Cloud Computing Architecture

Cloud Computing architecture comprises of many cloud components, which are

loosely coupled. We can broadly divide the cloud architecture into two parts:

 Front End
 Back End
Each of the ends is connected through a network, usually Internet. The following
diagram shows the graphical view of cloud computing architecture:

Front End
The front end refers to the client part of cloud computing system. It consists of
interfaces and applications that are required to access the cloud computing
platforms, Example - Web Browser.

Back End
The back End refers to the cloud itself. It consists of all the resources required to
provide cloud computing services. It comprises of huge data storage, virtual
machines, security mechanism, services, deployment models, servers, etc.
Note
 It is the responsibility of the back end to provide built-in security mechanism,
traffic control and protocols.
 The server employs certain protocols known as middleware, which help the
connected devices to communicate with each other.
 Cloud infrastructure consists of servers, storage devices, network, cloud
management software, deployment software, and platform virtualization.

 Hypervisor
 Hypervisor is a firmware or low-level program that acts as a Virtual
Machine Manager. It allows to share the single physical instance of cloud
resources between several tenants.
 Management Software
 It helps to maintain and configure the infrastructure.
 Deployment Software
 It helps to deploy and integrate the application on the cloud.
 Network
 It is the key component of cloud infrastructure. It allows to connect cloud
services over the Internet. It is also possible to deliver network as a utility
over the Internet, which means, the customer can customize the network
route and protocol.
 Server
 The server helps to compute the resource sharing and offers other services
such as resource allocation and de-allocation, monitoring the resources,
providing security etc.
 Storage
 Cloud keeps multiple replicas of storage. If one of the storage resources fails,
then it can be extracted from another one, which makes cloud computing
more reliable.
 Infrastructural Constraints
 Fundamental constraints that cloud infrastructure should implement are
shown in the following diagram:

 Transparency
 Virtualization is the key to share resources in cloud environment. But it is not
possible to satisfy the demand with single resource or server. Therefore,
there must be transparency in resources, load balancing and application, so
that we can scale them on demand.
 Scalability
 Scaling up an application delivery solution is not that easy as scaling up an
application because it involves configuration overhead or even re-architecting
the network. So, application delivery solution is need to be scalable which will
require the virtual infrastructure such that resource can be provisioned and
de-provisioned easily.
 Intelligent Monitoring
 To achieve transparency and scalability, application solution delivery will
need to be capable of intelligent monitoring.
 Security
 The mega data center in the cloud should be securely architected. Also the
control node, an entry point in mega data center, also needs to be secure.
 Public Cloud allows systems and services to be easily accessible to general
public. The IT giants such as Google, Amazon and Microsoft offer cloud
services via Internet. The Public Cloud Model is shown in the diagram below.


 Benefits
 There are many benefits of deploying cloud as public cloud model. The
following diagram shows some of those benefits:


 Cost Effective
 Since public cloud shares same resources with large number of customers it
turns out inexpensive.
 Reliability
 The public cloud employs large number of resources from different
locations. If any of the resources fails, public cloud can employ another one.
 Flexibility
 The public cloud can smoothly integrate with private cloud, which gives
customers a flexible approach.
 Location Independence
 Public cloud services are delivered through Internet, ensuring location
independence.
 Utility Style Costing
 Public cloud is also based on pay-per-use model and resources are
accessible whenever customer needs them.
 High Scalability
 Cloud resources are made available on demand from a pool of resources,
i.e., they can be scaled up or down according the requirement.

 Disadvantages
 Here are some disadvantages of public cloud model:
 Low Security
 In public cloud model, data is hosted off-site and resources are shared
publicly, therefore does not ensure higher level of security.
 Less Customizable
 It is comparatively less customizable than private cloud.
 Private Cloud allows systems and services to be accessible within an
organization. The Private Cloud is operated only within a single organization.
However, it may be managed internally by the organization itself or by third-
party. The private cloud model is shown in the diagram below.


 Benefits
 There are many benefits of deploying cloud as private cloud model. The
following diagram shows some of those benefits:

 High Security and Privacy

 Private cloud operations are not available to general public and resources
are shared from distinct pool of resources. Therefore, it ensures
high security and privacy.
 More Control
 The private cloud has more control on its resources and hardware than
public cloud because it is accessed only within an organization.
 Cost and Energy Efficiency
 The private cloud resources are not as cost effective as resources in public
clouds but they offer more efficiency than public cloud resources.

 Disadvantages
 Here are the disadvantages of using private cloud model:
 Restricted Area of Operation
 The private cloud is only accessible locally and is very difficult to deploy
globally.
 High Priced
 Purchasing new hardware in order to fulfill the demand is a costly transaction.
 Limited Scalability
 The private cloud can be scaled only within capacity of internal hosted
resources.
 Additional Skills
 In order to maintain cloud deployment, organization requires skilled expertise.
 Hybrid Cloud is a mixture of public and private cloud. Non-critical activities
are performed using public cloud while the critical activities are performed
using private cloud. The Hybrid Cloud Model is shown in the diagram below.

