Cloud Computing Basics
Cloud Computing Basics
- This chapter introduces cloud trends in enterprise IT, cloud computing overview/features, public cloud development background/definition/technical features, and HUAWEI CLOUD's basic architecture/concepts/delivery modes/ecosystem construction.
Objectives
After completing this course, users will:
Understand cloud computing background and enterprise IT cloudification trends.
Understand public cloud definitions and technical features.
Understand HUAWEI CLOUD's basic architecture, concepts, and ecosystem construction.
Contents
Cloud Computing Basics
Public Cloud Overview
HUAWEI CLOUD Overview
Network Era Transformation and Data Growth
Mobile internet prevalence and fully connected era lead to more terminal devices, and data explosion, challenging conventional ICT infrastructure.
PC Era:
Architecture: x86.
OS: Windows/Linux.
Mobile Internet Era:
Architecture: ARM.
OS: Android/iOS.
IoT Era:
Architecture: x86, ARM, DSP, MIPS, FPGA, etc.
OS: IoT OS.
Ecosystem competition will be industry-wide in the IoE era.
Each internet generation has leading enterprises who master the industry chain. Future dominance belongs to those with core chips and operating systems.
Challenges Faced by Conventional IT Architecture
Conventional IT architecture inadequacies:
Slow service rollout due to long procurement.
Poor scalability of centralized architecture.
Reliability dependent on software only.
Heterogeneous and hard to manage devices.
Limited single-device performance.
Low device utilization and high Total Cost of Ownership (TCO).
Enterprises Migrating to Cloud Architecture
Traditional IT Architecture:
Hardware and software including infrastructure, data centers, servers, network hardware, desktop computers, and enterprise application software solutions.
Requires power, space and capital and is installed locally for enterprises or private use
Virtualized Architecture:
Computer components run on virtualization environment, not physical.
Enables maximum hardware utilization and simplifies software reconfiguration.
Cloud architecture transforms data centers:
From resource silos to pooling.
From centralized to distributed architecture.
From dedicated hardware to software-defined storage (SDS).
From manual to self-service and automation.
From distributed statistics to unified metering.
Cloud Computing Definition and Features
Definition:
- Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. --National Institute of Standards and Technology (NIST)
Features:
On-demand self-service: Customers can deploy processing services based on actual requirements on the server running time, network, and storage, and do not need to communicate with each service provider.
Broad network access: Various capabilities can be obtained over the Internet, and the Internet can be accessed in standard mode from various clients, such as mobile phones, laptops, and PADs.
Resource pooling: Computing resources of the service provider are centralized so that customers can rent services. In addition, different physical and virtual resources can be dynamically allocated and reallocated based on the customer requirements. Customers generally cannot control or know the exact location of the resources. The resources include the storage devices, processors, memory, network bandwidth, and virtual machines.
Quick deployment and auto scaling: Cloud computing can rapidly and elastically provide computing capabilities. A customer can rent unlimited resources and purchase required resources at any time.
Measured services: Cloud services are billed based on the actual resource usage, such as the CPU, memory, storage capacity, and the bandwidth consumption of cloud servers. Cloud services provide two billing modes: pay-per-use and yearly/monthly.
Key Cloud Computing Technologies
Virtualization Technology:
- Server virtualization abstracts hardware and manages resources.
Data storage technology:
- Cloud computing system needs to meet the requirements of a large number of users and provide services for a large number of users in parallel. Therefore, the data storage technology of cloud computing must have the characteristics of distributed, high throughput and high transmission rate.
Massive Data Management Technology:
- Improve the data update rate and further improve the random read rate.
Programming mode:
- Cloud computing, Cloud computing adopts a simple distributed parallel programming model MapReduce.
Cloud computing platform management technology: efficiently manage servers and ensure that the entire system provides uninterrupted services
Virtual machine(VM) operation:
A virtual machine(VM) consists of disk files and description files, which are encapsulated in the same folder.
Multiple VMs running on the server are encapsulated and isolated from each other. That is, multiple folders exist.
The essence of virtualization is to logically convert a physical device into a folder or file to decouple software and hardware.
Eight Common Characteristics of Cloud Computing
Massive scale: Cloud computing service is in large scale as it centralizes IT resource supply.
Homogeneity: Homogeneity can also be understood as standardization, which is similar to power utilization.
Virtualization: smaller computing units, IT resources can be fully used; separation of software and hardware.
Elastic computing: IT resources can be elastically provided.
Low-cost software: to meet the market competition and requirements.
Geographical distribution: IT services can be provided anytime and anywhere.
Service orientation: Cloud computing is a service model, and the overall design is service-oriented.
Advanced security technology: Advanced security technologies must be adopted to protect cloud computing
Deployment Models for Cloud Computing
Private cloud: The cloud infrastructure is provisioned for exclusive use by a single organization.
