Cloud computing is the on-demand access to IT resources (compute, storage, and applications) through services. The key characteristics of cloud computing are on-demand, resource pooling, elasticity, broad network access, and measured services with pay as you go.
Benefits of Cloud Computing
- Trade Capital Expense for Variable Resource – Only pay what you use
- Stop guessing about capacity – Scale with the business needs
- Massive economies of scale – Supported by big Cloud providers such as AWS
- Increase speed and agility
- No need to run and maintain data centers
- Go global in minutes
Types of Cloud Computing
- Infrastructure as A Service (IAAS)
- Cloud provider only provides the hardware, network, storage (server infrastructure)
- You will manage all inside of the server.
- Platform as A Service (PAAS)
- Cloud provider manages hardware and OS + security patches, updates, and maintenance of servers.
- You can focus on applications on the server.
- Software as A Service (SAAS)
- Provider provides applications, and you can just use them.
Types of Cloud Computing Deployments
- Public Cloud – Manage by Cloud Providers such as AWS and Azure
- Private Cloud – You manage it in your data center
- Hybrid Cloud – Mix of Public and Private,
- For example, you can store sensitive data inside of the private cloud, locate applications in the public cloud, and connect them using connection services such as AWS Direct Connect.
Basic Concepts of Cloud Computing
- Elasticity: You can provision only what you need and then grow and shrink based on demand.
- Agility: Cloud services help you to adjust and innovate faster according to the market demand.
- Durability: Your data will remain intact without being lost or corrupted.
- High Availability: Hardware, software, and configuration allowing a system to recover quickly in the event of failure
- Minimize the downtime, does not prevent failure – cheaper to achieve
- Fault Tolerance: System design to operate through a failure with no user impact.
- More expensive and complex to achieve (for example, a load balancer)
- Recovery Point Objective (RPO): How much a business (data) can tolerate losing, expressed in time. The maximum time between a failure and the last successful backup.
- Recovery Time Objective (RTO): The maximum amount of time a system can be down. How long a solution takes to recover.
- Vertical scaling: is achieved by adding additional resources in the form of CPU or memory to an existing machine. By doing so, the machine is able to service additional customers or perform compute tasks quicker. Eventually, maximum machine sizes will constrain your ability to scale – either technically or from a cost perspective.
- Horizontal scaling: is achieved by adding additional machines into a pool of resources, each of which provides the same service. Horizontal scaling suffers non of the size limitations of vertical scaling and can scale to nearly infinite level but requires application support to scale effectively.
AWS Global Infrastructure
Official Link: https://aws.amazon.com/about-aws/global-infrastructure/
- A region is a physical geographical area. Each region consists of 2 or more AZs.
- In general, choose a region close to your target users. But there might be legal or compliance requirements for your data or applications required to reside in a specific region.
- Not all regions have all AWS services available.
- The cost of services may differ from region to region.
Availability Zone (AZ)
- AZs are separated and isolated networks (data centers).
- A failure (Power outage or fire) in one AZ generally won’t impact another.
- AZs in the same region are connected with high-speed, redundant, and low-latency network connections.
Edge Locations (Points of Presence)
- Edge locations are endpoints for small pockets of AWS compute, storage, and networking services close to major populations.
- They are generally used for edge computing, caching, and content delivery, e.g., CloudFront.
Shared Responsibility Model
Official Link: https://aws.amazon.com/compliance/shared-responsibility-model/
Security and compliance are shared responsibilities between AWS and the customer.
- AWS: Security OF Cloud
- Networking, Hardware, Software – Physical servers and environments
- Personnel Security
- DDoS protection
- Underlying OS Patching for managed services such as Lambda, DynamoDB, etc…
- Customer: Security IN Cloud
- Credentials, Customer Data (Data Encryption and Integration)
- OS Patching on EC2 instances
- IAM, MFA (Multi-Factor Authentication)
- Password and Key rotation
AWS Pricing Model
Basic Pricing Policies
- Pay as you go (as-needed base and pay only when you are running)
- Pay less by using more
- Pay less when you reserve
Fundamental Cost Drivers
- Compute (hours of server time, instance type, the number of instances)
- Data Outbound
Basic Pricing Model
- Spot instances
- Reserved instances
- Dedicated instances
- Elastic Beanstalk, CloudFormation, Autoscaling
- Only charged for resources that are created by services.
- IAM (Identity and Access Management)
- Free tier usage