Cloud deployment models

*Azure Fundamentals* --- Cloud concepts - Principle of Cloud computing --- ## What is cloud computing? The cloud provider is responsible for the physical hardware required to execute your work, and for keeping it up-to-date. The computing services offered tend to vary by cloud provider. However, typically they include: **1** -- **Compute power** - such as Linux servers or web applications. **Virtual machines (VM)**. **Containers** provide a consistent, isolated execution environment for applications. They're similar to VMs except *they don't require a guest operating system*. Instead, the application and all its dependencies is packaged into a "container" and then a standard runtime environment is used to execute the app. This allows the container to start up in just a few seconds, because there's no OS to boot and initialize. You only need the app to launch. The open-source project, **Docker**, is one of the leading platforms for managing containers. Docker containers provide an efficient, lightweight approach to application deployment because they allow different components of the application to be deployed independently into different containers. Multiple containers can be run on a single machine, and containers can be moved between machines. The portability of the container makes it easy for applications to be deployed in multiple environments, either on-premises or in the cloud, often with no changes to the application. **Serverless computing** lets you run application code without creating, configuring, or maintaining a server. The core idea is that your application is broken into separate functions that run when triggered by some action. This is ideal for automated tasks - for example, you can build a serverless process that automatically sends an email confirmation after a customer makes an online purchase. The serverless model differs from VMs and containers in that you only pay for the processing time used by each function as it executes. VMs and containers are charged while they're running - even if the applications on them are idle. This architecture doesn't work for every app - but when the app logic can be separated to independent units, you can test them separately, update them separately, and launch them in microseconds, making this approach the fastest option for deployment. ![](https://i.imgur.com/znpKAcx.png) **2** -- **Storage** - such as files and database. The advantage to using cloud-based data storage is you can scale to meet your needs. **3** -- **Networking** - such as secure connections between the cloud provider and your company. **4** -- **Analytics** - such as visualizing telemetry and performance data. --- ## Benefits of cloud computing **It's cost-effective**. Cloud computing provides a pay-as-you-go or consumption-based pricing model. No upfront infrastructure costs, no need to purchase and manage costly infrastructure that you may not use to its fullest. This also allows for better cost prediction. Prices for individual resources and services are provided so you can predict how much you will spend in a given billing period based on your expected usage. You can also perform analysis based on future growth using historical usage data tracked by your cloud provider. **It's scalable**. **Vertical scaling**, also known as "scaling up", is the process of adding resources to increase the power of an existing server. Some examples of vertical scaling are: adding more CPUs, or adding more memory. **Horizontal scaling**, also known as "scaling out", is the process of adding more servers that function together as one unit. For example, you have more than one server processing incoming requests. Scaling can be done manually or automatically based on specific triggers such as CPU utilization or the number of requests and resources that can be allocated or de-allocated in minutes. **It's elastic**. As your workload changes due to a spike or drop in demand, a cloud computing system can compensate by automatically adding or removing resources. **It's current**. Cloud usage eliminates the burdens of maintaining software patches, hardware setup, upgrades, and other IT management tasks. Additionally, the computer hardware is maintained and upgraded by the cloud provider. **It's reliable**. Cloud computing providers offer data backup, disaster recovery, and data replication services to make sure your data is always safe. In addition, *redundancy* is often built into cloud services architecture so if one component fails, a backup component takes its place. This is referred to as *fault tolerance* and it ensures that your customers aren't impacted when a disaster occurs. **It's global**. Cloud providers have fully redundant datacenters located in various regions all over the globe. This gives you a local presence close to your customers to give them the best response time possible no matter where in the world they are. You can replicate your services into multiple regions for redundancy and locality, or select a specific region to ensure you meet data-residency and compliance laws for your customers. **It's secure**. Cloud providers offer a broad set of policies, technologies, controls, and expert technical skills that can provide better security than most organizations can otherwise achieve. The result is strengthened security, which helps to protect data, apps, and infrastructure from potential threats. Physical and digital security. --- ## Compliance terms and requirements When selecting a cloud provider to host your solutions, you should understand how that provider can help you comply with regulations and standards. ### Compliance offerings **Criminal Justice Information Services (CJIS)**. Azure is the only major cloud provider that contractually commits to conformance with it. **Cloud Security Alliance (CSA) STAR