Cloud Computing

Off-the-shelf Computing power on rent

Cloud Computing
Cloud computing is a model for enabling convenient,
on-demand network access to a shared pool of
configurable computing resources (e.g., networks,

servers, storage, applications, and services) that can

be rapidly provisioned and released with minimal
management effort or service provider interaction
(Source: NIST Cloud Computing Project)

Enterprise IT is entering a phase of

Deep technological change.
This is driven by three key factors:
Sprawl of physical servers. Particularly after the mass penetration of
x86 machines in datacenters, with x86 shipments worldwide growing by
64% from 4.7 million to 7.8 million between 2003 and 2008. The
consequences of this include energy waste, ballooning capital expenditures
(capex), and sprawling maintenance and real-estate costs.
New business requirements. Ever since the economic crash of 2009,
businesses have needed to be much more agile than they used to be, but
this requirement often clashes with the traditional, static approach to IT
infrastructure, which is typically only able to adapt and change slowly.
Interconnected, diverse client device install base. The growing
number of mobile and non-standard computing devices (smartphones,
media tablets, mininotebooks) used in enterprises means that IT
departments need to provide access to a wide array of platforms,
anywhere, anytime, in a secure way.

First step towards the change

Virtualization
What does it mean?
Virtualization, in computing, is the creation of a virtual
(rather than actual) version of something, such as a
hardware platform, operating system, a storage device or
network resources. Wikipedia
Virtualization is a technique for hiding the physical
characteristics of computing resources to simplify the way in
which other systems, applications, or end users interact with
those resources. - about.com

Why do we need it?

Firstly, to consolidate computing resources for raising
utilization ratio.
4

Virtualization: How does it work?

An over-simplified view

Problems with this scheme

What if the machines in the disintegration form had
different hardware?
What if the different machines were using different
operating systems?
What if the applications were using specific features
of the underlying system?
In essence, how can we use a homogenous server
farm to cater to all the idiosyncrasies of all individual
machines and applications?

Way out
Add a layer on top of the servers that would create the illusion
that the user is getting exactly the system he/she is looking for
This is Virtual Machine Monitor or Hypervisor
Virtualization comes in many categories
Server virtualization
hides the physical nature of server resources, including the
number and identity of individual servers, processors and
operating systems, from the software running on them.

Storage virtualization
melds physical storage from multiple network storage devices
so that they appear to be a single storage device

Network virtualization
combines computing resources in a network by splitting the
available bandwidth into independent channels that can be
assigned to a particular server or device in real-time
7

Diagrammatically

A bit more on Server virtualization

There are several kinds of virtualization techniques which
provide similar features but differ in the degree of abstraction
and the methods used for virtualization.

Hosted architecture broadest support (hosted solution)

A hosted architecture installs and runs the virtualization
layer as an application on top of an operating system and
supports the broadest range of hardware configurations.

Hypervisor architecture efficient (Bare Metal solution)

Full virtualization (using binary translation)
OS-assisted virtualization or Paravirtualization
Hardware-assisted virtualization (first generation)

Next step towards deep technological change

Cloud computing
Virtualization is a key enabler for the Cloud delivery model
Deployment of VMs is growing at a very fast rate.
In 2009, for the first time, virtual machine deployment
overtook physical server shipments.
Cloud deployment can follow one of three models
Private cloud
Public cloud
Hybrid cloud

Security takes a completely different dimension even in

private cloud!

10

The three models

Private Cloud
Designed for, and access restricted to, a single enterprise which
may be geographically split, or may be an extended enterprise
An internal shared resource, not a commercial offering
IT org/dept is the vendor of the shared resource

Public Cloud
The cloud infrastructure is owned by an organization selling cloud
services to the general public or to a large industry group
Additionally (w.r.t. the private version) needs to tackle issues like
security, availability, billing and metering etc

Hybrid Cloud
A mix of both
11

But why do I need Cloud?

12

Five Essential Characteristics

Rapid Elasticity
Ability to scale resources both up and down as needed

Measured Service
Billing, access control, resource optimization, capacity
planning and other tasks

On-demand Self-service
Consumers ability to use services as needed without any
human intervention of any of the parties

Ubiquitous network access

Capabilities are available over the net and accessible
through standard mechanisms

Resource pooling
Uses multi-tenant model to serve consumers
13

Situations that can benefit from Cloud

Computing
Massive scale computation, storage,
Heavy load variation
Non-deterministic life-time (start ups)
High reliability and availability
World wide distribution
Collaboration across company boundaries
Application do not fit to company core business

14

Security mind set has to change

Fundamental tenets of information security dont change
Ensuring confidentiality, integrity, authenticity, access, and audit of
information and workloads

Conventional data centers are secured using

Firewalling, IPS, IDS, digital signature, authentication etc
Policies are frequently tied to the physical attributes like IP
address, MAC address, server etc.
Delivered as siloed security product offerings

Need is for on-demand elastic services

The services need to be integrated into private cloud provisioning
and management processes
Security policy would be associated with workloads as they are
provisioned, moved, modified, cloned and ultimately retired
In essence, a transition from security as a set of products to
security as a set of services
15

Cloud computing comes in three flavors

Software as a Service (SaaS)
The consumer uses an application, but does not control the
operating system, hardware or network infrastructure on
which it's running.

