Virtualization and Cloud Computing Notes PDF

VIRTUALIZATION AND CLOUD COMPUTING Traditional Computer with a physical hardware ○ Same as virtualization and cloud ○ Physical + OS + Apps Local environment ○ Use of an on-premise datacenter (ex. office) Physical deployment or server Dedicated physical machine Virtualization Software versions of hardware and OS ○ Digitize from physical Emulation of physical machines and OS Allows multiple computers and/or OS in a single host machine (hardware and software) ○ Partitionability - allows multiple functionalities, able to distribute resources on different segments in your computer Virtual equivalent of computing resources ○ IT resource -> Compute (CPU memory), storage, network (I/O) Network (input data and output data) Multiple systems and apps running on a single machine (software level) Cloud Private, Public, and Hybrid Cloud Usage of virtualization Most often used for multiple servers both virtual and physical (but can also be used for 1 server only) Delivery of computing resources through the network ○ Public cloud utilizes internet (on-demand) Rental ○ Private cloud is essentially local deployment (no internet) You just need a network connection, just passes through the newtork You own the services ○ Hybrid Centralized resource and access via the network ○ If you want to utilize resources from other regions Decentralization resource and access via the network ○ Can be applicable for public cloud ○ Regions for global reach ○ Segregation of resources (if something goes to one region there is a backup in another region) Renting and using computer services ○ Rental is more on the public cloud (AWS - multi tenant) ○ Private cloud -> CCS cloud (dlsu only) Offer scalability and flexibility ○ Due to virtualization Traditional The use of physical servers and datacenters to deliver computing and other IT service Used to be the practice during the early days of using computers in companies and organizations, where dedicated servers were commonly used ○ 1 server -> 1 service ○ Usage is targetted on a single task Host computer would typically be installed with a single OS directly on the hardware, where tools, dependencies, and applications would run from it ○ 1 server = 1 OS Would typically run one or a few applications per machine, resulting in possible issues in resource allocation as well as difficulty in scaling ○ Ex. Animo Sys and MLS ○ You cannot add RAM, CPU, storage, etc. Traditional vs. Virtualization Virtualization Is the technology that you can use to create virtual representations of servers, storage, networks, and other physical machines and resources ○ Not physical Virtual software mimics the function of physical hardware to run multiple virtual machines simultaneously on a single physical machine ○ Ability of partitionability Also known as a virtual machine or VM is self-contained completely independent, and isolated software container with an operating system and application inside ○ One is not dependent on another ○ Doesnt have to be similar OS ○ Servers can have different use as others Multiple VMs on a single computer results in several OS and applications to run on one physical server, or host ○ Better maximization of resources Without Virtualization Due to the limitations of x86 servers, many IT organizations must deploy multiple server, each operating at a friction of their capacity, to keep pace with today’s high storage and processing demands Result = huge inefficiencies and excessive operating costs ○ Instead of using a single machine you use two With Virtualization Virtualization relies on software to simulate hardware functionality and create a virtual computer system ○ One server needed with multiple instances Enables IT organizations to run more than one virtual system (mutliple operating systems and applications) on a single server Result = economies of scale and greater efficiency Disadvantages: All servers are dependent on the physical machine Cloud On demand use of IT resources using network Properties of Virtualization 1. Partitioning - Divide resources between virtual machines - Run multiple OS or virtual machines in a single physical machine 2. Isolation - Fault isolation at the hardware level - Reduce risk of dependencies and conflicts 1. Encapsulation - Move and copy virtual machines as files - Improved portability 2. Hardware Independence - Provision or migrate to any server without the need to perform reconfigurations on the virtual machine TYPES OF VIRTUALIZATION Generally used for traditional: Server, Desktop, Network Newer technology, data applications were the reason application, storage, and data were added 1 - Server Virtualization How we typically view and implement virtualization Enable multiple OS to run on a single physical server Partitions a physical server into multiple virtual servers Benefits: ○ Greater IT efficencies In terms of capital expenses All under a single server Deployed easily with just a click of a button ○ Reduced operating costs Instead of having multiple computers generating a lot of heat, you only have a single computer ○ Maximation of resource ○ Faster workload deployment Basically just software (you can just copy paste, etc.) Putting files in a cloud ○ Increased application performance You can use more resources than what is available (overprovision) ○ Higher server availability Backups, scaling, load balancing Hardware independence ○ Eliminated server sprawl and complexity Management of utilization of resources 2 - Network Virtualization Instead of virtualizing the server itself, we are virtualizing the network Completely reproduces a physical network, allowing applications to run on a virtual network as if they were running on a physical network ○ Physical network to software network Manageability, capability, features Achieves greater operational benefits and all the hardware independencies of virtualization ○ No longer think about equipments (switches, routers, etc.) ○ Can configure remotely Presents logical networking devices and services to connected workloads, such as: ○ Logical ports ○ Switches Virtual networks ○ Routers Pfsense, sophos, UTM ○ Firewalls ○ Load balancers Allows the user to be redirected to another server ○ VPNs and more Supports a lot of IT requirements Limits: ○ May not work for all use cases ○ Specific network setups that are not available for virtual network 3 - Desktop Virtualization Deploying desktops as a managed service enables IT organizations to respond faster to changing workplace needs and emerging opportunities ○ If you have a virtual desktop, you can have a server with all the required systems ○ You can remotely connect new users Virtual desktops and applications can also be quickly and easily delivered to branch offices, outsourced and offshore employees, and mobile workers using tablets ○ Work from home, BYOD ○ Accessing the VM via the cloud instead, sending I/O through network connections Typically categorized as Local Desktop Virtualization or Remote Desktop Virtualization ○ Local: on-prem or same machine ○ Remote: accessing resources via the network Makes desktop management efficient, secure, and saves money on desktop hardware ○ Efficient Manageability is so much easier faster deployment, copying of files, etc. ○ Secure Aspects of isolation ○ Saves money No updates, warranty Types of Desktop Virtualization Desktop as a Service (DaaS) ○ Cloud service that delivers virtualized desktops and applications Public cloud manages the DaaS (rental of resources) Users subscribe to it ○ Use of VDI Underlying technology is usually VDI ○ Multi-tenant ○ Pre-configured for users ○ Types: client-defined, vendor-defined, and managed DaaS Virtual Desktop Infrastructure (VDI) ○ Deployed in Private cloud/ virtualized infrastructure ○ A product usually deployed on an on-premise data center Single tenant (isa lang ang may ari) CCS Cloud (only for CCS students) Manually installed (higher technical requirements) Cheaper in the long term ○ User access the virtual desktop on the server by using client devices Local Desktop Virtualization (LDV) ○ Hypervisor runs on a local computer containing virtual machines Hypervisor Virtual machine manager Allows us to manage your virtual machines Ex. ProxMox, ESXi, OpenStack, Hyper-V (Type 1: OS of the hardware) Ex. VMWare player, oracle virtual box (Type 2: Software on top of OS) ○ Switch between local and virtual environments as applications Remote Desktop Services (RDS) ○ Remote access Windows desktop sessions, also called Terminal Service Acting as a dumb terminal Allows the users to use the server at the same time ○ Multiple users are using a shared virtual machine 4 - Storage Virtualization Combines the functions of physical storage devices such as network attached storage (NAS) and storage area network (SAN) ○ Pool physical storage (HDD, SSD, Flash Drive) together that you can reallocate Storage can be pooled despite being heterogenous, from different vendors or of different types Storage virtualization uses multiple physical data storage and creates a large unit of virtual storage that you can assign and control by using management software ○ CCS → NAS (16TB each) IT administrators can streamline storage activities, such as archiving, backup, and recovery, because multiple storage devices are virtually combined into a single storage ○ Mapping to know where each file is located at You only care about capacity 5 - Data Virtualization Creates a software layer between this data and its applications that need it Without data virtualization ○ Lots of data sources ○ Combine organize → data warehouse lake (times 2 storage consumption and processing time) With data virtualization modern organizations collect data from several sources and in different formats and are stored in different places, such as in a cloud infrastructure or on-premises data center Data virtualization tools process an application’s data request and return results in a suitable format ○ Turns different format of data from various places to a general format (easier to query and process quickly → app friendly) This results in increased flexibility for data integration and support cross-functional data analysis ○ Performs business intelligent tools immediately 6 - Application Virtualization Pulls out the functions of applications to run on operating systemsother than the operating systems for which they were designed ○ Ex. run Linux apps on a Windows machine without any configurations Application streaming: users stream the application from a remote server. Runs only on the user’s device when needed ○ Stream games directly to your machine Pinapadala ung graphics to the machine processing happens on the server Server-based application virtualization: users access the remote application from their browser or client interface without installing ○ Using a browser for office 365 as a desktop application Local application virtualization: the application code is deployed with its own environment to run on all operating sytems without changes ○ All the dependencies are there VIRTUALIZATION AND HYPERVISORS Virtualization works because of Hypervisors Virtualization works by abstracting physical hardware and devices from the applications running on that hardware Hypervisors make virtualization possible by translating requests between the physical and virtual resources ○ This technology is used by cloud computing Cloud Computing: on demand delivery of IT resources via the network Hypervisors support the creation and management of VMs by abstracting a computer’s software from its hardware Bare metal hypervisors are sometimes embedded into the firmware (BIOS) to enable the OS of a computer to access and use virtualization software (Intel-VT or AMD-V) ○ Allows the OS to communicate with the processor and its resources that we want to use virtualization Hypervisor Also knwon as a virtual machine monitor or VMM, is a software that creates and runs virtual machines.f Allows a host computer to support multiple guest VMs by virtually sharing its resources (ex. memory) ○ Host computer: actual physical computer Bare-metal computer Type 1 hypervisor in the context of virtualization Traditional PC = no virtualization ○ Guest VMs: basically your virtual machine, digital OS or software Provide greater IT mobility since the guest VMs are independent of the host hardware ○ Isolation, encapsulation, and partition Translate the software from the hardware Multiple virtual machines can run on one physical server, reducing space, energy, and maintenance requirements Benefits of Hypervisor Speed ○ Virtual machines can be created instantly, making it easier to provision resources as needed for dynamic workloads ○ Dynamic workloads: changing workloads Efficiency ○ Running several VMs on a physical machine is more efficient than to run multiple underutilized physical machines Ex. having a christmas company and pooling your resources together to maximize They don’t always use their resources only during the holidays ○ use resource as much as you can para walang masayang Flexibility ○ Separates the OS from the underlying hardware, so the software no longer relies on specific hardware devices or drivers Translation ○ You can choose whatever hardware or software you are using ○ can easily adapt to any hardware Portability ○ Multiple OS to reside on the same physical server; VMs in the hypervisor run independently from the physical machine; allows shifting workloads and allocate resources as needed ○ You can easily transfer and duplicate files ○ encapsulation Types of Hypervisors Type 1 - Bare Metal or Native Hypervisor ○ Physical computer ○ Lightweight OS directly running on top of the host machine Hypervisor is the OS Ex. openstack, proxmox, etc. ○ Isolated from the guest OS, results in better security ○ Better performance than hosted hypervisors They don’t have to pass on another layer of OS ○ Mostly used by enterprise for data center computing needs ○ Dedicated ○ treat hypervisor as Host OS ○ Same level as host OS ○ example: enterprises or organization dedicated use of computers cloud services Type 2 - Hosted or Client Hypervisor ○ Runs as a software on an OS, like other programs Runs like an application Ex. VMware player, oracle, virtual box Run on top of a traditional OS before you go hardware ○ Can still run the same or a different guest OS from the host OS The guest OS is inside the host OS ○ Higher latency than bare metal hypervisor You have to pass through the OS then the hardware Mostly used by end users and software testing, where higher latency is less of a concern ○ Not dedicated ○ Home users, devs (latency is noy important) ○ You still want the Host OS to be usable Note: a bare-metal server (traditional) will always provide higher performance than a virtual server sharing with other virtual servers ○ Traditional computers is always better or faster by itself than type 1 hypervisors but type 1 hypervisors have lower latency than type 2 hypervisors ○ Traditional > Type 1 > Type 2 Type 1 Disadvantages ○ You need another laptop to act as a virtual machine when using an application in a different OS. It is not an OS built for you to use directly. Works more on Type 2 because the Hypervisor is turned into an application Virtual Machines vs. Containers VM ○ Slower ○ More configurations ○ You have to install the OS ○ GUI ○ Increases depending on the number of users Every machine kaniya kaniyang OS ○ VM is like a server virtualization Container ○ Fast because its lightweight ○ Less configurations ○ 1 app = 1 container Microservice architecture = for scaling up ○ Problem OS in only the apps Kernel uses the host kernel Not fully isolated Not fully self-contained ○ Do not affect how many OS you will be creating ○ Shared OS do not need to be downloaded again Sharing resources ○ A container engine is like an app, so you use the kernel of the host engine Application that does an OS virtualization Feature Container Virtual Machine Operating System Shares the host operating system’s Has its own kernel kernel Portability More portable Less portable - Heavier because contains a full OS Speed Faster to start up and shut down Slower to start up and shut down Use cases Good for portable and scalable Good for isolated applications - Web development - Testing - Microservices architecture - Development - Continuous integration and - Isolation delivery - Cloud computing - Cloud computing VIRTUALIZATION AND CLOUD COMPUTING Cloud Computing On-demand delivery of IT resources via the network ○ IT resources (compute power, database, storage, application) Virtualization Cloud Definition Concept of making something On-demand delivery of IT resources Physical into something virtual through the network - Hypervisors / translation / - Methodology abstraction - Usage of virtualization - Technology itself - Perspective CCS Cloud CCS Cloud - ProxMox (Hypervisor) - Usage of the VMs, Containers, etc. Purpose Create multiple simulated Pool and automate virtual resources environments from 1 physical for on-demand use hardware - Aggregate resources - Concept of encapsulation - User-friendly , consistency and partitioning Use Deliver packaged resources to Deliver variable resources to groups specific users for a specific purpose of users for a variety of purposes - You need to allocate - Dynamic resources for specific uses - They can decide to use the (consideration) for the cloud anytime depending company/organization on the user Configuration Image-based Template-based - Specific - Pre-defined fixed choices - Dynamic set up already - Configurability - Easier for the users - Choose how much resource - Easy to manage - Uniform Lifespan Years(long-term) Hours to months (short-term) - 5 year warranty (use it or - Auto-scaling not) - Increase depending - You want to maximize what on the demand you paid for - Elasticity - - Ex. Shoppee increases their cloud when there is a sale (10.10) Cost High capital expenditures (CAPEX), Public Cloud: low CAPEX, high OPEX low operating expenses (OPEX) - CAPEX Initial investment (one-time) - OPEX recurring cost (monthly) - No payment at first, because you pay for the monthly cost Private Cloud: high CAPEX, low - 1st month: you bought the OPEX server - Next few months: maintenance Applies to private cloud also since you own the cloud Scalability Scale Up Scale out vertical scaling (possible to scaling by adding more scale up and down) instances in terms of resources easiwr to create more ○ just increase instance resources with the same machine Workload Stateful Stateless fixed/ static/ constant changing purpose you had an idea and you set Dynamic it up Highly varying workload ○ no more ○ Depending on the configurations demand of the built for a specific purpose users Occupancy Single Tenant Multiple tenants 1 - pwner /environment/ Multi-user, need multi-owner/environment/n eeds *Cloud needs virtualization, but virtualization does not need cloud *Cloud computing is the usage, virtualization is the service Infrastructure as a Software Cloud computing enables you to stop thinking of your infrastructure as hardware, and instead think of (and use) it as software ○ Physical aspects: server, power, cooling, cables, renovation space → to the use of virtualization (cloud computing) agigility/speed, manageability. Etc. Traditional Computing Model Used by private cloud ○ On-premise ○ High CAPEX Infrastructure as hardware Hardware solutions: ○ Require space, staff, physical security, planning, capital expenditure Have a long hardware procurement cycle ○ Process of getting budget → bids → assembly time → shipping → setup → deployment (6 months -2 years) Require you to provision capacity by guessing theoretical maximum peaks ○ guess how much u need ( may sayang) Cloud Computing Model Infrastructure as software Software solutions ○ Are flexible (because of virtualization) ○ Can change more quickly, easily (easy to adapt), and cost-effectively (no physical as much) than hardware solutions ○ Eliminate the undifferentiated heavy-lifting tasks You need to think about a lot of thighs when you have your own datacenter (salary, skills, manpower, rent, renovation) In public cloud, all of these issues will be outsourced *** private cloud is closer to traditional Both software and hardware solution (can’t be one lang) Cloud Service Model IaaS (Infrastructure as a service) Full control over IT resources Deals with the network (configuration) Choose OS from the template Choose Hardware Resources IP address Firewall VMs, network, IT resource Usability: IT specific needs, specific infrastructure, More IT knowledge (Ops, Dev) PaaS (Platform as a service) Control panel ○ Apps and versions MySQL, MonggoDB, Python, Php, JSP ○ You can choose the app and version you want that is compatible with the system You don’t think about VM, network, and IT resource You only care about the app and the software version ○ Control when it comes to options Usability: Dev Ops, more on developer, need services, develop apps ○ Custom Focuses on deployment and management of applications more reliable when it comes to security SaaS (Software as a Service) app/subscription Least amount of control because it is the same for everyone Ex. google docs, drive, sheets, office 365 Only a single version for everyone All you have to do is subscribe Usability: normal users (not much technical background) ○ Need existing solutionzs Only secures your account Cloud Computing Deployment Model Setup Cloud A.k.a full cloud or public cloud Pertains to factors such as ○ Rent (may third party) ○ Global reach capability (choose which region/country you would like to deploy your cloud) Pay as you go Pay as you use Low to no CAPEX, high OPEX ○ outsource everything else Full market share ex Canvas On-premises (Private cloud) Traditional virtualization Hardware infrastructure that is virtualized High CAPEX, low OPEX Partial market You can repurpose servers ex CCS Cloud More configurable Hybrid Benefits of both public and private cloud Static resources below is cheaper compared to the dynamic once above ○ You were able to get the full market at a cheaper price Mid CAPEX, mid OPEX Disadvantages ○ A bit of your resources is wasted Similarities between AWS and Traditional IT You choose any solution, and most of them are supported. You can choose either or Advantages of Cloud Computing 1. Trade capital expense for variable expense ○ Does not mean cheap, you are just trading fro variable expenses ○ Pay only for the amount you consume Instead of investing on data centers based on forecast ○ More for accessibility purposes ○ For small businesses, if the owner is unsure 2. Massive economies of scale ○ Buy bulk = better discounts Millions of clients ○ Because of aggregate usage from all customers, cloud service providers can achieve higher economies of scale and pass savings on to customers example : ○ Lower variable cost for users 3. Stop guessing capacity ○ Traditional or private cloud: bought too much that you overestimated server capacity (waste of money), bought too little that you underestimated the server capacity (waste of market potential ○ Public cloud: pay as you go, scale on demand ○ 4. Increase speed and agility ○ Deployment ○ Traditional: weeks between wanting resources and having resources ○ Cloud (more on public): minutes between wanting resources and having resources This is because of virtualization 5. Stop spending money on running and maintaining data centers ○ Focus more on your business ○ Traditional: you have to think about payroll, maintenance, landscaping, hardware mindset/ management stress ○ Cloud: focus on businesses and customers You pay for more expensive fees, you change it for time and stress relief 6. Go global in minutes ○ More on access and lower latency ○ If you are in the Philippines and your clients are in America Traditional: your clients have to go the the PH to access your server Cloud: you can rent your server in America, customer are closer, Lower latency = happy customers INTRODUCTION TO AMAZON WEB SERVICES What are Web Services? Much like our public cloud Is any piece of software that makes itself available over the internet and uses a standardized format - such as Extensible Markup Language (XML) or JSON - for the request and the response (http protocol) of an application programming interface (API) interaction. ○ XML and JSON Globally recognized formats Key-value ○ API programmable What is AWS? AWS is a secure cloud platform that offers a broad set of global cloud-based products ○ Certified in security and infrastructure ○ A lot of solutions and services that are existing for public cloud services Provides you with on-demand access to compute, storage network, database, and other IT resources and management tools ○ Rental service for any resource you want ○ Software user friendliness Offers flexibility ○ API ○ Ways to interact (using tablet, laptop, etc.) Pay only for the individual services you need, for as long as you use them ○ Pay as you use Services work together like building blocks ○ API’s Categories of AWS Services You choose the best service based on your use case Democratize solutions ○ When you need a particular solution, you do not stick to the only thing that you know ○ Look at all possible solutions out there ○ If you stick to only what you know, you might miss out on a better solution out there Example Choosing a Service The service you select depends on your business goals and technology requirements ○ These solutions are under the Compute category ○ ○ ○ ○ ○ ○ ○ How to Interact with Cloud Service Providers 1. AWS Management Console (Web UI) a. Browser - typical user (test and try) b. Easy-to-use graphical interface 2. Command Line Interface(AWS CLI) a. Access to services by discrete commands or scripts b. Scripts and automation (IT/DevOPS/OPS) 3. Software Development Kits (SDKs) a. API - automation apps/programs (Dev or DevOPS) b. Access services directly from your code (Java, Python, etc.) FUNDAMENTALS OF PRICING Pricing Model (AWS) Three fundamental (IT Resources) drivers of cost with AWS ○ Compute (VMs or CTs) Charges per hour/second Varies by instance type (templates) Pay-per-use or rental ○ Storage Charged per GB By type of storage HDD, SSD, Tape ○ Data Transfer Outbound (Download) is aggregated and charged Inbound (Upload) has no charge (with some expectations) “Mas madalas ang download compared sa uploading “ Charged typically per GB How to pay for AWS or Cloud? Pay for what you use (rental aspect) ○ Most expensive option ○ Easy scalability (“pag di mo na kelangan delete mo, pag kelangan mo dagdag ka”) ○ On demand ○ Cost goes up by spikes, buying servers at certain intervals Resources are gonna be flat because use it or not you will have the same amount of resources available ○ Cost and resources go up if you need the resources, goes down if you do not need it Elasticity = allows to scale up and down depending on the need ○ No CAPEX Pay less when you reserve ○ Commitment for 1 or 3 years (No Agility) ○ Problem: Closer to traditional (static resources) “Stop guessing capacity” benefit is gone ○ Another reason why lumalaban ung pricing ng public cloud sa private cloud ○ Invest in Reserved Instances (RIs) Save up to 75% Options All Upfront Reserved Instance (AURI) ○ All CAPEX, low OPEX ○ Largest discount Partial Upfront Reserved Instance (PURI) ○ ½ CAPEX, higher OPEX ○ Lower discounts No Upfront Payments Reserved Instance (NURI) ○ No CAPEX, higher OPEX On Demand ○ No CAPEX, higher OPEX AWS = AURI, PURI, NURI Azure = NURI and AURI (no cost difference) Google Cloud = NURI Pay less when you use more and as AWS grows ○ Tiered pricing (memberships) ○ Economies of scale ○ Example 10 TB - Php 50 per GB 100 TB Php 48 per GB ○ Volume based discount ○ Multiple storage services deliver lower storage costs based on needs Pay even less as the cloud grows ○ Economies of scale because of multiple users ○ Future higher-performing resources replace current resources for no extra charge 2014 → i5 computer = 20k 2024 → i5 computer = 15k 2024 → i7 computer = 20k Swapping of prices but different resources (better) Custom pricing ○ If you have high-volume projects with uniqye requirements Only for large/special companies (ex. apple) and you want to change cloud AWS Free Tier ○ Enables you to gain free hands-on experience with the AWS platform, products, and services. Free for 1 year for new customers TOTAL COST OF OWNERSHIP Traditional Infrastructure Equipment ○ Bought it, think about servers, datacenters, etc. Resources and administration ○ Think about IT admin, network admin, it staff, HR, etc Contracts Cost ○ In terms of capital expenses Public Cloud No upfront expense - pay for what you use ○ OPEX Improve time to market and agility ○ You do not have to wait for a long time to buy servers ○ Soft benefits Scale up and down ○ On demand, rental self-service infrastructure ○ Easier accessible ○ Pick from the services they provide ** The only thing the same about Traditional and Public cloud is cost/money Total Cost Ownership Is the financial estimate to help identify direct (buying and renting) and indirect costs (soft benefits) of a system Why use TCO? To compare the costs of running an entire infrastructure environment or specific workload on-premise versus cloud To budget and build the business case for moving to the cloud Considerations CLOUD SECURITY Shared Responsibility Model Private Cloud or On-premise Traditional Single Tenant Ex. CCS Cloud → CCS ○ Traditional → Company Owner = responsible Public Cloud Owner = Ex. AWS User - User Each particular entity has its own responsibility Customer ○ Responsibility in the cloud Costumer Data = files (input incorrect permissions) [SaaS] Platforms, applications, identity and access management = software and apps (python prgrams, directory services) [Paas] You are the one who configures user accounts and groups Operating system… = you put ur database server in a public network via internet with bad password [IaaS] ○ If you can manage it, you are responsible for it (customer-configurable) ○ Data and configuration of files inside the cloud ○ Amazon Elastic Compute Cloud (Amazon EC2) instance operating system Including patching, maintenance ○ Applications Passwords, role-based access, etc. ○ Security group configuration Firewall ○ OS or host-based firewalls Including intrusion detection or prevention systems ○ Network configurations ○ Account management Login and permission settings for each user Cloud Service Provider ○ Responsibility for the of the cloud ○ Infrastructure side ○ Service Backend ○ Manages the hardware portions or the backbone solutions ○ Physical security of the data centers Controlled, need-based access ○ Hardware and software infrastructure Storage decommissioning, host operating system (OS) access logging, and auditing ○ Network infrastructure intrusion detection ○ Virtualization infrastructure Instance isolation Backbone ○ Typical IT resources Responsibility depends on the amount of control Service Characteristics and Security Responsibility Services managed by the customer ○ Amazon EC2 = VMs ○ Amazon Elastic Block Store (Amazon EBS) = Block Storage (HDD, SSD), encryption ○ Amazon Virtual Private Cloud (Amazon VPC) = network Infrastructure as a service (IaaS) ○ Customer has more flexibility over configuring networking and storage ○ Customer is more responsible for managing more aspects of the security ○ Customer configures the access controls Services managed by the AWS ○ Aws Lambda = Serverless Compute (still has a server) You don’t manage the server, you manage your own scripts Python = App = AWS Code = Your resposnibility ○ Amazon Relational Database Service (Amazon RDS) = you can choose mySQL, PostGre Data and config Choice of what DB to use ○ AWS Elastic Beanstalk = orchestration Platform as a Service (PaaS) ○ Customer does not need to manage the underlying infrastructure Do not need to manage server, network, storage AWS handles the operating system, database patching, firewall configuration, and disaster recovery Customer can focus on managing code or data SaaS ○ User = use “No more code” ○ Software is centrally hosted = cloud service provider ○ Licensed on a subscription model or pay-as-you-go basis. ○ Services are typically accessed via web browser, mobile app, or application programming interface (API) Gdrive, GDocs ○ Customers do not need to manage the infrastructure that supports the service If server has an issue = fault of cloud If app has an issue = fault of cloud If network has an issue = fault of cloud If data = fault of user Permission (configurable) = fault of user Wrong permissions Identity and Access Management (IAM) Directory Services Use Directory Services to manage access to resources ○ Resource is an entity you can work with Ex. VMs, folders, containers, drives, disks *** Identity → user/group/role Resource → VM/CT/Storage/DB/etc. Permissions (Fine grained permissions: identity, resource, actions, allow/deny) ○ Who can access the resource (identity) ○ Which resources can be accessed ○ How resources cabe be accessed (actions = view, list, start/stop, create, upload) Essential Components User ○ Person or application that can authenticate with an account ○ Programmatic Access Authenticate using Access Key ID and Secret Access Key Provides AWS CLI and AWS SDK access ○ AWS Management Console Access (via the Web Interface) Authenticate using Account ID or Alias IAM Username and Password *** account ID is different from IAM user (multi-tenant environments) ** Alice and Bob are examples of Account ID Can enable Multi-Factor Authentication (MFA) You know, You are 2 steps = better verification of authenticity Group ○ Collection of users that are granted identical authorization ○ If you put a policy will inherit a policy Policy ○ Permissions ○ Which resources can be accessed and the level of access Role ○ Temporary access ○ Set of permissions depending on the organizations ○ Ex. IT Admin = create/edit VMs Can change depending on the role of the user ○ Users in roles change (permission is not on the users, but on the roles) Authorization What actions are permitted Determine which resources and operations are allowed ○ Who can access ○ What can you do ○ Which resources you can access Cloud = secure → principle of least privilege ○ All permissions are implicity denied by default No config = denied ○ If something is explicitly denied, it is never allowed ○ You have to explicitly give permissions Policies Identity-based ○ Attached to an entity User, group or role ○ Policies specify Allow Deny Explicit Deny - denied forever (deny precedes allow) Implicit Deny - if you don’t reply you are automatically denied ○ Policies can be attached to multiple entities (reusability = better management) Resource-based ○ VM, bucket, file, container, DB, etc ○ Why put policy on resource-based? You can put policies on objects without specifying users Everyone (public access) More gined grained operations ○ If you are explicitly denied at the start, you will not be allowed to access resources even if you were allowed during the process ○ Checks the full list of policies before deciding what permission to give (not first match) IAM Groups Collection of IAM users User can belong to multi[le group No default group Groups cannot be nested ○ Only for organizational units (depending on cloud service provider If you have a policy and you apply it to a group, everyone in the group will inherit the policu IAM Roles Temporary access Set of permissions depending on the organizations Ex. IT Admin = create/edit VMs ○ Can change depending on the role of the user Users in roles change (permission is not on the users, but on the roles) Similar to an IAM user ○ Attach permissions policies to it Different from IAM user ○ No uniquely associated with one person (temporary) User on a role can change Securing a new Account AWS Account → Superuser/ root user ○ Privileges cannot be controlled ○ Full access to all resources ○ If this account will be compromised, it will be unstoppable Do not use this account (emergency purposes only) IAM User → user directory services ○ Entity inside AWS Account ○ Users, groups, and roles ○ Integrates with other services Resources ○ Identity federations Centralize authentication ○ Secure access for applications Single sign-on ○ Granular permissions Policies Best Practices: Do not use the AWS account root user ○ Requires email address and password Actions that can only be done with account root user ○ Update the account root user password ○ Change support plan ○ Restore an IAM user’s permission ○ Change account (tenant) settings Securing a new AWS account: Account root User 1. Stop using the account root user asap ○ You have unrestricted access ○ To stop using the account root user Create an IAM user Create an IAM group, and give it full administrator permissions, add IAM user to the group (making IAM user admin) Disable root account Enable password policy Use your new IAM user credentials (Admin user) If compromised, you can go back to your root user and disable the IAM user (failsafe) Store account root user credentials in secure place ○ Possible attacks Shoulder surf Keylogger Phishing Session hijacking 2. Enable multi-factor authentication (MFA) ○ Better authentication process (something you know and have) ○ Options for retrieving the MFA Token Virtual MFA-complaint app Google authenticator U2F security key devices Thumb drive, YubiKey Hardware MFA options RSA token Key fob or display card 3. Use logging systems (ex. CloudTrail) ○ Logs all API requests to resources in all supported services ○ Track activities (API requests to resources) 4. Enable billing report (AWS Cost and Usage Report) ○ Tracks your usage and provides estimated charges Determines anomalous charges ○ Analyze logs at the end of the day (eyes of a security investigator) Securing User Accounts 1. Organizations ○ Anything that has to do the org or organization structure ○ You can centrally manage them ○ Features Organizational Units → groups Inheritance of policies Integrations and support Service control policies For AWS Accounts ⇒ root users ○ If you set up organizations, you can put policies in the Root (limit access of root users) 2. Key Management Service ○ Create and manage encryption keys ○ Can log all key usages with AWS CloudTrail ○ Management and storage in general ○ Password manager Easier management Centralized 3. Amazon Cognito ○ User access and authentication ○ Manages sign-up, sign-in, and access control ○ Benefit 0Auth Centralized Single-sign on You only need one account for all your systems Better manageability, scalability, and integration Great for APIs 4. AWS Shield → DDos Protection ○ When you are using public cloud you are exposed to the internet A lot of chances individuals are compromising your machine ○ Protecting your machine as well as theirs Securing Data States of Data ○ Data at rest Dormant (HDD/SSD/flash drive) Unused Stored physically Can be stored as Object, block, NAS/NFS (Network attached storage/ network filed storage), Database ○ Data in Transit/Motion Moving data in the network ○ Data in memory Data in RAM ○ ***All are important because your credentials pass through these layers and each one has their own way of protecting data 1. Encryption of Data at Rest ○ Encryption data with a secret key Only those who have the secret key can decode data (authorization) 2. Encryption of data in transit ○ Transport Layer Security ○ HTTPS Creates secure tunnel Uses TLS or SSL Securing Object Storage ○ Buckets = folders, objects =files ○ By default, buckets and objects are private and protected ○ Least privileged Compliance Compliance Program ○ proof /evidence ○ Certifications and attestations You can trust a cloud service provider if they have a lot of certification standards because it is likely they follow really good practices ○ Laws, regulations, and privacy Data protection and health protection aspects Be sure to follow globally known standards ○ Alignments and Frameworks Would be the most fit for your organizations Look at organization's security posture AWS Config ○ Gives advice on what to do to ensure that you are following good practices ○ Helps assess, aduti, and evaluate the configuration ○ Automated eval tools for compliance AWS Artifact ○ is a resource for compliance-related information ○ Resource for compliance-related information CLOUD NETWORKING Cloud → IaaS → network SuperNet: Parent of Subnets ○ Subnet 1 IP: 192.168.1.0/24 ○ Subnet 2 IP: 192.168.0.0/24 ○ Supernet: 192.168.0.0/23 192.168.0.0 - 192.168.1.255 Switch (data link layer): connects devices in the same network Router (network layer): device that connects networks, intersection (you know which way to go) Host Devices (application layer) IP Addresses IPv4 = 32 bit → octets (4) [0 - 255] IPv6 = 128 bit → hextet (8) [0000 - FFFF] Classless Inter-Domain Routing (CIDR) Allowing a flexible number of bits (adjusting pre-fix length) Open Systems Interconnection (OSI) model Presentation Layer: encryption and encoding Session Layer: at a particular moment in time you know that you will be exchanging data Transport Layer: Application to application ○ TCP: connection reliable ○ UDP: connectionless and best-effort Network Layer: end to end ○ IP: best effort Data Link: network interface card to network interface card Physical Layer: signals (pulses) Cloud Networks Amazon VPC (Networking) ○ Creates a logically isolated section of the cloud where you can launch resources in a virtual network Per tenant (every account have their own environment) ○ Gives you control over virtual networking resources Selection of IP address range Creation of subnets (public/private) Customize route tables and network gateways You have the ability to be flexible ○ Able to customize the network configuration (each organization have their own setup of network, based on what they need and require) ○ Allows to use multiple layers of security VPCs and Subnets VPC ○ Logically isolated Each account have their own VPC Aspect of isolation and customization without the worry of overlapping Dedicated to your account Other users cannot access this unless you change permission Belong to a single Region and can span multiple Availability Zones You can put region closest to your user Subnets ○ Range of IP addresses that you divide the VPC ○ Belong to a single Availability zone ○ Classified as private or public IP Addressing When you create a VPC you assign it to an IPv4 CIDR block (range of private IPv4 addresses) You cannot change the address range after you create the VPC IPv6 is also supported CIDR block of subnets cannot overlap Reserved IP addresses (for AWS) Network Address(.0) ○ Routing Broadcast Address(.255) ○ Broadcast, sending data Internal communication(.1) ○ For routing and gateway DNS resolution(.2) Future use(.3) ○ Expansion address, for future use Public IP Address Types Public IPv4 Address ○ Manually assigned through an Elastic address ○ Automatically assigned through auto-asign public IP address settings at the subnet leve DHCP for public IP Problem Can change Elastic IP address ○ Assscociated with an account Permanent ○ Can be allocated and remapped anytime ○ Additional costs might apply Elastic network interface ○ Virtual network interface that you can attach and detach ○ If a VM fails you can attach it to another VM with all the same configs Routing Tables and Routes Route table contains a set of rules or routes that you can configure to direct network traffic from your subnet By default, every route table contains a local route for communication within the VPC ○ Gateway Subnet needs to have a routing table ○ To route the data “palabas” VPC Networking Solutions NAT allows our private subnet to have access to the internet with no public IP address ○ NAT gateway has the IP address VPC Sharing VPC Peering To connect 2 VPCs in different regions use Peering Connection Site-to-Site VPN Network to traditional Direct Connect Service, physical Not always an option because not every country have direct connect Endpoints API calls to expose services Gateway endpoints that you specify as a target for a route in your route table to either S3 or DynamoDB Interface endpoints are powered by AWS PrivateLink. PrivateLink provides private connectivity between VPCs, AWS services, and on-premises applications. Transit Gateway Hub and spoke Star topology Less complex routes ○ Transit gateway can route it where it should be routed VPC Security Security Groups Instance level firewall ○ Windows defender Inside the VM or container Security groups are stateful - return traffic is automatically allowed, regardless of rules ○ If the origin is You it will accept but if from other devices it will reject ○ You can specify allow rules, but not deny rules. ○ Default deny All rules are evaluated before the decision to allow traffic. Network Access Control Lists Network firewall Allow by default Separate inbound ans outbound rules, either allow or deny traffic Stateless - do not store the state rule s are evaluated in number order, starting with the lowest number ** having both is good to have a more in depth secure group Attribute Security Groups Network ACLs Scope Instance level (VM, Container) Subnet level (networks) Supported Rules Allow rules only Allow and deny rules State Stateful (return traffic is Stateless (return traffic must be automatically allowed regardless of explicitly allowed by rules) rules) - It should have the same set - Checks the origin of the of rules to be able to return traffic traffic back Order of Rules All rules are evaluated before Rules are evaluated in order before deciding the decision to allow traffic - All rules are permit - If it matches - No rule = deny *** Customizability and flexibility Amazon Route 53 Acts as DNS Allows us to translate names into numerical addresses Fully compliant to IPv4 and 6 Connects user requests to infrastructure running in and outside of AWS Is used to check the health of your resources (load balance) Features traffic flow Enables to register domain names Supported Routing (DNS) Simple routing ○ Name → IP ○ Use in single-server environments Weighted round-robin routing ○ Assign weights to resource to record certain frequencies Latency routing ○ Help improve your global applications Geolocation routing ○ Route traffic based on location of your users Geoproximity routing ○ Route traffic based on location of your resources Failover routing (rerouting) ○ Fail over to a backup site if your primary site becomes unreachable. Improve the availability of your applications that run on AWS by: Configuring backup and failover scenarios for your own applications Enabling highly available multi-region architectures on AWS Creating health checks Multivalue answer routing ○ Respond to DNS queries with up to eight healthy records selected at random ○ Load balancing - select at random to where you will forward it DNS Failover Configure backup and failover scenarios for your own applications Enabling high availability multi-region architectures Creating health checks ○ Hello packet or heartbeat Amazon CloudFront Content delivery and Network Latency Need for caching server Content Delivery Network A globally distributed system of caching servers ○ Great for repetitive requested content (less latency, less global bandwidth consumption) Caches copies of commonly requested files (static content) Delivers a local copy of the requested content from a nearby cache edge or Point of Presence ○ Cache edge = cache server near users Accelerates delivery of dynamic content Improves application performance and scaling Amazon CloudFront Fast, global, and secure CDN service Global network of edge locations and Regional edge caches Self-service model Pay-as-you-go pricing CLOUD STORAGE Object ○ Amazon S3 Block ○ Amazon EBS NFS ○ Amazon EFS Object Storage for long term ○ Amazon S3 Glacier Archival One of the core aspects in cloud services Amazon Elastic Block Storage Block Storage ○ HDD, SSD, Flash Disk ○ Most if not all Cloud providers need SSD to be root ○ Create individual storage columns and attach them to a VM ○ Automatically replicated within its Availability Zone ○ It can be backed up (pay) through snapshots Files are treated as many or multiple sets or sectors of blocks Block Storage vs. Object Storage ○ Block Storage Where the OS is usually stored Dynamic Files that can change (docx, text, xlxsx) You don’t have to iterate from (0-1GB) Group of sectors (n^2) 512B ○ Object Storage GDrive, One Drive, Dropbox Static files (mp4, png, zip, rar), compressed already Uses: ○ Boot volumes and storage for Amazon EC2 instances ○ Data storage with file system (NTFS, HFSplus or APPLEFS) How we read and write, dictates format ○ Database hosts Allow certain blocks to be changed ○ Enterprise applications Volume types ○ Provisioned IOPS - fastest but most expensive Read and write great! Critical business applications Large database workloads General Purpose - Fast but expensive Recommended for most workloads Boot volumes (OS) Virtual Machines Low-latency interactive applications Development and test environments Throughput-Optimized - Slow but cheap Big data Data warehouse Log processing It cannot be a boot volume (OS) Cold - slowest and cheapest Large volumes where data is infrequently accessed (Archival) Scenarios where the lowest storage cost ○ Choose resources depending on what you need and the amount of money you have SSD = OS, low capacity (faster) HDD = files, backup (slow) Features ○ Snapshots Point-in-time snapshots (rollback to a previous state Recreate a new volume at any time Good backup and recovery ○ Encryption Encrypt data at rest Encrypted volumes Higher storage consumption No additional cost ○ Elasticity Increase capacity (easy to scale up, but not scale down) Change to a different type (virtual storage) Amazon Simple Storage Service (Amazon S3) Object storage ○ Data is stored as objects in buckets ○ Virtually unlimited storage Single object is limited to 5TB ○ Designed for 11 9s durability Durability = likelihood the file gets lost More likely to lose memory than a file in the storage Data is redundantly stored (can be stored in multiple Availability Zones) ○ Granular access to buckets and objects Storage Cases ○ Amazon S3 Standard Usual storage Fast read and write Google Drive ○ Amazon S3 Intelligent-Tiering It can move your files over time until it deletes it (Until Glacier Deep Archive) How you interact with your data Paid because of the intelligent access ○ Amazon S3 Standard-Infrequent Access Multiple availability Zones Files you dont need to get as often Slower drives Cheaper ○ Amazon S3 One Zone-Infrequent Access Same as Standard Infrequent Single availability zone Low durability Slow drive No load balancing Much cheaper ○ Amazon S3 Glacier Magnetic tape Long term storage but very slowest Super cheap ○ Amazon S3 Glacier Deep Archive Hours to get your file Super super cheap Tape Super slower Amazon S3 bucket URLs (two styles) To upload your data: ○ Create a bucket/folder in an AWS Region ○ Upload almost any number of objects/files to the bucket Access the data anywhere Web UI (AWS management console) CLI (AWS command line interface) Dev (SDK) Common Use cases Storing application assets (.css,.js,.img,.vid) Static web hosting (html) Backup and disaster recovery Staging are for big data (zip) Static logs Common Scenarios Backup storage (CCTV) Application hosting (VM Snapshot) Media hosting (videos and audio) Software delivery (installers) Amazon Elastic File System File storage Works well for big data and analytics, media processing workflows, content management, we serving, and home directories ○ Large scale capabilities Petabyte-scale, low-latency file system ○ Fiber optic Shared storage ○ Network file system Elastic capacity ○ Easy to scale up (pool storage) Supports Network File System (NFS) versions 4.0 and 4.1 Compatible with all Linux-based AMI for EC2 Amazon S3 Glacier Super long-term storage ○ Magnetic tape Concept of seeking Cheap but slow Data archiving service that is designed for security, durability, and an extremely low cost ○ Tape → static ○ Provides 11 9s durability ○ Encryption of data in transit ( TLC) and at rest (Encrypt) ○ The vault lock feature enforces compliance through a policy ○ Extremely low-cost design works well for long-term archiving Three options for access to archives (expedited[5-12 mins]], standard[3-5 hrs], and bulk[5-12 hrs]) ○ Configuring lifecycles depending on your usage of the files Use Cases Media asset archiving (videos, music, audio) Healthcare information archiving (patient information) Regulatory and compliance archiving (docs and manuals) Scientific data (large data sets) Digital preservation (historaical records) Magnetic tape replacement LifeCycle Policies Delete or move objects based on age You can configure the lifecycle time Auto archive Storage Comparison Security Control acces with IAM (resources) Encrypts data with AES-256 (default) Manages your keys for you CLOUD DATABASES On Premise Database ○ Your own machine ○ Highest configrability and flexibility EC2 (VM) Database ○ OS and network → application and data → your responsibility ○ Flexibility is high *** these two is a better choice if you have your own DB admin RDS (PaaS) → SQL DynamoDB (PaaS) → noSQL Redshift (SaaS) → data warehouse Aurora (SaaS) → SQL plus *** less responsibility, management, and flexibility “Managed services” (Cloud service provider) More expensive Amazon Relational Database Service SQL database ○ Managed service ○ Structured data ○ Vertical scaling data Same column but many rows PaaS ○ You can choose the DB engine you like Unamanaged vs. Managed Services - User driven - Cloud service provider - Scaling, fault tolerance, and availability are - Scaling , fault tolerance, and availability are managed by you typically built into the service - Config data - Less flexible - Patches and updates - Easier to use - More flexible because you can choose your - Outsourced DB person options and configurations Challenges of Relational Databases Relational databases ○ Relationship between tables or databases Server maintenance and energy footprint ○ VM and traditional ○ CPU cycles Software installation and patches Database backups and high availability Limits on scalability Data security ○ Encrypting data in transit and addressed Operating system installation and patches ○ If unmanaged Amazon RDS Managed sercice that sets up and operates a realtional database in the cloud ○ Managed by the cloud service provider On premise database → Amazon EC2 (VM) → Database in Amazon RDS or Amazon Aurora ○ On premise data base Data center solutions High flexibility ○ Amazon EC2 Ones in colored are managed by cloud service provider Easier ○ Amazon RDS or Aurora Easiest Least flexible More expensive Instances ○ DB Instance Class (VM → price) CPU Memory Network performance ○ DB Instance Storage (Temporary DB) Magnetic General purpose (SSD) Provisioned IOPS Better performance ○ You have the aspect of choice on which DB to use High Availability with Multi-AZ Depoloyment Backup in Slave database in case Standby - not used as much Read Replicas Application is getting data from the primary instance Transactions are also replication in read replica instance Balances the load Features ○ Offers asynchronous replication Automatic at the same time ○ Can be promoted to primary if needed Backup Functionality ○ Use for read0heavy database workloads 15k read and writes ○ Offload read queries Transferring queries to read replicas Use Cases Web and mobile applications ○ High throughput ○ Massive storage scalability ○ High availability Ecommerce applications ○ Low-cost database ○ Data security ○ Fully managed solution Easy to manage Mobile and online game ○ Rapidly grow capacity ○ Automatic scaling ○ Database montioring ○ Real-time When to use Amazon RDS SQL Managed When your application requires ○ Complex transaction or complex queries ○ A medium to high query or write rate – Up to 30,000 IOPS (15,000 reads + 15,000 writes) ○ No more than single worker node or shard ○ High durabilithy Do not use when your application requires ○ Massive read/write rates (for example, 150,000 write/second) (Aurora → aspect of distribution)) ○ Sharding due to high data size or throughput demands Split, distribute, or balance transactions (RDS is a relationsal database, only centralized DB) ○ Simple GET or PUT requests and queries that a NoSQL database can handle JSON format, etc. ○ Relational database management system (RDBMS) customization You will need Vm or traditional database Amazon DynamoDB (noSQL) noSQL ○ Key-value pair ○ Not strict No normalization Horizontal scaling It can have multiple elements Not fixed format Fast and flexible NoSQL database service for any scale. NoSQL database tables with no limits Virtually unlimited storage Items can have differing attributes ○ You don’t need to have a null field because you don’t need to put any value to an entry with no value Low-latency queries Scalable read/write throughput ○ Auto scling Supports document and key-value store models. Replicates your tables automatically across your choice of AWS Regions Works well for mobile, web, gaming, adtech, and Internet of Things (IoT) applications Provides consistent, single-digit millisecond latency at any scale Amazon Redshift (Data Warehouse) Data warehousing ○ Analytics ○ IoT data ○ Big datasets Parallel Processing architecture For big data Automation and Scaling Manage ○ Easier ○ Allows to make business intellgence much easier to implement Monitoring ○ Maxmize resources Scale ○ Large data ○ Big data ○ Data lake Compatibility Use Cases (Data Warehousing) Enterprise data warehouse ○ Migrate at a pace that customers are comfortable with Data sources ○ Experiment without large upfront cost or commitment ○ Respond faster to business needs Speed and agility Big data ○ Low price point for small customers ○ Managed service for ease of deployment and maintenance Outsourceing particular solutions to cloud service providers ○ Focus more on data and less on database management Software as a service ○ Scale the data warehouse capacity as demand grows ○ Add analytic functionality to applications ○ Reduce hardware and software costs Economies of scale Business intelligence Amazon Aurora (SQL) Proprietary solution and infrastructure advantages ○ Parallel architecture and load balancing and redundancy SQL ++ Enterprise-class relational database Compatible with MySQL or PostgreSQL ○ proprietary , it’s just compatible Automate time-consuming tasks such as provisioning, patching, backup, recovery, failure detection, and repair multi-Avalability Zone Benefits (Enterprise SQL Solutions/RDB) Fast and available Simple ○ Focus on optimization and configurations ○ Data ○ SaaS Compatible engines ○ MySQL ○ Postgre Pay-as-you-go ○ Rental aspect Managed ○ Outsource High Availability multi-Availability Zone Resilient Design RAID (Redundant Array of Indepednent Disks) ○ Some form of storage virtualization Tools for the right Job ***Note: Aurora is mySQL and Postgre ○ If you need something outside of it use RDS

Virtualization and Cloud Computing Notes PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue