Cloud Computing CS 596 -015 Platform-as-a-Service Paa S

Cloud Computing, CS 596 -015 Platform-as-a-Service (Paa. S) 1

Outline n n Paa. S vs. Iaa. S Platform-as-a-Service (Paa. S) Attributes Elasticity q Multi-tenancy q Rapid provisioning and deployment q Integrated monitoring, management and billing facilities q n Paa. S Brief Case Studies q q q n n Web Apps Frameworks Web Hosting Services Google App Engine Microsoft Windows Azure Sales. Force. com Evaluation of Current Paa. S providers Summary and Conclusions 2

Paa. S vs. Iaa. S 3

Paa. S vs Iaa. S: Paa. S Overview 4

Paa. S vs. Iaa. S 5

Paa. S vs. Iaa. S n n Significant difference is the amount of control a user has over the service Paa. S: Microsoft Azure: user has no control over the OS, security features or the ability to install software applications – other than your own applications developed specifically for Azure. Google Apps and Force. com have similar limitations to Azure All OS updates, versions, patches, security are controlled and implemented by the Paa. S provider Iaa. S: user selects the configuration (server size, OS, App software) and then has complete responsibility for the maintenance of the system; security patch is your responsibility. Want to install new application or database – feel free, it is your server 6

Paa. S vs Iaa. S: Cloud is Not the Bleeding Edge 7

Paa. S Attributes n Paa. S is a mechanism for vendors to apply specific set of constraints toward goals that represent their value proposition to their end user. These are as follows: q Elasticity q Multi-tenancy q Rapid provisioning and deployment q Integrated monitoring, management and billing facilities 8

Paa. S Attributes n To achieve the above goals, the Paa. S vendor must apply set of constraints regarding elasticity and security: ¨ Only specific languages and run-time are supported ¨ Not all language/library features are enabled ¨ Generic API replacing traditional APIs ¨ There may be size constraint on individual requests ¨ Stateless environment is encouraged to minimize the overhead of state management 9

Paa. S Attributes n While the above constraints allow the vendor to achieve the cloud computing goals, additional constraints add value by providing the following: ¨ IDE plug-in, SDK and local emulation environment ¨ Frameworks that provide the scaffolding and hooks to the platform ¨ Free developer accounts to accelerate provisioning time ¨ Differentiator between platforms offerings include programming languages supported (e. g. , Python, Java, C#, etc. ), and development environments (e. g. , Eclipse, Visual Studio) for which there are plug-ins available 10

Paa. S Attributes n In summary: Paa. S shows benefits over traditional web platforms in terms of: ¨ Geographically distributed collaboration ¨ Facilitate web services aggregation through centralization of code, reduced costs of infrastructure – pay-as-you-go model, and through higher-level programming languages ¨ Paa. S is simpler to manage than Iaa. S while providing more functionality and services from the provider 11

Paa. S Attributes: Elasticity n n n Is the ability to use computer resources as needed to meet some performance goals under variable workload Amazon EC 2 is an example of Elastic Compute Cloud, which is central part of Amazon’s cloud computing platform, Amazon Web Services – AWS In addition to the instance type (Compute capability), Amazon added features such as static IP address, Availability Zones, User selectable kernel, and Amazon Elastic Block Store (EBS) Elastic Compute Units (ECU)is an abstraction of compute resources. One EC 2 Compute Unit provides the equivalent CPU capacity of a 1. 0 – 1. 2 GHZ Opteron or Xeon processor EC 2 uses Xen virtualization. Each VM, called instance, functions as a virtual private server. Instances are sized based on ECUs 12

Paa. S Attributes: Single- vs. Multi-Tenant Architecture 13

Paa. S Attributes: Single- vs. Multi-Tenant Architecture 14

Paa. S Attributes: Rapid Provisioning and Deployment n n n Automation of infrastructure configuration: is central to Cloud Computing. It is essential to capture and maintain infrastructure & application configuration data to enable automation of provisioning of the managed components and minimize support of large user-bases CMDB (Configuration Mgmt DB): is one or more integrated repositories detailing the infrastructure components, and other assets needed for delivering the needed services Dev. Ops: Services are dynamic and complex and typically can’t be met by static CMDB. Instead there is a need for more collaboration between development and operations teams to optimize and automate application deployments. Examples include: Puppet and Chefs, both are Ruby-based and can manage wide variety of applications 15

