Cloud Computing Notes –
A.Thomas TC Oct 2011
Cloud computing is intended to let you
build, test, run, and deploy applications
securely at less cost and effort than using
conventional IT resources.
The US National Institute for Standards
and Technology (NIST) published the first
cloud computing standards in September
Definition of cloud networking
Reference architecture for cloud
Computer Security and risks for
The industry is evolving with various types
of cloud computing.
Public, Private, & Hybrid clouds
Open vs Proprietary cloud platforms
IaaS, PaaS, SaaS – Infrastructure, Platforms Software and Storage as cloud utility services
Cloud Application Development and API’s
Existing IT infrastructures can be transformed, and applications ported to offer cloud services, while
applications may be specifically developed for optimal use of cloud resources and portability of applications.
Specialist expertise is needed, as new generations of management, API’s and development tools evolve.
Some key cloud terms, players and technology are
Cloud Tenants : A ―consumer‖ of cloud services – using an application, VM’s or storage.
Operating system/server virtualisation, Application, and User/Desktop virtualisation.
Hypervisors : OpenStack, Citrix Xen, Oracle VirtualBox, VMware
Virtual Machines (VM’s) – Ability to host multiple servers – with separate IP addresses, operating
system, compute and storage - sharing the same hardware resources.
OVF - Open Virtualisation Format – ―virtual appliance‖ application packaging.
Application Virtualisation – Microsoft App-V, VMware ThinApp, Citrix XenApp.
Virtual IO – Ability to handle the I/O for each VM from the network and storage devices.
Cloud application programming languages and frameworks - Java, ColdFusion, PHP, Ruby,
Apache Tomcat, VMware Spring, vFabric.
NIST defines cloud computing as a model for enabling ubiquitous, convenient, on-demand network access to a
shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services)
that can be rapidly provisioned and released with minimal management effort or service provider interaction.
There are five essential elements and three service definitions.
Five essential elements of cloud computing are:
1. On-demand self-service. A consumer can unilaterally provision computing capabilities, such as server time
and network storage, as needed automatically without requiring human interaction with each service’s provider.
2. Broad network access. Capabilities are available over the network and accessed through standard mechanisms
that promote use by heterogeneous thin or thick client platforms (e.g., blackberry’s, laptops, iPhones etc)
3. Resource pooling. The provider’s computing resources are pooled to serve multiple consumers using a multi-
tenant model, with different physical and virtual resources dynamically assigned and reassigned according to
consumer demand. There is a sense of location independence in that the customer generally has no control or
knowledge over the exact location of the provided resources but may be able to specify location at a higher level
of abstraction (e.g., country, state, or datacenter). Examples of resources include storage, processing, memory,
network bandwidth, and virtual machines.
4. Rapid elasticity. Capabilities can be rapidly and elastically provisioned, in some cases automatically, to
quickly scale out and rapidly released to quickly scale in. To the consumer, the capabilities available for
provisioning often appear to be unlimited and can be purchased in any quantity at any time.
5. Measured Service. Cloud systems automatically control and optimize resource use by leveraging a metering
capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth,
and active user accounts). Resource usage can be monitored, controlled, and reported, providing transparency
for both the provider and consumer of the utilized service.
Cloud Service Offerings are defined as:
Cloud Software as a Service (SaaS). The capability provided to the consumer is to use the provider’s
applications running on a cloud infrastructure. The applications are accessible from various client devices
through a thin client interface such as a Web browser (e.g., Web-based email). The consumer does not manage
or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even
individual application capabilities, with the possible exception of limited user specific application configuration
settings. For example Salesforce.com and Google.
