Cloud Concepts Dive Deep

AWS Disaster Recover Strategies

Disaster recovery refers to how we restore the services & data when the system fails of services goes down

Active/Passive Strategies
  •    Backup-Restore (RPO & RTO in hours)
  •    Pilot-Light  (Services Idle / RPO & RTO in 10s of minutes)
  •    Warm-Standby (Always running / RTO & RPO in minutes)
  •  Multi-Region  (RPO & RTO in real time)
RPO - Recovery Point Objective is mainly concerned about the Data Loss
RTO - Recovery Point Objective is mainly concerned about the Down Time 

Difference between NACL & Security Groups



NACLs works as firewalls for SubNets

SGs acts as Firewalls for EC2 instances

NACLs are State Less

SGs are State Full

Change applied to an incoming rule isn't
automatically applied to an outgoing rule

Any changes applied to an incoming rule will be automatically applied to the outgoing rule

NACL rule can either allow or deny traffic

SGs rules are always permissive;
We can't create SG rule that deny access            

By default, NACLs allow all inbound and outbound traffic

By default, SGs allow all outbound traffic

Authentication vs Authorization
  • Authentication is the process of verifying who someone is (Providing access credentials). Authentication validates a user's identity.
  • Authorization is the process of verifying what specific applications, files, and data a user has access to (Assigning the roles and groups). Authorization grants that user permission to access a resource

Symmetric Encryption & Asymmetric Encryption

  • Symmetric encryption uses one key for both encryption and decryption. Example for Symmetric encryption are AES, DES
  • Asymmetric encryption uses two separate keys, one for encryption and another for decryption. Example for Asymmetric encryption is SFTP, SSH, SCP which uses RSA or DSA keys as public and private keys

Note : 

  • AWS KMS supports both symmetric and asymmetric encryption
  • SSL/TLS uses both asymmetric and symmetric encryption

Cloud Computing

Cloud computing is the on-demand delivery of IT resources over the Internet with pay-as-you-go pricing.

Serverless Computing

A serverless architecture is a way to build and run applications and services without having to manage infrastructure.

NAT - Network Address Translation 
  • It's a way to map multiple local private addresses to a public one before transferring the information.
  • NAT device used to allow instances in private subnets to connect to the internet

CI/CD - Continuous Integration and Continuous Delivery 
  • Continuous integration is a DevOps software development practice where developers regularly merge their code changes into a central repository
  • Continuous delivery is where code changes are automatically built, tested, and prepared for a release to production
AWS Provides various tools to strategize the CI/CD pipeline
  • CodePipeline - Like an uDeploy
  • CodeCommit - Like an SVN,GitHub
  • CodeBuild - Like a Jenkin
  • CodeDeploy-ElasticBeanStack
  • CodeStar - It is for testing the project resources, et a holistic view of your projects.
  • CodeArtifect - It is for storing and retrieving the code/package dependencies
  • CodeGuru - Machine Learning powered service for automated code reviews and application performance recommendation.



            Capital Expenditures

            Operating Expenses

            (CAPEX) is an expenses incurred in order to create long-term benefits in the future

            (OPEX) is an expense required for the day-to-day functioning of a business

            Difference Between Views and Materialized Views


            Materialized View

            Views are not stored physically on the disk

            Materialized views are stored physically on the disk

            View is a virtual table created as result of the query

            Materialized views are snapshot of the base table

            A view is updated automatically when the query creating that view executes

            But the Materialized view is updated manually or by applying triggers to it

            Views are not precomputed

            Materialized views are precomputed

            Views responds slower than the Materialized View

            Materialized View responds faster

            ACID - Atomicity, Consistency, Isolation, Durability

            CDN - Content Delivery Network
            • Content delivery networks provide a globally-distributed network of proxy servers that cache content, such as web videos or other bulk media.
            • CDN reduces the load on application origin and improves user experience

            Difference between Relational Databases & NoSQL Databases

            Relational Databases (RDBMS)

            NoSQL Databases

            RDMS stores data in Rows and Column format

            NoSQL stores the data in Key Value and Document format

            Oracle, MySQL, PostgreSQL

            DynamoDB, MongoDB, MariaDB

            Relational Databases are used for OTLP, OLAP applications

            NoSQL databases are used for low-latency applications like Social Media, Gaming applications

            Relational databases provides Schema and Table like structure

            NoSQL Doesn't support  Schema and Table like structure

            Relational DBs can be queried using the SQL statements

            NoSQL DBs can be queried using the APIs


            Types of NoSQL Databases

            • Key-value
            • Document
            • In-memory
            • Search

            What is IOPs

            • Input/output operations per second
            • Which measures how fast data can be transferred from contiguous storage locations
            • IOPS can be used to measure storage performance


            Throughput refers to how much data can be transferred from one location to another in a given amount of time


            Latency is how long does it takes for a data to travel between its source and destination, total round trip time. 


