 Video 1 introduction. Welcome to the fundamentals of cloud computing course. The core consists of various modules and in this first module we'll take a look at some of the key takeaway from the course. The key takeaways are you will gain a fundamental understanding of what cloud computing is. Because it is such a hype topic a lot of products call themselves cloud products. This happens a lot with buzzwords that get popular like cloud and big data. People start releasing products calling them cloud products just for the buzzword and the product may not be cloud product and this creates a lot of confusion in the market. The aim of this course is that when you are finished with this course you'll be able to clearly distinguish between a cloud product and a falsely advertised cloud product. You will gain an understanding of the key advantages of cloud. If your organization is planning to make a move to the cloud you'll be able to sit down with your architects and engineers discuss the benefits of moving to cloud and evaluate the risk and challenges involved. You will gain an understanding of cloud segments which are infrastructure as a service, platform as a service, software as a service and learn the advantages and disadvantages of them. You will get an understanding of the various cloud deployment models which are public, private, community and hybrid clouds and how they differ from each other. You will gain knowledge of some key cloud companies and what these companies are doing in this space and there is a lot of activity going on currently in this space. You will get an overview of these companies and the cloud services offered by them. You will also learn about security, compliance and privacy in the cloud. Throughout the training we will review a lot of use cases where leveraging cloud has been the deciding factor between success and failure. If I was in an elevator and someone were to ask me what is cloud computing and if I had a few seconds to answer I would go with the definition cloud computing is the delivery of computing as a service rather than a product. Computing traditionally has been a product similar to how hundred years ago electricity was a product. It was not uncommon for big companies to have a vice president of electricity. Now this may sound strange but in early 1900s electricity was in the same state that computing is today which means that if you wanted to use electricity you would have to buy generators to produce electricity or get contracts from power plant companies and make sure they give you enough electricity. Hence you needed a VP level person to manage electricity infrastructure to make sure it doesn't become the bottleneck in your operations in the factory. In the last hundred years we have solved this problem through centralized power generation and grids that distribute it everywhere. Now if someone is to open a factory or office getting electricity is not usually the problem in most countries. Electricity has moved from product base to a service base model and cloud computing is doing the same thing with computing. Right now computing is very product base. Now let's say that we develop an application and we want to release it to the world so that people can come and use the application from anywhere in the world but first we'll need to figure out how many servers, databases and such we will need. Under estimating might create way too much load on servers and degrade performance for users or estimation will result in wasted server capacity. Let's say we decide to get 10 servers and we have to first go and get those servers. This would be either local or remote. In case of local servers we'll have to go out and buy those servers, wait for them to get delivered, configure them and then use them to deploy applications. In the case of remote we'll have to go to some hosting company, ask for those servers, have to sign a contract with them and then get access to the servers and then deploy on them. Another advantage of electricity being a service other than a product is that we don't have to worry about electricity as long it's there. If you take example of this video you are watching you are consuming electricity by watching this but you don't notice it as long as the electricity is up and running. If you lose electricity then it becomes a problem. So computing is something similar in many cases. If you deploy an application, if your users are using the application they don't care about what hardware you are using as long as they get the service but the hardware goes down that's when they will notice. As you can already see there are a lot of advantages of services compared to products. Cloud computing is trying to move computing from being a product to being a service. Time is not far away when we can get data centers the same way we get electricity. You just plug into a socket and you get your data center the same way you get electricity from the grid. How does cloud matter to the world? Or the next couple of slides we are going to answer the question why cloud matters to the world. Fact number one, robust current market. According to popular market research company Gartner the public cloud services market was around 131 billion US dollars worldwide by the end of 2014. Infrastructure as a services including compute and storage continued to be the fastest growing segment of the market. Gartner also says cloud computing was in the top three CIO technology priorities for the last four years. CIOs or chief information officers over the world have different priorities but cloud computing has shown up in the top three for the last four years according to research by Gartner. Another fact is lack of skills. Leading management consultancy company Zinov predicted 25% of global IT talent will become redundant in three to five years. They also said cloud computing experts will witness moderate to high demand. A multinational corporation EMC says lack of skilled pros in cloud computing a challenge. Significantly all these skills were non-existent a decade ago. The cloud market is growing at a rapid pace international data corporation IDC and American market research firm states 1.7 million cloud computing jobs went unfilled in 2012. The problem was a lack of the training and certification among job seekers. The IDC report also states there is an urgent need to retrain existing IT professionals and encourage students to pursue cloud computing related training and certification. Growth predictions according to Gartner by 2016 over half your IT spending will be on cloud. Microsoft predicts revenues from cloud innovations could reach as high as 1.1 trillion US dollars a year by the end of 2015. Job predictions cloud brings with it exciting new career opportunities. IDC predicted cloud computing to create 14 million new jobs by 2015. As you can see cloud computing is already a required skill set for most IT employees and as time goes on its importance is bound to increase. IT workforce that does not acquire cloud computing as a skill might see their career growth stall or might not even have a job. In the next module we'll learn why cloud computing became such an important element in IT in such a short time. Video 2 evolution of software. In this video we are going to take a look at how and what drove cloud computing to become such a buzzword. Can you take a guess what is in this picture? This is the picture of a mainframe. The machine is more than 30 years old. This huge machine has a CPU of just 52 hertz and had only 1.7 kilobytes of RAM. Technology has moved so fast. Phones today have millions time faster clock speed and many million times more storage compared to these old machines. If you look around and compare this with things like cars, building etc. we have not improved a million times in any of these areas. Most companies had their corporate IT infrastructure on mainframes until early 2000s. Mainframes were how companies installed and ran their applications. There were a lot of drawbacks but they also had some advantages. There are two main components of your software, your data and your application. In mainframes both your data and your applications were on the same machine. You had a lot of dumb terminals all over where you can log in and access your application. For example you're using some word processing application and working on some document on one of the dumb terminals. After finishing a part of the document you had to leave. When you return you could use a different terminal. This was fine because no data was stored on the terminal itself. It was stored in the mainframe. So no matter where you logged in the data and the application was always there. Second advantage was that a mainframe was a single point of management. So let's say that you required a word processor. All you had to do was install it on the mainframe and all the users would get it. If you had 20 dumb terminals all you had to do is to install on the main terminal and all these 20 dumb terminals would get the software. So the main advantages are data and applications from the same mainframe. Software management was centralized. Same vendor provided both hardware and software. Mainframe providers were responsible for everything. They gave you both the hardware and the software and they handled the maintenance. For a corporate IT management was easier. Then from mainframes we entered into the PC era. PCs brought with them huge advantages. PCs provided the ability to give a person his own isolated computing resources which allowed them to work independently. Unlike mainframes where there was a lot of contention for resources here resources were not shared. So if a person was doing something very CPU intensive on the mainframe other people on the mainframes would get affected. This issue got solved by PCs as everyone had their own dedicated processing capacity. But with the advantages came the problems. Now your data and applications were no longer centralized. Now let's say you had to install word processing application. You had to go to each one of the computers and install the software. Let's say you started writing a document on one of the servers and then you log out for lunch. You had to log back in into the same machine to continue editing your document. You cannot just log into any machine and get your document. Thus your application and your data are bounded by the PC and are no longer centralized. PC manufacturers and software manufacturers became independent. In the mainframe days they both were provided by the same company. This resulted in IT manager having to manage both the hardware and the software. If something fails on the software side he would have to call the software vendor and if something fails on the hardware side he would have to call the hardware vendor. PCs made software into a product. Software was now sold on CDs. Microsoft made a fortune doing just that selling software on CDs. So from being centralized in the mainframe world software became a product in the PC world. The client is now responsible for managing the software. So from the PC era we have moved on to the current era which is mostly called post-PC era. One of the characteristics of post-PC is the range of devices. Microsoft's golden statement many years ago was one PC in every home and Microsoft products on each PC. Is that true anymore? Not really. Every home has multiple computers. A desktop, a laptop, a couple of smartphones, tablets, etc. Another characteristics of post-PC era is that everything is connected. About 10 years back it took some effort to get into the internet on your phones but today it's pretty much everywhere. In most countries it is now impossible to imagine a place without network connectivity. 