Cloud Platform as a Service (PaaS). The capability provided to the consumer is to deploy onto the cloud
infrastructure consumer-created or acquired applications created using programming languages and tools
supported by the provider. The consumer does not manage or control the underlying cloud infrastructure
including network, servers, operating systems, or storage, but has control over the deployed applications and
possibly application hosting environment configurations. For example Amazon
Cloud Infrastructure as a Service (IaaS). The capability provided to the consumer is to provision processing,
storage, networks, and other fundamental computing resources where the consumer is able to deploy and run
arbitrary software, which can include operating systems and applications. The consumer does not manage or
control the underlying cloud infrastructure but has control over operating systems, storage, deployed
applications, and possibly limited control of select networking components (e.g., host firewalls). For example
British Telecom VDC
The three service offerings are layered in that IaaS could host PaaS and provide a SaaS service. Standards for
API’s are emerging for On-demand self-service of the services. The Open Cloud Computing Interface (OCCI)
is a RESTful Protocol and API for all kinds of management tasks. OCCI was originally initiated to create a
remote management API for IaaS model-based services, allowing for the development of interoperable tools for
common tasks including deployment, autonomic scaling and monitoring. The current release of the Open Cloud
Computing Interface is suitable to serve many other models in addition to IaaS, including PaaS and SaaS
Traditional IT vendors are responding to cloud with different strategies. For example VCE - a company formed
by EMC, Intel,Cisco and Vmware, offers ready-built ―Vblocks‖ that a service provider can procure and deploy
―out-of-the-box‖ to offer IaaS. EMC offers Atmos that a service provider can readily deploy to offer PaaS cloud
storage services. Others such as Microsoft (Azure) offer cloud services hosted in their own datacenters.
OpenStack Founded by Rackspace Hosting and NASA, is a global collaboration of developers and cloud
computing technologists producing the ubiquitous open source cloud computing platform for public and private
clouds. The project aims to deliver solutions for all types of clouds by being simple to implement, massively
scalable, and feature rich. All of the code for OpenStack is freely available under the Apache 2.0 license
Virtualization enables virtual machines (VMs) to be transported between physical servers for load balancing.
The virtualization component is provided by a layer of software called a hypervisor (sometimes called a virtual
machine monitor [VMM]). This layer provides the ability to execute multiple operating systems (and their
applications) simultaneously on a single physical machine. On the hypervisor is an object called a virtual
machine that encapsulates the operating system, applications, and configuration. Optionally, device emulation
can be provided in the hypervisor or as a VM.
Mainframes and proprietary UNIX (HP-UX, Solaris and AIX) support server partitioning, to support multiple
servers on the same frame, but there is no ―VM‖ standard to easily port applications between them. Ex- Sun
Solaris Logical Domains - Oracle VM Server for SPARC provides virtualization via the SPARC hypervisor,
with up to 128 virtual servers per T-Series server. HP nPartitions (nPars) and HP-UX Virtual Partitions (vPars)
are implemented in hardware, firmware or software. HPUX Containers (formerly HP-UX Secure Resource
Partitions) provide isolated file and user name space. AIX supports workload partitions - LPARS, WPARS.
Oracle Virtualbox supports x86 and AMD64/Intel64 virtualization for corporate and home use is freely
available as Open Source. It supports Windows, Linux, Macintosh, and Solaris hosts and supports a large
number of guest O/S including Windows (NT 4.0, 2000, XP, Server 2003, Vista, Windows 7), DOS/Windows
3.x, Linux (2.4 and 2.6), Solaris and OpenSolaris, OS/2, and OpenBSD.
There are two types of virtualization: In full virtualization, the guest operating system runs on top of a
hypervisor that sits on the bare metal. The guest is unaware that it is being virtualized and requires no changes to
work in this configuration. Conversely, in paravirtualization, the guest operating system is not only aware that it
is running on a hypervisor but includes code to make guest-to-hypervisor transitions more efficient
OVF: Open Virtualisation Format - For portability of applications, a standard developed by DTMF with Dell,
HP, IBM, Microsoft, VMware and XenSource - OVF is a virtual machine standard that provides a flexible,
secure, portable and efficient way to package and distribute virtual machines. Called virtual appliances, you can
package a virtual machine (VM) in OVF and distribute it for deployment on a hypervisor. The OVF file is an
XML file that describes a virtual machine and its configuration. Applications can be packaged and optimised for
cloud deployment, as multiple virtual machines, packaged and maintained as a single entity in OVF format. For
instance an application package may comprise the web server, application server and database server.
Hypervisors that support OVF include VMware, Oracle VirtualBox, Citrix XenServer, IBM AIX running on
Power systems, Microsoft Hyper-V and IBM Mainframe Linux z/VM.
