2.2 Virtualization and cloud computing concepts Flashcards
Infrastructure as a service (IAAS)
This allows customers to purchase and interact with the basic building blocks of a technology infrastructure. The cloud service provider is responsible for managing the physical facilities and the underlying hardware.
Platform as a service (PaaS)
These are between IaaS and SaaS. The service provider offers a platform where customers may run applications that they have developed themselves.
Software as a service (SaaS)
Provide customers with access to a fully managed application running in the cloud. The provider is responsible for everything from the operation of the physical datacenters to the performance of the application itself.
Function as a service (FaaS)
This allows customers to upload their own code functions to the provider and then the provider will execute those functions on a scheduled basis
Public
Public cloud service providers deploy infrastructure and then make it accessible to any customers who wish to take advantage of it in a multitenant model
Community
Community cloud services do run in a multitenant environment, but the tenants are limited to members of a specifically designed community.
Private
any cloud infrastructure that is provisioned for use by a single customer. only one customer uses the environment.
Hybrid
catch-all term used to describe cloud deployments that blend public, private, and/or community cloud services together. Hybrid clouds require the use of technology that unifies the different cloud offerings into a single coherent platform.
Cloud Service Providers
Firms that offer cloud computing services to their customers. They offer a cloud service for sale.
Managed service provider (MSP)/managed security service provider (MSSP)
Services organizations that provide information technology as a service to their customers. MSSP’s are organizations that MSP’s that offer security services as well.
On premises vs off premises
Fog computing
This uses IoT gateway devices that are located in close physical proximity to the sensors. The sensors themselves dont have processing power but they send data to their local gateway that performs preprocessing before sending the results to the cloud.
Edge computing
This is placing some processing power on remote sensors, allowing them to preprocess data before shipping it back to the cloud. The computing is being pushed out to sensors that are located on the “edge” of the network
Thin client
thin client devices are sufficient to access SaaS applications like the chromebook.
Containers
Provide application level virtualization. Instead of creating complex virtual machines that require their own operating systems, containers package applications and allow them to be treated as units of virtualization that become portable across operating systems and hardware platforms.
Microservices/API
These are application programming interfaces. This enables companies to open up their applications data and functionality to external third party developers. This allows services and products to communicate with each other.
Infrastructure as code (IaC)
This is the process of automating the provisioning, management, and deprovisioning of infrastructure services through scripted code rather than human intervention.
Software defined networking (SDN)
This allows engineers to interact and modify cloud resources through their APIs
Software defined visibility (SDV)
This offers insight into the traffic on the cloud virtual networks.
Serverless architecture
This does not expose customers to the actual server instances executing their code.
Services integration
Resource policies
Customers may use this to limit the actions that users of their accounts may take. This is a good security practice to limit the damage caused by an accidental command, or a malicious insider.
Transit gateway
allowing the direct interconnection of cloud VPCs or virtual private clouds with on-premises VLANs for hybrid cloud operations
Virtualization
Virtual Machine (VM) Sprawl avoidance
VM escape protection
Snowflake Systems
Any system that is different in its configuration compared to a standard template within an infrastructure as code
Idempotence
A property of IaC that an automation or orchestration action always produces the same result, regardless of the components previous state.