Mod 1 - Understanding Cloud

Question 1

What really makes a data center so special and demanded?

Answer 1

A. Redundancy everywhere

B. Huge power systems

C. Fast internet

D. Special cooling and airflow

Question 2

Devops:
Definition

Answer 2

Gives devs way to automatically introduce and test new code into an application without taking app down.

Question 3

Devops Process:

Answer 3

• Creates dev only environment where they can run new code.
• Then run in test env with specific end users.
• UAT - Then run in Staging where real world prod traffic is allowed to access env to test code.
• Then roll into prod env

Question 4

Scale Up(Vertically):

Answer 4

Increases the server resources ex. Increase RAM

Question 5

Scale out(horizontally):

Answer 5

Increases number of servers of the same resource type

Question 6

Canary Deployment

Answer 6

When you have four of the exact same instance type of a server and ship new code into one of them to see how they do. If there are issues, roll it back. If success, ship to more servers.

Question 7

What is a 3 tier app

Answer 7

-frontend app
-Backend app
-database that stores the data

Question 8

Monolithic app

Answer 8

bundle of the 3 tier app in one app, running on one server

Question 9

Microservices

Answer 9

architecture of many small applications that make up one giant application

Question 10

What is the All Services AZ menu option?

Answer 10

shop for services

Question 11

What is the All resources AZ menu option?

Answer 11

resources you already deployed

Question 12

Blades

Answer 12

term for windows you open in azure, ex. Clicking into Disks section of VMs area

Question 13

What are the two IaaS Use Case?

Answer 13

A. Testing and development: Best when you have a need to have control over the environment. Have special app that can be moved to cloud with redundancy, but still control env.
B. Migrations : Lift and shift virtual machines from On-Prem to Cloud

Question 14

IaaS Model Responsibilities

Answer 14

In an IaaS model, the cloud provider is responsible for maintaining the hardware, network connectivity (to the internet), and physical security.

You’re responsible for everything else: operating system installation, configuration, and maintenance; network configuration; database and storage configuration; and so on

Question 15

IaaS Model Definition

Answer 15

Replicating on prem servers and VMs to cloud env where you manage and control the env. Ex. Do OS patches

Question 16

Private Cloud

Answer 16

Local datacenter where data is stored on physical servers you have control over and are responsible for OS patches, designing vnet/ virtual network, Software patches, and Runtime environment

Question 17

Capex

Answer 17

typically a one-time, up-front expenditure to purchase or secure tangible resources. A new building, repaving the parking lot, building a datacenter, or buying a company vehicle are examples of CapEx.

Question 18

Is cloud computing Opex or Capex

Answer 18

Opex

Question 19

OpEx

Answer 19

spending money on services or products over time. Renting a convention center, leasing a company vehicle, or signing up for cloud services are all examples of OpEx.

Question 20

PaaS Model Responsibilities

Answer 20

In a PaaS environment, the cloud provider maintains the:
-physical infrastructure,
-physical security,
-and connection to the internet.

They also maintain the
-operating systems,
-databases,
-development tools,
-and business intelligence services

Shared Responsibilities:
-networking settings and connectivity within your cloud environment,
-network and application security,
-directory infrastructure.

Ex. Like a domain joined machine: IT maintains the device with regular updates, patches, and refreshes.

Question 21

What is the PaaS Use Case?

Answer 21

A. Development framework: PaaS provides a framework that developers can build upon to develop or customize cloud-based applications

B. Analytics or business intelligence: Tools provided as a service with PaaS allow organizations to analyze and mine their data, finding insights and patterns and predicting outcomes to improve forecasting, product design decisions, investment returns, and other business decisions.

Question 22

PaaS Definition

Answer 22

responsible for building and shipping app and the code, making sure it’s secure

Question 23

Azure App services

Answer 23

service that deploys web hosting apps

Question 24

Message Queue

Answer 24

queue that microservice instances are listening to and pick up messages that are put in queue

Question 25

T-SQL

Answer 25

Microsoft’s dialect of SQL used in MS SQL

Question 26

SaaS Model Responsibilities

Answer 26

You’re responsible for -the data that you put into the system, -the devices that you allow to connect to the system, -and the users that have access. The cloud provider is responsible for -physical security of the datacenters, -power, -network connectivity, -and application development and patching

Question 27

What is the SaaS Use Case?

Answer 27

A. Best when you have don’t need to maintain anything, just need access to software to accomplishes a task. Ex. * Email and messaging. * Business productivity applications. * Finance and expense tracking.

Question 28

SaaS Definition

Answer 28

cloud service that offers a subscription fee to access software in a browser online, hosting is managed by third party company. Ex. Adobe cloud

Question 29

Consumption-Based Billing

Answer 29

Billing based off of the usage of cloud resources that are actually deployed. Ex. Azure VM can cost $0.10 per hour or billed for Network Egress(amount of bandwidth used)

Question 30

What are the 4 responsibilities that are always retained by you?

Answer 30

* Data * Endpoints * Account * Access management

Question 31

Who manages security in IaaS?

Answer 31

You manage entire security

Question 32

Who manages security in PaaS?

Answer 32

Shared responsibility

Question 33

Who manages security in SaaS?

Answer 33

All on azure, but we control who connects into app(account mngmt) and need to develop security policies on accessing the app and sharing data

Question 34

Network security Group

Answer 34

an access control list that defines what traffic is let into a vNET

Question 35

Deployment Order for Azure networking

Answer 35

1. VM 2. Public IP 3. vNIC 4. vNET 5. NSG

Question 36

vNET

Answer 36

private address space, can create subnets out of this space. Ex. Set space to 10.0.0.0/8>>10.0.1.0/24 (253 VMs)

Question 37

How are VMs accessible when first deployed?

