Methodically Plan Your Cloud Design First

Are You Sure You Are Ready For The Cloud: Design

For the last few months, we have been discussing getting ready to go to the cloud. We have covered topics such as Financial and Business Security reasons. We have even discussed the type of knowledge you should obtain.

This month, we are going to take the next step, which is covering:

Design

Why is design so important? Cloud is an amazing technology, but if not properly designed, you can loose the ability to access all of your resources that you have paid good money for.

How so? Starting with something as simple as spinning up and server Instance. If you assign to many resources to it, and do not effectively use these resources you now have a “committed waste”. As an example, if you assigned 4 vCPUs to an instance, and after looking at your resource usage on that instance some time later, you noticed you never used more than two vCPUs; so now you have waste. Beings you committed 4 vCPUs, two are lost unless you can reclaim them.

In some cloud management software, you will find that this is either impossible, or extremely difficult. On a virtual server side, usually on the hypervisor level, you can add and remove vCPUs easily, but is not normally recommended because it can cause issues with the Guest operating system.

So, lets go back to the Design aspect: the design in itself can be broken down into four main areas with a few sub areas:

  • User Connectivity
    • Web Browser
    • System Level
  • Security
    • Firewalls
    • System Ports
    • Username/Passwords
  • Infrastructure
    • Network
    • Internet
  • Resources
    • CPU
    • RAM
    • Storage
      • Local
      • Volume

Now, lets look at each one of these at a higher level. I am going to start at the bottom of the list first.

Resources

The resources I have listed are extremely basic, and show that this is a minimum to get started, except for the volume storage. You can use local storage depending on the size of your cloud, but larger companies will have separate volume storage, such as NAS or SAN units or other types of external storages like appliances.

The vCPU and vRAM are normally based directly on physical CPUs and installed RAM. Several of the cloud management tools, even open source ones have the ability to adjust the ratio of physical to virtual vCPUs. Such as, if you have 24 physical CPUs, and industry standard of 10ea – 15ea vCPUs to each physical CPUs will give you 240 or 360 vCPUs that can be allocated to your instances.

Infrastructure

Next in the Infrastructure bullet, you will see only two things: Network and Internet. You do not necessarily need Internet access to have a cloud, but it comes in handy if you are spinning up instances and they need drivers or libraries from vendors or various repositories. Of course, the Network is in itself self-explanatory, but I would encourage you to have the fastest and most robust possible for your budget. Why?

Moving instances from one compute node to another takes time, and the faster the wire speed the better. Also, when you get into backups / Disaster Recovery areas, you will really need that speed.

Security

Security is the next bullet, and I broke it down into three sub bullets: Firewalls, System Ports and Username and Passwords. There are many other facets of security of course, but I am only look at the three basic pones here.

Firewalls are self explanatory, while System Ports are not. Several of the open source and commercial cloud management software packages have the ability to wrap each instance with the ability to block TCP/UDP ports from sending or receiving data for each of the IP stack ports. And again, complex Usernames and Passwords are always important.

User Connectivity

The last is User Connectivity. Hopefully everyone reading this article can effectively use a web browser, but direct system connections may be a little harder. If the required TCP/UDP ports are open, then you can connect with SSH, Telnet or RDP depending on your machine flavor.

Knowing where you want to use the resources, security or network will help you take advantage of making sure you can connect to your cloud and be able to effectively use it. Shoot for as much Compute resources as possible, and make sure that you are robust in your network choices, and you will have a lot better experience with your cloud.

By Richard Thayer

Patrick Melampy
Cloud On-Ramp and Protecting Performance The expansion of remote work and the massive growth in usage of cloud-based applications have stressed existing infrastructure and put a keen focus on the performance of everyone’s network environment ...
David Discenza
Four Ways to Improve Cybersecurity (Updated: December 9th, 2022 ) Cyber-attacks on businesses have become common place. In fact, it’s estimated that a cyber-attack occurs every 39 seconds. Who are the targets of these attacks? ...
Gilad David Maayan
What Is Cloud Deployment? Cloud deployment is the process of deploying and managing applications, services, and infrastructure in a cloud computing environment. Cloud deployment provides scalability, reliability and accessibility over the internet, and it allows ...
John Peluso
Save Your Organization on Cloud Costs Organizations of all sizes are currently navigating their plans to avoid the recent surge in cyber-attacks and data breaches and preparing for unforeseen setbacks. Building a sensible backup and ...
Sofia Jaramillo
Augmented Reality in Architecture Augmented reality (AR) is a growing field of study and application in the world of architecture. This useful tool can help us visualize architectural designs by superimposing them onto real-world scenes ...
Security Breach 10 Useful Cloud Security Tools
Cloud Security Tools Cloud providing vendors need to embed cloud security tools within their infrastructure. They should not emphasize keeping high uptime at the expense of security. Cloud computing has become a business solution for ...
Tosin Vaithilingam
Navigating Economic Uncertainty: Strategies for IT Leaders and MSPs Lately, it seems that each day brings news of more economic uncertainty. Companies that have been navigating the pandemic for the past two and a half ...
Mark Greenlaw
Free Cloud Migrations are Expensive The cloud is becoming the primary place where work gets done. By 2025, Gartner estimates that enterprise spending on public cloud computing will overtake traditional IT hardware. Why? One reason ...
Byod.png
The Manuscript.png
It’s Magic
The Report.png

PLURALSITE

Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization. 

(ISC)²

(ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees.

CYBRARY

CYBRARY Open source Cyber Security learning. The world's largest cyber security community. Cybrary provides free IT training certificates. Courses for beginners, intermediates, and advanced users are available.