舉報 
會員
Hybrid Cloud for Architects
Thisbookistargetedatcloudarchitects,cloudsolutionproviders,DevOpsengineers,oranyworkingstakeholderwhowantstolearnaboutthehybridcloudarchitecture.Abasicunderstandingofpublicandprivatecloudisdesirable.
最新章節(jié)
- Leave a review - let other readers know what you think
- Other Books You May Enjoy
- Summary
- Other practices
- Networks
- Provisioning and postprovisioning controls
品牌:中圖公司
上架時間:2021-06-24 18:05:16
出版社:Packt Publishing
本書數(shù)字版權(quán)由中圖公司提供,并由其授權(quán)上海閱文信息技術(shù)有限公司制作發(fā)行
- Leave a review - let other readers know what you think 更新時間:2021-06-24 19:28:23
- Other Books You May Enjoy
- Summary
- Other practices
- Networks
- Provisioning and postprovisioning controls
- User accounts and authentication
- Implementing a CMDB/asset list
- Security – best practices
- Implementing the controls in private cloud
- Security – shared responsibility model
- Implementing the controls on AWS – public cloud
- Common controls
- Security controls consideration in hybrid cloud
- Technical controls
- Physical controls
- Administrative controls
- HIPAA compliance standards
- Compliance standards and controls
- Minimizing shared infrastructure
- Detection and analytics mechanism
- High availability and disaster recovery
- Host controls
- Proxies
- IDS/IPS
- Firewalls
- Network perimeter security
- Data encryption in rest and in motion
- IAM systems
- Tools to protect against the breaches
- Availability
- Integrity
- Confidentiality
- The CIA triad
- Components of security
- Security in a Hybrid Cloud
- Summary
- Configuring Grafana to use Prometheus
- Installing Grafana
- Grafana
- Configuring Prometheus
- Setting up node exporter
- Setting up startup script
- Setting up directories
- Downloading Prometheus
- Installing Prometheus
- The implementation architecture of Prometheus
- Prometheus
- Monitoring the hybrid cloud
- WMI monitoring and custom agent monitoring
- SNMP monitoring
- Performance monitoring
- SNMP-based availability monitoring
- Enhanced monitoring
- TCP/UDP monitoring
- ICMP monitoring
- Availability monitoring
- The traditional concepts in monitoring
- Monitoring the Hybrid Cloud
- Summary
- Configuring Ansible and a sample playbook
- Installing Ansible
- Configuration management using Ansible
- Configuring and using Terraform
- Installing Terraform
- IaaC with Terraform
- DevOps or NoOps
- Templatize
- Configuring the infrastructure
- Creating the infrastructure
- Merging the different teams
- The traditional development stages
- The development cycle and DevOps
- DevOps in the Hybrid Cloud
- Summary
- Using the different hybrid cloud solutions
- vCloud Air
- Running DevStack
- Modifying the local.conf file
- Removing the DevStack instance
- Installing OpenStack Omni on DevStack
- OpenStack Omni
- Getting the Azure Stack
- Azure Stack
- Using PreBuilt Hybrid Cloud Solutions
- Summary
- Initializing the federation
- Creating the DNS provider
- Step 3 – creating the federation
- Step 2 – combining the Kubernetes configuration (optional)
- Step 1 – setting up the federation controller
- Implementing a Kubernetes federation
- Federation challenges
- Cloud bursting
- High availability and application upgrades
- Enforce policies
- Application migration – avoiding vendor lock-in
- Reasons for consideration
- Federation using Kubernetes
- Connecting to the Kubernetes clusters
- Deploying a second instance of Kubernetes
- Deploying Kubernetes with Juju
- Accessing the Juju controller using a GUI
- Bootstrapping an OpenStack Cloud
- Bootstrapping an AWS Cloud
- Installing the Juju client and bootstrapping clouds
- Introduction to Juju
- Kubernetes deployment
- Namespaces
- Volumes
- Service
- Controllers
- Pod
- Basic concepts in Kubernetes
- Kubernetes architecture
