collaborating.
Manage Data:

Utilize tools provided by the service for data lifecycle management, versioning, and archiving.
Integrate with Applications:

Use APIs or SDKs provided by the service to integrate storage access into applications or services.
Monitor Usage:

E&TC Department BVDUCOE Page. 16

 CLOUD COMPUTING

Set up monitoring to keep track of storage usage, requests, and potential security events.
Clean Up:

To avoid unnecessary charges, delete any data or storage containers that are no longer needed after the
experiment.

E&TC Department BVDUCOE Page. 17

 CLOUD COMPUTING

Conclusion:-

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

________________________

Assessment of the Experiment / Assignment:

Timely Submission Presentation Understanding Total Signature of Teacher

(07) (06) (12) (25) with date

E&TC Department BVDUCOE Page. 18

 CLOUD COMPUTING

EXPERIMENT NO: 5

Experiment 5: Study and implementation of identity management

Aim: To study and implementation of identity management

Objectives: From this experiment, the student will be able to,

 Understand concepts of virtualization and to use cloud as Infrastructure as a services.
 Learn the technique and its complexity
 Understand the importance of this technique from application point of view

1. Outcomes:

Result:
SNAPSHOTS
OwnCloud is open source file sync and share software for everyone from individuals
operating the free ownCloud Server edition, to large enterprises and service providers
operating the ownCloud Enterprise Subscription. ownCloud provides a safe, secure,
and compliant file synchronization and sharing solution on servers that you control.
You can share one or more files and folders on your computer, and synchronize them
with your ownCloud server.

E&TC Department BVDUCOE Page. 19

 CLOUD COMPUTING

Step 2 : By default, the ownCloud Web interface opens to your Files page. You can add, remove,
and share files, and make changes based on the access privileges set by you (if you are
administering the server) or by your server administrator. You can access your ownCloud files
with the ownCloud web interface and create, preview, edit, delete, share, and re-share files. Your
ownCloud administrator has the option to disable these features, so if any of them are missing on
your system ask your server administrator.

Step 3: Apps Selection Menu: Located in the upper left corner, click the arrow to open a dropdown menu
to navigate to your various available apps. Apps Information field: Located in the left sidebar, this
provides filters and tasks associated with your selected app. Application View: The main central field in
the ownCloud user interface. This field displays the contents or user features of your selected app.

Step 4: Share the file or folder with a group or other users, and create public shares with hyperlinks. You
can also see who you have shared with already, and revoke shares by clicking the trash can icon. If
username auto-completion is enabled, when you start typing the user or group name ownCloud will
automatically complete it for you. If your administrator has enabled email notifications, you can send an
email notification of the new share from the sharing screen.

E&TC Department BVDUCOE Page. 20

 CLOUD COMPUTING

E&TC Department BVDUCOE Page. 21

 CLOUD COMPUTING

Step 5: Five Share permissions are :

Can share; allows the users you share with to re-share.
Can edit; allows the users you share with to edit your shared files, and to collaborate using
the Documents app.
Create; allows the users you share with to create new files and add them to the share.
Change; allows uploading a new version of a shared file and replacing it.
Delete; allows the users you share with to delete shared files.

Conclusion:-

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

________________________

Assessment of the Experiment / Assignment:

Timely Submission Presentation Understanding Total Signature of Teacher

(07) (06) (12) (25) with date

E&TC Department BVDUCOE Page. 22

 CLOUD COMPUTING

EXPERIMENT NO: 6

Experiment 6: Study Cloud Security management

Aim: To Study Cloud Security management

Objectives: From this experiment, the student will be able,

 To understand the security features of Cloud.
 To learn the technique of application security management and its complexity
 To understand the importance of cloud security management from application point of
view
Outcomes: The learner will be able to
 Student can study and implement single-sign-on.
 To use current techniques, skills, and tools necessary for computing practice.
 To match the industry requirements in the domains of Database management,
Programming and Networking with the required management skills.