Certification**. Azure, Intune, and Microsoft Power BI have obtained STAR Certification, which involves a rigorous independent third-party assessment of a cloud provider's security posture. **General Data Protection Regulation (GDPR)**. Since 2018, a European privacy law, GDPR, imposes new rules on companies, government agencies, non-profits, and other organizations that collect and analyze data tied to EU residents. It applies no matter where you are located. **EU Model Clauses**. Microsoft ensures that Azure customers can use Microsoft services to move data freely through Microsoft's cloud from Europe to the rest of the world. **Health Insurance Portability and Accountability Act (HIPAA)**. HIPAA is a US federal law that regulates patient Protected Health Information (PHI). Azure offers customers a HIPAA Business Associate Agreement (BAA), stipulating adherence to certain security and privacy provisions in HIPAA and the Health Information Technology for Economic and Clinical Health (HITECH) Act. To assist customers in their individual compliance efforts, Microsoft offers a BAA to Azure customers as a contract addendum. **ISO and IEC 27018**. Microsoft is the first cloud provider to have adopted the ISO/IEC 27018 code of practice. **Multi-Tier Cloud Security (MTCS) Singapore**. Microsoft cloud services received MTCS 584:2013 certification across all three services: IaaS, PaaS and SaaS. **Service Organization Controls (SOC) 1, 2, and 3**. Microsoft-covered cloud services are audited at least annually against the SOC report framework by independent third-party auditors. **National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF)**. NIST CSF is a voluntary Framework that consists of standards, guidelines, and best practices to manage cybersecurity-related risks. Microsoft cloud services have undergone independent, third-party Federal Risk and Authorization Management Program audits and are certified according to the FedRAMP standards. **UK Government G-Cloud**. It is a cloud computing certification for services used by government entities in the United Kingdom. Azure has received official accreditation from the UK Government Pan Government Accreditor. --- ## Economies of scale Economies of scale is the ability to do things more efficiently or at a lower-cost per unit when operating at a larger scale. This cost advantage is an important benefit in cloud computing. Cloud providers are able to pass on these benefits to end users in the form of lower prices than what you could achieve on your own. --- ## Capital expenditure (CapEx) versus operational expenditure (OpEx) Cloud computing provides services to customers without significant upfront costs or equipment setup time. These two approaches to investment are referred to as: **Capital Expenditure (CapEx)**: Spending money on physical infrastructure up front, and then deducting that expense from your tax bill over time. CapEx is an upfront cost, which has a value that reduces over time. **Operational Expenditure (OpEx)**: Spending money on services or products now and being billed for them now. You can deduct this expense from your tax bill in the same year. There's no upfront cost. You pay for a service or product as you use it. ## CapEx computing costs A typical on-premises datacenter includes costs such as: --**Server costs** includes all hardware components and the cost of supporting them. Fault tolerance and redundancy, such as server clustering, redundant power supplies, and uninterruptible power supplies. --**Storage costs** includes all storage hardware components and the cost of supporting it. Based on the application and level of fault tolerance, centralized storage can be expensive. --**Network costs** includes all on-premises hardware components, including cabling, switches, access points, and routers. This also includes wide area network (WAN) and Internet connections. --**Backup and archive costs** This is the cost to back up, copy, or archive data. Options might include setting up a backup to or from the cloud. There's an upfront cost for the hardware and additional costs for backup maintenance and consumables like tapes. --**Organization continuity and disaster recovery costs** Along with server fault tolerance and redundancy, you need to plan for how to recover from a disaster and continue operating. Your plan should consist of creating a data recovery site. It could also include backup generators. Most of these are upfront costs, especially if you build a data recovery site, but there's an additional ongoing cost for the infrastructure and its maintenance. --**Datacenter infrastructure costs** These are costs for electricity, floor space, cooling, and building maintenance. --**Technical personnel** While not a capital expenditure, the personnel required to work on your infrastructure are specific to on-premises datacenters. You will need the technical expertise and workforce to install, deploy, and manage the systems in the datacenter and at the data recovery site. ## OpEx cloud computing costs With cloud computing, many of the costs associated with an on-premises datacenter are shifted to the service provider. Instead of thinking about physical hardware and datacenter costs, cloud computing has a different set of costs: --**Leasing software and customized features** Using a pay-per-use model requires actively managing your subscriptions to ensure users do not misuse the services, and that provisioned accounts are being utilized and not wasted. As soon as the provider provisions resources, billing starts. It is your responsibility to de-provision the resources when they aren't in use so that you can minimize costs. --**Scaling charges based on usage/demand instead of fixed hardware or capacity.