Understanding Services and Virtualization

CLOUD COMPUTING
M.SINDHU, ASSISTANT PROFESSOR,KONGU ENGINEERING COLLEGE,PERUNDURAI.
UNIT-II
Understanding Services and Virtualization

Defining Infrastructure as a Service (IaaS)
 Infrastructure as a Service (IaaS) is a
cloud computing service model in which
hardware is virtualized in the cloud.
 In this particular model, the service
vendor owns the equipment: servers,
storage, network infrastructure, and so
forth.
 The developer creates virtual hardware
on which to develop applications and
services. Essentially, an IaaS vendor has
created a hardware utility service where
the user provisions virtual resources as
required.

IaaS workloads
 The fundamental unit of virtualized client in an IaaS deployment is called a
workload. A workload simulates the ability of a certain type of real or physical server
to do an amount of work. The work done can be measured by the number of
Transactions Per Minute (TPM) or a similar metric against a certain type of system.
 In addition to throughput, a workload has certain other attributes such as Disk I/Os
measured in Input/Output Per Second IOPS, the amount of RAM consumed under load
in MB, network throughput and latency, and so forth.
 In a hosted application environment, a client’s application runs on a dedicated server
inside a server rack or perhaps as a standalone server in a room full of servers. In
cloud computing, a provisioned server called an instance is reserved by a customer,
and the necessary amount of computing resources needed to achieve that type of
physical server is allocated to the client’s needs.
 Figure shows how three virtual private server instances are partitioned in an IaaS
stack. The three workloads require three different sizes of computers: small,
medium, and large.

IaaS workloads
Consider a transactional eCommerce system, for which a typical stack contains the following components:
 Web server
 Application server
 File server
 Database
 Transaction engine
This eCommerce system has several different workloads that are operating: queries against the database,
processing of business logic, and serving up clients’ Web pages.
 The classic example of an IaaS service model is Amazon.com’s Amazon Web Services (AWS). AWS has
several data centers in which servers run on top of a virtualization platform (Xen) and may be
partitioned into logical compute units of various sizes. Developers can then apply system images
containing different operating systems and applications or create their own system images. Storage may
be partitions, databases may be created, and a range of services such a messaging and notification can
be called upon to make distributed application work correctly.

Pods, aggregation, and silos
 Workloads support a certain number of users, at which point you exceed the
load that the instance sizing allows. When you reach the limit of the largest
virtual machine instance possible, you must make a copy or clone of the
instance to support additional users. A group of users within a particular
instance is called a pod. Pods are managed by a Cloud Control System (CCS). In
AWS, the CCS is the AWS Management Console.
 Sizing limitations for pods need to be accounted for if you are building a large
cloud-based application. Pods are aggregated into pools within an IaaS region
or site called an availability zone. In very large cloud computing networks,
when systems fail, they fail on a pod-by-pod basis, and often on a zone-by-zone
basis.
 For AWS’ IaaS infrastructure, the availability zones are organized around the
company’s data centers in Northern California, Northern Virginia, Ireland, and
Singapore. A failover system between zones gives IaaS private clouds a very
high degree of availability.

 When a cloud computing infrastructure isolates user clouds from each other so the
management system is incapable of interoperating with other private clouds, it creates
an information silo, or simply a silo.
 Most often, the term silo is applied to PaaS offerings such as Force.com or QuickBase,
but silos often are an expression of the manner in which a cloud computing
infrastructure is architected.
 Silos are the cloud computing equivalent of compute islands: They are processing
domains that are sealed off from the outside.
 When you create a private virtual network within an IaaS framework, the chances are
high that you are creating a silo. Silos impose restrictions on interoperability that runs
counter to the open nature of build-componentized service-oriented applications.
 However, that is not always a bad thing. A silo can be its own ecosystem; it can be
protected and secured in ways that an open system can’t be. Silos just aren’t as
flexible as open systems and are subject to vendor lock-in.

