-
Notifications
You must be signed in to change notification settings - Fork 1.6k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #198 from extrastufff054/add-contents-cloudproviders
Add fundamental concepts of AWS, GCP, Azure, along with tips, tricks,…
- Loading branch information
Showing
4 changed files
with
524 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,148 @@ | ||
| # Amazon Web Services (AWS) Concepts | ||
|
|
||
| Amazon Web Services (AWS) is a leading cloud service provider that offers a wide range of cloud computing services. Below are some fundamental concepts to understand when working with AWS: | ||
|
|
||
| ## 1. Regions and Availability Zones | ||
|
|
||
| - **Region:** A geographic area that consists of multiple Availability Zones. Each AWS region is a separate geographic area, isolated from others, and is designed to provide high availability and low latency. | ||
| - **Availability Zone (AZ):** A data center or facility within an AWS region. AZs are interconnected but physically separate from each other, providing redundancy and fault tolerance. | ||
|
|
||
| ## 2. EC2 (Elastic Compute Cloud) | ||
|
|
||
| - **EC2 Instance:** Virtual machines that you can rent on AWS. They vary in terms of computing power, memory, and storage capacity to meet different application requirements. | ||
| - **AMI (Amazon Machine Image):** A pre-configured virtual machine image used to create EC2 instances. | ||
| - **Security Groups:** Virtual firewalls that control inbound and outbound traffic to EC2 instances. | ||
|
|
||
| ## 3. S3 (Simple Storage Service) | ||
|
|
||
| - **S3 Bucket:** A container for storing data objects (files) in S3. Buckets have unique names and are used to organize and manage data. | ||
| - **Objects:** The data files stored in S3 buckets. Each object consists of data, a key (unique within a bucket), and metadata. | ||
|
|
||
| ## 4. IAM (Identity and Access Management) | ||
|
|
||
| - **IAM User:** An individual or system that interacts with AWS resources. Each user has its own set of credentials and permissions. | ||
| - **IAM Role:** A set of permissions that define what actions an entity can perform on AWS resources. Roles can be assumed by EC2 instances, Lambda functions, etc. | ||
| - **Policies:** JSON documents that define permissions for users, groups, and roles. | ||
|
|
||
| ## 5. RDS (Relational Database Service) | ||
|
|
||
| - **RDS Instance:** Managed relational database instances (e.g., MySQL, PostgreSQL, Oracle) that are scalable and highly available. | ||
| - **DB Snapshots:** Point-in-time backups of an RDS instance, used for data recovery and replication. | ||
| - **Multi-AZ Deployment:** A configuration that replicates the database across multiple Availability Zones for high availability. | ||
|
|
||
| ## 6. VPC (Virtual Private Cloud) | ||
|
|
||
| - **VPC:** A logically isolated section of the AWS cloud where you can launch AWS resources. It provides control over network configuration and security. | ||
| - **Subnet:** A range of IP addresses in your VPC. Subnets are associated with specific Availability Zones. | ||
| - **Route Table:** A set of rules that determine where network traffic is directed within a VPC. | ||
|
|
||
| ## 7. Lambda | ||
|
|
||
| - **AWS Lambda:** A serverless computing service that lets you run code in response to events without provisioning or managing servers. | ||
| - **Event Sources:** Triggers that invoke Lambda functions, such as API Gateway, S3, or CloudWatch Events. | ||
| - **Function:** The code you want to execute when a Lambda is triggered. | ||
|
|
||
| ## 8. Elastic Load Balancing (ELB) | ||
|
|
||
| - **ELB:** A service that distributes incoming traffic across multiple EC2 instances for improved availability and fault tolerance. | ||
| - **Load Balancer Types:** Classic Load Balancer, Application Load Balancer (ALB), Network Load Balancer (NLB). | ||
| ## 9. Amazon Route 53 | ||
|
|
||
