MALLA REDDY UNIVERSITY

(MR22-1CS0108) CLOUD COMPUTING

UNIT I
Introduction: Definition, characteristics, components, Cloud service
provider, the role of networks in Cloud computing, Cloud deployment
models- private, public & hybrid, Cloud service models, multitenancy.
Virtualization: Virtualization technologies and Architectures, Desktop
Virtualization, Server virtualization, Storage virtualization, Network
virtualization, Service virtualization, Data Virtualization. Hypervisors:
KVM, Xen, VMware hypervisors and their features.
Definition of Cloud Computing
• Cloud computing meaning in a simple term, it is
delivering the computing service which includes
high end servers,
storage for the service opted,
managing the database,
networking,
necessary software used for the purpose, analytics &
intelligence,
running over an internet connection.
• Cloud computing is the on-demand delivery of IT resources over the
Internet with pay-as-you-go pricing. These resources run on server
computers that are located in large data centers in different locations
around the world. When you use a cloud service provider like AWS,
that service provider owns the computers that you are using. These
resources can be used together like building blocks to build solutions
that help meet business goals and satisfy technology requirements.
 "The cloud" refers to servers that are
accessed over the Internet, and the software
and databases that run on those servers.
Cloud servers are located in data
centers all over the world. By using cloud
computing, users and companies do not
have to manage physical servers
themselves or run software applications on
their own machines.

For businesses, switching to cloud

computing removes some IT costs and overhead:
for instance, they no longer need to update and
maintain their own servers, as the cloud vendor
they are using will do that.
This especially makes an impact for small
businesses that may not have been able to afford
their own internal infrastructure but can
outsource their infrastructure needs affordably
via the cloud.
• The cloud can also make it easier for companies to operate internationally,
because employees and customers can access the same files and applications
from any location.

•The cloud enables users to access the same files and

applications from almost any device, because the computing
and storage takes place on servers in a data center, instead of
locally on the user device.
Example
This is why a user can log in to their Instagram account on a new
phone after their old phone breaks and still find their old account in place, with
all their photos, videos, and conversation history.

It works the same way with cloud email providers like Gmail or
Microsoft Office 365, and with cloud storage providers like Dropbox or
Google Drive.
Who is using cloud computing?

Organizations of every type, size, and industry are using the

cloud for a wide variety of use cases, such as data backup, disaster
recovery, email, virtual desktops, software development and testing, big
data analytics, and customer-facing web applications.

For example,
Healthcare companies are using the cloud to develop more
personalized treatments for patients. Financial services
companies are using the cloud to power real-time fraud detection
and prevention.

And video game makers are using the cloud to deliver online
games to millions of players around the world.
Features / Properties / Characteristics of Cloud
Computing 1. Resources Pooling
The IT resource (e.g.,
networks, servers, storage,
applications, and services) present
are shared across multiple
applications and occupant in an
uncommitted manner. Multiple
clients are provided service from a
same physical resource.
2. On-Demand Self-Service
The Cloud computing
4. Large Network Access services does not require any
The user can access the data of the cloud or human administrators, user
upload the data to the cloud from anywhere just with themselves are able to provision,
the help of a device and an internet connection. monitor and manage computing
5. Availability resources as needed.
The capabilities of the Cloud can be 3. Easy Maintenance
modified as per the use and can be extended a lot. It The servers are easily
analyzes the storage usage and allows the user to buy maintained and the downtime is
extra Cloud storage if needed for a very small amount. very low. Cloud Computing comes
up with an update every time by
gradually making it better.
 Features / Properties / Characteristics of Cloud
6. Automation
Computing Cloud computing services
are often highly automated,
allowing users to deploy and
manage resources with minimal
manual intervention.
7. Economical
In cloud computing,
clients need to pay the third-party
for the space used by them. More
often, some space is allocated for
9. Pay as you go free.
In cloud computing, the user has to pay 8. Security
only for the service or the space they have utilized. It creates a snapshot of
There is no hidden or extra charge which is to be the data stored so that the data may
paid. The service is economical and most of the time not get lost even if one of the
some space is allotted for free. servers gets damaged.
10. Measured service: The data is stored within the storage
The resource utilization is tracked for each devices, which cannot be hacked
application and occupant, it will provide both the and utilized by any other person.
user and the resource provider with an account of The storage service is quick and
what has been used. This is done for various reasons reliable.
like monitoring billing and effective use of resource.
Components of Cloud Computing Architecture
cloud computing technology is used by both small and large organizations to store
the information in cloud and access it from anywhere at anytime using the internet
connection.
Cloud computing architecture is a combination of service-oriented architecture and event-
driven architecture.

Cloud computing architecture is divided into the following two parts -

 Front End
 Back End

Front End
The front end is used by the client. It contains client-side interfaces and applications that
are required to access the cloud computing platforms. The front end includes web servers
(including Chrome, Firefox, internet explorer, etc.), thin & fat clients, tablets, and mobile
devices.