Paa. S Attributes: Rapid Provisioning and Deployment n n Provisioning Automation: Vendors that leverage tools such as Puppet and Chef to facilitate enterprise-class automation across physical, virtual, and cloud environments; r. Path is one example r. Path capabilities include: system version control, automated dependency discovery, policy-based system construction & automated update of deployed systems 16

Paa. S Attributes: Integrated monitoring, management and billing facilities n Monitoring: ¨ ¨ ¨ Involves both proactive planning to ensure business continuity, as well as reactive processes for coping with problems when they occur IT Service Continuity Management: consists of risk assessment, business impact analysis, and contingency plan IT Operations Management: de to hybrid cloud , end-user desktops and mobile devices there is need for on-site operations Incident Management: While Operation Mgmt takes a proactive role, incident Mgmt caters to the reactive side Problem Management: Tracking and resolving unknown causes of incidents Event Management: Tracks discernible occurrences with significance on the management of IT infrastructure or the delivery of the IT services 17

Paa. S Attributes: Integrated monitoring, management and billing facilities n Service Management: ¨ ¨ ¨ Service disruption is expected: it is ongoing operations Service Strategy: Relates closely to the strategic impact, i. e. , prioritization to handle more requests than resources available Service Design: Covers all elements relevant to service delivery Service Transition: Intersection between project and service management Service Operation: Is the core of the ITIL (Information Technology Infrastructure Library) model. Its focus is on the day-to-day operations needed to deliver the service to the users Continual Service Improvement: Attempts to maintain the alignment between IT services and the corporation strategy by constantly reassessing the IT capabilities and explore opportunities to refine business processes 18

Paa. S Brief Case Studies n We will cover briefly the following: q Web Apps Frameworks q Web Hosting Services q Google App Engine q Microsoft Windows Azure q Sales. Force. com 19

Paa. S Brief Case Studies: Web Apps Frameworks q While simple web applications requires only HTML/HTTP, it is not possible to build complex and dynamic web sites that do not utilize server-side business logic built on data stored in data repository q As a result, number of application frameworks have been developed to remove the necessary work for authentication, authorization, database access, server-side caching, session management, etc. q These application frameworks are classified according to the programming language that they support 20

Paa. S Brief Case Studies: Web Apps Frameworks q Visual Basic, C#: ASP. NET is based on MS Active Server Pages (ASP) technology revised to take advantage of the Common Language Runtime (CLR) which is compatible with MS. NET languages including Visual Basic and C#. q Ruby: Ruby-on-Rails is an open source framework that supports Ruby, a dynamic and reflective O. O. programming language that is based on Perl, Smalltalk, Eiffel, Ada, and Lisp. Ruby-on-Rails suffered when Twitter switched to Scala due to scalability q Java: while Java is a de facto standard for open source software, not all Java environments are identical. Best known include Apache Struts and Spring frameworks 21

Paa. S Brief Case Studies: Web Apps Frameworks q Perl: Perl is a general purpose language originally developed for manipulating text and currently used for variety of applications including system administration and web development. Used in popular frameworks such as Catalyst, Jifty and Web. GUI q PHP: Originally developed for building dynamic web content, typically process input data and renders HTML. Frameworks include Drupal and Joomla q Python: supports multiple programming paradigms including object-oriented, structured, functional, and aspect-oriented programming. Popular frameworks include Django which is suitable for complex and DB-oriented websites. Python is very popular with Google Applications since Google App Engine was initially released with Python support 22

Paa. S Brief Case Studies: Web Hosting Services n n n Unclear boundaries between conventional web hosting services (e. g. , 100 Web. Space, X 10 Hosting, Hello. Host, etc. ) and Paa. S providers Web hosting use business models that range from placed advertisements to one-time setup fees or monthly subscription, and typically they support multiple application frameworks (they are not considered Paa. S) because provisioning support and value-add services are minimal On the other hand, Mosso, Rackspace Cloud offers a service called Cloud Site; fully managed platform that can host. NET, LAMP (Linux, Apache, My. SQL, Perl/Python/PHP) stack qualify as Paa. S 23

Paa. S Brief Case Studies: Google App Engine n n One of the best known Paa. S. In addition to basic runtime environment, it eliminates many of the administration and development challenges involved in building applications that can scale to millions of users! Originally supported only Python runtime environment. It added later-on Java VM (Java, Groovy, Jruby, Scala, Clojure) SDK includes full local development environment that simulates Google App Engine on the developer’s desktop It imposes some limitations, e. g. , Python modules must be pure Python w/o C or Pyrex modules. Likewise, Java applications may only use a subset of the JRE SE, and they are not allowed to create new threads 24

Paa. S Brief Case Studies: Google App Engine n n Unfortunately, supported languages are standard, it isn’t typically possible to take existing code and launch it by simply copying it to the Google App. Spot hosting environment Obstacles: Most existing apps use RDBMS while Google App provides nonrelational data store q Many existing apps leverage the OS services such as file system, or interface with other installed software. Google Apps use the sandbox model to be able to isolate instances in multi-tenant environment q n The App Engine datastore, supports queries, sorting, and transactions using optimistic concurrency control. It is consistent DB built on top of Big Table with added functionality 25

Paa. S Brief Case Studies: Google App Engine n n n Google Query Language called GQL is similar to SQL in its SELECT statement, however with significant limitations, e. g. , GQL does not support Join operation and as a result can support only one single table query, however, GQL provides a workaround in the form of a Reference. Property class that can indicate one-to-many and many-to-many relationships Google Apps are not allowed to write to the file system (protection from malware), however it can read files but only those files that have been uploaded with the application code. Persisting intermediate results has to be done in the App Engine datastore Only events that can trigger application are web request or scheduled CRON job 26

Paa. S Brief Case Studies: Google App Engine n Google App Engine however provides rich set of APIs: q q q q Authentication: Apps can interface directly with Google Accounts URL Fetch: Apps can access resources on the Internet Mail: Apps can send messages using the App Engine’s mail service Memcache: Offers Apps an in-memory key/value cache that can be accessed by multiple instances of the same App Image Manipulation: Allows Apps to resize, crop, rotate and flip images in JPEG and PNG formats Scheduled Tasks: Cron service allows user to schedule tasks that run at regular intervals. The App can execute tasks that it added to a queue itself Task Queue: Cron jobs are not reliable and do nor perform well for high volume or high frequency workload. The App Engine Task Queue is very scalable, low latency and reliable service processed on FIFO basis Blobstore: GQL Data Store items are limited to a maximum of 1 MB. The Google Blobstore provides an alternative for serving large objects such as images, audio, video or executable files up to a maximum of 2 GB 27

Paa. S Brief Case Studies: Google App Engine XMPP (The Extensible Messaging and Presence Protocol) API: is a standard Instant Messaging (IM) protocol based on Jabber. The App Engine supports the API, which can serve as an alternative to email for time-sensitive communications – such as alerts q Open. ID Authentication: It is a standard for federated authentication. Open. ID user can create an identity (uid, password or biometrics) at any Open. ID provider and use that identity to authenticate to an App Engine Application if the developer choose Open. ID as the authentication mechanism q Map. Reduce: Is still experimental and not complete, i. e. , even though Google invented the M/R paradigm. The idea would be the mapper provides a fast and efficient way to iterate over datastore entities or Blob files q 28

Paa. S Brief Case Studies: Microsoft Windows Azure n n Azure is Microsoft’s Paa. S offering: It allows applications to be hosted and run from MS datacenter. Its fabric controller automatically manages resources, balance load, replicate for HA and manages the App lifecycle To access Azure: you typically use Visual Studio or an SDK for Java and Ruby, i. e. , not limited to. NET Framework. Planning to support Java, Python, Ruby, PHP, Open. ID and Eclipse, however much more information and community support if you stay native Microsoft implementation, i. e. , developer needs: Download Azure software Development kit q Download Azure Tools for MS Studio q 29

Paa. S Brief Case Studies: Microsoft Windows Azure n n n After installing the Azure software, a set of solution templates appears in the Visual Studio called Cloud Service Azure Platform: is a distributed service hosted in MS data center based on special-purpose OS called Window Azure. It consists of 3 components: Compute, Storage, and a Fabric to manage the platform Azure also provides an infrastructure service in the form of VM role which accepts upload of Window Server 2008 R 2 VM Image 30

Paa. S Brief Case Studies: Microsoft Windows Azure n n For each role, the developer specify static configuration setting: End-point URL, # of instances and size (# of cores, memory and disk space) Load balancer will distributed incoming traffic among the different instances; it is also possible to inspect and update the configuration using Service Runtime & Mgmt Azure Storage supports Blobs, Tables, and Queues Azure fabric refers to a set of machines running the Azure OS that are managed together and typically colocated in the same region. The Fabric Controller is the layer of code that provisions all the user instances and performs necessary upgrades 31

Paa. S Brief Case Studies: Microsoft Windows Azure n Azure Services: set of services that can be used from the Internet (including Azure Platform itself) or onpremise applications 32

Paa. S Brief Case Studies: Microsoft Windows Azure n Azure Services can be classified as: q App. Fabric: Provides Cloud-oriented service framework that is available through REST, SOAP, Atom/Atom. Pub and WS-*. q q q Microsoft. NET Service Bus: relay connectivity between systems Microsoft. NET Access Control Service: provides both authentication and authorization to users relying on Windows Live ID and other user account stores Windows Azure App. Fabric Cache: delivers distributed, in-memory, cache service for Windows Azure and SQL Azure applications SQL Azure: Is relational store that is different from Azure storage. It is SQL Server offered as Cloud Service including transaction integrity & multi-table analysis q Live Services: Provides set of building blocks that can be used to handle user data and application resources including identity and contacts. At the heart is Live. Mesh, which offers data synchronization across multiple devices using Fed. Sync q 33

Paa. S Brief Case Studies: Force. com n n Sales. Force. com: provides Paa. S service which is called Force. com. It is very different from Google’s and Microsoft’s offerings in the Paa. S space. It also provides hosting services using its own technology with features of redundancy, security and scalability; it is data oriented rather than code-oriented. External Programmatic Access: Exposes customers to specific configurations (forms, reports, workflow, user privileges, customization, business logic) as metadata which is programmatically accessible: q A Web Services API (SOAP) allows access to all Force. com application data from any environment 34

Paa. S Brief Case Studies: Force. com q Provides toolkits for. NET, Java, Facebook, Google, and Amazon Web Services as well as pre-packaged connectors from: q q q n ERP: SAP R/3 and Oracle Financials Desktop software: Microsoft Office, Lotus Notes Middleware: TIBCO, Pervasive, Cast Iron Apex: Force. com is built using Visualforce, a framework for creating GUI, and Apex (a proprietary programming language that uses Java-like syntax but acts more like Database stored procedures 35

Paa. S Brief Case Studies: Force. com n Force. com distinguishes between 3 kinds of program logic: Declarative logic: audit logging, workflow, approvals q Formula-based logic: data validation, workflow rules q Procedural logic: Apex triggers and classes q n n Apex can run as a stand-alone script on demand or as a trigger on a data event Three options to develop/create the Apex code: Sales. Force. com user interface allows including Apex code q Any text editor (Notepad) that can be uploaded to the server q The preferred mechanism is the Force. com IDE, which is a plug-in for Eclipse q 36

Paa. S Brief Case Studies: Force. com n User Interface: q n Two tools are available for building UI: UI Builder and Visualforce q UI Builder: is simpler approach, it generates a default UI based on the data properties of the application. This UI can be modified to change the layout and appearance or to add search functionality q Visualforce: is much more powerful and can be used to create any UI. It implements the MVC paradigm to enforce strict separation of logic from presentation from storage. The UI can include callouts and leverage dynamic client-side display functionality (CSS, DHTML, AJAX, Adobe Flex) in addition to traditional HTML Force. com provides also marketplace, called App. Exchange, for buying/selling Saa. S services 37

Evaluation of Current Saa. S Providers n Which is the best choice for an ISV that focuses on the creation of a business application in a Saa. S deployment? 38

Evaluation of Current Saa. S Providers n Which is the best choice for Service Providers that want to act as a local Paa. S provider with the help of a licensed Paa. S platform or for system integrators that would like to offer custom developed applications or integration services between corporate users and the Paa. S provider? 39

Summary and Conclusion n n Cloud architecture consists of Iaa. S, Paa. S, and Saa. S Paa. S: user has no control over the OS, security features or the ability to install software applications – other than your own applications Paa. S provider: is responsible for all OS updates, versions, patches, security Paa. S: should provide rapid provisioning and deployment Paa. S: should provide integrated monitoring, management and billing services 40

END 41