IBM Cloud Professional
Certification Program
Study Guide Series
Exam C5050-380 - IBM Certified Solution Architect - Cloud Platform Solution V2
Purpose of Exam Objectives ...... 2
High-level Exam Objectives ...... 2
Detailed Exam Objectives ...... 4 Section 1 - Understanding Cloud Infrastructure Design Concepts ...... 4
Section 2 - Planning for a Cloud Infrastructure ...... 11
Section 3 - Architecting a Cloud Infrastructure ...... 19
Section 4 - Managing a Cloud Infrastructure ...... 31
Next Steps ...... 36
Purpose of Exam Objectives
When an exam is being developed, the Subject Matter Experts work together to define the role the certified individual will fill. They define all of the tasks and knowledge that an individual would need to have in order to successfully implement the product. This creates the foundation for the objectives and measurement criteria, which are the basis for the certification exam.
The Middleware Certification item writers use these objectives to develop the questions that they write and which will appear on the exam.
It is recommended that you review these objectives. Do you know how to complete the task in the objective? Do you know why that task needs to be done? Do you know what will happen if you do it incorrectly? If you are not familiar with a task, then go through the objective and perform that task in your own environment. Read more information on the task. If there is an objective on a task there is about a 95% chance that you WILL see a question about it on the actual exam.
After you have reviewed the objectives and completed your own research, then take the assessment exam. While the assessment exam will not tell you which question you answered incorrectly, it will tell you how you did by section. This will give you a good indication as to whether you are ready to take the actual exam or if you need to further review the materials.
Note: This is the high-level list of objectives. As you review these objectives, click for a more detailed level of how to perform the task. High-level Exam Objectives Section 1 - Understanding Cloud Infrastructure Design Concepts
1.1 Define Cloud delivery models
1.2 Differentiate between Cloud and legacy delivery models Understand the foundational components of Cloud infrastructure and related 1.3
terminology 1.4 Outline the requirements of integration in a Cloud environment
1.5 Articulate knowledge of implementing a secure Cloud environment 1.6 Outline the challenges of meeting compliance in a Cloud environment Define the impact of Cloud characteristic on service delivery models and how they 1.7
differ from the traditional IT model 1.8 Explain IBM's Cloud point of view and core differentiators Section 2 - Planning for a Cloud Infrastructure
2.1 Understand where customers are in current cloud transformation
2.2 Review the client's current environment to identify required functional changes Identify key requirements and considerations to produce a comprehensive plan for 2.3 setting up a cloud environment Identify the security and network requirements to support the infrastructure, 2.4
applications, and services Understand the considerations for workload migration to a Cloud infrastructure 2.5
solution Section 3 - Architecting a Cloud Infrastructure
3.1 Incorporate virtualization into Cloud solution architecture Identify pertinent "as a service" solutions and explain their use in creating, 3.2 building, and operating a Cloud environment
3.3 Understand Cloud Service Management and Operations Leverage the benefit and challenges of a distributed infrastructure vs a 3.4
consolidated infrastructure Articulate the different IBM provisioning solution as it pertains to Cloud 3.5
infrastructure Architect a security solution security to protect infrastructure, applications, and 3.6
services Architect a solution to provide storage capacity, data protection and recovery to 3.7
support the infrastructure, applications, and services
3.8 Architect an elastic and scalable environment Section 4 - Managing a Cloud Infrastructure Validate that the Cloud Infrastructure Architecture design follows the IBM Cloud 4.1
Service Management framework Describe analytic capabilities as it pertains to predicting and improving future 4.2 performance based on patterns 4.3 Describe accounting and billing strategies for a cloud environment Detailed Exam Objectives
Section 1 - Understanding Cloud Infrastructure Design Concepts 1.1. Define Cloud delivery models SUBTASKS: 1.1.1. Understand the key differentiators of the various cloud delivery (deployment) models 1.1.1.1. Cloud provider – internal or external 1.1.1.2. Consumer tenancy 1.1.1.3. Cloud location 1.1.2. Describe the public cloud delivery model 1.1.2.1. Public cloud is a style of computing where scalable and elastic IT-enabled capabilities are provided as a service to multiple concurrent external customers (multi-tenant) using internet technologies from the providers location 1.1.3. Describe the private cloud delivery model 1.1.3.1. A private cloud provides the cloud computing style of delivery to only one organization (single tenant) through various forms of resource and service isolation 1.1.3.2. Private cloud hosting varies across a spectrum of possibilities – from being provided in a public cloud-like hosted (albeit single tenant) service to external customers that use internet technologies to being on an enterprises own IT and managed by its own IT organization 1.1.4. Describe hybrid cloud 1.1.4.1. The connection of one or more clouds to existing on-premises systems and the connection of one or more clouds to other clouds 1.1.4.2. For most existing enterprises, hybrid cloud is the path to cloud – and is the most impactful, enabling and adopted method 1.1.5. Describe IBM’s multi-delivery model approach to support putting the right workload in the right place 1.1.5.1. Public, Dedicated, and Local
1.2. Differentiate between Cloud and legacy delivery models SUBTASKS: 1.2.1. Understand and articulate key characteristics of the infrastructure that is associated with legacy delivery models 1.2.1.1. Buy what you need, then maintain and operate it (CapEx + OpEx) 1.2.1.2. Physical data centers with virtualized (or not) compute/storage/networking 1.2.1.3. Generally static consumption; scale with consistency 1.2.1.4. Controlled access and consumption 1.2.1.5. Highly managed 1.2.1.6. Varying degrees of automation 1.2.1.7. IT delivered resources 1.2.1.8. Resource provisioning is hard and slow 1.2.1.9. On-premises 1.2.1.10. Reliable hardware 1.2.1.11. Secure 1.2.1.12. Compliant 1.2.2. Understand and articulate key characteristics of the infrastructure that is associated with (hosted) cloud delivery 1.2.2.1. Rent what you need, only when you need it (OpEx) 1.2.2.2. Virtualized data centers, including compute/storage/networking 1.2.2.3. Elastic consumption 1.2.2.4. Flexible 1.2.2.5. Management of the service primitives (only) 1.2.2.6. Heavily automated and software defined 1.2.2.7. Self-service consumption 1.2.2.8. Resource provisioning is easy and quick 1.2.2.9. Commodity hardware 1.2.2.10. Off-premises (mostly) 1.2.2.11. Secure 1.2.2.12. Varying degrees and availability of compliant environments
