Home > Store

Cloud Computing Design Patterns

Register your product to gain access to bonus material or receive a coupon.

Cloud Computing Design Patterns

eBook (Watermarked)

  • Your Price: $31.99
  • List Price: $39.99
  • Includes EPUB and PDF
  • About eBook Formats
  • This eBook includes the following formats, accessible from your Account page after purchase:

    ePub EPUB The open industry format known for its reflowable content and usability on supported mobile devices.

    Adobe Reader PDF The popular standard, used most often with the free Adobe® Reader® software.

    This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.


  • Copyright 2015
  • Dimensions: 7" x 9-1/8"
  • Edition: 1st
  • eBook (Watermarked)
  • ISBN-10: 0-13-385861-8
  • ISBN-13: 978-0-13-385861-7

“This book continues the very high standard we have come to expect from ServiceTech Press. The book provides well-explained vendor-agnostic patterns to the challenges of providing or using cloud solutions from PaaS to SaaS. The book is not only a great patterns reference, but also worth reading from cover to cover as the patterns are thought-provoking, drawing out points that you should consider and ask of a potential vendor if you’re adopting a cloud solution.”
--Phil Wilkins, Enterprise Integration Architect, Specsavers

“Thomas Erl’s text provides a unique and comprehensive perspective on cloud design patterns that is clearly and concisely explained for the technical professional and layman alike. It is an informative, knowledgeable, and powerful insight that may guide cloud experts in achieving extraordinary results based on extraordinary expertise identified in this text. I will use this text as a resource in future cloud designs and architectural considerations.”
--Dr. Nancy M. Landreville, CEO/CISO, NML Computer Consulting

The Definitive Guide to Cloud Architecture and Design
Best-selling service technology author Thomas Erl has brought together the de facto catalog of design patterns for modern cloud-based architecture and solution design. More than two years in development, this book’s 100+ patterns illustrate proven solutions to common cloud challenges and requirements. Its patterns are supported by rich, visual documentation, including 300+ diagrams.

The authors address topics covering scalability, elasticity, reliability, resiliency, recovery, data management, storage, virtualization, monitoring, provisioning, administration, and much more. Readers will further find detailed coverage of cloud security, from networking and storage safeguards to identity systems, trust assurance, and auditing.

This book’s unprecedented technical depth makes it a must-have resource for every cloud technology architect, solution designer, developer, administrator, and manager.

Topic Areas

  • Enabling ubiquitous, on-demand, scalable network access to shared pools of configurable IT resources
  • Optimizing multitenant environments to efficiently serve multiple unpredictable consumers
  • Using elasticity best practices to scale IT resources transparently and automatically
  • Ensuring runtime reliability, operational resiliency, and automated recovery from any failure
  • Establishing resilient cloud architectures that act as pillars for enterprise cloud solutions
  • Rapidly provisioning cloud storage devices, resources, and data with minimal management effort
  • Enabling customers to configure and operate custom virtual networks in SaaS, PaaS, or IaaS environments
  • Efficiently provisioning resources, monitoring runtimes, and handling day-to-day administration
  • Implementing best-practice security controls for cloud service architectures and cloud storage
  • Securing on-premise Internet access, external cloud connections, and scaled VMs
  • Protecting cloud services against denial-of-service attacks and traffic hijacking
  • Establishing cloud authentication gateways, federated cloud authentication, and cloud key management
  • Providing trust attestation services to customers
  • Monitoring and independently auditing cloud security
  • Solving complex cloud design problems with compound super-patterns

