5. Cloud Architecture and Design Module Introduction
Well, it’s time for us to tackle our first major section of content in Cloud+. We’re gonna talk about design issues when it comes to cloud. This is one of my favorite subjects because we often think of cloud as some immediate solution, something that’s going to be appropriate in every single IT case. And that’s not true at all. Also, what do we really mean when we say ‘cloud’? Right? We wanna go through what is the true definition of cloud tech and we also wanna discuss the different ways in which there would be to deploy your cloud technology. You might be in a private cloud environment, a public cloud environment, or a hybrid cloud environment. And what is a community cloud and why might we do that? And how are cloud services typically packaged and how do we categorize those? And what kind of risks are involved with going into the cloud? We’re gonna discuss so many really super interesting topics in this section. It’s one of the reasons why it’s a favorite section of mine. So, let’s get started. We’ve got a lot to cover.
6. What is Cloud?
Have you noticed that just about every product that is being made from a technology perspective seems to wanna work the word ‘Cloud’ into the marketing for that product? Yeah, I mean, it is no exaggeration. As we’ve already discussed, Cloud has revolutionized information technology. So, of course, to make products sound current, to make the technology sound current and cutting edge, you gotta work ‘Cloud’ into the name. But what really is Cloud? What does it really mean to be a Cloud technology? Well, I’m glad you asked. This video is gonna be all about that, we’re not just gonna make this up our own definition. We’re gonna turn to the National Institute of Standards and Technology and we’re gonna have them help us define Cloud. There are five characteristics they recognize and I have to tell you, I find each of them so interesting that this was an easy one for me to memorize. I’ve had this NIST definition memorized for many, many years and let’s talk about it. You’ll have it memorized too because, again, I think you’re gonna find this very interesting.
And I just realized, I did a pretty funny thin in this video, right? What a dangerous thing to do as an instructor is to start talking about how you have these memorized. Well, I better have them memorized, right? All right, so the first one, and I didn’t put these in any particular order. These five components of what according to the NIST makes Cloud, actually Cloud. The first one I have listed here is actually my favorite one to talk about and think about. It’s rapid elasticity. It’s also one of my favorites from just pure Cloud perspective. This is one of the reasons I love to move to Cloud.
Now, don’t confuse rapid elasticity with scalability; they are two different things. Scalability is related, but it’s talking about your solution’s ability to just grow. So as you get more and more users, it is going to be able to dynamically grow. That’s what scalability is all about.
But rapid elasticity is going to be dealing with not only growing dynamically when we need this solution to grow based on demand, but also shrinking dynamically when we have little demand. So, this is notice related to scalability, but different. Obviously, a Cloud technology provider like an Amazon Web services uses a ton of automation to make sure that you get your rapid elasticity. If you go in and say that you want new virtual machines created when one of your virtual machines is at a certain CPU percentage, so it’s a certain level of busy, automatically a new one will get created. Clearly, this involves a lot of automation. We have to automate monitoring the VM. We have to automate launching the new VM.
Now remember, rapid elasticity also in a Cloud perspective refers to the fact that we can scale out and in. What does that mean? It means that we can scale vertically or horizontally. Well, wait a minute, what does that mean? Well, it means we can scale by adding more additional servers, that would be scaling out. Or we can scale in by removing additional virtual servers. And all this is done dynamically for us. And of course, rapid elasticity allows us to automatically scale up and down. This means a resource could get more RAM dynamically when it needs it, and then less RAM when it doesn’t need it. So, notice we’re referring to the single system getting more powerful or less powerful. That’s what we refer to as scaling up and down. As opposed to in and out, which refers to the addition of additional systems.
So, that’s the first of our five components that actually make Cloud Cloud according to the NIST. What’s the second one I have listed here? It’s on demand self-service. That’s right. The Cloud means that consumers of the Cloud resources, like you and I when we go up to AWS, we should be able to go into our console and do whatever we want. If we need a new Linux virtual machine, we should be able to press a button and that Linux virtual machine should launch. So, we are going in and doing self-service work and we can have resources available to us on demand.
Another aspect that makes Cloud Cloud is that we are engaging in resource pooling when we build a Cloud. So, I have a Cloud tech right here in my home office. It’s a storage device. And yes, Cloud is in the marketing name of the device. But this storage device is making all of these different discs inside. And yes, they’re SSDs. It’s making all of these SSDs available, and they can all be combined to look like one big giant SSD drive. So, notice how I can take storage resources and pool them together even in my home office now, and pool these resources together and make them available to different customers or different needs. Resource pooling is one of those just wonderful things about Cloud.
Another thing that would make Cloud truly Cloud is that everything can be finely measured. Here you could see a look at this in Microsoft Azure where Microsoft is telling me exactly where my money is going that I spend every month on Azure. So, the service will be measured. And you might think, “Well wait a minute, Anthony, wouldn’t this only apply to public Cloud then? Because in public Cloud, Azure or AWS is gonna turn around every month and give me a bill so they’re gonna need to do the measured service for the billing. This probably wouldn’t apply to private Cloud at all.” Well, be careful. This would apply to private Cloud in an organization. Think about it this way, if you have to do what are called chargebacks to the different departments. So, research and development comes to you and says, “Okay, where’s our chargeback?” And then you say, “Okay, here it is. You consumed $10,000 worth of VMs in our organization last quarter or something, right?” So, chargebacks are one department telling another department what their usage is, and this is why measured service is gonna be important even in a private Cloud type of environment.
The next aspect of Cloud that makes Cloud Cloud is our broad network access. Sure, the very definition of Cloud, one of the components here is that you need to be able to get to your stuff that is in the Cloud from anywhere, anytime. We refer back to that hilarious joke on a T-shirt about the Cloud is just someone else’s computer. Well, sure that is hilarious and true, but I suppose we better say it’s just someone else’s computer that we can always have network access to at all times from anywhere. Obviously, a key component of what makes Cloud Cloud.
So, the next time you see one of those labels of ‘This is a shiny new Cloud gadget!’, I hope you look at that with a whole new sense. And I hope you go ahead and give it the sanity test of, “All right, of the five components that we know that make up what is Cloud, does this device meet any of those five?” Might be a good test!
7. Deployment Models
With Cloud, there is no ‘one-size-fits-all’ type of paradigm, no. When it comes to an organization, and let’s remember we are talking about Inc. Cloud+, a massive organization, typically, right? That’s what we wanna think of is a big corporation needing cloud services. Well, sure enough, they’re gonna follow some tried and true deployment models. There are four of them and you absolutely must memorize them.
Now, the first is so easy to think about. It’s public cloud. This is what so many people think of when they think of Cloud. They don’t even think there is anything else, right, to discuss. ‘Oh, do I know Cloud? Sure, I do! Because I know AWS.’ Or, ‘Do I know Cloud? Sure, I do! Because I know Google’s Cloud platform.’ But yeah, public cloud is only one option.
You see, you can build your own private cloud. Amazon, and Microsoft, and Google, and IBM, they did not make it any great secret how they built these clouds. No, in fact, it’s not only not a secret. We have vendors now, like Cisco. That’s Cisco equipment that you can see depicted here. These are tiny little blade servers that are being put in and out in a data center, That’s offering cloud services. Notice, all of this tech is known and readily available. As long as we have the budgets, of course. So, you can build your own cloud for your organization and it will not be offered to the public at all. It’s only for your organization. And there are tools like Cisco’s unified computing system (Cisco USC) shown here in this picture; there are web APIs we can call upon for this; VMware helps us build this. So, yeah, how about your own version of AWS, if you will? Right inside your own corporate walls.
Now, that is not the most popular approach though. What’s the most popular approach in enterprises today is hybrid cloud. That’s right. And I just know. So in fact, let me think about this. Every single company that I’ve done work for in the last couple of years has been doing hybrid cloud. Yeah, it’s that common. This means they are calling upon the public cloud for some purposes and then they’re relying on their own private cloud for everything else. Extremely popular. And you can see why. There are some things where budgets are gonna really push us to public cloud instead of trying to do it ourselves.
How about community cloud? Yeah, this is the fourth model, and it’s the last one you need to memorize, great news. And all this means a bunch of organizations have gotten together to collaborate and to make their resources available to one entity. The classic, and I do mean classic example of this, is the cloud.gov program here in the United States. So, government employees here in the United States have the ability to go to cloud.gov and get the cloud services they need. And cloud.gov is not just one cloud provider. It’s a whole bunch of cloud providers making their various services available in one portal. This is a great example of community cloud. Thanks so much for watching.
8. Service Models
Well, we’ve already established a little bit of a theme here, haven’t we? And that is that there is no ‘one-size-fits-all’ when it comes to cloud. And there’s many different ways that cloud might be deployed.
Well, we’re gonna stay on that same theme quite honestly because now what we want to discuss is the fact that there are many different as a service models that are presented when it comes to us actually consuming cloud resources. Now this, by the way, this whole concept of the remote data center and cloud tech, this is not necessarily all that new. There’s been aspects of this since the 1960s when we think about huge-huge mainframe systems that were virtualized and resources were made available to certain groups. And as far as software as a service goes the most common example of that that’s given these days is something like Gmail. Well, let’s not forget it was in the 1990s when Hotmail was invented. So we’re talking about a ‘90s technology there that was software as a service. It’s no wonder Microsoft paid $400 million for Hotmail in the ‘90s. Do you think that Bill Gates and company recognized what an amazing concept software as a service was? And remember, $400 million in the ‘90s was, oh boy, that was a lot, a lot of money back then. Not that it isn’t today, right? I’m sure you and I would take a small percentage of $400 million right now. But you get the idea. Software as a service, not all that new when you think of in terms of something like Hotmail. And Hotmail is an excellent example of software as a service. There were application service providers long ago and there was the service oriented architecture long ago.
These all gave rise to what we know today as cloud. Now, one of the cool things about grouping the services of a cloud provider into these categories is, and when you plot them on a triangle it works out really great because the little tip of the triangle represents how much work, how much of the infrastructure the customer like you or I of the cloud service provider has to become involved with. And the whole beauty of software as a service is that we don’t have to become involved with really any of that, right? It’s a beautiful thing. We can just go in and say, ‘I want email, take care of it for me.’ And so we don’t have to build the email servers, we don’t have to worry about hosting address books and all that kind of stuff. The platform as a service is one step more intensively using cloud. This is where we are probably gonna have our dev team log on in and spin up web applications that they will be troubleshooting and fully supporting as part of the cloud experience. So, when they’re ready with their application developing and testing, they can then publish it right from the cloud, right from the platform as a service. And then, oh boy, where you are intimately involved in the cloud is with infrastructure as a service. And here you’re going in and you’re building networks and virtual routers and virtual switches and virtual network address translation devices. And you are constructing a full blown IT infrastructure in the cloud. So, notice the pyramid works out great.
At the software as a service level we are just interested in consuming something like Gmail. Yeah, the target is the end user of applications. So, anytime anywhere apps, what a beautiful thing. And this does facilitate BYOD which is ‘bring your own device’. Yeah, so you show up, you say, ‘Hey, all I got is an iPad, can I still take advantage of this solution?’ And the answer is, of course, the iPad’s gonna work great with this solution because it’s an anytime anywhere web based type application.
Now what about that next level up? Well, of course it’s platform as a service. And this is where everything the dev staff is gonna need will be made available to them. And this is how Azure got its start. Azure really was a platform as a service play until they realized, ‘Wow, we need to really do everything just like AWS is doing.’ So, they started, you know, branching off into additional services and they became a full blown infrastructure as a service component themselves.
And of course, that leads us to that infrastructure as a service. This is where we’re gonna go in, our IT teams are the target here, and they’re gonna go in and build everything they need for their information technology infrastructures and services. Amazing that this capability exists. And I’ve done this for many businesses. I’ve helped them with this across both Google Cloud Platform, AWS, and Azure.
Now. Just understand, don’t be confused when you see other-as-a-service designations, like disaster recovery as a service, desktop as a service. It just goes on and on, network as a service. I just lump this all together as what I call everything-as-a-service, or XaaS. Yeah, I mean, let’s face it. Anything can be done now, spit out of a cloud mechanism. And so we just gotta stop with the acronyms here. It’s insanity. We just have to realize now anything we need done can be delivered cloud based as a service. So I love the XaaS designation for everything else.
So yes, plenty of flexibility when it comes to moving to cloud. And we now know we’re gonna be choosing a deployment model like a public cloud implementation or a hybrid cloud implementation. And then we’re gonna start thinking about, ‘All right, how are we using cloud now? Are we gonna be making software as a service available, platform as a service, or full blown infrastructure as a service available?’ So I’ll be sure in subsequent videos to make it quite clear whether I’m speaking from the provider standpoint or the customer standpoint, because that’s always important with these cloud discussions. But I digress a bit. Thank you so much for watching this video. I hope you enjoyed it.
9. Advanced Cloud Features and Services
Well, I hope you don’t mind but I took a little artistic liberty, if you will, here. Maybe, authorship liberty. So, the CompTIA folks wanted me to talk to you about advanced cloud features, or maybe it was advanced cloud services, was their official language, and I added features and services. Yes, because I’d like to talk to you about a few features that CompTIA wants us to know about when it comes to modern cloud and then I’ll go ahead and show you examples of services that are considered advanced. So let’s get going.
The first thing, again, that I wanted to make sure you were aware of is things like cloud-within-a-cloud capabilities in modern cloud. This is so cool. You go in and you carve out, as a customer of the cloud provider, you go in and you carve out your own little private cloud. Microsoft, and Google, and Amazon, they all like to call this a VPC, a virtual private cloud. The virtual private cloud is your own cloud within the public cloud that you can make as private as humanly possible. Keep in mind, though, since you are in the public cloud that would still be considered public cloud. Now, of course, a great feature of public cloud is multitenancy. This is just the fancy word for many different customers can host their solutions in the public cloud at the same time. But one of the exciting areas today is multi cloud and we’re seeing more and more software and more and more tools around this where there’s automation in you using like four or five different cloud providers. And you know, it’s really amazing. Maybe there’s a discount on compute that is suddenly going on over at AWS. Well, imagine your virtual machines being automatically migrated from Azure into AWS to take advantage of that sale. These are the types of things that can happen in multi cloud environments. And since cloud is so incredibly capable and so incredibly rich with features, a lot of times today we’ll find managed service providers that are cloud based. So, they will say to an organization, ‘Look, we are expert at helping you take advantage of cloud. Why don’t you hire us and we’ll do all this stuff that is required for a successful cloud implementation?’ How many of those cloud-based managed service providers do you think are Cloud+ certified? Probably all of them, right? All those engineers have the Cloud+ cert, because yeah, that’s what they do. They are taking the needs of customers and matching them with appropriate cloud resources from appropriate vendors.
So, here I am logged into AWS as an example of public cloud and I’m gonna show off some of their advanced services. Now, the first thing I wanna mention to you as we look at the management interface, the web-based management interface of AWS, is I wanna warn you that yours may look different from mine. Yeah, they change things so frequently with the web interface that many screens will look different but you’ll typically be seeing the same features that I am. But notice what they’ve done lately is they try not to overwhelm us when we first come in the AWS management console.
So, recently visited services, and notice the all services is, you know, compressed so that we are not overwhelmed. Look at the number of services there are in AWS <scrolling down>. And if you think this is because they’ve been around for a long time and that Microsoft or Google isn’t keeping up, huh, guess again because they also have just an incredible list of services.
But some of the areas that we need to make sure you’re aware of, that are considered advanced services, are going to be things like, we’ll find one, there it is, machine learning. So look at this, there is, I can’t believe how long this list is, because I haven’t looked at this in a while. The machine learning capabilities inside of AWS, when I looked at this a year ago last, there was about half if not a third this many services. So, notice lots of ways to take advantage of machine learning now, right inside the cloud.
How about serverless computing? Sure, that’s available right up here with the batch service and the Lambda service of AWS.
So, this is a way in which you can get compute resources without going in and spinning up virtual machines inside the EC2 interface. This is the classic AWS interface for spinning up virtual machines. But guess what? We don’t have to do that anymore. If all we need is compute horsepower we can use the Lambda serverless compute engine.
We will just tell our, you know, programs to fire off their instructions to the Lambda engine and it will make sure that the computing horsepower is there that we need. It’s amazing, we don’t have to take care of virtual machines to power our applications anymore potentially.
Now, another big area that’s exciting is the Internet of Things (IoT), and this ties greatly into cloud. So, let’s see if we can find the inter… There it is! And once again, I’m having a similar experience here. It’s been a while since I looked at the Internet of Things offering from AWS and it has grown. Remember, the Internet of Things is referring to all these smart devices that we now have; devices like our refrigerator or our lights in our home that are network connected and that can respond to inputs from wherever we are, right? I mean, that’s a great feature of smart homes is that you can be halfway around the globe, you can realize that you left your lights on in your home and you can turn them off from wherever you are. The cloud certainly is a big part of the success of the Internet of Things movement, and that’s why it’s no surprise we have so many options here in AWS.
I want you to know what a virtual private cloud is. That’s that cloud within a cloud. I want you to know about multitenancy and multi cloud. And then we showed off some of the new and exciting advanced services around four areas. And that was, or no, three areas, I’m sorry, the internet of things, serverless computing, and machine learning which is part of artificial intelligence. Thanks so much for watching.
10. The Shared Responsibility Model
As you might guess, one of the huge concerns of an organization when you start talking to them about a move to the cloud, even if it’s to save a lot of money, even if it’s to make services much more highly available, even if it’s to help the company achieve its bottom line. In any of the scenarios I just described, one of the big concerns is going to be security.
And it doesn’t have to be a big concern necessarily. In that, we can do it right. And so we can actually make the security posture of our solution much stronger than we could on our own. And one of the reasons for this is the shared responsibility model when it comes to security and your designing of cloud solutions. So here’s how this works. It makes simple sense. The cloud provider is gonna be responsible for certain aspects of the security, and you the customer, are going to be responsible for the other parts of security. Let’s take an example.
So, the cloud provider is spinning up on demand, at your bequest, a virtual machine. So they spin up a VM based on your inputs, right? You say, “I want a new virtual machine.” They spin it up. Think about it. They’re responsible for the security on the underlying hardware that’s ultimately running that virtual machine. Yeah, they’re securing their data center with probably the very latest and greatest in physical security. Think mission impossible. And, you know, someone like Tom Cruise suspended from the ceiling, trying to break into somewhere. So, the cloud provider, they’re responsible for securing that stuff that’s inside the data center, the hardware that makes the virtual machine a reality. What are you responsible for? Well, when you log in to that virtual machine you’re in charge of that virtual machine. So it’s gonna be your responsibility to take care of the security in the Linux or the Windows server or Unix, whatever you spun up inside of the cloud.
Let’s take a look at another example or just talk about it. The cloud provider would be responsible for encrypting like your data at rest, but you might be responsible for the rotation of passwords or keys. So, the shared responsibility model can even be referring to inside of a service. So if we’re talking about some kind of key management, there’s gonna be responsibilities for the security keys that we have and responsibilities that the cloud provider has. Again, this can really if done right, this can amount to much greater security than you could have had in the past. Again, just think of the example of a high tech data center that has the latest, greatest physical security mechanisms and the latest, greatest video cameras that are IP based and all that kind of stuff. We might not be able to afford that in our quote on quote “regular organization.” So, the shared responsibility model is a great thing and recognize this fact now that you’re going to be a Cloud+-certified individual. Thanks for watching.
