Cloud Deployment Scenarios

Modified from Mark Baker

CSE 7th B & C

Introduction to Deployment Models

With most organizations focusing on leveraging the cloud in order to cut capital expenditure and control operating costs, there is aggressive growth in business for cloud adoption.The cloud can bring security risks and challenges for IT Management, which can be more expensive for the organization to deal with, even considering the cost saving achieved by moving to the cloud. Therefore, it is very important for businesses to understand their requirements before opting for various deployment models available on the cloud.

2

The cloud isn’t a technology. It’s more of an approach to building IT services - an approach that harnesses the power of servers, as well as virtualization technologies that combine servers into large computing pools and divide single servers into multiple virtual machines. And there are several different deployment models for implementing cloud technologyThere are primarily four cloud deployment models, which are discussed in next slides, along with scenarios in which a business could opt for each. These models have been recommended by the National Institute of Standards and Technology (NIST).A deployment model defines the purpose of the cloud and the nature of how the cloud is located.

3

4

An agency can deploy cloud computing in several different ways

depending upon many factors, such as:

• Where the cloud services are hosted

• Security requirements

• Desire to share cloud services

• The ability to manage some or all of the services

• Customization capabilities.

5

The NIST definition for the four deployment models is as follows:

1. Public cloud: A public cloud is a cloud computing model in which

services, such as applications and storage, are available for general

use over the Internet. A "public" cloud infrastructure is available to

the general public and is owned by a third party cloud service

provider (CSP). In a public cloud, an agency dynamically provisions

computing resources over the Internet from a CSP who shares its

resources with other organizations. The public cloud deployment

model represents true cloud hosting. In this deployment model,

services and infrastructure are provided to various clients.

6

Examples

Google AppEngine, IBM’s Blue Cloud, Amazon Elastic

Compute Cloud (EC2), IBM's Blue Cloud, Sun Cloud and

Microsoft Windows Azure Services Platform are examples

of a public cloud.

This service can be provided by a vendor free of charge or

on the basis of a pay-per-user license policy.

7

This model is best suited for business requirements wherein it

is required to manage load spikes, host SaaS applications,

utilize interim infrastructure for developing and testing

applications, and manage applications which are consumed

by many users that would otherwise require large investment

in infrastructure from businesses.

This model helps to reduce capital expenditure and bring

down operational IT costs.

8

This can be the most cost effective deployment model for agencies as it gives them the flexibility to procure only the computing resources they need and delivers all services with consistent availability, resiliency, security, and manageability. Public Cloud customers benefit from economies of scale, because infrastructure costs are spread across all users, allowing each individual client to operate on a low-cost, “pay-as-you-go” model. Another advantage of public cloud infrastructures is that they are typically larger in scale than an in-house enterprise cloud, which provides clients with seamless, on-demand scalability. These clouds offer the greatest level of efficiency in shared resources; however, they are also more vulnerable than private clouds.

9

Benefits of using a public cloud service

• Easy and inexpensive set-up because hardware, application

and bandwidth costs are covered by the provider.

• Scalability to meet needs.

• No wasted resources because you pay for what you use.

10

Disadvantages

• With this model, customers have no visibility or control

over where the infrastructure is located.

• It is important to note that all customers on public clouds

share the same infrastructure pool with limited

configuration, limited security protections and limited

availability variances.

11

Selection criteria for public cloud

Public cloud is the obvious choice when:– Your standardized workload for applications is used by lots

of people, such as e-mail.– You need to test and develop application code.– You need incremental capacity (the ability to add compute

resources for peak times).– You’re doing collaboration projects.

12

2. Private cloud: A "private" cloud infrastructure is operated solely for a single organization or agency: the Cloud Service Provider (CSP) dedicates specific cloud services to that agency and no other clients. The agency specifies, architects, and controls a pool of computing resources that the CSP delivers as a standardized set of services. A common reason for agencies to procure private clouds is their ability to enforce their own data security standards and controls.An agency will typically host a private cloud on-premises, connect to it through private network links, and only share its resources within the agency. A private cloud is a virtualized data center that operates within a firewall. Private clouds are highly virtualized, joined together by mass quantities of IT infrastructure into resource pools, and privately owned and managed.

13

Private cloud is cloud infrastructure dedicated to a particular organization. Private clouds allow businesses to host applications in the cloud, while addressing concerns regarding data security and control, which is often lacking in a public cloud environment. It is not shared with other organizations, whether managed internally or by a third-party, and it can be hosted internally or externally.

14

There are two variations of private clouds:1. On-Premise Private Cloud: This type of cloud is hosted within an

organization’s own facility. A businesses IT department would incur the capital and operational costs for the physical resources with this model. On-Premise Private Clouds are best used for applications that require complete control and configurability of the infrastructure and security.

2. Externally Hosted Private Cloud: Externally hosted private clouds are also exclusively used by one organization, but are hosted by a third party specializing in cloud infrastructure. The service provider facilitates an exclusive cloud environment with full guarantee of privacy. This format is recommended for organizations that prefer not to use a public cloud infrastructure due to the risks associated with the sharing of physical resources.

15

Undertaking a private cloud project requires a significant level and degree of engagement to virtualize the business environment, and it will require the organization to reevaluate decisions about existing resources. Private clouds are more expensive but also more secure when compared to public clouds. An Info-Tech survey shows that 76% of IT decision-makers will focus exclusively on the private cloud, as these clouds offer the greatest level of security and control.

16

• This model doesn’t bring much in terms of cost efficiency: it is comparable to buying, building and managing your own infrastructure. Still, it brings in tremendous value from a security point of view. During their initial adapt

• ation to the cloud, many organizations face challenges and have concerns related to data security. These concerns are taken care of by this model, in which hosting is built and maintained for a specific client. The infrastructure required for hosting can be on-premises or at a third-party location.

• Security concerns are addressed through secure-access VPN or by the physical location within the client’s firewall system.

17

• Furthermore, for mission-critical applications we need to consider downtime in terms of internet availability, quality and performance. Hence, hosting the application with an on-premises private cloud is the suggested approach.

• In addition to security reasons, this model is adopted by organizations in cases where data or applications are required to conform to various regulatory standards such as SOX, HIPAA, or SAS 70, which may require data to be managed for privacy and audits that govern the corporation. For example, for the healthcare and pharmaceutical industries, moving data to the cloud may violate the norms. Similarly, different countries have different laws and regulations for managing and handling data, which can impede the business if cloud is under different jurisdiction.

• Several SaaS applications, such as SugarCRM, provide options to their clients to maintain their data on their own premises to ensure data privacyis maintained according to the requirements of the particular business. Amazon also provides the option of a virtual private cloud.

18

• Furthermore, for mission-critical applications we need to consider downtime in terms of internet availability, quality and performance. Hence, hosting the application with an on-premises private cloud is the suggested approach.

• In addition to security reasons, this model is adopted by organizations in cases where data or applications are required to conform to various regulatory standards such as SOX, HIPAA, or SAS 70, which may require data to be managed for privacy and audits that govern the corporation. For example, for the healthcare and pharmaceutical industries, moving data to the cloud may violate the norms. Similarly, different countries have different laws and regulations for managing and handling data, which can impede the business if cloud is under different jurisdiction.

19

Several SaaS applications, such as SugarCRM, provide options to their clients to maintain their data on their own premises to ensure data privacyis maintained according to the requirements of the particular business. Amazon also provides the option of a virtual private cloud.

20

Advantages• In Private clouds is cloud infrastructure

dedicated to a particular organization. so it provides more security.

• With this model, customers have full visibility or control over where the infrastructure is located.Disadvantages

• Not cost effective.• Scalability up to defined level.

21

Selection criteria for Private Cloud 1. You need data sovereignty but want cloud

efficiencies2. You want consistency across services3. You have more server capacity than your

organization can use4. Your data center must become more efficient5. You want to provide private cloud services

22

3. Hybrid cloud: A hybrid cloud combines multiple clouds where those clouds retain their unique identities, but are bound together as a unit offering the advantages of multiple deployment models. A hybrid cloud may offer standardized access to data and applications, as well as application portability. In a hybrid cloud, you can leverage third party cloud providers in either a full or partial manner; increasing the flexibility of computing. Augmenting a traditional private cloud with the resources of a public cloud can be used to manage any unexpected surges in workload.

23

Hybrid cloud architecture requires both on-premise resources and off-site server based cloud infrastructure. By spreading things out over a hybrid cloud, you keep each aspect of your business in the most efficient environment possible.

All cloud computing services should offer certain efficiencies to differing degrees but public cloud services are likely to be more cost efficient and scalable than private clouds.

Therefore, an organisation can maximise their efficiencies by employing public cloud services for all non-sensitive operations, only relying on a private cloud where they require it and ensuring that all of their platforms are seamlessly integrated.

24

Hybrid cloud models can be implemented in a number of ways:

• Separate cloud providers team up to provide both private and public services as an integrated service

• Individual cloud providers offer a complete hybrid package

• Organisations who manage their private clouds themselves sign up to a public cloud service which they then integrate into their infrastructure

25

In practice, an enterprise could implement hybrid cloud hosting to host their e-commerce website within a private cloud, where it is secure and scalable, but their brochure site in a public cloud, where it is more cost effective (and security is less of a concern). Alternatively, an Infrastructure as a Service (IaaS) offering, for example, could follow the hybrid cloud model and provide a financial business with storage for client data within a private cloud, but then allow collaboration on project planning documents in the public cloud - where they can be accessed by multiple users from any convenient location.

26

A cloud is hybrid:

• If a company uses a public development platform that sends

data to a private cloud or a data center–based application.

• When a company leverages a number of SaaS (Software as a

Service) applications and moves data between private or data

center resources.

• When a business process is designed as a service so that it can

connect with environments as though they were a single

environment.27

A cloud is not hybrid

• If a few developers in a company use a public cloud service to

prototype a new application that is completely disconnected

from the private cloud or the data center.

• If a company is using a SaaS application for a project but there

is no movement of data from that application into the

company’s data center.

28

A hybrid cloud configuration, such as hybrid hosting, can offer its users the following features:

1. Scalability; whilst private clouds do offer a certain level of scalability depending on their configurations (whether they are hosted internally or externally for example), public cloud services will offer scalability with fewer boundaries because resource is pulled from the larger cloud infrastructure. By moving as many non-sensitive functions as possible to the public cloud it allows an organisation to benefit from public cloud scalability whilst reducing the demands on a private cloud.

2. Cost efficiencies; again public clouds are likely to offer more significant economies of scale (such as centralised management), and so greater cost efficiencies, than private clouds. Hybrid clouds therefore allow organisations to access these savings for as many business functions as possible whilst still keeping sensitive operations secure.

29

3. Security; the private cloud element of the hybrid cloud model not only provides the security where it is needed for sensitive operations but can also satisfy regulatory requirements for data handling and storage where it is applicable.

4. Flexibility; the availability of both secure resource and scalable cost effective public resource can provide organizations with more opportunities to explore different operational avenues.

30

Advantages

• Businesses can use hybrid clouds to take advantage of the scalability and cost-effectiveness offered by the public cloud computing environment without exposing mission-critical applications and data to the vulnerabilities associated with the public cloud option.

• The hybrid cloud model combines the best and most efficient solutions because different types of data can be moved onto whatever platform provides the most efficient environment.

31

Disadvantages

• It is a complex model because it is a combination of multiple clouds.

• The downside is that you have to keep track of multiple cloud security platforms and ensure that all aspects of your business can communicate with each other.

32

4. Community cloud: A community cloud is one where the cloud has been organized to serve a common function or purpose. It may be for one organization or for several organizations, but they share common concerns such as their mission, policies, security, regulatory compliance needs, and so on. A community cloud may be managed by the constituent organization(s) or by a third party i.e. community cloud is a multi-tenant cloud service model that is shared among several organizations and that is governed, managed and secured commonly by all the participating organizations or a third party managed service provider.In the community deployment model, the cloud infrastructure is shared by several organizations with the same policy and compliance considerations. This helps to further reduce costs as compared to a private cloud, as it is shared by larger group.

33

• Various state-level government departments requiring access to the same data relating to the local population or information related to infrastructure, such as hospitals, roads, electrical stations, etc., can utilize a community cloud to manage applications and data.

• A "community" cloud infrastructure is procured jointly by several agencies or programs that share specific needs such as security, compliance, or jurisdiction considerations. The agencies or CSP may manage the community cloud and may keep it on-premises or off-premises.

• When agencies have a common set of requirements and customers, a community cloud enables them to combine assets and share computing resources, data, and capabilities. By eliminating the duplication of similar systems, agencies can save money and allocate their scarce resources more efficiently. Procuring a community cloud is also a way that an agency can advance the Federal IT Shared Service Strategy. 34

Selection criteria for community clouds

Here are a couple of situations where a community cloud environment is best:– Government organizations within a state that need to

share resoures– A private HIPAA compliant cloud for a group of

hospitals or clinics– Telco community cloud for telco DR to meet specific

FCC regulations

35

Cloud computing is about shared IT infrastructure or the outsourcing of a company's technology. It is essential to examine your current IT infrastructure, usage and needs to determine which type of cloud computing can help you best achieve your goals. Simply, the cloud is not one concrete term, but rather a metaphor for a global network and how to best utilize its advantages depends on your individual cloud focus.Cloud computing is not a “silver–bullet” technology; hence, investment in any deployment model should be made based on business requirements, the criticality of the application and the level of support required.

36

Virtual Private Cloud (VPC)

A virtual private cloud (VPC) is the logical division of a public cloud service provider's multi-tenant architecture to support private cloud computing in a public cloud environment. i.e.A virtual private cloud (VPC) is a hybrid model of cloud computing in which a private cloud solution is provided within a public cloud provider’s infrastructure.

VPC is a cloud computing service in which a public cloud provider isolates a specific portion of their public cloud infrastructure to be provisioned for private use. The VPC infrastructure is managed by a public cloud vendor; however, the resources allocated to a VPC are not shared with any other customer.

37

VPCs were introduced specifically for those customers interested in taking advantage of the benefits of cloud computing but who have concerns over certain aspects of the cloud. Common concerns involve privacy, security and the loss of control over proprietary data. In response to this customer need, many public cloud vendors designed a VPC offering a part of a vendor’s public infrastructure but having dedicated cloud servers, virtual networks, cloud storage and private ID addresses, reserved for a VPC customer.

VPCs are sometimes referred to as private clouds, but there is a slight difference as VPCs are private clouds sourced over a third-party vendor infrastructure rather than over an enterprise IT infrastructure. Examples for VPCs include Amazon VPC, launched in August, 2009, and Google App Engine, where the VPC feature is supported through the secure data connector product launched in April, 2009. 38