Index
A
- abstraction / Based on abstraction
- Amazon CloudFormation template
- reference / Creating the infrastructure
- Amazon Web Services (AWS)
- about / Amazon Web Services (AWS)
- storage gateway / Storage gateway
- direct connect / Direct connect
- Route 53 / Route 53
- Amazon EC2 run command / Amazon EC2 run command
- VMware cloud / VMware cloud on AWS
- Ansible
- used, for configuration management / Configuration management using Ansible
- installing / Installing Ansible
- configuring / Configuring Ansible and a sample playbook
- application components
- about / Application components
- global databases / Global databases
- database log shipping / Database log shipping
- application level
- about / Web tier , Application tier
- web tier / Web tier
- database tier / Database tier
- aptitude package manager (apt) / Installing Ansible
- authentication, authorization, and accounting (AAA) / IAM systems
- availability monitoring
- about / Availability monitoring
- ICMP monitoring / ICMP monitoring
- TCP/UDP monitoring / TCP/UDP monitoring
- enhanced monitoring / Enhanced monitoring
- SNMP-based availability monitoring / SNMP-based availability monitoring
- AWS
- about / Getting started with the public cloud – AWS
- reference / Getting started with the public cloud – AWS, Creating an account in AWS, Adding a new AWS EC2 provider
- terminologies / AWS terminology
- account / Account
- region / Region
- Availability-Zones (AZ) / Availability zones (AZ)
- virtual private cloud (VPC) / Virtual private cloud (VPC)
- private cloud, connectivity / Connectivity to the private cloud
- public cloud, setting up / Setting up a public cloud – AWS
- AWS Cloud
- bootstrapping / Bootstrapping an AWS Cloud
- AWS environment
- architecting / Architecting the AWS environment
- account design / AWS account design
- VPC design / VPC design
- designing / Designing an AWS environment
- AWS services / AWS services
- AWS storage gateway
- using / Using the AWS storage gateway
- reference / Using the AWS storage gateway
- file gateway / File gateway
- volume gateways / Volume gateways
- tape gateway / Tape gateway
- AWS VPC
- reference / VPC design
- Azure Active Directory (AAD) / IAM systems
- Azure Stack
- about / Azure Stack
- obtaining / Getting the Azure Stack
- reference / Getting the Azure Stack
B
- benefits, public cloud
- agility / Need for agility
- upfront cost, not using / Ability to experiment without upfront cost
- operational overheads, reducing / Reducing operational overheads
- enhanced services, consuming ability / Ability to consume enhanced services
- best practices, security
- about / Security – best practices, Other practices
- CMDB/asset list, implementing / Implementing a CMDB/asset list
- user accounts and authentication / User accounts and authentication
- controls, provisioning / Provisioning and postprovisioning controls
- controls, postprovisioning / Provisioning and postprovisioning controls
- networks / Networks
- bimodal
- reference / The development cycle and DevOps
- block storage / Traditional operations
- BMC Atrium
- reference / Infrastructure up clouds
- breach protection tools
- IAM systems / IAM systems
- data encryption / Data encryption in rest and in motion
- network perimeter security / Network perimeter security
- host controls / Host controls
- high availability and disaster recovery / High availability and disaster recovery
- detection and analytics mechanism / Detection and analytics mechanism
- shared infrastructure, minimizing / Minimizing shared infrastructure
- Bursty Traffic / Cloud bursting
C
- catalog
- creating / Creating a catalog
- Service Dialog, creating / Creating a Service Dialog
- item, creating / Creating a catalog item and catalog
- testing / Testing the catalog
- charms
- about / Introduction to Juju
- reference / Introduction to Juju
- CIA triad
- about / The CIA triad
- confidentiality / Confidentiality
- integrity / Integrity
- availability / Availability
- Cisco CIAC
- reference / Infrastructure up clouds
- client / Introduction to Juju
- cloud-init
- reference / Creating cloud images
- cloud combinations
- selecting / Choosing different cloud combinations
- cloud computing / The cloud's demographics
- cloud images
- creating / Creating cloud images
- clouds
- bootstrapping / Installing the Juju client and bootstrapping clouds
- Cloud Service Provider (CSP) / Getting the Azure Stack
- CMP
- using / In conclusion – architecting with a CMP
- benefits / In conclusion – architecting with a CMP
- situations, avoiding / In conclusion – architecting with a CMP
- Co-Existent use case
- about / Co-Existent use case
- cloud bursting / Cloud bursting
- cognitive services, using / Using cognitive services
- Cockroach DB
- reference / Using Cockroach DB in a hybrid cloud environment
- compliance
- reference / Compliance
- compliance standards and controls
- about / Compliance standards and controls
- HIPAA compliance standards / HIPAA compliance standards
- configuration management database (CMDB) / Implementing a CMDB/asset list
- container networking
- about / Container networking
- no networking / None – no networking
- bridge networking / Bridge networking
- host networking / Host networking
- overlay networking / Overlay networking
- underlay networking / Underlay networking
- container orchestration engine
- about / Container orchestration engine
- Kubernetes architecture / Kubernetes architecture
- containers
- evolution / Evolving to containers
- context switch / Step 2 – combining the Kubernetes configuration (optional)
- controllers
- about / Controllers
- ReplicaSet/replication controller / Controllers
- stateful set / Controllers
- daemon set controllers / Controllers
- deployment controllers / Controllers
- Copy On Write (COW) / Understanding and installing Docker
- Create, Read, Update, and Delete (CRUD) / Service down clouds , General architecture of CMP
D
- Database as a Service (DBaaS) / Choosing different cloud combinations
- dedicated tenancy model / Compliance
- development cycle
- and DevOps / The development cycle and DevOps
- Development Operations (DevOps)
- and development cycle / The development cycle and DevOps
- development stages / The traditional development stages
- different teams, merging / Merging the different teams
- infrastructure, creating / Creating the infrastructure
- infrastructure, configuring / Configuring the infrastructure
- templatize / Templatize
- using / DevOps or NoOps
- about / IaaC with Terraform
- DevStack
- installing / Installing DevStack
- configuration, for enabling Heat / Configuring DevStack to enable Heat
- OpenStack Omni, installing / Installing OpenStack Omni on DevStack
- instance, removing / Removing the DevStack instance
- local.conf file, modifying / Modifying the local.conf file
- executing / Running DevStack
- DH works
- reference / IPSec VPN
- Docker
- reference / Understanding and installing Docker
- about / Understanding and installing Docker
- Domain Name System (DNS)
- about / Domain Name System (DNS), How does DNS work?
- working / How does DNS work?
- global load balancing / Global load balancing
E
- emu-img
- reference / Creating cloud images
- Enterprise Agreement (EA) / Getting the Azure Stack
F
- finalize (FIN) / TCP/UDP monitoring
- footprinting / ICMP monitoring
G
- General Data Protection Regulation (GDPR) / Compliance standards and controls
- Generic Node dashboard
- reference / Configuring Grafana to use Prometheus
- Generic Routing Encapsulation (GRE) / GRE
- genome.gov
- reference / Ability to experiment without upfront cost
- global databases
- about / Global databases
- Cockroach DB, using / Using Cockroach DB in a hybrid cloud environment
- Google Spanner / Global databases
- Grafana
- reference / Grafana, Configuring Grafana to use Prometheus
- installing / Installing Grafana
- configuration, for using Prometheus / Configuring Grafana to use Prometheus
- Grafana-Alertmanager-Prometheus (GAP) / Prometheus
H
- Hashi Corp
- reference / Creating cloud images
- HashiCorp Configuration Language (HCL) / Configuring and using Terraform
- HIPAA
- reference / Implementing the controls on AWS – public cloud
- HIPAA compliance standards
- reference / HIPAA compliance standards
- administrative controls / Administrative controls
- physical controls / Physical controls
- technical controls / Technical controls
- host environment, ManageIQ installation
- containerization basics / Containerization basics
- Docker, installing / Understanding and installing Docker
- Host IDS (HIDS) / IDS/IPS
- hybrid cloud
- demographics / The cloud's demographics
- service down approach / Service down clouds
- infrastructure up clouds / Infrastructure up clouds
- services / Based on services offered
- consumers based on services / Based on consumers of the services
- case study / Hybrid cloud case study
- use cases / Use cases of a hybrid cloud
- backup / Backup and disaster recovery in the cloud
- disaster recovery / Backup and disaster recovery in the cloud
- enabling, services / Services to enable a hybrid cloud
- solutions, using / Using the different hybrid cloud solutions
