Lesson 20: Summarizing Cloud and Datacenter Architecture Flashcards
Define Scalability
The costs involved in supplying a cloud service to more users are linear; If need of the service doubles so will the price.
How can an organization achieve scalability?
Achieved by provisioning more nodes (horizontal/scaling out) or by provisioning more resources to each node (vertical/scaling up).
Define Elasticity
A computing environment or system that can instantly react to both increasing and decreasing demands in workload.
How can elasticity save cost from a cloud provider?
The system being able to self provision resources allows for cost of service to be lower when the demand for resources is low.
How do cloud providers achieve scalability and elasticity?
Provisioning and deprovisioning resources automatically using resource pooling and virtualization.
Define resource pooling
The hardware making up the cloud provider’s datacenter is not dedicated or reserved to a single customer account allowing he provider to provision more CPU, memory, disk, or network resource using management software.
List the current cloud deployment models
- Public
- Hybrid
- Hosted Private
- Private
- Community
Define a public could deployment
A service offered over the Internet by cloud service providers (CSPs) offering subscriptions or pay-as-you-go financing.
Define a hosted private cloud deployment
Hosted by a third party for the exclusive use of the organization.
Define a private cloud deployment
Cloud infrastructure that is completely private to and owned by the organization.
Define a community cloud deployment
Aeveral organizations share the costs of either a hosted private or fully private cloud.
Define a hybrid cloud envrionment
A cloud computing solution that implements two of the other cloud deployment models.
What are the current cloud service models?
- Infrastructure as a Service (IaaS)
- Software as a Service (SaaS)
- Platform as a Service (PaaS)
- Desktop as a Service (DaaS)
Define Infrastructure as a Service (IaaS)
Cloud service model that provisions virtual machines and network infrastructure.
Define Software as a Service (SaaS)
Cloud service model that provisions fully developed application services to users.
What are examples of Software as a Service (SaaS)?
Salesforce, RingCentral, Office 365
Define Platform as a Service (PaaS)
Provides resources from IaaS and SaaS; Cloud service model deploying infrastructure and application services allowing further development of the resources by the tenant
List examples of Platform as a Service (PaaS)
Microsoft Azure SQL Database; Oracle Cloud Database; Google App Engine™
Define Desktop as a Service (DaaS)
Cloud service model that provisions desktop OS and applications software.
Define virtual desktop infrastructure (VDI)
The byproduct of Desktop as a Service (DaaS); Cloud provisioned desktop OS and applications software.
Define cloud connectivity
The mechanism by which clients connect to the cloud service.
Define infrastructure as code (IaC)
Provisioning architecture in which deployment of resources is performed by scripted automation.
What is the main goal of Infrastructure as Code (Iac)?
To eliminate snowflake systems.
Define a snowflake system
A configuration or build that is different from any other.
What are are issues that can arise from a snowflake system in an environment?
Leads to security issues, such as patches that have not been installed, and stability issues, such as scripts that fail to run because of some small configuration difference.
What is infrastructure as code (IaC) defined as?
Automation
Define automation
Using scripts/code and APIs to provision and deprovision systems without manual intervention or to complete a task without intervention.
What are the two main types of automation tools?
- Imperative tools
- Declarative tools
Define declarative automation
Defining an end-state, and the automation platform does the work of reconciling the input/goal, current status, and what needs be done to achieve the input/goal.
Define imperative automaiton
A series of actions are executed in a specific order to achieve an outcome.
Define orchestration
Automation of multiple coordinated steps in a deployment process; also known as imperative automation
How can imperative automation also be defined as?
Orchestration
Define a cloud responsibility matrix and its purpose to a tenant
Documentation listing which security and management tasks are the responsibility of the cloud provider and which are the responsibility of the cloud consumer.
Define colocation
An organization hosting servers or services at a datacenter or 3rd party.
Define a hypervisor
Software or firmware that creates and manages virtual machines on the host hardware.
What are the two types of hypervisors?
Type 1 and Type 2
List a examples of type 2 hypervisors
VMware workstation Oracle virtual box
Define a type 2 hypervisor
Host-based, running as software on the OS to utilize the hosts physical hardware to create virtual machines
Define a type 1 hypervisor
Bare metal virtual platform; installed directly into the host to manage hardware resources without the need for a host OS
List examples of a type 1 hypervisor
Hyper-v, VMware EXSI Server
Define an internal virtual switch
Isolates the virtual machines but allows network switching between the Hyper-V host and the virtual machines.
What are the 3 types of virtual switches that can be created in hyper-v?
- External
- Internal
- Private
Define an external virtual switch
Linked to the physical NIC of the Hyper-V host and allows access to the
LAN network.
