Cloud Stack

• CloudStack is an Apache open source software that designed to install and

handle large virtual machine (VM) networks, designed by Cloud.com and
Citrix.
• This application is written in Java and was released under the terms of
Apache License 2.0. 
• CloudStack, which is an Infrastructure-as-a-service (IaaS) cloud computing
platform software, allows IT service providers to offer public cloud services.
• CloudStack can also be used by businesses that want to provide their own private
cloud and hybrid clouds services on-premises.
 Salient Features Cloud Stack

1. Flexibility: Cloud Stack’s design provides significant flexibility to support the continuum of workload

styles, also supports easy integration of non-cloud-based applications with environments running in the

cloud. CloudStack gives its users freedom to choose from a range of hypervisors. Which include KVM,

vSphere and Citrix XenServer for their workload.

2. Simplicity: CloudStack simplifies the management of the infrastructure of the cloud and facilitates

convenient interaction with a user interface which is feature rich that is implemented onto the CloudStack

API. It is fully AJAX-based and compatible with most popular web browsers. A real-time view of the

aggregated storage, IP pools, CPU, memory and other resources in use gives better lucidity and control

over the cloud.

 Salient Features Cloud Stack

3. Scalability: The need for intermediate cluster – level management servers is eliminatd if CloudStack is

used and this is linearly scalable, centralized management servers instead. This increases the server/admin

ratio comprehensively.

4. Reliability: It Provides standardization of workload by ensuring consistency with application and service

delivery. Only industry-standard APIs are implemented on CloudStack and on top of a low-level CloudStack

API retaining the uniqueness and innovative features.

5. Service: CloudStack offers speedy service delivery. It is beneficial in terms of saving cost and time of

laborious IT operations. SunGard AS has teams working on the project, who constantly work towards the

betterment of the product based on the feedback of the user community.

 Notable Users of CloudStack

• Apple

• Dell

• Juniper networks

• SAP

• Verizon

• Tata

• Nokia

• InMobi

• Citrix Systems

• Huawei
 CloudStack vs. OpenStack
OpenStack CloudStack
Hypervisor Open Stack provides support for Xen Supports multiple hypervisors which include
and KVM, with limited support for Citrix EServer, Oracle VM, VMware, KVM
VMware ESX, Citrix Xen server and and vSphere.
Microsoft Hyper-V. It does not
support bare-metal servers and
Oracle VM
Deployment A certain level of proficiency is The installation of CloudStack is quite
required to get OpenStack up and streamlined. Very smooth deployment as
running since it is deployed through there is only one VM server running all the
specific important incubator projects. CloudStack Management servers. Entire
thing can be put into one physical host

Community OpenStack has large community
support. It is the most mature stack-
based cloud control model..
Since CloudStack is relatively new, it is not
backed as much from the industry.
However, this is likely to change in the
future given the excellent user flexibity that
it provides.
● Identity and access management (IAM) is a framework of business processes, policies and
technologies that facilitates the management of electronic or digital identities.

● With an IAM framework in place, information technology (IT) managers can control user
access to critical information within their organizations. Systems used for IAM include single
sign-on systems, two-factor authentication, multifactor authentication and
privileged access management.

● These technologies also provide the ability to securely store identity and profile data as well
as data governance functions to ensure that only data that is necessary and relevant is
shared.

● IAM systems can be deployed on premises, provided by a third-party vendor through a cloud-
based subscription model or deployed in a hybrid model.
 IAM components

● how individuals are identified in a system (understand the difference between

identity management and authentication)

● how roles are identified in a system and how they are assigned to individuals

● adding, removing and updating individuals and their roles in a system;

● assigning levels of access to individuals or groups of individuals; and

● protecting the sensitive data within the system and securing the system itself.
IAM in general have few services:

● Identity management
● Access management
● Federation
● RBAC/EM
● Multi-Factor authentication
● Access governance
● Customer IAM
● API Security
● IDaaS – Identity as a service
● Privileged Identity management

Figure – Services under IAM

 What is OpenStack?
•OpenStack is a cloud operating system that controls large pools of compute,
storage, and networking resources, all managed and provisioned through
APIs with common authentication mechanisms.
•A dashboard is also available, giving administrators control while
empowering their users to provision resources through a web interface.
•Beyond standard infrastructure-as-a-service functionality, additional
components provide orchestration, fault management and service
management amongst other services to ensure high availability of user
applications.
 What is OpenStack?
• OpenStack is an open-source platform, which offers
powerful virtual servers and required services for
cloud computing.