** Cloud computing can bill in various ways, such as the number of users or CPU usage time. However, billing categories can also include allocated RAM, I/O operations per second (IOPS), and storage space. Plan for backup traffic and data recovery traffic to determine the bandwidth needed. --**Billing at the user or organization level.** The subscription (pay-per-use) model is a computing billing method that is designed for both organizations and users. The organization or user is billed for the services used, typically on a recurring basis. You can scale, customize, and provision computing resources, including software, storage, and development platforms. For example, when using a dedicated cloud service, you could pay based on server hardware and usage. ## Benefits of CapEx With capital expenditures, you plan your expenses at the start of a project or budget period. Your costs are fixed, meaning you know exactly how much is being spent. This is appealing when you need to predict the expenses before a project starts due to a limited budget. ## Benefits of OpEx Demand and growth can be unpredictable and can outpace expectation as shown in the following graph. ![](https://i.imgur.com/kOsMHUc.png) With the OpEx model, companies wanting to try a new product or service don't need to invest in equipment. Instead, they pay as much or as little for the infrastructure as required. OpEx is particularly appealing if the demand fluctuates or is unknown. Cloud services are often said to be agile. Cloud agility is the ability to rapidly change an IT infrastructure to adapt to the evolving needs of the business. This agility lets you manage your costs dynamically, optimizing spending as requirements change. --- # Cloud deployment models There are 3 different models. A cloud deployment model defines where your data is stored and how your customers interact with it – how do they get to it, and where do the applications run? It also depends on how much of your own infrastructure you want or need to manage. **Public cloud** The most common model. You have no local hardware to manage or keep up-to-date – everything runs on your cloud provider's hardware. In some cases, you can save additional costs by sharing computing resources with other cloud users. Businesses can use multiple public cloud providers of varying scale. Microsoft Azure is an example of a public cloud provider. --Advantages: . High scalability/agility – you don't have to buy a new server in order to scale. . Pay-as-you-go pricing – you pay only for what you use, no CapEx costs. . You're not responsible for maintenance or updates of the hardware. . Minimal technical knowledge to set up and use - you can leverage the skills and expertise of the cloud provider to ensure workloads are secure, safe, and highly available A common use case scenario is deploying a web application or a blog site on hardware and resources that are owned by a cloud provider. Using a public cloud in this scenario allows cloud users to get their website or blog up quickly, and then focus on maintaining the site without having to worry about purchasing, managing or maintaining the hardware on which it runs. -- Disadvantages: . There may be specific security requirements that cannot be met by using public cloud. . There may be government policies, industry standards, or legal requirements which public clouds cannot meet. . You don't own the hardware or services and cannot manage them as you may want to. . Unique business requirements, such as having to maintain a legacy application might be hard to meet. **Private cloud** You create a cloud environment in your own datacenter and provide self-service access to compute resources to users in your organization. This offers a simulation of a public cloud to your users, but you remain completely responsible for the purchase and maintenance of the hardware and software services you provide. -- This approach has several advantages: . You can ensure the configuration can support any scenario or legacy application. . You have control (and responsibility) over security. . Private clouds can meet strict security, compliance, or legal requirements. --Disadvantages: Some reasons teams move away from the private cloud are: . You have some initial CapEx costs and must purchase the hardware for startup and maintenance. . Owning the equipment limits the agility - to scale you must buy, install, and setup new hardware. . Private clouds require IT skills and expertise that's hard to come by. A use case scenario for a private cloud would be when an organization has data that cannot be put in the public cloud, perhaps for legal reasons. An example scenario may be where government policy requires specific data to be kept in-country or privately. A private cloud can provide cloud functionality to external customers as well, or to specific internal departments such as Accounting or Human Resources. **Hybrid cloud** A hybrid cloud combines public and private clouds, allowing you to run your applications in the most appropriate location. For example, you could host a website in the public cloud and link it to a highly secure database hosted in your private cloud (or on-premises datacenter). This is helpful when you have some things that cannot be put in the cloud, maybe for legal reasons. For example, you may have some specific pieces of data that cannot be exposed publicly (such as medical data) which needs to be held in your private datacenter. Another example is one or more applications that run on old hardware that can't be updated. In this case, you can keep the old system running locally, and connect it to the public cloud for authorization or storage. -- Advantages: . You can keep any systems running and accessible that use out-of-date hardware or an out-of-date operating system . You have flexibility with what you run locally versus in the cloud. . You can take advantage of economies of scale from public cloud providers for services and