MODULE 2

Cloud Computing Deployment Models

1 Public Cloud :
In the Public Cloud model, cloud resources such as servers, storage, and applications are owned,
managed, and maintained by a third-party cloud provider. These resources are shared among
multiple organizations (known as tenants) and accessed over the internet.
• How it Works: Public cloud providers like Amazon Web Services (AWS), Microsoft Azure, and
Google Cloud Platform (GCP) host and manage infrastructure, while customers access
resources and services through a web interface or API.
• Advantages:
o Scalability: Resources can be scaled up or down quickly to meet demand.
o Cost-effective: No need for physical hardware; users pay only for what they use.
o Maintenance-free: The provider handles maintenance, updates, and security.
• Disadvantages:
o Less Control: Limited control over infrastructure, as it is managed by a third-party.
o Potential Security Concerns: Data is stored on shared infrastructure, which may raise
security and privacy concerns for sensitive information.
2 Private Cloud :
In the Private Cloud model, cloud infrastructure is used exclusively by one organization. The
infrastructure may be located on-premises or hosted by a third-party provider, but it is dedicated to a
single organization, offering a higher level of control, privacy, and security.
• How it Works: The organization either manages its private cloud on its own premises or
outsources management to a third-party service provider. Private clouds can be built using
virtualization software like VMware, OpenStack, or Hyper-V.
• Advantages:
o High Control: The organization has full control over data, infrastructure, and
applications.
o Enhanced Security: Private clouds provide a more secure environment for sensitive
data and mission-critical applications.
o Customization: Can be tailored to meet specific business and compliance
requirements.
• Disadvantages:
o Higher Costs: Requires significant investment in hardware and skilled personnel.
o Limited Scalability: Scaling may be more difficult compared to the public cloud, as it
requires adding physical infrastructure.

3 Hybrid Cloud :
The Hybrid Cloud model combines both public and private clouds, allowing data and applications to
be shared between them. This enables businesses to take advantage of the flexibility of the public
cloud for general workloads while keeping sensitive data and critical workloads in a private cloud.
• How it Works: Organizations can move workloads between public and private clouds as
needed, often using tools and services that facilitate seamless integration between the two
environments.
• Advantages:
o Flexibility: Workloads can be allocated to the appropriate environment based on
performance, security, and cost considerations.
o Scalability: Leverages the public cloud for scalability and on-demand resources.
o Cost Efficiency: Saves costs by using the public cloud for less sensitive workloads
while keeping sensitive data secure in a private cloud.
• Disadvantages:
 o Complex Management: Requires careful management and coordination between
public and private cloud components.
o Security and Compliance Challenges: May require extra security measures to ensure
data integrity across different environments.

4 Community Cloud :
The Community Cloud model is a collaborative cloud infrastructure shared by several organizations
with similar requirements and concerns, such as security, compliance, or industry regulations. The
infrastructure is either managed internally or by a third-party provider, but access is restricted to a
specific group of organizations.
• How it Works: Organizations with common interests or compliance requirements share
resources in a community cloud, which can be hosted on-premises or by a third-party
provider.
• Advantages:
o Shared Costs: The cost of setting up and maintaining the cloud infrastructure is
shared among the community members.
o Compliance and Security: Tailored to meet the specific compliance and security
needs of the community, such as government agencies or healthcare institutions.
o Collaboration: Allows organizations to collaborate on shared goals and leverage a
secure and compliant infrastructure.
• Disadvantages:
o Limited Scalability: Scaling may be limited compared to public clouds.
o Shared Responsibility: Members must agree on policies for managing and
maintaining the infrastructure.

Cloud Computing Services Models

1. Infrastructure as a Service (IaaS)

Infrastructure as a Service (IaaS) is a cloud service model that provides virtualized computing
resources over the internet. IaaS offers the most basic level of cloud computing, giving users access
to fundamental resources like virtual machines, storage, and networking.
• What It Includes: Virtual machines, storage, networks, load balancers, and other
fundamental infrastructure resources.
• Customer’s Responsibility: The customer is responsible for installing and managing their
own OS, applications, and data. They also need to handle security, maintenance, and
backups at the software level.
• Benefits:
o Scalability: Resources can be easily scaled up or down based on demand.
o Cost-Effectiveness: Pay-as-you-go pricing reduces capital expenditure on hardware.
o Control: Provides full control over the OS and applications.
• Common Use Cases: Disaster recovery, development and testing environments, hosting
websites, and running high-performance computing tasks.
• Examples: Amazon Web Services (AWS) EC2, Microsoft Azure Virtual Machines, Google Cloud
Compute Engine.

