Hybrid cloud for architects build robust hybrid cloud solutions using AWS and OpenStack
Build your own hybrid cloud strategy with this comprehensive learning guide. About This Book Build a hybrid cloud strategy for your organization with AWS and OpenStack Leverage Hybrid Cloud to design a complex deployment pipeline Learn to implement security and monitoring best practices with real-wo...
| Other Authors: | |
|---|---|
| Format: | eBook |
| Language: | Inglés |
| Published: |
Birmingham, [England] ; Mumbai, [India] :
Packt Publishing
2018.
|
| Edition: | 1st edition |
| Subjects: | |
| See on Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009631630706719 |
Table of Contents:
- Cover
- Title Page
- Copyright and Credits
- Packt Upsell
- Contributors
- Table of Contents
- Preface
- Chapter 1: Introducing Hybrid Cloud
- The cloud's demographics
- Based on abstraction
- Service down clouds
- Infrastructure up clouds
- Differentiating service down and infrastructure up clouds
- Based on services offered
- Based on consumers of the services
- Choosing different cloud combinations
- Summary
- Chapter 2: Hybrid Cloud - Why Does It Matter?
- What does the world say?
- Pure-play public cloud strategy
- Public cloud benefits
- Need for agility
- Ability to experiment without upfront cost
- Reducing operational overheads
- Ability to consume enhanced services
- Shortcomings of a public cloud
- Cost
- Control/customizability
- Compliance
- Fear of lock-in
- Hybrid cloud case study
- Summary - maximizing benefits
- Chapter 3: Hybrid Cloud Building Blocks
- The story of a web application
- Transport level
- Case 1 - without a proxy
- Case 2 - with a proxy
- Application level
- Web tier
- Application tier
- Database tier
- Putting it all together
- Use cases of a hybrid cloud
- Isolated use case
- Distributed use case
- Co-Existent use case
- Cloud bursting
- Using cognitive services
- Supporting application use cases
- Backup and disaster recovery in the cloud
- Decoupling the tiers
- Case in point - architecture of OpenStack
- Services to enable a hybrid cloud
- Network connectivity
- DNS service
- Public cloud services for hybrid deployment
- Amazon Web Services (AWS)
- Storage gateway
- Direct connect
- Route 53
- Amazon EC2 run command
- VMware cloud on AWS
- Microsoft Azure
- Azure Stack
- Azure Site Recovery (ASR)
- Azure Traffic Manager
- Summary - setting up hybrid cloud
- Chapter 4: Architecting the Underpinning Services
- Networking
- Underlay network.
- LAN architecture
- WAN architecture
- Overlay networking
- GRE
- VXLAN
- Virtual Private Network (VPN)
- Encrypting data using IPSec and SSL - concepts
- IPSec VPN
- SSL VPN
- MPLS connectivity - direct connect
- Routing table
- Domain Name System (DNS)
- How does DNS work?
- Global load balancing
- Identity and Access Management (IAM)
- Identity Federation
- Multi-Factor Authentication (MFA)
- Application components
- Global databases
- Using Cockroach DB in a hybrid cloud environment
- Database log shipping
- Choosing the right components
- Network connectivity
- DNS services
- IAM and Active Directory
- Conclusion
- Chapter 5: Hybrid Cloud Deployment - Architecture and Preparation
- Getting started with the public cloud - AWS
- AWS terminology
- Account
- Region
- Availability zones (AZ)
- Virtual private cloud (VPC)
- AWS services
- Architecting the AWS environment
- AWS account design
- VPC design
- Designing an AWS environment
- Connectivity to the private cloud
- Setting up a public cloud - AWS
- Creating an account in AWS
- Creating a VPC and subnets
- Creating the IGW and VGW
- Setting up AWS API access
- Setting up the private cloud
- Basics of designing an OpenStack environment
- Choosing an OpenStack distribution
- Choosing the deployment method
- Installing DevStack
- Configuring DevStack to enable Heat
- Summary
- Chapter 6: Building a Traditional CMP-Based Hybrid Cloud
- Supporting applications use case
- Traditional operations
- Modern outlook
- Using the AWS storage gateway
- File gateway
- Volume gateways
- Tape gateway
- Isolated/distributed application use case
- General architecture of CMP
- ManageIQ
- Installing ManageIQ
- Preparing the host environment
- Containerization basics
- Understanding and installing Docker
- Installing a ManageIQ container.