Answer 37

they are only accessible via the Public internet, assigned Public IP address and a vNIC that are stand alone resources

Question 38

* Stretch networking

Answer 38

when you have on prem subnets that have layer 2 connectivity with azure vNET subnets

Question 39

What are the steps/prompts to deploy a basic VM

Answer 39

1. Login to Azure portal 2. Select Virtual Machine service 3. Select Azure VM 4. Create VM a. Set Basic settings i. Set name based off of app VM used for, what env(Prod or Test), number if there are multiple ii. Set availability zones iii. Set password iv. Set inbound port rules(this sets your NSG) b. Set disk settings i. Can add data disk attached to VM c. Set virtual network d. Review settings

Question 40

Do Resource groups and availability zones need to match?

Answer 40

No

Question 41

How do you deprovision a VM?

Answer 41

Need to use Stop button. shutting down the VM if RDP’ed doesn’t deprovision VM

Question 42

How do you delete a VM in azure portal?

Answer 42

To delete, use Delete button and config options, select all boxes to completely delete

Question 43

How do you upload ssh keys to azure portal?

Answer 43

1. Navigate to VM page 2. Select Connect drop down 3. Select one of the connection options ex. RDP or SSH or Bastion

Question 44

What is the Bastion AZ resource?

Answer 44

secure way to connect to VM without exposing them through public IP addresses. Deploy it and it will prompt for azure creds and 2FA

Question 45

what are availability sets designed for

Answer 45

designed to ensure that VMs stagger updates and have varied power and network connectivity, preventing you from losing all your VMs with a single network or power failure.

Question 46

Availability Sets

Answer 46

template of saved availability settings to apply to a group of VMs ex. Spread VMs across certain domains

Question 47

Fault Domain default settings

Answer 47

By default, an availability set will split your VMs across up to three fault domains. This helps protect against a physical power or networking failure by having VMs in different fault domains (thus being connected to different power and networking resources).

Question 48

* Fault Domains

Answer 48

grouping of azure datacenter resources with same power and network components.

Question 49

how long is given an update group to recover after updates applied

Answer 49

An update group going through the update process is given a 30-minute time to recover before maintenance on the next update domain starts.

Question 50

* Update domains

Answer 50

a group of azure datacenter resources that get updated at the same time or in a grouping. Azure only ever updates one domain at a time so setting AS to multiple ensures your AS doesn’t get interrupted and have different update schedules

Question 51

Why use more than 1 fault domain?

Answer 51

Setting to more than 1 ensures a physical failure won’t impact all VMs o Should have 1 FD per VM if you can only afford to have one VM down at a time

Question 52

VM Scale Sets

Answer 52

azure resource that helps manage a group of load balanced VMs

Question 53

Stateless workloads

Answer 53

something like a web connection that isn’t maintaining a session, just used for load balancing between many VMs

Question 54

What are the min and max options for Autoscaling in VM scale sets

Answer 54

* Min of 1 instance * Max of 10

Question 55

What's an example of shared responsibility(PaaS) for networking?

Answer 55

Azure will setup backbone routing and private IP addressing, while you handle the Public IP addressing

Question 56

What's an example of shared responsibility(PaaS) for runtime?

Answer 56

Azure setups up the environment from your choice depending on what code language you wrote your app in ex. Python or .Node

Question 57

What's an example of shared responsibility(PaaS) for authentication?

Answer 57

Azure handles managing directory accounts and you can decide to accept certain user logins. Or you could manage the user directory and AAA yourself

Question 58

Cloud computing

Answer 58

the delivery of computing services over the internet

Question 59

what is a key feature of public cloud computing

Answer 59

Services are leased from a public cloud and Data from private cloud traverses the public internet in some way to reach the public cloud

Question 60

what is hybrid cloud

Answer 60

a computing environment that uses both public and private clouds in an inter-connected environment

Question 61

what is a private cloud model

Answer 61

It’s a cloud (delivering IT services over the internet) that’s used by a single entity

Question 62

what are always the three consumer duties in cloud

Answer 62

* The information and data stored in the cloud * Devices that are allowed to connect to your cloud (cell phones, computers, and so on) * The accounts and identities of the people, services, and devices within your organization

Question 63

what are always the three cloud provider duties in cloud

Answer 63

* The physical datacenter * The physical network * The physical hosts

Question 64

what are the four things that there is shared responsibility depending on service model?

Answer 64

Operating systems Network controls Applications Identity and infrastructure

Question 65

What are cloud models?

Answer 65

The cloud models define the deployment type of cloud resources

Question 66

what is a multi-cloud environment

Answer 66

environment you deal with two (or more) public cloud providers and manage resources and security in both environments.

Question 67

what are 4 benefits of public cloud

Answer 67

No capital expenditures to scale up Applications can be quickly provisioned and deprovisioned Organizations pay only for what they use Organizations don’t have complete control over resources and security

Question 68

what are 4 benefits of private cloud

Answer 68

Organizations have complete control over resources and security Data is not collocated with other organizations’ data Hardware must be purchased for startup and maintenance Organizations are responsible for hardware maintenance and updates

Question 69

what are 3 benefits of hybrid cloud

Answer 69

Provides the most flexibility Organizations determine where to run their applications Organizations control security, compliance, or legal requirements