1.3. Understand the foundational components of cloud infrastructure and related terminology SUBTASKS: 1.3.1. Articulate the key characteristics of the compute (CPU) resources that are used in cloud delivery 1.3.1.1. Processor types and capacity 1.3.1.2. Performance and management capabilities 1.3.1.3. Abstractions (for example, virtualization) 1.3.1.4. Best practices in infrastructure design that uses compute resources, including reference architectures and patterns 1.3.2. Articulate the key characteristics of the storage resources that are used in cloud delivery 1.3.2.1. Storage types (block, file, object) and when to use each 1.3.2.2. Performance and management capabilities 1.3.2.3. Abstractions (for example, SAN and software-defined storage) 1.3.2.4. Best practices in infrastructure design by using compute resources, including reference architectures and patterns 1.3.3. Articulate the key characteristics of the network resources that are used in cloud delivery 1.3.3.1. Network types and resources considering connections and bandwidth (for example, firewalls and other security mechanisms) 1.3.3.2. Performance and management capabilities 1.3.3.3. Abstractions (for example, software-defined network) 1.3.3.4. Best practices in infrastructure design by using networking resources, including reference architectures and patterns 1.3.4. Describe cloud infrastructure management resources and capabilities 1.3.4.1. OpenStack and the OpenStack ecosystem 1.3.4.2. IBM offerings: IBM Cloud Orchestrator, IBM Bluemix Private Cloud (Bluebox), IBM Bluemix Infrastructure (SoftLayer), Cloud Managed Services, Pure Application, and so on.
1.4. Outline the requirements of integration in a Cloud environment SUBTASKS: 1.4.1. Describe some common drivers of cloud environment integration 1.4.1.1. Need to unlock existing data and applications to build on what an enterprise has today and only change what needs to change. 1.4.1.2. To enable and accelerate the digital transformation that is required to disrupt – and to avoid being disrupted. 1.4.1.3. To support enterprise requirements for both IT flexibility and control. 1.4.2. Identify key challenges of an integrated cloud environment 1.4.2.1. Business processes and transactions span multiple environments that create new risk for security, visibility, and control at each touch point. 1.4.2.2. Positioning to maximize future flexibility to use any data, apps, services, and mobile devices as needs change going forward. 1.4.2.3. Enabling fast, secure access to the data, and only the data, applications need. Identifying, integrating, and analyzing the right data from the vast volumes and types available. 1.4.2.4. The reliability, availability, serviceability, and performance to enable the solutions to all these challenges. 1.4.3. Describe the services and techniques that are commonly used in a cloud environment to provide secure access for enterprise applications and data to cloud 1.4.3.1. Gateway and connector services to securely connect enterprise to the cloud. 1.4.3.2. Positioning data closer to the user. 1.4.3.3. API management services to expose applications and data sets across enterprise applications and into the API economy. 1.4.3.4. Virtualization and containerization
REFERENCES: IBM Hybrid integration - Cloud Solutions IBM Cloud Architecture Center: Hybrid Architecture Cloud Standards Customer Council: Practical Guide to Hybrid Cloud Computing
1.5. Articulate the knowledge of implementing a secure Cloud environment SUBTASKS:
1.5.1. Explain architectural concepts and design requirements 1.5.1.1. Architectural concepts and design requirements focused on the building blocks of cloud-based systems. 1.5.1.2. Understand cloud computing concepts such as roles like cloud service customer, provider, and partner and how they tie together to secure the architecture for cloud systems. 1.5.1.3. Ability to identify what a trusted cloud is, and what role certification against criteria plays in that identification using standards such as common criteria and FIPS 140-2. 1.5.1.4. Demonstrate a basic understanding of the relevant security and design principles of cloud computing such as: 1.5.1.4.1. Cryptography (for example, encryption, in motion, at rest, key management) 1.5.1.4.2. Access Control 1.5.1.4.3. Data and media sanitization (for example, overwriting, cryptographic erase) 1.5.1.4.4. Network security 1.5.1.4.5. Virtualization security (hypervisor security) 1.5.1.4.6. Common threats 1.5.1.4.7. Security considerations for different cloud categories (for example, SaaS, PaaS and IaaS) 1.5.1.4.8. Cloud based business continuity/disaster recovery planning 1.5.1.4.9. Functional security requirements (for example, portability, interoperability, vendor lock-in) 1.5.2. Explain Cloud Data Security 1.5.2.1. The cloud data security contains the concepts, principles, structure and standards that are used to design, implement, monitor and secure operating systems, equipment, networks, applications, and those controls that are used to enforce various levels of confidentiality, integrity, and availability. 1.5.2.2. Understand the concepts around data rights management (DRM), security information and event management (SIEM) at a high level to further understand the concepts around data auditability, traceability, data event logging, and data custody. 1.5.2.3. Understand key focus areas 1.5.2.3.1. Data encryption 1.5.2.3.2. Data Masking 1.5.2.3.3. Data discovery and classification 1.5.2.3.4. Date rights objectives (for example, provisioning, users, and roles, role-based access) 1.5.2.3.5. Data retention policies and procedures 1.5.2.3.6. Data archiving procedures 1.5.2.3.7. Data residency and secure storage 1.5.3. Explain Cloud Platform and Infrastructure Security 1.5.3.1. Knowledge of the cloud infrastructure components, both the physical and virtual, existing threats, and mitigating and developing plans to deal with those threats. 