CompTIA Network+ N10-008 – Virtualization and Cloud Computing

1. Virtual Network Devices

Virtual network devices Now, virtual network devices represent a major shift in the way datacenters are designed, fielded, and operated. And we have started virtualizing everything. We started with virtual servers. Now we’re into virtual routers, switches, and firewalls. We even have virtual desktops where you don’t even have a physical computer anymore. You can operate everything through a web browser. There’s also VoIP, which is the virtualization of voice and phones. We have software-defined networking and cloud computing. Now, we’ll talk about cloud computing in a future lecture, and we’ll dive deep into VoIP in the next lecture. Right now, let’s talk about virtualization. Multiple virtual instances can coexist on a single physical server thanks to virtual servers. So if I have one hardware server, as shown on the screen, I can have six, seven, or eight virtual servers residing inside of it. So in this example, I have a file server, a network server, a mail server, a database server, and a web server. You get the idea. Now, those servers can all run different operating systems too.

They might be running Windows, Mac, or Linux all simultaneously on this one piece of hardware. This allows us to have lots of cost savings for an IT budget because I only have one physical server, which may cost me $10,000 instead of five or ten servers. And this is going to allow us to consolidate physical servers, saving us power, space, and cooling costs inside our data centers. Now, the physical hardware can actually use multiple network interface cards and bind them together using link aggregation and other techniques to increase the available bandwidth. Because if I have one physical server running six or seven virtual servers, one of my biggest limitations is going to be network connectivity. Now, the machine and the operating system we’re going to use on this physical hardware are what’s called a hypervisor. It is specialised software that enables this virtualization to occur. The hypervisor is going to be software that emulates physical hardware. So each of those six virtual machines inside pretends and believes it has its own server. Physically, that physical server that they’re seeing is actually just software that the hypervisor is giving it. This is also called a virtual machine monitor, or VMM. Now, what are some examples of popular hypervisors? There’s VMware ESXi, which is a great freeware program. There’s Microsoft Hyper-V.

There’s also VirtualBox, which is again a free, open-source product. and VMware Workstation if you’re doing it in a desktop environment. There are two types of hypervisors: type one and type two. Type one hypervisors have an operating system sitting on top of a hypervisor sitting on top of hardware. Type 2 is where you have a hosted environment. So on my desktop, for instance, I use type 2. I have a Macintosh host, so it’s Machardware running macros, and then a hypervisor called Virtual Box running Windows on top of that. This takes up more processing power, but it works well in a desktop environment. For servers, type 1 and a direct barebones hypervisor on the operating system are far superior. Next, we have virtual storage solutions. So with all of these virtual servers, I have to have a place to store their data. And that can be difficult on a single physical device.

So instead, we look to things like network-attached storage and storage area networks. Network-attached storage, or NAS, is disc storage that’s delivered as a service over TCP/IP. In my office, for instance, we have two Nas servers. So they are essentially networked hard drives that anyone in the office can access and use for file storage via TCP/IP. The second way of doing things, which is more common when you’re using virtualized servers, is to have them tie into a storage area network. This is a very specialised type of local area network that’s designed for data transfer and storage. They usually use fibre optic cables because of the high speed, and they transfer data at the block level with a very specialised protocol instead of TCPIP, which allows it to be much, much faster. There are three main ways to do it now: fibre channel, or FC. Fiber Channel over Ethernet, or FCoE. And I’m scuzzy. Fiber Channel, or FC, is a specialised hardware product that provides storage area network speeds of up to 16 gigabits per second. Now, Fiber Channel over Ethernet removes the need for that specialised hardware and runs over Ethernet networks instead. And this allowed you to kind of bundle this up over a standard TCP/IP or Cat5 or Cat6 network, reducing the cost and making it easier for solutions to be implemented. And then we had IP Sneezy, which is the small computer systems interface. It has a very low cost, and it’s built using Ethernet switches. But that makes it a limitation of less than ten gigabits per second.

So it is slower, but you’re saving money. It relies on configuration, allowing jumbled frames to go over your network, but again, it is slower. And so it’s not necessarily as good for large-network solutions that need fast, high-quality storage. Following that is InfiniBan, a new virtualized storage system. This is a switched fabric topology for high-performance computing. So this foot here is talking about greater than 600 gigabits per second with a very, very low latency of zero to five microseconds. It’s extremely fast. Direct or switched connections are made between servers and storage systems using the specialised plugs visible on the screen. Where will you find these high-performance computing centers? If you are running a very large, high-capacity processing and storage solution, you may want to look into Infinivan. But for most small offices at home, you’re never going to find this. This is an enterprise-class solution. Next, we have virtual firewalls and routers. So I have this virtual server that has six or seven machines on it. How am I going to connect them together? Well, why aren’t I connecting some routers and firewalls? You can do that either using physical machines or by virtualizing those two.

