Cloud computing

The objective of this guide is to define and position the cloud technologies that can be used to deploy cloud-based applications and services, and clarify how they differ in their implementation and use. There are many options available (bare metal, VMs, containers, serverless, and more), and there is no right or wrong choice. Many organizations will need to implement more than one option. Accordingly, selecting the best option to support workloads while controlling complexity can be a daunting task.
 
This practical guide will help developers, architects, and IT leaders make informed decisions and select the best technology for their specific needs. These technologies span storage, network, and compute services – this Practical Guide focuses on compute options.
 

The Practical Guide to Cloud Computing was written to help enterprise information technology (IT) and business decision makers adopt cloud computing to solve business challenges.
 
This guide will help you evaluate the cloud computing market from the point of view of your organization’s needs and contains information that is helpful in selecting a cloud architecture and an implementation approach through the use of in-house staff, cloud vendor(s) or both.
 
The “Roadmap for Cloud Computing” section is the heart of this guide, outlining 10 steps that should be taken to ensure a successful cloud deployment. The Roadmap covers strategic and tactical activities for decision makers implementing cloud solutions and offers specific guidance to decision makers on the selection of cloud service and deployment models.

The Practical Guide to Platform-as-a-Service was written to help enterprise information technology (IT) managers, business decision makers, application architects and application developers understand the Platform-as-a-Service (PaaS) cloud service category and how it can be used to solve business challenges rapidly and cost effectively.
 
This guide contains best practices for using PaaS in terms of architecture, development processes, integration, deployment and operation.
 
Differences between traditional application development and delivery and the appropriate techniques for PaaS platforms are highlighted, since in many cases the biggest gains for the enterprise result from the adoption of newer, more efficient, more rapid and less error-prone techniques for creating, testing and deploying applications.

The Practical Guide to Cloud Service Agreements was written to help enterprise information technology (IT) and business decision makers analyze cloud service agreements (CSAs) from different cloud service providers.
 
CSAs are written to set clear expectations for service between the cloud customer (buyer) and the cloud provider (seller), but should also exist between a customer and other cloud entities, such as the cloud carrier, the cloud broker and even the cloud auditor. This guide focuses primarily on the CSA details between the cloud customer and cloud provider.
 
The “Guide for Evaluating Cloud Service Agreements” section is the heart of the paper. It provides a prescriptive series of steps that cloud customers should take to evaluate CSAs in order to compare multiple cloud providers or to negotiate terms with a selected provider

Cloud Customer Architecture for Hybrid Integration introduces a core reference architecture and key concepts for hybrid integration in the enterprise.
 
IT environments are now fundamentally hybrid in nature – devices, systems, and people are spread across the globe, and at the same time virtualized. Achieving integration across this ever-changing environment is a significant challenge. This paper explores common architecture patterns seen in enterprises tackling this issue.
 
Hybrid integration can be looked at from many perspectives including application, data, and infrastructure. This whitepaper positions hybrid integration from an application perspective, and presents the reference architecture as a seamless integration from cloud to on-premises for events, APIs, and data.

Cloud Customer Architecture for Enterprise Social Collaboration describes how to leverage social collaboration tools to harness ideas, exchange information, and increase the speed of innovation across the business.
 
This cloud reference architecture was written for enterprise Information Technology (IT) and business decision makers to assist in understanding the technical capabilities and integration requirements necessary to deliver Enterprise Social Collaboration solutions. It is a vendor-neutral and best practices approach to describe the flows and relationships between business capabilities, functional areas, and architectural components delivered as a cloud solution.
 
This whitepaper discusses how social collaboration solutions can be applied to different industries and aligned with key business initiatives.

Cloud Customer Architecture for e-Commerce describes how to support e-Commerce solutions using cloud computing. The reference architecture contains a detailed view of the components, subcomponents and relationships for a cloud-based e-Commerce solution.
 
This whitepaper describes the flows and relationships between business capabilities and architectural components for e-Commerce applications that use cloud computing infrastructure, platforms and/or services. The elements of the architecture are used to instantiate an e-Commerce system using private, public, or hybrid cloud deployment models. Applications comprising the core components may be delivered as a service, from on-premises, or hosted.
 
A runtime scenario is outlined with deployment

The DSP0263 specification describes the model and protocol for management interactions between a cloud Infrastructure as a Service (IaaS) Provider and the Consumers of an IaaS service. The basic resources of IaaS (machines, storage, and networks) are modeled with the goal of providing Consumer management access to an implementation of IaaS and facilitating portability between cloud implementations that support the specification. This document specifies a Representational State Transfer (REST)-style protocol using HTTP. However, the underlying model is not specific to HTTP, and it is possible to map it to other protocols as well.  

CIMI addresses the management of the life cycle of an infrastructure provided by a Provider. CIMI does not extend beyond infrastructure management to the control of the applications and services that the Consumer chooses to run on the infrastructure provided as a service by the Provider. Although CIMI may be to some extent applicable to other cloud service models, such as Platform as a Service (PaaS) or Storage as a Service ("SaaS"), these uses are outside the design goals of CIMI.

This document makes use of the common meta-model used by CIM, the Common Information Model to describe the CIMI logical model. This is defined in DSP004, CIM Infrastructure Specification 2.7.

Transformation of the CIMI CIM into CIM metamodel conformant representations enables access of the services defined by CIMI in CIM-based environments. Such environments encompass a broad range of supported operating systems, languages, platforms, protocols, and other technologies.

This specification describes transformations in a manner that enables any CIM metamodel conformant representation. This document will utilize MOF for examples of such transformations.

The Open Virtualization Format (OVF) Specification describes an open, secure, efficient and extensible format for the packaging and distribution of software to be run in virtual systems. The OVF package enables the authoring of portable virtual systems and the transport of virtual systems between virtualization platforms. This version of the specification (2.1) is intended to allow OVF 1.x tools to work with OVF 2.x descriptors in the following sense:

• Existing OVF 1.x tools should be able to parse OVF 2.x descriptors.
• Existing OVF 1.x tools should be able to give warnings/errors if dependencies to 2.x features are required for correct operation.

If a conflict arises between the schema, text, or tables, the order of precedence to resolve the conflicts is schema; then text; then tables. Figures are for illustrative purposes only and are not a normative part of the standard.

A table may constrain the text but it shall not conflict with it.

The profile conforms to the cited CIM Schema classes where used. Any requirements contained in the cited CIM Schema classes shall be met. If a conflict arises the CIM Schema takes precedence.
The profile conforms to the cited OVF XML Schema. It may constrain the schema but it shall not conflict with it. If a conflict arises the OVF XML Schema takes precedence.
 
This standard is also published as ISO/IEC 17203:2017

Concerns over cloud provider security remain one of the top inhibitors to adoption of cloud deployment models. Potential consumers of cloud deployments need assurance that the security policies they require on their applications are consistently managed and enforced “in the cloud” as they would be in their enterprise.
A cloud provider’s ability to provide specific audit event, log, and report information on a per-tenant and application basis is essential. It is apparent that in order to meet these customer expectations, cloud providers must provide standard mechanisms for their tenant customers to self-manage and self-audit application security that includes information about the provider’s hardware, software, and network infrastructure used to run specific tenant applications.
A proven method to address such needs is to develop open standards to enable information sharing. Specifically, this specification provides a data format and interface definitions that support the federation of normative audit event data to and from cloud providers in the form of customized reports and logs. This specification also defines a means to attach domain-specific identifiers, event classification values, and tags that can be used to dynamically generate customized logs and reports for cloud subscribers or customers.
Adoption of this and other open standards by cloud providers’ management platforms would go far to instill greate trust in “cloud hosted applications” and be a significant step forward in fulfilling the promise of an open cloud marketplace.

This document makes use of the common meta-model used by CADF, the Cloud Audit Data Federation to describe the events used by the OpenStack Cloud Management Platform.
 
The document DSP0262 defines the CADF model.