1.5.3.2. Understanding of business continuity planning (BCP), disaster recovery planning (DRP) to understand the current and future security posture of the cloud system. 1.5.3.3. Understand key focus areas 1.5.3.3.1. Explain risk assessments and analysis 1.5.3.3.2. Counter measure strategies (for example, access controls and design principles) 1.5.3.3.3. Physical and environmental protection (for example, on- premises) 1.5.3.3.4. System and communication protection 1.5.3.3.5. Management of identification, authentication and authorization in cloud infrastructure 1.5.3.3.6. Virtualization systems protection 1.5.3.3.7. Disaster recovery/business continuity strategy 1.5.3.3.8. Cloud infrastructure risk identification and mitigation 1.5.4. Explain Cloud Application Security: 1.5.4.1. Use of verified secure software 1.5.4.2. Understanding of cloud software assurance and validating process (e.g. cloud based functional testing, security testing (penetration testing) 1.5.4.3. Threat modeling 1.5.4.4. Identity and access management (IAM) solutions (e.g. federated identity, identity providers, single sign-on and multi-factor authentication) 1.5.4.5. Common application security vulnerabilities REFERENCES: https://www.isc2.org/ https://cloudsecurityalliance.org http://csrc.nist.gov/publications/PubsNISTIRs.html
1.6. Outline the challenges of meeting compliance in a Cloud environment SUBTASKS: 1.6.1. Define legal compliance 1.6.1.1. Legal Compliance – The act of minimizing the risk of loss or the risk of a negative impact stemming from a failure to comply with specific industry regulations or domestic or international law. 1.6.2. Understand specific compliance regulations 1.6.2.1. All Cloud Service Providers (CSPs) offering low or moderate impact cloud services to U.S. federal agencies must meet FedRAMP requirements 1.6.2.2. PCI (Payment Card Industry) Security Standards. security standards for account data protection 1.6.2.3. EU Data Protection Directive 1.6.3. Describe Governance Risk and Compliance (GRC) practices 1.6.3.1. Defining compliance requirements 1.6.3.2. Reporting compliance 1.6.3.3. Testing compliance and controls 1.6.3.4. Auditing compliance 1.6.4. Assess compliance requirements impacting the design of a Cloud environment 1.6.4.1. Identify compliance regulations 1.6.4.2. Describe how the client measures organizational compliance with each regulation. 1.6.4.3. Identify all compliance controls in place. 1.6.4.4. Define monitoring and logging requirements to support compliance testing, auditing and reporting.
REFERENCES: https://www.fedramp.gov/ https://www.hhs.gov/hipaa/for-professionals/privacy/ https://www.pcisecuritystandards.org/
1.7. Define the impact of Cloud characteristics on service delivery models and how they differ from the traditional IT model SUBTASKS: 1.7.1. Describe On-Demand Usage – A cloud consumer can unilaterally access cloud- based IT resources giving the cloud consumer the freedom to self-provision these IT resources. Once configured, usage of the self-provisioned IT resources can be automated, requiring no further human involvement by the cloud consumer or cloud provider. This results in an on-demand usage environment. Also known as "on-demand self-service usage," this characteristic enables the service-based and usage-driven features found in mainstream clouds. On-Demand Usage can drastically shorten the lead time for delivering new solutions, thereby decreasing solution development costs and increasing revenue potential 1.7.2. Explain Ubiquitous Access – Ubiquitous Access represents the ability for a cloud service to be widely accessible. Establishing ubiquitous access for a cloud service can require support for a range of devices, transport protocols, interfaces, and security technologies. Business can use the cloud delivery platform to increase their delivery channels both internally and externally. This increase can increase revenue opportunity and decrease internal operating costs. 1.7.3. Summarize Multi-tenancy (Resource pooling) – The characteristic of a software program that enables an instance of the program to serve different consumers (tenants) whereby each is isolated from the other, is referred to as multi-tenancy. A cloud provider pools its IT resources to serve multiple cloud service consumers by using multi-tenancy models that frequently rely on the use of virtualization technologies. In turn, this decreases resource requirements, decreases management costs, and decreases overall operating costs. 1.7.4. Describe Elastic Scaling (Elasticity) – Cloud services can be rapidly and elastically provisioned, in some cases automatically, to quickly scale out and rapidly released to quickly scale in. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be purchased in any quantity at any time. As opposed to designing systems for peak load which results in unused resources, elastic scaling means businesses use only what is required to meet their business goals and no more. 1.7.5. Explain Usage Based Billing (Measured Usage) – Cloud computing resource usage can be measured, controlled, and reported providing transparency for both the provider and consumer of the utilized service. Cloud computing services use a metering capability which enables to control and optimize resource use. This implies that just like air time, electricity or municipality water, IT services are charged per usage metrics – pay per use. The more you utilize the higher the bill. Just as utility companies sell power to subscribers, and telephone companies sell voice and data services, IT services such as network security management, data center hosting or even departmental billing can now be easily delivered as a contractual service. This means consumers can more closely align IT expenditures with business goals, and consumers do not pay for resources that they are not actively using. 1.7.6. Summarize Resiliency – Resilient computing is a form of failover that distributes redundant implementations of IT resources across physical locations. IT resources can be pre-configured so that if one becomes deficient, processing is automatically handed over to another redundant implementation. Within cloud computing, the characteristic of resiliency can refer to redundant IT resources within the same cloud (but in different physical locations) or across multiple clouds. Cloud consumers can increase both the reliability and availability of their applications by leveraging the resiliency of cloud-based IT resources.