Defining Platform as a Service (PaaS)
 The Platform as a Service model describes a software environment in which a developer can create
customized solutions within the context of the development tools that the platform provides.
Platforms can be based on specific types of development languages, application frameworks, or
other constructs. A PaaS offering provides the tools and development environment to deploy
applications on another vendor’s application. Often a PaaS tool is a fully integrated development
environment; that is, all the tools and services are part of the PaaS service.
 To be useful as a cloud computing offering, PaaS systems must offer a way to create user
interfaces, and thus support standards such as HTLM, JavaScript, or other rich media technologies.
In a PaaS model, customers may interact with the software to enter and retrieve data, perform
actions, get results, and to the degree that the vendor allows it, customize the platform involved.
 The customer takes no responsibility for maintaining the hardware, the software, or the
development of the applications and is responsible only for his interaction with the platform. The
vendor is responsible for all the operational aspects of the service, for maintenance, and for
managing the product(s) lifecycle.
 The one example that is most quoted as a PaaS offering is Google’s App Engine platform.
Developers program against the App Engine using Google’s published APIs. The tools for working
within the development framework, as well as the structure of the file system and data stores, are
defined by Google.

Defining Software as a Service (SaaS)
 The most complete cloud computing service model is one in which the computing hardware and
software, as well as the solution itself, are provided by a vendor as a complete service offering. It
is referred to as the Software as a Service (SaaS) model. SaaS provides the complete
infrastructure, software, and solution stack as the service offering. A good way to think about SaaS
is that it is the cloud-based equivalent of shrink-wrapped software.
 Software as a Service (SaaS) may be succinctly described as software that is deployed on a hosted
service and can be accessed globally over the Internet, most often in a browser. With the
exception
 of the user interaction with the software, all other aspects of the service are abstracted away.
 Every computer user is familiar with SaaS systems, which are either replacements or substitutes
for
 locally installed software. Examples of SaaS software for end-users are Google Gmail and Calendar,
 QuickBooks online, Zoho Office Suite, and others that are equally well known. SaaS applications
 come in all shapes and sizes, and include custom software such as billing and invoicing systems,
 Customer Relationship Management (CRM) applications, Help Desk applications, Human
 Resource (HR) solutions, as well as myriad online versions of familiar applications.

SaaS characteristics
All Software as a Service (SaaS) applications share the following characteristics:
1. The software is available over the Internet globally through a browser on demand.
2. The typical license is subscription-based or usage-based and is billed on a recurring basis. In a small
number of cases a flat fee may be changed, often coupled with a maintenance fee. Table 4.1 shows how
different licensing models compare.
3. The software and the service are monitored and maintained by the vendor, regardless of where all the
different software components are running. There may be executable client-side code, but the user isn’t
responsible for maintaining that code or its interaction with the service.
4. Reduced distribution and maintenance costs and minimal end-user system costs generally make SaaS
applications cheaper to use than their shrink-wrapped versions.
5. Such applications feature automated upgrades, updates, and patch management and much faster
rollout of changes.
6. SaaS applications often have a much lower barrier to entry than their locally installed competitors, a
known recurring cost, and they scale on demand (a property of cloud computing in general).
7. All users have the same version of the software so each user’s software is compatible with another’s.
8. SaaS supports multiple users and provides a shared data model through a single-instance, multi-
tenancy model.

Open SaaS and SOA
 A considerable amount of SaaS software is based on open source
software. When open source software is used in a SaaS, you may
hear it referred to as Open SaaS. The advantages of using open
source software are that systems are much cheaper to deploy
because you don’t have to purchase the operating system or
software, there is less vendor lock-in, and applications are more
portable.
 The popularity of open source software, from Linux to APACHE,
MySQL, and Perl (the LAMP platform) on the Internet, and the
number of people who are trained in open source software make
Open SaaS an attractive proposition.
 The impact of Open SaaS will likely translate into better
profitability for the companies that deploy open source software in
the cloud, resulting in lower development costs and more robust
solutions.

A mature SaaS implementation based on SOA

Mashup
 A web page or web application that uses content from more than one source to create a single new service displayed in a
single graphical interface. The componentized nature of SaaS solutions enables many of these solutions to support a
feature
Mashup in Cloud
 An application that can display a Web page that shows data and supports features from two or more sources.
 Annotating a map such as Google maps is an example of a mashup.
 Mashups are considered one of the premier examples of Web 2.0
Open Mashup Alliance (OMA)
 Supporting technologies that implement enterprise mashups Group supports the developing standard, the Enterprise
Mashup Markup Language (EMML)
EMML
 An XML markup language for creating enterprise mashups, which are software applications that consume and mash data
from variety of sources
 Ex: Domain Specific Language (DSL) programming language with a higher level of abstraction optimized for a specific
class of problems
 Ex: HTML-It is a language for the web application domain.
Enterprise Mashup
 An Enterprise Mashup is a Web-based resource that combines existing resources content, data or application
functionality from more than one resource in enterprise environments by empowering the actual end users to create and
adapt individual information centric and situational applications

