Cloud computing Study Guide

📖 Core Concepts Cloud Computing – Network‑accessible pool of scalable, elastic resources (physical or virtual) that can be provisioned automatically on demand. Essential Characteristics (NIST) On‑demand self‑service: Users provision compute, storage, networking without human interaction. Broad network access: Services reachable from thin (browser) or thick (VM) clients on any device. Resource pooling: Multi‑tenant model; resources are dynamically assigned to many consumers. Rapid elasticity: Capacity can expand or shrink automatically, appearing unlimited. Measured service: Usage is metered, monitored, and billed like a utility. Service Models – IaaS (virtual hardware), PaaS (development platform), SaaS (hosted applications), Serverless (run code without provisioning). Deployment Models – Private, Public, Hybrid, Community, Multi‑cloud. Shared Responsibility – Provider secures infrastructure; consumer secures data, identity, application‑level controls (varies by service model). --- 📌 Must Remember Pay‑as‑you‑go replaces CapEx with OpEx; costs scale with actual consumption. Elastic workloads (variable traffic, start‑ups, SaaS) = cloud advantage. Regulatory/latency‑critical workloads may stay on‑premises or hybrid. Top cloud security threats: insecure APIs, data loss/leakage, hardware failure, hyperjacking. Vendor lock‑in arises from proprietary services; multi‑cloud mitigates but adds integration overhead. Cloud bursting: Private cloud offloads excess demand to public cloud, paying only for the overflow. --- 🔄 Key Processes Provisioning a VM (IaaS) Select instance type → configure CPU, RAM, storage → set networking & security groups → launch → monitor usage. Deploying an app (PaaS) Write code → push to platform → platform builds container/environment → auto‑scales based on load → expose endpoint. Serverless function execution Upload function code → define trigger (HTTP, queue, schedule) → provider provisions runtime on demand → automatically scales to zero when idle. Hybrid Cloud Migration Workflow Assess workload → classify data sensitivity → choose migration tool (lift‑and‑shift, refactor) → pilot migration → monitor performance & cost → optimize. --- 🔍 Key Comparisons IaaS vs. PaaS – IaaS: you manage OS, middleware, apps; PaaS: provider manages OS & middleware, you only manage apps. Public Cloud vs. Private Cloud – Public: shared infrastructure, pay‑per‑use, fast scale; Private: dedicated hardware, higher control, larger upfront cost. Hybrid Cloud vs. Multi‑cloud – Hybrid: mix of private + public for a single workload; Multi‑cloud: use services from multiple public providers, often for redundancy or best‑of‑breed features. Serverless vs. Traditional VM – Serverless: no server management, event‑driven billing per execution; VM: always‑on resources, billed per hour/second regardless of use. --- ⚠️ Common Misunderstandings “Unlimited” resources – Elasticity is bounded by provider quotas and regional capacity; you must request limit increases. Security is the provider’s sole job – Only the underlying hardware/physical security is provider‑controlled; data encryption, IAM, patching of OS/apps remain consumer responsibilities. Zero cost when idle – Serverless may be cheap, but storage, data transfer, and reserved resources still incur charges. All latency issues disappear – Network latency still exists; edge/fog computing may be needed for ultra‑low‑latency apps. --- 🧠 Mental Models / Intuition “Utility Meter” Model – Treat cloud like electricity: you turn on a light (resource), it runs, the meter (metering service) records kWh (CPU‑hours, GB‑storage). “Layer Cake” – Visualize SaaS on top, PaaS in the middle, IaaS at the bottom; each layer abstracts the one below, reducing management effort but also control. “Elastic Balloon” – Imagine workload demand as a balloon; the cloud inflates or deflates capacity instantly to keep the balloon from popping (overload) or sagging (under‑provisioned). --- 🚩 Exceptions & Edge Cases Compliance‑driven data residency – Some regulations (GDPR, HIPAA) require data to stay within specific regions; public cloud may need explicit region selection or a private cloud. Ultra‑low‑latency trading – Even the fastest public cloud cannot match co‑located exchange hardware; on‑premises or dedicated edge solutions are required. Burstable workloads exceeding quota – If burst demand surpasses your service limits, the provider will throttle or reject requests unless limits are raised. --- 📍 When to Use Which Choose IaaS when you need full OS control, custom middleware, or legacy applications. Choose PaaS for rapid app development, built‑in scaling, and when you don’t want to manage servers. Choose SaaS for ready‑to‑use applications (CRM, email) with minimal customization. Choose Serverless for event‑driven workloads, infrequent spikes, or micro‑services where per‑execution billing saves cost. Select Private Cloud for strict compliance, predictable heavy workloads, or data sovereignty. Select Public Cloud for variable demand, global reach, and access to managed AI/ML services. Adopt Hybrid when you want to keep sensitive data on‑premises but burst to the public cloud during peaks. --- 👀 Patterns to Recognize “Pay‑per‑use + Elastic” phrasing in questions → focus on IaaS/PaaS/Serverless cost models. “Multi‑tenant risk” → think about hyperjacking, API security, and shared‑responsibility gaps. “Latency‑critical” → consider edge/fog or on‑premises solutions rather than pure public cloud. “Compliance/regulation” → look for private or hybrid deployment clues. --- 🗂️ Exam Traps Distractor: “Cloud eliminates all security responsibilities.” – Wrong; only physical/infrastructure security is provider’s duty. Distractor: “Serverless always cheaper than VMs.” – Not true for steady, high‑throughput workloads where always‑on VMs may be cheaper. Distractor: “Hybrid cloud = multi‑cloud.” – Hybrid blends private & public for a single workload; multi‑cloud uses several public providers independently. Distractor: “Rapid elasticity means infinite resources.” – Providers impose quotas; you must request limit increases. Distractor: “All data is automatically encrypted.” – Encryption must be configured (at rest, in transit) by the consumer in most models.