CM5108 – CLOUD

COMPUTING
Compiled and prepared by:
Megha Yawalkar

Department of Computer Engineering

Government Polytechnic Pune
 UNIT – II (CLOUD ARCHITECTURE)
Cloud computing is combination of service-oriented architecture and event-driven
architecture.

(a) Service – oriented architecture

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 2

(b) Event – driven architecture

◦ Reference: Internet

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 3

Cloud Computing architecture
❑ Cloud computing architecture includes components that are used to build and
maintain cloud environment. These resources are pooled by virtualization and they
are connected and communicate through a wide network.
❑ Components of CC Architecture include:
• A front-end platform (the client or device used to access the cloud)
• One or more back-end platforms (servers and storage)
• A cloud-based delivery methodology
• A network to connect cloud clients, servers, and storage 

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 4

Cloud Computing architecture
❑ The CC Architecture is divided into main parts as:
❑ FRONT-END
❑ User / client-side interface and/or
application
❑ Use to establish a access face for
user, with the cloud environment
❑ It has front-end components
❑ It may includes client interface
such as browsers, server, data
storage, thin client, fat client,
tablet, mobile device etc
Compiled and prepared by: Megha Yawalkar
❑ BACK-END
❑ Encompasses a background to run the cloud environment
❑ It has complete responsibility to run, manage, protect the entire
cloud environment -> it is the cloud itself….
❑ It has sub-components as –
❑ Application – platform or software to perform client access
❑ Service – three types of services (IaaS, PaaS, SaaS)
❑ Cloud runtime – provision of runtime environment to execute
instructions/ batch of programs
❑ Storage – A scalable data storage
❑ Infrastructure – h/w and s/w units including servers, storage,
networking devices, virtual machines etc
❑ Management – rules, policies to manage resources,
applications, services and related tools
❑ Security – to data, to applications, to communication channels
CLOUD COMPUTING 5
Cloud Computing architecture
❑ The front-end and back-end are connected with each other through internet connections.

❖ The fundamental components of cloud architecture can be further categorized as:

• Virtualization: Clouds are built upon virtualization of servers, storage, and networks. Virtualized resources are a
software-based, or virtual, representation of a physical resource such as servers or storage. This abstraction layer enables
multiple applications to utilize the same physical resources, thereby increasing the efficiency of servers, storage, and networking
throughout the enterprise.
• Infrastructure: Yes, there are real servers. Cloud infrastructure includes all the components of traditional data centers
including servers, persistent storage and networking gear including routers and switches.
• Middleware: As in traditional data centers, these software components such as databases and communications
applications enable networked computers, applications and software to communicate with each other.
• Management: These tools enable continuous monitoring of a cloud environment’s performance and capacity. IT teams can
track usage, deploy new apps, integrate data and ensure disaster recovery, all from a single console.
• Automation software: The delivery of critical IT services through automation and pre-defined policies can significantly ease IT
workloads, streamline application delivery, and reduce costs. In a cloud architecture, automation is used to easily scale up
system resources to accommodate a spike in demand for compute power, deploy applications to meet fluctuating market
demands, or ensure governance across a cloud environment. 

Compiled and prepared by: Megha Yawalkar

CLOUD COMPUTING 6
Cloud Computing architecture

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 7

Cloud Computing architecture
1. Management (in Cloud Computing)

Cloud Infrastructure Management

- Managing physical and virtual resources such as servers, storage, and networks
- VIM – Virtual Infrastructure Manager
- Features of VIM
- 1. Virtualization support
- Self-service, On-demand resource provisioning
- Multiple back-end hypervisors
- Storage virtualization
- Interface to Public Clouds
- Virtual networking
- Dynamic resource allocation
- Virtual Clusters
- Reservations and negation mechanism
- High availability and data recovery

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 8

Cloud Computing architecture
2. Infrastructure as a service (IaaS):
- Provides physical and virtual resources access and interface for the same
- Customers access these resources on the Internet using a pay-as-per use model.
- IaaS is offered in three models – Public, Private, and Hybrid
- Services provided by Infrastructure layer are –
- Computing
- Storage
- Network
- Load balancing
- Geographic distribution of data centers
- Variety of user interfaces and APIs to access system
- Specialized components and services that aid particular applications
- Choice of virtualization platforms and operating systems
- Different billing methods and periods (e.g. prepaid, post-paid, hourly, monthly)