Sample Content

Table of Contents

Chapter 1: Introduction     1
Objective of This Book     2
What This Book Does Not Cover     2
Who This Book Is For     2
Origin of This Book     3
Recommended Reading     3
How This Book Is Organized     3
Chapter 3: Sharing, Scaling and Elasticity Patterns     4
Chapter 4: Reliability, Resiliency and Recovery Patterns     4
Chapter 5: Data Management and Storage Device Patterns     4
Chapter 6: Virtual Server and Hypervisor Connectivity and Management Patterns     4
Chapter 7: Monitoring, Provisioning and Administration Patterns     4
Chapter 8: Cloud Service and Storage Security Patterns     4
Chapter 9: Network Security, Identity & Access Management and Trust Assurance Patterns     4
Chapter 10: Common Compound Patterns     5
Appendix A: Cloud Computing Mechanisms Glossary     5
Appendix B: Alphabetical Design Patterns Reference     5
Additional Information     5
Symbol Legend     5
Pattern Documentation Conventions     5
Updates, Errata, and Resources (www.servicetechbooks.com)      6
Cloud Computing Design Patterns (www.cloudpatterns.org)      6
What Is Cloud? (www.whatiscloud.com)      6
Referenced Specifications (www.servicetechspecs.com)      6
The Service Technology Magazine (www.servicetechmag.com)      6
CloudSchool.com Certified Cloud (CCP) Professional (www.cloudschool.com)      6
Social Media and Notification     7
Chapter 2: Understanding Design Patterns     9
About Pattern Profiles     11
Requirement     11
Icon     11
Problem      11
Solution     12
Application     12
Mechanisms     12
About Compound Patterns     12
Design Pattern Notation     13
Capitalization     13
Page Number References     13
Measures of Design Pattern Application     13
Working with This Catalog     14
Chapter 3: Sharing, Scaling and Elasticity Patterns     15
Shared Resources     17
Problem     17
Solution     18
Application     19
Mechanisms     21
Workload Distribution     22
Problem     22
Solution     22
Application     22
Mechanisms     24
Dynamic Scalability     25
Problem     25
Solution     27
Application     28
Mechanisms     31
Service Load Balancing     32
Problem     32
Solution     33
Application     34
Mechanisms     36
Elastic Resource Capacity     37
Problem     37
Solution     37
Application     38
Mechanisms     40
Elastic Network Capacity     42
Problem     42
Solution     43
Application     43
Mechanisms     43
Elastic Disk Provisioning     45
Problem     45
Solution     46
Application     48
Mechanisms     49
Load Balanced Virtual Server Instances     51
Problem     51
Solution     52
Application     53
Mechanisms     55
Load Balanced Virtual Switches     57
Problem     57
Solution     58
Application     58
Mechanisms     60
Service State Management     61
Problem     61
Solution     61
Application     62
Mechanisms     63
Storage Workload Management     64
Problem     64
Solution     64
Application     66
Mechanisms     69
Dynamic Data Normalization     71
Problem     71
Solution     72
Application     72
Mechanisms     73
Cross-Storage Device Vertical Tiering     74
Problem     74
Solution     76
Application     76
Mechanisms     79
Intra-Storage Device Vertical Data Tiering     81
Problem     81
Solution     81
Application     82
Mechanisms     85
Memory Over-Committing     86
Problem     86
Solution     87
Application     88
Mechanisms     89
NIC Teaming     90
Problem     90
Solution     90
Application     91
Mechanisms     92
Broad Access     93
Problem     93
Solution     93
Application     94
Mechanisms     94
Chapter 4: Reliability, Resiliency and Recovery Patterns     97
Resource Pooling     99
Problem     99
Solution     99
Application     100
Mechanisms     103
Resource Reservation     106
Problem     106
Solution     107
Application     107
Mechanisms     110
Hypervisor Clustering     112
Problem     112
Solution     112
Application     114
Mechanisms     117
Redundant Storage     119
Problem     119
Solution     121
Application     121
Mechanisms     122
Dynamic Failure Detection and Recovery     123
Problem     123
Solution     123
Application     123
Mechanisms     126
Multipath Resource Access     127
Problem     127
Solution     128
Application     129
Mechanisms     131
Redundant Physical Connection for Virtual Servers     132
Problem     132
Solution     133
Application     134
Mechanisms     136
Synchronized Operating State     138
