Preface

The idea of cloud computing isn’t new, or overly complicated from a technology resources and Internet perspective. What’s new is the growth and maturity of cloud computing methods, and strategies that enable business agility goals. Looking back, the phrase “utility computing” didn’t captivate or create the stir in the information industry as the term “cloud computing” has in recent years. Nevertheless, appreciation of readily available resources has arrived and the utilitarian or servicing features are what are at the heart of outsourcing the access of information technology resources and services. In this light, cloud computing represents a flexible, cost-effective and proven delivery platform for business and consumer information services over the Internet. Cloud computing has become an industry game changer as businesses and information technology leaders realize the potential in combining and sharing computing resources as opposed to building and maintaining them.

There’s seemingly no shortage of views regarding the benefits of cloud computing nor is there a shortage of vendors willing to offer services in either open source or promising commercial solutions. Beyond the hype, there are many aspects of the Cloud that have earned new consideration due to their increased service capability and potential efficiencies. The ability to demonstrate transforming results in cloud computing to resolve traditional business problems using information technology management’s best practices now exists. In the case of economic impacts, the principles of pay-as-you-go and computer agnostic services are concepts ready for prime time. Performances can be well measured by calculating the economic and environmental effects of cloud computing today.

In Cloud Computing and Virtualization, Dac Nhuong Le et al. take the industry beyond mere definitions of cloud computing and virtualization, grid and sustainment strategies to contrasting them in day-to-day operations. Dac-Nhuong Le and his team of co-authors take the reader from beginning to end with the essential elements of cloud computing, its history, innovation, and demands. Through case studies and architectural models they articulate service requirements, infrastructure, security, and outsourcing of salient computing resources.

The adoption of virtualization in data centers creates the need for a new class of networks designed to support elasticity of resource allocation, increasing mobile workloads and the shift to production of virtual workloads, requiring maximum availability. Building a network that spans both physical servers and virtual machines with consistent capabilities demands a new architectural approach to designing and building the IT infrastructure. Performance, elasticity, and logical addressing structures must be considered as well as the management of the physical and virtual networking infrastructure. Once deployed, a network that is virtualization-ready can offer many revolutionary services over a common shared infrastructure. Virtualization technologies from VMware, Citrix and Microsoft encapsulate existing applications and extract them from the physical hardware. Unlike physical machines, virtual machines are represented by a portable software image, which can be instantiated on physical hardware at a moment’s notice. With virtualization, comes elasticity where computer capacity can be scaled up or down on demand by adjusting the number of virtual machines actively executing on a given physical server. Additionally, virtual machines can be migrated while in service from one physical server to another. Extending this further, virtualization creates “location freedom” enabling virtual machines to become portable across an ever-increasing geographical distance. As cloud architectures and multi-tenancy capabilities continue to develop and mature, there is an economy of scale that can be realized by aggregating resources across applications, business units, and separate corporations to a common shared, yet segmented, infrastructure.

Elasticity, mobility, automation, and density of virtual machines demand new network architectures focusing on high performance, addressing portability, and the innate understanding of the virtual machine as the new building block of the data center. Consistent network-supported and virtualization-driven policy and controls are necessary for visibility to virtual machines’ state and location as they are created and moved across a virtualized infrastructure.

Dac-Nhuong Le again enlightens the industry with sharp analysis and reliable architecture-driven practices and principles. No matter the level of interest or experience, the reader will find clear value in this in-depth, vendor-neutral study of cloud computing and virtualization.

This book is organized into thirteen chapters. Chapter 1, “Live Migration Concept in Cloud Environment,” discusses the technique of moving a VM from one physical host to another while the VM is still executing. It is a powerful and handy tool for administrators to maintain SLAs while performing optimization tasks and maintenance on the cloud infrastructure. Live migration ideally requires the transfer of the CPU state, memory state, network state and disk state. Transfer of the disk state can be circumvented by having a shared storage between the hosts participating in the live migration process. This chapter gives the brief introductory concept of live migration and the different techniques related to live migration such as issues with live migration, research on live migration, learning automata partitioning and, finally, different advantages of live migration over WAN.

Chapter 2, “Live Virtual Machine Migration in Cloud,” shows how the most well known and generally sent VMM-VMware is defenseless against reasonable assaults, focusing on their live migration’s usefulness. This chapter also discusses the different challenges of virtual machine migration in cloud computing environments along with their advantages and disadvantages and also the different case studies.

Chapter 3, “Attacks and Policies in Cloud Computing and Live Migration,” presents the cloud computing model based on the concept of pay-per-use, as the user is required to pay for the amount of cloud services used. Cloud computing is defined by different layer architecture (IAAS, PAAS and SAAS), and models (Private, Public, Hybrid and Community), in which the usability depends on different models. Chapter 4, “Live Migration Security in Cloud,” gives different security paradigm concepts that are very useful at the time of data accessing from the cloud environment. In this chapter different cloud service providers that are available in the market are listed along with security risks, cloud security challenges, cloud economics, cloud computing technologies and, finally, common types of attacks and policies in cloud and live migration.

Chapter 5, “Solutions for Secure Live Migration,” analyzes approaches for secure data transfer, focusing mainly on the authentication parameter. These approaches have been categorized according to single- and multi-tier authentication. This authentication may use digital certificate, HMAC or OTP on registered devices. This chapter gives an overview of Cloud security applications, VM migration in clouds and security concerns, software-defined networking, firewalls in cloud and SDN, SDN and Floodlight controllers, distributed messaging system, customized testbed for testing migration security in cloud. A case study is also presented along with other use cases: Firewall rule migration and verification, existing security scenario in cloud, authentication in cloud, hybrid approaches to security in cloud computing and data transfer, and architecture in cloud computing.

Chapter 6, “Dynamic Load Balancing Based on Live Migration,” concentrates on ancient data security controls (like access controls or encryption). There are two other steps to help operate unapproved data moving to cloud services: Monitor for large internal data migrations with file activity monitoring (FAM) and database activity monitoring (DAM) and monitor for data moving to the cloud with universal resource locater (URL) filters and data loss prevention. This chapter gives an overview of detecting and preventing data migrations to the cloud, protecting data moving to the cloud, application security, virtualization, VM guest hardening, security as a service, identity as service requirements, web services SecaaS requirements, email SECaaS requirements, security.

Chapter 7, “Live Migration in Cloud Data Center,” introduces the use of load balancing is to improve the throughput of the system. This chapter gives an overview of different techniques of load balancing, load rebalancing, and a policy engine to implement dynamic load balancing algorithm, some load balancing algorithms and VMware distributed resource scheduler.

In Chapter 8, “Trusted VMv-TPM,” data center network architectures and various network control mechanisms are introduced. Discussed in the chapter is how resource virtualization, through VM migration, is now commonplace in data centers, and how VM migration can be used to improve system-side performance for VMs, or how load can be better balanced across the network through strategic VM migration. However, all the VM migration works in this chapter have not addressed the fundamental problem of actively targeting and removing congestion from oversubscribed core links within data center networks. The TPM can...