The initial addition of Node Controller required a password to exchange the cryptographic keys from the lower controller to the upper one. After the password is exchanged, all operations rely on the trust provided by these keys in the communications between the controllers.
Home Cloud Computing Ubuntu Cloud
“Ubuntu Cloud job test questions and answers guide. The one who provides the best answers with a perfect presentation is the one who wins the job hunting race. Learn Ubuntu Cloud and get preparation for the new job”
15 Ubuntu Cloud Questions And Answers
Node controller consists of the hardware settings and configuration for the image machines. It performs the tasks that are requested by cluster controller and reply to the queries. It performs the following tasks:
1. Verify and authenticate the user request.
2. Allow user to download the image from the cache and use it.
3. Create a virtual network interface for easy communication between machines.
4. Start an instance of a virtual machine that can be accessed by the user.
The IP addressing is an essential part of networking and to establish an ubuntu cloud it has to be configured correctly and the default gateway has to be mentioned for communication with other network or same network. To configure the IP addressing the command that can be used is ip, ifconfig and route. These are the commands that allow the configuration of the networking. To set the configuration use the following command:
sudo ifconfig eth0 10.0.0.100 netmask 255.255.255.0
Through this IP address can be set and configured temporarily to save it permanently ifconfig file has to be modified.
Ethernet interfaces are the part of the networking and it is automatically identified by the system using different naming conventions. It is represented by ethX, where X= any numeric value. The default interface of the system is named as eth0 and it will go on after this. To identify the Ethernet interface the command that is used:
ifconfig -a | grep eth
The command will show all the interfaces that are associated with the system.
Walrus storage controller uses SOAP API that are compatible with its architecture. Its main function is:
? To store the machine images that can be used by the cloud controller
? To access and store the data from anywhere.
? It provides file level storage system and doesn’t provide the locking of a file. It doesn’t allow concurrent file to change the status of a single file that is getting modified by the user.
? It saves the state of the images.
Cloud computing ahs a few disadvantages, some of them are:
Security and privacy: The data in Ubuntu cloud have many instances with a third party which many users may not prefer. Cloud servers store sensitive information which must be protected at all costs. There is a vulnerability of unauthorized access.
Loss of control (dependency): In cloud computing the cloud service providers play a major role more maintenance and fixing of the cloud. Being a third party an organization has less control over it. And once a cloud is established migrating to another CSP is not an easy task.
Costs: Although in the long run cloud computing is cheap but being a new technology the improvements and research involved makes it quite expensive. To incorporate this technology many changes may be require including the development of software.
Integration and knowledge: As most of the functions are provided by a CSP getting to understand the system from an organizational point of view is tough. Also integration with existing systems is hard to achieve.
The elements that are included in ubuntu cloud architecture are:
1. Cloud controller: it is the main controller that controls the communication between two nodes and allows the system to communicate with each other.
2. Walrus Storage controller: It controls the storage of the data and resource at one place for easy access.
3. Elastic block storage controller: it uses the elasticity concept and allow the resources to scale up as the demand rises. This block consists of dynamic resources.
4. Cluster controller: it controls the cloud clusters which are made up of mady nodes and contains the configuration of all the nodes from a single point.
5. Node controller: it consists of the hardware resources that is being provided to the web or to the user through cluster controller.
Private cloud offers complete set of development tools and easy to configure panel where you can customize and deploy prototype applications.
- It keeps the private sensitive application separate and hidden from the world.
- It provides the provision to create high performance applications and include the concept of elasticity.
- It uses a firewall and keeps all the resources in a pool that separates them with other resources that are made public.
To prevent eavesdropping of network traffic from a machine run by one user to the machines run by other users, networking plays an important role in security. Following networking modes are available at set-up time, depending on the level of security:
Ubuntu till date has released three components, they are named as :
- Ubuntu Server Edition on Amazon EC2 (IaaS)
- Ubuntu enterprise cloud powered by Eucalyptus (IaaS)
The first two components are targeted for the infrastructure layer of the computer stack. And UbuntuOne is meant for the software layer also known as Software as a service (SaaS).
The private cloud concept has a variety of usage scenarios. Some of them are :
- It enables an organization to rapidly develop and also prototype cloudware applications. Also this can be done behind a firewall enabling the creation/development of privacy sensitive applications such as classified data handling.
- Being an elastic platform it enables the use of high performance applications whose load can be fluctuating. The system is based on aggregated peak loads of different applications at a single point of time.
- By using private cloud concept the organization can assign a pool of hardware inside the firewall henceforth enabling it to be assigned to the users by a common gui to speed up the process.
Ubuntu enterprise cloud includes many features that are not being provided with the other cloud platforms:
It is EC2 compatible cloud platform that is built on ubuntu server.
It provides complete built in cloud solution to manage the on-demand functionality.
It provides the features of on-demand access and increases the EC2 functionality.
It provides privacy policies and isolation from the hardware devices.
It provides an easy way to scale the public providers and avoid lock-in whenever possible.
To authenticate and authorize the user there are two steps involved:
1. User should have access to the cloud controller account and access to its user interface.
2. Administrative rights to the user to create their own policies.
The registered users get a access key that gives the certificate and the query information to the user which can be used to authorize the user’s status.
The authentication will vary for each user to access the cloud and its service. To authenticate the user a password will be given to access the web console and retrieve their certificate and query key. Cloud controller verifies the authentication only at the first time but the authorization is verified at each level.
There are two types of actors that are required for authentication and authorization:
User or administrator of the system who has the rights to start and stop the instances of the system.
Components of the systems that are required to be present to fully utilize the requests.
The authentication on ubuntu cloud is being performed by X509 certificate that consists of cryptographic keys for authentication and secure communications between all the actors.
The three levels that are included in instance isolation:
1. Networking isolation: it keeps the overall security of the ubuntu cloud system and keeps the network isolated from the user sight so that there will be less security issues.
2. OS isolation: it keeps the user away from the operating system changes. It provides Mandatory Access control (MAC) system that includes default scripts to provide the isolation from the user to the Operating system.
3. Hypervisor based machine isolation: it doesn’t allow the user to know what kind of hypervisor is used to provide the services which users have asked for. It provides intrinsic properties to hide its existence from the users of the cloud.