02
  • Introduction
  • 2.1
  • 2.2
  • 2.3
  • 2.4
  • 2.5
  • 2.6
  • 2.7
  • 2.8
  • Reading Material
  • Overview

    Cloud Service Delivery Models
    IaaS, PaaS and SaaS

    Cloud Deployment Models
    Public, Private, Community, Hybrid...
    Service Bus

    Hybrid Cloud

    Paas in MS Azure

    Classic Patterns to use in a Simple Paas Service

    Azure Cloud Storage

    Thumbnails - Lab 2

    Defining the Cloud

    On demand usage of compute and storage.

    5 prerequisite attributes (pooled resources, virtualisation, elasticity, automation, metered billing).

    3 service delivery models:-
    Infrastructure as a Service (IaaS)
    Platform as a Service (PaaS)
    Software as a Service (SaaS)

    4 deployment models: Public, Private, Hybrid, Community

    Cloud Models

    Service Delivery Models
    SaaS
    PaaS
    IaaS

    Deployment Models
    private cloud
    community cloud
    public cloud
    hybrid cloud

    One more model: Management Models (trust and tenancy issues)
    self-managed
    3rd party managed (e.g., public clouds and VPC - Virtual Private Cloud)
  • Cloud Service Delivery Models

    NIST Service Delivery Models

    NIST Service Delivery Models Diagram

    Separation of Responsibilities

    Separation of Responsibilities Diagram

    “X as a Service” is commonly used to describe different types of cloud provisioning allowing different levels of developer/support control of the cloud setup.

    Developers are most likely (but not exclusively) to use PaaS.
    this is what we are using in the labs/coursework with Microsoft Azure WebApps (or Cloud Services) and Azure Storage

    The cloud vendor typically provides a web-based management console for client administration purposes.
    or there could be a RESTful API (or some other API)
    or a remote ssh/PowerShell interface

    Infrastructure as a Service (IaaS)

    The cloud vendor provides a rentable infrastructure to support virtualization of OSs and network.
    vendor outsources the equipment used to support operations, including storage, hardware, servers and networking components
    the service provider owns the equipment and is responsible for housing, running and maintaining it
    i.e. it provides a mechanism to provision physical or virtual machines

    Typically the customer provides virtual machine images and installs any software dependencies thereon themselves.
    cloud APIs, necessary software APIs, databases...
    this is more work than PaaS but offers more flexibility can provide own OS images (or again pick from library) and installed software
    the customer will administer the VM operating system
    sometimes an easier transition to the cloud for complex legacy systems

    Customer has full control to virtualise a network set-up.

    also to configure firewalls, load balancers

    Amazon EC2, Microsoft Azure Virtual Machines, Rackspace, Google Compute Engine, IBM SoftLayer

    📷 Gartner 2016 - Cloud IaaS Players

    Platform as a Service (PaaS)

    The cloud vendor provides and manages a set of preconfigured VMs which the customer selects from.

    Typically the preconfigured VM OS images will be mainstream offerings with pre-installed software to run cloud applications.
    cloud APIs e.g. to access cloud storage, databases, service bus, performance metrics, security, application services...
    optionally also a web server e.g. IIS or Apache
    developed software is uploaded to VM from local development tools
    customer has initial choice of OS image, VM location, scalability parameters, security but this is high level and at start
    the customer will not administer the VM operating system nor deal with hardware
    much simpler and faster to setup than IaaS
    in the order of minutes...

    Network set-up virtualised but typically abstracted and customer has no control.
    better control is gradually being introduced (e.g. VPN control)

    AWS Elastic BeanStalk, Microsoft Azure Cloud Services and Web Apps, IBM BlueMix, Google App Engine...

    The practical work in this module is using PaaS i.e. Microsoft Web Apps in a public cloud.

    Platform as a Service (PaaS) Diagram

    PaaS in context...

    From IBM BlueMix but generally applicable to PaaS offerings

    Software as a Service (SaaS)

    The cloud vendor provides packaged software applications running in the cloud aimed at end-users.

    customer has no visibility of software, OS nor hardware underneath

    Especially productivity and collaboration applications.

    Google Apps, Office 365, Visual Studio Online, cloud-based file sharing....

    Available on an on-demand basis.

    Usually accessed through a web browser.

    X
    Magic Quadrant for Cloud Infrastructure as a Service Worldwide Diagram
    Magic Quadrant for Cloud Infrastructure as a Service Worldwide
  • Cloud Deployment Models

    NIST Deployment Models

    NIST Deployment Models Diagram

    Deployment Models

    Public cloud
    owned by an organization selling cloud services
    cloud infrastructure is available to the general public

    Private clouds
    owned or leased by a single organisation
    no public access
    cloud infrastructure for a single organization only, may be managed by the organisation or a 3rd party, on or off premise

    A virtual private cloud is a logical subdivision of another cloud (public or private) which looks like an independent private entity.

    has its own virtualised private network

    Called a managed cloud if on-premise but managed by a 3rd party.