3G networks and Wi-Fi's are everywhere. There are a lot of devices connected at all the time. So the problem of disjoint data and applications where your application and data are not centralized is severely compounded. Let's say you are writing a document on your tablet. You reach your office and now you want the same document on your office machine because we use so many devices and because we want our applications to be usable all the time we need data and application to be centralized. This is why a lot of companies realized this requirement and started providing hosted applications where they are providing your applications and data in the same location like Google Docs, Salesforce, etc. I'm sure you all know about Google Docs. You don't have to download any software. It is totally online. If you want to start writing a document you go to docs.google.com, write a document and it's automatically saved on Google Server. On your next device when you sign in you will still see the document that you are editing. So if you have 10 devices and the data is centralized you can use the data from any of the devices as long as you have the right credentials to access the data. So products like Google Docs started revolutionizing the markets. As hosted products like Google Docs started gaining a lot of traction a lot of people started moving to Google Docs. Companies like Microsoft which had Office sold on CDs were forced to launch similar product and Microsoft launched something called Office 365 which is also a hosted solution shortly afterwards. So not everyone wants to provide hosted solutions willingly but because a competitor is doing it they might also be forced to do it. Slowly but surely what is happening for the market is that software is becoming a service. Providers are hosting their applications and we are accessing it via browsers. So we are making a full turn. In the age of internet we have clients each with multiple devices vendors are providing hosted solutions applications running on hardware of the provider. Google Docs is not running on your machine you are just starting a browser editing the document running on Google servers. When you save the data the data is saved on the Google servers. Google hosts both the software and the data. So in today's world when most companies develop software to be relevant they have to provide software as a hosted server. This creates additional challenges for the companies as we will see in the next section. In this video we talked about how software started from being centralized to becoming a product and now in the cloud computing era has become a service again. In the next video we'll take a look at traditional IT infrastructure needed to deploy a hosted application such as Google Docs and issues one faces in doing so. Video 3 traditional IT infrastructure. We are going to take a look at what it would take to deploy a hosted application on traditional IT infrastructure. There are various layers to traditional IT infrastructure. Let's discuss the various factors you must consider while deploying at each layer. The first and the bottom most layer is the physical layer. This involves figuring out things like where to put your data center. It has to be a good place a place that is not in a flood zone or earthquake zone. The data center should be secure. It should not be possible to physically break into the data center. It should have a good power supply possibly from two grids. We also need a backup generator and a huge tank for diesel storage. It will also need cooling equipment. Once you get the data center setup you'll have to buy and install the servers in it. Connect them with cables router switches and deploy software on each machine. You will also need to arrange for staff to maintain the data center hire network engineers and necessary security personnel. The physical layer allows us to have what we call the low level hardware resources layer. Most people like to think in terms of low level hardware resources. They will say things like we have one petabyte of storage capacity but they might not know how many hard disk or servers it took to reach that amount of storage. Similarly they might say we have one gbps link but they might not be concerned with how many routers or switches are present and what kind of networking configuration has been done. Low level hardware resources allow you to deploy low level software resources on top of it. These are software resources that are deployed to be used by hire layers but we generally don't use this software directly. For example databases. We don't use databases directly. It is almost always used in conjunction with some application. Similarly with web servers and application servers. They are there to support the applications but they are rarely used directly. Most developers and testers think in terms of low level software resources and above. They don't really care about the lower levels unless there is a problem. If there is a problem such as the database is slow then they might dig into lower levels and check if the network is the problem or the machine is faulty. As long as the database is fast or the web server is fast enough they don't really care about how things are laid underneath. Next you have your application layer. This is where you develop and deploy your applications. This is where you ideally want most of your developers and testers to spend time on. They should not spend time at underneath layers. That is the goal. All the focus and effort should be on your application. At the end of the day this is what distinguishes you from your competition. This is what makes Facebook, Facebook and Google plus Google plus. Most users don't care about the architecture underneath Facebook. They just care about the application and that is it. Finally you have your users. They use a variety of devices, PCs which would be Windows, Linux and Mac and a variety of smartphone. Also they are geographically located in different regions since this is a hosted solution. Traditional IT infrastructure issues. Now traditional IT infrastructure has a lot of issues. You're going to take a look at the issues faced at each layer. At the physical layer the biggest issue is that you need a lot of capital upfront. Renting the data center space, buying the servers, cooling equipment, backup generators, hiring staff to connect these servers. This is a huge upfront cost before you even start earning. Offerent cost is the killer for most startups. They cannot scale at this layer. The next issue you face is that the physical layer has physical limitations. The floor space, cooling capacity, etc are physical limitations. This cannot be easily overcome. Let's say your data center has capacity of 1000 servers and you need to add another 1000 machines. You will have to find another place to house those extra servers. If you are lucky you will find a place nearby to your existing data center. But if not you will have to start the entire process again, searching for a safe place, rent it out, arrange for cooling, backup power, equipment and so on. You will also need a lot of good network engineers. Managing the network of 10 servers can be handled by a single person. But networking of 1000s of servers is not easy. You will need teams of good quality network engineers who must handle not only installation and setup, but also maintenance and support. At the low level hardware resources layer, it is very hard to estimate the hardware requirements in advance. You will need to know how many users you will have and how will these users use your software. Let's take an example of Office 365. Let's say spellcheck is an expensive operation. Let's say that Microsoft is launching Office 365. They do not know how many users are going to use it at launch and what is the average spellcheck run by a person? Once a document, twice a document, depending on these numbers, the need for CPU and memory will be very different. But they never know until they launch. Another issue you will face is that hardware becomes cheaper every month. Let's say today you buy 100 servers. From the day you buy the servers to the day servers come to your data center, you have to get people to deploy it, the networking team to connect them to the network, the software team will deploy software on it. It will take a good three to six months before the machine is actually used, which is the average time in most big companies to get hardware. From the time you purchase the hardware, to the time you are using it, the prices would have dropped, or even the technology would have moved on. Let's say you bought Quotu Duo servers, while the market has moved to i3s and i7s. At the lower level software resources layer, you have a front licensing cost as an issue. Imagine that you are a startup and you want to use Oracle Database. You know for a year, you are going to be in development phase. But with Oracle, you will have to pay the entire licensing fees from the day you purchase the software. Similarly, for a lot of applications on the market, you will have to pay a front licensing cost. You will need good software engineering team. It's easy for a maintenance team to manage a few machines. But as the size of your company grows, simple tasks like installations, patching and updating can get cumbersome. You need an experience dedicated team to do such tasks. Application layer. At the application layer, problem is that you are tightly coupled to your geographic location. Let's say you release your application in India, but it becomes really popular in USA. The US users might not get the best performance because of the latency coming from India. They will get subpar experience. Now if you plan to move your application to US, then you'll have to start from scratch. Finding a suitable place for your data center, renting the place, buying the servers, deploying them, etc. The entire process you did in India has to be replicated again in US. You never know where your application will become popular. Take the example of Oracle. You must have had an account on the internet before Facebook. Some guys from Google developed it. It was so US centric that once upon a time in the list of cities from which you can choose your home city, the only option were US cities and people from outside US had to choose others. Still, surprisingly, the two countries where it became the most popular were Brazil and India. Why? They are two culturally different countries speaking different languages, but around 70% of Oracle's user base was from them. This proves that when you launch an application, you will never know where it is going to be popular. Traditional IT infrastructure, main issues. But here are the two main issues with traditional IT infrastructure. The first main issue is infrastructure is not the core business. Your users do not care what the infrastructure is. As an engineer, you might wonder what kind of infrastructure does Facebook uses to support their 1 billion users? But think of the average user who uses Facebook. As long as Facebook is quick and available, he doesn't care. Google Plus might have a better IT infrastructure, but users are not going to be interested in it just because of that. It is the application layer that the user cares about. But if Facebook infrastructure starts having issues, then users will notice infrastructure can only cause issues for you. If something goes wrong, as long as it is up and running, users don't really care. The next critical issue is that it is hard to scale. At every layer, it is hard to scale. You face more and more challenges each time you scale. Scaling gets harder and harder as you move from 10 servers to 100 servers from 100 to 1000 and from 1000 to 10,000. The challenges you face grows exponentially. IT infrastructure pyramid of effort. I call this image the pyramid of effort. If you think about IT infrastructure, you will see that most of the effort has to be put at the lower levels as compared to the application layer. Setting up the infrastructure eats away at most of your resources, effort, time and money. And it is something your users don't really care about. It's something that can only cause problems if it does not work. It does not distinguish you from your competitors. This black area is what drowns most products and this is what cloud is trying to solve. In this video, we saw that the effort and issue at each layer of traditional IT infrastructure. Finally, we saw that most of your effort does not go into your application, but into the infrastructure underneath. In the next video, we'll take a look at an example of moving the desktop application to a hosted solution and the challenges you would face while doing that video for exercise. Let's say my accountant is a very popular desktop accounting software used by accounting teams of millions of organizations. My accountant decides to move from being a desktop software to a hosted software available online called online accountant. Let's discuss the challenges my accountant will face in doing so. So you go to onlineaccounting.com, sign in with your account, your entire accounting system is available there. You work on it and log out. Your data is stored securely on the servers of online accountant. When you log back in later, your data is still there. Imagine that you are the person leading a team responsible for moving this software from a desktop software to a hosted software. What are the challenges you would face while doing this? Pause the video and note down the challenges you think your team will encounter. When you are done, play the video again and compare your notes with our assessment. When my accountant was a desktop software, you give a CD to your customers. They install it and use it. But as a hosted solution, you have a lot more to consider. Now let us compare some of the challenges that you would have noted down. Let us first consider infrastructure. Since this is now a hosted application, the application must be hosted out of servers in your data center. Also, as