Platform as Service (PaaS)

The consumer uses a hosting environment for their
applications. The consumer controls the applications that run
in the environment, but does not control the operating
system, hardware or network infrastructure on which they
are running.

Infrastructure as a Service (IaaS)

The consumer uses "fundamental computing resources"
such as processing power, storage, networking components
or middleware.

16

Cloud architecture vis-a-vis XaaS

17

Consumers are different

18

Cost?
IaaS
Examples: Amazons EC2, S3; Microsofts SQL Azure
SQL Azure, a cloud database, charges $9.99 for a Web Edition, which
comprises up to a 1 gigabyte relational database; and $99.99 for a
Business Edition, which holds up to a 10 gigabyte relational database.
EC2 charges per standard instances:
Small (Default): $0.085 per hour (linux/unix) $0.12 per hour (windows)
Large: $0.34 per hour (linux/unix) $0.48 per hour (windows)
Extra Large: $0.68 per hour (linux/unix) $0.96 per hour (windows)

PaaS
Examples: Force.com, Google App Engine, Windows Azure (Platform)
Azure provides database and platform services starting at $0.12 per
hour for compute infrastructure; $0.15 per gigabyte for storage; and
$0.10 per 10,000 transactions

SaaS: prices vary based on product; to be discussed later

19

Cloud Taxonomy

20

To be or not to be in Cloud: Considerations

Economic aspects
Cost reduction
Pay per use
Improved time to market
Return on investment
CAPEX to OPEX
Going green

Non-functional aspects
Elasticity
Reliability
Quality of service
Agility and adaptability
Availability

Technological aspects
Virtualization
Multi-tenancy
Security, privacy and compliance
Data management
Metering
APIs and / or Programming Enhancements
Tools
21

Cloud computing benefit example

A researcher at the pharmaceutical company Eli Lilly needs to
analyze a lot of data fast. If the results turn out as expected,
the company could have a world-class success (and high profits)
on its hands. But 25 servers are needed to crunch the huge
volume of data!
Scenario without Cloud Computing: wait till the purchase
request is approved, till the servers arrive, till the servers are
configured, etc. all of which can take several weeks or even
several months, and substantial cost.
Scenario with Cloud Computing: the researcher clicks over to
Amazon Web Services, configures the 25 servers in the Cloud in
one hour, and within two hours has crunched the data. Total
fee for the time using Amazons resources? Just $89.

22

Some more real-life examples

Coca-Cola Enterprises uses a Cloud-based system to streamline
operations with merchandisers in the field;
Nasdaq uses Amazons S3 Cloud Service to deliver historical stock and
mutual fund information, rather than add the load to its own database
and computing infrastructure;
Animoto, a small start-up which decided to use Amazon's Cloud
Services, was able to keep up with soaring demand for its service and
scale up from 50 instances to 3,500 instances over a three day period;
Times wanted to place scanned images covering a 60-year period (15
million news stories) online. The newspaper moved four terabytes into
Amazons S3, ran all the software over a weekend on EC2 for $25, and
then launched its product in a matter of minutes;
Mogulus streams 120,000 live TV channels over the Internet and
owns no hardware except for the laptops it uses. It handled all of the
election coverage for most of the large media sites. Its CEO states that
he could not be in business without IaaS.
23

Some uncomfortable situations

The massive capital investments Cloud Computing providers
have made in their data centers, on hardware and software, on
highly qualified personnel and so on, will not be generating
revenue if customers leave, so customers may incur switching
and migration costs.
What if your Cloud provider disappears!
On Feb. 18, 2009, Coghead sent an e-mail to customers announcing it was
ending its cloud-based development platform service immediately "due to
the impact of economic challenges." ERP giant SAP bought Coghead's
intellectual property but pulled the plug on the development platform,
giving customers until April 30 to retrieve their applications and data.
It took about 4.5 person-months for Shockey, founder and principal of
Hekademia Consulting, to port his CRM application from Coghead to Intuit's
QuickBase database.

In October 2009 1 million US users of the T-Mobile Sidekick

mobile phone and emailing device lost data as a result of server
failure at Danger, a company recently acquired by Microsoft
24

Benefits ascribed to the Cloud

25

Challenges ascribed to the Cloud

26

Last words about Cloud

Not everyone agrees, but McKinsey has concluded as follows.
Clouds already make sense for many small and medium-size
businesses, but technical, operational and financial hurdles will
need to be overcome before clouds will be used extensively by
large public and private enterprises.
Additionally, remember:
Standards are immature and things change very rapidly in the cloud. All
IaaS and SaaS providers use different technologies and different standards.
Not all your current applications are Cloud-enabled!
If you take an insecure application to the Cloud (either public or private), it
won't become automatically secure!
There are latency and performance issues. Latency, in general, is the period
of time that one component in a system is wasting time waiting for another
component.
Integration of a cloud application with a legacy on-premise application may
be a tough task!
27