Cloud Computing for Architects using Openstack

Course duration 2 days
Dates TBC
Time 9:00 a.m. – 5:00p.m.
Trainer GuruTeam
Location TBC
Member fee TBC
Non-member fee TBC

Please note the date is provisional and will be confirmed shortly.

Programme overview

Cloud Computing is gaining increasing attention within enterprises of all shapes and sizes, but few technologists actually know how to properly scope, design, and construct Cloud solutions. Taking standard software applications, databases, and user interfaces and deploying them in a Cloud environment is a recipe for disaster. Proper scoping, usage modeling, and careful design are all essential to success in the Cloud.

This two day class begins with an examination of the Cloud Computing concept, the structure and key characteristics of Clouds, and takes a look under the hood at how they operate. From there, students are introduced to a Cloud Reference Model and explore various aspects of Cloud solution design from discovery throughout the lifecycle of a Cloud solution all the way to retirement. Special attention is given to requirements and Cloud utilization analysis, Cloud solution design strategies, and deployment scenarios.


Course Aims and Objectives

Upon completion of this course, students will have an understanding of the Cloud Computing environment and practical experience in designing, developing, and deploying Cloud-based solutions. This class consists of 25% hands-on labs in an actual OpenStack Cloud Computing development environment, and 75% lecture and discussion. Students should have some hands-on experience developing software, but the focus of the course is upon architecture and design considerations within the Cld.



Who should attend?

Enterprise Architects, Solution Architects, Information Technology Architects, Senior Developers, and Team Leads.

Course Prerequisites

Foundational Knowledge in distributed computing and Web-based architecture


Topics Covered

Cloud Reference Model

Cloud Risks and Risk Mitigation

OpenStack Platform

Cloud Design Strategies

Security in the Cloud

Cloud Governance

Cloud SLAs


Course Content

Chapter 1. Defining the Cloud

A Bit of History

Wikipedia Entry

Cloud Computing at a Glance

Gartner Research on Cloud

Electrical Power Grid Service Analogy

The NIST Perspective

Five Characteristics

On-demand Self-Service (NIST Characteristic)

Broad Network Access (NIST Characteristic)

Resource Pooling (NIST Characteristic)

Rapid Elasticity (NIST Characteristic)

Measured Service (NIST Characteristic)

The Three Cloud Service Models (NIST)

The Cloud Computing Spectrum: IaaS, PaaS and SaaS

The Four Cloud Deployment Models (NIST)

The NIST Cloud Definition Framework

A Hybrid Cloud Diagram

Cloud Deployment Model Dynamics


Chapter 2. The Cloud Enablers

The Origin of the Cloud Computing



Hypervisor Types

Type 1 hypervisors

Type 2 hypervisors

Type 1 vs Type 2 Processing


Applying Virtualization to the Cloud

Virtualization Qualities (1/2)

Virtualization Qualities (2/2)

Grid Computing vs Cloud Computing

Myth: Cloud is SaaS

SOA and the Cloud


Chapter 3. Cloud Reference Model

The Need for a Cloud Reference Model

Cloud Reference Model

Cloud Infrastructure

Cloud Infrastructure – Virtual Machines

A Bootable OS Image

Defining a “Compute Unit”

Instance Templates (Flavors)

Launching an Instance in OpenStack

Block Storage for Instances

Cloud Infrastructure – Cloud Object Storage

Additional Data Storage Options

Cloud Multi-Tenancy Model

Common Characteristics of Multi-tenant Applications (1/2)

Common Characteristics of Multi-tenant Applications (2/2)

The PaaS Platform

Google App Engine (GAE) PaaS Overview

GAE’s Stats

Google Cloud Storage

The SaaS Platform

Cloud Service Model Implementations

Google Compute Engine’s Simplified Architecture

Google Cloud Platform


Chapter 4. OpenStack

What is OpenStack

OpenStack Main Components/Services

Release History (Since the



Compute (Nova)

Main Compute (Nova) modules/services

Creating OpenStack VM Instances

Image (Glance)

Object Store (Swift)

Components of Swift

Dashboard (Horizon)

Launching a Virtual Instance in Horizon

Block Storage (Cinder)

Identity (Keystone)

Networking (Neutron, formerly Quantum)

OpenStack Networking

Telemetry (Ceilometer)

Orchestration (Heat)

Heat Templates

Pulling It All Together

Building OpenStack Environments

Using Automated Configurators

Managing OpenStack Clouds


Chapter 5. The Cloud Economics

Cloud Value Proposition

Coping with Computing Demand the Traditional Way

Coping with Computing Demand the Cloud Way

Cloud economics

You Can Move Your Cloud Apps Closer to Your Clients!

Be Aware of What You Ask For!

Do Clouds Compute?

Total Cost of Ownership (TCO)

Cloud Infrastructure – Vendor Comparison

Select Expected Benefits

You Still Need …

Financial Management and Tracking

Calculate initial, simple return

Calculate Returns for on-going Usage

How to Practically Estimate Your Cloud Bill?

