Cloud computing Books

Book SynopsisJeevan Gheevarghese Joseph is a senior principal product manager in the Containers and Kubernetes Services group within Oracle Cloud Infrastructure. He focuses on product strategy for containers and Kubernetes platforms at OCI. Jeevan also works with strategic customers as an advisor to help them make the most of Oracle's tooling and technology platforms. Jeevan's interests include application architecture, developer tooling, automation, and cross-product integration. Before his current role, he held positions in the Oracle A-Team and Oracle Data Cloud. He routinely speaks at developer events and industry conferences. Adao Oliveira Junior has been working in the technology industry for more than two decades, with five years of experience in cloud native solutions. He is a senior principal solutions architect who excels at gathering high-level requirements and turning them into technical solutions, aiding customers and partners worldwide. AdaoTable of ContentsChapter 1 Introduction to Oracle Cloud Infrastructure 1 Realms, Regions, and Availability Domains 2 Tenancies and Compartments 4 Controlling Access to Resources 5 Cloud Guard and Security Zones 10 Service Limits and Cost Management 11 Getting Started with Your Tenancy 14 Setting Up Users and Groups 14 Setting Up API Keys and Auth Tokens 15 Planning How Your Teams Will Use OCI 16 Summary 18 References 18 Chapter 2 Infrastructure Automation and Management 19 One Set of APIs, Different Ways to Call Them 19 A Quick Terraform Primer 20 A Basic Introduction to the Terraform Language 23 Terraform State Tracking 25 The OCI Terraform Provider 26 Setting Up the OCI Terraform Provider 26 Managing OCI Resources with Terraform 29 Simplifying Infrastructure Management with the Resource Manager Service 31 Helm and Kubernetes Providers 33 Generating Resource Manager Stacks 36 Resource Discovery 36 Drift Detection 38 Generating a User Interface from Terraform Configurations with a Custom Schema 38 Publishing Your Stacks with Deploy Buttons 49 Managing Multiregion and Multicloud Configurations 51 Summary 53 References 54 Chapter 3 Cloud Native Services on Oracle Cloud Infrastructure 55 Oracle Container Image Registry 56 Working with OCIR 58 Image Signing 59 Image Scanning 60 Creating Containers from Images 61 Compute Instances 62 Container Instances 63 Container Engine for Kubernetes 65 Service Mesh 69 Serverless Functions 71 API Gateways 73 Components of an API Gateway 74 Working with the API Gateway Service 75 Messaging Systems 79 Streaming 80 Understanding the Streaming Service 81 Working with the OCI Streaming Service 82 OCI Events Service 88 Summary 91 References 91 Chapter 4 Understanding Container Engine for Kubernetes 93 Monoliths and Microservices 93 Containers 94 Container Orchestration and Kubernetes 95 Oracle Container Engine for Kubernetes 96 OCI-Managed Components and Customer-Managed Components 97 Control Plane 97 Data Plane 98 Billable Components 99 Kubernetes Concepts 100 Cloud Controller Manager 101 Nodes and Node Pools 102 Node Pool Properties 103 Worker Node Images and Shapes 103 Kubernetes Labels 108 SSH Keys 109 Tagging Your Resources 110 Creating a Cluster 110 Quick Create Cluster Workflow 111 Custom Create Cluster Workflow 113 Using the OCI Command-Line Interface 117 Using the Terraform Provider and Modules 122 Automation and Terraform Code Generation 123 Asynchronous Cluster Creation 124 Cluster Topology Considerations 124 Using Multiple Node Pools 124 Scheduling Workloads on Specific Nodes 125 Kubernetes Networking 127 Container Network Interface (CNI) 127 OCI VCN-Native Pod Networking CNI 129 Flannel CNI 130 Kubernetes Storage 130 StorageClass: Flex Volume and CSI Plug-ins 131 Updating the Default Storage Class 131 File System Storage 133 Kubernetes Load Balancer Support 137 Working with the OCI Load Balancer Service 137 SSL Termination with OCI Load Balancer 140 Working with the OCI Network Load Balancer Service 142 Specifying Reserved Public IP Addresses 144 Commonly Used Annotations 144 Understanding Security List Management Modes 146 Using Node Label Selectors 147 Security Considerations for Your Cluster 149 Cluster Topology and Configuration Security Considerations 150 Authorization Using Workload Identity and Instance Principls 156 Securing Access to the Cluster 160 OCI IAM and Kubernetes RBAC 161 Federation with an IDP 162 Summary 162 References 163 Chapter 5 Container Engine for Kubernetes in Practice 165 Kubernetes Version Support 166 Upgrading the Control Plane 167 Upgrading the Data Plane 169 Upgrading an Existing Node Pool 170 Upgrading by Adding a Node Pool 173 Alternative Host OS (Not Kubernetes Version) Upgrade Options 175 Scaling a Cluster 175 Manual Scaling 175 Autoscaling 176 Scaling Workloads and Infrastructure Together 194 Autoscaler Best Practices 195 Cluster Access and Token Generation 196 Service Account Authentication 197 Configuring DNS 199 Configuring Node Local DNS Cache 201 Configuring ExternalDNS 202 Cluster Add-ons 203 Configuring Add-ons 203 Disabling Add-ons 205 Observability: Prometheus and Grafana 205 Monitoring Stack Components 205 Installing the kube-prometheus-stack 205 Operators and OCI Service Operator for Kubernetes 208 Getting Started with Operators on OKE 209 Operators for OCI, Oracle Database, and Oracle WebLogic 210 Troubleshooting Nodes with Node Doctor 214 Configuring SR-IOV Interfaces for Pods on OKE Using Multus 218 Using Bare Metal Nodes 218 Using Virtual Machine Nodes 226 Summary 238 References 239 Chapter 6 Securing Your Workloads and Infrastructure 241 Kubernetes Security Challenges 241 Concepts of Kubernetes Security 242 4Cs of Kubernetes Security 242 Securing Oracle Cloud Infrastructure Container Engine for Kubernetes (OKE) 243 Private Clusters 244 Kubernetes Role-Based Access Control (RBAC) with OCI IAM Groups 248 Data Encryption and Key Management Service 250 Audit Logging 253 Security Zones 255 Network Security Groups (NSGs) 256 Web Application Firewall (WAF) 257 Network Firewall 262 Allowed Registries 264 Cloud Guard 266 Hardening Containers and OKE Worker Nodes 267 Container Scanning 268 Container Image Signing 270 Center for Internet Security (CIS) Kubernetes Benchmarks 270 Using SELinux with OKE 272 Worker Nodes Limited Access 275 Securing Your Workloads 275 Security Context 275 syscalls and seccomp 278 Open Policy Agent (OPA) 280 OPA Gatekeeper 283 Open Web Application Security Project (OWASP) 285 Supporting Tools 287 External Container Scanning Tools 287 CIS-CAT Pro Assessor 287 Kube-bench 289 AppArmor 291 Falco 293 Tracee 293 Trivy 294 National Institute of Standards and Technology (NIST) Kubernetes Benchmarks 294 NIST Kubernetes Benchmarks 295 National Checklist Program Repository 296 National Vulnerability Database 296 NIST SP 800-190 Application Container Security Guide 296 Summary 296 References 297 Chapter 7 Serverless Platforms and Applications 299 Container Instances 300 Architecture 300 Using Container Instances 301 Serverless Functions 305 OCI Functions 306 Using OCI Functions 306 Building Your First Function 308 Adding an API Gateway 314 Function Logs and Distributed Tracing 315 Service Mesh 319 Using the Service Mesh 320 Adding a Service Mesh to an Application 321 Summary 330 References 330 Chapter 8 Observability 331 OCI Monitoring 331 Alarms 336 OCI Logging 338 Service Logs 340 Custom Logs 341 Audit Logs 343 Auditing OKE Activity 345 Advanced Observability in OCI 347 Logging Analytics 347 Enabling and Using Logging Analytics 349 Prometheus and Grafana with OKE 349 Using the OCI DataSource Plug-ins for Grafana 353 eBPF-Based Monitoring with Tetragon on OKE 353 Tetragon: eBPF-Based Security Observability and Enforcement 354 Running Tetragon on Oracle Container Engine for Kubernetes (OKE) 355 Summary 359 References 360 Chapter 9 DevOps and Deployment Automation 361 OCI DevOps Service 362 Code Repositories 363 Triggers 364 Build Pipelines 364 Artifacts 368 Environments 370 Deployment Pipelines 370 Elastically Scaling Jenkins on Kubernetes 376 Setting Up Jenkins on OKE 377 GitOps with ArgoCD 380 Setting Up Argo CD on OKE 381 Summary 384 References 384 Chapter 10 Bringing It Together: MuShop 385 Architecture 386 Source Code Structure 388 Services 390 Storefront 390 API 391 Catalog 391 Carts 392 User 392 Orders 393 Fulfillment 393 Payment 394 Assets 394 DBTools 394 Edge Router 394 Events 395 Newsletter Subscription 395 Load 395 Building the Services 395 Infrastructure Automation 398 Helm Charts 399 Utilities and Supporting Components 402 Deploying MuShop 403 Summary 405 References 406 9780137902538 TOC 10/30/2023

Read more less

Book SynopsisPreparing for your SAP Extension Suite development associate exam? Make the grade with this certification study guide! From user interfaces to security, this guide will review the key technical knowledge you need to pass the test. Explore test methodology, key concepts for each topic area, and practice questions and answers. Your path to SAP Extension Suite certification begins here! Highlights include: 1) Exam C_CPE_13 2) SAP S/4HANA 3) SAP Extension Suite 4) SAP Integration Suite 5) SAP API Business Hub 6) SAP Business Application Studio 7) SAP Business Technology Platform (SAP BTP) 8) SAP Fiori 9) APIs 10) Continuous integration and continuous delivery (CI/CD) 11) Extensibility 12) Security

Read more less

Book SynopsisThe “servicemesh” pattern, implemented by platforms like Istio, helps you push operational issues into the infrastructure so the application code is easier to understand, maintain, and adapt. Istio in Action teaches you how to implement a full-featured Istio-based service mesh to manage a microservices application. Istio in Action is a comprehensive guide to handling authentication, routing, retrying, load balancing, collecting data, security, and other common network-related tasks using the Istio service mesh platform. With helpful diagrams and hands-on examples, you'll learn how to use this open-source service mesh to control routing, secure container applications, and monitor network traffic. You will also bring Istio to legacy systems without changes to your applications and discover how to use Istio in amulti-cloud world with the data layer deployed on a cluster like Kubernetes. Cloud-native applications can include thousands of clustered containers, distributed components, and complex interactions. To build them effectively, developers need a new approach to infrastructural concerns like monitoring, storage, scaling, orchestration, and security. The Istio platform offers a configurable infrastructure layer called a service mesh that reliably and efficiently manages day-to-day concerns like service discovery, load balancing, encryption, authentication and authorization, circuit breakers, and more. Open source andcloud-ready, Istio is a welcome upgrade from manually managed microservices infrastructure.Trade Review“The definitive guide to understand Istio and when it's worthusing it.” Andrea Cosentino “If you are looking for how to setup and use Istio, this is thebook for you.” Michael J. Haller “The perfect blend of how and why.” Morgan Nelson “Istio: how to use it, when to use it, what it is, and most importantly, what it is not.” Andrea Tarocchi “Provides detailed information on an exciting technology with aton of real-world examples. The authors walk readers through a difficult subject with ease. Highly recommended.” Morgan Nelson “A thorough treatment of Istio with excellent examples you can reproduce. I learnt a lot about Service Mesh, its "raison d'etre",and Istio's capabilities. Excellent resource!” Michael Bright

Read more less

Book SynopsisPrivacy-Preserving Machine Learning is a practical guide to keeping ML data anonymous and secure. You'll learn the core principles behind different privacy preservation technologies, and how to put theory into practice for your own machine learning. Complex privacy-enhancing technologies are demystified through real world use cases forfacial recognition, cloud data storage, and more. Alongside skills for technical implementation, you'll learn about current and future machine learning privacy challenges and how to adapt technologies to your specific needs. By the time you're done, you'll be able to create machine learning systems that preserve user privacy without sacrificing data quality and model performance. Large-scale scandals such as the Facebook Cambridge Analytic a data breach have made many users wary of sharing sensitive and personal information. Demand has surged among machine learning engineers for privacy-preserving techniques that can keep users private details secure without adversely affecting the performance of models.Trade Review“An interesting and well-structured book about an emerging discipline that will certainly keep growing in importance.” Alain Couniot “Gives a deep and thorough introduction into preserving privacy while using personal data for machine learning and data mining.” HaraldKuhn “Makes for a great introduction to privacy-preserving techniques whichmake full use of machine learning.” Aditya Kaushik “An interesting book under a rising hot topic: privacy. I like the way using examples and figures to illustrate concepts.” XiangboMao “The only book, that I am aware of, which goes into depths of data privacy while making sure it doesn't get boring for readers.” VishweshRavi Shrimali “An interesting book under a rising hot topic: privacy.” XiangboMao “A great resource to understand privacy preserving ML.” DhivyaSivasubramanian “A great book to getting a deep theoretical overview of the landscape of privacy preserving approaches while also getting hands-on pragmatic experience.”Stephen Oates

Read more less

Book SynopsisEffective Data Science Infrastructure is a hands-on guide to assembling infrastructure for data science and machine learning applications. It reveals the processes used at Netflix and other data driven companies to manage their cutting edge data infrastructure. As you work through this easy-to-follow guide, you'll set up end-to end infrastructure from the ground up, with a fully customizable process you can easily adapt to your company. You'll learn how you can make data scientists more productive with your existing cloud infrastructure, a stack of open source software, and idiomatic Python. Throughout, you'll follow a human-centric approach focused on user experience and meeting the unique needs of data scientists. About the TechnologyTurning data science projects from small prototypes to sustainable business processes requires scalable and reliable infrastructure. This book lays out the workflows, components, and methods of the full infrastructure stack for data science, from data warehousing and scalable compute to modeling frameworks.Trade Review"Do not miss the opportunity to cover all key aspects of data science infrastructure on your next project." Jesús A. Juárez Guerrero "Useful book that provides tactical guidance on how to use Metaflow to streamline data science workflows but also includes great frameworks and abstractions to consider when defining your data science infrastructure stack." Sarah Catanzaro "This is the ultimate book to learn how to handle infrastructure in data science!" Ninoslav Cerkez "If you need a workflow management tool to glue your data code, look at metaflow. It's simple yet efficient." Mikael Dautrey

Read more less

Book SynopsisYou know how to build Go programs—now learn how to ship them to your customers efficiently! This practical guide to continuous delivery shows you how to rapidly establish an automated pipeline that will improve your testing, code quality, and final product. In Bootstrapping Go you will learn how to: Develop better software based on feedback from customers Create a development pipeline that turns feedback into features Reduce bugs with pipeline automation that validates code before it is deployed Establish continuous testing for exceptional code quality Serverless, container based, and server based deployments Scale your deployment in a cost-effective way Deliver a culture of continuous improvement Bootstrapping Go is a hands-on guide to shipping Go-based software. Following examples in the powerful Go programming language, you'll learn how to establish pipelines that seamlessly ferry your projects through production and deployment. Put the theory of continuous delivery and continuous integration into action, and discover instantly-useful guidance on automating your team's build and reacting with agility to customer demands. about the technology Development pipelines built to the principles of continuous delivery are the best way for code to flow through your organization. A properly functioning pipeline makes it seamless to modify functionality, enhance code quality, and evolve your deployments to meet your customer's needs. about the book Bootstrapping Go: Automating code development, testing and deployment shows you how to build pipelines that optimize your development process so you can deliver software seamlessly to production. You'll dive right in, learning author Joel Holmes's easy way to establish pipelines. In fact, you'll set up your first working pipeline before you're finished with Chapter three!Table of Contentstable of contents READ IN LIVEBOOK 1DELIVERING VALUE READ IN LIVEBOOK 2INTRODUCTION TO CONTINUOUS INTEGRATION READ IN LIVEBOOK 3INTRODUCTION TO CONTINUOUS TESTING READ IN LIVEBOOK 4INTRODUCTION TO CONTINUOUS DEPLOYMENT 5 CODE QUALITY ENFORCEMENT 6 TESTING FRAMEWORKS, MOCKING, AND DEPENDENCIES 7 DEPLOYING WITH BUILDPACKS 8 BUILD SYSTEMS AND PATTERNS 9 ACCEPTANCE AND INTEGRATION TESTING 10 CREATING YOUR OWN INFRASTRUCTURE 11 AUTOMATED QUALITY ANALYSIS 12 CONCLUSION

Read more less

Book SynopsisLearn the hands-on skills you need to ace the Kubernetes exam and boost your career by becoming a Certified Kubernetes Administrator (CKA). For readers who know the basics of containers and Linux admin. No Kubernetes experience is required. Acing the Certified Kubernetes Administrator Exam will provide you with content and practical exercises according to the unique CKA test environment. This practical book takes you hands-on with all the exam objectives, including deploying containerised applications to Kubernetes, accessing an application from an ingress resource, backup and restoring. You will learn how to: Administer an application running on Kubernetes Troubleshoot errors inside a Kubernetes cluster Authenticate users and machines to the Kubernetes API Create persistent storage in Kubernetes Add additional functionality to an existing Kubernetes cluster Plus! Essential exam tips and exercises help you work out your mental muscle memory. Acing the Certified Kubernetes Administrator Exam is your fast track to becoming a Certified Kubernetes Administrator! Your expert exam tutor is Chad Crowell, whose courses have helped thousands of developers to understand Kubernetes and earn the coveted CKA certification. About the technology The Certified Kubernetes Administrator (CKA) exam proves your skills as a Kubernetes administrator and is a serious test of your competency. There are no multiple-choice questions or essays: the whole test is conducted from the command line, with you performing solutions directly in the terminal. Administered by the Linux Foundation, the certification is recognised by employers worldwide as a proof of your ability to configure and manage production-grade Kubernetes clusters.

Read more less

Book Synopsis

Read more less

Book SynopsisYour organization can save and thrive in the cloud with this first non-technical guide to cloud computing for business leaders In less than a decade Google, Amazon, and Salesforce.com went from unknown ideas to powerhouse fixtures in the economic landscape; in even less time offerings such as Linkedin, Youtube, Facebook, Twitter and many others also carved out important roles; in less than five years Apple''s iTunes became the largest music retailer in North America. They all share one key strategic decision each of these organizations chose to harness the power of cloud computing to power their drives to dominance. With roots in supercomputing and many other technical disciplines, cloud computing is ushering in an entirely new economic reality technology-enabled enterprises built on low cost, flexible, and limitless technical infrastructures. The Executive''s Guide to Cloud Computing reveals how you can apply the power of cloud computing throughout yoTrade Review“A very timely and invaluable resource for CIOs, CTOs, and Enterprise Architects ... extremely relevant information that will serve readers well now and far into the future.” —Bob Flores, President & CEO Applicology Inc., Former CTO of the Central Intelligence Agency “The authors have done a great job in explaining the cloud concepts. They give historical and technical background to show that cloud computing is really an evolution of numerous technologies and business strategies. It is the combination of these that enables cloud and these new business strategies to happen. This makes the fuzziness of the concept come into focus. The “technical” chapters show the CIO and Technical Architect a model for building your own strategy within the business and a path from concept to deployment with governance and business models thrown in. Darn, I keep hoping for ‘the answer’. Now my questions can dig into the real value for our enterprise and a strategy for moving forward. Great book!!!” —Dave Ploch, CIO, Novus International “‘Executive’s Guide’ is not a code-phrase for an introductory text, but a comprehensive guide for the CIO, IT decision-maker, or project leader. The authors, two entrepreneurs and pioneers in the field, speak from substantial real-world project experience. They introduce the topic and related technologies, highlight cloud drivers and strategy, address relationships to existing initiatives such as Service-Oriented Architectures, detail project phases in the implementation of and evolution to cloud-based enterprise architectures, and offer many reasoned insights along the way.” —Joe Weinman, Strategy and Business Development, AT&T Business Solutions “Executive’s Guide to Cloud Computing is a crystal ball into the future of business. Not a technical treatise but an insightful explanation of how cloud computing can quickly deliver real business value. This book is an instruction manual on how to win business in this ‘born on the web’ world.” —Kevin L. Jackson, Vice President, Dataline LLC and author of Cloud Musings, http://kevinljackson.blogspot.comTable of ContentsPreface xi CHAPTER 1 THE SOUND OF INEVITABILITY 1 A Persistent Vision 5 A Little History 6 Three Ages of Computing 6 Broad Enablers 15 Big Contributions 20 Limitations 21 I Want One of Those 22 Back to the Future? 22 Notes 23 CHAPTER 2 CONCEPTS, TERMINOLOGY,AND STANDARDS 25 Basic Concepts: The Big Stuff 27 Major Layers 34 Where They Live (Deployment Models) 36 Geographic Location 39 Datacenter Innovation 39 The Quest for Green 40 Standards 41 Much Sound and Fury . . . 42 Parting Thoughts 42 Notes 43 CHAPTER 3 CLOUD COMPUTING AND EVERYTHING ELSE 45 The Neighborhood 45 Parting Thoughts 66 Notes 67 CHAPTER 4 STRATEGIC IMPLICATIONS OF CLOUD COMPUTING 69 A Survey of Cloud Implications 70 Business Benefits of Cloud Computing 78 Cloud-Based Business Models 82 Cloud-Enabled Business Models 83 Strategic Implications of Cloud Computing 86 Evolving from SOA into the Cloud 91 When to Do SOA versus Cloud? 98 Cloud Computing Adoption Obstacles 107 Parting Thoughts: Things to Do Tomorrow 109 Notes 110 CHAPTER 5 CLOUD ADOPTION LIFECYCLE 111 Cloud Adoption Lifecycle and Cloud Modeling Framework: Two Necessary Tools for Cloud Success 112 Cloud Adoption Lifecycle 114 Cloud Adoption Lifecycle Summary 144 Parting Thoughts 145 CHAPTER 6 CLOUD ARCHITECTURE, MODELING, AND DESIGN 147 Cloud Adoption Lifecycle Model: Role of Cloud Modeling and Architecture 147 Cloud Industry Standards 149 Standards Monitoring Framework 154 A Cloud Computing Reference Model 155 Exploring the Cloud Computing Logical Architecture 157 Developing a Holistic Cloud Computing Reference Model 162 Cloud Deployment Model 170 Cloud Governance and Operations Model 174 Cloud Ecosystem Model (Supporting the Cloud Reference Model) 179 Consumption of Cloud-Enabled and Cloud Enablement Resources 184 Cloud Computing Reference Model Summary 187 Cloud Computing Technical Reference Architecture 188 Parting Thoughts 192 Notes 193 CHAPTER 7 WHERE TO BEGIN WITH CLOUD COMPUTING 195 Cloud Adoption Lifecycle 195 Where to Begin with Cloud: Using the Cloud Adoption Lifecycle 199 Where to Begin with Cloud: Deployment Model Scenarios 200 Cloud Business Adoption Patterns 204 Where to Begin with Cloud: Consumers and Internal Cloud Providers 209 Cloud Patterns Mapped to Common Cloud Use Cases 213 Parting Thoughts 224 CHAPTER 8 ALL THINGS DATA 227 The Status Quo 228 Cracks in the Monolith 230 Cloud Scale 232 The Core Issues 234 Lessons Learned 237 Solutions and Technologies: A Few Examples 239 A Look Below: Need for Combined Computation/Storage 242 Parting Thoughts 243 Notes 243 CHAPTER 9 WHY INEVITABILITY IS INEVITABLE 245 Driving Scale 27 Objections and Concerns 248 Overwhelming Rationality 253 A Natural Evolution 257 Parting Thoughts 259 Notes 260 Appendix The Cloud Computing Vendor Landscape 263 Infrastructure as a Service (IaaS) 264 Platforms as a Service (PaaS) 264 Software as a Service (SaaS) 265 Systems Integrators 265 Analysts and Services Providers 266 Parting Thoughts 266 Note 266 About the Authors 267 Index 269

Read more less

Book SynopsisThe fundamentals for building systems are changing, and although many of the principles that underpin security still ring true, their implementation has become unrecognizable. This practical book provides recipes for AWS, Azure, and GCP to help you enhance the security of your own cloud native systems.

Read more less

Book SynopsisThis practical book helps you understand and manage OpenShift clusters from minimal deployment to large multicluster installations.

Read more less

Book SynopsisThis practical book describes Microsoft Azure's load balancing options and explains how NGINX can contribute to a comprehensive solution. Cloud architects Derek DeJonghe and Arlan Nugara take you through the steps necessary to design a practical solution for your network.

Read more less

Book SynopsisSheen Brisals and Luke Hedger outline the serverless adoption requirements for an enterprise, examine the development tools your team needs, and explain in depth the nuances of testing event-driven and distributed serverless services.

Read more less

Book SynopsisLearn in-demand cloud computing skills from industry experts Deploying and Managing a Cloud Infrastructure is an excellent resource for IT professionals seeking to tap into the demand for cloud administrators. This book helps prepare candidates for the CompTIA Cloud+ Certification (CV0-001) cloud computing certification exam. Designed for IT professionals with 2-3 years of networking experience, this certification provides validation of your cloud infrastructure knowledge. With over 30 years of combined experience in cloud computing, the author team provides the latest expert perspectives on enterprise-level mobile computing, and covers the most essential topics for building and maintaining cloud-based systems, including: Understanding basic cloud-related computing concepts, terminology, and characteristics Identifying cloud delivery solutions and deploying new infrastructure Managing cloud technologies, services, and networks Table of ContentsIntroduction xxiii Chapter 1 Understanding Cloud Characteristics 1 Basic Terms and Characteristics 2 Elasticity 2 On-Demand Self-service/JIT 3 Templating 4 Pay as You Grow 6 Pay-as-You-Grow Theory vs. Practice 7 Chargeback 8 Ubiquitous Access 9 Metering Resource Pooling 10 Multitenancy 11 Cloud Bursting 13 Rapid Deployment 14 Object Storage Concepts 16 File-Based Data Storage 16 Object Storage 18 Structured vs. Unstructured Data 18 REST APIs 19 Summary 25 Chapter Essentials 26 Chapter 2 To Grasp the Cloud—Fundamental Concepts 27 The True Nature of the Cloud 28 Elastic 29 Massive 29 On Demand 29 Virtualized 30 Secure 30 Always Available 30 Virtualization and Scalability 31 The True Definer of Cloud Computing 32 Serving the Whole World 32 The Cloud Hypervisor 33 Type 1 and Type 2 33 Use Cases and Examples 34 Benefits of Hypervisors 35 Hypervisor Security Concerns 35 Proprietary vs. Open Source 36 Moore’s Law, Increasing Performance, and Decreasing Enterprise Usage 36 Xen Cloud Platform (Open Source) 37 KVM (Open Source) 38 OpenVZ (Open Source) 38 VirtualBox (Open Source) 39 Citrix XenServer (Proprietary) 39 VMware vSphere/ESXi (Proprietary) 39 Microsoft Windows Server 2012 Hyper-V 41 Consumer vs. Enterprise Use 41 Workstation vs. Infrastructure 43 Key Benefits of Implementing Hypervisors 46 Shared Resources 46 Elasticity 46 Network and Application Isolation 47 Foundations of Cloud Computing 48 Infrastructure 48 Platform 49 Applications 50 Enabling Services 50 Summary 50 Chapter Essentials 51 Chapter 3 Within the Cloud: Technical Concepts of Cloud Computing 53 Technical Basics of Cloud and Scalable Computing 54 Defining a Data Center 55 Traditional vs. Cloud Hardware 62 Determining Cloud Data Center Hardware and Infrastructure 65 Optimization and the Bottom Line 70 The Cloud Infrastructure 78 Open Source 79 Proprietary 84 Summary 85 Chapter Essentials 86 Chapter 4 Cloud Management 87 Understanding Cloud Management Platforms 88 What It Means for Service Providers 90 Planning Your Cloud 90 Building Your Cloud 94 Running Your Cloud 95 What This Means for Customers 95 Service-Level Agreements 97 Policies and Procedures 97 Planning the Documentation of the Network and IP 98 Implementing Change Management Best Practices 100 Managing the Configuration 105 Managing Cloud Workloads 111 Managing Workloads Right on the Cloud 111 Managing Risk 112 Securing Data in the Cloud 113 Managing Devices 114 Virtualizing the Desktop 115 Enterprise Cloud Solution 116 Summary 116 Chapter Essentials 119 Chapter 5 Diagnosis and Performance Monitoring 121 Performance Concepts 122 Input/Output Operations per Second (IOPS) 123 Read vs. Write Files 124 File System Performance 125 Metadata Performance 127 Caching 130 Bandwidth 131 Throughput: Bandwidth Aggregation 132 Jumbo Frames 134 Network Latency 135 Hop Counts 136 Quality of Service (QoS) 137 Multipathing 137 Load Balancing 138 Scaling: Vertical vs. Horizontal vs. Diagonal 138 Disk Performance 140 Access Time 140 Data Transfer Rate 142 Disk Tuning 143 Swap Disk Space 144 I/O Tuning 144 Performance Management and Monitoring Tools 146 Hypervisor Configuration Best Practices 149 Impact of Configuration Changes 151 Common Issues 152 Summary 153 Chapter Essentials 154 Chapter 6 Cloud Delivery and Hosting Models 157 Private 158 Full Private Cloud Deployment Model 158 Semi-private Cloud Deployment Model 159 Public 160 Hybrid 160 Community 161 On-Premises vs. Off-Premises Hosting 161 On-Premises Hosting 162 Off-Premises Hosting 162 Miscellaneous Factors to Consider When Choosing between On- or Off-Premises Hosting 163 Comparing Total Cost of Ownership 166 Accountability and Responsibility Based on Delivery Models 168 Private Cloud Accountability 168 Public Cloud Accountability 169 Responsibility for Service Impairments 170 Accountability Categories 170 Security Differences between Models 171 Multitenancy Issues 171 Data Segregation 173 Network Isolation 173 Functionality and Performance Validation 174 On-Premises Performance 174 Off-Premises Performance 174 Types of Testing 175 Orchestration Platforms 175 Summary 177 Chapter Essentials 178 Chapter 7 Practical Cloud Knowledge: Install, Configure, and Manage 181 Setting Up the Cloud 183 Creating, Importing, and Exporting Templates and Virtual Machines 183 Creating Virtual Machine Templates 184 Importing and Exporting Service Templates 186 Installing Guest Tools 188 Snapshots and Cloning 189 Image Backups vs. File Backups 193 Virtual Network Interface Card 195 Virtual Disks 198 Virtual Switches 199 Configuring Virtual Machines for Several VLANs 201 Virtual Storage Area Network 203 Virtual Resource Migration 204 Establishing Migration Requirements 204 Migrating Storage 206 Scheduling Maintenance 208 Reasons for Maintenance 208 Virtual Components of the Cloud 209 Virtual Network Components 209 Shared Memory 210 Virtual CPU 211 Storage Virtualization 211 Summary 214 Chapter Essentials 215 Chapter 8 Hardware Management 221 Cloud Hardware Resources 222 BIOS/Firmware Configurations 222 Minimum Memory Capacity and Configuration 223 Number of CPUs 223 Number of Cores 224 NIC Quantity, Speeds, and Configurations 225 Internal Hardware Compatibility 225 Storage Media 226 Proper Allocation of Hardware Resources (Host) 227 Proper Virtual Resource Allocation (Tenant/Client) 232 Management Differences between Public, Private, and Hybrid Clouds 234 Public Cloud Management 234 Private Cloud Management 235 Hybrid Cloud Management 236 Tiering 236 Performance Levels of Each Tier 237 Policies 238 RAID Levels 238 File Systems 239 Summary 241 Chapter Essentials 242 Chapter 9 Storage Provisioning and Networking 245 Cloud Storage Concepts 246 Object Storage 246 Metadata 247 Data/Blob 248 Extended Metadata 248 Replicas 248 Policies and Access Control 248 Understanding SAN and NAS 249 Cloud vs. SAN Storage 250 Cloud Storage 251 Advantages of Cloud Storage 252 Cloud Provisioning 252 Migrating Software Infrastructure to the Cloud 253 Cloud Provisioning Security Concerns 253 Storage Provisioning 255 Network Configurations 256 Network Optimization 259 Cloud Storage Technology 260 Data Replication 261 Amazon Elastic Block Store (EBS) 262 Amazon Simple Storage Service (S3) 264 OpenStack Swift 266 Hadoop Distributed File System (HDFS) 266 Choosing from among These Technologies 277 Cloud Storage Gateway 278 Cloud Security and Privacy 280 Security, Privacy, and Attack Surface Area 280 Legal Issues (Jurisdiction and Data) 282 Supplier Lifetime (Vendor Lock-In) 283 Summary 284 Chapter Essentials 284 Chapter 10 Testing and Deployment: Quality Is King 287 Overview of Deployment Models 288 Private Cloud 288 Community Cloud 289 Public Cloud 289 Hybrid Cloud 290 Cloud Management Strategies 290 Private Cloud Strategies 291 Community Cloud Strategies 291 Public Cloud Strategies 292 Hybrid Cloud Strategies 292 Management Tools 293 Cloud Architecture 294 The Need for Cloud Architectures 294 Technical Benefits 295 Business Benefits 295 Cloud Deployment Options 296 Environment Provisioning 296 Deploying a Service to the Cloud 298 Deployment Testing and Monitoring 301 Creating and Deploying Cloud Services 304 Creating and Deploying a Cloud Service Using Windows Azure 305 Deploying and Managing a Scalable Web Service with Flume on Amazon EC2 309 Summary 321 Chapter Essentials 322 Chapter 11 Cloud Computing Standards and Security 323 Cloud Computing Standards 324 Why Do Standards Matter? 324 Current Ad Hoc Standards 325 Security Concepts and Tools 326 Security Threats and Attacks 326 Obfuscation 329 Access Control List 329 Virtual Private Network 330 Firewalls 330 Demilitarized Zone 333 Encryption Techniques 334 Public Key Infrastructure 335 Internet Protocol Security 336 Secure Sockets Layer/Transport Layer Security 336 Ciphers 337 Access Control Methods 338 Role-Based Access Control 338 Mandatory Access Control 338 Discretionary Access Control 339 Rule-Based Access Controls 339 Multifactor Authentication 339 Single Sign-On 339 Federation 340 Implementing Guest and Host Hardening Techniques 340 Disabling Unneeded Ports and Services 340 Secure User Credentials 343 Antivirus Software 344 Software Security Patching 344 Summary 345 Chapter Essentials 345 Chapter 12 The Cloud Makes It Rain Money: The Business in Cloud Computing 347 The Nature of Cloud Business 348 The Service Nature of the Cloud 348 Making Money with Open-Source Software 349 White Label Branding 350 Cloud Service Business Models 351 Infrastructure as a Service (IaaS) 351 Platform as a Service (PaaS) 352 Software as a Service (SaaS) 353 Data as a Service (DaaS) 354 Communication as a Service (CaaS) 355 Monitoring as a Service (MaaS) 355 Business Process as a Service (BPaaS) 355 Anything as a Service (XaaS) 356 Service Model Accountability and Responsibility 356 The Enterprise Cloud 359 Enterprise Applications 359 Cloud Collaboration 360 Collaborating with Telepresence 361 Disaster Recovery 364 Preparing for Failure: Disaster Recovery Plan 365 Backup Sites and Geographical Diversity 366 Change-Over Mechanism: Failover and Failback 369 Business Continuity and Cloud Computing 369 Business Continuity in the Cloud 370 Workshifting in the Cloud 371 Bring Your Own Device 371 Summary 372 Chapter Essentials 373 Chapter 13 Planning for Cloud Integration: Pitfalls and Advantages 375 Work Optimization 376 Optimizing Usage, Capacity, and Cost 376 Which Service Model Is Best for You? 379 The Right Cloud Model 381 Private Cloud 381 Public Cloud 383 Hybrid Cloud 384 Adapting Organizational Culture for the Cloud 385 Finding Out the Current Culture 385 Mapping Out an Adaption Plan 386 Culture Adaption, Propagation, and Maintenance 387 Potholes on the Cloud Road 389 Roadblocks to Planning 389 Convincing the Board 391 Summary 394 Chapter Essentials 394 Appendix The CompTIA Cloud+ Certification Exam 397 Preparing for the Exam 398 Taking the Exam 399 Reviewing the Exam Objectives 400 Index 417

Read more less

Book SynopsisTable of Contents Introduction xxiii Assessment Test xxxii Chapter 1 Architectural Concepts 1 Cloud Characteristics 3 Business Requirements 5 Understanding the Existing State 6 Cost/Benefit Analysis 7 Intended Impact 10 Cloud Computing Service Categories 11 Software as a Service 11 Infrastructure as a Service 12 Platform as a Service 12 Cloud Deployment Models 13 Private Cloud 13 Public Cloud 13 Hybrid Cloud 13 Multi- Cloud 13 Community Cloud 13 Multitenancy 14 Cloud Computing Roles and Responsibilities 15 Cloud Computing Reference Architecture 16 Virtualization 18 Hypervisors 18 Virtualization Security 19 Cloud Shared Considerations 20 Security and Privacy Considerations 20 Operational Considerations 21 Emerging Technologies 22 Machine Learning and Artificial Intelligence 22 Blockchain 23 Internet of Things 24 Containers 24 Quantum Computing 25 Edge and Fog Computing 26 Confidential Computing 26 DevOps and DevSecOps 27 Summary 28 Exam Essentials 28 Review Questions 30 Chapter 2 Data Classification 35 Data Inventory and Discovery 37 Data Ownership 37 Data Flows 42 Data Discovery Methods 43 Information Rights Management 46 Certificates and IRM 47 IRM in the Cloud 47 IRM Tool Traits 47 Data Control 49 Data Retention 50 Data Audit and Audit Mechanisms 53 Data Destruction/Disposal 55 Summary 57 Exam Essentials 57 Review Questions 59 Chapter 3 Cloud Data Security 63 Cloud Data Lifecycle 65 Create 66 Store 66 Use 67 Share 67 Archive 69 Destroy 70 Cloud Storage Architectures 71 Storage Types 71 Volume Storage: File- Based Storage and Block Storage 72 Object- Based Storage 72 Databases 73 Threats to Cloud Storage 73 Designing and Applying Security Strategies for Storage 74 Encryption 74 Certificate Management 77 Hashing 77 Masking, Obfuscation, Anonymization, and Tokenization 78 Data Loss Prevention 81 Log Capture and Analysis 82 Summary 85 Exam Essentials 85 Review Questions 86 Chapter 4 Security in the Cloud 91 Chapter 5 Shared Cloud Platform Risks and Responsibilities 92 Cloud Computing Risks by Deployment Model 94 Private Cloud 95 Community Cloud 95 Public Cloud 97 Hybrid Cloud 101 Cloud Computing Risks by Service Model 102 Infrastructure as a Service (IaaS) 102 Platform as a Service (PaaS) 102 Software as a Service (SaaS) 103 Virtualization 103 Threats 105 Risk Mitigation Strategies 107 Disaster Recovery (DR) and Business Continuity (BC) 110 Cloud- Specific BIA Concerns 110 Customer/Provider Shared BC/DR Responsibilities 111 Cloud Design Patterns 114 Summary 115 Exam Essentials 115 Review Questions 116 Cloud Platform, Infrastructure, and Operational Security 121 Foundations of Managed Services 123 Cloud Provider Responsibilities 124 Shared Responsibilities by Service Type 125 IaaS 125 PaaS 126 SaaS 126 Securing Communications and Infrastructure 126 Firewalls 127 Intrusion Detection/Intrusion Prevention Systems 128 Honeypots 128 Vulnerability Assessment Tools 128 Bastion Hosts 129 Identity Assurance in Cloud and Virtual Environments 130 Securing Hardware and Compute 130 Securing Software 132 Third- Party Software Management 133 Validating Open- Source Software 134 OS Hardening, Monitoring, and Remediation 134 Managing Virtual Systems 135 Assessing Vulnerabilities 137 Securing the Management Plane 138 Auditing Your Environment and Provider 141 Adapting Processes for the Cloud 142 Planning for Cloud Audits 143 Summary 144 Exam Essentials 145 Review Questions 147 Chapter 6 Cloud Application Security 151 Developing Software for the Cloud 154 Common Cloud Application Deployment Pitfalls 155 Cloud Application Architecture 157 Cryptography 157 Sandboxing 158 Application Virtualization and Orchestration 158 Application Programming Interfaces 159 Multitenancy 162 Supplemental Security Components 162 Cloud- Secure Software Development Lifecycle (SDLC) 164 Software Development Phases 165 Software Development Models 166 Cloud Application Assurance and Validation 172 Threat Modeling 172 Common Threats to Applications 174 Quality Assurance and Testing Techniques 175 Supply Chain Management and Licensing 177 Identity and Access Management 177 Cloud Identity and Access Control 178 Single Sign- On 179 Identity Providers 180 Federated Identity Management 180 Multifactor Authentication 181 Secrets Management 182 Common Threats to Identity and Access Management in the Cloud 183 Zero Trust 183 Summary 183 Exam Essentials 184 Review Questions 186 Chapter 7 Operations Elements 191 Designing a Secure Data Center 193 Build vs. Buy 193 Location 194 Facilities and Redundancy 196 Data Center Tiers 200 Logical Design 201 Virtualization Operations 202 Storage Operations 205 Managing Security Operations 207 Security