CCS335

CLOUD COMPUTING

UNIT I -
CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE
 UNIT I Cloud Architecture Models and Infrastructure

UNIT I
CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE
Page
S.No. Topic No.
Cloud Architecture:
1. 3
System Models for Distributed and Cloud Computing

2. NIST Cloud Computing Reference Architecture 11

3. Cloud Deployment Models 15

4. Cloud Service Models 18

Cloud Infrastructure:
5. 23
Architectural Design of Compute and Storage Clouds

6. Design Challenges 34
 UNIT I Cloud Architecture Models and Infrastructure

CCS335 CLOUD COMPUTING

UNIT I CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE 6

Cloud Architecture: System Models for Distributed and Cloud Computing – NIST Cloud
Computing Reference Architecture – Cloud deployment models – Cloud service models; Cloud
Infrastructure: Architectural Design of Compute and Storage Clouds – Design Challenges.

(1) SYSTEM MODELS FOR DISTRIBUTED AND CLOUD COMPUTING:

• Clusters of Cooperative Computers

• Grid Computing Infrastructures
• Peer-to-Peer Network Families
• Cloud Computing over the Internet
• Cluster Architecture
• Single-System Image
• Hardware, Software, and Middleware Support
• Major Cluster Design Issues

Massive systems are classified into four groups:

a) Computer clusters
b) P2P networks
c) Computing grids and
d) Internet clouds over huge data centers.
In terms of node number, these four system classes may involve hundreds, thousands, or even
millions of computers as participating nodes. These machines work collectively, cooperatively, or
collaboratively at various levels.
 UNIT I Cloud Architecture Models and Infrastructure

Clusters of Cooperative Computers

• A computing cluster consists of interconnected stand-alone computers which work cooperatively as
a single integrated computing resource.
• In the past, clustered computer systems have demonstrated impressive results in handling heavy
workloads with large data sets.
Grid Computing Infrastructures
– Computational Grids
– Grid Families

Computational Grids

• Like an electric utility power grid, a computing grid offers an infrastructure that couples computers,
software/middleware, special instruments, and people and sensors together.
• The grid is often constructed across LAN, WAN, or Internet backbone networks at a regional,
national, or global scale.
• Enterprises or organizations present grids as integrated computing resources. They can also be
viewed as virtual platforms to support virtual organizations.
• The computers used in a grid are primarily workstations, servers, clusters, and supercomputers.
Personal computers, laptops, and PDAs can be used as access devices to a grid system.
• Figure 1.16 shows an example computational grid built over multiple resource sites owned by
different organizations. The resource sites offer complementary computing resources, including
workstations, large servers, a mesh of processors, and Linux clusters to satisfy a chain of
computational needs.

Peer-to-Peer Network-P2P

 P2P architecture offers a distributed model of networked systems.

 P2P network is client-oriented instead of server-oriented
 In a P2P system, every node acts as both a client and a server
 Peer machines are simply client computers connected to the Internet.
 All client machines act autonomously to join or leave the system freely. This implies that no master-
slave relationship exists among the peers.
 UNIT I Cloud Architecture Models and Infrastructure

 No central coordination or central database is needed. The system is self-organizing with distributed
control.
o P2P two layer of abstractions as given in the figure

 Only the participating peers form the physical network at any time.
 Physical network is simply an ad hoc network formed at various Internet domains randomly using
the TCP/IP and NAI protocols.

Peer-to-Peer Network-Overlay network

 Data items or files are distributed in the participating peers.

 Based on communication or file-sharing needs, the peer IDs form an overlay network at the logical
level.
 When a new peer joins the system, its peer ID is added as a node in the overlay network.
 When an existing peer leaves the system, its peer ID is removed from the overlay network
automatically.
 An unstructured overlay network is characterized by a random graph. There is no fixed route to
send messages or files among the nodes. Often, flooding is applied to send a query to all nodes in an
unstructured overlay, thus resulting in heavy network traffic and nondeterministic search results.
 Structured overlay networks follow certain connectivity topology and rules for inserting and
removing nodes (peer IDs) from the overlay graph.

Cloud Computing over the Internet

– Internet Clouds
– The Cloud Landscape
• IBM has defined : A cloud is a pool of virtualized computer resources.
• A cloud can host a variety of different workloads, including batch-style backend jobs and interactive
and user-facing applications.
• A cloud allows workloads to be deployed and scaled out quickly through rapid provisioning of
virtual or physical machines.
• The cloud supports redundant, self-recovering, highly scalable programming models that allow
workloads to recover from many unavoidable hardware/software failures.
 UNIT I Cloud Architecture Models and Infrastructure

• The cloud system should be able to monitor resource use in real time to enable rebalancing of
allocations when needed.
Internet Clouds

• Cloud computing applies a virtualized platform with elastic resources on demand by provisioning
hardware, software, and data sets dynamically (see Figure 1.18).
• The idea is to move desktop computing to a service-oriented platform using server clusters and huge
databases at data centers.
• Cloud computing leverages its low cost and simplicity to benefit both users and providers. Machine
virtualization has enabled such cost-effectiveness.
• Cloud computing intends to satisfy many user applications simultaneously.
• The cloud ecosystem must be designed to be secure, trustworthy, and dependable. Some computer
users think of the cloud as a centralized resource pool.
• Others consider the cloud to be a server cluster which practices distributed computing over all the
servers used.

