Hybrid Cloud for Architects : Build Robust Hybrid Cloud Solutions Using AWS and OpenStack.

Cover -- Title Page -- Copyright and Credits -- Packt Upsell -- Contributors -- Table of Contents -- Preface -- Chapter 1: Introducing Hybrid Cloud -- The cloud's demographics -- Based on abstraction -- Service down clouds -- Infrastructure up clouds -- Differentiating service down and infrastructure up clouds -- Based on services offered -- Based on consumers of the services -- Choosing different cloud combinations -- Summary -- Chapter 2: Hybrid Cloud - Why Does It Matter? -- What does the world say? -- Pure-play public cloud strategy -- Public cloud benefits -- Need for agility -- Ability to experiment without upfront cost -- Reducing operational overheads -- Ability to consume enhanced services -- Shortcomings of a public cloud -- Cost -- Control/customizability -- Compliance -- Fear of lock-in -- Hybrid cloud case study -- Summary - maximizing benefits -- Chapter 3: Hybrid Cloud Building Blocks -- The story of a web application -- Transport level -- Case 1 - without a proxy -- Case 2 - with a proxy -- Application level -- Web tier -- Application tier -- Database tier -- Putting it all together -- Use cases of a hybrid cloud -- Isolated use case -- Distributed use case -- Co-Existent use case -- Cloud bursting -- Using cognitive services -- Supporting application use cases -- Backup and disaster recovery in the cloud -- Decoupling the tiers -- Case in point - architecture of OpenStack -- Services to enable a hybrid cloud -- Network connectivity -- DNS service -- Public cloud services for hybrid deployment -- Amazon Web Services (AWS) -- Storage gateway -- Direct connect -- Route 53 -- Amazon EC2 run command -- VMware cloud on AWS -- Microsoft Azure -- Azure Stack -- Azure Site Recovery (ASR) -- Azure Traffic Manager -- Summary - setting up hybrid cloud -- Chapter 4: Architecting the Underpinning Services -- Networking -- Underlay network.

LAN architecture -- WAN architecture -- Overlay networking -- GRE -- VXLAN -- Virtual Private Network (VPN) -- Encrypting data using IPSec and SSL - concepts -- IPSec VPN -- SSL VPN -- MPLS connectivity - direct connect -- Routing table -- Domain Name System (DNS) -- How does DNS work? -- Global load balancing -- Identity and Access Management (IAM) -- Identity Federation -- Multi-Factor Authentication (MFA) -- Application components -- Global databases -- Using Cockroach DB in a hybrid cloud environment -- Database log shipping -- Choosing the right components -- Network connectivity -- DNS services -- IAM and Active Directory -- Conclusion -- Chapter 5: Hybrid Cloud Deployment - Architecture and Preparation -- Getting started with the public cloud - AWS -- AWS terminology -- Account -- Region -- Availability zones (AZ) -- Virtual private cloud (VPC) -- AWS services -- Architecting the AWS environment -- AWS account design -- VPC design -- Designing an AWS environment -- Connectivity to the private cloud -- Setting up a public cloud - AWS -- Creating an account in AWS -- Creating a VPC and subnets -- Creating the IGW and VGW -- Setting up AWS API access -- Setting up the private cloud -- Basics of designing an OpenStack environment -- Choosing an OpenStack distribution -- Choosing the deployment method -- Installing DevStack -- Configuring DevStack to enable Heat -- Summary -- Chapter 6: Building a Traditional CMP-Based Hybrid Cloud -- Supporting applications use case -- Traditional operations -- Modern outlook -- Using the AWS storage gateway -- File gateway -- Volume gateways -- Tape gateway -- Isolated/distributed application use case -- General architecture of CMP -- ManageIQ -- Installing ManageIQ -- Preparing the host environment -- Containerization basics -- Understanding and installing Docker -- Installing a ManageIQ container.

Configuring ManageIQ to connect to AWS and OpenStack -- Adding a new AWS EC2 provider -- Adding our OpenStack endpoint -- Provisioning virtual machines using ManageIQ -- Creating a catalog -- Creating a Service Dialog -- Creating a catalog item and catalog -- Testing the catalog -- Policies and user authentication -- Creating cloud images -- In conclusion - architecting with a CMP -- Summary -- Chapter 7: Building a Containerized Hybrid Cloud -- Evolving to containers -- Container networking -- None - no networking -- Bridge networking -- Host networking -- Overlay networking -- Underlay networking -- Container orchestration engine -- Kubernetes architecture -- Basic concepts in Kubernetes -- Pod -- Controllers -- Service -- Volumes -- Namespaces -- Kubernetes deployment -- Introduction to Juju -- Installing the Juju client and bootstrapping clouds -- Bootstrapping an AWS Cloud -- Bootstrapping an OpenStack Cloud -- Accessing the Juju controller using a GUI -- Deploying Kubernetes with Juju -- Deploying a second instance of Kubernetes -- Connecting to the Kubernetes clusters -- Federation using Kubernetes -- Reasons for consideration -- Application migration - avoiding vendor lock-in -- Enforce policies -- High availability and application upgrades -- Cloud bursting -- Federation challenges -- Implementing a Kubernetes federation -- Step 1 - setting up the federation controller -- Step 2 - combining the Kubernetes configuration (optional) -- Step 3 - creating the federation -- Creating the DNS provider -- Initializing the federation -- Summary -- Chapter 8: Using PreBuilt Hybrid Cloud Solutions -- Azure Stack -- Getting the Azure Stack -- OpenStack Omni -- Installing OpenStack Omni on DevStack -- Removing the DevStack instance -- Modifying the local.conf file -- Running DevStack -- vCloud Air -- Using the different hybrid cloud solutions -- Summary.

Chapter 9: DevOps in the Hybrid Cloud -- The development cycle and DevOps -- The traditional development stages -- Merging the different teams -- Creating the infrastructure -- Configuring the infrastructure -- Templatize -- DevOps or NoOps -- IaaC with Terraform -- Installing Terraform -- Configuring and using Terraform -- Configuration management using Ansible -- Installing Ansible -- Configuring Ansible and a sample playbook -- Summary -- Chapter 10: Monitoring the Hybrid Cloud -- The traditional concepts in monitoring -- Availability monitoring -- ICMP monitoring -- TCP/UDP monitoring -- Enhanced monitoring -- SNMP-based availability monitoring -- Performance monitoring -- SNMP monitoring -- WMI monitoring and custom agent monitoring -- Monitoring the hybrid cloud -- Prometheus -- The implementation architecture of Prometheus -- Installing Prometheus -- Downloading Prometheus -- Setting up directories -- Setting up startup script -- Setting up node exporter -- Configuring Prometheus -- Grafana -- Installing Grafana -- Configuring Grafana to use Prometheus -- Summary -- Chapter 11: Security in a Hybrid Cloud -- Components of security -- The CIA triad -- Confidentiality -- Integrity -- Availability -- Tools to protect against the breaches -- IAM systems -- Data encryption in rest and in motion -- Network perimeter security -- Firewalls -- IDS/IPS -- Proxies -- Host controls -- High availability and disaster recovery -- Detection and analytics mechanism -- Minimizing shared infrastructure -- Compliance standards and controls -- HIPAA compliance standards -- Administrative controls -- Physical controls -- Technical controls -- Security controls consideration in hybrid cloud -- Common controls -- Implementing the controls on AWS - public cloud -- Security - shared responsibility model -- Implementing the controls in private cloud.

Security - best practices -- Implementing a CMDB/asset list -- User accounts and authentication -- Provisioning and postprovisioning controls -- Networks -- Other practices -- Summary -- Other Books You May Enjoy -- Index.

Hybrid Cloud is currently the next buzz word in the cloud world. Organizations are planning to adopt hybrid cloud strategy due to its advantages such as untested workloads, cloud-bursting, cloud service brokering, and so on. This book will give you an understanding of the hybrid cloud as well as building and using a hybrid-cloud strategy.

Description based on publisher supplied metadata and other sources.

Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2024. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries.