Public Cloud: Layers of Control and Overhead
Key Points
- Public cloud lets developers provision resources on demand and pay only for what they use, boosting efficiency while cutting overall costs.
- It functions like a “supermarket” of compute options, allowing teams to pick the exact services and tools they need rather than building everything from scratch.
- Control vs. overhead forms a ladder of offerings: bare metal provides maximum control but high maintenance, VPC/VMware reduces overhead, Kubernetes/OpenShift abstracts servers for container workloads, and Cloud Foundry or functions let developers focus solely on code.
- Beyond compute, public clouds supply a rich ecosystem of integrated services that can be spun up instantly to extend application capabilities.
- A typical migration pattern might start with legacy VMs or bare metal, layer containers on top, and then scale those services across multiple instances, illustrating how each abstraction level builds on the previous one.
Sections
- Untitled Section
- Hybrid Deployment: VMs and Containers - The speaker outlines a hybrid architecture that runs legacy back‑end services on three VMs, scales front‑end and its supporting back‑end via Kubernetes/OpenShift‑managed containers, and integrates cloud storage such as a SQL database for application data.
- Central Logging and Secure Endpoints - The speaker outlines using a central logging service for both Kubernetes and legacy applications, then describes a network design that separates private back‑end data behind private endpoints while allowing public access to the front‑end, with encryption using customer‑managed keys.
Full Transcript
# Public Cloud: Layers of Control and Overhead **Source:** [https://www.youtube.com/watch?v=KaCyfQ7luVY](https://www.youtube.com/watch?v=KaCyfQ7luVY) **Duration:** 00:09:06 ## Summary - Public cloud lets developers provision resources on demand and pay only for what they use, boosting efficiency while cutting overall costs. - It functions like a “supermarket” of compute options, allowing teams to pick the exact services and tools they need rather than building everything from scratch. - Control vs. overhead forms a ladder of offerings: bare metal provides maximum control but high maintenance, VPC/VMware reduces overhead, Kubernetes/OpenShift abstracts servers for container workloads, and Cloud Foundry or functions let developers focus solely on code. - Beyond compute, public clouds supply a rich ecosystem of integrated services that can be spun up instantly to extend application capabilities. - A typical migration pattern might start with legacy VMs or bare metal, layer containers on top, and then scale those services across multiple instances, illustrating how each abstraction level builds on the previous one. ## Sections - [00:00:00](https://www.youtube.com/watch?v=KaCyfQ7luVY&t=0s) **Untitled Section** - - [00:03:08](https://www.youtube.com/watch?v=KaCyfQ7luVY&t=188s) **Hybrid Deployment: VMs and Containers** - The speaker outlines a hybrid architecture that runs legacy back‑end services on three VMs, scales front‑end and its supporting back‑end via Kubernetes/OpenShift‑managed containers, and integrates cloud storage such as a SQL database for application data. - [00:06:21](https://www.youtube.com/watch?v=KaCyfQ7luVY&t=381s) **Central Logging and Secure Endpoints** - The speaker outlines using a central logging service for both Kubernetes and legacy applications, then describes a network design that separates private back‑end data behind private endpoints while allowing public access to the front‑end, with encryption using customer‑managed keys. ## Full Transcript
Public cloud
is an incredible resource for developers today.
It brings the ability to provision resources on demand
and only pay for what you use.
This leads to greater developer efficiency
while bringing down overall costs,
but what exactly makes up a public cloud?
Today we'll start with an analogy.
Say you wanted to bake a pie from scratch,
- well, how committed are you?
Are you going to make your own flour?
Are you going to grow your own fruits?
Well, in this society we've generally accepted that
for certain ingredients you'll go to a supermarket.
A public cloud is a supermarket of sorts,
it has multiple vendors and multiple solutions
allowing you to pick and choose
the right tools and solutions for your tastes.
Now, to start my explanation of public cloud,
I could start by talking about things like
Infrastructure-as-a-Service,
or maybe Platforms or Software-as-a-Service,
more naturally known as PaaS, IaaS, and SaaS,
but instead I'm going to focus on
the overall control and overhead
for the different computing solutions that are available
in a public cloud.
So, as a box gets bigger here
there's more control
but that comes with more overhead.
Now, let's start with the biggest box,
where we've got things like bare metal.
Now with this you're going to have the most control
but that also comes with
a lot of overhead to actually maintain those instances.
Let's take it a step higher.
Here we've got things like VPC and VMware.
So, with these solutions you're going to have a little less overhead
because there's automation
that allows you to spin up the actual machines.
Going a step higher,
we've got solutions like Kubernetes
and OpenShift Container Platform.
These will allow you to get
higher abstraction over the actual worker nodes,
the machines that power your actual cluster,
are basically going to be managed by the platform
and you can focus on writing containers.
And going up higher on the list,
we get to things like Cloud Foundry
as well as functions
which are going to allow you to focus,
as a developer, entirely on the code,
and let the platform take care of things like networking,
and scaling, and that kind of thing.
So, we've got our set of capabilities for computing,
but that's not the only thing in a public cloud,
you're going to have integrations and services
that allow you to start spinning up
capabilities that you need.
So, today let's go over a sample application architecture
for which we're going to use the public cloud.
Now, let's say to start, we have something like
a legacy application that relies on VMs
or bare metal capabilities.
So, we'll say over here that we've got VPC
and/or bare metal.
Now, on top of this we're going to spin up
some containers, some machines, rather.
Now, in those machines,
let's say we have our legacy back-end application.
So, we'll scale it out onto 3 different machines.
So, there we go, we've got our back-end pieces.
Now, that covers our back-end computing
for our sample application.
Now let's say for our front-end application
we're taking a model where we have a front-end
and a back-end for front-end
which are based on containers.
So, here it's a little bit of a different model,
the worker nodes are going to be managed for us
by the Kubernetes or OpenShift layer.
So, here we'll have the Kubernetes
and our OpenShift layer.
Now on top of this we can start deploying our containers.
So, let's say like we mentioned,
we have that front-end as well as a back-end
for that front-end application.
And for each of those we want to scale those out,
which Kubernetes or OpenShift can handle for us.
There we go.
So, these are the basics of our application architecture,
we've got some back-end stuff,
we've got some front-end stuff,
and all of that is kind of running on some of our compute solutions.
Let's actually start taking advantage
of some of the cloud integrations that are possible
to build out some of the other requirements we have here.
First things first, storage.
So, our front-end application
- let's say we need something like,
I don't know, a SQL database
to actually store things like customer login data.
So, our applications here, are going to use
say, a SQL datastore.
There we go.
Now, for our back-end application,
let's say we need something different,
not a standard SQL store, but
something like cloud object storage.
So here, we'll sketch out
a cloud object store instance
which is going to be using ...
which our back-end application will be using.
So, we've talked about storage.
Next, let's talk about DevOps and toolchain capabilities
which we'll also take advantage of our public cloud for.
Now, our code
is probably split into two different repositories
for this particular application that we've got here,
our Kubernetes app.
We'll say we've got a set of code
for the actual containers and applications,
and a separate set of code for the actual infrastructure,
because we want to manage our infrastructure
as code as well.
Now, for this
we want to take advantage of some toolchain capabilities.
So for our app, we'll take advantage of a toolchain
which will deploy our containers.
Now, for our infrastructure,
I'm going to take advantage of a similar toolchain,
but in this case we want to use Terraform,
which is an open source way of managing your infrastructure as code
to actually manage the infrastructure.
So, in this case,
this will manage spinning up the worker nodes,
as well as the Kubernetes layer.
So, there we go,
we've talked about so far:
storage, as well as DevOps from our cloud.
Next, let's talk about having a central,
logging or monitoring solution for our tools.
So, we've got our back-end application here,
as well as our front-end application,
and, for both of those,
we want to stream to a central logging store.
So, let's say I've got a logging service that I've created here
and that's going to be
our central source of logs
for both our application running on Kubernetes,
as well as our back-end application
running within VMware, or bare metal, or VPC.
So, there we go, we've talked about central logging now.
Now, the next service that I want to take advantage of
is thinking about things like networking and security.
So, in this in this sample architecture,
for our back-end piece,
let's say we've got really private data
we want to make sure that access to that back-end piece
only happens over private endpoints,
and for our front-end piece
we don't care quite as much
- we can access over the public endpoint.
So, making kind of like a bi-section here,
we'll say that this is entirely private,
private endpoints only,
and on this side
we can access our data over public endpoints.
Now this doesn't mean our data is insecure,
we can still use
something that allows us to bring our own keys
to secure our data
with our own certs and keys.
So, both of these environments
are going to be completely secured,
- but by making this bi-section,
how does our front-end app now start talking to
some of those back-end capabilities that we've got?
So again, we can tap into our cloud
and take advantage of something like a VPN gateway.
So here we go, we'll set up a gateway
so that our front end and back-end
can start talking to one another.
Now this is just scratching the surface
of the capabilities that are available in a public cloud.
We haven't even begun to talk about some of the
artificial intelligence, machine learning,
data analytics and insights,
and so many other services
that are available in a generic public cloud.
Thanks for watching this overview of public cloud.
If you have any questions
please drop us a line below.
If you want to see more videos like this in the future,
please "like" and subscribe
- and don't forget,
you can always get started on the cloud had no cost
by signing up for a free IBM Cloud account.