1.5 Compare and contrast cloud and virtualization concepts and technologies

Question 1

Describe Virtualization

Answer 1

virtualization is a technology that allows a host operating system to run a separate instance of an operating system in an isolated wrapper that lets it impersonate a real machine

Question 2

What is a hypervisor?

Answer 2

A hypervisor is code that separates a host operating system from a virtual machine, and it is used to create, destroy, and manage virtual machines

Question 3

Slices or chroot

Answer 3

This refers to the ability to slice up or put in a root jail applications that must be shared between users or for security domains. (Using a root jail means restricting an application such as Apache to make it believe that a virtual root of a file system exists.) Solaris’s zones are a superset of this method

Question 4

Full virtualization

Answer 4

This method, which is used by VMware, Parallels, KVM, and XEN, involves what can be described as full-system virtualization

Question 5

Containers (old)

Answer 5

LXC (Linux Containers) is an early form of what would later become Docker’s offering. OpenVZ and Virtuozzo are somewhat similar in that one uses portions of the OS to create an environment and the other creates virtual private servers to perform the task

Question 6

Containers (new)

Answer 6

Docker is the predominant method used today to wrap up applications and their dependent services into a container or single addressable instance of partial operating system virtualization commonly called a container

Question 7

Amazon Machine Images (AMI)

Answer 7

an AMI as a template that includes a system root, an operating system, and whatever else you want to have included in the AMI.

An AMI is a bit like a frozen dinner: You can “thaw” one out and have it piping hot and ready in just a few seconds, but it’s prepackaged, and if you don’t like or want it customized, you have to rework it and then package it up all over again

Question 8

Cloud-Init

Answer 8

Cloud-init is a unique tool. You can use it by itself, and it will allow you to do a lot with the customization of your cloud VM installs. However, its real strength lies in being the initial bootstrap tool that prepares the VM environment for the more feature-rich tools, such as Chef and Puppet

Question 9

Puppet

Answer 9

Its key strength is in getting systems ready for serving what they are designed to serve. Its downside is that it’s a centralized system, and the failure of the central management node can be catastrophic. Puppet is also prone to bottlenecks due to its architecture.

Puppet has its own domain-specific language, and if you have learned it, Puppet is fairly easy to use. The Puppet language is a nonstandard implementation of the Ruby language with a lot of changes

Question 10

Chef

Answer 10

The designers of Puppet have learned a lot of lessons that have enabled them to make Chef a more viable, scalable, and healable infrastructure tool than Puppet. Designed from the get-go as a distributed tool that can use a central repository of objects, Chef doesn’t depend on that repo being constantly available to do its job.

Chef’s domain language is standards compliant with the Ruby language, so when a DevOps engineer gets to a point where the built-in implementation can’t handle a configuration issue, he or she can use the full Ruby language to solve the issue.

Chef is also designed to be massively scalable; it can handle upward of 250,000 nodes, which is another improvement on the Puppet tool.

Question 11

Anaconda/Kickstart

Answer 11

Kickstart uses a single file that contains all the configuration and automated responses necessary to perform a hands-off installation of a Linux

Kickstart requires the following components:

Installation media (either locally or on a network resource)

Kickstart file (the default is anaconda-ks.cfg)

Boot method

Question 12

Kickstart file

Answer 12

Command: This section contains the commands to install the distribution, including answers, if required

Packages: This section lists the package selections to be installed, in a stanza that begins with %packages and ends with %end. The packages to be installed can be in groups, or they can appear as individual packages. Groups are prefaced with an @, such as @Sound and Video, whereas an individual package would just be referenced by the short package name, such as vim.

Pre and post: These sections contain commands and functions to perform before installation and after installation. These sections are stanza based, beginning with %pre and ending with %end. It’s important to make sure that the Pre and Post sections are at the end of an Anaconda or Kickstart file

Question 13

VM Templates

Answer 13

A template is usually not a bootable or usable VM but a master version of a VM that is used to make a copy that can be customized into a VM for use in a particular environment

Question 14

Open Virtual Appliance (OVA)

Answer 14

Open Virtual Appliance (OVA) file is effectively a bundling of one or more VMs together in an installable/runnable package such as a virtual appliance that might include a VM for NGINX and another for MySQL, packaged together and usable very quickly in an environment such as VMware

Question 15

Open Virtualization Format (OVF)

Answer 15

An Open Virtualization Format (OVF) file is a compressed package that contains any needed certificates and disk image files and that is similar in format to a TAR archive file. An OVA file can contain multiple OVF files, and each OVF file effectively represents a VM instance

Question 16

YAML Ain’t Markup Language

Answer 16

YAML is a superset of (or encompasses) JSON. YAML is mainly used for configuration files with a stanza-based format of hierarchical items and is imminently human friendly and readable.

YAML also allows for a larger feature set, as well as the ability to include comments for documentation and clarity

Question 17

JSON

Answer 17

JSON is used as a way to serialize data. It’s simpler in format than YAML and can be used to conduct data exchange and transfer between APIs and their requesting applications or services.

JSON is a subset of YAML, and it can be parsed with a YAML interpreter or parser, so you can use YAML and JSON together for your templating needs

Question 18

Container Images

Answer 18

A container image is a binary file that has within it all the necessary components to run as a Docker container instance. Container images, like VM templates, make deploying many multiple instances of a given configuration a lot simpler

Question 19

Thin Provisioning

Answer 19

Thin provisioning: With this type of provisioning, the virtual disk size is declared during setup, but the entirety of the storage space is not allocated or marked as “in use”; only that which is actually needed plus a small margin is marked as “in use.” The amount of actual storage used correlates to actual files written to the disk, and more space is allocated on an as-needed basis

The upside of using thin provisioning is that you can mark a virtual disk to be a certain size, but you don’t have to dedicate that space until actual writes to that virtual disk happen. The downside is that it is possible to overallocate the available space, and if you then suddenly want the full space, you can quickly run out of the hosting system’s actual storage

Question 20

Thick provisioning

Answer 20

Thick provisioning: This method involves preallocating or marking as being “in use” the full amount of space that is specified in the virtual disk configuration. There is no time spent on growing or shrinking the allocated space; it’s dedicated at the start

The upside of using thick provisioning is that once a virtual machine’s disk is provisioned, the VM marks that amount as being used, and you don’t need to spend time trying to calculate or find space for new files; the space is there and ready to go. The downside of this method is that all the virtual disk space allocated is marked as used, and you can’t crowd more VMs on a machine that has no space remaining

Question 21

Persistent Volumes

Answer 21

The term persistent volume is used by many virtualization products, such as OpenStack and Kubernetes. In essence, a virtualized persistent volume is similar to a physical disk in how it operates. Data is kept on the disk until the system or user overwrites it. The data stays on the disk, whether the virtual machine is running or not, and with some virtualization products, it can remain even after the virtual machine using it is destroyed

Question 22

Blob

Answer 22

Blob storage is a Microsoft Azure cloud platform term. Blob storage is large unstructured data, which is offered over the Internet and can be manipulated with .NET code. Typically, a blob consists of images, streaming video and audio, big data, and so on

Question 23

Block blobs

Answer 23

Block blobs are blocks of text and binary data. The blobs are not managed as a group but instead are handled independently of one another. Their size limit is 4.7TB

Question 24

Page Blob

Answer 24

Page blobs are simply random access files, which can be up to 8TB in size. They are also used as virtual disks for Azure virtual machines

Question 25

Bridging

Answer 25

With bridged networking, a virtual machine’s network interface, which is of course software, is tied to the actual host machine’s Ethernet or other adapter via a virtual Ethernet switch (which on VMware is VMNet0 by default); the adapter of the VM appears to be a full network client or citizen, and it gets an IP address with the same subnet as the host’s adapter. The upside is that the VM is considered to be a full participant on the network; the downside is that because it’s a full participant, it uses up an IP address. Given that there might be a lot of VMs on a virtualization host system, bridging can use a lot of IP addresses for not much benefit

Question 26

Overlay Networks

Answer 26

An overlay network is a network virtualization method that uses encapsulation and communication channel bandwidth tunneling. A network’s communication medium (wired or wireless) is virtually split into different channels. Each channel is assigned to a particular service or device. Packets traveling over the channels are first encapsulated inside another packet for the trip. When the receiving end of the tunneled channel gets the encapsulated packet, the packet is removed from its capsule and handled

Overlay networks offer better flexibility and utilization than non-virtualized network solutions. They also reduce costs and provide significant scalability

Question 27

NAT

Answer 27

The direct opposite of a bridged connection is network address translation (NAT), in which a VM is consigned to a private virtual network that is typically in the 10.0.0.0, 172.16.0.0, or a 192.168.0.0 range and uses a NAT device or object to convert its local-only IP address into something that can be sent across the wide area network. The main advantages of this method are that it further obscures the VM from the dangers of the outside network, and it uses no extra IP addresses. Each and every VM can be on its own virtual network behind the NAT function, although you can have two or more VMs on the same virtual private address scheme and communicating with each other

Question 28

Local

Answer 28

A host-only adapter (sometimes called a local adapter) connects to a virtual network contained within the virtual machine’s host system. There is no connection to the external physical (or virtual) network to which the host system is attached.

The result is speed. If the host system has two or more virtual machines, the network speed between the VMs is rather fast. This is because VMs’ network traffic does not travel along wires or through the air but instead takes place in the host system’s RAM

Question 29

Dual-homed

Answer 29

One of the main advantages of having VMs running is that you can segregate tasks or services to a particular VM and have that VM provide those services over the network.

A problem that can affect a virtualization host system is that it might have a number of VMs all using NAT or bridged networking, and the single Ethernet interface on the virtualization host can become a bottleneck. Dual-homing prevents such a bottleneck. With dual-homing, you configure two Ethernet devices for VMs to use and intelligently assign VMs or even blocks of VMs to use a given Ethernet device as their network access device. This way, the Ethernet interfaces don’t become the bottleneck or cause performance issues

Question 30

Hypervisors Type 1: KVM

Answer 30

The Linux Kernel-based Virtual Machine (KVM) utilizes a standard Linux kernel along with a special hypervisor module, depending on the CPU used (Intel or AMD). Once installed, it can host any type of guest operating systems

Question 31

Hypervisors Type 1: XEN

Answer 31

The XEN Project is an open-source standard for hardware virtualization. Not only does it support Intel and AMD CPUs, but there’s also a version for Arm CPUs. The XEN Project includes additional software besides the hypervisor software, including an API stack for managing the hypervisor from a guest operating system

Question 32

Type 2 Hypervisors

Answer 32

The Type II hypervisor software runs guest virtual machines as separate processes on the host operating system. The guest virtual machines support guest operating systems, which are completely separated from the host operating system. Thus, you can use a Linux host operating system and still run Windows or macOS guest operating systems.

The attraction of using a Type II hypervisor is that you can run it on an already installed operating system. You don’t need to create a new server environment to run virtual machines. With the Type I hypervisors, you must dedicate a server to hosting virtual machines, while with a Type II hypervisor, your server can perform some (although not a lot) of other functions while it hosts virtual machines.

Question 33

What are the three primary methods for providing cloud computing?

Answer 33

The three primary methods for providing cloud computing are:

Public

Private

Hybrid

Question 34

Public Cloud Computing

Answer 34

In public cloud computing environments, a third party provides all of the computing resources outside of the organization. This pool of resources is usually shared between multiple organizations that also have access to the platform

Question 35

Private Cloud Computing

Answer 35

In private cloud computing environments, each individual organization builds its own cloud computing resources to provide resources internally

Question 36

Hybrid Cloud Computing

Answer 36

In hybrid cloud computing environments, computing resources are provided internally within the organization but also connected to an external public cloud to help supplement resources when needed

Question 37

The IaaS cloud model

Answer 37

In the Infrastructure as a Service (IaaS) model, the cloud computing vendor provides low-level server resources to host applications for organizations. These low-level resources include all of the physical components you’d need for a physical server, including CPU time, memory space, storage space, and network resources

an IaaS model the customer supplies the operating system and any applications that it needs to run. Most IaaS environments support either the Linux or Windows operating systems. The customer is responsible for any system administration work required for the operating system as well as any application administration. The cloud computing vendor takes responsibility for maintaining the physical infrastructure environment

Question 38

The PaaS cloud model

Answer 38

In the Platform as a Service (PaaS) model, the cloud computing vendor provides the physical server environment as well as the operating system environment to the customer

With the PaaS model, the cloud computing vendor takes responsibility for the physical components as well as the operating system administration. It provides system administration support to ensure that the operating system is properly patched and updated to keep up with current releases and security features. This allows the customer to focus mainly on developing the applications running within the PaaS environment

Question 39

The SaaS cloud model

Answer 39

In the Software as a Service (SaaS) model, the cloud computing vendor provides a complete application environment, such as a mail server, database server, or web server. The vendor provides the physical server environment, the operating system, and the application software necessary to perform the function

Question 40

Virtual Machine Monitor (VMM)

Answer 40

The hypervisor, also called a virtual machine monitor (vmm), acts as the traffic cop for the physical server resources shared between the virtual machines. It provides a virtual environment of CPU time, memory space, and storage space to each virtual machine running on the server

Question 41

Type 1 Hypervisors

Answer 41

Type I hypervisors are commonly called bare-metal hypervisors. The hypervisor system runs directly on the server hardware, with no middleman. The hypervisor software interacts directly with the CPU, memory, and storage on the system, allocating them to each virtual machine as needed

With the Type I hypervisors, you must dedicate a server to hosting virtual machines

Question 42

Type 2 hypervisors

Answer 42

Type II hypervisors are commonly called hosted hypervisors because they run on top of an existing operating system install. The hypervisor software runs like any other application on the host operating system

Type II hypervisor, your server can perform some (although not a lot) of other functions while it hosts virtual machines.

Question 43

Libvirt

Answer 43

libvirt is a popular virtualization management software

A primary goal of the libvirt project is to provide a single way to manage virtual machines. It supports a number of hypervisors, such as KVM, QEMU, Xen, VMware ESX

Question 44

Virsh

Answer 44

One handy tool that uses the libvirt library is the virsh shell. It is a basic shell you can employ to manage your system’s virtual machines

Question 45

Virtual Machine Manager (VMM)

Answer 45

Not to be confused with a hypervisor (VMM), the Virtual Machine Manager (also called vmm) is a lightweight desktop application for creating and managing virtual machines. It is a Python program available on many distributions that employ a GUI and is obtainable from the virt-manager package

Question 46

Append Blobs

Answer 46

Append blobs are also blocks of text and binary data. However, their storage is enhanced to allow for efficient appending operations. Thus, this blob type is often used for logging data