- Container orchestration engine
- Underlay networking
- Overlay networking
- Host networking
- Bridge networking
- None – no networking
- Container networking
- Evolving to containers
- Building a Containerized Hybrid Cloud
- Summary
- In conclusion – architecting with a CMP
- Creating cloud images
- Policies and user authentication
- Testing the catalog
- Creating a catalog item and catalog
- Creating a Service Dialog
- Creating a catalog
- Provisioning virtual machines using ManageIQ
- Adding our OpenStack endpoint
- Adding a new AWS EC2 provider
- Configuring ManageIQ to connect to AWS and OpenStack
- Installing a ManageIQ container
- Understanding and installing Docker
- Containerization basics
- Preparing the host environment
- Installing ManageIQ
- ManageIQ
- General architecture of CMP
- Isolated/distributed application use case
- Tape gateway
- Volume gateways
- File gateway
- Using the AWS storage gateway
- Modern outlook
- Traditional operations
- Supporting applications use case
- Building a Traditional CMP-Based Hybrid Cloud
- Summary
- Configuring DevStack to enable Heat
- Installing DevStack
- Choosing the deployment method
- Choosing an OpenStack distribution
- Basics of designing an OpenStack environment
- Setting up the private cloud
- Setting up AWS API access
- Creating the IGW and VGW
- Creating a VPC and subnets
- Creating an account in AWS
- Setting up a public cloud – AWS
- Connectivity to the private cloud
- Designing an AWS environment
- VPC design
- AWS account design
- Architecting the AWS environment
- AWS services
- Virtual private cloud (VPC)
- Availability zones (AZ)
- Region
- Account
- AWS terminology
- Getting started with the public cloud – AWS
- Hybrid Cloud Deployment – Architecture and Preparation
- Conclusion
- IAM and Active Directory
- DNS services
- Network connectivity
- Choosing the right components
- Database log shipping
- Using Cockroach DB in a hybrid cloud environment
- Global databases
- Application components
- Multi-Factor Authentication (MFA)
- Identity Federation
- Identity and Access Management (IAM)
- Global load balancing
- How does DNS work?
- Domain Name System (DNS)
- Routing table
- MPLS connectivity – direct connect
- SSL VPN
- IPSec VPN
- Encrypting data using IPSec and SSL – concepts
- Virtual Private Network (VPN)
- VXLAN
- GRE
- Overlay networking
- WAN architecture
- LAN architecture
- Underlay network
- Networking
- Architecting the Underpinning Services
- Summary – setting up hybrid cloud
- Azure Traffic Manager
- Azure Site Recovery (ASR)
- Azure Stack
- Microsoft Azure
- VMware cloud on AWS
- Amazon EC2 run command
- Route 53
- Direct connect
- Storage gateway
- Amazon Web Services (AWS)
- Public cloud services for hybrid deployment
- DNS service
- Network connectivity
- Services to enable a hybrid cloud
- Case in point – architecture of OpenStack
- Decoupling the tiers
- Backup and disaster recovery in the cloud
- Supporting application use cases
- Using cognitive services
- Cloud bursting
- Co-Existent use case
- Distributed use case
- Isolated use case
- Use cases of a hybrid cloud
- Putting it all together
- Database tier
- Application tier
- Web tier
- Application level
- Case 2 – with a proxy
- Case 1 – without a proxy
- Transport level
- The story of a web application
- Hybrid Cloud Building Blocks
- Summary – maximizing benefits
- Hybrid cloud case study
- Fear of lock-in
- Compliance
- Control/customizability
- Cost
- Shortcomings of a public cloud
- Ability to consume enhanced services
- Reducing operational overheads
- Ability to experiment without upfront cost
- Need for agility
- Public cloud benefits
- Pure-play public cloud strategy
- What does the world say?
- Hybrid Cloud – Why Does It Matter?