There are various categories of virtual appliances, such as ―Open‖ – where the guest VM O/S may be separately
maintained, or ―Closed‖ – where the application software and guest O/S are deployed and maintained as a unit.
For efficiency, JeOS (Just enough Operating System) - a variant of the guest O/S with only the features required
to support the application called may be used.
Converting Physical to Virtual – P2V. A number of utilities exist to manage VM images (VMIs) as well as
convert them to and from other formats. Free utilities such as VMware Studio and Citrix Kensho OVF tools are
available to create and convert VM’s and virtualise applications.
Virtual networking - a virtual switch is used to optimize network communication among VM’s, that behaves
like a physical switch, but is virtualized into the platform. Virtualized interfaces (VIFs) associated with the VMs
communicate through the virtual switch to the physical interfaces (PIFs). Open source is addressing, with Open
vSwitch. In addition to providing a virtual switch for virtual environments, the vSwitch can also integrate across
physical platforms and provide enterprise-level features like virtual local area networks (VLANs), priority-based
Quality of Service (QoS), trunking, and support for hardware acceleration (such as single-root I/O virtualization
[IOV] network adapters). The Open vSwitch supports the range of Linux-based virtualization solutions (Xen,
KVM, VirtualBox) and management standards (Remote Switched Port Analyzer [RSPAN], NetFlow, etc.).
I/O technologies - A scalable and balanced Web architecture depends upon the ability to balance Web traffic
across the servers that implement the back-end functionality. Apache Traffic Server™ is fast, scalable and
extensible HTTP/1.1 compliant caching proxy server. Traffic Server encapsulates a large number of capabilities
in one package for cloud infrastructures, including session management, authentication, filtering, load
balancing, and routing.
For Fiber channel SAN’s, NPIV (N_port ID Virtualisation) enables Host Bus Adapter port virtualisation by VM
SAN port segregation, and is used by the main hypervisors VMware, Xen, Hyper-V, AIX etc.
Xen Cloud Platform - The Xen Cloud Platform (XCP) is an open source enterprise-ready server virtualization
and cloud computing platform, delivering the Xen Hypervisor with support for a range of guest operating
systems including Windows® and Linux® network and storage support, management tools in a single, tested
installable image. XCP was originally derived from Citrix XenServer. Today, the XCP code is licensed under
the GNU General Public License (GPL2) and is available at no charge in both source and binary format. XCP is,
and always will be, open sourced, uniting the industry and the Xen ecosystem to speed the adoption of
virtualization and cloud technologies and actively works with open source and open standards to help solve
challenges in cloud mobility
Citrix Xenserver uses Xen as the hypervisor while incorporating other open source capabilities such as the
Open vSwitch. An interesting advantage to the Xen solution is the focus on standards-based management
(including OVF, Distributed Management Task Force [DTMF], the Common Information Model [CIM], and
Virtualization Management Initiative [VMAN]) from the project Kensho. The Xen management stack supports
SLA guarantees, along with detailed metrics for charge-back.
Server configuration management (CM) tools can help you create patterns or recipes which you can use to
build lots of identical servers, or cloud instances, or re-use in different places and for different applications.
Puppet, Chef, cfengine, and Bcfg2 are all players. For Linux, popular technologies are Puppet and Opscode
Chef. Puppet has many organisations including Google, and is an open source package designed for data center
cloud infrastructures. Although not designed solely for virtualized infrastructures, it simplifies the management
of large infrastructures by abstracting the details of the peer operating system.
Infrastructure management - Larger-scale infrastructure management (managing many hypervisors and even
more VMs) can be accomplished in a number of ways. Two of the more common solutions are each built from
the same platform (libvirt). The oVirt package is an open VM management tool that scales from a small number
of VMs to thousands of VMs running on hundreds of hosts. The oVirt package, developed by Red Hat, is a
Web-based management console that, in addition to traditional management, supports the automation of
clustering and load balancing. The oVirt tool is written in the Python language. VirtManager, also based on
libvirt and developed by Red Hat, is an application with a GTK+ UI (instead of being Web-based like oVirt).