Mashup
A mashup requires three separate components:
 An interactive user interface, which is usually created with HTML/XHTML,
Ajax, JavaScript, or CSS.
 Web services that can be accessed using an API, and whose data can be bound
and transported by Web service protocols such as SOAP
, REST, XML/HTTP,
XML/RPC, and JSON/RPC.
 Data transfer in the form of XML, KML (Keyhole Markup Language), JSON
(JavaScript Object Notation), or the like.
Mashups are an incredibly useful hybrid Web application, one that SaaS is a great
enabler for. The Open Mashup Alliance (OMA; see http://www.openmashup.org/)
is a non-profit industry group dedicated to supporting technologies that
implement enterprise mashups. This group supports the developing standard, the
Enterprise Mashup Markup Language (EMML), which is a Domain Specific Language
(DSL). This group predicts that the use of mashups will grow by a factor of 10
within just a few years.

Salesforce.com and CRM SaaS
 Perhaps the best-known example of
Software as a Service (SaaS) is the
Customer Relationship Management
software offered by Salesforce.com
whose solution offers sales, service,
support, marketing, content,
analytical analysis, and even
collaboration through a platform
called Chatter.
 Salesforce.com was founded in 1999
by a group of Oracle executives and
early adopters of many of the
technologies that are becoming
cloud computing staples.

Defining Identity as a Service (IDaaS)
 Application delivery model (like software-as-a-service, or SaaS) allows users
to connect to and use identity management services from the cloud.
 Ensures the right people in an organization have the right access to the right
resources Identity and access management (IAM) computing uses online
computer power, database storage, and other IT resources.
 Identity service is one that stores the information associated with a digital
entity in a form that can be queried managed for use in electronic
transactions.
Why IDaaS?
 Deliver access services efficiently and cost-effectively
 Protect against internal and external security threats
 Meet regulatory compliance requirements around security and privacy

Examples
 Single Sign-on (SSO)
authentication service allowing a user to access multiple applications and
sites using one set of credentials.
 Multi-Factor Authentication (MFA)
multi-step account login process that requires users to enter more
information than just a password
 Identity Management
To ensure that only the right people can access the appropriate data
and resources —at the right times and for the right reasons.
 Provisioning
When a worker is assigned a role through your system, they would be
automatically provisioned access with a role-based IAM solution.

Defining Identity as a Service (IDaaS)
 IDaaS servers
.COM, .ORG, .EDU, .MIL, .TV, .RU
 Core functions
–A data stores
–Query Engine
–Policy Engine
 Identity
A set of characteristics or traits that make something recognizable or
known
 A digital identity
Attributes and metadata of an object along with a set of relationships
with other objects that makes an object identifiable

An identity can belong to a person and may include the
following
Things you are
 Biological characteristics such as age, race, gender, appearance
Things you know
 Biography, personal data such as social security numbers, PINs, where you went to
school
Things you have
 A pattern of blood vessels in your eye, your fingerprints, a bank account you can
access, a security key you were given, objects and possessions
Things you relate to
 Your family and friends, a software license, beliefs and values, activities and
endeavors, personal selections and choices, habits and practices, an iGoogle
account

Digital Identities
 For user and machine accounts, Identities are created and stored in domain
security Databases that are the basis for any network domain, In directory
services, and in data stores in federated systems.
Network interface
 the point of interconnection between a computer and a private or public network
 Network interfaces are identified uniquely by Media Access Control (MAC)
addresses, Alternatively are referred to as Ethernet Hardware Addresses (EHAs).
EHAs-(HW Address) is your Ethernet card's unique identity
 It is the assignment of a network identity to a specific MAC address that allows
systems to be found on networks.
Media Access Control
 Network data transfer policy that determines how data is transmitted between
two computer terminals through a network cable.

