Cloud & the Datacenter

Question 1

Virtual Servers

Answer 1

Multiple virtual instances exist on a single physical server.
Multiple Windows & Linux servers running simultaneously.
Considerable cost savings for an IT budget
Allows for consolidation of physical servers
Multiple NICs increase bandwidth available

Question 2

Hypervisor

Answer 2

Specialized software that enables virtualization to occur.
Hypervisor is the software that emulates the physical hardware.
Also called a VMM (Virtual Machine Monitor)

VMWare ESXi | VMWare Workstation
Hyper-V
Virtual Box

Question 3

SAN

Answer 3

Storage Area Network:
Specialized LAN designed for data transfer/storage
Transfers data at block level with special protocol

Question 4

SAN: Fibre Channel (FC)

Answer 4

Special purpose hardware providing 1-16Gbps

FCoE (Fibre Channel over Ethernet)
Removes need for specialized hardware
Runs over your Ethernet networks

Question 5

SAN: iSCSI

Answer 5

IP Small Computer System Interface:
Lower cost, built using Ethernet switches (<10Gbps)

Relies on configuration allowing jumbo frames over the network

Question 6

Infiniband (Virtualized Storage)

Answer 6

Switched fabric topology for high-performance computing.

Very high throughput (>600Gbps) with very low latency (0.5 microseconds)

Direct or switched connection between servers & storage system

Question 7

Virtual Firewalls & Routers

Answer 7

To fully virtualize your network, you need a firewall/router.

Virtualized firewall/routers provide the same features as their physical counterparts.

Question 8

Virtual Switches

Answer 8

Overcomes the problem of all virtual servers being on one broadcast domain.

Layer 2 control provides VLANs & trunking
Provides QoS & security

Question 9

Virtual Desktops

Answer 9

User’s desktop computer is run in a browser
Used from web, laptop, tablet, or phone
Easier to secure & upgrade for the admins

Question 10

SDN

Answer 10

Software-Defined Network:
Provides the admin with an easy-to-use front end to configure physical & virtual devices throughout the network

All the configurations are automatically done
Provides admin an overview of the entire network

Question 11

VoIP

Answer 11

Voice over IP:
Digitizes voice traffic so that it can be treated like other data on the network.

Uses SIP (Session Initiation Protocol) to setup, maintain, & tear down calls.

Can save a company money & provide enhanced services over a traditional PBX solution

Question 12

Virtual PBX & VoIP

Answer 12

Virtual Private Branch Exchange & VoIP:
Ability to outsource your telephone system

Utilizes VoIP to send all data to provider, then provider connects it to telephone system.

Question 13

Public Cloud | Private Cloud | Hybrid Cloud

Answer 13

Private: Systems & users only have access with other devices inside of the same private cloud or system.

Public: Systems & users interact with devices on public networks, such as the Internet & other clouds

Hybrid: Combination of private/public

Question 14

NaaS

Answer 14

Network as a Service:
Allows outsourcing of a network to a service provider
Hosted off-site at the service provider’s data center & the customer is billed for usage

Charged by hours, processing power, or bandwidth used like utility services.

Examples: Amazon’s VPC or Route 53

Question 15

IaaS

Answer 15

Infrastructure as a Service:
Allows outsourcing of the infrastructure of servers or desktops to a service provider.

Hosted off-site at the service provider’s data center & customer is billed for usage

Examples: AWS, Azure

Question 16

SaaS

Answer 16

Software as a Service:
User interacts with web-based application
Details of how it works are hidden from users

Examples: Google Docs, Office 365

Question 17

PaaS

Answer 17

Platform as a Service:
Provides a development platform for companies that are developing applications without the need for infrastructure.

Examples: OpenShift, Apprenda

Question 18

DaaS

Answer 18

Desktop as a Service:
Provides a desktop environment that is accessible through the internet in the form of a cloud desktop or virtual desktop environment.

VDI (Virtual Desktop Infrastructure)

Question 19

Cloud Concepts: Elasticity

Answer 19

Attempts to match the resources allocated with the actual amount of resources needed at any given point in time

Focused on meeting the sudden increases/decreases in the workload

Question 20

Cloud Concepts: Scalability

Answer 20

Handles the growing workload required to maintain good performance/efficiency for a given software/app

Elasticity: Short-term +/- of resources
Scalability: Long-term planning & adoption

Question 21

Cloud Concepts: Vertical Scaling (Scaling Up)

Answer 21

Increasing the power of the existing resources in the working environment.