    Community clouds
    shared by several organisations
    supports a specific community that has shared concerns
    cloud infrastructure shared by several organisations that have shared concerns, managed by organisations or 3rd party

    Hybrid clouds
    composition of 2 or more clouds bound by a standard or proprietary technology
    e.g. to enable data & application portability
    e.g. to handle cloud bursting: bursts of data and computing surges
    the application scales from the private to another cloud (typically a public cloud), utilising additional resources of the other cloud type during peak periods
  • Hybrid Clouds

    2015 RightScale survey suggests 55% of enterprises planning for hybrid cloud.

    Why?
    functionality offered by different cloud platforms varies - need mix and match of “best of breed”
    tools now exist to control provisioning and scaling in hybrid setups
    in some cases less expensive to use and also accelerates product time to market

    Some resource has to be kept local...
    security and governance restrictions on location of workloads so some has to remain in private cloud
    legal compliance issues with some types of data e.g. financial/healthcare so some data has to remain in private cloud

    Security always remains a key concern.

    NIST Deployment Models Diagram
    Cloud Computing Types - CC BY SA 1.0 by Sam Johnston

    Hybrid Cloud Architectures

    Migration
    split and port existing data and workloads
    needs manual planning, porting and testing in new location

    Interoperability
    APIs and services allowing communication to integrate clouds and services
    each cloud may invoke another cloud vendor’s management APIs
    needs some sort of secure cloud gateway technology
    manual setup and/or coding of connection technology needed

    Abstraction
    automated control of hybridisation and the whole hybrid cloud from a higher level which abstracts away from detail of a particular cloud platform technology
    fully unified view of provisioning and scaling
    dynamic migration of data and workloads
    the future really...

    Hybrid Cloud Gateways

    Hybrid cloud interoperability technologies.

    Built at low level using IaaS e.g. VPN gateways.

    AWS Direct Connect

    or use PaaS facility which will transparently map endpoints through a secure channel

    Azure service bus a good example relaying communication across firewalls and NAT
    can be used as both a relay and a queue

    Azure Service Bus Relay

    Azure Service Bus Relay Diagram

    🔗 What is Azure Service Bus?

    Taxonomy of Deployment Models

    Taxonomy of Deployment Models Diagram

    1 Management includes: operations, security, compliance, etc ...

    2 Infrastructure implies physical infrastructure such as facilities, compute, network & storage equipment

    3 Infrastructure Location is both physical and relative to an Organisation's management umbrella

    4 Trusted consumers of service are those who are considered part of an organisation's legal/contractual umbrella including employees, contractors & business partners. Untrusted consumers are those that may be authorised to consume some/all services but are not logical extensions of the organisation.

  • Pulling it together...

    Pulling it together Diagram

    NIST Definition of Cloud Computing

    Visual Model of NIST Working Definition of Cloud Computing

    Visual Model of NIST Working Definition of Cloud Computing Diagram
  • PaaS in Microsoft Azure

    Two types of approach:-

    Dedicated VM instances for your application.
    single tenanted
    Azure cloud services

    Containers
    super-isolated processes on shared VMs
    each thinks they have a VM to themselves
    multi-tenanted and much less resource hungry
    an evolving family of different technologies currently including App Services, WebJobs, Azure Functions, Docker, Linux Containers, Windows Server Containers...

    Be careful - MS constantly rebrand Azure components - this may already be out of date!

    Cloud Services

    Cloud Services are Azure cloud applications consisting of one or more dedicated VM instances.
    PaaS
    platform spins up a new, dedicated VM for your application (each role instance)
    slow to start and to deploy ~10 mins.
    single tenanted
    gives users more confidence about security
    full control (RDP in if you want)
    heavy-weight in terms of resource usage
    still available but development work on new functionality features appears to have now ceased at MS

    An Azure cloud service consists of one or more roles.

    A role is what you provide code for i.e. a:
    worker role: slow or complex background processing; users do not access this directly
    web role: includes front facing IIS supporting the familiar MS ASP.NET web application technologies (MVC/web forms/web services/API/JavaScript...)

    A role instance is a VM (an off-the-shelf MS OS image).
    each role may have 1 or many instances – adding/removing these allows each role to be scaled independently
    role image typically MS Server OS
  • Web and Worker Roles Pattern (Cloud Services)

    Web and Worker Roles Pattern (Cloud Services)

    Web and Worker Roles Pattern

    A good example of an application architecture suitable for the cloud.
    scalable multi-tier application
    front facing web application
    separately scaled and independent background processing connected asynchronously with a queue
    separate scalable data repository

    Web role: front facing with IIS; can perform simple tasks synchronously, but whenever any complex processing is required it will create a message and drop it into a queue. (Consists of 1 or more instances.)

    One or more Azure queues (a type of cloud storage) which support asynchronous communication between the web role and the worker role.

    Worker role: (consisting of 1 or more instances) which pull messages off the queue and perform slow or complex processing tasks.

    Cloud Storage (such as non-relational Azure tables and blobs) that stores the system’s state and typically includes the result of the worker role’s processing tasks.