How is the MAC address for a virtual NIC (vNIC) configured?
In the hypervisor settings for the specific VM.
Define a private virtual switch
Creates a switch that is usable only by the VMs. They cannot use the switch to communicate with the host.
Define Network Function Virtualization (NFV)
Provisioning virtual network appliances, such as switches, routers, and firewalls, via VMs and containers.
What are the 3 domains of Network Function Virtualization (NFV)?
- Virtual Network Function (VNF)
- NFV infrastructure
- Management and orchestration (MANO)
Define Virtual Network Function (VNF)
VNF replaces network hardware with software that virtualize network services.
What are examples of Virtual Network Functions (VNFs)
Routers, directory services, firewalls, load balancers.
Define NFV infrastructure
Consists of the infrastructure components on a platform to support the hypervisor and its VMs.
What are examples of the components in NFV infrastructure?
CPU, storage, NIC/cabling, RAM
Define Management and orchestration (MANO)
Framework for the management and orchestration of all resources in a virtualized data center including compute, networking, storage, and virtual machine (VM) resources.
Define a storage area network (SAN)
Network dedicated to provisioning storage resources, typically consisting of storage devices and servers connected to switches via host bus adapters.
What is the best practice topology of a storage area network (SAN)
Isolated from the main network; Only accessed by servers not clients machines.
What is the typical use case for a storage area network (SAN)
SAN clients are servers running databases or applications that require access to shared storage.
Define Fibre Channel
High speed network communications protocol used to implement SANs
Define an initiator in a SAN
A client device of the SAN, such as a file or database server installed with a fibre channel host bus adapter (HBA).
Define an FC switch in a SAN
Interconnects initiators and targets and should be configured as a mesh topology for fault tolerance.
Define a target in a SAN
The network port for a storage device in a SAN (single drive, RAID array, tape drives)
What is used to identify initiators and targets in a SAN?
Identified by 64-bit WorldWide Names (WWN).
Define east-west traffic
Design paradigm accounting for the fact that data center traffic between servers is greater than that passing in and out (north-south).
Define Internet Small Computer System Interface (iSCSI)
IP tunneling protocol that enables the transfer of SCSI data over an IP-based network to create a SAN without the use of fibre channel, fibre switches, fiber links, or, FCoE.
Define north-south traffic
Desgin paradigm representing traffic from clients outside a data center or cooperate office; Traffic from the client to the server passes “north” from the client’s switch to the router and then back “south” to the server’s switch.
Define an overlay network
Virtual network of nodes and logical links built on top of an existing network to enable new services or functions without needing to reconfigure an entire network design.
Define Software defined networking (SDN)
APIs and scripts along with compatible hardware/virtual appliances allowing for programmable network appliances and systems.
What are the 3 layers of Software defined networking (SDN)?
- Application Layer
- Control Layer
- Infrastructure Layer
Define the function of the application layer in Software defined networking (SDN)
Defines policies such as segmentation, ACLs, and traffic prioritization and policing/shaping to determine where traffic should go and how it should go to its destination.
Define the function of the infrastructure layer in Software defined networking (SDN)
Devices (physical or virtual) that handle the actual forwarding (switching and routing) of traffic and imposition of ACLs and other policy configurations for security.
Define the function of the control layer in Software defined networking (SDN)
Contains the SDN controller that manages northbound API communications to the application layer and southbound API communications to the infrastructure layer.
Describe a spine and leaf topology
Topology comprising of a top tier of aggregation/distribution switches forming a backbone that connects a leaf tier of top-of-rack switches which connect to servers.
Define the spine layer in a spine and leaf topology
Comprises a backbone of top-tier switches; The spine switches are not linked to one another.
Define the leaf layer in a spine and leaf topology
Contains access switches that are connected to each spine switch in a full mesh topology; The access switches never have direct connections to one another.
How does a spine and leaf topology decrease latency?
Since there are no direct connections between spine switches in the backbone or between leaf switches, the network is loop free and each server is only ever a single hop from the backbone making routes faster.
Since spine and leaf topology is considered a mesh topology, how is traffic distributed to the leaf layer?
Servers are connected to multiple leaf switches for multipath redundancy, using a first hop gateway protocol to determine the active path.
Since spine and leaf topology is considered a mesh topology, how is traffic distributed to the spine layer?
Each leaf switch runs a protocol called Equal Cost Multipathing (ECMP) to distribute traffic between the links to the spine switches.
Define a top-of-rack (ToR) switch
High-performance switch model designed to implement the leaf tier in a spine and leaf topology.
Define Multiprotocol Label Switching (MPLS)
Network protocol used by service providers to implement private WAN links and virtual private networks with traffic engineering (congestion control), Class of Service, and Quality of Service.
