Compute Services backup when necessary without

losing any data.

• Storage and Database Services
• Once the disk is attached to the
• Networking Services
VMs, we can change the size of the
• Security Services disk, making them more flexible.
This can be done without losing the
• Data Integration and Analytics data.
Services
• Persistent Disks are more secure.
Google Cloud Storage Options We can encrypt the data by using a
We can store our data on a remote server Google key or customer-managed
with Google Cloud Storage and access it keys and also restrict the access of
whenever needed. Google Cloud Platform the disk to specific users, groups, or
provides a number of cloud storage resources by using IAM roles.
choices, each with special features and Google Cloud Filestore (Network File
applications. The types are listed below: Storage)
1. Google Cloud Persistent Disk A controlled network file storage service
(Block Storage) offered by Google Cloud Platform is Google
2. Google Cloud Filestore (Network Cloud Filestore. It enables reliable
File Storage) performance and high availability for storing
and sharing files.
3. Google Cloud Storage (Object
Storage) • We can create files with the aid of
file storage that can be mounted
4. Google Cloud Storage for Firebase onto the necessary path and
5. Google Cloud Storage Transfer accessed from an instance
Service operating on the GCP or on-
premises.
Google Cloud Persistent Disks (Block
Storage) • File storage is available in two
types:
A type of block storage called Google Cloud
Persistent Disks offers dependable and 1. Standard tier: Provides a
quick storage for your virtual machine throughput of 800 MB/s per
instances on the Google Cloud Platform. share, resulting in minimal
latency and good
• We can back up our storage using performance.
persistent discs, which allow us to
attach discs of various sorts and 2. Premium tier: Throughput
sizes, such as SSDs or HDDs, to the of 1.2 GB/s per share,
necessary virtual machines. This enables SSD storage, and is
block storage will boost throughput particularly beneficial for
and decrease latency. applications that require
high IOPs and low latency.
• Because of its high durability and
support for snapshots, persistent • Automatic snapshots will be taken
discs enable us to take a disc in the file storage, and since our
storage is automatically backed up,
we can prevent data loss.
Google Cloud Storage (Object Storage) Benefits of Using Archival Storage

Object storage is scalable, durable, and 1. Low Cost: The data stored in
secure. Once we store our data in object Archival storage is not accessed
storage, it can be accessed from anywhere, that frequently, so the cost of the
meaning the object storage is region- storage is very low.
independent.
2. High Durability: The durability of
1. Object storage is very different from Archival storage is the same as
Block storage and File storage. In other storage options.
this, we store the data in the form of
3. Long Retention Period: Data stored
objects, making it more suited for
in Archival storage will be available
static data like videos, photos, etc.
for more than 8 years.
2. We can save our data in accordance
4. Lifecycle Management: With
with our needs; for example, if we
lifecycle management rules, data
frequently use it, we will keep it in
can be moved automatically to
Standard storage, while less
Archival storage.
frequently accessed data can be
kept in Coldline and Archive for • Note: Accessing data from Archival
long-term data access. storage is very slow compared to
other storage options. If the data is
3. Object storage offers us data
needed frequently, Archival storage
encryption, data replication, and
is not a suitable option.
lifecycle management, making it
more reliable. We can integrate the Types of Storage Classes
object storage with multiple GCP
services like Google Cloud Google Cloud Platform (GCP) offers
Functions, BigQuery, and AI different types of storage in storage classes
Platform, enabling you to build that can be used for different purposes
powerful applications. based on their performances. The following
are the storage classes available in GCP:
Google Cloud Storage Classes, Archival
Storage, and Lifecycle Management 1. Standard Storage:
Rules o Intended for data that needs
For various use cases, Google Cloud to be accessed frequently.
Storage offers a variety of storage classes, o Highly available and helps
including Archival Storage, which is made decrease latency.
for data that is rarely accessed but needs to
be kept for a long time. 2. Nearline Storage:

• Archival Storage: Mainly used for o Intended for data that must
storing data that is infrequently be highly available but not
accessed and can be retained for accessed as frequently as
long periods. Archival data can standard storage.
provide a cost-effective option for o Suitable for data that needs
storing data that is not accessed to be accessed within
frequently but must be preserved seconds or minutes.
for legal, regulatory, or business
reasons. 3. Coldline Storage:
 o Intended for data that is o Uses Compute Engine
accessed infrequently. persistent disks.

o Suitable for data that needs • FileStore:

to be accessed within hours.
o Ideal for workloads
• The storage classes mentioned including media rendering,
above have different pricing, analytics, and content
availability, and performance. management.
Based on our requirements and
o Although primarily an object
cost, we can choose the storage
storage service, Cloud
class that is required. We can also
Filestore can also be used to
use lifecycle management rules to
store files.
automatically transition data based
on our requirements. Cloud Storage

Cloud Storage is a fully managed, scalable

service with no need to provision capacity
Which Storage Should I Use?
ahead of time. Key features include:
Your use case’s particular requirements will
• Each object in Cloud Storage has a
determine which Google Cloud Platform
URL.
(GCP) storage option is best for you. The
following list of typical GCP storage options • Cloud Storage consists of buckets
and use cases includes: you create, configure, and use to
hold your storage objects
• Object Storage:
(immutable – no edit, create new
o Suitable for large amounts versions).
of data, such as pictures,
• Cloud Storage encrypts your data
movies, backups, and
on the server side before being
archives.
written to disk (by default = HTTPS).
o Accessed via a RESTful API,
• You can move objects of Cloud
making it simple to integrate
Storage to other GCP storage
with other programs and
services.
services.
• When you create a bucket:
• Block Storage:
o It is given a globally unique
o Suitable for storing data that
name.
requires low-latency
access, such as databases, o Specify a geographic
transactional workloads, location where the bucket
and high-performance and its contents are stored.
computing (HPC)
applications. o Set a default storage class.

Bucket Attributes
Bucket attributes Bucket contents

Globally unique name Files in a flat namespace

Storage class N/A

Location Region or multi-region

IAM policies or access Access Control Lists(ACLs)

control lists offer finer controls

Object versioning
N/A
setting

Object lifecycle
N/A
management rules

Parameters Multi-regional Regional Nearline Coldline

Intended for data Most frequently Accessed frequently Accessed less than Accessed less than
that is accessed within a region a month once a year

Availability SLA 99,95% 99.90% 99.00% 99.00%

Access APIs Consistent APIs

Access time Millisecond access

Storage price The price per GB per month increases from left to right

Retrieved price The total Price per GB per month transferred decreases from left to right

Content storage In-region analytics Long-tail content Archiving, disaster

Use cases
and delivery transcoding backups recovery
Cloud Storage Pricing • Object Lifecycle Management:
Define conditions that trigger data
Pricing for Cloud Storage services is based
deletion or transition to a cheaper
on usage, including the amount of data
storage class.
stored, the time period for which it is
stored, the number of operations • Object Versioning: Continue to
performed, and the network resources used store old copies of objects when
when moving or accessing data. they are deleted or overwritten.

• Standard Storage: Starting at $0.02 • Retention Policies: Define

per GB per month minimum retention periods that
objects must be stored for before
• Nearline Storage: Starting at $0.01
they’re deleted.
per GB per month
• The Object Holds: Place a hold on
• Coldline Storage: Starting at
an object to prevent its deletion.
$0.004 per GB per month
• Customer-Managed Encryption
• Archive Storage: Starting at
Keys: Encrypt object data with
$0.0012 per GB per month
encryption keys stored by the Cloud
Use Cases of Cloud Storage Key Management Service and
managed by you.
• Integrated Repository for
Analytics and ML: • Customer-Supplied Encryption
Keys: Encrypt object data with
o Cloud Storage is strongly encryption keys created and
consistent, providing managed by you.
accuracy in analytics
workloads. • Uniform Bucket-Level Access:
Uniformly control access to your
• Media Content Storage and Cloud Storage resources by
Delivery: disabling object ACLs.
o Provides the availability and • Requester Pays: Require access to
throughput needed to your data to include a project ID to
stream audio or video bill for network charges, operation
directly to applications and charges, and retrieval fees.
websites.
• Bucket Lock: Configure a data
• Backups and Archives: retention policy for a Cloud Storage
o Backup data in Cloud bucket that governs how long
Storage can be used for objects in the bucket must be
more than just recovery retained.
because all storage classes • Pub/Sub Notifications for Cloud
have ms latency and are Storage: Send notifications to
accessed through a single Pub/Sub when objects are created,
API. updated, or deleted.
Features of GCP • Cloud Audit Logs with Cloud
Storage: Maintain admin activity
 logs and data access logs for your compliance certifications managed
Cloud Storage resources. by the provider.