    Queue-Based Load Levelling Pattern

    In fact the worker and web role pattern incorporates this pattern.

    A service might experience peaks in demand that cause it to become overloaded and unable to respond to requests in a timely manner.

    Solution is to introduce a queue between the producer and the service acting as a buffer.

    This can help to maximize availability because delays arising in services will not have an immediate and direct impact on the application, which can continue to post messages to the queue even when the service is not available or is not currently processing messages.

    It can help to maximize scalability because both the number of queues and the number of services can be varied to meet demand.

    MS Azure offers several queue/topic options with different characteristics.

    Worker Roles and Web Roles

    Worker Roles
    hosted in Windows Server OS to carry out background tasks
    standard .NET API libraries and any 3rd party APIs you add

    Web Roles
    all features of a worker role + IIS
    really a modified and specialised worker role
    ASP.NET
    good news as standard .NET Web Applications can be deployed without modification
    HTTP(S)

    Cloud Services in VS

    Cloud service maps to VS solution.

    Roles map to VS projects.
    meta-data control of deployment to Azure
    e.g. connection strings values for cloud storage

    There is also additional metadata about each role defined in XML.
    includes VM size
    we do not edit the XML – use the menu in VS to alter the properties!
    different property configurations for emulation and cloud deployment

    The cloud service can be locally emulated (see video).
    uses a storage emulator (for cloud storage) and a compute emulator (for role instances) which come with the SDK
    both started automatically

    App Services - Lab 2

    Basically deployment to a shared, multi-tenanted, already running VM instance hosting IIS.

    exactly the same access to cloud storage

    IIS features to “containerise” i.e. isolate each web application from one another.

    little admin control (but do you need it?)

    Very fast deployment (seconds) and much lower resource demands as the hosting VMs are already running.

    App Services

    Background processing available with WebJobs.
    again “containerised”
    architecturally simple - looks like a console app if developed in VS
    can also be uploaded .jar, .php, .js and others
    event driven e.g. can be woken up when a message appears in a queue
    default is 1:1 relationship between app service instances and WebJob instances and both may be on same server, but each can also be scaled independently
    web and worker role pattern still applicable –although entities have changed names...

    WebJobs run continuously or at certain times or when a URL is accessed.
    we will stick to continuous WebJobs and C#

    Originally 3 different types:-
    Web Apps
    API Apps
    Mobile Apps

    As of 2017 there is no difference with respect to hosting them in the cloud and they are differentiated only by the API libraries used in the different types.

    We are using a Web App which is basically a normal ASP.NET web application that has been coded to access Azure cloud storage.

    so this is deployed as an “App Service”

  • Azure Cloud Storage

    BLOB = Binary Large Object
    storage of binary data in a bucket which is opaque to the storage service
    often contains metadata (label on the bucket) that allows one blob to be distinguished from another
    example of content: videos, songs, pictures…

    Queues
    a classic first-in, first-out data storage structure
    primarily used for passing data from one role to another in a loosely-coupled fashion
    generally not used for long-term storage
    scale really well

    Non-Relational Tables
    schema-less tables containing records (entities) with variable fields with max. size of whole record 1MB
    database-like features but no referential integrity
    all has to be handled by programmer
    scale really well

    All three:-
    are a Microsoft product
    have RESTful APIs
    are not part of an app service or role instance but are separate entities

    A bit like a “file system for the cloud”.

    More about cloud storage in a later lecture.

    The Fabric Controller (FC)

    The “kernel” of the cloud operating system.
    manages datacenter hardware
    manages Azure cloud service and app service deployment

    Four main responsibilities:-
    data-center resource allocation
    data-center resource provisioning
    service lifecycle management
    service health management

    Inputs:-
    description of the hardware and network resources it will control
    published cloud service or app service

    Microsoft Azure Tooling

    Microsoft Azure Tools for Visual Studio

    Azure SDKs, see: 🔗 Get started with Azure

  • Lab 2

    The thumbnails example is presented as an app service.

    for you to try out...

    there is video support

    The coursework will use an app service (Web App) and the three types of storage.

    The coursework Part A is very similar to this so make sure you have invested sufficient time and have gained a proper understanding. The coursework is aWebApp/WebJob.

    App Services in VS

    Web App maps to VS solution.

    Web App and the WebJob each map to VS projects within the solution.
    WebJob very similar to a console application
    both are run locally as normal local applications

    The app service storage can be locally emulated (see video).
    all you need is the current version of the storage emulator (which needs to be started manually beforehand)
    same storage emulator as cloud services
    need to start the WebJob separately first
    debug it locally before deploying it!

    Deployment (see video):-
    in the portal create a resource group, storage account and app service
    change the connection strings in your solution
    edit web.config and app.config XML directly
    publish to cloud (10 secs...)
    the WebJob starts automatically (runs continuously or at set times)

    Thumbnails Data Flow

    Thumbnails Data Flow Diagram
  • Reading Material

    There are 2 excellent MS presentations on the internals of Azure from previous TechEds.

    These are in the Learning Resources section on GCULearn.

School of Computing, Engineering and Built Environment