BENEFITS AND CHALLENGES WITH CLOUD COMPUTING Michael Holck Vice President, Software Engineering ESAC Inc.
Benefits of Cloud Computing - Scalability § In the cloud model you pay for what you use so you can start small and scale quickly § Nearly infinite scalability § Both Vertical and Horizontal scalability options § Cloud providers have a global presence § You can provide resources close to users anywhere in the world § Reduces latency for access to data GCP Regions as of October 2019
Benefits of Cloud Computing – High Availability § Cloud providers provide physical presence in multiple countries and multiple regions within countries § There are also multiple Availability Zones (AZ) in each region § Allows for very high fault tolerance in case of outage § Requires proper configuration § Cloud data centers provide physical redundancy § Power generators in case of long-term power outage § Multiple internet providers § Redundant HVAC systems
Challenges of Cloud Computing – High Availability § To achieve the benefits of scalability and high availability you need to configure things properly § Requires knowledge of the Cloud provider platform and network configuration § Need to make use of multiple availability zones and possibly regions as well § Compute instances may require load balancing § Databases should be setup with at least a single master, and another read replica in different AZs § Make use of auto scaling capabilities
Challenges of Cloud Computing – Data Latency § To achieve the benefits of reducing data latency you need to know where your users are located § Need to make use of either servers in those regions or Content Delivery Network (CDN) nodes AWS CDN Locations as of December 2019
Benefits of Cloud Computing – Nearly Limitless Storage § Cloud object storage provides very large storage ability § Amazon Web Services (AWS) S3 or Google Cloud Platform (GCP) Storage § Organized using buckets § Single object limited to 5 TB for both GCP and AWS § Unlimited Objects allowed § Automatically replicated across AZs or regions for high availability § Depending on storage class and configuration § Structured Data in SQL § Very large single instance disk sizes § Single table size up to 16 TB § Can setup clusters for increased size and scalability
Benefits of Cloud Computing - Cost § Cloud providers charge you only for what you use as far as computing power § You are charged per minute or less depending on the provider for uptime on the compute instances § A very large instance might cost several thousand dollars a month but if you only keep it up for a few hours to perform an analysis it might only cost $20 § Reserved Instances and Spot Instances can also reduce cost further § Cloud Storage has different cost tiers for long term storage depending on how often the object is accessed § First several GB/month are often free, and costs after that are around $0.03/GB/Month
Challenges of Cloud Computing – Storage Cost § While object storage costs are reasonable on the cloud to maximize cost efficiency you need to know how often your data will be accessed and how quickly needed § Most cloud providers offer multiple tiers of storage where cost to store is less but access costs AWS S3 Storage Class Storage Costs Data Retrieval Access Speed (Per GB) (Per GB) Standard $0.023 $0.00 ms Standard IA $0.0125 $0.01 ms One Zone IA $0.01 $0.01 ms Glacier $0.004 $0.01 1 min – 12 hours Glacier Deep Archive $0.00099 $0.02 12 hours
Challenges of Cloud Computing – Compute Cost § Because cloud providers only charge for what you use you can save significant money § But only if you manage the resources to only run when needed § Servers that will always be up like web servers or DB servers you might want to consider reserved instances § Pre-purchasing a specific instance type for 1-3 years up front at a savings (~40% for 1 year) § Serverless Services § Cloud providers offer managed services that are serverless, so you pay per query or access rather than for a server § Ideal for event driven architectures where functions are executed based on a trigger event
Challenges of Cloud Computing – Compute Cost § Spot Instances can save significant cost but need to be well understood § Spot instance is unused compute capacity where you can bid for your hourly cost § Whenever the compute capacity cost gets to your bid you are given a server § When the price exceeds your target price you will be given a 2-minute interrupt notice § For processes that do not need to execute immediately this can save a lot of cost § Software process needs to be developed such that it can start wherever it left off § Needs to be able to persist and exit in under 2 minutes § Once your process completes you need to terminate the instance to quit being charged § Determining the bid price for a spot instance can be complicated § Bid too low and you never get the compute § Bid too high and you will get your resources but will not have saved as much
Benefits of Cloud Computing - Security § Cloud Provider provides physical security of resources in data centers § Facilities are tightly controlled and monitored § Data replication and transfer within cloud provider is over private network not over internet and is automatically encrypted § Cloud Provider secures the infrastructure and their managed services § Client is still required to secure what is put on the cloud § Software, what ports and protocols are open, etc… § Infrastructure is compliant with several global and national compliance standards § FedRAMP, FISMA, NIST, HIPAA, HITRUST CSF, etc…
Challenges of Cloud Computing - Security § While the infrastructure is secured for you by the cloud provider you are still responsible for what you host on the cloud § Compute instances will need to be patched regularly § Compute instances will need to be scanned for malware and vulnerabilities regularly § Best to use both public and private subnets within a VPC § Only put servers or services that need to be accessed by anyone in public subnets § All other servers or services should be in private subnets § Need to restrict specific ports and protocols to all instances § Instances in private subnets should only allow traffic from public subnets § Instances in public subnets should limit ports and protocols to the minimum needed
Challenges of Cloud Computing - Security § Reference architecture for NIST based assurance frameworks should be followed § Requires multiple VPCs and subnets § Management VPC § Logging tools § Scanning Tools § IDS/IDP Tools
Challenges of Cloud Computing - Security § Logging § Need to make sure logging is enabled for everything and you are monitoring the logs § Intrusion Detection and Prevention (IDS/IDP) § Need to enable VPC flow logs to log all network traffic so it can be monitored § Continuous Monitoring § Need to have a plan and strategy for regularly monitoring the status of the systems § Reviewing system logs, scanning reports, network traffic, application logs, user access
Challenges of Cloud Computing - Security § Backups § Need to setup backups for your compute instances and DBs § Encryption § For sensitive data you need to enable encryption in transit and encryption at rest § Some cloud providers enable encryption on storage automatically and some require you to enable it § Can use cloud provider keys or supply your own § Only certain SQL instance types support encryption on each provider § Contingency Planning § Need to have backups and images that are continuously updated so you can recover from any crashes or data loss § Should conduct contingency planning exercises with the team
Benefits of Cloud Computing – Tools and Services § Google BiqQuery § Serverless data warehouse that scales to petabyte size § Supports BigQuery ML § Enables users to create and execute machine learning models in BigQuery using standard SQL queries § Google AutoML § Allows you to classify Documents, Images, or Videos according to labels you define § For documents you can train your model to identify a custom set of entities within English language text § For videos you can train your model to follow specific objects in your videos § For images you can train your model to detect and extract multiple objects and provide information about those objects including its position in the image
Benefits of Cloud Computing – Tools and Services § Amazon Athena § An interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL § Serverless so you only pay per query made § No need for complex extract, transform, and load (ETL) jobs to prepare your data for analysis § Amazon EMR § Provides a managed Hadoop framework that makes it easy, fast, and cost- e ff ective to process vast amounts of data across dynamically scalable Amazon EC2 instances § EMR notebooks, based on Jupyter notebooks, for ad hoc querying and analysis
Benefits of Cloud Computing – Tools and Services § Amazon Kinesis § Makes it easy to collect, process, and analyze real-time, streaming data § Can capture, transform, and load streaming data into Amazon S3, Amazon Redshift, Amazon Elasticsearch Service, and Splunk § Amazon Rekognition § Makes it easy to add image and video analysis to your applications using proven, highly scalable, deep learning technology that requires no machine learning expertise to use § Can identify objects, people, text, scenes, and activities in images and videos
Recommend
More recommend