• Object- and Bucket-Level • Features of Cloud Storage: (As

Permissions: Cloud Identity and listed above)
Access Management (IAM) allows
Traditional Storage
you to control who has access to
your buckets and objects. • On-Premises Hardware: Relies on
physical storage devices located
Cloud Storage vs. Traditional Storage
within the organization’s premises.
Cloud Storage
• Initial Investment: Requires
• Remote Drives: Uses remote drives significant upfront capital
to store data at the cloud location expenditure for purchasing
utilized by the client. hardware and infrastructure.

• Network Utilization: Utilizes the • Scalability Limitations: Scaling

network to store data to an off-site storage capacity involves
server owned by the service purchasing and installing additional
provider. hardware, which can be time-
consuming and costly.
• Scalability: Offers virtually
unlimited storage capacity, allowing • Maintenance Responsibilities: The
users to scale up or down based on organization is responsible for
their needs without physical maintaining, updating, and repairing
hardware constraints. storage hardware, requiring
dedicated IT resources.
• Cost Efficiency: Operates on a pay-
as-you-go model, eliminating the • Accessibility Constraints: Data
need for large upfront investments access is typically limited to the
in hardware. organization’s local network,
potentially hindering remote access
• Maintenance: Managed by the
and collaboration.
service provider, reducing the
burden of hardware maintenance, • Disaster Recovery Challenges:
updates, and repairs on the user. Implementing robust disaster
recovery solutions can be complex
• Accessibility: Provides remote
and expensive, often requiring
access to data from anywhere with
additional infrastructure.
an internet connection, facilitating
collaboration and remote work. • Security Management: Security
measures must be managed
• Disaster Recovery: Enhances data
internally, including physical
resilience with built-in redundancy
security, data encryption, and
and geographic distribution,
access controls.
ensuring data availability in case of
localized failures. • Performance: Offers high-
performance storage options
• Security: Implements advanced
tailored to specific organizational
security measures, including data
needs but may lack the flexibility of
encryption, access controls, and
cloud solutions.
 • Lifecycle Management: Requires o Databases: Ideal for
manual management of data relational and NoSQL
lifecycle, including backups, databases that require fast
archiving, and data retention and reliable storage.
policies.
o Transactional Workloads:
Object Storage vs. Block Storage in Cloud Suitable for applications
that perform a large number
Block Storage
of read/write operations.
• Data Structure: As the name
o High-Performance
suggests, data is stored in the form
Computing (HPC): Supports
of blocks.
compute-intensive
• Fixed-Size Chunks: Stores data in applications that demand
fixed-size chunks called blocks, quick data access and
each with its own address but no processing.
metadata (additional information) to
o Virtual Machines: Provides
provide context for what the block
persistent storage for VM
of data is all about.
instances, ensuring data
• Common Usage: It is the most durability and availability.
commonly used storage type for
Object Storage
applications requiring high
performance and low latency, such • Data Structure: Stores data as
as databases and virtual machines. objects, each containing the data
itself, metadata, and a unique
• Performance: Offers high IOPS
identifier.
(Input/Output Operations Per
Second) and low latency, making it • Scalability: Highly scalable,
suitable for transactional workloads allowing for the storage of vast
and real-time applications. amounts of unstructured data
without the need for hierarchical file
• Flexibility: Allows for the
systems.
customization of storage
configurations, such as choosing • Metadata-Rich: Each object can
between SSDs for high performance have extensive metadata, enabling
or HDDs for cost-effective storage. better data management,
searchability, and organization.
• Integration: Easily integrates with
various cloud services and virtual • Accessibility: Accessed via RESTful
machines, providing seamless APIs, making it easy to integrate
storage solutions for compute with web-based applications and
instances. services.

• Data Management: Requires the • Cost Efficiency: Often more cost-

user to manage the file system, effective for storing large volumes of
including formatting, partitioning, data, especially for archival and
and maintaining the integrity of the backup purposes.
data.
• Durability and Availability:
• Use Cases: Provides high durability through
 data replication across multiple machine with its own
locations and regions, ensuring data operating system.
is protected against loss.
o Analogy: An apartment
• Performance: Optimized for high- building where residents
throughput and large-scale data have keys to their own
access rather than low-latency apartments but share
operations. infrastructure like water and
power.
• Data Management: Simplifies data
management with features like ▪ Provider (landlord)
automatic replication, lifecycle sets overarching
policies, and versioning. rules and
performance
• Use Cases:
expectations.
o Media Storage: Ideal for
▪ Individual customers
storing videos, images, and
have private access
audio files that require easy
to their data.
access and distribution.
• Multitenant Architecture:
o Backup and Archiving:
Suitable for long-term data o Refers to hardware or
retention with cost-effective software architecture where
storage options. systems, software
applications, or data
o Content Distribution:
belonging to multiple
Facilitates the delivery of
organizations or individuals
content to users through
are hosted on the same
integration with CDN
physical hardware.
(Content Delivery Networks)
and web applications. • Single-Tenant Architecture:

o Big Data Analytics: o Hardware and its resources

Supports the storage of are exclusively dedicated to
large datasets used in one tenant.
analytics, machine learning,
• Comparison of Attributes:
and data processing
applications. Multitenant Single-Tenant
MULTITENANT: Cloud Cloud

• Multitenant Environment: Serves multiple Serves one

tenants with one tenant with one
o Customers share the same instance instance
application, operating
environment, hardware, and Makes cost-
storage mechanism. Often costs more
effective use of
due to dedicated
shared
o Distinct from virtualization, resources
resources
where every application
runs on a separate virtual
 Multitenant Single-Tenant o Easy to onboard groups of
Cloud Cloud users regardless of size
(e.g., onboarding 10,000
Isolates tenant Isolates tenant users from one company or
data with tight data with private 10 users from 1,000
access controls infrastructure companies).

Offers efficient Meets specific o Multitenant clouds can

deployment and data privacy easily scale and reallocate
scalability requirements resources when and where
needed, avoiding outages or
Relies on the Relies on the slowdowns based on
vendor for operator for demand.
maintenance maintenance
• Cost Savings:
Examples of Multitenant Cloud
o Efficient usage and
Architecture
allocation of resources lead
• Most commercial public cloud to lower costs.
services are based on multitenant
o Tenants don’t pay for
clouds, including:
unused compute power or
o Email Services: storage.

▪ Gmail o Maintenance, upgrades, and

updates to the
▪ Outlook
infrastructure are managed
o Streaming Services: by the service provider.

▪ Netflix • Security:

▪ Amazon Prime Video o Although some industry and

government regulations
o CRM Software: prohibit shared
▪ Salesforce infrastructure, a cloud
provider with a worldwide
▪ Oracle NetSuite footprint can offer superior
Why Does Multitenant Cloud protection.
Architecture Matter? o Ability to implement new or
• Cloud service providers offer updated policies on a global
multitenant applications and scale across the entire
services to share cloud compute cloud.
resources, providing numerous What About Hybrid Security Solutions?
benefits for both providers and
customers. • Current Trends:

Benefits of a Multitenant Cloud o Organizations rely heavily on

cloud-based apps and
• Efficiency, Flexibility, and platforms like Microsoft
Scalability: Azure and Amazon Web
Services (AWS).
 o Many are shifting to secure • Definition of SASE:
their traffic in the cloud
o Gartner Definition: A
instead of relying solely on
solution that offers
on-premises data security.
“comprehensive WAN
• Vendor Response: capabilities with
comprehensive network
o On-premises hardware
security functions (such as
vendors promote hybrid
SWG, CASB, FWaaS, and
solutions where:
ZTNA) to support the
▪ Appliances handle dynamic secure access
data center security. needs of digital
enterprises.”
▪ Similar security
stacks in cloud o Characteristics:
environments
▪ Distributed and
handle mobile or
globally accessible.
branch security.
▪ Provides seamless
• Challenges:
and secure
o Hybrid strategy complicates connectivity.
enterprise security.
▪ Ensures high
o Does not offer the speed, bandwidth, low
scale, global visibility, or latency, and a great
threat intelligence benefits user experience
of a true cloud service. anywhere.