The Cloud Landscape

• Traditional systems have encountered several performance bottlenecks: constant system

maintenance, poor utilization, and increasing costs associated with hardware/software upgrades.
• Cloud computing as an on-demand computing paradigm resolves or relieves us from these
problems.
• Figure 1.19 depicts the cloud landscape and major cloud players, based on three cloud service
models.
• Infrastructure as a Service (IaaS)
- This model puts together infrastructures demanded by users—namely servers, storage,
networks, and the data center fabric.
- The user can deploy and run on multiple VMs running guest OSes on specific applications.
• Platform as a Service (PaaS)
- This model enables the user to deploy user-built applications onto a virtualized cloud
platform.
- PaaS includes middleware, databases, development tools, and some runtime support such as
Web 2.0 and Java.
 UNIT I Cloud Architecture Models and Infrastructure

- The platform includes both hardware and software integrated with specific programming
interfaces.
– The provider supplies the API and software tools (e.g., Java, Python, Web 2.0, .NET). The
user is freed from managing the cloud infrastructure.
• Software as a Service (SaaS)
- This refers to browser-initiated application software over thousands of paid cloud customers.

- The SaaS model applies to business processes, industry applications, consumer relationship
management (CRM), enterprise resources planning (ERP), human resources (HR), and
collaborative applications.

- On the customer side, there is no upfront investment in servers or software licensing. On the
provider side, costs are rather low, compared with conventional hosting of user applications.

• Internet clouds offer four deployment modes: private, public, managed, and hybrid. These modes
demand different levels of security implications.
• The following list highlights eight reasons to adapt the cloud for upgraded Internet applications and
web services:
1. Desired location in areas with protected space and higher energy efficiency
2. Sharing of peak-load capacity among a large pool of users, improving overall utilization
3. Separation of infrastructure maintenance duties from domain-specific application development
4. Significant reduction in cloud computing cost, compared with traditional computing paradigms
5. Cloud computing programming and application development
6. Service and data discovery and content/service distribution
7. Privacy, security, copyright, and reliability issues
8. Service agreements, business models, and pricing policies
 UNIT I Cloud Architecture Models and Infrastructure

The Basic Architecture of the types of clouds can be seen in Figure 4.1 below.

Public Clouds: A public cloud is owned by a service provider, built over the Internet and offered to a user
on payment. Ex: Google App Engine (GAE), AWS, MS-Azure, IBM Blue Cloud and Salesforce-
Force.com. All these offer their services for creating and managing VM instances to the users within their
own infrastructure.

Private Clouds: A private cloud is built within the domain of an intranet owned by a single organization.
It is client-owned and managed; its access is granted to a limited number of clients only. Private clouds
offer a flexible and agile private infrastructure to run workloads within their own domains. Though private
cloud offers more control, it has limited resources only.

Hybrid Clouds: A hybrid cloud is built with both public and private clouds. Private clouds can also
support a hybrid cloud model by enhancing the local infrastructure with computing capacity of a public
external cloud.
Public clouds provide standardization, preserve the investment and offer flexibility.
Private clouds attempt to achieve customization (modify to suit the current situation), higher efficiency,
resilience (capacity to recover quickly from difficulties), security and privacy.
Hybrid clouds work in the middle with many compromises in resource sharing
 UNIT I Cloud Architecture Models and Infrastructure

Cluster Architecture

• Figure 1.15 shows the architecture of a typical server cluster built around a low-latency, high
bandwidth interconnection network. This network can be as simple as a SAN (e.g., Myrinet) or a
LAN (e.g., Ethernet).
• To build a larger cluster with more nodes, the interconnection network can be built with multiple
levels of Gigabit Ethernet, Myrinet, or InfiniBand switches.

• Through hierarchical construction using a SAN, LAN, or WAN, one can build scalable clusters with an
increasing number of nodes.
• The cluster is connected to the Internet via a Virtual Private Network (VPN) gateway.
• The gateway IP address locates the cluster.
• The system image of a computer is decided by the way the OS manages the shared cluster resources.
• Most clusters have loosely coupled node computers.
• All resources of a server node are managed by their own OS.
• Most clusters have multiple system images as a result of having many autonomous nodes under
different OS control.

Single-System Image

• An ideal cluster should merge multiple system images into a single-system image (SSI).
• A cluster operating system or some middleware to support SSI at various levels, including the
sharing of CPUs, memory, and I/O across all cluster nodes.
• An SSI is an illusion created by software or hardware that presents a collection of resources as one
integrated, powerful resource.
• SSI makes the cluster appear like a single machine to the user.
• A cluster with multiple system images is nothing but a collection of independent computers.
 UNIT I Cloud Architecture Models and Infrastructure

Hardware, Software, and Middleware

• Clusters exploring massive parallelism are commonly known as MPPs (Massive Parallel
Processing). Almost all HPC clusters in the Top 500 list are also MPPs.
• The building blocks are computer nodes (PCs, workstations, servers, or SMP), special
communication software such as PVM or MPI, and a network interface card in each computer node.
• Most clusters run under the Linux OS. The computer nodes are interconnected by a high-bandwidth
network (such as Gigabit Ethernet, Myrinet, InfiniBand, etc.).
• Special cluster middleware supports are needed to create SSI or high availability (HA).
• For example, distributed memory has multiple images. Users may want all distributed memory to be
shared by all servers by forming distributed shared memory (DSM).
• Many SSI features are expensive or difficult to achieve at various cluster operational levels.
• Build many virtual clusters dynamically, upon user demand.

Major Cluster Design Issues

• Without this middleware, cluster nodes cannot work together effectively to achieve cooperative
computing.
• The software environments and applications must rely on the middleware to achieve high
performance.
• The cluster benefits come from scalable performance, efficient message passing, high system
availability, seamless fault tolerance, and cluster-wide job management, as summarized in Table
1.3.
 UNIT I Cloud Architecture Models and Infrastructure

(2) NIST CLOUD COMPUTING REFERENCE ARCHITECTURE

The following figure presents an overview of the NIST (National Institute of Standard Technology)
cloud computing referencearchitecture, which identifies the major actors, their activities and functions in
cloud computing.

The NIST cloud computing reference architecture defines five major actors:

1. Cloud Consumer
2. Cloud Provider
3. Cloud Carrier
4. Cloud Auditor
5. Cloud Broker
Each actor is an entity (a person or an organization) that participates in a transaction orprocess
and/or performs tasks in cloud computing.
 UNIT I Cloud Architecture Models and Infrastructure

Actor Definition
A person or organization that maintains a business relationship with, and uses
Cloud
Consumer service from, Cloud Providers.

A person, organization, or entity responsible for making a service available to

Cloud Provider
interested parties.
A party that can conduct independent assessment of cloud services, information
Cloud Auditor
system operations, performance and security of the cloud implementation.
An entity that manages the use, performance and delivery of cloud services, and
CloudBroker
negotiates relationships between Cloud Providers and Cloud Consumers.
An intermediary that provides connectivity and transport of cloud services from
Cloud Carrier
Cloud Providers to Cloud Consumers.

Figure : Interactions between the Actors in Cloud

Computing Cloud consumer:
Example Usage Scenario 1:
- A cloud consumer may request service from a cloud broker instead of contacting a
cloud provider directly. The cloud broker may create a new service by combining
multiple services or by enhancing an existing service.

- In this example, the actual cloud providers are invisible to the cloud consumer and the
cloud consumer interacts directly with the cloud broker.
 UNIT I Cloud Architecture Models and Infrastructure

Example Usage Scenario 2:

– Cloud carriers provide the connectivity and transport of cloud services from cloud providers to
cloud consumers.

– As illustrated in Figure 4, a cloud provider participates in and arranges for two unique service level
agreements (SLAs), one with a cloud carrier (e.g. SLA2) and one with a cloud consumer (e.g.
SLA1).

– A cloud provider arranges service level agreements (SLAs) with a cloud carrier and may request
dedicated and encrypted connections to ensure the cloud services are consumed at a consistent level
according to the contractual obligations with the cloud consumers.

– In this case, the provider may specify its requirements on capability, flexibility and functionality in
SLA2 in order to provide essential requirements in SLA1

Example Usage Scenario 3:

– For a cloud service, a cloud auditor conducts independent assessments of the operation and security
of the cloud service implementation.

– The audit may involve interactions with both the Cloud Consumer and the Cloud Provider.
 UNIT I Cloud Architecture Models and Infrastructure

Cloud Provider:
– A Cloud Provider is a person, an organization; it is the entity responsible for making a service
available to interested parties.
– A Cloud Provider acquires and manages the computing infrastructure required for providing the
services, runs the cloud software that provides the services, and makes arrangement to deliver the
cloud services to the Cloud Consumers through network access.
– A Cloud Provider’s activities can be described in five major areas, as shown in Figure 7, a cloud
provider conducts its activities in the areas of service deployment, service orchestration, cloud
service management, security, and privacy.

Cloud Auditor
– A cloud auditor is a party that can perform an independent examination of cloud service controls
with the intent to express an opinion thereon.
– Audits are performed to verify conformance to standards through review of objective evidence.
– A cloud auditor can evaluate the services provided by a cloud provider in terms of security
controls, privacy impact, performance, etc.
 UNIT I Cloud Architecture Models and Infrastructure

Cloud Broker:
In general, a cloud broker can provide services in three categories,
 Service Intermediation
 Service Aggregation: A cloud broker combines and integrates multiple services into
one or more new services
 Service Arbitrage: Service arbitrage is similar to service aggregation except that the
services being aggregated are not fixed.
Cloud Carrier:

– A cloud carrier acts as an intermediary that provides connectivity and transport of cloud services
between cloud consumers and cloud providers.
– Cloud carriers provide access to consumers through network, telecommunication and other access
devices.

(3) CLOUD DEPLOYMENT MODELS

PUBLIC, PRIVATE AND HYBRID CLOUDS

Public Clouds:

- A public cloud is one in which the cloud infrastructure and computing resources are made
available to the general public over a public network.
- A public cloud is owned by an organization selling cloud services, and serves a diverse pool
of clients
- A public cloud is owned by a service provider, built over the Internet and offered to a user
on payment. Ex: Google App Engine (GAE), AWS, MS-Azure, IBM Blue Cloud and
Salesforce- Force.com.
- All these offer their services for creating and managing VM instances to the users within
their own infrastructure.
 UNIT I Cloud Architecture Models and Infrastructure

Private Clouds:
- A private cloud gives a single Cloud Consumer‟s organization the exclusive access to
and usage of the infrastructure and computational resources.
- It may be managed either by the Cloud Consumer organization or by a third party, and
may be hosted on the organization‟s premises (i.e. on-site private clouds) or
outsourced to a hosting company (i.e. outsourced private clouds).
- A private cloud is built within the domain of an intranet owned by a single
organization.
- It is client-owned and managed; its access is granted to a limited number of clients
only.
- Private clouds offer a flexible and agile private infrastructure to run workloads within
their own domains. Though private cloud offers more control, it has limited resources
only.

Community Cloud :

- A community cloud serves a group of Cloud Consumers which have shared

concerns such as mission objectives, security, privacy and compliance policy, rather
than serving a single organization as does a private cloud.

- Similar to private clouds, a community cloud may be managed by the organizations or

by a third party, and may be implemented on customer premise
 UNIT I Cloud Architecture Models and Infrastructure

Hybrid Clouds:
- A hybrid cloud is a composition of two or more clouds (on-site private, on-site
community, off-site private, off-site community or public).
- A hybrid cloud is built with both public and private clouds.
- Private clouds can also support a hybrid cloud model by enhancing the local infrastructure with
computing capacity of a public external cloud.
 UNIT I Cloud Architecture Models and Infrastructure

(4) CLOUD SERVICE MODELS

IaaS – PaaS – SaaS

- Cloud computing delivers infrastructure, platform, and software (application) as services,

which are made available as subscription-based services in a pay-as-you-go model to
consumers.
- The services provided over the cloud can be generally categorized into three different
service models: namely IaaS, Platform as a Service (PaaS), and Software as a Service
(SaaS).
 UNIT I Cloud Architecture Models and Infrastructure

- These form the three pillars on top of which cloud computing solutions are delivered to
end users. All three models allow users to access services over the Internet, relying
entirely on the infrastructures of cloud service providers.
- These models are offered based on various SLAs between providers and users. In a broad
sense, the SLA for cloud computing is addressed in terms of service availability,
performance, and data protection and security.
- Figure illustrates three cloud models at different service levels of the cloud.
- SaaS is applied at the application end using special interfaces by users or clients
- At the PaaS layer, the cloud platform must perform billing services and handle job
queuing, launching, and monitoring services.
- At the bottom layer of the IaaS services, databases, compute instances, the file system,
and storage must be provisioned to satisfy user demands.

FIGURE : The IaaS, PaaS, and SaaS cloud service models at different service levels
Infrastructure as a Service (IaaS):
 This model allows users to use virtualized IT resources for computing, storage, and
networking.
 In short, the service is performed by rented cloud infrastructure.
 The user can deploy and run his applications over his chosen OS environment.
 The user does not manage or control the underlying cloud infrastructure, but has
control over the OS, storage, deployed applications, and possibly select networking
components.
 This IaaS model encompasses storage as a service, compute instances as a service,
and communication as a service.
The Virtual Private Cloud (VPC) shows how to provide Amazon EC2 clusters and
S3 storage to multiple users. Many startup cloud providers have appeared in recent
years. GoGrid, FlexiScale, and Aneka are good examples
 UNIT I Cloud Architecture Models and Infrastructure

For Example,
Amazon VPC for Multiple Tenants :
- A user can use a private facility for basic computations. When he must meet a specific
workload requirement, he can use the Amazon VPC to provide additional EC2 instances or
more storage (S3) to handle urgent applications.

FIGURE :Amazon VPC (virtual private cloud) Courtesy of VMWare

- Amazon EC2 provides the following services: resources from multiple data centers
globally distributed, CL1, web services (SOAP and Query), web-based console user
interfaces, access to VM instances via SSH and Windows, 99.5 percent available
agreements, per-hour pricing, Linux and Windows OSes, and automatic scaling and
load balancing.

- Both auto-scaling and elastic load balancing services can support related demands.
Auto- scaling enables users to automatically scale their VM instance capacity up or
down.

Platform-as-a-Service (PaaS) :
To be able to develop, deploy, and manage the execution of applications using provisioned
resources demands a cloud platform with the proper software environment. Such a platform
includes operating system and runtime library support. This has triggered the creation of the
PaaS model to enable users to develop and deploy their user applications.
- The platform cloud is an integrated computer system consisting of both hardware and
software infrastructure.

- The user application can be developed on this virtualized cloud platform using some
programming languages and software tools supported by the provider (e.g., Java,
Python, .NET).
 UNIT I Cloud Architecture Models and Infrastructure

- The user does not manage the underlying cloud infrastructure. The cloud provider
supports user application development and testing on a well-defined service platform.
- This PaaS model enables a collaborated software development platform for users
from different parts of the world. This model also encourages third parties to provide
software management, integration, and service monitoring solutions.
For Example ,
Google App Engine for PaaS Applications :
- As web applications are running on Google’s server clusters, they share the same
capability with many other users.
- The applications have features such as automatic scaling and load balancing which
are very convenient while building web applications.
- The distributed scheduler mechanism can also schedule tasks for triggering events at
specified times and regular intervals.

FIGURE : Google App Engine platform for PaaS operations

- Google provides a fully featured local development environment that simulates GAE on the
developer’s computer.
- All the functions and application logic can be implemented locally which is quite similar to
traditional software development.
- The coding and debugging stages can be performed locally as well.
- After these steps are finished, the SDK provided provides a tool for uploading the user’s
application to Google’s infrastructure where the applications are actually deployed.
- Many additional third-party capabilities, including software management,
integration,and service monitoring solutions, are also provided.
 UNIT I Cloud Architecture Models and Infrastructure

Software as a Service (SaaS):

 Services and tools offered by PaaS are utilized in construction of applications and
management of their deployment on resources offered by IaaS providers.
 The SaaS model provides software applications as a service.
 As a result, on the customer side, there is no upfront investment in servers
or software licensing.
 On the provider side, costs are kept rather low, compared with conventional hosting
of user applications.
The best examples of SaaS services include Google Gmail and docs, Microsoft
SharePoint, and the CRM software from Salesforce.com.

Providers such as Google and Microsoft offer integrated IaaS and PaaS services, whereas
others such as Amazon and GoGrid offer pure IaaS services and expect third-party PaaS
providers such as Manjrasoft to offer application development and deployment services on top
of their infrastructure services.

For Example ,

The New York Times has applied Amazon’s EC2 and S3 services to retrieve useful pictorial
information quickly from millions of archival articles and newspapers. The New York Times has
significantly reduced the time and cost in getting the job done.
 UNIT I Cloud Architecture Models and Infrastructure

(5) ARCHITECTURAL DESIGN OF COMPUTE AND STORAGE CLOUDS

We start with basic cloud architecture to process massive amounts of data with a high degree of parallelism.

A Generic Cloud Architecture Design

An Internet cloud is envisioned as a public cluster of servers provisioned on demand to perform collective
web services or distributed applications using data-center resources.

 Cloud Platform Design Goals

 Enabling Technologies for Clouds

Cloud Platform Design Goals

- Scalability
- Virtualization
- Efficiency
- Reliability
Cloud management receives the user request and finds the correct resources. Cloud calls the
provisioning services which invoke the resources in the cloud. Cloud management software needs to
support both physical and virtual machines.
The basic requirements for cloud architecture design are given as follows:

 The cloud architecture design must provide automated delivery of cloud services along with automated
management.
 It must support latest web standards like Web 2.0 or higher and REST or RESTful APIs.
 It must support very large - scale HPC infrastructure with both physical and virtual machines.
 The architecture of cloud must be loosely coupled.
 It should provide easy access to cloud services through a self - service web portal.
 Cloud management software must be efficient to receive the user request, finds the correct resources and then
calls the provisioning services which invoke the resources in the cloud.

 It must provide enhanced security for shared access to the resources from data centers.
 It must use cluster architecture for getting the system scalability.
 The cloud architecture design must be reliable and flexible.

 It must provide efficient performance and faster speed of access.

 UNIT I Cloud Architecture Models and Infrastructure

Enabling Technologies for Clouds

- Cloud users are able to demand more capacity at peak demand, reduce costs, experiment with new
services, and remove unneeded capacity.

- Service providers can increase system utilization via multiplexing, virtualization and dynamic
resource provisioning.

- Clouds are enabled by the progress in hardware, software and networking technologies
summarized in Table 4.3.

A Generic Cloud Architecture

- The Internet cloud is envisioned as a massive cluster of servers.

- Servers are provisioned on demand to perform collective web services using data-center resources.
- The cloud platform is formed dynamically by provisioning or deprovisioning servers, software, and
database resources.
- Servers in the cloud can be physical machines or VMs.
- User interfaces are applied to request services.
 UNIT I Cloud Architecture Models and Infrastructure

- The cloud computing resources are built into the data centers.

- Data centers are typically owned and operated by a third-party provider.

- Consumers do not need to know the underlying technologies

- In a cloud, software becomes a service.

- Cloud demands a high degree of trust of massive amounts of data retrieved from large data centers.

- The software infrastructure of a cloud platform must handle all resource management and
maintenance automatically.

- Software must detect the status of each node server joining and leaving.

- Cloud computing providers such as Google and Microsoft, have built a large number of data
centers.

- Each data center may have thousands of servers.

- The location of the data center is chosen to reduce power and cooling costs.
 UNIT I Cloud Architecture Models and Infrastructure

Layered Cloud Architectural Development

The architecture of a cloud is developed at three layers

- Infrastructure
- Platform
- Application

- Implemented with virtualization and standardization of hardware and software resources

provisioned in the cloud.
- The services to public, private and hybrid clouds are conveyed to users through networking support

Infrastructure Layer

- Foundation for building the platform layer.