your customers use your application, the data must be stored in your data center. Provisions must be made to back up this data. You might need thousands of servers to support your application and might need to add more as your customer base grows. You will need a huge upfront cost to procure the infrastructure. This will include buying servers, data center lease, cooling equipment, backup generators, etc. With such a large infrastructure, you will need a huge operations and deployment team to manage monitor and deploy on it. Installing and configuration of vast amount of servers will require the coordinated efforts of a large hardware installation team. Routine checks, monitoring and replacement of faulted disk drives, old servers, etc. will have to be done. You will need a huge experience team of network engineers to connect all those servers together with routers, switches, etc. and create a network. You will also need them for adding new servers to the network, configuration and troubleshooting. You will need a network operation center that runs 24-7 monitoring of the service to ensure that the service is always up and any issues that cause downtime are swiftly tackled. Software development, you will need software engineers that can write distributed applications which can be run on multiple servers. This is a different skill set, which is not usually taught in colleges, but acquired by actual work on such applications. Thus, there is some degree of challenge to find developers that can write applications that scale thousands of machines. Your applications need to be scalable and fault tolerant. When you have 1000 servers due to annual hardware failure, something is always bound to fail. Applications must be coded, keeping this in mind. Your developers need to know network topology and code for it. The network topology and bottlenecks will have to be kept in mind and necessary changes must be coded into the application. As seen, the overall developer's job becomes tougher. Software testing, a desktop based application just need to be tested to work on a single machine. Now the application must be tested to run correctly on large clusters, but usually the cluster given to the test team is much smaller than the production cluster on which the application is deployed. This can be an issue as some problems only manifest on large clusters. They don't really reveal themselves on smaller test clusters, but when deployed on larger clusters, they show up. Testing must be done on different clients. Since your application is hosted and can be accessed from a large variety of devices, testing must be done keeping in mind this variety. Performance has to be tested with each software change, as the small performance bottleneck can cause an entire cluster to be slow. As seen overall, the quality analyst job becomes tougher. Marketing and business model. There is a huge change in your marketing and business model. One time fixed cost versus subscription model. As a desktop software, your customers make a one time purchase of a CD install and use it. The responsibility of the software maker ends when the CD is sold and it incurs almost no extra cost after that sale. On the other hand, a data center is recurring cost. The cooling power systems and the servers require continuous maintenance and replacement. This must be taken into account in your business model. Thus, a hosted application requires a subscription based model where they purchase a subscription for a specific period of time and they use the software pay for the recurring cost. Project management. Traditional software development methodologies like waterfall model takes months and years to develop new version of the software. With the waterfall model, you follow a linear progression through the various stages of requirement gathering, design, development, testing and maintenance. As a hosted application, this kind of approach might not be optimal. As the customers expect the changes faster in the hosted environment, the agile model is an iterative and incremental approach that allows for continuous improvement. This style keeps the development aligned with business needs. This kind of approach also gives you the ability to try new features faster. If your customers request for a feature or a bug fix, you'll be able to deliver it faster and many other things change. Overall, it's not easy to develop and maintain hosted applications. In this video, we have talked about the challenge is faced when moving to a hosted solution from a desktop solution. In the next video, we'll take a look at how cloud solves many of the problems associated with traditional IT infrastructure. Video five, cloud infrastructure. In this video, we're going to take a look at how cloud solve many of the issues associated with traditional IT infrastructure. Cloud infrastructure, enter the cloud cloud computing helps to eliminate a lot of the issues faced with traditional IT infrastructure. Because rather than owning all the IT layers, you use cloud provider for a lot of those layers is the responsibility of an experienced vendor like Amazon web services, Google, Microsoft Azure, Salesforce, etc. to maintain their infrastructure. In the previous video, we saw physical layer consisted of data center, servers and networking equipment. And the drawbacks face were huge upfront capital physical limitations and the need for good network engineers. The entire physical layer is replaced by cloud services like Amazon Elastic Compute Cloud, Google Compute Engine, Microsoft Azure, virtual servers and many more. So instead of you going and buying out all the servers, you go to let's say Amazon EC2 and with a few clicks or API call, you can request hundreds of servers provision for you. Within a few minutes, you'll have your servers ready. You can connect to them and deploy your software on them. Use them for simulation, testing, almost anything you can do with traditional servers. Why invest time and money into buying and maintaining all the hardware when you can with a few clicks of a button, get your entire physical infrastructure on some of these providers regarding the issues of needing a lot of upfront capital. Most of the servers are paper use. If you want 1000 servers today, you are charged per the hour. If you keep 1000 servers running for one hour and release them after an hour, you are charged for 1000 machine hours with around 10 to 12 cents per machine hour, you will be paying around $100 to be able to use 1000s of servers, which is nothing compared to traditional ID infrastructure costs. Also, in the cloud, there are no physical limitations. There's a famous code by Newton. If I had seen further, it is by standing on the shoulder of giants. In the cloud, you are standing on the shoulder of giants like Amazon, Microsoft and Google. You may feel 1000 servers is a huge number of servers. But for this cloud providers, these numbers are not huge by any standard. Just to give you an idea of scale of Amazon infrastructure without giving very specific information, Amazon said that the amount of infrastructure that Amazon.com had when it was a $7 billion annual revenue e-commerce company, it adds that amount of infrastructure now every single day. If you are at the scale where you are challenging Amazon or Microsoft capacity to provide you servers, then you have a good problem. Regarding having good network engineers, the servers provided to you are already connected. And the entire networking configuration is already done for you. So you can start using them at the network layer. Everything has been already done for you. The need for good networking engineers is drastically reduced. In the previous video, we saw that low level hardware resources were how much storage computation or bandwidth you actually have. This specific needs are now fulfilled by services like Amazon Simple Storage Service or Azure Blob Storage. Let's say you need a terabyte of storage. Storage is made available to you as a service with Amazon Simple Storage Service or Azure Blob Storage. The drawbacks faced where it was very hard to estimate the need in advance and hardware becoming cheaper every month. The issue of needing to estimate in advance is eliminated. Since services like S3 can scale from one byte to 100 terabytes instantly, there is no hard limit on what can be stored on S3. We don't really have to plan for storage and end up under provisioning or over provisioning. Service like S3 scales up instantly and is paid for what you use. With the issue of hardware becoming cheaper every month, this is no longer your problem. All cloud providers have cutthroat competition and the prices are actually going down for storage and CPU in the cloud. They have economics of scale and you get the benefit of that. Data storage has become so cheap. In many cases, it is cheaper to store on cloud than on site. Low level software resources. In the previous video, we saw that the low level software resources layer, we have our database, web servers and application servers. At this layer, we have services like Microsoft SQL Azure, Amazon Relational Database Service and Google App Engine. The drawbacks faced where upfront licensing cost and the need for good software maintenance team. The issue of upfront licensing cost is removed. The licensing cost is included in the pricing so you pay for the R. You are not bounded by contracts. You use the service for an hour. You pay only for that R. Now, regarding the issue of needing a good software maintenance team, a lot of maintenance tasks are automatically taken care by the cloud providers. For example, when you use database services like Amazon Relational Database Service or Azure SQL, all the patching and the upgrading are taken care of by the service itself. And the amount of software maintenance required is drastically reduced. Now, even at the application layer, cloud provides many services. You can offload the application layer itself to cloud applications like Google Apps, Microsoft Exchange Online and a million other apps. So if you can directly use one of these apps for your requirement, then it negates the need to engage at the lower level. For example, if you need to deploy an exchange server to receive and send emails for your company, one way will be to engage at the physical layer and ask Amazon or Microsoft Cloud to give a server and install exchange yourself. Then you'll be responsible for keeping Microsoft Exchange running on it. But Google Apps and Microsoft Exchange Online provides these services as an application itself. So you can go to Google Apps and engage with Google as the application layer and reduce the amount of work you need to do to maintain the email infrastructure. We previously saw that the drawback faced at the application layer was that you were tightly coupled to your geographic location. When you use your own infrastructure to host applications, you were tightly coupled to a geographic location. But most of these cloud providers have data centers all over the world, which can serve the need of users located in different geographic locations. You can use any of these geographic regions. And it's also not that difficult to move applications from one geographic region to another. Thus, you are not tightly coupled to one location. An example is that Amazon Web Services has infrastructure in North and South America, Europe and Asia, thus covering majority of the world. ID infrastructure, cloud advantage. So previously, we saw in the pyramid of effort how the lower levels of infrastructure takes away most of your time and effort, which could have been spent on your applications. The cloud now replaces this black area. It takes care of everything beneath your application layer so that you can again spend all of your time effort and creativity on your application. This is a huge win for any company that requires ID infrastructure, hosting applications on the cloud. We previously saw that it was not easy to develop and maintain hosted applications. Now that we have an understanding of the cloud and the advantages that it brings, we will revisit benefits that we get from hosting applications on the cloud. Refer to the issues we discussed previously in the Moving My Accountant to Online Accountant section. Cloud infrastructure saves you a lot of time, energy and money. The kind of money you would need for an ID infrastructure is hugely reduced if you use cloud as all the cloud providers are paper used. You don't need money upfront to buy hardware. The time and energy you would require to set up an ID infrastructure in cloud drastically reduced compared to traditional infrastructure. Less manpower is needed for maintaining the infrastructure. A 10 to 12 people company can manage infrastructures that can support millions of users. This can only be done if you use cloud infrastructure. This will be impossible