- monitoring / Monitoring the hybrid cloud
- security controls consideration / Security controls consideration in hybrid cloud
- hybrid cloud, monitoring
- Prometheus / Prometheus
- Grafana / Grafana
- Hypervisor / Containerization basics
I
- IaaC
- using, with Terraform / IaaC with Terraform
- Identity and Access Management (IAM)
- about / Identity and Access Management (IAM) , Tools to protect against the breaches
- Identity Federation / Identity Federation
- Multi-Factor Authentication (MFA) / Multi-Factor Authentication (MFA)
- Identity provider (IdP) / Identity Federation
- independent software vendors (ISVs) / Based on services offered
- Infrastructure as a Code (IaaC) / Creating the infrastructure
- infrastructure up clouds
- about / Infrastructure up clouds
- and service down, difference / Differentiating service down and infrastructure up clouds
- Internet Gateway (IGW) / Connectivity to the private cloud
- Internet Key Exchange (IKE) / IPSec VPN
- Internet Protocol Security (IPSec) / IPSec VPN
- Intrusion Detection and Prevention Systems (IDS/IPS) / Network perimeter security
- IP Address Management System (IPAM) / Provisioning and postprovisioning controls
- isolated/distributed application use case
- about / Isolated/distributed application use case
- Northbound APIs / Isolated/distributed application use case
- Southbound APIs / Isolated/distributed application use case
- ICMP, general architecture / General architecture of CMP
- ManageIQ / ManageIQ
J
- Juju
- used, for deploying Kubernetes / Deploying Kubernetes with Juju
- reference / Deploying Kubernetes with Juju
- Juju client
- installing / Installing the Juju client and bootstrapping clouds
- Juju controller
- accessing, with GUI / Accessing the Juju controller using a GUI
K
- kernel / Containerization basics
- kernel namespace / Containerization basics
- KubeFed
- reference / Federation using Kubernetes
- Kubernetes
- about / Kubernetes architecture
- master node / Kubernetes architecture
- worker node / Kubernetes architecture
- concepts / Basic concepts in Kubernetes
- pod / Pod
- controllers / Controllers
- service / Service
- volumes / Volumes
- namespaces / Namespaces
- reference / Kubernetes deployment
- deployment / Kubernetes deployment
- deploying, with Juju / Deploying Kubernetes with Juju
- second instance, deploying / Deploying a second instance of Kubernetes
- Federation service / Federation using Kubernetes
- consideration, reasons / Reasons for consideration
- vendor lock-in, avoiding / Application migration – avoiding vendor lock-in
- policies, enforcing / Enforce policies
- high availability / High availability and application upgrades
- upgrades / High availability and application upgrades
- cloud bursting / Cloud bursting
- Kubernetes clusters
- connecting to / Connecting to the Kubernetes clusters
- Kubernetes deployment
- Juju / Introduction to Juju
- Kubernetes federation
- challenges / Federation challenges
- implementing / Implementing a Kubernetes federation
- reference / Implementing a Kubernetes federation
- federation controller, setting up / Step 1 – setting up the federation controller
- Kubernetes configuration, combining / Step 2 – combining the Kubernetes configuration (optional)
- creating / Step 3 – creating the federation
- DNS provider, creating / Creating the DNS provider
- initializing / Initializing the federation
- Kubernetes federation, challenges
- public cloud data-transfer costs / Federation challenges
- reliability and latency considerations / Federation challenges
- consolidations, monitoring / Federation challenges
L
- load-kubeconfig tool / Step 2 – combining the Kubernetes configuration (optional)
- load balancers / Decoupling the tiers
- log shipping / Database log shipping
M
- managed service / Getting the Azure Stack
- ManageIQ
- about / ManageIQ
- installing / Installing ManageIQ
- host environment, preparing / Preparing the host environment
- container, installing / Installing a ManageIQ container
- configuration, for connecting to AWS and OpenStack / Configuring ManageIQ to connect to AWS and OpenStack
- used, for provisioning virtual machines / Provisioning virtual machines using ManageIQ
- automation configuration, reference / Testing the catalog
- reference / Policies and user authentication
- ManageIQ configuration
- new AWS EC2 provider, adding / Adding a new AWS EC2 provider
- OpenStack endpoint, adding / Adding our OpenStack endpoint
- Manual or Proxy Auto-Configuration (PAC) / Transport level
- Microsoft Azure
- Azure Stack / Azure Stack
- Azure Site Recovery (ASR) / Azure Site Recovery (ASR)
- Azure Traffic Manager / Azure Traffic Manager
- minions / Kubernetes architecture
- monitoring
- about / The traditional concepts in monitoring
- availability / Availability monitoring
- performance monitoring / Performance monitoring
- MPLS connectivity / MPLS connectivity – direct connect
- Multi Protocol Label Switching (MPLS) / Routing table
N
- Network Attached Storage (NAS) / Traditional operations
- Network IDS (NIDS) / IDS/IPS
- networking
- about / Networking
- underlay network / Underlay network
- overlay networking / Overlay networking
- Virtual Private Network (VPN) / Virtual Private Network (VPN)
- network perimeter security
- about / Network perimeter security
- firewalls / Firewalls
- IDS/IPS / IDS/IPS
- proxies / Proxies
- network ping / ICMP monitoring
- next hop / Connectivity to the private cloud
- NoOps / DevOps or NoOps
O
- object identifier (OID) / SNMP monitoring
- Omni
- about / OpenStack Omni
- reference / Running DevStack
- one-time passwords (OTPs) / Encrypting data using IPSec and SSL – concepts
- OpenStack
- architecture / Case in point – architecture of OpenStack
- reference / Setting up the private cloud
- OpenStack Cloud
- bootstrapping / Bootstrapping an OpenStack Cloud
- OpenStack environment
- designing, basics / Basics of designing an OpenStack environment
- OpenStack distribution, selecting / Choosing an OpenStack distribution
- deployment method, selecting / Choosing the deployment method
- OpenStack Omni
- about / OpenStack Omni
- installing, on DevStack / Installing OpenStack Omni on DevStack
- Orchestrator / Infrastructure up clouds
- overlay networking
- about / Overlay networking
- Generic Routing Encapsulation (GRE) / GRE
- Virtual Extensible LAN (VXLAN) / VXLAN
P
- Packer
- reference / Creating cloud images
- about / Templatize
- payment card industry (PCI) / Compliance standards and controls
- performance monitoring
- about / Performance monitoring
- Simple Network Management Protocol (SNMP) / SNMP monitoring
- WMI monitoring / WMI monitoring and custom agent monitoring
- custom agent monitoring / WMI monitoring and custom agent monitoring
- physical controls / Implementing the controls on AWS – public cloud
- ping of death / ICMP monitoring
- Platform9
- reference / Case in point – architecture of OpenStack, OpenStack Omni
- pod / Pod
- poll mechanisms
- polling interval / Availability monitoring
- timeout / Availability monitoring
- predefined dashboards
- reference / Configuring Grafana to use Prometheus
- Predicted Traffic / Cloud bursting
- private cloud
- setting up / Setting up the private cloud
- OpenStack environment, designing / Basics of designing an OpenStack environment
- DevStack, installing / Installing DevStack
- private subnet / VPC design
- Prometheus
- reference link / Prometheus
- about / Prometheus
- implementation architecture / The implementation architecture of Prometheus
- installing / Installing Prometheus
- installation link / Installing Prometheus
- download link / Downloading Prometheus
- directories, setting up / Setting up directories
- startup script, setting up / Setting up startup script
- node exporter, setting up / Setting up node exporter
- configuring / Configuring Prometheus
- configuration link / Configuring Prometheus
- public cloud
- setting up / Setting up a public cloud – AWS
- account, creating / Creating an account in AWS
- subnets, creating / Creating a VPC and subnets
- VPC, creating / Creating a VPC and subnets
- VGW, creating / Creating the IGW and VGW
- IGW, creating / Creating the IGW and VGW
- AWS API access, setting up / Setting up AWS API access
- public cloud services, for hybrid deployment
- for hybrid deployment / Public cloud services for hybrid deployment
- Amazon Web Services (AWS) / Amazon Web Services (AWS)
- Microsoft Azure / Microsoft Azure
- public subnet / VPC design
- pure-play public cloud strategy
- about / Pure-play public cloud strategy
- public cloud, benefits / Public cloud benefits
- shortcomings / Shortcomings of a public cloud
- lock-in / Fear of lock-in
Q
- queue / Decoupling the tiers
R
- Redundant Array of Independent Disks (RAID) / Traditional operations
- region / ManageIQ
- request
- making, without proxy / Case 1 – without a proxy
- making, with proxy / Case 2 – with a proxy
- reset (RST) / TCP/UDP monitoring
- right components, selecting
- about / Choosing the right components
- network connectivity / Network connectivity
- DNS services / DNS services
- IAM and Active Directory / IAM and Active Directory
- RightScale
- about / What does the world say?
- reference / What does the world say?
- Role Based Access Control (RBAC) / Identity and Access Management (IAM)
S
- sample playbook
- configuring / Configuring Ansible and a sample playbook
- security components
- about / Components of security
- CIA triad / The CIA triad
- breach protection tools / Tools to protect against the breaches
- security controls considerations
- about / Security controls consideration in hybrid cloud
- common controls / Common controls
- control, implementing on AWS / Implementing the controls on AWS – public cloud
- shared responsibility model / Security – shared responsibility model
- controls, implementing in private cloud / Implementing the controls in private cloud
- security policy
- reference / Enforce policies
- service offerings
- reference / vCloud Air
- service provider / Identity Federation
- services, hybrid cloud
- network connectivity / Network connectivity
- DNS service / DNS service
- shortcomings, public cloud
- about / Shortcomings of a public cloud
- cost / Cost
- control/customizability / Control/customizability
- compliance / Compliance
- Simple Network Management Protocol (SNMP) / SNMP monitoring
- Single Sign On (SSO) / Identity Federation
- snowflake / Control/customizability
- Software Development Kit (SDK) / Setting up AWS API access
- SSL VPN / SSL VPN
- Storage Area Network (SAN) / Traditional operations
- supporting applications use cases
- about / Supporting applications use case
- traditional operations / Traditional operations
- modern outlook / Modern outlook
- AWS storage gateway, using / Using the AWS storage gateway
T
- TCP monitoring
- TCP half-open / TCP/UDP monitoring
- TCP full / TCP/UDP monitoring
- Terraform
- reference / Creating the infrastructure, IaaC with Terraform
- installing / Installing Terraform
- configuring / Configuring and using Terraform
- using / Configuring and using Terraform
- tiers
- decoupling / Decoupling the tiers
- Time-based One Time Password (TOTP) / User accounts and authentication
- time series database (TSDB) / Configuring Prometheus
- Transparent Data Encryption (TDE) / Data encryption in rest and in motion
U
- Ubuntu workstation / Installing the Juju client and bootstrapping clouds
- underlay network
- about / Underlay network
- LAN architecture / LAN architecture
- WAN architecture / WAN architecture
- use cases, hybrid cloud
- about / Use cases of a hybrid cloud
- isolated use case / Isolated use case
- distributed use case / Distributed use case
- Co-Existent use case / Co-Existent use case
- supporting application use cases / Supporting application use cases
- user acceptance test (UAT) / The traditional development stages
V
- vCloud Air
- about / vCloud Air
- reference / vCloud Air
- Virtual Extensible LAN (VXLAN)
- Virtual Machine / Service down clouds
- virtual machines, provisioning with ManageIQ
- about / Provisioning virtual machines using ManageIQ
- catalog, creating / Creating a catalog
- policies / Policies and user authentication
- user authentication / Policies and user authentication
- Virtual Private Gateway (VGW) / Connectivity to the private cloud
- Virtual Private Network (VPN)
- about / Virtual Private Network (VPN)
- data encryption, IPSec used / Encrypting data using IPSec and SSL – concepts
- routing table / Routing table
- Virtual Tunnel Endpoint (VTEP) / VXLAN
- VMware vRealize Suite
- reference / Infrastructure up clouds
- vSphere volume
- reference / Volumes
W
- web application
- about / The story of a web application
- transport level / Transport level
- application level / Application level
- sample flow / Putting it all together
- Web Application Firewall (WAF) / Network perimeter security
- Windows Management Instrumentation (WMI) / WMI monitoring and custom agent monitoring
Z
- zone / ManageIQ