cloud

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to Lesson

Podcast

Play an AI-generated podcast conversation about this lesson
Download our mobile app to listen on the go
Get App

Questions and Answers

A company develops warehouse management software with a core component and customer-specific modules. To minimize costs, which deployment model is most suitable?

  • VMs running on the customer's on-premise servers.
  • Software-as-a-Service (SaaS) model, delivered online. (correct)
  • Containers running on the customer's on-premise servers.
  • Virtual private cloud instance dedicated to the customer on a public cloud.

What is the primary characteristic of Common-Off-The-Shelf (COTS) hardware?

  • Hardware suitable for on-premise data centers, but not hyperscalers.
  • Hardware used only by individual customers, not cloud workloads.
  • Standardized hardware bought in large quantities to reduce variety. (correct)
  • Hardware that cannot be specialized with additional components.

A company wants to deploy its application using containers for better resource utilization and faster deployment. Which infrastructure setup would be the MOST appropriate?

  • Utilizing a container orchestration platform like Kubernetes on a cluster of servers. (correct)
  • Deploying containers on individual virtual machines.
  • Running each container on a separate physical server to ensure isolation.
  • Installing containers directly on bare metal servers without any orchestration.

A company wants to improve its disaster recovery strategy. Which cloud deployment model would be best suited for creating a highly available and fault-tolerant system?

<p>Distributing the application across multiple availability zones or regions in a public cloud. (C)</p> Signup and view all the answers

A company is deciding between using virtual machines (VMs) and containers for deploying its applications. Which of the following scenarios would make containers a more suitable choice than VMs?

<p>When applications need to be deployed and scaled rapidly, with efficient resource utilization. (D)</p> Signup and view all the answers

Which task is NOT a typical responsibility of Kubernetes kubelet?

<p>Managing cloud resources. (C)</p> Signup and view all the answers

Why is a Kubernetes Service crucial for application deployment?

<p>It provides a stable access point to a dynamic set of pods. (C)</p> Signup and view all the answers

What is the main role of the Kubernetes scheduler in resource management?

<p>Assigning pods to the appropriate nodes based on resource requirements and constraints. (C)</p> Signup and view all the answers

When should Secrets be utilized in Kubernetes?

<p>When storing sensitive information such as API keys and passwords. (B)</p> Signup and view all the answers

How does a ReplicaSet contribute to maintaining application availability?

<p>By ensuring a specified number of pod replicas are running at all times. (B)</p> Signup and view all the answers

Which of the following methods is used to emulate instructions that trigger a trap in a virtualized environment?

<p>Replacing source code of the GuestOS kernel with HostOS kernel functions. (A)</p> Signup and view all the answers

What is the typical characteristic of modern CPUs regarding the execution of OS kernels?

<p>They have many CPU rings, with a dynamically programmable number intended for OS kernels. (D)</p> Signup and view all the answers

In the context of virtualization, what does dynamic binary translation primarily refer to?

<p>An instruction executed by the GuestOS kernel. (A)</p> Signup and view all the answers

In a virtualized system, what is the primary function of VMEntry and VMExit instructions?

<p>Enable fast transitions between GuestOS and HostOS kernels. (B)</p> Signup and view all the answers

Regarding I/O device emulation, what is a typical characteristic of a hypervisor?

<p>It is usually able to emulate a very large number of physical devices. (B)</p> Signup and view all the answers

What type of drivers are typically included in the image (ISO) of a modern operating system intended for use in a virtual machine?

<p>Usually includes drivers for many physical devices (e.g., Intel NIC), and a few para-virtualized devices (eg., VIRTIO). (D)</p> Signup and view all the answers

What is the primary function of Libvirt?

<p>Simplifies the interaction with VMs running on different hypervisors (KVM, Vmware, etc). (D)</p> Signup and view all the answers

In Linux, how do QEMU and KVM relate in terms of their execution context?

<p>QEMU runs in user space, KVM runs in kernel space. (C)</p> Signup and view all the answers

When implementing hot migration of a VM to another server, what states must be moved?

<p>The entire VM (i.e., applications and GuestOS kernel), plus some additional data kept in the hypervisor. (D)</p> Signup and view all the answers

In computing virtualization, what defines a 'sensitive instruction'?

<p>Is an instruction that has to be handled with Trap-And-Emulate. (C)</p> Signup and view all the answers

Under what condition can an instruction executed at CPU ring 0 in VMX non-root mode generate a trap?

<p>Can generate a trap if it is a privileged instruction. (B)</p> Signup and view all the answers

How does a CPU that supports VMX root/non-root modes improve efficiency in virtualization?

<p>Is more efficient when handling privileged instructions in the GuestOS. (A)</p> Signup and view all the answers

When Trap-And-Emulate is used for a system call invoked by a userland program, what sequence of transitions occurs?

<p>We experience two transitions: User space --&gt; GuestOS kernel --&gt; HostOS kernel. (A)</p> Signup and view all the answers

In computing virtualization, what does direct assignment of I/O devices imply?

<p>A real device that is completely controlled by the GuestOS. (B)</p> Signup and view all the answers

How does a GuestOS typically detect devices during boot in a virtualized environment?

<p>It usually detects a set of virtual devices presented to it by the hypervisor. (C)</p> Signup and view all the answers

What information is crucial for a successful hot migration of a VM to another server?

<p>The entire VM (applications and GuestOS kernel), plus some state in the hypervisor. (C)</p> Signup and view all the answers

What is the primary function of the Trap-And-Emulate approach in computing virtualization?

<p>To emulate privileged CPU instructions executed at the wrong privilege level. (B)</p> Signup and view all the answers

How does CPU para-virtualization primarily work?

<p>Replaces some source code of the GuestOS kernel with the proper equivalent function in the HostOS kernel. (C)</p> Signup and view all the answers

For what purpose is a 'ClusterIP' service most commonly used in Kubernetes?

<p>To make a service reachable only from within the cluster, such as a backend database. (A)</p> Signup and view all the answers

What is a key characteristic of CPU rings in modern CPUs regarding operating system kernels?

<p>Have many CPU rings, and 2 of them are intended for executing OS kernels. (B)</p> Signup and view all the answers

What is the primary function of an Ingress controller in Kubernetes?

<p>To enable multiple HTTP/HTTPS services to share a single TCP port. (A)</p> Signup and view all the answers

To what instructions can dynamic binary translation refer in the context of virtualization?

<p>Can refer to an instruction executed by GuestOS kernel. (B)</p> Signup and view all the answers

Which Kubernetes service type should you choose if you need to create a service that is only accessible from inside the cluster?

<p>ClusterIP (C)</p> Signup and view all the answers

What is the key functionality provided by VMEntry and VMExit instructions in a virtualized system?

<p>Enable fast transitions between GuestOS and HostOS kernels. (C)</p> Signup and view all the answers

When using a command like htop inside a Docker container to view available resources, what information is typically displayed?