• It is mostly deployed as Infrastructure-as-a-service

(IaaS), which aims to provide hardware tools and
components for processing, storage, and
networking resources.

• OpenStack can be understood as a software

platform that uses pooled virtual resources to build
and manage clouds, both public and private ones.

• By default, OpenStack offers a couple of cloud-

related services like networking, storage, image
services, identity, etc., and can be clubbed with a
few more to get a customized cloud optimization to
support the cloud-native apps.
What is OpenStack?
 Why OpenStack?
• OpenStack is most importantly an open-source environment that gives complete
control over cloud computation.
• Most of the platforms available in the market, which helps in virtualization and cloud
computation, are all expensive and licensed.
• OpenStack can be installed free of cost and can be customized with the required
services to suit the need. Many corporations own their own version of OpenStack.
• It can be scaled to any extent possible, making the jobs of the server admins easier.
• The OpenStack API is made robust and more flexible with improvements contributed
by many developers across the world. This also ensures good community support.
• Many big-shot companies in the IT world like Huawei, Intel, Red Hat have adopted
OpenStack on their cloud management.
 OpenStack Services
Compute
Hardware Lifecycle Storage
NOVA Compute Service
IRONIC SWIFT Object store
ZUN Containers Service
Bare Metal Provisioning Service CINDER Block Storage
CYBORG MANILA Shared file systems
Lifecycle management of accelerato
rs Orchestration
Networking Shared Services
HEAT Orchestration
NEUTRON Networking
KEYSTONE Identity service SENLIN Clustering service
OCTAVIA Load balancer
PLACEMENT Placement service MISTRAL Workflow service
DESIGNATE DNS service
GLANCE Image service ZAQAR Messaging Service
BARBICAN Key management BLAZAR Resource reservation service
API Proxies
AODH Alarming Service
EC2API EC2 API proxy Application Lifecycle
Workload Provisioning
MASAKARI
Web frontends
Instances High Availability Service MAGNUM Container Orchestration Engine Provisioning
MURANO Application Catalog SAHARA Big Data Processing Framework Provisioning
HORIZON Dashboard
SOLUM TROVE Database as a Service
SKYLINE Software Development Lifecycle A
Next generation dashboard (tec utomation
h preview)
 OpenStack Architecture
Compute
Functionality
(Nova)
•The nova-API handles the requests and responses from
and to the end-user.
•The nova-compute creates and destroys the instances
as and when a request is made.
•Nova-scheduler schedules the tasks to the nova-
compute
•The glance registry stores the details of the image along
with its metadata.
•The Image store stores the images predefined by the
admin/user.
•The nova network ensures network connectivity and
routing.
 Components of OpenStack

Compute (Nova)
● OpenStack Compute is a cloud computing fabric controller, which manages pools of computer resources
and work with virtualization technologies, bare metals, and high-performance computing configurations.

Image Service (Glance)

● OpenStack image service offers discovering, registering, and restoring virtual machine images.
● Glance has client-server architecture and delivers a user REST API, which allows querying of virtual machine image
metadata and also retrieval of the actual image.
 Components of OpenStack

Object Storage (Swift)

● OpenStack Swift creates redundant, scalable data storage to store petabytes of accessible data. The stored data
can be leveraged, retrieved and updated.
● It has a distributed architecture, providing greater redundancy, scalability, and performance, with no central
point of control.

Dashboard (Horizon)
● Horizon is the authorized implementation of OpenStack’s Dashboard, which is the only graphical interface to
automate cloud-based resources.
● To service providers and other commercial vendors, it supports with third party services such as monitoring, billing,
and other management tools.
● Developers can automate tools to manage OpenStack resources using EC2 compatibility API or the native
OpenStack API.
Identity Service (Keystone)
● Keystone provides a central list of users, mapped against all the OpenStack services, which they can access.
● It integrates with existing backend services such as LDAP while acting as a common authentication system across
the cloud computing system.
 Components of OpenStack

Networking (Neutron)
● Neutron provides networking capability like managing networks and IP addresses for OpenStack.
● It ensures that the network is not a limiting factor in a cloud deployment and offers users with self-service ability
over network configurations.
● OpenStack networking allows users to create their own networks and connect devices and servers to one or more
networks. Developers can use SDN technology to support great levels of multi-tenancy and massive scale.
Block Storage (Cinder)
● OpenStack Cinder delivers determined block-level storage devices for application with OpenStack compute
instances.
● A cloud user can manage their storage needs by integrating block storage volumes with Dashboard and Nova.

Telemetry (Ceilometer)
● Ceilometer delivers a single point of contact for billing systems obtaining all of the measurements to
authorize customer billing across all OpenStack core components.
● By monitoring notifications from existing services, developers can collect the data and may configure the
type of data to meet their operating requirements.
 For an end-user the advantage of using OpenStack

● The average cost and complexity of supporting a generic infrastructure are low.
● As many big shot companies and independent developers are constantly
contributing to make OpenStack a better environment, it is more reliable to switch to,
than those of independent vendors.
● When talking about a company, managing both private and public clouds separately costs
heavily in terms of the labor, infrastructure investment, customizing capacity of the
specific infrastructure along the added risk.
● OpenStack, has grown to support private and public clouds more efficiently than any
other competitor in the market.
● It is always easier to manage one single environment than two different ones.
 Designing elastic, highly available, and resilient infrastructure using OpenStack

● High availability is an important principle of cloud computing.

● Important for mission critical systems where downtime due to business

interruptions is unacceptable.

● Downtime can hurt productivity and lead to financial losses.

● IaaS services are known for their ability to provide a high level of redundancy,

spreading applications across multiple physical machines in different locations.

● They can also provide auto scaling, a mechanism that allows systems to

automatically scale up to additional machines on the cloud when loads increase.

 AWS High Availability Architecture
● AWS has built a massive global infrastructure to provide high availability and
flexibility for customer workloads.
● Amazon offers cloud services in 24 regions.
● Amazon defines a region as a geographic area with at least three different data centers
known as availability zones (AZs).
● Each AWS availability zone is a fully localized infrastructure with redundant power
supplies, networks, and Internet connectivity.
● Currently, Amazon supports 77 Availability Zones worldwide.
● Each AZ typically has three or more data centers in one location, separated by a
“meaningful distance” of up to 100 km.
● This ensures a physical disaster is unlikely to take down all data centers in the AZ,
and yet enables high-speed connections between the data centers.
 Azure High Availability Architecture
● Azure also bases its high availability architecture on regions and availability zones.

● Azure always stores three copies of user data across three availability zones.

● This is called redundant local storage.

● Customers can opt for global redundant storage, to create up to three additional

copies of their data in a “paired region”, a nearby region that has fast connectivity

with the first region, for added flexibility.

● Azure availability zones achieve high availability by distributing resources across

multiple data centers in a customer’s region.

● Azure provides additional services like Azure Site Recovery and Azure Backup to

achieve the required recovery point objective (RPO) and recovery time objective
 Google Cloud SQL High Availability Architecture
● In Google Cloud, resources that operate in one zone are called “zonal
resources”.
● Other resources operate across an entire region and are called “regional
resources”.
● For example, a Google Cloud virtual machine instance or persistent disk
is a zonal resource, while a static IP address is a regional resource.
● Google adds the concept of clusters—clusters are groups of physical
computers inside a physical data center, with independent power,
cooling, networking, and security infrastructure.
● This allows Google Compute Engine to balance customer resources
across clusters in the same zone, while retaining high connectivity
between the physical machines in each cluster.
 AWS IaaS Services
Amazon S3

● Amazon Simple Storage Service (S3) is the first and most popular Amazon service, which provides

object storage at unlimited scale.

● S3 is easy to access via the Internet and programmatically via API, and is integrated into a wide range

of applications.
● It provides 11 9’s of durability (99.999999999%), and offers several storage tiers, allowing users to move

data that is used less frequently into a low-cost archive tier within S3.
AWS EC2

● Amazon Elastic Compute Cloud (Amazon EC2) offers scalable computing resources.

● It lets you run as many virtual servers as you want, configure your network and security, and manage storage.

● You can increase or decrease resources on-demand according to changing business requirements, and set up auto

scaling to scale resources up and down according to actual workloads.

 AWS IaaS Services
AWS EBS

● Amazon Elastic Block Store (Amazon EBS) is a block-level storage service for use with Amazon EC2

instances.
● When mounted on an Amazon EC2 instance, you can use Amazon EBS volumes like any other raw

block storage device.

● It can be formatted and mirrored for specific file systems, host operating systems, and applications .

AWS EFS

● Amazon Elastic File System (Amazon EFS) provides a simple, scalable, and fully managed elastic

NFS file system for use with AWS cloud services and on-premises resources.
● It can support up to petabytes of data, automatically scaling as files are added and removed,

eliminating the need to configure and manage storage capacity.

 AWS IaaS Services
AWS Lambda

● AWS Lambda is a serverless, on-demand IT service that provides developers with a

fully managed, event-driven cloud system that executes code.

● AWS Lambda uses Lambda functions—that are not associated with identifiers—

enabling users to package any code into a function and run it, independently of other

infrastructure.
 AWS IaaS Services
AWS FSx

● Amazon FSx is a fully-managed service that you can launch, run, and scale high-performance file

systems in the AWS cloud.

● AWS handles management tasks such as hardware provisioning, backups, and patching.

● The underlying infrastructure powering this service consists of the latest AWS networking, compute,

and disk technologies.

● AWS FSx offers various capabilities delivered as a reliable, secure, and scalable cloud service that

achieves high performance and lower TCO.

● The service lets you choose a file system to support your storage, including NetApp ONTAP, Lustre,

and Windows File Server.

● FSx provides full access to all feature sets, data management capabilities, and performance

profiles.
 Azure IaaS Services
● Traditionally Azure focused on Windows virtual machines, but now has a robust offering for Linux

users as well.

● Azure virtual machines (VMs) are scalable on-demand compute resources provided by Azure.

● Microsoft Azure supports popular Linux distributions deployed and managed by multiple partners.

● Linux machine images are available in the Azure Marketplace for the following Linux distributions

● FreeBSD ● Debian

● Red Hat Enterprise ● Ubuntu

● CentOS ● CoreOS

● SUSE Linux Enterprise

 Azure IaaS Services
Azure Files

● Azure Files is a cloud file storage service that provides access to server message block (SMB) file shares.

● These shares can be configured as part of an Azure storage account.

● Azure Files enables cloud-based virtual machines and on-premise applications to share files using standard

protocols.

Azure Managed Disk

● Azure managed disks are block-level storage volumes managed by Azure and used by Azure virtual machines.

● A managed disk is similar to a physical disk on a local server, but it is virtualized.

● For managed disks, you only need to specify the disk size and disk type, and provision—Azure does the rest.

The available hard drive types are:

● Standard hard disks (HDD) ● Premium SSDs

 Azure IaaS Services
Azure Blob Storage

● Azure Blob Storage is Microsoft's object storage service, similar to Amazon S3.

● Blob storage is suitable for storing large amounts of unstructured data.

● Blob storage offers sixteen 9’s of durability, and advanced security features including

RBAC, encryption at rest and advanced threat protection.

● IT also supports lifecycle management and immutable storage (WORM), which can

help protect against data loss and threats like Ransomware.

 Azure IaaS Services
HPC on Azure

● Azure provides high performance computing (HPC) resources, which you can deploy purely

on the public cloud, or combine with local HPC resources to create a hybrid HPC

deployment.

● Azure provides an HPC head node which is used to schedule jobs and workloads, and a

virtual machine scale set, with large numbers of VMs that can be used to run massively

parallel workloads.

● These VMs can include both CPU and GPU hardware, depending on the type of processing

required.
 Azure IaaS Services
SAP on Azure

● A large variety of SAP applications can be deployed to Azure, using predefined virtual machines

created and certified by SAP.

SAP HANA

● You can run the SAP HANA in-memory database on Azure, using M-series VMs that scale up to

4TB memory, certified for use with SAP HANA.

● Another option is Mv2 VMs, the largest SAP HANA certified VMs in the public cloud, with 6TB of

memory.

● Azure offers a service level agreement (SLA) of 99.99% for instances in high availability pairs, and

99.9% for standalone instances.

 Azure IaaS Services
SAP S/4HANA

● You can deploy SAP S/4HANA on Azure, with remote connection via Azure ExpressRoute for Fiori

applications.