Question 22

Cloud Concepts: Horizontal Scaling (Scaling Out)

Answer 22

Adding additional resources to help handle the extra load being experienced.

Vertical - Scalability
Horizontal - Elasticity

Question 23

Cloud Concepts: Multitenancy

Answer 23

Allowing customers to share computing resources in a public/private cloud.
(Better storage/access, better use of resources, less overall cost)

May cause data to be hosted on the same physical server as another organization.
(May impose a security risk if one organization on same server fails to secure its virtual environment)

Question 24

Cloud Concepts: VM Escape

Answer 24

When an attacker breaks out of one of the isolated VMs & begins to directly interact with the underlying hypervisor.

Host virtual servers on the same physical server as other VMs in the same network

Question 25

IaC

Answer 25

Infrastructure as Code:
Enables managing/provisioning of infrastructure through code instead of through manual processes

(Virtual machines/devices, scripted automation/orchestration)

Question 26

IaC: Orchestration

Answer 26

Process of arranging/coordinating the installation & configuration of multiple systems

(Lower costs, speed up deployments, increase security)

Question 27

IaC: Snowflake Systems

Answer 27

Any system that is different form the standard configuration template used within your organization’s IaC architecture.

Keeping things consistent & using carefully-developed & tested scripts

Question 28

Cloud: Connectivity Options

Answer 28

VPN:
Establishes a secure connection between on-premises network, remote offices, client devices, & provider’s global network
Ex: AWS Direct Connect Gateway
Azure Private Link

Private-Direct Connection:
Extends preexisting, on-premise data center into the provider’s network to directly connect to your virtual private cloud network
(Cheaper than VPN)

Question 29

Community Cloud

Answer 29

Collaborative effort where infrastructure is shared between several organizations from a specific community with common concerns

Question 30

Private-Direct Connection

Answer 30

Extends preexisting, on-premise data center into the provider’s network to directly connect to your virtual private cloud network

Question 31

Datacenter 3-Tier Hierarchy: Core

Answer 31

1st Layer:
Biggest, fastest, most expensive routers
Backbone of network
Merges geographically separated networks into one logical unit
At least 2 routers operating in redundant configuration

Question 32

Datacenter 3-Tier Hierarchy: Distribution/Aggregation

Answer 32

2nd Layer (Under Core):
Boundary Definitions: Implements ACLs/Filters
Define policies for network; Layer 3 switches
Needs to ensure packets are properly routed between subnets

Question 33

Datacenter 3-Tier Hierarchy: Access/Edge

Answer 33

3rd Layer (Under Distribution):
Used to connect to all endpoint devices

Question 34

SDN Layers: Application Layer

Answer 34

Focuses on the communication resource requests or info about the network as a whole

Question 35

SDN Layers: Control Layer

Answer 35

Uses the information from the applications & decides how to route a data packet on the network

Question 36

SDN Layers: Infrastructure Layer

Answer 36

Contains the network devices that receive info about where to move the data & then perform those movements

Question 37

SDN Layers: Management Plane

Answer 37

Used to monitor traffic conditions & the status of the network

Question 38

Spine & Leaf Architecture

Answer 38

An alternative type of network architecture that focuses on the communication within the datacenter itself

Can give fasters speeds/lower latency than the traditional 3-tiered hierarchy

Question 39

Top-of-Rack Switching

Answer 39

Installing 2 switches in each server
Switches physically installed at the top of the rack
Each server on that rack will have a connection to both switches
Switches = leaves in the Spine & Leaf Architecture

Question 40

Traffic Flow: North-South

Answer 40

Traffic that enters/leaves the datacenter from a system physically residing outside the datacenter

North: Exiting datacenter
South: Entering datacenter

Question 41

Traffic Flow: East-West

Answer 41

Refers to data flow within a datacenter

Question 42

On-Premise Datacenter

Answer 42

A traditional, private data infrastructure usually located in the same building as the main offices

All other offices = branch offices

Question 43

Branch Office Datacenter

Answer 43

If you have slower connections with on-premise, you may need to host some of the datacenter in the branch offices too

Question 44

Co-Located Datacenter

Answer 44

A datacenter environment owned by another company

Question 45

NAS

Answer 45

Network Attached Storage:

Disk storage is delivered as a service over TCP/IP