Problem     138
Solution     138
Application     139
Mechanisms     142
Zero Downtime     143
Problem     143
Solution     143
Application     144
Mechanisms     144
Storage Maintenance Window     147
Problem     147
Solution     148
Application     148
Mechanisms     154
Virtual Server Auto Crash Recovery    155
Problem     155
Solution     156
Application     157
Mechanisms     158
Non-Disruptive Service Relocation     159
Problem     159
Solution     160
Application     160
Mechanisms     164
Chapter 5: Data Management and Storage Device Patterns     167
Direct I/O Access     169
Problem     169
Solution     169
Application     169
Mechanisms     171
Direct LUN Access     173
Problem     173
Solution     174
Application     174
Mechanisms     176
Single Root I/O Virtualization     178
Problem     178
Solution     179
Application     179
Mechanisms     180
Cloud Storage Data at Rest Encryption     181
Problem     181
Solution     182
Application     182
Mechanisms     183
Cloud Storage Data Lifecycle Management     184
Problem     184
Solution     185
Application     185
Mechanisms     186
Cloud Storage Data Management     187
Problem     187
Solution     188
Application     188
Mechanisms     189
Cloud Storage Data Placement Compliance Check     190
Problem     190
Solution     191
Application     191
Mechanisms     192
Cloud Storage Device Masking     194
Problem     194
Solution     194
Application     195
Mechanisms     197
Cloud Storage Device Path Masking     198
Problem     198
Solution     198
Application     199
Mechanisms     200
Cloud Storage Device Performance Enforcement     201
Problem     201
Solution     202
Application     202
Mechanisms     203
Virtual Disk Splitting     204
Problem     204
Solution     205
Application     206
Mechanisms     209
Sub-LUN Tiering     210
Problem     210
Solution     210
Application     211
Mechanisms     213
RAID-Based Data Placement     214
Problem     214
Solution     214
Application     215
Mechanisms     217
IP Storage Isolation     218
Problem     218
Solution     218
Application     218
Mechanisms     220
Chapter 6: Virtual Server and Hypervisor Connectivity and Management Patterns     221
Virtual Server Folder Migration     223
Problem     223
Solution     225
Application     225
Mechanisms     226
Persistent Virtual Network Configuration     227
Problem     227
Solution     227
Application     228
Mechanisms     229
Virtual Server Connectivity Isolation     231
Problem     231
Solution     232
Application     233
Mechanisms     234
Virtual Switch Isolation     235
Problem     235
Solution     236
Application     236
Mechanisms     238
Virtual Server NAT Connectivity     240
Problem     240
Solution     240
Application     240
Mechanisms     243
External Virtual Server Accessibility     244
Problem     244
Solution     245
Application     245
Mechanisms     246
Cross-Hypervisor Workload Mobility     247
Problem     247
Solution     248
Application     250
Mechanisms     250
Virtual Server-to-Host Affinity     252
Problem     252
Solution     253
Application     254
Mechanisms     257
Virtual Server-to-Host Anti-Affinity     258
Problem     258
Solution     261
Application    261
Mechanisms    264
Virtual Server-to-Host Connectivity     265
Problem     265
Solution     266
Application     266
Mechanisms     266
Virtual Server-to-Virtual Server Affinity     267
Problem     267
Solution     269
Application     269
Mechanisms     271
Virtual Server-to-Virtual Server Anti-Affinity     272
Problem     272
Solution     275
Application     275
Mechanisms     277
Stateless Hypervisor     278
Problem     278
Solution     278
Application     279
Mechanisms     282
Chapter 7: Monitoring, Provisioning and Administration Patterns     283
Usage Monitoring     285
Problem     285
Solution     285
Application     286
Mechanisms     287
Pay-as-You-Go     288
Problem     288
Solution     288
Application     289
Mechanisms     291
Realtime Resource Availability     292
Problem     292
Solution     292
Application     293
Mechanisms     294
Rapid Provisioning     295
Problem     295
Solution     296
Application     296
Mechanisms     299
Platform Provisioning     301
Problem     301
Solution     301
Application     302
Mechanisms     304
Bare-Metal Provisioning     305
Problem     305
Solution     305
Application     305
Mechanisms     308
