Cloud Service Terminologies
CSP: Cloud Service Provider, including private cloud and on-prem data center environments.
CSP Resource Hierarchy - Represents the hierarchy of resources that a particular on-prem or cloud infrastructure provider uses to represent its computing resources
<!-- TODO: we only list AWS stuff, probably should update, e.g. Azure Subscription? --> Cloud Organization: AWS Organization Unit
Cloud Account: AWS Account
Region: Regions that Cloud Providers define as well as the location of physical data centers
Availability Zone: Availability zones that Cloud Provides define as well as on-prem availability zones (based on data centers, building, etc., depending on customers’ environments)
Compute Instance: Represent a virtual machine or a physical host (e.g., AWS EC2 instances, Google Compute Engine, Azure Virtual Machine in Azure, baremetal hosts)
VPC (Virtual Private Cloud): AWS Virtual Private Cloud, GCP Virtual Private Cloud, Azure Virtual Network . Possibly bare-metal network isolation (e.g., vLAN). Each VPC has RFC1918 Address space and therefore VPC’s can have overlapping IP Spaces.
Security Group: Non RFC 1918 address space based network isolation segments or isolated subnets.
AutoScalingGroup: AWS Auto Scaling Groups, GCP Autoscaling, Groups, Azure Autoscale
Persistent Disk: AWS EBS, GCP Persistent Disk, Azure Drivers
Load Balancer: AWS ELB, GCP Cloud Load Balancer, Azure Load Balancer , F5, ALB, NLB
Global Controller - CloudNatix Global Multi-Tenant Controller for managing individual Tenant Cluster Controllers and providing a global control plane for Cloudnatix customers.
Cluster Controller - Dedicated Cluster Controller inside customer’s local environment
Cluster: A computing environment controlled by a single Cluster Controller and set of Host Agents.
- There is a one-to-one mapping between Cluster Controller and a cluster
- Cluster also means a k8s cluster internally
- Our standard installation procedure is to have at most one cluster per VPC.
CloudNatix Tenant Hierarchy - The hierarchy representing how CloudNatix resources, such as jobs and services are organized for developers to consume excess capacity and run jobs.
<!-- TODO: Tenant doesn't have to be a tenant, a company can have multiple tenants or a singular tenant depending on what they want; e.g. Meta may have seperate tenants for Facebook, Instagram, WhatsApp, etc. -->
CloudNatix Tenant - The company inside CloudNatix Multi-tenant Global Controller. Company as a strong isolation boundary. One tenant ID will be created by the CloudNatix team for each new company that is on-boarded.
CloudNatix Organization - An organization within a Tenant. A company can use Organization to organize “Organization Units or Businesses'', “Projects” or Environments such as “Dev”, “Stage” and “Production". Organizations can be nested within an organization. Organization is an entity that has different attributes attached to it (like resources, Users, other organizations, budgets and expenses etc.). It can also be summarized as an owner of a group of resources.
Identity and Access Management
User: Individual login ids to CloudNatix console or CLI
User Groups - CloudNatix uses user groups to restrict and manage user access to CloudNatix organizations. Initially, we will have 2 User Groups where the user will need to be provisioned to, each User Group will have an associated Role. The built-in user groups are:
Role: Controls the operations that users in that role can perform. Initially there are administrator and user roles.
- Administrator role has admin privileges allowing them to create and delete operations on entities and resources belonging to their respective organization(s).
- User role can only run and monitor workloads in the entities and resources allocated for them.
- Roles are attached to organizations and inherited by sub-organizations.
Workload: Various sets of compute “load” that consume compute resources