IST 346 Exam 1-3
What is apt? (lab)
"Apt is a wrapper around the dpkg packaging system which is used for managing software on Debian Linux based distributions such as Ubuntu Linux, and it allows users to manage software systems"
Whats the nickname for managing IT
"Mission Impossible" - Everyone just expects technology to work all the time (Ex: dialing on a phone) and the person managing IT is expected to make that happen
computer
"an electronic device for storing and processing data, typically in binary form, according to instructions given to it in a variable program." - dictionary.com
tracert
(traceroute) For tracing the entire path a packet traverses to reach and endpoint
Difference between a Server, Client, and Service (slides)
- A Server is a computer which supplies 1 or more services. - A Service is a program running on a computer (typically a server) which is accessible over the network. - A Client is a computer which uses the service. Workstations are clients.
Network Interface Card (NIC)
- A circuit board or card that is installed in a computer so that it can be connected to a network. - Provides a computer with a dedicated, full-time connection to a network. - Can employ wired and/or wireless network connectivity.
Directory (online slides)
- A collection of information that is primarily searched and read, but rarely modified. - Named keys from namespaces are ideal storage candidates for directories.
What is a datacenter? (online slides)
- A data center is a place where you keep machines that are a shared resource -Ex: Server room, Machineroom, Server closet (hopefully not literally a "closet")
Server Appliances (online slides)
- A server appliance is dedicated hardware and software - The appliance fits a specific role: File Server, Web server, Load Balancer, Firewall, Router, etc. - You can use a OTS server to perform these tasks, so why buy? - Advantages:Easy to setup, Reliable, Performance - Disadvantages: Cost, Integration
Routers
- Act as a junction between two networks, and transfer data between them - Routers do most of the hard work on a network - They make decisions about where all messages travel on a network and whether to pass them between various networks. - They "bridge" different networks together. - Can provide additional networking features: DHCP, NAT, DMZ, Firewall, VPN
Vertical "Scale Up" (slides)
- Add more resources to an existing system running the service or split across layers. - Easier, but limited scale. - Single point of failure
A Monolithic Application (online slides)
- All layers within a single system - Simplest design - Single-User. Single Site. No Scale. - Multiple uses, multiple instances. - Example: MS Word, application on your phone. Can two people work on the same PowerPoint file at the same time? No!) Can everyone in your group edit the same word document at the same time? No!
NAT - network address translation
- Allows a router to present a single IP address to the Internet. - Keeps private networks private, while still able to communicate with external resources. - Used with port forwarding for inbound connections.
DNS - domain name services
- Allows translation of names to IP addresses. - Clients use DNS caches to store recently obtained Name/IP Address pairs.
Services must be:
- Always on - Must be tolerant to faults - Accessible remotely (slides)
Where do docker images come from?
- An image is essentially built from the instructions - Docker pull which is run automatically by docker run
Reliability: Environments (slides)
- Any service should have 3 environments - Usually, each environment is on separate hardware Prod: Primary Environment for the Service Dev: Where you build out new features for the service / upgrades Test: Mirror image of prod environment for testing purposes
Services (slides)
- Background process accessible over a network. - Typical environments have several services, and services often depend on other services. - Some services are simple, and have no interaction's on the user's part. (network time, or NTP for example) - It is best to think about any given service in terms of its anatomy and interdependencies.
Vulnerabilities (online slides)
- Bad default, or weak passwords. - Unused services with open ports. - Un-patched software vulnerabilities. - Transmitting data in clear text. - Open networks - Physical access to systems. - The users themselves
What is the difference between latency and bandwidth? (participation)
- Bandwidth Is your download/upload speed (measured in Bps, Mbps, Gbps). The maximum amount of data that can be uploaded or downloaded simultaneously - Latency Is the time taken to transfer data from A to B. (The higher the latency the longer it takes) Lower is better.
Relational Databases (online slides)
- Based on Relational theory, data are stored as rows in tables. - Very proven database model with wide adoption in industry - Uses custom query language SQL - Does not scale easily horizontally - Use cases (You need data consistency - Ad-Hoc Reporting and Querying) - Products (Oracle, Postgres, SQL Server, MySQL)
File Systems (online slides)
- Before a volume can be used it must be formatted with a File System. - A File System is the method for storing and organizing files and data on the volume. - Formatting is the act of setting up an empty file system on a volume. - Some file systems implement journaling, which writes to the volume in batches, improving performance and reducing the chances for errors. - Popular File Systems EXT4, ZFS, NTFS, HFS (Mac), zFAT
Trivial Vertical Scaling (slides)
- Buy your way out of the problem. - Buy a faster computer - Invest in a faster internet connection - We do this all the time with our phones, etc... Limited based on available technology.
Platform as a Service (PAAS) (online slides)
- Cloud providers deliver you the development environment for services where the user can develop and run in-house built applications. - These services might include an operating system, a programming language execution environment, databases and web servers. - Still offers shops flexibility to develop and customize their applications, but requires less of a skillset than IAAS as they no longer need to know how to setup and manage the infrastructure and Operating Systems. - Containers in the cloud are an example of PaaS - Sales Pitch: "We give you a setup so you can install or build your own app. No need to worry about the system administration." - Examples: Google App Engine, Heroku, Microsoft Azure App Service, Docker Cloud
Business Logic Layer (online slides)
- Code to address the Transformational Logic of the application; part of the application's functionality - Written in a programming language: Java, JavaScript, Python, C#, etc...
Presentation Layer (online slides)
- Code which addresses User interface concerns - Web: HTML and CSS - Mobile: Xcode interface builder / Android studio - Windows / Mac / Linux: Varies
Hubs
- Connect multiple Ethernet devices together - Hubs merely repeat signals out to all other ports (broadcast) - Inexpensive, simple way to connect computers - No smarts, unmanaged - Older Technology
Switches
- Connect multiple Ethernet devices together - Switches isolate ports by passing only data meant for that port. - Filters data packets, and only sends to the port which is connected to the destination address. - Offer a variety of management options.
What is a Disaster Recovery Plan? (online slides)
- Considers potential disasters. - Describes how to mitigate potential disasters. - Makes preparations to enable quick restoration of services. - Identifies key services and how quickly they need to be restored and in what order. Only High-Risk / High cost plans should be considered
Namespace Policy (online slides)
- Consistent namespaces make everyone's job easier. - Helps your users and admins find resources - A well-governed policy is the key to a consistent and reliable namespace. - The policy should have collision prevention for flat namespaces. - Once you decide on a naming convention, it is difficult to change it. - If there's one thing you should do by committee, its namespace policy creation! - ITS-Printer-MH250-01
Monolithic over Distributed Storage (online slides)
- Data storage is over a network but the rest of the application is monolithic. - Single-user multi-site. - Example: Two people share a word document over Google Drive.
IPv6
- Designed to address the increasing need for internet addresses. - Utilizes 128-bit addresses, providing more addresses to use. - 340 undecillion possible unique addresses. - First 48 bits are the network. - Example of an IPv6 address: - 2601:0681:4200:c5c0:516:f0bb:ac3b:46 bd
Typical Components of a Network - Computers and Peripherals:
- Desktops, Laptops - Phones, Tablets, Gaming Consoles - Servers - Printers, Speakers, Scanners, TV's - "Smart" devices (light switches, thermostats, etc.)
Supporting your service (slides)
- Document - Train your Staff - Dev / Test / Prod - One / Some / Many - Phased Roll Out. Get Buy in. - Measure to determine if you need to scale or have issues. - Advertise - Support!
Fix it once! (online slides)
- Don't use glue and duct-tape on a problem that requires wood and nails. - When a problem seems trivial we often go for the quick fix: The three R's: Reboot computer -> Restart services -> Restore from backup • Ben Franklin Said "An ounce of prevention is worth a pound of cure." • Don't waste time fixing the same thing again, again, and again.
"Pet servers"
- Few of them - Are given names like mail.mycompany.com - Are built to solve the task at hand (email) - When they are "sick" we "nurse them back to health" -Cant automate them because there is something unique about them
Firewalls
- Filter messages or keep users and devices out of private networks. - Keeps unwanted traffic from reaching specific computing devices - Keeps devices from talking to anything but their desired networks and/or devices.
Horizontal Scalability (slides)
- Horizontal Scalability or Scaling out always involves sharing load among multiple instances of the same service. - Systems must be designed to scale this way - They also require a system to direct traffic to a specific instance (load balancer)
What is a hot spare? Cold Spare? (participation)
- Hot Spare ‐‐> A spare component that is typically connected and powered on in case the primary device should fail so that the spare takes over the workload immediately upon failure of the primary devices. - Cold Spare ‐‐> A device that is not powered on and is usually sitting on a shelf in a server room.
Typical Components of a Network - Network Equipment:
- Hubs, Switches - Routers - Firewalls - Wireless Access Points
Defining your Service (slides)
- Identify your customers - Formulate an SLA
Partition Tolerance (class slides)
- If your data are distributed across these 4 servers and one of these servers becomes unavailable: - Is the system available to read/write? - Is the data you read consistent?
2-Tier Client/Server (online slides)
- In 2 Tier client/server the application is split in two parts separated by one layer of middleware. - This makes the application multi-user and multi-Site. - Common architecture in the pre-consumer Internet era of the 90's.
3-Tier Client/Server (online slides)
- In 3 Tier client/server the application is split into 3 parts. Typically with a business logic and data access layer in the middle tier. - Multi-user, Multi-Site. - Scales Vertically better than 2-tier - Majority of business logic is on the server - Common architecture during the Internet boom.
Computer Hardware
- Input: Keyboard, Mouse - Output: Screen - Processing: CPU - Storage: RAM / SSD
Understanding Scope (online slides)
- Just how big is the problem? What are the boundaries? - Work from the outside in (widest scope, to narrowest scope) - The scope of the problem will dictate the manner in which you react to it. E.g. The Website is down - Assumption: The user is in their office (not starbucks)
Service Reliability (slides)
- Keep it simple - Don't be the only expert - rely on the community for support and best practices - Use Open standards (a lot more info in online slides too!)
What is the role of managing IT
- Keeping essential services operational, while trying not to work 24x7x365. - Providing people access to the resources they need, but not access to the resources they don't. - Keeping internal costs down, but productivity up. - Fixing problems reported by end-users, with a keen eye towards strategic planning. - Managing the work and keeping everyone happy.
What types of workstations were covered in the readings? (participation)
- Knowledge worker (Have unique needs) ‐ Specialized telescope hooked up into desktop - task worker (non‐unique needs and easy to replace) ‐ Ex: Our computers, all installed the same way, all our needs are met with them despite the class - Hardware categorization - desktop, laptop, phone, tablet
"Cattle servers"
- Lots of them - Are given names like s0045.mycompany.com - Are built to do the same thing: compute and storage - When they are "sick" we "take them out of commission" and replace with another. "Treat Servers like Cattle, Not Pets"
Understanding Assumptions (online slides)
- Make sure you and your customer have a mutual understanding of the situation before attempting to debug the problem. - Try to gather as much information from the customer as you can so that neither of you are making false assumptions. E.g. I cannot print - Which printer is the customer using? Don't assume a specific printer, or their default printer. - They might not be able to print by design. I.e. They don't have permissions to use a specific printer. - Ask the customer for specifics, of course.
Responsibilities of an OS
- Manage primary and secondary storage - Move applications and their data between the two types of storage. - Provide support for various hardware devices - Provide a consistent user interface.
Active Directory (online slides)
- Microsoft's Directory service - Used to manage users and computers in the enterprise. - Hierarchy: Forest, Trees, Domains - The Namespace is flat at the domain level - AD Implemented using LDAP + DNS + Kerberos - LDAP used for user, group, computer, policies and more. - Kerberos used for computers on the domain and user logons - DNS is used for naming computers on the domain
Managing IT - Strategic
- Migrations to new Platforms - Identifying Black Holes / Time Drains - Alignment with Organizational Strategy - Innovation
Hierarchical namespace (online slides)
- Namespace is organized in a tree - Duplicates can exist at nodes in the tree, but the overall name is globally unique. - DNS is an example of such a namespace: www.syr.edu www.microsoft.com [email protected] [email protected]
Wireless Access Point (WAP)
- Networking hardware device that allows a Wi-Fi compliant device to connect to a wired network. - Typically connects to a router (via a wired network) as a standalone device, but it can also be an integral component of the router itself. - A WAP is different from a hotspot, which is the physical location where Wi-Fi access to a WLAN is available.
