Learning Linux for LFCA Certification Specialization

Learning Linux for LFCA Certification Specialization

Specialization Certificate

Specialization Info

Linux Cloud and DevOps

Course Certificate

Course Info

Week 01: Cloud Computing Models

In this module, we look at different cloud computing models. We start with a look at Software-as-a-Service. Next, we move on to Infrastructure-as-a-Service and think about the rule of Linux in all the IAAS services available. Lastly, we look at Platform-as-a-Service and how Linux can play a crucial role in future PAAS offerings.

Learning Objectives

---

• Describe Software-as-a-Service (SAAS) use cases
• Describe Platform-as-a-Service (PAAS) use cases
• Describe Infrastructure-as-a-Service (IAAS) use cases

Software-as-a-Service (SAAS)

Welcome to Linux Cloud and DevOps. This is the 4th course in
the Linux Foundation Specialization. Okay, so in this module, I want to
think about cloud computing models, and what I mean by this is different ways that
we use the cloud for computational needs. So by the time we’re done here, I want you to be able to describe three
different models, software-as-a-service, platform-as-a-service, and
infrastructure-as-a-service, and the different use cases that
go along with those models. All right, so let’s start out
thinking about software-as-a-service. All right, so there are three types of
cloud providers, software-as-a-service, platform-as-a-service, and
infrastructure-as-a-service. Software-as-a-service is a software
licensing and delivery model in which software is licensed on a subscription
basis and is hosted in the cloud. So let’s think about that a little bit and
decompose that a little bit. So we’ve talked a lot over these
courses about open source software, but you can use Linux in the cloud and have software that’s licensed
in the traditional models. But people learned years ago you
can make more money selling, like Kodak did,
film processing than the cameras, right? So Kodak made most of its money not
on cameras but on processing film. And the cloud software-as-a-service
is essentially the same idea where a software vendor can make a subscription
charge where they’re charging their customers every month while they use
the software instead of charging them every time there’s a major upgrade. That includes hosting,
which means that the customer is using the software as a service
providers’ servers in the cloud. Okay, these apps are typically
accessed by users using a thin client. Now, often a thin client is a web browser,
but a thin client could be like a Citrix or remote desktop if
you’re using software-as-a-service in a traditionally old, what I’d call
a fat client, where you have a Windows natively developed application or
Linux GUI distributed that way. But typically, these are these
are delivered over a web browser, and so there’s many different business
applications that use this model. So office software,
we’ll look at some examples, but typically Office 365 and
Google G Suite come to mind, right? So what we mean by office software
is things like word processing and spreadsheets and presentation software. Messaging software is things
like email and calendaring. Payroll processing software,
this was a huge leap for a lot of accounting departments because
they had to process payroll and send in the data on a biweekly or
weekly basis. Well, now it’s all up in the cloud, so they’re using the software-as-a-service
to enter the the payroll information and the vendor that’s going to cut
the checks already has all that data. Accounting software has moved there where
instead of installing software locally, you just use your web browser to
get to the accounting software. Collaboration software,
we have a couple of big ones with CRM, customer relationship management and ERP,
which is enterprise resource planning. In higher education, we use learning
management systems, and in IT support, we often use service desk management or
content management systems.

All right,
we also have this idea of outsourced IT. So when you’re using
software-as-a-service, you no longer need IT people to run around from machine
to machine for software upgrades. Now, I may be dating myself. You may be too young to have
seen this in an office, but it used to be in the old days you’d have
downtime when you did a software update. So let’s just think about this from the
perspective of you have some main business application that you run your
business on and you have 20, 30, 100 users using that application. You would need to upgrade every
workstation simultaneously before any user can log in. And typically,
people do this at night time. They would have IT people
running from machine to machine, installing the update from a CD,
installing license keys, rght? And every machine had to be updated. A few of them probably had problems. It was a nightmare. This goes away with software-as-a-service,
right? There’s no more DVDs,
no more license keys to manage. This is typically
delivered in a web browser.

Okay, so some examples SaaS providers, Microsoft Office 365,
this is a big one, right? Microsoft is trying to move all
of their desktop software for Word, spreadsheet,
PowerPoint to the cloud. Google came in and google started as
a software-as-a-service provider. So the G Suite is typically free, but
they have an enterprise model for corporations to share data across users. And Zoho is a big provider of
software-as-a-service software. Okay, so
let’s drill into these a little bit. So for Microsoft Office 365,
you have Outlook, which is your messaging and calendaring. You have Word for word processing,
you have Excel for spreadsheets, you have PowerPoint for presentation software,
you have Teams for video sharing. That became very popular during COVID,
and many, many more applications. If you have an Office 365 license, you’ll often see new software show
up there as they’re trying it out. And really, this is Microsoft’s
office software strategy for the future, is software-as-a-service.

Google, Google started out this
way with very similar products. So you had Gmail for messaging and
calendaring, Google Sheets for spreadsheets, Google Meetings for video
sharing, Google Docs or word processing, Google Slides for
presentations software, plus more and more things are showing up there.

Zoho is a software provider,
you may see them in the airports. They advertise a lot, they have lots and
lots of software-as-a-service. So mail, so they have their own email and
calendaring, they have their own word processing,
they have their own spreadsheet, they have their own presentation software,
they have their own meeting software. So just like Microsoft and Google,
Zoho is in there competing. But they have accounting software, they
have a CRM product, and they have many, many more products. I encourage you to go up to Zoho and check it out just to get a good framework
of the kinds of applications that can be delivered across
software-as-a-service today.

