Cloud technology has greatly changed the landscape of the computer world. Moving computer resources and applications into a shared network environment changes how many companies do business and provide services to customers. This chapter introduces the main concepts of just what a cloud is and the role that Linux plays in cloud computing. The chapter starts out by defining what cloud computing is and what the different types of cloud computing environments are. Next is a discussion of how virtualization plays an important role in cloud computing and how that is implemented in Linux. Finally, an explanation of how containers fit into cloud computing and how they have changed how developers do their jobs.
Before diving into how Linux participates in cloud computing, it’s a good idea to define just what a cloud is and what type of resources it provides.
The first mention of the term cloud came in documentation for the original ARPAnet network environment in 1977, the precursor to the modern-day Internet. In that documentation, the cloud symbol was commonly used to represent the large network of interconnected servers geographically dispersed. However, in this environment each server was self-contained and self-sufficient; there was no distributed computing.
The term cloud computing is related to distributed computing. In distributed computing, resources are shared among two or more servers to accomplish a single task, such as run an application. This environment became the precursor to what we know today as cloud computing, popularized by companies such as Amazon Web Services (AWS), Google Cloud Platform, and Microsoft Azure.
With cloud computing, you can deliver computing resources across the Internet. Now customers can purchase both hardware and software resources as needed from cloud computing vendors. This includes servers, storage space, databases, networks, operating systems, and even individual applications.
Figure 28.1 demonstrates the three different methods for providing cloud computing services.
As shown in Figure 28.1, there are three primary methods for providing cloud computing environments:
Cloud computing environments can customize the level of resources provided to customers, depending on each customer’s needs. The following sections describe the three most popular models for providing resource levels that you’ll find from cloud computing vendors.
In the Infrastructure as a Service (IaaS) model, the cloud computing vendor provides low-level server resources to host applications for organizations. These low-level resources include all of the physical components you’d need for a physical server, including CPU time, memory space, storage space, and network resources, as shown in Figure 28.2.
The server resources provided may be on a single server, or they may be distributed among several servers. In a distributed environment, the servers may be co-located in a single facility, or they may be separated into multiple facilities located in separate cities. This helps provide for increased availability.
As shown in Figure 28.2, in an IaaS model the customer supplies the operating system and any applications that it needs to run. Most IaaS environments support either the Linux or Windows operating systems. The customer is responsible for any system administration work required for the operating system as well as any application administration. The cloud computing vendor takes responsibility for maintaining the physical infrastructure environment.
In the Platform as a Service (PaaS) model, the cloud computing vendor provides the physical server environment as well as the operating system environment to the customer, as shown in Figure 28.3.
With the PaaS model, the cloud computing vendor takes responsibility for the physical components as well as the operating system administration. It provides system administration support to ensure that the operating system is properly patched and updated to keep up with current releases and security features. This allows the customer to focus mainly on developing the applications running within the PaaS environment.
In the Software as a Service (PaaS) model, the cloud computing vendor provides a complete application environment, such as a mail server, database server, or web server. The vendor provides the physical server environment, the operating system, and the application software necessary to perform the function. This is shown in Figure 28.4.
The downside to cloud computing environments is that they’re very computing intensive. A lot of computer power is required to run a cloud computing environment, and that can become costly.
The technology that made cloud computing possible is virtualization, and this is also what has made Linux a popular choice for cloud computing vendors. The following sections describe what virtualization is, the different types of virtualization available, and how to implement virtualization in a Linux environment.
For organizations that run applications that support lots of clients, a standard performance model dictates that you should separate the different functions of an application onto separate servers, as shown in Figure 28.5.
As shown in Figure 28.5, the application server, the web server, and the database server are located on separate servers. Customers only communicate with the front-end web server. The web server passes the connections to the application, which in turn communicates with the database server. From a performance standpoint, this model makes sense as you dedicate separate computing resources to each element. Also, from a security standpoint this helps compartmentalize access, making the job of any potential attackers a little more difficult.
However, with the increased capacity of servers, this model becomes somewhat inefficient. Dedicating an entire physical server to just running a web server, another physical server to just running the database server, and yet a third physical server to just running the application software doesn’t utilize the full power of the servers and becomes costly.
This is where virtualization comes in. With virtualization, you can run multiple virtual smaller server environments on a single physical server. Figure 28.6 demonstrates this concept.
Each virtual server operates as a stand-alone server running on the physical server hardware. This is called a virtual machine, or VM. None of the virtual servers interacts with each other, so they act just as if they were located on separate physical servers. However, there needs to be a way for each virtual server to share the physical resources on the server fairly, so they don’t conflict with one another.