- Configuring ManageIQ to connect to AWS and OpenStack
- Adding a new AWS EC2 provider
- Adding our OpenStack endpoint
- Provisioning virtual machines using ManageIQ
- Creating a catalog
- Creating a Service Dialog
- Creating a catalog item and catalog
- Testing the catalog
- Policies and user authentication
- Creating cloud images
- In conclusion - architecting with a CMP
- Summary
- Chapter 7: Building a Containerized Hybrid Cloud
- Evolving to containers
- Container networking
- None - no networking
- Bridge networking
- Host networking
- Overlay networking
- Underlay networking
- Container orchestration engine
- Kubernetes architecture
- Basic concepts in Kubernetes
- Pod
- Controllers
- Service
- Volumes
- Namespaces
- Kubernetes deployment
- Introduction to Juju
- Installing the Juju client and bootstrapping clouds
- Bootstrapping an AWS Cloud
- Bootstrapping an OpenStack Cloud
- Accessing the Juju controller using a GUI
- Deploying Kubernetes with Juju
- Deploying a second instance of Kubernetes
- Connecting to the Kubernetes clusters
- Federation using Kubernetes
- Reasons for consideration
- Application migration - avoiding vendor lock-in
- Enforce policies
- High availability and application upgrades
- Cloud bursting
- Federation challenges
- Implementing a Kubernetes federation
- Step 1 - setting up the federation controller
- Step 2 - combining the Kubernetes configuration (optional)
- Step 3 - creating the federation
- Creating the DNS provider
- Initializing the federation
- Summary
- Chapter 8: Using PreBuilt Hybrid Cloud Solutions
- Azure Stack
- Getting the Azure Stack
- OpenStack Omni
- Installing OpenStack Omni on DevStack
- Removing the DevStack instance
- Modifying the local.conf file
- Running DevStack
- vCloud Air
- Using the different hybrid cloud solutions
- Summary.
- Chapter 9: DevOps in the Hybrid Cloud
- The development cycle and DevOps
- The traditional development stages
- Merging the different teams
- Creating the infrastructure
- Configuring the infrastructure
- Templatize
- DevOps or NoOps
- IaaC with Terraform
- Installing Terraform
- Configuring and using Terraform
- Configuration management using Ansible
- Installing Ansible
- Configuring Ansible and a sample playbook
- Summary
- Chapter 10: Monitoring the Hybrid Cloud
- The traditional concepts in monitoring
- Availability monitoring
- ICMP monitoring
- TCP/UDP monitoring
- Enhanced monitoring
- SNMP-based availability monitoring
- Performance monitoring
- SNMP monitoring
- WMI monitoring and custom agent monitoring
- Monitoring the hybrid cloud
- Prometheus
- The implementation architecture of Prometheus
- Installing Prometheus
- Downloading Prometheus
- Setting up directories
- Setting up startup script
- Setting up node exporter
- Configuring Prometheus
- Grafana
- Installing Grafana
- Configuring Grafana to use Prometheus
- Summary
- Chapter 11: Security in a Hybrid Cloud
- Components of security
- The CIA triad
- Confidentiality
- Integrity
- Availability
- Tools to protect against the breaches
- IAM systems
- Data encryption in rest and in motion
- Network perimeter security
- Firewalls
- IDS/IPS
- Proxies
- Host controls
- High availability and disaster recovery
- Detection and analytics mechanism
- Minimizing shared infrastructure
- Compliance standards and controls
- HIPAA compliance standards
- Administrative controls
- Physical controls
- Technical controls
- Security controls consideration in hybrid cloud
- Common controls
- Implementing the controls on AWS - public cloud
- Security - shared responsibility model
- Implementing the controls in private cloud.
- Security - best practices
- Implementing a CMDB/asset list
- User accounts and authentication
- Provisioning and postprovisioning controls
- Networks
- Other practices
- Summary
- Other Books You May Enjoy
- Index.
