Cloud Computing Design Patterns / Edition 1

Cloud Computing Design Patterns / Edition 1

ISBN-10:
0133858561
ISBN-13:
9780133858563
Pub. Date:
06/18/2015
Publisher:
Prentice Hall

Hardcover

View All Available Formats & Editions
Current price is , Original price is $49.99. You
Select a Purchase Option (New Edition)
  • purchase options

Overview

Cloud Computing Design Patterns / Edition 1

“This book continues the very high standard we have come to expect from ServiceTech Press. The book provides well-explained vendor-agnostic patterns to the challenges of providing or using cloud solutions from PaaS to SaaS. The book is not only a great patterns reference, but also worth reading from cover to cover as the patterns are thought-provoking, drawing out points that you should consider and ask of a potential vendor if you’re adopting a cloud solution.”
--Phil Wilkins, Enterprise Integration Architect, Specsavers

“Thomas Erl’s text provides a unique and comprehensive perspective on cloud design patterns that is clearly and concisely explained for the technical professional and layman alike. It is an informative, knowledgeable, and powerful insight that may guide cloud experts in achieving extraordinary results based on extraordinary expertise identified in this text. I will use this text as a resource in future cloud designs and architectural considerations.”
--Dr. Nancy M. Landreville, CEO/CISO, NML Computer Consulting

The Definitive Guide to Cloud Architecture and Design
Best-selling service technology author Thomas Erl has brought together the de facto catalog of design patterns for modern cloud-based architecture and solution design. More than two years in development, this book’s 100+ patterns illustrate proven solutions to common cloud challenges and requirements. Its patterns are supported by rich, visual documentation, including 300+ diagrams.

The authors address topics covering scalability, elasticity, reliability, resiliency, recovery, data management, storage, virtualization, monitoring, provisioning, administration, and much more. Readers will further find detailed coverage of cloud security, from networking and storage safeguards to identity systems, trust assurance, and auditing.

This book’s unprecedented technical depth makes it a must-have resource for every cloud technology architect, solution designer, developer, administrator, and manager.

Topic Areas

  • Enabling ubiquitous, on-demand, scalable network access to shared pools of configurable IT resources
  • Optimizing multitenant environments to efficiently serve multiple unpredictable consumers
  • Using elasticity best practices to scale IT resources transparently and automatically
  • Ensuring runtime reliability, operational resiliency, and automated recovery from any failure
  • Establishing resilient cloud architectures that act as pillars for enterprise cloud solutions
  • Rapidly provisioning cloud storage devices, resources, and data with minimal management effort
  • Enabling customers to configure and operate custom virtual networks in SaaS, PaaS, or IaaS environments
  • Efficiently provisioning resources, monitoring runtimes, and handling day-to-day administration
  • Implementing best-practice security controls for cloud service architectures and cloud storage
  • Securing on-premise Internet access, external cloud connections, and scaled VMs
  • Protecting cloud services against denial-of-service attacks and traffic hijacking
  • Establishing cloud authentication gateways, federated cloud authentication, and cloud key management
  • Providing trust attestation services to customers
  • Monitoring and independently auditing cloud security
  • Solving complex cloud design problems with compound super-patterns

Product Details

ISBN-13: 9780133858563
Publisher: Prentice Hall
Publication date: 06/18/2015
Series: Prentice Hall Service Technology Series from Thomas Erl Series
Edition description: New Edition
Pages: 592
Product dimensions: 7.20(w) x 9.20(h) x 1.40(d)

About the Author

Thomas Erl is a top-selling IT author, founder of Arcitura Education Inc., and series editor of the Prentice Hall Service Technology Series from Thomas Erl. With more than 200,000 copies in print worldwide, his books have become international bestsellers and have been formally endorsed by senior members of major IT organizations, such as IBM, Microsoft, Oracle, Intel, Accenture, IEEE, HL7, MITRE, SAP, CISCO, HP, and many others. As CEO of Arcitura Education Inc., Thomas has led the development of curricula for the internationally recognized Big Data Science Certified Professional (BDSCP), Cloud Certified Professional (CCP), and SOA Certified Professional (SOACP) accreditation programs, which have established a series of formal, vendor-neutral industry certifications obtained by thousands of IT professionals around the world. Thomas has toured more than 20 countries as a speaker and instructor. More than 100 articles and interviews by Thomas have been published in numerous publications, including The Wall Street Journal and CIO Magazine.

Robert Cope has more than 25 years of experience in mission-critical systems development, spanning all aspects of the software system engineering lifecycle from architectural development, experimentation and prototyping, requirements development, design, implementation, and operations to acquisition program management for large systems. With more than 10 years in research, development, and implementation of security architecture, Public Key Infrastructure (PKI) security technology, and security services for large organizations, he has vast experience in information assurance, identity management deployment, operations, and maintenance of large-scale high assurance identity management enclaves.

