|
Cloud computing essentials for managers / software engineers 培训
|
|
班级规模及环境--热线:4008699035 手机:15921673576( 微信同号) |
坚持小班授课,为保证培训效果,增加互动环节,每期人数限3到5人。 |
上课时间和地点 |
开课地址:【上海】同济大学(沪西)/新城金郡商务楼(11号线白银路站)【深圳分部】:电影大厦(地铁一号线大剧院站) 【武汉分部】:佳源大厦【成都分部】:领馆区1号【沈阳分部】:沈阳理工大学【郑州分部】:锦华大厦【石家庄分部】:瑞景大厦【北京分部】:北京中山 【南京分部】:金港大厦
新开班 (连续班 、周末班、晚班):2024年12月30日......(欢迎您垂询,视教育质量为生命!) |
实验设备 |
☆资深工程师授课
☆注重质量
☆边讲边练
☆合格学员免费推荐工作
★实验设备请点击这儿查看★ |
质量保障 |
1、培训过程中,如有部分内容理解不透或消化不好,可免费在以后培训班中重听;
2、课程完成后,授课老师留给学员手机和Email,保障培训效果,免费提供半年的技术支持。
3、培训合格学员可享受免费推荐就业机会。 |
课程大纲 |
|
- 1. Virtualization Details
a. Operating System Concepts Overview
i. CPU, Memory, Network, Storage
b. Hypervisor
i. Supervisor of Supervisors
ii. “Host” machine and “guest” OS
iii. Type-1 Hypervisor & Type-2 Hypervisor
iv. Citrix XEN, VMware ESX/ESXi, MS Hyper-V, IBM LPAR.
c. Network Virtualization
i. Brief introduction to 7-Layer OSI Model
1. Focus on Network layer
ii. TCP/IP Model or Internet Protocol
1. Focus on a single vertical
a. Application Layer: SSL
b. Network Layer: TCP
c. Internet Layer: IPv4/IPv6
d. Link Layer: Ethernet
2. Packet structure
iii. Addressing: IP Address and Domain Names
iv. Firewall, Load Balancer, Router, Adapter
v. Virtualized Network
1. Higher-order abstractions: Subnets, Zones.
- d. Hands-on Exercise:
i. Familiarize with ESXi cluster and vSphere client.
ii. Create/update networks in ESXi Cluster, deploys guests from VMDK
packages, enable inter-connectivity between guests in an ESXi cluster.
iii. Make modifications to a running VM instance and capture snapshot.
iv. Update firewall rules in ESXi using vSphere client.
- 2. Cloud Computing: A paradigm shift
a. A fast, inexpensive runway to make product/solution available to the world
b. Resource sharing
i. Virtualization of virtualized environment
c. Key benefits:
i. Resource elasticity on-demand
1. Ideate->Code- >Deploy without requiring infrastructure
2. Rapid CI/CD pipelines
- ii. Environment isolation and vertical autonomy
iii. Security through layering
iv. Expense optimization
d. On-premise Cloud and Cloud Providers
e. Cloud as an effective conceptual abstraction for distributed computing
- 3. Introduction to Cloud Solution Layers:
a. IaaS (Infrastructure as a Service)
i. AWS, Azure, Google
ii. Choose one Provider to continue later. AWS is recommended.
1. Introduction to AWS VPC, AWS EC2 etc.
- b. PaaS (Platform as a Service)
i. AWS, Azure, Google, CloudFoundry, Heroku
1. Introduction to AWS DynamoDB, AWS Kinesis etc.
- c. SaaS (Software as a Service)
i. Very brief overview
ii. Microsoft Office, Confluence, SalesForce, Slack
d. SaaS builds on PaaS that builds on IaaS that builds on Virtualization
- 4. IaaS Cloud Hands-on Project
a. The project uses AWS as the IaaS Cloud Provider
b. Use CentOS/RHEL the operating system for the rest of the exercise
i. Alternatively, Ubuntu will also do, but RHEL/CentOS are prefered
c. Obtain individual AWS IAM accounts from your cloud admin
d. Each student must do these steps independently
i. The ability to carve your own entire infrastructure on-demand is the best demonstration of the power of cloud computing
ii. Use AWS Wizards -- AWS online consoles -- to accomplish these tasks unless otherwise mentioned
e. Create a public VPC in us-east- 1 Region
i. Two Subnets (Subnet-1 and Subnet-2) in two different Availability Zones
- 1. See http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Sce
narios.html for reference.
ii. Create three separate Security Groups
1. SG-Internet
a. Allows incoming traffic from Internet on https://443 and http://80
b. No other incoming connections allowed
2. SG-Service
a. Allows incoming traffic only from security group SG-Internet on https://443 and http://80
b. Allows ICMP only from SG-Internet
c. No other incoming connections allowed
3. SG-SSH:
- a. Allows SSH:22 incoming connection only from a single IP that matches with the public IP of the student’s lab machine. In case the lab machine is behind a proxy then the public IP of the proxy.
- f. Deploy an instance of an AMI pertaining to your chosen OS -- preferably latest RHEL/CentOS versions available in AMIs -- and host the instance on Subnet-1. Attach the instance to SG-Service and SG-SSH groups.
g. Access the instance using SSH from your lab machine.
- i. http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AccessingInstan
cesLinux.html
- h. Install NGINX server on this instance
i. https://www.nginx.com/resources/wiki/start/topics/tutorials/install/
i. Put static contents of your choice -- html pages, images -- to be served by
NGINX (on port 80 0ver HTTP) and define URLs for them.
i. See https://www.nginx.com/resources/admin-guide/serving- static-content/
j. Test the URL from that machine itself.
k. Create an AMI image from this running instance.
i. See http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-
ami-ebs.html .
- l. Deploy that new AMI and host the instance on Subnet-2. Attach the instance to SG-Service and SG-SSH groups.
m. Run the NGINX server and validate that the access URL for the static content as created in step (i) works.
n. Create a new “classic” Elastic Load Balancer and attach it to SG-Internet.
i. See http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-
getting-started.html
ii. Note the difference from Application Load Balancer and Network Load Balancer.
- o. Create routing rule forwarding all http://80 and https://443 traffic to an instance group comprising the two instances create above.
p. Using any certificate management tool -- java keytool etc. -- create a key-pair and self-signed certificate and import the certificate to AWS Certificate Manager (ACM)
i. See http://docs.aws.amazon.com/acm/latest/userguide/import-
certificate.html
ii. Alternatively, ACM itself can be used as a certificate management and signing authority and a new certificate can be requested to ACM. But in that case a valid domain name must be used, corresponding domain admins must be available to validate the request, and an AWS Route53 entry then subsequently needs to be created to map onto ELB IP. These are more advanced steps and hence p.(i) is better recommended.
q. Use this certificate for the ELB’s TLS/SSL connection to support https
- i. See http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/ssl-
server-cert.html
- r. From your browser go to http:://<elb-public-access-name>/<static-content-url>
s. You should see the static content on your browser.
t. Stop each of the instances one at a time and submit the URLs.
u. Stop both instances and submit the URLs.
- 5. Cloud Monitoring: Introduction & Hands-on Project
a. AWS CloudWatch metrics
b. Go to AWS CloudWatch dashboard for the instances
i. Retrieve the relevant metrics and explain the variability with time
1.http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/viewing_
metrics_with_cloudwatch.html
c. Go to AWS CloudWatch dashboard for the ELB
i. Observe the ELB metrics and explain their variability with time
1.http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/el
b-cloudwatch- metrics.html
6. Advanced Concepts for Further Learning:
a. Hybrid Cloud -- on-premise and public cloud
b. Migration: On-premise to public cloud
i. Application code migration
ii. Database migration
c. DevOps
i. Infrastructure as a code
ii. AWS Cloud Formation Template
d. Auto-scaling
i. AWS CloudWatch metrics to determine health
|
|
|
|
|
|