Capex, Opex and Cloud Computing (MS)

• CapEx
• Upfront cost
• Money spent on physical infrastructure up front. 
• Deduct this expense from your tax bill same year. 
• Server costs
• Storage costs
• Network costs
• Backup and archive costs
• Business continuity and disaster recovery
• Datacentre infra costs
• Costs on tech personnel
• 
  
• OpEx
• Spending money on services or produts now and being billed for them now.
• Leasing s/w and customized features
• Scaling charges based on usage / demand instead of fixed h/w or capacity
• Billing at the user or organization level
• 
  

Cloud Compliance Offerings (MS)

• Handling sensitive data
• Services are compliant
• Accreditation or compliance requirements

Some of the compliance offerings are:

• Criminal Justice Information Services (CJIS)
• Cloud Security Alliance (CSA) STAR Certification
• General Data Protection Regulation (GDPR) (EU)
• EU Model clauses
• HIPAA
• ISO-IEC
• MTCS - multi tier cloud security
• SOC - Service Orgnization controls (1, 2, and 3)
• NIST and Cybersecurity Framework (CSF)
• UK Govt. G-Cloud.
• Others

MS Azure - Fundamentals (Udemy)

Resources and Resource Group

When creating a resource, Azure prompts for a Region for a resource. The region is the location where you want to host the product/ service. Where you host it matters. See the figure below. If all your customers are located in Aus and are going to access the service (which is located in the West USA), then there will be latency. 

• There are services in place in azure (Content network delivery service) that allow distributing and data and traffic across multiple regions. 
• Products by region - list of all products/services per region. 
• Not every service is available in every region. 
• Commonly used services - are available in all regions. But for others, you need to ensure they are available. (e.g. Azure cognitive search is not available in the Canada region).
• 
  

Azure Subscriptions

All Azure resources get billed against a particular Subscription

• An Azure subscription is a logical container used to provision resources in Azure. It holds the details of all your resources like virtual machines (VMs), databases, and more. When you create an Azure resource like a VM, you identify the subscription it belongs to

• You may have several departments in your organization that could have differing needs for the resources. Thru subscriptions, you can keep track of the billing for each. 

Azure Subscription Types

The Virtual Machine Service

• You don't need to manage the underlying physical server.
• No need for capital for physical server
• Pay for only running cost of the server provided by Azure
• You can pay as you go, terminate the virtual server when you don't need
• Host different types of workloads on the server
• You can deploy both Windows as well as Linux based servers. 

Resources deployed along with a Virtual Machine (VM)

• VM sits on a virtual disk, and is provided a private and public IP. The traffic is routed thru a virtual NIC. 
• All of this resides in a Virtual Network
• NSG- network security group is a kind of security firewall (decides what kind of traffic flow into and out of the virtual machine).

Introduction to Cloud Computing (Udemy, Microsoft)

What is Cloud Computing?

Microsoft Definition: Cloud Computing is the delivery of computing services - including servers, storage, databases, networking, software, analytics, and intelligence - over the Internet (The cloud) to offer faster innovation, flexible resources, and economies of scale. 

Service Models of Cloud

• Cloud, Cloud computing is NOT a buzzword (Unlike Web 2.0 / 3.0, IOT)
• NIST Definition [National institute of standards and technology] - PDF document

The service provider is responsible for the physical h/w required to execute your work and for keeping it up to date. The computing services offered typically include:

Compute power - such as Linux servers or web applications used for computation and processing tasks

Storage - such as files and databases

Networking - such as secure connections between the cloud provider and your company. 

Analytics - such as visualizing telemetry and performance data.

IAAS is used in the following scenarios:

• Migrating workloads
• IAAS facilities are managed in a smilar was as on premise infra. 
• Provides an easy migration path from on premise to cloud. 
• Test and development
• IAAS makes scaling dev and test environments fast and economical. 
• Storage, backup and recovery
• aaS is useful for managing unpredictable demand and steadily growing storage needs. IaaS can also simplify the planning and management of backup and recovery systems.

PAAS is used in the following scenarios

• Development framework: PaaS provides a framework that developers can build upon to develop or customize cloud-based applications. Just like Microsoft Excel macro, PaaS lets developers create applications using built-in software components. Cloud features such as scalability, high-availability, and multi-tenant capability are included, reducing the amount of coding that developers must do.
• Analytics and busienss intelligence: PaaS tools allow organizations to analyse and mine their data to find insights and patterns and predict outcomes that will help in business outcomes. 

Traditional Models

• Applications - Your applications in the organization
• Data - databases
• Runtime  - Java / .NET runtime
• Middleware - Service Bus, EAI, etc.
• O/S - Windows, Linux, Oracle
• Virtualisation - VMWare, etc.
• Servers - physical servers
• Storage - storage disks
• Networking -  cables for routing data

IAAS

Blue - You manage

Grey - Things that are delivered by the service provider

Example - MS Azure, and Amazon Web Services (AWS), Rack Space, etc. 

• [MS/Amazon manages] When we subscribe to AWS or Azure we get -- 
• Networking, storage, servers, virtualization, and part of the OS --- Basically, you are going to get the Data Centre + a virtualized machine (e.g. a Windows machine that you can remote-desktop into).  
• [You manage] On top of that, you can deploy -- 
• OS management services like antivirus, backups that you will have to handle yourself.
•  Middleware if you need
• Runtime - install java runtime for e.g.
• Data - spin up a virtual machine and install a database on that. 
• Deploy your own applications.
• You don't get to play in the service space (Part of OS, virtualization, servers, storage, and networking). 
• Amazon calls the above undifferentiated heavy lifting meaning they will do all that stuff for you, and you basically deal with your stuff (that differentiates you from your competitors and in the marketplace) from applications all the way up to OS management services.  

PAAS

• Service provider now manages the whole of the OS (patch management, backups, etc.), handling middleware, runtime.
• You will add your applications and data
• Example - AWS managed d/b, managed message queues, managed storage. Azure has a similar lineup. Also SalesForce, which branches out into SAAS as well. 
• You only manage say an oracle stack. data schemas, stored procs, etc. + Applications
• Rest is managed by the service provider

SAAS

• The entire stack is managed by the service provider.
• Can do some level of configuration.
• Example Gmail, SalesForce CRM (Also branches out into PAAS)

IAAS-PAAS-SAAS ROI / Cost Efficiency

• SAAS gives a better value for money...

Cloud Computing Characteristics

1. On-demand self-service
• Service can be provided as needed automatically without human intervention. Provisioning needs to be automatic; only then it's cloud computing. Automation is the key.
2. Broad network access
• Service is provisioned (via an Automated Process) over the network and accessible via mobiles, tablets, desktops - fairly any device over the network. 
3. Resource pooling
• The service provider has an enormous pool of resources (physical and virtual)
• Serves multiple customers
• Multi-tenanted model
• Different physical and virtual resources dynamically assigned on demand.
• Location-independent (customer has no idea where the infra is)
4. Scalable
• Scale-up and down (expand or contract) on demand; provisioned and released automatically
• Vertical scaling: known as scaling up. is the process of adding resources to increase the power of an existing server. e.g. Add more CPUs, adding more memory. 
• Horizontal scaling: Known as scaling out. is the process of adding more servers that function together as a single unit. e.g. you have more than one server processing incoming requests. 
5. Rapid elasticity
• Automatic addition or removal of resources based on demand (spike). e.g. adding more computing resourcse to a spiked website traffic and likewise removing resources when there is a flip. Another example is adding more resources for employees to access an application during work hours.   
6. Measured service (therefore costeffective)
• Monitored - Users can monitor their spending/utilization thru monitoring (graphs etc.). Once measured, the usage can be controlled. 
• Controlled - Users can upscale or downscale the resources based on the monitored, measured service consumption. 
• Reported - Reports are generated based on the usage. 
7. Reliable
• Offers data backup, disaster recovery, data repilcation services, therefore is reliable. 
• Redundancy is built up into the service. If one component fails, another takes over.
8. Global
• Cloud providers have fully redundant datacenters located in various regions all over the globe. This gives you a local presence close to your customers to give them the best response time possible no matter where in the world they are.
9. Secure
• Cloud providers offer a broad set of policies, technologies, controls, and expert technical skills that can provide better security than most organizations can otherwise achieve. The result is strengthened security, which helps to protect data, apps, and infrastructure from potential threats.

Cost of Ownership for SAAS, PASS, IAAS