Evard's Cycle for Workstation Configurations (slides + online)
- New refers to a completely new machine - Clean refers to a machine on which the OS has been installed but no localizations performed - Configured means a correctly configured and operational environment - Unknown is a computer that has been misconfigured or has become out of date - Off refers to a machine that has been retired and powered off
flat namespace (online slides)
- No duplicates can exist in a flat namespace. - SU NetID is a flat namespace: no two people have the same named key: tajorgen, sjrieks, relstad - User accounts are a flat namespace.
What Are You Outsourcing? (slides)
- Nothing --> your server, your data center - Co-Location --> your server, their data center - Infrastructure as a Service (IaaS) --> their server, their data center.
Ticket Tracking systems
- Permits customers to submit request electronically - Without ticket tracking systems WIP get lost, forgotten, or confused - Permit team to share work better - Shows history of ticket - Introduces degree of reality into the SA customer relationship - End-Users file requests, or they are logged through the helpdesk. - A Triage process assigns work to those qualified to complete it and prioritizes it.
• Explain primary and external dependencies for a service? (participation)
- Primary Service Dependency ‐ the core system reliability excluding any external dependencies - External Service Dependency ‐ influence a service's reliability
Explain what is meant by a public / private internet address?
- Private IP address: used with a local network - Public IP address: used to communicate outside the network
Managing IT - Operational
- Problems / Issues - Feature Requests - Training End-Users - Maintenance / Patches / Upgrades
Software as a Service (SAAS) (online slides)
- Provides you with access to already developed applications that are running in the cloud. - The access is achieved by cloud clients and the cloud users do not manage the infrastructure where the application resides, eliminating with this the way the need to install and run the application on the cloud user's own computers. - This is method requires the least amount of IT skillsets in house, but also reduces or eliminates flexibility and control over how the service should function. - Sales Pitch: "We give you the apps, all you need to do is your job!" - Examples: Salesforce.com, Office 365, Google Apps, Quickbooks Pro online, Draw.io
ROI
- ROI is a type of calculation designed to help managers assess the economic value of an investment through its potential - ROI = (gain-cost)/cost - Example gain=$7,500 cost=$5,000 ROI=50% - Positive ROI is good, negative is bad. - ROI is used in IT to help compare similar IT investments. - In IT, typically ROI is calculated over the expected lifecycle of a system or over 3 years (average life expectancy) Reading: http://www.webcitation.org/70Hze3GPy
• What are the two types of monitoring? Why are both important? (participation)
- Real time - observing service activity ‐‐> important events are passed along from computers to humans - Historical - looking through trends and logs (everything is logged) and figure out how to more accurately predict your behavior and interests
Redundancy vs. Scalability (slides)
- Redundancy is not scalability. - Scalability addresses performance of a system to do work - Redundancy addresses availability of a system to do work
RAID (online slides)
- Redundant Array of Inexpensive Disks - A technique to provide storage that is larger, more reliable and faster than what a single disk drive can provide. - The RAID array of Physical Disks is treated as one logical Disk. (known as a LUN, logical unit number) - Some RAID supports the use of Hot Spares in the event of a drive failure.
Data Access Layer (online slides)
- Responsible for CRUD (Create, Read, Update, Delete) Operations - Code which transforms operations into the DSL (Domain specific Language) to communicate with the database. (Typically SQL).
Horizontal "Scale Out" (slides)
- Run the service over multiple systems, and orchestrate communication between them. - Harder, but massive scale. - Overhead to manage nodes.
Service Level Agreements - Cloud (online slides)
- SLAs set expectations for both parties (client and cloud provider) - Identifies the specific parameters and minimum levels required for each element of a service. - Affirms your ownership of data stored on a cloud provider's system, and your rights to get it back. - Details the infrastructure and security standards to be maintained. - Specifies your rights and costs to continue and discontinue use of the service.
Rack servers (online slides)
- Server hardware in configured in to fit in a Rack chassis. - Measured in Rack Units (U's) - Servers Accessible via Front/Back - Server can be maintained, repaired and upgraded while in the rack.
Multi-tasking / Task Switching
- Since Primary Storage is limited OS's cannot load every application in memory. - The currently used application is in RAM, while the other applications are spilled to virtual memory in the background ( a form of secondary storage). - The more applications you load into primary memory, the slower your computer will run as it has to switch between applications.
What is state? What is irreproducible state?
- State: How your application currently runs - Irreproducible state: Something you can't reproduce --> Configured it in a way where you can't quickly edit it
TCO
- TCO a calculation designed to help managers assess the economic value of an investment through its cost. - In the IT world, your investment is typically a service or asset. - TCO is a useful way to compare similar investments. - TCO calculations consist of both direct and indirect costs Reading: http://www.webcitation.org/70HzNwXIH
Enterprise Service Bus (online slides)
- The ESB is a software application which manages the communication among independent systems. - It provides a consistent messaging API and guarantees delivery of information. - It's a more robust middleware replacement used as the message backbone for N-tier applications. - Multiple applications share messages across the same bus. This is the foundation of Service-Oriented Architecture (Service-Oriented Architecture)
Micro Services (online slides)
- The Internet ushered in major changes for application development. - The SOAP and REST protocols over HTTP made it easy for developers to divide up the layers of their application and split business logic into manageable microservices. - These microservices manage a single responsibility, making the application easier to update and manage. -Ex: - Browser and Mobile app are clients - HTTP and REST API's are the Middleware - Separate Services for each business capability of the application
What is Scalability? (slides)
- The capability of a system to handle an increased amount of work. - We see this all the time (Ex:): - Doing laundry at home versus the laundromat - Cooking for friends versus catering a party for 500 people - Walking to work versus riding a bike versus driving a car - Having friends help you with your wedding invitations versus doing them yourself.
Infrastructure as a Service (IAAS) (online slides)
- The most basic cloud-service model - Provides you with virtual infrastructure, for example servers and data storage space. - Virtualization plays a major role in this mode, by allowing IaaS-cloud providers to supply resources on- demand extracting them from their large pools installed in data centers. - High level of flexibility, but requires greater IT skillsets. - Sales Pitch: "Let us handle your hardware (as virtual machines). You handle the rest" - Examples: Amazon EC2, GoGrid, RackSpace
Assets (online slides)
- The user's identity - login, password, personally identifiable information - Network bandwidth - denial of service, bot-nets - Storage / Disk space - warez - Data - the most important asset of them all - Reputation - one incident can ruin a reputation.
One Size Does Not Fit All (datasets) (online slides)
- There is no one database management system that can handle the complexity and variety of data found today. - This is why different systems exist to manage different types of data that vary in: Structure, Size, Rate of change - We've learned the hard way that not all data problems are nails, and there is more than just the hammer.
What are the uses of logs and benefits of logging? (participation)
- Through logging you can see where resources can be best allocated (predictive analysis), and if there is a problem we can fix it based on past behavior. - Root cause analysis ‐‐> just looking at the "here and now" doesn't fix the problem
Why do we need a network?
- To communicate and share sources between multiple computers - To connect to other networks. The Internet is a connection of networks.
Managing operational Work
- Track ALL Operational Work in a system. - Use A Ticketing System to track work. - Use A Kanban board to manage the work
TCP/IP
- Transmission Control Protocol/Internet Protocol - Basic communication language or protocol of the Internet or private networks. - Consists of IP address + Logical Port - IP Address == Destination Device - Port=="Channel"underwhichcommunicationoccurs.
How does Infrastructure as Code related to DevOps? (participation)
- Treat your infrastructure as if it were code! (Recall: Treat Servers like Cattle, Not Pets) - Store configurations, dependencies and scripts to bootstrap your systems in a source code management (SCM) system like Git. - This allows you set-up and tear down environments quickly and easily and deploy your systems in Dev, Test or Production. - Servers are commodity / utility resources, and not at all strategic. A perfect scenario for cloud computing!
Infrastructure as Code Methodology
- Treat your infrastructure as if it were code! (automate everything!) - Store configurations, dependencies and scripts to bootstrap your systems in a source code management (SCM) system like Git. - This allows you set-up and tear down environments quickly and easily and deploy your systems in Dev, Test or Production. - Servers are commodity / utility resources, and not at all strategic. -"Build reproducible infrastructure or things you can replace ‐‐> automates tasks" - "Managing and provisioning computer data centers through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools."
servers have these hardware characteristics:
- UPS - Network Redundancy - RAID - KVM
Encryption and Hashing (online slides)
- Unencrypted data is called plain text ;encrypted data is referred to as cipher text - Encryption is the conversion of data into a form, called a cipher text, that cannot be easily understood by unauthorized persons or systems. - Decryption is the process of converting encrypted data back into its original form, so it can be understood. - To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. - Hashing is a one-way cipher. The text cannot be decrypted. Passwordsshouldbestoredashashes.
IPv4
- Utilizes 32bits for internet addresses - Allows 4.29 billion possible unique addresses - Format of xxx.xxx.xxx.xxx, where xxx is 0 to 255 - 192.168.0 is a class C subnet (containing 255 addresses) - 192.168.0.10 is an address of a specific device on that subnet - A subnetwork or subnet is a logical subdivision of an IP network.
Blade Servers (online slides)
- Very high density: They offer the maximum horsepower for the allotted space. - Pros: Flexible, High-Performance, Can Grow with your needs - Cons: Expensive, High power / cooling demands, Vendor Lock-in
How does Virtualization differ from Containerization?
- Virtualization of server vs virtualization of the service/application - Containerization focuses on trying to virtualize the service independent of the server itself (independent of the OS)
Understanding Interdependencies (online slides)
- When you know the scope, next check the interdependences. - What systems and services does that task rely upon? - What systems and services do those rely upon? E.g. "My computer will not send E-Mail" - Assumption, Scope: Problem is organization-wide - E-Mail depends on SMTP to send mail. - SMTP needs the DNS service to work properly. - Check these"outside in" DNS -> SMTP -> E-Mailserver
Popular Operating Systems
- Windows - Desktop / Server - Apple OSX - Desktop / Server - Linux - Desktop / Server (Comes in many distributions Ubuntu, RedHat, etc.) - Android - Mobile - iOS - Mobile - ChromeOS - Desktop
How is a server different than a workstation? (participation)
- Workstations have unique purposes for individuals - Servers are designed around multiple people
Service Maintenance (slides)
- Yes, there will come a time when you will need to deny service (Make it unavailable) - Upgrades to hardware / OS / Service itself - Plan and advertise your service outages so your users can plan accordingly. - Make sure your outage complies with your SLA.
Service Monitoring & Logging (slides)
- You cannot offer good service if you don't monitor. - You cannot measure unless you are logging activity. - If you're not measuring it, you're not managing it. Monitoring == real-time Logging == historical
What aspects of a service should be monitored? (participation)
- analytics (real time or historical) - A good service will log everything you do on a website
How many levels of redundancy are in RAID5? (participation)
1 - allows for 1 failure to happen in RAID5
What are the 4 goals of information security? (participation)
1 Data protection 2 Data integrity 3 System integrity 4 System availability
How many Megabytes in a Terabyte? (participation)
1,000,000
Elements to Understanding a Problem (online slides)
1. Assumptions - Your own and the user's assumptions of how things work. 2. Scope - The size of the problem. Just one person? The entire company? 3. Inter- dependencies - What other systems / services does this problem rely upon?
SSL - how it works on the web (online slides)
1. Client request 2. Server response 3. Key exchange 4. Cipher negotiate 5. Client http get 6. Data transfer
Disaster Recovery Plans (online slides)
1. Define (un)acceptable loss. (Data? Productivity? Re-Creatable data? At what cost?) 2. Back up everything. (Backup data, metadata (config), and instructions on how to restore your system.) 3. Organize everything. (Can you find the backup tapes you need when disaster strikes? Make sure everything is clearly labeled.) 4. Protect against disasters. (Natural disasters with high probability and many more.) 5. Document what you have done. (Plan must be detailed enough for people to follow in a disaster w/o additional info. Hard copies are key.) 6. Test, test, test. (A disaster recovery plan that has not been tested is not a plan; it's a proposal.)
Major Components of a data center (online slides)
1. Location 2. Access 3. Security 4. Power, Cooling, Humidity 5. Fire Suppression 6. Racks 7. Cable Management 8. Communications 9. Console Access 10. Workbench 11. Tools, parts, etc (online slides)
Application Architectures (rated by complexity) (slides)
1. Monolithic 2. Monolithic over distributed storage 3. Two-tier thin client 4. Two-tier fat-client 5. Three Tier 6. N-Tier 7. Enterprise Service Bus 8. Micro Services
What are the 5 responsibilities of the operating systems kernel?
