2. General concepts

This section demonstrates common challenges in traditional data centers and cloud infrastructures, and presents key elements that we find on top of them. Finally, it presents some tips to help in building applications in the cloud.

2.1. Traditional Datacenter

Nowadays, there are many challenges we should address in our traditional datacentres. These challenges can also be found in modern cloud insfraestructures and services running on top of them. Some of these challenges include;

Availability

Availability is the proportion of time that the system is functional and working, and it can be affected by system errors, infrastructure problems, and malicious attacks. Services should be architected to maximize availability.

Data Management

Data is typically hosted in different services accross multiple servers, and also could be hosted in different locations. Maintaining performance in data access, scalability and/or availability can present a lot of challenges, and managing your data is a key element of any application or service.

Design and Planning

Decisions made an early phase of the process could have a huge impact on the quality and the total cost your service. Key factors such a good component design and deployment plan, simplifies the administration and maintainability of your service.

Performance and Scalability

Performance is an indication of the responsiveness of a system to execute any action within a given time interval. Scalability is the ability of a system to handle increases in load without impact on performance. Cloud platforms typically allow you to scale out in order to handle these variable workloads and peaks in activity. Also, bear in mind you can have scalability concerns with respect to compute power (CPU), but also regarding other elements like data storage or network complexity.

Security

Security is the capability of a system to prevent malicious or accidental actions outside of the designed usage, and to prevent disclosure or loss of information. Cloud applications could be exposed to the global Internet and so open to the public, serving untrusted users. Services must be deployed in a way that protects them from malicious attacks, restricts access to only approved users or hosts, and protects sensitive data.

2.1.1. Building blocks

There are common and typical elements (building blocks) which could be found in traditional on-premises datacenters and that you could be familiar with. In the following sections we will discuss how we could to achieve the same in a cloud infrastructure but with a greater flexibility.

Datacenter building blocks

Fig. 2.1 On-premises Datacenter Building Blocks elements

In a traditional datacenter, there are various building blocks such as (Fig. 2.1):

  • Switches/VLAN/Network
  • DNS Server
  • LDAP/Active Directory
  • NAS File Server
  • SAN
  • Internal Firewall
  • Tape/backup server
  • Web servers
  • Application servers
  • Database servers
  • Resource managers (Condor, SLURM, PBS)
  • Compute nodes

Moreover, to deploy and maintain these elements in a traditional infrastructure requires a lot of time and effort. Not only to keep these services up and running, but also to maintain the infrastructure on which they run. IT staff is typically asked to address other challenges like facing massive data growth, challenging economic conditions, and the physical limitations of power, heat, and space. Moreover, common operations like cabling (and re-cabling) and hardware support (updates and replacing hardware) could be time-consuming.

2.2. From the Traditional Datacenter to Cloud

2.2.1. What is a “Cloud”?

A delivery model for computing resources in which various servers, applications, data, and other resources are integrated and provided “as a Service” over the Internet or an internal network. Resources are often virtualized where processing power, disk storage, database processing, and networking services are available for consumption, allowing customers to interact with them either using a dashboard or programmatically through a set of APIs.

2.2.2. What makes the Cloud so attractive?

Cloud infrastructures allow you to achieve the same goals as using an on-premises infrastructure, but in a quicker, easier and most cost-effective way to gain greater flexibility and agility in providing services:

  • Pay per consumption. You pay only for what you plan to use and don’t worry about other costs and problems.
  • On-Demand Provisioning: Focus on your needs and change them as your needs change.
  • Scalability in minutes: Scale out or in depending on usage needs. Don’t worry about reinstalling or configuring new servers. Just select an image and launch more instances.

2.2.3. Types of Cloud Computing

Cloud computing is providing developers and IT departments with the ability to focus on what matters most and avoid undifferentiated work like procurement, maintenance, and capacity planning. Cloud computing has three most common types of cloud services to offer. As cloud computing has grown in popularity, several different models depending on the needs of users. The following is a brief introduction to the three cloud service types, namely, SaaS, PaaS and IaaS.

Software as a Service (SaaS)

Software as a Service provides you with a completed product that is run and managed by the service provider. In most cases, people referring to Software as a Service are referring to end-user applications.

Platform as a Service (PaaS)

Platforms as a service remove the need for organizations to manage the underlying infrastructure and allow you to focus on the deployment and management of your applications.

Infrastructure as a Service (IaaS)

Infrastructure as a Service, sometimes abbreviated as IaaS, contains the basic building blocks for cloud IT and typically provide access to networking features, computers (virtual or on dedicated hardware), and data storage space. Infrastructure as a Service provides you with the highest level of flexibility and management control over your IT resources and is most similar to existing IT resources that many IT departments and developers are familiar with today.

2.2.4. Public vs. Private Cloud

In case you have been researching about cloud computing, you probably know there are different types of cloud platforms and it is important to know the difference between the two. Basically, we can talk about Private and Public basically depending where these platforms are located and who is responsible for its managements and cost of ownership.

The public cloud is defined as computing services offered by third-party providers over the public Internet, making them available to anyone who wants to use or purchase them. They may be free or sold on-demand, allowing customers to pay only per usage for the CPU cycles, storage, or bandwidth they consume. Unlike private clouds, public clouds can save companies from the expensive costs of having to purchase, manage, and maintain on-premises hardware and application infrastructure.

A private cloud could be defined as computing services offered either over the Internet or a private internal network and only to select users instead of the general public. Private cloud computing gives businesses many of the benefits of a public cloud - including self-service, scalability, and elasticity - with the additional control and customization available from dedicated resources over a computing infrastructure hosted on-premises. In addition, private clouds deliver a higher level of security and privacy through both company firewalls and internal hosting to ensure operations and sensitive data are not accessible to third-party providers. One drawback is that the company’s IT department is held responsible for the cost and accountability of managing the private cloud. So private clouds require the same staffing, management, and maintenance expenses as traditional datacenter ownership.

There is still a great debate around advantages and disadvantages between these two models and, even though there is no single right answer because so much depends on your use case, we could argue that when security and data locality is the main concern, the private cloud is the best choice.

For example, in cases where data and applications are your most important assets and you need control over them at the same time, or you have a use case that is in need of strict security and confidentiality

2.3. How to “think cloud”

One of the main concerns is how to migrate services running on traditional datacenters to a cloud platform. We present some common architecture lessons and design patterns that could be useful for building reliable, scalable and secure applications in the cloud.

2.3.1. Cloud Architecture Lessons

Design for failure and nothing fails

Assume that eventually every service component may fail and a service as a while will have fewer avenues to really fail. Applications should continue to function even if the underlying physical hardware fails or is removed or replaced.

  • Avoid single points of failure
  • Assume everything fails, and design backwards

Loose coupling sets you free

Use independent components and design everything as a Black Box. De-coupling elements and services whatever is possible, and start using load balacing in front your applications.

Implement “Elasticity”

  • Don’t assume health or fixed location of components
  • Use designs that are resilient to reboot and relaunch
  • Bootstrap your instances to assume a role or functionality
  • Enable dynamic configuration
  • Elasticity is fundamental property of the Cloud, so use any auto/scaling method available
  • Use Elastic Load Balancing on multiple layers

Build Security in every layer

With cloud, you lose a little bit of physical control but not your ownership. Design applications with security in mind

  • Apply the least privilige rule
  • Create distinct Security Groups (rules) for role
  • Use Group-based rules for controlling access between layers
  • Restrict external access to specific IP ranges
  • Encrypt data at any point, storage or data “in-transit” (SSL)
  • Consider encrypted file systems for sensitive data
  • Use MultiFactor Authentication when possible

Re-think architectural constraints

  • Distribute load across machines allows you to efectivily use more RAM and Processors
  • Shared distributed cache
  • Do you need to increase IOPS on your database? You could use multiple read-only instances, use sharding, or DB clustering
  • Your server is failling or messed up config? simply throw it away and launch a new instance froma previous snapshot with no additional cost or time.
  • Web applications can utilize caching at different levels (Page, Render, DB) and therefore increase the overall performance.

Think Parallel

The flexibility a cloud environment provides allow you to:

  • Experiment with different architectures in parallel
  • Multi-threading and concurrent requests to cloud services
  • Use load balancing to distribute load across multiple servers
  • Decompose a Job/Service into its simplest form and run different jobs in parallel.

Leverage different storage options

OpenStack offers different storage choices like block storage, object storage, and shared filesystems as a service, to suit many use cases.

For example, as the object storage service Swift has features meant to support direct access to stored user content, you can start by moving any static assets from web server instances to OpenStack Swift, and then serve those objects directly. These static assets would include all of the images, videos, CSS, JavaScript, and any other heavy static content that is currently delivered via web server instances. By serving these files via Swift, the load will be reduced on the web instances. In the following sections we present an example guide that capture diferent scenarios.

Warning

Architecture Patterns removed!

2.3.2. Applying Cloud Architecture Lessons

In order to understand the architectural concepts, we are going to compare how common and traditional components could map to OpenStack services. Even if you do not have an existing infrastructure to migrate, it helps to understand where each service may fulfill your infrastructure needs by comparing the OpenStack cloud with traditional on-premises infrastructure.

Interactive web applications are the most prevalent applications in business today. Consumers and enterprises alike interact with their employees, customers and partners online, using applications such as online banking, human resources and even tax filing.

This example (Fig. 2.2) shows how to move a traditional web application architecture to the Cloud and allows to identify traditional building blocks, new services, features, and elements on both diagrams.

Migrating a Web Site application to OpenStack

Fig. 2.2 Migrating a Web Site application to OpenStack

The example shows how to migrate a typical three tier architecture into a cloud environment, to deploy a popular LAMP software into the tiers, in this case a WordPress as an example web application. Using OpenStack, you can set up virtual machines, private networks for each tier and the proper connections, load balancers, routers and security groups. You could find useful information and examples here.