This is where the hypervisor comes into play. The hypervisor, also called a virtual machine monitor (vmm), acts as the traffic cop for the physical server resources shared between the virtual machines. It provides a virtual environment of CPU time, memory space, and storage space to each virtual machine running on the server. As far as each virtual machine is concerned, it has direct access to the server resources, and it has no idea that the hypervisor is in the middle controlling access to resources.
Since each virtual machine is a separate entity on the server, you can run different operating systems within the different virtual machines. This allows you to easily experiment with running applications in different operating systems, or just different versions of the same operating system. This is all without having to purchase additional servers.
There are two different methods for implementing hypervisors. The following sections discuss what they are and how they differ.
Type I hypervisors are commonly called bare-metal hypervisors. The hypervisor system runs directly on the server hardware, with no middleman. The hypervisor software interacts directly with the CPU, memory, and storage on the system, allocating them to each virtual machine as needed. Figure 28.7 illustrates this setup.
In the Linux world, there are two popular Type I hypervisor packages used:
Type II hypervisors are commonly called hosted hypervisors because they run on top of an existing operating system install. The hypervisor software runs like any other application on the host operating system. Figure 28.8 shows how a Type II hypervisor works.
The Type II hypervisor software runs guest virtual machines as separate processes on the host operating system. The guest virtual machines support guest operating systems, which are completely separated from the host operating system. Thus, you can use a Linux host operating system and still run Windows or macOS guest operating systems.
The attraction of using a Type II hypervisor is that you can run it on an already installed operating system. You don’t need to create a new server environment to run virtual machines. With the Type I hypervisors, you must dedicate a server to hosting virtual machines, while with a Type II hypervisor, your server can perform some (although not a lot) of other functions while it hosts virtual machines.
There are many different popular Windows and macOS Type II hypervisors, such as VMware Workstation and QEMU, but for Linux the one commonly used is Oracle VirtualBox.
The virtual machines that you create to run in the hypervisor must be configured to determine the resources they need and how they interact with the hardware. These configuration settings can be saved to template files so that you can easily duplicate a virtual machine environment either on the same hypervisor or on a separate hypervisor server.
The open-source standard for virtual machine configurations is called the Open Virtualization Format (OVF). The OVF format creates a distribution package consisting of multiple files. The package uses a single XML configuration file to define the virtual machine hardware environment requirements. Along with that file are additional files that define the virtual machine requirements for network access, virtual drive requirements, and any operating system requirements.
The downside to OVF templates is that they are cumbersome to distribute. The solution to that is the Open Virtualization Appliance (OVA) format. The OVA template bundles all of the OVF files into a single tar
archive file for easy distribution.
While utilizing virtual machines is a great way to spin up multiple servers in a server environment, they’re still somewhat clunky for working with and distributing applications. There’s no need to duplicate an entire operating system environment to distribute an application. The solution to this problem is containers. The following sections explore what containers are and how they are changing the way developers manage and distribute applications in the cloud environment.
Developing applications requires lots of files. The application runtime files are usually co-located in a single directory, but often additional library files are required for interfacing the application to databases, desktop management software, or built-in operating system functions. These files are usually located in various hard-to-find places scattered around the Linux virtual directory.
Because of all the ancillary files required to run an application, all too often an application will work just fine in development and then come crashing down when deployed to a production environment that doesn’t accurately reproduce the development environment. In the Windows world, this is commonly referred to as DLL hell, as different applications overwrite common DLL library files, breaking other applications. However, this isn’t limited to just the Windows world; it can also apply to the Linux world.
Containers are designed to solve this problem. A container gathers all of the files necessary to run an application—the runtime files, library files, database files, and any operating system–specific files. The container becomes self-sufficient for the application to run; everything the application needs is stored within the container.
If you run multiple applications on a server, you can install multiple containers. Each container is still a self-contained environment for each particular application, as shown in Figure 28.9.
The application containers are portable. You can run the same container in any host environment and expect the same behavior for the application. This is ideal for application developers. The developer can develop the application container in one environment, copy it to a test environment, and then deploy the application container to a production environment, all without worrying about missing files.
By packaging and distributing an application as a container, the developer is ensured that the application will work for customers the same way it worked in the development environment.
Since containers don’t contain the entire operating system, they’re more lightweight than a full virtual machine, making them easier to distribute. The following sections describe two of the most common container packaging systems used in Linux.
Chapter 19 discussed the use of chroot jails as a method for separating applications running on a Linux system. The first containers utilized this same method to separate applications. Today’s container packages use the chroot jail to separate applications but also incorporate advanced Linux features such as AppArmor and SELinux, kernel namespaces, and additional kernel capabilities.