Back End
The back end is used by the service provider. It manages all the resources that are required
to provide cloud computing services. It includes a huge amount of data storage, security
mechanism, virtual machines, deploying models, servers, traffic control mechanisms, etc.
Components of Cloud Computing Architecture
There are the following components of cloud computing architecture -
1. Client Infrastructure
Client Infrastructure is a Front end component. It provides GUI (Graphical User Interface) to
interact with the cloud.
2. Application
The application may be any software or platform that a client wants to access.
3. Service
A Cloud Services manages that which type of service you access according to the client’s
requirement.

Cloud computing offers the following three type of services:

i. Software as a Service (SaaS) – It is also known as cloud application services.

Mostly, SaaS applications run directly through the web browser means we do not require to
download and install these applications.

Some important example of SaaS is given below –

Example: Google Apps, Salesforce Dropbox, Slack, Hubspot, Cisco WebEx.
ii. Platform as a Service (PaaS) – It is also known as cloud platform services. It is quite
similar to SaaS, but the difference is that PaaS provides a platform for software
creation, but using SaaS, we can access software over the internet without the need of
any platform.

Example: Windows Azure, Force.com, Magento Commerce Cloud, OpenShift.

iii. Infrastructure as a Service (IaaS) – It is also known as cloud infrastructure services. It

is responsible for managing applications data, middleware, and runtime environments.

Example: Amazon Web Services (AWS) EC2, Google Compute Engine (GCE), Cisco
Metapod.

4. Runtime Cloud
Runtime Cloud provides the execution and runtime environment to the virtual
machines.
5. Storage

Storage is one of the most important components of cloud computing. It provides a

huge amount of storage capacity in the cloud to store and manage data.
6. Infrastructure

It provides services on the host level, application level, and network level.

Cloud infrastructure includes hardware and software components such as servers,

storage, network devices, virtualization software, and other storage resources that are
needed to support the cloud computing model.

7. Management

Management is used to manage components such as application, service, runtime

cloud, storage, infrastructure, and other security issues in the backend and establish
coordination between them.

8. Security
Security is an in-built back end component of cloud computing. It implements a security
mechanism in the back end.

9. Internet
The Internet is medium through which front end and back end can interact and
communicate with each other.
 Cloud service provider:
Companies like Amazon Web Services (AWS), Microsoft Azure, and Google Cloud
Platform (GCP) are leading the pack.

They offer a wide range of services that help businesses be more creative and grow.

Using cloud technology is a smart move for any business wanting to stay ahead in today’s
digital world.

List of Top 10 Cloud Platform Service Providers

Amazon Web Services (AWS):
Launched in 2006, AWS is the best cloud service provider leading in the market.

It becomes a major player in AI, database, machine learning, 5G cloud, multi-cloud and
serverless deployments. AWS operates in 20 geographical regions across the world.
Microsoft Azure
Microsoft Azure was launched in 2010 as Windows Azure, and later in 2014, it was
renamed, Microsoft Azure.
It was launched years after the release of AWS and Google cloud but still, it is the
fastest-growing cloud and giving tough competition to AWS and other cloud service
providers.
Kamatera

Kamatera, established over two decades ago, has evolved into one of the most
reliable and flexible cloud infrastructure platforms in the industry.

With a strong focus on scalability, Kamatera allows businesses to configure their

cloud environments based on real-time needs, making it a top choice for startups
and large enterprises alike

Alibaba Cloud

Alibaba Cloud, also known as Aliyun, is the cloud computing arm of Alibaba Group,
one of the world’s largest e-commerce and technology conglomerates based in
China. It offers a comprehensive suite of cloud computing services to support
businesses worldwide
Oracle Cloud

Oracle Cloud is an ERP(Enterprise Resource Planning) based cloud service that

helps you to build, deploy, and manage workloads in the cloud or on-premises.
IBM Cloud (Kyndryl)
Developed by IBM, this cloud service offers another set of solutions to the users to
deploy their applications on the cloud.
It offers IaaS, SaaS, and PaaS services via public, private, hybrid and multi-cloud models.

IBM’s best bets come in the form of the Internet of Things, Cognitive Computing and
Blockchain
Tencent Cloud
DigitalOcean is a well-known cloud hosting provider that currently holds the fourth
largest global market share in cloud computing, following Alibaba Cloud, AWS, and
Microsoft Azure.

It Has a strong presence in China and Southeast Asia, with growing international
reach.
OVHcloud
DigitalOcean is a well-known cloud hosting provider that currently holds the sixth
largest global market share in cloud computing, following Alibaba Cloud, AWS,
Microsoft Azure, Tencent Cloud, and Google Cloud Platform.
Known as a strong player in Europe, particularly in France, and is expanding its
global presence.
DigitalOcean:

DigitalOcean is a well-known cloud hosting provider that primarily caters to startups, small and
medium-sized businesses (SMBs), and individual developers, holding a smaller market share
compared to larger cloud providers.

