Cloud & Networking
Reader small image

You're reading from  Microsoft Azure Fundamentals Certification and Beyond

Product typeBook
Published inJan 2022
PublisherPackt
ISBN-139781801073301
Edition1st Edition
Tools
AzureAzure Functions
Concepts
Cloud Computing
Right arrow
Author (1)
Steve Miles
Steve Miles
author image
Steve Miles

Steve Miles is a Microsoft security and Azure/hybrid MVP and MCT with over 20 years of experience in security, networking, storage, end user computing, and cloud solutions. His current focus is on securing, protecting, and managing identities, Windows clients, and Windows server workloads in hybrid and multi-cloud platform environments. His first Microsoft certification was on Windows NT and he is an MCP, MCITP, MCSA, and MCSE for Windows and many other Microsoft products. He also holds multiple Microsoft Fundamentals, Associate, Expert, and Specialty certifications in Azure security, identity, network, M365, and D365. He also holds multiple security, networking vendor, and other public cloud provider certifications.
Read more about Steve Miles

Right arrow

What are the cloud computing delivery models?

Cloud computing generally has three deployment models: public cloud, private cloud, and hybrid cloud:

  • Public cloud, in a nutshell, is a shared entity (multi-tenant) computing model. Hardware and resources such as compute, storage, and networking are owned by the cloud provider and shared with other tenants on the platform, known as multi-tenant or multi-tenancy. Think of this as an apartment block, where you are a tenant that shares the building with other tenants; you pay rent to a landlord for your apartment. In cloud computing, this is the service provider.
  • Private cloud, in a nutshell, is a dedicated entity (single-tenant) computing model. Hardware and resources such as compute, storage, and networking are dedicated to your organization use only; this is single-tenant. Think of this as a house as opposed to an apartment block; you are the single tenant, and you do not share the building with any other tenants. You either own the building or you rent the property and pay a landlord; that is, a private cloud can be hardware that you own in your facility or a third-party hosting provider, colocation data center facilities provider. Alternatively, this could be their hardware that they dedicate to you, which is traditional dedicated server hosting.
  • Hybrid cloud, in a nutshell, is a combination of a shared entity (multi-tenant) computing model and a dedicated entity (single-tenant) computing model. Some computing resources you choose to have running in your private cloud environment and some resources you choose to have running in a public cloud environment based on your needs. This model offers the most agility and flexibility to changes in demand and business requirements:
Figure 1.4 – Cloud computing delivery models

Figure 1.4 – Cloud computing delivery models

This illustration aims to outline some key aspects of the three delivery models of public, private, and hybrid cloud.

In the following section, we will compare each of these delivery models and look at the characteristics of each model in more detail.

Comparing the cloud computing delivery models

From the last section, we can now define what the delivery models are. This section looks at the characteristics of each model in more detail to help you understand when you may choose one over the other.

Each delivery model has several characteristics. The most appropriate model is defined by how much you want (or need/have mandated) to control, secure, and manage your resources, for example, your apps, code, data, networks, security, and so on.

The deployment model defines what control you have over your cloud computing resources, for example, your apps, data, networks, security, and so on. It describes what resources you share or have dedicated for your organization's use.

We use the terms multi-tenant and single-tenant to differentiate between models that share resources or have dedicated resources.

We could analogize this to a house versus a hotel; with a house, you have your private and dedicated front door, stairs, kitchen, TV/movie subscription service, and more, whereas with a hotel, you have a private room dedicated to you for your sole use, but you share a front door, stairs, kitchen/restaurant, TV/movie subscription service, and so on:

Figure 1.5 – Comparing cloud computing delivery models

Figure 1.5 – Comparing cloud computing delivery models

Now that we have a basic understanding of the delivery models, this next section will cover the characteristics of each delivery model in more depth.

Characteristics of public cloud computing resources

To recap, a public cloud is a shared entity (multi-tenant) computing model.

The following are the characteristics of public cloud computing resources:

  • Metered pricing and consumption-based billing and pay-as-you-go monthly usage costs; you only pay for the resources you use, which can allow cost control and cost management.
  • Almost unlimited resources are available.
  • Performance, scalability, and elasticity. Rapid, on-demand, and automated provisioning and de-provisioning computing resources are required.
  • Availability, reliability, fault tolerance, and redundancy.
  • Computing resources access is available anywhere, typically via the internet and a private managed network such as Microsoft's ExpressRoute service.
  • Self-service management, typically through a web browser or a command-line interface.
  • Least control over security, protection, and compliance; you do not have complete control over security and compliance with the public cloud model.
  • Access to computing resources can be provided by Azure Active Directory as the identity and authentication layer and traditional Windows Server Active Directory when you synchronize the directories.
  • Physical hardware is not/cannot be deployed to public cloud computing platforms; virtual servers are provided. However, some cloud providers allow physical hardware to be dedicated to an organization's use.
  • May allow on-premises facilities hosting computing resources to be decommissioned.
  • Expenditure model; move from a CapEx model to an OpEx model. No CapEx on hardware.