o These benefits are only The Multitenant Advantage

provided by a global
• Limitations of Single-Tenant SASE
multitenant architecture.
Solutions:
Multitenancy, Security, and Zscaler
o Some SASE solutions use a
• Modern Security Needs: dedicated instance per
customer, limiting
o Applications, sensitive data, scalability.
and traffic run or are stored
outside the traditional o Relies on single-tenant
perimeter. architecture using network-
based access policies,
o Users are often outside the which should be based on
perimeter, requiring user access.
consistent and secure
access to apps and services o Results in:
from any location and
▪ Suboptimal user
device.
experience due to
o This need led to the rise of backhauling traffic
Secure Access Service Edge from the cloud to the
(SASE). vendor and then to
 the desired o Instantly sends protection to
applications. all customers upon
detecting a new threat
▪ More complex
anywhere in the world.
policies that don’t
translate well to • Unified Security Platform:
SASE.
o Zscaler security controls are
▪ A patchwork of built into a unified platform.
products or services
o Controls communicate with
connected only
each other to provide a
through an overlay
cohesive picture of all
user interface,
network traffic.
lacking proper
integration. o Single interface provides
insight into every request by
• Advantages of Multitenant SASE
user, location, and device
Solutions:
globally within seconds.
o Built from the ground up to
be multitenant.

o Well-developed cloud
infrastructures distributed Google Cloud Platform (GCP)
across upwards of 100 data
centers worldwide. Overview

o Allows users to access any • Suite of Services:

of the SASE provider’s data o GCP is a suite of cloud
centers and stay secure. computing services offered
o Scales globally on demand by Google.
for fast-growing o Provides a series of modular
organizations. cloud services including
Zscaler and Multitenancy computing, data storage,
and data analytics.
• Scalability and Performance:
• Public Cloud Vendor:
o Leverages multitenancy to
scale. o Competes with Amazon
Web Services (AWS) and
o Easily scans every byte of Microsoft Azure.
data coming and going—on
all ports and protocols, • Access Models:
including SSL—without o Customers can access
negatively impacting computer resources housed
performance or user in Google’s data centers
experience. around the world.
o The Zscaler cloud is always o Available for free or on a
up to date. pay-per-use basis.
Google Cloud vs. Google Cloud Platform o Machine learning and
enterprise mapping
Google Cloud
services.
• Definition:
History of GCP
o Includes a combination of
• 2008:
services available over the
internet. o GCP first came online with
the launch of App Engine.
o Helps organizations go
digital. • App Engine:

• Components: o Announced as a developer

tool allowing customers to
o Google Workspace
run web applications on
(formerly G Suite and
Google infrastructure.
Google Apps): Provides
identity management, o Made available to 10,000
Gmail, and collaboration developers for feedback
tools. during the preview release.

o Enterprise Versions: o Early-adopter developers

Android and Chrome OS. could run apps with:

o APIs: For machine learning ▪ 500 MB of storage

and enterprise mapping
▪ 200 million
services.
megacycles of CPU
Google Cloud Platform (GCP) per day

• Definition: ▪ 10 GB of bandwidth
per day
o Provides public cloud
infrastructure for hosting • 2011:
web-based applications.
o Google pulled App Engine
o Part of Google Cloud. out of preview mode.

Google Cloud - Other Services o Made it an official, fully

supported Google product.
• Google Workspace:
• Current Standing:
o Formerly known as G Suite
and Google Apps. o GCP is one of the top public
cloud vendors in the world.
o Provides identity
management for o Notable customers include
organizations, Gmail, and Nintendo, eBay, UPS, The
collaboration tools. Home Depot, Etsy, PayPal,
20th Century Fox, and
• Enterprise Versions:
Twitter.
o Android and Chrome OS.
GCP Infrastructure, Design, and Zones
• APIs:
Global Infrastructure
 • 24 Locations Worldwide: • Machine Learning

o GCP resources are offered GCP Pros and Cons

across 24 global locations.
Strengths
• Regions and Availability Zones:
• Comprehensive Documentation:
o Region: A specific Extensive and detailed
geographical area. documentation for users.

o Availability Zones: Within a • Global Backbone Network:

region, zones are isolated
o Uses advanced software-
from single points of failure.
defined networking and
Resource Distribution edge-caching services.

• HTTP Global Load Balancer: o Delivers fast, consistent,

and scalable performance.
o Global in scope.
Weaknesses
o Can receive requests from
any Google edge locations • Fewer Services:
and regions.
o Offers far fewer services
• Regional Resources: compared to AWS and
Azure.
o Storage is distributed across
multiple zones within a • Opinionated Model:
region for redundancy.
o Has a specific model of how
• Zonal Resources: their cloud services should
be used, which may limit
o Compute instances are
flexibility for some users.
available only in one specific
zone within a specific GCP Computing Services
region.
Google Compute Engine
Deployment Considerations

• Location Selection:

o Must select locations based

on performance, reliability,
scalability, and security
needs of the organization.

GCP Services

Categories of Services

• Computing and Hosting

• Storage and Database • Description:

• Networking o Compute service offered by
• Big Data Google Cloud.
 o IaaS (Infrastructure As A o Green-field applications
Service) providing virtual requiring server-side
machines hosted on processing and logic.
Google’s infrastructure.
o Stateless applications.
When & Where to Use Compute Engine
o Rapidly developing CRUD-
heavy applications.

o Applications composed of a
few services.

o Deploying complex APIs.

• Use Cases: When Not to Use App Engine

o Need low-level access or • Limitations:

fine-grained control of the o Stateful applications
operating system, network, requiring lots of in-memory
and other operational states.
characteristics (e.g., custom
compiled kernel). o Applications built with large
or opinionated frameworks
o Applications with extremely or with slow start-up times.
consistent utilization.
o Systems requiring protocols
o 1:1 container to VM other than HTTP.
mapping.
Google Kubernetes Engine (GKE)
o Migrating existing systems.
• Description:
Google App Engine
o Managed Kubernetes
• Description: service for running
o PaaS (Platform As A Service) containerized applications.
for building scalable web o Based on Google’s internal
applications and IoT container software.
backends.
When & Where to Use GKE
o Automatically scales
applications based on • Use Cases:
traffic. o Providing developers
o Provides built-in services architectural flexibility.
and APIs, such as o Minimizing operational
Datastores, NoSQL, user costs.
authentication API, etc.
o Applications that can be
When & Where to Use App Engine easily containerized or are
• Use Cases: already containerized.

o Hybrid or multi-cloud
environments.
 o Systems leveraging stateful o Managed compute platform
and stateless services. for running stateless
containers.
o Strong CI/CD Pipelines.
o Containers can be invoked
When Not to Use GKE
via web requests or Pub/Sub
• Limitations: events.

o When managing the o Serverless, abstracts away

underlying infrastructure is infrastructure management.
burdensome for the team.
o Combines benefits of App
o Applications requiring very Engine with the power of
low-level access to GKE.
hardware (e.g., custom
o Can also run on your own
kernel, networking).
GKE cluster for runtime
Cloud Functions environment control.

• Description: When & Where to Use Cloud Run

o Lightweight compute • Use Cases:

solution for creating single-
o Stateless services that are
purpose, stand-alone
easily containerized.
functions.
o Event-driven applications
o Responds to cloud events
and systems.
without managing servers or
runtime environments. o Applications requiring
custom system and
o Highly elastic and has
language dependencies.
minimal operational
overhead due to being a When Not to Use Google Cloud Run
serverless platform.
• Limitations:
When & Where to Use Cloud Functions
o Highly stateful systems.
• Use Cases:
o Systems requiring protocols
o Dynamic, event-driven other than HTTP.
plumbing (connecting
o Compliance requirements
services or reacting to log
demanding strict controls
events).
over the low-level
o Event-driven applications environment and
and functions. infrastructure (might be
suitable with Knative GKE
o Deploying simple APIs.
mode).
o Quick data transformations
(ETL).

Google Cloud Run

• Description:
GOOGLE CLOUD PLATFORM: • Google Cloud Storage for Firebase

• Google Cloud Storage Transfer

Service

Google Cloud Persistent Disks (Block

Ways of Accessing GCP Storage)
• Google Cloud Console: • Description:
o Web-based interface for o Offers dependable and
managing GCP resources. quick storage for virtual
• Cloud SDK via Cloud Shell: machine instances on GCP.

o Command-line tool for • Features:

managing resources through o Backup: Attach discs of
Cloud Shell. various sorts and sizes (e.g.,
IAM: SSDs or HDDs) to necessary
virtual machines.

o Performance: Boosts
throughput and decreases
latency.

o Durability: Supports
snapshots, enabling disc
backups without data loss.

o Flexibility: Change disk size

without losing data.

o Security:

▪ Encrypt data using

Google keys or
customer-managed
keys.