with the physical infrastructure. The reason why you need less manpower to do the management is because most of the heavy lifting is done by the cloud provider. Developers are aided by many cloud services. Let's say as a developer of a desktop application, you have written code that stores data on the local hard disk. But for a hosted application, you have to write code with complicated logic that stores data on a centralized server. In case that is down, data should be stored in another location and so on. But if you're using cloud storage like S3, you have a single location whose chances of being down are rare. Cloud services like this help developer write good applications. Testers can have production size clusters to test. This is a huge advantage you get. For example, let's say you have your application deployed on a 1000 node cluster. When you have a new version of your application, you have your testers test this version on a smaller 20 machine cluster. The biggest problem encountered is that it is really hard to figure out problems at such small scale. The version may work at a 20 node scale, but it might fail at the higher scale. But if you are on cloud, you can start a similar 1000 node cluster, give it to your testing for a couple of hours or a day. And when they're done, you just release it. It is not very expensive compared to buying your own hardware. Business models are simpler and startup need less capital to go live. So imagine you need to sell a business plan to somebody. You ask him for a huge capital. Tell him you need the money to buy hundreds of servers, hire people to maintain it. And maybe just maybe the application will be successful. Or you could ask him for a fraction of the capital, launch the application on 100 servers in the cloud. If the application grows and generates revenue, you will be self sustaining. If the application fails, then you release the servers, learn from your mistakes, reiterate and redeploy the application. But the entire cost of hardware is not involved in your business plan anymore. The risk involved is much less. This is seen nowadays in Silicon Valley startups. What is seen nowadays in the Silicon Valley startups is that the amount of initial funding has gone down dramatically. Let's say when back in the day, Google launched, they would have to buy the infrastructure as there was no cloud. They would have us for millions of dollars in funding. Today, if somebody wants to launch an application that competes with Google, they would potentially launch for much less. They just hold that application on Amazon Microsoft, or even Google's own infrastructure. In this video, we saw how cloud nullifies each of the issues faced at each layer of traditional IT infrastructure and allows you to focus your time and effort on the creativity of your application. In the next video, we'll take a look at some of the key attributes of cloud computing. Video six, key attributes of cloud computing. In this video, we'll have a look at some of the key attributes a service must possess to call itself a cloud service. First, we have self service. Cloud services must allow self service access. You should be able to sign up online by providing your credit card details and be able to access resources at will through an online control panel. Customers should be able to request pay and use the desired services without the intervention of human operators. The next attribute a cloud service should have is a pay per use utility model. Cloud providers must allow users to request and use the desired amount of services without any sort of upfront cost. You only pay for the resources you consume, nothing more. In this model, you consume cloud resources. For example, if you use a machine for 500 hours, and you store one terabyte of data, then in the end of the month, you are built for those 500 machine hours and that one terabyte of storage only. Any provider which needs a contractual commitment and upfront payments in order to use their services cannot be considered a cloud provider. Cloud services should be elastic cloud services must allow users to quickly provision and deprovision their resources as and when required. Let's say you have an e-commerce site which needs to about 20 servers to support your traffic during peak hours of the day and at night you do not have that much traffic and need only two servers running. Cloud services should give you the ability to change your fleet from 20 to 2 servers during the night and back to 20 servers during the day. For this to happen, you need two critical things. First, you need features provided by cloud provider that allow you to easily and automatically scale up and down. If scaling up and down was manual and tedious, it will hamper the cloud service being elastic. And secondly, the billing model should allow elasticity. For example, if the cloud provider charges a minimum of 24 hours of usage each time you start a server, then the given e-commerce site which is mentioned will not be able to be elastic as there is no financial benefit. Most cloud providers though charge for a minimum of only one hour and many even 10 minutes. So it allows elasticity. Cloud services must offer high scalability. Cloud services must allow users to scale up and scale down the resources at internet scale. In today's world, it is not uncommon for a new application or service to acquire millions of users within a few days. If your application is hosted on the cloud, your provider should be able to give you enough resources to solve the traffic. Providers that limit you to very puny limits of few servers and few terabyte of storage cannot be considered cloud services. Cloud services must be fully virtualized and automated. What this means is that you don't get access to actual physical resource, but to a virtual appliance on top of it. For example, the storage you get is not actually physical access to a hard drive. You're getting a virtual layer above it and the servers provided are virtual instances. This allows greater sharing by allowing multi tenant architecture where a single physical server could be hosting virtual servers from two different clients and it has to be fully automated. Provisioning VMs or storage cannot be a manual task performed by someone at the back end. It has to be fully automated. Cloud services has to use internet protocols and technologies such as HTTP, REST, SOAP, etc. Let's say you have an application that lets you upload files to backup and download them when needed. You visit the application, browse for a file and click upload and the data gets stored on some centralized server. When you want to download, you select from a list of files and click download. In addition to this manual UI even approach, cloud services has to give you access to the application with the help of some APIs. So you can access them without human intervention. This instantly makes the application more usable and automatable. If you take Amazon S3 for example or Dropbox, not only will they have UI using which you can upload and download data but they also provide an API for upload and download methods. Now we don't need a human to click on upload of the UI. You can call the upload method, give the file name and the file is automatically uploaded to the centralized server. Similarly, you can call the download method, give the file name and the file gets downloaded. This now enables you to write another application that can interact with this cloud application to upload and download data without requiring humans. Let's say you have to back up your hard drive. Without the APIs, every time you have to manually select the files and upload them. But with APIs you can create an application where every time you start your laptop, the application automatically syncs your data. This is much better solution compared to manually uploading files and thus APIs are way more powerful than UI based solutions. This is also the key difference between a web-based application compared to a cloud solution, the APIs. A hosted service without APIs can only be called a web application but for it to be called a cloud service it has to provide APIs. In this video we have taken a look at some of the key attributes of cloud computing. Take this into consideration next time you are judging a product to be a cloud product or not. In the next video we take a look at some examples of the advantages of cloud computing. Video 7 cloud advantages scaling and redundancy. In this video we will first talk about scaling as an advantage of the cloud and some companies who have used the cloud to successfully scale and those that fail to scale. Later we will talk about redundancy as an advantage of the cloud. Examples of cloud advantage netflix.com. Netflix started as a company which delivered movie DVDs by post. They got very popular and started streaming movies online. Today Netflix and YouTube together account for more than half of North America's internet traffic. In the month of June 2013 alone it streamed one billion hours of video. They have a total of 40 million customers. This means that they have more subscribers than top cable giants like HBO. Initially they were on physical hardware but they used the cloud to scale. In 2006 2007 when they started streaming and they were doing so to their own data centers they found that the hardware couldn't deal with the huge load that they were encountering and had frequent failures. Also they realized that they could not build data centers fast enough to support their growing user base. They decided to offload their data center infrastructure requirements to Amazon web services. They now employ Amazon web services for a wide number of purposes including encoding movies for streaming, log analysis and their production website. They periodically analyzed terabytes of logs for debugging, monitoring, business intelligence, reporting, etc. Zynga.com Zynga is a social game company. The company has made games for MySpace and then Facebook. It started in 2007 and it was once and 6.6 billion US dollar company. Zynga has over 250 million monthly active users globally. It owns 7 of top 10 games on Facebook.com. Its popular titles include Farm Mill, Mafia Wars and Zynga Poker. Next I want to spend some time investigating few of the games that Zynga released. The chart shows the daily average users after the launch of 10 popular Zynga games. The timescale is relative. Of course not all Zynga products were launched on the same day. But what we are trying to figure out is what was the traffic pattern for the games over a period of time after release. First let us check out Zynga's most popular game which was most successful. The light blue line denotes Farm Mill. We see that from 6 months after the launch Farm Mill had close to 30 million active daily users. And because this is a hosted game there are 30 million users playing games on Zynga servers. Can you imagine the infrastructure needed for that kind of game and infrastructure to support 30 million people playing games and to add to that scaling up in a period of 6 months is actually very hard. Almost impossible with traditional IT infrastructure. This is impressive but that's not the only point. Consider what happened after nine months. Let's say for the first nine months you were able to add servers as the traffic was growing. You were somehow able to set up thousands of servers to support the traffic and your customers were happy. What happened when the user request dies down. When traffic goes down the infrastructure that cost you a huge amount of money just lies there without providing any return and most likely the company will go bankrupt. Another point Citiball was launched after Farm Mill and let's say you were the manager estimating the number of users for Citiball your infrastructure should support. So you would possibly think as many users as Farm Mill right. Since people who like Farm Mill would like Citiball as well. But here's what happened initially Citiball hit about two million users in two months but then it died down rapidly. This retrates our previous statement that it is very hard to estimate user traffic for hosted applications. There were other older games for Zynga like Yoel etc which didn't do so well. Farm Mill was the first game at Zynga that did phenomenally well. It is very hard to predict the success or failure of an application and you have to be ready for both. As said by Mark Williams the company's VP of network operations given the game's huge growth without Amazon Farm Mill would have failed and if Farm Mill would have failed Zynga would not have been able to be a multi-billion dollar company. Failed to scale. There are also examples of companies who have failed to scale. Friendster. Have you heard about Friendster? Friendster was the very first social networking application that got popular. This was even before Facebook, MySpace