Project 4: Develop the Training and Operations Plan
Inca
Project3_CloudBackupandArchivingDeployment.docxCLOUD BACKUP AND ARCHIVING DEPLOYMENT PLAN 17
Cloud Backup and Archiving Deployment Plan
Executive Summary
The demand for cloud infrastructure has grown and continues to expand as businesses are reshaping operations. Storage of data in a remote facility has been beneficial to firms as it is convenient in manipulating and retrieving documents. Amazon has pioneered the development of reliable cloud infrastructure and offers the flexibility required for all business needs. This varies from overly complex and large business solutions to small and medium enterprises. The Amazon Web Services (AWS) comprises a Virtual Private Cloud (VPC) that enables computing power similar to traditional data centers on a defined Virtual Machine (VM). The use of VMs eliminates the need for the storage facility and enables BallotOnline to enjoy the benefits of scaling and redundancy contributed by the use of cloud computation. The AWS Elastic Cloud Computing (EC2) is a service that facilitates the deployment of data on a server, specifies routing channels used, defines security protocols applicable, and includes a user-friendly System Development Kit (SDK). The SDK provides an Application Programming Interface (API) where a user configures the requirements for a VPC.
Networking in Cloud Environments
The communication between the VPC and the user over the internet (facilitated by an internet gateway) is required to access shared file resources. A gateway aims to provide a concrete path for traffic flowing from the VPC and interpretation of the traffic to the specific intended IPv4 and IPv6 addresses. There exist two types of subnets.
· Public subnet: contains a routing table (a set of instructions that links data traffic to a specific IP address destination) that is connected to a route to the internet gateway.
· Private subnet: It has a routing table not associated with a route to an internet gateway.
Egress-only internet gateways are highly secure VPC components that provide scalability and redundancy horizontally across IPv6. This facilitates communication from the internet to the VPC and presents the creation of instances by the internet to the users over IPv6. In our case, we are not adopting IPv6 since the Network Address Translation (NAT) converts private addresses to public addresses posing a security threat. In case of failure, public and static IPv4 addresses help mitigate failure at an instance by remapping to an alternative VPC; an elastic IP address facilitates this. For an elastic IP address to function, it must be associated with an instance on the network. A peering connection is instantiable when there is a requirement for traffic routing between two VPC securely. The communication between the instances in the network can be conducted as if they are in the same network. A transit gateway can be created on the AWS interface that offers the peering connection function facilitating communication between the available VPC as required.
Configuration and Deployment of VPC
The VPC is used in creating a private and a segmented section of the AWS cloud.
Steps
1. Open the VPC console. This can be done using the link.
https://console.aws.amazon.com/vpc/
2. Creation of new VPC
3. Open the link then:
· On the left menu click your VPCS
· Then click on "Create VPC". (another window opens that require to enter the VPC name)
Cloud Storage Evaluation Provider Metrics
AWS provides a cost-efficient, flexible, and user-friendly data storage facility for a user's instance. The options provided have different uniqueness, combinations, and sustainability. The storage options available can be combined or used independently to suit the user's needs. The data storage options are:
Amazon Elastic Block Store (EBS)
It is characterized by providing block-level, durable storage that is attachable to an instance. EBS is used in data storage where the data requires fast and periodic updates. After attachment to an instance, an EBS can be used as any other hard drive such that it can be attached and detached from an instance. The volume can also be altered accordingly. Also, encryption of EBS can be done to increase security.
Instance storage is a mechanism where instances access storage of the user's computer. This is temporary block-level storage for instances. The data is only available during the life cycle of the instance.
Amazon Elastic File System (EFS)
It provides expansive file storage. A user creates an EFS and mounts it on the configured instance. This storage mechanism is familiar with the central data source for applications utilizing multiple instances.
Amazon Simple Storage Service (S3)
It provides access to cost-effective and reliable data storage. Its purpose is to make web-based computing efficient by facilitating access to an array of data and sizes at a given period from the VPC or anywhere on the internet.
Configuration and Deployment of S3 Bucket in AWS Steps:
1. On the Amazon S3 console that can be accessed by clicking on the link http://console/aws.amazon.com/s3/ click on the create bucket
2. Enter the bucket name, then select the target region, e.g., US east. Let all the rest remain as default, then click on create a bucket.
The bucket is successfully created. After successful creation, the bucket appears on the list.
Data Broker and Cloud Sync
Data Broker software is used when syncing data from one source to another target. In this case, NetApp is used.
Configuration and Deployment of Data Broker and Cloud Sync Steps:
1. Install a data broker e.g., NetApp using link https://cloud.netapp.com/cloud-sync
2. Use the 14-day trial of the cloud sync. After completing, the data broker for AWS will be deployed.
3. Click on the select source and target screen.
4. Drag the server SMB to source, and Amazon S3 to target, then click continue.
5.
SMB server IP is then entered, then click continue.
The Relationship
6. Click on AWS data broker. Enter the name for the NETAPP data broker, then click continue.
7. Then a stack template opens the click next.
8. Review the acknowledgment before clicking, then click create. Click on the cloud sync page, then click on continue.
9. Select backup and achieving, then continue.
10. Select the AWS S3 bucket, then select the bucket of choice and continue. Click on continue until the process is 100%
Deployment of Cloud Monitoring
Amazon cloud watch is used to monitor resources in the AWS to minimize the time required for problem detections. It collects and keeps track of metrics, monitors application performance. It sends alarms on changes based on the rules defined by the user.
Steps
1. Click on services, under management and governance, click on the cloud watch.
2. Click on billings, then click on next. Enter the metrics, time range, and the currency used.
3.
Click on the Create alarm.
4. Click on the dashboard. Select configure.
5.
As on populated the figures a line graph is formed.
The monitor helps in the calculation of metric charges for users on the network.
Cloud Implementation/ Migration Steps
The best method in cloud implementation involves an agile methodology that entails beginning with small chunks of stories or workload (a set of rules and configurations that deliver value to a business), iterating, measuring, managing, and scaling. This approach involves:
· Structuring epics (a body of work usable by the end-user) responsive to change.
· Develop a significant and prioritized backlog,
· Report the progress to the implementation officer for appropriate record keeping.
· Build a roadmap that shows the migration of data, making sure it is effective and efficient per stakeholders' objectives.
After that, grouping teams of 8 to 9 colleagues with similar technical abilities.
The teams are tasked with pioneering integration, facilitating primary migration, and preparing BallotOnline to run a firm-wide migration.
· Conduct a meeting with the scrum team (structured software developers grouped) to evaluate the finding of readiness in migration.
· Identify 20 applications that can be migrated to the AWS.
· Set up a backlog emphasizing pre-prepared workloads for all structured and unstructured data from existent migration patterns.
· Select a leader for the scrum for backlog management.
Data is then migrated periodically after 14 days.
All the above steps should be carefully thought out and documented. Communication should be kept open to report progress and faults that may arise to ensure data integrity is maintained.
User Training Plan
a. Key Training Issues
Humans are resistant to change even though it is inevitable. Employers are sometimes worried that cloud computing endeavors may not be seamless or incur some losses due to the migration. The existing workforce is familiar with the business's roles and objectives. Operations are different in the cloud than in offline data centers. Therefore, critical technical training is vital for business practices. For a seamless transition, the employer can opt to train the existing workforce that has technical understanding. It is cheaper to train the incumbent workers than to recruit and train new staff.
b. Training Methods
There is no one size fits all training that addresses all the needs of BallotOnline. There are different skill sets required by various employees that suit their job functions and responsibilities. A classroom setting where an instructor delivers information to learners is an effective method of imparting knowledge for all employees to gain an equal amount of expertise. Interactive learning where there are quizzes and application scenario helps in the retention of skills acquired in the training session. Another training mechanism is where the instructor simulates a realistic working environment, and employees develop hands-on skills from the program. According to an employee's job description, top management is mandated to choose the most relevant and effective training method that will ensure the attainment of BallotOnline goals.
Plans, Policies, and Procedures to Support Cloud Operation
Setting up a VPC is an intricate procedure that can lead to legal and ethical considerations that require policy compliance. The user usually signs an agreement that the Cloud Service Provider, in this case, AWS, is responsible for ensuring data integrity. BallotOnline needs to maintain confidentiality in its internal matters that would otherwise expose its information to competitors decreasing a firm's competitive advantage. The procurement of cloud computing is subject to contract law and legislation that dictates the acquisition of the VPC resources and the interaction with the remote datacenters. The contract contains policies and procedures that are to be adhered to maintain data confidentiality. A violation of the dictated tenets can have legal implications binding to the party that breaches the agreement. The policies and procedures may include a non-disclosure agreement on the amount of data or type stored on the cloud. This ensures there are no malpractices, such as selling a customer's information utilizing cloud computing resources. Data protection is done on personal data that can be identified and inferred to a specific customer. Data encryption is one of the methods that ensure data confidentiality.
Virtual Network Infrastructure Design
The Amazon VPC comprises public and private subnets. The default network Access Control List (ACL) shares a private subnet, and another contains a private subnet that entails dedicated network ACLs on a single subnet. Amazon VPC includes a division of the address space into multiple availability zones, deploying NAT instances or gateways for sending resources on a network right after that. The network can be adjusted accordingly by increasing or decreasing the subnets and availability zones (AZ), combining other AWS features to achieve the desired network infrastructure.
The quickstep is an AWS predefined network infrastructure template that contains several already created AZ and subnets managed by NAT gateways for every subnet of each AZ. Moreover, a user can create private subnets with custom ACLs declaring the inbound and outbound rules on the network. The utilization of the networking template infrastructure in a geographical location with no support for NAT gateways instances is initiated instead. The network infrastructure template also contains endpoints of the VPC. This offers a reliable and secure connection to the S3 without the need for an internet gateway, virtual gateway, or NAT components to the end-user. Resources on S3 can be accessed in the VPC location in which it was formed.
Cloud Metering Implementation Steps
Four broad elements are used in determining the price payable for utilization of cloud resources. They include the number of users connected to the network, the amount of data transferred through the network, the range of frequency of operation (bandwidth), and the number of hosts. The metering service is used with Amazon Machine Imaging (AMI), Software as a Service (SaaS), and containers.
All Software that implements the use of AMI must meet the criteria as follows. A user's Software must be initiated from AWS Marketplace through AMI. If a product exists in the AWS Marketplace, then the user should create a new AMI and create a new product to make the feature functional. All programs launched on the VPC should be provided with AWS Identity and Access Management (IAM). An end-user must integrate an IAM function to the EC2 instance that the customer provides with the Software. When an application program is deployed through the AWS Marketplace, the use of IAM is voluntary. Therefore, the application and its capabilities can then detect the level of consumption. The metering service charges are done along with a single defined category that can be split into several dimensions. The pricing is done on resources provided and priced on an hourly basis. The consumption is calculated and billed monthly like the AWS Marketplace.
Public Cloud Infrastructure Design
The cloud infrastructure design is distributed to various client teams with different expertise and capabilities to develop efficient systems deployable on the cloud. There are risks that the top management bears in the deployment of a cloud, such as:
· The correctness of the teams in achieving the laid-out objectives.
· A set of standards that define each team member's role ensures the realization of BallotOnline's goals and objectives outlined.
· Automation of services checks on the quality of services offered to customers.
The building of a public cloud is designed from the end-user coming to the technical teams. This is a mechanism that ensures maximum customer satisfaction from the use of AWS resources.
Five pillars ensure efficient deployment of cloud infrastructure. These are operational excellence that aids the development of appropriate components and run workloads providing an understanding of best operations and carry-on improvement of subordinate procedures and processes for optimum business value. Security pillar entails protecting data, digital assets, and systems to exploit the power of AWS cloud technology for maximum security. The performance of a workload as it is intended at the required time is a reliability feature required in cloud designing. A public cloud should efficiently utilize resources to meet the VPC system requirements and provide timely changes with technological evolution. Lastly, cloud infrastructure should be developed to reduce the overhead running cost in the delivery of business values.
Plan for Monitoring Vendor Service Charges
The charges are incurred according to how the users use the resources and the time they use them. The cost is calculated per hour. Using the AWS free tier is a good way of assessing the usage of AWS resources. However, it is good practice to check the billing and cost management section occasionally. From the dashboard, there is data represented in tables and graphs that give a breakdown of AWS usage. AWS budgets enable tracking and provide actions on AWS usage and cost. The measures include sending emails to up to 10 users, providing a forecast on usage according to the current trends, stopping AWS user usage when a specific limit is reached.
Some policies ensure a business budgetary regulation to work within a specified cost. This encompasses user communication with the budget services, and the budget service performs the given instructions by a user. The budget service works with the configuration of IAM that does not require regular alteration.
Conclusion
The deployment of data in the cloud is a methodology that contains interactive procedures that must be adhered to for a successful transition from traditional IT to a cloud-based operation in a business setting. AWS includes storage facilities and a friendly interface that enables a firm to configure the technological tools for cloud deployment. Also, AWS provides tools for usage monitoring that ensures clients track their consumption of AWS. Isolation of VPC is essential for ensuring the data integrity of a network. According to relevance in the departmental goals, several teams need to be identified and categorized according to BallotOnline's goals and objectives. Employees may require training for an efficient and seamless transition to cloud-based operations. Therefore, policies and guidelines must be observed to avoid legal and ethical concerns against AWS from its clients.
References
Anthony, A. (2018). AWS: Security Best Practices on AWS: Learn to Secure Your Data, Servers, and Applications with AWS. Packt Publishing. Retrieved from http://ezproxy.umgc.edu/login?url=https://search.ebscohost.com/login.aspx?direct=true&db=e025xna&AN=1733803&site=eds-live&scope=site&ebv=EB&ppid=pp_Cover.
Gu, C., Huang, H., & Jia, X. (2014). Power Metering for Virtual Machine in Cloud Computing-Challenges and Opportunities. IEEE Access, 2, 1106–1116. https://doi-org.ezproxy.umgc.edu/10.1109/ACCESS.2014.2358992
Kevin L. Jackson, & Scott Goessling. (2018). Architecting Cloud Computing Solutions: Build Cloud Strategies That Align Technology and Economics While Effectively Managing Risk. Packt Publishing. Retrieved from http://ezproxy.umgc.edu/login?url=https://search.ebscohost.com/login.aspx?direct=true&db=e025xna&AN=1823660&site=eds-live&scope=site&ebv=EB&ppid=pp_C.
Sarkar, A., & Shah, A. (2018). Learning AWS: Design, Build, and Deploy Responsive Applications Using AWS Cloud Components, 2nd Edition: Vol. Second edition. Packt Publishing. Retrieved from http://ezproxy.umgc.edu/login?url=https://search.ebscohost.com/login.aspx?direct=true&db=e025xna&AN=1708502&site=eds-live&scope=site&ebv=EB&ppid=pp_Cover.
Yoo, C. (2011). Cloud Computing: Architectural and Policy Implications. Review of Industrial Organization, 38(4), 405–421. https://doi-org.ezproxy.umgc.edu/10.1007/s11151-011-9295-7
