1、培訓過程中，如有部分內容理解不透或消化不好，可免費在以后培訓班中重聽；
        2、培訓結束后,授課老師留給學員聯系方式,保障培訓效果,免費提供課后技術支持。
        3、培訓合格學員可享受免費推薦就業機會。

• 1. Virtualization Details
  a. Operating System Concepts Overview
  i. CPU, Memory, Network, Storage
  b. Hypervisor
  i. Supervisor of Supervisors
  ii. “Host” machine and “guest” OS
  iii. Type-1 Hypervisor & Type-2 Hypervisor
  iv. Citrix XEN, VMware ESX/ESXi, MS Hyper-V, IBM LPAR.
  c. Network Virtualization
  i. Brief introduction to 7-Layer OSI Model
  1. Focus on Network layer
  ii. TCP/IP Model or Internet Protocol
  1. Focus on a single vertical
  a. Application Layer: SSL
  b. Network Layer: TCP
  c. Internet Layer: IPv4/IPv6
  d. Link Layer: Ethernet
  2. Packet structure
  iii. Addressing: IP Address and Domain Names
  iv. Firewall, Load Balancer, Router, Adapter
  v. Virtualized Network
  1. Higher-order abstractions: Subnets, Zones.
• d. Hands-on Exercise:
  i. Familiarize with ESXi cluster and vSphere client.
  ii. Create/update networks in ESXi Cluster, deploys guests from VMDK
  packages, enable inter-connectivity between guests in an ESXi cluster.
  iii. Make modifications to a running VM instance and capture snapshot.
  iv. Update firewall rules in ESXi using vSphere client.
• 2. Cloud Computing: A paradigm shift
  a. A fast, inexpensive runway to make product/solution available to the world
  b. Resource sharing
  i. Virtualization of virtualized environment
  c. Key benefits:
  i. Resource elasticity on-demand
  1. Ideate->Code- >Deploy without requiring infrastructure
  2. Rapid CI/CD pipelines
• ii. Environment isolation and vertical autonomy
  iii. Security through layering
  iv. Expense optimization
  d. On-premise Cloud and Cloud Providers
  e. Cloud as an effective conceptual abstraction for distributed computing
• 3. Introduction to Cloud Solution Layers:
  a. IaaS (Infrastructure as a Service)
  i. AWS, Azure, Google
  ii. Choose one Provider to continue later. AWS is recommended.
  1. Introduction to AWS VPC, AWS EC2 etc.
• b. PaaS (Platform as a Service)
  i. AWS, Azure, Google, CloudFoundry, Heroku
  1. Introduction to AWS DynamoDB, AWS Kinesis etc.
• c. SaaS (Software as a Service)
  i. Very brief overview
  ii. Microsoft Office, Confluence, SalesForce, Slack
  d. SaaS builds on PaaS that builds on IaaS that builds on Virtualization
• 4. IaaS Cloud Hands-on Project
  a. The project uses AWS as the IaaS Cloud Provider
  b. Use CentOS/RHEL the operating system for the rest of the exercise
  i. Alternatively, Ubuntu will also do, but RHEL/CentOS are prefered
  c. Obtain individual AWS IAM accounts from your cloud admin
  d. Each student must do these steps independently
  i. The ability to carve your own entire infrastructure on-demand is the best demonstration of the power of cloud computing
  ii. Use AWS Wizards -- AWS online consoles -- to accomplish these tasks unless otherwise mentioned
  e. Create a public VPC in us-east- 1 Region
  i. Two Subnets (Subnet-1 and Subnet-2) in two different Availability Zones
• 1. See http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Sce
  narios.html for reference.
  ii. Create three separate Security Groups
  1. SG-Internet
  a. Allows incoming traffic from Internet on https://443 and http://80
  b. No other incoming connections allowed
  2. SG-Service
  a. Allows incoming traffic only from security group SG-Internet on https://443 and http://80
  b. Allows ICMP only from SG-Internet
  c. No other incoming connections allowed
  3. SG-SSH:
• a. Allows SSH:22 incoming connection only from a single IP that matches with the public IP of the student’s lab machine. In case the lab machine is behind a proxy then the public IP of the proxy.
• f. Deploy an instance of an AMI pertaining to your chosen OS -- preferably latest RHEL/CentOS versions available in AMIs -- and host the instance on Subnet-1. Attach the instance to SG-Service and SG-SSH groups.
  g. Access the instance using SSH from your lab machine.
• i. http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AccessingInstan
  cesLinux.html
• h. Install NGINX server on this instance
  i. https://www.nginx.com/resources/wiki/start/topics/tutorials/install/
  i. Put static contents of your choice -- html pages, images -- to be served by
  NGINX (on port 80 0ver HTTP) and define URLs for them.
  i. See https://www.nginx.com/resources/admin-guide/serving- static-content/
  j. Test the URL from that machine itself.
  k. Create an AMI image from this running instance.
  i. See http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-
  ami-ebs.html .
• l. Deploy that new AMI and host the instance on Subnet-2. Attach the instance to SG-Service and SG-SSH groups.
  m. Run the NGINX server and validate that the access URL for the static content as created in step (i) works.
  n. Create a new “classic” Elastic Load Balancer and attach it to SG-Internet.
  i. See http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-
  getting-started.html
  ii. Note the difference from Application Load Balancer and Network Load Balancer.
• o. Create routing rule forwarding all http://80 and https://443 traffic to an instance group comprising the two instances create above.
  p. Using any certificate management tool -- java keytool etc. -- create a key-pair and self-signed certificate and import the certificate to AWS Certificate Manager (ACM)
  i. See http://docs.aws.amazon.com/acm/latest/userguide/import-
  certificate.html
  ii. Alternatively, ACM itself can be used as a certificate management and signing authority and a new certificate can be requested to ACM. But in that case a valid domain name must be used, corresponding domain admins must be available to validate the request, and an AWS Route53 entry then subsequently needs to be created to map onto ELB IP. These are more advanced steps and hence p.(i) is better recommended.
  q. Use this certificate for the ELB’s TLS/SSL connection to support https
• i. See http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/ssl-
  server-cert.html
• r. From your browser go to http:://<elb-public-access-name>/<static-content-url>
  s. You should see the static content on your browser.
  t. Stop each of the instances one at a time and submit the URLs.
  u. Stop both instances and submit the URLs.
• 5. Cloud Monitoring: Introduction &amp; Hands-on Project
  a. AWS CloudWatch metrics
  b. Go to AWS CloudWatch dashboard for the instances
  i. Retrieve the relevant metrics and explain the variability with time
  1.http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/viewing_
  metrics_with_cloudwatch.html
  c. Go to AWS CloudWatch dashboard for the ELB
  i. Observe the ELB metrics and explain their variability with time
  1.http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/el
  b-cloudwatch- metrics.html
  6. Advanced Concepts for Further Learning:
  a. Hybrid Cloud -- on-premise and public cloud
  b. Migration: On-premise to public cloud
  i. Application code migration
  ii. Database migration
  c. DevOps
  i. Infrastructure as a code
  ii. AWS Cloud Formation Template
  d. Auto-scaling
  i. AWS CloudWatch metrics to determine health