UCONN

UCONN
UCONN

Chapter 3: Data Center

Chapter 3. The cloud data center

Googliness



  • What data centers are and where they are

  • Data center security and privacy

  • Regions, zones, and disaster isolation


Your web host was physically located in a data center 

deploying in the cloud is similar to traditional hosting

your resources live inside a data center.




Strict security to enter the premises.


Locations


Resources live in multiple places simultaneously, 


Choose one near your customers.


https://www.google.com/about/datacenters/




Two factors might make you choose a provider 


Data center locations it offers, and both are focused on network latency:


Need ultra low latency between your servers and your customers. 


One millisecond slower than your competitors means you’ll lose out on a trade.


Customers that are far away from the nearest data center.


Simple as loading a web page from Australia could be frustratingly slow.


3.2. Isolation levels and fault tolerance


Natural disasters such as flood, fire, earthquakes,  if all of your data is stored in one location at the time of the disaster, you risk losing it all without any means to recover it.


This makes storing your data on multiple devices, and in multiple locations, critical.


3.2.1. Zones

A zone is the smallest unit in which a resource can exist. 

Single facility that holds lots of computers.

Two resources living not only geographically nearby, but in the same physical building.

3.2.2. Regions

Collection of zones is called a region.

 

Two resources in the same region but different zones, say us-east1-b and us-east1-c, the resources will be somewhat close together, but they’re guaranteed to not be in the same physical facility.

 

3.2.3. Designing for fault tolerance

Zonal means that if the zone it lives in goes down, it also goes down.

Turn on a single VM and you have a zonal service—and the least highly available.


Regional—  replicated throughout multiple zones in a single region.

If one zone goes down, you automatically flip to the instance in the other zone.


Multiregionalcomposition of several different regional services

catastrophe occurs that takes down an entire region, your service should still continue to run.


Globalspecial case of a multiregional service. 

regions are spread around the world, crossing legal jurisdictions and network providers. 


System becomes absolutely critical, you at least know which pieces will need redundant deployments

 

3.2.4. Automatic high availability

Rely on Google Cloud Storage, which provides the same level of fault Isolation for your basic storage needs.

Typically you have to build things with a bit more structure.

3.3. Safety concerns

 

Leaks of passwords, credit card data, and personal information have led the online world to become far less trusting.

The company holding that information will get hacked or a government organization will request access to the data putting your servers in someone else’s data center typically involves giving up some control over your assets (such as data or source code) in exchange for other benefits (such as flexibility or lower costs). 

 3.3.1. Security

Securing resources

 Privacy—Only authorized people should be able to access the resources.

Availability—The resources should never be inaccessible to authorized people.


Durability—The resources should never be corrupted or go missing.

Simple theft, for example,  steals our hard drive.

Breaks your goals for availability and durability.

Wasn’t encrypted at all, this also breaks the privacy goal

natural disasters, such as earthquakes, fires, and floods, but in the case of storing data at home, it also includes more common accidents, such as power surges, hard drive failures, and kids spilling water on electronic equipment.accidentally formatting the drive because you thought it was a different drive you’re accidentally telling it to do the wrong thing.

 Cloud providers plan for these problems

 

Secure facilities—Any facility housing resources (like hard drives) should be a high-security area, limiting who can come and go.

 

Encryption—Anything stored on disks should be encrypted. This is to prevent theft compromising data privacy.

 

Replication—Data should be duplicated in many different places. This is to prevent a single failure resulting in lost data (durability) as well as a network outage limiting access to data (availability)

Backup—Data should be backed up off-site and can be easily restored on request.

3.3.2. Privacy

Data is stored in encrypted form and transferred between data centers similarly, when you ask for your data.

Many cloud services provide the ability to use your own encryption keys, meaning that the best Google can do is hand over encrypted data, because it doesn’t have the keys to decrypt it.

 

3.3.3. Special cases

 

Special situations require heightened levels of security 

 

  • Government agencies often have strict requirements.

  • Companies in the U.S. healthcare industry must comply with HIPAA regulations.

  • Companies dealing with the personal data of German citizens must comply with the German BDSG.


Cloud providers have come up with a few options:

  • Amazon offers GovCloud to allow government agencies to use AWS.

  • Google, Azure, and AWS will all sign BAAs to support HIPAA-covered customers.

  • Azure and Amazon offer data centers in Germany to comply with BDSG.

 

Cloud data centers are safe enough for your typical needs, and you’re open to exploring them for your special needs.

3.4. Resource isolation and performance

Breakthrough that opened the door to cloud computing was the concept of virtualization.

Build a large cluster of physical computers, then lease out smaller virtual ones by the hour.

Profitable as long as the leases of the smaller virtual computers covered the average cost to run the physical computers.

 Summary

  • Google Cloud has many data centers in lots of locations around the world for you to choose from.


  • The speed of light is the limiting factor in latency between data centers, so consider that distance when choosing where to run your workloads.


  • When designing for high availability, always use multiple zones to avoid zone-level failures, and if possible multiple regions to avoid regional failures.


  • Google’s data centers are incredibly secure, and its services encrypt data before storing it.


  • If you have special legal issues to consider (HIPAA, BDSG, and so on), check with a lawyer before storing information with any cloud provider.

 

No comments:

Post a Comment

Subscribe to: Posts (Atom)

Assignment #12 due 5/9/25

  Assignment #12 due 5/9/25 Build 4 graphs using machine learning - linear regression I want two separate publicly traded companies e.g. AAP...

  • Assignment #2 due Friday 2/7/25
     Assignment #2 due Friday 2/7/25 Create a web site with  main page of index.html and 2 other linked original content  html pages  At least 2...
  • Assignment #1 due 1/31/25
    https://uconnstamfordslp.blogspot.com/p/linux-explained.html Create a linux shell program to state Name Major Graduation Year What you want ...
  • Assignment #2 due 9/19/24
    Create a web site with  main page of index.html and 2 other linked original content  html pages  At least 2 links to public web pages you di...