And to fully virtualize your network, you need these virtual switches. Router and firewall manufacturers are offering virtualized versions of their most popular devices. So if you like a Cisco Pix Firewall, you can go ahead and buy a virtual one. If you like Cisco routers, you can buy a virtual one, and they’ll sell you the software to instal in your virtual environment. Virtualize Routers and firewalls are going to provide you with all of the same features as their physical counterparts without all those pesky wires. Now, how do we designate a virtual firewall or router on a diagram? Well, we use the same symbol we would use for a firewall or router and put dashes around it, as you see here for the virtual router. Next, we have virtual switches. And again, we have to overcome the problem of all these virtual servers being on one broadcast domain. So we can use layer 2 VLANs and trunking by providing virtual switches. This will also provide us with quality service and security.

And so, as you can see here inside that blue box, that is my virtual server. In there, I have three virtual servers on one physical piece of hardware and a virtual switch with three different VLANs that’s then connecting over a single network interface to a real switch in the real world, which connects to a router and then connects out to the Internet. Next, we have virtual desktops. And this is where you can run your desktop in a web browser. You can use it from the Web, a laptop, a tablet, or a phone, and it’s great for people on the go. The thing I love about virtual desktops, which we also refer to as VDI or virtual desktop infrastructure, is that they are easy to secure and easy to upgrade because they are essentially a brand new desktop that I can touch at any time because it’s all sitting in my server room, not on your desktop. The machine you’re using on your desk is just a dumb device to access it. All of the important stuff is kept in the server room.

And you can see that here, where I’m a user on the go with my tablet, and I’m sitting at Starbucks. Down here in the bottom, I can reach through the Internet to the router, switch, and desktop, or back to my server farm. Or if I’m sitting at home, I can do the same thing. Or if I’m sitting in the office, I can do the same thing. Virtual desktops are really starting to take over. Now, what are virtual desktops bad for? If you have high-performance computer needs, such as video editing, gaming, or desktop publishing—anything that requires a lot of graphics and computing power—you should think about upgrading your computer. Virtual Desktop is not for you, but for the average user who’s surfing the Internet and doing PowerPoint, Word, and Excel. Virtual desktops are phenomenal, and they are a great way to really, really increase your security and lower your total cost of ownership over time. Lastly, here we have software-defined networking, or SDN. This is going to provide the administrator with an easy-to-use front end to configure physical and virtual devices throughout your network. All of your configurations can be automated. It’s great.

And the administrator has an overview of your entire network. So in the old days without SDN, if I had three switches like I do on the left and I wanted to configure them, I needed to go to every single one of those switches either logically or remotely with SSH or Secure Shell and make my changes. But with software-defined networking I just go to the software-defined networking controller, make the change once, and it pushes the configuration change across the entire network. It will reconfigure access lists, Mac filtering, and all of those things as part of software-defined networking. It’ll change routes and tables and all of that from one centre console. It is a great, great way to virtualize your network when you’re using virtual switches and doing it to consolidate it with the real world as well.

2. Voice Over IP (VoIP)

VoIP stands for Voice-over-IP. Voiceover IP is the system that digitizes your voice traffic so it can be treated like any other data on the network. Now, you can do this by connecting it to an ATA device that will convert analogue to digital for you, such as a Vantage-type service.

Or you can use a fully digital environment—something like Skype or something like this Cisco phone that is connected over an RJ-45 or Cat-5 cable using power over Ethernet. Back to a call manager We’ll discuss the architecture a little bit more in this lesson. Now, when you’re dealing with VoIP, it uses a protocol called SIP, or session initiation protocol, to setup, maintain, and tear down each of the calls to give you that dial tone and maintain consistency. VoIP can save your company a lot of money and provide enhanced services over traditional phone systems, or PVXs. And the reason for this is that you automatically receive caller ID. You can change the names, and you can even do video over it. There are all sorts of things you can do with a great VoIP solution.

Now, how does VoIP actually work? You can, however, run it in a browser on a desktop computer. You can use it from a handset, as you see here with the IP phone in the upper left. There are all sorts of ways to do it. Now, if I’m trying to talk from that phone down to an analogue phone, like, say, my wife’s cell phone, how can that call be made? Well, I pick up the phone on the IP phone, and it does a session initiation protocol down to the call agent. That call agent then sets up the call through the router in the upper right corner, which then connects to the other router or gateway. That router is tied to the PBX that initiates the call—that green line—and that SIP session initiation protocol. Now, once the protocol is connected, we then use RTP, or real-time protocol, to pass the actual voice traffic during that session.

And so now we’re going right from the IP phone through the router to the other router, and then the PBX makes the call to the analogue system. Now, if that’s all really confusing, don’t worry too much about it because for the exam, you don’t really need to understand how the topology works, except to know that for VoIP, you set up, maintain, and terminate the calls using the SIP or session initiation protocol. And once that call is set up and maintained, the actual voice traffic goes through the real-time protocol, or RTP. Next, we have virtual private branch exchanges, or PBXes. And how do they relate to VoIP? Well, this allows you to have the ability to outsource your telephone system because everything’s ones and zeros now. So there’s no reason I can’t just route this over to India and have them handle my PBX for me, or to some cloud provider. This is going to use VoIP to send all of your data to the provider, and they’re going to connect it to whatever telephone system you need to use, whether that’s domestic or overseas. Now, the benefit of this is that they can have this virtual PBX that provides your voicemail, your caller ID, your messaging systems, and everything else for you. And all you need is a standard Dial-A tone, which you can obtain and pay for.

3. Cloud Computing

Cloud computing. Now, the last piece of virtualization technology we want to implement is cloud computing. And that is because most cloud computing is just a mixture of a bunch of virtualization technologies. Now, when you’re dealing with cloud computing, there are really three major ways that it’s done. There are three types of clouds: private cloud, public cloud, and hybrid cloud. When you’re dealing with the private cloud, your systems and your users only have access to other devices within the same private cloud or system. And this adds to the security of that cloud.

When you’re dealing with the public cloud, the systems and the users interact with devices on public networks, such as the Internet and other clouds. Now, when you deal with a hybrid cloud, this is a combination of private and public. Now, what does this really look like? Well, if you’re looking at the private cloud, for instance, there’s a thing called the Go cloud, which is made by the US government. It’s hosted on Amazon and Microsoft servers, but only government agencies can touch it, and only government data is stored in it. That is what is considered a private cloud.

Now, a public cloud, on the other hand, might be something like the Google Drive service because anyone can sign up for it, and my data is in Google Drive and your data is in Google Drive, and we can even commingle our data inside of Google Drive. Now, with a hybrid solution, we might mix a little of both. We might make parts of it private and parts of it public. Like maybe our accounting data is in a private cloud, but our human resources data is in a public cloud, and we can mix those two. It really depends on how you want to implement that.

Now, there are four models for cloud computing. We call them Nas, IAS, SAS, and Pas. which is an acronym that stands for “network as a service,” “infrastructure as a service,” “software as a service,” and “platform as a service.” Oras allows for the outsourcing of a network to a service provider. And this is where all those virtual routers, switches, and firewalls come into place. All of this can be hosted offsite at the provider’s location, where they put it in their data center, and you, the customer, are charged for usage based on the number of hours or the amount of bandwidth used. This is the way that we do this stuff. When we’re dealing with the network as a service, it becomes like a utility. Now, a good example of this would be Route53 or Amazon’s VPC, or virtual private cloud, offerings. Both of those are Network as a Service options.

Next, we have infrastructure as a service, or IaaS. This allows the outsourcing of the infrastructure of the servers and desktops to the service provider. So, if I want a virtual server hosted by Amazon, AWS, or Microsoft Azure, that is Infrastructure as a Service. You could take it a step further and actually outsource your desktops. And that becomes infrastructure as a service as well. Using VDI. Now, all of this is hosted offsite at the service provider’s location. And again, you’re charged for usage based on hours, processing power, bandwidth, or other factors. And it’s charged just like a utility, where you get a monthly bill every month. For example, my video service, Deontraining.com, uses infrastructure as a service because we’ve outsourced those servers and that hosting to a third-party company. Next, we have software as a service, or e servers This is where the user interacts with a web-based application, and the details of how it works are hidden from the user. And honestly, your user doesn’t care. They just want the end product. A good example of this is Office 365. or Google Docs or Google Sheets. All of these things are anapplication that are web based.

As a user, all I care about is: can I do what I need? If I need to make a spreadsheet, I can fire up my web browser and go to Sheets.google.com. and start creating; it’s really easy, really fast, and I don’t have to worry about it. I don’t have to pay for software or instal software. I just pay an annual service fee or a monthly service fee, and I get access to that service. Software is increasingly becoming a service. In fact, if you use Adobe Photoshop or Adobe Premiere, those are still considered software as a service because there’s a monthly fee associated with them. Now, even though they are installed locally on your machine because of the processing needs, they have to be installed locally, but every time you log into it, it checks to make sure your software licence is still up-to-date because you do have to pay that monthly fee as a service.

Next and last, we have platforms as a service. PaaS or PaaS? This provides a development platform for companies that are developing applications without the need for infrastructure. So when I build my courses and my lab environments, I use a platform as a service. I don’t want to have to worry about building up all the virtual labs myself. I want to build the VMs and give you the experience of what is there, but I don’t want to have to deal with all the hosting needs, the networking needs, and all of that other stuff that goes into it. So I outsource that under the platform-as-a-service model. Some great examples of this are Pivotal, OpenShift, and Apprentice, as well as many other solutions out there. If you’re a coder or a web programmer, there are a lot of platform services available to you.