User:Shawndouglas/sandbox/sublevel45

From LIMSWiki
Jump to navigationJump to search

You've probably heard terms like "software as a service" and "public cloud," and you may very well be familiar with their significance already. However, let's briefly run through the terminology associated with cloud services and deployments, as that terminology gets used abundantly, and it's best we're all clear on it from the start. Additionally, the cloud computing paradigm is expanding into areas like "hybrid cloud" and "serverless computing," concepts which may be new to many.

Mentioned earlier was NIST's 2011 definition of cloud computing. When that was published, NIST defined three service models and four deployment models (Table 1)[1]:

Table 1. The three service models and four deployment models for cloud computing, as defined by the National Institute of Standards and Technology (NIST) in 2011[1]
Service models
Model Description
Software as a Service (SaaS) "The capability provided to the consumer is to use the provider’s applications running on a cloud infrastructure. The applications are accessible from various client devices through either a thin client interface, such as a web browser (e.g., web-based email), or a program interface. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings."
Platform as a Service (PaaS) "The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages, libraries, services, and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly configuration settings for the application-hosting environment."
Infrastructure as a Service (IaaS) "The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, and deployed applications; and possibly limited control of select networking components (e.g., host firewalls)."
Deployment models
Model Description
Private cloud "The cloud infrastructure is provisioned for exclusive use by a single organization comprising multiple consumers (e.g., business units). It may be owned, managed, and operated by the organization, a third party, or some combination of them, and it may exist on or off premises."
Community cloud "The cloud infrastructure is provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns (e.g., mission, security requirements, policy, and compliance considerations). It may be owned, managed, and operated by one or more of the organizations in the community, a third party, or some combination of them, and it may exist on or off premises."
Public cloud "The cloud infrastructure is provisioned for open use by the general public. It may be owned, managed, and operated by a business, academic, or government organization, or some combination of them. It exists on the premises of the cloud provider."
Hybrid cloud "The cloud infrastructure is a composition of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load balancing between clouds)."

Nearly a decade later, the picture painted in Table 1 is now more nuanced and varied, with slight changes in definitions, as well as additions to the service and deployment models. Cloudflare actually does a splendid job of describing these service and deployment models, so let's paraphrase from them, as seen in Table 2.