Hardware / Software Required: Ubuntu operating system, Virtual machine, WAMP/ZAMP

server, Any tool or technology can be used for implementation of web application e.g., JAVA,
PHP, etc.

Theory:
Cloud computing security is the set of control-based technologies and policies designed to adhere
to regulatory compliance rules and protect information, data applications and infrastructure
associated with cloud computing use. Because of the cloud's very nature as a shared resource,
identity management, privacy and access control are of particular concern. With more
organizations using cloud computing and associated cloud providers for data operations, proper
security in these and other potentially vulnerable areas have become a priority for organizations
contracting with a cloud computing provider.

Cloud computing security processes should address the security controls the cloud provider will
incorporate to maintain the customer's data security, privacy and compliance with necessary
regulations. The processes will also likely include a business continuity and databackup plan in
the case of a cloud security breach.

Physical security

Cloud service providers physically secure the IT hardware (servers, routers, cables etc.) against
unauthorized access, interference, theft, fires, floods etc.

E&TC Department BVDUCOE Page. 23

 CLOUD COMPUTING

and ensure that essential supplies (such as electricity) are sufficiently robustto minimize the
possibility of disruption. This is normally achieved by serving cloud applications from 'world-
class' (i.e. professionally specified, designed, constructed, managed, monitored and maintained)
data centers.

Personnel security

Various information security concerns relating to the IT and other professionals associated with
cloud services are typically handled through pre-, para- and post-employment activities such as
security screening potential recruits, security awareness and training programs, proactive security
monitoring and supervision, disciplinary procedures and contractual obligations embedded in
employment contracts, service level agreements, codes of conduct, policies etc.

Application security

Cloud providers ensure that applications available as a service via the cloud (SaaS) are secure by
specifying, designing, implementing, testing and maintaining appropriate application security
measures in the production environment. Note that - as with any commercial software - the
controls they implement may not necessarily fully mitigate all the risks they have identified, and
that they may not necessarily have identified all the risks that are of concern to customers.
Consequently, customers may also need to assure themselves that cloud applications are
adequately secured for their specific purposes, including their compliance obligations.

Procedure:

Security using MFA(Multi Factor Authentication) device code:

1) goto aws.amazon.com
2) click on "My Account"
3) select "AWS management console" and click on it
4) Give Email id in the required field
if you are registering first time then select "I am a new user" radio button
5) click on "sign in using our secure server" button
6) follow the instruction and complete the formalities (Note: do not
provide any credit card details or bank details)sign out from
7) Again go to "My Account"
select "AWS management console" and click on it
Sign in again by entering the user name and valid password ( check "I amreturning user
and my password is" radio button)
Now you are logged in as a Root User
All AWS project can be viewed by you, but you cant make any changes in it or you cant create
new thing as you are not paying any charges to amazon (forreason refer step:6)
To create the user in a root user follow the steps mentioned below:
1) click on "Identity and Access Management" in security and identity project
2) click in "Users" from dashboard
It will take you to "Create New Users"click on create new
user button
enter the "User Name"

E&TC Department BVDUCOE Page. 24

 CLOUD COMPUTING

(select "Generate and access key for each user" checkbox, it will create a userwith a specific
key)
click on "Create" button at right bottom
3) once the user is created click on it
4) go to security credentials tab
5) click on "Create Access Key", it will create an access key for user.
6) click on "Manage MFA device" it will give you one QR code displayed on the screen
you need to scan that QR code on your mobile phone using barcode scanner (install it in
mobile phone)you also need to install "Google Authenticator" in your mobile phone to generate
the MFA code
7) Google authenticator will keep on generating a new MFA code after every60 seconds
that code you will have to enter while logging as a user. Hence, the security is
maintained by MFA device code.one can not use your AWS account even if it
may have your user name andpassword, because MFA code is on your MFA
device (mobiel phone in thiscase) and it is getting changed after every 60
seconds.
Permissions in user account:
After creating the user by following above mentioned steps; you can givecertain
permissions to specific user
1) click on created user
2) goto "Permissions" tab
3) click on "Attach Policy" button
4) select the needed policy from given list and click on apply.

