Chapter 6 Flashcards
Cloud Computing
Is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.
Multitenancy
Many different customers share access to the same physical resources
Isolation Controls
Cloud provider is responsible for implementation isolation controls that prevent the actions of one customer from interfering with or accessing data from another customer.
Software as a Service (SaaS)
Offerings provide a customer with a complete application that is built and maintained by the service provider and runs in an infrastructure that is either operated or procured by the service provider. The customer of an SaaS offering typically accesses the service through a web browser and performs only limited application configuration. Almost all the responsibility for operating the service rests in the hands of the cloud service provider and, possibly, other cloud service providers who offer the SaaS provider access to underlying infrastructure resources. Example: Gmail
Infrastructure as a Service (IaaS)
Offerings operate under a very different service model. SaaS offerings endeavor to hide implementation details from the customer, but IaaS offerings expose basic infrastructure building blocks that customers may use to design and implement their own service offerings. These offerings include compute processing, storage, networking, and other basic components of a technology infrastructure. Includes greater responsibility for monitoring, management and security. Examples: AWS, Azure and Google Compute Platform.
Platform as a Service (PaaS)
Approaches occupy a middle ground between SaaS and IaaS services. In this approach, the service provider operates an infrastructure that is fully managed and configurable to run customer applications. Customers then deploy applications that they either developed themselves or purchased from vendors onto the service provider’s platform, where they run with minimal customer management. Example: Heroku
Function as a Service (FaaS)
Cloud customers are increasingly embracing a technology called FaaS that allows for a serverless application architecture. Developers write functions in common programming languages and can then configure the FaaS platform to execute (or “trigger”) those functions in response to events. Functions deployed in this manner are discrete units of code that are easily scaled to millions, or even billions, of executions per day. Example: Lambda
Public Cloud
Public cloud service providers deploy infrastructure and then make it accessible to any customers who wish to take advantage of it in a multitenant model. A single customer may be running workloads on servers spread throughout one or more datacenters, and those servers may be running workloads for many different customers simultaneously.
Private Cloud
Used to describe any cloud infrastructure that is provisioned for use by a single customer. This infrastructure may be built and managed by the organization that will be using the infrastructure, or it may be built and managed by a third party. The key distinction here is that only one customer uses the environment. For this reason, private cloud services tend to have excess unused capacity to support peak demand and, as a result, are not as cost efficient as public cloud services.
Community Cloud
Service shares characteristics of both the public and private models. Community cloud services run in a multitenant environment, but the tenants are limited to members of a specifically designed community. Community membership is normally defined based on shared mission, similar security and compliance requirements, or other commonalities.
Hybrid Cloud
Is a catch-all term used to describe cloud deployments that blend public, private, and/or community cloud services together. It is not simply purchasing both public and private cloud services and using them together. Hybrid cloud requires the use of technology that unifies the different cloud offerings into a single coherent platform.
Bursting
For example, a firm might operate their own private cloud for the majority of their workloads and then leverage public cloud capacity when demand exceeds the capacity of their private cloud infrastructure. This approach is known as public cloud bursting.
Shared Responsibility Model = Security of IaaS, PaaS, SaaS - Data -> Application -> OS -> Hardware -> Datacenter
IaaS = Data, Application, OS - Customer Responsbilities
Hardware & Datacenter = Shared Responsibilities
PaaS = Data - Customer Responsibility
Application - Shared Responsiblities
OS, Hardware, DataCenter - Shared Responsiblity
SaaS = Data - Shared
Application, OS, Hardware, Datacenter - Vendor Responsiblities
Infrastructure as a Code (IaC)
Is one of the key enabling technologies behind the DevOps movement and is also a crucial advantage of cloud computing solutions. IaC is the process of automating the provisioning, management, and deprovisioning of infrastructure services through scripted code rather than human intervention. IaC is one of the key features of all major IaaS environments, including AWS, Microsoft Azure, and Google Cloud Platform.
Advantages of using IaC
- Increasing the reusability of code
- Reducing the time spent by operations team creating infrastructure components
- Increasing the speed of infrastructure creation
- Reducing the likelihood of configuration errors by leveraging common templates