Public cloud: The cloud infrastructure is owned and managed by a third-party provider and shared with multiple organizations using the public Internet.
Hybrid cloud: This is a combination of public and private clouds, viewed as a single cloud externally.
What is Public Cloud?
Concepts:
- Public cloud refers to cloud services provided by third-party providers over the public Internet. Users can access the cloud and enjoy various services, including but not limited to computing, storage, and network services. Public cloud services can be free or pay-per-use.
Features and Values:
The core attribute of the public cloud is the shared resource service. Third-party providers provide shared computing, storage, and network resources to users on demand. Users can enjoy IT services on a pay-per-use basis without initial IT infrastructure investment, greatly reducing digital barriers and IT costs.
Especially for small- and medium-sized enterprises, the public cloud can meet the requirements of devices that do not have sufficient budget to purchase, use and release devices in a short period of time (testing and verification), and require ultra-large computing capabilities.
By using the public cloud, users only need to focus on their own services. This greatly reduces maintenance complexity and costs and focuses on continuous service innovation.
Mainstream public cloud providers provide services that have passed most security and privacy certifications, effectively ensuring user data and privacy security.
Public Cloud Architecture
Service Layers:
IaaS (Infrastructure as a Service): Abstracts computing, storage, and network resources for users to use and provides corresponding services based on actual application requirements.
PaaS (Platform as a Service): Provides container services and microservice development services for users based on the IaaS layer. That is, an open platform is provided for users.
SaaS (Software as a Service): Mainly provides scenario-based applications, that is, provides applications as services for users.
O&M Layer:
- Provides user- and platform-oriented O&M capabilities. Includes permission control, performance/status monitoring, and fault alarm reporting.
Operation Layer:
- Provides user- and platform-oriented operation capabilities. Manages work orders, orders, charging, cost analysis, and service trends.
Security Level:
- Meets requirements on system, platform, O&M, and network security to ensure data and property security.
Components Definition:
RDS: Relational Database Service
CAE: Cloud Application Engine - Serverless hosting for web and microservice applications. Fast deployment, low cost, simplified O&M.
DevCloud: One-stop cloud DevSecOps platform. Covers requirement delivery, code submission, check, compilation, verification, deployment, and release.
Three Service Modes of the Public Cloud
IaaS (Infrastructure as a Service):
Target: enterprises (or a few individual users)
Provides basic equipment services such as computers, storage devices, and networks.
Examples: AWS, Google Cloud, Azure, OpenStack
PaaS (Platform as a Service)
Target: Developers
Examples: CloudFoundry and OpenShift
Provides database middleware, MySQL, Mangodb, and Java.
SaaS (Software as a Service)
Target : enterprise users/individual users
Examples: enterprise application services, email, IM, and microblogging.
Features of the Three Service Modes
IaaS: Rent infrastructure services like servers, storage, and networks instead of building data centers.
PaaS: Rent a software platform with pre-configured OS, database, middleware, and runtime library, but has lower freedom than IaaS.
SaaS: Deploy and access software applications directly through a browser without client installation.
Relationship: SaaS is based on PaaS, and PaaS is based on IaaS, but user groups are different.
Simple example for understanding the three modes for developing mall system:
IaaS: buy servers, buy databases, buy domain names, develop program.
PaaS: Provide cloud development services, only develop programs, eliminating servers, storage, and domain names.
SaaS: Huawei provides mall applet. Users only need to enable it.
Advantages of Public Cloud over Traditional IT Systems
Resource utilization:
Traditional IT: Low resource utilization rates.
Public cloud: High utilization by selecting cloud services as needed.
Cost:
Traditional IT: Expensive.
Public cloud: Lower costs by adding/releasing resources and using various computing models.
Scalability:
Traditional IT: Poor scalability.
Public cloud: Good scalability with controlled expenses.
Service rollout duration:
Traditional IT: Long service rollout time.
Public cloud: Quick service rollout by purchasing, deploying and updating resources via GUI.
Maintenance Interval
Traditional IT: Long maintenance, high labor cost.
Public cloud: Quick maintenance through upgrade and after-sales ensuring continuous business operation.
Advantages and Concerns of Public Cloud
Advantages:
Security: Reliable and secure data storage center.
Convenient: Low requirements on user devices.
Data sharing: Easy to share data and applications between different devices.
Infinite possibilities: Almost infinite possibilities for network use.
Concerns:
Security: Data visibility.
Performance: Application performance during peak times.
Data Ownership: data ownership in the system platform.
Reliability: uptime requirements.
Consistency: Data access during processing regulations.
Cloud customer security concerns
Cloud service security has attracted much attention, and emerging security and compliance issues challenge the widespread deployment and development of cloud services.
Survey Findings:
Vendor Ermetic: Nearly 80% of enterprises experienced cloud data breach in past 18 months (43% reported >10 breaches).
Vendor Barracuda: 70% of respondents cited security concerns limiting public cloud adoption.
Internal vs. External Threats:
Internal: Uncontrolled assets, data center damage, security vulnerabilities, ineffective access control.
External: Hacker attacks, vendor defects, business process vulnerabilities.
96% OF enterprises are worried about public cloud security.
2020, the Cloud Security Alliance (CSA) released 11 types of top cloud computing threats.
Cloud Service Providers Security Management
Integrate security services from third-party security vendors
Strengthen measures such as access management, log review, and security training for internal personnel to mitigate internal security risks.
Strengthen vulnerability management and in-depth protection measures to defend against external threats.
Deeply understand compliance requirements and improve compliance capabilities,
Avoid fines, lawsuits, and damage to the reputation of the enterprise caused by violations and regulations.
Cloud service customers can leverage security services
Cloud service customers can leverage security services and products provided by cloud service providers to improve their cloud security management capabilities.
Visible advanced security capabilities and design network security solutions for cloud service customers.
The rich cloud security ecosystem greatly expands the variety of cloud security services.
Cloud service providers can also provide security and compliance consulting and security hosting services to customers, so that cloud service customers can quickly obtain high-level security management capabilities.
HUAWEI CLOUD Overview
Everything is a Service vision:
Infrastructure as a Service: Global storage and computing network.
Technology as a Service: Innovation accessibility, application modernization acceleration.
Experience as a Service: Replicate products and industry cloudification enablement.
Launched in 2017, HUAWEI CLOUD committed to open ICT technology accumulation and product solutions into customers, realize everything as a service.
Top 5 in the global IaaS market, second in China, third in Thailand, and fourth in emerging Asia Pacific.
HUAWEI CLOUD has launched 248 cloud services and more than 78,000 APIs, has joined more than 40 million partners around the world, and has developed more than 4 million developers. More than 10,000 applications have been released to the market.
In China, Serves more than 700 government cloud projects, 6 major banks, 12 joint-stock commercial banks, top 5 insurance institutions and 7 top 10 traditional securities firms.
Enablement Cloud helps 23,000 manufacturing enterprises with digital transformation, 80% of the top 50 Internet enterprises and 90% of China's top 30 automobile enterprises have chosen HUAWEI CLOUD.
In 2021, the number of valued customers will increase by more than 150%, and the revenue of partners will increase by more than 150%. HUAWEI CLOUD has become one of the best partners in enterprise digital transformation.
Infrastructure as a Service
HUAWEI CLOUD is deployed globally, running 83 Availability Zones (AZs) in 29 regions.
Product categories cover: computing, container, storage, network, CDN and intelligent edge, database, AI, big data, IoT, application middleware, development and O&M, enterprise applications, video, security and compliance, management and supervision, migration, and blockchain.
Technology as a Service
More than 30 years of ICT technology, 100,000 R&D engineers, tens of billions of dollars in R&D every year, covering four tPaaS development production lines.
MetaStudio: digital content development line.
DataArts Studio: a data governance production line
Software development production line CodeArts.
AI development production line, AI platform ModelArts.
Everything as a Service - Experience as a Service aPaaS
Integrates industry capabilities such as coal mine, government affairs, Education and industry experience, provides a one-stop open platform for unified application distribution and operation.
Basic aPaaS services:
KooMessage - Cloud Message Service.
KooMap - Cloud Map Service, global satellite image processing.
KooPhone - Cloud Phone Service.
KooSearch - Enterprise search service, built-in capabilities such as industry word segmentation, semantic understanding, and industry sorting algorithms.
EDS - Exchange data space.
HUAWEI CLOUD Accounts
Two Account Types:
Accounts: Highest permissions, registered or created on HUAWEI CLOUD. Pays for resource usage. HUAWEI IDs and HUAWEI CLOUD accounts.
IAM Users: Created and managed by the account in IAM. Permissions are granted by the administrator.
IAM users login to HUAWEI CLOUD through the corresponding page and then use resources and cloud services as specified by the permissions granted by the account.
Huawei ID and HUAWEI CLOUD Account
Huawei ID:
Can register a HUAWEI ID to access all Huawei services, such as HUAWEI CLOUD and Vmall.
HUAWEI CLOUD login: Log in to HUAWEI CLOUD by clicking HUAWEI ID.
HUAWEI CLOUD Account:
- HUAWEI CLOUD accounts can only be used to log in to HUAWEI CLOUD.
IAM User
IAM (Identity and Access Management) enables secure access control for cloud services and resources.