Known for its strong presence in developer communities.

Linode (owned by Akamai)

Linode, which is now part of Akamai, is a cloud platform primarily caters to developers,
startups, and SMBs, holding a smaller market share compared to major cloud providers.

Known for its strong developer community and focus on simplicity.

Cloud Networking
Cloud Networking is a service in which a company’s networking procedure is hosted on a
public or private cloud.

Cloud Computing is source management in which more than one computing resources share an
identical platform and customers are additionally enabled to get entry to these resources to a
specific extent.

Cloud networking facilitates organizations to establish secure, scalable, and high-performance

network architectures following to their specific requirements.

It involves implementing virtualized networking technologies, such as virtual private clouds

(VPCs), software-defined networking (SDN), and load balancing, to ensure reliable connectivity,
efficient resource utilization, and seamless integration with cloud services.
 The Role of Networking in Cloud Computing
 Networking involves the connection of computers, servers, and
devices to enable communication and resource sharing.
 Cloud computing, networking facilitates the transfer of data between
cloud service providers’ data centers, users, and other components of
the cloud infrastructure.

Networking plays an important role in various aspects of cloud

computing:

1. Connecting Data Centers

Cloud computing providers use networks to interconnect their

data centers, which are the physical locations where cloud services are
hosted.
These networks facilitate the transfer of data and enable resource
sharing between data centers, ensuring high availability, fault
tolerance, and scalability of cloud services.
The Role of Networking in Cloud Computing
2. Delivering Cloud Services
Networks are crucial for delivering cloud services to users.
Cloud providers utilize various network technologies, including the
internet, private networks, and dedicated connections, to ensure the
efficient transfer of data between their infrastructure and end-users.
These networks enable users to access cloud services from
anywhere, at any time, with minimal latency.

3. Securing Cloud Computing Environments

Networking plays a significant role in securing cloud
computing environments. Cloud providers implement network-level
security measures such as firewalls, virtual private networks
(VPNs), and intrusion detection systems (IDS) to protect against
unauthorized access, data breaches, and other security threats.
Networks also facilitate traffic monitoring and encryption
to ensure the confidentiality and integrity of data within the cloud
infrastructure.
Cloud deployment models

Cloud deployment
Model
Cloud deployment models
It is often defined as the place where the deployment will take place.
Public cloud

 We all live in the public cloud, whether we notice it or not.

 For instance, we use Gmail (being a part of Google Cloud Platform) for communicating
with clients or co-workers.
 We save our data in Google Drive or Dropbox. We create documents online using
Google docs. We share our selfies with friends through Facebook or Instagram.
 But have we ever wondered where our data, whether it’s emails, files from your
computer, online documents or selfies, is stored?
Public cloud
 All of this content is kept in the public cloud, i.e. they are stored on a server
somewhere in the world – and we are simply accessing it (e.g. Gmail) by using your web
browser as a client.
 Public cloud means IT services such as data storage, servers, databases, networking, and
software that are available for everyone to use. These services are offered by third-party
providers over the public internet so that every customer is able to access them via web-
based tools and applications.
 Public cloud deployments are usually housed on public servers that are
accessible over the internet or through VPN service.
 The hardware and software used in these facilities are typically owned by the
service owner.
 This saves a huge amount of money for companies that do not want to buy their
own application server, storage, CPU, OS, database and etc.
 It also allows you to easily expand and add new services without having to hire
more people.

 Most of all, public clouds are used for file-sharing, e-mail services, application
development, and testings.

 Today, workforces can work and access data from almost anywhere in the
world, redefining how many companies operate and collaborate.

 Public cloud storage options also provide enhanced security and backup
capabilities.

In the case of server failure or corruption, data uploaded to the cloud remains
intact.
Private cloud

 A private cloud is private to one organization. In other words, a private cloud

resources and services are used exclusively by one business or organization.
 A private cloud is a computing model that offers a secure and dedicated
environment for a single business.
 All the hardware infrastructure and software are solely dedicated to one
organization. It is a single-tenant infrastructure. It is like an internal server of a
company
 In a private cloud, it's very easy to customize the hardware and software to meet
your organization's specific IT requirements. This is because our organization, owns
everything i.e the hardware, software and network. So we have complete control and
can change anything in any way we want to meet our organization requirements.
 In general, private clouds are often used by government agencies, financial
institutions and any other medium to large-sized organizations with business-
critical operations seeking enhanced control over their environment.
Types of Private Cloud
1. Internal Private Cloud
An internal private cloud is present at the organization’s local data center. All
the resources are owned by the organization itself. This allows more control over the
resources of the organization. Internal Private Cloud will not be connected to the internet
as it is on-premises, and it can be connected through internal networks like data centers.
The capital expenditure in this model is high. It is difficult to scale and offers higher
latencies as servers are deployed on-premises.