- Built with virtualized compute, storage, and network resources.
- Provide the flexibility demanded by users.
- Virtualization realizes automated provisioning of resources and optimizes the infrastructure
management process.

Platform Layer

- Foundation for implementing the application layer for SaaS applications.

- Used for general-purpose and repeated usage of the collection of software resources.
- Provides users with an environment to develop their applications, to test operation flows, and to
monitor execution results and performance.
- The platform should be able to assure users that they have scalability, dependability, and security
protection
 UNIT I Cloud Architecture Models and Infrastructure

Application Layer

- Collection of all needed software modules for SaaS applications.

- Service applications in this layer include daily office management work, such as information
retrieval, document processing, and authentication services.

- The application layer is also heavily used by enterprises in business marketing and sales, consumer
relationship management (CRM) and financial transactions.

- Not all cloud services are restricted to a single layer.

- Many applications may apply resources at mixed layers.

- Three layers are built from the bottom up with a dependence relationship.

Market-Oriented Cloud Architecture

- High-level architecture for supporting market-oriented resource allocation in a cloud computing

environment.
- Users or brokers acting on user’s behalf submit service requests to the data center.
- When a service request is first submitted, the service request examiner interprets the submitted
request for QoS requirements.
- Accept or Reject the request.
 UNIT I Cloud Architecture Models and Infrastructure

- VM Monitor: Latest status information regarding resource availability.

- Service Request Monitor: Latest status information workload processing

- Pricing mechanism: Decides how service requests are charged.

- Accounting mechanism: Maintains the actual usage of resources by requests to compute the final
cost.

- VM Monitor mechanism keeps track of the availability of VMs and their resource entitlements.

Dispatcher starts the execution of accepted service requests on allocated VMs.

- Service Request Monitor mechanism keeps track of the execution progress of service requests.

- Multiple VMs can be started and stopped on demand

Quality of Service (QoS) Factors

- Time
- Cost
- Reliability
- Trust/security
QoS requirements cannot be static and may change over time.

Virtualization Support and Disaster Recovery

 Virtualization of servers on a shared cluster can consolidate web services.
 As the VMs are the containers of cloud services, the provisioning tools will first find the
corresponding physical machines and deploy the VMs to those nodes before scheduling the service
to run on the virtual nodes.
 In cloud computing, virtualization also means the resources and fundamental infrastructure are
virtualized.
 The user will not care about the computing resources that are used for providing the services.
 Cloud users do not need to know and have no way to discover physical resources that are involved
while processing a service request.
 Application developers do not care about some infrastructure issues such as scalability and fault
tolerance (i.e., they are virtualized).
 Application developers focus on service logic. Figure 4.17 shows the infrastructure needed to
virtualize the servers in a data center for implementing specific cloud applications.
 UNIT I Cloud Architecture Models and Infrastructure

Hardware Virtualization
 In many cloud computing systems, virtualization software is used to virtualize the hardware.
System virtualization software is a special kind of software which simulates the execution of
hardware and runs even unmodified operating systems.

 Cloud computing systems use virtualization software as the running environment for legacy
software such as old operating systems and unusual applications.

 Virtualization software is also used as the platform for developing new cloud applications that
enable developers to use any operating systems and programming environments they like.

 The development environment and deployment environment can now be the same, which
eliminates some runtime problems.

 Some cloud computing providers have used virtualization technology to provide this service for
developers.

 As mentioned before, system virtualization software is considered the hardware analog mechanism
to run an unmodified operating system, usually on bare hardware directly, on top of software.

 Table 4.4 lists some of the system virtualization software in wide use at the time of this writing.

 Currently, the VMs installed on a cloud computing platform are mainly used for hosting third-party
programs.

 VMs provide flexible runtime services to free users from worrying about the system environment.
 UNIT I Cloud Architecture Models and Infrastructure

 Using VMs in a cloud computing platform ensures extreme flexibility for users.

 As the computing resources are shared by many users, a method is required to maximize the users’
privileges and still keep them separated safely.

 Traditional sharing of cluster resources depends on the user and group mechanism on a system.
Such sharing is not flexible.

 Users cannot customize the system for their special purposes. Operating systems cannot be
changed. The separation is not complete.

 An environment that meets one user’s requirements often cannot satisfy another user. Virtualization
allows users to have full privileges while keeping them separate.

 Users have full access to their own VMs, which are completely separate from other users’ VMs.
 UNIT I Cloud Architecture Models and Infrastructure

 Multiple VMs can be mounted on the same physical server. Different VMs may run with different
OSes. We also need to establish the virtual disk storage and virtual networks needed by the VMs.

 The virtualized resources form a resource pool. The virtualization is carried out by special servers
dedicated to generating the virtualized resource pool.

 The virtualized infrastructure (black box in the middle) is built with many virtualizing integration
managers.

 These managers handle loads, resources, security, data, and provisioning functions.

 Figure 4.18 shows two VM platforms. Each platform carries out a virtual solution to a user job. All
cloud services are managed in the boxes at the top.

Virtualization Support in Public Clouds

 Armbrust, et al. have assessed in Table 4.4 three public clouds in the context of virtualization
support: AWS, Microsoft Azure, and GAE.

 AWS provides extreme flexibility (VMs) for users to execute their own applications.

