alt="Schematic illustration of synchronous replication."/>
FIGURE 1.17 Synchronous replication
With asynchronous replication, the data is first written to the primary storage system in the primary storage facility or cloud location. After the data is stored, it is then copied to a remote location on a delayed or scheduled basis, as shown in Figure 1.18.
FIGURE 1.18 Asynchronous replication
One common use case for asynchronous replication involves taking scheduled snapshots of VM storage volumes and storing those snapshots offline. The snapshots may also be replicated to a remote location for safekeeping. If you ever need to restore the VM, you can do so from the snapshot.
Another example of asynchronous replication is the creation of database read replicas. When an organization needs to run intensive, complex reports against a database, it can tax the database server and slow it down. Rather than taxing the primary database server, which might be performing critical business functions, you can asynchronously replicate the data to a read replica and then run your reports against the replica.
Asynchronous replication can be more cost effective than implementing a synchronous replication offering. Cloud providers often charge for data transfer between regions or availability zones. Because asynchronous replication is not in real time, there's typically less data to transfer.
Understanding Load Balancers
Loose coupling (also called decoupling) is a design principle in which application components are broken up in such a way that they can run on different servers. With this approach, redundant application components can be deployed to achieve high availability and scalability.
Let's take a look at a familiar example. Most database-backed web applications decouple the web component from the database so that they can run on separate servers. This makes it possible to run redundant web servers for scaling and high availability.
But loose coupling introduces a new challenge: If there are multiple web servers that users can access, how do you distribute traffic among them? And what if one of the servers fails? The answer is load balancing. A load balancer accepts connections from users and distributes those connections to web servers, typically in a round-robin fashion. When a load balancer sits in front of web servers, users connect to an IP address of the load balancer instead of an IP address of one of the web servers.
Other load balancing functions may include SSL/TLS termination, compression, and session tracking. Load balancers can integrate with autoscaling and server health checks so that if a web server becomes unreachable, the load balancer will detect the failure and trigger an automatic replacement or recovery action. With load balancing, you can effortlessly achieve redundancy and scalability, as shown in Figure 1.19.
FIGURE 1.19 Load balancing web servers
Cloud Testing
As you progress through this book, I will include information on the testing and validations that are required to ensure that changes and ongoing operations are valid and working as expected. In this chapter, you'll be introduced to three validations. Vulnerability and penetration tests are security-related, and I will expand my discussion of them throughout this book. You'll be introduced to load testing to ensure that your application works as expected when it is deployed into a heavily used production network.
Vulnerability Testing
Vulnerability testing is used to find objects in your cloud deployment that can be exploited or that are potential security threats. The vulnerability scanner is an application that has a database of known exploits and runs them against your deployment to see whether your cloud deployment may be susceptible or have security holes that need to be remediated. The scanner will detect and report on weaknesses in your cloud deployment. For example, if you're running an older version of a content management system (CMS) that's easily hacked, a vulnerability scan can alert you to this before you become a victim.
Penetration Testing
Penetration testing is the process of trying to exploit vulnerabilities that exist in your infrastructure. Pentesting is usually performed from outside your cloud deployment to assess the ability to access systems into your cloud from, for example, the Internet. Cloud providers have strict rules for how and when you can perform penetration testing, typically requiring advance permission and coordination with the provider. Some examples of penetration testing include trying default or easy-to-guess usernames and passwords and looking for open Transmission Control Protocol/User Datagram Protocol (TCP/UDP) ports.
Performance Testing
Performance testing (sometimes called load testing) puts a demand or load on your application or compute system and measures the response. By performing load testing, you can determine how your applications and cloud deployment can be expected to perform in times of heavy production usage. Load testing helps you determine a system's behavior under both normal and anticipated peak load conditions. All systems will fail at some point when under heavy loads, and by performing tests, you can identify and rectify any issues on your design.
Regression Testing
Frequent software updates are a part of the IT landscape. When you upgrade software to a new version, there's always a chance that a previously working function will break. This phenomenon is called a regression. Regression testing is designed to identify these regressions so that you can decide whether or not to update.
There was a time when organizations would postpone software updates because they would routinely break things and create troubleshooting headaches for everyone. Although this isn't as much of a problem anymore, it does happen from time to time, so it's important to perform regression testing in a controlled test environment prior to rolling out major software updates.
Functional Testing
Functional testing checks the functionality of software against a set of specifications that defines what the software must (or must not) do. In short, functional testing checks whether the software is capable of doing what you want it to do.
Usability Testing
Usability testing considers how easy or difficult it is for end users to use a system. A piece of software might pass all other tests, but the user may still find it difficult, confusing, or frustrating. Such flaws are usually not technical flaws in the code or architecture of a system, but rather flaws in the user interface or a process the user has to follow. Usability testing is designed to catch such flaws early.
In its simplest form, usability testing consists of having a user attempt to complete a specified task. Usability testing is, in a sense, a more subjective version of functional testing. Functional testing is designed to test whether the software performs a specified function. Usability testing tests whether the user can use the software.
Verifying