Cloud Computing Flashcards

Question

Which are the cloud delivery models?

Answer 1

- IaaS - PaaS - SaaS - XaaS These are spcefici, pre-packaged combination of IT resources offered by a cloud provider

Answer 2

- owner: a third party organization - access: at a cost or commercialized via other avenues as publicity

Answer 3

- the owner organization is both the provider and the consumer so there will be department that will be the provider and others that will be the consumers; IT resources are both on-premise and on-demand - the administration can be both internal and external - access: just for the organization members

Answer 4

- ownership: one or more organizations independent one from another - access: for community members at different levels. they share the responsibility to define and evolve the community cloud

Answer 5

- the sum of two or three different models - example: private cloud for sensitive data and public one for the other - difficult to divide the ownership

Answer 6

- autonomous environment - raw resources (hardware, network, connectivity, OSs, ...) are virtualized and than packaged to make them easily runnable and customizable - they aren't preconfigured but they are offered as freshly initialized virtual instances -> the consumer has a high level of control of the configuration and the utilization. of the resources - responsibilities: patching OS, updating apps, enforcing security, network configuration... - they are packaged and a cloud consumer can access them using interfaces and tools offered by the cloud service

Answer 7

- lower level control than IaaS because PaaS has pre-configured and ready-to-use resources It is chosen when there is the need to extend the on-premise environment or to entirely substitute it, or to make available just some services, or when he doesn't want to worry about setting up the env

Answer 8

- everything is pre-configured because SaaS is a program software that is made available as a product, a generic utility Why it is not a simple cloud service but a SaaS? Because it is reusable and widely available to cloud consumers

Answer 9

- X: everything/anything/X - benefits: controlled and lowered costs, lowered risks, innovation is accelerated

Answer 10

- ... - Virtualization - Containerization

Answer 11

it's the process of creating an abstraction level over the physical layer such that there can be more virtual computers THAT ARE THE VMs

Answer 12

- Guest OS: it doesn't know it is running on something virtual. It. runs on a virtual hardware that has to be as similar as possible to the real one. Its characteristics are defined in the virtual hardware profile - Host OS: is the OS running on the underlying physical layer. IT HAS TO VIRTUALIZE THE HARDWARE. It works together with the Hypervisor and the Virtual Machine Monitor VMM (that are almost the same thing) - Hypervisor: it is responsible of the hosting and the management of the VMs and it directly runs on the physical hardware so it is limited by it - VMM: it provides abstraction of hardware resources to have VMs and it provides the virtual env for the guest OS

Answer 13

- security - scalability: multiple copies of the same VMs - portability: you can copy VMs and clone them with the OS already installed. You can relocate VMs in the network as needed by the workload. You can make VMs a on-premise structure and the again. cloud based structure - flexibility: creating a VM and installing it is easier and faster than installing an OS on a physical computer - Resource utilization and improved ROI

Answer 14

- it is the abstraction layer that we find among the physical one and the VMs - it coordinated VMs - it is like a interface between the psychical layer and the VMs - it makes possible for the VMs to access the needed resources and thanks to it the various VMs doesn't interfere one with another - we have two type of hypervisors: bare metal virtualization and residence/hosted virtualization

Answer 15

- performance - ecosystem - management tools: you need them to avoid VMs sprawl -> maintain, audit and clean up the VMs to avoid it -> tools - live migration: you can move VMs without stopping them -> good for failover and workload balancing - cost: license to have an hypervisor technology + hypervisor itself + management tools + license to sell it

Answer 16

1. bare metal virtualization: it directly runs on the physical computer -> it interacts with CPU, memory, physical storage it takes the place of the host OS and thanks to the direct access it is highly efficient -- monolithic : the hypervisor contains the kernel, device drivers, I/O stack, isolation and -- microkernelized: the hypervisor layer is really thin and only takes care of isolation and memory. it works with the "parent PARTITION" that takes care of IO stack and drivers 2. hosted/configured virtualization: it runs on an app and it is good for individual PCs that wants to run multiple OSs- It often has tools to install. It is a quick and easy way to access an alternative OS but there is some latency due to the fact that the access to the psychical layer is not direct but done via the host OS -> Type 1 substitutes the host OS and works over the physical layer, Type 2 works over it

Answer 17

These define how we run the guest OS. - full - para (OS assisted) - HW assisted (Hardware Virtual Machine, HVM)

Answer 18

(These define how we run the guest OS) It completely abstract the OS from the hardware so the guest OS is unaware that is is a guest and there are not modification of the hardware neither its assistance. Calls from the guest Os are translated on the fly by the hypervisor

Answer 19

(These define how we run the guest OS) - it is efficient and lightweight, it has a near-native performance - the hypervisor provides an Api used by the guest OS so there are modifications of the host OS - kernel support and drivers are required

Answer 20

(These define how we run the guest OS) - this is a full virtualization with hardware help - no API -> no modifications of the host OS - the hypervisor only traps sensitive calls ADDED TO x86 in 2006

Answer 21

System, Desktop, Server, application and storage

Answer 22

- most used - the OS is separated from he physical hardware - one ore more OS can be installed and run simultaneously without effecting each other - for the apps in the os there is no difference between the guest and the host ok to have more VMs on a device

Answer 23

one server is virtualized in several servers thanks to the VMs

Answer 24

all the storage of the network are put in the same virtual places and with a storage pooling they are assigned to the VM that needs some storage

Answer 25

it lets you run multiple desktop OS each on its own virtual machine - Virtual Desktop Infrastructure: desktops and apps are hosted on physical servers by an organization. The organization has to build its own virtualization hardware and server and then vendors offer different license models based on persistent or non-persistent desktop per user or per machine basis High amount of labor - Remote Desktop Services: desktop and apps sessions hare hosted on a shared desktop on windows server -> it requires a Windows Server desktop environment. Each client needs an access license Medium amount of labor - DaaS: desktop and apps are hosted in the cloud by a third-party vendor -> no server or data centers investments Low amount of resources and labor

Answer 26

only apps are run on a WM and this permits to use them without installing them in local -> the OS and the end user's device run as usual -> ≠ desktop virtualization - Local Application Virtualization: the app runs on the endpoint device but in runtime it runs on a virtual env instead of the native one - Application streaming: the app lives on the server and sends small pieces of work to run on the end user device - Server-based Application Virtualization: the app runs entirely on the server and the user just sees the result via an interface

Answer 27

VMWare, Hyper-V, Citrix Systems Xen Server

Answer 28

When the operational overhead of a VM is not acceptable but we want scalability (horizontal and vertical!!), elasticity, isolation (VM's characteristics) and the possibility to migrate the system

Answer 29

Software virtualization technologies: OS level virtualization and application level virtualization. With the OS one the hypervisor is the Linux kernel itself so is no longer needed a dedicated hypervisor. With the Linux cgroup we saw that with that Linux kernel feature (that is the cgroup itself) you can implement OS virtualization

Answer 30

a virtual environment. The virtualization technologies used create virtual environments that have less resource management and isolation than what a VM has.

Answer 31

In the virtual envs

Answer 32

- fine-grained control physical. resources - guarantees that we have security and isolation between the virtual environments - possibility to manage virtual envs all together and even better in combination with a cloud toolkit to deploy, migrate, etc VMs, containers, etc

Answer 33

using cgroups and namespaces that were originally used just to make a good isolation between processes

Answer 34

- CPU - Disk - Memory limitation and I/O rate - Network isolation - Check-pointing and live migration - File system isolation - Root privilege isolation

Answer 35

It is the sum of a Linux kernel feature and user-space tools - the linux kernel feature permits to limit, account, isolate and deny resources to groups of process or to just a single process - using this you can implement OS virtualization - user space tools handle the mechanism used by the kernel feature to control the groups

Answer 36

- accounting: measure of a group's resources usage - resource limiting: resources can be set to not exceed a certain quantity for a group - control: groups of processes can be stopped and restarted - prioritization: it can be prioritize to give resources to a group instead of another

Answer 37

Linux has currently 7 of them - a namespace job is to wrap a global resource making it abstract so that processes within the namespace think that they have their own instance of that resource - one of the biggest goal is to support containerization

Answer 38

- good for processes isolation but they have limitations for other things - cannot be used to handle an entire datacenter without being integrated with other tools -> extension needed - flexible but difficult to use - difficult to turn a full container on - it is not guaranteed the possibility to have app portability to run it somewhere else

Answer 39

Horizontal due to the downtime required while a resource replacing is taking place with the vertical scaling

Answer 40

it is a executable unit of software made of application code, libraries, dependencies and NOT of the guest OS.

Answer 41

A container does not have a guest OS so it does use the features and resources of the host OS -> form of OS virtualization Namespaces

Answer 42

It must not be taken for granted

Answer 43

Group of processes

Answer 44

1. Manually: into the machine is put SSH on which Docker runs -> easy, available everywhere, no tools needed -> not automated, not easily reproducible, not self healing, not scalable 2. Via scripting: ex. Puppet, Chef -> integration with the existing envs, understandable, REPRODUCIBLE -> not automated, not self healing, not scalable, not portable, MANUAL SCHEDULING 3. Via a dedicated orchestrator: automated matching of the container to the machine without the human intervention ex. Kubernetees, Mesos, Docker Swarm -> AUTOMATED, REPRODUCIBLE, SCALABLE, SELF-HEALING, PORTABLE -> some overhead, needed tools and training, more complex result

Answer 45

VMs: better isolation, better security, con use different OSs Containers: faster, lighter thanks to the better resource usage, agile app creation and deployment, distribution portability

Answer 46

- Microservices - app modernization and migration - DevOps = microservices as the architecture + containers as a platform - Hybrid cloud and multi cloud: good for organizations that have to operate across multiple places in combination with their own data center

Answer 47

it is a software development technique made of a collection of loosely coupled services ≠ monolith application

Answer 48

Monolith: no differentiation between different components, when one of them changes the app has to be entirely tested -> not scalable: the application can only be installed in the same VM

Answer 49

Not with a VM because a VM is like a server in which all the components are hosted together => containers

Answer 50

Single responsibility principle of object oriented design: a software module must take care of a single actor where actor is a group of users that requires a. change in the module

Answer 51

Docker: is the tool for create LINUX CONTAiNERS (LXC) Kubernetees: it is an orchestrator. it is the platform for scheduling and automating the deployment, management and scaling of containers in a single machine. It is a container cluster

Answer 52

1. better virtualization of Linux kernel processes 2. it adds some features to make containers easy to build, deploy, manage, secure 3. Docker does not make modifications to the OS so it is portable ≠ VM 4. in a container multiple processes can run simultaneously and one of them can be stopped and update while the others are still running 5. if you give to Docker an app source code it can directly create the container 6. Docker can keep the versions saved, from the oldest to the newer and perform roll backs ; It can also upload only the differences between two versions 7. the same image can be reused to create different containers 8. community: shared containers libraries

Answer 53

1. Docker file: it is a text file with the instructions to build the container. It's a list of CLI instructions The instructions are the same regardless the content, the env, ecc. 2. The docker file is run by the docker engine to create the docker image 3. Docker image = executable app source code + libraries + dependencies + tools An image is made of layers and each layer is a version of the image A DOCKER IMAGE IS A READ-ONLY FILE AND IT IS JUST A "DEAD" INSTANCE OF THE CONTAINER 4. Docker container: it is the LIVE RUNNING INSTANCE OF THE IMAGE -> executable content Docker daemon: service that creates the Docker Images so it is a control server of the implementation and this service run on a server called Docker Host Docker registry: it I s open source storage for Docker Images. You can find images versions in repositories

Answer 54

During the app lifecycle

Answer 55

1) Rolling deployments 2) Service discovery 3) Load balancing 4) Health checking 5) Cluster networking 6) Storage provisioning 7) Autoscaling 8) Declarative configurations

Answer 56

Deployments: Kubernetees can deploy a number of containers to a specific host and keep them up. Sometimes it can be a zero-time deployment Rollouts: it is a change of version. Kubernetees can stop, restart, shut down and roll out A rollout can be done: - uploading one container at a time monitoring the system health and at the end kill the old version - blue-green deployment: the two version are run simultaneously and traffic goes to the new version only when it is stable

Answer 57

This task takes care of exposing containers and users one to another and to the extern. For example it is done with DNS

Answer 58

Kubernetees can balance internal and external requests and can do it: - cloud provider load balancers - internal balancers

Answer 59

kubernetees is self-healing so it can restart-replace-take down a container when it is sick

Answer 60

This kub. task takes care of IPs to connect running containers and apps

Answer 61

Kubernetees provides local or cloud storage for its containers

Answer 62

Kubernetees monitors the available resources and according to the evaluated parameters it can increase or decrease the number of containers for the app

Answer 63

Thanks to this task the user can describe the app desired state and the orchestrator takes care of everything. If the app is created this way it is possible to review, test and control the deployment. It's easy the roll-back too ≠ imperative configuration: the user has to define and manually execute actions to reach the state -> error-prone and rollback are difficult

Answer 64

- outside: KUBECTL - control plane = controller + api server + scheduler + ETCD - Cluster = Node + Pods + containers + Container runtime + Kube-proxy

Answer 65

CLI used by developers to manage clusters

Answer 66

- controller: it observes the cluster state and drive it to the desired one - ETCD: to store all clusters data - Scheduler: it schedules pods into the nodes of the clusters - API server

Answer 67

It is a container cluster and performs its functions on multiple nodes (worker server). These nodes are controlled and managed by the control plane; they are grouped in the clusters. Each node is a physical/virtual compute host. The first Node is the master worker and it is the control plane of the cluster and so it does the scheduling for the other nodes The other nodes are called worker nodes and their job is to run the containerized application using tools such as Docker. They use KUBELET that is a software agent that, working with the KUBE-API SERVER (control plane component), receives and executes master node orders Each node contains multiple Pods that contain multiple containers. A POD is the basic execution unit of a Kubernetees app. Containers in the same. pod share storage, network namespaces and port space -> they work together to perform a task Posare rolledaout using DEPLOYMENTS that are objects of a YAML file that declare the desired state. They allow to easily horizontal scaling and make replicas and perform a rolling update to an image version simply changing the file content Kube-proxy: manages network rules on the host Container runtime: (Docker) it first takes the container image and then executes and launches it

Answer 68

It can be created to group similar pods to receive traffic and to grant to Pods replicas a static IP It allows the usage of cloud provider firewalls