Cloud computing stands out as an infrastructure and service model that allows the demand owner to have a measurable, location-independent and multi-tenant usage model, with the principle pay as much as you use as self-service; through a cloud services platform that serves flexibly scalable computing power, storage, network via a cloud services platform.

According to NIST [1] (National Institute of Standards & Technology), a cloud system must have the following features:

  • On-demand self-service: Provides computing capabilities (computing, network, storage) without human interaction, ie virtual machine and networking.
  • Broad Network Access: Services can be used over the network and these services can be accessed with standard mechanisms.
  • Resource Pooling: Computing resources are collected to serve multiple customers using a multi-tenant model. The client often does not know exact location of resources.
  • Rapid Elasticity: Abilities can be provided elastically and can be scaled quickly.
  • Measured Service: Resource usage can be monitored, controlled and reported.


Cloud Service Models

According to NIST, cloud service models are classified in three groups: cloud infrastructure service, cloud platform service and cloud software service.

Cloud Infrastructure Service (IaaS)

IaaS (Infrastructure as a Service) allows customers to run, control and maintain operating systems and software applications they want, while the cloud service provider is responsible for the management and the maintenance of the physical infrastructure. Customer is responsible for the security of his/her own data. Cloud providers are responsible for physical security as they provide infrastructure support. Examples of IaaS cloud service provider services include OpenStack, GoGrid, Amazon Elastic Computing Cloud (EC2), and Rackspace Cloud.

Cloud Platform Service (PaaS)

In the PaaS (Platform as a Service) service model, the cloud service provider also provides operating systems and server applications used by its customers in addition to IaaS services. PaaS allows customers to use cloud infrastructure of the cloud service provider to host their web applications or software. Generally, while the cloud service provider controls and maintains the physical hardware, the operating systems and the server applications, the cloud customer should just ensure that their applications are securely run in the cloud. Therefore, while customers are mainly responsible for vulnerabilities associated with their applications, the cloud service provider is not only responsible for physical security but also for security vulnerabilities related to network connections, data storage and data access. Examples of PaaS cloud services include Kubernetes, Cloud Foundry, Amazon Web Services Elastic Beanstalk, and Microsoft Windows Azure platform.


Cloud Software Service (SaaS)

With the SaaS (Software as Service) cloud service model, cloud customers are provided with software applications those use cloud infrastructures and cloud platforms. These end user applications are generally accessed by users via their web browser, as there is no need to install additional software or perform maintenance. While the cloud service provider usually controls and maintains physical infrastructure, operating systems, and software applications, the cloud customer only checks and configures specific application configuration settings those are specific to them. The cloud service provider is responsible for maintaining any security in this service. Examples of SaaS cloud service model are Google Gmail and Microsoft Office 365.



Public Cloud

It is a type of cloud created by the service provider by allowing individuals or businesses to access the applications on the internet. Businesses or individuals do not technically have any responsibilities or rights in the management or operation of public cloud infrastructure systems. It is generally unknown where the infrastructure that is being used and by whom it is managed. This method does not require any hardware or software, and there is no infrastructure management cost for the users.

Web sites such as map applications on the Internet, storage services, online shopping sites, mail services can be given as examples of the public cloud.


Private Cloud (Co-Location)

It is a type of cloud that is private to the enterprise and allows the enterprise to manage the entire infrastructure, which can be kept within the enterprise itself or can be hosted outside the enterprise or as a location service from other data centers.

An example of a private cloud is the location of the business's own IT infrastructure equipment in a data center and receiving service from there with its own management.


Community Cloud

These are the systems that have similar needs for some services such as security, policy and privacy of the cloud infrastructure and are shared with institutions or organizations acting together.

E-government application for the community cloud is an example.


Hybrid Cloud

This model is an integrated infrastructure that includes the features of two or more cloud infrastructures and allows them to be used together.

Vehicle tracking application running on private cloud can be exemplified as hybrid cloud using map application provided as Google's public cloud service.