▪ Restrict disk access

to specific users,
groups, or resources
Storage in Google Cloud Platform using IAM roles.

Storage Options Google Cloud Filestore (Network File

Storage)
• Google Cloud Persistent Disk
(Block Storage) • Description:

• Google Cloud Filestore (Network o Enables reliable

File Storage) performance and high
availability for storing and
• Google Cloud Storage (Object sharing files.
Storage)
• Features:
 o File Creation: Mount files Types of Storage Class
onto necessary paths and
• Google Cloud Platform (GCP)
access from GCP or on-
offers different storage classes
premises instances.
for various purposes based on
o Storage Tiers: performance needs:

▪ Standard Tier: 1. Standard Storage

Throughput of 800
▪ Use Case:
MB/s per share,
Frequently accessed
minimal latency,
data for general
good performance.
purposes.
▪ Premium Tier:
▪ Features: Highly
Throughput of 1.2
available, low
GB/s per share,
latency.
enables SSD
storage, beneficial 2. Nearline Storage
for high IOPs and low
latency applications. ▪ Use Case: Data
must be highly
o Snapshots: Automatic available but not
snapshots to prevent data accessed as
loss. frequently as
Standard Storage.
Google Cloud Storage (Object Storage)
▪ Features: Access
• Description:
within seconds or
o Scalable, durable, and minutes.
secure.
3. Coldline Storage
o Region-independent;
▪ Use Case: Data
accessible from anywhere.
accessed
o Suited for static data like infrequently.
videos and photos.
▪ Features: Access
• Features: within hours.

o Data Management: Save 4. Archival Storage

data based on access
▪ Use Case: Data in
frequency (Standard,
infrequent access
Coldline, Archive).
that needs long-term
o Reliability: Data encryption, retention.
replication, and lifecycle
▪ Features: Cost-
management.
effective for legal,
o Integration: Integrates with regulatory, or
GCP services like Cloud business
Functions, BigQuery, and AI preservation needs.
Platform.
Benefits of Using Archival Storage
 1. Low Cost: • Integrated Repository for
Analytics and ML:
o Infrequently accessed data
results in lower storage o Strong consistency ensures
costs. accuracy in analytics
workloads.
2. High Durability:
• Media Content Storage and
o Durability is comparable to
Delivery:
other storage options.
o Provides availability and
3. Long Retention Period:
throughput needed to
o Data can be stored for over 8 stream audio or video
years. directly to applications and
websites.
4. Lifecycle Management:
• Backups and Archives:
o Automatically move data to
Archival Storage using o Backup data can be used
lifecycle management rules. beyond recovery.

Cloud Storage o All storage classes have

millisecond latency and are
• Description: accessed through a single
o Fully managed, scalable API.
service with no need to Features of GCP Storage
provision capacity ahead of
time. • Object Lifecycle Management:

o Each object has a URL. o Define conditions to trigger

data deletion or transition to
o Consists of buckets that a cheaper storage class.
hold storage objects
(immutable – no edit, create • Object Versioning:
new versions).
o Continue to store old copies
o Encrypts data on the server of objects when deleted or
side before writing to disk overwritten.
(default = HTTPS).
• Retention Policies:
o Objects can be moved to
o Define minimum retention
other GCP storage services.
periods before objects can
• Bucket Creation: be deleted.

o Globally Unique Name • The Object Holds:

o Geographic Location: o Place a hold on an object to

Specify where the bucket prevent deletion.
and its contents are stored.
• Encryption Options:
o Default Storage Class
o Customer-Managed
Use Cases of Cloud Storage Encryption Keys: Encrypt
 object data with keys stored o High performance.
by the Cloud Key
o Internet-scale.
Management Service and
managed by you. o Data encryption at rest.
o Customer-Supplied o Data encryption in transit by
Encryption Keys: Encrypt default from Google to
object data with keys endpoint.
created and managed by
you. o Online and offline import
services available.
• Uniform Bucket-Level Access:
GCP Networking
o Control access uniformly by
disabling object ACLs. INTERACTING WITH GCP:

• Requester Pays:

o Require access to include a

project ID for billing network
charges, operation charges,
and retrieval fees.

• Bucket Lock:

o Configure a data retention

policy governing how long
objects must be retained.

• Pub/Sub Notifications for Cloud Google Cloud Networking Services or

Storage: Technologies
o Send notifications to • Connect
Pub/Sub when objects are
created, updated, or • Cloud Connectivity
deleted. • Virtual Private Cloud (VPC)
• Cloud Audit Logs with Cloud • Cloud DNS
Storage:
• Network Connectivity Center
o Maintain admin activity logs
and data access logs for • Private Service Connect
Cloud Storage resources. • Service Directory
• Object- and Bucket-Level Scale
Permissions:
• Cloud Load Balancing
o Cloud Identity and Access
Management (IAM) allows • Cloud CDN
control over who has access
• Media CDN
to buckets and objects.
• Cloud Service Mesh
• Additional Storage Features:
Secure
 • Cloud Armor distributing load-balanced
compute resources across
• Cloud IDS
single or multiple regions,
• Cloud NAT close to end-users.

• VPC Service Controls o Enables auto-scaling based

on incoming internet traffic.
Optimize
• Features:
• Network Intelligence Center
o Scalability: Quickly scale
• Network Service Tiers applications on Compute
Virtual Private Cloud (VPC) Engine without pre-warming.

• Description: o Distribution: Distribute

compute resources near
o Provides a private network in users while meeting high-
the cloud. availability requirements.
o Manage IP address range, o Integration: Integrates with
subnets, firewalls, and other Cloud CDN.
networking elements.
o Anycast IP: Can put
• Features: resources behind a single
o Secure and Isolated anycast IP.
Environment: Ensures GCP o Intelligent Autoscaling:
resources are isolated. Scale up or down based on
o Access Management: traffic.
Configure IP addresses Content Delivery Network (CDN)
allowed to access
resources. • Description:

• Importance: o Integrated with GCP

services.
o Isolate GCP resources from
one another. o Uses Google’s globally
distributed edge points to
o Control access by managing cache HTTP(S) Load
incoming and outgoing Balanced content close to
traffic. users.
o Easily scale applications. • Benefits:
Cloud Load Balancing o Accelerated Content
• Description: Delivery: For websites and
applications served from
o Fully distributed, software- Compute Engine using
defined, managed service Google’s edge caches.
for all traffic.
o Performance Optimization:
o Provides high performance Lowers network latency,
and availability by
 offloads origin traffic, and o Protects applications and
reduces serving costs. websites against denial of
service and web attacks.
• Setup:
Network Telemetry
o Enable Cloud CDN with a
single checkbox after setting • Description:
up HTTP(S) load balancing.
o Offers detailed visibility into
Cloud Interconnect your network.

• Description: o Helps monitor and

troubleshoot with tools like
o Connects on-premises
VPC Flow Logs, Firewall
networks to Google’s
Rules Logging, and Cloud
network through a highly
Logging and Monitoring.
available, low-latency
connection. Cloud DNS

• Types: • Description:

o Dedicated Interconnect: o Scalable, reliable, and

For high-volume data managed authoritative
connections. Domain Name System
(DNS) service.
o Partner Interconnect: For
connections through a o Runs on the same
supported service provider. infrastructure as Google.

Cloud VPN o Publishes domain names to

the global DNS cost-
• Description:
effectively.
o Connects on-premises
Network Service Tiers
networks to Google Cloud
VPC networks through an • Description:
IPsec VPN connection.
o Offers Standard and
o Encryption: Traffic is Premium network service
encrypted by one VPN tiers.
gateway and decrypted by
o Provides performance
the other.
versus cost options to
Other Networking Services optimize specific needs.

