MOD005714 Data Centre and Cloud Infrastructures.

Data Centre and Cloud Infrastructures

Service Management & Security Concerns

A cloud service provider for DoDo.Com uses 50 percent of its data centre equipment to setup a cloud infrastructure. The remaining equipment is used for internal operations and for testing. The cloud infrastructure consists of a hypervisor cluster. A resource pool is created by aggregating the available resources of the hypervisor cluster. The cloud infrastructure is used to provide compute services. The services are allocated necessary processing power and memory resources from the resource pool.

The hypervisor cluster is composed of 10 identical physical compute systems containing 2 redundant (passive) compute systems. This means that the cluster can absorb up to two compute system failures and continue to support all services at the same level of performance.

The available processing power and memory per physical compute system in the cluster is equal to 20.8 GHz and 96 GB respectively. The existing resources in the data centre can meet capacity requirement of services in short-term. However, the provider should procure and provision additional resources as required to avoid the capacity issues in future. Further, the provider is concerned about security attacks that may compromise the hypervisors running on the physical compute systems. The provider should take control measures to protect against such attacks.

The capacity management process in a service provider`s organization is shown in the ?gure. The process comprises several activities, shown in rectangular boxes. The process also consists of conditions. They allow the process to branch into different directions, depending on whether the conditions are met or not.

Given: The thresholds for over utilization and underutilization of resources are 70 percent and 40 percent utilization of total resource capacity respectively. These are used to determine whether the resource pool is over utilised or underutilised.

Part (a) (500 words maximum)

DoDo.Com is asking you as its cloud provider to establish the required capacity management activities marked by X1` and X2` in the previous ?gure for below cases:

Case 1: Processing power already allocated to services from the resource pool is equal to 48GHz and memory capacity already allocated to services from the resource pool is equal to 122 GB

Case 2: Processing power already allocated to services from the resource pool is equal to 112GHz and memory capacity already allocated to services from the resource pool is equal to 340 GB.

Document your calculations and recommend what actions the server provider should take in each scenario with appropriate justi?cations.

Part (b) (2500 words maximum)

In a formal report, justify to the client what security control measures should be undertaken to address their security concerns especially with regard to cloud compute functions and in particular hypervisor vulnerabilities especially with regard to cloud service providers.

The service provider needs to know what current vulnerabilities exist "out in the wild" with respect to hypervisors affecting service providers and what you predict may become a problem in the future, justi?ed by the use of literature.