| - **Amazon Route 53:** Route 53 is a scalable domain name system (DNS) web service that allows you to register domain names and route internet traffic to the appropriate resources, such as EC2 instances, S3 buckets, or load balancers. | ||
|
|
||
| - **DNS Record Types:** Route 53 supports various DNS record types, including A records (for IPv4 addresses), AAAA records (for IPv6 addresses), CNAME records (for aliasing), MX records (for mail routing), and more. | ||
|
|
||
| - **Health Checks:** You can configure Route 53 to perform health checks on your resources and automatically route traffic away from unhealthy endpoints to maintain high availability. | ||
|
|
||
| ## 10. AWS Elastic Beanstalk | ||
|
|
||
| - **AWS Elastic Beanstalk:** Elastic Beanstalk is a Platform-as-a-Service (PaaS) that simplifies the deployment and management of web applications. It automatically handles infrastructure provisioning, capacity scaling, and application monitoring. | ||
|
|
||
| - **Supported Platforms:** Elastic Beanstalk supports various programming languages and web frameworks, including Java, .NET, PHP, Node.js, Python, Ruby, and more. | ||
|
|
||
| - **Customization:** While Elastic Beanstalk simplifies deployment, you can still customize the environment by specifying configuration files and settings. | ||
|
|
||
| ## 11. ECS (Elastic Container Service) and EKS (Elastic Kubernetes Service) | ||
|
|
||
| - **ECS:** ECS is a container orchestration service that allows you to run, stop, and manage Docker containers on a cluster of EC2 instances. It simplifies the deployment of containerized applications. | ||
|
|
||
| - **EKS:** EKS is a managed Kubernetes service that makes it easier to deploy, manage, and scale containerized applications using Kubernetes. | ||
|
|
||
| - **Containers:** Both ECS and EKS are designed for container management and can scale your applications automatically based on demand. | ||
|
|
||
| ## 12. Amazon CloudWatch | ||
|
|
||
| - **Amazon CloudWatch:** CloudWatch is a monitoring and observability service that collects and tracks metrics and logs from various AWS resources, applications, and services. | ||
|
|
||
| - **Alarms:** You can set up alarms in CloudWatch to automatically trigger actions or notifications when specified thresholds are breached. | ||
|
|
||
| - **Logs and Insights:** CloudWatch Logs allows you to collect, monitor, and store log data from your applications, while CloudWatch Logs Insights helps you analyze and gain insights from log data. | ||
|
|
||
| ## 13. Amazon Elasticsearch Service | ||
|
|
||
| - **Amazon Elasticsearch Service:** This is a managed Elasticsearch service that makes it easy to deploy, operate, and scale Elasticsearch clusters for searching, analyzing, and visualizing data in real-time. | ||
|
|
||
| - **Kibana Integration:** Amazon Elasticsearch Service integrates with Kibana for data visualization and exploration. | ||
|
|
||
| - **Security and Access Control:** Elasticsearch Service provides security features such as encryption, access control, and VPC support. | ||
|
|
||
| ## 14. AWS CloudFormation | ||
|
|
||
| - **AWS CloudFormation:** CloudFormation is an Infrastructure-as-Code (IaC) service that allows you to define and provision AWS infrastructure resources in a declarative template. You can create, update, and delete resources as a single unit. | ||
|
|
||
| - **Templates:** CloudFormation templates are written in JSON or YAML and can describe a wide range of AWS resources and their relationships. | ||
|
|
||
| - **Stacks:** Stacks are sets of AWS resources created and managed together using CloudFormation templates. | ||
|
|
||
| ## 15. Serverless Application Model (SAM) | ||
|
|
||
| - **AWS SAM:** SAM is an open-source framework for building serverless applications. It extends AWS CloudFormation to simplify the deployment of serverless resources like AWS Lambda functions, API Gateway, and DynamoDB tables. | ||
|
|
||
| - **Local Testing:** SAM allows you to test your serverless applications locally before deploying them to the AWS cloud. | ||
|
|
||