Cloud Armor Private Access for Google Services

• Description: • Description:

o Provides DDoS defense and o Allows instances with

web application firewall internal IP addresses to
(WAF) capabilities. reach Google APIs and
services without using
external IP addresses.
Cloud AI Services ▪ Universal speech
models.
Overview
• Vertex AI Agent Builder
• AI as a Service (AIaaS):
o Description:
o Cloud-based platforms and
solutions offering AI ▪ Create generative AI
capabilities and resources. agents and
applications
o Makes AI tools and
grounded in
technologies more
organizational data.
accessible, scalable, and
cost-effective. ▪ No-code agent
building console
Examples
with powerful
• Gemini 1.5 Models: grounding,
orchestration, and
o Latest and most advanced customization
multimodal models in capabilities.
Vertex AI.
o Use Cases:
• Generative AI: Vertex AI Studio
▪ Building multimodal
o Description: conversational AI
▪ A tool for rapidly agents.
prototyping and ▪ Creating Google-
testing generative AI quality search
models. experiences on your
▪ Test sample own data.
prompts, design ▪ Enjoying powerful
prompts, and orchestration,
customize grounding, and
foundation models customization tools.
and LLMs for
specific tasks. • Generative AI Document
Summarization
o Features:
o Description:
▪ Prompt design and
tuning with an easy- ▪ One-click solution
to-use interface. establishing a
pipeline to extract
▪ Code completion text from PDFs,
and generation with create summaries
Codey. with Vertex AI
▪ Generating and Generative AI Studio,
customizing images and store
with Imagen. summaries in a
BigQuery database.
o Features:

▪ Process and
summarize large
documents using
Vertex AI LLMs.

▪ Deploy applications
orchestrating the
documentation
summarization
process.

▪ Trigger pipelines with

PDF uploads and
view generated
summaries.

Multitenant

Definition

• Multitenant Hosting:

o Also called shared hosting.

o A single physical computer

or virtual machine (VM) is
shared among multiple
users or client
organizations.

• Cloud Service Providers:

o Typically offer multitenant

hosting solutions as a lower-
cost alternative to single-
tenant or dedicated hosting
solutions.

• Multitenant Cloud:

o Single cloud instance and

infrastructure built to enable
multiple cloud customers
 (tenants) to efficiently share o Individual customers have
scalable computing private access to their data.
resources in a public or
private cloud.

o Each cloud customer’s data

is kept separate.

o Tenants are generally

unaware of each other’s
presence.
Benefits of Multitenant Cloud
o Essential to most software-
as-a-service (SaaS) 1. Efficiency, Flexibility, and
offerings. Scalability:

How Multitenancy Works o Easy onboarding of large or

numerous user groups.
• Shared Resources:
o No difference between
o Customers share the same
onboarding 10,000 users
application, operating
from one company or 10
environment, hardware, and
users from 1,000
storage mechanism.
companies.
• Distinct from Virtualization:
o Can easily scale and
o Unlike virtualization where reallocate resources to
each application runs on a prevent outages or
separate VM with its own slowdowns.
operating system.
2. Cost Savings:
• Analogy:
o Efficient usage and
o Similar to an apartment allocation of resources lead
building: to lower costs.

▪ Residents have keys o Tenants don’t pay for

to their own compute power or storage
separate they may not use.
apartments.
o Maintenance, upgrades, and
▪ All share infrastructure updates are
infrastructure that handled by the service
delivers water and provider.
power.
3. Security:
• Provider Responsibilities:
o Cloud providers with a
o Sets overarching rules and worldwide footprint offer
performance expectations superior protection.
for customers (tenants).
o Ability to implement new or
• Tenant Access: updated security policies
 globally across the entire
cloud.

Multitenant Cloud in SaaS

• Essential Architecture:

o Most SaaS offerings rely on

multitenant architecture to
deliver services efficiently.

o Ensures data isolation and

security while optimizing
resource usage.
 scale and amount of
required equipment also
increase exponentially.

o Distributed equipment
across several branches and
locations is hard to
maintain.

o Benefits:

▪ Backup Power
Supplies: Manage
power outages.
Cloud Management and Security
▪ Data Replication:
Data Center
Across several
• Definition: machines for
disaster recovery.
o A physical location that
stores computing machines ▪ Temperature-
and their related hardware Controlled
equipment. Facilities: Extend
the life of the
o Contains the computing
equipment.
infrastructure required by IT
systems, such as servers, ▪ Security Measures:
data storage drives, and Easier
network equipment. implementation for
compliance with
o A centralized facility
data laws.
equipped with computing
resources like servers, Why Modern Data Centers Evolve
storage systems, networking
• The amount of data generated and
equipment, and cooling
stored by companies has increased
infrastructure used for
exponentially.
delivering cloud services
over the Internet. • Virtualization Technology:
Separates software from the
• Importance:
underlying hardware.
o Every business needs
• Networking Innovations: Made it
computing equipment to run
possible to run applications on
web applications, offer
remote hardware.
services to customers, sell
products, or run internal What Is Inside a Data Center?
applications for accounts,
1. Compute
human resources, and
operations management. o Computing Infrastructure:
o As the business grows and IT ▪ Includes various
operations increase, the types of servers with
 different internal facilitates
memory, processing additional
power, and other components.
specifications.
▪ Advantages:
▪ Rack Servers:
▪ Take
▪ Flat, up
rectangular less
design. spac
e
▪ Can be
than
stacked in
rack
racks or
serve
shelves in a
rs.
server
cabinet. ▪ Offer
highe
▪ Cabinets
r
feature mesh
proce
doors, sliding
ssing
shelves, and
spee
space for
d.
cables and
fans. ▪ Mini
mal
▪ Blade Servers:
wirin
▪ Modular and g.
stackable in
▪ Lowe
a smaller
r
area.
powe
▪ Physically r
thin, typically cons
containing umpti
memory, on.
CPUs,
2. Storage
integrated
network o Storage Infrastructure:
controllers,
▪ Block Storage
and some
Devices:
built-in
storage ▪ Include hard
drives. drives and
solid-state
▪ Slide into a
drives.
storage unit
called a ▪ Store data in
chassis, blocks,
which providing
 many ▪ Consists of
terabytes of numerous
data networking devices
capacity. such as cables,
switches, routers,
▪ Storage
and firewalls.
Area
Networks ▪ Connect data center
(SANs): components to each
other and to end-
▪ Cont
user locations.
ain
sever ▪ Ensure flawless data
al movement and
intern connectivity across
al the system.
drive
Support Infrastructure
s.
• Components:
▪ Act
as o Power subsystems.
large
block o Uninterruptible power
stora supplies (UPS).
ge o Backup generators.
syste
ms. o Ventilation and cooling
equipment.
▪ File Storage
Devices: o Fire suppression systems.

▪ Include o Building security systems.

network- Standards in Data Center Design
attached
storage • As data centers grew in size and
(NAS). complexity, and began storing
sensitive and critical information,
▪ Can store a regulations were imposed.
large volume
of files. • Telecommunications Industry
Association (TIA) Standards:
▪ Suitable for
creating o Architecture and Topology
image and
o Environmental Design
video
archives. o Power and Cooling
Systems and Distribution
3. Network
o Cabling Systems,
o Network Infrastructure:
Pathways, and
Redundancy
 o Safety and Physical Tier 3
Security
• Description: Provides greater data
Tier Classifications redundancy, allowing maintenance
or replacement of equipment
Tier 1
without system shutdown.
• Description: Basic capacity level to
• Requirements:
support IT systems for an office
setting and beyond. o Redundancy on support
systems like power and
• Requirements:
cooling units.
o Uninterruptible power
• Downtime Expectation: Annual
supply (UPS) for power
downtime of 1.6 hours.
outages and spikes.
Tier 4
o Physical area for IT systems.
• Description: Contains several
o Dedicated cooling
physically isolated systems to avoid
equipment running 24/7.
disruption from both planned and
o Backup power generator. unplanned events.

• Protection: Against service • Requirements:

disruptions from human error but
o Completely fault-tolerant
not against unexpected failures or
with fully redundant
outages.
systems.
• Downtime Expectation: Annual
• Downtime Expectation: Annual
downtime of 29 hours.
downtime of only 26 minutes.
Tier 2

• Description: Provides additional

cooling components for better
maintenance and safety against
disruptions.

• Requirements:

o Engine generators.

o Chillers.

o Cooling units.

o Pumps.

• Protection: Can remove

components without shutting down,
but unexpected failures can affect
the system.

• Downtime Expectation: Annual

downtime of 22 hours.
 o Fixed monthly costs to
house hardware.

o Geographical distribution to
minimize latency and be
closer to end-users.

• Limitations:
Types of Data Centers o Challenging to source
On-Premises Data Centers facilities globally and in
targeted areas.
• Definition: Fully owned by the
company, storing sensitive data and o Costs can add up as you
critical applications. expand.

• Management: Set up, manage Cloud Data Centers

ongoing operations, purchase, and • Definition: Rent both space and
maintain equipment internally. infrastructure from cloud providers.
• Benefits: • Management: Cloud providers
o Better security through maintain large data centers with full
internal risk management. security and compliance.

o Customizable to meet • Benefits:

specific requirements. o Reduces hardware
• Limitations: investment and ongoing
maintenance costs.
o Costly to set up and
manage. o Greater flexibility in usage
options, resource sharing,
o Requires multiple data availability, and
centers to avoid single redundancy.
points of failure.
How AWS Manages Its Data Centers
Colocation Data Centers
• Regions and Availability Zones
• Definition: Large facilities where (AZs):
companies can rent space to store
their servers, racks, and other o Region: Physical locations
hardware. around the world where
AWS clusters data centers.
• Features:
o Availability Zone (AZ):
o Provides security and Groups of logical data
support infrastructure like centers within a region,
cooling and network isolated from each other in
bandwidth. terms of location, power,
and water supply.
• Benefits:
• Advantages of Multiple AZs:
o Reduces ongoing
maintenance costs.
 o Reliability: High availability o Routine machine
and fault tolerance. maintenance and
diagnostics.
o Scalability: Enhanced
scalability and lowest o Water, power,
possible latency. telecommunications, and
internet connectivity
o Isolation: Protection against
backups.
localized issues like power
outages, natural disasters. Data Layer

• Interconnection: • Data Protection:

o AZs are interconnected with o Threat and electronic

high-bandwidth, low-latency intrusion detection systems.
networking over fully
o Electronic control devices at
redundant, dedicated metro
server room access points.
fiber.
o External auditing of more
o Traffic Encryption: Traffic
than 2,600 requirements
between AZs is encrypted.
throughout the year.
o Network Performance:
Environmental Layer
Sufficient for synchronous
replication between AZs. • Environmental Controls:
AWS Data Centers - Security Layers o Sensors and responsive
equipment to detect
Perimeter Layer
flooding, fire, and other
• Security Measures: natural disasters.

o Security guards. o Operations process guide to

avoid and lessen disruptions
o Fencing.
due to natural disasters.
o Security feeds.
o 100% renewable energy and
o Intrusion detection environmental economies of
technology. scale.

o Entry control and • CLOUD AUTOMATION: Cloud

monitoring. Automation

Infrastructure Layer

• Protection Measures: Cloud Automation

o World-class cooling • Processes and Tools:

systems and fire
o Draw from resource pools to
suppression equipment.
define common
o Backup power equipment. configuration items:

▪ VMs

▪ Containers
 ▪ Storage LUNs workload and its
performance.
▪ Virtual private
networks o Alerts trigger automatic
scaling tasks, such as:
o Load application
components and services: ▪ Adding more
containers to a load-
▪ Load balancers
balanced cluster to
o Create instances using: improve
performance
▪ Templates
▪ Removing excess
▪ Cloned VMs container instances
▪ Containers to pare down
resource usage
o Assemble items to
construct a more complete
operational environment for Examples of Automation Services from
workload deployment. Public Cloud Providers
• Example: • AWS:
o A cloud automation o AWS Config
template could:
o AWS CloudFormation
▪ Create a certain
number of o AWS Elastic Compute Cloud
containers for a Systems Manager
microservices
• Google Cloud:
application
o Google Cloud Composer
▪ Load the software
components into the o Google Cloud Deployment
container clusters Manager

▪ Connect storage and • IBM Cloud:

a database
o IBM Cloud Orchestrator
▪ Configure a virtual
• Microsoft Azure:
network
o Microsoft Azure Resource
▪ Create load
Manager
balancers for the
clusters o Microsoft Azure Automation
▪ Open the workload
to users
Automation in Multi-Cloud Management
• Workload Management: Vendors
o Configure an application • Vendors Incorporating
performance management Automation Capabilities:
tool to monitor the deployed
 o CloudBolt Software ▪ Monitoring
performance
o CloudSphere

o Flexera
Why is Cloud Automation Important?
o Morpheus Data
• Reduce Errors:
o Snow Software Inc.
o Enables the creation of
o VMware
predictable and dependable
o Zscaler processes

o Helps reduce the human

error that inevitably
Cloud Automation accompanies manual cloud
• Definition: management

o Implementation of tools and • Boost Security:

processes that reduce or o Monitor and log activity
eliminate the manual work across the entire IT
associated with environment
provisioning, configuring,
and managing cloud o Configure security controls
environments. that scan for vulnerabilities
and anomalies
• Capabilities:
o Define access levels to
o Runs on top of virtual applications, data, and
environments more
o Can be leveraged in: • Centralize Governance:
▪ Public clouds o Unified automation platform
▪ Private clouds allows organizations to
standardize governance
▪ Hybrid environments across data centers, even in
▪ Multicloud hybrid clouds
environments o Improves business
o Standardizes processes and continuity
policies across complex IT o Optimizes resource and
environments, including: infrastructure usage
▪ Provisioning o Maximizes performance
resources for
workload o Enhances compliance and
deployments and security
updates • Increase Innovation:
▪ Setting up virtual o Frees IT operations teams
machines (VMs) from mundane manual work
 o Allows focus on valuable, o Utilizes orchestration and
higher-level innovations that automation tools that run on
propel the business virtualized environments

Why Use Cloud Automation? Challenges of Cloud Automation

• Traditional Deployment and • Internet Connectivity:

Operation Challenges:
o Public cloud services rely on
o Time-consuming and wide area networks
manual processes
o Reliability of connection is a
o Involves repetitive tasks major concern
such as:
• Security Options:
▪ Sizing, provisioning,
o Often limited, especially in
and configuring
highly regulated industries
resources like VMs
o Difficulties with
▪ Establishing VM
customization and control
clusters and load
flexibility
balancing
• Limited Access to Back-End Data:
▪ Creating storage
logical unit numbers o Maintenance burdensome
(LUNs) when complex issues arise
▪ Invoking virtual • Platform Lock-In:
networks
o Broad buy-in across the
▪ Actual cloud enterprise can make future
deployment migrations difficult
▪ Monitoring and o The bigger the commitment,
managing availability the tougher any future
and performance migration to a different
platform will be
o Inefficiency and error-
proneness leading to:

▪ Troubleshooting Common Cloud Automation Tasks

delays

▪ Security
vulnerabilities

• Benefits of Cloud Automation:

o Eliminates repetitive and

manual processes for
deploying and managing
workloads
 o Chef Automate

o HashiCorp Terraform

o Puppet Enterprise

o Red Hat Ansible

o Salt Open Source Software

o SaltStack Enterprise

Workload Management and Autoscaling

• Capabilities:

o Track cloud resources in use

o Automatically scale
Establishing Infrastructure as Code (IaC) resources up or down based
• Definition: on workload demand

o Provisioning and managing o Automate resource

IT infrastructure allocation and load
automatically using code balancing
and templates instead of Hybrid Cloud Setup and Integration
manual hardware
configuration • Benefits:

• Benefits: o Comprehensive view of

resources
o Automatic provisioning and
management of IT resources o Sync assets between local
at scale—a necessity for data centers and cloud
successful DevOps infrastructure

o Streamlines the code o Apply the same code to on-

development and site systems and cloud
deployment process resources

o Supports configuration o Set standardized policies for

management and prevents workload allocation across
configuration drift through hybrid environments
the provisioning of
o Codify resources and use a
consistent environments single API across multiple
• Tools: clouds

o Terraform Application Development and

Deployment
o Ansible®
• Requirements:
o Kubernetes (for container
orchestration) o Automate the application
deployment pipeline
• Configuration Management Tools:
 o Provision realistic o Removes human
development and test involvement to increase
environments efficiency

o Use infrastructure as code • Cloud Orchestration:

for consistent environments
o Organizes and sequences
Data Backups automated tasks and
processes across the entire
• Advantages:
infrastructure
o Automated backups save IT
o Unites multiple locations
team’s time
and systems to create fully
o Remove decision-making automated end-to-end
delays workflows

o Reduce costly failures and o Three main aspects:

data loss with regular
▪ Resource
automation
orchestration
Eliminating Cloud Waste
▪ Workload
• Strategies: orchestration

o Use automation tools to ▪ Service

match resources with orchestration
workload demand in real
• Analogy:
time
o Automation is the building
o Eliminate overprovisioning
blocks or foundation
o Utilize pricing discounts like
o Orchestration brings all
reserved instances
parts together into an
Version Control integrated, functioning
whole
• Benefits:
• Example:
o Set up version control for
workflows o Data Backup and
Recovery:
o Improve configuration
management ▪ Orchestration:

o Demonstrate consistent ▪ Plan a

processes to regulators sequence of
tasks based
on logical
Difference Between Cloud Automation events (e.g.,
and Cloud Orchestration time of day,
error codes)
• Cloud Automation:
▪ Manage the
o Streamlines individual tasks entire
and lower-level processes
 process from o Typically hosted on-
start to finish premises in the customer's
data center
▪ Automation:
o Can also be hosted on an
▪ Automate
independent cloud
individual
provider’s infrastructure or
tasks such
built on rented
as data
infrastructure housed in an
backup and
offsite data center
success
notifications • Management Models:

