SISTEMI CLOUD, IOT E LABORATORIO
Academic Year 2020/2021 - 2° Year - Curriculum Sistemi di Rete e Sicurezza- CLOUD SYSTEMS: Giuseppe PAPPALARDO
- LABORATORY: Giuseppe PAPPALARDO
Taught classes: 36 hours
Exercise: 24 hours
Laboratories: 12 hours
Term / Semester: 2°
Learning Objectives
- CLOUD SYSTEMS
This course aims at delivering the conceptual foundations essential for the development of cloud solutions and systems, and, more generally, distributed systems. As a concrete cloud example, the course will present Amazon AWS, chosen because of its rich and complete range of services and solutions, which make it the archetypal commercial cloud, as well as because of the free credit offered to educational institutions. AWS services treated will include storage, networking, access control and compute services (at the IaaS and PaaS level), possibly combined with load balancing and auto-scaling architectures.
General learning objectives expected
Knowledge and understanding: students will acquire a precise knowledge and understanding of the conceptual foundations (i.e., fundamental concepts, problem classes and relevant solutions) pertaining to cloud systems.
Applying knowledge and understanding: students will become capable of applying solutions and paradigms learned within the course to practical contexts and scenarios, similar to, or derived from, those explicitly presented, thus perfecting their skills as cloud designers/architects/engineers. These abilities will be enhanced thanks to practice sessions and lab activities.
Making judgements: students will acquire the ability to assess the relative merits and limits of solutions proposed, within the course and in the literature, for problems and scenarios typical of cloud computing; this will enable them to tackle the actuall challenges potentially facing a cloud engineer/architect.
Communication skills: students will learn the terminology specific to cloud computing, and acquire the communication skills required to express and discuss, at a rigorous technical level, problems of interest for the field.
Learning skills: students will become capable to profitaby read and understand the scientific and technical literature in the field of cloud computing, in order to apply its results and solutions to concrete problems arising in the design and implementation of cloud ssytems. - LABORATORY
Knowledge and understanding: students will acquire a precise knowledge and understanding of fundamental concepts and main technology solutions in the field of cloud computing.
Applying knowledge and understanding: students will become capable of employing technologies and solutions learned during the course, so as to obtain fundamental administration and development skills in the area of cloud computing.
Making judgements: students will acquire the ability to assess the relative advantages and limits of the main technologies available for cloud computing.
Communication skills: students will learn the terminology specific to cloud computing, and acquire the communication skills required to express and discuss, at a rigorous technical level, problems of interest for the field.
Learning skills: students will become capable to consult technical documentation available for cloud computing solutions, in order to effectively exploit them for the purposes of cloud administration and development.
Course Structure
- CLOUD SYSTEMS
Lectures will mainly consist in live sessions dealing with cloud usage, administration and development. These will be carried out by the lecturer and replicated, with suggested variations, by students, on their notebooks or lab workstations. As a framework and guidance for such sessions, lecture notes will be displayed during the lecture and shared with students through the Studium portal. They will provide a precise record of the material presented, as well as pointers to the required reference technical documentation.
Should teaching be carried out in mixed mode or remotely, it may be necessary to introduce changes with respect to previous statements, in line with the programme planned and outlined in the syllabus.
Learning assessment may also be carried out on line, should the conditions require it.
- LABORATORY
Laboratory sessions
Detailed Course Content
- CLOUD SYSTEMS
Fundamentals of distributed systems
- Introduction to distributed systems: history, motivation, distinctive features.
- Clock synchronization in distributed systems.
- Lamport's logical clocks and temporal ordering of events.
- Construction of the global state in a distributed system.
- Election and mutual exclusion.
- Consistency in a distributed system: weak and strong forms with applications.
- Data and computing replication in distributed systems.
- Fault tolerance in distributed systems: concepts and techniques.
Introduction to cloud computing
- Principles and main characteristics.
- Service models: IaaS, PaaS, SaaS, XaaS.
- Geographical aspects of cloud computing: Amazon AWS' regions and Availability Zones. Edge locations. Availability considerations.
- AWS cost models and educational usage.
Cloud comutig services
- AWS EC2. Instances: creation and management.
- Secure access with a private-public key pair.
- Linux EC2 instances and ssh. Windows EC2 instances and Remote Desktop.
Cloud storage services
- The AWS S3 service.
- Buckets as persistent object containers: properties and permissions.
- Management of objects within an S3 bucket.
Cloud access control
- The AWS IAM service: Identity and Access Management.
- Resources, access policies and permissions.
- Users and user groups.
- Naming in AWS: Amazon Resource Name (ARN).
- Policy files: JSON source and policy wizard usage.
- AWS roles for granting temporary authorizations.
- Federated authentication.
- Multi-factor Authentication (MFA).
- User/group-centric policies vs. resource-centric policies.
- Cross-account resource access.
Cloud networking
- AWS Virtual Private Clouds (VPC).
- Regions, availability zones, VPCs and subnets.
- Network architecture for a typical multi-tier cloud application.
- Route tables and gateways in VPCs. Private, public and hybrid subnets.
- Security in a VPC: NACLs (Network Access Control Lists) and Security groups. Stateless and stateful rules, inbound and outbound rules.
- Peering among VPCs
The AWS Command ine Interface (CLI)
- Installing AWS CLI as a Python package. AWS CLI configuration.
- AWS CLI and security. Keys. Credentials. Profiles. Roles.
- AWS CLI command structure and syntax. Command parameters. Interactive help. JSON syntax vs. abbreviated syntax.
- Example: AWS CLI and EC2.
The elastic cloud: load-balancing and auto-scaling in AWS
- Elastic load balancing (ELB): routing requests to an instance pool.
- Load balancer types. LB creation. Managing an LB and the associated EC2 instances. Security.
- Health checking a load-balanced instance pool.
- Auto-scaling. Launch configurations. Auto-scaling groups: creation and management. Auto-scaling and ELBs.
- Scaling policies: increase and decrease policies. Scaling thresholds. SNS notifications. Stress tests.
A short selection of cloud computing advanced services
- AWS IOT (Internet of Things) services
- AWS machine learning services
- AWS big data services
- Containers and the cloud
- LABORATORY
- Amazon web services
- Microsoft azure
- Google app engine
- Open cloud solutions: openstack
- Virtualization for Linux
- Docker and containerization
- Devops and CI/CD
- AWS IOT
Textbook Information
- CLOUD SYSTEMS
- Online documentation, detailed by lecture notes (published on the Studium portal).
- Distributed Systems. Principles and Paradigms. Andrew S. Tanenbaum, Maarten Van Steen. Pearson Education. 2007.
- Distributed Systems: Concepts and Design, 4th edition. Coulouris, Dollimore and Kindberg. Pearson Education. 2005.
- LABORATORY
Technical documentation available from sites of main cloud vendors and providers.