Cloud and the Datacenter Flashcards
Virtual Network Devices
o Major shift in the way data centers are designed, fielded, and operated
▪ Virtualization is everywhere
● Virtual Servers
● Virtual Routers
● Virtual Firewalls
● Virtual Switches
● Virtual Desktops
● VoIP
● Cloud Computing
● Software-Defined Networking
Virtual Servers
Allows multiple virtual instances to exist on a single physical server
Considerable cost savings for an IT budget
▪ Allows for consolidation of physical servers
▪ Multiple NICs increase bandwidth available
Hypervisor
Specialized software that enables virtualization to occur
▪ Hypervisor is the software that emulates the physical hardware
▪ Also called a Virtual Machine Monitor (VMM)
▪ Examples
● VMWare ESXi
● Microsoft Hyper-V
● Virtual Box
● VMWare Workstation
Virtualized Storage Solutions
▪ Network Attached Storage (NAS)
Disk storage is delivered as a service over TCP/IP
Storage Area Network (SAN)
Specialized LAN designed for data transfer/storage
● Transfers data at block level with special protoco
Fibre Channel (FC)
Special purpose hardware providing 1-16 Gbps
Fibre Channel over Ethernet (FCoE)
o Removes need for specialized hardware
o Runs over your Ethernet networks
iSCSI (IP Small Computer System Interface)
o Lower cost, built using Ethernet switches (<10 Gbps)
o Relies on configuration allowing jumbo frames over the
network
Infiniband (Virtualized Storage)
Switched fabric topology for high-performance computing
▪ Very high throughput (>600 Gbps) with very low latency (0.5 µsec)
▪ Direct or switched connection between servers and storage systems
Virtual Firewalls and Routers
▪ To fully virtualize your network, you will need a firewall and router
▪ Manufacturer’s offer virtualized versions of their most popular devices
▪ Virtualized routers and firewalls provide the same features as their
physical counterparts
Virtual Switches
▪ Overcomes the problem of
all virtual servers being on
one broadcast domain
▪ Layer 2 control provides
VLANs and trunking
▪ Provides Quality of Service
and security
Virtual Desktops
User’s desktop computer is run in browser
▪ Used from web, laptop, tablet, or phone
▪ Easier to secure and upgrade for the admins
Software-Defined Networking (SDN)
▪ Provides the administrator with an easy-to-use front end to configure
physical and virtual devices throughout the network
▪ All the configurations are automatically done
▪ Provides administrator and overview of the entire network
Voice over IP (VoIP)
Digitizes voice traffic so that it can be treated like other data on the
network
▪ Uses the SIP (Session Initiation Protocol) to setup, maintain, and tear
down calls
▪ VoIP can save a company money and provide enhanced services over a
traditional PBX solution
VoIP Topology
User’s desktop computer is run in browser
Virtual Private Branch Exchange (PBX) and VoIP
Ability to outsource your telephone system
▪ Utilizes VoIP to send all data to provider, then provider connects it to
telephone system
Cloud Computing
▪ Private Cloud
Systems and users only have access with other devices inside the
same private cloud or system
Public Cloud
● Systems and users interact with devices on public networks, such
as the Internet and other clouds
Hybrid Cloud
● Combination of private and public
Community Cloud
Collaborative effort where infrastructure is shared between
several organizations from a specific community with common
concerns
Models of Cloud Computing
Network as a Service (NaaS)
▪ Infrastructure as a Service (Iass)
▪ Software as a Service (SaaS)
▪ Platform as a Service (PaaS)
Network as a Service (NaaS)
Allows outsourcing of the of a network to a service provider
▪ Hosted off-site at the service provider’s data center and the customer is
billed for usage
▪ Charged by hours, processing power, or bandwidth used like utility
services
▪ Amazon’s VPC or Route 53 offerings
Infrastructure as a Service (IaaS)
▪ Allows outsourcing of the infrastructure of the servers or desktops to a
service provider
▪ Hosted off-site at the service provider’s data center and the customer is
billed for usage
▪ Charged by hours, processing power, or bandwidth used like utility
services
▪ Examples
● Amazon Web Services (AWS)
● Microsoft’s Azure
Software as a Service (SaaS)
▪ User interacts with a web-based application
▪ Details of how it works are hidden from users
▪ Examples:
● Google Docs
● Office 365
Platform as a Service (PaaS)
Provides a development platform for companies that are developing
applications without the need for infrastructure
▪ Dion Training uses PaaS for our courses
▪ Examples:
▪ Pivotal
● OpenShift
● Apprenda
Desktop as a Service (DaaS)
Provides a desktop environment that is accessible through the Internet in
the form of a cloud desktop or virtual desktop environment