▪ Trigger o Customer can manage

additional everything itself
orchestratio
o Outsource partial or full
n processes
management to a service
for error
provider
handling and
corrective How Private Cloud Works
actions
Virtualization
Private Cloud
• Enables IT resources to be
• Also Known As: Internal cloud or abstracted from their underlying
corporate cloud physical hardware and pooled into
unbounded resource pools of
• Exclusivity: All hardware and
computing, storage, memory, and
software resources are dedicated
networking capacity that can then
exclusively to, and accessible only
be portioned among multiple virtual
by, a single customer
machines, containers, or other
• Features: virtualized IT infrastructure
elements.
o Elasticity, scalability, and
ease of service delivery • Benefits:

o Access control, security, o Maximizes utilization of

and resource customization hardware
of on-premises
o Allows hardware to be
infrastructure
shared efficiently across
• Regulatory Compliance: Private multiple users and
cloud is an easier way (or the only applications
way) to meet regulatory compliance
o Makes possible the
requirements
scalability, agility, and
• Single-Tenant Environment: All elasticity of the cloud
resources are accessible to one
Management Software
customer only—referred to as
isolated access • Gives administrators centralized
control over the infrastructure and
• Hosting Options:
applications running on it
 • Benefits: compliance offered by the
cloud service provider
o Optimizes security,
availability, and resource Private Cloud Architecture
utilization in the private
Virtual Private Cloud (VPC)
cloud environment
• Definition: A virtual private cloud is
Automation
a walled-off environment within a
• Speeds tasks—such as server public cloud that allows a company
provisioning and integrations—that to operate its workloads in isolation
would otherwise need to be from other users.
performed manually and repeatedly
• Features:
• Advantages:
o Ensures that a user's
o Reduces the need for computer resources are
human intervention, making private, even if the server is
self-service resource shared by other businesses
delivery possible
o Can be used to facilitate
o Full control over hardware hybrid cloud deployment
and software choices.
Hosted Private Cloud
Private cloud customers are
free to purchase the • Definition: The servers in a hosted
hardware and software they private cloud environment are not
prefer, versus the hardware shared with other businesses.
and software the cloud
provider offers • Service Provider Responsibilities:

o Freedom to customize o Configures the network

hardware and software in o Maintains the hardware
any way. Private cloud
customers can customize o Upgrades the software
servers in any way they want • Usage: The server is only used by
and can customize software one company
as needed with add-ons or
through custom Managed Private Cloud
development
• Definition: A hosted environment in
o Greater visibility into which the provider maintains every
security and access control, part of the cloud for the enterprise,
because all workloads run including the deployment of
behind the customers’ own additional services like identity
firewall management and storage.

o Fully enforced compliance • Ideal For: Companies that don't

with regulatory standards. have the resources to run private
Private cloud customers cloud systems on their own
aren’t forced to rely on the
Benefits of Private Cloud
industry and regulatory
 • Elasticity, Scalability, and Ease of cause delays if certain
Service Delivery resources are not available

• Regulatory Compliance • Capacity Management

o Easier way (or the only way) o Organizations are

to meet regulatory responsible for capacity
compliance requirements management in a private
cloud environment to assure
• Enhanced Security
the desired resource
o All workloads run behind the consumption
customers’ own firewall
o Impact: Adds to the
• Customization and Control workload for the internal
cloud operations staff
o Full control over hardware
and software choices o Solution: Continuous
private cloud monitoring and
o Freedom to customize proactive capacity
servers and software with management with a proper
add-ons or through custom observability stack
development
• Possibilities of Human Errors
• Greater Visibility into Security and
Access Control o Manual provisioning
increases the risk of
• Fully Enforced Compliance with misconfigurations and
Regulatory Standards service disruptions
Challenges of Private Cloud • Continuous Monitoring Difficulty
• High Capital Expenditures o Requires dedicated efforts,
o Private clouds are not as and lapses may lead to
appealing as public clouds overlooked issues or
on day one due to high inefficient resource
hardware and software allocation
costs • Security Concerns
o Solution: Design private o Ensuring robust security
clouds to be cost-effective. protocols is a persistent
Begin small and grow as challenge
your needs change.
• Skills and Knowledge Gaps
• On-Demand Scalability
o Ongoing training and skill
o Can dynamically scale-out development are necessary
as long as additional due to the dynamic nature of
resources in the data center cloud technologies
are available
• Cost Management Complexity
o Limitation: Lengthy
procurement process may o Managing costs in the cloud
environment, especially with
 fluctuating usage patterns, o Minimizes downtime during
is complex disasters or system failures

• Lack of Automation o Enables seamless failover

and quick recovery
o Limited implementation of
automated provisioning o Reduces financial losses
processes hinders efficiency associated with IT downtime

• Billing Management • Increased Cost Savings

o Managing and reconciling o Reduces hardware costs

billing for various through shared resources in
provisioned services, the cloud
especially in multi-cloud or
o Eliminates hardware
hybrid environments, is
maintenance and server
administratively challenging
upgrade expenses
Virtual Machine (VM) Migration
• Enhanced Performance and
Definition Resource Optimization

• Moving a virtual machine (VM) from o Distributes workloads more

one physical server to another or evenly, ensuring optimal
from an on-premises data center to utilization of resources
the cloud
Types of Migration
• Known as VM migration, it involves
1. Cold Migration
transferring VMs between different
resources such as physical hosts or o Occurs When: The VM is
data stores shut down
Benefits o Process: A powered-down
VM is moved to a separate
• Optimizes IT Infrastructure
host or data store.
o Enhances resource Applications and OS are
utilization and scalability by terminated on Virtual
allowing multiple operating Machines before moving
systems and applications to them to physical devices.
run on a single physical
2. Live Migration (Hot Migration)
server
o Occurs When: The VM is
• Improved Scalability and
running
Flexibility
o Process:
o Enables dynamic allocation
of resources based on ▪ A powered-on VM is
demand without the need moved from one
for time-consuming physical host to
hardware changes another
• Enhanced Disaster Recovery and ▪ The source host
Business Continuity state is cloned to the
 destination host and 1. Change Compute Resource Only
then discarded
o Description: Moving a
▪ The complete state virtual machine, but not its
is shifted to the storage, to another compute
destination host resource (e.g., host, cluster,
resource pool, or vApp)
▪ Network is moved to
the destination o Methods: Cold or hot
Virtual Machine migration

Migration Stages o Tools: If changing the

compute resource of a
1. Stage-0: Pre-Migration
powered-on virtual
o Having a functional Virtual machine, use vSphere
Machine on the primary host vMotion

2. Stage-1: Reservation 2. Change Storage Only

o Initializing container on the o Description: Moving a

destination host virtual machine and its
storage (including virtual
3. Stage-2: Iterative Pre-Copy disks, configuration files, or
o Shadow paging is enabled a combination) to a new
and all dirty pages are datastore on the same host
cloned in successive rounds o Methods: Cold or hot
4. Stage-3: Stop and Copy migration

o The first host’s Virtual o Tools: If moving a powered-

Machine is suspended and on virtual machine and its
all remaining Virtual storage to a new datastore,
Machine state are use Storage vMotion
synchronized on the second 3. Change Both Compute Resource
host and Storage
5. Stage-4: Commitment o Description: Moving a
o Minimization of Virtual virtual machine to another
Machine state on the first host while simultaneously
host moving its disk or virtual
machine folder to another
6. Stage-5: Activation datastore
o The second host’s Virtual o Methods: Cold or hot
Machine starts and migration
establishes connection to
all local computers, Migration Process
resuming normal activities 1. Onboard
Types of Migration Based on Resource o Select a source VM that you
Type want to migrate
 2. Replication computing resources based on their
evolving needs
o Replicate data from the
source VM to Google Cloud. Purpose
Data replication is a
• Allows organizations to efficiently
continuous process that
scale their IT infrastructure without
takes place in the
requiring substantial upfront
background until the final
investments in hardware
cutover or you delete the
migration Provider’s Perspective
3. Set VM Target Details • Supplying and assigning necessary
resources, such as virtual
o Configure Compute Engine
machines, storage, and network
settings for the migrated VM,
access
such as the project,
instance type, memory, Provisioning Models
network, and more
1. Manual Provisioning
4. Test-Clone
o Description: Hands-on
o Optionally create a allocation and configuration
Compute Engine clone of by IT administrators
the source VM from the
replication data and test it o Pros: High level of control
on Google Cloud o Cons: Time-intensive and
5. Cut-over less adaptable to dynamic
workload changes
o Migrate the source VM to
Compute Engine. This o Use Cases: Well-suited for
process includes stopping static workloads with
the source VM, completing a predictable resource
final replication, and demands
creating the production 2. Automated Provisioning
Compute Engine instance
from the source VM o Description: Utilizes scripts
or tools to minimize human
6. Finalize intervention
o Perform any final cleanup o Pros: Expedites deployment
after a successful migration process and enhances
Cloud Provisioning responsiveness to evolving
demands
Definition
o Use Cases: Ideal for
• Processes involved in deploying and environments with varying
integrating cloud computing workloads requiring swift
services into an enterprise’s IT and efficient resource
infrastructure allocation
• Enables organizations to
dynamically allocate and manage
 3. Dynamic Provisioning (On- o Impact: Can lead to
Demand Provisioning) resource inefficiencies,
downtime, and
o Description: Allocates
compromised service
resources dynamically,
reliability
allowing client organizations
to acquire IT resources 2. Continuous Monitoring Difficulty
swiftly without manual
o Issue: Requires dedicated
adjustments
efforts for continuous
o Features: Cloud automation monitoring of provisioned
and orchestration resources
streamline the process
o Impact: Lapses in oversight
o Use Cases: Optimal for may result in overlooked
applications with issues or inefficient
unpredictable or fluctuating resource allocation, leading
workloads, delivering to underperformance,
scalability and resource security vulnerabilities, and
optimization difficulties in identifying and
addressing emerging issues
4. User Self-Provisioning (Cloud
promptly
Self-Service)
3. Security Concerns
o Description: Allows
customers to directly o Issue: Ensuring robust
subscribe to required security protocols for
resources from the cloud provisioned resources is a
provider via a website persistent challenge

o Process: Users create an o Impact: Security lapses can

account and pay for the expose sensitive data,
needed resources compromise client trust,
and lead to regulatory non-
o Use Cases: Ideal for
compliance
organizations emphasizing
autonomy and agility, 4. Skills and Knowledge Gaps
offering a straightforward
o Issue: The dynamic nature
subscription process
of cloud technologies
without complex
necessitates ongoing
procurement or onboarding
training and skill
procedures
development
Challenges of Cloud Provisioning
o Impact: Challenges in
1. Possibilities of Human Errors keeping teams updated and
aligned with the latest
o Issue: Manual provisioning
trends
increases the risk of
misconfigurations and 5. Cost Management Complexity
service disruptions
o Issue: Efficiently managing
costs in the cloud
 environment, especially with • Integration: Combines networking
fluctuating usage patterns resources, storage resources,
multi-vendor hardware processing
o Impact: Poor cost
tools, and control throughout the
management may result in
data center
unexpected expenses,
undermining the cost- • Projects: Tools used to build the
effectiveness of cloud platform are referred to as
provisioning for both “projects,” handling services
providers and clients including computing, networking,
and storage
6. Lack of Automation
Nine Major Services
o Issue: Absence or limited
implementation of 1. Nova (Compute Service)
automated provisioning
o Function: Manages
processes
compute resources like
o Impact: Hinders efficiency, creating, deleting, and
leading to slower handling the scheduling
deployment times, resource
o Purpose: Automation of
bottlenecks, and reduced
resources responsible for
agility in responding to
the virtualization of services
changing client needs
and high-performance
7. Billing Management computing

o Issue: Managing and 2. Neutron (Networking Service)

reconciling billing for various
o Function: Connects all the
provisioned services,
networks across OpenStack
especially in multi-cloud or
hybrid environments o Features: API-driven service
that manages all networks
o Impact: Billing inaccuracies
and IP addresses
can strain client-provider
relationships, leading to 3. Swift (Object Storage)
disputes and hindered trust
o Function: Object storage
OpenStack Architecture service with high fault
tolerance capabilities
Overview
o Features:
• OpenStack: An open-standard and
free platform for cloud computing ▪ Retrieves
unstructured data
• Deployment: Deployed as IaaS
objects with the help
(Infrastructure-as-a-Service) in both
of Restful API
private and public clouds
▪ Provides redundant
• Resources: Provides various virtual
storage within
servers and other types of resources
servers that are
for users
clustered together
 ▪ Manages petabytes o Features: Generates alarms
of data when a certain threshold is
exceeded
4. Cinder (Block Storage)
9. Heat (Orchestration)
o Function: Provides
persistent block storage that o Function: Facilitates on-
is made accessible using an demand service provisioning
API (self-service) with auto-scaling of cloud
resources
o Features: Allows users to
define and manage the o Features: Works in
amount of cloud storage coordination with
required Ceilometer

5. Keystone (Identity Service Features of OpenStack

Provider)
• Modular Architecture
o Function: Responsible for
o Designed with a modular
all types of authentications
architecture that enables
and authorizations in the
users to deploy only the
OpenStack services
components they need
o Features: Directory-based
o Easier to customize and
service that uses a central
scale the platform to meet
repository to map the
specific business
correct services with the
requirements
correct user
• Multi-Tenancy Support
6. Glance (Image Service Provider)
o Enables multiple users to
o Function: Registers, stores,
access the same cloud
and retrieves virtual disk
infrastructure while
images from the complete
maintaining security and
network
isolation between them
o Features: Stores images in a
o Particularly important for
wide range of back-end
cloud service providers who
systems
need to offer services to
7. Horizon (Dashboard) multiple customers

o Function: Provides a web- • Open-Source Software

based interface for
o Free to use and modify
OpenStack services
o Allows users to customize
o Features: Used to manage,
the platform to meet their
provision, and monitor
specific requirements
cloud resources
without the need for
8. Ceilometer (Telemetry) expensive proprietary
software licenses
o Function: Handles metering
and billing of services used • Distributed Architecture
 o Designed with a distributed o Rapid provisioning of
architecture that enables resources due to which
users to scale their cloud orchestration and scaling up
infrastructure horizontally and down of resources
across multiple physical becomes easy
servers
o Deployment of applications
o Makes it easier to handle using OpenStack does not
large workloads and consume a large amount of
improve system time
performance
o Scalable and efficient
• API-Driven resource usage

o All components can be o Manageable regulatory

accessed and controlled compliances
through a set of APIs
Drawbacks of OpenStack
o Facilitates automation and
1. Orchestration Robustness
integration with other tools
and services o Not very robust when
orchestration is considered
• Comprehensive Dashboard
2. API Compatibility
o Provides a comprehensive
dashboard that enables o APIs provided and
users to manage their cloud supported by OpenStack are
infrastructure and resources not compatible with many of
through a user-friendly web the hybrid cloud providers,
interface making integration of
solutions difficult
o Simplifies monitoring and
managing cloud resources 3. Security Risks
without the need for
specialized technical skills o Like all cloud service
providers, OpenStack
• Resource Pooling services come with the risk
of security breaches
o Enables users to pool
computing, storage, and Google virtual private cloud:
networking resources,
which can be dynamically Definition
allocated and de-allocated • A VPC network (Google Virtual
based on demand Private Cloud network) is very
o Optimizes resource similar to a physical network,
utilization and reduces except that it is virtualized within the
waste Google Cloud Platform (GCP)

• Advanced benefits of using Structure

openstack • Global Resource: Consists of a list
of regional virtual subnetworks
 (subnets) in data centers, all
connected by a global wide area
network (WAN)

Isolation

• VPC networks are logically isolated

from each other in the Google Cloud
Platform

Compute Engine

Function

• Lets you create and run virtual

machines on Google infrastructure

Benefits

• No Upfront Investments:
Eliminates the need for initial
capital expenditure on hardware

• Scalability: Ability to run thousands

of virtual CPUs on a system that is
designed to be fast and to offer
consistent performance