Robert is the CEO of Homeland Security Consultants, a Federal Risk and Authorization Management Program (FedRAMP)-approved Third Party Assessment Organization (3PAO) for certifying cloud services. He led the development of the virtualization and cloud computing architecture for a large organization and was the chief architect responsible for the development of an enterprise authentication service, leading a team to integrate the organization’s identity and access management service architecture using Model Based System Engineering (MBSE) and the System Modeling Language (SysML).

Robert is a Certified Trainer for Arcitura’s Cloud School and SOA School. He has been a contributing member of the National Institute of Standards and Technology (NIST) Cloud-adapted Risk Management Framework (CRMF) and a contributing member of the Organization for the Advancement of Structured Information Standards (OASIS) IdCloud Technical Committee. He is also a member of the International Council on Systems Engineering (INCOSE).

A certified IT professional with over 14 years of experience in solution architecture and design, engineering, and consultation, Amin Naserpour specializes in designing medium to enterprise-level complex solutions for partially to fully virtualized front-end infrastructures. His portfolio includes clients such as VMware, Microsoft, and Citrix, and his work consists of integrating front-ends with back-end infrastructure-layer solutions. Amin designed a unified, vendor-independent cloud computing framework that he presented at the 5th International SOA, Cloud + Service Technology Symposium in 2012. Certified in cloud computing, virtualization, and storage, Amin currently holds Technical Consultant and Cloud Operations Lead positions for Hewlett-Packard, Australia.

