Project: Cloud Provider Evaluation Start Here Since you have become familiar with foundations of cloud computing technologies, along with their risks and the legal and compliance issues, you will now explore cloud offerings of popular cloud providers and evaluate them to recommend one that would be the best fit for BallotOnline. In this project, you will first learn about networking in the cloud and auxiliary cloud services provided by cloud vendors. Next, you will explore cloud computing trends, best practices, and issues involved in migrating IT deployments to the cloud, as well as typical architectures of cloud deployments. Then, you will apply your findings to propose a general architecture for BallotOnline’s cloud deployment to best address the company’s business requirements. Once you have selected a deployment architecture, you will research two leading cloud vendors: Amazon Web Services (AWS) and Microsoft Azure. Exploring and comparing the tools available for application migration will enable you to recommend a vendor to the executives in your final report. The final deliverable is a written report to BallotOnline management, describing the results of your research and recommending the cloud deployment architecture and the vendor for its deployment, with justification. Your final report should demonstrate that you understand the IT needs of the organization as you evaluate and select cloud providers. The report should include your insights on the appropriate direction to take to handle the company’s IT business needs. You will also be assessed on the ability to integrate relevant risk, policy, and compliance consideration into the recommendations, as well as the clarity of your writing and a demonstration of logical, step-by-step decision making to formulate and justify your ideas. Take Note This project has a hands-on lab that you need to complete. Instructions for the lab are included in the steps of this project. If you have technical difficulties in completing the lab, we have technology support assistants available to help. Competencies Your work will be evaluated using the competencies listed below. · 2.2: Locate and access sufficient information to investigate the issue or problem. · 2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem. · 2.4: Consider and analyze information in context to the issue or problem. · 2.5: Develop well-reasoned ideas, conclusions or decisions, checking them against relevant criteria and benchmarks. · 5.4: Articulate insights to leadership on the appropriate course of direction on the identified IT business needs. · 6.1: Articulate the systems architecture of the cloud - cloud infrastructure, cloud service, cloud platform, and cloud storage. · 6.6: Evaluate and select cloud providers (AWS, Azure, VMware, Google Cloud, IBM). · 6.8: Review, evaluate, and utilize emerging technologies related to cloud to support business needs. Step 1: Research Networking and Auxiliary Services in the Cloud The executives at BallotOnline have been impressed with your research on cloud computing thus far. While there are a variety of cloud providers, BallotOnline is considering using Amazon Web Services (AWS) and Microsoft Azure, two of the top providers in the market. BallotOnline's executives want you to help determine which would be the best provider for the organization. You will start with learning about internet networking basics and cloud networking. You will also research many cloud services that cloud providers make available to their customers to help them take full advantage of cloud service and deployment models. Step 2: Research Cloud Trends, Best Practices, and Migration Issues The cloud computing revolution is redefining ways that companies of all sizes use information technology. The cloud landscape shifts rapidly, and current trends reflect this rapid pace of change. You likely got an idea about this in the last step when you conducted research on cloud architecture. Now, continue gathering information for your final report by assessing: · issues outside the company, such as emerging issues in the industry, regulatory changes, and general trends in cloud computing to gain an understanding of how these issues may influence BallotOnline's decisions; · best practices for cloud implementation and assess whether BallotOnline can benefit from these; · cloud migration strategies for the application and data, since BallotOnline is moving an existing web application to the cloud, making sure that the application is configured properly for the system architecture of your cloud deployment; and · IT change management techniques that could help BallotOnline make this transition. Step 3: Research Typical Architectures of Cloud Deployments In the previous step, you considered best practices and trends in the cloud industry. Next, you will have to look at the kinds of architectures needed for cloud. Because most elements of cloud deployments are implemented in a virtualized environment controlled by software, the degree of freedom in defining your deployment of cloud reference models is unprecedented. You can define the number of virtual servers required and the configuration, and even change them dynamically as needed. You can also define your virtual local area networks (LANs) and subnets, and place servers in them to implement network security requirements. The basic cloud deployment components are cloud consumer, cloud provider, and cloud carrier, with cloud brokers and auditor as possible additions. Typical cloud architectures of cloud deployments vary from single server (suitable for proof-of-concept engagements) and multiserver architectures with various servers carrying different software components and occupying different security zones, to geographically dispersed deployments to achieve high availability, resilience, and speed of delivery. There are several issues to consider when selecting a server architecture, including cost, scalability, performance, and use of management. For this step, research the typical architectures of cloud deployments and begin to consider what might be a good fit for BallotOnline. Discuss your findings and thoughts with your colleagues in the Discussion: Cloud Architectures forum. In the next step, you will continue research, this time on trends in cloud computing as well as issues that can arise during data migration. Step 4: Propose Cloud Architecture for BallotOnline Deployment Now that you have looked into cloud architectures, in this step, you will propose the cloud deployment architecture for BallotOnline, applying the knowledge of typical architectural elements of cloud deployment from the project's initial step. You will also consider trends and migration issues from a previous step. Your recommendation should consider the company's business requirements. Recall that the company has an existing web application that it wants to move to the cloud, and also that the company wants to expand its business to other parts of the world. In earlier projects, you learned about and analyzed the IT business requirements for BallotOnline. Among them were demands for application and data security, data encryption, and separation for deployments overseas. Also, the application should handle load peaks during election times in different regions. Specific technical requirements state that BallotOnline is a web application, written using the popular open-source LAMP (Linux, Apache, MySQL, PHP) software suite and the PHP application. Take Action Describe your proposed architecture by submitting a report with a drawing of the architecture (hand-drawn or computer-created) diagram and explaining its elements in the dropbox below. Here are some sample drawings of typical cloud architectures to give you an idea. Typical Cloud Architectures Single Server The most basic use of the cloud is to provision a single virtual server, running your application along with supporting service applications such as a database. Although a single server is not much of an architecture, it can be used in a proof of concept project to get your first experience with a particular cloud provider and see how easy and how fast the provisioning process is. Single Server with Services Instead of packing everything into a single server, a cloud consumer can advantage of services available from the cloud provider. Here, we illustrate the use of a firewall service and a database service. The provider will be responsible for provisioning the services and keeping them running. The cloud consumer needs to populate and administer the data in the database service. To accomplish that, the cloud consumer’s database administrator will access the database using a virtual private network (VPN) connection over the Internet to ensure security. The virtual server will run the business application and will connect to the database service via a private network within the cloud provider’s data center. Application with Security Zones and On-Premise IT Connectivity For large databases, proprietary data storage solutions, or databases unsupported by the cloud provider, the data can be stored in a separate database virtual server. The cloud provider will maintain the server but not the database. Because businesses value their data as their most precious commodity, they will want to secure it by isolating it from public Internet. This can be accomplished by placing the database server in a separate private virtual local area network (VLAN) than the application server, or a separate subnet in the same VLAN as the application server. These VLANs (or subnets) will enforce security zones for their devices. They will be made available to the outside by using network gateways: an Internet gateway for the application server and a VPN gateway for the database server. In addition, a network address translation (NAT) gateway between the security zones will make sure that only trusted traffic can pass between them. These gateways are often offered as a service by the cloud providers. The VPN gateway for the database server can connect it to the on-premises enterprise network of the cloud consumer, for taking on-premise backups, or integrating the cloud solution with on-premises systems, enabling hybrid cloud deployments. Load Balancing, Auto-Scaling, Database Replication User loads placed on web applications can differ significantly depending on the time of the day, week, year, or any other circumstances. To remedy that, cloud providers offer auto-scaling services. The cloud consumer can define an auto-scale group, specifying a lower and upper limit on the number of servers in the group, the machine images from which the servers are provisioned, and circumstances leading to up-and down-scaling in the group. These can be based on calendar, or use of network bandwidth, CPU, or memory on the servers. In order to split the incoming requests among the servers, a load-balancing service directs the requests to the members of the group based on server use, or various queuing algorithms (round-robin being the simplest). With the database server, duplication requires keeping copies of the database in sync. A preferred solution is to have one master database server, with a slave database server -- one using the database provider’s replication and synchronization capability. It ensures the fault tolerance with respect to the database. Fault Tolerance and High Availability The concept of replication can be extended to the application server, providing for a cloud deployment that is fault-tolerant with respect to servers, and ensuring availability in situations such as natural disasters or other circumstances that cause the whole data center to go offline. In addition, the application and databases can be replicated to different geographical regions, ensuring fast access from remote geographical locations. And, replication can help satisfy local government regulations regarding data privacy, which may require the user’s data to reside within specific regions. Fast Delivery of Static Content – Object Storage, Content Delivery Network While dynamic application data has to reside within the database server or service, static content such as text, graphics, video, or audio files that don’t change that often can reside in a slower but less expensive media. For that purpose, cloud providers offer object storage, which can be thought of as an Internet-based file system, allowing for storage of files organized into containers in a geographically distributed, replicated, secured storage. While not at the speeds of local storage, object storage offers fault tolerance, resilience, and virtually unlimited capacity at the cost of data consistency being “eventual” rather that immediate. Data stored in object storage can be often served by content delivery networks (CDNs) – a service allowing for geographically distributing data and serving it from the closest geographical location to the place from which the data request originates. Architecture Components Can Be Mixed and Matched Bear in mind that cloud providers may allow some of the architectural components illustrated here to be mixed and matched. For example, the auto-scale groups and replicated databases could be placed in security zones, and VPN gateways could be linked to different servers to corporate on-premises networks. In the next step, you will begin researching the specific providers, starting with Amazon. Step 5: Research AWS You’ve described your proposed architecture and included a diagram to provide leadership a way to envision the system. Now, it’s time to look closely at the leading cloud providers to see if their services will fit BallotOnline’s needs. Each cloud provider provides a unique profile of services, so it is good practice to compare cloud vendors and evaluate their reliability, performance, ease of use, cost, security and compliance measures. As more providers enter the marketplace, many will specialize on specific needs and use cases, making this evaluation even more critical. In this step, you will explore AWS and assess the feasibility of this platform for deploying the architecture proposed in the previous step. You should also consider issues related to AWS Pricing. Based on your research, determine to what degree AWS supports the elements of the BallotOnline business and technical requirements. Share your thoughts with your colleagues in the Discussion: Amazon Web Services Feasibility forum. In the following step, you will do the same for Microsoft Azure. Step 6: Research Microsoft Azure Now that you have had a chance to research AWS, it's time to explore Microsoft Azure, another cloud provider that could be used to deploy the proposed architecture. You should also consider issues related to Microsoft Azure pricing. Based on your research, determine to what degree Microsoft Azure supports the elements of the BallotOnline business and technical requirements. Share your thoughts with your colleagues in the Discussion: Microsoft Azure Feasibility forum. Now that you have completed research on the cloud providers, in the next steps you will work on proof of concepts for each provider. Step 7: Generate AWS Proof of Concept (POC) With your research complete, you will now deploy a simple one-page PHP application to the AWS cloud. It will allow you to explore deployment methods, ease of use, provisioning speed, etc., for the Amazon cloud. Take Action As you may have already discovered in your research on AWS, it makes a cloud migration tool called Elastic Beanstalk available for customers to migrate their existing applications into the AWS cloud. We will use this tool to deploy your AWS proof of concept (POC). Follow the steps in the AWS lab instructions to complete your AWS POC. In the dropbox below, upload the URL linking to your application running in the AWS portal. Step 8: Generate Azure Proof of Concept (POC) Now that your AWS POC is complete, you can proceed with a similar POC deployment for the Microsoft Azure cloud. Take Action Follow the steps in the Azure lab instructions to complete your Azure POC. In the dropbox below, upload the URL linking to your application running in the Azure portal. You are ready for the last step: writing the final report with recommendations on the cloud providers for the BallotOnline executives. Step 9: Write the Final Report Evaluating AWS and Azure Providers Now that you have completed your research, shared your ideas with colleagues, and explored the two vendors, it is time to compile your findings and recommendations for the BallotOnline executives. You may find these considerations for cloud provider selection helpful in making your decisions. Use the Final Report Evaluating AWS and Azure Providers Template to write your report and submit your work to the dropbox below. Check Your Evaluation Criteria Before you submit your assignment, review the competencies below, which your instructor will use to evaluate your work. A good practice would be to use each competency as a self-check to confirm you have incorporated all of them. To view the complete grading rubric, click My Tools, select Assignments from the drop-down menu, and then click the project title. · 2.2: Locate and access sufficient information to investigate the issue or problem. · 2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem. · 2.4: Consider and analyze information in context to the issue or problem. · 2.5: Develop well-reasoned ideas, conclusions or decisions, checking them against relevant criteria and benchmarks. · 5.4: Articulate insights to leadership on the appropriate course of direction on the identified IT business needs. · 6.1: Articulate the systems architecture of the cloud - cloud infrastructure, cloud service, cloud platform, and cloud storage. · 6.6: Evaluate and select cloud providers (AWS, Azure, VMware, Google Cloud, IBM). · 6.8: Review, evaluate, and utilize emerging technologies related to cloud to support business needs.