1. Process Management 2. Memory management 3. input/output management 4. network management 5. security
OS / Server Hardening (online slides)
1. Secure the physical system. 2. Install only necessary software. 3. Keep security patches up to date. 4. Delete or disable unnecessary user accounts. 5. Use secure passwords. 6. Disable remote access except where necessary. 7. Setup least privilege access. 8. Run publicly accessible services in a jail. 9. Configure firewall on each host. 10. Document security configuration. 11. Secure password management. 12. Use secure management endpoints 13. Using a management framework 14. Reduce/Remove elevated credentials
Essential skills of the IT professional
1. Technical Knowledge 2. Customer Focused* 3. Creative Thinking / Problem Solving 4. Understanding of the business 5. Time Management *Most important --> need to be able to speak to audience
2-tier, 3-tier, n-tier (lab concept)
2-tier: basic client/server relationship 3-tier: client, application server, data or database server n-tier: type of network architecture in which several servers, specialized for particular tasks, may be accessed by a client computer to perform some activity, such as retrieving a bank balance Lab F: 2-tier: This is a classic example of a 2-tier client-server application architecture with web browser on your host being the client and the Docker container running the Nginx web server being the server of course. 3-tier: "What makes this example 3-Teir is we have: a client, the web browser a Web server, Nginx, which forwards requests on tcp 80 to the MKDocs server on port 8000 business logic server, MKDocs which generates the HTML on tcp 8000" n-tier: "It's the classic example of the benefits of an N-Tier application - ease of use for the end user as the HTML is being created by the WordPress application itself based on user actions from its friendly user interface."
3-2-1 Data Strategy (online slides)
3 Copies of your data 2 Copies are backups (one is "live") 1 Backup Copy is Off-Site
Explain the 3‐2‐1 data management strategy (participation)
3 Copies of your data 2 Copies are backups (one is "live") 1 Backup Copy is Off‐Site
What do the numbers like 6ms mean in context of the tracert command?
6ms is referring the round trip time (RTT) that the tracert command calculates for each router along the way. In the lab, an output of 61 milliseconds was considered "longer" and <1 milliseconds was considered "quick" so I believe that 6ms is a relatively normal hop time.
Write a docker command to run the command echo "hi" on the image ubuntu.
> docker run ‐ti ubuntu:latest echo "hi""
Write the Linux command to find the files that begin with the letter t in the /bin folder.
> find ~/Documents/bin ‐name "t*" I used the find command to look for the /bin folder but I could not find it. So I wrote this code assuming the bin folder is located within the Documents folder.
Write the Linux command to list files in a folder two folder up from the current working directory.
> ls ../..
Write a command to check for open ports on google.com ?
> nmap google.com
Which command do you use to find the open ports on a host?
> nmap localhost
Write a command to lookup the IP address for michaelfudge.com using the dns server 1.1.1.1?
> nslookup michaelfudge.com 1.1.1.1
Write a command to ssh into the server elephant.com as user dumbo?
> ssh [email protected]
Write the Linux command to move a file named a.txt in the Documents folder into the Desktop folder. Note: Assume both folders are the same parent directory.
>mv Documents/a.txt Desktop
Workstation Management Frameworks
?
What is Active Directory? (online slides)
A Directory service developed by Microsoft that uses a hierarchical structure to store information about objects on the network. The differentiating component of this directory implementation vs. others are the types of objects that it tracks.
Computer Network Definition
A computer network is two or more devices connected together using a telecommunication system for the purpose of communicating and sharing resources. A connection between any two communicating devices (computer and printer, or headset and smartphone) could also be considered a network.
What is a server?: (quiz)
A computer that supplies services to other computers.
An IP address is a numeric quantity that identifies... A computer to other devices on the network The manufacturer of a computer The physical location of a computer The hardware address of a network adapter
A computer to other devices on the network
reverse proxy (lab concept)
A device that routes incoming requests to the correct server. Lab F: "Typically the reverse proxy configured on a public IP address and handles forwarding HTTP traffic to multiple web applications on a private network."
What is a load balancer? (participation)
A load balancer separates any given workload evenly between several active servers and if one goes down the others will pick up the slack.
What is the purpose of establishing well known ports for services?
A lot of common services run over the same port, so, to ensure consistency and make it easier for clients to consume the service, common services run over the same port.
What is a namespace? What are 4 common ways to choosing names? What are the two types of namespaces? (participation)
A namespace consists of a set of defined and named keys and the attributes associated with each of the keys.Four common ways to choosing names: Formulaic, Themeatic, Functional, Descriptive Flat ‐‐> No duplicates can exist in a flat namespace Hierarchical ‐‐> Namespace is organized in a tree; Duplicates can exist at nodes in the tree, but the overall name is globally unique
Consumer IT
A person that buys Computerized systems generally for personal use - Consumer IT is not managed in an organized fashion because it is not mission-critical - Point to the simplicity, ease of use, and hassle-free nature of the digital services they provide
Explain the purpose of a playbook file. What are its key advantages? (lab)
A playbook files in one which can run multiple Ansible tasks in addition to providing some additional configuration common across all the commands. This comes in handy when you need to make a single change that requires several steps and would rather not issue each Ansible sequentially.
What is an HTTP reverse proxy? Why is it used? (lab)
A reverse proxy is a server in front of the web servers and it forwards client requests to those web servers. They are used to help increase security, performance, and reliability.
Server vs. service (slides)
A server is a computer. A service is an offering provided by server(s).
What is a Service? What are the qualities of a good service? (participation)
A service is your application. A good service has to be reliable, resilient, performant.
Nameservice (online slides)
A service which manages a namespace
A namespace consists of : (online slides)
A set of defined and named keys The attributes associated with each of the keys
microservices
A software architecture that is composed of smaller modules that interact through APIs and can be updated without affecting the entire system.
What is one, some, many? (participation)
A way to incrementally roll out changes and updates to devices across a network. You see how it affects one workstation, then some more, and then all (incremental testing of the update across changes on a network).
ACID vs. BASE (online slides)
ACID - Atomic: Everything in a transaction succeeds, or the entire transaction is rolled back. - Consistent: A transaction cannot leave the database in an inconsistent state. - Isolated: Transactions cannot interfere with each other. - Durable: Completed transactions persist, even when servers restart and so on. BASE - Basic availability: Data can be read and written to any node. - Soft-state: Nodes may change over time, even without direct updates. - Eventual consistency: At some point all nodes will have the same data.
data center requirments
Access, Security, Cooling, Power, Fire Suppression, Cable management, Communications, Console Access (KVM), Workbench (Tools, Parts), Alternative data centers (sometimes) (online slides)
Incremental backup (online slides)
Advantages: quicker backup times, as only changed files need to be saved. Disadvantage: longer recovery times, as the latest full backup, and all incremental backups up to the date of data loss need to be restored.
Differential backup (online slides)
Advantages: quicker recovery time, requiring only a full backup and the latest differential backup to restore the system. Disadvantage: for each day elapsed since the last full backup, more data needs to be backed up, especially if a majority of the data has been changed.
Service (slides)
All the parts which make an application work.
One, Some, Many (slides)
An Incremental approach to deploying changes and updates. One. Test the automated update on one computer (usually a test machine). Document the impact of the update. Some. Apply the update to a few computers. Usually, the remaining test machines of various configurations and always to the computers in the IT department. (We call this dogfooding - eating your own dog food.) Many. Apply the update to the rest of the organization, making sure to inform users of the potential impact of the update.
Examples of Consumer IT
An example of consumer is a person who purchases a new television, ipad, or downloads word.
&&
And ‐ used to run two commands together
LDAP Authentication (online slides)
Anonymous Authentication - Binds with empty DN and password. Simple Authentication - Binds with DN and password. Cleartext. Bad. Simple Authentication over SSL/TLS - Use SSL to encrypt simple authentication. Simple Authentication and Security Layer - SASL is an extensible security scheme. - SASL mechanisms: Kerberos, GSSAPI, SKEY
What is an Incident? (online slides)
Any violation of security policy: • Unauthorized access of information • Unauthorized access to machines • Embezzlement • Virus or worm attack • Denial of service attacks • Email spam or harassment
_________ is the name of a separate, dedicated pieces of hardware designed to perform a specific (or a few specific) functions. (quiz)
Appliance
3 main types of protocols
Application Layer like HTTP or SMTP Network Functionality like TCP/IP o rICMP Media Access Layer like 4G LTE, Ethernet, WiFi
Directory Server (online slides)
Application that provides a directory service.
Which of the following is a technique used to minimize "entropy" on workstation computers? (quiz)
Apply the least privileges required for end-users.
Security is the relationship among (online slides)
Assets - What you're trying to secure Threats - What you're securing from Vulnerabilities - Your weaknesses
Which of these elements to understanding a problem helps the SA understand what other systems and services this relies upon? (quiz)
Assumptions Inter-dependencies Causality Scope
We've learned that in order to debug an issue it is important to understand that there are three elements to understanding a problem. Which if these is NOT one of these? (quiz)
Assumptions Scope Inter-dependencies Symptoms
What are the three elements to understanding a problem? (participation)
Assumptions, scope, and inter-dependencies
What is AAA? Define each term. (participation)
Authentication - Verification of identity. Answers the question "Who are you?" Authorization - Verification of access. Answers the question "What can you do?" Accounting - Logging access to a service. Answers the question "What did you access or do?"
What do we need to be concerned with? (online slides)
Availability (e.g. 99.99% during work days, 99.9% for nights/weekends) Performance (e.g. maximum response times) Security / privacy of the data (e.g. encrypting all stored and transmitted data) Disaster Recovery expectations (e.g. worse case recovery commitment) Location of the data (e.g. consistent with local legislation) Access to the data (e.g. data retrievable from provider in readable format) Portability of the data (e.g. ability to move data to a different provider) Support and Problem Resolution (e.g. call center) Change Management process (e.g. changes - updates or new services) Dispute mediation process (e.g. escalation process, consequences) Exit Strategy with expectations on the provider to ensure smooth transition
5.When troubleshooting, sometimes a fix is out of your control. Which of the following items depicts this situation? (quiz)
Bad hardware All of the above None of the above Faulty software Policy issues
How to find the root cause (online slides)
Be Systematic - Form a hypothesis or theory - Test and record the results - Make changes as necessary Use - Process of elimination - Successive refinement Review - Recent changes made to the system or service in question - Changes risk the opportunity to introduce new problems
Why are there different types of servers like Towers, Rack Mounted, and Blades? (participation)
Because each company needs servers for different purposes and they come in different sizes as well
Why is it that the more disks you include in a storage array the greater the chance of failure? (participation)
Because the more hard drives you have the higher the chance of system failure will be
Why is scaling out to more nodes/instances easier than scaling back to fewer nodes/instances? (lab)
Because when scaling back to fewer nodes you have to get rid of the nodes already orchestrated on the network
Why is cost both an advantage and disadvantage in cloud computing? (participation)
Benefit: Helps companies avoid upfront costs of infrastructure Disadvantage: Increased long term costs over in house solutions
Drawbacks to Cloud Services (online slides)
Big data - Not easy to move huge datasets in and out of the cloud. Control - Reduced control for customers who want or need it. Integration - The silo effect exists; when you have multiple cloud services hosting your data, integration across them and with your own network can be daunting (if possible at all). Security - how do you know your data is safe? Costs - Increased long term costs over in house solutions. Customization - Can reduce flexibility of services offered Support - Places reliance on cloud provider to fix issues Features - often features are not on par with in house solutions Regulatory Compliance - some industries are not permitted to store data off premises.
Based on our discussion about centralization/decentralization, under what model should Syracuse University operate and why?
Both. For certain uses such as email, it is easier and makes more sense for Syracuse to have a centralized system because there are not many major differences in the needs of students and it will result in a more seamless experience. However, for labs, Syracuse uses a decentralized system because students in different majors need different applications and computer power and it is a more cost effective approach for that reason.
What is meant when we refer to the term "bottleneck" when managing our WIP for an IT team?
Bottleneck - point in a system where the WIP (work in progress) accumulates
N-Tier (online slides)
Break Up the Business Logic Even More... into as many Tiers as required. That's a lot of middleware. How do we deal with all that inter-process communication?
What are the two ways you can network containers in docker?
Bridge: network used by containers that don't specify a preference to be pout in any other network Host: used when you want a container to not have any network isolation at all. --> Has security concerns
Ways to acquire Data Center space
Build - $100 - $400 per square foot to build Rent - This is known as a "co- location Facility" - IaaS - Paas you don't care about the physical servers, just the services running on them. Everything you do is for the services. (online slides)
Varieties of data (online slides)
Business data→Sales and Orders user generated → Tweets and Posts device generated → Phones and IoT
Running larger virtualization hosts with multiple VM guests within each is an example of: (quiz)
Buy in bulk, allocate fractions
The term referring to computers that do not store their state and therefore are replaceable is.... Pets Cattle Hosts Guests
Cattle
Common IM Providers (class slides)
Central Authentication LDAP Active Directory (LDAP, Kerberos) Federated - multi-institution Shibboleth SSO Protocols OAUTH2, CAS, SAML2
Centralized vs Decentralized
Centralized - Economies of Scale - improved efficiencies and reduced cost - Encourages specialization among IT staff as they become proficient in managing at scale. Decentralized - Faster response times and more agility. reduced costs. - No single point of failure within a service. Core infrastructure services should be centralized, services strategic to the operations of a unit should be decentralized.
