Chapter I.
Understanding Cloud Computing

1. Definitions

Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released minimal management effort or service provider interaction.
Simply say: Cloud computing is a specialized form of distributed computing that introduces utilisation models for remotely provisioning scalable and measured resources.

2. Business drivers for Cloud Computing

Capacity Planning

Lead strategy
Lag strategy
Match strategy

Cost Reduction

Infrastructure-related operating overhead: utility bills, technical personnel required, etc.

Organisational Agility

Change business needs, priorities
IT resources requirement

3. Technology innovations for Cloud Computing

Clustering

Cluster
Hardware clustering

Grid Computing

A platform – distributed grid
Computing resources – heterogeneous and geographically

Virtualisation

A technology platform – physical IT resources to provide multiple virtual images, processing capability can be shared by multiple users

4. Basic concepts

Cloud – finite boundary, privately owned, offer access to IT resources, back-end processing capabilities
Internet - individual clouds are accessible via the Internet, content-based IT resources
IT Resource: A physical or virtual IT-related artifact, software or hardware
The Cloud Framework: The physical layer, The virtualisation layer
Cloud Consumers & Cloud Providers

4.1 Scaling – IT resource perspective:

Horizontal Scaling – scaling out and in
Vertical Scaling – scaling up and down

Horizontal Scaling	Vertical Scaling
Less expensive (through commodity hardware components)	More expensive (specialised servers)
IT resources instantly available	IT resources normally instantly available
Resource replication and automated scaling	Additional setup is normally needed
Additional IT resources need	No additional IT resources needed
Not limited by hardware capacity	Limited by maximum hardware capacity

4.2 Cloud Service

Any IT resource that is made remotely accessible via a cloud
As service-oriented architecture (i.e., Web-base software program, etc.)
A multitude of models of cloud services (i.e., labled with the “as-a -service” suffix.)

Software， Program， Services， Work station， Laptop， Mobile devices

4.3 Goals and Benefits

Reduced Investments and Proportional Costs
Increased Scalability
Increased Availability and Reliability

4.3.1 Reduced Investments and Proportional Costs

The common economic rationale for investing in cloud-based IT resources is in the reduction or outright elimination of up-front IT environment
Opportunities to decrease costs – the deployment and operation of large scale data centres by major cloud providers
The common measurable benefits:

On-demand access to pay-as-you-go computing resources on a shortterm basis
The perception of having unlimited computing resources that are available on demand
The ability to add or remove IT resources at a fine-grained level (i.e., 1 GB increments)
Abstraction of the infrastructure – apps are not locked into devices/locations

4.3.2 Increased Scalability

Clouds available to instant and dynamical allocate IT resources to consumers – IT resources pool
The ability of IT resources to always meet and fulfil unpredictable usage demands – to avoid usage thresholds are met

4.3.3 Increased Availability and Reliability

The typical cloud environment is its intrinsic ability to provide extensive support for increasing the availability of a cloud-based IT resources:

An IT resource with increased availability is accessible for longest periods of time
Cloud providers generally offer “resilient” IT resources for which they are able to guarantee high levels of availability
An IT resource with increased reliability is able to better avoid and recover from exception conditions
The modular architecture of cloud environments provides extensive failover support that increases reliability

4.4 Risk and Challenges

Increased Security Vulnerabilities

Different security frameworks
Overlapping trust boundaries

Reduced Operational Governance Control

Cloud provider may not guarantee in the service-level agreement (SLA)
Multi-hops

Limited Portability Between Cloud Providers

No established Industry standards
To move from one Cloud provider to another

Multi-Regional Compliance and Legal Issues

Data centers (i.e., Locations) of the third-party cloud providers, i.e., some UK laws require personal data belonging to be kept within the UK.
The accessibility and disclosure of data, i.e., a EU cloud consumer’s data that is located in the US.

5. SUMMARY

The primary business derivers that exposed the need for cloud computing and led to its information include capacity planning, cost reduction, and organizational agility
The primary technology innovations that influenced and inspired key distinguishing features and aspects of cloud computing include clustering, grid computing, and traditional forms of virtualisation
Cloud environments are comprised of highly extensive infrastructure that offers pools of IT resources that can be leased using a pay-for-use model whereby only the actual usage of the IT resources is billable
The inherent ability of a cloud to scale IT resources enables organisations to accommodate unpredictable usage fluctuations without being limited by pre-defined thresholds that may turn away usage requests from customers
By leveraging cloud environments to make IT resources highly available and reliable, organisations are able to increase quality-of-service (QoS) guarantees to customers and further reduce or avoid potential loss of business resulting from unanticipated runtime failures
Cloud environments can introduce distinct security challenges, trust boundaries, various legal and regulatory compliance concerns, etc.

