Cloud systems and LAB

Module cloud systems

This course aims at delivering the conceptual foundations essential for the development of cloud solutions and systems, and, more generally, distributed systems. As a concrete cloud example, the course will present Amazon AWS, chosen because of its rich and complete range of services and solutions, which make it the archetypal commercial cloud, as well as because of the free credit offered to educational institutions. AWS services treated will include storage, networking, access control and compute services (at the IaaS and PaaS level), possibly combined with load balancing and auto-scaling architectures.

General learning objectives expected

Knowledge and understanding: students will acquire a precise knowledge and understanding of the conceptual foundations (i.e., fundamental concepts, problem classes and relevant solutions) pertaining to cloud systems.
Applying knowledge and understanding: students will become capable of applying solutions and paradigms learned within the course to practical contexts and scenarios, similar to, or derived from, those explicitly presented, thus perfecting their skills as cloud designers/architects/engineers. These abilities will be enhanced thanks to practice sessions and lab activities.
Making judgements: students will acquire the ability to assess the relative merits and limits of solutions proposed, within the course and in the literature, for problems and scenarios typical of cloud computing; this will enable them to tackle the actuall challenges potentially facing a cloud engineer/architect.
Communication skills: students will learn the terminology specific to cloud computing, and acquire the communication skills required to express and discuss, at a rigorous technical level, problems of interest for the field.
Learning skills: students will become capable to profitaby read and understand the scientific and technical literature in the field of cloud computing, in order to apply its results and solutions to concrete problems arising in the design and implementation of cloud ssytems.

Lectures will mainly consist in live sessions dealing with cloud usage, administration and development. These will be carried out by the lecturer and replicated, with suggested variations, by students, on their notebooks or lab workstations. As a framework and guidance for such sessions, lecture notes will be displayed during the lecture and shared with students through the Studium portal or the University's Teams platform. They will provide a precise record of the material presented, as well as pointers to the required reference technical documentation.

​Fundamentals of distributed systems

• Clock synchronization in distributed systems.
• Lamport's logical clocks and temporal ordering of events.
• Construction of the global state in a distributed system.
• Election and mutual exclusion.
• Consistency in a distributed system: weak and strong forms with applications.
• Data and computing replication in distributed systems.
• Fault tolerance in distributed systems: concepts and techniques.

Introduction to cloud computing

• Principles and main characteristics.
• Service models: IaaS, PaaS, SaaS, XaaS.
• Geographical aspects of cloud computing: Amazon AWS' regions and Availability Zones. Edge locations. Availability considerations.
• AWS cost models and educational usage.

Cloud computig services

• AWS EC2. Instances: creation and management.
• Secure access with a private-public key pair.
• Linux EC2 instances and ssh. Windows EC2 instances and Remote Desktop.

Cloud storage services

• The AWS S3 service.
• Buckets as persistent object containers: properties and permissions.
• Management of objects within an S3 bucket.

Cloud access control

• The AWS IAM service: Identity and Access Management.
• Resources, access policies and permissions.
• Users and user groups.
• Naming in AWS: Amazon Resource Name (ARN).
• Policy files: JSON source and policy wizard usage.
• AWS roles for granting temporary authorizations.
• Federated authentication.
• Multi-factor Authentication (MFA).
• User/group-centric policies vs. resource-centric policies.
• Cross-account resource access.

Cloud networking

• AWS Virtual Private Clouds (VPC).
• Regions, availability zones, VPCs and subnets.
• Network architecture for a typical multi-tier cloud application.
• Route tables and gateways in VPCs. Private, public and hybrid subnets.
• Security in a VPC: NACLs (Network Access Control Lists) and Security groups. Stateless and stateful rules, inbound and outbound rules.
• Peering among VPCs

The AWS Command Line Interface (CLI)

• Installing AWS CLI as a Python package. AWS CLI configuration.
• AWS CLI and security. Keys. Credentials. Profiles. Roles.
• AWS CLI command structure and syntax. Command parameters. Interactive help. JSON syntax vs. abbreviated syntax.
• Example: AWS CLI and EC2.

The elastic cloud: load-balancing and auto-scaling in AWS

• Elastic load balancing (ELB): routing requests to an instance pool.
• Load balancer types. LB creation. Managing an LB and the associated EC2 instances. Security.
• Health checking a load-balanced instance pool.
• Auto-scaling. Launch configurations. Auto-scaling groups: creation and management. Auto-scaling and ELBs.
• Scaling policies: increase and decrease policies. Scaling thresholds. SNS notifications. Stress tests.

• AWS IOT (Internet of Things) services
• Machine learning services on the public cloud
• Big data services on the public cloud
• Containers and the cloud

1. Online documentation, detailed by lecture notes (published on the Studium portal or the University's Teams platform).
2. Distributed Systems. Principles and Paradigms. Andrew S. Tanenbaum, Maarten Van Steen. Pearson Education. 2007.
3. Distributed Systems: Concepts and Design, 4th edition. Coulouris, Dollimore and Kindberg. Pearson Education. 2005.
4. Lecture notes.

Consistency protocols.
Distributed snapshots.
The Byzantine generals problem.
Data-centric and client-centric consistency.
AWS EC2.
AWS S3.
AWS IAM.
AWS networking.
AWS load balancing and autoscaling.