O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Cloud Computing Design Patterns, First Edition

Book Description

“This book continues the very high standard we have come to expect from ServiceTech Press. The book provides well-explained vendor-agnostic patterns to the challenges of providing or using cloud solutions from PaaS to SaaS. The book is not only a great patterns reference, but also worth reading from cover to cover as the patterns are thought-provoking, drawing out points that you should consider and ask of a potential vendor if you’re adopting a cloud solution.”
--Phil Wilkins, Enterprise Integration Architect, Specsavers

“Thomas Erl’s text provides a unique and comprehensive perspective on cloud design patterns that is clearly and concisely explained for the technical professional and layman alike. It is an informative, knowledgeable, and powerful insight that may guide cloud experts in achieving extraordinary results based on extraordinary expertise identified in this text. I will use this text as a resource in future cloud designs and architectural considerations.”
--Dr. Nancy M. Landreville, CEO/CISO, NML Computer Consulting

The Definitive Guide to Cloud Architecture and Design
Best-selling service technology author Thomas Erl has brought together the de facto catalog of design patterns for modern cloud-based architecture and solution design. More than two years in development, this book’s 100+ patterns illustrate proven solutions to common cloud challenges and requirements. Its patterns are supported by rich, visual documentation, including 300+ diagrams.

The authors address topics covering scalability, elasticity, reliability, resiliency, recovery, data management, storage, virtualization, monitoring, provisioning, administration, and much more. Readers will further find detailed coverage of cloud security, from networking and storage safeguards to identity systems, trust assurance, and auditing.

This book’s unprecedented technical depth makes it a must-have resource for every cloud technology architect, solution designer, developer, administrator, and manager.

Topic Areas

  • Enabling ubiquitous, on-demand, scalable network access to shared pools of configurable IT resources
  • Optimizing multitenant environments to efficiently serve multiple unpredictable consumers
  • Using elasticity best practices to scale IT resources transparently and automatically
  • Ensuring runtime reliability, operational resiliency, and automated recovery from any failure
  • Establishing resilient cloud architectures that act as pillars for enterprise cloud solutions
  • Rapidly provisioning cloud storage devices, resources, and data with minimal management effort
  • Enabling customers to configure and operate custom virtual networks in SaaS, PaaS, or IaaS environments
  • Efficiently provisioning resources, monitoring runtimes, and handling day-to-day administration
  • Implementing best-practice security controls for cloud service architectures and cloud storage
  • Securing on-premise Internet access, external cloud connections, and scaled VMs
  • Protecting cloud services against denial-of-service attacks and traffic hijacking
  • Establishing cloud authentication gateways, federated cloud authentication, and cloud key management
  • Providing trust attestation services to customers
  • Monitoring and independently auditing cloud security
  • Solving complex cloud design problems with compound super-patterns