6. Cloud History and evolution and trends

Chapter II.
Fundamental Concepts and Models

1. Roles and Boundaries

Roles

Cloud provider
Cloud Consumer
Cloud Service Owner
Cloud Resource Administrator
Additional Roles • Cloud Auditor • Cloud Broker • Cloud Carrier

Boundary

Organisation Boundary
Trust Boundary

1.1 Cloud Provider

The organization that provides cloud-based IT resources
Agreed upon SLA guarantees
Required management and administrative duties – overall cloud infrastructure
IT resources – for lease by cloud consumers; “resell” IT resources leased from other cloud providers

1.2 Cloud Consumer

An organization/ a human has a formal contract/arrangement with a cloud provider to use IT resources

1.3 Cloud Service Owner

The organization/person that legally owns a cloud services
The cloud service owner can be the cloud consumer or the cloud provider

1.4 Cloud Resource Administrator

The organization/person responsible for administering a cloud-based IT resource (including cloud service)
It can be the cloud consumer/provider of the cloud within which the cloud service resides
It can be a third-party organization contracted to administer the cloud-based IT resource

1.5 Other Roles

Cloud Auditor – a third party that conducts independent assessments of cloud environments
Cloud Broker – a party that assumes the responsibility of managing and negotiating the usage of cloud services between cloud providers and cloud providers
Cloud Carrier – a party provides the wire-level connectivity between cloud consumers and cloud providers

1.6 Organisational Boundary

The physical perimeter that surrounds a set of IT resources that are owned and governed by an organisation.

1.7 Trust Boundary

The logical perimeter that typically spans beyond physical boundaries to represent the extent to which IT resources are trust

2. Cloud Characteristics

To enable the remote provisioning of scalable and measured IT resources

On-demand usage
Ubiquitous access
Multitenancy (and resource pooling)
Elasticity
Measured usage
Resiliency

2.1 On-demand usage

A cloud consumer can unilaterally access cloud-based IT resources
Also known as “on-demand self-service usage”

2.2 Ubiquitous access

The ability for a cloud service to be widely accessible
A cloud service can require support for a range of devices, transport protocols, interfaces, and security technologies

2.3 Multitenancy (and resource pooling)

A software program enables an instance of the program to serve different consumers (tenants)
Each consumer/tenant is isolated from the other
Resource pooling – cloud providers to pool large-scale IT resources to serve multiple cloud consumers

2.4 Elasticity

The ability of a cloud to transparently scale IT resources
As required in response to runtime conditions
As pre-determined by the cloud consumer or cloud provider

2.5 Measured Usage

The ability of a cloud platform to keep track of the usage of its IT resources, primarily by cloud consumers
Not limited to tracking statics for billing purposes, the general monitoring of IT resources and related usage reporting

2.6 Resiliency

Resilient computing – a form of failover that distributes redundant implementations of IT resources across physical locations

3. Cloud delivery models

A specific, pre-packaged combination of IT resources offered by a cloud provider
Three common cloud delivery models:
Infrastructure-as-a-Service (IaaS)

A self-contained IT environment comprised of infrastructure centric IT resources that can be accessed and managed via cloud service-based interface and tools
IT resources are typically virtualised and packaged into bundles

Platform-as-a-Service (PaaS)：A pre-defined “ready-to-use” environment, which is comprised of already deployed and configured IT resources  Common reasons – PaaS: • The cloud consumer wants to extend on-premise environments into the cloud for scalability and economic purposes • The cloud consumer uses the ready-made environment to entirely substitute an on-premise environment • The cloud consumer wants to become a cloud provider and deploys its own cloud services to be made available to other external cloud consumers
Software-as-a-Service (SaaS)：A software program positioned as a shared cloud service  As a “product” or generic utility tool  To make a reusable cloud service widely available to a range of cloud consumers  SaaS can be leased and used for different purposes and via different terms

3.1 Cloud delivery models – Comparison

Typical cloud delivery model **control levels**
Cloud delivery models	Typical Level of Control Granted to Cloud Consumer	Typical Functionality Made Available to Cloud Consumer
SaaS	Usage and usage-related configuration	Access to front-end user-interface
PaaS	Limited administrative	Moderate level of administrative control over IT resources relevant to cloud consumer’s usage of platform
IaaS	Full administrative	Full access to virtualised infrastructurerelated IT resources and, possibly, to underlying physical IT resources