 Benefits
 There are many benefits of deploying cloud as hybrid cloud model. The
following diagram shows some of those benefits:
 

 Scalability
 It offers features of both, the public cloud scalability and the private cloud
scalability.
 Flexibility
 It offers secure resources and scalable public resources.
 Cost Efficiency
 Public clouds are more cost effective than private ones. Therefore, hybrid
clouds can be cost saving.
 Security
 The private cloud in hybrid cloud ensures higher degree of security.

 Disadvantages
 Networking Issues
 Networking becomes complex due to presence of private and public cloud.
 Security Compliance
 It is necessary to ensure that cloud services are compliant with security
policies of the organization.
 Infrastructure Dependency
 The hybrid cloud model is dependent on internal IT infrastructure, therefore
it is necessary to ensure redundancy across data centers.
Community Cloud allows system and services to be accessible by group of
organizations. It shares the infrastructure between several organizations from a
specific community. It may be managed internally by organizations or by the third-
party. The Community Cloud Model is shown in the diagram below.
Benefits
There are many benefits of deploying cloud as community cloud model.

Cost Effective
Community cloud offers same advantages as that of private cloud at low cost.
Sharing Among Organizations
Community cloud provides an infrastructure to share cloud resources and
capabilities among several organizations.
Security
The community cloud is comparatively more secure than the public cloud but less
secured than the private cloud.

Issues
 Since all data is located at one place, one must be careful in storing data in
community cloud because it might be accessible to others.
 It is also challenging to allocate responsibilities of governance, security and
cost among organizations.

Infrastructure-as-a-Service provides access to fundamental

resources such as physical machines, virtual machines, virtual storage, etc. Apart
from these resources, the IaaS also offers:

 Virtual machine disk storage

 Virtual local area network (VLANs)
 Load balancers
 IP addresses
 Software bundles
All of the above resources are made available to end user via server
virtualization. Moreover, these resources are accessed by the customers as if they
own them.
Benefits
IaaS allows the cloud provider to freely locate the infrastructure over the Internet in
a cost-effective manner. Some of the key benefits of IaaS are listed below:
 Full control of the computing resources through administrative access to VMs.
 Flexible and efficient renting of computer hardware.
 Portability, interoperability with legacy applications.
Full control over computing resources through administrative access to VMs
IaaS allows the customer to access computing resources through administrative
access to virtual machines in the following manner:
 Customer issues administrative command to cloud provider to run the virtual
machine or to save data on cloud server.
 Customer issues administrative command to virtual machines they owned to
start web server or to install new applications.
Flexible and efficient renting of computer hardware
IaaS resources such as virtual machines, storage devices, bandwidth, IP
addresses, monitoring services, firewalls, etc. are made available to the customers
on rent. The payment is based upon the amount of time the customer retains a
resource. Also with administrative access to virtual machines, the customer can run
any software, even a custom operating system.
Portability, interoperability with legacy applications
It is possible to maintain legacy between applications and workloads between IaaS
clouds. For example, network applications such as web server or e-mail server that
normally runs on customer-owned server hardware can also run from VMs in IaaS
cloud.

Issues
IaaS shares issues with PaaS and SaaS, such as Network dependence and
browser based risks. It also has some specific issues, which are mentioned in the
following diagram:
Compatibility with legacy security vulnerabilities
Because IaaS offers the customer to run legacy software in provider's infrastructure,
it exposes customers to all of the security vulnerabilities of such legacy software.
Virtual Machine sprawl
The VM can become out-of-date with respect to security updates because IaaS
allows the customer to operate the virtual machines in running, suspended and off
state. However, the provider can automatically update such VMs, but this
mechanism is hard and complex.
Robustness of VM-level isolation
IaaS offers an isolated environment to individual customers through hypervisor.
Hypervisor is a software layer that includes hardware support for virtualization to
split a physical computer into multiple virtual machines.
Data erase practices
The customer uses virtual machines that in turn use the common disk resources
provided by the cloud provider. When the customer releases the resource, the cloud
provider must ensure that next customer to rent the resource does not observe data
residue from previous customer.

Characteristics
Here are the characteristics of IaaS service model:
 Virtual machines with pre-installed software.
  Virtual machines with pre-installed operating systems such as Windows,
Linux, and Solaris.
 On-demand availability of resources.
 Allows to store copies of particular data at different locations.
 The computing resources can be easily scaled up and down.
Platform-as-a-Service offers the runtime environment for applications. It also offers
development and deployment tools required to develop applications. PaaS has a
feature of point-and-click tools that enables non-developers to create web
applications.
App Engine of Google and Force.com are examples of PaaS offering vendors.
Developer may log on to these websites and use the built-in API to create web-
based applications.
But the disadvantage of using PaaS is that, the developer locks-in with a particular
vendor. For example, an application written in Python against API of Google, and
using App Engine of Google is likely to work only in that environment.
The following diagram shows how PaaS offers an API and development tools to the
developers and how it helps the end user to access business applications.

Benefits
Following are the benefits of PaaS model:
Lower administrative overhead
Customer need not bother about the administration because it is the responsibility
of cloud provider.
Lower total cost of ownership
Customer need not purchase expensive hardware, servers, power, and data
storage.
Scalable solutions
It is very easy to scale the resources up or down automatically, based on their
demand.
More current system software
It is the responsibility of the cloud provider to maintain software versions and patch
installations.

Issues
Like SaaS, PaaS also places significant burdens on customer's browsers to
maintain reliable and secure connections to the provider’s systems. Therefore,
PaaS shares many of the issues of SaaS. However, there are some specific issues
associated with PaaS as shown in the following diagram:
Lack of portability between PaaS clouds
Although standard languages are used, yet the implementations of platform
services may vary. For example, file, queue, or hash table interfaces of one platform
may differ from another, making it difficult to transfer the workloads from one
platform to another.
Event based processor scheduling
The PaaS applications are event-oriented which poses resource constraints on
applications, i.e., they have to answer a request in a given interval of time.
Security engineering of PaaS applications
Since PaaS applications are dependent on network, they must explicitly use
cryptography and manage security exposures.

Characteristics
Here are the characteristics of PaaS service model:
 PaaS offers browser based development environment. It allows the
developer to create database and edit the application code either via
Application Programming Interface or point-and-click tools.
 PaaS provides built-in security, scalability, and web service interfaces.
 PaaS provides built-in tools for defining workflow, approval processes, and
business rules.
  It is easy to integrate PaaS with other applications on the same platform.
 PaaS also provides web services interfaces that allow us to connect the
applications outside the platform.

PaaS Types
Based on the functions, PaaS can be classified into four types as shown in the
following diagram:

Stand-alone development environments

The stand-alone PaaS works as an independent entity for a specific function. It
does not include licensing or technical dependencies on specific SaaS applications.
Application delivery-only environments
The application delivery PaaS includes on-demand scaling and application
security.
Open platform as a service
Open PaaS offers an open source software that helps a PaaS provider to run
applications.
Add-on development facilities
The add-on PaaS allows to customize the existing SaaS platform.
Software-as–a-Service (SaaS) model allows to provide software application as a
service to the end users. It refers to a software that is deployed on a host service
and is accessible via Internet. There are several SaaS applications listed below:

 Billing and invoicing system

 Customer Relationship Management (CRM) applications
 Help desk applications
 Human Resource (HR) solutions
Some of the SaaS applications are not customizable such as Microsoft Office
Suite. But SaaS provides us Application Programming Interface (API), which
allows the developer to develop a customized application.
Characteristics
Here are the characteristics of SaaS service model:
 SaaS makes the software available over the Internet.
 The software applications are maintained by the vendor.
 The license to the software may be subscription based or usage based. And
it is billed on recurring basis.
 SaaS applications are cost-effective since they do not require any
maintenance at end user side.
 They are available on demand.
 They can be scaled up or down on demand.
 They are automatically upgraded and updated.
 SaaS offers shared data model. Therefore, multiple users can share single
instance of infrastructure. It is not required to hard code the functionality for
individual users.
 All users run the same version of the software.

Benefits
Using SaaS has proved to be beneficial in terms of scalability, efficiency and
performance. Some of the benefits are listed below:

 Modest software tools

 Efficient use of software licenses
 Centralized management and data
 Platform responsibilities managed by provider
 Multitenant solutions

Modest software tools

The SaaS application deployment requires a little or no client side software
installation, which results in the following benefits:

 No requirement for complex software packages at client side

 Little or no risk of configuration at client side
 Low distribution cost

Efficient use of software licenses

The customer can have single license for multiple computers running at different
locations which reduces the licensing cost. Also, there is no requirement for license
servers because the software runs in the provider's infrastructure.
Centralized management and data
The cloud provider stores data centrally. However, the cloud providers may store
data in a decentralized manner for the sake of redundancy and reliability.
Platform responsibilities managed by providers
All platform responsibilities such as backups, system maintenance, security,
hardware refresh, power management, etc. are performed by the cloud provider.
The customer does not need to bother about them.
Multitenant solutions
Multitenant solutions allow multiple users to share single instance of different
resources in virtual isolation. Customers can customize their application without
affecting the core functionality.

Issues
There are several issues associated with SaaS, some of them are listed below:

 Browser based risks

 Network dependence
 Lack of portability between SaaS clouds

Browser based risks

If the customer visits malicious website and browser becomes infected, the
subsequent access to SaaS application might compromise the customer's data.
To avoid such risks, the customer can use multiple browsers and dedicate a specific
browser to access SaaS applications or can use virtual desktop while accessing the
SaaS applications.
Network dependence
The SaaS application can be delivered only when network is continuously available.
Also network should be reliable but the network reliability cannot be guaranteed
either by cloud provider or by the customer.
Lack of portability between SaaS clouds
Transferring workloads from one SaaS cloud to another is not so easy because
work flow, business logics, user interfaces, support scripts can be provider specific.

Open SaaS and SOA

Open SaaS uses those SaaS applications, which are developed using open source
programming language. These SaaS applications can run on any open source
operating system and database. Open SaaS has several benefits listed below:

 No License Required
 Low Deployment Cost
 Less Vendor Lock-in
 More portable applications
 More Robust Solution
The following diagram shows the SaaS implementation based on SOA: