## Cloud Computing

Cloud Services Overview

Software as a Service or SaaS, is when a Cloud provider delivers an entire application or program to the customer
Platform as a Service or PaaS, is when a Cloud provider offers a preconfigured platform to the customer
Infrastructure as a Service or IaaS, is when a Cloud provider supplies only the bare-bones computing experience

Region is a geographical location containing a number of data centers, regions contain zones and zones can contain one or more physical data centers

The region and zone you select should be closest to your users, the further your users are from the physical data center the more latency they may experience

It's common practice to locate data centers close to where users actually live, work, and bank

Latency isn't the only factor to take into account when selecting a region or zone, some organizations require their data to be stored in specific cities or countries for legal or policy reasons

If your service uses other services as dependencies, it's a good idea to host the service physically close to its dependencies

Scaling in the Cloud

In a traditional IT setting, it takes a significant amount of time to modify the capacity of the deployment.

Capacity : is how much the service can deliver.
This capacity change is called scaling. 
In particular, we call it upscaling when we increase our capacity and downscaling when we decrease it.

There are a couple of different ways that we can scale our service in the Cloud, horizontally and vertically. To scale a deployment horizontally, we add more nodes into the pool that's part of a specific service.
If you're scaling a deployment vertically, it means you're making your nodes bigger. When we say bigger here we're talking about the resources assigned to the nodes like memories, CPU, and disk space.

Depending on our deployment and our needs, we might need to scale both horizontally and vertically to scale the capacity of our service.

When talking about scaling in the Cloud, another aspect we need to take into account is whether the scaling is done automatically or manually.
Automatic scaling, we're using a service offered by the Cloud provider. This service uses metrics to automatically increase or decrease the capacity of the system.
But make sure you set a reasonable quotas for your autoscaling systems.
Manual scaling means that changes are controlled by humans instead of software


Evaluating the Cloud

Software as a service, we're basically giving the provider complete control of how the application runs. We have a limited amount of settings that we can change.
Platform as a service, If we need to create our own applications. With this option, we're in charge of the code, but we aren't in control of running the application
Infrastructure as a service, where we can still keep a high level of control. We decide the operating system that runs on the virtual machines, the applications that are installed on it, and so on. 

We'll still depend on the vendor for other aspects of the deployment, like the network configuration or the services availability. If something does break, you might need to get support from the vendor to fix the problem. So when choosing a cloud provider, it's important to know what kind of support is available and select the one that fits your needs.

Security : certifications like SOC 1, ISO 27001

We should always use reasonable judgment to protect the machines that we deploy ,whether that's on physical server is running on-premise or on virtual machines in the Cloud

Some highly sensitive deployments might warrant specialized security procedures, like 
1) multi-factor authentication, 
2) encrypted file systems, or 
3) public key cryptography. 
But these processes can also be expensive to implement. 

In a way, cloud services are a little like actual clouds. They come in all different shapes and sizes. And sometimes a dark stormy one comes along to rain on your productive day.
But if you prepare an advance with the right security measures and maybe an umbrella, working in the cloud will be nothing but a breeze.

Migrating to the Cloud

IaaS is especially useful to administrators using a lift and shift strategy
When we migrate from traditional server configurations to the Cloud, we lift the current configuration and shift it to a virtual machine.

The key thing to note with both approaches, is that the servers core configurations stay the same. It's the same software that needs to be installed on the machine to provide its functionality, no matter if the server is hosted physically on-site or virtually in the Cloud.

Platform as a Service or PaaS. This is well-suited for when you have a specific infrastructure requirement, but you don't want to be involved in the day-to-day management of the platform.

Containers : are applications that are packaged together with their configuration and dependencies. This makes migrating from one platform to the other super easy. 

1) Public Clouds : The cloud services provided to you by a third party
2) Private Clouds :  When your company owns the services and the rest of your infrastructure, whether that's on-site or in a remote data center
3) Hybrid Clouds : A mixture of both public and private Clouds. The trick to making the most of the hybrid Cloud is ensuring that everything is integrated smoothly.
4) Multi-Clouds : A mixture of public and/or private Clouds across vendors. Using multi-Clouds can be expensive, but it gives you extra protection. If one of your providers has a problem, your service can keep running on the infrastructure provided by a different provider

## Managing Instances in the Cloud

Spinning up VMs in the Cloud

It's a good idea to start just by familiarizing yourself with the platform before you try to do something with it

Name
Region
Zone
Machine Type : Processing units (virtual CPUs), Memory
Boot disk

As a sysadmin, you may need to decide between costs and processing power to fit the needs of your organization.
When setting up instances like these, it's a good idea to start small and scale as needed.

Web UI :  Can be very useful for quickly inspecting the parameters that we need to set. Compare the different options available and even show us an estimation of how much money our selected VM would cost per month. This is great for experimenting
CLI : Scale well if we need to quickly create a bunch of machines or if we want to automate the creation

Reference images : store the contents of a machine in a reusable format
Templating : is the process of capturing all of the system configuration to let us create VMS in a repeatable way
A disk image : is a snapshot of a virtual machine's disk at a given point in time.

Creating a New VM Using the GCP Web UI

cat /etc/lsb-release
curl wttr.in

Customizing VMs in GCP

Remember that a reference image is just a file or configuration that we can deploy repeatedly and with automated tools

git clone https://github.cin/blue-kale/hello
cd hello/
ls -l
./hello_cloud.py
sudo ./hello_cloud.py 80

cat hello_cloud.service
sudo cp hello_cloud.py /usr/local/bin/
sudo cp hello_cloud.service /etc/systemd/system
sudo systemctl enable hello_cloud
sudo reboot

ps ax | grep hello

sudo apt install puppet
./hello/setup_puppet.sh

Templating a Customized VM

UI : Create an instance template VM -> stop VM -> click on machine name -> boot disk -> Create Image -> Fill information
Instance templates -> Create instance template -> Fill information -> boot disk -> choose Custom image (our image) -> Create -> VM instances -> + Create instance -> New VM instance from template -> choose our template -> check information -> Create

CLI : gcloud command
gcloud init
gcloud compute instances create --source-instance-template webserver-template ws1 ws2 ws3 ws4 ws5

## Automating Cloud Deployments

Cloud Scale Deployments

The biggest advantage of using Cloud services is how easily we can scale our services up and down

Load balancer : ensures that each node receives a balanced number of requests
The simplest one is just to give each node one request called round robin. More complex strategies include always selecting the same node for requests coming from the same origin, selecting the node that's closest to the requester, and selecting the one with the least current load.

Autoscaling : It allows the service to increase or reduce capacity as needed while the service owner only pays for the cost of the machines that are in use at any given time.

One of the most popular applications for this caching is called Varnish
The Nginx web server and software also includes this caching functionality
 There's a bunch of providers that do web caching as a service like Cloudflare and Fastly
 
 The most popular applications for this level of caching are Memcached and Redis
 
 Internet
 Entry Point
 Load Balancer Web Cache
 Web Cache
 Load Balancer Web Service
 Web Service
 DB/ Load Balancer DB Cache
     DB Cache

Orchestration

Automation : is the process of replacing a manual step with one that happens automatically.

Orchestration : is the automated configuration and coordination of complex IT systems and services.

The key here is that the configuration of the overall system needs to be automatically repeatable.
These tools typically don't communicate with the Cloud systems through the web interface or the command line. They normally use an application programming interface or API that lets us interact with the Cloud infrastructure directly from our scripts. 

Hybrid Cloud setup, or only part of the services are in the Cloud
Orchestration tools can be a pretty useful tool to make sure that both the on-premise services and the Cloud services know how to talk to each other and are configured with the right settings

Automation is when we set up a single step in a process to require no oversight, while orchestration refers to automating the entire process.

Going back to the website example that we discussed earlier to make sure that the service is running smoothly, we should set up a monitoring and alerting. This lets us detect and correct any problems with our service before users even notice. This is a critical piece of infrastructure but setting it up correctly can take quite some time. By using orchestration tools, we can automate the configuration of any monitoring rules that we need to set, which metrics we want to look for, when we want to be alerted, and so on, and automatically apply these to a complete deployment no matter which datacenter the services are running in

Cloud Infrastructure as Code

Infrastructure as Code, and we called out that storing our infrastructure in a code like format, lets us create repeatable infrastructure, and that using Version control for the storage, means that we can keep a history of what we've done and easily rollback mistakes. These principles also apply to Cloud infrastructure.

This lets us manage large-scale solutions with a small team. We can very quickly have an idea of what the deployment looks like, by looking at the configuration. We can try new things out and roll back if anything goes wrong. We can look at the history of changes to figure out why a specific change was made, and much more.

Most Cloud providers offer their own tool for managing resources as code. Amazon has Cloud Formation, Google has Cloud Deployment Manager, Microsoft has Azure Resource Manager, and OpenStack has Heat Orchestration Templates
An option that's becoming really popular in the Orchestration field, is called Terraform
Puppet itself also ships with a bunch of plug-ins that can be used to interact with the different Cloud providers to create and modify the desired Cloud infrastructure.

When dealing with nodes in the Cloud, there are basically two options. Either they're long-lived and their contents need to be periodically updated, or they are short-lived and updates are made by deleting the old instances and deploying new ones

Long-lived instances : Update periodically
Short-lived instances : Updata when start

## Create VM template and Automate deployment

git clone https://www.github.com/google/it-cert-automation-practice.git
cd ~/it-cert-automation-practice/Course5/Lab3
ls
sudo cp hello_cloud.py /usr/local/bin/
sudo cp hello_cloud.service /etc/systemd/system
sudo systemctl enable hello_cloud.service

gcloud compute instances create --zone us-west1-b --source-instance-template vm1-template vm2 vm3 vm4 vm5 vm6 vm7 vm8
gcloud compute instances list