or Orkut. It was the social networking platform. It spread like a wildfire on launch. Within months everybody knew about Friendster especially in American college campuses and it had 3 million users within the first few months. Imagine having 3 million users within the first few months of the launch of a product. But the problem was that as people started getting on to Friendster it became slower and slower. They didn't have any kind of control on who could sign up. It took minutes to log into the site and even more time to send messages. Because of the slowness of the site it gave opportunity to sites like Facebook and MySpace to launch and people easily moved to the sites. Facebook kept growing and were able to sustain the user base. XCEO Friendster says we didn't solve the first basic problem. Our site didn't work. And an interesting quote by a Facebook executive. All they had to do which in case they're referring to Friendster all they had to do was keep the damn server up and running. This is because once people get accustomed to a product it is very hard for them to change. Let's say a new social networking platform comes out and it's much better compared to Facebook. Feature wise people won't move easily. Why? Because they already have Facebook. They want to use what they are used to. Imagine Friendster had their services up and running. If they were able to scale and had enough infrastructure to keep things right they would have been the Facebook, the multi-billion dollar company that Facebook is right now. Even maybe Facebook could not have been so successful if Friendster were able to scale. So it's very interesting to think that the very reason that this company failed is infrastructure. When you launch a product for a company you have to prepare for failure or success. The next company is Kool. It's pronounced cool but it's spelled C-U-I-L. This story was back in the day when there was this fierce search competition between Google and Yahoo. This was over what is called a search index. A search index is how many billion pages have been crawled by a search engine and index in the search results. The competition was swaying back and forth between Google and Yahoo. Google saying they had bigger search index on some days and Yahoo claiming they were leading on the others. At the time three ex-Google employees started this company called Kool and announced the launch of their own search engine and their shot to fame was their index was three times the size of Google. People started calling it the next Google or the Google killer search engine. There was a real buzz about it in the IT world. At the same time Google's talks were doing really well. Wall Street heard about this and started writing about this. Slowly this spread all over the media so even non IT people got to know about this and were waiting for the launch. So Kool might have anticipated a decent traffic from the tech community but as they launch there is so many people trying to access the site at the same time that the servers crashed. The error message due to excessive load our servers didn't return result. Please try your search again. Which were displayed when accessing the site was a huge embarrassment. Moreover there was what the company called a serious file corruption due to overloading. Their entire index got corrupted and people started getting inappropriate results along with their search results. Within the day they went from being the most anticipated product to a big failure and they did not get a second chance. So skilling is important and if you don't plan for that you will fail. Animoto. There is this product called Animoto. It's a very simple product. It takes photographs and sound tracks and merges them together to create a video. This video will be like a slide show with music. They also do some interesting things like when the music is slow the pictures move slowly across the screen and when the music is fast the pictures moves fast as well. So for hosting an application like this what do you need in the IT infrastructure. One you need a lot of CPU because conversion of photo and music to video is a CPU intensive task and you need good bandwidth. Because the storage for video is larger than compared to photos and people will start sharing with their friends and family and they would start watching the videos as well and this would be streamed from your own servers. As you grow you will need more CPU. We also need to make sure you have enough bandwidth. As long as the bandwidth and CPU are good your customers are happy. But if any one of them is bottlenecked your customers get bad experience. If the video download is buffered then there is bad experience and if you don't have enough CPU the conversion takes a long time. So Animoto went ahead and launched the application. But when they realized that though they had a good application it was not very popular. They realized that it was a lot of work for someone to use the application. People had to manually upload the pictures and then upload the music and they had to share the link via email. They thought to themselves where is one place where people store their photos and is easy to share and the answer was Facebook. They launched a Facebook application where you can select one of your albums, select from a list of songs or upload your own song and they combined to give you the video which you could share easily on Facebook. This app went viral. Within five days they went from five servers to five thousand servers. Can you do that on physical hardware? Even if you had unlimited money, unlimited manpower this kind of scaling is almost impossible and you need cloud to do this. Nothing matches cloud in terms of scaling. Cloud advantage, redundancy. Another advantage you get in cloud is redundancy in infrastructure. So we already talked about the fact that cloud providers have data centers in multiple geographic location. This is a map of where Amazon web services has their infrastructure. Amazon and infrastructure in US, Brazil, Europe, Japan, Australia and China. Let's take the example of Japan. Just a couple of years ago they had a really bad earthquake and resultant tsunami which destroyed the entire power line and many cities were under water. So let's say you were a very popular news website. Let's say Times of Japan and you were on physical infrastructure and tsunami comes. This is when people are looking at you to provide them information. This is when they need your website and your infrastructure is under water, literally. Let's say you have a competitor called the Japan Express. Now the Japan Express is on AWS. So even if AWS's Japan infrastructure was shut down, they can quickly with a few modifications move their websites from Japan to Singapore and they are still up. In spite of the raging tsunami, their website is still up and giving information to people. Can you imagine the impact that will be made on their clients? Your competitor's users are coming to your website for information. You cannot pay money for this kind of PR. Now you may say that tsunami happens once in a lifetime. Things like this happen all the time. Natural disasters are likely could even happen today. The idea is you need to be ready and unfortunate incidents could wipe out all your data. But if you have a copy in Singapore or US, you can still host your application from those regions. Another advantage is that infrastructure in different regions for cloud providers look exactly the same. Many companies will have servers in different regions but different hardware providers would set up their infrastructure and the IT infrastructure might look different for different locations. But cloud providers have the same infrastructure from the user's perspective at all locations. With the UI and API being same for all regions, making migration from one region to the another fairly simple. In this video, we talked about companies like Netflix, Zynga and Anymoto who have scale using the cloud and companies like Cool and Friendster who fail to scale. We also took a look at how cloud can provide instant scalability and redundancy as an advantage. In the next video, we'll take a look at cloud segments. Video 8 cloud segments. We are now going to understand the features, differences, similarities, advantages and disadvantages of different cloud segments. There are three main cloud segments software as a service pronounced SAS, platform as a service pronounced pass and infrastructure at the service pronounced IAS. SAS, software as a service is where your application and data are both in the same place. For example, Google Docs, Salesforce, etc. Any service which has its application and data in the same location and which provides you APIs with which you can interact. For example, let's say your company wants to deploy a human resource management system. You have the option to buy it as a software and deploy it in your own infrastructure or use an online version of it where everything will be readily deployed for you. In the second case, you're using a SAS, software as a service. Using APIs that is SAS application provides, you can configure the application so that whenever a new employee joins and a user record is created for him in company's active directory, a corresponding user records get created in the human resources management system. Moreover, as number of employees in your organization grow, you don't have to worry about scalability part of the application as it is in build in SAS layer. I-A-A-S infrastructure as a service. Let's say you're designing infrastructure for an e-commerce site. So what would your infrastructure look like? You would have a data center, let's say a load balancer, some servers running the code, you have a database, some storage where product images are stored, etc. In infrastructure as a service, you are selecting and hand picking each of these components. You decide what kind of storage you need and what is the best product for this. You would potentially go with either Amazon S3 or Azure Blob Storage or something like that. You are also responsible for figuring out how these different components interact with each other. For example, the storage component might not give you an option to mount it and the only option to use the storage component is through APIs. In this case, you will have to make sure code running in the execution machines are able to call the APIs to store data and if the storage service allows you to mount and that works better for you, you might just do that. Each of these services is behaving like an individual building block where you can pick and choose where you can plug in the service to power your application. These are called infrastructure services. They provide you with building blocks of core infrastructure entities like storage and execution for you to design your infrastructure. Here, once the infrastructure is provisioned, you can use it in any ways you wish to but you are also responsible to make sure things are up and running. For example, a virtual machine might have been provisioned for you but it will be your job to make sure a web server running on this virtual server is not down. Platform as a service pass. Let's say you are going to use a platform as a service. How it is different from infrastructure as a service is that here the only control you have is simply the location where to deploy the applications. You don't get to choose the building blocks. An example is Google App Engine. When you deploy an application to Google App Engine, if you want storage, you call APIs and internally it will use storage and store data there. If you want SQL, you have to use some libraries that will allow you to write queries which will get stored internally in the database platform that Google has. At the end of the day, you're calling the APIs and internally Google takes care of everything. Where your data is stored, where your tables are stored, as long as you call the right APIs, Google will do the right thing. Load balancing is automatic and if your request rate increases, it will automatically be able to load balance. This is platform as a service. You don't get to pick and choose the infrastructure components and you don't get direct access to it in most cases. You only get to access these components through APIs. Also, you have to follow the protocol set by the platform. For example, Google App Engine currently only supports PHP, Java, Python and Go. So, you have to write your code in one of these languages and properly use the SDKs provided by Google. On infrastructure as a service, you are manually controlling your execution layer, your load balancers, your backend, but here you just deploy your code and everything else is taken care of for you by the platform. Flexibility versus responsibility. So, as you might have already guessed, platform as a service has lower responsibility but with it comes less flexibility and though infrastructure as a service has greater flexibility, it has greater responsibility. Software as a service has very little flexibility and thus very little responsibility. So, the more flexibility you want, you have to be willing to take on more responsibility. Key benefits, software as a service. In software as a service, there is no installation and maintenance requirements. You just create an account and start using the software. In software as a service, there are no upfront licensing costs. In most cases, software as a service gives you the ability to access the application from anywhere with just an internet connection. Software as a service gives you the ability to access from multiple devices whether that be Mac or PC, mobile or tablet. SAS products usually have better SLAs than one that can be achieved on their own. The uptime we get from seasoned SAS players is usually better than what we can achieve on our own. For example, if you are running an exchange server in your own data center, you can almost never match the availability of similar SAS products like Google Apps or Microsoft Exchange Online. Key benefits, platform as a service. Platform as a service requires even less upfront capital. As you are just deploying code to the platform and most platforms only charge you once your app is used a lot, you can start up an app for almost free. Using platform as a service requires less knowledge and skill to develop and deploy applications. While using infrastructure as a service, you will need to know things like how the network works, how the storage is set up, etc. In the platform, all you need to know is the APIs. Thus, even someone who has no idea about how load balancers and routers work can potentially write a very successful and scalable application with just the good knowledge of APIs. While using platform as a service, you pay for only the resources used. Mostly the billing is based on the CPU cycles you use and the bandwidth. Using platform as a service allows for easy and rapid scaling. With pass, you are able to scale faster than infrastructure as a service and the platform takes care of more scaling needs. Using pass leads to rapid time to market. In infrastructure as a service, you will still have to architect different components of your IT infrastructure. Here, you just have to code and deploy. Pass takes care of non-core but critical platform components. Using pass leads to drastic reduction in IT staff required for software maintenance. In infrastructure as a service, the hardware is not your problem but you would still require software maintenance team to do the patching, upgrading of software, etc. Here, you don't have to do anything like that. The platform takes care of it for you. Key benefits infrastructure as a service. Infrastructure as a service gives you very high flexibility. You can pick and choose each of your infrastructure components, even use components from different providers. You are not bounded by any particular programming language like platform as a service. Using infrastructure as a service leads to drastic reduction in upfront capital investment because you can provision these resources from the cloud. Infrastructure as a service allows you to scale easily and rapidly but of course an architect is needed to be able to design the scale up and scale down. You pay for only the resources you use. You pay for what you consume. If you use more servers, you pay more. If you use less servers, you pay less. Using infrastructure as a service leads to drastic reduction in IT support, networking and system admin staff required for maintenance. Your need for people doing networking, IT support, system administration is reduced. Some personnel might be required but it is drastically reduced. Infrastructure as a service takes care of non-core but critical infrastructure components. In this video, we have taken a look at different segments of the cloud, how they are different from each other and what are the key benefits of each of them. In the next video, we'll take a look at various cloud deployment models. Video 9, cloud deployment models. In this video, we'll talk about various cloud deployment models. There are primarily four cloud deployment models. Public cloud, private cloud, community cloud and hybrid cloud. Let's take a look at each one of them. Public cloud. This is easy to understand. Public cloud is where a cloud provider like Amazon, Google or Microsoft provides cloud services to any organization or entity which can pay for their services and use them. The cloud is publicly available for anyone with a valid credit card. So far, whatever we have discussed, we have been talking about public cloud, private cloud. So, a while ago, there was a survey done on some of Fortune 500 company about what is their average CPU utilization of their hardware resources. It was found that less than 5% of their hardware was being utilized. The research realized that it is because of two factors. One is that the cost of overestimating the hardware needs is much less than the risk of underestimating. No one gets fired for overestimating hardware needs. But if your system crashes due to underestimation of hardware needs, you might be in trouble. Thus, most IT professionals air on the side of overestimation of hardware resources needed. The second reason is that the procurement time of hardware takes months in most organizations. From the time you purchase, the time taken for delivery, networking, software deployment takes a good two or three months. The first effort to tackle this issue was hardware virtualization. Let's say that a company has two teams, team A and team B. They both require one machine each and each of the server has capacity of 8 GB RAM and two cores each. Let's say team A system is really popular and it is using up all the memory and all the CPU available on the machine and is in need for more memory and CPU. Meanwhile, team B is not really using much of its CPU or memory. So what is the solution here? It is not possible to shift over some of the team B's resources to team A in traditional IT infrastructure. The first big idea that came into the market for this was virtualization. So instead of buying two servers, each of which has 8 GB RAM and two cores, the company would buy a bigger server with 16 GB of RAM and four cores and deploy a virtualization layer like VMware, ESXi, Microsoft Hyper-V or Zen on top of it. Now, two virtual instances with 8 GB RAM and two cores each will be created on top of the same physical machine and provided to respective teams. If you look at the previous issue where team A needed more resources and team B had resources that they were not using, as both this virtual servers are on the same physical hardware, now one can customize to have some of team B's capacity be given to team A. Hardware management becomes easy and whenever team requires resources, they quickly get them. So, the company started buying big servers, providing virtual machines out of them. But as number of virtual machine grew, manually starting and stopping the VMs and managing the resource became a cumbersome and error-prone process. This led to the introduction of a software layer on top of this virtualization layer that figured out which VM belonged to which physical machine who is using which machine with CPU is being used when it started and stopped and so forth. And then this led to the task of managing VMs from being a manual process to an automated one. This software layer could give you UI which allowed you to start and stop VMs at will. So, at the UI you could ask for 10 virtual machines of desired size and the duration for which you needed the virtual machines. The software would then scan the available infrastructure and provision VMs for the desired amount of time and afterwards release them automatically. It kind of behaves like a cloud to the user using the UI. After some time vendors were trying to sell it and started calling it the private cloud. This is sometimes also called a false cloud or a fox cloud because the technology being used here is very different. Private cloud is to increase the utilization of hardware and enhance manageability of companies internal ID resources. Community cloud. Community cloud is a private cloud managed by two or more companies. Why would you want something like this? It's mostly cost. Let's say there are five hospitals in an area. Hospitals require huge ID infrastructure to store patient information, MRI scans, report and other such data. In US they have to go through HIPAA compliance where they have to get their data center audited every year. For a single hospital to maintain its own data center would be very costly especially with the compliance. So they might have a community cloud where they can share the expenses of the data center and the cost of compliance. The Singapore government has recently started a government cloud where any Singaporean government entity that requires servers can provision them there. This is an example of community cloud. Hybrid cloud. When one uses two different kinds of cloud at the same time it is called a hybrid cloud. You can imagine that when a private cloud is out of capacity how does it get more service? Some private clouds have an orchestration layer where they can go to a public cloud like Amazon or Azure and get a machine from there and then give it to one of the users when its own resources are saturated. This kind of cloud where private and public cloud are used together is called a hybrid cloud. In this video we talked about different cloud deployment models. We will next talk about some popular cloud companies, services and products. Video 10 popular cloud companies, services and products. In this video we'll take a look at some popular public and private cloud companies, some popular cloud services and some popular cloud products. Public cloud companies. Now let's have a look at some of the players in the public cloud space. The oldest one in infrastructure as a service is Amazon web services which started in 2006. It's been nine years since their release. Azure and Google have recently added services at the infrastructure layer. Google had platform as a service in form of Google application engine and have now entered into the infrastructure space with Google compute engine. This was 2013. Microsoft has also launched its infrastructure as a service component called Azure infrastructure services. Other players like IBM software, Linode and HP cloud services are also there. VMware has just announced its entry into infrastructure services as well. At the platform layer, there is Google application engine and Azure and Amazon's elastic Beanstalk. AWS Beanstalk is kind of like a platform but it also allows you a lot of flexibility. Some people might not consider it a pure platform but that's fine. Salesforce was a revolutionary company that started providing software as a service way back in 2001 and now has a platform as a service offering called force.com. In the private cloud space, there are different service providers too. Companies like Cisco, EMC, IBM and HP provide both hardware and software. They sell the entire stack. They will set up the entire private cloud for a company. Then there are companies who only provide software mostly open source. Open stack is backed by RecSpace, NASA, HP, Cisco and Apache cloud stack is backed by Citrix. Eucalyptus is a very interesting player in the market mostly because it has the backing of Amazon. It has APIs which looks extremely similar to that of AWS. The API is used by Eucalyptus to store data locally is similar to that of the API used by AWS to store data in S3. The API used to start a VM in Eucalyptus is very similar to the APIs used by AWS to launch an instance. They're trying to make things so seamless that companies can use Eucalyptus and virtually move from Eucalyptus to AWS or vice versa with ease. Cloud storage services. In this section we will look at some of the cloud services. So how do you store data reliably? The first idea here was to design hardware that never fails. A lot of research went into it and then they realized that it is futile and hardware will always fail. Then they came up with RAID array where you have redundant disk. So if one disk fails you still have data on other disks. But here what happens when the RAID controller fails or two disks fail at the same time then data becomes unavailable. The latest trend for high availability data storage is to distribute the data across locations. Let's have a look at a cloud storage service. In step one a request to store a file called mypick.jpg is received by data center one. As soon as DC1 copies it it immediately copies it to multiple data centers. So now you have a copy in three different geographic regions. Some data centers are at least 50 