Windows Product Activation
Microsoft validates your installation During Activation it Creates an identification index or profile of your system
 A 25-character software product key and product ID
 The uniquely assigned Global Unique Identifier or GUID
 PC manufacturer
 CPU type and serial number
 BIOS checksum
 Network adapter and its MAC address
 Display adapter
 SCSCI and
 DE adapters
 RAM amount
 Hard drive and volume serial number
 Optical drive
 Region and language settings and user locale
From the above information, a code is calculated, checked, and entered into the registration database. Each of
these uniquely identified hardware attributes is assigned a weighting factor such that an overall sum may be
calculated.

Networked identity service classes
 Forms of identity services
To validate Web sites, transactions, transaction participants, clients, and
network services.
Identity as a Service (IDaaS) offers
 Authentication services (identity verification)
 Directory services
 Federated identity
 Identity governance
 Identity and profile management
 Policies, roles, and enforcement
 Provisioning (external policy administration)
 Registration
 Risk and event monitoring, including audits
 Single sign-on services (pass-through authentication)

Identity System Codes of Conduct
IDaaSis cloud-based authentication built and operated by a third-party provider.
Working with IDaaS software, evaluate IDaaS applications on the following basis
 User control for consent
Users control their identity and must consent(to agree to
something) to the use of their information.
 Minimal Disclosure
The minimal amount of information should be disclosed for an
intended use.
 Justifiable access
Only parties who have a justified use of the information
contained in a digital identity and have a trusted identity relationship with the
owner of the information may be given access to that information.

 Directional Exposure
An ID system must support bidirectional identification for a public entity
so that it is discoverable and a unidirectional identifier for private entities, thus
protecting the private ID.
 Interoperability
A cloud computing ID system must interoperate with other identity
services from other identity providers.
 Unambiguous human identification
An IDaaS application must provide an unambiguous mechanism for
allowing a human to interact with a system while protecting that user against an
identity attack.
 Consistency of Service
An IDaaS service must be simple to use, consistent across all its uses, and
able to operate in different contexts using different technologies.
Identity System Codes of Conduct

IDaaS interoperability
 Cloud computing IDaaS applications must rely on a set of developing
industry standards to provide interoperability
 User centric authentication(usually in the form of information cards)
The OpenID and CardSpace specifications support this type of data
object.
 The XACML Policy Language
A general-purpose authorization policy language Allows a distributed
ID system to write and enforce custom policy expressions. XACML can work
with SAML when SAML presents a request for ID authorization, XACML checks
the ID request against its policies and either allows or denies the request.

IDaaS interoperability
 The SPML Provisioning Language
This is an XML request/response language that is used to
integrate and interoperate service provisioning requests. SPML is a standard of
OASIS’s Provision Services Technical Committee (PSTC) that conforms to the
SOA architecture.
 The XDAS Audit System
The Distributed Audit Service provides accountability for
users accessing a system, and the detection of security policy violations when
attempts are made to access the system by unauthorized users or by users
accessing the system in an unauthorized way

 The Identity Governance Framework
(IGF) is a standards initiative of the
Liberty Alliance.
 Exchange and control of identity
information using standards such as
WS-Trust, ID-WSF, SAML, and LDAP
directory services.
 Client Attribute Requirements Markup
Language (CARML)

User Authentication
OpenID
 –Developing industry standard for authenticating “end users” by storing their
digital identity in a common format.
 –An identity is created in an OpenID system,
 –Information is stored in the system of any OpenID service provider
 –Translated into a unique identifier.
 –Identifiers take the form of a Uniform Resource Locator (URL) or as an
Extensible Resource Identifier (XRI)
 –Authenticated by that OpenID service provider
 –unique identity of the URL;
Identity providers
 AOL, Facebook, Google, IBM, Microsoft, MySpace, Orange, PayPal, VeriSign,
LiveJournal, Ustream, Yahoo!

Trusted providers and their URL formats
 Blogger: .blogger.com or .blogspot.com
 MySpace: myspace.com/
 Google: https://www.google.com/accounts/o8/id l Google Profile: google.com/profiles/
 Microsoft: accountservices.passport.net/
 MyOpenID: .myopenid.com
 Orange: openid.orange.fr/username or simply orange.fr/ Verisign: .pip.verisinglabs.com
 WordPress: .wordpress.com
 Yahoo!: openid.yahoo.com
CardSpace
 Microsoft software client The company’s Identity Meta system and built into the Web Services
Protocol Stack.
 This stack is built on the OASIS standards (WS-Trust, WS-Security, WS-Security Policy, and WS-
Metadata Exchange)
 A CardSpace object called an Identity Selector stores a digital identity Making it available to
Windows applications in the form of a visual Information Card Can be accepted by complying
applications and Web sites