**Typical activities** carried out by cloud consumers & providers in relation to the cloud delivery models
Cloud delivery models	Common Cloud Consumer Activities	Common Cloud Provider Activities
SaaS	Usage and configures cloud service	Implements, manages, and maintains cloud service Monitors usage by cloud consumers
PaaS	Develops, tests, deploys, and manages cloud services and cloud-based solutions	Pre-configures platform and provisions underlying infrastructure, middleware, and other needed IT resources, as necessary Monitors usage by cloud consumers
IaaS	Sets up and configures bare infrastructure, and installs, manages, and monitors any needed software	Provisions and manages the physical processing, storage, networking, and hosting required Monitors usage by cloud consumers

**Comparative Analysis**
Key Components	IaaS	PaaS	SaaS
Infrastructure	Provides basic computing infrastructure (e.g., virtual machines, storage, networking).	Provides a more complete application platform (e.g., middleware, runtime environments, development tools).	Provides a fully functional application without managing the underlying infrastructure.
Customizability	High customizability, customers have full control over infrastructure.	Limited customizability, customers choose programming language, tools, and runtime environments.	Least customizability, customers use the application as is.
Responsibility	Customers manage infrastructure, including security, backups, and updates.	Cloud provider manages infrastructure, customers manage applications and data.	Cloud provider manages entire application, including infrastructure, security, backups, and updates.
Scalability	High scalability, customers can scale up or down infrastructure.	High scalability, customers can scale up or down applications.	Scalability limited by capabilities and capacity of offered application.
Cost	Customers bear the cost of managing and maintaining infrastructure.	Cost can vary depending on the level of services offered	Generally more cost-effective, as it requires no customer management or maintenance

3.2 Cloud delivery models – Combination

IaaS + PaaS

e.g., the cloud provider offering the PaaS environment chose to lease an IaaS environment from a different cloud provider

IaaS + PaaS + SaaS

IaaS – offers cloud consumers a high level of administrative control over infrastructure-based IT resources
PaaS – enable a cloud provider to offer a preconfigured environment
SaaS – a cloud delivery model for shared cloud services that commercialised products hosted by clouds

3.3 Cloud Deployment Models

A cloud deployment – a specific type of cloud environment; primarily distinguished by ownership, size and access

Four common cloud deployment models:

Public Cloud • Community Cloud • Private Cloud • Hybrid Cloud

3.4 Public Clouds

A publicly accessible cloud environment owned by a third-party cloud provider
IT resources - provisioned via the previously described cloud delivery models
Cloud provider is responsible for the creation and on-going maintenance of the Public cloud and its IT resources

3.5 Community Clouds

Similar to a public cloud, its access is limited to a specific community of cloud consumers
Ownership – jointly by community members or a third-party cloud provider that provisions a public cloud with limited access
Parties outside the community are generally not granted access unless allowed by the community

3.6 Private Clouds

It is owned by a single organisation
Enable an organization to use cloud computing technology as a means of centralising access to IT resources by different parts, locations, etc.
The same organization is both the cloud provider and cloud consumer

3.7 Hybrid Clouds

It is a cloud environment comprised of two or more different cloud deployment models
A cloud consumer may choose to deploy cloud services:
• processing sensitive data to a private cloud and other
• Less sensitive data to a public cloud

3.8 Comparative Analysis

Cloud Deployment Model	Definition	Benefits	Limitations	Example
Public Cloud	Cloud computing services offered by third-party providers over the public internet, accessible to anyone who wants to use or purchase them.	Cost-effective, Scalability, Easy to manage	Limited control, Security concerns, Dependence on the provider	Amazon Web Services, Microsoft Azure, Alibaba Cloud, Google Cloud Platform, Tencent Cloud
Private Cloud	Cloud computing services dedicated to a single organization, typically managed and hosted by an internal IT department or a third-party provider.	High security, Customization, Control	High cost, Limited scalability, Complex management	IBM Cloud Private, VMware vCloud Suite, Dell Technologies Cloud
Hybrid Cloud	Cloud computing environment that combines a public cloud and a private cloud, allowing data and applications to be shared between them.	Flexibility, Scalability, Customizable	Integration complexity, High cost, Security concerns	Microsoft Azure Stack, AWS Outposts, Google Anthos
Community Cloud	Cloud computing environment where several organizations with similar needs share cloud infrastructure.	Cost-effective, Customization, Collaboration	Limited control, Integration complexity, Security concerns	Microsoft Government Community Cloud, Google Workspace for Education, Salesforce Community Cloud