Table of Contents

  1. About This eBook
  2. Title Page
  3. Copyright Page
  4. Praise for This Book
  5. Dedication Page
  6. Contents at a Glance
  7. Contents
  8. Acknowledgments
  9. Chapter 1. Introduction
    1. Objective of This Book
    2. What This Book Does Not Cover
    3. Who This Book Is For
    4. Origin of This Book
    5. Recommended Reading
    6. How This Book Is Organized
      1. Chapter 3: Sharing, Scaling and Elasticity Patterns
      2. Chapter 4: Reliability, Resiliency and Recovery Patterns
      3. Chapter 5: Data Management and Storage Device Patterns
      4. Chapter 6: Virtual Server and Hypervisor Connectivity and Management Patterns
      5. Chapter 7: Monitoring, Provisioning and Administration Patterns
      6. Chapter 8: Cloud Service and Storage Security Patterns
      7. Chapter 9: Network Security, Identity & Access Management and Trust Assurance Patterns
      8. Chapter 10: Common Compound Patterns
      9. Appendix A: Cloud Computing Mechanisms Glossary
      10. Appendix B: Alphabetical Design Patterns Reference
    7. Additional Information
      1. Symbol Legend
      2. Pattern Documentation Conventions
      3. Updates, Errata, and Resources (www.servicetechbooks.com)
      4. Cloud Computing Design Patterns (www.cloudpatterns.org)
      5. What Is Cloud? (www.whatiscloud.com)
      6. Referenced Specifications (www.servicetechspecs.com)
      7. The Service Technology Magazine (www.servicetechmag.com)
      8. CloudSchool.com™ Certified Cloud (CCP) Professional (www.cloudschool.com)
      9. Social Media and Notification
  10. Chapter 2. Understanding Design Patterns
    1. About Pattern Profiles
      1. Requirement
      2. Icon
      3. Problem
      4. Solution
      5. Application
      6. Mechanisms
    2. About Compound Patterns
    3. Design Pattern Notation
      1. Capitalization
      2. Page Number References
    4. Measures of Design Pattern Application
    5. Working with This Catalog
  11. Chapter 3. Sharing, Scaling and Elasticity Patterns
    1. Shared Resources
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    2. Workload Distribution
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    3. Dynamic Scalability
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    4. Service Load Balancing
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    5. Elastic Resource Capacity
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    6. Elastic Network Capacity
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    7. Elastic Disk Provisioning
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    8. Load Balanced Virtual Server Instances
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    9. Load Balanced Virtual Switches
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    10. Service State Management
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    11. Storage Workload Management
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    12. Dynamic Data Normalization
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    13. Cross-Storage Device Vertical Tiering
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    14. Intra-Storage Device Vertical Data Tiering
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    15. Memory Over-Committing
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    16. NIC Teaming
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    17. Broad Access
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
  12. Chapter 4. Reliability, Resiliency and Recovery Patterns
    1. Resource Pooling
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    2. Resource Reservation
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    3. Hypervisor Clustering
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    4. Redundant Storage
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    5. Dynamic Failure Detection and Recovery
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    6. Multipath Resource Access
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    7. Redundant Physical Connection for Virtual Servers
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    8. Synchronized Operating State
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    9. Zero Downtime
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    10. Storage Maintenance Window
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    11. Virtual Server Auto Crash Recovery
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    12. Non-Disruptive Service Relocation
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
  13. Chapter 5. Data Management and Storage Device Patterns
    1. Direct I/O Access
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    2. Direct LUN Access
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    3. Single Root I/O Virtualization
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    4. Cloud Storage Data at Rest Encryption
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    5. Cloud Storage Data Lifecycle Management
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    6. Cloud Storage Data Management
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    7. Cloud Storage Data Placement Compliance Check
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    8. Cloud Storage Device Masking
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    9. Cloud Storage Device Path Masking
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    10. Cloud Storage Device Performance Enforcement
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    11. Virtual Disk Splitting
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    12. Sub-LUN Tiering
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    13. RAID-Based Data Placement
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    14. IP Storage Isolation
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
  14. Chapter 6. Virtual Server and Hypervisor Connectivity and Management Patterns
    1. Virtual Server Folder Migration
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    2. Persistent Virtual Network Configuration
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    3. Virtual Server Connectivity Isolation
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    4. Virtual Switch Isolation
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    5. Virtual Server NAT Connectivity
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    6. External Virtual Server Accessibility
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    7. Cross-Hypervisor Workload Mobility
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    8. Virtual Server-to-Host Affinity
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    9. Virtual Server-to-Host Anti-Affinity
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    10. Virtual Server-to-Host Connectivity
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    11. Virtual Server-to-Virtual Server Affinity
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    12. Virtual Server-to-Virtual Server Anti-Affinity
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    13. Stateless Hypervisor
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
  15. Chapter 7. Monitoring, Provisioning and Administration Patterns
    1. Usage Monitoring
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    2. Pay-as-You-Go
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    3. Realtime Resource Availability
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    4. Rapid Provisioning
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    5. Platform Provisioning
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    6. Bare-Metal Provisioning
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    7. Automated Administration
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    8. Centralized Remote Administration
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    9. Resource Management
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    10. Self-Provisioning
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    11. Power Consumption Reduction
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
  16. Chapter 8. Cloud Service and Storage Security Patterns
    1. Trusted Platform BIOS
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    2. Geotagging
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    3. Hypervisor Protection
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    4. Cloud VM Platform Encryption
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    5. Trusted Cloud Resource Pools
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    6. Secure Cloud Interfaces and APIs
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    7. Cloud Resource Access Control
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    8. Detecting and Mitigating User-Installed VMs
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    9. Mobile BYOD Security
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    10. Cloud Data Breach Protection
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    11. Permanent Data Loss Protection
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    12. In-Transit Cloud Data Encryption
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
  17. Chapter 9. Network Security, Identity & Access Management and Trust Assurance Patterns
    1. Secure On-Premise Internet Access
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    2. Secure External Cloud Connection
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    3. Secure Connection for Scaled VMs
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    4. Cloud Denial-of-Service Protection
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    5. Cloud Traffic Hijacking Protection
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    6. Automatically Defined Perimeter
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    7. Cloud Authentication Gateway
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    8. Federated Cloud Authentication
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    9. Cloud Key Management
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    10. Trust Attestation Service
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    11. Collaborative Monitoring and Logging
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    12. Independent Cloud Auditing
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
    13. Threat Intelligence Processing
      1. Problem
      2. Solution
      3. Application
      4. Mechanisms
  18. Chapter 10. Common Compound Patterns
    1. “Compound Pattern” vs. “Composite Pattern”
    2. Compound Pattern Members
    3. Joint Application vs. Coexistent Application
    4. Private Cloud
    5. Public Cloud
    6. Software-as-a-Service (SaaS)
    7. Platform-as-a-Service (PaaS)
    8. Infrastructure-as-a-Service (IaaS)
    9. Elastic Environment
    10. Multitenant Environment
    11. Resilient Environment
    12. Cloud Bursting
    13. Burst Out to Private Cloud
    14. Burst Out to Public Cloud
    15. Burst In
    16. Secure Burst Out to Private Cloud/Public Cloud
    17. Cloud Balancing
    18. Cloud Authentication
    19. Resource Workload Management
    20. Isolated Trust Boundary
  19. Appendix A. Cloud Computing Mechanisms Glossary
    1. Application Delivery Controller (ADC)
    2. Attestation Service
    3. Attribute Authority
    4. Attribute-Based Access Control (ABAC) System
    5. Audit Monitor
    6. Authentication Gateway Service (AGS)
    7. Automated Scaling Listener
    8. Automatically Defined Perimeter (ADP) Controller
    9. Billing Management System
    10. Certificate
    11. Certificate Authority (CA)
    12. Certificate Revocation List (CRL)
    13. Certificate Trust Store
    14. Certificate Validation Service (CVS)
    15. Cloud Consumer Gateway (CCG)
    16. Cloud Storage Data Placement Auditor
    17. Cloud Storage Device
    18. Cloud Storage Device Performance Monitor
    19. Cloud Storage Management Portal
    20. Cloud Usage Monitor
    21. Cloud Workload Scheduler
    22. Cloud-based Security Groups
    23. Cryptographic Key Management System (CKMS)
    24. Digital Signature
    25. Domain Name Service (DNS)
    26. Encryption
    27. Endpoint Threat Detection and Response (ETDR)
    28. Enterprise Mobility Management (EMM) System
    29. Failover System
    30. Geotag
    31. Hardened Virtual Server Image
    32. Hardware-Based VM Discovery System
    33. Hardware Security Module (HSM)
    34. Honeypot
    35. Host-Based Security System (HBSS)
    36. Hypervisor
    37. Identity and Access Management (IAM)
    38. Intrusion Detection and Prevention System (IDPS)
    39. Live VM Migration
    40. Load Balancer
    41. Logical Network Perimeter
    42. LUN Masking
    43. Malware Hash
    44. Multi-Device Broker
    45. Network Forensics Monitor
    46. Orchestration Engine
    47. Pay-Per-Use Monitor
    48. Physical Uplink
    49. Platform Trust Policy
    50. Public Key Infrastructure (PKI)
    51. RAID-level Idenfitier
    52. Ready-Made Environment
    53. Remote Administration System
    54. Resource Cluster
    55. Resource Management System
    56. Resource Replication
    57. Sandbox
    58. Secure Token Service (STS)
    59. Security Information and Event Management (SIEM) System
    60. Single Sign-On (SSO)
    61. SLA Management System
    62. SLA Monitor
    63. State Management Database
    64. Storage Path Masking
    65. Sub-LUN Migration
    66. Threat Intelligence System
    67. Traffic Filter
    68. Traffic Monitor
    69. Trusted Platform Module (TPM)
    70. Virtual Appliance
    71. Virtual CPU (vCPU)
    72. Virtual Disk (vDisk)
    73. Virtual Firewall
    74. Virtual Infrastructure Manager (VIM)
    75. Virtual Network
    76. Virtual Private Cloud (VPC)
    77. Virtual Private Network (VPN)
    78. Virtual RAM (vRAM)
    79. Virtual Server
    80. Virtual Server Snapshot
    81. Virtual Server State Manager
    82. Virtual Switch
    83. Virtualization Agent
    84. Virtualization Monitor
    85. VPN Cloud Hub
  20. Appendix B. Alphabetical Design Patterns Reference
  21. About the Authors
    1. Thomas Erl
    2. Robert Cope
    3. Amin Naserpour
  22. Index