REFERENCES: http://whatiscloud.com/cloud_characteristics/index http://www.isaca.org/groups/professional-english/cloud-computing/groupdocuments/e ssential%20characteristics%20of%20cloud%20computing.pdf
1.8. Explain IBM's Cloud point of view and core differentiators SUBTASKS: 1.8.1. Hybrid cloud is the path to the business outcomes you want. Hybrid is the connection of one or more clouds to on-premises systems and/or the connection of one or more clouds to other clouds 1.8.1.1. Speed: change only what you need to change to get value faster 1.8.1.2. Flexibility: position workloads to best deliver on business objectives 1.8.1.3. Innovation: leverage cloud services, open communities and emerging technologies (cognitive, Blockchain, IoT, etc.) to maximize opportunity. 1.8.1.4. Insight: combine your data with new sources of data to get to the best outcomes. 1.8.2. Articulate the five guiding principles 1.8.2.1. Choice with Consistency – means putting the right workload in the right place. Knowing that data is growing exponentially, customers are looking for options when it comes to web scale data. Some data will need to be local for a variety of reasons. Other data can be stored into the cloud to take advantage of flexibility and scalability. 1.8.2.2. Hybrid Integration – will represent the majority of workload because you’re always going to be connecting to something else. 1.8.2.3. DevOps productivity – If you look at the number of programmers out there building applications their world is changing. Instead of simply coding they have to be assembling and composing. They are going to take API's and micro services and quickly put them together in new and unique ways. 1.8.2.4. Powerful, Accessible Data and Analytics - The cloud has enabled the connection of data and data sources that were simply not possible previously – or at the very least not practical - without cloud. And we are able to do things and gain insights that are fundamentally transforming whole business models. 1.8.2.5. Cognitive Solutions – IBM made a deliberate decision to open up Watson technology to the world. Watson APIs are the cognitive building blocks to apply Watson’s capabilities. Watson APIs are available on Bluemix, and with Watson, partners and clients can build cognition into digital applications, products, and operations, using any one or combination of APIs.
REFERENCES: https://www.ibm.com/cloud-computing/?S_PKG=&cm_mmc=Search_Google-_-CA+C onsolidated+Advertising_CA+Cloud-_-NA_US-_-+ibm++cloud_Broad_&cm_mmca1=0 00004QF&cm_mmca2=2407&mkwid=fa5eefbe-340c-4504-91f2-152f6578cf9a|447|83 422
Section 2 - Planning for a Cloud Infrastructure 2.1. Understand where customers are in current cloud transformation SUBTASKS: Know and evaluate the customer’s current state and future state requirements. Many customers begin the cloud transformation journey consolidating, standardizing, virtualizing and automating existing on-premise environments. The path to hybrid delivery is typically based on a customer’s business objectives, maturity, risk profile and other technical factors. It is critical to assess and understand where customers are in their cloud journey. A Cloud Infrastructure Architect should lead a Cloud Readiness Workshop to assess and understand: 2.1.1. Business Drivers: 2.1.1.1. What business problems is the customer trying to solve and cannot with their current strategy. 2.1.1.2. Understand and identify constraints (i.e. funding, security requirements, people) 2.1.2. People: Identify key stakeholders. Moving to the cloud results in changing the way a business operates. Lack of executive sponsorship can result in resistance and inadequate funding resulting in failure. 2.1.3. Process: Operational & business processes. How do their current governance processes and change management practices work. 2.1.4. Technology: Identify and evaluate existing workloads and infrastructure 2.1.4.1. Workloads: Evaluate workloads or groups of applications identified to move to cloud. Can the workload be relocated to an IBM data center? 2.1.4.1.1. Vendor & vendor versions (i.e. OS, middleware) 2.1.4.1.2. Virtual vs. physical; how many provisioned per week on average 2.1.4.1.3. Network Management & future requirements 2.1.4.1.4. Storage Management & future requirements 2.1.4.1.5. Catalog Management & future requires 2.1.4.1.6. Security, audit & regulatory requirements (are there requirements that drive an on-prem solution only) 2.1.4.1.7. Monitoring & future requirements 2.1.4.1.8. High-Availability & Disaster Recovery requirements 2.1.4.1.9. How do they handle IP Address Management User Accounts, Backups, Storage, Patching, build repositories 2.1.4.2. Prioritization: Risk analysis or proofs of concept testing cloud underlying infrastructure and services. (Identify non-critical workloads that may be easier to move first into the cloud, followed by prioritization of higher visibility, critical applications) 2.1.4.3. Migration strategy: Understand timelines, requirements and dependencies and how the customer handles this currently 2.1.4.4. Reporting Requirements (organizational, departmental, global) 2.1.4.5. Metering & Elasticity 2.1.4.5.1. Do they currently utilize external providers? If yes, what are bursting requirements? 2.1.4.5.2. How are SLAs monitored and managed? 2.1.4.5.3. Do they have a need to track expenses and bill internally if on- prem cloud? 2.1.5. Gap Analysis 2.1.6. Training/Knowledge Transfer Requirements
2.2. Review the client's current environment to identify required functional changes SUBTASKS: 2.2.1. Describe the client’s IT Operational model as it exists today and their approach to design/build/run and how it is required to transform to a cloud operational model. 2.2.2. Identify if the client understands and has implemented shared services in their current IT Operational model, and leverage this capability for the transformation to a cloud operational model. 2.2.3. Review the client’s level of convergence and/or separation between server, network and storage components in order to evaluate their readiness for Cloud transformation. 2.2.4. Hardware Layer: Obtain the infrastructure component level mean time between failures (MTBF) metrics as they pertain to and are managed for a cloud operational model. 2.2.5. OS Layer: Assess OS level image rationalization and standardization etc. 2.2.6. Application Stack Layer: Analyze application image standardization and application deployment methods. Align workload related infrastructure requirements such as latency, collocation, data structures, transaction timing/security and version control; stateless vs. stateful. 2.2.7. Interconnection Layer: Understand the data structure, data sharing, and network multipoint implementation (latency, security, transaction etc.) SLA. 2.2.8. Availability/Redundancy/Continuity Layer: Re-architect for workload delivery, moving the architecture from individual server availability.