2. Platform as a Service (PaaS)

Platform as a Service (PaaS) is a cloud service model that provides a platform allowing customers to
develop, run, and manage applications without dealing with the infrastructure required for
development and deployment. It includes both hardware and software tools needed for application
development.
 • What It Includes: Development tools, database management, middleware, operating
systems, and runtime environments.
• Customer’s Responsibility: The customer is responsible for the applications and data, while
the provider manages the underlying infrastructure, OS, and middleware.
• Benefits:
o Streamlined Development: Developers can focus on coding without worrying about
managing infrastructure.
o Faster Time to Market: PaaS provides all necessary tools and resources to deploy
applications quickly.
o Cost Savings: Reduces the need for investment in on-premises hardware and
software.
• Common Use Cases: Developing and deploying web applications, mobile apps, and APIs;
simplifying DevOps processes.
• Examples: Google App Engine, Microsoft Azure App Service, Heroku.

3. Software as a Service (SaaS)

Software as a Service (SaaS) is a cloud service model where applications are delivered over the
internet as a service. Users can access SaaS applications directly from their browsers without needing
to install or manage the underlying software and hardware.
• What It Includes: Complete software applications managed by the provider, typically hosted
on the provider’s infrastructure.
• Customer’s Responsibility: The customer only uses the application; all underlying
infrastructure, OS, middleware, and data storage are managed by the provider.
• Benefits:
o Accessibility: Accessible from any device with an internet connection.
o Automatic Updates: The provider handles updates, maintenance, and patches.
o Reduced IT Complexity: No need to install, manage, or maintain software locally.
• Common Use Cases: Email, customer relationship management (CRM), enterprise resource
planning (ERP), collaboration tools.
• Examples: Google Workspace (formerly G Suite), Salesforce, Microsoft Office 365, Dropbox.

4. Anything as a Service(XaaS) :
• Anything as a service” (XaaS) describes a general category of services related to cloud
computing and remote access.
• It recognizes the vast number of products, tools, and technologies that are now delivered to
users as a service over the internet.
• Essentially, any IT function can be transformed into a service for enterprise consumption.
• The service is paid for in a flexible consumption model rather than as an upfront purchase or
license.
Benefits of XaaS
1. Cost Efficiency: XaaS reduces the need for large upfront capital investments in infrastructure
and software. Organizations can subscribe to services as needed, saving on hardware,
software, and maintenance costs.
2. Scalability: XaaS enables on-demand scalability. Businesses can scale services up or down
depending on their requirements, improving resource efficiency and reducing wastage.
3. Agility and Flexibility: With XaaS, businesses can quickly adopt new technologies and
services, enabling faster innovation and response to market changes.
Challenges of XaaS
1. Reliability and Downtime: Since XaaS relies on internet connectivity, any network downtime
or service outages can impact access to critical services.
 2. Data Security and Privacy: Storing and managing data off-site with third-party providers may
raise concerns about data security, privacy, and compliance, especially for sensitive or
regulated data.
3. Vendor Lock-In: Migrating from one XaaS provider to another can be challenging due to data
transfer, compatibility, and integration issues.

DataBase as a Service (DBaaS):

Database as a Service (DBaaS) is a cloud computing service model that provides access to a fully
managed database over the internet. DBaaS enables users to store, retrieve, and manage data
without worrying about the underlying infrastructure, software installation, or maintenance. In a
DBaaS model, the cloud provider takes responsibility for the administrative tasks involved in
database management, such as backup, scaling, patching, and security, allowing customers to focus
on using and managing their data rather than maintaining the database system.
Advantages of DBaaS
1. Reduced Operational Overhead: Since the provider manages the database infrastructure,
organizations can eliminate the need for database administrators (DBAs) for routine tasks,
saving time and resources.
2. Scalability and Flexibility: DBaaS platforms allow for on-demand scaling, meaning that
businesses can increase or decrease resources based on their needs, which is particularly
useful for fluctuating workloads.
3. Lower Costs: With pay-as-you-go pricing, DBaaS minimizes the upfront costs of database
setup. Companies only pay for the resources they use, allowing better budgeting and
resource management.
4. Faster Deployment: Setting up a database traditionally takes considerable time, but with
DBaaS, users can spin up new databases in minutes, enabling faster development and testing
cycles.
Disadvantages and Challenges of DBaaS
1. Limited Control: Since the provider manages the database, users have limited control over
customization and may be constrained by the configurations and limitations of the DBaaS.
2. Data Security and Privacy Concerns: Storing sensitive data with a third-party provider can
raise privacy and security concerns, especially for regulated industries with strict compliance
requirements.
3. Network Latency: Since the database is hosted in the cloud, latency may become an issue,
particularly for applications requiring low-latency, high-performance access to data.