IAM users are created by the account and assigned permissions. They cannot make payments themselves.
Relationship between accounts and IAM users
- Shared Parent-Child Relationship: account owns resources and makes payments, IAM users use resources as assigned by the IAM administrator.
User Group
Assign Permissions to IAM Users. After an IAM user is added to a user group, the user has the permissions of the group.
The default "admin" user group has all permissions to use all cloud resources.
Permission
Roles: Assign permissions based on job responsibilities.
Policies: Define permissions required to perform operations on cloud resources.
System-defined policy: Cloud service actions, cannot be modified.
Custom policies: Refined access control, created in visual editor or JSON view.
Agency
Establishes a trust relationship between accounts or cloud services to delegate resource access.
Account delegation: O&M implementation on your resources
Cloud service delegation: Cloud services accessing each other.
Advantages of IAM
Fine-grained Access Control: Create IAM users for teams/applications and grant specific permissions.
Cross-Account Resource Access Delegation: Delegate another account to manage resources for efficient O&M.
Federated Access: Integrate existing enterprise accounts via Identity Provider (IdP) for single sign-on (SSO).
Huawei Cloud-Security Cloud Platform
Multiple global security compliance certifications include security-related certifications and privacy-related specifications.
developed a governance system that covers mainstream cloud security standards and security management requirements is called Cloud Service Cybersecurity & Compliance Standard (3CS for short).
DevSecOps, covering the entire lifecycle of services from development, deployment, to operation.
Enterprise Solutions
Website Building Solution is for Build your enterprise website with ease, flexibility, and speed, and at low costs
Enterprise Cloud Box is for Content management powered by AI and cloud computing for efficiency, security, and ease of use
Marketing Automation, helps you streamline data, manage leads, identify and incubate quality potential customers
Cross-border Enterprise Business help you expand your business internationally.
On-premises to On-cloud is for Free cloud resources and professional migration services
Solutions by Use Case
HUAWEI CLOUD pre-integrates products and capabilities to meet the requirements of running ICT businesses on the cloud.
General solutions in the following categories:
Backup and Restore
Business Applications
Enterprise Office
Hybrid Cloud Solution
Infrastructure for Media
Internet of Things
IPv6
Web & Mobile
SAP in Cloud
HPC on Cloud
Haydn Solution Digital Platform
Solutions by Industry
HUAWEI CLOUD provides solutions for a wide range of industries, so you can always find the cloud services you need.
industry solutions are categorized:
Smart City
Campus
E-Commerce
Education
Financial Services
Gaming
Manufacturing
Healthcare and Life Sciences
Retail
Telecom
Automotive
Practical Application of Huawei Cloud Solutions
The Practical Application of Huawei Cloud Solutions describes the architecture and deployment of Huawei Cloud solutions in specific scenarios. The source codes have been technically verified by experts for one-click deployment.
technical solutions includes CDN for Download Acceleration, CSS-based SQL Acceleration, Website O&M Analysis Based on LTS and etc.
Ecosystem Co-creation
Joint creation, sharing, and win-win ecosystem concept.
With HUAWEI CLOUD as the foundation, build a black land for ecosystem development, with application enablement, data enablement, and AI enablement to help ecosystem partners realize cloudification, SaaS, and intelligence of applications
Creates value for customers, enables excellent software to serve more enterprises, and achieve win-win results with customers and partners in the digital era.
Aggregated 1800000 developers, more than 13,000 consulting partners, more than 7,000 technical partners, and more than 100000 paid users. We have released more than 4000 applications on the cloud market.
New Partner System
HUAWEI CLOUD will focus on building partner capabilities and carry out comprehensive partner system transformation.
two cooperation frameworks including GoCloud and GrowCloud aims to cultivate and develop partners' capabilities, provide six growth paths for different types of partners such as For service partners and software partners.
Cloud marketplace and Global Developers
HUAWEI CLOUD provides a series of simplified tools and templates and multiple industry knowledge and asset models to flexibly respond to market requirements, and business support program.
HUAWEI CLOUD Hopes that the two application distribution platforms, HUAWEI CLOUD Marketplace and AppGallery can help developers accelerate business value transformation.
Quiz
Question 1: In cloud computing deployment mode, the infrastructure is owned by a single organization and runs only for that organization. Which of the following deployment modes is the cloud computing deployment mode?
- Answer: A. Private cloud
Question 2: Huawei Cloud uses Identity and Access Management (IAM) projects to group and isolate resources in different regions.
- Answer: B. False
Summary
This chapter described the basic architecture, basic concepts, technical features, ecosystem construction of HUAWEI CLOUD.
Have a preliminary understanding of cloud computing and public cloud, and have a basic understanding of their development background, future trends, and technical characteristics.