 GAE provides limited application-level virtualization for users to build applications only based on
the services that are created by Google.

 Microsoft provides programming-level virtualization (.NET virtualization) for users to build their
applications.

 The VMware tools apply to workstations, servers, and virtual infrastructure.

 The Microsoft tools are used on PCs and some special servers.

 The XenEnterprise tool applies only to Xen-based servers.

 Everyone is interested in the cloud; the entire IT industry is moving toward the vision of the cloud.
 UNIT I Cloud Architecture Models and Infrastructure

 Virtualization leads to HA, disaster recovery, dynamic load leveling, and rich provisioning support.
Both cloud computing and utility computing leverage the benefits of virtualization to provide a
scalable and autonomous computing environment.

Storage Virtualization for Green Data Centers

 IT power consumption in the United States has more than doubled to 3 percent of the total energy
consumed in the country.

 The large number of data centers in the country has contributed to this energy crisis to a great
extent.

 More than half of the companies in the Fortune 500 are actively implementing new corporate
energy policies.

 Recent surveys from both IDC and Gartner confirm the fact that virtualization had a great impact
on cost reduction from reduced power consumption in physical computing systems.

 This alarming situation has made the IT industry become more energy-aware.

 With little evolution of alternate energy resources, there is an imminent need to conserve power in
all computers.

 Virtualization and server consolidation have already proven handy in this aspect.

 Green data centers and benefits of storage virtualization are considered to further strengthen the
synergy of green computing.
Virtualization for IaaS
 VM technology has increased in ubiquity. This has enabled users to create customized
environments atop physical infrastructure for cloud computing.

 Use of VMs in clouds has the following distinct benefits:

(1) System administrators consolidate workloads of underutilized servers in fewer servers;
(2) VMs have the ability to run legacy code without interfering with other APIs;
(3) VMs can be used to improve security through creation of sandboxes for running applications
with questionable reliability; And
(4) Virtualized cloud platforms can apply performance isolation, letting providers offer some
guarantees and better QoS to customer applications.
 UNIT I Cloud Architecture Models and Infrastructure

4.3.3.5 VM Cloning for Disaster Recovery

 VM technology requires an advanced disaster recovery scheme.

 One scheme is to recover one physical machine by another physical machine.

 The second scheme is to recover one VM by another VM. As shown in the top timeline of Figure
4.18, traditional disaster recovery from one physical machine to another is rather slow, complex,
and expensive.

 Total recovery time is attributed to the hardware configuration, installing and configuring the OS,
installing the backup agents, and the long time to restart the physical machine.

 To recover a VM platform, the installation and configuration times for the OS and backup agents
are eliminated.

 Therefore, we end up with a much shorter disaster recovery time, about 40 percent of that to
recover the physical machines.

 Virtualization aids in fast disaster recovery by VM encapsulation.

 The cloning of VMs offers an effective solution. The idea is to make a clone VM on a remote
server for every running VM on a local server.

 Among all the clone VMs, only one needs to be active.

 The remote VM should be in a suspended mode.

 A cloud control center should be able to activate this clone VM in case of failure of the original
VM, taking a snapshot of the VM to enable live migration in a minimal amount of time.

 The migrated VM can run on a shared Internet connection. Only updated data and modified states
are sent to the suspended VM to update its state.

 The Recovery Property Objective (RPO) and Recovery Time Objective (RTO) are affected by the
number of snapshots taken.

 Security of the VMs should be enforced during live migration of VMs.

 UNIT I Cloud Architecture Models and Infrastructure

(6) ARCHITECTURAL DESIGN CHALLENGES

Six open challenges in cloud architecture development.

Challenge 1—Service Availability and Data Lock-in Problem

Challenge 2—Data Privacy and Security Concerns
Challenge 3—Unpredictable Performance and Bottlenecks
Challenge 4—Distributed Storage and Widespread Software
Bugs
Challenge 5—Cloud Scalability, Interoperability, and Standardization
Challenge 6—Software Licensing and Reputation Sharing

Challenge 1—Service Availability and Data Lock-in Problem

 The management of a cloud service by a single company is often the source of single points of failure.
 To achieve HA (High Availability), one can consider using multiple cloud providers.
 Even if a company has multiple data centers located in different geographic regions, it may have
common software infrastructure and accounting systems.
 Therefore, using multiple cloud providers may provide more protection from failures. Another
availability obstacle is Distributed Denial Of Service (DDoS) attacks.
 Criminals threaten to cut off the incomes of SaaS providers by making their services unavailable. Some
utility computing services offer SaaS providers the opportunity to defend against DDoS attacks by using
quick scale-ups.
 Software stacks have improved interoperability among different cloud platforms, but the APIs itself are
still proprietary.
 Customers cannot easily extract their data and programs from one site to run on another. The obvious
solution is to standardize the APIs so that a SaaS developer can deploy services and data across multiple
cloud providers.
 This will rescue the loss of all data due to the failure of a single company.
 In addition to mitigating data lock-in concerns, standardization of APIs enables a new usage model in
which the same software infrastructure can be used in both public and private clouds.
 Such an option could enable “surge computing,” in which the public cloud is used to capture the extra
 UNIT I Cloud Architecture Models and Infrastructure

tasks that cannot be easily run in the data center of a private cloud.
 UNIT I Cloud Architecture Models and Infrastructure