The following giants are use case examples of public cloud platforms: Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP).

Characteristics of private cloud computing resources

To recap, a private cloud is a dedicated entity (single-tenant) computing model.

The following are the characteristics of private cloud computing resources:

  • Computing resources created on-premises at the organization's facility or could be provided at a third party's hosting facility; resources only available within the capacity provisioned.
  • It requires a CapEx expenditure model for computing resources.
  • Computing hardware (physical servers/virtualization platforms and so on) is implemented for the organization's sole use. The hardware/physical resources must be supported; failed hardware must be replaced.
  • Required to provide systems and data availability, fault tolerance, scalability, security, protection, update management, maintenance, and support.
  • May allow on-premises facilities hosting computing resources to be decommissioned.
  • Computing resources access is available via a local/private network and typically will have an internet connection. The private cloud resources, however, may be disconnected from the internet or have intermittent access in scenarios such as cruise ships, construction sites, and Formula One teams on the trackside; while some other scenarios, such as regulated or high-security facilities such as medical, research, scientific, defense, and manufacturing, may not permit internet access and so are disconnected from the internet. Being connected or disconnected from the internet is not a defining characteristic of private clouds.
  • The same self-service management functionality and creation of resources is provided as with the public cloud computing model, but you remain in complete control of the security and governance; and you are also entirely responsible for the purchase, implementation, maintenance, and support of the hardware and computing resources you provide from the private cloud platform.
  • You do have complete control over hardware, physical resources, security, and compliance with the private cloud model.
  • Traditional Windows Server Active Directory can provide access to computing resources as the primary identity and authentication layer; Azure Active Directory can also be utilized when connecting to public cloud computing resources through a hybrid model by using directory synchronization as the link between the two identity providers for a consistent, common, or same-sign-on experience.
  • Physical servers can be deployed with the private cloud model.

The following are examples of private cloud platforms: Azure Stack or VMware VCloud.

Characteristics of hybrid cloud computing resources

To recap, a hybrid cloud is a combination of a shared entity (multi-tenant) computing model and a dedicated entity (single-tenant) computing model.

The following are the characteristics of hybrid cloud computing resources:

  • The greatest flexibility in choosing the most appropriate location of computing resources and computing model.
  • The hybrid cloud model provides a choice of creating some computing resources created in the service providers' public cloud computing platforms; some resources are created in your on-premises private cloud platform; both these resources are connected via the internet or a private managed network such as Microsoft's ExpressRoute service.
  • It allows bursting or extend computing resource capacity to a public cloud.
  • Computing hardware (physical servers/virtualization platforms and so on) is implemented for the organization's sole use as part of the private cloud resources. These hardware/physical resources must be supported; failed hardware must be replaced. For public cloud resources, the hardware and physical resources are provided and supported by the service provider of the public cloud resources.
  • It provides the greatest flexibility of access to computing resources via the internet or private networks.
  • Private clouds are not necessarily disconnected from public cloud resources; access may be provided by a private managed network such as ExpressRoute to allow a hybrid cloud approach, a computing model where an organization uses some public cloud resources connected to some private cloud resources.
  • It provides the greatest flexibility of control of security, protection, and compliance.
  • Traditional Windows Server Active Directory can provide access to computing resources as the primary identity and authentication layer; Azure Active Directory can also be utilized when connecting to public cloud computing resources through a hybrid model by using directory synchronization as the link between the two identity providers for a consistent, common, or single-sign-on experience.
  • Physical servers can be deployed within the private cloud and public cloud, but you cannot own these servers in the public cloud; they can only be rented.
  • It provides the greatest flexibility of expenditure model, that is, the ability to choose CapEx or OpEx, whichever is most appropriate for the computing resources.

The following is an example of a hybrid cloud platform: Azure Stack connected to Azure – this scenario could have on-premises virtual machines backing up to Azure or an Azure web app connecting to an on-premises SQL Server, for example.

In this section, we saw the different cloud computing delivery models, how they compare, and the characteristics of each. Now we will take the same approach to look at the cloud computing service models.

Previous Page
Chapter 3 of 21, Page 4
Next Page
You have been reading a chapter from
Microsoft Azure Fundamentals Certification and Beyond
Published in: Jan 2022Publisher: PacktISBN-13: 9781801073301
© 2022 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
undefined
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at £13.99/month. Cancel anytime

Author (1)

author image
Steve Miles

Steve Miles is a Microsoft security and Azure/hybrid MVP and MCT with over 20 years of experience in security, networking, storage, end user computing, and cloud solutions. His current focus is on securing, protecting, and managing identities, Windows clients, and Windows server workloads in hybrid and multi-cloud platform environments. His first Microsoft certification was on Windows NT and he is an MCP, MCITP, MCSA, and MCSE for Windows and many other Microsoft products. He also holds multiple Microsoft Fundamentals, Associate, Expert, and Specialty certifications in Azure security, identity, network, M365, and D365. He also holds multiple security, networking vendor, and other public cloud provider certifications.
Read more about Steve Miles

Personalised recommendations for you

Based on your interests and search pattern

Designing and Implementing Microsoft Azure Networking Solutions

Designing and Implementing Microsoft Azure Networking Solutions

Designing and Implementing Microsoft Azure Networking Solutions Exam Ref AZ-700 is an all-encompassing guide to the AZ-700 exam and contains all the information you need to succeed in the world of virtual networking with Azure. With this book, you will be fully prepared for the exam and the world of cloud networking.

BookAug 2023524 pages
Microsoft 365 Security, Compliance, and Identity Administration

Microsoft 365 Security, Compliance, and Identity Administration

The Microsoft 365 Security, Compliance, and Identity Administration is a comprehensive guide that helps you employ Microsoft 365's robust suite of features and empowers you to optimize your administrative tasks.

BookAug 2023630 pages
Zero Trust Overview and Playbook Introduction

Zero Trust Overview and Playbook Introduction

Get started on Zero Trust with this step-by-step playbook and learn everything you need to know for a successful Zero Trust journey with tailored guidance for every role, covering strategy, operations, architecture, implementation, and measuring success. This book will become an indispensable reference for everyone in your organization.

BookOct 2023240 pages
The Self-Taught Cloud Computing Engineer

The Self-Taught Cloud Computing Engineer

This self-study book helps you master multiple clouds, including AWS, Azure, and GCP, and serves as a roadmap to becoming a certified cloud computing expert. The book will guide you to develop a professional cloud career by helping you build a broad cloud knowledge base, developing hands-on cloud computing skills, and getting cloud certified.

BookSep 2023472 pages
Technology Operating Models for Cloud and Edge

Technology Operating Models for Cloud and Edge

This book will help you build and create ownership of a technology operating model, as well as connect your leadership with engineering and operations, keeping your internal and external customers in mind. It provides practical tips on why, where, and how to make the cloud and edge platform paradigm sing for you, your team, and your organization.

BookAug 2023228 pages
Azure Architecture Explained

Azure Architecture Explained

Azure is the preferred platform to build mission-critical and secure apps. This book provides comprehensive coverage of essential Azure products, services, and solutions vital for every solution architect's success. Elevate your knowledge and master the critical components of Azure to excel in your role with Azure Architecture Explained.

BookSep 2023446 pages
Pentesting Active Directory and Windows-based Infrastructure

Pentesting Active Directory and Windows-based Infrastructure

This practical guide helps you explore the pentesting of Microsoft infrastructure in detail, and enhances your offensive skillset by showing you the different ways to perform security assessment. This book will help blue teamers and IT engineers get up to speed with possible security issues they may encounter in their Windows environments.

BookNov 2023360 pages
Practical Ansible

Practical Ansible

In Practical Ansible, you'll work with the latest release of Ansible and learn to solve complex issues quickly with the help of task-oriented scenarios. You'll start by installing and configuring Ansible to automate monotonous and repetitive IT tasks and get to grips with concepts such as playbooks, inventories, plugins, collections, and network modules.

BookSep 2023420 pages
Windows 11 for Enterprise Administrators

Windows 11 for Enterprise Administrators

Microsoft’s launch of Windows 11 is a step toward satisfying the enterprise administrator’s needs for better management and enhanced user experience customization. This book provides the enterprise administrator with the knowledge needed to fully utilize the advanced feature set of Windows 11 Enterprise.

BookOct 2023286 pages
The Linux DevOps Handbook

The Linux DevOps Handbook

This book is for software and IT professionals seeking knowledge on Linux systems and DevOps practices. This book will provide you with guidance and tools to learn and gain proficiency in managing Linux-based infrastructures and knowledge of DevOps.

BookNov 2023428 pages2