Presentation is loading. Please wait.

Presentation is loading. Please wait.

Deploying an Application on the Cloud Chapter 4. Topics Your experience with Google App Engine and mine with Pop!World Web application Architecture Machine.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Deploying an Application on the Cloud Chapter 4. Topics Your experience with Google App Engine and mine with Pop!World Web application Architecture Machine."— Presentation transcript:

1 Deploying an Application on the Cloud Chapter 4

2 Topics Your experience with Google App Engine and mine with Pop!World Web application Architecture Machine Image design

3 Amazon S3 API (REST/SOAP) http://docs.amazonwebservices.com/Amazon S3/latest/ http://docs.amazonwebservices.com/Amazon S3/latest/

4 Fig. 4-1Web Application Architecture Use an MVC pattern Display, UI, Content: View Objects, (Database): Model Activities, Operations: Controller

5 Machine Image Design Important indirect benefits of the cloud are: – It forces discipline in deployment planning – It forces discipline in disaster recovery First step in moving to the cloud is to prepare a repeat redeployment process Machine image helps in this process. – Is a very important concept (: comes from virtualization. – Ideal for cloud environment.

6 AMI Amazon machine image is a raw copy of the operating system and the core software, any installed applications. AMI is used for launching an instance. More importantly you can store a snapshot of your instance in an AMI for use by others or by for later use.

7 AMI Security In order to programmatically activate an instance you need: AMI key and your security credentials. Access id key, security access key are needed. Never store data in amazon AMI. Data is yours irrespective of the method (patented etc.), right?

8 So what belongs in the AMI? 1.Create a component model that identifies what components and versions are required to run the service that the new machine image will support. (Ex: MYSQL… EBS) 2.Separate out stateful data in the component model. You will need to keep it out of your machine image. 3.Identify the operating system on which you will deploy. 4.Search for an existing, trusted baseline public machine image for that operating system. 5.Harden your system using a tool such as Bastille. 6.Install all of the components in your component model. 7.Verify the functioning of a virtual instance of your machine. 8.Build and save the machine image.

9 Hardening the system Hardening an operating system is the act of minimizing attack vectors into a server. – Removing unnecessary services. – Removing unnecessary accounts. – Running all services as a role account (not root) when possible. – Running all services in a restricted jail when possible. – Verifying proper permissions for necessary system services. The best way to harden your Linux system is to use a proven hardening tool such as Bastille.

10 Privacy Design Consider a credit card using e-commerce application. – The application server and credit card server sit in two different security zones with only web services traffic from the application server being allowed into the credit card processor zone. – Credit card numbers are encrypted using a customer-specific encryption key. – The credit card processor has no access to the encryption key, except for a short period of time (in memory) while it is processing a transaction on that card. – The application server never has the ability to read the credit card number from the credit card server. – No person has administrative access to both servers Availability zones are quite useful in this respect.

11 Database Management The trickiest part of the cloud management is the management of persistent data. Use block storage, snapshot it, check point periodically. In case of a failure recover to the latest checkpointed state. Use EBS for database. Clustering or replication: replication is cheaper and simpler.

Download ppt "Deploying an Application on the Cloud Chapter 4. Topics Your experience with Google App Engine and mine with Pop!World Web application Architecture Machine."

Similar presentations

Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.

Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.
Ed Duguid with subject: MACE Cloud

Ed Duguid with subject: MACE Cloud
B. Ramamurthy 4/17/20151. Overview of EC2 Components (fig. 2.1) 10..* 1 1 1 1 4/17/20152.

B. Ramamurthy 4/17/ Overview of EC2 Components (fig. 2.1) 10..* /17/20152.
Futures – Alpha Cloud Deployment and Application Management.

Futures – Alpha Cloud Deployment and Application Management.
Infrastructure as a Service (IaaS) Amazon EC2

Infrastructure as a Service (IaaS) Amazon EC2
An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.

An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.
KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY Welcome to Unit 3 IT278 Network Administration Course Name – IT278 Network Administration Instructor.

KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY Welcome to Unit 3 IT278 Network Administration Course Name – IT278 Network Administration Instructor.
System and Network Security Practices COEN 351 E-Commerce Security.

System and Network Security Practices COEN 351 E-Commerce Security.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
1.1 Installing Windows Server 2008 Windows Server 2008 Editions Windows Server 2008 Installation Requirements X64 Installation Considerations Preparing.

1.1 Installing Windows Server 2008 Windows Server 2008 Editions Windows Server 2008 Installation Requirements X64 Installation Considerations Preparing.
Component-Based Software Engineering Introducing the Bank Example Paul Krause.

Component-Based Software Engineering Introducing the Bank Example Paul Krause.
Matt Bertrand Building GIS Apps in the Cloud. Infrastructure - Provides computer infrastructure, typically a platform virtualization environment, as a.

Matt Bertrand Building GIS Apps in the Cloud. Infrastructure - Provides computer infrastructure, typically a platform virtualization environment, as a.
Nikolay Tomitov Technical Trainer SoftAcad.bg.  What are Amazon Web services (AWS) ?  What’s cool when developing with AWS ?  Architecture of AWS 

Nikolay Tomitov Technical Trainer SoftAcad.bg.  What are Amazon Web services (AWS) ?  What’s cool when developing with AWS ?  Architecture of AWS 
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
What is Cloud Computing?. Why call it “Cloud” Computing?

What is Cloud Computing?. Why call it “Cloud” Computing?
MODULE 2: INSTALLING UNIDESK. Agenda Understanding Unidesk components Basic Installation of Unidesk Licensing.

MODULE 2: INSTALLING UNIDESK. Agenda Understanding Unidesk components Basic Installation of Unidesk Licensing.
Cloud computing Tahani aljehani.

Cloud computing Tahani aljehani.
Google AppEngine. Google App Engine enables you to build and host web apps on the same systems that power Google applications. App Engine offers fast.

Google AppEngine. Google App Engine enables you to build and host web apps on the same systems that power Google applications. App Engine offers fast.
Amazon EC2 Quick Start adapted from EC2_GetStarted.html.

Amazon EC2 Quick Start adapted from EC2_GetStarted.html.
Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.

Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.

Similar presentations

Ads by Google