UNIT-3

BCA613: Cloud Computing

Management and Administration of Cloud services - Service level agreements and
monitoring, Managing IT costs, Managing Cloud Resources, Governing the Cloud,
Standards Organizations and Groups (OCC, OGF, CCIF, Cloud Security Alliance etc.).
Case Studies of Cloud services by Google, Amazon, IBM etc.

Management and Administration of Cloud services: -

Cloud computing management is maintaining and controlling the cloud services and resources be it public, private or hybrid.
Some of its aspects include load balancing, performance, storage, backups, capacity, deployment etc. To do so a cloud
managing personnel needs full access to all the functionality of resources in the cloud. Different software products and
technologies are combined to provide a cohesive cloud management strategy and process.
Need of Cloud Management: -
Cloud is nowadays preferred by huge organizations as their primary data storage. A small downtime or an error can cause a
great deal of loss and inconvenience for the organizations. So as to design, handle and maintain a cloud computing service
specific members are responsible who make sure things work out as supposed and all arising issues are addressed.
Cloud Management Platform: -
A cloud management platform is a software solution that has a robust and extensive set of APIs that allow it to pull data from
every corner of the IT infrastructure. A CMP allows an IT organization to establish a structured approach to security and IT
governance that can be implemented across the organization’s entire cloud environment.
Cloud Management Tasks: -
The below figure represents different cloud management tasks: -

• Auditing System Backups –

It is required to audit the backups from time to time to ensure restoration of randomly selected files of different
users. This might be done by the organization or by the cloud provider.
• Flow of data in the system –
The managers are responsible for designing a data flow diagram that shows how the data is supposed to flow
throughout the organization.
 • Vendor Lock-In –
The managers should know how to move their data from a server to another in case the organization decides to
switch providers.
• Knowing provider’s security procedures –
The managers should know the security plans of the provider, especially Multitenant use, E-commerce processing,
Employee screening and Encryption policy.
• Monitoring the Capacity, Planning and Scaling abilities –
The manager should know if their current cloud provider is going to meet their organization’s demand in the future
and also their scaling capabilities.
• Monitoring audit log –
In order to identify errors in the system, logs are audited by the managers on a regular basis.
• Solution Testing and Validation –
It is necessary to test the cloud services and verify the results and for error-free solutions.

Service level agreements and monitoring: -

A Service Level Agreement (SLA) is the bond for performance negotiated between the cloud services provider and the client.
Earlier, in cloud computing all Service Level Agreements were negotiated between a client and the service consumer.
Nowadays, with the initiation of large utility-like cloud computing providers, most Service Level Agreements are standardized
until a client becomes a large consumer of cloud services.
Service level agreements are also defined at different levels which are mentioned below:
• Customer-based SLA
• Service-based SLA
• Multilevel SLA
Few Service Level Agreements are enforceable as contracts, but mostly are agreements or contracts which are more along the
lines of an Operating Level Agreement (OLA) and may not have the restriction of law.
Service Level Agreements usually specify some parameters which are mentioned below:
1. Availability of the Service (uptime)
2. Latency or the response time
3. Service components reliability
4. Each party accountability
5. Warranties
Below are two major Service Level Agreements (SLA) described:
1. Windows Azure SLA – Window Azure has different SLA’s for compute and storage. For compute, there is a guarantee
that when a client deploys two or more role instances in separate fault and upgrade domains, client’s internet facing
roles will have external connectivity minimum 99.95% of the time. Moreover, all of the role instances of the client are
monitored and there is guarantee of detection 99.9% of the time when a role instance’s process is not runs and
initiates properly.
2. SQL Azure SLA – SQL Azure clients will have connectivity between the database and internet gateway of SQL Azure.
SQL Azure will handle a “Monthly Availability” of 99.9% within a month. Monthly Availability Proportion for a particular
tenant database is the ratio of the time the database was available to customers to the total time in a month. Time is
measured in some intervals of minutes in a 30-day monthly cycle. Availability is always remunerated for a complete
month. A portion of time is marked as unavailable if the customer’s attempts to connect to a database are denied by
the SQL Azure gateway.
SLA Lifecycle