2. External Private Cloud/Managed Private Cloud

An external private cloud is hosted by a third-party cloud provider for the
organization. They dedicate resources on behalf of the organization. External Private Cloud
can establish connectivity over the public internet but over a VPN (Virtual Private
Network), Fiber, or Ethernet. This gives lesser control to the organization. The capital
expenditure in this model is low and expenses are variable. It is easy to scale and offers
lower latencies as servers can be deployed in different locations.
Hybrid cloud

Hybrid Cloud is a mixture of public and private cloud. Non-critical activities are
performed using public cloud while the critical activities are performed using private
cloud. It allows instant transfer of information between environments, allowing
enterprises to experience the benefits of both environments.
For example,
For backup and disaster recovery purposes, a private cloud can be used as
a local backup solution ensuring immediate on-site access to corporate data (and its
protection) – especially in the context of GDPR compliance.
On the other hand, the public cloud can function as the secondary off-site
backup location that provides disaster recovery in the event of on-premises equipment
failures.
Features and Benefits of the Hybrid Cloud Model

Scalability: Moving non-sensitive functions to Security: The hybrid cloud model not only
the public cloud allows customers to achieve ensures the security required for sensitive
seamless scalability operations but also satisfies the data handling
while also reducing the demands on the private and storage regulatory requirements, wherever
cloud. applicable.
Flexibility: Customers can explore different Cost efficiency: Hybrid clouds enable greater
operational avenues and achieve efficient cost efficiency through centralized
management of their databases and applications management
on account of the flexibility offered by the
hybrid cloud.
Community cloud

Identity
Access
Management

Members of the community cloud are essentially organizations with similar

business needs.
Community cloud allows systems and services to be accessible by a group of
several organizations to share the information between the organization and a specific
community.
It is owned, managed, and operated by one or more organizations in the
community, a third party, or a combination of them.
The banking sector is one of the best examples that use Community cloud services.
The planning strategy might differ while adopting the Community Cloud. Still, the
members will share the same security features and maintain privacy, performance, and
compliance requirements.
Examples: Public and Government sectors, Educational institutions, Health care industry
Layers of Cloud / Cloud service models / Cloud
Computing service models
There are three layers of cloud computing services
1.Infrastructure as a Service (IaaS)
2.Platform as a Service (PaaS)
3.Software as a Service (SaaS)
Infrastructure as a Service (IaaS): Building Blocks of the Cloud
All the physical resources or hardware—like laptops, desktops, cables, switches, routers, data
centers, and storage devices—are a part of infrastructure. In cloud computing, all the infrastructure is
virtualized and provided to consumers as a service. This is called IaaS.
IaaS provides organizations with good control and management on their applications, without having
to maintain the infrastructure, i.e., the physical resources.
Infrastructure as a Service (IaaS): Building Blocks of the Cloud
 Infrastructure as a Service (IaaS) is a fundamental layer of cloud computing
 IaaS delivers cloud computing infrastructure, including servers, network,
operating systems, and storage, on-demand, usually on a pay-as-you-go basis
through virtualization technology.

 While IaaS gives you virtualized resources such as servers, disks, networks,
and IP addresses, we are still responsible for administering the operating
system, data, applications, middleware and runtimes.

 These cloud servers are typically provided to the organization through a

dashboard or an API, giving IaaS clients complete control over the entire
infrastructure.

 IaaS provides the same technologies and capabilities as a traditional data

center without having to physically maintain or manage all of it. The IaaS
provider handles and manage the servers, hard drives, networking, virtualization,
storage, system maintenance, software updates, backup and security

 This service was seen was in
Gmail, the Google email service
where each user gets around 8
GB of free storage. In order to do
this, Google built gigantic data
centers consisting of (probably)
millions of servers.
Examples of IaaS
Rackspace, Amazon Web
Services (AWS) Elastic Compute
Cloud (EC2), Microsoft Azure,
Google Compute Engine (GCE)
and Joyent.
Platform as a Service (PaaS) Empowering Developers
PaaS specifically provides a platform for customers to develop, run, and
manage applications.
PaaS can be delivered in three different formats.
It supplies the networking, operating system
(OS), middleware (e.g. Java runtime, .NET
cloud service from the provider. In
runtime, integration, etc.), database and other
this configuration, the customer
services to host the consumer’s application.
controls software deployment with
minimal configuration options.
PaaS configuration can be run
as software deployed on public
infrastructure as a service such
as AWS
Platform as a Service (PaaS) Empowering Developers
 The second layer of the cloud is the platform – the PaaS (Platform as a service) where
a third-party provider delivers hardware and software tools to users over the internet.
Usually, these tools are needed for developing customized software - for example
application development and testing

