Ben Piper

CompTIA Cloud+ Study Guide


Скачать книгу

Community cloud

      Hybrid Cloud

Schematic illustration of hybrid cloud.

      When you use multiple cloud providers redundantly, it's called a multicloud deployment. Multicloud deployments are common when there's a need to avoid the unlikely failure of an entire provider, or to avoid cloud provider lock-in.

      Colloquially, a hybrid cloud may also refer to connecting cloud-based resources to a data center or office. Although technically this isn't a hybrid cloud, understand that this is actually what most people mean when they use the term.

      Introducing Cloud Concepts and Components

      Cloud deployments make heavy use of on-demand self-service provisioning, resource pooling via virtualization, rapid elasticity, and a metered or pay-as-you-go pricing model. In this section, we will discuss some common cloud concepts and components.

      Applications

      The term application is broad, but it usually refers to the software that an organization's end users interact with. Some examples include databases, web servers, email, big data, and line-of-business software applications.

      Automation

      Automation plays a critical role in modern cloud services. Cloud providers employ proprietary automation software that automates the deployment and monitoring of cloud resources, including network, storage, and compute. Automation makes rapid deployment and teardown possible, and it gives users granular control over their cloud usage.

      Compute

       IaaS Compute may refer to an IaaS service that lets you provision virtual machines, storage, and networking resources in the cloud.

       Serverless/FaaS Compute can also refer to what the marketers call serverless computing and what the technophiles call function-as-a-service (FaaS). In this model, the cloud provider hands you a slick interface into which you can upload your own application code written in a variety of programming languages, and the cloud provider executes it on compute infrastructure that they fully manage. This model obviates the need to provision virtual machines. Instead, the cloud provider handles the compute infrastructure, so all you have to do is deal with the application code. FaaS is a type of PaaS offering.

      I've never figured out why it's called compute instead of the more familiar computing. My best guess, however, is that it's to distinguish the cloud model from the data center model. The term compute is used almost exclusively of cloud infrastructure.

      Networking

      Cloud providers offer most of the traditional networking functionality that you would find in a data center. The difference is that in the cloud, the networking functions provided by traditional firewalls, routers, switches, and load balancers are implemented in the provider's proprietary software. The upside of this approach is that it allows the provider to achieve high availability for these core networking functions.

      In the IaaS model, cloud providers also offer Domain Name System (DNS), Dynamic Host Configuration Protocol (DHCP), and virtual private cloud networks as part of the service, so you don't have to spin up your own DNS or DHCP servers as you would in a data center environment.

      Security

      Just as security is a critical component in private and corporate data centers, so is it in the cloud. Cloud service providers offer many security services, including firewalls, access control, intrusion detection and prevention systems, and encryption services.

      Storage

      Connecting the Cloud to the Outside World

      Cloud providers give you complete control over how open or closed your cloud resources are to the rest of the world. If you want to offer a service that's available to anyone anywhere in the world, you can do that. Ubiquitous access refers to the ability to access cloud resources from anywhere in the network from a variety of devices such as laptops, tables, smartphones, and thin or thick clients. On the other hand, if you want to restrict access only to those within a particular office, you can do that as well. Because most cloud providers are security-conscious, they prohibit access to your cloud resources by default. You have to explicitly allow access.

      Deciding Whether to Move to the Cloud

      Organizations that blindly decide to move some of their IT infrastructure to the cloud are sometimes met with an unpleasant surprise when they find out how difficult and expensive it can be. It's not necessarily that the cloud is prohibitively expensive. The surprise comes from failing to understand the dependencies that exist among different IT resources in the data center. When one IT resource moves from the data center to the cloud, it usually has to drag a few other resources with it. For example, moving a database-backed application probably requires moving the database, which might be quite large. Naturally, whoever manages that database is going to have to back it up, so backups will have to be stored in the cloud as well.

      Hence, you must have a very clear and detailed understanding of what it is that you are actually moving. This means having updated documentation that reflects all aspects of your operations. To perform a migration, you must know exactly which applications you are running, their dependencies, along with any storage, network, operating system, processing, memory, and any other relevant requirements. The more detailed assessment of your current operations, the better equipped you are to decide whether it makes sense to move to a cloud-based model.

      Selecting Cloud Compute Resources

      Let's talk about some considerations for migrating on-premises compute resources into the cloud. In the data center, you have virtual machines. It's often possible to migrate a virtual machine directly to the cloud, but the better approach is usually to create a new virtual machine in the cloud and configure it from scratch. One reason for this is that a virtual machine running in your data center will have drivers and other software specific to the virtualization platform that you're using, which will undoubtedly be different than what the cloud provider is using. Performing a “lift and shift” migration to the cloud is asking for trouble.