Table of Contents

Chapter 1: Introduction 1
Objective of This Book 2
What This Book Does Not Cover 2
Who This Book Is For 2
Origin of This Book 3
Recommended Reading 3
How This Book Is Organized 3
Chapter 3: Sharing, Scaling and Elasticity Patterns 4
Chapter 4: Reliability, Resiliency and Recovery Patterns 4
Chapter 5: Data Management and Storage Device Patterns 4
Chapter 6: Virtual Server and Hypervisor Connectivity and Management Patterns 4
Chapter 7: Monitoring, Provisioning and Administration Patterns 4
Chapter 8: Cloud Service and Storage Security Patterns 4
Chapter 9: Network Security, Identity & Access Management and Trust Assurance Patterns 4
Chapter 10: Common Compound Patterns 5
Appendix A: Cloud Computing Mechanisms Glossary 5
Appendix B: Alphabetical Design Patterns Reference 5
Additional Information 5
Symbol Legend 5
Pattern Documentation Conventions 5
Updates, Errata, and Resources (www.servicetechbooks.com) 6
Cloud Computing Design Patterns (www.cloudpatterns.org) 6
What Is Cloud? (www.whatiscloud.com) 6
Referenced Specifications (www.servicetechspecs.com) 6
The Service Technology Magazine (www.servicetechmag.com) 6
CloudSchool.com Certified Cloud (CCP) Professional (www.cloudschool.com) 6
Social Media and Notification 7
Chapter 2: Understanding Design Patterns 9
About Pattern Profiles 11
Requirement 11
Icon 11
Problem 11
Solution 12
Application 12
Mechanisms 12
About Compound Patterns 12
Design Pattern Notation 13
Capitalization 13
Page Number References 13
Measures of Design Pattern Application 13
Working with This Catalog 14
Chapter 3: Sharing, Scaling and Elasticity Patterns 15
Shared Resources 17
Problem 17
Solution 18
Application 19
Mechanisms 21
Workload Distribution 22
Problem 22
Solution 22
Application 22
Mechanisms 24
Dynamic Scalability 25
Problem 25
Solution 27
Application 28
Mechanisms 31
Service Load Balancing 32
Problem 32
Solution 33
Application 34
Mechanisms 36
Elastic Resource Capacity 37
Problem 37
Solution 37
Application 38
Mechanisms 40
Elastic Network Capacity 42
Problem 42
Solution 43
Application 43
Mechanisms 43
Elastic Disk Provisioning 45
Problem 45
Solution 46
Application 48
Mechanisms 49
Load Balanced Virtual Server Instances 51
Problem 51
Solution 52
Application 53
Mechanisms 55
Load Balanced Virtual Switches 57
Problem 57
Solution 58
Application 58
Mechanisms 60
Service State Management 61
Problem 61
Solution 61
Application 62
Mechanisms 63
Storage Workload Management 64
Problem 64
Solution 64
Application 66
Mechanisms 69
Dynamic Data Normalization 71
Problem 71
Solution 72
Application 72
Mechanisms 73
Cross-Storage Device Vertical Tiering 74
Problem 74
Solution 76
Application 76
Mechanisms 79
Intra-Storage Device Vertical Data Tiering 81
Problem 81
Solution 81
Application 82
Mechanisms 85
Memory Over-Committing 86
Problem 86
Solution 87
Application 88
Mechanisms 89
NIC Teaming 90
Problem 90
Solution 90
Application 91
Mechanisms 92
Broad Access 93
Problem 93
Solution 93
Application 94
Mechanisms 94
Chapter 4: Reliability, Resiliency and Recovery Patterns 97
Resource Pooling 99
Problem 99
Solution 99
Application 100
Mechanisms 103
Resource Reservation 106
Problem 106
Solution 107
Application 107
Mechanisms 110
Hypervisor Clustering 112
Problem 112
Solution 112
Application 114
Mechanisms 117
Redundant Storage 119
Problem 119
Solution 121
Application 121
Mechanisms 122
Dynamic Failure Detection and Recovery 123
Problem 123
Solution 123
Application 123
Mechanisms 126
Multipath Resource Access 127
Problem 127
Solution 128
Application 129
Mechanisms 131
Redundant Physical Connection for Virtual Servers 132
Problem 132
Solution 133
Application 134
Mechanisms 136
Synchronized Operating State 138
Problem 138
Solution 138
Application 139
Mechanisms 142
Zero Downtime 143
Problem 143
Solution 143
Application 144
Mechanisms 144
Storage Maintenance Window 147
Problem 147
Solution 148
Application 148
Mechanisms 154
Virtual Server Auto Crash Recovery 155
Problem 155
Solution 156
Application 157
Mechanisms 158
Non-Disruptive Service Relocation 159
Problem 159
Solution 160
Application 160
Mechanisms 164
Chapter 5: Data Management and Storage Device Patterns 167
Direct I/O Access 169
Problem 169
Solution 169
Application 169
Mechanisms 171
Direct LUN Access 173
Problem 173
Solution 174
Application 174
Mechanisms 176
Single Root I/O Virtualization 178
Problem 178
Solution 179
Application 179
Mechanisms 180
Cloud Storage Data at Rest Encryption 181
Problem 181
Solution 182
Application 182
Mechanisms 183
Cloud Storage Data Lifecycle Management 184
Problem 184
Solution 185
Application 185
Mechanisms 186
Cloud Storage Data Management 187
Problem 187
Solution 188
Application 188
Mechanisms 189
Cloud Storage Data Placement Compliance Check 190
Problem 190
Solution 191
Application 191
Mechanisms 192
Cloud Storage Device Masking 194
Problem 194
Solution 194
Application 195
Mechanisms 197
Cloud Storage Device Path Masking 198
Problem 198
Solution 198
Application 199
Mechanisms 200
Cloud Storage Device Performance Enforcement 201
Problem 201
Solution 202
Application 202
Mechanisms 203
Virtual Disk Splitting 204
Problem 204
Solution 205
Application 206
Mechanisms 209
Sub-LUN Tiering 210
Problem 210
Solution 210
Application 211
Mechanisms 213
RAID-Based Data Placement 214
Problem 214
Solution 214
Application 215
Mechanisms 217
IP Storage Isolation 218
Problem 218
Solution 218
Application 218
Mechanisms 220
Chapter 6: Virtual Server and Hypervisor Connectivity and Management Patterns 221
Virtual Server Folder Migration 223
Problem 223
Solution 225
Application 225
Mechanisms 226
Persistent Virtual Network Configuration 227
Problem 227
Solution 227
Application 228
Mechanisms 229
Virtual Server Connectivity Isolation 231
Problem 231
Solution 232
Application 233
Mechanisms 234
Virtual Switch Isolation 235
Problem 235
Solution 236
Application 236
Mechanisms 238
Virtual Server NAT Connectivity 240
Problem 240
Solution 240
Application 240
Mechanisms 243
External Virtual Server Accessibility 244
Problem 244
Solution 245
Application 245
Mechanisms 246
Cross-Hypervisor Workload Mobility 247
Problem 247
Solution 248
Application 250
Mechanisms 250
Virtual Server-to-Host Affinity 252
Problem 252
Solution 253
Application 254
Mechanisms 257
Virtual Server-to-Host Anti-Affinity 258
Problem 258
Solution 261
Application 261
Mechanisms 264
Virtual Server-to-Host Connectivity 265
Problem 265
Solution 266
Application 266
Mechanisms 266
Virtual Server-to-Virtual Server Affinity 267
Problem 267
Solution 269
Application 269
Mechanisms 271
Virtual Server-to-Virtual Server Anti-Affinity 272
Problem 272
Solution 275
Application 275
Mechanisms 277
Stateless Hypervisor 278
Problem 278
Solution 278
Application 279
Mechanisms 282
Chapter 7: Monitoring, Provisioning and Administration Patterns 283
Usage Monitoring 285
Problem 285
Solution 285
Application 286
Mechanisms 287
Pay-as-You-Go 288
Problem 288
Solution 288
Application 289
Mechanisms 291
Realtime Resource Availability 292
Problem 292
Solution 292
Application 293
Mechanisms 294
Rapid Provisioning 295
Problem 295
Solution 296
Application 296
Mechanisms 299
Platform Provisioning 301
Problem 301
Solution 301
Application 302
Mechanisms 304
Bare-Metal Provisioning 305
Problem 305
Solution 305
Application 305
Mechanisms 308
Automated Administration 310
Problem 310
Solution 310
Application 311
Mechanisms 314
Centralized Remote Administration 315
Problem 315
Solution 317
Application 317
Mechanisms 318
Resource Management 320
Problem 320
Solution 320
Application 321
Mechanisms 323
Self-Provisioning 324
Problem 324
Solution 325
Application 325
Mechanisms 329
Power Consumption Reduction 330
Problem 330
Solution 330
Application 331
Mechanisms 334
Chapter 8: Cloud Service and Storage Security Patterns 335
Trusted Platform BIOS 337
Problem 337
Solution 338
Application 339
Mechanisms 340
Geotagging 341
Problem 341
Solution 341
Application 342
Mechanisms 343
Hypervisor Protection 344
Problem 344
Solution 346
Application 347
Mechanisms 349
Cloud VM Platform Encryption 350
Problem 350
Solution 350
Application 352
Mechanisms 353
Trusted Cloud Resource Pools 354
Problem 354
Solution 354
Application 356
Mechanisms 358
Secure Cloud Interfaces and APIs 360
Problem 360
Solution 361
Application 361
Mechanisms 363
Cloud Resource Access Control 364
Problem 364
Solution 366
Application 368
Mechanisms 368
Detecting and Mitigating User-Installed VMs 369
Problem 369
Solution 371
Application 372
Mechanisms 374
Mobile BYOD Security 376
Problem 376
Solution 378
Application 380
Mechanisms 381
Cloud Data Breach Protection 382
Problem 382
Solution 384
Application 384
Mechanisms 386
Permanent Data Loss Protection 387
Problem 387
Solution 388
Application 389
Mechanisms 390
In-Transit Cloud Data Encryption 391
Problem 391
Solution 391
Application 392
Mechanisms 394
Chapter 9: Network Security, Identity & Access Management and Trust Assurance Patterns 395
Secure On-Premise Internet Access 397
Problem 397
Solution 398
Application 400
Mechanisms 403
Secure External Cloud Connection 404
Problem 404
Solution 404
Application 405
Mechanisms 408
Secure Connection for Scaled VMs 409
Problem 409
Solution 412
Application 414
Mechanisms 415
Cloud Denial-of-Service Protection 416
Problem 416
Solution 418
Application 419
Mechanisms 420
Cloud Traffic Hijacking Protection 421
Problem 421
Solution 423
Application 423
Mechanisms 424
Automatically Defined Perimeter 425
Problem 425
Solution 426
Application 427
Mechanisms 429
Cloud Authentication Gateway 430
Problem 430
Solution 431
Application 432
Mechanisms 435
Federated Cloud Authentication 436
Problem 436
Solution 438
Application 439
Mechanisms 443
Cloud Key Management 444
Problem 444
Solution 445
Application 446
Mechanisms 447
Trust Attestation Service 448
Problem 448
Solution 449
Application 449
Mechanisms 451
Collaborative Monitoring and Logging 452
Problem 452
Solution 455
Application 455
Mechanisms 459
Independent Cloud Auditing 460
Problem 460
Solution 461
Application 463
Mechanisms 464
Threat Intelligence Processing 465
Problem 465
Solution 466
Application 468
Mechanisms 469
Chapter 10: Common Compound Patterns 471
“Compound Pattern” vs. “Composite Pattern” 472
Compound Pattern Members 472
Joint Application vs. Coexistent Application 472
Private Cloud 474
Public Cloud 476
Software-as-a-Service (SaaS) 478
Platform-as-a-Service (PaaS) 480
Infrastructure-as-a-Service (IaaS) 482
Elastic Environment 484
Multitenant Environment 486
Resilient Environment 490
Cloud Bursting 492
Burst Out to Private Cloud 493
Burst Out to Public Cloud 496
Burst In 499
Secure Burst Out to Private Cloud/Public Cloud 501
Cloud Balancing 503
Cloud Authentication 505
Resource Workload Management 506
Isolated Trust Boundary 508
Appendix A: Cloud Computing Mechanisms Glossary 511
Appendix B: Alphabetical Design Patterns Reference 535
About the Authors 541
Index 543


Customer Reviews

Most Helpful Customer Reviews

See All Customer Reviews