- Summary
- Choosing different cloud combinations
- Based on consumers of the services
- Based on services offered
- Differentiating service down and infrastructure up clouds
- Infrastructure up clouds
- Service down clouds
- Based on abstraction
- The cloud's demographics
- Introducing Hybrid Cloud
- Reviews
- Get in touch
- Conventions used
- Download the color images
- Download the example code files
- To get the most out of this book
- What this book covers
- Who this book is for
- Preface
- Packt is searching for authors like you
- About the reviewer
- About the author
- Contributors
- PacktPub.com
- Why subscribe?
- Packt Upsell
- Software Hardware List
- Title Page
- coverpage
- coverpage
- Title Page
- Software Hardware List
- Packt Upsell
- Why subscribe?
- PacktPub.com
- Contributors
- About the author
- About the reviewer
- Packt is searching for authors like you
- Preface
- Who this book is for
- What this book covers
- To get the most out of this book
- Download the example code files
- Download the color images
- Conventions used
- Get in touch
- Reviews
- Introducing Hybrid Cloud
- The cloud's demographics
- Based on abstraction
- Service down clouds
- Infrastructure up clouds
- Differentiating service down and infrastructure up clouds
- Based on services offered
- Based on consumers of the services
- Choosing different cloud combinations
- Summary
- Hybrid Cloud – Why Does It Matter?
- What does the world say?
- Pure-play public cloud strategy
- Public cloud benefits
- Need for agility
- Ability to experiment without upfront cost
- Reducing operational overheads
- Ability to consume enhanced services
- Shortcomings of a public cloud
- Cost
- Control/customizability
- Compliance
- Fear of lock-in
- Hybrid cloud case study
- Summary – maximizing benefits
- Hybrid Cloud Building Blocks
- The story of a web application
- Transport level
- Case 1 – without a proxy
- Case 2 – with a proxy
- Application level
- Web tier
- Application tier
- Database tier
- Putting it all together
- Use cases of a hybrid cloud
- Isolated use case
- Distributed use case
- Co-Existent use case
- Cloud bursting
- Using cognitive services
- Supporting application use cases
- Backup and disaster recovery in the cloud
- Decoupling the tiers
- Case in point – architecture of OpenStack
- Services to enable a hybrid cloud
- Network connectivity
- DNS service
- Public cloud services for hybrid deployment
- Amazon Web Services (AWS)
- Storage gateway
- Direct connect
- Route 53
- Amazon EC2 run command
- VMware cloud on AWS
- Microsoft Azure
- Azure Stack
- Azure Site Recovery (ASR)
- Azure Traffic Manager
- Summary – setting up hybrid cloud
- Architecting the Underpinning Services
- Networking
- Underlay network
- LAN architecture
- WAN architecture
- Overlay networking
- GRE
- VXLAN
- Virtual Private Network (VPN)
- Encrypting data using IPSec and SSL – concepts
- IPSec VPN
- SSL VPN
- MPLS connectivity – direct connect
- Routing table
- Domain Name System (DNS)
- How does DNS work?
- Global load balancing
- Identity and Access Management (IAM)
- Identity Federation
- Multi-Factor Authentication (MFA)
- Application components
- Global databases
- Using Cockroach DB in a hybrid cloud environment
- Database log shipping
- Choosing the right components
- Network connectivity
- DNS services
- IAM and Active Directory
- Conclusion
- Hybrid Cloud Deployment – Architecture and Preparation
- Getting started with the public cloud – AWS
- AWS terminology
- Account
- Region
- Availability zones (AZ)
- Virtual private cloud (VPC)
- AWS services
- Architecting the AWS environment
- AWS account design
- VPC design
- Designing an AWS environment
- Connectivity to the private cloud
- Setting up a public cloud – AWS
- Creating an account in AWS
- Creating a VPC and subnets
- Creating the IGW and VGW
- Setting up AWS API access
- Setting up the private cloud
- Basics of designing an OpenStack environment
- Choosing an OpenStack distribution
- Choosing the deployment method
- Installing DevStack
- Configuring DevStack to enable Heat
- Summary
- Building a Traditional CMP-Based Hybrid Cloud
- Supporting applications use case
- Traditional operations