REFERENCES: http://www.ibm.com/developerworks/cloud/library/cl-cloudintro/ http://ibm.co/1P6TY8r
2.3. Identify key requirements and considerations to produce a comprehensive plan for setting up a cloud environment SUBTASKS: 2.3.1. Produce a comprehensive plan for supporting workloads in a cloud environment 2.3.1.1. Demonstrate knowledge of the common cloud infrastructure models 2.3.1.2. Describe workloads in a cloud context 2.3.1.3. Describe the process for determining the appropriate cloud deployment model 2.3.1.3.1. Steps in overall migration strategy 2.3.1.3.2. Methods for specific workload analysis and model determination 2.3.1.3.3. Understand the context of the cloud environment (how the system will interoperate with other systems), non-functional and functional requirements that will affect the design and resulting performance of the system. 2.3.1.4. Describe the functional and operational design of your cloud environment. 2.3.1.4.1. Specify the structure and behavior of the components of your cloud environment. 2.3.1.4.2. Describe the key functional components of you cloud environment 2.3.1.4.3. Describe the key services (application, platform and infrastructure) that will be used by the cloud solution and must be integrated into the Solution Design. 2.3.1.5. Develop a High-Level Component Model 2.3.1.6. Develop a High-Level Operational Model 2.3.1.7. Identify solutions to address general environmental requirements 2.3.1.7.1. Governance policies and service agreements 2.3.1.7.2. Connectivity requirements 2.3.1.7.3. Common security challenges 2.3.1.7.4. Compliance and regulatory requirements 2.3.1.7.5. Service management 2.3.1.8. Map common workload use cases to an expected cloud model 2.3.1.9. Identify the requirements, components, architecture, and IBM solutions for common workload patterns 2.3.2. Define requirements and plans for Back-up recovery 2.3.2.1. Assess current back-up and recovery workload for each key functional component. 2.3.2.2. Measure current back-up and recovery workloads against one or more target cloud environments as follows: 2.3.2.2.1. Assess resource capacity and software affinity 2.3.2.2.2. Assess ability of target cloud to meet specific workload non- functional requirements 2.3.2.2.3. Assess migration impact 2.3.2.2.4. Assess basic operational cost 2.3.2.2.5. Assess risk and quantify the potential application performance impact that may occur when the application infrastructure is moved 2.3.2.3. Create back-up and recovery application work flow diagrams with existing client data, if any. 2.3.2.3.1. Confirm application demographics 2.3.2.3.2. Identify critical business functions supported 2.3.2.3.3. Document end-to-end application flow by business function (service) 2.3.2.3.4. Identify any dependencies on other applications or other shared infrastructure 2.3.2.3.5. Identify application characteristics and communication protocols 2.3.2.3.6. Create an application flow diagram for each application of interest identifying end users (type and location), critical services required, and supporting IT infrastructure to support each identified service/transaction 2.3.2.3.7. Identify applications at risk due to potential effects of network latency. 2.3.3. Define requirements and plans for Data Recovery 2.3.3.1. Understand current disaster recovery procedure 2.3.3.2. Understand the the key metrics of Recovery Point Objective (RPO) and Recovery Time Objective(RTO) 2.3.3.2.1. Backup should be taken at the regular intervals for each component 2.3.3.3. Determine when image copies can be taken and what types of image copies need to be taken 2.3.3.3.1. Transaction log backups make up the second layer of the backup and recovery strategy 2.3.3.3.2. Transaction log backup intervals may be influenced by the method of synchronizing the primary and secondary system 2.3.3.4. Send/replication to offsite store for storage. 2.3.3.4.1. The image copies and backed up logs should not only be shipped to the secondary system, but also backed up to another system and then copied to tape in order to have copies both on-site (for quick recovery) and off-site (for disaster recovery). 2.3.4. Define requirements and plans for Continuity of Operations planning for a Cloud environment 2.3.4.1. Understand Continuity of Operations (COOP) 2.3.4.1.1. Identify Essential Functions (EFs) and ensure that those functions can be continued throughout, or resumed rapidly after, a disruption of normal activities. 2.3.4.1.2. Define conditions when the plan could be activated in response to a wide range of events or situations – from a fire in the building; to a natural disaster; to the threat or occurrence of a terrorist attack. Any event that makes it impossible for employees to work in their regular facility could result in the activation of the Continuity plan. 2.3.4.1.3. Plan COOP requirements for a Cloud environment a) Continuity Facilities – Locations, other than the primary facility, used to carry out essential functions, particularly in a continuity event. Continuity Facilities, or “Alternate facilities”, refers to not only other locations, but also nontraditional options such as working at home. (“teleworking”), telecommuting, and mobile-office concepts. b) Continuity Communications – Communications that provide the capability to perform essential functions, in conjunction with other agencies, under all conditions. Vital Records Management – the identification, protection and ready availability of electronic and hard copy documents, REFERENCES, records, information systems, data management software and equipment needed to support essential functions during a continuity situation. c) Back-up recovery plan d) Data Recovery plan 2.3.4.2. Describe the four Phases of Continuity of Operations Activation 2.3.4.2.1. Phase I - Readiness and Preparedness 2.3.4.2.2. Phase II - Activation and Relocation: plans, procedures, and schedules to transfer activities, personnel, records, and equipment to alternate facilities are activated 2.3.4.2.3. Phase III - Continuity Operations: full execution of essential operations at alternate operating facilities is commenced 2.3.4.2.4. Phase IV – Reconstitution: operations at alternate facility are terminated and normal operations resume 2.3.4.3. Describe IBM Continuity and Resiliency offerings 2.3.4.3.1. Resiliency Communications as a Service A high availability, cloud-enabled crisis/incident management service 2.3.4.3.2. Virtualized Server Recovery Recover your virtualized or physical servers on a virtualized cloud infrastructure at an IBM secure, hardened recovery center. 2.3.4.3.3. Cloud Data Virtualization Virtual instant recovery of critical data. 2.3.4.3.4. Data Availability as a Service Redefine disaster recovery and turn your dark data into new business value 2.3.4.3.5. Backup as a Service Managed backup services for public, private or hybrid cloud.
REFERENCES: http://www.ibm.com/services/us/en/it-services/business-continuity/draas/#resources
2.4. Identify the security and network requirements to support the infrastructure, applications, and services SUBTASKS: 2.4.1. Identify security requirements for a cloud environment 2.4.1.1. Identify the requirements for effective governance, risk and compliance processes (managing and servicing the cloud infrastructure) 2.4.1.2. Identify the audit operational and business processes 2.4.1.3. Identify the people, roles and identities for cloud infrastructure and network management 2.4.1.4. Identify the requirements for proper protection of data and information 2.4.1.5. Identify and gather requirements for organization and related system privacy policies 2.4.1.6. Identify and assess the security provisions for cloud applications 2.4.1.7. Identify the physical and virtual cloud networks and connections points and plan for the securing the external fence to the cloud system 2.4.1.8. Identify and evaluate security controls on physical infrastructure and facilities 2.4.1.9. Identify and call out the security terms in the cloud service agreement 2.4.1.10. Identify and understand the security requirements of the exit process. 2.4.2. Identification of network requirements for a cloud environment: 2.4.2.1. Private, Public, and Intra-Cloud networking 2.4.2.1.1. Balance of security with performance a) Network hops (latency) between application and platform servers, and client b) Encryption overheads with VPNs (IPSec, SSL) c) Non-encrypted connections 2.4.2.1.2. Connections to Public clouds a) Network QoS with various ISPs b) SLAs to ensure network availability and bandwidth 2.4.2.1.3. Intra-Cloud Connections a) Bandwidth of trunk links between Data Centers b) Architecting middleware and application location to minimize data movement 2.4.2.2. Network Hardware 2.4.2.2.1. Physical Ethernet and fiber channel networks a) Bandwidth b) Switches and routers c) Port Groups and VLAN tagging d) Firewall rules to allow or deny access to network devices and protocols e) Virtual Hardware: Virtual network adapters and switches – fully utilize HW and reduce costs. 2.4.2.3. Management Networks 2.4.2.3.1. Virtual server management networks: Used to provision, configure, administer, monitor, migrate, and delete the virtual servers. 2.4.2.3.2. Hardware management networks: Used to manage the physical infrastructure (Blades, blade chassis, switches, storage, Power Distribution Units). 2.4.2.4. Customer Networks 2.4.2.4.1. Provides access to virtual servers and customer applications. 2.4.2.4.2. SANs: Provides access to centralized, shared storage. 2.4.2.4.3. VLANs: Used to secure server and data access via network isolation. 2.4.2.4.4. Network Management/monitoring components: Used to administer the network and monitor the health of the network. 2.4.2.4.5. Server-side considerations 2.4.2.4.6. Outbound / Inbound requirements 2.4.2.4.7. TCP/IP configuration on various platforms, PowerVM / XEN / VMware / Linux / AIX / Windows etc.
REFERENCES: http://www.cloud-council.org https://cloudsecurityalliance.org http://csrc.nist.gov/publications/PubsNISTIRs.html
2.5. Understand the considerations for workload migration to a Cloud infrastructure solution SUBTASKS: 2.5.1. Assess existing applications for cloud readiness. 2.5.1.1. Cloud-Enabled or Cloud-Ready Applications: Applications that were originally developed for a traditional on-premises IT environment and have special requirements or restrictions (Such as OS dependencies) which may prevent them from leveraging all the benefits of a Cloud- Centric application. 2.5.1.2. Cloud-Native or Cloud-Centric Applications: Applications that are developed on and specifically for the cloud, and support the following capabilities: 2.5.1.2.1. Multi-tenancy 2.5.1.2.2. Automatic and elastic resource scaling 2.5.1.2.3. Integration that is based on open standards 2.5.1.2.4. Eventual consistency for data, which implies that, unlike a bank account that must be the same no matter where you log in to the account, the data might differ for short periods in different parts of the world, without harm, such as for weather forecasts, until all systems are updated consistently and periodically 2.5.1.2.5. Hyperscale applications to many requests (in the millions) from various devices, such as phones, tables, and the Internet of Things (IoT). 2.5.2. Assess existing data migration strategies 2.5.2.1. Big Bang Migration - Entire dataset is moved from source to target systems in one operation, usually during a planned outage. Advantages Disadvantages Shorter implementation time High risk Lower costs Small details or issues can be overlooked in the rush Pain and frustrations are Users have to learn the new condensed into one time period, system immediately – this could not drawn out result in a dip in performance No one has to operate their Testing of migration and post business in two different operating migration processes is even more systems critical Everyone in the company moves Failures in one part of the system forward on the same day can cause problems and failures in others Training needed only on the new system, not a changeover
2.5.2.2. Phased Migration – Dataset is parsed into multiple smaller datasets (Perhaps by department, by system, or by application) and will be migrated incrementally until there is nothing left to move. Advantages Disadvantages Less risk Longer implementation time to be fully converted Employees learn as they go – Not as focused as the Big Bang there is no dip in performance approach caused by the need to learn the new system More time for users to adapt to the A state of continuous change can new system sometimes be disruptive Small details or issues can be fixed Can have missing information as you go because each module relies on info from others, so in a transitional period there may be some gaps Skills and experience are gained Temporary bridges need to be with each phase which can help made from old to new smooth the process as you get further along Longer implementation time to be fully converted
