This lesson gives an overview is given on how typical on-premise data center solutions are reflected within the Cloud. Some people may already be aware of these solutions but are unsure of how certain infrastructure such as networks are architected from a Cloud Computing perspective. This lesson looks at it from a Networking, Storage and Compute (server) perspective
Hello and welcome to this lecture. Where I want to explain how certain technology that we are used to on premises such as routers and switches are reflected within the public cloud. You may be new to cloud computing, but you may have the experience of architecture from a classic on premise solution within a datacenter. This lecture assumes you have the knowledge of what an on premise datacenter is and how they operate. And during this lecture will make comparisons between those datacenters and how cloud computing operates. The datacenter as a whole and its architecture can be logically broken down as follows. Location. where it's geographically located. Physical Security, both External and Internal. Mechanical and Electrical Infrastructure such as Computer Room Air conditioning units, generators, UPS and fire suppression. Network Infrastructure. Including Switches, Routers and Firewalls. Servers. Such as Application Director and Database servers. Storage. For example, your NAS, SAN Block Storage and Backup. Let's Look at each of these in turn and discuss starting with Location. Depending on the size of your enterprise, you may only have one office and as a result, you house all of your infrastructure on site. However, many of you probably have multiple datacenters to help with resilience and availability. Public cloud providers do the same. They will have regions all over the globe. And with each of these regions, they will have at least two datacenters. These datacenters will be in a different geographic location within that region.
But close enough to provide high speed interconnectivity between them for data transfer in addition to assisting with high availability and resilience. Physical Security. As we have already discovered, the Public cloud is operated, managed and maintained by the vendor. As a result, the end user has no access to the physical datacenter where the resources are located. It is the vendors responsibility to ensure it is implementing and achieving the correct certification and governance regarding security. Public cloud vendors adhere to the most stringent of security controls, and for audit purposes, you can access our accreditation and compliance certifications online if required to do so. I've included links to two of the leading public cloud vendors, where you can find more information about their security and compliance:
Mechanical and Electrical. Mechanical and Electrical Infrastructure such as generators, UPS systems, Computer Room Air conditioning units for cooling, Fire suppression et cetera is situated at the datacenter itself. As a result, the same rule applies. It is the vendors responsibility to ensure they are implementing the correct capacity, resiliency and testing to ensure availability and uptime of their infrastructure. So again, this burden is removed from the end user. Where roles and responsibilities begin to change between vendor and the customer is from this point onwards. Network Infrastructure. Network Infrastructure can be quite an extensive list of equipment. However, I'm going to cover some of the more common components and how they sit within the public cloud. Networking operates at software level, there are no options to install a switch or router. How this is achieved is beyond the scope of this course.
But what is important is this, to a degree, you are able to implement controls, services and configurations to simulate the same effects within your infrastructure that these devices provide. There are options to create a virtual network, which can be segmented into different IP address ranges allowing you to deploy compute storage and other network resources as you require. These virtual networks are usually simple to set up requiring just a few small details before it's created. Within AWS, these are classed as Virtual Private Clouds VPCs whereas Microsoft Azure refers to these networks as an Azure Virtual Network VNet. From here you can create different network segments both public facing and private. Routing and Access Control List for security can also be configured dynamically for enhanced control and once you have created your logical virtual network, and of course different geographic regions If desired you can then provision your instances within these different subnets. So networking components such as switches, routers and even firewalls have been replaced with virtual networks and their configurable components.
The backend element of how these services work is again maintained and managed by the vendor. But architecting how your virtual network is created is your responsibility and your responsibility to ensure it secure and not let vulnerable to attacks. Servers. Depending on your vendor, servers are typically referred to as instances or virtual machines VMs. But as there are different servers within the typical datacenter, vendors provide different services to affect them in the cloud. For example, providers offer servers that are specific to hosting databases, and others focused on heavy processing power that is needed to process big data. This is part of the benefit of the cloud. The vendors are capable of replicating the functions that you use with your in house datacenter but with a lot more advantages. Storage. Storage is fantastic within the Cloud as it's often regarded as unlimited, hugely scalable and highly durable. As with compute power, there are different storage services depending on what sort of data you're using and where you intend to use it. Within your datacenter environment, you may have access to a Storage Area Network a SAN.
Public cloud providers can also provide block level storage too by their services. AWS offers the Elastic Block Store EBS service. Which offers persistent block level storage, and can we detach from one instance and re-attached to another instance again all configured and deployed within a few clicks. There are other great storage services within the public cloud that cater for file level storage and object storage too. And between the leading public cloud vendors, AWS and Azure, they host a myriad of storage services to cater to different solutions. For more information on these storage services, please see the following links.
Now I've only skimmed the surface of the available services and offer within the public cloud. And there are many other great services that offer amazing solutions to requirements. Many organizations have within those ideas date. However, I just wanted to point out how your current datacenter solutions and elements easily translate into the public count environment. Was at the same time carrying significant advantages and benefits as discussed earlier in this course. In the next and final lecture, I shall be providing a high-level summary of the key points taken throughout this course.
Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.
To date, Stuart has created 150+ courses relating to Cloud reaching over 180,000 students, mostly within the AWS category and with a heavy focus on security and compliance.
Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.
He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.
In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.
Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.