All right, so why are we talking about
software-as-a-service and Linux? All right, so we talked about why
a customer may want software-as-a-service, but what about service providers? We’ve already explored Linux has no
licensing fees to spin up additional servers. You can just add servers. You don’t have to go pay Microsoft or
another vendor for licensing fees for Linux. And that low cost of scalability and large
feature set makes Linux attractive for the software-as-a-service
service providers. All right, a little bit of review here. Software-as-a-service is when
our apps are hosted for us. Users require less IT support for
software-as-a-service. And Linux is a great solution for
software-as-a-service service providers. All right, see in the next lesson

软件即服务（Software as a Service，SaaS）是一种基于互联网提供软件应用程序的模式，用户通过互联网访问和使用软件，而无需安装、配置或管理任何软件本身。在SaaS模式下，软件通常由第三方服务提供商托管在云中，并通过订阅模式向用户提供。用户可以根据需要访问软件，并根据使用情况付费，通常以每月或每年的订阅方式计费。SaaS模式使用户可以快速轻松地获得所需的软件功能，无需担心维护和管理软件本身的复杂性。

一些常见的SaaS应用包括：

1. Google Workspace（以前称为G Suite）：提供电子邮件、文档处理、日历和在线存储等办公应用。

2. Microsoft 365：提供类似的办公应用，如Word、Excel和PowerPoint等，以及电子邮件和协作工具。

3. Salesforce：提供客户关系管理（CRM）和销售管理等业务应用。

4. Dropbox：提供在线存储和文件共享服务。

5. Slack：提供团队沟通和协作平台。

6. Zoom：提供视频会议和在线沟通服务。

这些都是基于SaaS模式提供的服务，用户可以通过订阅的方式使用这些服务，而无需购买、安装或管理软件本身。

Quiz: Software-as-a-Service (SAAS) Practice

Platform-as-a-Service (PAAS)

Welcome back to cloud computing and
devops. In this lesson I want to continue our
discussion of cloud computing models and look at platform as a service. This is my favorite. All right, so platform as a service. This category includes pre built
components that a developer can use when developing a cloud application. When we say devops, our software
developer, someone is writing code. They can use things and
embed them in their application so that they can get to market faster and
utilize the cloud for the features we already talked
about in the last lesson. So their customers don’t have to install
individual on individual machines. They don’t need to IT
support that sort of thing. So the goal of platforms and services
to allow the developer to focus on the development of a solution for
the business functions. What I mean by that is if I develop
a solution for banks, I focus on the needs of banks, not the generic needs
that crossover all domains, right? So some examples of platform is
the service offerings are Force.com. That’s from Salesforce or
Google App Engine. You’ll see many more of these
platforms as a service providers start to come to market in
the next five years or so.

PAAS（Platform as a Service）是一种云计算服务模型，提供了用于开发、测试、部署和管理应用程序的平台和工具。PAAS提供了一个完整的开发环境，包括操作系统、数据库、web服务器和开发工具，使开发人员能够更轻松地构建和部署应用程序，而无需购买和维护底层基础设施。PAAS通常以订阅模式提供，用户按照使用量或其他指标付费。PAAS的主要优点包括灵活性、可扩展性和降低开发成本和时间。PAAS适用于各种应用场景，包括Web应用程序、移动应用程序和企业应用程序。

PAAS的例子包括：

1. Heroku：Heroku是一个流行的云应用程序平台，支持多种编程语言和框架，如Ruby、Java、Node.js、Python等。开发人员可以使用Heroku快速部署、扩展和管理应用程序。

2. Microsoft Azure App Service：Azure App Service是微软Azure云平台上的PAAS服务，提供了一个完整的开发环境，支持多种编程语言和框架，并提供了自动扩展、持续集成等功能。

3. Google App Engine：Google App Engine是谷歌的PAAS服务，支持多种编程语言，提供了一个灵活的开发环境，开发人员可以快速构建和部署应用程序。

4. AWS Elastic Beanstalk：AWS Elastic Beanstalk是亚马逊AWS云平台上的PAAS服务，支持多种编程语言和框架，开发人员可以使用Elastic Beanstalk快速部署和扩展应用程序。

5. IBM Cloud Foundry：IBM Cloud Foundry是IBM的PAAS服务，支持多种编程语言和框架，提供了一个开放、灵活的开发环境，适用于各种应用场景。

All right,
now there’s two kinds of services. One is infrastructure services that
come with platform as a service. So node configuration means is I
want to spin up additional machines to service larger and larger users. I can get that from a platform
as a service provider. Load balancing so that I can distribute the load of
users across many different machines. I’ve seen lots of people build
software and they’re really good at the business functions but
they’re not good at the infrastructure. And so they start to scale out. So years ago, a good example is
a vendor contacted me because they built a system that would
compare credit unions. And they got on of the CNN money shows or
something and suddenly they had so many users they couldn’t
handle their load. This comes as part of
platform as a service. You focus on what you know. The business of credit unions for
example or higher education or entertainment ticketing or whatever
it is you know you focus on that and allow the service provider
to give you these services. Logging, so if you want to take
advantage of logging activities to find problems should be
part of the platform. The database, how we persist data across
instances part of the infrastructure. And lastly scheduled jobs, almost all
applications have some sort of activity that happens at a certain amount of time. It may be delivery of reports via email, it may be batch selling credit
cards that can be lots of things. But often these platform is
the service providers build this into the infrastructure services.

On the application services,
this is really for your application. So things like authentication,
how users proves they are, who they are. So for example, today we often use
multifactor authentication where you have to have your cell phone and you get an SMS message with a code
along with your user and password. We don’t all need to reinvent that wheel. It should come with these
platform as a service so I can again focus on what I
know the product I’m building. Authorization, once you are authenticated,
what functionalities can you do? Again, we don’t need to rebuild that
engine every time we build an application.

Authentication（身份验证）和Authorization（授权）是信息安全领域中两个重要概念，它们虽然有些相似，但在含义和作用上有明显的区别：

1. Authentication（身份验证）：身份验证是确认用户或系统身份的过程。在身份验证中，用户提供凭据（如用户名和密码、指纹、证书等），系统通过验证这些凭据来确认用户的身份是否有效。身份验证用于确保只有合法用户可以访问系统或资源。

2. Authorization（授权）：授权是确定用户或系统是否有权限访问特定资源的过程。在授权中，系统基于用户的身份和角色，决定用户是否有权执行某个操作或访问某个资源。授权用于限制用户在系统中的权限，确保用户只能访问其被授权的资源。

简而言之，身份验证是确认用户身份的过程，而授权是确定用户是否有权限执行某个操作或访问某个资源的过程。身份验证通常是授权的先决条件，因为系统需要知道用户的身份才能确定其权限。

A Rule Engine is designed so that it can handle changes
without changing the source code. So for things like tax rates, right? We’re in summer of 2021 as I’m recording
this and I live in Massachusetts and they’re debating having a tax
free month or two, right? That would be something you want to
be able to put in your rule engine. So when taxes are charged and not charged,
you don’t have to go back and make changes to the source code every time
the legislature makes some strange rule. Workflow, so how data travels
between different authorizations. The best example here is like
a purchase order, right? You may have some purchasing authority. It goes to your supervisor, they sign off, it goes to maybe the accounting
person who signs off, right? That’s a workflow. But there’s many different workflows in
different domains where we have work goes, gets done to a certain level,
then moves on to a different party. And again, we don’t need to reinvent that
in every application, bulk email, right? We all send email marketing today. Again I don’t need to reinvent that wheel. Importing data, exporting data,
activity tracking so as we deal with our customers and
most applications have customers, we do things like emailing them,
calling them. Those kind of activities should be
built into the platform as a service. Object customization is if a customer
needs some small change to an application, we build on a platform as
a service that should be built into the application services. New object creation, so
maybe it’s a larger customization and then there’s many more.

I’ll go through these quicker but
ways we view data, so we may view it without edit abilities. We may view with edit abilities,
we may have updates of data, we may have customization of user interface,
multi selecting fields, reports, report creation, dashboards, dashboard
creation and mobile applications. And these are all kinds of services
you’ll see in these platform as a service providers.

And we may have different reaches. So a partner portal is for not our
customers, but people we work with. So you may sell products to somebody
who then sells them at a retail level, but it could be I built a system for
Gettysburg Foundation, which is a museum that has tour guides. The tour guides with their
partners in their case. So it’s someone who has
a relationship with the organization has different levels of access. Customer portals is what we tend to
think of, where you log into a site and your customer, you can see your
activity with that organization. And then anonymous sites
are when we don’t log in and we’re just viewing the organization’s
data, but they don’t know who we are. And again, all of these different levels
of functionality should be part of that platform. So we can focus on developing
what we know really well.

All right, so
why platform as a service in Linux? So we talked about why a developer
may want platform as a service, but what about Linux? Right, and as we’ve already explored, Linux has no licensing fees to
spend up additional servers. And you’re going to hear that same
mantra as I talk about cloud computing. As we want to be able to scale up and we don’t want to scale up in a way that
suddenly we have to pay a lot of money to licensing to add replicas
of the same machines. So this low cost of scalability and large feature set makes Linux attractive
for platform as a service services. All right, just a little review here. Platform as a service is
aimed at software developers. Many applications services are duplicated
across all applications, so we don’t want to reinvent the wheel, and infrastructure services are required
to scale cloud based applications. And again, we don’t want
everyone have to rebuild that. We want to that our developers to
focus on what they know well and the service providers to build
these infrastructure services. All right, see in the next lesson.

Quiz: Platform-as-a-Service (PAAS) Practice

Infrastructure-as-a-Service (IAAS)

Welcome back to Linux
Cloud and DevOps. In this week, we’re
thinking about different Cloud
computing models. In this lesson, we’re going
to finish it off thinking about Infrastructure
as a Service. This category includes
virtualization software that allows an operating
system to be run into Cloud. I think of Infrastructure
as a Service is a temporary legacy solution. Ideally, all the software
we buy and use will be developed by folks using
Platform as a Service, that we talked about last
lesson and delivered via Software as a Service that we talked about
in the first lesson. But we’re used to buy
our own hardware. Infrastructure as a Service was designed to free the user from the purchase of
hardware and allow for hardware upgrades easily. Some examples of
Infrastructure as a Service. Amazon has EC2, Rackspace, Digitalocean, Microsoft Azure, there are hundreds out there. Where essentially you’re
getting a virtual machine, but you are responsible for managing the operating system, and I mean, you, you
are the customer.

IAAS（Infrastructure as a Service，基础设施即服务）是一种云计算服务模型，提供了基础的计算资源和虚拟化技术，用户可以通过互联网按需获取和管理这些资源，而无需购买和维护实际的物理设备。IAAS通常包括计算能力、存储空间和网络资源，用户可以根据需要灵活地扩展或缩减这些资源。

IAAS的特点包括：

1. 弹性扩展： 用户可以根据需求快速扩展或缩减计算资源，避免了传统硬件采购和部署的复杂性和成本。

2. 按需付费： 用户按照实际使用的资源量付费，避免了长期承诺和固定成本，提高了成本效益。

3. 虚拟化技术： IAAS使用虚拟化技术将物理硬件抽象为虚拟资源，使用户可以灵活管理和配置这些资源。

4. 自动化管理： IAAS平台提供了自动化的管理工具和接口，简化了资源的部署、监控和维护。

IAAS通常用于托管应用程序、网站和服务，以及进行开发和测试等工作。知名的IAAS提供商包括亚马逊AWS（Amazon Web Services）、微软Azure、谷歌云（Google Cloud）等。

Some advantages of
Infrastructure as a Service. It has lower IT cost versus having the
equipment yourself. It’s easier to add
on demand resources, so maybe you want to scale up. The vendors tend to have the ability for you to
just click a few buttons, pay a little bit of money, and you can add servers versus having to go purchase them,
have someone install them. That’s how we did
in the old days. Lower downtime.
Someone tends to be managing and have redundancy and power and network and all the things you want up
in this Cloud provider. My favorite advantage is
no more server rooms. Used to be when you
had a server room, you had to have room
conditioning costs. You had to make sure
the temperature was always with the
right temperature. You had to have the
right fire suppression. We’re removing those
fire suppression costs. You had to have
networking costs. You had enough redundancy and bandwidth to handle your needs. This is all done by the Infrastructure as a
Service service provider.

Why Infrastructure as
a Service and Linux? We talked about why
an organization may want Infrastructure as a
Service, but what about Linux? As we’ve already explored, Linux has no licensing fees to spin up additional servers, and this low cost of scalability
and large feature set makes Linux attractive for Infrastructure as a
Service services. A little bit of review here.
Infrastructure as a Service does not eliminate an
organization’s need to manage the OS. The customer is
managing the OS still. Ultimately you don’t want that. You want to outsource
that if it’s affordable. Infrastructure as
a Service takes the servers from the
closet to the Cloud. Infrastructure as a Service
is a stepping stone for many organizations to
software as a service. See you in the next module.

Quiz: Infrastructure-as-a-Service (IAAS) Practice

Quiz: Module 1 Graded

是上面quiz的集合，不再赘述。

Week 02: Virtualization

In this module, we look at how to virtualize guest operating systems running under a Linux host operating system. We will differentiate different types of hypervisors used for the virtualization process. Next, we will look at managing virtual machines running in a host Linux system, bootstrapping new installations and finally we will consider how to virtualize the network connections.

Learning Objectives

---

• Differentiate between Hypervisor Types
• Manage Virtual Machines in Linux
• Describe Bootstrapping
• Virtualize Network Connections

Hypervisor Types

Welcome back to Linux
Cloud and DevOps. This is the fourth course in the Linux Foundation
specialization. In this module, we want to
think about virtualization, where we’re virtualizing
a guest operating system in the Linux host
operating system. We’re running Linux,
but we may be running another operating
system underneath it. That can be Linux, that can be Windows, that
can be something else. By the time we’re done
with this module, there’s many things I want
you to be able to do. This includes differentiating between different
hypervisor types, I want you to be able to manage virtual machines on Linux, I want you to be able to
describe Bootstrapping, and lastly I want you to be able to virtualize
network connections. In this first lesson, let’s
think about hypervisor types. Type 1 hypervisors are often called bare-metal
hypervisors. The hypervisor runs directly on the server hardware with no middle layer,
middleman if you will. The hypervisor software
interacts directly with the CPU, the memory and storage
on the system, allocating them to each
virtual machine as needed. Remember, an operating
system normally does this. The operating system normally interacts with the CPU
and memory and storage. But here, the hypervisor runs
before an operating system, a Type 1 hypervisor. Some examples of Type 1 include Xen Server, KVM, VMware ESXi, and Microsoft Hyper-V.

裸金属（bare-metal）Hypervisor，又称为Type 1或本地Hypervisor，是一种软件工具，允许多个操作系统在单个物理服务器上运行。与Type 2 Hypervisor不同，后者运行在主机操作系统之上，裸金属Hypervisor直接与底层硬件交互。

裸金属Hypervisor的主要特点包括：

1. **效率：**由于它们直接运行在硬件上，因此与在Hypervisor和硬件之间增加了额外层的Type 2 Hypervisor相比，裸金属Hypervisor可以实现更高的性能。

2. **隔离：**裸金属Hypervisor在虚拟机（VM）之间提供了强大的隔离，确保一个VM不会影响运行在同一物理服务器上的另一个VM的操作。

3. **安全性：**直接与硬件交互使裸金属Hypervisor能够实现安全启动、内存保护和网络流量隔离等安全功能，从而增强虚拟化环境的整体安全性。

4. **资源管理：**裸金属Hypervisor提供了先进的资源管理功能，允许管理员根据虚拟机的要求分配和管理CPU、内存、存储和网络资源。

5. **可扩展性：**裸金属Hypervisor旨在支持大量VM，使其适用于企业环境和云计算基础设施。

裸金属Hypervisor的示例包括VMware vSphere/ESXi、Microsoft Hyper-V和Citrix Hypervisor（以前称为XenServer）。

Two popular Type 1 Linux
hypervisors are KVM, which is a Linux kernel-based
virtual machine that uses a standard Linux
kernel along with a special hypervisor module, and it can host any type
of guest operating system. We also have the Xen Project, which is an open-source project for hardware virtualization, which includes additional
software besides a hypervisor, for managing the hypervisor from the guest operating system.

Type 2 hypervisors. These are commonly called
hosted hypervisors because they run on top of an
existing operating system. You first install an
operating system, then you install the hypervisor
or the Type 2 hypervisor. The hypervisor
software runs like any other application on
the host operating system. A couple of examples here are VirtualBox and
VMware Workstation.

Type 2 Hypervisor是一种虚拟化软件，它运行在操作系统之上（相对于裸金属Hypervisor直接运行在硬件上），并允许用户在现有操作系统上创建和运行虚拟机（VM）。Type 2 Hypervisor通常用于桌面和开发环境中，因为它们相对简单易用。

Type 2 Hypervisor的主要特点包括：

1. **便携性：**由于它们运行在常规操作系统上，因此可以在各种硬件平台和操作系统上运行。

2. **易用性：**安装和配置Type 2 Hypervisor通常比裸金属Hypervisor更简单，无需直接与硬件进行交互。

3. **资源共享：**Type 2 Hypervisor允许多个VM共享主机计算资源，但可能会因为运行在宿主操作系统上而影响性能。

4. **功能性：**尽管Type 2 Hypervisor通常不如裸金属Hypervisor提供高级功能和性能，但对于桌面虚拟化和开发环境来说通常已经足够。

Type 2 Hypervisor的示例包括Oracle VirtualBox、VMware Workstation和Parallels Desktop。

In Type 2, host versus guest, we think about be, Linux can be either the host or the guest OS in a
Type 2 hypervisor. When we think about running, Linux can run as a guest with another operating
system as the host. Again, with running,
Linux can run as the host with another
operating system as the guest. Lastly, back to be, Linux can be both the host and the guest OS in
Type 2 hypervisors. It’s a lot to take in, so take a second
to think about it. Little review here;
Type 1 hypervisors run on the hardware, Type 2 hypervisors run on an installed operating system and VirtualBox is a
Type 2 hypervisor that most use on top of Linux
when they’re trying to install some sort of hypervisor. See you in the next lesson.

Quiz: Hypervisor Types Practice

Virtual Machines

Welcome back to Linux
Cloud and DevOps. In this lesson, we’re
going to think about virtual machines. Libvirt is a toolkit that provides an application
programming interface we call an API, where essentially, you can
write code that’s going to interact with many open-source
virtual machine manager. For example, KVM. It’s also a daemon, so it’s a libvirtd
that operates on the virtual machine host
system and executes any needed VM guest
system management tasks, such as starting and stopping
the VM, that sort of thing. Lastly, it’s a set of
command-line utilities, such as virt-install and virsh, which we’ll talk about next, that operate on the VM
host system and are used to control and manage
the VM guest systems.

Virsh is a shell that
uses the libvirt library. Basically, it can be used to manage your system’s
virtual machines.

There’s lots of commands in virsh, so you can see
a lot of them here. I’m not going to read them
all to you, but for example, you can list all the
guest operating systems, you can reboot a guest, you can restore a
previous guest, you can resume a paused guest, you could shut down a
guest, you pause a guest. Lots and lots of things
you can do from the shell of virsh with your guest
operating systems.

We also have
something called VMM, which is a specific
Virtual Machine Manager. It’s a lightweight
desktop application for creating and managing
virtual machines. It’s a Python script that
displays a GUI and is part of the
virt-manager package, and the Virtual
Machine Manager can be started from a
terminal emulator, such as the graphical
environment via the virt-manager command. A little review
here. Libvirt works with many Linux hypervisors. Virsh uses Libvirt to create a shell to manage hypervisors, and VMM is a graphical tool to create and manage VMs. See
you in the next lesson.

Quiz: Virtual Machines Practice

Bootstrapping

Welcome back to Linux cloud DevOps. In this lesson we want to think
about bootstrapping, all right? So what is bootstrapping? So think about how easy it is for you to
just create a couple of VMS from a GUI and start them up and manage them, right? I do that all the time. What if you had to start hundreds of them? That’s hard enough. But what if you need to create and
configure hundreds of them, right? There’ll be a full-time job for months and that’s what bootstrapping
software provides. It provides the ability to create and
configure VMs and then manage those VMs. So a couple different boot strapping
products we’ll look at, one is Kickstart.

So Red-Hat created the kickstart
installation method to automate the process of creating VMs. And a system administrator can create a
single file containing the answers to all the questions that would normally be asked
during a typical installation of a VM. And then kickstart files can be kept on
a server someplace and read by individual computers during the installation
when the VMs are being installed, so you have a centralized repository. And the this installation method can
support the use of a single kickstart file to install Linux on multiple machines. We also have Cloud-init. This is a Canonical product. And Cananical is the same
folks who bring you Ubuntu and it’s used to create modified
VMs from clone VMs. It’s supported by most Linux distributions
at this point and it can employ pre generated open ssh private keys for
access to the individual VMs. And there are customized scripts that
can be used for bootstrapping via user data in a YAML file or via command
line, right, little review here. Bootstrapping is designed to
automate the creation and configuration of virtual machines. Kickstart uses centralized network files
to answer installation questions and Cloud-init can install private keys that
can be used to connect to the different VMs via SSH, all right? See in the next lesson

Quiz: Bootstrapping Practice

Virtual Networks

Welcome back to Linux
Cloud and DevOps. In this last lesson of the
virtualization module, I want to think about
virtual networks. First we’ll start
off talking about virtualized Network Interface
Cards, NICs, and Switches. Typically, an application
on a physical system can reach the outside world via
Network Interface Card. This can be a wireless NIC, a physical NIC, and
some connected network. Virtual machines can have what
we call virtualized NICs, Network Interface Cards and virtualized internal switches.

There’s two concepts
here we want to think about with
network virtualization. VLANs, and this is
a LAN that can be physically located in a
logical geographic area. It’s based on logical
and virtual connections, it uses layer 2 to
broadcast messages, and the router uses layer
3 to implement the VLAN. The other idea is
an overlay network. An essentially, network
virtualization method that uses encapsulation and
communication bandwidth tunneling, so wrapping one
protocol and another. This employs virtual switches, tunneling protocols, and SDN.

There are three typical
virtual network types. We have a host only adapter, where the virtual
machine connects to a virtual network contained within the virtual
machine’s host system. There’s no connection
to external, physical or virtual networks to which the host is attached. You can have a
bridged adapter where the VM is a node on the LAN, or the VLAN to which the
host system is attached. The VM gets its own IP address and can be seen on the network, and the virtual NIC
is connected to a host machine’s physical NIC, unless it is a NAT adapter. Essentially, NAT stands for
Network Address Translation, and there’s a NAT table that’s maintained
by the hypervisor, instead of the network device. The IP address of the host is employed as a single IP address that is sent out onto
external networks, and each VM has its
own IP address that’s private within the host
system’s virtual network. A little bit of review
here. A host only adapter cannot see beyond the
host operating system. A bridged adapter gets its
own IP on the network, and a NAT adapter has a private IP address beyond the host OS. See you
in the next module.

Quiz: Virtual Networks Practice

Quiz: Module 2 Graded

是上面quiz的集合，不再赘述。

Week 03: Version Control

In this module, we look at how we can manage versions of source control in the cloud using the Git version control system. We will talk about version control at an abstract level and then drill into the details on how to commit source code to a Git repository and then follow up with how to merge different versions in Git.

Learning Objectives

---

• Describe Version Control
• Commit Source Code with Git
• Merge Versions with Git

Version Control

Welcome back to Linux
Cloud and DevOps. This is the fourth course in the Linux Foundation
Specialization. In this module we going to
think about version control. By the time we’re done, I
want you to be able to do three things, describe
version control, I want you to build a
commit source code with git and merge versions with git. Let’s start off just thinking about version
control in lesson 1. Version control is a method
or system that organizes various project files and
protects modifications to them. Typically, we think of
this around source code. VCS or version control
systems provide a common central place to
store and merge project files, so the latest project
version is accessible. Git is a common version
control system. It was created by
Linus Torvalds, the creator of Linux, and it’s a distributed VCS
version control system.

Now there’s several
components of git. You’ve got a working directory, this is typically a
home sub-directory where all the source
files are created, modified and reviewed by the
creator or the programmer. A staging area,
which is a hidden sub-directory
named.git, in Linux. This is created by
the git init command, and the working directory
source files are registered in this area
via git add command. There’s a local repository which contains each projects
files history, and then the remote repository, which is typically a
cloud-based location nowadays.