VirtManager presents a much more graphically rich display (for live performance and resource utilization) and
includes a VNC client viewer for a full graphical console to remote VMs.
Virtual Infrastructure Managers
orchestrate storage, network and
virtualization technologies to enable the
dynamic placement of multi-tier services
(groups of interconnected virtual machines)
on distributed infrastructures, combining
both data center resources and remote cloud
resources, according to allocation policies.
VMware Vcloud Director is a proprietary
management package for VMware cloud
OpenNebula provides internal and Cloud
administration and user interfaces for the full
management of the Cloud platform.
Eucalyptus - Eucalyptus (for Elastic Utility Computing Architecture for Linking Your Programs to Useful
Systems). Its interface is compatible with Amazon Elastic Compute Cloud (Amazon EC2 — Amazon's cloud
computing interface). Additionally, Eucalyptus includes Walrus, which is a cloud storage application compatible
with Amazon Simple Storage Service (Amazon S3 — Amazon's cloud storage interface). Eucalyptus supports
KVM/Linux and Xen for hypervisors and includes the Rocks cluster distribution for cluster management.
OpenQRM - data center management platform, provides a single console to manage a virtualized data center
pluggable to permit integration of third-party
tools. OpenQRM integrates support for high
availability (through redundancy) and
supports of hypervisors, including
KVM/Linux, Xen, VMware, and Linux
VServer Other examples are Platform ISF
and Nimbus - focused on scientific
computing. With Nimbus, you can lease
remote resources (such as those provided by
Amazon EC2) and manage them locally
(configure, deploy VMs, monitor, etc.).
Nimbus morphed from the Workspace
Service project (part of Globus.org).
Dependent on Amazon EC2, Nimbus
supports Xen and KVM/Linux.
IT service Management (ITSM) packages such as EMC IONIX IT Orchestrator (ITO) can be used for self-
service portals & automated cloud data center services provisioning, using ―adapters‖ for applications such as
Tivoli Netcool, BMC event manager, MS system center, EMC Unified Infrastructure Manager & VMware.
IONIX uses iWave’s Cloud Management solution to provide the technology for enterprise orchestration of
product-level orchestrators — and provides a layer of abstraction between user interaction and infrastructure
components. iWave adapters support an ITIL-based common data model to simplify implementation and span
data center disciplines including service desk event, configuration, change management, storage, provisioning,
virtualization, CMDBs and business applications including SAP™. Universal adapters are available for in-house
or custom applications. fluidOps eCloudmanager for EMC is a cloud management solution for SAP Landscape
as a service (LaaS), for private and public cloud management and monitoring.
Joyent – Joyent is the only cloud computing company that has developed a complete software stack, runs a
major public cloud on that stack, and offers its cloud data center software to any company that wants to build a
cloud. Joyent licenses its cloud software, SmartDataCenter using SmartOS, to service providers, like Dell, who
deliver cloud services to their own customers. In addition, Joyent runs an instance of SmartDataCenter for some
of the most innovative companies in the world, such as LinkedIn, Gilt Groupe and Kabam. JoyentCloud.com is
a public cloud service that delivers enterprise-class performance and scalability to some of the most innovative
companies in the world, including LinkedIn, Gilt Groupe and Kabam. Joyent offerings also include Platform-as-
embraced by enterprises and telcos around the world, including Microsoft and HP. Joyent is also the key
contributor to and sponsor of Joyent SmartOS, the open source project dedicated to the complete, modern
SaaS and Application Development (AD) for the Cloud - Microsoft .NET and Java Platform, Enterprise
Edition (Java EE) are common AD technologies. Platforms and languages are becoming targeted: Client side,
Server side, User interface (UI), batch and online transaction processing (OLTP). Others are specialized for —
industry-specific or technology-specific (e.g., Web UI). There are new segments in platforms and programming
languages, such as PHP, Python, Ruby and Scala, based on dynamic, functional, and domain-specific
Mobile, cloud, context-aware and social computing scenarios enable — and often, necessitate — different
architectural, programming, testing and user experience skills than traditional enterprise applications.