resources where it's cheaper, and then supplement with your own equipment when it's not. . You can use your own equipment to meet security, compliance, or legacy scenarios where you need to completely control the environment. -- Disadvantages: . It can be more expensive than selecting one deployment model since it involves some CapEx cost up front . It can be more complicated to set up and manage. Summary: Cloud computing is flexible and gives you the ability to choose how you want to deploy it. The cloud deployment model you choose depends on your budget, and on your security, scalability, and maintenance needs. --- ## Types of Cloud services --- When talking about cloud computing, there are three major categories: ### IaaS versus SaaS versus PaaS #### Infrastructure as a service (IaaS) Infrastructure as a Service is the most flexible category of cloud services. It aims to give you complete control over the hardware that runs your application (IT infrastructure servers and virtual machines (VMs), storage, networks, and operating systems). Instead of buying hardware, with IaaS, you rent it. It's an instant computing infrastructure, provisioned and managed over the internet. > Note: When using IaaS, ensuring that a service is up and running is a shared responsibility: the cloud provider is responsible for ensuring the cloud infrastructure is functioning correctly; the cloud customer is responsible for ensuring the service they are using is configured correctly, is up to date, and is available to their customers. This is referred to as the **shared responsibility model**. IaaS is commonly used in the following scenarios: 1. **Migrating workloads**. Typically, IaaS facilities are managed in a similar way as on-premises infrastructure and provide an easy migration path for moving existing applications to the cloud. 2. **Test and development**. Teams can quickly set up and dismantle test and development environments, bringing new applications to market faster. IaaS makes scaling development and testing environments, fast and economical. 3. **Storage, backup, and recovery**. Organizations avoid the capital outlay and complexity of storage management, which typically requires skilled staff to manage data and meet legal and compliance requirements. IaaS is useful for managing unpredictable demand and steadily growing storage needs. IaaS can also simplify the planning and management of backup and recovery systems. #### Platform as a service (PaaS) PaaS provides an environment for building, testing, and deploying software applications. The goal of PaaS is to help you create an application quickly without managing the underlying infrastructure. For example, when deploying a web application using PaaS, you don't have to install an operating system, web server, or even system updates. PaaS is a complete development and deployment environment in the cloud, with resources that enable organizations to deliver everything from simple cloud-based apps to sophisticated cloud-enabled enterprise applications. Resources are purchased from a cloud service provider on a pay-as-you-go basis and accessed over a secure Internet connection. PaaS is commonly used in the following scenarios: 1. **Development framework**. PaaS provides a framework that developers can build upon to develop or customize cloud-based applications. Just like Microsoft Excel macro, PaaS lets developers create applications using built-in software components. Cloud features such as scalability, high-availability, and multi-tenant capability are included, reducing the amount of coding that developers must do. 2. **Analytics or business intelligence**. Tools provided as a service with PaaS allow organizations to analyze and mine their data. They can find insights and patterns, and predict outcomes to improve business decisions such as forecasting, product design, and investment returns. #### Software as a service (SaaS) SaaS is software that is centrally hosted and managed for the end customer. It is usually based on an architecture where one version of the application is used for all customers, and licensed through a monthly or annual subscription. Office 365, Skype, and Dynamics CRM Online are perfect examples of SaaS software. ##### Cost and ownership ![](https://i.imgur.com/Jsmyjom.png) ### Management responsibilities One thing to understand is that these categories are layers on top of each other. For example, PaaS adds a layer on top of IaaS by providing a level of abstraction. The abstraction has the benefit of hiding the details that you may not care about, so that you can get to coding quicker. However, one aspect of the abstraction is that you have less control over the underlying hardware. The following illustration shows a list of resources that you manage and that your service provider manages in each cloud service category. ![](https://i.imgur.com/bb6D2uW.png) . IaaS requires the most user management of all the cloud services. The user is responsible for managing the operating systems, data, and applications. . PaaS requires less user management. The cloud provider manages the operating systems, and the user is responsible for the applications and data they run and store. . SaaS requires the least amount of management. The cloud provider is responsible for managing everything, and the end user just uses the software. #### Combine cloud services to fit your needs IaaS, PaaS, and SaaS each contain different levels of managed services. You may easily use a combination of these types of infrastructure. You could use Office 365 on your company's computers (SaaS), and in Azure, you could host your VMs (IaaS) and use Azure SQL Database (PaaS) to store your data. With the cloud's flexibility, you can use any combination that provides you with the maximum result. --- Sign up for Azure --- - 😎 Seguir en: Sign up for Azure