Result:
Step 1 :goto aws.amazon.com

E&TC Department BVDUCOE Page. 25

 CLOUD COMPUTING

Step 2 : Click on "My Account". Select "AWS management console" and click
on it. Give Email id in the required field

E&TC Department BVDUCOE Page. 26

 CLOUD COMPUTING

Step 3: Addition of security features

Step 4: Sign in to an AWS account

E&TC Department BVDUCOE Page. 27

 CLOUD COMPUTING

Step 5 : Creation of users

E&TC Department BVDUCOE Page. 28

 CLOUD COMPUTING

Step 6: Adding users to group

Step 7: Creating Access key

E&TC Department BVDUCOE Page. 29

 CLOUD COMPUTING

E&TC Department BVDUCOE Page. 30

 CLOUD COMPUTING

Step 8 : Setting permissions to users

Conclusion:

We have studied how to secure the cloud and its data. Amazon EWS provides the

best security with its extended facilities and services like MFA device. It also gives
you the ability to add your own permissions and policies for securing data more
encrypted.

E&TC Department BVDUCOE Page. 31

 CLOUD COMPUTING

Conclusion:-

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

________________________

Assessment of the Experiment / Assignment:

Timely Submission Presentation Understanding Total Signature of Teacher

(07) (06) (12) (25) with date

E&TC Department BVDUCOE Page. 32

 CLOUD COMPUTING

EXPERIMENT NO 7

Experiment 7: Case study on Amazon EC2/Microsoft Azure/Google Cloud Platform

Aim : Case study on Amazon EC2/Microsoft Azure/Google Cloud Platform

Theory:

A case study on a cloud platform like Amazon EC2, Microsoft Azure, or Google Cloud Platform
examines their service offerings, specifically their computing solutions. These platforms provide scalable
computing resources on-demand, allowing users to create, launch, and manage virtual servers (instances
or virtual machines) with a variety of operating systems, configurations, and connectivity options. They
support a pay-as-you-go pricing model, which provides flexibility and cost savings over traditional on-
premises servers.

Amazon EC2 (Elastic Compute Cloud): Offers resizable compute capacity in the cloud, allowing users to
run servers and scale applications.
Microsoft Azure Virtual Machines: Provides on-demand, scalable computing resources with various
configurations for computing power, memory, and storage.
Google Compute Engine (GCE): Delivers virtual machines running in Google's innovative data centers
and worldwide fiber network.
Procedure:

Select Platform: Choose one platform (EC2, Azure VMs, or Compute Engine) for the case study.

Set Up an Account: Create an account with the selected cloud provider.

Launch a Virtual Machine:

Go to the compute section (EC2 for AWS, VMs for Azure, GCE for Google).
Select or create a new VM instance with the desired specifications.
Configure the instance with necessary settings (like security groups in AWS or network security groups
in Azure).
Configure Storage:

Attach storage volumes to your instance if needed (EBS in AWS, Managed Disks in Azure, Persistent
Disks in GCE).
Set Up Networking:

Define network settings such as VPC and subnets.

Set up IP addresses and DNS names.
Access and Configure VM:

Connect to the VM using SSH or RDP.

Configure the VM with required software and applications.
Monitor Performance:

E&TC Department BVDUCOE Page. 33

 CLOUD COMPUTING

Use built-in tools (CloudWatch for AWS, Azure Monitor for Azure, Stackdriver for GCE) to monitor the
VM's performance.
Test Scaling:

Explore and test the auto-scaling features based on load or predefined schedules.
Snapshot and Backup:

Perform snapshot and backup operations to understand data durability options.