- Modern outlook
- Using the AWS storage gateway
- File gateway
- Volume gateways
- Tape gateway
- Isolated/distributed application use case
- General architecture of CMP
- ManageIQ
- Installing ManageIQ
- Preparing the host environment
- Containerization basics
- Understanding and installing Docker
- Installing a ManageIQ container
- Configuring ManageIQ to connect to AWS and OpenStack
- Adding a new AWS EC2 provider
- Adding our OpenStack endpoint
- Provisioning virtual machines using ManageIQ
- Creating a catalog
- Creating a Service Dialog
- Creating a catalog item and catalog
- Testing the catalog
- Policies and user authentication
- Creating cloud images
- In conclusion – architecting with a CMP
- Summary
- Building a Containerized Hybrid Cloud
- Evolving to containers
- Container networking
- None – no networking
- Bridge networking
- Host networking
- Overlay networking
- Underlay networking
- Container orchestration engine
- Kubernetes architecture
- Basic concepts in Kubernetes
- Pod
- Controllers
- Service
- Volumes
- Namespaces
- Kubernetes deployment
- Introduction to Juju
- Installing the Juju client and bootstrapping clouds
- Bootstrapping an AWS Cloud
- Bootstrapping an OpenStack Cloud
- Accessing the Juju controller using a GUI
- Deploying Kubernetes with Juju
- Deploying a second instance of Kubernetes
- Connecting to the Kubernetes clusters
- Federation using Kubernetes
- Reasons for consideration
- Application migration – avoiding vendor lock-in
- Enforce policies
- High availability and application upgrades
- Cloud bursting
- Federation challenges
- Implementing a Kubernetes federation
- Step 1 – setting up the federation controller
- Step 2 – combining the Kubernetes configuration (optional)
- Step 3 – creating the federation
- Creating the DNS provider
- Initializing the federation
- Summary
- Using PreBuilt Hybrid Cloud Solutions
- Azure Stack
- Getting the Azure Stack
- OpenStack Omni
- Installing OpenStack Omni on DevStack
- Removing the DevStack instance
- Modifying the local.conf file
- Running DevStack
- vCloud Air
- Using the different hybrid cloud solutions
- Summary
- DevOps in the Hybrid Cloud
- The development cycle and DevOps
- The traditional development stages
- Merging the different teams
- Creating the infrastructure
- Configuring the infrastructure
- Templatize
- DevOps or NoOps
- IaaC with Terraform
- Installing Terraform
- Configuring and using Terraform
- Configuration management using Ansible
- Installing Ansible
- Configuring Ansible and a sample playbook
- Summary
- Monitoring the Hybrid Cloud
- The traditional concepts in monitoring
- Availability monitoring
- ICMP monitoring
- TCP/UDP monitoring
- Enhanced monitoring
- SNMP-based availability monitoring
- Performance monitoring
- SNMP monitoring
- WMI monitoring and custom agent monitoring
- Monitoring the hybrid cloud
- Prometheus
- The implementation architecture of Prometheus
- Installing Prometheus
- Downloading Prometheus
- Setting up directories
- Setting up startup script
- Setting up node exporter
- Configuring Prometheus
- Grafana
- Installing Grafana
- Configuring Grafana to use Prometheus
- Summary
- Security in a Hybrid Cloud
- Components of security
- The CIA triad
- Confidentiality
- Integrity
- Availability
- Tools to protect against the breaches
- IAM systems
- Data encryption in rest and in motion
- Network perimeter security
- Firewalls
- IDS/IPS
- Proxies
- Host controls
- High availability and disaster recovery
- Detection and analytics mechanism
- Minimizing shared infrastructure
- Compliance standards and controls
- HIPAA compliance standards
- Administrative controls
- Physical controls
- Technical controls
- Security controls consideration in hybrid cloud
- Common controls
- Implementing the controls on AWS – public cloud
- Security – shared responsibility model
- Implementing the controls in private cloud
- Security – best practices
- Implementing a CMDB/asset list
- User accounts and authentication
- Provisioning and postprovisioning controls
- Networks
- Other practices
- Summary
- Other Books You May Enjoy
- Leave a review - let other readers know what you think 更新時間:2021-06-24 19:28:23