Challenge 2—Data Privacy and Security Concerns

 Current cloud offerings are essentially public (rather than private) networks, exposing the system to
more attacks.
 Many obstacles can be overcome immediately with well-understood technologies such as encrypted
storage, virtual LANs, and network middleboxes (e.g., firewalls, packet filters).
 For example, you could encrypt your data before placing it in a cloud.
 Many nations have laws requiring SaaS providers to keep customer data and copyrighted material
within national boundaries.
 Traditional network attacks include buffer overflows, DoS attacks, spyware, malware, rootkits, Trojan
horses, and worms.
 In a cloud environment, newer attacks may result from hypervisor malware, guest hopping and
hijacking, or VM rootkits. Another type of attack is the man-in-the-middle attack for VM migrations.
 In general, passive attacks steal sensitive data or passwords.
 Active attacks may manipulate kernel data structures which will cause major damage to cloud servers.

. Challenge 3—Unpredictable Performance and Bottlenecks

 Multiple VMs can share CPUs and main memory in cloud computing, but I/O sharing is problematic.
For example, to run 75 EC2 instances with the STREAM benchmark requires a mean bandwidth of
1,355 MB/second.
 However, for each of the 75 EC2 instances to write 1 GB files to the local disk requires a mean disk
write bandwidth of only 55 MB/second.
 This demonstrates the problem of I/O interference between VMs. One solution is to improve I/O
architectures and operating systems to efficiently virtualize interrupts and I/O channels.
 Internet applications continue to become more data-intensive. If we assume applications to be
“pulled apart” across the boundaries of clouds, this may complicate data placement and transport.
 Cloud users and providers have to think about the implications of placement and traffic at every level of
the system, if they want to minimize costs.
 This kind of reasoning can be seen in Amazon’s development of its new CloudFront service.
 Therefore, data transfer bottlenecks must be removed, bottleneck links must be widened, and weak
servers should be removed.

Challenge 4—Distributed Storage and Widespread Software Bugs

 The database is always growing in cloud applications. The opportunity is to create a storage system that
will not only meet this growth, but also combine it with the cloud advantage of scaling arbitrarily up
and down on demand. This demands the design of efficient distributed SANs.
 Data centers must meet programmers’ expectations in terms of scalability, data durability, and HA. Data
consistence checking in SAN-connected data centers is a major challenge in cloud computing.
 Large-scale distributed bugs cannot be reproduced, so the debugging must occur at a scale in the
production data centers.
 No data center will provide such a convenience. One solution may be a reliance on using VMs in cloud
computing.
 The level of virtualization may make it possible to capture valuable information in ways that are
impossible without using VMs.
 UNIT I Cloud Architecture Models and Infrastructure

 Debugging over simulators is another approach to attacking the problem, if the simulator is well
designed.

Challenge 5—Cloud Scalability, Interoperability, and Standardization

 The pay-as-you-go model applies to storage and network bandwidth; both are counted in terms of the
number of bytes used.
 Computation is different depending on virtualization level.
 GAE automatically scales in response to load increases and decreases; users are charged by the cycles
used.
 AWS charges by the hour for the number of VM instances used, even if the machine is idle.
 The opportunity here is to scale quickly up and down in response to load variation, in order to save
money, but without violating SLAs.
 Open Virtualization Format (OVF) describes an open, secure, portable, efficient, and extensible format
for the packaging and distribution of VMs.
 It also defines a format for distributing software to be deployed in VMs.
 This VM format does not rely on the use of a specific host platform, virtualization platform, or guest
operating system.
 The approach is to address virtual platform-agnostic packaging with certification and integrity of
packaged software.
 The package supports virtual appliances to span more than one VM.
 OVF also defines a transport mechanism for VM templates, and can apply to different virtualization
platforms with different levels of virtualization.
 In terms of cloud standardization, we suggest the ability for virtual appliances to run on any virtual
platform.
 We also need to enable VMs to run on heterogeneous hardware platform hypervisors. This requires
hypervisor-agnostic VMs.
 We also need to realize cross-platform live migration between x86 Intel and AMD technologies and
support legacy hardware for load balancing. All these issues are wide open for further research.

Challenge 6—Software Licensing and Reputation Sharing

 Many cloud computing providers originally relied on open source software because the licensing model
for commercial software is not ideal for utility computing.
 The primary opportunity is either for open source to remain popular or simply for commercial software
companies to change their licensing structure to better fit cloud computing.
 One can consider using both pay-for-use and bulk-use licensing schemes to widen the business
coverage.
 One customer’s bad behavior can affect the reputation of the entire cloud.
 For instance, blacklisting of EC2 IP addresses by spam-prevention services may limit smooth VM
installation.
 An opportunity would be to create reputation-guarding services similar to the “trusted e-mail” services
currently offered (for a fee) to services hosted on smaller ISPs.
 Another legal issue concerns the transfer of legal liability.
 Cloud providers want legal liability to remain with the customer, and vice versa.
 This problem must be solved at the SLA level.