<p>The specific resources allocated to the Docker container at startup (e.g., 2 CPU cores and 4GB RAM). (C)</p> Signup and view all the answers

Why is a Kubernetes Service (e.g., ClusterIP) preferred over directly routing traffic to a pod's IP address?

<p>Services handle pod respawning and multiple replicas, providing a stable access point. (D)</p> Signup and view all the answers

How does a hypervisor typically handle the emulation of physical devices in computing virtualization?

<p>Is usually able to emulate a very small number of physical devices. (D)</p> Signup and view all the answers

What is the primary purpose of a Dockerfile?

<p>Defining a 'recipe' that outlines all the necessary steps to rebuild the container from scratch. (C)</p> Signup and view all the answers

What types of drivers are typically included in a modern operating system image used to start a VM?

<p>Usually includes drivers for many physical devices (e.g., Intel NIC), and a few para-virtualized devices (eg., VIRTIO). (D)</p> Signup and view all the answers

Theoretically, how do the memory requirements compare for an application running on bare metal, in a VM, and in a Docker container?

<p>Memory(VM) &gt; Memory(Docker) = Memory(bare metal) (B)</p> Signup and view all the answers

In Kubernetes, what is the typical use case for a 'DaemonSet'?

<p>To ensure a pod is running on every node in the Kubernetes cluster, typically for providing network services or system-level utilities. (B)</p> Signup and view all the answers

Consider an e-commerce site deployed in a Kubernetes cluster using a 'ClusterIP' service for the web frontend. What can be said about its reachability from the internet?

<p>The e-commerce site may only be reachable from the Internet depending upon the configuration of the Ingress controller. (D)</p> Signup and view all the answers

Theoretically, assuming no layered filesystem advantages, how do the disk requirements compare for an application running on bare metal, in a VM, and in a Docker container?

<p>Disk(VM) = Disk(Docker) &gt; Disk(bare metal) (B)</p> Signup and view all the answers

What is the primary purpose of Libvirt in virtualization management?

<p>Simplifies the interaction with VMs running on different hypervisors (KVM, Vmware, etc). (D)</p> Signup and view all the answers

What is the primary role of the 'control loop' concept in Kubernetes?

<p>To continuously observe the desired state of resources in the cluster and make necessary changes to achieve that state. (A)</p> Signup and view all the answers

Under what circumstance will a sensitive instruction NOT generate a trap when executed?

<p>When executed in an unprivileged mode. (C)</p> Signup and view all the answers

Which platform is most suitable for creating a web server that can effortlessly scale to handle unpredictable traffic spikes?

<p>Kubernetes (public cloud) (D)</p> Signup and view all the answers

In Linux-based virtualization, where do QEMU and KVM operate?

<p>QEMU runs in user space, KVM runs in kernel space. (C)</p> Signup and view all the answers

What is the main role of a hypervisor in a virtualized environment?

<p>It virtualizes hardware resources and manages the execution of virtual machines. (D)</p> Signup and view all the answers

Which of the following capabilities typically requires a service mesh, rather than being provided by a standard Kubernetes service?

<p>Load balancing HTTP/HTTPS connections based on request URL. (B)</p> Signup and view all the answers

What is the purpose of a Custom Resource in Kubernetes?

<p>To enable definition of custom objects, potentially unrelated to existing Kubernetes workflows, for managing other aspects of a system. (D)</p> Signup and view all the answers

Which component is responsible for emulating privileged CPU instructions when they are executed at the wrong privilege level in a virtualized environment?

<p>Trap-And-Emulate approach. (B)</p> Signup and view all the answers

What action does CPU para-virtualization take to optimize the guest operating system's performance?

<p>Replaces some source code of the GuestOS kernel with the proper equivalent function in the HostOS kernel. (A)</p> Signup and view all the answers

What is the function of the Virtual Machine Control Structure (VMCS) in hardware-assisted virtualization?

<p>It manages the transitions between guest and hypervisor. (D)</p> Signup and view all the answers

A university with campuses in different countries needs to set up real-time videoconferencing. Which is the BEST option?

<p>Buy a managed service running in multiple cloud locations across the world. (D)</p> Signup and view all the answers

If you connect a set of VMs/Dockers to a software bridge, what can you guarantee regarding network connectivity?

<p>You cannot guarantee full network connectivity to the services running within the VMs/Dockers. (C)</p> Signup and view all the answers

Which tool is most commonly used to connect to a remote server from the management host using a secure, encrypted connection?

<p>SSH (C)</p> Signup and view all the answers

If a Docker container attempts to modify its filesystem by writing a file, where is the file stored?

<p>In the filesystem of the running Docker container. (C)</p> Signup and view all the answers

What is the primary consideration when selecting servers for a new datacenter?

<p>Servers are usually all equal (in terms of CPU, memory, disks, etc). (B)</p> Signup and view all the answers

How many CPU rings are typically allocated for executing OS kernels in modern CPUs?

<p>Have many CPU rings, and 2 of them are intended for executing OS kernels. (A)</p> Signup and view all the answers

Which type of hypervisor runs directly on bare metal, offering better performance by directly managing hardware resources?

<p>Type-1 Hypervisor (D)</p> Signup and view all the answers

You are setting up a database-as-a-service from a cloud provider in 'high-availability' for an e-commerce site. Which deployment strategy is most appropriate?

<p>Multiple replicas across different Regions. (A)</p> Signup and view all the answers

What type of instructions can dynamic binary translation apply to?

<p>Can refer to an instruction executed by GuestOS kernel. (C)</p> Signup and view all the answers

In a Docker layered filesystem, when is a new layer created?

<p>Each time a <code>Dockerfile</code> executes a command that modifies the filesystem. (D)</p> Signup and view all the answers

What functionality do VMEntry and VMExit instructions facilitate in a virtualized system?

<p>Enable fast transitions between GuestOS and HostOS kernels. (B)</p> Signup and view all the answers

A Docker container is running on a server with 2 CPUs (52 cores each) and 512 GB RAM. How can this container utilize the underlying compute resources?

<p>The Docker utilizes the resources of the host server, but the exact amount must be pre-configured. (D)</p> Signup and view all the answers

What is the primary disadvantage of using Dynamic Binary Translation (DBT) in virtualization?

<p>It introduces performance overhead due to the need for continuous translation of non-virtualizable instructions. (C)</p> Signup and view all the answers

When deploying an application like an e-commerce site on a public cloud cluster, what is your responsibility regarding service reliability?

<p>You have to care about reliability, which is not completely guaranteed by the cloud provider. (C)</p> Signup and view all the answers

Which virtualization technique, pioneered by VMware, translates non-virtualizable x86 instructions at runtime to enable virtualization on standard hardware?

<p>Dynamic Binary Translation (DBT) (C)</p> Signup and view all the answers

In what scenarios is deploying cloud computing technologies at the edge of the network particularly beneficial?

<p>All the other answers. (D)</p> Signup and view all the answers

The University IT manager wants to move to cloud. The main goal is to be future proof and cost effective at the same time. Which is the best approach?