There’s many popular git
cloud-based repositories. We have GitHub, GitLab,
BitBucket, and Launchpad. I had little review here. The working directory has the local copy of
the source files, the remote repository holds the permanent copy of the
source file and versions, and GitHub is a popular
git repository. See you in the next lesson.

Quiz: Version Control Practice

Committing Changes

Welcome back to Linux
Cloud & DevOps. In this lesson, we’re going
to think about how we can commit changes to the version
control system with Git. First thing we do is setup
the local Git environment. We create a working directory, we initialize
the.git/ directory, and then we set up the
local repository options. Lastly, we establish
our remote repository.

When we want to commit
source files with Git, we create or modify
the source files, we add the files to
the staging area, we commit the files to
the local repository, and we push the files to
the remote repository.

Git是一种分布式版本控制系统，它具有三个关键概念：暂存区（Staging Area）、本地仓库（Local Repository）和远程仓库（Remote Repository）。

1. **暂存区（Staging Area）：**暂存区是Git中的一个临时区域，用于存储即将提交到版本控制的文件。在对文件进行修改后，将这些修改的文件添加到暂存区，然后通过git commit命令将暂存区的内容提交到本地仓库。暂存区允许开发人员对即将提交的内容进行审查和调整，使提交更加有序和可控。

2. **本地仓库（Local Repository）：**本地仓库是存储在本地计算机上的Git仓库副本，包含完整的版本历史和文件快照。当使用git commit命令将文件提交到本地仓库时，Git会将文件的当前状态保存为一个新的提交对象，并更新分支引用以指向该提交。本地仓库允许开发人员在本地进行版本控制和管理，而不需要连接到网络。

3. **远程仓库（Remote Repository）：**远程仓库是存储在远程服务器上的Git仓库副本，用于协作和共享代码。开发人员可以使用git push命令将本地仓库中的提交推送到远程仓库，并使用git pull命令将远程仓库中的更改拉取到本地仓库。远程仓库通常用于团队协作和备份代码，例如GitHub、GitLab和Bitbucket等平台都提供了远程仓库的托管服务。

通过这三个概念，Git提供了一个强大的版本控制系统，使开发人员可以轻松地管理和追踪代码的变化，实现高效的协作和开发。

Let’s talk a little bit about some Git configuration command. We can use the git config
-global to set the username, and we pass it in
with firstname and lastname in the double quotes. This is going to
set a name that is identifiable for credit when
reviewing version history, so you could see who
changed something. We’ve got the git config global
and set the user’s email. This sets an email address
that will be associated with each history marker
and the source control. Then we’ve got the git
config color.ui auto, which sets the automatic
command line coloring for Git for easy
reviewing of changes.

Let’s talk a little bit about
some git setup commands. Git init: this is initializing an existing directory
as a Git repository. Git clone, and we
pass in the URL. This will retrieve
an entire repository from a hosted location via URL, for example, from GitHub.

When we want to think
about committing, the git commit commands
are git status, which shows the modified files in the working directory
staged for the next commit. Git add and we pass in the file, we’ll add a file as it looks
now to your next commit. Git commit -m, and you can
put a descriptive message which will commit the stage content as a new
commit snapshot. A little bit of review
here. Git add puts the file in the queue
for the next commit, git commit pushes the stage
content into a new snapshot, and a snapshot is
just the Git term for revision. See you
in the next lesson.

Quiz: Committing Changes Practice

Merging Versions

Welcome back to Linux Cloud and DEVoPS. In this lesson I want to
think about git branches. All right so we talked about snapshots. Snapshots are just a version. So the git snapshot commands include git
reset which will unstage a file while retaining the changes in
the working directory. So it won’t be put in the queue anymore. It takes it out of the queue if you will. Git diff will diff of what has changed but
not staged. And git diff staged will
diff of what is staged but not yet committed, okay?

A branch is an area within
a local repository for a particular project section. So by default git stores
work in the master branch. So everyone has a branch. You may only have one. It’s the master branch, okay? You can have multiple branches for
a project. So an example could be the master
which is your production software, development is software being developed
and test maybe software being tested. So you can maintain these
different branches. So if you’re making a fix for the testers, you’re only going to fix it
in one branch potentially.

There’s several branch commands
we want to think about here? So git branches going to
list your branches and an asterisk will appear next to
the currently active branch. Git branch and you can pass in the branch
name will create a new branch at the current commit level. And git checkout will switch
to another branch and check it out into your working directory. Git merge and you pass it in the branch
will merge the specified branches history into the current one. And lastly, git log will show all commits
in the current branch’s history. All right a little review here,
unstaging is a term for changes in git but not marked for commit. A git branch is an area in a project and a merged conflict happens when the same
part of a file has changed differently. All right that’s it. See you in the next module.

Quiz: Merging Versions Practice

Lab: Week 3

Use the slides from the 1st lesson reading and try each of the git commands discussed in the cloud implementation of Linux. When you enter the cloud lab - please click the terminal menu and new terminal. This will give you a command line prompt in an Debian Linux shell.

Please experiment with these commands we discussed this week:

• git init
• git config
• git status
• git add
• git commit
• git diff
• git branch
• git log

Please note that you do not have internet access in the lab so you cannot push or clone from a remote repository

Quiz: Module 3 Graded

是上面quiz的集合，不再赘述。

Week 04: DevOps Basics

In this module, we look at DevOps and the use of Linux and the cloud. We will think about containers and how we can orchestrate their configuration to replicate environments for the testing and deployment of software.

Learning Objectives

---

• Describe DevOps
• Deploy Docker Containers
• Describe Orchestration
• List Container Orchestration Engines

DevOps

Welcome back to Linux
Cloud and DevOps. This is the fourth course in the Linux Foundation
Specialization. In this module we want to
think about DevOps basics. By the time we’re done,
I want you to be able to describe what DevOps is. I want you to be able to
deploy Docker containers. I want you to be able to
describe Orchestration. Lastly I’d like you
to be able a list Container Orchestration
Engines that are available for Linux. In this first lesson, let’s
just talk about DevOps. DevOps is the combination of cultural
philosophies, practices, and tools that increase an organization’s ability
to deliver applications and services at higher speed than traditional software
development methodologies. What we mean by that is
traditionally we used waterfall where we would complete each phase
before moving on, DevOps tries to incorporate lots of communication
and tooling and essentially
software developed methodologies in the process to improve how we
build software.