Table 2. A more modern look at service models and deployment models for cloud computing, as inspired largely by Cloudflare
Service models
Model Description
Software as a Service (SaaS) This service model allows customers, via an internet connection and a web browser or app, to use software provided by and operated upon a cloud provider and its computing infrastructure. The customer isn't worried about anything hardware-related; from their perspective, they just want the software hosted by the cloud provider to be reliably and effectively operational. If the desired software is tied to strong regulatory or security standards, however, the customer must thoroughly vet the vendor, and even then, there is some risk in taking the word of the vendor that the application is properly secure since customers usually won't be able to test the software's security themselves (e.g., via a penetration test).[2]
Platform as a Service (PaaS) This service model allows customers, via an internet connection and a web browser, to use not only the computing infrastructure (e.g., servers, hard drives, networking equipment) of the cloud provider but also development tools, operating systems, database management tools, middleware, etc. required to build web applications. As such, this allows a development team to spread around the world and still productively collaborate using the cloud provider's platform. However, app developers are essentially locked into the vendor's development environment, and additional security challenges may be introduced if the cloud provider has extended its infrastructure to one or more third parties. Finally, PaaS isn't truly "serverless," as applications won't automatically scale unless programmed to do so, and processes must be running most or all the time in order to be immediately available to users.[3]
Infrastructure as a Service (IaaS) This service model allows customers to use the computing infrastructure of a cloud provider, via the internet, rather than invest in their own on-premises computing infrastructure. From their internet connection and a web browser, the customer can set up and allocate the resources required (i.e., scalable infrastructure) to build and host web applications, store data, run code, etc. These activities are often facilitated with the help of virtualization and container technologies.[4]
Function as a Service (FaaS) This service model allows customers to run isolated or modular bits of code, preferably on local or "edge" cloud servers, when triggered by an element, such as an internet-connected device taking a reading or a user selecting an option in a web application. The customer has the luxury of focusing on writing and fine-tuning the code, and the cloud provider is the one responsible for allocating the necessary server and backend resources to ensure the code is run rapidly and effectively. As such, the customer doesn't have to think about servers at all, making FaaS a "serverless" computing model.[5]
Backend as a Service (BaaS) This service model allows customers to focus on front-end application services like client-side logic and user interface (UI), while the cloud provider provides the backend services for user authentication, database management, data storage, etc. The customer uses APIs and software development kits (SDKs) provided by the cloud provider to integrate customer frontend application code with the vendor's backend functionality. As such, the customer doesn't have to think about servers, virtual machines, etc. However, in most cases, BaaS isn't truly serverless like FaaS, as actions aren't usually triggered by an element but rather run continuously (not as scalable as serverless). Additionally, BaaS isn't generally set up to run on the network's edge.[6]
Deployment models
Model Description
Private cloud This deployment model involves the provision of cloud computing infrastructure and services exclusively to one customer. Those infrastructure and service offerings may be hosted locally on-site or be remotely and privately managed and accessed via the internet and a web browser. Those organizations with high security and regulatory requirements may benefit from a private cloud, as they have direct control over how those policies are implemented on the infrastructure and services (i.e., don't have to consider the needs of other users sharing the cloud, as in public cloud). However, private cloud may come with higher costs.[7]
Community cloud This deployment model, while not discussed often, still has some relevancy today. This model falls somewhere between private and public cloud, allowing authorized customers who need to work jointly on projects and applications, or require specific computing resources, in an integrated manner. The authorized customers typically have shared interests, policies, and security/regulatory requirements. Like private cloud, the computing infrastructure and services may be hosted locally at one of the customer's locations or be remotely and privately managed, with each customer accessing the community cloud via the internet. Given a set of common interest, policies, and requirements, the community cloud benefits all customers using the community cloud, as does the flexibility, scalability, and availability of cloud computing in general. However, with more users comes more security risk, and more detailed role-based or group-based security levels and enforcement may be required. Additionally, there must be solid communication and agreement among all members of the community to ensure the community cloud operates as efficiently and securely as possible.[8]
Public cloud This deployment model is what typically comes to mind when "cloud computing" is discussed, involving a cloud provider that provides computing resources to multiple customers at the same time, though each individual customer's applications, data, and resources remain "hidden" from all other customers not authorized to view and access them. Those provided resources come in many different services model, with SaaS, PaaS, and IaaS being the most common. Traditionally, the public cloud has been touted as being a cost-effective, less complex, relatively secure means of handling computing resources and applications. However, for organizations tied to strong regulatory or security standards, the organizaiton must thoroughly vet the cloud vendor and its approach to security and compliance, as the provider may not be able to meet regulatory needs. There's also the concern of vendor lock-in or even loss of data if the customer becomes too dependent on that one vendor's services.[9]
Hybrid cloud This deployment model takes both private cloud and public cloud models and tightly integrates them, along with potentially any existing on-premises computing infrastructure. (Figure 2) The optimal end result is one seamless operating computing infrastructure, e.g., where a private cloud and on-premises infrastructure houses critical operations and a public cloud is used for data and information backup or computing resource scaling. Advantages include great flexibility in deployments, improved backup options, resource scalability, and potential cost savings. Downsides include greater effort required to integrate complex systems and make them sufficiently secure. Note that hybrid cloud is different from multicloud in that it combines both public and private computing components.[10]
Multicloud This deployment model takes the concept of public cloud and multiplies it. Instead of the customer relying on a singular public cloud provider, they spread their cloud hosting, data storage, and application stack usage across more than one provider. The advantage to the customer is redundancy protection for data and systems and better value by tapping into different services. Downside comes with increased complexity in managing a multicloud deployment, as well as the potential for increased network latency and a greater cyber-attack surface. Note that multicloud requires multiple public clouds, though a private cloud can also be in the mix.[11]
Distributed cloud This up-and-coming deployment model takes public cloud and expands it, such that a provider's public cloud infrastructure can be located in multiple places but be leveraged by a customer wherever they are, from a single control structure. As IBM puts it: "In effect, distributed cloud extends the provider's centralized cloud with geographically distributed micro-cloud satellites. The cloud provider retains central control over the operations, updates, governance, security, and reliability of all distributed infrastructure."[12] Meanwhile, the customer can still access all infrastructure and services as an integrated cloud from a single control structure. The benefit of this model is that, unlike multicloud, latency issues can largely be eliminated, and the risk of failures in infrastructure and services can be further mitigated. Customers in regulated environments may also see benefits as data required to be in a specific geographic location can be better guaranteed with the distributed cloud. However, some challenges to this distributed model involve the allocation of public cloud resources to distributed use and determining who's responsible for bandwidth use.[13]
Figure 2. A representation of hybrid cloud. The cloud on the left represents the public cloud, being fed to the organization's main building. The cloud on the right represents the organization's private cloud, which is spread across all business locations. The main building feeds access to the public cloud to its other locations through its private cloud.

