Cloud Provider Evaluation
matador
TypicalCloudArchitectures.pdf
3/5/22, 12:32 PM Typical Cloud Architectures
https://leocontent.umgc.edu/content/scor/uncurated/cca/2218-cca610/learning-topic-list/typical-cloud-architectures.html?ou=622270 1/8
Learning Topic
Typical Cloud Architectures Single Server
The most basic use of the cloud is to provision a single virtual server, running your
application along with supporting service applications such as a database. Although a
single server is not much of an architecture, it can be used in a proof of concept project to
get your first experience with a particular cloud provider and see how easy and how fast
the provisioning process is.
3/5/22, 12:32 PM Typical Cloud Architectures
https://leocontent.umgc.edu/content/scor/uncurated/cca/2218-cca610/learning-topic-list/typical-cloud-architectures.html?ou=622270 2/8
Single Server with Services
Instead of packing everything into a single server, a cloud consumer can advantage of
services available from the cloud provider. Here, we illustrate the use of a firewall service
and a database service. The provider will be responsible for provisioning the services and
keeping them running. The cloud consumer needs to populate and administer the data in
the database service. To accomplish that, the cloud consumer’s database administrator will
access the database using a virtual private network (VPN) connection over the Internet to
ensure security. The virtual server will run the business application and will connect to the
database service via a private network within the cloud provider’s data center.
Application with Security Zones and On-Premise IT Connectivity
3/5/22, 12:32 PM Typical Cloud Architectures
https://leocontent.umgc.edu/content/scor/uncurated/cca/2218-cca610/learning-topic-list/typical-cloud-architectures.html?ou=622270 3/8
For large databases, proprietary data storage solutions, or databases unsupported by the
cloud provider, the data can be stored in a separate database virtual server. The cloud
provider will maintain the server but not the database. Because businesses value their
data as their most precious commodity, they will want to secure it by isolating it from
public Internet.
This can be accomplished by placing the database server in a separate private virtual local
area network (VLAN) than the application server, or a separate subnet in the same VLAN
as the application server. These VLANs (or subnets) will enforce security zones for their
devices. They will be made available to the outside by using network gateways: an
Internet gateway for the application server and a VPN gateway for the database server. In
addition, a network address translation (NAT) gateway between the security zones will
make sure that only trusted traffic can pass between them. These gateways are often
offered as a service by the cloud providers.
The VPN gateway for the database server can connect it to the on-premises enterprise
network of the cloud consumer, for taking on-premise backups, or integrating the cloud
solution with on-premises systems, enabling hybrid cloud deployments.
3/5/22, 12:32 PM Typical Cloud Architectures
https://leocontent.umgc.edu/content/scor/uncurated/cca/2218-cca610/learning-topic-list/typical-cloud-architectures.html?ou=622270 4/8
Load Balancing, Auto-Scaling, Database Replication
User loads placed on web applications can differ significantly depending on the time of
the day, week, year, or any other circumstances. To remedy that, cloud providers offer
auto-scaling services. The cloud consumer can define an auto-scale group, specifying a
lower and upper limit on the number of servers in the group, the machine images from
which the servers are provisioned, and circumstances leading to up-and down-scaling in
the group. These can be based on calendar, or use of network bandwidth, CPU, or
memory on the servers.
3/5/22, 12:32 PM Typical Cloud Architectures
https://leocontent.umgc.edu/content/scor/uncurated/cca/2218-cca610/learning-topic-list/typical-cloud-architectures.html?ou=622270 5/8
In order to split the incoming requests among the servers, a load-balancing service directs
the requests to the members of the group based on server use, or various queuing
algorithms (round-robin being the simplest).
With the database server, duplication requires keeping copies of the database in sync. A
preferred solution is to have one master database server, with a slave database server --
one using the database provider’s replication and synchronization capability. It ensures the
fault tolerance with respect to the database.
3/5/22, 12:32 PM Typical Cloud Architectures
https://leocontent.umgc.edu/content/scor/uncurated/cca/2218-cca610/learning-topic-list/typical-cloud-architectures.html?ou=622270 6/8
Fault Tolerance and High Availability
The concept of replication can be extended to the application server, providing for a cloud
deployment that is fault-tolerant with respect to servers, and ensuring availability in
situations such as natural disasters or other circumstances that cause the whole data
center to go offline.
In addition, the application and databases can be replicated to different geographical
regions, ensuring fast access from remote geographical locations. And, replication can
help satisfy local government regulations regarding data privacy, which may require the
user’s data to reside within specific regions.
Fast Delivery of Static Content – Object Storage, Content Delivery Network
3/5/22, 12:32 PM Typical Cloud Architectures
https://leocontent.umgc.edu/content/scor/uncurated/cca/2218-cca610/learning-topic-list/typical-cloud-architectures.html?ou=622270 7/8
While dynamic application data has to reside within the database server or service, static
content such as text, graphics, video, or audio files that don’t change that often can reside
in a slower but less expensive media. For that purpose, cloud providers offer object
storage, which can be thought of as an Internet-based file system, allowing for storage of
files organized into containers in a geographically distributed, replicated, secured storage.
While not at the speeds of local storage, object storage offers fault tolerance, resilience,
and virtually unlimited capacity at the cost of data consistency being “eventual” rather
that immediate.
Data stored in object storage can be often served by content delivery networks (CDNs) –
a service allowing for geographically distributing data and serving it from the closest
geographical location to the place from which the data request originates.
3/5/22, 12:32 PM Typical Cloud Architectures
https://leocontent.umgc.edu/content/scor/uncurated/cca/2218-cca610/learning-topic-list/typical-cloud-architectures.html?ou=622270 8/8
Architecture Components Can Be Mixed and Matched
Bear in mind that cloud providers may allow some of the architectural components
illustrated here to be mixed and matched. For example, the auto-scale groups and
replicated databases could be placed in security zones, and VPN gateways could be linked
to different servers to corporate on-premises networks.
References
Open Data Center Alliance. (2014). Best practices: Architecting cloud-aware applications,
rev. 1.0. Retrieved from
https://www.opendatacenteralliance.org/docs/architecting_cloud_aware_applicati
ons.pdf
© 2022 University of Maryland Global Campus
All links to external sites were verified at the time of publication. UMGC is not responsible for the validity or integrity
of information located at external sites.
