Arcitura IT Certified Professionals (AITCP)
Arcitura IT Certified Professionals (AITCP)
Arcitura IT Certified Professionals (AITCP)
Arcitura YouTube Channel
- Overview
- Mechanisms
- Overview
- Audit Monitor
- Automated Scaling Listener
- Billing Management System
- Cloud Storage Device
- Cloud Usage Monitor
- Failover System
- Hypervisor
- Load Balancer
- Logical Network Perimeter
- Multi-Device Broker
- Pay-Per-Use Monitor
- Ready-Made Environment
- Remote Administration System
- Resource Cluster
- Resource Management System
- Resource Replication
- SLA Management System
- SLA Monitor
- State Management Database
- Virtual Server
- Compound Patterns
- Design Patterns
- Overview
-
Automated Administration
-
Bare-Metal Provisioning
-
Broad Access
-
Centralized Remote Administration
-
Cross-Storage Device Vertical Tiering
-
Direct I/O Access
-
Direct LUN Access
-
Dynamic Data Normalization
-
Dynamic Failure Detection and Recovery
-
Dynamic Scalability
-
Elastic Disk Provisioning
-
Elastic Network Capacity
-
Elastic Resource Capacity
-
Hypervisor Clustering
-
Intra-Storage Device Vertical Data Tiering
-
Load Balanced Virtual Server Instances
-
Load Balanced Virtual Switches
-
Multipath Resource Access
-
Non-Disruptive Service Relocation
-
Pay-as-You-Go
-
Persistent Virtual Network Configuration
-
Platform Provisioning
-
Rapid Provisioning
-
Realtime Resource Availability
-
Redundant Physical Connection for Virtual Servers
-
Redundant Storage
-
Resource Management
-
Resource Pooling
-
Resource Reservation
-
Self-Provisioning
-
Service Load Balancing
-
Service State Management
-
Shared Resources
-
Storage Maintenance Window
-
Storage Workload Management
-
Synchronized Operating State
-
Usage Monitoring
-
Workload Distribution
-
Zero Downtime
- Service Technology Specs
- Cloud School
Resource Management (Erl, Naserpour)
How can a cloud consumer safely manage an IT resource without impacting neighboring IT resources?
Problem
When cloud consumers access and manage deployed IT resources that coexist with other IT resources as part of a live production environment, management changes to an IT resource may inadvertently negatively impact others.Solution
A set of tools and backend controls are provided by the cloud provider to protect the management activity of one cloud consumer from others.Application
Cloud consumers are given limited access levels and management options and their management activity is further confined to their respective logical network perimeters.Mechanisms
Audit Monitor, Cloud Usage Monitor, Logical Network Perimeter, Remote Administration System, Resource Management SystemCompound Patterns
Burst In, Burst Out to Private Cloud, Burst Out to Public Cloud, Elastic Environment, Infrastructure-as-a-Service (IaaS), Multitenant Environment, Platform-as-a-Service (PaaS), Private Cloud, Public Cloud, Resilient Environment, Software-as-a-Service (SaaS)Problem
When a cloud consumer carries out management tasks on an IT resource, neighboring IT resources (belonging to the same or different cloud consumer) can be inadvertently impacted.
Figure 1 - In this example, the cloud consumer makes a remote management change to a physical server, which accidentally affects a virtual server hosting a database in another part of the cloud environment. In this scenario, all IT resources belong to the same cloud consumer.
For example, the logical network perimeter established for one cloud consumer may encompass IT resources that are shared by other cloud consumers. This means the same physical server may be hosting virtual servers that belong in different logical network perimeters.
Solution
A set of tools and backend controls are provided by the cloud provider to specifically limit the access levels and management options of each cloud consumer to the IT resources it is granted access.
Application
This pattern is applied via frontend portal controls and corresponding backend scripts and logic, and is therefore typically combined with the Centralized Remote Administration pattern. The controls established by this pattern essentially confine each cloud consumer’s access to within its designated logical network perimeter and further enforce the levels of access the cloud consumer has to IT resources within the perimeter.
The tools established by this pattern can further include a sandbox environment that allows cloud consumers to safely test and execute management changes before committing the changes to the production environment. The sandbox environment limits the amount of access cloud consumers have to physical resources, and also allows for the monitoring of commands and configuration requests.
It provides two key features:
- An auditing system is put in place to audit commands and requests prior to passing them to actual IT resources. This way, any conflicts or misconfigurations can be detected and notified to the cloud consumer before they are applied to the production environment.
- Log files are maintained to keep a record of all commands and requests made. This can aid troubleshooting.
Figure 2 - Cross-IT resource management tools and logic are used to check (and optionally audit and log) commands before allowing them to be executed.
NIST Reference Architecture Mapping
This pattern relates to the highlighted parts of the NIST reference architecture, as follows:
This pattern is covered in CCP Module 4: Fundamental Cloud Architecture.
For more information regarding the Cloud Certified Professional (CCP) curriculum, visit www.cloudschool.com.