to 100 miles away from each other. So if an unfortunate event such as a fire or a natural disaster were to happen on one of the data centers your data will still be available in the other data centers. Similarly you can store report.doc. Now what happens when something goes wrong with report.doc? Maybe the data got corrupted, the hard drive fail, something of this sort happened. Right? The system recognizes that a copy is missing and it will immediately make a copy from one of the two other regions. This way it will make sure that multiple copies of your data are available to you. The likelihood of these three copies getting deleted at the same time is very rare especially because there are three different locations, three different data centers. With cloud storage services generally you have some APIs like list which will let you list your data and get which will let you retrieve your data. When you do a delete the data is deleted from all locations. Simple storage service. An example of a cloud storage service is Amazon's simple storage service or S3. It has 99.99% uptime guarantee which means that only 52 minutes of downtime a year which is phenomenal. It also has 11 9ths of durability which means that if 10 000 objects were stored the probability of loss of a single object is once every 10 million years. Cloud compute services. You can think of cloud compute services as a farm of virtual servers. You make a request saying you want 10 servers to the service providers, the cloud service provider. The provider allocates you those 10 servers. You get the reference or IP address to those 10 servers using which you log into those 10 servers deploy application or do whatever you want with those servers. After an hour you need only five of those servers so you release five of them. The servers get released. After another hour you say you're done and you release the remaining five. In the end you have used 10 servers for one hour and another five servers for another hour. So in total you have used 15 machine hours and that's what you are built for. Elastic compute cloud EC2. Amazon's EC2 is the best example of a cloud compute service. You can start servers in minutes. You can get a variety of machine sizes raising from one core to many many cores and RAM starting from just 613 MB of RAM to many many gigabytes of RAM. You get a variety of flavors of OS. You get Linux, Ubuntu, OpenSUSE, Fedora, etc. You also get a lot of pre-configured machine types. So for example you can get a Windows server with IIS pre-configured on it, a Linux server with Apache, PHP, MySQL, the entire LAMP stack on it and so forth. When the machine starts all the software is already pre-configured on it. A lot of popular software like WordPress, a popular blogging platform already available on EC2. Microsoft SQL Azure. SQL Azure is a fully managed SQL database in the cloud. It features like automatic failover where if the primary fails it can switch to the secondary database instance. Also as the load increases it can automatically scale up. It can also do sharding automatically and it can replicate across geographic regions automatically. It also has a cool feature called Azure Datasync that lets you keep multiple databases in sync. Let's say you have two on-premise databases and one in SQL Azure. Datasync will keep all of them in sync. If you make an update in one of the databases, for example, you insert a row in one of the databases that update is automatically propagated on all the three database instances. Google Application Engine. Google Application Engine also called GAE is Google's platform as a service offering. The hardware, operating system, application runtime, everything is part of the SDK. All you need is the code. You write your code using the SDK and deploy to Google Application Engine. Everything else is taken care of by the platform. You can write your code in Java, Python, PHP or Go languages. In this video we talked about popular cloud companies. As you can see this is a very robust and competitive space. In the next video we look at some use cases for cloud computing. Video 11, cloud use cases. In this video we're going to take a look at some cloud use cases particularly regarding pricing. Use case one, my exchange is down. So far we talked about availability, durability and scalability but what about cost? Is cloud cheaper or more expensive to use than on-premise infrastructure? The aim here is to do some calculations on how much it is to provision infrastructure on cloud versus owning it in-house. Let's say you want to have a mail server. Your company's domain is cloud.in and you want to send and receive emails for the domain. Most people don't have an exchange server. It's a big pain to maintain and most companies complain about it going down all the time. People prefer a hosted solution like Microsoft Exchange Online or Google Apps. You can't match the availability of Microsoft Exchange Online or Google Apps to an on-premise server but what about the cost? How much cost would it incur for you to have your own server in your office running exchange versus exchange online? So let's do a price calculation. Let's say you picked up a decent server at $1,500. You start up a backup device at $150. You will also need an IT percent. He will require monthly salary of let's say approximately $2,000 to do so. You'll also need good bandwidth. Maybe a couple of lines from different vendors so that if one is down you can still get emails from the other one. This would come up to let's say approximately $50 a month. Finally, you will need a license from Microsoft Exchange to host the exchange server in-house. The cost of a five-user license comes to about $550. In the end, the total cost for a three-year period to host an exchange in-house comes to about $77,660. Compare this to the cost of using Microsoft Exchange online which is $4 per user per month which comes to about $720 US dollars for three years for five users. Google Apps cost $5 per user per month which comes to about $900 US dollars for three years. Compare $720 or $900 to $77,000 or more that you are paying for the exchange server in-house. But what if we increase the users to let's say 100 users? You will need two servers to sustain the increase in load and licenses for those 100 users. The total comes to about $89,000 US dollars for 100 users for three years while using Google Apps cost about $18,000 and using Microsoft Exchange online cost $14,400. We can come to a conclusion that using cloud services is cheaper and is hassle-free. Use case a startup life records.in. Now let's take an example of a startup in India. They're going to check out a startup called liferecords.in. What this startup does is it stores medical information for you to quickly retrieve it when you need it. It helps you organize your medical history, your prescriptions, medication, dosage, MRI scans, etc. Whenever a doctor prescribes you something you take a picture and upload it to your account. You can start tracking things like BMI, blood pressure and cholesterol. It lets you upload files like scan copies of medical reports to your account. We were consulting for them and we were in charge of the hardware to run their application. So the first question was how many users they want to provision capacity for? They said that they were working on getting an article on some magazine and newspaper. So let's say we start with 10,000 users. So we decided to go with 10,000 users. The next question was how much storage space to give to each user? Around 100 MB is what was decided per user which comes to about capacity of one terabyte storage. So how much will it require to have this storage on premise that is infrastructure, power, security, etc. And you're not going to use the entire one TB storage from day one. It will gradually build to one TB in three years time. Let's say we have the storage in S3 instead of a physical server. First month you are built less but as your application storage increases you are built more and more. So your three years cost will be summation of the monthly payments. So if you do the math the total comes up to rupees 150 K compared to the rupees 890 K we saw before. This is an 87% reduction in cost which is phenomenal. How analytics companies use the cloud? A lot of analytics companies use big data. Big data is being able to store and process large amounts of data. A lot of analytics companies store their data on the S3 service and processing is done by EC2. Similarly on Google the data is stored on Google storage and Google compute does the processing. There are also services specifically for analytics like Amazon's elastic map reduce which is a Hadoop cluster on demand and Azure SD inside which is also a Hadoop cluster on demand. In this video we looked at various cloud use cases and how cloud health reduce the cost for IT infrastructure. In the next video we'll look at cloud security. Video 12 cloud security. In this video we'll talk about cloud security. We will start with what is security what are the kind of security? We will then move on to the cloud security model. We will end with the challenges and advantages of security in the cloud. What is security? Let us talk about the kinds of security. First kind is physical security. This kind of security makes sure that people cannot get physical access to your servers in your data center. The second is data confidentiality. This means that the data that is meant for certain people is only shown to them. People with proper privileges can access the data. For example nobody should be able to read your emails except you. Data integrity. So let's say a hacker can't read your data but he can ruin it so that you can't read it either. If your data is not what it intended to be then it's a data integrity issue. Next is service availability. So if somebody can bombard your application with so many requests that your application is unavailable and people cannot access it then that's a service availability issue. Cloud security model. Let's say that you deployed a server on amazon ec2 and the server gets hacked. Whose fault is it? The cloud security model is a shared security model. Both you and amazon are both responsible for different part of cloud infrastructure. You are responsible for making sure their application is secure and amazon is responsible for making sure the cloud infrastructure is secure. Let's look at this diagram. Infrastructure security. Infrastructure security. The entire infrastructure on which the cloud services are based has to be secure and this is the cloud provider's job. They have to make sure that your infrastructure is safe. It must not be possible to hack things like the hypervisor layer or the network layer to gain access to your servers. So the bottom layer of security has to be secured by the cloud service provider. The next layer is cloud security controls. Cloud providers has to give you controls to further secure your data and applications. One such control could be firewall around your machine around your instance. So it will be amazon responsibility to make sure the firewall is available and impenetrable and your responsibility is to make sure that you only keep the right ports open. If you open up all the ports then the firewall is useless and you are not taking advantage of the controls given to you by the cloud provider. For example if you have a web server you should only keep the port ad open and close down all of the ports. But if you go ahead and open ports one through 65,000 you are making your application less secure. It is the responsibility of cloud provider to provide you with the right controls and your responsibility is to efficiently use them. Application security. Necessary steps should be taken to ensure the application itself is secure. Even if the infrastructure upon which the application is running is secure if a hacker can get access to your application and through it your infrastructure then you are accountable for it. It is your responsibility as a user to plug all possible security loopholes in the application. Thus as you can see cloud has a shared security model. Cloud infrastructure security. Physical security. Cloud data centers are generally super secure. Companies like Amazon don't release the name of the data centers or where they are located. Even employees working in data centers have the company names left blank on their IDs. There are usually many layers of security to protect any unauthorized access to the data center itself. Only authorized people doing maintenance tasks are given access to the floor of the data center for a short period of time. Proper decommissioning of hardware. Cloud providers follow proper industry standards for decommissioning hardware. Amazon for example has the process of shredding the hard drives so the hard drives can come into AWS data centers but they only leave