<p>Containerizing current applications and relying on a managed kubernetes service, and rely on managed databases (D)</p> Signup and view all the answers

What is a key characteristic of technologies for computing virtualization regarding isolation?

<p>Are used whenever strong computing isolation is required. (D)</p> Signup and view all the answers

Which technique optimizes memory usage in virtual machines by dynamically adjusting the amount of memory allocated based on the VM's current demand?

<p>Memory Ballooning (A)</p> Signup and view all the answers

A company runs an application that needs to store files. Some files are accessed every second, while others are only accessed every year. How would optimize costs?

<p>Store 'hot' files in an external SSD drive. Once the files become cold, move them into a cloud storage bucket. (C)</p> Signup and view all the answers

A developer is encountering issues with their application failing due to insufficient memory. How can they monitor how much memory is actually used by the application?

<p>Using <code>top</code> or <code>htop</code> commands to view real-time memory usage. (B)</p> Signup and view all the answers

Which virtualization technique allows a guest OS to run without modification by virtualizing all hardware interfaces?

<p>Full Virtualization (D)</p> Signup and view all the answers

How is the filesystem within a Docker container initially related to the filesystem of the host machine?

<p>At startup, it is completely independent from the one present on the hosting machine; however, temporary files created during Docker execution are stored in the filesystem of the hosting machine (e.g., /var/tmp/). (D)</p> Signup and view all the answers

A Docker is running on a server that has 2 CPUs with 52 cores each. How many cores are available for this Docker?

<p>The amount defined in the docker compose file. (C)</p> Signup and view all the answers

What is a key advantage of using hardware-assisted virtualization (HVM)?

<p>It enables faster execution of guest OS code by minimizing VM exits. (D)</p> Signup and view all the answers

Which of the following is a valid use for Kubernetes?

<p>Orchestrating a set of VMs on your local machine. (C)</p> Signup and view all the answers

Which feature allows the hypervisor to share a single physical I/O device among multiple VMs, enhancing I/O performance and resource utilization?

<p>Single-Root I/O Virtualization (SR-IOV) (D)</p> Signup and view all the answers

A Docker container is running on a server with two CPUs, each having 52 cores. An application within the Docker container attempts to maximize performance by creating a thread for each available CPU core. How many threads will the application create?

<p>104 (B)</p> Signup and view all the answers

What does the Extended Page Table (EPT) feature in Intel processors primarily aim to improve in a virtualized environment?

<p>Memory address translation efficiency (D)</p> Signup and view all the answers

In which virtualization technique does the guest OS need to be modified to work effectively with the hypervisor?

<p>Paravirtualization (D)</p> Signup and view all the answers

What is required for a virtual machine (VM) running in OpenStack to be reachable from a customer connected to the Internet?

<p>Explicit enablement in the OpenStack configuration of the VM. (C)</p> Signup and view all the answers

A pod, along with its associated service, runs in a Kubernetes datacenter and is exposed to the outside world through an Ingress controller. When a client on the Internet establishes a TCP connection to this pod/service, what happens with the network packets?

<p>Two cascading TCP connections must be established to allow the client to connect to the pod. (B)</p> Signup and view all the answers

What is the primary role of cgroups in Linux?

<p>To limit and account for resource usage by processes. (D)</p> Signup and view all the answers

In a service mesh architecture, what addition is typically made to each microservice to integrate it into the mesh?

<p>Each micro-service is automatically started with a sidecar that implements the service mesh. (C)</p> Signup and view all the answers

Which of the following features is NOT provided by Linux cgroups?

<p>Network isolation. (C)</p> Signup and view all the answers

When setting up servers in a new datacenter, what is the most common approach to selecting hardware?

<p>Servers are usually all equal (in terms of CPU, memory, disks, etc.). (D)</p> Signup and view all the answers

An e-commerce site utilizes a database-as-a-service from a cloud provider and needs to run in 'high-availability' mode. Which setup would you choose?

<p>In multiple replicas across different Regions. (D)</p> Signup and view all the answers

When deploying an application on a cluster in a public cloud and aiming for a reliable service, what is the most accurate consideration?

<p>You have to care about reliability. (B)</p> Signup and view all the answers

In what scenarios is the deployment of cloud computing technologies at the edge of the network most beneficial?

<p>All the other answers. (A)</p> Signup and view all the answers

When is computing virtualization most applicable?

<p>Are used whenever strong computing isolation is required. (A)</p> Signup and view all the answers

How does the filesystem in a Docker container relate to the filesystem on the host machine?

<p>It is logically independent from the one present on the hosting machine; however, some physical characteristics of the hosting machine (e.g., free disk space) can affect the behavior of the Docker file system as well. (B)</p> Signup and view all the answers

When Linux leverages the KVM hypervisor, what are the ring levels at which QEMU and the GuestOS operate?

<p>QEMU runs at ring 3 (VMX root), the GuestOS runs at ring 0 (VMX non-root). (A)</p> Signup and view all the answers

A Docker container is running on a server with 2 CPUs (52 cores each). If, inside the Docker, we execute an application that maximizes its performance by creating a number of threads equal to the number of CPU cores available, it will create the following number of threads:

<p>104 (B)</p> Signup and view all the answers

What is primarily needed for a VM in OpenStack to be reachable from the Internet?

<p>Must be explicitly enabled in the OpenStack configuration of the VM. (A)</p> Signup and view all the answers

In computing virtualization, which statement best characterizes a 'sensitive instruction'?

<p>Is an instruction that may leak information about the current OS kernel context or actual hardware configuration. (C)</p> Signup and view all the answers

When Trap-And-Emulate is used to handle a system call invoked by a userland program within a VM, what sequence of transitions is typically observed?

<p>We experience at least two transitions: User space --&gt; GuestOS kernel --&gt; HostOS kernel. (D)</p> Signup and view all the answers

A pod (and it associated service) is running in a Kubernetes datacenter and is reachable from the outside world through an Ingress controller. When a client (on the Internet) establishes a TCP connection toward the pod/service:

<p>Two cascading TCP connections must be established to allow the client to connect to the pod. (B)</p> Signup and view all the answers

What constitutes the state of a VM that is essential for enabling a hot migration?

<p>The content of the entire memory allocated to the VM plus some additional information stored in the hypervisor. (C)</p> Signup and view all the answers

In a service mesh, how is each micro-service typically augmented to participate in the mesh?

<p>Is automatically started with a sidecar that implements the service mesh. (B)</p> Signup and view all the answers

Under what conditions will an instruction executed at CPU ring 0 (VMX non-root mode) generate a trap?

<p>Will generate a trap if it is either a sensitive or privileged instruction. (B)</p> Signup and view all the answers

In computing virtualization, what best describes the use of the Trap-And-Emulate approach?

<p>Is used only to intercept privileged CPU instructions. (A)</p> Signup and view all the answers

How does a CPU that supports VMX root/non-root modes improve system call processing?

<p>Is more efficient when handling system calls. (B)</p> Signup and view all the answers

In computing virtualization, what does 'direct assignment for I/O devices' signify?

<p>A real device that is completely controlled by the GuestOS. (B)</p> Signup and view all the answers

When a GuestOS boots in a virtualized environment, what type of devices does it typically detect?

<p>It usually detects a set of virtual devices presented to it by the hypervisor. (C)</p> Signup and view all the answers

How does a VIRTIO driver running in a GuestOS primarily interact with the host system to send and receive data?

<p>Uses mainly bi-directional queues shared with the companion backend driver to send/receive data. (D)</p> Signup and view all the answers

In Linux, what is the primary function of tools like virsh and virt-manager?

<p>Enable users to interact with VMs (e.g., KVM-based) in a user-friendly way. (C)</p> Signup and view all the answers

What does the term 'nested virtualization' refer to?

<p>Running a VM inside another VM (B)</p> Signup and view all the answers

Which of the following statements best describes a Virtual Machine Monitor (VMM)?

<p>It is software responsible for emulating and managing virtual hardware. (A)</p> Signup and view all the answers

What is the primary purpose of the management host?

<p>To control the remote hypervisor (A)</p> Signup and view all the answers

Which of the following is a challenge with the x86 architecture in virtualization?

<p>It requires hardware-assisted virtualization from the start. (D)</p> Signup and view all the answers

When the Trap-And-Emulate is used to handle a userland program invoking a system call, what sequence of transitions is typically observed?

<p>We experience at least two transitions: User space --&gt; GuestOS kernel --&gt; HostOS kernel. (A)</p> Signup and view all the answers

In a typical virtualized environment, what type of device drivers are predominantly included within the GuestOS kernel?

<p>A mix of drivers for a few physical devices (e.g., Intel NIC) and many para-virtualized devices (e.g., VIRTIO). (B)</p> Signup and view all the answers

Libvirt's primary function is to:

<p>Offer a simplified interface for managing VMs across various hypervisors (KVM, VMware, etc.). (A)</p> Signup and view all the answers

In the Linux operating system, how do QEMU and KVM interact in a virtualized environment?

<p>QEMU operates in the user space, while KVM operates in the kernel space. (C)</p> Signup and view all the answers

What specific condition triggers the Trap-And-Emulate approach in computing virtualization?

<p>When a privileged CPU instruction is executed at the incorrect privilege level. (A)</p> Signup and view all the answers

A hot migration of a virtual machine from one server to another necessitates the transfer of:

<p>The entire VM (applications and GuestOS kernel) and specific hypervisor state information. (D)</p> Signup and view all the answers

In a virtualized setting, what is the role of VMEntry and VMExit instructions?

<p>To enable fast transitions between the GuestOS and HostOS kernels. (C)</p> Signup and view all the answers

How does Docker networking compare to traditional virtualized networking environments?

<p>Docker networking provides a simplified default configuration but also allows for extensive customization, similar to KVM. (B)</p> Signup and view all the answers

If a Docker container, Docker1, needs to connect to another Docker container, Docker2, running on a different server, what network address and port should Docker1 use?

<p>The server's IP address and the public TCP/UDP port published by Docker2. (D)</p> Signup and view all the answers

What network components are typically included in the standard network created by Docker on a server?

<p>A software bridge, routing, and NAT functions, specifically for traffic leaving the server. (D)</p> Signup and view all the answers

How does a Docker container obtain its IP address within the Docker network?

<p>A DHCP service managed by Docker within the Docker network assigns the IP address. (B)</p> Signup and view all the answers

If Docker1 and Docker2 are running on the same server, how does Docker1 establish a network connection to Docker2?

<p>Docker1 uses the IP address of Docker2 and the actual TCP/UDP port employed by the application in Docker2. (B)</p> Signup and view all the answers

What happens if an instruction, executed at CPU ring 0 in VMX non-root mode, is either sensitive or privileged?

<p>The instruction will generate a trap if it is either a sensitive or privileged instruction. (D)</p> Signup and view all the answers

How does a CPU that supports VMX root/non-root modes improve virtualization efficiency?

<p>It is more efficient when handling privileged instructions in the Host. (C)</p> Signup and view all the answers

In computing virtualization, what does the term 'direct assignment' refer to regarding I/O devices?

<p>A real device exclusively controlled by the GuestOS. (D)</p> Signup and view all the answers

When a GuestOS boots within a virtualized environment, what kind of hardware devices does it typically detect?

<p>It detects a set of virtual devices presented by the hypervisor. (A)</p> Signup and view all the answers

How does Libvirt enhance the management of virtual machines?

<p>By offering a simplified interface to interact with VMs across different hypervisors. (C)</p> Signup and view all the answers

In the Linux environment, how do QEMU and KVM interact regarding their execution space?

<p>QEMU operates in user space to manage VM emulation, while KVM runs within the kernel as a module. (A)</p> Signup and view all the answers

What is the minimal state that must be moved during a hot migration of a virtual machine to ensure continuous operation?

<p>The entire VM (GuestOS and applications) along with some state information from the hypervisor. (A)</p> Signup and view all the answers

When a CPU executes an instruction at ring 0 in VMX non-root mode, under what circumstances will a trap be generated?

<p>A trap is triggered if the instruction is either sensitive or privileged, enforcing virtualization constraints. (A)</p> Signup and view all the answers

How does a CPU that supports VMX root/non-root modes improve the handling of privileged instructions?

<p>It enhances the efficiency of managing privileged instructions, reducing overhead in the host environment. (C)</p> Signup and view all the answers

In computing virtualization, what does direct assignment for I/O devices imply regarding device control?

<p>A real device is exclusively controlled by the GuestOS, bypassing the HostOS for direct access. (C)</p> Signup and view all the answers

How does a VIRTIO driver within a GuestOS primarily communicate with its counterpart backend driver?

<p>By utilizing shared bi-directional queues for efficient, asynchronous data exchange. (A)</p> Signup and view all the answers

In Linux, what primary function do tools like virsh and virt-manager serve in the context of virtualization?

<p>They offer a user-friendly means to interact with and manage VMs, such as those based on KVM. (D)</p> Signup and view all the answers

When leveraging KVM in Linux, at which CPU ring levels do QEMU and the GuestOS operate?

<p>QEMU runs at ring 3 (VMX root), while the GuestOS runs at ring 0 (VMX non-root), ensuring controlled access. (D)</p> Signup and view all the answers

In computing virtualization, what is the primary characteristic of a 'sensitive instruction'?

<p>It may leak information about the current OS kernel context or the actual hardware configuration. (D)</p> Signup and view all the answers

When Trap-And-Emulate is used for a system call invoked by a program in userland, what sequence of transitions occurs?

<p>User space transitions to the HostOS kernel, then to the GuestOS kernel. (B)</p> Signup and view all the answers

To implement a hot migration successfully, what information about the VM's state is essential?

<p>The entire memory allocated to the VM along with specific additional data stored in the hypervisor. (B)</p> Signup and view all the answers

What is the main mechanism involved in CPU para-virtualization?

<p>Replacing specific source code in the GuestOS kernel with corresponding functions in the HostOS kernel. (B)</p> Signup and view all the answers

How are CPU rings structured in modern CPUs, particularly concerning OS kernel execution?

<p>Modern CPUs have numerous rings with two specifically designated for OS kernel execution. (B)</p> Signup and view all the answers

Flashcards

SaaS (Software-as-a-Service)

Delivering software online, customers access it over the internet.

COTS Hardware

Standardized hardware purchased in bulk to reduce variety in a data center.

VMs on-premise

Running software in virtualized environments on the customer's premises.

Containers on-premise

Running software in containers on the customer's premises for efficiency.

Signup and view all the flashcards

Virtual Private Cloud

A cloud instance dedicated to a single customer, but on a shared cloud infrastructure.

Signup and view all the flashcards

Kubernetes ClusterIP Service

A service reachable only within the Kubernetes cluster; often used for backend services.

Signup and view all the flashcards

Ingress Controller Use

Enables multiple HTTP/HTTPS services to share a single TCP port, like directing traffic based on the URL.

Signup and view all the flashcards

Internal-Only Service

A service type in Kubernetes used when you need a service to only be accessible from inside the cluster.

Signup and view all the flashcards

Why Use a Kubernetes Service?

Handles multiple replicas and pod respawning, providing a consistent access point.

Signup and view all the flashcards

Memory Usage: VM vs. Docker

VMs require more memory than Docker containers, which are almost equivalent to bare hardware.

Signup and view all the flashcards

Disk Usage: VM vs. Docker

VMs typically require more disk space than Docker containers, which are similar to bare hardware, assuming no layered file system advantages.

Signup and view all the flashcards

Endless Web Server Scaling

Kubernetes on a public cloud provider offers the best scalability.

Signup and view all the flashcards

Service Mesh Necessity

Load balancing based on application-level data (e.g., URL) requires a service mesh.

Signup and view all the flashcards

Videoconferencing Solution

Using a managed service like Zoom, running in multiple cloud locations, ensures reliability and global reach is the best option.

Signup and view all the flashcards

Docker File System Changes

The file is written to the Docker container's file system, within its writable layer.

Signup and view all the flashcards

Docker Layer Creation

Each command in a Dockerfile that modifies the file system creates a new layer.

Signup and view all the flashcards

Docker Resource Reporting

Reports resources assigned at startup (e.g., 2 CPU cores and 4GB RAM).

Signup and view all the flashcards

Dockerfile Purpose

Defines a 'recipe' listing steps to recreate a container from scratch.

Signup and view all the flashcards

Daemonset Usage

A pod that must always be running on each Kubernetes node (e.g., for network services).

Signup and view all the flashcards

ClusterIP Reachability

May be reachable depending on the Ingress controller configuration.

Signup and view all the flashcards

Control Loop in Kubernetes

Controllers watch resource states and make/request changes as needed.

Signup and view all the flashcards

Custom Resource in Kubernetes

Enables defining generic objects, even those unrelated to Kubernetes workflows.

Signup and view all the flashcards

Software Bridge Connectivity

You are NOT able to guarantee full network connectivity to the services running within the VMs/Dockers

Signup and view all the flashcards

New Datacenter Servers

Are usually all equal (in terms of CPU, memory, disks, etc).

Signup and view all the flashcards

Database-as-a-Service High Availability

In multiple replicas across different Regions.

Signup and view all the flashcards

Application Reliability in Public Cloud

You have to care about reliability, which is not completely guaranteed by the cloud provider.

Signup and view all the flashcards

Edge Computing Usefulness

All the other answers.

Signup and view all the flashcards

Technologies for Computing Virtualization

Are used whenever strong computing isolation is required.

Signup and view all the flashcards

Filesystem in a Docker

At startup, it is completely independent from the one present on the hosting machine; however, temporary files created during Docker execution are stored in the filesystem of the hosting machine (e.g., /var/tmp/).

Signup and view all the flashcards

CPU Para-virtualization

Emulates instructions that generate traps, often used in virtualization.

Signup and view all the flashcards

GuestOS Kernel Replacement

Replacing GuestOS kernel code with equivalent HostOS kernel functions.

Signup and view all the flashcards

CPU Rings

Modern CPUs have multiple privilege levels for OS kernels.

Signup and view all the flashcards

Dynamic Binary Translation

Refers to instructions executed by the GuestOS kernel during virtualization.

Signup and view all the flashcards

VMEntry/VMExit Instructions

Enable fast transitions between GuestOS and HostOS kernels in a virtualized environment.

Signup and view all the flashcards

Hypervisor

Software that manages virtual machines; emulates devices.

Signup and view all the flashcards

ISO of Modern OS in VM

Usually includes drivers for many physical devices and a few para-virtualized devices.

Signup and view all the flashcards

Libvirt

Simplifies interaction with VMs running on different hypervisors.

Signup and view all the flashcards

QEMU and KVM in Linux

QEMU runs in user space, KVM runs in kernel space.

Signup and view all the flashcards

Hot VM Migration

Moving an entire VM (applications, GuestOS kernel) and the hypervisor's state.

Signup and view all the flashcards

Sensitive Instruction

An instruction that must be handled with Trap-And-Emulate to avoid problems.

Signup and view all the flashcards

Instruction at CPU ring 0

Can generate a trap if it is a privileged instruction, handled by Trap-and-Emulate.

Signup and view all the flashcards

CPU with VMX Modes

Is more efficient when handling privileged instructions in the Host.

Signup and view all the flashcards

Trap-And-Emulate Transitions

User space to GuestOS kernel to HostOS kernel.

Signup and view all the flashcards

Direct Assignment I/O

A real device that is completely controlled by the GuestOS.

Signup and view all the flashcards

Docker CPU Thread Count

Docker creates threads equal to the number of CPU cores assigned at startup.

Signup and view all the flashcards

OpenStack VM Reachability

VM reachability in OpenStack requires explicit enablement in the VM configuration.

Signup and view all the flashcards

Kubernetes Ingress TCP Connection

Two cascading TCP connections are established for client-to-pod communication via an Ingress controller.

Signup and view all the flashcards

Service Mesh Sidecar

In a service mesh, each microservice is automatically started with a sidecar proxy.

Signup and view all the flashcards

Datacenter Server Standardization

Servers in a new datacenter are usually identical in CPU, memory, and disks.

Signup and view all the flashcards

High-Availability DBaaS

High-availability database services should be set up in multiple replicas across different Regions.

Signup and view all the flashcards

Cloud Application Reliability

When deploying applications in the public cloud, you always have to care about reliability, it is not completely guaranteed by the cloud provider.

Signup and view all the flashcards

Edge Computing Use Cases

Edge computing is useful for applications needing low latency, offline availability, and local data processing.

Signup and view all the flashcards

Computing Virtualization Use

Computing virtualization is used whenever strong computing isolation is required.

Signup and view all the flashcards

Docker Filesystem Independence

A Docker's filesystem is logically independent but its behavior depends on physical characteristics of the hosting machine.

Signup and view all the flashcards

OpenStack VM External Access

VM reachability in OpenStack must be explicitly enabled to communicate to the outside world.

Signup and view all the flashcards

Virtualization Isolation

Virtualization is used whenever strong computing isolation is required.

Signup and view all the flashcards

Service Mesh Implementation

In a service mesh, micro-services automatically start with a sidecar to implement the service mesh.

Signup and view all the flashcards

Trap-And-Emulate in Virtualization

The Trap-And-Emulate approach is used to intercept and handle privileged CPU instructions in computing virtualization.

Signup and view all the flashcards

Kubelet Main Function

Ensures containers within a pod are running as expected.

Signup and view all the flashcards

Kubernetes Pod

The smallest deployable unit in Kubernetes; can contain one or more containers.

Signup and view all the flashcards

Kubernetes Service

Provides a single, stable IP address to access a set of pods.

Signup and view all the flashcards

Kubernetes ReplicaSet

Ensures that a specified number of pod replicas are running.

Signup and view all the flashcards

Kubernetes Scheduler

Assigns pods to worker nodes based on resource requirements and constraints.

Signup and view all the flashcards

Trap-And-Emulate

Emulation of privileged CPU instructions when executed at an incorrect privilege level.

Signup and view all the flashcards

Modern CPU Rings

Modern CPUs have multiple rings with two dedicated to OS kernels.

Signup and view all the flashcards

VMEntry/VMExit

Instructions that facilitate quick transitions between GuestOS and HostOS kernels.

Signup and view all the flashcards

Modern OS Image

A modern OS image typically includes drivers for physical and para-virtualized devices.

Signup and view all the flashcards

QEMU vs KVM in Linux

In Linux, QEMU runs in userspace, and KVM operates in kernel space.

Signup and view all the flashcards

VM Hot Migration

Requires transferring the VM state and some of the hypervisor's state.

Signup and view all the flashcards

Moved state

Virtual machine memory and additional hypervisor state.

Signup and view all the flashcards

VMEntry and VMExit instructions

Enable fast transitions between GuestOS and HostOS kernels.

Signup and view all the flashcards

Hypervisor in virtualization

Is usually able to emulate a very small number of physical devices.

Signup and view all the flashcards

Modern Operating system

Usually includes drivers for many physical devices (e.g., Intel NIC), and a few para-virtualized devices (eg., VIRTIO).

Signup and view all the flashcards

Hot Migration Requirements

Moving the entire VM (applications and GuestOS kernel) plus some state in the hypervisor.

Signup and view all the flashcards

VMX non-root mode trap

Will generate a trap if it is either a sensitive or privileged instruction.

Signup and view all the flashcards

Direct assignment for I/O devices

A real device that is completely controlled by the GuestOS.

Signup and view all the flashcards

GuestOS in virtualized environment

It usually detects a set of virtual devices presented to it by the hypervisor.

Signup and view all the flashcards

VIRTIO driver

Uses mainly bi-directional queues shared with the companion backend driver to send/receive data.

Signup and view all the flashcards

virsh and virt-manager

Enable users to interact with VMs (e.g., KVM-based) in a user-friendly way.

Signup and view all the flashcards

KVM Hypervisor Rings

QEMU runs at ring 3 (VMX root), the GuestOS runs at ring 0 (VMX non-root).

Signup and view all the flashcards

Trap-And-Emulate syscall

We experience at least two transitions: User space --> HostOS kernel --> GuestOS kernel.

Signup and view all the flashcards

VM State for Hot Migration

The content of the entire memory allocated to the VM plus some additional information stored in the hypervisor.

Signup and view all the flashcards

Paravirtualized Device Drivers

Usually includes drivers for para-virtualized devices only (e.g., VIRTIO).

Signup and view all the flashcards

Libvirt's Role

Provides graphical access to VMs running on different hypervisors, simplifying interaction with KVM, VMware, etc.

Signup and view all the flashcards

Docker Network Features

Provides a default network but can also offer high flexibility and customizations similar to KVM.

Signup and view all the flashcards

Docker Networking Across Servers

It must use the IP address of the server, and the public TCP/UDP port published by Docker2.

Signup and view all the flashcards

Standard Docker Network

Includes a software bridge, routing, and NAT for traffic directed outside the server.

Signup and view all the flashcards

Docker IP Assignment

The IP is assigned by the Docker framework to the running container.

Signup and view all the flashcards

Docker Networking on Same Server

It must use the IP address of Docker2, and the actual TCP/UDP port used by the application running in Docker2.

Signup and view all the flashcards

VMX non-root mode instruction

Will generate a trap if it is either a sensitive or privileged instruction.

Signup and view all the flashcards

CPU with VMX root/non-root

Is more efficient when handling system calls.

Signup and view all the flashcards

Direct Assignment for I/O

A real device that is completely controlled by the GuestOS.

Signup and view all the flashcards

GuestOS Device Detection

It usually detects a set of virtual devices presented to it by the hypervisor.

Signup and view all the flashcards

Hypervisor's Main Role

Virtualizes hardware resources and manages the execution of virtual machines.

Signup and view all the flashcards

VMCS Function

Manages transitions between guest and hypervisor in hardware-assisted virtualization.

Signup and view all the flashcards

Connecting to Remote Server

Secure Shell. Used to connect securely to a remote server.

Signup and view all the flashcards

Type-1 Hypervisor

Runs directly on bare metal and usually offers better performance.

Signup and view all the flashcards

DBT Disadvantage

Introduces performance overhead due to the need for continuous translation of non-virtualizable instructions.

Signup and view all the flashcards

Dynamic Binary Translation (DBT)

Dynamically translates non-virtualizable x86 instructions at runtime.

Signup and view all the flashcards

Memory Ballooning

Dynamically allocates memory based on current usage.

Signup and view all the flashcards

Full Virtualization

The guest OS can interact with virtual hardware without needing to be modified.

Signup and view all the flashcards

HVM Advantage

Enables faster execution of guest OS code by minimizing VM exits.

Signup and view all the flashcards

SR-IOV Feature

Allows the hypervisor to share one physical device among multiple VMs.

Signup and view all the flashcards

EPT Feature Goal

Memory address translation efficiency.

Signup and view all the flashcards

Paravirtualization

The guest OS needs to be modified to work efficiently in the virtual environment.

Signup and view all the flashcards

Cgroups Primary Role

To limit and account for resource usage by processes.

Signup and view all the flashcards

Docker's Layered File System

Only differences between layers are stored, reducing disk usage.

Signup and view all the flashcards

API Server in Kubernetes

Exposes Kubernetes APIs for scheduling and managing resources.

Signup and view all the flashcards

KVM's Ring Levels

With KVM, QEMU runs at ring 3 (VMX root), and GuestOS runs at ring 0 (VMX non-root). This setup maintains security and separation.

Signup and view all the flashcards

VM State Contents

VM state for hot migration includes the entire memory allocated to the VM, plus hypervisor info.

Signup and view all the flashcards

Ring 0 Instruction Trap

CPU instructions at ring 0 (VMX non-root) generate a trap if sensitive or privileged.

Signup and view all the flashcards

VMX Efficiency

A CPU with VMX root/non-root modes is more efficient when handling system calls.

Signup and view all the flashcards

Direct Assignment

Direct assignment for I/O devices means a real device is completely controlled by the GuestOS.

Signup and view all the flashcards

VIRTIO Data Transfer

VIRTIO drivers use bi-directional queues shared with the backend driver to send/receive data.

Signup and view all the flashcards

Nested virtualization

Running a VM inside another VM.

Signup and view all the flashcards

Virtual Machine Monitor (VMM)

It is software responsible for emulating and managing virtual hardware.

Signup and view all the flashcards

Management host (Client VM)

To control the remote hypervisor

Signup and view all the flashcards

Workload Virtualization

Running a web application is an example of workload that can be virtualized.

Signup and view all the flashcards

x86 Challenges

It requires hardware-assisted virtualization from the start.

Signup and view all the flashcards

Study Notes

  • Below are study notes based on the text:

Software Deployment Options

  • A company with a new warehouse management product prefers to deliver it as a Software-as-a-Service (SaaS) model, which is not known by the customer, to minimize costs.

Common-Off-The-Shelf (COTS) Hardware

  • COTS hardware refers to standardized hardware bought in large quantities, reducing the variety of hardware in a datacenter.

Kubernetes "ClusterIP" Service

  • It is typically used for a service that has to be reachable only inside the cluster, like a backend database service consumed by a web server frontend.

Kubernetes Ingress Controller

  • It mainly enables multiple HTTP/HTTPS services to be delivered on a single TCP port through service multiplexing.

Accessing Services within Kubernetes

  • A Kubernetes "ClusterIP" should be used to create a service only reachable from inside a Kubernetes cluster.

Kubernetes Service vs. Pod IP Address

  • A Kubernetes Service (e.g., Cluster IP) is used instead of sending traffic to the pod IP address to handle multiple replicas and pod respawning.

Memory Requirements for Applications

  • Comparing memory requirements: Memory(VM) > Memory(Docker) = Memory(bare hardware).

Disk Requirements for Applications

  • Comparing disk requirements: Disk(VM) = Disk(Docker) > Disk(bare hardware), assuming no layered file system advantages.

Scalable Web Server

  • To create a web server that scales endlessly, Kubernetes on a public cloud is the preferred choice.

Service Mesh vs. Kubernetes Service

  • A Kubernetes "service" cannot provide load balancing of incoming HTTP/HTTPS connections to different service instances based on application-level information and a "service mesh" software is required instead.

Setting Up a Videoconferencing Service

  • For a real-time videoconferencing service between two campuses in different countries, buying a managed service (e.g., Zoom) running in multiple cloud locations is the best option.

Docker Filesystem Modification

  • If a Docker running in a server tries to modify its filesystem, the file will be written in the file system of the running Docker.

Docker Layered Filesystem

  • The layered file system in Docker builds a new layer each time the Dockerfile executes a command that modifies the current filesystem.

Docker Resource Availability

  • A Docker running on a server with 2 CPUs (52 cores each) and 512 GB RAM will report 104 CPU cores and 512 GB RAM when a command to show available resources is typed inside the Docker.

Dockerfile Purpose

  • The main purpose is to define a sort of “recipe” listing the steps required to re-create the container from scratch.

Kubernetes Daemonset

  • It is typically used for a pod that must always be running on each Kubernetes node to provide network services.

Kubernetes E-commerce Site and Reachability

  • The e-commerce site may be reachable from the Internet depending upon the configuration of the Ingress controller if the web frontend is configured as a “ClusterIP” service.

Kubernetes Control Loop Concept

  • It is implemented by controllers, which watch the state of the resources in your cluster, then make or request changes where needed.

Kubernetes Custom Resource

  • It enables the definition of generic objects, even not related to any Kubernetes workflow.

Software Bridge Connectivity

  • By connecting a set of VMs/Dockers to a software bridge, full network connectivity is not guaranteed to the services running within the VMs/Dockers.

Datacenter Servers

  • In a new datacenter servers are usually all equal in terms of CPU, memory, disks, etc.

E-commerce Site High-Availability

  • You would choose to setup the service in multiple replicas across different Regions when an e-commerce site leverages a database-as-a-service from the cloud provider to run in "high-availability".

Application Deployment in Public Cloud

  • Care about reliability, which is not completely guaranteed by the cloud provider when you deploy an application (e.g., e-commerce site) on a cluster in public cloud and you want to have a reliable service:.

Cloud Computing at the Edge of the Network

  • It is useful with applications that cannot afford network problems (e.g., outages, limited bandwidth, etc.), require very low latency, and need to keep some data local, or that need to reduce the data volume before sending it to the cloud.

Technologies for Computing Virtualization

  • They are used whenever strong computing isolation is required.

Docker Filesystem

  • It is logically independent from the one present on the hosting machine; however, some physical characteristics of the hosting machine (e.g., free disk space) can affect the behavior of the Docker file system as well.

Docker CPU Cores

  • If we execute an application that maximizes its performance by creating a number of threads equal to the number of CPU cores available, it will create 104 threads if A Docker is running on a server that has 2 CPUs (52 cores each).

VM Reachability in OpenStack

  • Its reachability Must be explicitly enabled in the OpenStack configuration of the VM from a customer connected to the Internet.

Kubernetes Pod/Service Reachability Through Ingress Controller

  • Two cascading TCP connections must be established to allow the client to connect to the pod when a client (on the Internet) establishes a TCP connection toward the pod/service.

Micro-Service in a Service Mesh

  • Is automatically started with a sidecar that implements the service mesh.

Computing Virtualization: Trap-And-Emulate

  • It can be used to emulate all the instructions that generate a trap.

CPU Para-Virtualization

  • Replaces some source code of the GuestOS kernel with the proper equivalent function in the HostOS kernel.

Modern CPUs

  • Have many CPU rings, and 2 of them are intended for executing OS kernels.

Dynamic Binary Translation

  • Can refer to an instruction executed by GuestOS kernel.

Virtualized Systems: VMEntry and VMExit Instructions

  • Enable fast transitions between GuestOS and HostOS kernels.

Computing Virtualization: Hypervisor

  • It is usually able to emulate a very small number of physical devices.

Operating System ISO Image in a VM

  • Usually includes drivers for many physical devices (e.g., Intel NIC), and a few para-virtualized devices (eg., VIRTIO).

Libvirt

  • Simplifies the interaction with VMs running on different hypervisors (KVM, Vmware, etc).

Linux and Virtualization

  • QEMU runs in user space, KVM runs in kernel space.