Furthermore, mobile and cloud scenarios are potentially disruptive to business, and business disruptions often
create discontinuous changes in IT. In the past, such discontinuities also led to changes in application platforms
(from transaction processing managers to application servers), programming languages (from COBOL to Java)
and development paradigms (from monolithic to Web-based and distributed).
Platform as a Service (PaaS). Varients of PaaS are various types of cloud or ―dropbox‖ data storage services,
such as AT&T Synaptic Storage as a Service, Oxygen and Amazon's Simple Storage Service (S3). They
provide simple web services that can be used to store and retrieve any amount of data, at any time, from
anywhere on the web. Oxygen offers iPad, iPhone, Android and Windows access. Amazon also offers
structured data storage with its SimpleDB service that allows structured data to be saved and queried.
There are several organisations attempting to lead cloud standards and API’s. With the reported backing of
IBM and Microsoft as well as other cloud specialists, Zend Technologies has started an open source project that
is to provide developers with a programming interface for implementing cloud services that run on several
different platforms. The Zend "Simple API for Cloud Application Services" is intended to allow programmers to
run normal applications in cloud environments and develop cloud applications without having to adapt the
source code to access the environments.
Applications will reportedly be executable on all major cloud platforms, for example on IBM Cloud Computing,
Microsoft’s Azure, Nirvanix Storage Delivery Network, Rackspace and GoGrid. The providers of all these
platforms are among the co-founders of the project. The supported platforms also include Amazon Web
Services (AWS), although not part of the initiative.
Architecture for specialized platforms - Highly specialized platforms are the most intrusive when it comes to
architecture. They have many considerations you'll need to address when you design an application that runs on
these clouds. Of course, they bring unique benefits that compensate for the restrictions. The Google App Engine
is a good example. When you create an application for the Google App Engine, the only thing you create is the
application source code and any static assets (images, for example) that it needs. You have no control over the
application server or data access. There's a good reason for this: The App Engine provides highly scalable
solutions. However, you need to understand the infrastructure that the App Engine provides. Google provides an
API (the Google Query Language) for accessing the App Engine's data store. This is intentionally very similar
to SQL, making it easier for you to start using the data store. The data store is not a relational database; it's
closer to a simple file system.
Simple access is a little slower than a simple query (find a single object by primary key) to a database.
Relational queries, such as table joins, are possible, but they are implemented by multiple sequential queries.
They're considerably slower than a join on a relational database, but, as a result, it is much harder to create a
query that overwhelms the data store.
To take advantage of data store, it is often advised to de-normalize your data, allowing for related data to be
stored together and retrieved together. For example, imagine storing user information where each user can have
several phone numbers. This is a classic one-to-many relationship, and would usually be modeled for a database
as a user table and a phone number table, where the phone number table contains a foreign key to the user table.
You could certainly model it the same way with Google's data store, but it would be more efficient to
encapsulate the phone number as part of the user (as a list or an array of phone numbers). A single query to the
data store would return everything you need.
The Google App Engine is not the only cloud computing platform that uses this model. One of Amazon's
platforms, the SimpleDB, works in an identical fashion. You could run MySQL, Postgres, or any other database
on EC2, but SimpleDB is easy to use and provides certain scalability benefits (scaling horizontally is much
easier when you essentially do not allow joins). You can reap many benefits by using specialized platforms, but
there are characteristics you must keep in mind when designing an application that will run on them. It can often
be simpler to use a basic cloud computing platform
IaaS service providers such as Amazon EC2 or Joyent , give you great freedom to run any software you want on
their cloud. There are fewer restrictions to your architecture. If you're architecting for a basic platform, you can
approach it almost as if you owned all of the platform yourself. How would you design your application if you
were going to run it in your own data center, or on servers leased from a colocation provider? You probably do
not need to change the design that much if you want to run the application on a cloud computing platform
You can run Web applications on basic platforms, just as you would with a specialized platform like the Google
App Engine, but you get to use whatever application server or database you want. Of course, the downside is
that you need to set up, install, configure, and manage all of this infrastructure. The cloud platform is not going
to help you out much.
