CLOUD

COMPUTING

Cloud Computing
Cloud computing transforms IT infrastructure into
a utility: It lets you 'plug into' infrastructure via the
internet, and use computing resources without
installing and maintaining them on-premises.
What is cloud computing?
> Cloud computing is on-demand access, via the
internet, to computing resources—applications,
servers (physical servers and virtual servers), data
storage, development tools, networking
capabilities, and more—hosted at a remote data
center managed by a cloud services provider (or
CSP). The CSP makes these resources available for
a monthly subscription fee or bills them according
to usage.

Compared to traditional on-premises IT, and

depending on the cloud services you select, cloud
computing helps do the following:
> Lower IT costs: Cloud lets you offload some or
most of the costs and effort of purchasing,
installing, configuring, and managing your own on-
premises infrastructure.
> Improve agility and time-to-value: With cloud,
your organization can start using enterprise
applications in minutes, instead of waiting weeks
or months for IT to respond to a request, purchase
and configure supporting hardware, and install
software. Cloud also lets you empower certain
users—specifically developers and data scientists—
to help themselves to software and support
infrastructure.
> Scale more easily and cost-effectively: Cloud
provides elasticity—instead of purchasing excess
capacity that sits unused during slow periods, you
can scale capacity up and down in response to
spikes and dips in traffic. You can also take
advantage of your cloud provider's global network
to spread your applications closer to users around
the world.

Cloud computing services

The three most common models of cloud services,
and it's not uncommon for an organization to use
all three. However, there is often confusion among
the three and what's included with each:

> IaaS (Infrastructure-as-a-Service)

IaaS provides on-demand access to fundamental
computing resources–physical and virtual servers,
networking, and storage—over the internet on a
pay-as-you-go basis. IaaS enables end users to
scale and shrink resources on an as-needed basis,
reducing the need for high, up-front capital
expenditures or unnecessary on-premises or
'owned' infrastructure and for overbuying
resources to accommodate periodic spikes in
usage.
In contrast to SaaS and PaaS (and even newer PaaS
computing models such as containers and
serverless), IaaS provides the users with the lowest-
level control of computing resources in the cloud.
IaaS was the most popular cloud computing model
when it emerged in the early 2010s. While it
remains the cloud model for many types of
workloads, use of SaaS and PaaS is growing at a
much faster rate.

> PaaS (Platform-as-a-Service)

PaaS provides software developers with on-
demand platform—hardware, complete software
stack, infrastructure, and even development tools
—for running, developing, and managing
applications without the cost, complexity, and
inflexibility of maintaining that platform on-
premises.
With PaaS, the cloud provider hosts everything—
servers, networks, storage, operating system
software, middleware, databases—at their data
center. Developers simply pick from a menu to
‘spin up’ servers and environments they need to
run, build, test, deploy, maintain, update, and scale
applications.
Today, PaaS is often built around containers, a
virtualized compute model one step removed from
virtual servers. Containers virtualize the operating
system, enabling developers to package the
application with only the operating system services
it needs to run on any platform, without
modification and without need for middleware.
Red Hat OpenShift is a popular PaaS built around
Docker containers and Kubernetes, an open source
container orchestration solution that automates
deployment, scaling, load balancing, and more for
container-based applications.

> SaaS (Software-as-a-Service)

SaaS—also known as cloud-based software or
cloud applications—is application software that’s
hosted in the cloud and that you access and use via
a web browser, a dedicated desktop client, or an
API that integrates with your desktop or mobile
operating system. In most cases, SaaS users pay a
monthly or annual subscription fee; some may
offer pay-as-you-go’ pricing based on your actual
usage.
In addition to the cost savings, time-to-value, and
scalability benefits of cloud, SaaS offers the
following:
Automatic upgrades: With SaaS, you take
advantage of new features as soon as the provider
adds them, without having to orchestrate an on-
premises upgrade.
Protection from data loss: Because your application
data is in the cloud, with the application, you don't
lose data if your device crashes or breaks.
SaaS is the primary delivery model for most
commercial software today—there are hundreds of
thousands of SaaS solutions available, from the
most focused industry and departmental
applications, to powerful enterprise software
database and AI (artificial intelligence) software.

Types of cloud computing

> Public cloud
Public cloud is a type of cloud computing in which
a cloud service provider makes computing
resources—anything from SaaS applications, to
individual virtual machines (VMs), to bare metal
computing hardware, to complete enterprise-grade
infrastructures and development platforms—
available to users over the public internet. These
resources might be accessible for free, or access
might be sold according to subscription-based or
pay-per-usage pricing models.
The public cloud provider owns, manages, and
assumes all responsibility for the data centers,
hardware, and infrastructure on which its
customer's workloads run, and it typically provides
high-bandwidth network connectivity to ensure
high performance and rapid access to applications
and data.
Public cloud is a multi-tenant environment—the
cloud provider's data center infrastructure is
shared by all public cloud customers. In the leading
public clouds—Amazon Web Services (AWS),
Google Cloud, IBM Cloud, Microsoft Azure, and
Oracle Cloud—those customers can number in the
millions.
The global market for public cloud computing has
grown rapidly over the past few years, and analysts
forecast that this trend will continue; industry
analyst Gartner predicts that worldwide public
cloud revenues will exceed USD 330 billion by the
end of 2022 (link resides outside IBM).
Many enterprises are moving portions of their
computing infrastructure to the public cloud
because public cloud services are elastic and
readily scalable, flexibly adjusting to meet
changing workload demands. Others are attracted
by the promise of greater efficiency and fewer
wasted resources since customers pay only for
what they use. Still others seek to reduce spending
on hardware and on-premises infrastructures.

> Private cloud

Private cloud is a cloud environment in which all
cloud infrastructure and computing resources are
dedicated to, and accessible by, one customer only.
Private cloud combines many of the benefits of
cloud computing—including elasticity, scalability,
and ease of service delivery—with the access
control, security, and resource customization of on-
premises infrastructure.
A private cloud is typically hosted on-premises in
the customer's data center. But a private cloud can
also be hosted on an independent cloud provider's
infrastructure or built on rented infrastructure
housed in an offsite data center.
Many companies choose private cloud over public
cloud because private cloud is an easier way (or the
only way) to meet their regulatory compliance
requirements. Others choose private cloud because
their workloads deal with confidential documents,
intellectual property, personally identifiable
information (PII), medical records, financial data,
or other sensitive data.
By building private cloud architecture according to
cloud native principles, an organization gives itself
the flexibility to easily move workloads to public
cloud or run them within a hybrid cloud (see
below) environment whenever they're ready.

> Hybrid cloud

Hybrid cloud is just what it sounds like—a
combination of public and private cloud
environments. Specifically, and ideally, a hybrid
cloud connects an organization's private cloud
services and public clouds into a single, flexible
infrastructure for running the organization's
applications and workloads.
The goal of hybrid cloud is to establish a mix of
public and private cloud resources—and with a
level of orchestration between them—that gives an
organization the flexibility to choose the optimal
cloud for each application or workload and to
move workloads freely between the two clouds as
circumstances change. This enables the
organization to meet its technical and business
objectives more effectively and cost-efficiently
than it could with public or private cloud alone.
 Cloud security

Traditionally, security concerns have been the

primary obstacle for organizations considering
cloud services, particularly public cloud services. In
response to demand, however, the security offered
by cloud service providers is steadily outstripping
on-premises security solutions.
According to security software provider McAfee,
today, 52% of companies experience better
security in the cloud than on-premises (link resides
outside IBM). And Gartner has predicted that by
this year (2020), infrastructure as a service (IaaS)
cloud workloads will experience 60% fewer security
incidents than those in traditional data centers
(PDF, 2.3 MB) (link resides outside IBM).
Nevertheless, maintaining cloud security demands
different procedures and employee skillsets than in
legacy IT environments. Some cloud security best
practices include the following:
Shared responsibility for security: Generally, the
cloud provider is responsible for securing cloud
infrastructure and the customer is responsible for
protecting its data within the cloud—but it's also
important to clearly define data ownership
between private and public third parties.
Data encryption: Data should be encrypted while at
rest, in transit, and in use. Customers need to
maintain full control over security keys and
hardware security module.
User identity and access management: Customer
and IT teams need full understanding of and
visibility into network, device, application, and
data access.
Collaborative management: Proper communication
and clear, understandable processes between IT,
operations, and security teams will ensure seamless
cloud integrations that are secure and sustainable.
Security and compliance monitoring: This begins
with understanding all regulatory compliance
standards applicable to your industry and setting
up active monitoring of all connected systems and
cloud-based services to maintain visibility of all
data exchanges between public, private, and hybrid
cloud environments.

Cloud use cases

With 25% of organizations planning to move all

their applications to cloud within the next year, it
would seem that cloud computing use cases are
limitless. But even for companies not planning a
wholesale shift to the cloud, certain initiatives and
cloud computing are a match made in IT heaven.
Disaster recovery and business continuity have
always been a natural for cloud because cloud
provides cost-effective redundancy to protect data
against system failures and the physical distance
required to recover data and applications in the
event of a local outage or disaster. All of the major
public cloud providers offer Disaster-Recovery-as-
a-Service (DRaaS).
Anything that involves storing and processing
huge volumes of data at high speeds—and requires
more storage and computing capacity than most
organizations can or want to purchase and deploy
on-premises—is a target for cloud computing.
Examples include:
- Big data analytics
- Internet of Things (IoT)
- Artificial intelligence—particularly machine
learning and deep learning applications
For development teams adopting Agile or DevOps
(or DevSecOps) to streamline development, cloud
offers the on-demand end-user self-service that
keeps operations tasks—such as spinning up
development and test servers—from becoming
development bottlenecks.