Authorization markup languages Information
 Information requests and replies in cloud computing are nearly always in the form of XML replies or
requests
 XML files are text files and are self-describing.
 XML files contain a schema that describes the data it contains or contains a point to another text file
with its schema
 XACML and SAML -specialized XML files are in the identity framework.
XACML
 Extensible Access Control Markup Language
 Separates access control functionality into several components
 An attribute-based access control policy language or XML-based language.
 Designed to express security policies and access requests to information.
 Used for web services, digital rights management, and enterprise security applications
SAML
 Security Assertion Markup Language
 open federation standard that allows an identity provider (IdP) to authenticate users and then pass
an authentication token to another application known as a service provider

SAML integrates with XACML to implement a policy engine in a Service
Oriented Architecture to support identity services authorization

Policy Administration Point (PAP)
 location at which policy is managed
Policy Decision Point (PDP)
 Policy requests are passed through to the location(PAP) where the policy logic can be executed.
 The result of the policy is transmitted through the PAP
 Evaluates policies against access requests provided by Policy Enforcement Points(PEP).
Deciding authority
Policy Enforcement Point (PEP)
 Enforces the PDP policy decision.
 Protects an enterprise's data by enforcing access control.
 Responsible for receiving authorization requests that are sent to the policy decision point (PDP)
for evaluation.
 Data and resources must be protected
Policy Information Point (PIP)
 Provides additional information that can be used to determine policy logic

Security Assertion Markup Language
 XML-basedmarkup language for security assertions
 statements that service providers use to make access-control decisions
 The statements an identity provider sends to a service provider that contain
authentication
attribute
authorization decision information
 Allows people to sign in once using one set of credentialsand access multiple
applications.

Defining Compliance as a Service (CaaS)
 Cloud computing by its very nature spans different jurisdictions. The laws of the country of a
request’s origin may not match the laws of the country where the request is processed, and it’s
possible that neither location’s laws match the laws of the country where the service is provided.
 Compliance is much more than simply providing an anonymous service token to an identity so
they can obtain access to a resource. Compliance is a complex issue that requires considerable
expertise.
 In order to implement CaaS, some companies are organizing what might be referred to as
“vertical clouds,” clouds that specialize in a vertical market. Examples of vertical clouds that
advertise CaaS capabilities include the following:
 athenahealth (http://www.athenahealth.com/) for the medical industry
 bankserv (http://www.bankserv.com/) for the banking industry
 ClearPoint PCI Compliance-as-a-Service for merchant transactions under the Payment Card
Industry Data Security Standard
 FedCloud (http://www.fedcloud.com/) for government
 Rackserve PCI Compliant Cloud (http://www.rackspace.com/; another PCI CaaS service)

Virtualization
Creation of a virtual (rather than actual) version of something, such as
 ❖ a server,
 ❖ a desktop,
 ❖ a storage device,
 ❖ an operating system or network resources
Allows to share a single physical instance of a resource or an application among multiple
customers and organizations
 Hardware Virtualization
Creation of a virtual machine over existing operating system and hardware
 Host Machine
The machine on which the virtual machine is going to create
 Guest Machine
virtual machine

Virtualization - Hardware
Hardware Virtualization
 When the virtual machine software or virtual machine manager
(VMM) is directly installed on the hardware system
 Hypervisor is to control and monitoring the processor, memory and
other hardware resources.
 After virtualization of hardware system the user can install different
operating system on it and run different applications on those OS.
Usage
 Done for the server platforms, because controlling virtual machines is
much easier than controlling a physical server.

Virtualization- OS
Operating System Virtualization
 When the virtual machine software or virtual machine manager
(VMM) is installed on the Host operating system instead of
directly on the hardware system
 creates virtual servers at the operating system or kernel level.
 Each virtual server is running in its own virtual environment
(VE) as a virtual private server (VPS).
Usage
 mainly used for testing the applications on different platforms
of OS.

Virtualization- Server
Server Virtualization
 When the virtual machine software or virtual machine
manager (VMM) is directly installed on the Server system
 Masking of server resources takes place.
 The central-server(physical server) is divided into multiple
different virtual servers by changing the identity number,
processors
Usage
 Done because a single physical server can be divided into
multiple servers on the demand basis and for balancing
the load.