● Azure provides an SLA of 99.99% SLA if you run S/4HANA in two Azure availability zones.

● It also provides backup and recovery in second, even for databases with multiple TBs of data.

VDI on Azure

● Microsoft Virtual Desktop Infrastructure (VDI) offers multi-tenant support for Windows 10 and a Windows

Virtual Desktop license.

● Azure provides the FSLogix configuration file container, which decouples user configuration files from the

underlying operating system.

● Azure recently launched MSIX AppAttach, which allows you to package a Win32 application in an MSIX

application container.
 Google Cloud IaaS Services
Google Cloud Storage

● Google Cloud Storage is an object storage service by Google Cloud.

● It provides features like object versioning and extended permissions (per item or bucket).
● Google Cloud offers two archive storage tiers with lower pricing and fast retrieval times, called
Nearline and Coldline.

Google Cloud Filestore

● Google Cloud Filestore uses NFS version 3 and is designed for workloads requiring low latency
and minimal performance fluctuations.
● This service has two levels of performance: standard and premium.
● The premium tier can support very high performance—700 Mbps for reads, 350 Mbps for writes

Google Persistent Disk

● In Google Cloud, a Persistent Disk is a storage device that you can access from a virtual machine,
like a physical hard drive.
● The data is spread across multiple physical hard drives in the Google data center.
● Google Compute Engine manages the distribution of data for optimal redundancy and
performance.
 What is Apache CloudStack?

● Apache CloudStack is an open source Infrastructure-as-a-Service platform that manages and

orchestrates pools of storage, network, and computer resources to build a public or private IaaS

compute cloud.
What can Apache CloudStack do?
● CloudStack works with a variety of hypervisors and hypervisor-like technologies.
● A single cloud can contain multiple hypervisor implementations. As of the current release CloudStack

supports:
● BareMetal (via IPMI)
● vSphere (via vCenter)
● Hyper-V
● Xenserver
● KVM
● Xen Project
● LXC
 What is Apache CloudStack?
Massively Scalable Infrastructure Management
● CloudStack can manage tens of thousands of physical servers installed in geographically distributed
datacenters.
● The management server scales near-linearly eliminating the need for cluster-level management servers.
● Maintenance or other outages of the management server can occur without affecting the virtual machines
running in the cloud.

Automatic Cloud Configuration Management

● CloudStack automatically configures the network and storage settings for each virtual machine deployment.
● Internally, a pool of virtual appliances support the operation of configuration of the cloud itself.
● These appliances offer services such as firewalling, routing, DHCP, VPN, console proxy, storage access, and
storage replication.
● The extensive use of horizontally scalable virtual machines simplifies the installation and ongoing operation of
a cloud.
 What is Apache CloudStack?
Graphical User Interface
● CloudStack offers an administrators web interface used for provisioning and managing the cloud, as well as an end-user’s Web
interface, used for running VMs and managing VM templates.
● The UI can be customized to reflect the desired service provider or enterprise look and feel.

API
● CloudStack provides a REST-like API for the operation, management and use of the cloud.

AWS EC2 API Support

● CloudStack provides an EC2 API translation layer to permit the common EC2 tools to be used in the use of a CloudStack cloud.

High Availability
● CloudStack has a number of features to increase the availability of the system.
● The Management Server itself may be deployed in a multi-node installation where the servers are load balanced.
● MySQL may be configured to use replication to provide for failover in the event of database loss.
● For the hosts, CloudStack supports NIC bonding and the use of separate networks for storage as well as iSCSI Multipath.
 Building Resilient Well-Architected Workloads Using AWS Resilience Hub
● AWS Resilience Hub is a new service that helps you understand and improve the resiliency of your workloads using
AWS Well-Architected best practices.
Single AZ architecture ● Single AZ architecture I’m going to
start with and assess using Resilience
Hub.
● This simple web server runs on
Amazon Elastic Compute Cloud (Amaz
on EC2)
.
● It serves a static web page stored in an
Amazon Simple Storage Service (Ama
zon S3)
bucket, and then records web site
statistics in a MySQL
Amazon Relational Database Service (
Amazon RDS)
database.
● A NAT gateway is also deployed so the
EC2 servers can make calls out to the