Advantages of Cloud Computing

  • Low Cost: Instead of establishing a service infrastructure within its own organization, each company can meet the service it needs at an affordable cost by using cloud computing. In addition, it is paid as it is used and there is no fixed investment cost accordingly.
  • Flexibility and Efficiency: With the increase in the required service areas, the resource areas used in the cloud computing platform can be easily increased.
  • Scalability and Adjustable Capacity: The cloud is a continuously active computing and storage resource that allows users to shape their consumption according to their needs.
  • Sharing and Collaboration: Cloud computing allows users to develop software and services to increase collaboration and share information.
  • Ease of Access: Cloud computing provides access to powerful processing and storage resources over the internet at any time. In this way, the company provides its employees an independent working environment.
  • Environmentally Friendly: Provides energy savings compared to the use of physical servers



OpenStack is a free and open source software platform project created to provide cloud computing services in the IaaS model, by being designed to provide management and control of high computing, storage and network resources in data centers.

  • Some or all of the services can be loaded based on the needs.
  • It is open-source, licensed under the Apache license.
  • Python language is mostly used in the development.
  • There is a transparent and open management style in development processes.
  • Each service has an application programming interface (API) that facilitates integration with each other.
  • It works with standard or commodity hardware and does not require special vendor hardware.
  • It supports commonly used virtualization technologies such as KVM, Xen, ESXi, Hyper-V, Docker.
  • A newer version is released every 6 months and OpenStack Summit is arranged for the new updates.


Service Name

Service Task

Management Panel (Dashboard)

It provides a web interface for system managers and users to manage OpenStack resources and services.

Compute Service

Nova enables creating virtual machines and physical (baremetal) servers (via Ironic service). Also, it has limited support for system containers.


It is responsible for creating virtual network, and also provides interconnection between OpenStack services.

Blok Storage

It provides storage area for active virtual machines and containers.

Identity Service

It provides authentication and authorization for OpenStack services.

Image Service

It manages operating system images those will be used within virtual machines.

Telemetry (Alarming) Service

It is responsible for collecting, storing, analyze and monitor information about usage of virtual and physical resources  (CPU, memory, etc.).

Orchestration Service

It is responsible for automatically creation of cloud applications based on text-formatted templates.

Big Data Processing Framework Provisioning

It is responsible for automatically an rapidly creation of big data clusters by using big data frameworks such as Apache Hadoop, Apache Spark, Apache Storm and Hortonworks Data Platform.

Container Orchestration Engine Provisioning

It is responsible for rapidly creation of container clusters by using orchestration motors such as Kubernetes, Docker Swarm and Mesos.

Billing and Chargebacks

It is responsible for taking the measurements of certain metrics that allow metric-based ranking in order to perform pricing on the cloud and apply the rating rules and send them to the storage resource.

Bare Metal Provisioning Service

It enables creating physical servers and system to be prepared.

Application Catalog

It is store of applications and platforms those are proper to work on cloud.


It is a multi-tenant, scalable, high performance and fault-tolerant monitoring system that is open-sourced and proper for integration with OpenStack.

Container Service

It enables creating containers on OpenStack.

Instances High Availability Service

It enables automatic rescue of virtual machines in case of failure of KVM based virtual machines of failure of physical servers.


Safir Bulut (Safir Cloud) is a private cloud of TÜBİTAK BİLGEM B3LAB, that is forked from OpenStack Cloud Infrastructure and customized based on the needs with high accessibility. Safir Bulut, which can be automatically installed by using OpenStack Ansible, was forked from OpenStack Mitaka version in 2016. The current servicing Safir Bulut, which had been updated with OpenStack Pike version, includes features such as a record panel, tracking panel, pricing service, migration service and DevOps, and its capabilities are being increased day by day.

Features of Safir Bulut

  • Projects can be isolated with VLAN-based network.
  • Users can register themselves with their corporate e-mail addresses without applying to any authority.
  • Users can track the consumption data (consumption of CPU, memory and network) of the resources (virtual machine, disk, network, etc.) they use.
  • Users can create Hortonworks 3.0 big dataset. New Hortonworks versions can be quickly integrated into the Safir infrastructure environment.
  • Users can easily create Kubernetes clusters.
  • With the SafirBilling pricing service, users can track the amount of credits / TL consumed.
  • The status of the system can be monitored instantly with Prometheus and Grafana software.
  • Logs can be monitored and analyzed with ELK Stack.



[1] Mell P. ve Grance T. (2011), The NIST Definition of Cloud Computing, National Institute of Standards and Technology, Information Technology Laboratory