Why is it easier to scale a service in the cloud? (participation)
Cloud providers take advantage of the sharing of redundant resources to reduce costs and increase scale
Essential Components of any System
Code - The functionality (Input) Data - The inputs and outputs to that system (output) Infrastructure - The Software required to run the code and store the data
polyglot persistence (online slides)
Coexistence of a variety of data storage and management technologies within an organization's infrastructure
CLI
Command Line Interface - A means of interacting with the operating system - Doesn't use much CPU processing time
Now that you've studied Cloud Computing and DevOps, how are these two terms related? (participation)
Companies can use cloud computing (which is a term focused more around technology and services) as a tool within DevOps (which is a term focused more around the process and process improvement) to achieve their goals of technological change and improvement.
What is IT
Computerized systems consisting of hardware, software and/or networks intended for the storage, retrieval, processing, and transmission of data and information, usually within an organizational or business context. - "Something that you Give data and it provides output"
cat
Concatenate - allows user to create files, view files, concatenate files and redirect output in terminal or files (allows yourself to see the output)
Classic Issue With Monolithic + Storage (online slides)
Concurrency was not built into the application!
How is consumer IT managed?
Consumer IT is not managed in an organized fashion because Consumer IT is not mission-critical. - Have you reset your home router? - Does your Thanksgiving consist of "fixing" your parents' computer? - When there's an issue with your phone or TV, do you Google how to fix it? -With consumer IT, you can wipe info and reset computer if not working (cant wipe info with enterprise)
What is a container?
Containers are a virtualization technique which can run under the same operating system while being independent; they are "self-contained" as far as the files they use.
Examples of Enterprise IT
Contract Management, Patch Management, Software Packaging, Application Distribution
Service Interdependencies (slides)
Core/Infrastructure: Essential to all other services. Minimal interface. Network: Basic interface with underlying protocol. Application: Complex interface, several protocols (Services at the application level depend on lower- level services for their operation).
Services every IT professional should know (slides)
Core: NTP, DNS, DHCP, LDAP, Kerberos Network: HTTP, SSL, SSH / SCP, NFS, RDP, SMTP, OAuth2
Benefits of Cloud Services (online slides)
Costs - Helps companies avoid up front costs of infrastructure Anywhere/anytime - You can use the service whenever and wherever you wish (provided you have an internet connection) Management - Servers/services can be partially or fully managed by the cloud provider Network - Cloud computing can deliver increased bandwidth Economies of Scale - Cloud providers take advantage of the sharing of redundant resources to reduce costs and increase scale. Scalability - In addition it is easy to scale cloud services because providers have already invested in infrastructure. Deployment - quick deployment compared to in house solutions. Backup - Backup and recovery are sped up and simplified since the data resides at the cloud provider.
Outsourcing your email service to a Cloud provider such as Google is an example of ___________.
DAAS SAAS PAAS IAAS
What is the acronym for the common network service that translates names to IP addresses? DNS NAT DHCP SMTP
DNS
Which service translates names such as www.syr.edu to IP addresses?
DNS
Provide 2 examples of a hierarchical namespace which is global. (participation)
DNS, a folder (a global one though)
Goals of Security: (online slides)
Data Protection - Keep data safe Data Integrity - Keep data accurate System Integrity - Keep systems accurate System Availability - Keep systems operational "To protect and to serve your systems and data."
Why shouldn't you just throw out / recycle your computer when its no longer useful to you? (participation)
Data and personal information are stored on a computer, and the data is still likely there. Even if you try hard to wipe your information, some files sometimes still remain. (Better idea is to shred it or burn it.)
what can we do to reduce risk? (online slides)
Defense in Depth
Any service you provide must be: (slides)
Defined, Reliable, Scalable, Monitored, Maintained, Supported
What are the 6 characteristics of providing good service? (participation)
Defined, Reliable, Scalable, Monitored, Maintained, and Supported
Asynchronous Replication (online slides)
Defined: Data is refreshed or synchronizes periodically (most commonly done once per day) during periods of inactivity (night). • Advantages of asynchronous replication • Typically is less expensive. Don't need to invest in sometimes expensive data replication software. Can use free tools, ex: Robocopy. - Can be used to restore data from. If your data files are only refreshed nightly, the target location can be used to restore data from in the event a user deletes or corrupts data during the day or a user deletes a file. • Disadvantages: • Data is not kept 100% up-to-date at secondary site. If you run a bank or hospital, this may cause health, legal, or financial issues !
Synchronous Replication (online slides)
Defined: Data is replicated from primary site to secondary site in "real-time - automatically". No period sync process Advantages of synchronous replication: • Dataisalwaysup-to-dateatsecondarysite.Don'tneedtoworry about what 'work' needs to be re-entered by your users. • If youarereplicatingfromSANtoSAN,youmaybeabletouse some of the DR hardware at secondary site for non-production purposes (allows your servers to do double-duty) such as to run reports. If needed, this DR hardware can quickly be re-setup for production need. Works great if you are using virtualization. Disadvantage:• Costsmoney,mayrequiresadditionalproducts(cost),andadds complexity to running systems
Disaster Recovery Plan (online slides)
Defined: The process that allows a company to recover all systems, data, services, etc. May take hours, days, or weeks depending on number of systems used and their complexity. Help prevent a IT Disaster From Happening in the 1st place: • Implement fault tolerance components and a solid backup and recovery strategy • Types of Fault Tolerance components: (RAID'ed hard drives• Redundant paths to your IPS or redundant IPS' • Backup power via UPS or generator(or both)• Mirrored copies of data located off-site• Mirrored servers (clusters)• VMWare or imaged servers) • Read manuals and pay attention to what you are doing. • Isolate systems from other systems or to restate, don't run multiple services on the same server.
Examples of computers
Desktop, tablet, smart thermostat, amazon echo, smart watch, car media console
Incident Response Goals (online slides)
Determine if a security breach occurred. Contain intrusion to prevent further damage. Recover systems and data. Prevent future intrusions of same kind. Investigate and/or prosecute intrusion. Prevent public knowledge of incident.
Workstation computers should be a fungible resource, meaning any unit should be able to substitute for any other. Which of the following would be a limit in trying to attain 100 percent fungible systems? (quiz)
Different software installed on different workstations
Of Differential or Incremental, which offers a quicker recovery time and why? (participation)
Differential - because it only includes changes sense the last backup.
Direct vs Indirect Cost
Direct Costs: Are directly accountable to the investment (Eg. Hardware, Software, Operation, and Admin. Costs) Indirect Costs: Are not directly accountable to the investment (Eg. End-user operations (support), Downtime, Loss of Productivity, Switching Costs)
Some causes of "entropy" in a workstation computer
Direct causes - Installation of software (conflicts, incorrectly configured) - Changing of hardware drivers - Altering system settings Indirect causes - Repetitive use - Malware - System degeneration (hardware failure, disk fragmentation, corruption)
Directories vs Meta-directories (online slides)
Directories are not Meta-directories. Directories store named keys, but do not provision them.
Directories (online slides)
Directories offer a database for your namespaces.
4. What are disaster recovery and business continuity, and why are they different? (participation)
Disaster Recovery - The process that allows a company to recover all systems, data, services, etc. May take hours, days, or weeks depending on number of systems used and their complexity Business continuity - The organization's ability to continue to function during and after the disaster Differences - Business continuity is a part of disaster recovery (it's like your fall back plan).
less
Displays file content or command output one page at a time in terminal
Which is NOT one of the three primary server hardware strategies? (quiz)
Divide and scale
Advice for managing the balance of strategic vs operational work while managing IT:
Do Not Get So Bogged Down in the Operational That you Neglect Strategic Work!
small batches principle
Doing work in small batches gives you a sense of success and accomplishment along the way, and proves as a better model long term, opposed to doing things in one large batch.
What is the name service for computers? For people? (participation)
Domain Name System (DNS) for computers, yearbook? Directory? Social security number?
What is Polyglot Persistence? (participation)
Don't Settle for One
What determines whether an application is 2‐tier, 3‐tier or n‐tier? (lab)
Each "tier" can also be referenced as a layer, and they refer to which or which combination of layers within an application are being utilized.
What exactly is a workstation? Why are they / should they be a fungible resource? (participation)
End user focused device, one person can use it at a time (single user) ‐ designed to run applications that users select NOT DESIGN FOR MULTI USER). If that workstation fails, you should not lose everything...each workstation should not be unique (w/ applications, data) ‐ should not contain anything on there that cannot be replaced. • NOTHING ABOUT THE DEVICE SHOULD BE IRREPLACABLE
What is end‐to‐end testing? (participation)
End‐to‐end testing is a technique used to test whether the flow of an application right from start to finish is behaving as expected
How is Enterprise IT managed?
Enterprise IT Management Is Organized • Runs the business. • Needs to be reliable and stable. • Many methodologies exist.
Enterprise IT
Enterprise IT, also known as enterprise-class IT, is hardware and software designed to meet the demands of a large organization. -In comparison to consumers and small companies, an enterprise has greater requirements for availability, compatibility, reliability, scalability, performance and security, among other things. - Enterprise IT management is organized - Runs the business - Needs to be reliable and stable
Who Manages Enterprise IT?
Entry Level • IT Support Technician• Systems / Network Administrator • Web / Application Developer Mid-Level • IT Analyst• IT Architect• IT Project Manager Senior • Directors / Officers in an area Data, Secuirty • Enterprise Architect• CTO, CDO, CIO
What is the CAP Theorem? (participation)
Eric Brewer: You can only have two of the following three guarantees: 1. Data consistency: all nodes see the same data at the same time 2. Data availability: assurances that every request can be processed 3. Partition tolerance: network failures are tolerated, the system continues to operate • Relational systems are designed to be consistent and available and therefore cannot be partition tolerant. • If I deposit money in an ATM that is disconnected from the network, how can my bank know about that deposit?
CAP Theorem of Distributed Data Stores (online slides)
Eric Brewer: You can only have two of the following three guarantees: 1. Data consistency: all nodes see the same data at the same time 2. Data availability: assurances that every request can be processed 3. Partition tolerance: network failures are tolerated, the system continues to operate • Relational systems are designed to be consistent and available and therefore cannot be partition tolerant. • If I deposit money in an ATM that is disconnected from the network, how can my bank know about that deposit?
Two-Factor Authentication (online slides)
Example factors are: • Something the user knows (password, PIN) • Something the user has (token, smart card, cell phone) • Something the user is (biometric characteristic, Physical Location- GPS) • RSASecureID,GoogleAuthenticator,DuoSecurity Differences? • RSA-Type your full password prior to Logon • SmartCard-don't type your password, just a PIN Still In Memory on the Destination
What type of spare equipment should you have in a data center? (participation)
Extra motherboard or power supplies or server.
Hosting your company's client computers in a cloud provider such as Amazon is an example of ___________.
FAAS SAAS IAAS DAAS
With Service Outages... (online slides)
FIRST Fix it quickly! - Get your users back up and running, ASAP - That is the top priority first - Do what you can to make sure it stays up until you can.... THEN Fix it permanently - Spend time after the fire's out getting to the root cause and then fixing the heart of the problem - That is the next top priority. - Sometimes you need to dedicate a person to fixing the problem. If you want the problem fixed for good, you need to do both!
Other Models (online slides)
FaaS - Functions as a Service / Serverless computing. - Run your code in the cloud without the worry of managing IaaS or even PaaS / Containers - Ideal for microservices architecures - Examples: AWS Lambda, OpenFaaS, Google Cloud Functions DaaS - Desktop as a Service - Cloud-based VDI (Virtual desktop infrastructure) - Examples: Mac-In-Cloud, Windows Virtual Desktop, VMWare Workspaces
thin client vs fat client (online slides)
Fat Clients: - The application itself must be installed before you can use it. - Ex: Playing a game like Madden or Fortnite, Microsoft Outlook for Email Thin Clients: - Nothing needs to be installed for specific to the application for it to be used. - Ex: Playing a game in your Web Browser, Gmail or Yahoo Mail
Ways we mitigate disasters (online slides)
Fault Tolerance the property that enables a service to continue operation amidst a failure Redundancy the duplication of components in a system to increase reliability Backups copies of point in time data stored separately from the source. Snapshots point in time copies of data stored on the same source. Service Contracts lower vendor response times in your service contracts. Store parts on the shelf.
Threats (online slides)
Financial motives - Identity theft - Phishing - Spam - Extortion - Botnets Political motives - Danish sites hacked after Mohammed cartoons. Personal motives - Just for fun. - Insider revenge.
Define scaling for performance vs scaling for resilience? (participation)
For resilience were making sure the service is available. For performance, we load balance across the nodes. Resilience would probably store data in two different data centers, performance would use one center and how fast they can get it
ipconfig/ifconfig
For retrieving IP configuration of a device
netstat
For viewing all active communications (inbound and outbound).
Naming Conventions (online slides)
Formulaic - Based on an algorithm, generic look and feel - Student001, student1002, server0001 Themeatic - Planets, Constellations, Cartoon characters - Gamera.syr.edu,rodan.syr.edu Functional - Name matches function - smtp-host.syr.edu,help.syr.edu,clock.syr.edu Descriptive - By location, resource, type, device class - How SU names its objects in Active Directory. No Method - Everyone picks their own, first come first serve. - This is how DNS registrars allocate names on the Internet. Applied uses are usually a combination of multiple approaches.
Examples of ping, tracert, ipconfig/ifconfig, nslookup on syr network
Go to 05-participation
GUI
Graphical User Interface - Provides user with ease of use
What are the two common user interfaces found in an operating system? What are the advantages of each?
Graphical interface - user friendly Command line interface - good for replicating tasks/reliability.
Network Services detailed (slides)
HTTP - Hypertext transport protocol. The application protocol for the WWW SSL -Secure Sockets Layer - an encrypted channel for HTTP traffic SSH / SCP - Secure Shell, Secure Copy. Unix/Linux remote shell and remote file copy protocols. NFS - Network File System - File sharing for unix-like computers. RDP - Remote Desktop protocol. A proprietary protocol for accessing Windows hosts over a network. SMTP - Simple Mail Transport Service. Mail routing protocol. OAuth2 - for account authentication and authorization.
What is the difference between a Hard Disk and an SSD? (participation)
Hard Disk - Older, slower, less reliable (uses read and write mechanisms to move head to access data SSD - newer, faster, more reliable. Stores data on an instantly accessible disk.
Secondary computer storage
Hard Disk Drives (HDD) / Solid-State Drives (SSD) - Slower, Less Expensive, Abundant resource on the computer - Applications and data available to use are in secondary storage.
How is hashing different from encryption? (participation)
Hashing --> a one-way cipher. The text cannot be decrypted. Passwords should be stored as hashes. Encryption --> the conversion of data into a form, called a cipher text, that cannot be easily understood by unauthorized persons or systems.
What is the method the author used to reduce the bottleneck on a senior SA team that spends most of it's time working on individual desktop PCs?
He freed up the SA's time by taking away tasks that could be done by someone else (EX: general desktop support requests).
Kanban
Helps to organize what should be done when as there is only a finite number of hours in the week. - Helpful visual - Another way to track WIP - Appropriate for a project focused SA teams - Provides transparency to stakeholders outside SA team
LDAP Structure (online slides)
Hierarchal structure - Containers are called organizational units An LDAP directory is made of entries. - Entries may be employee records, hosts, accounts etc. Each entry consists of attributes. - Attributes can be names, phone numbers, etc. - objectClass attribute identifies entry type, or schema - Schema determines the available attributes for the entry Each attribute is a type / value pair. - Type is a label for the information stored (name) - Value is value for the attribute in this entry. - Attributes can be multi-valued.
When we capture and store logs that can be used in root-cause analysis and capacity planning, what type of monitoring is this? (quiz)
Historical monitoring
If you were to add more servers to support a service you would be scaling __________. (quiz)
Horizontally
A _____ system is what your virtual machines will run on and has the primary and first installed Operating System. Host Guest Container Image
Host
What is the difference between a hot site, cold site and warm site? Which has the highest cost? Longest recovery time? (participation)
Hot site: commercial disaster recovery service that allows a business to continue computer and network operations in the event of a computer or equipment disaster - More expensive, but faster to recover a business in the event of a disaster. Cold site: a type of disaster recovery service that provides backup, but the site isn't configured to take over in the event of a disaster - less expensive, but it takes longer to get an enterprise in full operation after the disaster. Warm site: backup site that is setup similar to a hot site, but requires work to render it functional in the event of a disaster - Requires intervention and cannot accomplish seamless failover, but cheaper to employ than a hot site Highest cost: Hot Site Longest recovery time: Cold site
TCO Example - Indirect cost comparison
I can host my Wordpress Blog: 1. On wordpress.com for $48/year. TCO1 2. Or in my basement on an old PC for "free" (let's assume electricity costs add up to about $35/year. TCO2 TCO1 = $48 + Indirect Costs1 TCO2 = $35 + Indirect Costs2 $48 + Indirect Costs1 == $35 + Indirect Costs2 $8 + Indirect Costs1 == Indirect Costs2 TCO1 Costs $8 more than TCO2, but who supports Wordpress, Updates it, and deals with power outages as part of those indirect costs in TCO2? Me. Is my time worth more than $8 year? YES! Thus TCO1 is lower.
What can you do if you cannot tracert to your destination in the designated number of hops?
If the tracert is rather long, you may still want to restrict the RTTP to 10 milliseconds, but you do not necessarily have to restrict the maximum number of hops. So you can either not restrict the number of hops, or extend the restriction of the number of hops into a number that lets you get to your destination.
Why is it important to identify where your IT team spends its time?
If you identify where you spend your time you can identify where to spend your resources (or not).
In containerization technology, a(n) ________ holds the software, dependencies and information necessary to run an application. Image Container Volume Registry
Image
How is horizontal scalability as demonstrated in this lab different from the vertical scalability of the previous lab? (lab)
In this lab we ran a web application built using the Flask Web Framework through a very fast, reliable load balancer which comes with a variety of configurable algorithms for balancing load across servers on a network. Using this tool we observed how traffic was distributed by a load‐balancing application like HAProxy.
Which of the following could be a potential downside to running Infrastructure as Code? Increase in costs Increase in technical skills needed Increase in risks to infrastructure Increased risk of failure
Increase in costs
Define IaaS, PaaS, SaaS, DaaS and FaaS. (participation)
Infrastructure as a Service (IAAS) --> Provides you with virtual infrastructure, for example servers and data storage space. (The base layer of your services that you need to run as a company) Platform as a Service (PAAS) --> Cloud providers deliver you the development environment for services where the user can develop and run in-house built applications. Software as a Service (SAAS) --> Provides you with access to already developed applications that are running in the cloud Desktop as a Service (DaaS) --> Cloud-based VDI (Virtual desktop infrastructure) Functions as a Service / Serverless computing (FaaS) --> Run your code in the cloud without the worry of managing IaaS or even PaaS / Containers
What are the 4 key tasks common to all computers?
Input, output, processing, and storage
Typical Resources to Share on a network
Internet Connectivity Printers / Speakers / Devices Storage Email / Messages Web Content Databases Audio / Video
Which TCP/IP utility is used retrieve the IP configuration of a Windows computer? Ipconfig ifconfig netstat nslookup
Ipconfig
What does the ‐f option do to the docker‐compose command? (lab)
It allows the user to provide a configuration in place of the standard docker‐compose.yml file.
What is logging and why is it important for any running service? (lab)
It is a mechanism for each service to log requests to access resources which they provides. This gives administrators a complete history of attempted to access a resource, making it an important and useful function.
Why is it important to tear down the lab environment when you are done?
It is important to tear down the lab environment when you are done because if not, unused containers will continue to run on your virtual machine and take up valuable resources on your host, slowing down your overall experience.
What does it mean when you see a non‐authorative answer from a DNS query?
It means that the DNS server is making you aware that it does not contain the actual record for the name, it got it from another server.
How does netstat differ from nmap?
It shows listening connections, which processes are running the connections and which clients have connected to the port.
What is the purpose of the command apt‐get update? (lab)
It updates the list of packages from the available repositories.
LDAP (online slides)
Lightweight Directory Access Protocol - Lightweight version of the DAP based on X.500 directories. http://www.x500standard.com/ - Just an Access protocol, not a directory itself. - The directory must be implemented on the server end. Directory services which implement LDAP - OpenLDAP - Fedora Directory Server (formerly Sun, Netscape) - Mac Open Directory - Microsoft Active Directory - Novell eDirectory (NDS)
What is a link? What are the two types of links?
Link: files that are references to other files. - Hard links: point to data on the disk - Soft/symbolic links: point to a file on the disk
ls
Lists the content of a directory
Logging (slides)
Log files get very large - since they record all activity. Log file rotation - service points to a different log file after a specified interval. - Lets you backup log files - Keeps the size of the files manageable. - Log files are text and they compress nicely. How long do you keep logs? - Depends on service, depends on your policy - It's not a decision the SA should make. Ship logs to a Big Data system like Hadoop or Elasticsearch Like an insurance policy. Not very useful until the off chance that you need it... then you're glad you have it!
What Are the disadvantages of beautiful snowflakes - one service per server? How can this be mitigated? (participation)
Maintenance. You have more servers to manage, and more maintenance to do overall...you have more to manage. To mitigate this you can use the concepts of virtualization and automation.
Advantages of Directories (online slides)
Make administration easier. - Change data only once: people, accounts, hosts. Unify access to network resources. - Single sign on. - Single place for users to search (address book) Improve data management - Improve consistency (one location vs many) - Secure data through only one server.
Which of the following is a potential drawback to using Cloud-based services?
Management Backup Deployment Customization
What is Markdown? What is Markdown's relationship to HTML? (lab)
Markdown is a writing format which is easy to read, write, and edit. HTML is a publishing format so it is used to address issues that cannot be conveyed in plain text (Markdown can be used to address those).
What is a MVP?
Minimum Viable Product - The least you have to accomplish to have a usable product
Where are the Linux system logs located? (participation)
Most Linux log files are stored in a plain ASCII text file and are in the /var/log directory and subdirectory ‐ phoenixnap.com
mv
Moves items to different locations
Decentralized service model
Multiple iterations of the same service are managed and supported by individual units within the enterprise.
Which service translates IP addresses, Typically between public and private?
NAT
Which service translates Ports, from public-facing ports to a port on a private network?
NAT
Core Services detailed (slides)
NTP - Network time protocol. Keeps the clocks in sync on several hosts DNS - Domain name system - a method of IP address to host name resolution. DHCP - Dynamic Host configuration Protocol - a method of assigning IP information over the network. LDAP - Lightweight Directory Access Protocol - a hierarchal database of directory information (users, groups, organizations, etc) Kerberos - A network authentication protocol, used for securely evaluating identities over a network
What is the key to solving any problem? (participation)
Need to understand the problem
Which SAN technology uses TCP/IP? (participation)
Network Attached Storage
Idempotency
No matter how many times you run it, you're only going to get the same result. The action can only be completed once. Multiple requests for that action will not change the initial answer. ex - You may delete something on an e-commerce site. You can press delete 20 times, but its only going to delete it once. (quizlet answer)
Should a user's data be stored on a workstation? Explain. (participation)
No, if each computer stored data, it would make them not a fungible resource, and make it not replaceable if errors were to occur.• Doesn't mean workstations shouldn't store data, it just shouldn't be the primary location for that data (should be backed up or synced elsewhere)
In spite of being load balanced, does our environment still have a single point of failure? If so, what is it? How can this be remedied? ‐‐ Tough question, not sure (lab)
No, in horizontal scalability, there is no single point of failure, which is an advantage over vertical scalability.
Bash Prompt (as a root)
OS: Linux Computers Ends with a #, usually contains user and computer name. Example: root@localhost:/#
Bash Prompt (as a user)
OS: Linux Computers Ends with a $, contains user and computer name Example: scott@servera:~$
PowerShell Prompt
OS: Windows Computers Begins with PS and ends with > For example: PS C:\Users\LocalAdmin>
Encryption - SSL (online slides)
Offers secure transmission between client and server at the lowest level - socket level, sits atop TCP. Two types: - Self-signed - certificate created by the host/service you are connecting to. - CA issued - an intermediate Certificate Authority issues a certificate that both the server and client "trust" Certificate Authorities can be both public and private. - *Internet-based services ultimately require a Public CA to assure a proper trust chain be established. - Intranet-based services can utilize a Private CA as the trust can be established within the organization. - *Clients trust public CAs if they are able to obtain their public key in the browser certificate store.
Centralized service model
One service is managed and supported across the entire enterprise.
Distributed service model
One service is managed and supported by individual units with the enterprise.
