# Cloud Concepts (CLF-C01)
Objectives:
* Gain clear definition of Cloud Concepts:
    * Scalability,
    * Elasticity,
    * Security
* Gain comprehensive understanding of Cloud Computing
* Understand when and why we should use Cloud Computing, and with which deployment model:
    * Public,
    * Private,
    * Hybrid
* Knowledge to discuss confidently as to why (not) to migrate to Cloud Service models:
    * Infrastructure-as-a-Service (IaaS),
    * Platform-as-a-Service (PaaS),
    * Software-as-a-Service (SaaS)
* Understand some of the different benefits/constraints the Cloud can have on a business

# What is Cloud Computing?
Cloud Computing is a remote virtual pool of on-demand shared resources offering Compute, Storage, Database, and Network services that be rapidly deployed at scale.

## What is Virtualisation?
Virtualisation is the possibility of using multiple **virtual machines** (VMs), running separate instances of operating systems and applications, installed on a single physical server.<br>
They can run similtaneously, unaware of each others existance, whilst all sharing the underlying hardware resources.

The sharing of hardware resources is a key element of understanding virtualisation, and is achieved through a hypervisor.

A Hypervisor is software used to create the virtualised environment allowing multiple VMs to be installed on the same host.

The hypervisor sits logically between the physical hardware and the virtual machines and creates a shared pooled of virtual hardware resources for each of them to access.

All VMs installed on the host see the hardware as they normally would.

Any request to the hardware goes via the Hypervisor which handles that access, ensuring the hardware resources are shared between all other VMs as needed and as configured.

## Benefits of Virtualisation
Reduced capital expenditure<br>
&emsp;Less hardware is require as you have the ability to provision multiple VMs on 1 host.

Reduced operating costs<br>
&emsp;There is less hardware, less space, power, and cooling required within your Datacenter.

Smaller footprint<br>
&emsp;Less space is required to house your server hardware.

Optimisation of resources<br>
&emsp;In a cloud environment everyoen can benefit from virtualisation, from the cloud vender to the consumer.

## Resources in cloud computing
### Compute
Compute objects provide the 'brains' to process workloads.

Classic environment comparison:<br>
&emsp;Think hardware devices such as CPUs and RAM, and how they work in a classic, on-premise environment.

### Storage
Storage resources allow you to save and store data.<br>
Any resource that allows you to save data in the cloud is classed as a storage resource.

Classic environment comparison:<br>
&emsp;In a typical environment these would be Server hard disks, Network Attached Storage (NAS), or high speed Storage Area Network (SAN).

### Database
Database resources allows storage of structured sets of data used by applications.

Classic environment comparison:<br>
&emsp;Databases are widely used in datacenters with some common database engine types being SQL Server, Oracle, MySQL.

### Network
Network resources provide the connectivity allowing all other resources (compute/storage/database) to communicate with each other.

Classic environment comparison:
* Routers to route traffic between networks switches
* Firewalls to *allow* or *deny* traffic into the environment.

# Cloud Deployment Models
There are three different Cloud model types, each offering different levels of management, flexibility, security and resilience, and these are Public, Private and hybrid.

## Public Cloud
A vendor makes available the use of shared infrastructure.<br>
This includes:
* Compute,
* Storage,
* Database,
* Network resources

It can be provisioned on demand and typically accessed over the internet for public usage.

Consumers will never see the hardware or know the exact geographical location of their data.

Consumers can specify the region where it resides to aid with latency based on where end users are located.

The cloud vendor provides the backend and physical maintenance of the physical location services such as power, cooling, and hardware failures.

As a general rule, access to the services on the Public Cloud are available with an internet connection.

## Private Cloud
A Private Cloud is different to a Public Cloud as the infrastructure is privately hosted, managed, and owned by the individual company using it.<br>
This gives improved and more direct control of the company's data.

Enterprises who wish to keep a tighter grasp of security control may adopt this architecture.

Hardware is usually held on-premise.

This differs from a typical on-premise server farm approach is that the same cloud principles are applied to the design:

* Virtualisation will create a pool of shared compute, storage, and network resources.

* More capital expenditure is require to acquire the hosts and datacenter.

* Additional resources will be needed for the day-to-day operations and maintenance of this equipment.

## Hybrid Cloud
A Hyprid Cloud is a model that makes use of both Public and Private Clouds.

This model can be used for seasonal burst traffic or for Disaster Recovery.

A Hybrid Model is established when a network link is configured between the Private Cloud to services within the Public Cloud.

This takes the benefits given from both the Public and Private models and allows you to architect your services in the most appropriate model.<br>
This approach will also contain the negatives of both solutions.

Hybrid Clouds are normally short-term configurations (e.g.test/development purposes) and can often be a transitional state for enterprises.

## Summary

| | Public | Private | Hybrid|
| --- |  --- | --- | --- |
| Security | Adopts a shared responsibity model between Vender and Consumer.<br> Vendor manages physical security of the datacenter both internally and externally adhering to a range of security audit controls.<br> The consumer is responsible for the Security within the Cloud utilising the available tools, services, and configurations. | Security becomes the sole responsibility of the enterprise adopting the Private cloud.<br> Strict governance can be applied at every point throughout the infrastructure stack to the standards that are desired. | Combination of Public and Private allowing enterprises to have stricter controls over security for data hosted in their private cloud, while taking advantage of the benefits of the public cloud.|
| Data Location | Consumer specify a geographical location to deploy their services and data, but never know the exact physical location of where that data physically resides | Organisations have full knowledge on the location of their data as it is self managed and held on-premise | Combination of Public and Private |
| Capital Expenditure | None required - all hardware and maintenance of resources are provisioned by the vendor | High - as hardware is housed and maintained on-premise equipment needs to be procured | Combination of Public and Private |
| Operational Expenditure | Variable - simply pay for the resources that you consume when you are consuming them | High - additional resources required to maintain and run the hardware, along with the ongoing costs of space, power, and cooling within the data centre | Combination of Public and Private |
| Tenancy | Resources can be shared between multiple tenants, in addition to dedicated resources for dedicated tenants | Resources are privately shared for single tenant use | Combination of Public and Private |

# Key Cloud Concepts
Cloud computing has a number of key characteristics that allow it to be the powerful service it is today.

## On-demand Resourcing
When you want to provision a resource within the Cloud, it is almost immediately available to you to allocate where and when you need it.

No more waiting for hardware to be ordered, installed, cabled, and configured before using it.

## Scalability
Cloud computing offers the ability to rapidly scale your environment's resources both 'up and down' and 'in and out'.

Scaling up/down refers to the power and performance of an instance, i.e. when workloads have increased, increase the CPU or memory power.

Scaling in/out refers to adding or removing instances to the fleet of computing resources.

This offers significant advantage compared to on-premise solutions, from a cost perspective alone.

## Economy of Scale
The huge scale of resources public cloud offerings provide offers exceptionally low resource costs compared to traditional hosting.

## Flexibility and elasticity
You choose:
* The amount of resources required,
* How much and how long it is required, and
* What scale

The amount of choice you have allows exact customisation of the environment desired.

## Growth
Cloud Computing offers organisations the ability to grow using a wide range of resources and services.

Coupled with the on-demand element, and growth constraints are significantly reduced compared to a classic environment.

You can reach global customers with ease by provisioning resources across the cloud vendor's global network.

## Utility based metering
With many Cloud services, you pay for what you use.

If you only have a server (instance) running for 2 hours then shut it dowm, then you only pay for 2 hours worth of Compute resources.

You only pay for the resources when they are consumed.

## Shared infrastructure
Hosts within the cloud are virtualised, as a result multiple tenants (organisastions/users) can be running instances (virtual servers) on the same hardware.

This significantly reduces the amount of physical hardware required, which in turn reduces the amount of power, cooling, and space required in the datacenter.

## High availablity
Many of the core services with the Public Cloud and its underlying infrastructure are replicated across different geographic zones and regions.

Having data copied to multiple different places automatically ensures the durability and availability of your data and services without you needing to configure and architect for this resilience.

It is provided by the vendor as part of their service.

## Security
Many enterprises still have concerns over how secure cloud computing is.

However, public cloud venders such as Amazon Web Services and Microsoft Azure are considered to more secure than private datacenters. 

This is achieved by adhering to global compliance programs across mltiple industries and by applying the shared responsibility model.

# Cloud Service Models
## Software as a Service
Software as a Service (SaaS) allows for the delivery of an application that can be widely distrubuted and accessed.

They are usually simple in design, focusing on ease of use to appeal to a wide audience.

E.g. Gmail
* this e-mail based application is fully managed and accessed over the internet
* there are not requirements to install any software on your local device

## Platform as a Service
Platform as a Service (PaaS) providers give a greated level of management and control.

Users have access to a framework from the operating system and up.

The underlying architecture, host hardware, network componmenets and OS are typically managed maintained and supported by the vendor.

This makes for a great deployment service for Developers.

## Infrastucture as a Service
The highest level of customisation and management is offered by Infrastructure as a Service (IaaS) providers.

This service allows you to architect your own portion of the cloud, by configuring a virtual network.

These are segmeneted from other networks allowing you to deploy any resources you need.

You can configure instances from the operating system and up, including the type of OS installed.

## Other Services
There are a number of other Service models such as Disaster Recovery as a Service (DRaaS), Communication as a Service (CaaS), and Monitoring as a Service (MaaS)

# Common use cases of Cloud Computing
## Migration of Production Services
One of the biggere use cases is where people migrate production services from their exisitng on-premise solutions to the cloud.

With all the benefits of the cloud in mind, many businesses are choosing to migrate their existing preoduction services to the Cloud.

Some companies have ALL of their infrastructure within the Cloud.

## Traffic bursting
You may experience times within the year (predictive seasonal circumstances), where the infrastructure takes a heavier load impact than other times of the year.

Perhaps you are in the retail business and over the Christmas holiday period, demand increases on your infrastucture significantly.

In a classic datacenter environment, the increase in compute, storage, database, and network capacity will needed to provisioned and have it take space, power, and cooling all the time.<br>
This is not an effective method of scaling.

The Public Cloud can be used to scale your network and resources to manage and handle this additional traffic over the peak seasons.<br>
When the traffic has reduced you can then terminate your infrastructure within the cloud and stop paying for it.<br>
_You only pay for what you use, when you use it!_

## Backup / Disaster Recovery
Due to the Public Cloud's built-in resilency and durability, this makes way for a great solution for your backup requirements.

There is access to nearly unlimited storage space with built-in data management lifecycle policies.

E.g. Using AWS S3 service (for object storage), implementing a policy to archive data over 30 days old to AWS Glacier, which is a *cold storage* service with even lower storage cost.

The data is then available as long as there is an internet connection.

These storage services are often replicated by the venfor to ensure its durability.

Combined with the very low cost of storage and you can see why more and more enterprises are adopting Cloud Computing for this very reason.

## Web Hosting
Many organisations choose to host their web services on the cloud due to its ability to load balance across multiple instances and scale up and down quickly and automatically as traffic increase and decreases.

The ability to provision and implement automatic scaling simplifies the whole process and takes out much of the administrative input and maintenance required.

Web applications and database services can take advantage of other services such as Content Delivery Networks (CDN) and Domain Name Services (DNS).

A CDN is a set of systems which redirects traffic to the closest caching server, which can deliver the content much faster.<br>
CDNs can reduce the latency of a website for global users if there are sufficient caching servers in place.

DNSs can help manage demand on web servers by redirecting any requires to a load-balancer first.<br>
Load balancers can then evenly distribute the requests to multiple web servers.

## Test / Dev Environments
You may not have the capacity to host many servers and storage in your datacenter for test/dev purposes.

Using the Public CLoud allows you to spin up servers as and when needed, then shut down when finished.

This allows the provision of the size and capacity of the compute resources, e.g. using a high-end performance instance for testing for an hour.

This would not be financially viable to have this wide range of compute resource on-premise.

## Proof of Concept
The Cloud allows the implementation of proof of concept design and bring them to life at a fraction of the cost.

The results of the POC can help build a successful business case when presenting to management.

## Big Data / Data Manipulation
The cloud also makes it easier and cheaper to manage big data.

Maintaining and implementing compute resources to handle hugh datasets can be expensive and complicated.

Utilising cloud computing resources gives the ability to use only the resources needed to analyze data when needed.

Some public cloud vendors offer specialised managed Big Data services, which gives a managed reource infrastructure and framework to run workloads on.

Offloading some of these elements to the vendor allows you to focus on the data and processing and not worry about the maintenance of the underlying architecture. 


# How Data Centre Architecture is Reflected in the Cloud
## Location
You may only have 1 office therefore house all infrastructure on site.

Typically you will have multiple datacenters to help with resilience and availability.

Public Cloud providers will have regions worldwide.

Within each region they have at least 2 datacenters in a different geographical location within that region.

## Phyisical Security
The end user has no access to the physical datacenter where the resources are held.

It is the vendor's responsibility to ensure it is implementing and achieving the correct certifications and governance regarding security.

For audit purposes, users can access their accreditations and compliance certifications online if required to do so.

## Mechinical and Electrical Infrastructure
Mechanical and Electrical infrastructure is situated at the datacenter, it includes:
* Generators,
* Uninterruptible Power Supply (UPS),
* Computer room air conditioning units for cooling,
* Fire suppression

It is the vendor's responsibility to ensure they are implementing the correct capacity, resiliency, and testing to ensure availability and uptime of their infrastructure

## Network Infrastructure
Netroking operates at a software level, there are no options to install a switch or a router.

You are able to implement controls, services, and configurations to simulate the same effects within your infrastructure that these physical devices provide.

There are options to create a virtual network which can be segmented into different IP address ranges allowing the deployment of compute, storage, and other network resources as required.<br>
Within AWS, they are called Virtual Private Clouds (VPS) and within Azure, these are referred to as an Azure Virtual Network (VNet).

From here you can create different network segments (both public facing and private).

Routing and Access Control Lists for security can also be configured dynamically for enhanced control.

You can then provision instances within these subnets.

Networking components such as switches, routers, and firewalls have been replaced with Virtual Networks and their configurable components.

The backend is maintained and managed by the venfor, but architecting how the VPC is created and secured is the reponsibility of the end-user.

## Servers
Servers are commonly referred to as instances or virtual machines (VM).

There are different servers within a typically datacenters and vendors provide services to reflect them in the Cloud.

For example, providers offer servers that are specific to hosting databases, whilst others may focus on heavy processing power needed to process big data.

## Storage
Storage is fantasic within the Cloud as it is often regarded as unlimited, hughely scalable and highly durable.

There are different storage services depending on what type of data is being stored and how it will be used.

Within a datacenter environment you may have access to a Storage Area Network (SAN).

AWS offers the Elastic Block Store (EBS) service which offers persistent block level storage and can be detached from one instance and re-attached to another instance.

There are other storage solutions within the public cloud that cater for file level storage and object storage.