Lesson 2- Understanding Virtualization and Cloud Computing
Shared Security Model
The CSP is responsible for the physical security of the data center and hardware availability. The organization is responsible for the security of the data housed on that hardware.
Software as a Service (SaaS)
consumers have access to the software, but the responsibility for installing, maintaining, patching, and upgrading that software lies with the vendor.
Rapid elasticity
esource use is scaled up and down as needed, permitting consumers to pay for the quantity of resources that they need at any given time
VM local network access
network access only to other virtual machines on the same host
Per-instance licensing
one license for each instance of the software installed. If there are twenty copies of the software installed, it requires twenty licenses.
Per-socket licenses
one license for each processor socket enabled on the server's motherboard. The motherboard may contain more sockets than are licensed, but the extra sockets are disabled.
How should you provision resources to VMs
overprovision; more than the anticipated need
Measured service
resource utilization is monitored and billed based on actual use
Community Cloud
serves a specific community with common business models, security requirements, and compliance considerations share cost
Private Cloud
serves only one customer or organization and can be located on the customer's premises or off the customer's premises
Public Cloud
shared by multiple customers; there is an increased risk of leaks
Infrastructure as a Service (IaaS)
the delivery of computer hardware capability, including the use of servers, networking, and storage, as a service
Redundancy
the inclusion of extra components so that a system can continue to work even if individual components fail; if something fails it fails over to another component
On-demand self-service
users can increase storage and processing power as needed
Platform as a Service (PaaS)
A cloud service in which consumers can install and run their own specialized applications on the cloud computing network. infrastructure software and operating system
Hybrid cloud
A combination of public and private clouds.
single point of failure
A component or entity in a system which, if it no longer functions, would negatively affect the entire system.
Network Address Translation (NAT)
A technique that allows private IP addresses to be used on the public Internet.
Broadnetwork Access
All devices can access data and apps
Virtualization
Creates multiple "virtual" machines on a single computing device
Cloud-based virtualization
Sysadmins have less control over hardware, software, and resource access than they would with on-premises deployments. Access to resources is also dependent on a reliable and sufficiently fast Internet connection.
Cloud Computing characteristics
On-Demand Self Service Rapid Elasticity Broad Network Access Resource Pooling Measured Service
Hypervisor
Software that enables a single computer to run multiple operating systems simultaneously. It allocates resources to VMs.
Type 1 hypervisor
Software to manage virtual machines that are installed before any operating system is installed; more centralized management Ex: Hyper V type 1, proxmox,docker
Type 2 hypervisor
Software to manage virtual machines that is installed as an application in an operating system. Ex: oracle box, hyper-v type 2
On-premises virtual servers
VMs often provide greater scalability, disaster recovery, and high availability allow an organization to retain complete control of the hardware, OS, applications, and data
resource pooling
compute resources are pooled together and then allocated to tenants on an as-needed basis
VM Host-only network access
access only to the host computer and not to the physical network or Internet
VM bridged network access
access to the physical network or Internet
VM no network access
as if they have no NIC installed