Open Stack Architecture :-

OpenStack is an open-source cloud computing platform that provides a suite of software tools for
building and managing cloud infrastructure. It is designed for both public and private clouds, offering
infrastructure-as-a-service (IaaS) solutions that allow users to create and manage virtualized
resources such as compute, storage, and networking. OpenStack’s modular architecture is built from
a series of interrelated components, each designed to perform a specific function within a cloud
environment.
Features of open stack :
• Modular architecture: OpenStack is designed with a modular architecture that enables users
to deploy only the components they need. This makes it easier to customize and scale the
platform to meet specific business requirements.
• Multi-tenancy support: OpenStack provides multi-tenancy support, which enables multiple
users to access the same cloud infrastructure while maintaining security and isolation
between them. This is particularly important for cloud service providers who need to offer
services to multiple customers.
 • Open-source software: OpenStack is an open-source software platform that is free to use
and modify. This enables users to customize the platform to meet their specific
requirements, without the need for expensive proprietary software licenses.
• Distributed architecture: OpenStack is designed with a distributed architecture that enables
users to scale their cloud infrastructure horizontally across multiple physical servers. This
makes it easier to handle large workloads and improve system performance.
• API-driven: OpenStack is API-driven, which means that all components can be accessed and
controlled through a set of APIs. This makes it easier to automate and integrate with other
tools and services.
• Comprehensive dashboard: OpenStack provides a comprehensive dashboard that enables
users to manage their cloud infrastructure and resources through a user-friendly web
interface. This makes it easier to monitor and manage cloud resources without the need for
specialized technical skills.
• Resource pooling: OpenStack enables users to pool computing, storage, and networking
resources, which can be dynamically allocated and de-allocated based on demand. This
enables users to optimize resource utilization and reduce waste.
OpenStack components
1. Nova (compute service): It manages the compute resources like creating, deleting, and
handling the scheduling. It can be seen as a program dedicated to the automation of
resources that are responsible for the virtualization of services and high-performance
computing.
2. Neutron (networking service): It is responsible for connecting all the networks across
OpenStack. It is an API driven service that manages all networks and IP addresses.
3. Swift (object storage): It is an object storage service with high fault tolerance capabilities and
it used to retrieve unstructured data objects with the help of Restful API. Being a distributed
platform, it is also used to provide redundant storage within servers that are clustered
together. It is able to successfully manage petabytes of data.
4. Cinder (block storage): It is responsible for providing persistent block storage that is made
accessible using an API (self- service). Consequently, it allows users to define and manage the
amount of cloud storage required.
5. Keystone (identity service provider): It is responsible for all types of authentications and
authorizations in the OpenStack services. It is a directory-based service that uses a central
repository to map the correct services with the correct user.
6. Glance (image service provider): It is responsible for registering, storing, and retrieving
virtual disk images from the complete network. These images are stored in a wide range of
back-end systems.
7. Horizon (dashboard): It is responsible for providing a web-based interface for OpenStack
services. It is used to manage, provision, and monitor cloud resources.
8. Ceilometer (telemetry): It is responsible for metering and billing of services used. Also, it is
used to generate alarms when a certain threshold is exceeded.
9. Heat (orchestration): It is used for on-demand service provisioning with auto-scaling of cloud
resources. It works in coordination with the ceilometer.
 MODULE 3
Factors of successful cloud deployment
Clear Business Objectives
Define clear business objectives and how cloud computing supports them. This will help shape your
deployment strategy, resource allocation, and performance metrics.
Scalability and Flexibility
Choose a cloud provider and architecture that allow scaling to meet demand without compromising
performance. Design applications to be flexible so they can adapt to changing business needs.
Security and Compliance
Implement robust security protocols (encryption, access control, monitoring) and ensure compliance
with relevant industry regulations (GDPR, HIPAA). Identity and access management (IAM) and multi-
factor authentication (MFA) can enhance security.
Cost Management and Optimization
Select cost-effective options, such as using a mix of reserved, spot, and on-demand instances as
needed. Implement cost tracking and optimization tools to avoid unexpected expenses.
Reliable Architecture and High Availability
Design for redundancy and fault tolerance. Use multi-region deployments, load balancing, and
backup solutions to ensure high availability and reliability.
Performance Monitoring and Management
Use monitoring tools to track usage, performance, and security events. Performance management
allows quick identification of issues and makes it easier to maintain Service Level Agreements (SLAs).
Disaster Recovery and Backup
Develop a disaster recovery plan with regular backups and a clear recovery time objective (RTO). Test
disaster recovery processes to ensure data and service continuity in case of failure.
Automation and DevOps Practices
Adopt DevOps practices and use Infrastructure as Code (IaC) tools for deployment automation. This
accelerates the deployment process, reduces errors, and enables consistent environment setups.
Skilled Workforce and Training
Ensure your team has the necessary cloud expertise, or provide training on cloud management,
security, and best practices. Skilled personnel are essential for maintaining and scaling cloud services
effectively.
Vendor Selection and Management
Carefully select a cloud provider that aligns with your business needs, budget, and technical
requirements. Establish a good relationship and clear communication channels with the provider for
support and issue resolution.

