Posted on 01 Jan 2019
In this article, I would like to talk about Cloud Computing. I will try to explain what it really is, its advantages and its main characteristics.
Before to start let’s explain how a web application works in the traditional IT world. Imagine the application is a simple static website www.example.com with a single home page (index.html). A user types the domain in the browser’s address bar, the application asks a DNS server to translate that mnemonic name into an IP address. Then, the browser sends a GET request over the HTTP protocol to the 188.8.131.52 server for its home page. Finally, the request goes over the Internet, arrives at the server that replies back with the index.html file.
A server is a computer with its own CPU and Memory (its Brain) and a long-term storage system (i.e. files or database) where there is the index.html file.
Imagine you are Sergey Brin in the ’90 and you have a bright idea for a web application. In that era, probably you would have started your business in the garage of your home.
However, to make it available over the Internet you needed to set up a server, power it up, cable all the network devices, configure disks, provide 27×7 support, and much more. All this infrastructural work is not your core business but it is required if you want to make available your idea over the Internet.
Now if your idea is really bright like Google, probably your business grows and you need to add more servers and create a more complex architecture. Probably you need to move into an office and create a data center for your servers.
The questions now are: why you should care about infrastructure when your core business is just providing a service to your users? Why waste your time with IT tasks, network architectures, servers, and so on? Is it possible to reduce the time to market? Is it possible to externalize all this stuff?
The answer is Yes. The solution is Cloud Computing.
In recent years, the demand to reduce software applications’ time to market is increasing. Business owners spend the majority of their time managing infrastructure and stuff that were outside their business scope. Why manage an infrastructure if there are software companies that can do it better at a lower cost? From here the idea to let big companies (i.e. Amazon, IBM, Google, and others) do what they do the best: manage infrastructure. This will allow business owners to focus on their real business.
This is the definition of Cloud Computing according to the National Institute of Standards and Technology (NIST):
Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model is composed of five essential characteristics, three service models, and four deployment models.
Cloud computing provides a simple way to access servers, storage, databases, and a broad set of application services over the Internet with a pay-as-you-go pricing model. With cloud computing, you don’t need to make large up-front investments in hardware and spend a lot of time managing it. Instead, you can provision exactly the right type and size of computing resources you need to power your newest bright idea.
In order to better understand what Cloud Computing means, we go through the five essential characteristics, the three service models, and the four deployment models.
A system to comply with the Cloud Computing model needs to meet five essential characteristics:
Photo from http://moderncloudcomputing.blogspot.com
The Cloud Computing service models are essentially five:
Traditionally, the first models on the market were IaaS, PaaS, and SaaS. To understand the difference between these three models, it is important to take a look at the following figure.
It helps us to understand the real problem that we are trying to address with Cloud Computing. Basically, before the Cloud a business owner to turn his idea into reality needed to manage an infrastructure that distracted him from his real goal. Cloud Computing’s goal is precisely to turn ideas into products or services in the shortest time possible.
Suppose you are a business owner that has an idea and wants to transform it into a software product. In the following section, you’ll see what happens in the three services model.
As explained above, in the traditional On-Premise Environment, you will manage the whole application stack. You have to buy a server, rent a place where to keep it, connect it to power and the network, connect the disks, install the operating system and possibly the middleware (i.e. Tomcat) and the runtime (i.e. Java), and only when everything is ready (which usually requires months of work) you can focus on your application code and data. In addition, you will also be responsible for maintaining the entire stack, which means upgrading the hardware if the business grows, patching the operating system, middleware, and runtime updates as well as any security patches.
In the IaaS model, the Cloud system will provide Compute, Storage, and Network. For example, it gives you the possibility to order a virtual machine in a few minutes, deploys it in a network, attach a disk to it, and run a basic operating system.
In the PaaS model, in addition to the physical devices and the operating system, the Cloud system is also responsible to provide middleware (i.e. Tomcat) and Runtime (i.e. JDK) for your applications. You will no longer have to worry about maintaining these two additional stack levels because the system itself will take care of them. In addition, a PaaS platform often provides additional services that the application can use out of boxes such as databases, artificial intelligence, security, blockchains, and much more.
In the SaaS model, the application itself with its data will also be managed by the Cloud system. You can use it out of the box without having any knowledge of where this application runs and where the data resides. A typical example of a SaaS application is Gmail.
In recent years, new service models were born in Cloud offerings: Container as a Service (CaaS) and Function as a Service (FaaS).
In the CaaS model, a new Containers layer exists that manages containers using tools like Kubernetes, Docker, and others. The platform is responsible to manage the lifecycle of the Container services while the customer is responsible for the containerized applications.
In the FaaS model, the platform is responsible to manage the data and the customer will be responsible only to write application functions that will run specific tasks.
When people approach the Cloud world they have a lot of questions about the responsibility of the activities to run on the system. For example, who is responsible to keep an operating system updated? Who should apply security patches? Who is responsible for the compliance of a machine? There could be millions of questions like this, and the answer to them is only one: it depends on the service model.
In the services models above there is a precise separation of duty between the Cloud provider and the customer. For example, in the IaaS service model, the Cloud provider allows you to create a VM instance with an Operating System running on it. In AWS, for example, if you choose Linux Ubuntu then you’ll be responsible to keep it up to date.
In a PaaS service model, the Cloud Provider will be responsible for the middleware and runtime as well, while the customer will be responsible for the application and data.
Therefore, whenever you have doubts about the responsibility of actions, consider the service model you are adopting, consider the separation of duty above in order to find an answer to your doubts.
Photo from https://www.percona.com
Cloud Computing systems can be deployed according to four deployment models:
One of the advantages of the Cloud platform is to go global in minutes and create resilient applications using services replicated in multiple availability zones. This is achieved using the Cloud Providers’ Global Infrastructure. Usually, they deploy their platform over multiple Regions on the globe.
The following figure shows an example of the Amazon Web Services (AWS) Global Infrastructure.
The basic idea is that applications, services, and data should live as close as possible to customers in order to reduce latency. However, not necessarily all applications, services, and data are replicated over multiple regions. Each region can have one or multiple Availabilities Zone (AZ). An Availability Zone has one or more data centers connected to each other with a low latency network.
The basic idea is that a service can be replicated over multiple data centers so that it will be resilient even to unexpected data center shutdown.
Customers with traditional On-Premis systems in addition to managing hardware infrastructure, need to take care of security and compliance as well. This has a huge cost because they need to define the security guidelines, deploy and maintain tools to monitor it.
Cloud Provider provides security and compliance built-in in their architecture with almost no cost for customers. Obviously, depending on the service models there could be security and compliance aspects that are under customer responsibility.
As a customer, you inherit all the best practices of policies, architecture, and operational processes built to satisfy the requirements of most security-sensitive customers.
Using a Cloud platform you will have several benefits from a security and compliance point of view:
The 6 main benefits offered by the Cloud platforms are:
Cloud Providers provide a lot of services in their ecosystems you can use to build your applications. In fact, you can buy a server with storage and networking, a repository to backup your data, and much more. Let’s consider the main categories.
In the next article, we will see how these theoretical concepts map themselves into practice by analyzing one of the most popular cloud platforms on the market.