What is a common method of for automating the update process on workstations? (quiz)
One, Some, Many
Files stored somewhere on my company owned network fall into this category. (quiz)
Online Storage Local Storage Removable storage Server-based Storage
Files stored on my computer fall into this category (quiz)
Online Storage Server-based Storage Local Storage Removable Storage
Type the docker‐compose command to view the mysql logs from the n‐tier example. (lab)
PS ist346‐labs\lab‐F> docker‐compose ‐f n‐tier.yml ps
Type the command to scale the service db to 7 instances. (lab)
PS ist346‐labs\lab‐G> docker‐compose scale db=7
Type the command bring up an environment and scale service foo to 8 instances. (lab)
PS ist346‐labs\lab‐G> docker‐compose up ‐d ‐‐scale foo=8
There are six categories of providing a service: Defined, Reliable, Scalable, Monitored, Maintained, Supported. Which core concept is associated with "Maintained"? (quiz)
Patching
Performance vs Scalability (slides)
Performance Problem: Is the system slow for a single user? Scalability Problem: Is the system fast for an individual user, but slow under high load?
What are the two types of docker volumes?
Persistent: Data places here will be available on the host, even when the container goes away Ephemeral: Data placed here will be available on the host as long as the container is using them; when no container is using them, they evaporate --> They'll stick around as long as they're being used, but they're not permanent.
|
Piping ‐ the process of redirecting the output of one command to the input of another command
Layers of a Modern Data-Oriented Application (online slides)
Presentation Code and layout responsible for the user interface Business Logic Transformationa l logic at the heart of what the application actually does Data Access Create, read, update and delete (CRUD) operations Database Data storage and retrieval
Components of An Application (layers) (slides)
Presentation Code and layout responsible for the user interface Business Logic Transformational logic at the heart of what the application actually does. Data Access Create, Read, Update and Delete (CRUD) operations Data Data storage and retrieval of Relevant Data.
The purpose of a firewall on computer networks is to... Prevent computers from overheating Prevent unwanted network connections from being made Allow more than 4 computers to share the same Internet connection Allow pictures and video to be downloaded from a camera to a computer
Prevent computers from overheating
pwd
Print Working Directory ‐ Writes the full pathname of the current working directory
Root Cause Identification (class slides)
Process of Elimination • Eliminate factors until the problem is identified or isolated. Successive Refinement • Introduce factors until the problem re-appears.
Techniques to find roote cause (online slides)
Process of Elimination • Remove elements of the system until the problem disappears •Isolate and simplify the problem to identify the specific issue. Successive Refinement • Add components to the system • Each time verify the desired result was achieved
What are two techniques we use to identify the root cause? (participation)
Process of elimination, Successive refinement
Documentation (online slides)
Process of keeping records for the purpose of referencing information at a later time or for use by others.
ps
Process status ‐ Used to list the currently running process and their PIDs (Process Identification Number) along with some other information (Gives status of process currently running).
Environments needed for developing services
Production --> Primary Environment for the Service Development --> Where you build out new features for the service / upgrades Testing --> Mirror image of prod environment for testing purposes
Basic components of a CLI
Prompt, command, option, argument, and cursor
Polyglot Persistence pro's and con's (online slides)
Pros • There is better performance and scalability. • It is cloud friendly in today's world of microservices. • Using the best tool for the job! Stop forcing that square peg into that round hole! Cons • No interoperability: You must connect the databases together. • You must decide where data should be stored. • There is increased complexity and administrative burden.
Issues Surrounding Namespaces (online slides)
Protection - Does the namespace contain sensitive data? Longevity - How long should entries remain? When should they be removed? Naming Convention - How does one formulate the named keys? scope - Where should they be used?
Anatomy of a service (slides)
Protocols: Instructions for transferring data to/from client/server (transport mechanism) APIs: Rules for accessing or extending the service beyond the components, it may communicate with other systems. Components: Client and Server software part of the application or service interaction
Help desks
Provide advice and assistance to users with problems encountered in using IT resources so that they can effectively use those resources - Public face of an organization - Interaction with end users - Perform tasks professionally - Develops operational WIP - Strategic managers use helpdesk data to identify black holes and where time is spent
What is eventual consistency? (participation)
Provide availability at scale but do not guarantee consistency
Directory Service (online slides)
Provides access to directory information.
What is a server appliance? Do you own one (explain what it does)? (participation)
Purposefully built server designed for a purpose or set of purposes. Usually sold by a vendor.
Primary computer storage
RAM - Random Access Memory - Fast, Expensive, Limited Resource on the computer - The applications and data you're using currently are in primary storage.
CAP: All Kinds of Database Systems (online slides)
RDBMSs like Oracle, MySQL, and SQL Server: - Focus on consistency and availability (ACID principles), sacrificing partition tolerance (and thus they don't scale well horizontally) Use cases: business data, when you don't need to scale out Single-master systems like MongoDB, HBase, Redis, and HDFS: - Provide consistency at scale, but data availability runs through a single node - Use cases: read-heavy; caching, document storage, product catalogs Eventual Consistency systems like CouchDB, Cassandra, Redis and Dynamo: - Provide availability at scale but do not guarantee consistency - Use cases: write heavy, isolated activities: shopping carts, orders, social media
Types of Servers (online slides)
Rack Mountable Servers, Server Appliances, Blade Servers,
Techniques to minimize entropy
Reactive approaches: - Anti virus / Anti Malware software - Desktop firewalls - "Undo" software: deepfreeze, steady state Proactive approaches: - Apply/automate changes, updates and patches using the one-some-many approach - Automate system configuration as much as possible to minimize one-off customizations - Principle of least privilege-give the user only enough access to operate the system, not change it. • A combination of all of these approaches is the best method. • What's the ultimate secret? Consistency! (online slides)
<
Read the content of a file into the input of a command
Which of the following is a potential benefit to running Infrastacture as Code? Increase in costs Reduction of risks Increase in complexity Reduce speed for deployments
Reduction of risks
What is RAID? Why doesn't it help you in the event of a fire? (participation)
Redundant Array of Independent Disks (all physical). It is a way of storing the same data in different places on multiple hard disks to protect data in the case of a drive failure. Because a fire could destroy your entire system because people commonly have to put It out with water which is horrible for tech.
Types of Databases (online slides)
Relational Databases, Key-Value Stores, Columnar Stores, Document Stores, Graph Data Stores
What are the 5 types of databases? (participation)
Relational Databases, Key‐Value Stores, Columnar Stores, Document Stores, and Graph Data Stores
Resilience vs. Performance scaling
Resilience: the ability to provide and maintain an acceptable level of service in the face of faults and challenges to normal operation Performance scaling: how the performance of a parallel application. changes as the number of processors is increased
Which networking device acts as a junction between networks, and transfers data between them? Hub Switch Router Modem
Router
Of NAS, SAN and DAS, which technology uses a dedicated proprietary network? (participation)
SAN
This is used for grouping multiple hard drives together to provide larger, more reliable, and faster storage than a single drive can provide. (quiz)
SAN SSD NAS RAID
List two Services which allow for the sharing of files over a network? (participation)
SMB - server message block , NFS - network file system
SSD (online slides)
SSD: Solid State Disk/Drive - Differs from traditional disks as there are no moving parts...no platters, no mechanics, so fewer failures. - Utilize dram or eeprom memory boards to store bits - Some use their own CPUs to manage data storage. - Faster for accessing data than traditional disks since seek time is eliminated - Much more expensive per GB (for now) than traditional spinning electromagnetic disks
When trying to understand a problem, it is important to identify what users believe in regards to how the service works. This is defined as: (quiz)
Scope Policy Assumptions Inter-dependencies
Defense in Depth (online slides)
Secure systems at all levels: - OS hardening - Application Hardening - Network Segmentation - Detection of changes• Credential Security - Encrypting data/traffic - Log aggregation (prevents covering of ones tracks) - Review Logs regularly - Security scanning (open ports, suspicious activity) - Security audits(physical, credentials, permissions, pen-tests)
Define self‐service. Provide an example of it used on campus. (participation)
Self‐service is the practice of serving oneself, usually when making purchases - EX: Selecting food at the dining hall
Servers (online slides)
Servers: - Service 100's if not 1,000's of users - Require high reliability and security due to lengthy required uptimes for services. - Are expected to last longer than workstations - Cost much more than workstations - Cost accounting for servers is spread over the users who use them, not responsibility of IT. - Have different OS configurations than workstations - Are deployed in a data center - Have disk backup systems - Have maintenance contracts with the Vendor
• What is an SLA? Purpose? (participation)
Service Level Agreement ‐ Identifies the level of importance of different services and what will be done in case of failures.
DHCP - dynamic host configuration protocol
Service that automatically assigns IP addresses to connecting devices
What kinds of objects can AD track? (online slides)
Shared Resources (Workstations, Servers, Shared volumes, Printers, and Applications) User resources (Users, Groups, Contacts, Mailboxes (Exchange))
~
Shorthand for home directory
What is SNMP? (participation)
Simple network management protocol - allows you to write code to reach out and ask a device what its status is
Essential DevOps Toolbox for IaC (online slides)
Source Code Management (git, subversion, mercurial) Virtualization / Containerization (VMWare, Vagrant, Docker, CoreOS) Configuration Management (Ansible, Chef, Puppet, Docker-Compose) Orchestration (Kubernetes, Mesos, Rancher, Docker Swarm) Continuous Integration / Continuous Delivery (Jenkins, TeamCity) Monitoring / Logging (Monit, Nagios, ELK Stack)
What is a protocol?
Standard used to define a method of exchanging data over a computer network - This defines a set of rules that end points on networks use when they communicate.
What are the two things HA Proxy does as explained in this lab? (lab)
Statistics Report and allows a web application to run in the backend
Which command allows a user to elevate to run command as the super‐user?
Sudo
Which of the following is a potential benefit to using Cloud-based services?
Support Security Control Scaling
Service Rollout (online slides)
Supporting your service After your service is up and running, but before rolling it out you should: - Document how the service should be used and maintained by your IT staff - Train your IT staff how to support the new service - Train the users, if required - Build out self-help support for the service to reduce calls to the helpdesk. - Don't forget to advertise the new service to your users. - Roll it out using "One - Some - Many" so you can get a handle of any unforeseen issues.
>
Takes the output of a command and redirects it into a file
What is a pipe?
Takes the output of one command and sends it to another
What type of workstation is "Remote Lab"? (participation)
Task Worker machine - nothing special about them, not unique to each user - Virtual Desktop Infrastructure
Employee types (end user roles)
Task worker - Use IT to perform their job specific job function. - Easy to manage in numbers of users, since the IT role is well defined. - Eg. Callcenters operators, insurance claim representatives, accounting clerks Knowledge worker - Use IT to create knowledge and solve problems - Challenging to manage inquantity users since each user has unique needs. - Eg. College professors, engineers, business analysts, systems administrators - The configuration of the workstation is dependent on the role of the end user. - The effort associated with supporting workstations depends on the number of different roles as opposed to the quantity of actual users
What is the difference between a hub and a switch?
Technical vs data link layer - Switch - Unmanaged and managed switches (allows manageability). Also, keeps a routing table of all the MAC addresses in its memory, and sends traffic directly to destination - Hub - private subnet design ‐‐> They are "dumb"; all devices receive traffic ‐‐> not efficient
DR (disaster recovery) sites in the Cloud (online slides)
The Claim: "Cloud Computing delivers faster recovery times and multi- site availability at a fraction of the cost of conventional disaster recovery." - Can provide bare-metal recovery that includes all services and data - Ability for more rapid recovery than typical failover sites - Potential for automated failover - Allows for backing up of data off site - Increased mobility, you can connect to "the cloud" from anywhere.
LDAP DN (online slides)
The DN, or distinguished name represents the path from the root of the directory to the entry. (In this example the rectangle is a user objectClass, and the trapezoid is a computer objectClass)
Bandwidth
The amount of data that can be transmitted over a network in a given amount of time. (The maximum amount of data that can pass from one point to another in a unit of time)
What is a command prompt?
The command prompt is a series of characters (such as PS C:\Users\LocalAdmin>) displayed within the command line interface to demonstrate the systems readiness to take a given command
How can you determine if you are a root user from the command line?
The end of the prompt changes from a dollar sign ($) to a hash sign (#)
Kernel
The kernel is a computer program at the core of a computer's operating system with complete control over everything in the system. ... It is an integral part of any operating system. It is the "portion of the operating system code that is always resident in memory".
Phishing (online slides)
The link in the email doesn't take you where you expect it to go
How are a container and a virtual machine different?
