Using Cloud Resources
Last updated
Last updated
Cloud infrastructure services, often referred to as Infrastructure as a Service (IaaS), provide virtualized computing resources over the internet. This includes virtual machines, storage, networking, and other fundamental computing resources that can be scaled on demand.
A Virtual Private Cloud (VPC) is a virtual network environment within a cloud platform that offers isolated and secure networking capabilities. It enables users to create, configure, and manage their own virtual network infrastructure within the cloud, providing control over networking elements similar to an on-premises environment.
Private Networking: VPCs allow for the creation of private, isolated networks within the cloud, ensuring that resources are accessible only within the defined network unless explicitly allowed.
IP Management: Users can define IP address ranges for the VPC, manage IP allocation, and ensure proper routing of traffic within and outside the VPC.
Subnets: VPCs can be segmented into subnets, which are smaller networks within the VPC. Subnets can be used to group and isolate resources based on function or security requirements.
Routing: VPCs provide customizable routing tables, allowing users to direct traffic between subnets, the internet, and other networks.
DNS: VPCs include DNS services that allow for name resolution within the virtual network and can integrate with external DNS services for hybrid cloud deployments.
Access Control Lists (ACLs)/Network Security Groups (NSGs): These are used to control inbound and outbound traffic to and from resources within the VPC. ACLs and NSGs provide an additional layer of security by defining rules for traffic filtering.
IP Ranges: Users define the IP address range for the VPC, often using private IP ranges (e.g., 10.0.0.0/16), to ensure internal IP address management and avoid conflicts with external networks.
Load Balancers: VPCs support load balancers that distribute incoming traffic across multiple instances or services within the VPC, ensuring high availability and scalability.
VPNs (Virtual Private Networks): VPCs often support VPNs for secure, encrypted connections between on-premises networks and the cloud, allowing for seamless hybrid cloud environments.
Gateways: VPCs can include internet gateways for outbound traffic to the internet and NAT gateways for secure, private communication from instances in private subnets to the internet without exposing them to inbound traffic.
AWS (Amazon Web Services): AWS VPC offers features like Security Groups, Network ACLs, Elastic IPs, Internet/NAT Gateways, VPN connections, and Elastic Load Balancers. AWS Direct Connect provides private, low-latency connections to on-premises environments.
Azure: Azure provides VPC-like functionality through Virtual Networks (VNets), which include NSGs, Azure DNS, VPN Gateway, Azure Load Balancer, and ExpressRoute for private connections.
GCP (Google Cloud Platform): GCP VPCs are global and span multiple regions, offering firewall rules, Cloud DNS, Cloud VPN, Cloud Load Balancer, and Cloud Interconnect for hybrid connectivity.
Each cloud providerโs VPC implementation includes unique features, but all support essential networking components like gateways, load balancers, and VPNs to ensure secure, scalable, and efficient cloud networking.
A cloud instance, often referred to as a Virtual Machine (VM), is a virtualized computing environment created within a cloud computing platform. It acts as an independent server that runs within the infrastructure provided by the cloud service provider.
Size: The size of a VM typically determines its computing power, including the number of virtual CPUs (vCPUs), amount of RAM, and available storage. Different sizes cater to various workloads, from small applications to large-scale enterprise solutions.
Series/Type: Cloud providers offer different series or types of instances tailored to specific use cases, such as general-purpose, compute-optimized, memory-optimized, or GPU-based instances. Each series/type has varying configurations of vCPU, RAM, and other resources.
Image: Cloud instances are launched from pre-configured images, which include the operating system (e.g., Windows, Linux) and can also include additional software stacks (e.g., LAMP) or custom configurations. Images provide a quick start for creating instances with specific environments.
Storage: Cloud instances typically come with storage options, such as attached volumes or ephemeral disks, which can be used for operating systems, applications, and data storage.
Networking (VPC): Instances are typically deployed within a Virtual Private Cloud (VPC), providing networking capabilities such as IP address management, routing, and access to internet gateways.
Security & Access: Instances are secured using security groups, firewalls, and access controls (e.g., SSH keys, IAM roles), ensuring only authorized users and services can interact with the VM.
Monitoring: Cloud providers offer monitoring tools to track instance performance, usage, and health metrics. These tools help manage and optimize cloud resources effectively.
Instance Types: AWS offers various EC2 instance types like General Purpose (T-series), Compute Optimized (C-series), Memory Optimized (R-series), and GPU-based instances (P-series).
Storage: Instances can use Elastic Block Store (EBS) for persistent storage or instance store for temporary storage.
Images: AWS provides Amazon Machine Images (AMIs) that can include different OS, software stacks, or custom configurations.
