1
2
3
Brief Contents
Preface
Chapter 1 Introducing Cloud Computing
Chapter 2 Software as a Service (SaaS)
Chapter 3 Platform as a Service (PaaS)
Chapter 4 Infrastructure as a Service (IaaS)
Chapter 5 Identity as a Service (IDaaS)
Chapter 6 Data Storage in the Cloud
Chapter 7 Collaboration in the Cloud
Chapter 8 Virtualization
Chapter 9 Securing the Cloud
Chapter 10 Disaster Recovery and Business Continuity and the Cloud
Chapter 11 Service-Oriented Architecture
Chapter 12 Managing the Cloud
4
Chapter 13 Migrating to the Cloud
Chapter 14 Mobile Cloud Computing
Chapter 15 Governing the Cloud
Chapter 16 Evaluating the Cloud’s Business Impact and Economics
Chapter 17 Designing Cloud-Based Solutions
Chapter 18 Coding Cloud-Based Applications
Chapter 19 Application Scalability
Chapter 20 The Future of the Cloud
Glossary of Key Terms
Index
Credits
5
Contents
Preface
Chapter 1 Introducing Cloud Computing
Web 2.0 and the Cloud
Distinguishing Cloud Types
Cloud Deployment Models
Cloud Service Models
Exploring Uses of the Cloud
Introducing Scalability
Introducing Virtualization
Collecting Processing Power Through Grid Computing
Chapter Summary
Key Terms
Chapter Review
Chapter 2 Software as a Service (SaaS)
Getting Started with SaaS
Understanding the Multitenant Nature of SaaS Solutions
Understanding OpenSaaS Solutions
Understanding Mashups
Understanding Service-Oriented Architecture (SOA)
Chapter Summary
Key Terms
Chapter Review
6
Chapter 3 Platform as a Service (PaaS)
IT Evolution Leading to the Cloud
Benefits of PaaS Solutions
Disadvantages of PaaS Solutions
Chapter Summary
Key Terms
Chapter Review
Chapter 4 Infrastructure as a Service (IaaS)
Understanding IaaS
Improving Performance Through Load Balancing
Taking a Closer Look at Load Balancing
System and Storage Redundancy
Utilizing Cloud-Based NAS Devices
Advantages of IaaS Solutions
Server Types Within an IaaS Solution
Chapter Summary
Key Terms
Chapter Review
Chapter 5 Identity as a Service (IDaaS)
Understanding Single Sign-On (SSO)
Understanding How SSO Works
Understanding Federated Identity Management
Understanding Account Provisioning
Understanding OpenID
Mobile ID Management
7
Chapter Summary
Key Terms
Chapter Review
Chapter 6 Data Storage in the Cloud
Examining the Evolution of Network Storage
Understanding Cloud-Based Data Storage
Advantages and Disadvantages of Cloud-Based Data Storage
Getting Past the Fear of Cloud-Based Data
Cloud-Based Backup Systems
Understanding File Systems
Industry-Specific Cloud-Based Data Storage
Cloud-Based Database Solutions
Cloud-Based Block Storage
Chapter Summary
Key Terms
Chapter Review
Chapter 7 Collaboration in the Cloud
Collaborating in the Clouds
Questions to Ask About Collaborative Tools
Web-Based Collaboration Began with Web Mail
Instant Messaging Isn’t What It Used to Be
Cloud-Based Phone and Fax Systems
Revisiting File Sharing
Editing Shared Files Within the Cloud
Collaborating via Web Logs (Blogs)
8
Collaborative Meetings in the Cloud
Virtual Presentations and Lectures
Using Social Media for Collaboration
Using Cloud-Based Calendar Management
Using Streaming Video Content to Collaborate
Cloud-Based TV Content
Chapter Summary
Key Terms
Chapter Review
Chapter 8 Virtualization
Understanding Virtualization
The History of Virtualization
Leveraging Blade Servers
Server Virtualization
Desktop Virtualization
Desktop Solutions on Demand
Virtual Networks
Data Storage Virtualization
Not All Applications Are Well Suited for Virtualization
Why Virtualize?
Chapter Summary
Key Terms
Chapter Review
Chapter 9 Securing the Cloud
General Security Advantages of Cloud-Based Solutions
9
Introducing Business Continuity and Disaster Recovery
Understanding Data Storage Wiping
Understanding Distributed Denial-of-Service (DDoS) Attacks
Packet Sniffing
Man-in-the-Middle Attack
Monitoring Device Screens
Malicious Employees
Hypervisor Attack
Guest-Hopping Attack
SQL-Injection Attack
Physical Security
Chapter Summary
Key Terms
Chapter Review
Chapter 10 Disaster Recovery and Business Continuity and the Cloud
Understanding the Threats
Threat: Disk Failure
Threat: Power Failure or Disruption
Threat: Computer Viruses
Threat: Fire
Threat: Floods
Threat: Disgruntled Employees
Threat: Lost Equipment
Threat: Desktop Failure
Threat: Server Failure
10
Threat: Network Failure
Threat: Database System Failure
Threat: Phone System Failure
Understanding Service-Level Agreements
Measuring Business Impact: The Essence of Risk Mitigation
Disaster Recovery Plan Template
Chapter Summary
Key Terms
Chapter Review
Chapter 11 Service-Oriented Architecture
Understanding Service-Oriented Architecture
Web Services Are Not Web Pages
Many Companies Provide Web Services
Discovering Web Services
Understanding Web Service Performance
Web Service and Reuse
Scaling Web Services
Web Services and Loose Coupling
Treating a Web Service as a Black Box
Web Service Interoperability
Web Service Description Language
Governing Web Services
Chapter Summary
Key Terms
Chapter Review
11
Chapter 12 Managing the Cloud
Know Your Service-Level Agreement
Ensure and Audit System Backups
Know Your System’s Data Flow
Beware of Vendor Lock-In
Source-Code Escrow
Determine Technical Support and Help Desk Procedures
Determine Training Procedures
Know the Provider’s Security Policies and Procedures
Define the Data Privacy Requirements
Know Specifics About the Economics of the Cloud and Return on Investment
Monitor Capacity Planning and Scaling Capabilities
Monitor Audit-Log Use
Solution Testing and Validation
Chapter Summary
Key Terms
Chapter Review
Chapter 13 Migrating to the Cloud
Define the System Goals and Requirements
Protect Your Existing Data
Use an Experienced Cloud Consultant
Know Your Application’s Current Characteristics
Remember Vendor Lock-In
Define Your Training Requirements
Establish a Realistic Deployment Schedule
12
Review the Budget Factors
Identify IT Governance Issues
Understanding Cloud Bursting
Chapter Summary
Key Terms
Chapter Review
Chapter 14 Mobile Cloud Computing
The Evolution of Mobile Computing
Understanding the G in 3G and 4G
The Mobile Cloud Ecosystem
Introducing the Mobile Players
Pages, Apps, and Widgets
Revisiting the Role of HTML
Mobile Development Considerations
Chapter Summary
Key Terms
Chapter Review
Chapter 15 Governing the Cloud
Understanding Corporate Governance
Understanding Business Strategy
Measure What Is Important
Inspect What You Expect
Understanding Internal Controls
Extending Governance to Information Technology
Cloud Computing Governance
13
Chapter Summary
Key Terms
Chapter Review
Chapter 16 Evaluating the Cloud’s Business Impact and Economics
Business Economics
Total Cost of Ownership
Economies of Scale
Capital Expenditures
Operational Expenses
Return on Investment
Profit Margins
Moore’s Law and the Cloud
Understanding Right-Sizing
Defining a Large Data Center
Other Economic Key Performance Indicators
Marketing the Cloud
Chapter Summary
Key Terms
Chapter Review
Chapter 17 Designing Cloud-Based Solutions
Revisit the System Requirements
When to Select a Development Environment
Design Is a Give-and-Take Process
Designing for Accessibility
Designing for Audit
14
Designing for Availability
Designing for Backup
Designing for Existing and Future Capacity
Designing for Configuration Management
Designing for Deployment
Designing for Disaster Recovery
Designing for the Environment (Green Computing)
Designing for Interoperability
Designing for Maintainability
Designing for Performance
Designing for Price
Designing for Privacy
Designing for Portability
Designing for Recovery
Designing for Reliability
Designing for Response Time
Designing for Robustness
Designing for Security
Designing for Testability
Designing for Usability
Chapter Summary
Key Terms
Chapter Review
Chapter 18 Coding Cloud-Based Applications
Creating a Mashup Using Yahoo! Pipes
15
Creating a Simple Yahoo! Pipe
Using Google App Engine
Creating a Hello, World! Application with Google App Engine
Downloading the Google App Engine Software Development Kit
Deploying a Simple Google App Engine Example
Creating a More Advanced Google App Engine Application
Creating a Windows Azure “Hello, World!” Application
Chapter Summary
Key Terms
Chapter Review
Chapter 19 Application Scalability
Reviewing the Load-Balancing Process
Designing for Scalability
Scaling Up, Scaling Out, or Both
Minimize Objects on Key Pages
Selecting Measurement Points
Analyze Your Database Operations
Evaluate Your System’s Data Logging Requirements
Revisit Your Service-Level Agreement
Capacity Planning Versus Scalability
Scalability and Diminishing Returns
Performance Tuning
Complication Is the Enemy of Scalability
Chapter Summary
Key Terms
16
Chapter Review
Chapter 20 The Future of the Cloud
How the Cloud Will Change Operating Systems
Location-Aware Applications
Intelligent Fabrics, Paints, and More
The Future of Cloud TV
Future of Cloud-Based Smart Devices
Cloud and Mobile
How HTML5 Will Drive Mobile Applications
Faster Time to Market for Software Applications
Home-Based Cloud Computing
Chapter Summary
Key Terms
Chapter Review
Glossary of Key Terms
Index
Credits
17
Preface
FOR YEARS, SOFTWARE DEVELOPERS and network administrators have used
the image of a cloud to represent the myriad of communication details that occur
as messages flow across the Internet from one computer network to another.
This cloud abstraction has now exploded to include processors, both physical
and virtual, data storage, software-as-a-service solutions, and mobile
applications. Today, cloud-based applications and new capabilities are emerging
daily and bringing with them lower cost of entry, pay-for-use processor and
data-storage models, greater scalability, improved performance, ease of
redundancy, and improved business continuity. With these advantages come
increased security challenges and IT-governance concerns. This book examines
these issues. As you will learn, two things are certain: The dynamic nature of the
cloud will continue and we have only just begun to scratch the cloud’s surface.
Chapter 1: Introducing Cloud Computing introduces the abstract nature of
cloud computing and the factors that led to its evolution. The chapter examines
software as a service (SaaS), platform as a service (PaaS), and infrastructure as a
service (IaaS) and includes real-world examples of each. The chapter discusses
the key advantages of cloud computing, including scalability, redundancy, low
cost of entry, and virtualization.
Chapter 2: Software as a Service (SaaS) examines browser-based SaaS
solutions and their advantages. The chapter features real-world solutions such as
SalesForce.com for customer relationship management, Taleo for human
resources solutions, ADT for SaaS-based payroll processing, and many others.
Chapter 3: Platform as a Service (PaaS) introduces cloud-based hardware and
software platforms which allow companies, large and small, to move their
applications to the cloud quickly and cost effectively. The chapter examines PaaS
providers such as Amazon, Google, and Microsoft.
Chapter 4: Infrastructure as a Service (IaaS) introduces the concept of a
cloud-based data center which reduces or eliminates a company’s need for a
large in-house data center. Because of the IaaS provider’s economies of scale, it
can reduce a company’s cost of IT operations significantly.
Chapter 5: Identity as a Service (IDaaS) examines cloud-based
identity-management solutions that simplify user provisioning and resource
18
access. With more solutions distributed across the cloud, IDaaS facilitates the
user’s sign-on process across solution providers.
Chapter 6: Data Storage in the Cloud examines the integration of cloud-based
data storage and the evolution of network-based storage, which led to its
creation. The chapter presents several cloud-based data storage solutions that
can be enabled at little or no cost. The chapter also examines several low-cost
turnkey based backup solutions.
Chapter 7: Collaboration in the Cloud looks at cloud-based technologies that
allow two or more users to work together to accomplish a task. The chapter
describes the evolution of collaboration technologies from instant messaging to
virtual meetings to shared documents that support simultaneous editing by
multiple users.
Chapter 8: Virtualization introduces hardware and software used to create the
perception that one or more entities exist, when they may not actually be
physically present. The chapter examines solutions for virtual servers, virtual
desktops, and virtual networks.
Chapter 9: Securing the Cloud examines the real-world security issues that
people (even some sophisticated IT users) are uncomfortable with when placing
their personal data, or their company’s data, in the cloud. The chapter examines
specific security threats and the measures that should be taken to minimize
them.
Chapter 10: Disaster Recovery and Business Continuity and the Cloud
discusses ways that the cloud and its redundant resources improve a company’s
ability to recover and continue to operate after a disaster or serious event. The
chapter examines common threats to business operations and some
cloud-computing solutions that can mitigate them.
Chapter 11: Service-Oriented Architecture looks at how the availability of
web-based services is changing how developers create programs and the speed
at which they can deploy solutions. The chapter examines a variety of real-world
web services that are available to programmers for integration into programs.
Chapter 12: Managing the Cloud examines the tasks a manager must perform
after a company migrates its applications to the cloud, including auditing logs,
19
monitoring system performance, and identifying bottlenecks within the data
flow.
Chapter 13: Migrating to the Cloud discusses managerial considerations to be
evaluated before migrating to the cloud, such as avoiding vendor lock-in,
identifying remote data backup operations and security considerations,
preparing a budget, and integrating developer and user training.
Chapter 14: Mobile Cloud Computing evaluates whether mobile computing is
driving the growth of cloud computing or vice versa. The chapter examines the
“ecosystem” that is mobile computing as well as how HTML5 will change
computing models.
Chapter 15: Governing the Cloud discusses the role of IT governance and its
extensions for cloud-based computing. The chapter examines the need for and
ways to implement cloud-based internal controls.
Chapter 16: Evaluating the Cloud’s Business Impact and Economics
examines how the cloud’s economy of scale and pay-for-use model will
accelerate the ability for companies, large and small, to release cloud-based
solutions. The chapter also evaluates the cloud’s impact on operational and
capital expenses.
Chapter 17: Designing Cloud-Based Solutions discusses the fact that
developers will simply pick up and move many existing applications to the cloud.
In the future, however, developers should design cloud-based solutions to utilize
scalability and redundancy. The chapter examines many common design
considerations and ways the cloud will impact them.
Chapter 18: Coding Cloud-Based Applications looks at two PaaS providers,
Google Apps and Windows Azure, and implements cloud-based applications with
each. Developers will learn that creating and deploying cloud-based applications
is fast, easy, and inexpensive.
Chapter 19: Application Scalability examines how developers can scale
applications—vertically, by using faster processors or more powerful servers
and horizontally, by supporting the ability to distribute processing better. The
chapter looks at design considerations to be evaluated when designing
applications for scalability.
20
Chapter 20: The Future of the Cloud examines ways the cloud will extend its
reach into cars, televisions, appliances, and even our clothes. By the end of the
chapter, readers will realize that we have just scratched the cloud’s surface.
21
chapter 1
Introducing Cloud Computing
FOR YEARS DEVELOPERS AND network administrators have represented the
Internet within design documents as a cloud. By abstracting the Internet’s
technologies and underlying protocols as simply a cloud, as shown in FIGURE 1-1,
the developers could temporarily ignore the communication complexity and
simply assume that messages would flow successfully from one
Internet-connected network to another.
Learning Objectives
This chapter introduces cloud computing. By the time you finish this chapter, you
will be able to do the following:
• Understand the abstract nature of cloud computing.
• Describe evolutionary factors of computing that led to the cloud.
• Describe virtualization at both the desktop and the server level.
• Describe and identify common cloud types, which include software as a
service, platform as a service, and infrastructure as a service.
• Know how businesses and individuals use the cloud.
• Describe the benefits and disadvantages of cloud computing.
• Understand common security considerations with respect to the cloud.
• Describe ways cloud computing can improve system fault tolerance.
• Describe Web 2.0 and its relationship to cloud computing.
Today the term cloud computing describes the abstraction of web-based
computers, resources, and services that system developers can utilize to
implement complex web-based systems. Often these cloud-based resources are
viewed as virtual, meaning that if a system or solution needs more resources,
such as processors or disk space, the resources can simply be added on demand
and usually transparently to the application that uses them. Through their virtual
nature, cloud-based solutions can be scaled up or down in size, and the
22
companies whose solutions reside in the clouds normally pay only for the
resources they consume. Thus, companies that once relied on expensive data
centers to house their processing resources can now shift their costs and
maintenance efforts to pay-as-you-go, scalable, cloud-based alternatives.
FIGURE 1-1 For years developers and network administrators have represented
the Internet as a cloud.
CASE 1-1 THE APPLE ICLOUD
Whether one is a PC user or a Mac evangelist, one must recognize Apple’s ability
to introduce technology that changes industries and the way people work and
communicate. Apple’s first entrée into the cloud was the iTunes virtual music
store. Today iTunes offers millions of songs for download to PCs and Macs, as
well as iPods, iPhones, iPads, and other handheld devices. More than just music
on a web-based storage device, iTunes laid a foundation for scalable e-commerce,
high-bandwidth download transactions, and user device independence.
Apple’s iCloud extends the company’s existing functionality by providing users
with a cloud-based storage facility for their phones, music, videos, books, and
other documents. Using iCloud as a centralized virtual storage facility, users can
quickly exchange digital content among their various devices. In fact, users can
customize the iCloud settings to make the file exchange seamless and automatic.
In other words, if a user stores a digital file within iCloud, behind the scenes
iCloud software will push the content to each of the user’s registered devices, as
shown in FIGURE 1-2.
23
FIGURE 1-2 Using iCloud, users can synchronize their content to a variety of
devices.
Exercise What industries might iCloud disrupt? What business services do you
anticipate Apple to offer in order to drive revenue through the iCloud?
Web Resources For more information on iCloud, see
www.CloudBookContent.com/Chapter01/index.html.
Web 2.0 and the Cloud
For years, when companies wanted to place content on the web, they hired web
developers, who created the underlying HTML documents. Through this process,
the number of documents on the web exploded to billions worldwide. Web 2.0 is
a term used to describe the set of tools and websites that allow users to publish
content to the web without the direct use of HTML. Behind the scenes, the tools
and sites build the HTML documents for the user and then upload the documents
to a web server. TABLE 1-1 describes the common Web 2.0 applications.
TABLE 1-1 COMMON WEB 2.0 SITES AND APPLICATIONS
Application/Site
Purpose
Blog
A web log that users can write and use to publish content directly to the web.
24
Wiki
A software program that allows users to collaborate on shared web-based
documents.
Twitter
A microblogging service that allows users to send messages of up to 140
characters to those who follow the users’ tweets.
Facebook
A social networking site to which users can post text, photos, and
video-based content.
YouTube
A site to which users can upload video content for sharing with others.
25
FIGURE 1-3 Web 2.0 tools make it easy for users who do not possess web
development skills to easily publish content on the web.
As shown in FIGURE 1-3, with Web 2.0 tools and sites, users essentially publish
content directly to the cloud for access by other users.
Distinguishing Cloud Types
Cloud-based applications provide a wide range of solutions to a very large
number of users. To help us analyze and describe cloud-based systems, many
people refer to a cloud solution in terms of its deployment model and services
model. These two terms originated within a cloud computing document from the
National Institute of Standards and Technology (NIST), as shown in FIGURE 1-4.
26
FIGURE 1-4 Users refer to cloud solutions based on the system’s deployment and
services models.
CASE 1-2 THE MICROSOFT WINDOWS AZURE PLATFORM
When web developers create web pages, they need to host the corresponding
HTML files on a web server before other users can access the content from across
the web. Developers have two choices when it comes to publishing their content.
First, they can host the pages on their own web server, which may require
hardware support and maintenance. Second, the developers can host the files at
a server that resides at an Internet service provider (ISP), which allows the
developer to focus on web page development as opposed to server management.
Today developers can host their web pages at an ISP for a few dollars per month.
Windows Azure is a Microsoft platform that developers can use to move their
applications to the cloud. Unlike support for a simple HTML page, which requires
only the presence of a web server, Windows Azure provides operating-system
support for .NET applications and a cloud-based SQL server (SQL Azure). You can
think of Windows Azure as a cloud-based data center within which developers
can house their applications. The Windows Azure platform, in turn, maintains
servers, operating systems, database software, and other supporting
applications. As a developer’s application grows in terms of users, processor
demands, or disk storage, the Windows Azure environment grows to meet the
developer’s needs. In this way, the Windows Azure platform provides the
following:
• Scalability: Windows Azure can scale up, or scale down, processor and storage
resources on demand.
• Redundancy: Windows Azure provides server, disk storage, and network
redundancy.
• Cost benefits from resource pooling: Windows Azure shares IT resources
across a very large number of companies, which provides cost savings to each.
• Outsourced server management: Microsoft provides Windows Azure IT staff
who maintain operating systems and underlying support software.
• Low cost of entry: To release a cloud-based solution, companies do not need
to invest in their own IT data center.
Exercise Discuss the pros and cons of hosting an application within one’s own
data center as opposed to using a service provider such as Windows Azure.
27
Web Resources For more information on Windows Azure, see
www.CloudBookContent.com/Chapter01/index.html.
Cloud Deployment Models
A cloud deployment model specifies how resources within the cloud are shared.
As discussed in TABLE 1-2, there are four primary cloud deployment models:
private cloud, public cloud, community cloud, and hybrid cloud. Each model
influences the corresponding scalability, reliability, security, and cost.
TABLE 1-2 CLOUD DEPLOYMENT MODELS
Deployment
Model
Characteristics
Private cloud
Owned by a specific entity and normally used only by that entity or one of its
customers. The underlying technology may reside on- or off-site. A private
cloud offers increased security at a greater cost.
Public cloud
Available for use by the general public. May be owned by a large organization
or company offering cloud services. Because of its openness, the cloud may be
less secure. A public cloud is usually the least expensive solution.
Community
cloud
The cloud is shared by two or more organizations, typically with shared
concerns (such as schools within a university).
Hybrid cloud
A cloud that consists of two or more private, public, or community clouds.
28
Cloud Service Models
A cloud can interact with a client (user or application) in a variety of ways,
through capabilities called services. Across the web, three major types, or
models, of services have emerged, which are defined in TABLE 1-3.
Examining Software as a Service (SaaS)
The software as a service (SaaS) model provides a cloud-based foundation for
software on demand. In general, an SaaS solution is web-delivered content that
users access via a web browser. The software can reside within any of the
deployment-model clouds. FIGURE 1-5 illustrates the SaaS model.
TABLE 1-3 COMMON CLOUD SERVICE MODELS
Cloud Service
Model
Characteristics
Software as a
service (SaaS)
A complete software application with a user interface.
Platform as a
service (PaaS)
A platform within which developers can deploy their applications. A
PaaS solution includes hardware (servers and disks), operating systems,
development tools, and administrative tools.
Infrastructure as a
service (IaaS)
Provides machines, storage, and network resources that developers can
manage by installing their own operating system, applications, and
support resources.
29
FIGURE 1-5 The SaaS model presents a cloud-based application with a user
interface to users running only a web browser.
The advantages of SaaS solutions are simplicity of integration (users need only a
browser), cost (the data center resides within the cloud), and scalability
(customers can add user licenses or seats as needed). The disadvantage of SaaS
solutions is the perception of security issues. Users who are new to the cloud
may not feel comfortable storing company data in a remote data-storage facility
(the cloud).
Well-known SaaS solution providers include Salesforce.com, Google Apps,
TurboTax, and QuickBooks.
Examining Platform as a Service (PaaS)
The platform as a service (PaaS) model provides the underlying hardware
technology, such as one or more servers (or virtual servers), operating systems,
database solutions, developer tools, and network support, for developers to
deploy their own solutions. The hardware and software within a PaaS solution is
managed by the platform provider. Developers need not worry about performing
hardware or operating system upgrades. Instead, developers can focus on their
own applications. FIGURE 1-6 illustrates the PaaS model. Well-known PaaS
solution providers include Windows Azure and Google App Engine.
Examining Infrastructure as a Service (Iaas)
The infrastructure as a service (Iaas) model provides a virtual data center
within the cloud. IaaS provides servers (physical and virtualized), cloud-based
data storage, and more. Within an IaaS solution, developers must install their
30
own operating system, database management software, and support software.
Then the developers (or the company’s system administrators) must manage
both the hardware and the software. FIGURE 1-7 illustrates the IaaS model. The
Amazon Elastic Compute Cloud (Amazon EC2) is an IaaS solution.
FIGURE 1-6 The PaaS model provides the underlying hardware and operating
system a developer needs to launch an application.
FIGURE 1-7 The IaaS model provides the underlying hardware (servers and
storage). Clients must install and then manage their own operating system,
database software, and support software.
CASE 1-3 AMAZON WEB SERVICES (AWS)
If you ask people to rank order the top e-commerce companies, Amazon.com will
make the top of most lists. Amazon has grown from selling books to selling a
virtually endless range of products.
31
As Amazon evolved its sales plan, the company recognized the value of extending
its product base (the things they sell) to other sites. The other sites (Amazon
affiliates), in turn, could offer links to products, the sales and fulfillment of which
would be handled by Amazon, in a revenue-sharing model. This affiliate program
was one of the first cloud-based sales partnerships.
As Amazon continued to grow, its internal developers created a system
architecture that was redundant, scalable, and robust. With these services fully
operational, Amazon recognized that most software companies would need
similar capabilities. To meet that demand, Amazon released Amazon Web
Services (AWS), which companies can use to host their own systems. Today,
AWS process hundreds of thousands of web-based requests for companies every
second!
One of Amazon’s primary cloud tools is the Amazon Elastic Compute Cloud
(Amazon EC2), which lets companies rent cloud-based services for their
applications. Using Amazon EC2, companies can pay by the hour for the
processing they need and scale processor support up or down to meet user
demands.
To complement the processing power of Amazon EC2, Amazon Simple Storage
Service (Amazon S3) provides cloud-based data-storage facilities, and companies
pay only for the data storage they consume. Behind the scenes, Amazon provides
data redundancy.
To further support developers, Amazon offers virtual-network support, database
support, and e-commerce capabilities.
Exercise Assume your company wants to use Amazon as its disk-backup
provider. What pros and cons would you consider? Discuss how you might
leverage Amazon Web Services to bring an e-commerce site online.
Web Resources For more information on Amazon Web Services, see
www.CloudBookContent.com/Chapter01/index.html.
Exploring Uses of the Cloud
The cloud is now host to a wide range of large-scale and small-scale (custom)
applications. The number and type of applications that users can deploy to the
cloud is virtually limitless. Many software companies are now moving key
applications from expensive internal data centers to cost-effective and
resource-redundant cloud solutions.
32
As a user, you might already use cloud-based personal productivity software,
such as TurboTax, bank-specific bill-pay software, or a stock tool such as
E*TRADE. Or you may leverage a cloud-based collaboration tool, such as Google
Calendar or Google Docs, to share information and documents with other users.
Or you may store files, such as your music, photos, or videos, on cloud-based data
storage.
CASE 1-4 SALESFORCE.COM
One of the first companies to launch a large-scale SaaS solution was
Salesforce.com. The company recognized that as much as three-fourths of a
salesperson’s day was spent on nonsales tasks (calendar management, contract
management, presentation management, and contact management).
Salesforce.com recognized that regardless of the items a company sold, the
selling process was similar across companies and even industries. Salesforce.com
automated these tasks and put the underlying data storage in the cloud—the
sales cloud.
In a similar way, Salesforce.com has recognized that after the sale, customer
service is key. As a result, the company released a customer service cloud, which
integrates common customer service operations. The software manages the
process of responding to customer calls, e-mails, Facebook updates, live chats,
and more. After customer cases are resolved, managers can monitor the results
via cloud-based dashboards.
Exercise Discuss the common sales and customer service tasks supported by
Salesforce.com.
Web Resources For more information on Salesforce.com, see
www.CloudBookContent.com/Chapter01/index.html.
Introducing Scalability
When they launch a new website, many developers have visions of having
created the next Google, Amazon, or Facebook. Unfortunately, the developers
have no way of knowing what the actual user demand will be. Should the site
become widely used, it may require additional servers or disk-storage capacity.
Scalability defines a site or application’s ability to use additional resources on
demand. The site or application may scale up to utilize additional resources
when the system is experiencing high user demand and may later scale down its
resource usage when the user demand declines.
33
Applications that run within the cloud are normally highly scalable. An
application administrator can manually add or remove resources, or the
application can be configured to scale automatically. As shown in FIGURE 1-8,
applications scale through the use of additional servers (physical or virtual) or
through the addition of disk-storage space.
Introducing Virtualization
Chapter 8, Virtualization, examines desktop and server virtualization in detail.
For now think of virtualization as the use of hardware and/or software to
create the perception of something. For example, most servers have a CPU that is
capable of running a specific operating system, such as Windows or Linux. Using
special software, the server can be made to appear as if it has multiple CPUs
running the same or different operating systems, as shown in FIGURE 1-9.
FIGURE 1-8 Sites or applications can scale up or down through the addition or
removal of servers or disk-storage capacity.
34
FIGURE 1-9 Server virtualization makes a single server appear as multiple
independent servers running the same or different operating systems.
Behind the scenes, the server CPU switches its processing power rapidly among
the various operating systems.
In a similar way, most desktop PCs typically run one operating system. Again,
using special virtualization software, a desktop PC, as shown in FIGURE 1-10, can
be made to appear as if the system is simultaneously running different operating
systems. Desktop virtualization provides an excellent solution for developers,
application testers, and help desk support personnel who must support multiple
operating systems. Rather than having multiple desktop systems on their desk,
with each system running a specific operating system, the user can instead use a
single desktop PC with multiple (virtual) operating systems.
35
FIGURE 1-10 Desktop virtualization allows a PC to run multiple operating
systems simultaneously.
CASE 1-3 GOOGLE CLOUD-BASED SOLUTIONS
Google is one of the world’s most successful web-based businesses. Through its
high-performing search engine, Google leverages high-margin automated
advertising solutions. Beyond this, Google offers a variety of applications that
leverage the cloud’s ease of access and device independence to a wide range of
users.
To start, Gmail, an early cloud-based solution, has become one of the most widely
used e-mail services. By storing user e-mails within the cloud, Gmail provides
ease of access to e-mail from any computer or handheld device, at any time and
from any place.
Google Docs, an online set of collaborative document editing tools, provides
many of the common capabilities of Microsoft Office tools, such as Word, Excel,
and PowerPoint, from within a web browser, with no software to install and no
cost! Not only do the Google Docs tools make it easy for developers to share
documents, they provide a preview of how future cloud-based solutions will
allow users to perform their daily computing tasks without the need for a
computer operating system such as Windows or Mac OS.
As you might expect, Google is not conceding sole custody of the music market to
Apple. Google is protective of its web domain and now offers services users can
access for common cloud-based solutions.
Exercise Explain how Google makes money. Describe the pros and cons of PCs
that do not require an operating system.
Web Resources For more information on Google cloud-based solutions, see
www.CloudBookContent.com/Chapter01/index.html.
Collecting Processing Power Through Grid Computing
Through cloud computing, users leverage virtual processing power and data
storage via Internet-based computing resources that reside in the cloud. Through
CPU (or server) farms and load balancing, cloud-based applications can scale on
the fly to meet user demands.
Before the advent of the cloud, developers sought ways to leverage the potential
processing power of networked computers. The concept of grid computing is
36
based on the fact that throughout the day most PCs have spiked use. This means
that when a user is active, the CPU utilization may grow to 30 to 50 percent of the
processor’s capacity. When the user is not active, the CPU is idle, often using 1
percent or less of its processing capabilities.
By utilizing the fact that most computers are connected to a network, the
grid-computing architects look to design applications that could hand off work
across the network to idle CPUs. When the CPU completes its task, it simply
returns its result. Shown in FIGURE 1-11, a grid-computing application is well
suited for scientific and complex mathematical processing.
FIGURE 1-11 Grid computing breaks a complex task into smaller pieces that are
distributed to CPUs that reside within the network (grid).
As you might anticipate, grid computing introduces a wide range of security
issues. The applications that move across the grid must bring with them code to
execute, data, and other state information. The University of California, Berkeley,
is one of the leaders in grid computing. To facilitate computer interaction across
grids, the university developed the Berkeley Open Infrastructure for Network
Computing (BOINC). For specifics, visit http://boinc.berkeley.edu.
A FEW GOOD CLOUD-CONTENT READS
Across the web—OK, make that across the cloud—there are many sites that
provide great information about cloud issues. The following sections describe
several items you should
37
DISTRIBUTED MANAGEMENT TASK FORCE INC. (DMTF) CLOUD
MANAGEMENT
Distributed Management Task Force Inc. (DMTF) provides information
technology standards, which exist to simplify computer system management and
reduce related costs. Within DMTF, the Cloud Management Work Group (CMWG)
and the Cloud Auditing Data Federation (CADF) provide standards for cloud
architecture, environments, and interactions. You should take time, for example,
to visit the Cloud Standards Wiki, shown in FIGURE 1-12.
FIGURE 1-12 The Cloud Standards Wiki.
STORAGE NETWORKING INDUSTRY ASSOCIATION (SNIA)
One of the largest uses of the cloud is for remote data storage, perhaps for live
data, music, video, or even backups. The Storage Networking Industry
Association (SNIA) is a nonprofit organization that provides standards and
solutions on matters related to disk storage. As you might expect, SNIA provides
content on cloud-based data storage. At the SNIA website, you can find
38
overviews, podcasts, and standards on cloud-based storage issues. For specifics,
visit the SNIA cloud site at www.snia.org/cloud.
OBJECT MANAGEMENT GROUP
The Object Management Group (OMG) is a nonprofit organization that provides
standards for a wide range of technology, including real-time and embedded
software, analysis and design, middleware, and more. Within the OMG, the Cloud
Standards Customer Council (CSCC) is currently working on a variety of cloud
computing initiatives, which will be consolidated into a user guide. For specifics
on their research and publications, visit the CSCC website.
CHAPTER SUMMARY
The concept of a cloud and the Internet is not new. For years developers and
network administrators have represented the Internet as a cloud. Using the cloud
abstraction, developers could temporarily ignore the underlying communication
complexity and simply assume that messages would flow successfully from one
Internet-connected network to another.
Cloud computing is an abstraction of web-based computers, resources, and
services that system developers can utilize to implement complex web-based
systems. Developers often view cloud-based resources as virtual. This means that
if a system or solution need more resources, such as servers or disk space, the
resources can simply be added on demand and usually transparently to the
cloud-based application. Cloud-based solutions can normally scale up or down in
size based on user demands. Companies whose solutions reside in the cloud
normally pay only for the resources they consume. As a result, companies that
once relied on expensive data centers to house their processing resources can
now shift their costs and maintenance efforts to pay-as-you-go, scalable,
cloud-based alternatives.
KEY TERMS
Amazon Web Services (AWS)
Cloud computing
Community cloud
Grid computing
Hybrid cloud
39
iCloud
Infrastructure as a service (IaaS)
Platform as a service (PaaS)
Private cloud
Public cloud
Reliability
Robust
Scalability
Software as a service (SaaS)
Virtualization
Web 2.0
Windows Azure
CHAPTER REVIEW
1. Define and discuss cloud computing.
2. Discuss how cloud computing has changed how companies budget for
software solutions.
3. Compare and contrast SaaS, PaaS, and IaaS, and provide an example of each.
4. Define scalability and discuss how the cloud impacts it.
5. List three advantages and three disadvantages of cloud computing.
6. Define virtualization and discuss how the cloud impacts it.
7. Describe three cloud-based solutions for individuals and three cloud-based
solutions for businesses.
8. Discuss how Web 2.0 has driven the growth of the web.
9. Compare and contrast public, private, community, and hybrid clouds.
40
chapter 2
Software as a Service (SaaS)
SOFTWARE AS A SERVICE (SaaS) is a solution model in which users use a web
browser to access software that resides, along with the programs and user data,
in the cloud. Companies that use SaaS solutions eliminate the need for in-house
(data-center-based) applications, administrative support for the applications,
and data storage. Because SaaS solutions reside within the cloud, the solutions
can easily scale to meet customer needs. Further, most companies can pay for the
SaaS solutions on demand—meaning that the companies pay only for the
resources they consume, normally on a per-user basis. SaaS solutions exist for a
wide range of applications and provide customers with a cost-effective way to
get started and an affordable long-term solution.
Learning Objectives
This chapter examines SaaS solutions in detail. By the time you finish this
chapter, you will be able to do the following:
• Define and describe SaaS.
• List the advantages and disadvantages of SaaS solutions.
• Define and describe OpenSaaS.
• Define and describe mashups.
• Discuss the wide range of SaaS solutions and their providers.
Getting Started with SaaS
SaaS solutions offer the following advantages:
• They reduce or eliminate the need for an on-site data center
• They eliminate the need for application administration
• They allow customers to pay on demand for software use, normally on a
per-user basis
• They offer application, processor, and data storage scalability
41
• They offer device-independent access to key applications
• They increase disaster recovery and business continuity
The biggest concern, or potential disadvantage, is that the data, like the
applications, reside in the cloud. Many companies are concerned about letting go
of their data. Also, because the company does not own the solution, it can be
challenging or expensive to customize the application.
CASE 2-1 SALESFORCE.COM SAAS FOR CUSTOMER RELATIONSHIP
MANAGEMENT (CRM)
Salesforce.com was one of the first companies to unlock the power of
cloud-based SaaS. The site delivers cloud-based customer relationship
management (CRM) solutions, which let companies accomplish the following:
• Manage sales contacts and leads
• Centralize contact information, presentations, and project details
• Access sales information and reports from anyplace, at any time, with any
device
• Manage project quotes and project work flow
• Sync sales contacts and meetings with existing tools, such as Microsoft Outlook
Salesforce.com offers a variety of solutions that support not only the small
business, but also the large enterprise.
Exercise Salesforce.com was one of the companies to leverage the power of the
cloud. Discuss the features Salesforce.com provides that are well suited for
companies large and small.
Web Resource For more information on Salesforce.com, see
www.CloudBookContent.com/Chapter02/index.html.
Understanding the Multitenant Nature of SaaS Solutions
SaaS applications are often multitenant solutions; that is, within the cloud, two
or more companies may share the same server resources, as shown in FIGURE
2-1. Depending on their size and fees, customers may also share database
resources. Further, depending on the SaaS provider, customizing a multitenant
solution may be difficult, expensive, or impossible.
42
FIGURE 2-1 Many SaaS solutions are multitenant, which means that behind the
scenes customers may share computing resources.
CASE 2-2 TALEO SAAS FOR HUMAN RESOURCES MANAGEMENT
To achieve wide-scale use, an SaaS solution must have large market potential.
Every business must recruit, hire, train, and compensate employees. The Taleo
cloud-based talent management system provides applications and services to
meet company human resources demands. Specifically, Taleo SaaS solutions
provide the following:
• Recruitment tools companies can use to attract, hire, and integrate talented
individuals into the company culture
• Performance-management tools companies can use to evaluate employees and
plan their growth and eventual replacement
• Compensation tools appropriate for companies with a global workforce
• Workforce training and professional development tools companies can use to
educate and train employees
Exercise For an SaaS solution to be successful, the solution must be disruptive.
Discuss whether or not you consider the Taleo cloud-based solutions disruptive.
Web Resource For more information on Taleo cloud-based human resources
solutions, see www.CloudBookContent.com/Chapter02/index.html.
43
Understanding OpenSaaS Solutions
The application programs that run as SaaS solutions in the cloud were developed
using a specific programming language and were designed to run on a specific
operating system using a specific database management system. An OpenSaaS
solution is an SaaS application created using an open source programming
language and designed to run on an open source operating system and database.
Many customers believe that if a solution is open source, it will be easier for them
to move the data to a different application in the future if the current solution
fails to meet their needs. Because customers do not own the SaaS software, they
will not be able to move the application itself.
Customers that are concerned about moving their data in the future should
consider an OpenSaaS provider. That said, most SaaS solutions, open source or
not, provide a way for customers to export their data if the need arises.
CASE 2-3 ADP SAAS FOR PAYROLL PROCESSING AND HUMAN RESOURCES
MANAGEMENT
One of the first companies to leverage the power of the cloud was ADP—a
payroll processing company. Reaching far beyond payroll today, ADP offers
cloud-based solutions for time management, employee benefits processing,
workers compensation, human resources issues, and more. Further, ADP has
extended many of its services to mobile users, allowing payroll processing to
occur any time, from any place.
Exercise Discuss the market potential for ADP products beyond payroll
processing.
Web Resource For more information on ADP cloud solutions, see
www.CloudBookContent.com/Chapter02/index.html.
CASE 2-4 WEBEX SAAS FOR VIRTUAL MEETINGS
To gain market share, an SaaS solution must be disruptive; it must change its
industry. The WebEx solution not only changes how and when people meet, it
disrupts the travel industry by reducing business trips, hotel stays, and business
meals. Millions of users rely on WebEx to provide a virtual yet face-to-face
meeting platform. A side effect of less travel is the greening of business, which
means it has less impact on the environment. In fact, as shown in FIGURE 2-2,
44
WebEx provides an online calculator that shows the dollars saved and the carbon
footprint reduced through WebEx-based meetings, as opposed to corporate
travel.
Beyond holding online meetings, companies use WebEx for the following:
• Training webinars for hundreds or thousands of attendees, within the
company and beyond
• Press conferences
• Product sales demonstrations
• Remote technical support
• And more
FIGURE 2-3 shows a WebEx presentation on cloud computing.
Exercise Assume that your company must invite 500 employees into the
corporate office from states across the country (an average airline ticket cost of
$350). Using the WebEx calculator, determine the potential company savings by
hosting the meeting online.
Web Resource For more information on WebEx, see
www.CloudBookContent.com/Chapter02/index.html.
45
FIGURE 2-2 Calculation of cost savings and carbon footprint reduction resulting
from WebEx meetings. Courtesy of Cisco Systems, Inc. Unauthorized use not
permitted. www.webex.com/overview/environment.html. (6/1/11).
FIGURE 2-3 WebEx leverages the cloud for face-to-face virtual meetings and
presentations. Courtesy of Cisco Systems, Inc. Unauthorized use not permitted.
http://theheadoftheclass.webex.com. (6/1/11).
CASE 2-5 CARBONITE SAAS FOR FILE BACKUPS
Businesses often rely on a process known as cloud-based colocation to duplicate
their company resources at a remote site. If fire, theft, or some other disaster
occurs, the business significantly reduces its risk of data loss.
Most user-based computer books tell users that they, too, should perform regular
disk and file backup operations. However, because the process is generally too
time consuming, most users fail to back up their files on a regular basis. Worse
yet, users who do perform backups often store the copies within the same facility
(home or office) as their computer. The backups are at risk to many of the same
factors that threaten the original data.
46
To provide users and companies with a backup solution, many SaaS providers
have emerged to back up user data files to redundant storage facilities that
reside within the cloud, as shown in FIGURE 2-4.
The SaaS cloud-based backup systems provide reliable and secure storage. Users
simply select the files or folders they want to back up and then schedule when
and how often they want the backups to occur. The actual backup operations
then happen behind the scenes, automatically.
FIGURE 2-5 shows a screen for a Carbonite-based backup operation occurring as
a background process while the user performs other tasks.
Exercise Assume your company has 1,000 employees. Calculate the potential
cost to integrate cloud-based backup operations through Carbonite. Do you have
an alternative backup solution?
Web Resource For more information on Carbonite cloud-based backups, see
www.CloudBookContent.com/Chapter02/index.html.
FIGURE 2-4 Cloud-based SaaS backup providers store secure copies of user and
company files at data storage facilities that reside in the cloud.
47
FIGURE 2-5 The Carbonite software running as a background task to back up
files to the cloud.
FIGURE 2-6 A mashup is a collection of services joined to create an overall
solution.
Understanding Mashups
48
Many companies need a variety of SaaS solutions. Depending on the various
solution providers, the company may create a mashup, a collection of services
joined to create an overall solution. FIGURE 2-6 illustrates the concept of a
solution mashup.
Developers categorize mashups as web-based or server-based. In a web-based
mashup, the user’s browser (perhaps via JavaScript) combines the various
content sources to create a unified display. In server-based mashups, an
application running on a server combines the data.
Not surprisingly, the open philosophy has reached mashups. In fact,
organizations are working on the Enterprise Markup Mashup Language (EMML)
to simplify the design and implementation of mashup solutions while increasing
their portability. For more information, visit www.openmashup.org.
CASE 2-6 ONLINE SCHOOL SAAS SOLUTIONS
Online education has remained one of the fastest growing segments within
education markets. Millions of learners now take courses online. Using
cloud-based learning management systems, universities offer courses in both
synchronous (learners meet at a specific day and time) and asynchronous
(learners make their own schedule) formats. By leveraging cloud-based systems,
schools can reduce their IT resources and staffing costs, essentially paying for
learning services on demand.
Exercise Using the web, search for demographic information on the size of the
online learning environment. Discuss how you expect this market to evolve over
the next 10 years.
Web Resource For more information on cloud-based online learning, see
www.CloudBookContent.com/Chapter02/index.html.
CASE 2-7 MICROSOFT OFFICE 365 SAAS FOR DOCUMENT CREATION, EDITING,
AND SHARING
For as long as most of us can remember, computer users have made extensive
use of the Microsoft Office suite: Word, PowerPoint, Excel, Outlook, and more.
Traditionally users have had to purchase and install Office, a relatively expensive
investment. Then users have had to keep installing updates to the software as
they became available from Microsoft. Businesses, in turn, would normally
license Office for each of their employees.
49
Over the past few years, to reduce costs many users began to use products such
as Open-Office (LibreOffice), an open source, free, Office-compatible solution.
Recently users have found Google Docs, which can be used from any
computer—a compelling tool.
To meet user demands and to match competitor offerings, Microsoft released
Office 365, a pay-by-the-month subscription to the Office applications, which, as
shown in FIGURE 2-7, resides in the cloud.
Using Office 365, users can access and edit their documents from any computer,
as well as many handheld devices. If needed, users can save their documents to
local devices. FIGURE 2.8, for example, shows a PowerPoint document in Office
365.
Further, because the Office 365 documents are cloud based, users and teams can
easily collaborate and share documents.
Exercise Assume your company has 1,000 employees who need access to the
Microsoft Office suite of products. Analyze the potential cost savings of using
Microsoft Office 365 over purchasing seat licenses for each user.
Web Resource For more information on Microsoft Office 365, see
www.CloudBookContent.com/Chapter02/index.html.
FIGURE 2-7 Office 365 provides cloud-based subscription access to the Office
suite of applications.
50
FIGURE 2-8 Users can access cloud-based Office 365 documents from any PC as
well as many handheld devices.
Understanding Service-Oriented Architecture (SOA)
Most SaaS solutions provide complete solutions, meaning an application that can
be used within a web browser. For example, Salesforce.com provides a web
application for customer relationship management, TurboTax provides a web
application for filing taxes, and QuickBooks provides a web application for
business accounting. Beyond providing a complete application with a user
interface, many solution providers offer specific services that developers can
access across the web from within programs they create. Developers refer to
these services as web services. A developer might, for example, use web services
to do the following:
• Query the price of a stock
• Check a warehouse for current product inventory levels
• Get real-time road or weather conditions
• Check airline flight departure or arrival information
• Purchase a product or service
• Perform credit card processing
51
FIGURE 2-9 Web services are solutions that programs can call across the web to
perform specific tasks.
As shown in FIGURE 2-9, an SaaS application interacts with a user, whereas a web
service interacts with a program.
Service-oriented architecture (SOA) is an application development
methodology with which developers create solutions by integrating one or more
web services. Think of a web service as a function or subroutine a program can
call to accomplish a specific task. As shown in FIGURE 2-10, when a program
running on 91 one computer calls a web service, a message, possibly containing
parameter values, is sent across the network (or Internet) to the computer
housing the web service. That computer, in turn, performs its processing and
normally returns a result to the caller.
Some developers refer to web services as remote-procedure calls. Further,
developers refer to a set of web services as an application program interface
(API). Amazon and eBay, for example, provide APIs that programmers can use to
purchase products from across the web using the programs they create. To gain a
better understanding of the processing that web services can perform, visit the
XMethods website shown in FIGURE 2-11. XMethods provides a variety of web
services that perform a wide range of tasks.
52
FIGURE 2-10 To call a web service, a program typically sends a message to the
web service that resides on a remote computer and then waits for the web
service to return a result.
FIGURE 2-11 The XMethods website at www.xmethods.com provides web
services that perform a wide range of tasks.
53
CASE 2-8 FACEBOOK: AN SAAS MEDIA SITE?
If you ask 10 cloud experts if Facebook is an SaaS social media site, you will
likely get 10 “maybe” answers. Facebook definitely has a variety of SaaS
characteristics:
• Ability to scale with respect to processor demands and data storage needs
• No user software to purchase or install
• Redundant server hardware and data storage
• Accessibility through a myriad of devices
Exercise Justify whether Facebook is an SaaS solution.
Web Resource For more information on Facebook as an SaaS provider, see
www.CloudBookContent.com/Chapter02/index.html.
CASE 2-9 IS GOOGLE+ A BETTER, OR JUST ANOTHER, SOCIAL NETWORK?
Google+ is a new social networking site that lets users define and manage
various groups of people and how they interact with them. With Google+, users
can define various circles, which might include people from work, good friends,
and family, as well as casual acquaintances. Using such circle definitions, users
can better control the posts they allow others to view.
FIGURE 2-12 Shows the Google+ home page.
Exercise Compare and contrast the Google+ features with those of other social
networks, such as Facebook.
Web Resource For more information on Google+, see
www.CloudBookContent.com/Chapter02/index.html.
54
FIGURE 2-12 Google+ is a social network that resides in the cloud.
CHAPTER SUMMARY
SaaS provides a solution model that allows users to use a web browser to access
software that resides in the cloud. SaaS solutions allow companies to eliminate or
reduce their need for on-site, data-center-based applications. By eliminating
in-house applications, companies can also reduce administrative support for the
applications, as well as data storage. SaaS solutions reside within the cloud,
which lets the solutions easily scale processors or disk storage to meet customer
needs. Companies normally pay for SaaS solutions on demand for the resources
they consume, usually on a per-user basis. SaaS solutions exist for a wide range
of applications. Using SaaS solutions, customers have a cost-effective way to get
started and an affordable, long-term solution to their data storage needs. Finally,
this chapter examined web services, which are cloud-based services that
developers can call from within the programs they create to accomplish specific
tasks. Many SaaS solution providers offer their services directly to users via SaaS
applications and to developer-created programs using web services.
KEY TERMS
Application program interface (API)
Customer relationship management (CRM)
Mashup
55
Multitenant solution
Service-oriented architecture (SOA)
Web services
CHAPTER REVIEW
1. Define and describe SaaS.
2. Search the web and list an SaaS provider for each of the following industries:
• Sales and customer relationship management
• Accounting
• Income tax filing
• Web-based meetings
• Human resources
• Payroll processing
• Backup automation
• Office document creation
• Social networking
3. Define and describe mashups.
4. List the advantages and disadvantages of SaaS solutions.
5. Describe the role of OpenSaaS.
6. Compare and contrast a web service and an SaaS solution.
7. Define and describe SOA.
56
chapter 3
Platform as a Service (PaaS)
PLATFORM AS A SERVICE (Paas) solutions provide a collection of hardware
and software resources that developers can use to build and deploy applications
within the cloud. Depending on their needs, developers may use a
Windows-based PaaS solution or a Linux-based PaaS.
Using PaaS, developers eliminate the need to buy and maintain hardware, as well
as the need to install and manage operating system and database software.
Because the computing resources no longer reside in the data center, but rather
in the cloud, the resources can scale up or down based on application demand,
and the company can pay for only those resources it consumes. Further, because
PaaS eliminates the developers’ need to worry about servers, they can more
quickly deploy their web-based solutions.
Learning Objectives
This chapter examines the PaaS model in detail. By the time you finish this
chapter, you will be able to do the following:
• Define and describe the PaaS model.
• Describe the advantages and disadvantages of PaaS solutions.
• List and describe several real-world PaaS solutions.
• List and describe cloud-based database solutions and describe their
advantages.
• Discuss the development history that led to PaaS.
CASE 3-1 GOOGLE APP ENGINE AS A PAAS
Google App Engine, sometimes called GAE, is a PaaS solution that lets developers
create and host web-based applications that reside and run on services managed
by Google, as shown in FIGURE 3-1.
57
Like many Google services and offerings, Google App Engine is a free service
(until applications reach a large size and consume significant bandwidth). Google
estimates that most developers can use Google App Engine free of charge. Once
they have 5 million hits per month the developers must then pay, but only for the
resources they use.
Currently, Google App Engine provides platform support for a variety of
programming languages, the three most common of which are Java, Python, and
Go. The primary Google App Engine features include the following:
• Support for dynamic web pages
• Data storage and query support
• Load balancing for application scalability
• Application program interface (API) support for application-based e-mail
through Google services
• A local development, environment that simulates Google App Engine on the
developer’s computer
• Support for event scheduling and triggering
• An application sandbox that limits access to the underlying operating system
• Software development kits specific to programming languages
• An administrative console for managing applications and databases
For more information on Google App Engine, visit www.appengine.google.com.
Exercise Assume your company must deploy Java and PHP solutions. Discuss
how your company might use Google App Engine and the company’s potential
cost.
Web Resources For additional information on Google App Engine, see
www.CloudBookContent.com/Chapter03/index.html.
58
FIGURE 3-1 Google App Engine helps developers create web-based applications
and then hosts the applications in the cloud.
IT Evolution Leading to the Cloud
The evolution of information technology solutions has been defined by several
distinct hardware and software models. To start, early IT solutions from the
1960s to mid-1980s were characterized by mainframe computers similar to that
shown in FIGURE 3-2, which had the following characteristics:
• Large capital investment for data-center-based computers
• Large, expensive disk and tape storage systems that often provided only
limited storage capacity
• User interface to the system provided through dumb terminals
• Limited computer–network interconnectivity
• System security maintained through physical security (few users had direct
access to the computer hardware)
59
FIGURE 3-2 Computing from the 1960s through the mid-1980s was mainframe
driven.
With the advent of the IBM PC in 1981, users shifted to local applications and
data storage. Early network solutions provided in-house e-mail communication
and limited printer and file sharing. System security was implemented primarily
at the individual computer level because network simplicity did not yet provide
an environment for sophisticated computer viruses.
FIGURE 3-3 Early PC-based servers were tower-based systems with a large
footprint. They consumed considerable power and generated considerable heat.
As the use of the Internet became more widespread, companies extended their
e-mail communication beyond company users to vendors, customers, and others.
Things changed drastically with the commercialization of the web in 1995 and
the release of company websites. Initially, many companies brought in expensive
T1 or T3 Internet connections and housed their own web servers. These initial
servers looked like large desktop systems, as shown in FIGURE 3-3.
FIGURE 3-4 ISPs were the first to offer cloud-like remote computing services.
60
For smaller companies, however, the cost to connect to the Internet was
prohibitive. As a result, Internet service providers (ISPs), which maintained web
servers and high-speed, high-bandwidth connections, began to emerge. As shown
in FIGURE 3-4, developers would use languages such as HTML, Perl, and active
server pages (ASP) to develop content locally and then use a file transfer
protocol (FTP) application to transfer the files to the server, which resides within
the ISP.
The advantages of hosting solutions at an ISP included the following:
• Reduced cost: The ISP provided the high-speed, high-bandwidth Internet
connection, which it shared across several companies.
• Less server administration: The ISP managed the servers to which
developers uploaded their solutions.
• Less hardware to purchase and maintain: The ISP purchased and managed
the hardware and managed the infrastructure software, such as the operating
system.
• Greater system uptime: Through the use of redundant hardware resources,
the ISP provided high system uptime.
• Potential scalability: The ISP had the ability to move a high-demand
application to a faster bandwidth connection.
As the use of the Internet and web continued to drive processing requirements,
many data centers began to move to blade servers, similar to that shown in
FIGURE 3-5, which required a smaller footprint, involved less cost, and could
easily access shared network devices.
By 2005, many companies used Windows- and Linux-based web servers that
were housed at remote ISPs and laid the groundwork for the eventual creation of
what we describe today as cloud-based PaaS solutions, as shown in FIGURE 3-6.
61
FIGURE 3-5 Blade computers allowed companies to reduce server footprint,
power requirements, and heat within the data center.
FIGURE 3-6 The evolution of technology leading to cloud PaaS solutions.
CASE 3-2 FORCE.COM AS A PAAS
One of the best known software as a service (SaaS) solutions is Salesforce.com.
To extend its cloud capabilities to application developers, Salesforce.com has
released the Force.com PaaS. Although it was originally developed to provide a
home for business applications, Force.com now runs applications across most
sectors.
As shown in FIGURE 3-7, Force.com provides four different development
environments that sit in a cloud-based data management facility.
62
FIGURE 3-7 Force.com provides four primary development products that
leverage a cloud-based database.
The following briefly describes the Force.com application interface:
• Appforce: Provides a user interface that lets nonprogrammers create
applications to support finance, human resources, project management, and
more. Through a drag-and-drop interface, users can develop business solutions
without writing code.
• Siteforce: Provides the ability for nondevelopers to quickly create a data-rich
website using the Salesforce.com customer relationship management (CRM)
editor. Users do not need to know HTML or coding to produce powerful web
pages.
• VMforce: Provides a platform for Java-based solutions in which programmers
can code locally using the Eclipse integrated development environment (IDE)
and then drag and drop their solutions to VMforce.com for hosting.
• ISVforce: Provides a platform that independent software vendors can use to
distribute their applications and updates to users via the cloud. The platform
includes access to an application storefront that developers can use to expose
their application to potential customers.
The Force.com applications sit on top of a cloud-based database provided by
Salesforce.com at Database.com. The cloud-based database provides high
performance, scalability, backups, and data redundancy. Database.com provides
an API that developers can use within their programs to interact with the
database.
Exercise Assume your company’s vice president of sales wants to produce sales
reports from your company’s cloud-based sales data. Unfortunately, your
company does not have programming resources it can allocate to the project.
Discuss how your company might leverage a Force.com solution to meet the
requirement.
63
Web Resources For additional information on Force.com, see
www.CloudBookContent.com/Chapter03/index.html.
Benefits of PaaS Solutions
By shifting computing resources from an on-site data center to the cloud, PaaS
solutions offer many advantages:
• Lower total cost of ownership: Companies no longer need to purchase and
maintain expensive hardware for servers, power, and data storage.
• Lower administrative overhead: Companies shift the burden of system
software administration from in-house administration to employees of the cloud
provider.
• More current system software: The cloud administrator is responsible for
maintaining software versions and patch installations.
• Increased business and IT alignment: Company IT personnel can focus on
solutions rather than on server-related issues.
• Scalable solutions: Cloud-based solutions can scale up or down automatically
based on application resource demands. Companies pay only for the resources
they consume.
CASE 3-3 LONGJUMP AS A PAAS
LongJump provides a PaaS solution that includes cloud-based database
management support. What makes LongJump unique is its focus on the entire
software development life cycle. To start an application design, nonprogrammers
can capture business requirements, forms, and data relationships without
coding. The LongJump application development is Java based and supports key
protocols such as SOAP and REST. After the developer hosts the site, LongJump
provides release management and software maintenance support. Developers
can try LongJump free of charge.
Exercise Discuss the role of web services and specifically the use of the SOAP
and REST protocols.
Web Resources For additional information on LongJump, see
www.CloudBookContent.com/Chapter03/index.html.
Disadvantages of PaaS Solutions
64
Potential disadvantages of PaaS solutions include the following:
• Concerns about data security: Some companies are hesitant to move their
data storage off-site.
• Challenges to integrating cloud solutions with legacy software: A company
may need to support on-site solutions as well as cloud-based solutions.
Communication between the two application types may be difficult to
impossible.
• Risk of breach by the PaaS provider: If the company providing the PaaS
service fails to meet agreed-upon service levels, performance, security, and
availability may be at risk, and moving the application may be difficult.
CASE 3-4 NETSUITE AS A PAAS
NetSuite is somewhat of a hybrid in that it is a provider of both SaaS and PaaS.
On the SaaS side, NetSuite offers turnkey enterprise resource planning (ERP),
customer relationship management (CRM), and accounting solutions. The
benefits of using the NetSuite cloud-based solution include the following:
• Reduced total cost of ownership compared with running on-site solutions
within an IT data center
• Reduced duplication of data entry through the use of integrated storage
solutions
• Enhanced distributed access to computer data
• Simplified application updates because NetSuite maintains and manages
software solutions
On the PaaS side, NetSuite provides a development environment that sits on top
of the Net-Suite business solutions. Using a drag-and-drop environment,
developers can quickly build and deploy enterprise solutions.
Exercise Visit the NetSuite website and then discuss the role and capability of
drag-and-drop solutions that do not require a programmer to create and deploy
applications.
Web Resources For additional information on NetSuite, see
www.CloudBookContent.com/Chapter03/index.html.
65
CASE 3-5 CLOUD FOUNDRY AS A PAAS
Cloud Foundry is an open source project enabled by VMware. Developers have
access to and contribute to the project. Cloud Foundry provides developers with
a complete PaaS solution that supports programming languages including Spring
for Java applications, Rails and Sinatra for Ruby, and other Java virtual machine
(JVM) frameworks. Cloud Foundry supports various open source databases, such
as MongoDB and MySQL.
The primary Cloud Foundry is multitenant, but through the use of MicroCloud,
developers can use a single instance of Cloud Foundry.
Exercise Research cloud applications on the web. Discuss the programming
languages that cloud developers use most often to implement the applications
they create.
Web Resources For additional information on Cloud Foundry, see
www.CloudBookContent.com/Chapter03/index.html.
CASE 3-6 OPENSHIFT AS A PAAS
Red Hat is well known for providing and supporting open source solutions. Red
Hat also distributes Red Hat Linux. OpenShift is the Red Hat PaaS offering, which
lets developers quickly deploy browser-based and command-line-based
applications. OpenShift has three primary development tools:
• Express: A free platform for cloud-based solutions written in PHP, Python, and
Ruby.
• Flex: Well suited for cloud-based Java, JBoss, and PHP solutions.
• Power: Designed for Linux-based solutions written in the C programming
language.
Exercise Discuss the pros and cons of using a Linux-based PaaS solution as
opposed to a Windows-based environment.
Web Resources For additional information on OpenShift, see
www.CloudBookContent.com/Chapter03/index.html.
66
CASE 3-7 WINDOWS AZURE AND SQL AZURE AS A PAAS
Microsoft.NET has driven the development of many dynamic web solutions and
web services. Windows Azure is a PaaS running within Microsoft data centers.
Users pay only for the scalable processor resources that they consume. SQL
Azure provides a cloud-based database solution for applications running within
Windows Azure. FIGURE 3-8 illustrates the Windows Azure PaaS environment.
Windows Azure goes beyond .NET and includes support for Java, PHP, and Ruby.
Developers can build and deploy their solutions to Azure using an IDE such as
Visual Studio or Eclipse. Developers can interface to SQL Azure using much of the
same code they would use to access a local database.
Exercise Discuss advantages and disadvantages of using Microsoft as a PaaS
solution provider.
Web Resources For additional information on Windows Azure and SQL Azure,
see www.CloudBookContent.com/Chapter03/index.html.
FIGURE 3-8 The Windows Azure PaaS environment.
CHAPTER SUMMARY
A PaaS solution provides a collection of hardware and software resources that
developers use to build and deploy cloud-based applications. PaaS solutions run
a Windows- or a Linux-based operating system and normally support a specific
programming environment, such as .NET or Java.
67
PaaS solutions eliminate the need for developers to buy and maintain hardware
and install and manage operating system and database software. Because the
PaaS computing resources reside in the cloud, the resources can scale up or
down based on application demand, and the company pays only for the resources
it consumes. Finally, because PaaS eliminates the developers’ need to worry
about servers, they can more quickly deploy their web-based solutions.
KEY TERMS
Cloud-based database
Integrated development environment (IDE)
Platform
CHAPTER REVIEW
1. Define and describe PaaS.
2. List the benefits of PaaS solutions.
3. Describe potential disadvantages of PaaS.
4. Describe how a cloud-based database management system differs from an
on-site database.
5. List the computing resources normally provided with a PaaS.
6. Assume your company must deploy a .NET solution to the cloud. Discuss the
options available to developers. Research on the web and estimate the costs
associated with deploying a PaaS solution.
7. Assume your company must deploy a PHP or Java solution to the cloud.
Discuss the options available to developers. Research on the web and estimate
the costs associated with deploying a PaaS solution.
68
chapter 4
Infrastructure as a Service (IaaS)
MANY COMPANIES THAT DEPLOY applications to the cloud will need a specific
platform, such as Windows, .NET, and Microsoft SQL Server, or Linux, Perl, and
MySQL. Utilizing a platform as a service (PaaS) solution eliminates the company’s
need to administer the operating system and supporting software. Other
companies, because of security needs or a desire to manage all resources, turn to
infrastructure as a service (IaaS) providers. An IaaS provider makes all of the
computing hardware resources available; the customers, in turn, are responsible
for installing and managing the systems, which they can normally do over the
Internet.
Learning Objectives
This chapter examines IaaS in detail. By the time you finish this chapter, you will
be able to do the following:
• Define and describe IaaS and identify IaaS solution providers.
• Define and describe colocation.
• Define and describe system and storage redundancy.
• Define and describe cloud-based network-attached storage (NAS) devices and
identify solution providers.
• Define and describe load balancing and identify cloud-based solution
providers.
• Describe the pros and cons of IaaS solutions.
Understanding IaaS
Running a data center is an expensive and staff-intensive process. To start, one
must create a facility with the following capabilities:
• Access to high-speed and redundant Internet service
• Sufficient air conditioning to eliminate the heat generated by servers and disk
storage devices
69
• Conditioned power with the potential for uninterrupted power supply in the
short term and long term through the use of on-site diesel-powered generators
• Fire suppression systems
• Administrative staffing to support hardware, networks, and operating systems
FIGURE 4-1 illustrates a typical data center facility.
After a company creates an operation data center, it has a second significant
problem—the data center is a single point of failure. Should the data center be
damaged by fire, flood, weather, or an act of terrorism, the company’s entire data
processing capabilities will be shut down.
To reduce the risk of a single point of failure, companies often create a duplicate
data center at a remote location, as shown in FIGURE 4-2. Should one of the data
centers fail, the other can immediately take over operations. Unfortunately, the
second data center will increase the company’s costs—essentially doubling
them—because there are duplicate servers, storage devices, network equipment,
Internet access, and staffing.
FIGURE 4-1 Racks of servers within a data center.
70
FIGURE 4-2 To eliminate a single point of failure, many companies colocate
duplicate data centers.
For many smaller companies with simpler data processing needs, a PaaS may
eliminate the need for their own data center. As you will recall, a PaaS solution
typically provides one or more virtual servers running a specific operating
system, as shown in FIGURE 4-3. Most PaaS solutions eliminate the customer’s
need to manage the operating system and supporting software.
In contrast, larger companies or companies with specific server needs may
require their own independent server hardware and data storage devices. For
such situations, IaaS is ideal. An IaaS solution provides a customer with its own
hardware resources. You can think of IaaS as a mini data center within a large
data center facility. Most IaaS providers, as shown in FIGURE 4-4, house data
centers for multiple
companies. Because the IaaS provider spreads the cost of power, air
conditioning, fire suppression, and staff across multiple customers, it can
normally offer pricing that beats what each individual company would have to
pay for its own facility.
Further, just as with software as a service (SaaS) and PaaS solutions, customers
pay IaaS providers only for the resources consumed. Simply put, IaaS solutions
provide the least expensive (and fastest) way for companies to launch a data
center or colocation facility.
71
FIGURE 4-3 PaaS solutions allow smaller companies to eliminate the need for
their own on-site data center.
FIGURE 4-4 IaaS providers normally house data centers for many companies.
Improving Performance Through Load Balancing
Across the web, sites experience a wide range of network traffic requirements.
Sites such as Google, Yahoo!, Amazon, and Microsoft experience millions of user
hits per day. To handle such web requests, the sites use a technique known as
load balancing, as shown in FIGURE 4-5, to share the requests across multiple
servers. For a simple web page, a client’s web browser requests an HTML page
and then the related graphics, CSS, and JavaScript files from the web server, as
shown in FIGURE 4-6.
72
FIGURE 4-5 Load balancing uses a server to route traffic to multiple servers
which, in turn, share the workload.
When the demand becomes too great for the server, the company can place a
load-balancing server in front of two or more servers to which the load balancer
distributes the web requests. Load balancing for simple applications is quite
straightforward because either server can handle all requests.
When server-based applications become more complex, such as accessing data
within a database, the developers must provide shared access to the database. To
eliminate a single point of failure, companies often replicate copies of the
database on multiple servers. The database software, in turn, must then
synchronize data updates across the systems, as shown in FIGURE 4-7.
As an alternative, the company may choose to simplify the solution using a
cloud-based database or a cloud-based network-attached storage (NAS)
device, as shown in FIGURE 4-8. In this way, the applications do not need to worry
about the data synchronization and replication—that task is handled within the
cloud.
73
FIGURE 4-6 A client (browser) typically makes multiple requests to a server in
order to download the HTML, CSS, JavaScript, and page graphics.
Taking a Closer Look at Load Balancing
To better understand load balancing, consider the processing that occurs when a
user visits a site such as Yahoo! To start, the user types in a domain name, such
as www.yahoo.com. The user’s web browser, in turn, sends the domain name to a
special server on the web called a domain name server (DNS), which, in turn,
returns the site’s (Yahoo!’s) Internet protocol (IP) address. As shown in FIGURE
4-9, the browser in then uses the IP address to contact the server.
74
FIGURE 4-7 Load-balanced systems, for data redundancy purposes, often
replicate databases on multiple servers. Each database, in turn, will send data
updates to the other to maintain data synchronization between the servers.
FIGURE 4-8 Using a cloud-based NAS device and a cloud-based database to
handle database replication and load balancing.
When a site uses load balancing, the IP address returned by the DNS might
correspond to the load-balancing server. When the load balancer receives the
browser request, it simply sends the request to one of the servers on a
round-robin basis. If demand on the site increases, additional servers can be
added, to which the load balancer can distribute requests. Using a similar
technique, most IaaS solutions provide on-demand scaling and load balancing.
75
FIGURE 4-9 Web browsers use the IP address they receive from a DNS to access
a server on the web.
System and Storage Redundancy
One of the greatest benefits of cloud-based computing is that it does not matter
where the physical computing resources and data storage devices are located. As
a result, companies often employ duplicate off-site servers or disk storage
devices through a process known as colocation. As shown in FIGURE 4-10, by
employing duplicate resources, systems can fail over from one location to
another or they can use the duplicate systems for load balancing.
In this way, the colocated resources accomplish the following:
• Makes the company less susceptible to fire, acts of God, and terrorism
• Improves performance through a distributed workload
• Makes the company less susceptible to downtime due to power loss from a
blackout or brownout
Over the past few years, the low-cost options offered by IaaS providers have
made hardware redundancy a must-have item for companies that rely on the
availability of key applications and data. Likewise, by leveraging cloud-based
NAS devices and cloud-based database systems, companies can also easily
replicate their data, as shown in FIGURE 4-11.
IaaS providers allow companies to add servers, processors, and RAM to their
applications on demand. FIGURE 4-12 shows an administrator window that
allows an application administrator to select the resources the application
needs—scaling resources up or down. Further, IaaS providers can also scale
76
resource allocation up or down automatically. Customers, in turn, pay only for
the resources they require.
FIGURE 4-10 Companies use colocated computing resources for system failover
or load balancing.
FIGURE 4-11 Using cloud-based NAS devices and cloud-based databases,
companies can replicate key data within the cloud.
77
FIGURE 4-12 Using an administrator menu to allocate application resources.
CASE 4-1 RACKSPACE IAAS
Rackspace has emerged as one of the largest players in the IaaS market.
Rackspace offers a set of solutions that include cloud hosting, managed hosting
(including 24/7 data-centerlike management), and hybrid solutions that
combine the cloud and managed services.
Within minutes, from the Rackspace website an administrator can select a
solution that deploys from 1 to 50 servers. Larger configurations are available.
Today Rackspace offers cloud-based solutions to hundreds of thousands of
clients. Rackspace houses its data centers at very large facilities located around
the world.
With respect to the cloud, Rackspace offers pay-as-you-go scalability, with
on-demand storage and load balancing. Beyond cloud hosting, Rackspace
provides solutions for cloud-based e-mail, Exchange hosting, file sharing,
backups, and collaboration.
78
Rackspace storage on demand is provided through a service called Cloud Files, a
high-performance file system that provides very inexpensive redundant storage.
The Cloud Files system was developed using OpenStack, a new open source
software initiative for building private and public clouds. The goal of OpenStack
is to create a massively scalable cloud operating system to accomplish the
following:
• Leverage open standards to produce an environment less susceptible to
vendor lock in (a situation in which a customer cannot easily move from an
existing vendor)
• Increase industry-wide cloud standards
• Provide a platform that leverages performance and flexibility
Exercise Assume your company is planning to release a new .NET-based
website. The company’s developers estimate the application will require 10
servers to manage the workload. Visit the Rackspace website and recommend a
solution for the company (you can use physical servers, virtual servers, or a
combination of both). What start-up and monthly costs should your company
expect?
Web Resources For additional information on Rackspace and OpenStack, see
www.CloudBookContent.com/Chapter04/index.html.
Utilizing Cloud-Based NAS Devices
Chapter 6, Data Storage in the Cloud, examines cloud-based data storage and
database systems in detail. The chapter also presents several solution providers.
For now, you should understand that companies can move their data storage to
the cloud in a number of ways. One of the most innovative disk storage solutions
utilizes cloud-based NAS devices, which present devices and applications as
mountable drives and file systems. Normally customers can scale their
cloud-based storage on demand and pay only for the storage they consume.
79
FIGURE 4-13 Cloud-based NAS devices present cloud-based storage as
mountable devices, which may be replicated in the cloud to meet a company’s
data redundancy needs.
As shown in FIGURE 4-13, some cloud-based NAS devices provide
behind-the-scenes data replication for data redundancy needs.
CASE 4-2 NIRVANIX IAAS
Nirvanix provides a wide range of cloud solutions, from public, private, and
hybrid clouds to backup and off-site storage and CloudNAS, which is a
cloud-based NAS solution. As shown in FIGURE 4-14, CloudNAS is a
high-performance, scalable, secure, cloud-based file system that supports Linuxand Windows-based applications.
By supporting both the Common Internet File System (CIFS) and the Network
File System (NFS), CloudNAS seamlessly integrates into existing applications. In
general, CloudNAS does not require programming or the development of an
application program interface (API).
Exercise Within the cloud, IaaS providers offer a variety of ways for users and
applications to access storage. Discuss the importance of having a cloud-based
mountable storage device.
Web Resources For additional information on Nirvanix and CloudNAS, see
www.CloudBookContent.com/Chapter04/index.html.
80
FIGURE 4-14 The Nirvanix IaaS provides cloud-based NAS, which is accessible
through the CloudNAS file system.
Advantages of IaaS Solutions
In the simplest sense, IaaS is the process of providing the hardware necessary to
run an application. By utilizing IaaS solutions, companies eliminate the need to
house and maintain expensive data centers. Unlike PaaS, which also manages and
administers the operating system and support software, an IaaS solution
requires the customer to manage all software and take responsibility for
maintaining system updates. Advantages of using an IaaS solution include the
following:
• Elimination of an expensive and staff-intensive data center
• Ease of hardware scalability
• Reduced hardware cost
• On-demand, pay-as-you-go scalability
• Reduction of IT staff
• Ad hoc test environments suitability
• Complete system administration and management
Server Types Within an IaaS Solution
81
Within an IaaS environment, customers can acquire one or more servers. As
shown in FIGURE 4-15, these servers fall under one of three types:
• Physical server: Actual hardware is allocated for the customer’s dedicated
use.
• Dedicated virtual server: The customer is allocated a virtual server, which
runs on a physical server that may or may not have other virtual servers.
• Shared virtual server: The customer can access a virtual server on a device
that may be shared with other customers.
An IaaS physical server solution allocates one or more physical servers to the
customer. The servers will not be shared with other customers. The physical
server, because it is not shared by others, will be more expensive. However, the
customer will have complete control over the system.
A dedicated virtual server solution allocates to a customer one or more virtual
servers, which, as discussed in Chapter 8, Virtualization, runs on a server that has
special software installed to allow it to run multiple operating systems (which do
not have to be the same). Each operating system is protected from others on the
server and often can be configured by the customer. The virtual server is used by
only one customer, which, again, will result in a slightly higher cost per month.
82
FIGURE 4-15 Within an IaaS environment, customers can allocate various server
types.
A shared virtual server solution allocates a shared virtual server to a customer.
The server may, for example, provide web server capabilities to multiple users.
The customer cannot configure the shared virtual server.
CASE 4-3 LAYERED TECH IAAS
Layered Tech supports grid, virtualization, and cloud computing platforms. With
Layered Tech solutions customers can quickly launch cloud-based applications,
satisfy backup and remote storage requirements, or utilize high-security,
high-availability servers.
Layered Tech provides traditional cloud-based services, such as dedicated
servers, virtual servers, and managed server solutions. In addition, Layered Tech
provides large-scale enterprise solutions, such as hosting, colocation, and
virtualization.
If a client performs e-commerce operations, Layered Tech provides a Payment
Card Industry (PCI)-compliant hosting system. By examining the PCI Data
Security Standard (DSS), you can gain considerable insight into cloud-based
security issues. For more information on the PCI DSS, visit the PCI Security
Standards Council website at www.pcisecuritystandards.org.
Exercise Many cloud-based sites implement e-commerce operations. Discuss the
purpose of and some of the standards involved in the PCI standards.
Web Resources For additional information on Layer Tech and PCI standards,
see www.CloudBookContent.com/Chapter04/index.html.
CHAPTER SUMMARY
Smaller companies that deploy applications to the cloud typically use a specific
platform, such as Windows, .NET, and Microsoft SQL, or Linux, Perl, and MySQL.
Companies that use a PaaS solution eliminate the need to administer the
operating system and supporting software. Larger companies, because of
security needs or a desire to manage all resources, turn to IaaS providers, which
make all of the computing hardware resources available but leave the customer
responsible for installing and managing the systems. This can normally be done
over the Internet. You can think of an IaaS solution as a turnkey remote data
center.
83
KEY TERMS
CloudNAS
Colocation
Common Internet File System (CIFS)
Load balancing
Network-attached storage (NAS)
Network File System (NFS)
Redundancy
CHAPTER REVIEW
1. Define and describe IaaS.
2. Define and describe system redundancy. Discuss how you might use IaaS to
implement a redundancy plan.
3. Define and describe load balancing. Discuss how you might use IaaS to
implement load balancing.
4. Define and describe NAS. Assume you must implement a shared file system
within the cloud. What company would you select? Why? What costs should your
client expect to pay for cloud-based data on a gigabyte (GB) basis?
5. Define and describe colocation. Discuss how you might use IaaS to implement
colocation.
6. Compare and contrast a cloud-based disk storage device (with a file system)
with a cloud-based database.
7. Compare and contrast physical, dedicated virtual, and shared virtual servers.
Search the web for companies that provide each. What cost should a customer
expect to pay for each?
84
chapter 5
Identity as a Service (IDaaS)
TODAY, WITHIN MOST COMPANIES, users must log in to a variety of different
systems in order to perform various tasks. Some of the systems may be cloud
based, some may be based on local servers, and some may be accessible through
different devices. The challenge of having multiple servers to access is that users
must remember and manage multiple username and password combinations.
Further, if an employee leaves the company, the IT staff must coordinate with the
human resources department to ensure that each of the user’s accounts has been
disabled. User identity management (ID management) is difficult, time
consuming, and expensive. Over the past few years, companies have begun to
emerge to provide identity (or identification) as a service (IDaaS), or
cloud-based ID management.
Learning Objectives
This chapter examines cloud-based ID management in detail. By the time you
finish this chapter, you will be able to do the following:
• Describe challenges related to ID management.
• Describe and discuss single sign-on (SSO) capabilities.
• List the advantages of IDaaS solutions.
• Discuss IDaaS solutions offered by various companies.
Understanding Single Sign-On (SSO)
As discussed, business users today must log in to a variety of applications, which
may reside on many different servers. The users, therefore, must manage
numerous username and password combinations. To simplify user access to
multiple systems, many companies now use single sign-on (SSO) software,
which, as shown in FIGURE 5-1, requires the user to sign on only one time. Behind
the scenes, the SSO software manages the user’s access to other systems.
The advantages of SSO software include the following:
85
• Fewer username and password combinations for users to remember and
manage
• Less password fatigue caused by the stress of managing multiple passwords
• Less user time consumed by having to log in to individual systems
• Fewer calls to help desks for forgotten passwords
• A centralized location for IT staff to manage password compliance and
reporting
The primary disadvantage of SSO systems is the potential for a single source of
failure. If the authentication server fails, users will not be able to log in to other
servers. Thus, having a cloud-based authentication server with system
redundancy reduces the risk of system unavailability.
Understanding How SSO Works
Although different implementations of SSO exist, many solutions employ a secure
ticket. When a user logs in to the authentication server, he or she is given a
secure ticket. Later, when the user accesses a server, that server, in turn,
validates the ticket with the authentication server. The authentication server, as
shown in FIGURE 5-2, not only confirms that the user is authorized to use the
server, but may also provide the user’s access rights that are specific to that
server.
FIGURE 5-1 An SSO system lets a user log in to a system one time and then move
freely among related servers and applications without having to authenticate
him- or herself each time.
86
Step 1: User logs into the authentication server using a username and password
Step 2: The authentication server returns the user’s ticket
Step 3: User sends the ticket to the intranet server
Step 4: Intranet server sends the ticket to the authentication server
Step 5: Au...
Purchase answer to see full
attachment