Operations Center (SOC) 208 Continuous Monitoring 208 Incident Management 209 Summary 209 Exam Essentials 210 Review Questions 211 Chapter 8 Operations Management 215 Monitoring, Capacity, and Maintenance 217 Monitoring 217 Physical and Environmental Protection 218 Maintenance 219 Change and Configuration Management 224 Baselines 224 Roles and Process 226 Release and Deployment Management 228 Problem and Incident Management 229 IT Service Management and Continual Service Improvement 229 Business Continuity and Disaster Recovery 231 Prioritizing Safety 231 Continuity of Operations 232 BC/DR Planning 232 The BC/DR Toolkit 234 Relocation 235 Power 237 Testing 238 Summary 239 Exam Essentials 239 Review Questions 241 Chapter 9 Legal and Compliance Issues 245 Legal Requirements and Unique Risks in the Cloud Environment 247 Constitutional Law 247 Legislation 249 Administrative Law 249 Case Law 250 Common Law 250 Contract Law 250 Analyzing a Law 251 Determining Jurisdiction 251 Scope and Application 252 Legal Liability 253 Torts and Negligence 254 U.S. Privacy and Security Laws 255 Health Insurance Portability and Accountability Act 255 The Health Information Technology for Economic and Clinical Health Act 258 Gramm–Leach–Bliley Act 259 Sarbanes–Oxley Act 261 State Data Breach Notification Laws 261 International Laws 263 European Union General Data Protection Regulation 263 Adequacy Decisions 267 U.S.- EU Safe Harbor and Privacy Shield 267 Laws, Regulations, and Standards 269 Payment Card Industry Data Security Standard 270 Critical Infrastructure Protection Program 270 Conflicting International Legislation 270 Information Security Management Systems 272 Iso/iec 27017:2015 272 Privacy in the Cloud 273 Generally Accepted Privacy Principles 273 Iso 27018 279 Direct and Indirect Identifiers 279 Privacy Impact Assessments 280 Cloud Forensics 281 Forensic Requirements 281 Cloud Forensic Challenges 281 Collection and Acquisition 282 Evidence Preservation and Management 283 e-discovery 283 Audit Processes, Methodologies, and Cloud Adaptations 284 Virtualization 284 Scope 284 Gap Analysis 285 Restrictions of Audit Scope Statements 285 Policies 286 Audit Reports 286 Summary 288 Exam Essentials 288 Review Questions 290 Chapter 10 Cloud Vendor Management 295 The Impact of Diverse Geographical Locations and Legal Jurisdictions 297 Security Policy Framework 298 Policies 298 Standards 300 Procedures 302 Guidelines 303 Exceptions and Compensating Controls 304 Developing Policies 305 Enterprise Risk Management 306 Risk Identification 308 Risk Calculation 308 Risk Assessment 309 Risk Treatment and Response 313 Risk Mitigation 313 Risk Avoidance 314 Risk Transference 314 Risk Acceptance 315 Risk Analysis 316 Risk Reporting 316 Enterprise Risk Management 318 Assessing Provider Risk Management Practices 318 Risk Management Frameworks 319 Cloud Contract Design 320 Business Requirements 321 Vendor Management 321 Data Protection 323 Negotiating Contracts 324 Common Contract Provisions 324 Contracting Documents 326 Government Cloud Standards 327 Common Criteria 327 FedRAMP 327 Fips 140- 2 327 Manage Communication with Relevant Parties 328 Summary 328 Exam Essentials 329 Review Questions 330 Appendix Answers to the Review Questions 335 Chapter 1: Architectural Concepts 336 Chapter 2: Data Classification 337 Chapter 3: Cloud Data Security 339 Chapter 4: Security in the Cloud 341 Chapter 5: Cloud Platform, Infrastructure, and Operational Security 343 Chapter 6: Cloud Application Security 345 Chapter 7: Operations Elements 347 Chapter 8: Operations Management 349 Chapter 9: Legal and Compliance Issues 350 Chapter 10: Cloud Vendor Management 352 Index 355

Read more less

Book SynopsisPrinciples of Soft Computing Using Python Programming An accessible guide to the revolutionary techniques of soft computing Soft computing is a computing approach designed to replicate the human mind's unique capacity to integrate uncertainty and imprecision into its reasoning. It is uniquely suited to computing operations where rigid analytical models will fail to account for the variety and ambiguity of possible solutions. As machine learning and artificial intelligence become more and more prominent in the computing landscape, the potential for soft computing techniques to revolutionize computing has never been greater. Principles of Soft Computing Using Python Programming provides readers with the knowledge required to apply soft computing models and techniques to real computational problems. Beginning with a foundational discussion of soft or fuzzy computing and its differences from hard computing, it describes different models for soft computing and

Read more less