● Virtual Desktop Infrastructure (VDI)
Cloud Concepts
o Elasticity
Attempts to match the resources allocated with the actual amount of
resources needed at any given point in time
▪ Elasticity is focused on meeting the sudden increases and decreases
in the workload
o Scalability
Handles the growing workload required to maintain good performance
and efficiency for a given software or application
● Elasticity
o Short-term addition or subtraction of resources
● Scalability
o Long-term planning and adoption
Vertical Scaling (Scaling Up)
▪ Increasing the power of the existing resources in the working
environment
Horizontal Scaling (Scaling Out)
▪ Adding additional resources to help handle the extra load being
experienced
● Vertical- Scalability
● Horizontal- Elasticity
▪ Scaling out provides more redundancy and results in less downtime
Multitenancy
Multitenancy
▪ Allowing customers to share computing resources in a public or private
cloud
● Better storage/access
● Better use of resources
● Lower overall cost
▪ Multitenancy might cause your data to be hosted on the same physical
server as another organization’s data
● When an organization crashes a physical server, all of the
organizations hosted on that same server are affected
● An organization failing to secure its virtual environments hosted
on a shared server poses a security risk for the other organizations
hosting on that same server
Set up virtual servers in the cloud with proper failover, redundancy, and
elasticity
● Complex passwords
● Strong authentication
● Strong encryption
● Strong policies
Virtual Machine (VM) Escape
Occurs when an attacker breaks out of one of the isolated VMs and
begins to directly interact with the underlying hypervisor
▪ Host virtual servers on the same physical server as other VMs in the same
network
Infrastructure as Code (IAC)
Enables managing and provisioning of infrastructure through code instead of
through manual processes
▪ Virtual machines
▪ Virtual devices
▪ Scripted automation and orchestration
● Orchestration
o Process of arranging or coordinating the installation and
configuration of multiple systems
▪ Lower costs
▪ Speed up deployments
▪ Increase security
● Snowflake Systems
o Any system that is different from the standard
configuration template used within your organization’s IaC
architecture
o Keeping things consistent and using carefully-developed
and tested scripts
Connectivity Options
o Virtual Private Network (VPN)
▪ Establishes a secure connection between on-premises network, remote
offices, client devices, and provider’s global network
● Amazon Web Services- Direct Connect Gateway
● Microsoft Azure- Azure Private Link
Private-Direct Connection
▪ Extends preexisting, on-premise data center into the provider’s network
to directly connect to your virtual private cloud network
Datacenter Architecture
o Datacenter
Any facility that businesses and other organizations use to organize,
process, store, and disseminate large amounts of data
o Types
▪ Three-tiered hierarchy
▪ Software-defined networking
▪ Spine and leaf architecture
▪ Traffic flows
▪ On-premise versus hosted datacenters
Datacenter benefits
Performance
▪ Management
▪ Scalability
▪ Redundancy
Software-Defined Networking (SDN)
Enables the network to be intelligently and centrally controlled, or
programmed, using software applications
▪ Application Layer
● Focuses on the communication resource requests or information
about the network as a whole
▪ Control Layer
● Uses the information from the applications and decides how to
route a data packet on the network
▪ Infrastructure Layer
● Contains the network devices that receive information about
where to move the data and then performs those movements
● Provides a layer of abstraction between the devices and
the control and data flow that happen on the network
▪ Management Plane
● Used to monitor traffic conditions and the status of the network
Architectures
▪ Spine and Leaf Architecture
● An alternative type of network architecture that focuses on the
communication within the datacenter itself
Spine and leaf architecture can give faster speeds and lower
latency
● This architecture can be used in combination with the standard
three-tiered hierarchy
● North-South
o Traffic that enters or leaves the data center from a system
physically residing outside the datacenter
o Northbound is data leaving the datacenter
o Southbound is data entering the datacenter
● East-West
o Refers to data flow within a datacenter
● On-premise
o A traditional, private data infrastructure usually located in
the same building as the main offices
● Co-located
o A datacenter environment owned by another company
● Cloud-based
o Migrating company data out of own server and
datacenters and into a cloud service provider’s servers
and datacenters
