Cloud Computing Fundamentals

Flashcards of vocabulary terms and definitions for the Cloud Computing Fundamentals course.

Cloud Computing

Cloud Computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. It allows businesses to access computing resources over the Internet instead of building and maintaining their own infrastructure.

On-Premise Computing

Traditional computing using on-site servers within a company's premises and network.

Infrastructure as a Service (IaaS)

IaaS provides virtualized computing resources over the internet. It replaces traditional on-premise IT infrastructure with virtual hardware, offering compute (virtual machines), storage (block storage), and network resources. This allows businesses to avoid the upfront costs and complexity of owning and managing physical servers. IaaS enables scalability and flexibility, allowing businesses to adjust resources based on demand.

Platform as a Service (PaaS)

Adds operating systems, software development tools, and runtime environments to IaaS to create a platform for developers to build and deploy applications without managing the underlying infrastructure. PaaS provides a managed environment for application development, reducing complexity and accelerating deployment while allowing developers to focus on coding and collaboration.

Software as a Service (SaaS)

A software licensing and delivery model where apps are subscribed to and accessed over the internet. SaaS provides users with access to software applications hosted in the cloud, allowing for easier updates and collaboration without the need for local installation.

IaaS Fundamental Aspects

Compute, block storage and network. These components enable virtualized resources, scalability, and flexibility for businesses. IaaS includes virtual machines, storage options, and networking capabilities, allowing businesses to scale resources as needed.

PaaS Fundamental Aspects

Object storage, identity, runtime and database. These components support the development, execution, and management of applications in a cloud environment, enhancing scalability and resource management.

Cloud Deployment Models

Public, Private, Hybrid and Community. These models describe the specific deployment of cloud services where resources are hosted, highlighting different access levels and management by users or third parties.

Public Cloud

Cloud services are available to clients when needed, scaling up resources as required and operated by third-party companies. Public clouds offer a shared infrastructure, allowing multiple users to access services while ensuring efficient resource allocation.

Private Cloud

Cloud deployment model that is achieved by purchasing virtualization software, setting up individual clouds within their own network. This model offers enhanced security, control, and customization for organizations that require dedicated resources.

Hybrid Cloud

A cloud deployment model that combines the best of both private and public clouds. It allows data and applications to be shared between them, providing greater flexibility, scalability, and optimization of existing infrastructure.

Community Cloud

A cloud deployment model useful for organizations with common goals and interests, where clients know each other. It facilitates sharing resources and services, enhancing collaboration while ensuring privacy and security among the participants.

Elasticity

Cloud characteristic where it can grow or shrink as client's needs change, using resource pooling through virtualization and automated scaling to adjust resources in real-time.

Rapid Elasticity

Easy allocation of resources in the cloud. It allows for automatic scaling of resources to meet varying demands, ensuring optimal performance and cost efficiency.

Self-Service

Cloud characteristic where organizations have access to network, storage and compute. They can provision and manage resources without requiring human intervention from the service provider.

Broad Network Access

Cloud characteristic where resources accessible over the network by different types of clients such as laptops, computers, cell phones using a web browser or native application. This allows users to access cloud services from anywhere with internet connectivity, promoting flexibility and mobility.

Pay-As-You-Go

Cloud characteristic where cloud providers track client's usage and charge them back for the services used. This model allows customers to only pay for the resources they consume, enhancing cost efficiency and budget control.

Availability

Cloud characteristic where resources are accessible and responsive whenever a client requires them. This includes features like redundancy and failover that ensure minimal downtime and consistent operation for cloud services.

Shared Responsibility Model

A cloud security concept where both the cloud provider and the customer have specific security responsibilities. The provider secures the underlying cloud infrastructure (security of the cloud), while the customer is responsible for securing what they put in the cloud, including data, applications, and operating systems. Essentially, the customer is responsible for security in the cloud and the cloud provider is responsible for security of the cloud, a shared model of responsibility.

Customer vs Provider Responsibilities

Customer oversees customer's data and the provider security of cloud infrastructure. The customer is responsible for securing their own data, applications, and operating systems, while the provider secures the cloud infrastructure itself.

Network

A group of devices that communicate with each other using software (network client) and a network interface card (NIC).

Transmission Method

How data travels from one device to another.

Networking Protocol

The language that devices use to communicate.

TCP/IP

The protocol of the internet. It governs how data is sent and received over the internet and enables different networks to connect and communicate.

Four Levels of Protocols

Layers used in each device for communication: Process Application, Host-to-Host Application, Internet, and Network Access. These layers define how data is formatted, addressed, transmitted, and received across networks.

Ways to Connect to the Cloud

HTTPS, RDP, SSH, VPN and Direct Connect.

HTTPS (Hypertext Transfer Protocol Secure)

A secure protocol in the process application layer in the TCP/IP suite.

SSL (Secure Socket Layer)

Standard security technology for establishing an encrypted link between a server and a client.

SSH (Secure Shell)

Lets clients connect to a virtual machine running Linux securely and act as if the user was sitting at the front of the virtual computer.

VPN (Virtual Private Network)

A secure and private network connection that occurs through a public network.

Direct Connect

Provides a dedicated physical network connection between your on-premises infrastructure and the cloud provider's network. This connection bypasses the public internet, offering more reliable, secure, and consistent network performance. Direct Connect is suitable for businesses requiring high bandwidth and low latency for data transfer and application access, ensuring a stable and predictable network experience.

Software-Defined Networking (SDN)

The objective is to make networks more flexible by separating the network packets, or the infrastructure layer, from the decision-making process, or the control layer.

Load Balancing

Balancing web server traffic by using hardware load balancers that act like the web server to the outside world. This ensures efficient distribution of incoming network traffic across multiple servers, improving reliability and performance.

Content-Based Load Balancing

Splitting up the servers to handle specific types of requests (web requests, videos, uploads, downloads). This method directs incoming traffic to different servers based on the content of the request, optimizing resource utilization and improving response times.

Cross-Region Load Balancing

Checks incoming IP address and routes the request to the server in the region from where the request originated. This method enhances user experience by reducing latency and optimizing resource allocation across geographically distributed servers.

Domain Name System (DNS)

Matches the hostname of machines and URLs to IP addresses. It translates human-readable domain names into machine-readable IP addresses, allowing users to access websites using easy-to-remember names.

Firewall

A hardware or software solution that serves as a network security checkpoint, filtering network traffic based on rules defined by a network administrator. It prevents unauthorized access while allowing legitimate traffic, protecting networks from threats such as intrusions and malware.

Network-Based Firewall

Protects a whole network of computers. It filters traffic between internal networks and external sources based on predefined security rules, ensuring that only authorized communication is allowed.

Host-Based Firewalls

Protects only one computer. It monitors incoming and outgoing traffic on that specific device, applying security rules to prevent unauthorized access and threats.

Demilitarized Zone (DMZ)

Used to connect servers that can be considered both public and private at the same time. A DMZ is a physical or logical subnetwork that separates an internal local area network (LAN) from untrusted networks, typically the internet. It provides an additional layer of security by allowing external users access to certain network services while protecting the internal network from external threats.

Access Control List (ACL)

A method for configuring firewalls to block traffic by specific IP addresses or protocols. Access Control List (ACL) is a security feature used in networking that defines which users or systems are granted access to resources, as well as what operations they can perform. It helps enforce security policies by allowing or denying traffic based on IP addresses or protocols.

Benefits of Cloud Storage

Easy file access, easy sharing/collaboration, and built-in automated redundancy. Cloud storage offers scalable resources that can grow with your needs, along with enhanced data integrity and accessibility from anywhere with internet connectivity.

Persistent Storage

Long-term persistent storage after power is switched off.

Cloud-Defined Storage Controller

Coordinates storage among various servers. Cloud-Defined Storage Controller is responsible for managing and optimizing the use of cloud storage resources across multiple servers to ensure efficient data access and reliability.

Software-Defined Storage Features

Storage controller coordinated between servers. Software-defined storage features include automation, scalability, and policy-driven management, allowing for flexible provisioning and efficient resource utilization across various storage environments. They enhance performance, simplify management, and support rapid deployment of storage resources.

Hot Storage

Data that is always accessible and available.

Cold Storage

Data that isn't needed often, basically archived data.

Hot Storage Characteristics

Access frequency frequent, access speed fast, SSD, high gigabyte cost. It is optimized for performance and applications that require immediate access to data, commonly used for active workloads.

Cold Storage Characteristics

Access frequency infrequent, access speed slow, HDD, tape drives, offline, low gigabyte cost.

Bucket

Term used by Amazon Web Services and Google Cloud to mean the same as container.

Blob

Term used by Microsoft Azure to mean the same as container.

Performance Characteristics

Key indicators that organizations need to pay attention to when pricing out cloud services. These indicators include speed, reliability, scalability, and availability of cloud services.

Types of Cloud Storage

File Storage, Block Storage and Object Storage.

File Storage

Folders of files. This storage type allows users to manage and store data in a hierarchical structure, often accessed through shared drives and directories.

Block Storage

Splits files into chunks of the same size that require a unique address. This storage type allows for high-performance access and is commonly used for databases and applications requiring fast input/output operations.

Object Storage

Storage that contains objects, which can be literally anything that anyone wants to store including data, metadata, and object attributes. It is designed to handle large amounts of unstructured data and provides a flat namespace for scalability and accessibility.

File Compression

The purpose is to make files smaller by taking less storage space.

Data Deduplication

Works at the file level or block level to eliminate any duplicate data.

Capacity On Demand

Additional storage that is instantly available that an organization can pay extra for.

Content Delivery Network (CDN)

A specialized type of load balancing that is used mostly with web servers to speed up the access to various web resources for users in different distributed locations.

Origin Server

Where an organization has a server in eastern Europe which is the main content server for the organization.

Point of Presence (PoP)

A Point of Presence (PoP) refers to a remote location within a Content Delivery Network (CDN) where edge servers are situated to cache and deliver content closer to end-users. Each remote location in a CDN is equipped with a PoP.

Edge Server

Caches the content of the origin server and provide it to users who are located near to it.

Key Aspects of Using a CDN

Improved performance, better reliability, lower bandwidth costs, better scalability and improved website security.

A Well Designed Cloud Solution Can…

It can eliminate the cost of purchasing new hardware and software often, enable users to have faster and better access to data, allowing organizations to quickly recover from data loss.

Redundancy

Redundancy refers to the duplication of critical components or functions of a system with the intention of increasing its reliability. It involves having backup systems or devices that automatically take over in the event of a failure in the primary system, ensuring continuous operation and preventing downtime. Redundancy can be implemented at various levels, including hardware, software, data, and network infrastructure, to safeguard against potential disruptions and maintain system availability.

High Availability

Users have uninterrupted service and good responsiveness from cloud resources from their cloud provider.

Redundancy Plans Covers

Administrators should have a comprehensive understanding of redundancy, including hardware fault tolerance (using redundant components), process redundancy (duplicating key processes), software redundancy (implementing backup systems), and data redundancy (replicating data across multiple locations). This ensures that failures in any one area do not lead to system-wide outages.

Elements of Redundancy Plans

Hardware redundancy, geographic redundancy.

Network Redundancy

Network is always available.

Geographic Redundancy

Several locations have replicas of same data.

Geo-Redundancy

Implies that several locations have replicas of the same data, so in the instance of data loss on one site.

Processes for Redundancy

Redundancy should encompass key operational processes to ensure business continuity. This involves documenting, testing, and maintaining backup processes for critical tasks. Ensuring that there are redundant processes in place helps safeguard against failures in primary workflows, maintaining operational stability and minimizing disruptions

High Availability

Users have uninterrupted service and responsive access services.

SLA service availability

SLA (Service Level Agreement) service availability defines the level of uptime guaranteed by a cloud service provider, often expressed in 'nines' (e.g., 99.9%). This metric indicates the percentage of time the service is expected to be available. Higher numbers of nines reflect greater uptime reliability.

High Availability Nines

Three=99.9% uptime & 8.77 hours downtime, Four=99.99% & 52.6 minutes downtime, Five=99.999% & 5.26 minutes downtime, Six=99.9999% & 31.56 seconds downtime.

Disaster Recovery

The ability to be operational after any given major disaster.

Disaster Recovery Plan Definition

Every organization needs to ensure they have a disaster recovery plan that specifies the steps to become operational in case of disaster.

Recovery Objectives

Recovery objectives are critical components of a disaster recovery (DR) plan that define the goals for restoring business operations after a disruption. These objectives include the Recovery Point Objective (RPO) and Recovery Time Objective (RTO), which guide the DR strategy and resource allocation to minimize data loss and downtime.

Recovery Point Objective

The Recovery Point Objective (RPO) defines the maximum acceptable amount of data loss measured in time. It determines the oldest acceptable version of files that must be recovered from previous backups to ensure minimal disruption to business operations.

Recovery Point Objective

How old can the restore data and be ok? For instance, an RPO of two hours means that the recovered data should be no older than two hours from the time of the incident.

Recovery Time Objective

The maximum time a system can be offline in the event of a major disaster or attack. An RTO of xx hours means that all systems and operations must be restored within xx hours to minimize the impact on business operations.

Recovery Time Objective

How long will it take to re-establish all systems and operations.

Cloud Provider Responsibility

Remember, as a user, you are responsible for security of data and operations in the cloud, and the cloud provider is responsible for security of the cloud.

Process/Application Layer

Deals with communication between applications and relies on protocols like HTTP, FTP, and SMTP to enable the exchange of data between applications.

Host-to-Host/Transport Layer

Provides reliable end-to-end communication between two hosts, ensuring that data is delivered in the correct order and without errors using protocols such as TCP and UDP.

Internet Layer

Responsible for routing data packets between different networks, using IP addresses to identify the source and destination of each packet and routing them accordingly.

Network Access/Link Layer

Handles the physical transmission of data over a network, including protocols like Ethernet and Wi-Fi, which define how data is physically transmitted and received.