3.9 Selecting Factors

Factors	Public Cloud	Private Cloud	Hybrid Cloud	Community Cloud
Cost	Low initial cost, pay-as-you-go model	High initial cost, long-term cost savings	Can be costly due to complex architecture	Shared cost among community members
Security	Data security is a shared responsibility	Greater control over data security	Varied depending on implementation	Shared security protocols among community
Scalability	Highly scalable and elastic	Scalability depends on available resources	High scalability due to flexible architecture	Scalability depends on community members'
Customizability	Limited customizability due to shared resources	High level of customizability	Moderate customizability depending on	Moderate customizability depending on community
Interoperability	May require additional tools and resources for	Can be designed for specific interoperability	Requires careful planning for seamless integration	Built-in interoperability due to shared protocols

3.10 Other Cloud Deployment Models – additional variations

Virtual Private Cloud (“dedicated cloud”) – a self-contained cloud environment hosted and managed by a public cloud provider, and made available to a cloud consumer
Inter Cloud – based on an architecture comprised of two or more inter-connected clouds

4. SUMMARY

Common roles associated with cloud-based interaction and relationships include the cloud provider, cloud consumer, cloud service owner, and cloud resource administrator
An organisation boundary represents the physical scope of IT resources owned and governed by an organisation
A trust boundary is the logical perimeter that encompasses the IT resources trusted by an organisation
On-demand usage is the ability of a cloud consumer to selfprovision and use necessary cloud-based services without requiring cloud provider interaction.
Ubiquitous access allows cloud-based services to be accessed by diverse cloud service consumers, while multitenancy is the ability of a single instance of an IT resource to transparently serve multiple cloud consumers simultaneously
The elasticity characteristic represents the ability of a cloud to transparently and automatically scale IT resources out or in.
Resiliency pertains to a cloud’s inherent failover features
A public cloud is owned by a third party and generally offers commercialised cloud services and IT resources to cloud consumer organisations
A private cloud is owned by an individual organisation and resides within the organisation’s premises
A community cloud is normally limited for access by a group of cloud consumers that may also share responsibility in its ownership
A hybrid cloud is a combination of two or more other cloud deployment models

Chapter III.
Cloud Enabling Technologies

Types of Cloud Enabling Technologies (CEB)

Broadband network and internet architecture
Data Center Technology
Virtualization Technology
Web Technology
Multitenant Technology
Containerization

Advantages and Disadvantages of CEB

Chapter IV.
Cloud Computing Mechanisms

Logical Network Perimeter
Virtual Server
Cloud Storage Device
Cloud Usage Monitor
Resource Replication
Ready-Made Environment

Chapter V.
Fundamental Cloud Architecture

Workload Distribution Architecture
Resource Pooling Architecture
Dynamic Scalability Architecture
Elastic Resource Capacity Architecture
Service Load Balancing Architecture
Cloud Bursting Architecture
Elastic Disk Provisioning Architecture
Redundant Storage Architecture

Chapter VI.
Fundamental Cloud Security

What are Cloud Attack
Fundamentals of cloud security

Identity and access management (IAM)
Network and host security
Data encryption and key management
Application security and DevSecOps
Visibility and intelligence

Building up four business security basics
Adapting to new cybersecurity standards

Chapter VII.
Serverless

Web Application

Function-as-a-Service

Unix Pipe
Why Serverless

PaaS vs. Serverless

Chapter VIII.
Containers

• Cloud computing is the on-demand availability of computer system resources

• Cloud native computing is an approach in software development that utilizes cloud computing to "build and run scalable applications in modern, dynamic environments such as public, private, and hybrid clouds".

• These technologies such as containers , microservices, serverless functions, cloud native processors and immutable infrastructure, deployed via declarative code are common elements of this architectural style.

• Cloud native technologies focus on minimizing users' operational burden.

Containerization	Microservices

Serverless	Cloud-native processor

• Docker is an open-source project that automates the deployment of software applications inside containers by providing an additional layer of abstraction and automation of OS-level virtualization on Linux.

【学习笔记】Cloud Computing

Chapter I. Understanding Cloud Computing