2.5.3. Prioritize which software would be a candidate for migration to cloud Infrastructure.
REFERENCES: http://www.redbooks.ibm.com/redbooks/pdfs/sg248284.pdf Section 3 - Architecting a Cloud Infrastructure 3.1. Incorporate virtualization into Cloud solution architecture SUBTASKS: 3.1.1. Virtualization 3.1.1.1. Compute Virtualization 3.1.1.2. Storage Virtualization 3.1.1.3. Network Virtualization 3.1.1.3.1. VLANS 3.1.1.3.2. Firewalls Segmentation 3.1.1.3.3. Virtual routers and switches 3.1.1.4. Virtualization plays a key role in many cloud computing environments. Existing virtualization technologies used by the customer should be identified and evaluated to determine if they will integrate with the new cloud computing environment. If the cloud migration means new virtualization technologies will be used, existing infrastructure and applications should be tested with this technology. 3.1.1.5. Understand the difference between Type-1 Hypervisors vs Type-2 Hypervisors 3.1.1.5.1. Citrix XenServer 3.1.1.5.2. Microsoft Hyper-V 3.1.1.5.3. VMware ESX/ESXi 3.1.1.5.4. Virtuozzo 6 3.1.1.6. Select hardware components and operating systems based on price point, performance levels, and virtualization technology integration. 3.1.1.6.1. Utilize Consolidation Ratio to extrapolate infrastructure requirements 3.1.1.7. Describe the differences and unique attributes of cloud computing as pertains to workload over provisioning vs. over committing. 3.1.1.8. Based on user needs in terms of performance, volume, and access patterns, install the appropriate storage infrastructure. 3.1.1.8.1. The storage infrastructure used must be compatible with the server virtualization technology in use. 3.1.1.8.2. Apply storage virtualization techniques where appropriate to increase density and decrease costs.
REFERENCES: Virtualization Options - http://www.softlayer.com/virtualization-options
3.2. Identify pertinent "as a service" solutions and explain their use in creating, building, and operating a Cloud environment
SUBTASKS: 3.2.1. Demonstrate knowledge of IBM Bluemix Infrastructure as an Infrastructure as a Service 3.2.1.1. Articulate IBM Bluemix Infrastructure's four main principles of Innovation, Empowerment, Automation and Integration 3.2.1.1.1. Innovation – “innovate or die” – IBM Bluemix Infrastructure’s fundamental operating mantra is to bring new technologies to market as soon as they become commercially viable 3.2.1.1.2. Empowerment – complete transparency and control to the end customer. Our datacenter is your datacenter. We show customers everything. If you want the information it’s there, if not spin up your infrastructure and you are on your way. 3.2.1.1.3. Automation – if it cannot be automated – it does not live within the IBM Bluemix Infrastructure platform: Automation 1) reduces costs 2) improves efficiency 3) improves time to market 4) eliminates human mistakes and results in higher SLA 3.2.1.1.4. Integration - hosting solutions traditionally have been disparate operating silos - IBM Bluemix Infrastructure offers a fully integrated approach from billing to service delivery delivered thru a single interface and API set. It also means building solutions that allow you to integrate your current infrastructure into the IBM Bluemix Infrastructure cloud. 3.2.1.2. Understand how IBM Bluemix Infrastructure's provisioning process works 3.2.2. Describe the Application Deployment process for both on- and off-premises cloud options through the use of IBM PureApplication as Infrastructure as a Service. 3.2.3. Explain how IBM WebSphere Application Server for Bluemix is Middleware as Service that facilitates quick setup on a pre-configured WebSphere Application Server Liberty, Traditional Network Deployment, or Traditional WebSphere Java EE instance in a hosted cloud environment on Bluemix. 3.2.4. Demonstrate knowledge of IBM Bluemix as a Platform as a Service 3.2.4.1. Articulate the use cases for IBM Bluemix applications 3.2.4.2. Explain the infrastructure components of IBM Bluemix and Cloud Foundry 3.2.4.3. Describe the process of staging an application in IBM Bluemix 3.2.4.4. Understand organizational management elements in IBM Bluemix as it relates to Spaces, Users, Domains and Quotas 3.2.4.5. Summarize IBM Bluemix regions and how to manage applications in multiple region
REFERENCES: http://www.ibm.com/software/products/en/pureapplication https://console.ng.bluemix.net/docs/services/ApplicationServeronCloud/index.html https://www.ibm.com/developerworks/develop/cloud/ http://www.cloud- council.org/resource-hub.htm# https://console.ng.bluemix.net/docs/ http://www.ibm.com/software/products/en/pureapplication https://www.blueboxcloud.com/products/faqs https://developer.ibm.com/architecture/
3.3. Understand Cloud Service Management and Operations SUBTASKS: 3.3.1. Cloud Service Management 3.3.1.1. Cloud service management and operations are the tools and processes used to plan, design, deliver, operate and control cloud services. 3.3.2. Business Drivers 3.3.2.1. Assure availability and performance of applications 3.3.2.2. Establish and maintain consistency of the application’s performance and its functional and physical attributes 3.3.2.3. Manage and control operational risks and threats 3.3.3. Benefits of Service Management 3.3.3.1. Collection and analysis of historical data to assist with planning, runtime automation and optimization 3.3.3.2. Measurement of adherence to SLAs 3.3.3.3. Closed Loop Incident Processing: Proactive detection of alerts, event correlation, transaction and historical logging of events and runbook automation to eliminate or reduce disruption to the business. 3.3.3.4. Examples of Components Monitored 3.3.3.5. Data Migration is necessary to control and manage data growth and associated costs of administering and maintaining storage costs 3.3.3.5.1. Storage pool virtualization helps to maximize utilization of managed storage resources 3.3.3.5.2. Restore management capabilities are optimized based on data location 3.3.3.5.3. Migration should be transparent to users and applications and scheduled during off-peak hours if possible so as not to affect network bandwidth and backup windows. REFERENCES: https://developer.ibm.com/architecture/serviceManagement