 A PaaS provider hosts the hardware and software on its own infrastructure. With
PaaS, developers can focus on building their applications without having to worry about
operating systems, software updates, storage or infrastructure.
 We get a “platform” with built-in software components for both hardware and
software such as runtime libraries, tools, applications, email and HTTP servers. This
allows developers to rapidly develop, run, and manage their own apps without having to
build and maintain the infrastructure

 This setup significantly reduces the overhead costs of app development. It also makes
it possible for distributed teams of developers to work together on an app from
anywhere in the world
Examples of PaaS may include
• runtimes such as Java runtimes,
• databases such as mySQL or Oracle, and
• web servers such as Tomcat.
Another example is Google App Engine, on which one can develop applications and let them
execute on Google’s platform. Other commonly-cited examples include AWS Elastic
Beanstalk, Windows Azure, Heroku, Force.com, and Apache Stratos.
Software as a Service (SaaS): Ready-to-Use Applications
Software-as–a-Service (SaaS) model allows to provide software application
as a service to the end users. It refers to a software that is deployed on a host service
and is accessible via Internet. Instead of installing and maintaining software, we
simply access it via the Internet, freeing yourself from complex software and
hardware management.
There are several SaaS applications
Software as a Service (SaaS): Ready-to-Use Applications
 Software as a Service (SaaS) is a web-based software deployment model
that makes the software accessible through a web browser. As a user of SaaS
software, we don’t care where the software is hosted, which operating system
it uses, or which language it is written in.

 The SaaS software is made accessible from any device as long we have an
internet connection. With SaaS, we do not incur the capital cost of buying servers
or software.

 The service provider shields us from software maintenance and we simply

connect to the SaaS application via a console dashboard or API.

 Examples would include Microsoft Office 365, Intuit, Salesforce CRM,

Zoom, ZoomInfo, Dropbox, Google Apps and many more that are for
consumption by end-users.
Benefits of SaaS
 These applications run on the
cloud and need not be downloaded
to a local device.

 Web mail such as Outlook,

Gmail, Yahoo, etc., is one of the
earliest forms of SaaS.

 SaaS makes it easy for us to focus

on our core business. It is a great
option for businesses that don’t have
the staff or bandwidth to handle
software installation and updates.
Multitenancy in Cloud computing:
 Multitenancy is a type of software architecture where a single software
instance can serve multiple distinct user groups.

 It means that multiple customers of cloud vendor are using the same computing
resources.

 As they are sharing the same computing resources but the data of each Cloud
customer is kept totally separate and secure.
 In cloud computing Multitenancy also refer as shared host where
same resources are divided among different customer’s.
Advantages of Multitenancy :
 The use of Available resources is maximized by sharing resources.
 Customer's Cost of Physical Hardware System is reduced, and it reduces the
usage of physical devices and thus power consumption and cooling cost
savings.
 Save Vendor's cost as it becomes difficult for a cloud vendor to provide
separate Physical Services to each individual.
Disadvantages of Multitenancy :
 Data is stored in third-party services, which reduces our data security and puts
it into vulnerable conditions.

 Unauthorized access will

cause damage to data.
 Suppose you
want to Learn
Linux

To help in reducing the number of physical machines

needed for IT operations, saving on purchase costs,
physical maintenance we are going for a Technology called
Virtualization
 Virtualization
Virtualization is technology that you can use to create
virtual representations of servers, storage, networks, and other
physical machines called Virtual Machine
With Virtualization no need of separate hardware
Virtual software mimics the functions of physical hardware to
run multiple virtual machines simultaneously on a single
physical machine.
What is Virtualization? Virtualization
• Virtualization is technology that you can
use to create virtual representations of
servers, storage, networks, and other
physical machines.
• Virtual software mimics the functions of
physical hardware to run multiple virtual
machines simultaneously on a single
physical machine.
• Businesses use virtualization to use their
hardware resources efficiently and get
greater returns from their investment.
• It also powers cloud computing services
that help organizations manage
infrastructure more efficiently.
 Virtualization
Why is virtualization important?
• You can interact with any hardware resource with
greater flexibility.
• Physical servers consume electricity, take up storage space,
and need maintenance.
• You are often limited by physical proximity and network
design if you want to access them. Virtualization removes
all these limitations by abstracting physical hardware
functionality into software.
• You can manage, maintain, and use your hardware
infrastructure like an application on the web.
 Virtualization Architecture
The architecture of virtualization in cloud computing involves the
following components.
 Virtualization Architecture
Physical Hardware:
Physical hardware includes the physical parts of a computer, such as
the central processing unit (CPU), random access memory (RAM),
motherboard, computer data storage, graphics card, sound card, and computer
case. It includes external devices such as a monitor, mouse, keyboard, and
speakers.
Operating System:
An operating system (OS) is system software that manages computer
hardware and software resources, and provides common services for computer
programs.
Time-sharing operating systems schedule tasks for efficient use of the
system and may also include accounting software for cost allocation of
processor time, mass storage, peripherals, and other resources.
 Virtualization Architecture
Virtualization Layer:
The Virtualization layer has 7 layers:
1. Access Virtualization: Allows applications
to work with remote client devices without
change, even though those remote devices
were never been thought of or available
when the application was written. This is
called access virtualization.
2. Application Virtualization: Allows
applications written for one OS version or
OS to happily execute in another
environment; this environment can be a
new OS version or an entirely different OS.
This is called application virtualization.
3. Process Virtualization Layer 3: Allows
one system to support workloads as if it
was many systems, or allows one workload
to run across many systems as if it was a
single computing resource. This is
called processing virtualization
 Virtualization Architecture

Virtualization Layer:

4. Storage Virtualization: Allows workloads

to access storage without having to know
where the data is stored, what type of device is
storing the data, or whether the storage is
attached directly to the system hosting the
workload, or to storage in the cloud. This is
called storage virtualization.

5. Network Virtualization: Allows systems

to work with other systems safely and
securely, without having to care too much
about the details of the underlying network.
This is called network virtualization .
 Virtualization Architecture
Virtualization Layer:
6. Management of Virtual Environment:
Allows IT administrators and operators to
easily monitor and manage virtual
environments across boundaries. The
boundaries can include the physical location
of systems; OSes in use; applications or
workloads in use; network topology; storage
implementation; and how client systems
connect to the applications. This is
called management of virtualized
environments
7. Security for Virtual
Environment: Monitors and protects all of
the other layers of virtualization so that only
authorized use can be made of the resources.
Yes, this is called security for virtualized
environments
Virtual Machines(VM) and hypervisors
To Create this Virtualization Layer we have a software
called Hypervisors
VM1 VM2
VM3
GUEST Machine

Software to manage
the VM

HOST Machine
 Virtualization Architecture
Hypervisor
The hypervisor is a software component that manages multiple
virtual machines in a computer.
It ensures that each virtual machine gets the allocated resources and
does not interfere with the operation of other virtual machines.
Virtual machine:
• A virtual machine is a software-defined computer that runs on a physical computer
with a separate operating system and computing resources. The physical computer is
called the host machine and virtual machines are guest machines. Multiple virtual
machines can run on a single physical machine. Virtual machines are abstracted
from the computer hardware by a hypervisor.
• From the user’s perspective, the virtual machine operates like a typical server. It has
settings, configurations, and installed applications. Computing resources, such as
CPUs, RAM, and storage appear the same as on a physical server. You can also
configure and update the guest operating systems and their applications as necessary
without affecting the host operating system.
 You can give resources to Virtual Machine with what actually you
have in the host machine.
For eg if you have total 8GB RAM in the host machine and host machine
is utilizing 4GB then the remaining 4GB RAM can be shared among the
Virtual Machines we create.
 Virtual Machines are completely Isolated - If something breaks in
one virtual machine, it will not affect the Host machine and other
VMs.