Virtualization - Storage
Storage Virtualization
The process of grouping the physical storage from multiple
network storage devices so that it looks like a single storage device.
Usage
❖ Storage virtualization is mainly done for back-up and recovery
purposes.
❖ Running multiple operating systems on a single machine but
sharing all the hardware resources.
❖ it helps us to provide the pool of IT resources
❖ we can share these IT resources in order get benefits in the
business.

Hypervisor
 A form of virtualization software used in Cloud hosting to divide and
allocate the resources on various pieces of hardware.
 A process or a function to help admins isolate operating system and
applications from the underlying hardware.
 The program which provides partitioning, isolation or abstraction is
called virtualization hypervisor.
 A hardware virtualization technique that allows multiple guest
operating systems (OS) to run on a single host system at the same
time.
 A hypervisor is sometimes also called a virtual machine
manager(VMM).
 Administrators can use the resources efficiently by dividing computing
resources (RAM, CPU, etc.) between multiple VMs.

Hypervisor
 server management as VMs are independent of the host environment.
 The operation of one VM doesn’t affect other VMs or the underlying hardware

TYPES OF HYPERVISORS - Type 1
 The native or bare metal hypervisor.
 Deployed directly over the host hardware.
 Direct access to the hardware resource without any
underlying OS or device drivers makes such
hypervisors highly efficient for enterprise
computing.
 Direct access to CPU, Memory, Network, Physical
storage.
 Requires a dedicated physical machine.
 It replaces the host operating system the hypervisor
schedules VM services directly to the hardware.
 Examples of Type 1 hypervisors include VMware
ESXi, Citrix XenServer and Microsoft Hyper-V
hypervisor.

TYPES OF HYPERVISORS - Type 2
 Known as a hosted hypervisor.
 Requires an operating system to run on a physical host
 Hypervisors run as an application in a host
system(physical machine).
 A software layer or framework that runs on a traditional
operating system.
 Hypervisor asks the operating system to make hardware
calls
 The host operating system schedules VM services, which
are then executed on the hardware.
 Individual users who wish to operate multiple operating
systems on a personal computer should use a form 2
hypervisor.
 Example: KVM, VMware Server and Workstation,
Microsoft Virtual PC, Oracle VM VirtualBox, and QEMU

Type 1 Vs Type 2

Emulation
 The emulator is a hardware or software that
enables one device (named Host) to function
like other systems (named Guest).
 A technique in which Virtual machines
simulates complete hardware in software.
 Many virtualization techniques that were
developed in or inherited from emulation
technique.
 Useful when designing software for various
systems.
 It simply allows us to use current platform to
access an older application, data, or
operating system.
 To allow subsystem to present same interface
and characteristics as another.

Paravirtualization
 CPU virtualization which uses hypercalls for
operations to handle instructions at compile
time.
 Enables the Guest OS to interact with the
hypervisor
 Guest OS is not completely isolated but it is
partially isolated by the virtual machine from
the virtualization layer and hardware
 The hypervisor is installed on the device. Then,
the guest operating systems are installed into
the environment. Here, the virtualization
method modifies the guest operating system to
communicate with the hypervisor.

Paravirtualization
 Virtual machines can be accessed
through interfaces that are similar to the
underlying hardware.
 Guest OS is not completely isolated but
it is partially isolated by the VM from the
virtualization layer and hardware.
 Guest os does not have direct access to
hardware.
 When guest os wants to communicate to
hardware it goes through host os

Full Virutalization
 Software solution for server virtualization and uses
binary translation and direct approach techniques
 Enables the Guest operating system to run
independently
 Guest OS is completely isolated by the virtual
machine from the virtualization layer and
hardware.
 The guest operating system is unaware that it is in
a virtualized environment, and therefore
hardware is virtualized by the host operating
system
 Microsoft and Parallels systems are examples of
full virtualization.
 Allowed multiple guest operating systems to run
on a single host OS in full isolation

Machine Imaging
 A process that is used to provide system portability, and provision and deploy
systems in the cloud.
 Through capturing the state of systems using a system image.
 A system image makes a copy or a clone of the entire
 computer system inside a single file.
 Machine imaging is mostly run on virtualization
 platform due to this it is also called as Virtual Appliances and running virtual
machines are called instances.
 A Compute Engine resource that stores all the configuration, metadata,
permissions, and data from one or more disks required to create a virtual
machine (VM) instance.
 Use a machine image in many system maintenance scenarios, such as instance
creation, backup and recovery, and instance cloning.

Machine Imaging
Example
 Amazon Machine Image (AMI) is a system image that is used in the cloud
computing.
 The Amazon Web Services uses AMI to store copies of a virtual machine
 An AMI is a file system image that contains an operating system, all device
drivers, and any applications and state information that the working virtual
machine.

VMware vSphere
 A server virtualization software application from VMware.
 VMware is a virtualization and cloud computing software vendor.
 Serves as a complete platform for implementing and managing
virtual machine (VM) infrastructure on a large scale.
 Management infrastructure framework that virtualizes system,
storage, and networking hardware to create cloud computing
infrastructures.
 Referred to as a cloud operating system or virtualized data center
platform.
 vSphere is the branding for a set of management tools and a set of
products

VMware vSphere
vSphere provides a set of services that applications can use to access cloud resources
vSphere includes the following components
VMware vCompute
A service that aggregates servers into an assignable pool
VMware vStorage
A service that aggregates storage resources into an assignable pool
VMware vNetwork
A service that creates and manages virtual network interfaces
Application services
Such as HA (High Availability) and Fault Tolerance
vCenter Server
A provisioning, management, and monitoring console for VMware
cloud infrastructures

VMware vSphere Products
Virtual Machine File System (VMFS)
A high-performance cluster file system for an ESX/ESXi cluster.
VMotion
A service that allows for the migration of a virtual machine from
one physical server to another physical server while the virtual server
runs continuously and without any interruption of ongoing transactions.
Storage VMotion
A product that can migrate files from one datastore to another
datastore while the virtual machine that uses the datastore continues to
run.

VMware vSphere Products
 Virtual SMP
A feature that allows a virtual machine to run on two or more physical
processors at the same time.
 Distributed Resource Scheduler (DRS)
A system for provisioning virtual machines and load balancing processing
resources dynamically across the different physical systems that are in use.
A part of the DRS called the distributed power management (DPM) module
can manage the power consumption of systems.
 vNetwork Distributed Switch (DVS)
A capability to maintain a network runtime state for virtual machines as
they are migrated from one physical system to another. DVS also monitors network
connections, provides firewall services, and enables the use of third party switches
such as the Cisco Nexus 1000V to manage virtual networks.

Virtual Infrastructure Elements

Porting Applications
 Build an application on a platform such as Microsoft
Azure.
 Porting that application to Amazon Web Services or
GoogleApps may be difficult.
 To create an interoperability standard.
 Zend Technologies has started an open source initiative
to create a common application program interface
 it will allow applications to be portable.

Simple Cloud API - Goal a set of common
interfaces
File Storage Services
Currently Amazon S3, Windows Azure Blob Storage, Nirvanix, and
Local storage is supported by the Storage API. There are plans to extend this
API to Rackspace Cloud Files and GoGrid Cloud Storage.
Document Storage Services
Amazon SimpleDB and Windows Azure Table Storage are currently
supported. Local document storage is planned.
Simple Queue Services
Amazon SQS, Windows Azure Queue Storage, and Local queue
services are supported.

AppZero Virtual Application Appliance
 Moving an application from one platform to another isn’t nearly as simple as
moving a machine image from one system to another.
 When the application loads, it often loads or uses different Dynamic Link Libraries
(DLL).
 AppZero – company
 To make applications easily portable.
 Its solution is called the Virtual Application Appliance (VAA).
 The AppZero solution creates a virtual application appliance as an architectural
layer between the Windows or the UNIX operating system and applications.
 The virtualization layer serves as the mediator for file I/O, memory I/O, and
application calls and response to DLLs, which has the effect of sandboxing the
application.

VAA
 VAA creates a container that encapsulates the application and all the
application’s dependencies within a set of files
 It is essentially an Application Image for a specific OS.
 Dependencies include DLL, service settings, necessary configuration files,
registry entries, and machine and network settings.

Understanding Services and Virtualization

More Related Content

Similar to Understanding Services and Virtualization (20)

More from Sindhu M (7)

Recently uploaded (20)

Understanding Services and Virtualization