shredded. Data access protocols. An AWS engineer knows all Netflix servers are on AWS. What is stopping him from accessing latest movies from there? What is stopping a Facebook employee from viewing personal information of one of the Facebook users? Data access protocols are what stops them. Any access to servers are documented with reasons for access. This company's log any access to the servers and proper documentation has to be done if any of the employees has to access any of this infrastructure. Certifications. So how do we know that the cloud providers have proper data access protocols and are following them? Because a lot of this cloud providers have that infrastructure audited to attend certifications like SOCs and HIPAA. This gives us assurance that proper data access protocols are followed. SOCs. SOCs also known as the Corporate Auditing Accountability and Responsibility Act is a US federal law that sets data storage and access standards for all US public company boards, management and public accounting firms. HIPAA the Health Insurance Portability and Accountability Act HIPAA addresses the security and privacy of medical data. Thus when cloud providers meet the requirements of SOCs and or HIPAA it gives you the confidence that the necessary protocols mandated in these compliances are followed by that given cloud provider. Cloud services security controls. Let us now take a look at various security controls that cloud providers give you to further secure your data and applications. Identity and access management. Identity and access management is concerned with identifying users and controlling their access to services. Most cloud providers allow one to create different groups and users and assign only the necessary privileges to them. This should be used instead of sharing credentials across users. Firewalls around applications security groups. All cloud applications should be protected by firewalls. In Amazon cloud this is called security groups which blocks all incoming traffic. Users should decide which ports are open to computer or the internet and configure security groups accordingly. Virtual private cloud VPC. Virtual private cloud simulates private network isolated infrastructure inside a public cloud where additional network layer security is required VPC can be used. Most cloud providers support this feature. Dedicated instances. Dedicated instances are single tenant servers that is they run hardware dedicated to a single customer. Many cloud providers support them and it should be used when required for compliance or for additional security. Server side encryption. Server side encryption feature offered by some cloud providers ensures that once data is uploaded it is encrypted and then stored in the cloud. Thus data addressed is encrypted. Application security. Application level security is the responsibility of the cloud user. Make sure that all the software installed are up to date and all necessary patching and security updates are done. Take necessary measures for prevention of attacks like SQL injection and cross server scripting. You have to make sure you're using proper authentication APIs. Various third-party security tools can be used to further secure applications. It is recommended that penetration testing be done on your application before you launch. There are various third-party companies who can perform pen testing for you. Social engineering is when an intruder poses as an authority in your company and manipulates employees into revealing confidential information or data in your system. Necessary precautions should be taken against this. Cloud security analogy. The analogy used here is that of a box maker. The cloud service provider is like the maker of that box. What are the responsibilities of the box maker and that of a customer using the box? The box maker should provide a locking mechanism such that the box cannot be opened without the right key. The box itself should be strong and it should not be able to physically break into the box without the key. The responsibility of a user of the box is that he should lock the box. The maker can give the user a locking mechanism but cannot force him to lock the box. It is the user's responsibility to keep the key safe. If someone manages to get a hold of the key and opens the box it's not the box maker's fault. Cloud security, what more? There's a lot more you can do to further your security in the cloud. Data encryption. You can encrypt your data stored in the cloud or even encrypt the data before you store it into the cloud. Fundamentally, a lot of companies encrypt everything that goes into the cloud. VPN tunnel. You can use a VPN tunnel between your data center and to the cloud to further enhance your security. Audit logs. You can keep audit logs of who in your organization is using the cloud services and periodically this audit logs should be examined to make sure only the proper persons have access to your cloud resources. Challenges. So what are the challenges in the cloud environment? The first one is loss of physical control of data. This is a big challenge mentally to be able to say my data is not here but under protection of someone else. Just 100 years ago when banks were first started people used to think it was crazy for someone to store all the gold in bank locker. Right now you are crazy if you store your gold in your house. This kind of shift will come soon. This mindset where my goal is safer in my house is the same mindset that people have with data but what they don't realize is that data is better protected in many cases in the cloud compared to their own on-premise infrastructure. Next you have to have faith in vendor security infrastructure. When storing data in cloud providers like Amazon, Microsoft or Google you might have some faith in their infrastructure given that they are huge IT companies but when you have a smaller cloud provider then you might want to make sure that they are following proper security guidelines and that they have some compliance with some standard protocols. Lack of visibility in third-party audit reports. Audit reports are usually not just pass or fail. We get to know of a company has passed or failed the audit report but all the corrections suggested in the audit reports are usually not shared by the cloud providers. Companies will tell you that they have passed the audit but they will not reveal the areas they were told to fix or improve on. Obtain support for investigations. This is another big challenge. Let's say that your system was hacked. If it was your own data center you can look anywhere. You can look at your server, your router logs and search for all possible trails but in a cloud provider like Amazon, Microsoft all you have is your machine and machine logs. You do not easily get any network level information. You first need to get a support plan and need to file a ticket to request Amazon or Microsoft to help you with this investigations. Lack of visibility into system architecture. A lot of this cloud providers do not share detailed architecture diagrams with you so you just have to assume that their infrastructure is secure without actually looking at diagrams. Advantages. Better physical security. It is really hard to match the physical security of some of these cloud providers data centers. Cloud providers like Amazon have five to six layers of security before you can reach any machine. No specific favor to any one entity. Cloud providers usually do not give special super user privileges so there is less chance of someone abusing that privilege. Better auditing for security. Most of the times people don't get their infrastructure audited frequently. Cloud providers have audits done periodically for compliance check so you can get the benefit that you are on an infrastructure which is regularly audited. Clouds have consistent APIs across services and regions. For example take this storage layer in your company you may have one storage system which is based on something another storage system which is based on something else so the systems will be totally different and you'll have different access controls loop holes etc. They are not symmetric. In the cloud for example simple storage service there are three trillion objects. It is all one big system. It has the same access control framework for each of the one trillion objects so it becomes easier for me to store in the cloud and have my controls the same thing over again and again. For example an IT guide might configure one machine in which he uses a different firewall software another one where he uses a different one but on the cloud you are all using the same software everywhere. Cloud security is a solvable issue. With proper knowledge and implementation cloud security is a solvable issue. Cloud security thinks to remember remember to keep your security credentials safe. If you lose your keys then someone can use your keys and access your data and applications. Use data encryption when data stored in cloud is sensitive. This is the only real way to protect your data. Many providers offer VP and access to the cloud so if your applications are super sensitive you can create a virtual private cloud and access it through a VPN tunnel. Sell screen for security incidents and audit logs. Don't wait until your server dies or is hacked. Perform analysis of logs periodically and see what's going on with your system. Cloud data is subject to the laws of the country where data center is located. When you store your data on American servers then you are bounded by the laws of that land. USA has a law called the Petroleum Act. Under this law any data can be scanned and checked by government if they think there is a threat. This is not such a good idea for foreign governments or companies to store data there. Singapore has recently said that they want to become the Switzerland of data. They want to make the data access policy so strong that foreign companies can safely store their data there. In this video we saw how cloud has a shared security model. It's important to understand cloud security well to secure your infrastructure and applications in the cloud. Video 13 conclusion things to watch out for. In this video we will now take a look at the things to watch out for in the cloud. Security and privacy as discussed in the previous video security and privacy in the cloud are critical areas which have to be researched and understood before you can make a move to the cloud. Billing can sometimes be complex. Every provider has a separate structure for billing. Let's say if you store your data in AWS you are charged 10 cents per GB per month. Concepts like GB per month are pretty new. Let's say you store one GB data each day till you reach 30 GB at the end of the month. It gets confusing if you're charged for the entire 30 GB or you're charged for something which is average over the month. Also most providers charge you for bandwidth. When you consider bandwidth is it at the application layer? Let's say you are downloading one GB of data. At the application layer you're downloading one GB but at the network layer it may become 1.1 GB due to network overheads. So are you charged for one GB or 1.1 GB? So billing can be complex and difficult to understand. Costing is totally in the hands of the provider. This is interesting because Azure recently increased their price to match that of Amazon's but usually the costs in the cloud go down. Still prices can change anytime as it's in the hands of the cloud provider. Dropbox probably has over 20 to 50 petabytes of data stored in S3. If S3 increases their price by even a cent that will have a huge impact on Dropbox. Still it is really rare for prices to go up in the cloud since there is some real cutthroat competition for it. Finally the things to remember. Cloud is not a silver bullet. It doesn't solve all your problems. You will still need good architecture and good software design to be successful. Security drastically changes. You need to fully understand the cloud to be able to make secure systems. Performance characteristics will hugely differ in traditional IT infrastructure and cloud. So the same application that performed well in house might not perform so well on cloud and vice versa and might require some amount of tweaking to make them performant. Migration from traditional IT stack to cloud will be difficult and needs to be properly managed. For examples, Netflix moved to the cloud did not happen overnight. They had a long migration plan and in spite of facing a lot of challenges and difficulties, they successfully moved to the Amazon cloud. They have blocked about this a lot and I would encourage you to check out their blog. Thanks for taking the course with me. For more information about our courses, log on to training.cloud.com. If you have any questions, please email us at questions at cloud.com. Thank you.