Cost Analysis:

Monitor and analyze costs using budgeting and cost management tools provided by the platform.
Document the Process:

Keep a detailed record of steps, configurations, and observations throughout the experiment.
Clean Up Resources:

To avoid additional charges, terminate resources and delete any unnecessary storage or snapshots after
the case study is completed.

GCP

E&TC Department BVDUCOE Page. 34

 CLOUD COMPUTING

Conclusion:-

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

________________________

Assessment of the Experiment / Assignment:

Timely Submission Presentation Understanding Total Signature of Teacher

(07) (06) (12) (25) with date

E&TC Department BVDUCOE Page. 35

 CLOUD COMPUTING

EXPERIMENT NO 8

Experiment 8. Deploy web applications on commercial cloud. Technology: Google appEngine/

Windows Azure

Aim. Deploy web applications on commercial cloud. Technology: Google appEngine/ Windows Azure

Theory:

A case study on Amazon EC2, Microsoft Azure, or Google Cloud Platform involves a detailed
examination of their cloud computing services, focusing on compute capabilities. Each platform offers
scalable virtual machines (VMs) with various configurations and operating systems, network
connectivity, security, and storage options, billing flexibility, and additional cloud services integration.

Amazon EC2 (Elastic Compute Cloud) provides resizable compute capacity in the cloud, designed to
make web-scale computing easier for developers.
Microsoft Azure VMs are on-demand, scalable computing resources provided by Microsoft Azure, with a
wide variety of options for computing power, memory, and storage.
Google Compute Engine (GCE) offers VMs that run on Google’s infrastructure with services like live
migration and custom machine types.
Procedure:

Select a Cloud Platform: Choose one of the platforms (Amazon EC2, Microsoft Azure, Google Compute
Engine) for the case study.

Create an Account: Set up an account with the selected cloud provider.

Launch a Virtual Machine:

Navigate to the VM service (EC2 for AWS, Azure VMs for Azure, Compute Engine for GCP).
Select an instance type or VM size based on CPU, memory, and storage requirements.
Choose an OS image (AMI for AWS, Azure Image, or GCE Image).
Configure instance settings like security groups or network security groups and key pairs for access.
Configure Storage:

Attach additional storage if required (EBS for AWS, Managed Disks for Azure, Persistent Disks for
GCE).
Networking:

Set up virtual private cloud (VPC) settings, including subnets, IP ranges, and internet gateways.
Access the VM:

Connect to the VM via SSH (for Linux) or RDP (for Windows).

Performance Monitoring:

Monitor the performance of your VM using the provider’s monitoring tools (CloudWatch for AWS,

E&TC Department BVDUCOE Page. 36

 CLOUD COMPUTING

Azure Monitor for Azure, Stackdriver for GCE).

Scaling:

Test auto-scaling features by configuring them to respond to changes in load.

Snapshot and Backup:

Create snapshots or backups of your VM to ensure data durability and recovery options.
Cost Management:

Monitor and manage costs using budgeting tools and cost analysis provided by the platform.
Clean-Up:

Once the case study experiment is completed, ensure to clean up resources to avoid additional charges.
This means stopping or terminating VMs, deleting storage, and releasing any other resources.
Documentation:

Document the setup process, observations, and performance metrics throughout the case study.

Steps And Procudure:

Step 1 :If you are new to google create an account.

E&TC Department BVDUCOE Page. 37

 CLOUD COMPUTING

Step 2 : In the Google Cloud Console , on the project selector page, select or
create a Google Cloud project.

Step 3: Make sure that billing is enabled for your Google Cloud project.
Step 4: Enable the Cloud Build API.
Step 5: Install the Google Coud CLI.
Step 6: Create an App Engine application for your Google Cloud project in the
Google Cloud console.
Step 6: Follow below steps in the image to create the project and deploy it
directly in the GCP cloud.