| - **Resource Definitions:** SAM templates define serverless resources using a simplified syntax, making it easier to work with serverless applications. | ||
| ## 16. Amazon VPC Peering | ||
|
|
||
| - **VPC Peering:** Amazon VPC Peering allows you to connect two Amazon Virtual Private Clouds (VPCs) and route traffic between them using private IP addresses. It enables communication between resources in different VPCs as if they were on the same network. | ||
|
|
||
| - **Transitive Peering:** VPC peering is not transitive, meaning if VPC A is peered with VPC B and VPC B is peered with VPC C, VPC A cannot directly communicate with VPC C. Additional peering connections or a transit VPC may be required. | ||
|
|
||
| ## 17. Amazon EFS (Elastic File System) | ||
|
|
||
| - **Amazon EFS:** EFS is a managed file storage service that provides scalable, highly available, and durable file storage for EC2 instances. It can be accessed concurrently by multiple instances, making it suitable for shared file systems. | ||
|
|
||
| - **Mount Targets:** EFS uses mount targets in your VPC to make the file system available to EC2 instances. You can mount an EFS file system on multiple instances simultaneously. | ||
|
|
||
| ## 18. Amazon SNS (Simple Notification Service) | ||
|
|
||
| - **Amazon SNS:** SNS is a fully managed messaging service that enables you to send messages or notifications to a distributed set of recipients via various communication protocols (e.g., email, SMS, HTTP, Lambda). | ||
|
|
||
| - **Publish-Subscribe Model:** SNS follows a publish-subscribe model, allowing multiple subscribers to receive messages published to specific topics. It is often used for event-driven communication. | ||
|
|
||
| ## 19. AWS Direct Connect | ||
|
|
||
| - **AWS Direct Connect:** Direct Connect provides dedicated network connections from your on-premises data centers to AWS. It offers a more reliable, lower-latency connection compared to the public internet for data transfer and accessing AWS services. | ||
|
|
||
| - **Virtual Interfaces:** Direct Connect allows you to create virtual interfaces (private or public) to connect to AWS services or your VPCs. | ||
|
|
||
| ## 20. AWS Organizations | ||
|
|
||
| - **AWS Organizations:** AWS Organizations is a service for managing multiple AWS accounts centrally. It enables you to create and manage member accounts, apply policies, and consolidate billing and cost management. | ||
|
|
||
| - **Consolidated Billing:** With AWS Organizations, you can consolidate billing across multiple AWS accounts to simplify cost tracking and management. | ||
|
|
||
| - **Service Control Policies (SCPs):** SCPs allow you to set fine-grained permissions and control access to AWS services and resources within member accounts. | ||
|
|
||
| ## 21. AWS Lambda Layers | ||
|
|
||
| - **AWS Lambda Layers:** Layers are a distribution mechanism for libraries, custom runtimes, and other function dependencies in AWS Lambda. You can include common code or resources across multiple Lambda functions. | ||
|
|
||
| - **Versioning and Publishing:** Layers can be versioned and published, allowing you to manage updates and share code or data consistently among your functions. | ||
|
|
||
| ## 22. AWS Glue | ||
|
|
||
| - **AWS Glue:** AWS Glue is a fully managed ETL (Extract, Transform, Load) service that simplifies the process of preparing and loading data for analytics. It can automatically discover, catalog, and transform data from various sources. | ||
|
|
||
| - **Data Catalog:** Glue Data Catalog acts as a central metadata repository, making it easier to search and discover data for analytics and reporting. | ||
|
|
||
| - **ETL Jobs:** Glue allows you to create and run ETL jobs using Python or Scala, making it accessible for data engineers and analysts. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,100 @@ | ||
| # Microsoft Azure Concepts | ||
|
|
||
| Microsoft Azure is a comprehensive cloud computing platform provided by Microsoft. Here are some fundamental concepts to understand when working with Azure: | ||
|
|
||
| ## 1. **Azure Regions and Availability Zones** | ||
| - **Region:** Azure has multiple datacenter regions globally, each consisting of one or more datacenters. Regions allow you to deploy resources in specific geographic locations, taking into account data residency and latency requirements. | ||
| - **Availability Zone:** Availability Zones are unique physical locations within an Azure region. They provide high availability by hosting resources in separate datacenters with independent power, cooling, and networking. | ||
|
|
||
| ## 2. **Virtual Machines (VMs)** | ||
| - **Virtual Machine (VM):** Azure VMs are scalable and fully configurable virtualized computing instances. You can choose from a variety of VM sizes and operating systems to meet your application requirements. | ||
| - **Azure Marketplace:** The Azure Marketplace offers pre-configured VM images and templates for various applications and services. | ||
|
|
||
| ## 3. **Azure Storage** | ||
| - **Azure Storage:** Azure provides scalable and highly available cloud storage services, including Blob Storage (for unstructured data), File Storage (for file shares), Table Storage (NoSQL), and Queue Storage (messaging). | ||
| - **Azure Blob:** Blob Storage is used for storing binary and text data, such as images, videos, and backups. | ||
|
|
||
| ## 4. **Azure Active Directory (Azure AD)** | ||
| - **Azure Active Directory (Azure AD):** Azure AD is Microsoft's cloud-based identity and access management service. It allows you to manage user identities and enable single sign-on (SSO) to various Azure and third-party applications. | ||
| - **Azure AD Tenant:** Each Azure AD instance is known as a tenant and represents an organization's identity store in Azure. | ||
|
|
||
| ## 5. **Azure Resource Manager (ARM)** | ||
| - **Azure Resource Manager (ARM):** ARM is the deployment and management service for Azure. It allows you to create, update, and manage Azure resources using templates and declarative definitions. | ||
| - **ARM Templates:** ARM templates are JSON files that define the resources and their configurations in an Azure deployment. | ||
|
|
||
| ## 6. **Azure Functions** | ||
| - **Azure Functions:** Azure Functions is a serverless compute service that allows you to run event-driven code without managing infrastructure. You can trigger functions in response to various events. | ||
| - **Triggers:** Functions can be triggered by events such as HTTP requests, Azure Storage changes, or message queue messages. | ||
|
|
||
| ## 7. **Azure Load Balancer** | ||
| - **Azure Load Balancer:** Azure Load Balancer distributes incoming network traffic across multiple VM instances to ensure high availability and reliability for applications. | ||
| - **Frontend IP Configuration:** Load Balancer has frontend and backend IP configurations to route traffic to the appropriate VMs. | ||
|
|
||
| ## 8. **Azure SQL Database** | ||
| - **Azure SQL Database:** Azure SQL Database is a managed relational database service based on Microsoft SQL Server. It offers high availability, scalability, and automatic backups. | ||
| - **Elastic Pools:** Elastic Pools allow you to manage and scale multiple databases together for cost optimization. | ||
|
|
||
| ## 9. **Azure Virtual Network (VNet)** | ||
| - **Azure Virtual Network (VNet):** VNet is a network isolation and segmentation service that allows you to create private, isolated network environments for your Azure resources. | ||
| - **Subnet:** Subnets within a VNet help organize resources and define network security rules. | ||
|
|
||
| ## 10. **Azure DevOps** | ||
| - **Azure DevOps:** Azure DevOps provides a set of tools for software development, including version control, continuous integration, and continuous delivery (CI/CD). | ||
| - **Azure DevOps Services:** Azure DevOps Services offers cloud-based tools for collaboration and DevOps practices. | ||
| ## 11. Azure Kubernetes Service (AKS) | ||
|
|
||
| - **Azure Kubernetes Service (AKS):** AKS is a managed Kubernetes container orchestration service. It simplifies the deployment, management, and scaling of containerized applications using Kubernetes. | ||
