售 价:¥
温馨提示:数字商品不支持退换货,不提供源文件,不支持导出打印
为你推荐
Title Page
Copyright and Credits
Hybrid Cloud for Architects
Packt Upsell
Why subscribe?
PacktPub.com
Contributors
About the author
About the reviewer
Packt is searching for authors like you
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Download the color images
Conventions used
Get in touch
Reviews
Introducing Hybrid Cloud
The cloud's demographics
Based on abstraction
Service down clouds
Infrastructure up clouds
Differentiating service down and infrastructure up clouds
Based on services offered
Based on consumers of the services
Choosing different cloud combinations
Summary
Hybrid Cloud – Why Does It Matter?
What does the world say?
Pure-play public cloud strategy
Public cloud benefits
Need for agility
Ability to experiment without upfront cost
Reducing operational overheads
Ability to consume enhanced services
Shortcomings of a public cloud
Cost
Control/customizability
Compliance
Fear of lock-in
Hybrid cloud case study
Summary – maximizing benefits
Hybrid Cloud Building Blocks
The story of a web application
Transport level
Case 1 – without a proxy
Case 2 – with a proxy
Application level
Web tier
Application tier
Database tier
Putting it all together
Use cases of a hybrid cloud
Isolated use case
Distributed use case
Co-Existent use case
Cloud bursting
Using cognitive services
Supporting application use cases
Backup and disaster recovery in the cloud
Decoupling the tiers
Case in point – architecture of OpenStack
Services to enable a hybrid cloud
Network connectivity
DNS service
Public cloud services for hybrid deployment
Amazon Web Services (AWS)
Storage gateway
Direct connect
Route 53
Amazon EC2 run command
VMware cloud on AWS
Microsoft Azure
Azure Stack
Azure Site Recovery (ASR)
Azure Traffic Manager
Summary – setting up hybrid cloud
Architecting the Underpinning Services
Networking
Underlay network
LAN architecture
WAN architecture
Overlay networking
GRE
VXLAN
Virtual Private Network (VPN)
Encrypting data using IPSec and SSL – concepts
IPSec VPN
SSL VPN
MPLS connectivity – direct connect
Routing table
Domain Name System (DNS)
How does DNS work?
Global load balancing
Identity and Access Management (IAM)
Identity Federation
Multi-Factor Authentication (MFA)
Application components
Global databases
Using Cockroach DB in a hybrid cloud environment
Database log shipping
Choosing the right components
Network connectivity
DNS services
IAM and Active Directory
Conclusion
Hybrid Cloud Deployment – Architecture and Preparation
Getting started with the public cloud – AWS
AWS terminology
Account
Region
Availability zones (AZ)
Virtual private cloud (VPC)
AWS services
Architecting the AWS environment
AWS account design
VPC design
Designing an AWS environment
Connectivity to the private cloud
Setting up a public cloud – AWS
Creating an account in AWS
Creating a VPC and subnets
Creating the IGW and VGW
Setting up AWS API access
Setting up the private cloud
Basics of designing an OpenStack environment
Choosing an OpenStack distribution
Choosing the deployment method
Installing DevStack
Configuring DevStack to enable Heat
Summary
Building a Traditional CMP-Based Hybrid Cloud
Supporting applications use case
Traditional operations
Modern outlook
Using the AWS storage gateway
File gateway
Volume gateways
Tape gateway
Isolated/distributed application use case
General architecture of CMP
ManageIQ
Installing ManageIQ
Preparing the host environment
Containerization basics
Understanding and installing Docker
Installing a ManageIQ container
Configuring ManageIQ to connect to AWS and OpenStack
Adding a new AWS EC2 provider
Adding our OpenStack endpoint
Provisioning virtual machines using ManageIQ
Creating a catalog
Creating a Service Dialog
Creating a catalog item and catalog
Testing the catalog
Policies and user authentication
Creating cloud images
In conclusion – architecting with a CMP
Summary
Building a Containerized Hybrid Cloud
Evolving to containers
Container networking
None – no networking
Bridge networking
Host networking
Overlay networking
Underlay networking
Container orchestration engine
Kubernetes architecture
Basic concepts in Kubernetes
Pod
Controllers
Service
Volumes
Namespaces
Kubernetes deployment
Introduction to Juju
Installing the Juju client and bootstrapping clouds
Bootstrapping an AWS Cloud
Bootstrapping an OpenStack Cloud
Accessing the Juju controller using a GUI
Deploying Kubernetes with Juju
Deploying a second instance of Kubernetes
Connecting to the Kubernetes clusters
Federation using Kubernetes
Reasons for consideration
Application migration – avoiding vendor lock-in
Enforce policies
High availability and application upgrades
Cloud bursting
Federation challenges
Implementing a Kubernetes federation
Step 1 – setting up the federation controller
Step 2 – combining the Kubernetes configuration (optional)
Step 3 – creating the federation
Creating the DNS provider
Initializing the federation
Summary
Using PreBuilt Hybrid Cloud Solutions
Azure Stack
Getting the Azure Stack
OpenStack Omni
Installing OpenStack Omni on DevStack
Removing the DevStack instance
Modifying the local.conf file
Running DevStack
vCloud Air
Using the different hybrid cloud solutions
Summary
DevOps in the Hybrid Cloud
The development cycle and DevOps
The traditional development stages
Merging the different teams
Creating the infrastructure
Configuring the infrastructure
Templatize
DevOps or NoOps
IaaC with Terraform
Installing Terraform
Configuring and using Terraform
Configuration management using Ansible
Installing Ansible
Configuring Ansible and a sample playbook
Summary
Monitoring the Hybrid Cloud
The traditional concepts in monitoring
Availability monitoring
ICMP monitoring
TCP/UDP monitoring
Enhanced monitoring
SNMP-based availability monitoring
Performance monitoring
SNMP monitoring
WMI monitoring and custom agent monitoring
Monitoring the hybrid cloud
Prometheus
The implementation architecture of Prometheus
Installing Prometheus
Downloading Prometheus
Setting up directories
Setting up startup script
Setting up node exporter
Configuring Prometheus
Grafana
Installing Grafana
Configuring Grafana to use Prometheus
Summary
Security in a Hybrid Cloud
Components of security
The CIA triad
Confidentiality
Integrity
Availability
Tools to protect against the breaches
IAM systems
Data encryption in rest and in motion
Network perimeter security
Firewalls
IDS/IPS
Proxies
Host controls
High availability and disaster recovery
Detection and analytics mechanism
Minimizing shared infrastructure
Compliance standards and controls
HIPAA compliance standards
Administrative controls
Physical controls
Technical controls
Security controls consideration in hybrid cloud
Common controls
Implementing the controls on AWS – public cloud
Security – shared responsibility model
Implementing the controls in private cloud
Security – best practices
Implementing a CMDB/asset list
User accounts and authentication
Provisioning and postprovisioning controls
Networks
Other practices
Summary
Other Books You May Enjoy
Leave a review - let other readers know what you think
买过这本书的人还买过
读了这本书的人还在读
同类图书排行榜