## Automation in the cloud

Even if you've never worked with the cloud directly, you've certainly interacted with the services running in the cloud. 


## Cloud Services Overview

When we say that a service is running in the Cloud, what do we actually mean? It has nothing to do with those white fluffy things in the sky, **it simply means that the service is running somewhere else either in a data center or in other remote servers that we can reach over the Internet**. 

Cloud providers typically offer a bunch of different service types, the ones used most by users are in the **Software as a Service** category. **Software as a Service or SaaS, is when a Cloud provider delivers an entire application or program to the customer. If you choose a Cloud e-mail solution like Gmail, a Cloud storage solution like Dropbox, or a Cloud productivity suite like Microsoft Office 365, there are only a small number of options for you to select or customize**.

Not all of our needs can be solved by prepackaged software, sometimes we need to develop our own. **For some of the components of our software, we might choose to use Platform as a Service. Platform as a Service or PaaS, is when a Cloud provider offers a preconfigured platform to the customer**.

Say you need an SQL database to store some of your applications data, you could choose to host the database in your own hardware. To do this, you'd need to install an operating system on that computer and then install the SQL software on top of the chosen OS. This requires a basic understanding of all of these different pieces just to get the database running. There's a bunch of things that could go wrong and even if you can eventually solve all of them, it can take awhile. Instead, **you could decide to use a Cloud provider that offers an SQL database as a service, that way you can just focus on writing SQL queries and using the platform, and let the Cloud provider take care of the rest.**


If you need a high level of control over the software you're running and how it interacts with other pieces in your system, you might want to choose **Infrastructure as a Service. Infrastructure as a Service or IaaS, is when a Cloud provider supplies only the bare-bones computing experience. Generally, this means a virtual machine environment and any networking components needed to connect virtual machines, the Cloud provider won't care what you're using the VMs for. **

You could use them to host a web server, a mail server, your own SQL database with your own configuration settings, or a whole lot more possibilities. Running your IT infrastructure on the Cloud provider's IaaS offering is a very popular choice.

**Some IaaS products include: Amazon's EC2, Google Compute Engine, and Microsoft Azure Compute**. Now no matter the service model and the provider you use, when you set up Cloud resources you'll need to consider regions. A region is a geographical location containing a number of data centers, regions contain zones and zones can contain one or more physical data centers.

Large Cloud providers usually offer their services in lots of different regions around the world.

Latency isn't the only factor to take into account when selecting a region or zone, some organizations require their data to be stored in specific cities or countries for legal or policy reasons. If your service uses other services as dependencies, it's a good idea to host the service physically close to its dependencies.

Qwiklabs is a service using Cloud infrastructure. So what kind of Cloud service does Qwiklabs use? Qwiklabs uses Infrastructure as a Service, the VMs get provisioned with just the OS and the lab automation then deploys any additional files and software into the OS

## Scaling in the Cloud

One of the coolest features of deploying solutions to the Cloud is how easily and quickly we can scale our deployments.

it takes a significant amount of time to modify the capacity of the deployment. In this context, **capacity is how much the service can deliver. The available capacity is tied to the number and size of servers involved.**

The way we measure the capacity of a system depends on what the system is doing. If we're storing data, we might care about the total disk space available. If we have a web server responding to queries from external users, we might care about the number of queries that can be answered in a second which is called **queries per second or QPS. Or maybe the total bandwidth served in an hour**.

As the service becomes more popular, demand might grow and you'll need to increase the available capacity. Eventually, the system could need a thousand servers to meet user demands. **This capacity change is called scaling. In particular, we call it upscaling when we increase our capacity and downscaling when we decrease it.**

 If you want to be able to serve 1,500 connections at the same time, you can deploy 10 Apache web servers and distribute the load across them. **This is called horizontal scaling. You add more servers to increase your capacity**. If the traffic goes up you could just add more servers to keep up with it. On the flip side, **if you're scaling a deployment vertically, it means you're making your nodes bigger. When we say bigger here we're talking about the resources assigned to the nodes like memories, CPU, and disk space**.
 

Depending on our deployment and our needs, we might need to scale both horizontally and vertically to scale the capacity of our service. In other words, adding more and bigger nodes to our pool. This approach to scaling isn't too different from what you'd need to do if you have your servers running on-premise.

Instead of sending someone to change the physical deployment, for example adding more physical RAM to a server or adding 10 more physical machines in a server rack, we just modify our deployment by clicking some buttons in a web UI or using a configuration management system to automate the scaling for us. The infrastructure built by the Cloud provider will deploy any additional resources we need. When talking about scaling in the Cloud, another aspect we need to take into account is whether the scaling is done automatically or manually.


When we set our service to use automatic scaling, we're using a service offered by the Cloud provider. This service uses metrics to automatically increase or decrease the capacity of the system. 


On the flip side, using manual scaling means that changes are controlled by humans instead of software. Manual scaling has its pros and cons too. When the Cloud deployment isn't very complex, it's usually easier for smaller organizations to use manual scaling practices

## Evaluating Cloud

We have different levels of control depending on the service model that we choose, whether that's software, platform, or infrastructure as a service. 

**When choosing to use software as a service, we're basically giving the provider complete control of how the application runs. We have a limited amount of settings that we can change, but we don't need to worry about making the system work. This can be a great option when the software provided fulfills all of our needs and we'd rather just focus on using the software instead**. But as we called out, there's only a limited amount of applications being offered in such a prepackaged way. 

**If we need to create our own applications, we can use platform as a service. With this option, we're in charge of the code, but we aren't in control of running the application**. 

**Or we can choose infrastructure as a service, where we can still keep a high level of control. We decide the operating system that runs on the virtual machines, the applications that are installed on it, and so on**. 

We'll still depend on the vendor for other aspects of the deployment, like the network configuration or the services availability. If something does break, you might need to get support from the vendor to fix the problem. So when choosing a cloud provider, it's important to know what kind of support is available and select the one that fits your needs. 

I know it sounds strange to give away your control over the hardware, and the network, and the overall infrastructure. But personally, I find that it's pretty great to not have to worry about maintaining the machines that are running our services. It means we can treat the servers executing the workloads as a commodity, instead of special snowflakes.


One aspect that might make you hesitant to move to the cloud is that you don't know exactly what security measures are being put in place. So when selecting which provider to use, it's important that you check how they're keeping your instances and your data secure. There are a bunch of certifications like SOC 1, ISO 27001, and other industry recognized credentials that you can look for to verify that your provider has invested in security. Once you're sure that your provider is taking the right security measures, it might be tempting to just leave security to the professionals and forget about it. 


Google, Amazon, Microsoft, and other cloud providers invest heavily in security research. But that won't matter if the root password of your cloud instance password one or the instance doesn't use a firewall. In other words, we should always use reasonable judgment to protect the machines that we deploy ,whether that's on physical server is running on-premise or on virtual machines in the Cloud.


Some highly sensitive deployments might warrant specialized security procedures, like multi-factor authentication, encrypted file systems, or public key cryptography. But these processes can also be expensive to implement.


## Migrating to the Cloud

we're looking at a trade-off between how much control we have over the computers providing the services and how much work we need to do to maintain them. 

when we use Infrastructure as a Service or IaaS, we deploy our services using virtual machines running on the Cloud providers infrastructure. We have a lot of control over how the infrastructure is designed which can be super useful. 


**IaaS is especially useful to administrators using a lift and shift strategy.**


If physical servers need to be moved, you might need to take a server from the old office, turn it off during a maintenance window, load it onto a truck, and physically drive it to the new location. This could be the new office or maybe even a small data center. So you're literally lifting the server and moving it to a new location, that's where the **lift in lift and shift comes from**. 


When migrating to the Cloud, the process is somewhat similar. But instead of moving the physical server in the back of a truck, you migrate your physical servers running on-premise to a virtual machine running in the Cloud. In this case, you're shifting from one way of running your servers to another. 


**The key thing to note with both approaches, is that the servers core configurations stay the same.**

If you've already been using configuration management to deploy and configure your physical servers, moving to a Cloud setup can be pretty easy. You just have to apply the same configuration to the VMs that are running in the Cloud and you'll have replicated the setup. On the flip side, using this strategy means that you still have to install and configure the applications yourself. You need to make sure that both the OS and the software stay up to date, that no functionality breaks when they get updated, and a bunch of other things depending on which specific application the server is running.


One alternative in this case is using Platform as a Service or PaaS. This is well-suited for when you have a specific infrastructure requirement, but you don't want to be involved in the day-to-day management of the platform. 

Another example of **Platform as a Service are managed web applications**. When using this service, you only have to care about writing the code for the web app. You don't need to care about the framework for running it. This can accelerate development because developers don't have to spend time managing the platform and can just focus on writing code. **Some popular managed web application platforms include Amazon Elastic Beanstalk, Microsoft App Service, and Google App Engine**. While these platforms are very similar, they aren't fully compatible. So migrating from an on-premise framework and switching between vendors will require some code changes.


Another related concept that you might have heard of is containers. **Containers are applications that are packaged together with their configuration and dependencies. This allows the applications to run in the same way no matter the environment used to run them**.


if you have a container running an application, you can deploy it to your on-premise server, to a Cloud provider, or a different Cloud provider. Whichever you choose, it will always run in the same way. This makes migrating from one platform to the other super easy.


When talking about migrating to the Cloud, you may also hear about public Clouds, private Clouds, hybrid Clouds, and multi-Clouds. 

#### Public clouds

 We call public Cloud the Cloud services provided to you by a third party. It's called public because Cloud providers offer services to, you guessed it, the public. 
 
#### Private Clouds

A private Cloud is when your company owns the services and the rest of your infrastructure, whether that's on-site or in a remote data center

#### Hybrid Clouds

 A hybrid Cloud is a mixture of both public and private Clouds. In this scenario, some workloads are run on servers owned by your company, while others are run on servers owned by a third party. The trick to making the most of the hybrid Cloud is ensuring that everything is integrated smoothly. This way, you can access, migrate, and manage data seamlessly no matter where it's hosted.
 
#### Multi-Cloud

Multi-Cloud is a mixture of public and/or private Clouds across vendors. For example, a multi-Cloud deployment may include servers hosted with Google, Amazon, Microsoft, and on-premise. 

A hybrid Cloud is simply a type of multi-Cloud, but the key difference is that multi-Clouds will use several vendors, sometimes in addition to on-site services. Using multi-Clouds can be expensive, but it gives you extra protection. If one of your providers has a problem, your service can keep running on the infrastructure provided by a different provider