|
|
||
| - **Node Pools:** AKS allows you to create and manage node pools with different configurations to accommodate varying workloads. | ||
|
|
||
| ## 12. Azure Functions Premium Plan | ||
|
|
||
| - **Azure Functions Premium Plan:** In addition to the Consumption and Dedicated (App Service) plans, Azure Functions offers a Premium Plan that provides more advanced features, including VNET integration, longer execution timeout, and enhanced performance. | ||
|
|
||
| ## 13. Azure Logic Apps | ||
|
|
||
| - **Azure Logic Apps:** Azure Logic Apps is a serverless workflow automation service that allows you to create workflows and integrate with various Azure and external services. It's used for orchestrating complex business processes. | ||
|
|
||
| - **Connectors:** Logic Apps use connectors to interact with external services and systems, making it easy to create automated workflows. | ||
|
|
||
| ## 14. Azure Key Vault | ||
|
|
||
| - **Azure Key Vault:** Azure Key Vault is a secure, centralized service for managing and safeguarding cryptographic keys, secrets, and certificates used by cloud applications and services. It helps protect sensitive information. | ||
|
|
||
| - **Managed HSM:** Azure Key Vault offers Hardware Security Module (HSM)-backed keys for enhanced security. | ||
|
|
||
| ## 15. Azure Synapse Analytics (formerly SQL Data Warehouse) | ||
|
|
||
| - **Azure Synapse Analytics:** Azure Synapse Analytics is an analytics service that combines enterprise data warehousing and big data analytics into one unified platform. It allows you to analyze large volumes of data and perform data transformations. | ||
|
|
||
| - **Data Integration:** Synapse Analytics provides data integration capabilities to ingest and prepare data from various sources for analysis. | ||
|
|
||
| ## 16. Azure DevTest Labs | ||
|
|
||
| - **Azure DevTest Labs:** DevTest Labs is a service that enables developers and testers to create and manage environments for development, testing, and training. You can control costs and resources through policies. | ||
|
|
||
| - **Artifacts:** DevTest Labs allows you to define and share artifacts (like pre-configured VM images) for quick environment setup. | ||
|
|
||
| ## 17. Azure Firewall | ||
|
|
||
| - **Azure Firewall:** Azure Firewall is a managed network security service that provides high availability, scalability, and advanced security features to protect your Azure Virtual Network resources. | ||
|
|
||
| - **Application Rules:** Azure Firewall supports application rules to allow or deny outbound traffic to specific FQDNs (Fully Qualified Domain Names). | ||
|
|
||
| ## 18. Azure Databricks | ||
|
|
||
| - **Azure Databricks:** Azure Databricks is an Apache Spark-based analytics platform optimized for Azure. It provides a collaborative environment for data scientists, engineers, and analysts to work with big data and machine learning. | ||
|
|
||
| - **Integration:** Databricks integrates with various Azure services like Azure Data Lake Storage, Azure SQL Data Warehouse, and Azure Machine Learning. | ||
|
|
||
| ## 19. Azure Cosmos DB | ||
|
|
||
| - **Azure Cosmos DB:** Cosmos DB is a globally distributed, multi-model database service designed for high availability and low-latency access. It supports various data models, including document, key-value, graph, and column-family. | ||
|
|
||
| - **Multi-Model API:** Cosmos DB allows you to choose from different APIs (e.g., SQL, MongoDB, Cassandra) to interact with your data. | ||
|
|
||
| ## 20. Azure Sentinel | ||
|
|
||
| - **Azure Sentinel:** Azure Sentinel is a cloud-native Security Information and Event Management (SIEM) service that provides intelligent security analytics for threat detection and response across your organization's resources. | ||
|
|
||
| - **Security Connectors:** Sentinel integrates with a wide range of Microsoft and third-party security solutions to collect and analyze security data. |
Oops, something went wrong.