Steps in SLA Lifecycle

1. Discover service provider: This step involves identifying a service provider that can meet the needs of the organization
and has the capability to provide the required service. This can be done through research, requesting proposals, or
reaching out to vendors.
2. Define SLA: In this step, the service level requirements are defined and agreed upon between the service provider
and the organization. This includes defining the service level objectives, metrics, and targets that will be used to
measure the performance of the service provider.
3. Establish Agreement: After the service level requirements have been defined, an agreement is established between
the organization and the service provider outlining the terms and conditions of the service. This agreement should
include the SLA, any penalties for non-compliance, and the process for monitoring and reporting on the service level
objectives.
4. Monitor SLA violation: This step involves regularly monitoring the service level objectives to ensure that the service
provider is meeting their commitments. If any violations are identified, they should be reported and addressed in a
timely manner.
5. Terminate SLA: If the service provider is unable to meet the service level objectives, or if the organization is not
satisfied with the service provided, the SLA can be terminated. This can be done through mutual agreement or
through the enforcement of penalties for non-compliance.
6. Enforce penalties for SLA Violation: If the service provider is found to be in violation of the SLA, penalties can be
imposed as outlined in the agreement. These penalties can include financial penalties, reduced service level
objectives, or termination of the agreement.

Managing IT costs: -
Cost management is the process of planning and controlling the budget of a business. Having a good cost management
system in place makes it easier for an organization to estimate and allocate its budget.
 Cost management is a form of management accounting that helps a business reduce the chance of going over budget
with more accurate forecasts of impending expenditures. Many businesses use cost management tactics for specific
projects and for the overall business.
4 steps of cost management
1. Setup
The setup phase determines what's included in the cost management plan. It identifies who the stakeholders in the plan
are, the tools used to manage costs and the data structure needed to track costs.
2. Resource planning
This planning phase identifies the resources needed to complete a project. These could be physical materials, information
assets, staff and cloud computing resources. Resource planning determines resource allocation, including how much of
a resource is needed, for how long and how it will be allocated.
3. Budgeting and cost estimation
In this stage, project teams develop a project budget. Budgeted cost estimates get more specific as the project scope is
refined. A picture of the full project costs emerges as resources are allocated.
4. Cost control
This phase involves monitoring and controlling costs as the project progresses, using data from different project teams.
Managers track how costs differ from the estimated budget and take action to accommodate cost overruns, reduce
deviations from the budget and cap the budget when necessary.

Managing Cloud Resources: -

The term resource management refers to the operations used to control how capabilities provided by Cloud resources
and services are made available to other entities, whether users, applications, or services.
Types of Resources
Physical Resource: Computer, disk, database, network, etc.
Logical Resource: Execution, monitoring, and application to communicate
Resource Management in Cloud Computing Environment
On the Cloud Vendor’s View
• Provision resources on an on-demand basis.
• Energy conservation and proper utilization is maintained in Cloud Data Centers
On the Cloud Service Provider’s View
• To make available the best performance resources at the cheapest cost.
• QoS (Quality of Service) to their cloud users
On the Cloud User’s View
• Renting resources at a low price without compromising performance
• Cloud provider guarantees to provide a minimum level of service to the user
Resource Management Models
Compute Model
Resource in the cloud is shared by all users at the same time. It allows the user to reserve the VM’s memory to ensure
that the memory size requested by the VM is always available to operate locally on clouds with a good enough level of
QoS (Quality of Service) being delivered to the end user.

Data Model: -

It is related to plotting, separating, querying, transferring, caching, and replicating data.

• Data is Stored at an Un-Trusted Host: - Although may not seem the best policy to store data and let others use
the data without permission moving data off-premises increases the number of potential security risks.
 • Data Replication over Large Areas: - Making sure data is available and durable whenever demanded is of utmost
importance for cloud storage providers. Data availability and durability are typically achieved through under-the-
covers replication i.e., data is automatically replicated without customer interference or requests.
• Problems with Data Management: - Transactional data management is one of the biggest data management
problems. It is hard to ensure Atomicity, Consistency, Isolation, and Durability is maintained during data
replication over large distances. It is also risky to store such sensitive data in untrusted storage.

Virtualization: -

It is the method by which we can create an emulation of software or hardware on our computer. It has further two
components: -

• Abstraction: - Provides the necessary virtual versions of raw compute, storage, and network that can be unified
as a pool of resources and resource overlay which includes data storage services, and a web hosting
environment.
• Encapsulation: - A virtual machine can be represented as a single file. Virtualization configures, deploys, starts,
migrates, suspends, resumes, and stops in each application. Provides better security, manageability, and
isolation.

Monitoring: -
The challenge that virtualization brings is that users don’t have a lot of control over the monitoring resource. It is a method
of reviewing, observing, and managing the operation of a cloud-based IT infrastructure.

Programming Model: -

User-level programming languages are used for accessing and operating the cloud.

• In Cloud: Makes use of Web Services where users have more control over the Cloud Services. The translation of
data for the receiving system and real-time data exchange between systems without middleware of all the
services and applications remain a big challenge.
• In Grid: Makes use of parallel and distributed computing environment

Security Model: -

Allows users to control the security of their own data by maintaining passwords, and receiving any news regarding
suspicious activity with their data via email.

Risks in the Security Model: -

1. Privileged use access

2. Regulatory compliance
3. Data location
4. Data partition
5. Recovery
6. Investigation support
7. Long-term durability

Cloud Governance: -

• It is the set of policies or principles that act as the guidance for the adoption use, and management of cloud
technology services.
• It is an ongoing process that must sit on top of existing governance models.
• It is a set of rules you create to monitor and amend as necessary in order to control costs, improve efficiency,
and eliminate security risks.

Need for Cloud Governance:

By implementing cloud governance, organizations can avoid the following issues as follows.

1. Security and privacy risks:

 • This issue may arise due to unauthorized downloads/ installation of software, storage of illegal data, and access
to restricted sites by users.
• Cloud Governance solutions cover multiple cloud security components. For example, Encryption, Security
groups, Audit trails, Application access rules, Access controls.

2. Vendor lock-in:

• Many vendors opt for this, as this clause causes organizations to depend on the cloud service provider (or
vendor) for products and services.
• This can be avoided by making changes to the SLA suitably and reduce dependencies on a single vendor, thus
ensuring freedom to the organization.

3. Cloud Sprawl:

• This happens when employees of different departments use different programs and cloud infrastructure from
third-party providers without involving the IT department and getting necessary approvals.
• If not detected and restricted, crowd sprawl may lead to fragmented, redundant, inefficient, and unmanaged
cloud programs sitting on the enterprise cloud and unnecessarily creating trouble.

4. Shadow IT and unwarranted usage of cloud resources:

• This happens when employees in various departments do not follow the rules and regulations as imposed by
the IT department on cloud usage resulting in security breaches and fragmented control throughout the
organization.
• This leads to not getting sufficient results from the cloud in the long run.

5. Lack of data portability and interoperability:

• This happens when the cloud service provider or the inbuilt cloud infrastructure is incapable of connecting well
with other software and products outside the organization.
• This may also lead to modules not compatible with each other and hence chaos in the cloud due to an
inefficient system.

Cloud Security Alliance: -

The Cloud Security Alliance (CSA) is a nonprofit organization that promotes research into best practices for securing cloud
computing and the use of cloud technologies to secure other forms of computing. CSA uses the expertise of industry
practitioners, associations and governments, as well as its corporate and individual members, to offer research, education,
certification, events and products specific to cloud security.

The organization's activities, knowledge and extensive network benefit the entire cloud community, including cloud
service providers (CSPs), customers, entrepreneurs and governments. CSA also offers a forum through which all parties
can work together to create and maintain a trusted cloud ecosystem.

Case study of Google Cloud: -

So, today we will discuss about Google cloud platform briefly we will discuss and we will also give you a short demo how
to develop an app or host your way back into the global Google cloud platform which is very user friendly and easy to use.
So, again there is no immediate there is no particular motivation in basically having working with some commercial cloud,
but it is just to use, it as a use case or test case where you can practice and see that how things work.

So, as we understand Google as worldwide presence and their data centers are across the globe, and this Google cloud
platform also if you see, they are in various regions right like North American region, UK region, and Asia and so on and
so forth. So, they are distributed regions, every region have some zones and so that these are divided into geo graphically
state right. So, there are several services which has a global view, which has a zonal view and more infrastructure varies a
view. So, keeping all this at the backbone, we will try to see that what Google cloud platform provides.