Implementing Hot Migration of a VM

  • It requires moving the entire VM (i.e., applications and GuestOS kernel), plus some additional data kept in the hypervisor.

Computing Virtualization: Sensitive Instruction

  • Is an instruction that may leak information about the current OS kernel context or actual hardware configuration.

CPU Instruction at Ring 0 (VMX Non-Root Mode)

  • Will generate a trap if it is either a sensitive or privileged instruction.

CPU Supporting VMX Root/Non-Root Modes

  • It is more efficient when handling system calls.

Trap-And-Emulate for Userland Programs

  • It experience at least two transitions: User space --> HostOS kernel --> GuestOS kernel.

Computing Virtualization: Direct Assignment for I/O Devices

  • A real device that is completely controlled by the GuestOS.

GuestOS Booting in a Virtualized Environment

  • It usually detects a set of virtual devices presented to it by the hypervisor.

VIRTIO Driver

  • Uses mainly bi-directional queues shared with the companion backend driver to send/receive data.

Linux Leveraging KVM Hypervisor

  • QEMU runs at ring 3 (VMX root), the GuestOS runs at ring 0 (VMX non-root).

Linux Tools: virsh and virt-manager

  • Enable users to interact with VMs (e.g., KVM-based) in a user-friendly way.

VM State

  • Can be found in / consists in the content of the entire memory allocated to the VM plus some additional information stored in the hypervisor.

Nested Virtualization

  • Refers to running a VM inside another VM.

Virtual Machine Monitor (VMM)

  • Is software responsible for emulating and managing virtual hardware.

Management Host (Client VM)

  • The primary purpose is to control the remote hypervisor.

Challenges with x86 Architecture in Virtualization

  • Some sensitive instructions do not trap when executed in an unprivileged mode.

Role of Hypervisor in Virtualized Environment

  • It virtualizes hardware resources and manages the execution of virtual machines.

Virtual Machine Control Structure (VMCS)

  • It manages the transitions between guest and hypervisor in hardware-assisted virtualization.

Connecting to Remote Server

  • SSH tool is used to connect to the remote server from the management host.

Type-1 Hypervisor

  • Type-1 Hypervisor runs directly on bare metal and usually offers better performance.

Disadvantage of Using Dynamic Binary Translation (DBT)

  • It introduces performance overhead due to the need for continuous translation of non-virtualizable instructions.

Dynamic Binary Translation (DBT) Introduced by VMware

  • VMware is used to dynamically translates non-virtualizable x86 instructions at runtime.

Memory Ballooning

  • Technique used to optimize memory usage in virtual machines by dynamically allocating memory based on current usage.

Full Virtualization

  • Technique allows the guest OS to interact with virtual hardware without needing to be modified.

Advantage of Hardware-Assisted Virtualization (HVM)

  • It enables faster execution of guest OS code by minimizing VM exits.

Single-Root I/O Virtualization (SR-IOV)

  • The hypervisor is allowed to share one physical device among multiple VMs in virtualization via this feature.

Extended Page Table (EPT)

  • In Intel processors it aims to improve memory address translation efficiency.

Paravirtualization

  • The technique in which guest OS needs to be modified to work efficiently in the virtual environment.

Cgroups in Linux

  • The feature primarily roles to limit and account for resource usage by processes in Linux.

Features Provided by Linux Cgroups

  • Network isolation is NOT one of the features that is provieded by Linux cgroups in addition to CPU quotas; process freezing; memory limiting.

Docker Resource Isolation

  • Docker uses Cgroups and namespaces to isolate resources such as CPU and memory.

Docker Filesystem Technology

  • Docker primarily uses the Union File System for its file system.

Advantage of Docker's Layered Filesystem

  • Only differences between layers are stored, reducing disk usage.

Namespace Isolating Filesystem Visibility

  • Mount namespace isolates the visibility of the filesystem across processes.

Limitations of LXC Compared to Docker

  • Docker has better integration with orchestration tools like Kubernetes.

Namespace NOT Provided by Linux Kernel

  • Memory Namespace is NOT provided by Linux Kernel, Mount Namespace, Processs ID (PID) Namespace and Network Namespace are.

Network Namespace Connection

  • Virtual Ethernet (veth) pair is a type of virtual interface connects two namespaces while in network namespaces

Primary Use of Docker

  • To creating lightweight, portable, and self-contained containers.

OpenStack for Large Datasets: Swift

  • Swift is the OpenStack used to store and retrieve large datasets and backups module.

Main Purpose of Keystone Module in OpenStack

  • Manage and authorize user access to OpenStack services.

OpenStack Networking Through Neutron

  • It provides Network as a Service (NaaS) for virtual network connectivity.

Non-Core Module in OpenStack

  • Docker is NOT a core module in OpenStack, Horizon, Glance, Cinder are.

OpenStack Module Responsible for Managing VMs: Nova

  • Nova is responsible for managing virtual machines (compute resources).

Non-Kubernetes Service Type

  • NodeIP is NOT Kubernetes service, ExternalName, Loadbalancer, ClusterIP are.

API Server in Kubernetes

  • Exposes Kubernetes APIs for scheduling and managing resources.

Purpose of Horizontal Pod Autoscaler (HPA)

  • To automatically scale pods based on metrics like CPU usage.

Main Function Of Kubelet in Kubernetes

  • Monitor and ensure the containers in the pod are running as expected.

Kubernetes Pod

  • The smallest unit of execution in Kubernetes.

Kubernetes Stable Access Point

  • Service resources provides a stable access point to a set of pods in Kubernetes.

Object Ensures Correct Number of Pod Replicas

  • ReplicaSet object ensures that the correct number of pod replicas are running in Kubernetes.

Role of Kubernetes Scheduler

  • To assign pods to nodes.

Data Stored in Kubernetes Secrets

  • Sensitive information like passwords and keys.

Docker Network Behavior

  • It provides a default (simplified) network behavior, but it can also offer high flexibility and customizations such as in a traditional virtualized environment (e.g., KVM).

Establishing Network Connection Between Dockers on Different Servers

  • Docker1 must use the IP address of the server, and the public TCP/UDP port published by Docker2, when tryng to establish a network connection to Docker2 if they are running on two different servers.

Standard Network Created by Docker

  • It includes a software bridge, plus routing and NAT functions operating on all the traffic generated by the containers and directed outside of the server.

IP Address Acquired by a Docker

  • It is "manually" assigned by the Docker framework to the running container.

Establishing Network Connection Between Dockers on the Same Server

  • Docker1 Must use the IP address of Docker2, and the actual TCP/UDP port used by the application running in Docker2 if it would like to establish a network connection to Docker2, if both are running on the same server.

Studying That Suits You

Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

Quiz Team

More Like This

Introduction to Cloud Computing
10 questions
Introduction to Cloud Computing
12 questions
6th Grade Science - Chapter 9 Lesson 2 Clouds
24 questions
Lesson 12-5 Clouds Formation Flashcards
29 questions
Use Quizgecko on...
Browser
Browser