Network techniques requirements

Potential problem areas in cloud networks and their mitigation
Cloud network topologies
Automation and self service feature in cloud
Cloud performance
Security for virtualization platform : Host security for Saas, Paas and Iaas
Data Security :
. Data Security Concerns
• Multi-tenancy: Cloud providers often host data from multiple clients on shared
infrastructure, raising risks of unauthorized access.
• Data Breaches: A breach can lead to exposure of sensitive information, intellectual property,
or personal data.
• Regulatory Compliance: Organizations must comply with laws like GDPR, HIPAA, or CCPA,
which demand strict data protection measures.
• Insider Threats: Employees within the cloud provider or customer organizations can misuse
their access.
• Data Loss: Hardware failures, cyberattacks, or accidental deletions can result in permanent
loss of critical data.

2. Data Confidentiality and Encryption

• Confidentiality: Ensures that data is accessible only to authorized users. It protects sensitive
information like customer details, financial records, or proprietary data.
• Encryption:
o Data is encrypted during transit (e.g., using SSL/TLS) and at rest (e.g., AES-256).
o Client-Side Encryption: Data is encrypted before uploading to the cloud, ensuring
the provider cannot access the plaintext.
o Key Management Systems (KMS): Tools provided by cloud vendors (like AWS KMS,
Azure Key Vault) securely manage encryption keys.
• End-to-End Encryption: Ensures data remains encrypted throughout its lifecycle, preventing
access even from the cloud provider.

3. Data Availability
• Definition: Ensures continuous access to data and services without downtime, even during
disruptions.
• Techniques to Enhance Availability:
o Redundancy: Data is replicated across multiple geographic regions to prevent loss
due to hardware failures.
o Load Balancing: Distributes workload across multiple servers to avoid overloading
any single node.
o Disaster Recovery: Cloud providers offer backup and recovery plans to restore data
and services quickly in emergencies.
o Service-Level Agreements (SLAs): Providers guarantee uptime (e.g., 99.9%) to meet
availability requirements.

4. Data Integrity
• Definition: Ensures data remains accurate, consistent, and unaltered during its lifecycle.
• Mechanisms to Ensure Integrity:
o Checksums and Hashing: Used to detect and prevent unauthorized changes to data.
o Versioning: Maintains multiple versions of data to recover from corruption or
accidental modifications.
o Access Controls: Restrict who can edit or modify data.
o Audit Logs: Track all changes made to data for accountability.

5. Cloud Storage Gateways

• Definition: Devices or virtual appliances that connect on-premises systems with cloud
storage, enabling seamless integration.
 • Functions:
o Provide encryption to secure data before it’s transmitted to the cloud.
o Offer caching to improve performance by storing frequently accessed data locally.
o Facilitate protocol translation, allowing legacy systems to communicate with cloud
storage.

6. Cloud Firewalls
• Definition: A security tool used to monitor and control incoming and outgoing network
traffic in cloud environments.
• Types:
o Network Firewalls: Protect the perimeter of the cloud environment.
o Web Application Firewalls (WAF): Shield web applications from common attacks like
SQL injection and cross-site scripting (XSS).
• Functions:
o Filter traffic based on rules to block unauthorized access.
o Prevent Distributed Denial-of-Service (DDoS) attacks.
o Integrate with identity management tools to enforce user-level policies.