Amazon Web Serivvces Networking Flashcards
What is the data fabric?
Connects different data management enviroments across disparate clouds
Helps organisations to manage, secure, protect, and access their data across the hybrid Cloud.
On-premises DC, local offices, or off-premises clouds (multi, public or private).
Cloud Volumes ONTAP architecture: Cloud
Supports cloud solutions.
Cloud Volumes ONTAP runs on a VM to provide CIFS/ISCSI/NFS services).
Cloud Volumes ONTAP architecture: Hybrid
Hybrid supports on-premise and cloud volumes.
Snapmirror and snapvault can be used to protect data.
Single-node architecture for AWS
Runs within a AWS cloud for VPC
three types of disk (root, boot and data disk(s))
Only data disks are presented for management in blue XP
Cloud Volumes ONTAP high availability for AWS
Include a HA option.
HA configuration provided fault tolerance.
Across multiple Availability zones.
Synchronous replication can be Used.
Can be active-active or active-passive configuration
Regions and Availability Zones
Amazon Elastic Computer Cloud ( EC23) is hosted in multiple locations worldwide.
Consists of VMs that run in AWS.
A region is separate geographical location.
Each region can have one or more availability zones.
Each region is independent of each other.
Resources do not automatically copy across regions
Each availability zone is isolated, but in a region are connected through low-latency links.
AWS Virtual Private Cloud
called VPC.
VPC is a virtual network dedicated to your AWS account.
VPC is logically isolated from other virtual networks in AWS.
VPC is defined by range of IP addresses
You launch AWS instances into your VPC
Your VPC contains subnets, and other networking resources (routing tables, gateways, security setttings).
Subnet and Route tables
A sub net is a range of IP address in your VPC
You launch resources (EC2 instances) into your subnet of choice
You use a public subnet (for resources that need internet connections) or private subnet
Each subnet must be associated with a route table for outbound traffic
In a route table, each route specifies a destination classless inter-domain routing (CIDR) block and target
Deploy a connector: BlueXP
Modern data estate operations made simple
Build, protect, and govern your hybrid multicloud data estate
What is a connector?
Access via browser (https://bluexp.netapp.com
Uses a secure connection over 443 to NETAP BlueXP (SaaS)
This is bi-directional with only meta data being moved.
Cannot manage services or customer data.
There is a vm that runs separate to this called the connector.
Provides access to private environment so BlueXP can manage.
BlueXP connects to the connector. The direction is unidirectional
BlueXP and Clould Volumes ONTAP
Enables you to provide Could volumes with advance services.
Replicate data using snapmirror.
Deploying a cloud Volumes ONTAP
AWS disks as back end storage.
Combined to create an aggregate
then volumes created out the aggregate
RaidType is Raid0 - relies on the cloud to provide the protection
Then creates a VM on those volumes
The VM then presented out volumes to the customer (files or LUNs)
Support NAS and iSCSI.
Provisioning storage and accessing data using SMB authentication methods.
Active Directory - File services, other value added CIFS functions, unified centralized domain
Workgroup - when AD not available,
Security
AV - Scan server with Antivirus software
Ransomeware tools provided by Netapp Are recommended. (Snapshot copies are read only giving protection from ransomware).
Blue XP also uses FPolicy to block certain ransomeware file types
WORM storage
Protected at the file level
WORM has to be activated at the system level.
Cannot be modified even when the retention period is expired.
After retention period you are responsible to delete files.
