Lecture 2: The Cloud Ecosystem & Architecture
Understanding the components, structure, and principles that power the cloud.
The NIST Definition
Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.
The Five Essential Characteristics
On-Demand Self-Service: Provision resources automatically without human intervention.
Broad Network Access: Access services over the network via standard mechanisms.
Resource Pooling: Resources are pooled to serve multiple consumers using a multi-tenant model.
Rapid Elasticity: Scale resources up or down rapidly and elastically.
Measured Service: Resource usage is monitored, controlled, and reported, providing transparency.
More Than Just Providers
The cloud is not just a single entity but a complex ecosystem of different players, each with a specific role. Understanding this ecosystem helps in navigating the cloud landscape effectively.
Loading diagram...
Parts of the ecosystem
Cloud Providers: Companies that own and operate the data centers, offering cloud services (e.g., AWS, Microsoft Azure, Google Cloud).
Cloud Enablers: The technology providers for hardware and software that providers use to build the cloud (e.g., Intel, AMD, VMware, Cisco).
Cloud Integrators/Consultants: Companies that help organizations use and integrate cloud services (e.g., Accenture, Deloitte, Capgemini).
Cloud Consumers: The end-users of cloud services, which can be individuals, businesses, or developers.
The Blueprint of the Cloud
Cloud architecture refers to the components and subcomponents involved in cloud computing. It's typically divided into two main parts: the Front End and the Back End.
These two ends are connected to each other through a network, most often the internet.
Loading diagram...
Front End (Client Side)
The side of the end-user.
Consists of the client’s device (PC, mobile) and the application needed to access the cloud.
Example: A web browser to access Gmail.
Back End (Provider Side)
The side of the cloud provider.
Manages all the resources required for cloud services.
Includes servers, virtual machines, data storage, security mechanisms, etc.
The Physical Foundation
Cloud infrastructure consists of the physical hardware resources that support the cloud services. These are housed in data centers across the globe.
Compute: Servers providing processing power.
Storage: Disk arrays and other storage systems.
Networking: Routers, switches, and firewalls.
Virtualization Layer: A hypervisor that abstracts the physical hardware.
Regions, AZs, and Edge Locations
Cloud providers build their infrastructure globally to provide low latency and high availability.
Region: A physical location in the world where they have multiple data centers (e.g., us-east-1).
Availability Zone (AZ): One or more discrete data centers within a Region, with redundant power, networking, and cooling. They are isolated from each other for fault tolerance.
Edge Location: Smaller sites used to cache content closer to end-users, reducing latency for services like CDNs.
Loading diagram...
Making One Machine Act Like Many
Virtualization is the technology that allows a single physical server to be partitioned into multiple isolated 'virtual machines' (VMs).
It is the fundamental enabler of resource pooling and rapid elasticity in the cloud.
Think of it like an apartment building. The building is the physical server. Each apartment is a VM—separate, secure, with its own resources (plumbing, electricity), but all sharing the same foundation and structure.
Type 1: Bare Metal
Runs directly on the host's hardware. More efficient and secure. Used in data centers.
Loading diagram...
Type 2: Hosted
Runs as a software layer on an operating system, like any other computer program. Used for desktop virtualization.
Loading diagram...
The 'Broad Network Access' Principle
Connectivity is the lifeblood of the cloud. It involves both the connection from the user to the cloud and the networking within the cloud itself.
Virtual Private Cloud (VPC)
A VPC is your own logically isolated section of a public cloud. You have complete control over this virtual network, including IP address ranges, subnets, route tables, and network gateways.
Loading diagram...
Control, Governance, and Optimization
Once you are in the cloud, you need to manage your environment. This involves several key areas:
Performance Monitoring: Tracking the health and performance of applications and infrastructure.
Security & Compliance: Implementing controls to protect data and meet regulatory requirements.
Cost Management (FinOps): Monitoring and optimizing cloud spend to avoid surprises.
Automation & Orchestration: Using code to manage and provision resources.
Tools include provider consoles (AWS Console), third-party dashboards (Datadog), and Infrastructure as Code (Terraform).
Migrating to the Cloud
Cloud migration is the process of moving digital assets—applications, data, and IT resources—from on-premises data centers to the cloud.
It is not a single event, but a journey that requires careful planning and execution.
Rehost ("Lift and Shift")
Move applications without changes.
Repurchase ("Drop and Shop")
Move to a different product, often SaaS.
Retire
Decommission applications that are no longer needed.
Replatform ("Lift and Reshape")
Make a few cloud optimizations without changing the core architecture.
Refactor / Rearchitect
Re-imagine the application to be cloud-native.
Retain
Keep applications on-premises that are not ready to migrate.
- Rehosting ("Lift-and-Shift")
Most early cloud projects gravitate toward new development using cloud-native capabilities, but in a large legacy migration, the majority of applications are rehosted to meet a business case quickly.
GE Oil & Gas found it could save roughly 30% of its costs by rehosting, even without implementing any cloud optimizations.
Applications are easier to re-architect once they’re already running in the cloud, partly because your organization will have developed better skills and the hard part—migrating the application, data, and traffic—has already been done.
Loading diagram...
- Replatforming ("Lift-Tinker-and-Shift")
Here you might make a few cloud optimizations to achieve a tangible benefit, but you aren’t otherwise changing the core architecture of the application.
For example, moving from a self-managed database to a database-as-a-service platform like Amazon RDS, or migrating an application to a fully managed platform like AWS Elastic Beanstalk.
A large media company moved from a licensed WebLogic container to open-source Apache Tomcat on AWS, saving millions in licensing costs on top of the savings from migrating.
Loading diagram...
- Repurchasing ("Drop-and-Shop")
This strategy involves moving to a different product, most commonly a Software-as-a-Service (SaaS) platform.
Moving a CRM to Salesforce.com
Moving an HR system to Workday
Moving a CMS to Drupal
Loading diagram...
- Refactoring / Re-architecting
Re-imagining how the application is architected and developed, typically using cloud-native features. This is driven by a strong business need for new features, scale, or performance.
This pattern tends to be the most expensive, but if you have a good product-market fit, it can also be the most beneficial.
Loading diagram...
- Retire
Once you've discovered everything in your environment, you can identify applications that are no longer useful and can simply be turned off.
We’ve found that as much as 10-20% of an enterprise IT portfolio is no longer useful. These savings can boost the business case, direct your team’s scarce attention to the things that people use, and lessen the surface area you have to secure.
Loading diagram...
- Retain ("Revisit")
This means doing nothing for now
You should only migrate what makes sense for the business; and, as the gravity of your portfolio changes from on-premises to the cloud, you’ll probably have fewer reasons to retain.
Loading diagram...
Phases of Migration
Loading diagram...
Questions & Next Steps
In the next lecture, we will look into the following
Explore storage virtualisation, including storage architecture for virtualisation; physical disk types and related techniques; difference between centralised and distributed storage, virtualised and non-virtualised storage features, difference between capex and opex, methods for planning and managing costs and Service Level Agreements (SLAs).