Bre
ak
Types of Virtualization
 Types of Virtualization
In cloud computing, there are several types of virtualization techniques. Each type of
virtualization has a specific purpose and plays a crucial role in building flexible and scalable
cloud environments. The main types of virtualization in cloud computing are:
1. Server Virtualization:
Server virtualization is the process of creating multiple virtual servers on a single
physical server. Virtual servers are isolated from each other and may have different sets of
software and operating systems. Since they are consolidated on a single physical machine,
you can use resources more efficiently, and save money.
Instead of several servers, the company buys one, powerful Server. There is no need to
allocate separate physical machines for mail, files, domain servers, etc.
SE
RV
ER
2. Storage Virtualization:Types of Virtualization
Storage virtualization combines the functions
of physical storage devices such as network attached
storage (NAS) and storage area network (SAN).
You can pool the storage hardware in your
data center, even if it is from different vendors or of
different types.
Storage virtualization uses all your physical
data storage and creates a large unit of virtual
storage that you can assign and control by using
management software.
IT administrators can streamline storage
activities, such as archiving, backup, and recovery,
because they can combine multiple network storage
 Types of Virtualization
3. Network Virtualization:
Any computer network has hardware elements such
as switches, routers, and firewalls.
An organization with offices in multiple
geographic locations can have several different
network technologies working together to create its
enterprise network.
Network virtualization is a process that
combines all of these network resources to
centralize administrative tasks. Administrators
can adjust and control these elements virtually
without touching the physical components, which
greatly simplifies network management.
 Types of Virtualization
4. Application Virtualization:
In this Virtualization, all the individual
elements, characteristics, and information of an
application is stored on a server.
This system enables users to access and use the
application from this server.
This system basically encapsulates all the elements of a
particular application and virtualizes them on another
server which enables user access to these applications
without the need of actually installing it on the target
device.
This virtualization separates the application
from the underlying operating system, making it
accessible from multiple devices without being
directly installed on them.
For example, users can run a Microsoft Windows
application on a Linux machine without changing the
machine configuration.
Users can access and interact with the
application from any device connected to the network
 Types of Virtualization
5. Desktop Virtualization:
The entire desktop operating system,
applications, and data are hosted on a cloud server,
and users can access their desktop from any device
over the internet.
The desktop environments, also called virtual
machines (VMs), are housed on powerful servers that
can host several desktop sessions concurrently.
Users can access these VMs on their devices as
and when required, regardless of the specifications of
their devices.
Desktop virtualization is especially useful for
enterprises as it offers a consistent desktop experience
to all employees.
IT teams responsible for managing a company’s
devices can now manage and issue updates centrally.
Virtual desktops also minimize the security
risks associated with employees storing the company
data locally. And, since most of the data is stored on
servers, device failure will not result in any major loss.
 Types of Virtualization
6. Data Virtualization:
This is the kind of virtualization in which the data is collected from various sources
and managed at a single place without knowing more about the technical
information like how data is collected, stored & formatted then arranged that data
logically so that its virtual view can be accessed by its interested people and
stakeholders, and users through the various cloud services remotely. Many big giant
companies are providing their services like Oracle, IBM, At scale, Cdata, etc.
 Hypervisor
Hypervisor:
The hypervisor is a software component that manages multiple
virtual machines in a computer. It ensures that each virtual machine gets
the allocated resources and does not interfere with the operation of
other virtual machines.
There are two types of hypervisors.
• Type 1 hypervisor
• Type 2 hypervisor
 Hypervisor
Type 1 hypervisor (bare-metal
hypervisor) :
A type 1 hypervisor, or bare-metal
hypervisor, is a hypervisor program
installed directly on the computer’s
hardware instead of the operating system.

Therefore, type 1 hypervisors have

better performance and are commonly used
by enterprise applications.
KVM uses the type 1 hypervisor to
host multiple virtual machines on the Linux
operating system.
 Hypervisor
Type 2 hypervisor (hosted hypervisor) :
Also known as a hosted hypervisor, the
type 2 hypervisor is installed on an operating
system. Type 2 hypervisors are suitable for end-
user computing.
A type 2 hypervisor, or hosted
hypervisor, interacts with the underlying host
machine hardware through the host machine’s
operating system. You install it on the machine,
where it runs as an application.
The type 2 hypervisor negotiates with
the operating system to obtain underlying
system resources. However, the host operating
system prioritizes its own functions and
applications over the virtual workloads.
 KVM Hypervisor
KVM (Kernel-based Virtual Machine)
It is an open-source hypervisor that
allows a Linux system to act as a host for
virtual machines (VMs).
It is built directly into the Linux
kernel and turns it into a Type 1 (bare-
metal) hypervisor, providing the ability to
run multiple virtualized environments on
a physical server.
KVM was announced in 2006 and merged
into the Linux kernel a year later.
As KVM is the part of Linux Kernal it has
all the components .
Every VM is implemented as a regular
Linux process, scheduled by the standard
Linux scheduler, with dedicated virtual
hardware like a network card, graphics
adapter, CPU(s), memory, and disks.
Features of KVM
1. Security boundaries with SELinux and sVirt
KVM uses a combination of Security-Enhanced Linux (SELinux) and sVirt for
enhanced VM security and isolation. SELinux establishes security boundaries around VMs.
sVirt extends SELinux’s capabilities, allowing Mandatory Access Control (MAC) security to
be applied to guest VMs and preventing manual labeling errors.

2. Storage flexibility
KVM is able to use any storage format supported by Linux, including some local
disks and network-attached storage (NAS).

3. Support for multiple hardware architectures

KVM can run on a wide variety of hardware platforms. KVM uses hardware-
assisted virtualization a special features build in the modern processor(such as Intel VT-x
and AMD-V) to improve the efficiency and performance of virtual machines (VMs).

4. Live migration
KVM supports live migration, which is the ability to move a running VM from
one physical host to another without shutting down or interrupting the VM's operation..
The VM remains powered on, network connections remain active, and applications continue
to run while the VM is relocated. KVM also saves a VM's current state so it can be stored and
resumed later.
 KVM Hypervisor
Why is KVM important?
High performance
KVM is engineered to manage high-demanding applications seamlessly. All
guest operating systems inherit the high performance of the host operating
system—Linux. The KVM hypervisor also allows virtualization to be
performed as close as possible to the server hardware, which further reduces
process latency.
Security
Virtual machines running on KVM enjoy security features native to the
Linux operating system, including Security-Enhanced Linux (SELinux).
This ensures that all virtual environments strictly adhere to their respective
security boundaries to strengthen data privacy and governance.
 KVM Hypervisor
Stability
KVM has been widely used in business applications for more than a decade. It enjoys
excellent support from a thriving open-source community. The source code that powers
KVM is mature and provides a stable foundation for enterprise applications.