The main difference between these two techniques is the isolation at the machine level (virtual machine) versus the process level (container). Containerization is a more efficient process of virtualization and has many advantages: - Setup and tear down are trivial - Containers are "stateless." When you tear them down you lose all changes - Containers don't depend on each other. So you don't need to complete one lab to start another.
For the command docker‐compose exec foo bar What does foo represent? What does bar represent?
The name of the Docker container is foo and the command we wish to execute on that container is bar
Information Technology Management
The process of overseeing the systems, services, people resources, and processes within an IT organization.
What is the difference between a server and a service? (participation)
The service is the program which is accessible over a network
• Why are Services Important? (participation)
The services are what you are actually providing to your costumers...all the different layers of an application.
What is a reason we do NOT run services on Desktop hardware?: (quiz)
They are not as reliable as server hardware.
What is CAMS? (participation)
They are the core values of DevOps: Culture - breaking down barriers between teams, shortening feedback loops Automation - productivity gains in deployment, systems thinking Measurement - basing decisions on data instead of guessing Sharing - tooling, discoveries and lessons among the team
Explain idempotence and why is it important in systems management. (lab)
This ensures that we can run the same tasks again and again without changing the final results. This is important in systems management because people in that field are commonly changing the files on a computer or the contents of a single file.
What two systems can be used to manage WIP?
Ticket System Kanban System
latency
Time it takes for a bit to travel from its sender to its receiver.
What is the purpose of the Anisble ping command? (lab)
To check to see if the server we wish to reach is responding. The ping module "tests if you have valid credentials for connecting to the nodes defined in your inventory file, in addition to testing if Ansible is able to run Python scripts on the remote server."
nslookup
To resolve an IP Address to a DNS Name - use when you know the URL and want to find out IP address
ping
To test communications with another device on a network ‐‐ tests connectivity
Identity Management (class slides)
Too Many - Accounts - Logins - Passwords To Remember Centralized Authentication - One place to get Authentication, Authorization, and Accounting Single-Sign On - With Centralized Authentication no need to keep authenticating
Disk Components (online slides)
Traditional disks are made of a few basic components Spindle : common mounting platform for all platters. Platters : disc type material where data is stored Heads : Actual 'arm' that moves in and out of the record to read data. Track : location on the platter where data is stored. Each track has the same radius from the spindle on a disk Sector : pie-shaped slice of the platter. Used to sub- divide the platter for quickly locating blocks of data. Cylinder : same tracks on multiple platters.
The first step in debugging a problem is to.... ????? (online slides)
Understand the problem - You need to understand what the customer (or user) who reported the problem was trying to accomplish. - In most cases the customer is expecting a specific result, but is getting an undesirable result. - Oftentimes the data you receive is incomplete. So you must test assumptions, scope and inter-dependencies. - Examples of "real problems" (I can not print, the website is down, my computer will not send emails)
The first step in debugging a problem or issue is: (quiz)
Understanding the problem Forming a hypothesis Performing a root cause analysis Establishing a test environment
cd
Used to change the current working directory
cp
Used to copy objects
echo
Used to display line of text that are passed as an argument
rm
Used to remove objects from the file system
;
Used to run multiple commands in one single command (use ";" to separate the commands)
kill
Used to terminate process manually
Types of Disasters (online slides)
User Errors Natural Disaster SA Errors Security Breach Disk Failure Network Failure System Failure Power failure
Security Policies (online slides)
User Level Policies Users must sign before receiving resources. 1. Acceptable Use Policy 2. Monitoring and Privacy Policy 3. Remote Access Policy Business Level Policies 1. Network Connectivity Policy 2. Log Retention Policy
What are some potential uses of the uri load balancer algorithm? (lab)
Using the uri balancer algorithm gives you the ability to distribute load based on geographical location, browser type, operating system, and user attributes, which offers a greater degree of flexibility for how we balance load.
DBMS Scaling: Up vs. Out (online slides)
Vertical "Scale Up" • Add more resources to an existing system running the service • Easier, but limited scale • Single point of failure Horizontal "Scale Out" • Run the service over multiple systems, and orchestrate communication between them • Harder, but massive scale • Overhead to manage nodes
There are six categories of providing a service: Defined, Reliable, Scalable, Monitored, Maintained, Supported. Which core concept is associated with "Scalable"? (quiz)
Vertical and Horizontal
What is a virtual machine?
Virtual computers running on top of host computers, sharing the host computers resources (CPU, RAM and Disk).
Defenses (online slides)
Vulnerability mitigation • Use secure authentication systems. • Deploy software in secure configuration. • Patch security flaws quickly. • Restrict physical access to systems Attack mitigation • Firewalls to prevent network attacks. • IDS to detect attacks. • Virus/spyware scanners. • DiskEncryption • Two-factor authentication System Administrator & User Education and Awareness • Prevent Social engineering • Prevent Credential Theft
Which of the following disaster recovery sites provides full backup of your environment, but typically isn't configured to take over in the event of a disaster?
Warm sites Full sites Hot sites Cold Sites
Vertical Scale Through Layering (slides)
We re-design / program the application to support multiple users by breaking up / splitting the layers.
When is a quick fix appropriate? (participation)
When you do not need to find the roote cause of the problem. You can quickly fix it and complete the task.
load balancing (slides)
Who does it? - A Master service of the system to orchestrates load distribution (Hadoop, and most noSQL database systems work this way). - Another service orchestrates distribution. HAProxy, DNS, Zookeeper, etc. How it is done? (load balancing methods) - Round Robin / Ring - Request-Based - Location-Based - Based on existing instance load. - Custom / Hybrid
What are the advantage(s) of a system like WordPress over a static HTML website? (lab)
WordPress allows users to create websites without any knowledge of HTML, so nearly anyone can create a website!
What is WIP? Who often generates the "W" in WIP?
Work In Progress - Back end Developer (one example given in class), but it can be almost anything
If you type snickers bars into your favorite search engine, is that information being logged? Based on what you learned in this lab, do you know this? (lab)
Yes it is definitely being logged in multiple places.
Does a web server log your activity when your browser is in private or incognito mode? (lab)
Yes!
5. Is being hacked considered a form of disaster for which a company should have a DR/BC plan? Why? (participation)
Yes! - It is a threat which should be avoided. It could be either disaster recovery or business continuity depending on the severity of the attack.
Command-lines are known as unforgiving...why?
You must be direct - Know what you want to say - Know the right way to say it! There's no pleasing it: - Does not congratulate you when you're write - Only complains when you are wrong
Typically how many times to you need to clone a git repository?
You should only need to clone a git repository once.
ROI Example: Selling Products on the Web
You work for a parts distributor. Currently you do not sell products on line. A. A recent TCO study has revealed it will cost $12,000/year to begin selling products on the web. - If you would like a 25% ROI, what is the expected gain? .25 = (gain - 12000)/12000 3000 = gain-12000 gain = 15000 B. If another option is to partner with Amazon.com to sell your parts online at a cost of $5,000/year - What is the expected gain for the same 25% ROI? Is it better? .25 = (gain - 5000)/5000 1250 = gain - 5000 gain = 6250 C. If the marketing department claims that by spending $5,000 next year on local advertising they can generate an additional $9000 in additional sales. ROI = (9000-5000)/5000 ROI = 4000/5000 = .8 Which option has the best ROI? Option C has the highest ROI. In this example it is the best option. Option A and B have the same ROI but option B has a lower TCO so... Option B is better than option A
Service-oriented architecture (SOA)
a business-driven enterprise architecture that supports integrating a business as linked, repeatable activities, tasks, or services Service-Oriented Architecture is changing the game a bit, as most services are gravitating towards interoperability (working with each other)
Containerization
a form of operating system virtualization, through which applications are run in isolated user spaces called containers, all using the same shared operating system (OS) - Creates container for the app --> Takes all the pieces of the application that are needed to run it and takes just those pieces - Does not worry about the operating system - Not easy
system administrator
a person in charge of managing and maintaining a computer system of telecommunication system (as for a business or institution)
What is a data center? What is it not? (participation)
a place where you keep machines that are a shared resource, not an office. Major components of a data center: location, access, security, power, cooling, humidity, fire suppression, racks, cable management, communications, console access, workbench, tools
Entropy
a process of degeneration as a result of degrees of uncertainty, disorder, fragmentation, chaos, etc
Container
a self-contained unit of software based on an image. - "The rules on how the images work together to run an application Images can exist without containers, whereas a container needs to run an image to exist"
ansible (lab concept)
an open-source software provisioning, configuration management, and application-deployment tool "we will use Ansible to manage the 5 workstations on our network. What is Ansible? Simply put, it is a systems management automation engine. It allows you to easily perform tasks on remote computers such as changing configuration files, installing software and running programs."
Write a command to uninstall the package bar ? (lab)
apt remove bar
This is a chunk of storage as seen by the server or host computer. (quiz)
array LUN volume disk
When managing workstations, the goal is to ____________ as much of the manual processes as possible. (quiz)
automate
Why are off site backups important? (participation)
backup over the internet
What is the universal format of data on a computer?
binary
Is IT hardware or software?
both
Code used to address the transformational logic of the application, defines which layer of any application? (quiz)
business logic
What is the command to change the working directory to the git repository?
cd ist346-labs
apt (lab concept)
command-line utility for installing, updating, removing, and otherwise managing deb packages on Ubuntu, Debian, and related Linux distributions "The apt packaging system allows a user to manage software packages on a Linux system. Apt is a wrapper around the dpkg packaging system which is used for managing software on Debian Linux based distributions such as Ubuntu Linux."
A Workstation is usable and in an operational environment is when it is in Evards lifecycle state known as? (quiz)
configured
How is an image different from a container
containers are dependent on images and use them to construct a run‐time environment and run an application
There are six categories of providing a service: Defined, Reliable, Scalable, Monitored, Maintained, Supported. Which core concept is associated with "Defined"? (quiz)
costumer input
Which layer of an application is responsible for CRUD operations (create, read, update, delete)? (quiz)
data access
What is Service‐Oriented Architecture? Microservices? (participation)
distinct components of the application provide services to other components and communicate using an enterprise service bus Microservice is a self‐contained process that provides a unique business capability, different micro‐services act in concert as one larger system
What is a Distinguished Name, or DN? Is it a global namespace? (participation)
distinguished name represents the path from the root of the directory to the entry. No?
What docker command turns a container back into an image?
docker commit
How do you inspect the output of a docker container?
docker logs
Which command lists running containers?
docker ps command
What docker command turns an image into a container?
docker run
What command do you type to shut down the environment for a lab?
docker-compose down
What command do you type to bring up the environment for the lab?
docker-compose up -d
What is the command to list the files installed by the package chicken? (lab)
dpkg ‐L chicken
What are the two ways one can test that a service can scale? (participation)
end to end testing and metric testing
• Data Integrity (online slides)
ensuring your data is accurate. How does it become corrupted? - Viruses / Malware• Buggy Software - Hardware failures - User Error How to you ensure data integrity? - Hashing - compare file to its checksum MD5/SHA256 - Keep anti-malware software current Backing up inaccurate data is useless!
Two type of namespaces (online slides)
flat and Hierarchical
What command to your type to update the contents of your git repository?
git pull origin master
Which of the following is NOT an explicit benefit of using RAID? (quiz)
greater capacity improved backups increased performance increased reliability
playbook (lab concept)
includes process workflows, standard operating procedures, and cultural values that shape a consistent response—the play.reflects a plan; an approach or strategy defining predetermined responses worked out ahead of time "This command line stuff is great, but what if the single "change" you need to make requires several steps? We could just issue each Ansible sequentially but I'm sure there's a better way, correct? Well, this is the purpose of an Ansible Playbook. The playbook is a file which can run multiple Ansible tasks in addition to providing some additional configuration common across all the commands."
docker-compose (lab concept)
is used to run multiple containers as a single service (examples in all labs)
What is Ansible? (lab)
it is a systems management automation engine
leastconn vs. round robin (lab concept)
leastconn: Selects the server with the least number of connections-it is recommended for longer sessions round robin: a technique for dealing with redundant Internet Protocol service hosts Lab G: It is a load balancing program: "The leastconn algorithm selects the instance with the least number of connections. If a node is busy serving a client, the next request will not use that node but instead select another available node." "The load balancer cycles through each of the 3 docker containers in a predictable pattern. That's because the load balancer is configured to distribute the load using the roundrobin algorithm." "As we explained in the previous section the default load balancing algorithm uses round robin."
markdown (lab concept)
lightweight markup language using plain text formatting syntax (lab F)
apt-get commands (lab concept)
main task is to retrieve the information and packages from the authenticated sources for installation, upgrade and removal of packages along with their dependencies Linux command for installing or updating a program using the advanced packaging tool. (Lab E has some examples)
How do you get help in Linux?
man: open manual pages ‐‐help: more brief then man Help: Helpful with syntax ‐apropo: When you don't know what command your looking for
beautiful snowflake
many machines, each uniquely configured
Which type of application contains all layers of the application within a single system? (quiz)
monolithic
What do we call multiple copies of the service we scale horizontally? (lab)
nodes (unsure)
What are the three pieces of a workstation? (slides)
operating system + configuration + applications = workstation
Data center alternatives
outsource (online slides)
What can you do when the list of files is too large for your screen? (lab)
pipe the output to less so we can scroll through the output with our arrow keys
Code which addresses user interface concerns, defines which layer of an application? (quiz)
presentation
Explain the difference between a quick fix and addressing the root cause of a problem? (participation)
quick-fixes and do not address the root cause
What are the three primary server hardware strategies? (participation)
racks, blades, and mainframes
Write a command to use apt to install peachtree onto computers in the accounting department (an Ansible hosts label). (lab)
root@server:/# ansible accounting ‐k ‐m apt ‐a 'pkg=peachtree state=present update_cache=yes'
Which of the following is NOT one of the defined layers of an application? (quiz)
servers
docker (lab concept)
set of platform as a service products that uses OS-level virtualization to deliver software in packages called containers
What are the advantages of a site generator like MKDocs versus an static HTML site? (lab)
site generator like MKDocs are helpful because they create HTML content from the markdown format
The Client-Server Model
software runs on the local computer (the client) and communicates with the remote server to request information or services. A server is a remote computer on the network that provides information or services in response to client requests.
haproxy (lab concept)
solution offering high availability, load balancing, and proxying for TCP and HTTP-based applications "In this lab we will demonstrate how applications are scaled horizontally. Specifically we will run a web application built using the Flask Web Framework through a load balancer. The Load balancer we will use is called HAProxy. It is a very fast, reliable load balancer which comes with a variety of configurable algorithms for balancing load across servers on a network. We will spin up multiple instances of the same Flask web application behind the load balancer in so that we can get a clear picture of how traffic is distributed by a load-balancing application like HAProxy." "The HAProxy load balancer has a special web UI for inspecting the traffic on the load balancer"
Virtualization
the act of creating a virtual version of something, including virtual computer hardware platforms, storage devices, and computer network resources - Virtualizes the server
throughput
the amount of work performed by a system during a given period of time (the actual speed of data transfer that is achieved)
Volume (online slides)
the chunk of storage as seen by the server. • A single hard drive (or logical disk) can be one volume. • One hard drive (or LD) can be multiple volumes. We call this partitioning the disk. • Many hard disks can be combined into one logical volume.
Host
the computer running the virtual machines or containers.
What is a command line interface?
the interface of your computer based on text. It allows the user to issue commands through text, which proves extremely helpful while wishing to automate tasks.
Guest
the operating system running as a virtual machine.
Image
the software necessary to run an application. - A" state of an application (files and resources needed to make an application run) --> pieces of an application"
operating system
the software that supports a computer's basic functions, such as scheduling tasks, executing applications, and controlling peripherals. - The interface between you and the computer
Explain Master / Slave architecture for redundancy. (participation)
used for the software system where reliability is critical. This is due to the replication (redundancy) of servers
Explain strategies for accessing servers in the data center without having to physically be there. (participation)
virtualization
service layering
we scale up data-oriented applications by separating the layers of the application into their own independent services which communicate over the network, allows more users to access the application, yet introduces some design complexity
Cloud Computing (online slides)
• "The practice of using a network of remote servers hosted on the Internet to store, manage, and process data, rather than a local server or a personal computer." • In other words, having someone else host your servers and/or services for you.
Meta-Directory (online slides)
• A Meta-Directory is a unified database of your namespaces. • To create a named key for a namespace, such as a new user: - The information is added to the meta-directory - The account is provisioned from the meta-directory to the resource itself. (Account created on the Windows or Linux Server or both) • Meta-Directories are namespace management. - You can buy identity management software to implement a meta-directory or build your own. - These solutions require a lot of planning, design and testing.
Cold Sites (online slides)
• A cold site is a type of disaster recovery service that provides backup, but the site isn't configured to take over in the event of a disaster. • Downtimes are to be expected and may require considerable amount of work for bringing a site online. • A cold site is less expensive, but it takes longer to get an enterprise in full operation after the disaster.
Types of Backups (online slides)
• A full backup (level 0) is a complete copy of a partition. • A differential backup (level 1) is an archive of only the files that have changed since the last full backup. • An incremental backup (level 2, 3, etc) is an archive of only the file that have changed since the last backup (not necessarily full backup.
Database (online slides)
• A generic term for the storage, management and retrieval of data • Many Types Exist • Serve Several Purposes
What is DevOps? (online slides)
• A set of practices to reduce the time between making a change to a system and realizing that change in production (whether on-premises or in the cloud) without sacrificing quality of system stability. • Historically slowed down by: - Transitioning to Dev / Test / Prod environments • Pet Servers - Organizational Culture / Mindset - Siloed teams
Warm Sites (online slides)
• A warm site is backup site that is setup similar to a hot site, but requires work to render it functional in the event of a disaster. • Backup environment are not constantly operational or processing. Also may require networking changes to redirect server/service requests to the backup site. • Requires intervention and cannot accomplish seamless failover, but cheaper to employ than a hot site. • While they don't offer immediate failover, warm sites are typically easier to maintain than hot sites due to lack need for real-time replication or complex networking schemes.
Three A's (online slides)
• Authentication - Verification of identity. Answers the question "Who are you?" • Authorization - Verification of access. Answers the question "What can you do?" • Accounting - Logging access to a service. Answers the question "What did you access or do?"
Sometimes a fix is out of your control: (online slides)
• Bad hardware • Live with it until you can replace it • Can you move the service elsewhere? • Virtualization helps here • Some vendors write crappy software • Memory leaks mean that systems do not release memory when finished and thus become unstable over time. • Your best bet is to employ "pressure" on the vendor. • Policy issues affect system stability • Examples: Too many users with Root or Admin access / Physical access to the datacenter by too many people • Lobby to have these bad habits changed!
Key-Value Stores (online slides)
• Basically a persistent hash map • Simple • Fast reads and writes • No secondary indexes • Scales Horizontally • Use cases • Data model is simple • All you need is CRUD (Create/Read/Update/Delete) • Caching frameworks • Challenges • Difficult to perform complex queries • Products • DynamoDB, Riak, Redis
Cloud Services on the Internet (online slides)
• Cloud computing is an extension of the service model to the ubiquities of the internet. • Don't want to deal with datacenters or servers? Try Infrastructure as a Service! • Don't want to bother with the infrastructure and the components required by your service?Try Platform as a Service! • Heck, don't want to bother with any of it? Then Software as a Service is for you!
Core Values of DevOps - CAMS (online slides)
• Culture - breaking down barriers between teams, shortening feedback loops • Automation - productivity gains in deployment, systems thinking • Measurement - basing decisions on data instead of guessing • Sharing - tooling, discoveries and lessons among the team
Logical Storage Systems (online slides)
• DAS - Direct Attached Storage • Connects to one host • NAS - Network Attached Storage • Connects to many hosts over common communications network (TCP/IP) • SAN - Storage Area Network • Connects to many hosts over dedicated network for storage. • iSCSI or Fibre Channel.
examples of nameservice (online slides)
• DNS - manages host names • DHCP - manages IP Addresses • LDAP - manages user information • Active Directory - manages users, computers and devices.
Why Backups? (online slides)
• Data gets lost• People delete data by mistake (or on purpose) • Archival Purposes• Legal Issues / Subpoenas • Data gets corrupted • Systems crash / Disks fail • Notebooks get lost / stolen You need your backups to be reliable.
Columnar Stores (online slides)
• Data in tables are stored by column instead of by row • Storage not wasted on null values • Fast operations on columns such as aggregation of data • Scales horizontally • Use cases • Data analytics, big data sets • Timeseries data • Challenges • Key design is not trivial • Need to split data according to how it will be queried • Products • HBase, Cassandra, MemSQL
Risk Analysis: Some basic terms (online slides)
• Disaster any event that causes a massive outage to services and/or a loss of data. • Severity of any disaster depends on:• How many people are affected (size)• Which aspects of the business are affected (cost) • Risk the expected value of the disaster happening in the future. • Risk is measured as a probability
Example of Three A's (online slides)
• Example: Your SUID card. • Verifies who you are. • Provides access to things (library, GYM) • Is recorded when used.
Hot Sites (online slides)
• Hot site - commercial disaster recovery service that allows a business to continue computer and network operations in the event of a computer or equipment disaster. • Example: If an enterprise's data center becomes inoperable, they can quickly switch all data processing operations to a hot site with little to no downtime. • Provides complete duplication of primary environment and will be available at all times. • More expensive, but faster to recover a business in the event of a disaster.
Multiple Ways to Backup (online slides)
• Image Backups• "Classic" Tape Backups • Disk-to-disk-to-tape backups (D2D2T) • Disk-to-disk-to-disk backups (disks are cheap) • Offsite Backup services (backup over the internet)
Document Stores (online slides)
• Nested structures of hashes and their corresponding values • Very flexible schema • No need to normalize • Use cases • Applications where the schema is likely to change • When you don't need the flexible query of relational, but need better performance • Challenges • Complex queries with joins are slow • Documents which reference themselves and other circular dependencies • Products • MongoDB, CouchDB, RavenDB
NAS File Services (online slides)
• Network attached storage requires a service to share files with clients • SMB - Server Message Block (Windows File Sharing / Samba on Linux) • NFS - Network File System (Used by Unix/Linux systems to share files)
Graph Data Stores (online slides)
• Nodes and edges • Good fit for highly interconnected data • Allows for explicit relationships among data items • Based on Graph theory • Use cases • When your data look like a graph or hierarchy • Challenges • Does not scale well horizontally • Very specific use cases—know when to use it! • Products • Neo4j, SQL Server Graph Tables
Time to fix the problem (online slides)
• Once you've defined the problem, and isolated it, its time to fix it. Quick fixes: - Restarting services - Rebooting the server dependent on services - Cleaning up disk space • These are quick-fixes and do not address the root cause!!!!
Testing Backups (online slides)
• Periodically test your backups by performing restores. • Why? The only way you know your backups are working is to restore data from them and test. • Backups are no good if you can't restore from them. • Backups are one of the most understated processes in IT management but one of the more important.
Considering the pivot Points (online slides)
• Pivoting • They will be inside the Datacenter• They will be looking for the next Hop • When a server is hacked - what else will fall? • Does this server NEED to talk to anything else? • What's on it? • What could it be used for? • Do you have any other lines of defense?
DevOps Goals (online slides)
• Systems thinking - imagine your systems as a whole not as parts • Culture of ownership - everyone involved has ownership over the entire system and process • Shortening feedback loops - take less time to fix problems and achieve goals. • Culture of experimentation and learning - no fear of making changes as you should be able to test them easily.
Vulnerabilities - Social Engineering (online slides)
• The human element of security • Users are the weakest link • Preys on people's inherent trust in others Kevin Mitnick - Famous Hacker • Author of "The Art of Deception" and "No Tech Hacking" • One of his many social engineering stories • http://www.youtube.com/watch?v=8L76gTaReeg
Business Continuity (online slides)
• The organization's ability to continue to function during and after the disaster. • Think of BC as your fallback plan for the disaster.• It is not the same as disaster recovery, but ultimately a part of it.
Infrastructure as Code Methodology for DevOps (online slides)
• Treat your infrastructure as if it were code! • Store configurations, dependencies and scripts to bootstrap your systems in a source code management (SCM) system like Git. • This allows you set-up and tear down environments quickly and easily and deploy your systems in Dev, Test or Production. • Servers are commodity / utility resources, and not at all strategic. A perfect scenario for cloud computing!
Cloud Services Overview (online slides)
• Typically utilizes Virtualization or Containers to keep costs down while offering a larger number of services. • Shared resource model helps make the best use of hardware. • Providers have varying chargeback models to customers: - By amount of data stored (per mb/gb/tb) - By bandwidth used (mb/hr, gb/week, gb/month, etc..) - By resources used (ram, cpu) - By number of users accessing the service - Or combinations of all of the above.
Two-Factor Authentication (online slides)
• What you have • What you know • Example:• Google Authenticator
How does the leastconn algorithm differ from the roundrobin algorithm? How are they similar? (lab)
• leastconn ‐‐> selects the instance with the least number of connections. • roundrobin ‐‐> Each server is used in turns, according to their weights. • They are similar in that the Uri will not always map to the same instance, unlike uri