E&TC Department BVDUCOE Page. 38

 CLOUD COMPUTING

E&TC Department BVDUCOE Page. 39

 CLOUD COMPUTING

Conclusion:-

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

________________________

Assessment of the Experiment / Assignment:

Timely Submission Presentation Understanding Total Signature of Teacher

(07) (06) (12) (25) with date

E&TC Department BVDUCOE Page. 40

 CLOUD COMPUTING

EXPERIMENT NO 9

Experiment 9. To launch virtual machine using VMWare.

Aim. To launch virtual machine using VMWare.

Theory:

Deploying web applications on a commercial cloud platform involves hosting your web application on a
cloud provider's infrastructure. Google App Engine and Microsoft Azure are two such platforms that
provide managed services to deploy, manage, and scale web applications.

Google App Engine is a fully managed, serverless platform for developing and hosting web applications
at scale. It automatically scales your app up and down while balancing the load.
Microsoft Azure App Service is an HTTP-based service for hosting web applications, REST APIs, and
mobile back ends. It supports multiple languages, integrates with Azure DevOps, and allows for auto-
scaling and high availability.
Procedure:

For Google App Engine:

Create a Google Cloud Project: Set up a new project in the Google Cloud Console.

Develop Your Application: Code your application in a supported language and prepare it for deployment,
including specifying dependencies and an app configuration file (app.yaml).

Google Cloud SDK: Install the Google Cloud SDK on your local machine, which provides you with the
command-line tools to deploy your application.

Deploy Your Application:

Use the gcloud app deploy command to deploy your application to App Engine.
Configure routing with dispatch.yaml if necessary.
Access Your Application: After deployment, access your application via the URL provided by App
Engine.

Monitor and Manage: Use Google Cloud’s operations suite to monitor performance, set alerts, and
manage traffic splitting.

For Microsoft Azure:

Create an Azure Account: Sign up for an Azure account and set up an Azure subscription.

Develop Your Application: Build your application using a supported programming language and tools
like Visual Studio or VS Code with Azure extensions.

E&TC Department BVDUCOE Page. 41

 CLOUD COMPUTING

Azure Portal: Navigate to the Azure Portal and create an Azure App Service resource.

Deploy Your Application:

Deploy directly from your IDE or use Azure CLI with commands like az webapp up.
Alternatively, set up continuous deployment from a Git repository or Azure DevOps.
Configure Application Settings: Adjust your application’s settings, connection strings, and scaling
options within the Azure portal.

Access Your Application: Visit your application's URL, provided in the App Service overview in the
Azure portal.

Monitor and Manage: Utilize Azure Monitor to observe your app's health and performance.

Steps And Procudure:

Step 1 :Download and install VMWare Workstation.
Step 2 :Open the VMWare Workstation.
Step 3 :After the VMWare Workstation opens we observer that we have three options:-
(a) Create a new Virtual Machine.
(b) Open A Virtual machine.
(c) Connect to a Remote Server.
Select Option (a) , After that follow the steps defined In the images.

E&TC Department BVDUCOE Page. 42

 CLOUD COMPUTING

Step 2 : Insert a Desired Name in the Virtual Machine Name option given in the image below.

Step 3: Select the maximum disk size and splitting options and click next as given in the image below. .

E&TC Department BVDUCOE Page. 43

 CLOUD COMPUTING

Step 4: Finally click on to finish.

Step 5: After the virtual Machine is Installed Click Power on this Virtual Machine .

E&TC Department BVDUCOE Page. 44

 CLOUD COMPUTING

Step 5: After the virtual Machine is Starts we can proceed with the selected Operating system or Software
where we want to work on .

Conclusion:-

____________________________________________________________________________________

____________________________________________________________________________________

____________________________________________________________________________________

________________________

Assessment of the Experiment / Assignment:

Timely Submission Presentation Understanding Total Signature of Teacher

(07) (06) (12) (25) with date

E&TC Department BVDUCOE Page. 45