Linux has been in the forefront of container development, making it a popular choice for developers. Two main container packages are commonly used in Linux:
Just like virtual machines, containers allow you to create templates to easily duplicate container environments. The different types of Linux containers utilize different methods for distributing templates.
The LXC package uses a separate utility called LXD to manage containers. In recent versions, LXD has become so popular that it is now packaged itself as container software, although it still uses the LXC system images of the container.
Docker uses Docker container image files to store container configurations. The container image file is a read-only container image that can store and distribute application containers.
This exercise walks through how to install the VirtualBox software and create a virtual machine.
.iso
file. You don’t need to burn the file; just have it available on the same workstation where you installed VirtualBox..iso
LiveDVD file.Cloud computing provides an easy way to expand the computing resources for a company without having to purchase and administer your own hardware. There are three levels of cloud computing that each provides different services. Infrastructure as a Service (IaaS) provides hardware resources such as servers, storage, and network. Software as a Service (SaaS) runs applications from the cloud servers across the Internet. Platform as a Service (PaaS) provides development environments that consist of an operating system and any libraries required to develop, test, and deliver application software.
Cloud computing environments utilize virtualization to implement many servers without lots of physical hardware. With virtualization, one large server can host multiple smaller guest systems. The hypervisor software manages the resources allocated to each guest system and manages how those resources are used.
There are two types of hypervisor environments used. Type I hypervisors interact directly with the system hardware. Guest systems receive system resources directly from the hypervisor software.
Type II hypervisors run on top of a host operating system. The host operating system interacts with the system hardware and provides resources to the Type II hypervisor, which in turn allocates the resources to the guest systems.
Containers are a different type of virtualization. Containers provide a consistent runtime environment for a single application. When you deploy an application into a container, the application container is guaranteed to run the same way no matter what server it runs on. By deploying applications using containers, you’re guaranteed the application will run the same way in the development, test, and production environments. Containers don’t contain as much overhead as virtual machines, making them easier to distribute.
Describe the three primary methods of providing a cloud computing environment. Public clouds are hosted on servers owned and operated by a third party. The company doesn’t own or operate any of the server hardware; it just utilizes space on those servers. Other companies can rent space in the same public cloud. Private clouds are hosted on servers located within the corporate network. All of the application files as well as data files reside within the corporate network. Hybrid clouds utilize private cloud servers but also interface them with public cloud servers. With the hybrid cloud, data could be located either externally in the public cloud or internally on the private cloud.
Explain the three types of cloud services. Infrastructure as a Service (IaaS) provides hardware-level services to customers. This includes servers, storage space, and the network resources to connect them. Software as a Service (SaaS) runs applications in the cloud environment, allowing customers to access those applications via the Internet. Platform as a Service (PaaS) provides on-demand environments for developing software. In the PaaS cloud service, the server hardware, operating system, and runtime libraries are all provided by the cloud service.
Explain the two types of hypervisors. Type I hypervisors run directly on the system hardware. They act as a middleman between the hardware and the guest operating systems. Type I hypervisors allocate resources to each guest operating system, ensuring that each one gets enough. Type II hypervisors run on top of a host operating system. The host operating system interacts with the server hardware; the hypervisor software must go through the host operating system to access resources. Guest operating systems still only interact with the hypervisor software.
Describe how containers differ from virtual machines. Most container packages don’t include a full operating system as virtual machines do. Container packages only include the library files and application runtime files necessary to run a specific application. This makes the containers lightweight and easy to deploy.
Which cloud service method utilizes only servers owned and operated by a third party?
Tom currently runs a cloud for his company on internal servers but needs some extra processing power to run a new application. What method of cloud service can he look into to leverage his existing cloud without needing to buy more internal servers?
Sally is interested in developing her application in the cloud without having to worry about administering an operating system. What type of cloud service should she buy?
Which type of cloud service allows you to spin up your own operating systems?
Which type of hypervisor interfaces directly with the host system hardware?
Henry already has installed Red Hat Linux on his server but now needs to install virtual machines. What type of hypervisor package should he use?
Which type of hypervisor template bundles all of the configuration files into a single file for distribution?
Fred wants to package his application so that it’s guaranteed to run the same way no matter what Linux distribution his customers use. How can he do this?
tar
file and deploy itWhat method should you use to easily move an application from a development environment to a production environment without having to duplicate the operating system?
Which Linux container package runs an engine as a process on the host operating system and provides a command-line interface to control containers?
18.118.208.97