Instance Types: Azure offers VM series such as General Purpose (D-series), Compute Optimized (F-series), and Memory Optimized (E-series). Azure also provides specialized instances like GPU VMs (NC-series).
Storage: Azure VMs use managed disks for persistent storage, with different types (Standard, Premium) depending on performance needs.
Images: Azure provides a variety of VM images in the Azure Marketplace, including pre-configured OS images and fully configured application environments.
Instance Types: GCP offers instance types like General Purpose (N1, N2), Compute Optimized (C2), and Memory Optimized (M2). It also supports custom machine types where users can define specific vCPU and memory configurations.
Storage: GCP uses Persistent Disks for durable storage, available in different types like SSD and HDD.
Images: GCP provides Google Cloud Images, including OS images and application stacks, along with custom images for specific configurations.
Cloud storage refers to a service provided by Cloud Service Providers (CSPs) that allows users to store, manage, and access data remotely on cloud infrastructure. This service offers scalability, redundancy, and access from anywhere with an internet connection. Each major cloud provider offers different types of storage solutions to meet various needs, such as object storage, file storage, and block storage.
S3 is highly integrated with other AWS services and is known for its durability (11 nines) and scalability. EFS offers fully managed file storage with shared access, while EBS provides flexible and persistent block storage for EC2 instances.
Storage Accounts provide a unified storage solution for different data types, with Blobs being the Azure equivalent to S3. Managed Disks simplify storage management for VMs and offer different performance tiers.
Storage Buckets are similar to AWS S3 but are globally accessible with a strong emphasis on performance and low-latency access. Compute Engine Disks provide robust block storage for VMs with easy snapshot and image management.
A cloud platform service, often referred to as Platform as a Service (PaaS), provides a cloud-based environment that enables developers to build, deploy, and manage applications without worrying about the underlying infrastructure. PaaS offers tools and services like databases, middleware, development frameworks, and runtime environments, streamlining the application development process and allowing developers to focus on coding and innovation.
Examples include AWS Elastic Beanstalk, Azure App Services, and Google App Engine. These platforms handle tasks like scaling, load balancing, and application management, freeing developers from managing servers, storage, and networking.
In a cloud platform service (PaaS) model, the customer is primarily responsible for managing and deploying their applications and workloads, while the cloud provider handles the underlying infrastructure, including servers, storage, and networking.
Customer's Responsibility: Managing the application code, configurations, and data. This includes deployment, updates, and ensuring the application meets performance and security standards.
Cost: Reduces the need for investment in hardware and infrastructure, allowing pay-as-you-go pricing based on usage.
Security: The cloud provider manages the underlying infrastructure security, while the customer secures their application and data.
Availability: High availability and reliability are built into the platform, with automatic scaling and load balancing.
Ease: Simplifies development and deployment processes with built-in tools, frameworks, and services.
Application Hosting: Provides a managed environment for deploying and running applications, including web apps, mobile apps, and enterprise applications.
Containers: Supports containerized applications, enabling easier deployment, scaling, and management using container orchestration tools like Kubernetes.
Various Types of Apps: Supports different types of applications, from simple web apps to complex, distributed systems.
Data Hosting: Offers managed database services, such as relational databases (e.g., SQL), NoSQL databases, and data warehouses.
Various Types of Databases: Includes options like SQL databases (MySQL, PostgreSQL), NoSQL databases (MongoDB, Cassandra), and data storage solutions optimized for different use cases.
Archiving: Includes solutions for data archiving, ensuring long-term storage and retrieval of historical data.
Security: Provides built-in security features such as encryption, access controls, and compliance tools to protect data and applications.
Media: Offers services for managing and processing media files, such as video streaming, image processing, and content delivery.
Migration: Provides tools and services to facilitate the migration of applications and data to the cloud platform.
IoT (Internet of Things): Supports the development and deployment of IoT applications, including data collection and device management.
Cognitive and Machine Learning Services: Provides access to advanced analytics, AI, and machine learning tools for building intelligent applications.
Cloud platform services simplify the development and management of applications, offering a range of integrated tools and capabilities while offloading the complexity of infrastructure management to the provider.
A Cloud Application Service, also known as Software as a Service (SaaS), delivers software applications over the internet. With SaaS, the cloud provider hosts and manages the entire application stack, including the infrastructure, middleware, application software, and data. Users access the application through a web browser or client interface, without needing to install or maintain the software locally.
Customer's Responsibility: Customers are responsible for managing their use of the application, including their data and user settings. They can customize the applicationโs configuration to meet their specific needs but do not manage the underlying infrastructure or platform.
Examples: SalesForce, MS365, GSuite, Slack, Zoom etc.