Virtualization and Cloud Technology
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Video Transcription
00:00
>> Virtualization and Cloud technology.
00:00
The learning objectives for this lesson are to
00:00
describe Cloud deployment and service models,
00:00
explore Cloud storage technology,
00:00
and to differentiate virtualization technologies.
00:00
Let's get started. Now,
00:00
we went over our virtualization in
00:00
a previous lesson but we're going to
00:00
get into it a little bit deeper here.
00:00
If you remember, we have two
00:00
>> types of virtualization and
00:00
>> these are the Type 1 and Type 2 hypervisors.
00:00
The key thing to keep in mind is that Type 1
00:00
doesn't need a host operating system but Type 2 does.
00:00
With a Type 1 hypervisor,
00:00
this is also known as bare metal.
00:00
You don't need a host operating system because
00:00
the hypervisor is the operating system
00:00
for that set of hardware.
00:00
You take the hardware, you
00:00
install the hypervisor directly onto
00:00
the hardware and then you log into
00:00
the system and configure
00:00
your virtual machines from there.
00:00
This is usually done via a web browser.
00:00
Examples of this are Microsoft Hyper-V,
00:00
XEN, Proxmox, and VMware ESXi.
00:00
Then we have Type 2 hypervisors.
00:00
These do require an operating system because they're
00:00
just an application that is installed
00:00
inside of the operating system.
00:00
An example of this would be to take
00:00
your Microsoft Windows machine,
00:00
install VirtualBox on it,
00:00
and then you can install anything you
00:00
want inside of a virtual machine
00:00
that's handled by a VirtualBox.
00:00
But whatever happens inside that virtual machine,
00:00
it doesn't do any impact at all to
00:00
your Microsoft Windows-based operating system.
00:00
Examples of Type 2 hypervisors are
00:00
VirtualBox, VMware Workstation,
00:00
and Parallels Workstation. Structure Side Note.
00:00
If you'd like to get a hand on this
00:00
and play with both of these,
00:00
there are free versions of
00:00
both Type 1 and Type 2 hypervisors that you can learn on.
00:00
For a Type 1,
00:00
you can use Proxmox.
00:00
You install Proxmox on the PC and
00:00
that will become the entire virtual environment.
00:00
You log onto it with a web browser and
00:00
you create the virtual machines from inside there.
00:00
We use this in a lot of areas of my company and in fact,
00:00
we have one Proxmox server here that has
00:00
12 VMs running at the same time.
00:00
It's a lot easier to do that than it would be to run that
00:00
with a Type 2 such as VirtualBox.
00:00
But if you want to get started with virtualization,
00:00
it doesn't matter if you're running Mac or Windows,
00:00
or Linux, VirtualBox is available for all of them.
00:00
You can download VirtualBox at
00:00
no cost and then download the ISO of
00:00
any operating system you want and load that into
00:00
a virtual machine that will be handled by VirtualBox.
00:00
This is a good way if you're new to
00:00
Linux and you'd like to try it out, for example,
00:00
you could download the ISO of Mint or Ubuntu
00:00
and then spool up a VM
00:00
inside of your Windows operating system.
00:00
That way you could start playing with it and get a hand
00:00
on learning how to use Linux
00:00
without having to give up your Windows machine.
00:00
By the way, links to both of these are available
00:00
in the supplemental material for this course.
00:00
Application virtualization.
00:00
This is when a client
00:00
accesses an app that is hosted on a server.
00:00
This is usually done using
00:00
the web browser because this is more familiar to
00:00
end-users and also where
00:00
most apps have been geared towards being delivered.
00:00
This allows for us to share
00:00
a specific app from
00:00
a single server through the user's browser.
00:00
Examples of this technology would be App-V,
00:00
XenApp, and ThinApp.
00:00
Containers. The differentiator between containers and
00:00
virtualization is that containers use
00:00
a single base kernel for all of the containers.
00:00
The containers, they
00:00
contain the minimum necessary amount of libraries,
00:00
apps, and files to function.
00:00
Each container relies on
00:00
the base kernel to run and because of this,
00:00
we get enormous performance benefits.
00:00
The most common example of this will be Docker.
00:00
If we're looking at the picture,
00:00
we can see that all three containers
00:00
even though they're set up for different purposes,
00:00
rely on the base operating systems kernel.
00:00
If we were to have
00:00
a Linux Ubuntu Server
00:00
and then we put Docker on top of that,
00:00
each of the containers that we create would
00:00
rely on the base Ubuntu kernel to function.
00:00
This is a good breakdown of
00:00
the differences between virtual machines and containers.
00:00
The virtual machine that is depicted here is a Type II.
00:00
We can see that it has
00:00
a host operating system and
00:00
the hypervisor lays on top of that
00:00
and then we have a separate virtual machine that
00:00
has other three of them and each
00:00
of them has their own guest OS,
00:00
their own binaries,
00:00
and libraries, and their own applications.
00:00
The advantage of a virtual machine here is that all of
00:00
those guest OSs can be completely
00:00
different from what the host operating system is.
00:00
For example, we could have a
00:00
Windows host operating system
00:00
and then we could have a guest OS
00:00
in one of the VMs that's Mac,
00:00
and then another that is Linux,
00:00
and then in the third, it could be FreeBSD.
00:00
It doesn't matter what
00:00
the guest operating systems are when
00:00
we're using a virtual machine,
00:00
however, on the container side, it does matter.
00:00
Whatever the operating system is,
00:00
all of the containers must be
00:00
compatible with that operating system.
00:00
They all use the same kernel
00:00
so they have to be compatible.
00:00
We can see that we have a base operating system,
00:00
the Docker Engine lays on top of that,
00:00
and then we have three separate containers
00:00
that each contain their own app,
00:00
their own binaries, and libraries but again,
00:00
refer back to the base operating system's kernel.
00:00
Cloud Deployment Models.
00:00
The first we have is a public Cloud or multi-tenant.
00:00
This is offered over
00:00
the Internet by a Cloud service provider.
00:00
It is shared by many different users and
00:00
all the resources are spread across
00:00
all of the clients of the CSP.
00:00
Next, we have hosted private.
00:00
This is when you're using a third party but the service
00:00
they're offering is only used by you and your company.
00:00
This gives you security benefits
00:00
over a public Cloud version.
00:00
Next, we have Private Cloud.
00:00
This is where the infrastructure is completely
00:00
owned and operated by a given organization.
00:00
Because of this, the security is much
00:00
stronger than being hosted by a third party.
00:00
Then finally, we have community Cloud
00:00
which is where several organizations share
00:00
the cost of the hosted private or totally private cloud.
00:00
Cloud-related business directives.
00:00
Cost is important but before you consider cost,
00:00
you should consider the confidentiality,
00:00
the integrity, and the availability of your data.
00:00
Scalability. Are you able to respond to business demands
00:00
that cause you to have to scale
00:00
upwards or in a horizontal way without downtime?
00:00
Resources. Do you need an additional virtual machines,
00:00
networking capacity, stores or applications?
00:00
Location. The Cloud allows for
00:00
us to easily relocate data or services
00:00
anywhere around the world but this
00:00
brings up jurisdictional issues that we will discuss
00:00
later in another module but keep in mind that
00:00
this is something you need to consider
00:00
when you're choosing a Cloud service.
00:00
Finally, data protection.
00:00
If it's not on your corporate resources,
00:00
you must consider additional security requirements.
00:00
Instructor Side Note. I like to tell
00:00
people there is no such thing as the Cloud,
00:00
is just someone else's computer.
00:00
If you don't fully own
00:00
the infrastructure that you're
00:00
using for example a private Cloud,
00:00
then your data is just stored on someone else's computer.
00:00
You need to fully understand
00:00
the security implications and
00:00
the configurations that you're
00:00
using when you're deploying Cloud technology.
00:00
Let's go over some Cloud service models.
00:00
To the left, we have on-site.
00:00
This is where you manage everything.
00:00
Everything is controlled and owned by you.
00:00
The next step over to the right
00:00
is Infrastructure as a Service.
00:00
With this, you manage the applications,
00:00
the data, the runtime, the middleware,
00:00
and the operating system but
00:00
the service provider handles the virtualization,
00:00
the servers, the storage, and the networking.
00:00
Next, we have Platform as a Service.
00:00
This is where you manage the applications and
00:00
the data but the service provider
00:00
handles everything else.
00:00
Finally, we have Software as
00:00
a Service where the service
00:00
provider is managing everything.
00:00
A good example of Software as
00:00
a Service would be Salesforce.
00:00
Salesforce sells you access to
00:00
an application and they manage everything on the backend.
00:00
Let's discuss Cloud storage models.
00:00
The first one we want to discuss is object storage.
00:00
This supports Cloud-based apps
00:00
that need access to documents,
00:00
videos, and image files.
00:00
Next, we have file-based storage which is
00:00
a hierarchical file system that stores
00:00
files by path that includes attributes
00:00
such as the owner and access permissions of those files.
00:00
Then we have block storage,
00:00
this supports high-performance transactional apps
00:00
like databases and finally,
00:00
we have Blob Storage which
00:00
supports storage of large amounts of
00:00
unstructured data and it's often
00:00
used to store archives and backups.
00:00
Cloud storage databases.
00:00
The first we have is relational.
00:00
This is widely implemented and is
00:00
designed for ACID transactions.
00:00
Then we have key value which is designed
00:00
to store and retrieve large amounts of data.
00:00
Next is in -memory.
00:00
This is real-time access to data for applications.
00:00
Next is document which stores
00:00
data in a semi-structured manner.
00:00
Finally, we have
00:00
a wide-column which is a type of NoSQL database.
00:00
Finally, Cloud storage databases.
00:00
A graph supports millions of
00:00
relationships between highly connected datasets.
00:00
A good example of this is social media.
00:00
Then we have time-series,
00:00
this is focused on supporting apps that
00:00
analyze data and changes that occur
00:00
over time and it best represents using time intervals.
00:00
Finally, we have ledger. This enables
00:00
trusted and verifiable authority
00:00
for banking transactions and systems of record.
00:00
Let's summarize what we discussed in this lesson.
00:00
We went over virtualization technology
00:00
and containerization,
00:00
also discussed Cloud deployment models
00:00
and Cloud service models.
00:00
Let's do some example questions.
00:00
Question 1; Which type of
00:00
storage model is best used for backups and archives?
00:00
Blob storage. Question 2;
00:00
you have been asked to arrange
00:00
a Cloud service model to
00:00
support your company's newest app,
00:00
it will need database and web support included,
00:00
which service model do you need?
00:00
Platform as a Service?
00:00
Question 3; you have been asked to
00:00
set up a Cloud infrastructure instance for
00:00
your company that will be shared
00:00
with another company to help control costs,
00:00
what type of Cloud is this?
00:00
Community Cloud. Finally, question 4;
00:00
in which Cloud service model would you receive access to
00:00
the hardware and nothing
00:00
else so that you could configure it as needed?
00:00
Infrastructure as a Service.
00:00
Well, that brings us to the end of
00:00
this lesson, I'll see you in the next one.
Up Next
CASP+ Module 2 Review Questions
10m
Instructed By
