#30daysofcybersecurity Day 11: VIRTUALIZATION PART II

INSTALLING THE OPERATING SYSTEM

Once the new guest virtual machine is created, the installation of a guest operating system follows. You need to install an operating system on that virtual machine. You can do this using some form of optical media. Because virtual machines are so flexible on hardware, all good virtual machine managers enable using the host machine’s optical drive, a USB thumb drive, or an ISO file. One common way is to tell the new virtual machine to treat an ISO file as its optical drive. After going through all the configuration and operating system installation screens, you can start using your virtual machine.

SERVER-SIDE VIRTUALIZATION

Coming to servers, virtualization has taken over everywhere. Many servers we access like web and email servers are now virtualized. VMWare workstation and VirtualBox are very powerful desktop applications but still need to run on top of a single system that is already running an operating system — the host operating system. We could improve performance, however, by removing the host operating system altogether and installing nothing but a hypervisor. This is done all the time with another type of powerful hypervisor/operating system combination called a bare-metal hypervisor, it is called bare-metal because there’s no other software between it and the hardware.

CLOUD COMPUTING

While simple virtualization enabled one to optimize and reallocate one’s computing resources in response to his evolving needs, one can’t exceed the capabilities of one’s local hardware. Luckily, one is no longer stuck with just the hardware he/she owns. Because his/her virtual machines are just files running on a hypervisor, he/she can run them in the cloud on networks of servers worldwide.

Around 2005/2006, a number of companies, Amazon being the best example, started offering a new kind of hosting service. Instead of using individual physical computers or directories on a shared host, Amazon discovered it could use large groups of virtualized servers combined with a powerful front end to enable customers to simply click and start the server they wanted. Cloud computing was born.

THE SERVICE-LAYER CAKE

Service is key to understanding the cloud. Telling the difference between the cloud and the servers and networks that compromise the internet as a whole at the hardware level can be quite troubling. Therefore, it’s paramount to use the servers and networks of the cloud through layers of software that add great value to the underlying hardware by making it simple to perform complex tasks or manage powerful hardware. As end users, we generally interact with just the sweet software icing of the service layer cake web applications like Dropbox, Gmail, and Facebook built atop it. Therefore, let’s slice it open.

INFRASTRUCTURE AS A SERVICE

Infrastructure as a service (IaaS) providers uses virtualization to minimize idle hardware, protect against data loss and downtime and respond to spikes in demand. You can use big IaaS providers like Amazon web services (AWS) to launch new virtual servers using an operating system of your choice on demand. For pennies an hour. The beauty of IaaS is that you no longer need to purchase expensive, heavy hardware. You are using Amazon’s powerful infrastructure as a service.

The issue is that while we are no longer responsible for the hardware, we are still responsible for configuring and maintaining the operating system and software of any virtual machine we create. Even though this promotes flexibility, it also requires knowledge of the underlying operating system and time to manage or handle the infrastructure, the operating system, and everything (except the application) you need to move up to Platform as a Service (PaaS).

PLATFORM AS A SERVICE (PaaS)

Programmers build web applications. The programmer’s problem is that a web application needs a lot more than just a programmer. Developing a web application requires people to manage the infrastructure: system administrators, database administrators, general network support, etc. A web application also needs more than just hardware and operating system. It needs development, monitoring, database tools, and other tools and services. A PaaS provider gives programmers all the tools they need to deploy, administer and maintain a web application. The PaaS provider starts with some form of infrastructure, which could be provided by an IaaS, and on top of that, the provider builds a platform: a complete deployment and management system to handle every aspect of a web application.

SOFTWARE AS A SERVICE (SaaS)

This sits at the top layer of the cake, SaaS shows up in a number of ways, but the best examples are in web applications. Some web applications charge for access, while others are offered for free. Almost anything you access on the internet could be called SaaS, providing services you don’t own but need, and must access on the internet. In exchange for the flexibility of using third-party SaaS, one often has to trade strict control of one’s data and sensitive intellectual property or business secrets traveling through untrusted networks and being stored on servers beyond one’s control.

Ownership and Access

Security concerns as seen earlier don’t forfeit all the advantages of cloud computing. But it makes management of organizations think hard about which trade-offs to choose between a public, private, community, or hybrid cloud network.

Public Cloud — This term is used to describe software, platforms, and infrastructure delivered through networks that the general public can use.

Private Cloud — If a company wants some flexibility in the cloud, needs complete ownership of its data, and can afford both, it can build an internal cloud the business actually owns — A private cloud. Departments within the company could create and destroy virtual machines as needed and develop SaaS to meet collaboration, planning, or task and time management needs all without sending the data over the open internet.

Community Cloud — A community cloud is more like a private cloud paid for and used by more than one organization with similar goals or needs.

Hybrid Cloud — This is built by connecting some combination of public, private, and community clouds, allowing communication between them.

Why Cloud Computing?
Cloud computing is the way things are done today. But let’s take a moment to discuss some of the reasons we use the cloud instead of the old-style hammer of individual servers.

Virtualization
The cloud relies on virtualization. All of the power of virtualization discussed earlier applies to the cloud. Without virtualization’s savings of power, resources, recovery, and security, the cloud simply could not happen.

Shared Resources
Real hardware can be virtualized, meaning made available as partial or full resources to a virtual machine. Hardware can be combined and then shared; these shared resources can be both internal and external and apply to one or many machines. Virtualization provides flexibility.

On-Demand
With cloud computing, it’s easy to set up your application to add or reduce capacity based on demand with on-demand. The application adjusts according to the current demands.

Resource Pooling
Any time you can consolidate systems’ physical and time resources, you are resource pooling. While a single server can pool the resources of a few physical servers, imagine the power of a company like Amazon. AWS server farms are massive, pooling resources that would normally take up millions of diverse physical servers spread all over the world!

Measured and Metered Service
Public cloud has one downside out of many: you have to write a check to whoever is doing the work for you — and boy can these cloud providers get creative about how to charge you! In some cases, you are charged based on the traffic that goes in and out of your Web application, and in other cases, you pay for the time that every single one of your virtualized servers is running. Regardless of how costs are measured, this is called measured service because of how it differs from more traditional hosting with a fixed monthly or yearly fee. Some companies charge by the amount of processing resources used, such as CPU usage, and a metered service rate. This enables very careful monetizing of resources used. You pay for what parts of the hardware you use, rather than a more general fee for all the hardware of a system.