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 9

Cloud Computing architecture
2. Infrastructure as a service (IaaS): FEATURES

A. Geographic presence –
A. to improve availability and responsiveness
B. “availability zones” and “regions” for Amazon EC2 service, insulated from failures
B. User interfaces and access to servers –
A. Provision of multiple access means
B. Abstractions are provided through it
C. GUI, CLI, Web Service APIs
C. Advance reservation of capacity-
A. Allows user to request for an IaaS provider to reserve resources for specific time duration, so ensuring
availability of it a time of need
B. E.g. Amazon Reserved Instances
D. Automatic scaling and load balancing –
A. Elasticity is key feature of cloud computing
B. Scaling up and down to meet varying load. Automatic scaling
E. Service level agreement
F. Hypervisor and Operating system choice
Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 10
Cloud Computing architecture
2. Infrastructure as a service (IaaS): FEATURES

E. Service level agreement –

A. offered by IaaS Provider
B. Statements to provide QoS at predefined cost
C. Availability and performance guarantee

F. Hypervisor and Operating system choice –

A. variety of OS and Hypervisors to extended requests from various users/ customers

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 11

Cloud Computing architecture
2. Infrastructure as a service (IaaS): EXAMPLES

❑ AMAZON WEB SERVICES –

❑ It pioneered the introduction of IaaS to clouds in 2006.
❑ It offers variety of cloud services – S3, EC2, CloudFront etc
❑ What EC2 offers – multiple data centres available in US and Europe, CLI, Webservices, Web based console
user interfaces, advanced reservation of capacity which guarantees availability of 1 and 3 years, 99.5%
availability SLA, per hour pricing, support to multiple OS, automatic scaling, load balancing

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 12

Cloud Computing architecture
3. Platform as a service (PaaS):

❑ In PaaS commonly a deployment or deployment environment is offered as a service. In this users are allowed to
create and run their applications with little or no concern with low-level details of platform.

❑ Like IaaS it also offer some infrastructures like data storage and memory caches etc

❑ PaaS allows you to avoid the expense and complexity of buying and managing software licenses, the underlying
application infrastructure and middleware, container orchestrators such as Kubernetes or the development tools
and other resources.

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 13

Cloud Computing architecture
4. Software as a service (SaaS): Introduction, Features, Example(s)

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 14

Challenges and risks:
1. Security, Privacy, and Trust –
Information security –
Network security –
Data privacy – privacy to entire cloud stack
Legal and regulatory issues – as data centers are spread across the world

2. Data lock-in and standardization –

1. Standard methods are required to store data so that it can be migrated or removed out too any other
providers as and when required by the customers
2. Standardization is required so that the migration and storage can be done in uniform way without taking
overhead of standard forms and data types etc.
3. Availability, Fault-tolerance, and disaster recovery –
1. Availability – It is big challenge to provide high level availability of service and all over performance
2. Fault-tolerance – SLA includes QoS requirements
3. Disaster recovery – a set-up is required so as to ensure disaster recovery.
4. Resource management and Energy – efficiency –

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 15

Cloud Deployment Models:
The deployment is the way in which a cloud is designed to provide
service(s). The deployment model changes as per the requirement set
between CSP and the customer; and hence the deployment model is most
probably user – specific.

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 16

Cloud Deployment Models: - PUBLIC CLOUD
Open to use by general public / organizations / institutes etc. i.e. it’s services can be
subscribed by general public

Omnipresent over the internet

Cloud environment is present in the premises of the CSP

CSP has potentially large computing and storage resources

Communication links are implemented over a public network

Cloud services are available to diverse pool of clients

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 17

Cloud Deployment Models: - PUBLIC CLOUD

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 18

Cloud Deployment Models: - PUBLIC CLOUD

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 19

Cloud Deployment Models: - PUBLIC CLOUD
1. Workload locations are hidden from public/USER:
❖ In public scenario, CSP may migrate workload or storage or processing at any
point of time.
❖ Workload can be migrated to any data center where cost is low
❖ If locations restrictions policies are not used then CSP can relocate the entire
cloud anywhere at any point of time.
2. Risks from multi-tenancy:
❖ A singe service may be shared by any combination of subscribers so it may arise
a security, privacy, and availability issue

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 20

Cloud Deployment Models: - PUBLIC CLOUD
• Dependencies/ Considerations –
• Network dependency – network links to be considered, internet infrastructure is
to be considered,
• Limited visibility to data and control over data
• Unlimited resource availability – as per requirement resources are provisioned.
Infinite scaling up and scaling down is possible
• Low up-front cost to mitigate this cloud
• Restrictive default SLA

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 21

Cloud Deployment Models: - PRIVATE CLOUD
Implemented for exclusive use any organization

Owned, managed, and operated by the organization or by third party or by

combinations

On or off premises

Examples: Amazon VPC, Microsoft ECI data center, Ubuntu enterprise cloud,
Eucalyptus, VMWare Cloud Infrastructure suite etc

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 22

Cloud Deployment Models: - PRIVATE CLOUD
Implemented for exclusive use any organization

Owned, managed, and operated by the organization or by third party or by

combinations

On or off premises

Examples: Amazon VPC, Microsoft ECI data center, Ubuntu enterprise cloud,
Eucalyptus, VMWare Cloud Infrastructure suite etc.

There are two scenarios for Private Cloud

(a) On-site private cloud AND (b) Outsourced Private Cloud

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 23
Cloud Deployment Models: - PRIVATE CLOUD (On-Site)
The security perimeter extends around both the subscriber’s on-site resources and the private cloud’s
resources.
Security perimeter does not guarantees control over the private cloud’s resources but subscriber can
exercise control over the resources.

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 24

Cloud Deployment Models: - PRIVATE CLOUD (On-Site)
• Dependencies/ Considerations –
• Network dependency – network links to be considered, internet infrastructure is
to be considered,
• Subscriber need to possess IT Skills
• Workload locations are hidden from clients
• Risks from multitenancy
• Data import, export and performance limitations
• Potentially strong security from external threats
• Significant to high up-front cost to mitigate to private cloud (on-site)
• Limited resources

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 25

Cloud Deployment Models: - PRIVATE CLOUD (Outsourced)
Outsourced private cloud has two security perimeters, one implemented by a cloud subscriber (on the right) and
one implemented by a provider.
Two security perimeters are joined by a protected communications link.
The security of data and processing conducted in the outsourced private cloud depends on the strength and
availability of both security perimeters and of the protected communication link.

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 26

Cloud Deployment Models: - PRIVATE CLOUD (Outsourced)
• Dependencies/ Considerations –
• Network dependency – network links to be considered, internet infrastructure is
to be considered,
• Workload locations are hidden from clients
• Risks from multitenancy
• Data import, export and performance limitations
• Potentially strong security from external threats
• Modest to Significant up-front cost to mitigate to private cloud (on-site)
• Extensive resources are available

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 27

Cloud Deployment Models: - COMMUNITY CLOUD
• Cloud infrastructure is provisioned for exclusive use by a specific community of consumers from
organizations that have shared concerns (e.g., mission, security requirements, policy, and compliance
considerations). It may be owned, managed, and operated by one or more of the organizations in the
community, a third party, or some combination of them, and it may exist on or off premises.

Examples of Community Cloud:

Google Apps for Government

Microsoft Government Community
Cloud

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 28

Cloud Deployment Models: - COMMUNITY CLOUD (ON-SITE)

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 29

Cloud Deployment Models: - COMMUNITY CLOUD (ON-SITE)
Community cloud is made up of a set of participant organizations. Each participant
organization may provide cloud services, consume cloud services, or both
At least one organization must provide cloud services
Each organization implements a security perimeter
The participant organizations are connected via links between the boundary controllers
that allow access through their security perimeters
Access policy of a community cloud may be complex
–Ex. :if there are N community members, a decision must be made, either implicitly or
explicitly, on how to share a member's local cloud resources with each of the other
members
–Policy specification techniques like role-based access control (RBAC), attribute-based
access control can be used to express sharing policies.

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 30

Cloud Deployment Models: - COMMUNITY CLOUD (ON-SITE)
• Dependencies/ Considerations –
• Network dependency – network links to be considered, internet infrastructure is
to be considered
• Subscribers need IT skills
• Workload locations are hidden from clients
• Data import, export and performance limitations
• Potentially strong security from external threats
• Highly variable up-front cost to mitigate to community cloud (on-site)

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 31

Cloud Deployment Models: - COMMUNITY CLOUD (OUTSOURCED)

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 32

Cloud Deployment Models: - COMMUNITY CLOUD (OUTSOURCED)
• Dependencies/ Considerations –
• Network dependency – network links to be considered, internet infrastructure is
to be considered
• Workload locations are hidden from clients
• Risks from multi-tenancy
• Data import, export and performance limitations
• Potentially strong security from external threats
• Modest to significant up-front cost to mitigate to private cloud (on-site)
• Extensive resources are available

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 33

Cloud Deployment Models: - HYBRID CLOUD
The cloud infrastructure is a composition of two or more distinct cloud infrastructures (private, community, or
public) that remain unique entities, but are bound together by standardized or proprietary technology that
enables data and application portability

Examples:

VMWare vCloud
Microsoft Azure

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 34

Cloud Deployment Models: - HYBRID CLOUD
A hybrid cloud is composed of two or more private, community, or public clouds.
They have significant variations in performance, reliability, and security properties depending upon the type of cloud
chosen to build hybrid cloud. It can be extremely complex. A hybrid cloud may change over a time with constituent clouds
leaving or joining

Compiled and prepared by: Megha Yawalkar CLOUD COMPUTING 35