Some goals here. Speed, we
want to be able to move at a higher rate so that
we can innovate faster. We want to be able to adapt to changing markets quicker
and grow more efficiently. We want rapid delivery, we want increase the
frequency and pace that releases to innovate and
improve the product faster. We want higher reliability, we want to ensure the
quality of application updates and infrastructure
changes so we can reliably deliver at a more
rapid pace while maintaining a positive experience
for our end users. Scale, we want to
operate and manage infrastructure and development
processes at scale, meaning we want to be
able to scale up to whatever maximums we
need to meet the goals. We want improved collaboration. We want to build
more effective teams and our DevOps cultural model, emphasizing ownership and
accountability values and this can include
the customer also, getting them involved earlier. Lastly, security, we want to
retain control and preserve compliance while the
team’s moving at its faster rate. A
little review here. A goal of DevOps is
to innovate faster. Another goal of DevOps is
improved collaboration. The last goal is we want
higher reliability. I’ll see you in the next lesson.

DevOps是一种软件开发和运维（Operations）的实践方法，旨在通过促进开发团队和运维团队之间的协作和沟通，实现软件交付过程的自动化、持续集成和持续交付，从而加快软件开发周期、提高软件质量和稳定性。

DevOps的核心理念是打破传统的开发与运维之间的壁垒，实现开发、测试、部署和运维的无缝集成和协作。它包括以下关键实践和原则：

1. 持续集成（Continuous Integration, CI）： 开发人员频繁地将代码合并到共享存储库中，并自动构建和测试代码，以确保新代码与现有代码的集成没有问题。

2. 持续交付（Continuous Delivery, CD）： 持续交付是指将经过测试的代码自动部署到生产环境的能力，从而实现快速、可靠的软件发布。

3. 自动化（Automation）： 通过自动化构建、测试、部署和运维等过程，减少手动操作，提高效率和质量。

4. 监控与反馈（Monitoring and Feedback）： 通过实时监控应用程序和基础设施的性能和可用性，及时发现和解决问题，并从用户和系统的反馈中持续改进。

5. 团队协作（Collaboration）： 开发团队、运维团队和其他相关团队之间的紧密协作和沟通，共同推动软件交付的成功。

6. 文化变革（Culture Change）： DevOps强调改变组织的文化和价值观，鼓励团队成员分享责任、信任和尊重，以促进创新和快速响应变化。

通过采用DevOps实践，组织可以加速软件交付，提高产品质量和稳定性，降低开发成本，增强竞争力，并更好地满足用户需求。

Quiz: DevOps Practice

Containers

Welcome back to Linux
Cloud and DevOps. In this lesson, we’re going
to think about containers, because containers are a big
part of the DevOps process. They allow us to control the environment within
which we’re going to deploy and test our software. First off, let’s talk
about virtual machines. A virtual machine is the virtualization or emulation
of a computer system. Virtual machines run a
complete operating system including their own kernel. We’ve talked about that
earlier in the specialization. Containers are an
isolated lightweight silo for running an application on
the host operating system. They don’t have their
own system kernel. They build on top of the host
operating system’s kernel. The hosting container
OSs must be the same.

虚拟机（Virtual Machine）和容器（Container）是两种不同的虚拟化技术，它们在实现方式、性能、资源利用率和应用场景等方面有所不同。

1. 实现方式：

   • 虚拟机：虚拟机通过在物理硬件上安装一个称为"hypervisor"的软件来实现虚拟化。Hypervisor允许在同一台物理机上运行多个独立的虚拟机实例，每个虚拟机都运行自己的操作系统。
   • 容器：容器是利用操作系统级的虚拟化技术，通过在操作系统上运行容器引擎（如Docker），将应用程序及其依赖项打包成一个独立的容器，从而实现应用程序的隔离和部署。

2. 性能：

   • 虚拟机：由于每个虚拟机都运行完整的操作系统，因此虚拟机在启动和运行时需要较多的资源（如内存、存储空间和计算资源），并且性能相对较低。
   • 容器：容器共享宿主机的操作系统内核，因此启动和运行速度更快，对系统资源的需求也更少，性能相对较高。

3. 资源利用率：

   • 虚拟机：由于每个虚拟机都包含完整的操作系统，因此占用的资源较多，虚拟化环境的资源利用率较低。
   • 容器：容器共享宿主机的操作系统内核和其他系统资源，因此占用的资源更少，资源利用率更高。

4. 隔离性：

   • 虚拟机：由于每个虚拟机运行在独立的虚拟化环境中，因此虚拟机之间具有较高的隔离性，一台虚拟机的故障不会影响其他虚拟机。
   • 容器：容器共享宿主机的操作系统内核，因此容器之间的隔离性较低，一台容器的故障可能会影响其他容器。

5. 应用场景：

   • 虚拟机：适用于需要在不同操作系统之间进行切换或需要更高隔离性的场景，如多租户应用程序和需要同时运行多个不同操作系统的环境。
   • 容器：适用于需要快速部署和扩展应用程序的场景，如微服务架构和持续集成/持续交付（CI/CD）流程。

综上所述，虚拟机和容器在实现方式、性能、资源利用率和隔离性等方面存在差异，开发人员和运维人员可以根据具体需求选择合适的虚拟化技术来部署和管理应用程序。

There are many common
virtual machine providers, VMWare, VirtualBox, Xen, Hyper-V, KVM,
we talked about those in an earlier course
in the specialization.

When you think about containers, we have several Linux
containers, LXC, LXD, CGManager, Dockers, the big player in
containers, they run on Linux, they run on other
operating systems, and Windows Server Containers
are another option.