Automated Administration     310
Problem     310
Solution     310
Application     311
Mechanisms     314
Centralized Remote Administration     315
Problem     315
Solution     317
Application     317
Mechanisms     318
Resource Management     320
Problem     320
Solution     320
Application     321
Mechanisms     323
Self-Provisioning     324
Problem     324
Solution     325
Application     325
Mechanisms     329
Power Consumption Reduction     330
Problem     330
Solution     330
Application     331
Mechanisms     334
Chapter 8: Cloud Service and Storage Security Patterns     335
Trusted Platform BIOS     337
Problem     337
Solution     338
Application     339
Mechanisms     340
Geotagging     341
Problem     341
Solution     341
Application     342
Mechanisms     343
Hypervisor Protection     344
Problem     344
Solution     346
Application     347
Mechanisms     349
Cloud VM Platform Encryption     350
Problem     350
Solution     350
Application     352
Mechanisms     353
Trusted Cloud Resource Pools     354
Problem     354
Solution     354
Application     356
Mechanisms     358
Secure Cloud Interfaces and APIs     360
Problem     360
Solution     361
Application     361
Mechanisms     363
Cloud Resource Access Control     364
Problem     364
Solution     366
Application     368
Mechanisms     368
Detecting and Mitigating User-Installed VMs     369
Problem     369
Solution     371
Application     372
Mechanisms     374
Mobile BYOD Security     376
Problem     376
Solution     378
Application     380
Mechanisms     381
Cloud Data Breach Protection     382
Problem     382
Solution     384
Application     384
Mechanisms     386
Permanent Data Loss Protection     387
Problem     387
Solution     388
Application     389
Mechanisms     390
In-Transit Cloud Data Encryption     391
Problem     391
Solution     391
Application     392
Mechanisms     394
Chapter 9: Network Security, Identity & Access Management and Trust Assurance Patterns     395
Secure On-Premise Internet Access     397
Problem     397
Solution     398
Application     400
Mechanisms     403
Secure External Cloud Connection     404
Problem     404
Solution     404
Application     405
Mechanisms     408
Secure Connection for Scaled VMs     409
Problem     409
Solution     412
Application     414
Mechanisms     415
Cloud Denial-of-Service Protection     416
Problem     416
Solution     418
Application     419
Mechanisms     420
Cloud Traffic Hijacking Protection     421
Problem     421
Solution     423
Application     423
Mechanisms     424
Automatically Defined Perimeter     425
Problem     425
Solution     426
Application     427
Mechanisms     429
Cloud Authentication Gateway     430
Problem     430
Solution     431
Application     432
Mechanisms     435
Federated Cloud Authentication     436
Problem     436
Solution     438
Application     439
Mechanisms     443
Cloud Key Management     444
Problem     444
Solution     445
Application     446
Mechanisms     447
Trust Attestation Service     448
Problem     448
Solution     449
Application     449
Mechanisms     451
Collaborative Monitoring and Logging     452
Problem     452
Solution     455
Application     455
Mechanisms     459
Independent Cloud Auditing     460
Problem     460
Solution     461
Application     463
Mechanisms     464
Threat Intelligence Processing     465
Problem     465
Solution     466
Application     468
Mechanisms     469
Chapter 10: Common Compound Patterns     471
“Compound Pattern” vs. “Composite Pattern”      472
Compound Pattern Members     472
Joint Application vs. Coexistent Application     472
Private Cloud     474
Public Cloud     476
Software-as-a-Service (SaaS)      478
Platform-as-a-Service (PaaS)      480
Infrastructure-as-a-Service (IaaS)      482
Elastic Environment      484
Multitenant Environment     486
Resilient Environment     490
Cloud Bursting     492
Burst Out to Private Cloud     493
Burst Out to Public Cloud     496
Burst In     499
Secure Burst Out to Private Cloud/Public Cloud     501
Cloud Balancing     503
Cloud Authentication     505
Resource Workload Management     506
Isolated Trust Boundary     508
Appendix A: Cloud Computing Mechanisms Glossary     511
Appendix B: Alphabetical Design Patterns Reference     535
About the Authors     541
Index     543


Submit Errata

More Information

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020