While Table 2 addresses the basic ideas inherent to these service and deployment models, even providing some upside and downside notes, we still need to make further comparisons in order to highlight some fundamental differences in otherwise seemingly similar models. Let's first compare PaaS with serverless computing or FaaS. Then we'll examine the differences among hybrid, multi-, and distributed cloud models.

References

  1. 1.0 1.1 Mell, P.; Grance, T. (September 2011). "The NIST Definition of Cloud Computing" (PDF). NIST. https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf. Retrieved 21 August 2021. 
  2. "What Is SaaS? SaaS Definition". Cloudflare, Inc. https://www.cloudflare.com/learning/cloud/what-is-saas/. Retrieved 21 August 2021. 
  3. "What is Platform-as-a-Service (PaaS)?". Cloudflare, Inc. https://www.cloudflare.com/learning/serverless/glossary/platform-as-a-service-paas/. Retrieved 21 August 2021. 
  4. "What Is IaaS (Infrastructure-as-a-Service)?". Cloudflare, Inc. https://www.cloudflare.com/learning/cloud/what-is-iaas/. Retrieved 21 August 2021. 
  5. "What is Function-as-a-Service (FaaS)?". Cloudflare, Inc. https://www.cloudflare.com/learning/serverless/glossary/function-as-a-service-faas/. Retrieved 21 August 2021. 
  6. "What is BaaS? Backend-as-a-Service vs. serverless". Cloudflare, Inc. https://www.cloudflare.com/learning/serverless/glossary/backend-as-a-service-baas/. Retrieved 21 August 2021. 
  7. "What Is a Private Cloud? Private Cloud vs. Public Cloud". Cloudflare, Inc. https://www.cloudflare.com/learning/cloud/what-is-a-private-cloud/. Retrieved 21 August 2021. 
  8. Tucakov, D. (18 June 2020). "What is Community Cloud? Benefits & Examples with Use Cases". phoenixNAP Blog. phoenixNAP. https://phoenixnap.com/blog/community-cloud. Retrieved 21 August 2021. 
  9. "What Is Hybrid Cloud? Hybrid Cloud Definition". Cloudflare, Inc. https://www.cloudflare.com/learning/cloud/what-is-a-public-cloud/. Retrieved 21 August 2021. 
  10. "What Is Hybrid Cloud? Hybrid Cloud Definition". Cloudflare, Inc. https://www.cloudflare.com/learning/cloud/what-is-hybrid-cloud/. Retrieved 21 August 2021. 
  11. "What Is Multicloud? Multicloud Definition". Cloudflare, Inc. https://www.cloudflare.com/learning/cloud/what-is-multicloud/. Retrieved 21 August 2021. 
  12. IBM Cloud Education (3 November 2020). "Distributed cloud". IBM. https://www.ibm.com/cloud/learn/distributed-cloud. Retrieved 21 August 2021. 
  13. Costello, K. (12 August 2020). "The CIO’s Guide to Distributed Cloud". Smarter With Gartner. https://www.gartner.com/smarterwithgartner/the-cios-guide-to-distributed-cloud/. Retrieved 21 August 2021. 
Retrieved from "https://www.limswiki.org/index.php?title=User:Shawndouglas/sandbox/sublevel45&oldid=43749"