1. Service models — who manages what
The NIST stack of nine layers, from networking to application. Pick a delivery model and see where the line between provider-managed and you-managed falls — the defining difference between On-Prem, IaaS, PaaS and SaaS.
Green = your responsibility · indigo = the cloud provider's.
2. Virtual machines vs containers
Both pack workloads onto one host, but VMs each carry a full guest OS over a hypervisor, while containers share the host kernel. Set the per-workload footprint and watch how many of each fit before the host's RAM is exhausted.
3. Horizontal autoscaling
A fluctuating request load arrives; an autoscaler adds or removes instances to keep per-instance utilization inside a target band. Watch instances spin up and down in real time and see how the target threshold trades cost against headroom.
4. Load-balancing algorithms
A load balancer spreads incoming requests across a backend pool. Compare round-robin, least-connections and weighted distribution, and pull a backend offline to see how traffic redistributes.
Click a backend to toggle it healthy / down.
5. Availability & redundancy
A "number of nines" SLA caps annual downtime. For $n$ identical components each up with probability $p$, redundancy in parallel gives $1-(1-p)^n$ while a series chain gives $p^{\,n}$. See how composition shifts the system's effective availability.
6. Serverless — cold starts & concurrency
A FaaS platform (Azure Functions, AWS Lambda) holds no idle servers: each concurrent request needs a warm worker, and a fresh worker pays a cold-start penalty. Fire bursts of events and watch workers warm, run and idle out.
7. Cost models & FinOps
The same VM workload costs wildly different amounts depending on the pricing model. Compare on-demand, 1- and 3-year reserved/committed use, and spot — for a chosen running fraction and discount, against the equivalent always-on monthly bill.
8. CAP theorem & distributed data
A partition splits a distributed datastore into two halves. With a network partition present you must choose: keep serving (Availability, risking stale reads) or refuse writes (Consistency). Toggle the partition and the policy to see what each replica returns.
9. Kubernetes — scheduling & self-healing
A Deployment declares a desired replica count; the scheduler bin-packs pods onto nodes by available CPU. Kill a node and the controller reschedules its pods elsewhere — the essence of declarative, self-healing orchestration.
Click a node to cordon/kill it; pods reschedule.
10. DDoS & rate limiting
A token-bucket rate limiter is the front line against floods. Legitimate users and an attacker both hit the edge; the bucket refills at a fixed rate and drops requests when empty. Tune the bucket and watch good vs malicious traffic get admitted or shed.
11. Infrastructure as Code — plan & drift
Terraform compares your declared desired state against the real current state and prints a plan: resources to +create, ~update or -destroy. Toggle resources in each column and read the plan, then apply to converge.
Click a resource: left col toggles desired (.tf), right col toggles deployed reality (drift).