Amazon EC2 - EC2 is powered by the open source Xen virtualization software. To start working with EC2,
you need an Amazon Machine Instance (AMI). An AMI is a full machine image, with operating system,
applications, etc. There are many common AMIs available from Amazon and the EC2 community, with either
Microsoft Windows® or Linux®, plus various suites of open source software, such as the Apache Web server,
MySQL, and Python interpreter. If you do not find an AMI that suits your needs, Amazon provides tools for
creating your own AMI that you can either keep private or share with the community. A large ecosystem has
grown around these Web services to make it easier to manage EC2 instances. For example, there is a Firefox
extension called Elasticfox that can be used to manage and launch AMIs straight from Firefox
This next pages outlines cloud service providers: Microsoft Azure, Google App Engine, Heroku, Ning, and
Microsoft Azure – Windows Azure and SQL Azure enable you to build, host and scale applications in
Microsoft datacenters. They require no up-front expenses, no long term commitment, and enable you to pay
only for the resources you use. It includes a "hypervisor" for provisioning machine instances dynamically. It is
designed to run any .NET application. Server-based .NET applications would be the natural pick to move to this
cloud. Microsoft offers many of its server-based products, such as Exchange, running in the cloud on Azure
The Azure platform also offers other services, including SQL Services, which is a highly scalable SQL server
database, and Live Services, which are Web services into many popular Microsoft applications for searching,
photo sharing, instant messaging, etc. Azure also offers tight integration with Microsoft's IDE, Visual Studio®,
making it easy to run, test, and deploy applications to the Azure PaaS. It is possible to leverage many Windows
technologies for securing access and managing any applications running on Azure.
Google App Engine - launched in 2008 has no provisioning; you simply deploy your application to it — you
can do this for free. However, App Engine usage is capped off, and you can buy additional CPU usage, storage,
and bandwidth as needed, similar to other cloud platforms. The Google App Engine provides a robust
development environment that only supports Python. It provides numerous services on top of Python. User
management is integrated with Google. For example, people log in to your app with the same credentials they
would use to log in to Google Mail. There is a data-store API for storing structured data. Storage and retrieval
from the data store are similar to using a relational database, but they're entirely proprietary to Google. It is
based on Google's proprietary distributed file system, GFS. Google supports Python only, which is open source,
but everything else involved is effectively proprietary (though Google is likely using many open source
technologies behind the scenes). The Google App Engine does not offer any type of data backup solutions,
though the underlying data store is designed to be highly fault-tolerant.
Heroku - only supports Rails, and, as such, it is heavily tailored to Rails. With Heroku, you simply add a Ruby
gem to your local setup, and you can immediately issue commands to deploy and run your application on the
Heroku cloud. Alternatively, you can deploy from a Git repository. You can even access and edit your code
directly from a Web browser. You can use any Ruby gem or Rails plug-in you want with your application.
Heroku runs on top of Amazon EC2, so computing power can expand elastically. Heroku offers free services
with its Heroku Garden. There you can deploy and test your application in the cloud for free. Once you are
ready to take on more traffic or need fault tolerance, you can graduate your application to the main Heroku
Ning platform - allows users to create their own social networks. This is usually through pure configuration,
adding pages, adding widgets to pages, configuring widgets, etc. With Ning, you can also download the source
code of your network, modify it as you see fit, and run it on the Ning cloud. The network code is in simple PHP,
so that's all you need to know to start creating your own social-networking application. Ning is similar to the
Google App Engine in that it provides a data-store API instead of a relational database. It also provides many
Ning APIs that provide access to the social-networking infrastructure. You can deploy by simply uploading your
code, and there is provisioning of hardware. Ning monetizes your network with ads, and by capping your
storage and bandwidth. You can remove the ads and add more storage and bandwidth capacity for a fee.
With the Force.com platform, you can create your own applications that run on the same type of cloud
infrastructure used by Salesforce for its CRM application. Enterprises use the AppExchange to find and
"install" these applications to make them available to their users. This is similar to Facebook applications, where
the application runs seamlessly as part of the main Salesforce applications. To create an application for running
on Salesforce, you program in Apex, which is a proprietary language similar to the Java programming language.
This is the same language used by Salesforce engineers to create their CRM applications.