Cost efficiency
KVM is free and open source, which means businesses do not have to pay additional
licensing fees to host virtual machines.

Flexibility
KVM provides businesses many options during installations, as it works with various
hardware setups. Server administrators can efficiently allocate additional CPU, storage, or
memory to a virtual machine with KVM. KVM also supports thin provisioning, which
only provides the resources to the virtual machine when needed.
 Xen Hypervisor
The Xen hypervisor, is the open
source open-source type-1 or baremetal
hypervisor, it supports a wide range of guest
operating systems including Windows, Linux,
Solaris

The Xen hypervisor is the lowest and

most privileged software layer. This layer
supports one or more guest operating systems,
scheduled on the physical CPUs. The first
guest operating system, called in Xen
terminology domain 0 (dom0) is executed
automatically when the hypervisor boots and
receives special management privileges and
direct access to all physical hardware by
default. The system administrator can log into
dom0 in order to manage any additional guest
operating systems, called user domains
(domU) in Xen terminology.
Xen supports two types of virtualization.

Para Virtualization:
In the para virtualization the kernel of the guest
operating system modified to run on the hypervisor
hypervisor is a program that runs on the host system at ring 0
therefore is also called a modified guest.
The normal goal of virtualization is to fool the guest
OS kernel into thinking it’s running on the real hardware. But in
para virtualization, the guest OS knows that it is running in a
virtual machine and cooperates with the hypervisor to get
access to the actual hardware. The hypervisor contains a set of
paravirtualized (PV) drivers that the guest loads instead of the
actual hardware drivers.

Fully Virtualization:(HVM- hardware assisted virtualization)

This one is known as hardware assisted virtualization,
provides support for unmodified guest operating systems. The
guest operating system runs unmodified and does not need to be
aware of the hypervisor. The hypervisor emulates the hardware,
so the guest OS believes it is running directly on physical
hardware, even though it is running in a virtualized
environment.
Features of Xen Hypervisors:
• Consolidation
• Rapid provisioning
• Dynamic fault tolerance against software failures (through rapid bootstrapping or
rebooting)
• Increased utilization
• Ability to support legacy software as well as new OS instances on the same computer.
• Ability to securely separate virtual operating systems
• Hardware fault tolerance (through migration of a virtual machine to different hardware)
Citrix and Oracle use Xen for their virtualization products. Citrix co-opted the Xen name but
rebranded XenServer as Citrix Hypervisor to differentiate it from the open source offering.
Support for virtual desktops remains a high priority for Citrix, and XenServer has been
optimized for that type of workload.
Xen pros:
• A true Type 1 hypervisor that provides lower overhead due to having direct access to the
hardware.
Xen cons:
• No ability to share resources of an underlying OS.
• No support for sVirt.
 Vmware Hypervisor
VMware is a company that specializes in virtualization and cloud
computing technology. The company develops software that enables businesses
to create and manage virtualized IT environments, including hypervisors, which
are essential for running virtual machines (VMs).
VMware offers several hypervisors, each designed for different use
cases, ranging from enterprise data centers to personal or developer environments.
The primary hypervisors in VMware’s are:

1. VMware ESXi
VMware ESXi is a data-center-focused Type 1 or "bare metal"
hypervisor, replacing the primary operating system that would interact with a
computer's physical components. ESXi, a larger hypervisor that used more of the
host computer's resources.
Large-scale enterprise data centers, cloud infrastructures, and virtualized
environments use this hypervisor
2. VMware vSphere Hypervisor
VMware vSphere Hypervisor is a Type 1 or "bare metal" hypervisor. It is
essentially a free version of VMware ESXi. It provides essential virtualization capabilities but
lacks some of the advanced features available in the full vSphere suite, such as centralized
management (vCenter) and certain enterprise features.
It's suitable for small businesses or individuals who need basic virtualization features.

3. VMware Workstation hypervisor

VMware Workstation is a Type 2 hypervisor. It is designed for desktop and
developer environments. It runs on top of an existing operating system (e.g., Windows or
Linux) and allows users to create and run multiple VMs on a single physical machine.
Workstation is popular among developers, testers, and IT professionals who need to run different
operating systems on a single host machine.
It is used for Desktop virtualization, software development, testing, and learning
environments.

4. VMware Fusion
Similar to VMware Workstation, VMware Fusion is designed specifically for
macOS users. It enables Mac users to run virtual machines with other operating systems (such
as Windows, Linux, and others) alongside macOS. Fusion is ideal for running virtualized
environments on Mac computers for development, testing, and educational purposes.
It is used for Virtualization on Mac computers, development, and testing