Some benefits of Containers for DevOps: there’s less overhead, containers are typically faster. They’re more reproducible, so it’s easier to
reproduce an environment which is often the
hardest part of testing software is when you’re testing software in
different environments, different operating
systems, different third-party software installed,
it’s very confusing. Containers help us to make
things more reproducible. There are also
immutable by default, meaning they don’t
store changes, which is essential
for software testing that we always start
at the same process. A little review here. Each
virtual machine guest can have its own
operating system. Container share an
operating system and containers are immutable by default. See you in
the next lesson.

Quiz: Containers Practice

Docker Containers

Welcome back to Linux,
Cloud, and DevOps. In this lesson, we’re going
to build on the last lesson. In the last lesson, we
introduced containers, in this lesson I want
to drill into Docker a little bit because
Docker is so big and you’ll use it a lot
in your Linux testing at least and if you do
any DevOps work. You need to install Docker, and there’s three
different major versions, Mac, Windows, and Linux. I said earlier that you can only run the same operating system in Docker that’s on the host. One exception here is Windows. Windows has the
ability to run Linux inside because Microsoft
built enough of the Linux outside so that it can run their
containers inside. You could download your install. Then you create a Docker file. This is simply a
text-based script of instructions that is used to
create a container image. The file is named Dockerfile. Pretty simple, right?
A Dockerfile is a step-by-step set
of instructions. Docker provides a set of standard instructions to be used in the Docker file
things like from, copy, run, environment, expose, command. Those are just some. Docker will build a Docker
image automatically by reading these instructions
from the Dockerfile.

There’s also a place
called Docker Hub. This is a service
provided by Docker for finding and sharing container
images with your team. It is the world’s
largest repository of container images with an array of content sources including container
community developers, open-source projects,
and the ISVs; independent software vendors, building and distributing
their code in containers. Users get access to free public repositories for
storing and sharing images or can choose a subscription plan for private repositories
at Docker Hub.

Here’s a simple
example Dockerfile. Here we’re setting up an
image from Ubuntu: 18.04. We run an apt-get update and
an apt-get install Python 3. I then create a
directory called aspen. I copy a file from the
installation called test.py. When I save the installation,
I’ve got an archive, typically with this Dockerfile that will have all the files. I’m going to copy that test.py
into my aspen test.py, then I run a change mod. Then my entry point is what gets run when the docker files run. Here’s just running
my Python script.

There’s also a
Docker command line. You can build the
image with Docker build -t and the image name. You can show images with
docker images and you can run an image with docker
run and then the image name. There’s many more command
line command you can learn. A little review. A Dockerfile is simply
a text-based script of instructions that is used to
create a container image. The file is named Dockerfile, and you build a Docker file into an image. See you
in the next lesson.

Quiz: Docker Containers Practice

Orchestration

Welcome back to Linux
Cloud and DevOps. In this last lesson, we want to think
about orchestration. Essentially what we mean here is continual software
revision control. Continuous integration
is we’re quickly integrating app changes
into our main software. Continuous testing is
our app modifications undergo automated testing
to avoid breaking the app. Continuous delivery is our
software is delivered to the customer on a
continual basis.

Fixing the state
across environments, the production environment must equal the development
environment. We’ve talked about a
little bit so far, and we talked about
containers to help us there. Environment modifications
must be controlled in a similar manner to
software modifications. We test our new environments
and once they’re tested, we add them to a journal, and our old environments
are maintained in case we need to go back
to those old versions.

We have what’s called
configuration management, which is nonhardware specs implemented into the environment
versus automated code. We have policy as code, which is we take security
measures such as firewall, ACL, and authentication
policies implemented into the environment via some scripting or automated code. Infrastructure as a code
is an umbrella term that includes configuration
management and policy as a code. We use all this to
standardize our environments.

When we go to deploy
our applications, we want to make sure
that application and development environments are moved into production
in a continual manner. This process is automated via
infrastructure automation. We want to make sure we’re
monitoring our environment. App production environment
needs monitoring and logging of various items
such as software metrics. How are things performing? How long does it take to
do certain operations? Infrastructure resource usage. How much memory and
disk and processor are we using, performance
statistics? Monitoring also provides
alerts, for example, on failures or
resource depletion when we want to notify people. Containers are going to
provide lots of these things. A static environment,
version control, replace not update,
and high availability. When we go to code
the infrastructure, we determine the
required infrastructure. We document the required
infrastructure. We use automated
configuration management, which is the process
of recording the infrastructure
as code settings. We use build automation, which is using the
infrastructure as code data to automate the replicating and deployment of app containers. We provide revision control for infrastructure as code data. Lastly, we troubleshoot
the infrastructure.

Let’s drill in a little bit to automating the Infrastructure. This employees automated
configuration management. It eases troubleshooting
infrastructure. It allows rollbacks to the
previous infrastructure if we find a problem and
deployment is automated. There are two types
of monitoring. There’s agent
versus agentless. Agent monitoring tools use
orchestration that uses a piece of software
to be installed in the app container
that’s being monitored. That piece of software
as the agent. Agentless monitoring tools
use orchestration that do not require software reinstalled in the app container
being monitored. This uses pre-existing tools within the container instead.

There’s several
orchestration systems. Kubernetes; this was
designed by Google. It’s an open-source
orchestration system. It’s a platform for automating
deployments, scaling, and operations of
application containers across clusters of hosts. It’s supported Docker containers
in the first version and later is added rkt
containers also. We also have Docker Swarm. This is Docker containers
engine orchestration tool. It’s created by a group
of Docker containers. It monitors a cluster’s health. It returns the cluster to a desired state automatically
if something goes awry. A little bit of review here. Containers provide many of the components needed in DevOps. Agents run a piece
of software to monitor the containers
and Kubernetes is a popular
orchestration system out there. That’s it. Have fun.

Quiz: Orchestration Practice

Quiz: Module 4 Graded

是上面quiz的集合，不再赘述。

后记

2024年4月14日16点32分完成这门课的学习，这也是这个Specialization的最后一课。整体而言，这个专项比较浅显，适合入门。学习这个专项的收获：帮我复习了一些基本的linux命令，一些linux系统的基本概念；学习用英文表述这些概念。