Shop Around (Within the Same Shop)

Discounted Object Storage: Amazon Glacier

Amazon S3 Cost Monitoring

Google Compute Engine Per-Minute Billing


Chapter 6. Cloud Risks and Risk Mitigation

Cloud Risks

Failure-As-A-Service in 2009

Service Quality

Malicious Insiders

Shared Technology Vulnerabilities

Data Loss/Leakage

Data Loss / Leakage Causes

Account, Service & Traffic Hijacking

Unknown Risk Profile

Mitigating Cloud Security Risks

Five Mitigation Strategies

Federated ID

Multi-layer Inspection

Centralized Management

Virtual Desktop Protection

Look toward standards

Problem Resolution

Data Back-up

Risks When Supporting Clouds: Provisioning




Chapter 7. Cloud Security

The Heartbleed OpenSSL Bug

A Notable Breach (a Spear-phishing Attack Example)

Cloud Vendor Security Certifications

Google Compute Engine Data Security

Cloud Access Security Features

Security of Cloud Vendor Networks

Insecure Interfaces

Top Threats for Cloud Computing

The Common Cloud Security Concerns

Authorization and Data Access Constraints

Cloud Security Domains

The CIAs of Security

Access Control: Physical Security

Access Control: Authentication & Authorization

Federated Identity Management

Access Control: Auditing

Identity Management

AWS Identity and Access Management Service

Security in the Google Cloud

GAE Cloud Security Module

Application Security

Application Multi-Layer Security Design

Access Control List Extensions

Information and Data Security

Data-at-rest Security

Amazon S3 Security

Amazon S3 Security (Cont.)

Network Security

Operational Security

DevOps Security Concerns


Chapter 8. Cloud Services

Defining Cloud Services

User-Cloud Interaction

Cloud Service Characteristics

The Typical Cloud Services

Application Services

Messaging Application Service

Email Application Service

Cache Application Service

Specialized Application Services

AWS Analytics Systems

Google App Engine (GAE) MapReduce Service

Use Cases for MapReduce Jobs

Integration Platform as a Service (IPaaS)

Storage Services

Object Storage

Archive Storage

Relational Storage

NoSQL Storage

Some AWS Storage Services

Data Warehouses in the Cloud

Cloud Utility Services

Scalability and HA of Your Applications in the Cloud

The Auto-scaling Service

Monitoring Services

Configuring Instance Health Check in AWS

Amazon Web Services Integration Diagram

Google App Engine (GAE) Services Integration Diagram

Microsoft Azure Services

Comparing Cloud Service Stacks


Chapter 9. Adopting Your Very Own Cloud

What Drives Cloud Adoption?

What May Go to the Cloud?

Capacity Planning

Critical Run-time and Storage Parameters

The Cloud Adoption Stages (Example)

Getting to the Cloud (Example Road Map)

Pre-Cloud Stages

Cloud Stages

Cloud Stages (Cont’d)

Cloud Adoption Steps

Identify your business drivers (Step #1)

Get Educated (Step #2)

Get Educated (Things to Avoid … )

Articulate a Value Proposition (Step #3)

Define one or more scenarios (Step #4)

Produce a Road Map (Step #5)

Gain Stakeholder Buy-in (Step #6)

Establish Governance (Step #7)

Invest in Infrastructure (Step #8)

Cloud Pilot (Step #9)

Scoping the Pilot Project

Pilot Project Scope (Cont’d)

Enterprise Roll-out (Step #10)

Start Small and Grow Incrementally

Amazon WS Technical Lessons When Moving To the Cloud

Hype Cycle and Technology Adoption Model


Chapter 10. OpenStack Security

OpenStack Cloud Perimeter Security

System Perimeter Security

OpenStack Virtual Instance Security

OpenStack Security Considerations

Linux Kernel-Based Firewall

OpenStack Security Groups

Nova Client Security Group Commands

Nova REST API for Security Group Administration

Nova Security Command Examples

Identity Management with Keystone

Keystone Command-line

Example of a Keystone Command

Keystone REST API

Example of Keystone RESTful Request


Chapter 11. Cloud Design Strategies

Implications of Vendor Lock-In

Dealing with Vendor-specific Service API

Know Your Cloud Application’s Needs

Data Physics

Cloud Design Strategies

Designing for Scalability

Designing for Cloud Availability

Designing for Failure

Designing for Cloud Security

Designing for Cloud Security – OWASP 10

Designing for Cloud Security – OWASP 10 (Cont’d)

Designing for Cloud Security – Multi-Factor Security

Stepping Across Site Silos

Stepping Across Site Silos – the SAML Protocol

Stepping Across Site Silos – t

he OpenID Protocol

SAML vs OpenID

History of OAuth

Stepping Across Site Silos – OAuth

Selecting the Right Storage


Designing for Cloud Management

Designing for Cloud Maintainability

Other Considerations

Designing for Cloud Service Reuse

Designing for Cloud Service Reuse (Cont’d)

Designing for Cloud Agility

Designing for Cloud Usability

Additional Usability Considerations


Chapter 12. Cloud Governance

IT Governance

IT Governance (Cont’d)

Unmanaged Clouds

Defining Cloud Governance

Defining Cloud Governance (Cont’d)

An Internal Service Registry and Repository

IBM WebSphere Service Registry and Repository (Example)

Cloud Risks to Consider

Top Cloud Computing Consumer Risks

Top Cloud Computing Provider Risks

Risk Mitigation

Governance and Risk Mitigation

Cloud Governance Model

Roles and Responsibilities

Policies and Procedures

Governing Cloud Services

Business alignment

Asset Ownership

Contract-driven Services

Contract-driven Services (Cont’d)

Agile IT in the Cloud

The Cloud Systems Checklist

Capacity Planning Concepts and Challenges

Governance Best Practices

Governance Best Practices (Cont’d)

Governance Gotchas


Chapter 13. Cloud SLAs

What is an SLA?

Two SLA Management Phases

Some SLA Parameters

The Importance of Cloud SLAs

Amazon Storage SLAs

Understanding your SLA

Example of Google Infrastructure Failure Rates

Assess Consequences for Your Business

Characteristics of a Service Quality Metric

Service Quality Metrics

SLA Monitoring Components

Book/Request a place on this course


To book/request a place on this course please email Annette Coburn on or phone on 086 0848704.