            • Is the ability for a system to remain in operation even if some of the components used to build the system fail
            • Is the ability of a system to withstand the failure
            Horizontal Vs Vertical Scaling
            • Horizontal scaling means that you scale by adding more ec2 machines into your pool of resources
            • Vertical scaling means that you scale by adding more power (CPU, RAM) to an existing ec2 machine

            Tools used to gauge the network throughput/issues
                tracert or traceroute
                AWS CloudWatch
                Elastic Network Adapter (ENA) 
                NewRelic & DataDog

            CIDR - Class Less Inter Domain Routing

                CIDR used for specifying a range to IP addresses in format of IPv4 or IPv6

            WAF - Web Application Firewall

            •  Used to protect the web applications from threats like SQL Injections, Web Exploits &  Bots  that may  affect availability and security.
            •  WAF helps to black listing and Whitelisting the IPs addresses
            •  WAF works well with CloudFront, API Gateway and ALB
            DOS - Denial of Service
            DDoS - Distributed Denial of Service

            Difference between the Containers and Server less

             Containers are hosted in the cloud, but cloud providers do not update or maintain them. Customer/Vendors have to manage and update each containers they deployed.

            Containers take longer to set up initially than server less functions because it is necessary to configure system settings, libraries, and so on

            Once configured, containers take only a few seconds to deploy

            Containers give developers more control over the environment the application runs in.

            Containers run the same no matter where they are deployed, making it relatively simple to test 

            Containers are constantly running, and therefore cloud providers have to charge for the server space even if no one is using the application at the time

            Persistent storage issue with the containers: data doesn't persist when that container go down

             In server less architecture customers are being charged only when the application code is being executed (Lambda)

            Server less takes milliseconds to deploy since those do not come up with system dependencies

            It is difficult to test server less web applications because the backend environment is hard to replicate on a local environment

            Elastic IP

            • When we start and stop an EC2 instance, the public IP of the machine will change
            • If we want to have a fixed public IP we need an Elastic IP
            • An Elastic IP is a Public IPv4
            • We don’t pay for the Elastic IP if it’s assigned to the server & we pay only when it is not assigned
            • Default limit for an account is 5 Elastic IPs
            Address Resolution Protocol (ARP) is a protocol or procedure that connects an ever-changing Internet Protocol (IP) address to a fixed physical machine address, also known as a media access control (MAC) address

            LAMP Stack 
            • Is a set of open-source software that can be used to create websites and web     applications
            •  Linux, Apache, MySQL, PHP

            Synchronous and Asynchronous Calls

            Linux command used for searching


            Difference between TCP and UDP



            TCP is a connection-oriented protocol

            UDP is a connectionless protocol

            TCP is slower

            UDP is faster

            TCP uses handshake protocol

            UDP uses no handshake protocols

            For Ex : SFTP, SSL, SCP

            For Ex : VPN, VOIP, Online Games & Media Streaming

            Difference between TCP and HTTP



            Transmission Control Protocol

            Hyper Test Transfer Protocol

            TCP is connection oriented protocol

            HTTP is connection less protocol

            Layer 4

            Layer 7

            TCP is slower

            HTTP is faster

            TCP operates 3-way communication

            HTTP operates single-way communication


            OSI Reference Model (Open System Interconnection)


            Application Layer

            HTTP, SFTP, FTP, SSH, DNS


            Presentation Layer



            Session Layer

            API's, Sockets


            Transport Layer

            TCP, UDP


            Network Layer

            IP, IPSec, ICMP


            DataLink Layer

            Ethernet, Bridge, Switch


            Physical Layer

            Fiber, Coax, Wireless

            Difference between Normalization and Denormalization of data



            Process of organizing data in a database by reducing the redundancy

            Is a technique in which we add the duplicate data to one or more table

            Maintain Data Integrity

            Doesn't Maintain Data Integrity

            For Ex : OLTP Databases

            For Ex: OLAP / Data Warehouse Databases

            Used when high intensive INSERT/UPDATE/DELETE operations are performed

            Used when expensive joins are required & frequent read queries are executed

            Number of tables are less

            Number of tables are more

            Normalization uses optimized memory and hence faster in performance

            Denormalization introduces some sort of wastage of memory

            • Hypervisor is a software program helps to run multiple virtual machines on a single computer hardware
            • The new hypervisor for AWS EC2 is a component that delivers memory isolation and CPU for all the C5 instances

            JSON Vs XML



            JavaScript Object Notation

            Extensible markup language

            It is a way of representing objects

            It is a way of representing Data Items using tags

            It does not provides any support for namespaces

            It supports namespaces

            It supports array

            It doesn’t supports array

            It supports only UTF-8 encoding

            It supports various encoding

            Monolithic Vs Microservices




            A monolithic application is built as a single and indivisible unit

            Microservices architecture breaks the software architecture  into a collection of smaller independent units



            Traditional Approach

            Modern Approach

            Hard to scale

            Easy to scale


            Discuss durability vs availability

            3 Tier architecture with a static content

            A three-tier architecture is a software architecture pattern where the application is broken down into three logical tiers: The Presentation Layer, Application Layer (Logic Tier) and the Data Storage Layer

            This architecture is used in a client-server application such as a web application that has the frontend, the backend and the database.

            As far as the static content is concerned we can host the static content on the S3 and can use the CloudFront to distribute the content and cache the data at edge location for low latency

            We can host the database on the private subnet for better security and application on the public subnet

            Difference between WAF and Firewall

            Steps involved from entering a web address on browser to you get access

            Difference between horizontal and vertical scaling?
            What's Monolithic vs Microservices? Use cases for each?
            Difference between Database vs. Data Warehouse?
            Tell me What is a hypervisor?
            Layer 4 and Layer 7 load balancer and how they work?
            how would you horizontally and/or vertically scale a multi-tier architecture?
            Clustered database environment. and how do you expand and enlarge if need be?
            Difference between a cluster and mirroring?
            What is RAID 1 and 5
            What is an index used for?
            How would the migration of a company's infrastructure be carried out with the shortest possible downtime?
            explain how secure TLS communication works?
            what is DevSecOps? what is the difference between DevOps and DevSecOps
            What is DNS? Could you please explain the whole process of how DNS works?
            Could you please explain how SSL handshake happens step by step?
            What is the difference between a Docker container and a Docker image?
            What is Copy on Write in Docker?
            How is NoSQL is more scalable than the SQL databases?
            describe blue/green deployment?
            What is CAP theorem?
            what are application development methodology did you use?
            How does the internet work?
            Partitioning data. why important
            AVRO vs ORC vs Parquet
            what is RAID. what is RAID-10. what are 2 other types of RAID.
            how would you horizontally scale a multi-tier architecture at the top level (network)?
            what is RAID. what is RAID-10. what are 2 other types of RAID.
            what is layer 3 of the OSI model. Describe
            Load Balancer? What is HTTP Socket? What is reverse proxy ? Components of HTTP call?
            What is fan and nest storage ?
            Difference between encryption and hashing ?
            What is indexing ? Give the example of bad index. Why is it a bad index ? How does indexing work ? A connection to database is made using an app, but it's not returning a response. How do you debug this ?
            What is HTTP Socket? What is reverse proxy ? Components of HTTP call?
            What's Datalake vs Data Warehouse?
            What's Monolithic vs Microservices?
            What's level 7 load balancer?
            Map reduce Broadcast , multicast, unicast?
            App service vs web service
            SCSI disk?
            what is layer 2 and 3 on OSI model
            IDS, IPS
            What are the levels of RAID
            MPLS, HDFS, OSI Model, DataWarehouse, MicroServices, Sharding,
            why you should use a CDN for a object with a zero TTL?
            What is the difference between an IPSec and an SSL VPN
            Discuss SSD vs traditional disk
            What is a Bastion host?
            Where are customer encryption keys stored
            How would you mitigate a DOS?
            What are the RAID levels
            What are the benefits of ci/cd
            What else would you do for a high volume distributed app web site
            What is database indexing and why is it important
            Troubleshoot a webpage that can't access the DB Troubleshoot why you can't access a webpage server
            What is MSA
            If you collected logs and wanted to store them for 14 days then move them over to permanent storage for a few years how would you do this How would you analyze objects stored in S3 and share them with users
            What ports do databases use 
             Describe how you would build a content delivery network from scratch by coding it
            What are the steps involved in migrating customer application from Azure cloud to AWS.
            What is "MQTT"?
            How do you stop apache service
            What is Virtualization? What is a Hypervisor and how does it work to distinguish multiple VMs running on it and isolate them from the underlying h/w?


            No comments:

            Post a Comment

            Featured Post

            Cloud : A Trendsetter Technology