39 terms

2 - Cloud Architecture

cloud reference architecture (what is it?)
1. collection of actors and activities involved in cloud service delivery
2. blueprint for engineering cloud-based solutions, and migrating apps to the cloud
NIST CRA (defined by the following three elements)
Defined by three elements:
1. actor - entity in cloud computing
2. functions - a specific task that is performed by an actor
3. activities - collection of all functions or task an actor performs
major actors in CRA (NIST)
1. cloud consumer
2. cloud provider
3. cloud auditor
4. cloud broker
5. cloud carrier
cloud consumer
person or organisation that uses the services from cloud providers
cloud provider
1. person or organisation responsible for making cloud services available to parties
2. create cloud service, develop user interface, deploy cloud
cloud auditor
1. party that conducts an independent assessment of cloud services, such as performance or security
2. maintains log of compliance checks, reports to selected entities
3. cloud consumer <-- cloud provider <-- <cloud entity>
cloud broker
1. entity that manages the delivery of cloud service on behalf of cloud provider
2. service matching - help cloud consumer find an appropriate service
3. (<cloud entity>) <-- cloud consumer --> cloud provider --> (<cloud entity>)
cloud broker (primary services)
primary services
1. service augmentation
2. service aggregation
3. service arbitrage
service augmentation
enhance existing cloud service features
service aggregation
combines different services to match cloud requester's needs
service arbitrage
service orchestration to meet customer requirements
cloud carrier
1. intermediary that provides connectivity and transport of cloud services from cloud provider to cloud consumer
2. cloud consumer <-- cloud provider <--> <cloud entity>
service layer (3)
1. software as a service (SaaS)
2. platform as a service (PaaS)
3. infrastructure as a service (IaaS)
1. delivery of applications targeted at private users
2. e.g. social networking, blogging, CRM
1. delivery of tools for development, testing, deployment, hosting, application maintenance
e.g. Force.com, Google Apps Engine, MS Azure
1. delivery of virtual computing resources
2. e.g. AWS, Gogrid
service orchestration layer (part of cloud provider)
1. enables service providers the ability to manage and coordinate virtual resources
2. service layer <--> resource abstraction & control layer <--> physical resource layer
service layer
1. provides an interface for users to use the cloud resources
resource abstraction & control layer
1. exposes the physical resources to the cloud consumer as virtual resources
2. functionality to cloud provider to control the provided resources
e.g. monitoring cloud resouces
physical resource layer
1. the actual resources provisioned to cloud consumer
e.g. electrical power, bandwidth
cloud service management (part of cloud provider)
1. all service-related functions required by cloud consumers
2. sub layers - business support, provisioning & configuration, portability & interoperability
business support layer (part of cloud service management)
1. "basic" business-related support functions
e.g. customer mgmt, contract mgmt, and inventory mgmt
provisioning & configuration layer (part of cloud service management)
1. "advanced" business-related support functions
e.g. SLA mgmt, rapid provisioning, metering
portability layer (part of cloud service management)
1. ability to move from one cloud provider to another, w minimal disruption or cost
interoperability layer (part of cloud service management)
1. ability of different cloud providers to communicate with one another
security layer (part of cloud provider)
1. manages security in the cloud instance
2. responsibility shared btwn cloud consumer and cloud provider
security in SaaS
shared security responsibility
1. application layer
complete control
1. middle layer (by Provider)
2. hardware layer (by Provider)
security in PaaS
shared security responsibility
1. middle layer
complete control
1. application layer (by Consumer)
2. hardware layer (by Provider)
security in IaaS
shared security responsibility
1. hardware layer
complete control
1. application layer (by Consumer)
2. middle layer (by Consumer)
privacy layer (part of cloud provider)
1. protecting and assuring proper use of confidential info collected from cloud consumers
2. no agreement on policies among different cloud providers
IBM CRA (differences)
1. four types of cloud services offered - SaaS, PaaS, IaaS, and Business Process as a Service (BPaaS)
2. emphasis on cloud integration w in-house IT infrastructure
1. business processes that are delivered to consumers via cloud
e.g. user feedback, user registration, product ordering
integration in-house IT
1. focuses on integration of in-house IT and cloud infrastructure
cloud service deployment models (4)
1. public cloud
2. private cloud
3. community cloud
4. hybrid cloud
public cloud
1. computing resources are available to the general public over a public network
e.g. Amazon EC2, MS Azure
private cloud
1. organization-centric cloud
2. only available to members of the organization
community cloud
1. aka vertical clouds
2. caters to the needs of a group of users who have a similar set of requirements
3. visible only to members of that group
hybrid cloud
1. composed of two or more clouds (public, private, community)
2. connected by either standardized or proprietary technology
public vs private cloud
purpose - serves general public vs members of an organisation
location - cloud provider's vs on-site or out-sourced
user base - serves tens of thousands vs hundreds or thousands