Cloud Essentials/Cloud Concepts
Cloud Concepts
Objectives and Skills
editObjectives and skills for the cloud concepts portion of CompTIA Cloud Essentials+ certification include:[1]
- Explain cloud principles.
- Service models
- SaaS
- IaaS
- PaaS
- Deployment models
- Public
- Private
- Hybrid
- Characteristics
- Elastic
- Self-service
- Scalability
- Broad network access
- Pay-as-you-go
- Availability
- Shared responsibility model
- Service models
- Identify cloud networking concepts.
- Connectivity types
- Direct connect
- VPN
- Common access types
- RDP
- SSH
- HTTPS
- Software-defined networking (SDN)
- Load balancing
- DNS
- Firewall
- Connectivity types
- Identify cloud storage technologies.
- Storage features
- Compression
- Deduplication
- Capacity on demand
- Storage characteristics
- Performance
- Hot vs. cold
- Storage types
- Object storage
- File storage
- Block storage
- Software-defined storage
- Content delivery network
- Storage features
- Summarize important aspects of cloud design.
- Redundancy
- High availability
- Disaster recovery
- Recovery objectives
- RPO
- RTO
Readings
editMultimedia
editActivities
edit- Research cloud service providers and identify the top three providers by market share.
- Compare and contrast the top three cloud service providers based on available services, price, and reputation.
- Investigate whether your school or work environment is using one or more cloud platforms. If so, identify which services are in use and try to determine why this provider was selected. Also consider which service model(s) are being used, what types of connections and access types are in use, and what networking protocols are in use.
Lesson Summary
editIntroduction
edit- Cloud computing is the on-demand availability of computer system resources, especially data storage (cloud storage) and computing power, without direct active management by the user.[2]
- Cloud computing relies on sharing of resources to achieve coherence and economies of scale.[3]
- Cloud computing allows companies to avoid or minimize up-front IT infrastructure costs.[4]
- Cloud providers typically use a "pay-as-you-go" model, which can lead to unexpected operating expenses if administrators are not familiar with cloud-pricing models.[5]
Service Models
edit- Service-oriented architecture (SOA) is a style of software design where services are provided to the other components by application components, through a communication protocol over a network.[6]
- A service has four properties:[7]
- It logically represents a business activity with a specified outcome.
- It is self-contained.
- It is a black box for its consumers, meaning the consumer does not have to be aware of the service's inner workings.
- It may consist of other underlying services.
- Services are presented to a customer, either internal or external, and provide endpoints for customers/consumers to interface with. Interfaces are usually API driven, but can commonly be controlled via a web console in a user's web browser.[8]
- Service models include:
- BPaaS (Business Process as a Service)
- CaaS (Communications as a Service)
- DBaaS (Database as a Service) is a service model where the database service provider takes responsibility for installing and maintaining the database and application owners are charged according to their usage of the service.[9]
- IaaS (Infrastructure as a Service) provides high-level APIs used to dereference various low-level details of underlying network infrastructure like physical computing resources, location, data partitioning, scaling, security, backup etc.[10]
- ITaaS (Information Technology as a Service) is an operational model where the information technology (IT) service provider delivers an information technology service to a business.[11]
- MaaS (Monitoring as a Service) is a framework that facilitates the deployment of monitoring functionalities for various other services and applications within the cloud.[12]
- PaaS (Platform as a Service) is a category of cloud computing services that provides a platform allowing customers to develop, run, and manage applications without the complexity of building and maintaining the infrastructure typically associated with developing and launching an app.[13]
- SaaS (Software as a Service) is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted.[14]
- Services are provided by:
- ASP (Application Service Provider)
- CSP (Cloud Service Provider)
- ISP (Internet Service Provider)
- MSP (Managed Service Provider)
Deployment Models
edit- Deployment models include:
- Public cloud services are delivered over the public Internet, and they may be offered as a paid subscription, or free of charge.[15]
- Private cloud is cloud infrastructure operated solely for a single organization, whether managed internally or by a third party, and hosted either internally or externally.[16]
- Hybrid cloud is a composition of a public cloud and a private environment, such as a private cloud or on-premises resources, that remain distinct entities but are bound together, offering the benefits of multiple deployment models.[17]
Characteristics
edit- The National Institute of Standards and Technology's definition of cloud computing identifies "five essential characteristics":[18]
- On-demand self-service. A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider.
- Broad network access. Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, tablets, laptops, and workstations).
- Resource pooling. The provider's computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand.
- Rapid elasticity. Capabilities can be elastically provisioned and released, in some cases automatically, to scale rapidly outward and inward commensurate with demand. To the consumer, the capabilities available for provisioning often appear unlimited and can be appropriated in any quantity at any time.
- Measured service. Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts). Resource usage can be monitored, controlled, and reported, providing transparency for both the provider and consumer of the utilized service.
- Pay-as-you-go allows consumers to pay only for the individual services they need, for as long as they use them, and without requiring long-term contracts or complex licensing.[19]
- Availability is the probability that a system will work as required when required. Availability includes non-operational periods associated with reliability, maintenance, and logistics.[20]
- The shared responsibility model defines the responsibilities of the cloud service provider and the consumer. The provider is typically responsible for the infrastructure (composed of the hardware, software, networking, and facilities that run cloud services). The consumer is responsible for all necessary service security configuration and management tasks.[21]
Networking
edit- Connectivity types include:
- Direct connect allows customers to securely link their legacy data centers to their cloud-resident applications.[22]
- VPN extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network.[23]
- Common access types include:
- RDP (Remote Desktop Protocol) is a proprietary protocol developed by Microsoft which provides a user with a graphical interface to connect to another computer over a network connection.[24]
- SSH (Secure Shell) is a cryptographic network protocol for operating network services securely over an unsecured network. Typical applications include remote command-line, login, and remote command execution.[25]
- HTTPS (Hypertext Transport Protocol Secure) is an extension of the Hypertext Transfer Protocol (HTTP) used for secure communication over a computer network, and is widely used on the Internet. In HTTPS, the communication protocol is encrypted using Transport Layer Security (TLS) or, formerly, Secure Sockets Layer (SSL).[26]
- Network types include:
- SAN (Storage Area Network) is a computer network which provides access to consolidated, block-level data storage.[27]
- SDN (Software-defined Networking) is an approach to network management that enables dynamic, programmatically efficient network configuration in order to improve network performance and monitoring, making it more like cloud computing than traditional network management.[28]
- WAN (Wide Area Network) is a telecommunications network that extends over a large geographic area for the primary purpose of computer networking.[29]
- VLAN (Virtual Local Area Network) is any broadcast domain that is partitioned and isolated in a computer network at the data link layer (OSI layer 2).[30]
- Network protocols include:
- IP (Internet Protocol) is the principal communications protocol in the Internet protocol suite for relaying datagrams across network boundaries. Its routing function enables internetworking, and essentially establishes the Internet.[31]
- TCP/IP (Transmission Control Protocol/Internet Protocol) provides reliable, ordered, and error-checked delivery of a stream of octets (bytes) between applications running on hosts communicating via an IP network.[32]
- FTP (File Transfer Protocol) is a standard network protocol used for the transfer of computer files between a client and server on a computer network.[33]
- SFTP (Secure File Transfer Protocol) is a network protocol that provides file access, file transfer, and file management over any reliable data stream.[34]
- SNMP (Simple Network Management Protocol) is an Internet Standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior.[35]
- SSL (Secure Sockets Layer), now deprecated, and Transport Layer Security (TLS) are cryptographic protocols designed to provide communications security over a computer network.[36]
- Network services include:
- DNS (Domain Name Service) is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network.[37]
- Firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.[[38]
- Load balancing refers to the process of distributing a set of tasks over a set of resources (computing units), with the aim of making their overall processing more efficient.[39]
Storage
edit- Cloud storage is:[40]
- Made up of many distributed resources, but still acts as one, either in a federated or a cooperative storage cloud architecture
- Highly fault tolerant through redundancy and distribution of data
- Highly durable through the creation of versioned copies
- Cloud storage features include:
- Compression is the process of encoding information using fewer bits than the original representation.[41]
- Deduplication is a technique for eliminating duplicate copies of repeating data.[42]
- Capacity on demand provides dynamic, pay-for-use consumption with business continuity and agility, allowing you to dynamically activate one or more resources on your storage service as your business needs dictate.[43]
- Storage characteristics include:
- Performance
- Hot vs. cold
- Storage types include:
- Software-defined storage provides policy-based provisioning and management of data storage independent of the underlying hardware.[47]
- CDN (Content Delivery Network) is a geographically distributed network of proxy servers and their data centers. The proxy servers or edge servers are designed to be close to the end user at the edge of the network and provide an advantage in performance and/or cost.[48]
Design
edit- Redundancy is the existence of data that is additional to the actual data and permits correction of errors in stored or transmitted data.[49]
- High availability is a characteristic of a system which aims to ensure an agreed level of operational performance, usually uptime, for a higher than normal period.[50]
- DR (Disaster Recovery) involves a set of policies, tools and procedures to enable the recovery or continuation of vital technology infrastructure and systems following a natural or human-induced disaster.[51]
- Recovery objectives include:
- RPO (Recovery Point Objective) is the maximum targeted period in which data (transactions) might be lost from an IT service due to a major incident.[52]
- RTO (Recovery Time Objective) is the targeted duration of time and a service level within which a business process must be restored after a disaster (or disruption) in order to avoid unacceptable consequences associated with a break in business continuity.[53]
Key Terms
editSee Also
editReferences
edit- ↑ CompTIA: Cloud Essentials+ Certification Exam Objectives EXAM NUMBER: CLO-002
- ↑ Wikipedia: Cloud computing
- ↑ Wikipedia: Cloud computing
- ↑ Wikipedia: Cloud computing
- ↑ Wikipedia: Cloud computing
- ↑ Wikipedia: Service-oriented architecture
- ↑ Wikipedia: Service-oriented architecture
- ↑ Wikipedia: As a service
- ↑ Wikipedia: Cloud database
- ↑ Wikipedia: Infrastructure as a service
- ↑ Wikipedia: IT as a service
- ↑ Wikipedia: Monitoring as a service
- ↑ Wikipedia: Platform as a service
- ↑ Wikipedia: Software as a service
- ↑ Wikipedia: Cloud computing
- ↑ Wikipedia: Cloud computing
- ↑ Wikipedia: Cloud computing
- ↑ Wikipedia: Cloud computing
- ↑ AWS: Pricing
- ↑ Wikipedia: Availability (system)
- ↑ AWS: Shared Responsibility Model
- ↑ Wikipedia: Cloud computing
- ↑ Wikipedia: Virtual private network
- ↑ Wikipedia: Remote Desktop Protocol
- ↑ Wikipedia: SSH (Secure Shell)
- ↑ Wikipedia: HTTPS
- ↑ Wikipedia: Storage area network
- ↑ Wikipedia: Software-defined networking
- ↑ Wikipedia: Wide area network
- ↑ Wikipedia: Virtual LAN
- ↑ Wikipedia: Internet Protocol
- ↑ Wikipedia: Transmission Control Protocol
- ↑ Wikipedia: File Transfer Protocol
- ↑ Wikipedia: SSH File Transfer Protocol
- ↑ Wikipedia: Simple Network Management Protocol
- ↑ Wikipedia: Transport Layer Security
- ↑ Wikipedia: Domain Name System
- ↑ Wikipedia: Firewall (computing)
- ↑ Wikipedia: Load balancing (computing)
- ↑ Wikipedia: Cloud storage
- ↑ Wikipedia: Data compression
- ↑ Wikipedia: Data deduplication
- ↑ IBM: Capacity on Demand
- ↑ Wikipedia: Object storage
- ↑ Wikipedia: Object storage
- ↑ Wikipedia: Object storage
- ↑ Wikipedia: Software-defined storage
- ↑ Wikipedia: Content delivery network
- ↑ Wikipedia: Data redundancy
- ↑ Wikipedia: High availability
- ↑ Wikipedia: Disaster recovery
- ↑ Wikipedia: Disaster recovery
- ↑ Wikipedia: Disaster recovery