3.4. Leverage the benefit and identify challenges of a distributed infrastructure vs a consolidated infrastructure SUBTASKS: 3.4.1. Leverage Distributed Infrastructure to establish High Availability zones with considerations to: 3.4.1.1. Geography 3.4.1.2. Climate Control (Data Center Cooling) 3.4.1.3. Power Conditions 3.4.1.4. Server Stacks 3.4.1.5. Networking 3.4.2. Leverage Consolidated Infrastructure to establish consolidated infrastructure zones, as needed to: 3.4.2.1. Reduce Costs 3.4.2.2. Reduce Data Latency 3.4.2.3. Increase Business Controls 3.4.2.4. Simplify Security Implementation 3.4.2.5. Simplify Adherence to Compliance Requirements 3.4.2.6. Ease Disaster Recovery Implementation
3.5. Articulate the different IBM provisioning solutions as it pertains to Cloud infrastructure SUBTASKS: 3.5.1. Bluemix DevOps Services 3.5.1.1. Bluemix DevOps Services is a Software as a Service (SaaS) cloud offering supporting continuous delivery that allows customers to develop, track, plan and deploy software utilizing the Bluemix platform accelerating the delivery cycle. 3.5.1.2. Bluemix DevOps Services is comprised of three (3) key components: 3.5.1.2.1. Delivery Pipeline: Automates builds, testing and deployments 3.5.1.2.2. Track and Plan: Collaborate and track backlog, releases and sprints. 3.5.1.2.3. Active Deploy: Release new versions of software with no downtime. Active Deploy allows customers to revert back to original version in the event a problem occurs. 3.5.2. IBM Cloud Orchestrator 3.5.2.1. IBM Cloud Orchestrator is a cloud management environment that provides an extensible self-service catalog that enables organizations to automate deployment of data center resources, cloud-enabled business processes and cloud services 3.5.2.2. Automation is a key infrastructure management component for cloud computing as without benefits of automation, the complexity of a cloud environment is increased significantly. 3.5.2.3. Key Components 3.5.2.3.1. Quickly deploy and scale on-prem and/or off-prem cloud services 3.5.2.3.2. Reduce administrator workloads and error-prone manual IT administrative tasks 3.5.2.3.3. Provides standardization and automation for deployment and management of IT services. 3.5.2.3.4. Provides the ability to automate fault detection/event management to closure focused on end-to-end service availability and performance. 3.5.2.3.5. Provides ability to maintain audit compliance with process governance 3.5.2.3.6. Integration with existing environments using APIs and tooling extensions 3.5.2.3.7. Integration with IBM Bluemix Infrastructure, OpenStack, PowerVM, System z, VMware or Amazon EC2. 3.5.3. IBM Containers 3.5.3.1. IBM Containers (Docker) enable developers to develop repeatable portable images in which services can be moved easily between dedicated or hybrid cloud environments. 3.5.3.2. Containers are a group of processes run in isolation with each container having its own namespace (isolated view). Unlike virtual machines, containers do not require a separate operating system. Containers run applications/processes in isolation using namespaces isolating the view of files, kernel functionality, and kernel resources (CPU, MEM, Network, block I/O) 3.5.3.3. VMs run a full copy of the OS and virtual copy of the hardware (CPU/RAM) where unlike VMs, containers do not virtualize the entire server stack but abstraction occurs at the OS level. As a result, containers are lightweight, smaller than VMs, startup faster, provide better performance and provide better resource utilization (i.e. 1000 containers on a VM vs up to 30 apps on a VM)
3.5.3.4. Key container components provided in Bluemix 3.5.3.4.1. Integration with services in Bluemix allowing customers to bind services to containers 3.5.3.4.2. Based on Docker runtime and APIs 3.5.3.4.3. Standard IBM images for WebSphere Liberty and Node.js runtime environments 3.5.3.4.4. Bluemix “Docker Container as a Service” provides native container hosting, private or public networking between containers, and support for private Docker image registry 3.5.3.4.5. Currently only supported on Linux. Microsoft has release beta support on Windows with final release anticipated in September 2016. 3.5.4. IBM cloudMatrix 3.5.4.1. The Cloud Services Broker model is designed to deliver IT-as-as-Service (ITaaS) centered on the concept of an Enterprise App Store as the new IT front office. The Broker platform uniquely helps IT managers control complexity, interoperability and total cost of ownership tradeoffs. The IT department can continuously meet business demand through multi- sourced delivery models while optimizing cost. This provides a balanced approach to standardizing and automating IT management and operational processes required to manage hybrid cloud portfolios. 3.5.4.2. Key Components 3.5.4.2.1. Source, provision and manage IT services across all cloud models regardless of provider (on-prem/off-prem) 3.5.4.2.2. Understand where to leverage new compute systems resulting in reduce risk, increase speed and agility and lowering operating costs 3.5.4.2.3. Reduce Shadow IT by providing flexibility of choice for users with the organization’s compliance framework 3.5.4.2.4. Rapid financial decision making by consolidating all cloud service costs on a single dashboard 3.5.4.2.5. Negotiate better terms and conditions (T&Cs) with Cloud providers based on performance visibility 3.5.4.2.6. Enforce organization policy compliance for service selection- based on cost, location, workloads or performance requirements 3.5.4.2.7. Integrated service management across traditional and cloud IT services REFERENCES: https://developer.ibm.com/architecture/devOps http://www.ibm.com/cloud- computing/bluemix/devops/ http://www-03.ibm.com/software/products/en/ibm-cloud- orchestrator https://developer.ibm.com/bluemix/2015/06/22/ibm-containers-on-bluemix/ https://ibm.ent.box.com/s/s5jw1mzot1x7ijjnz93omo0s2x909dsh https://ibm.box.com/s/l25ipp7jf8uq740zfb4dzizjshst87p0
3.6. Architect a security solution to protect infrastructure, applications and services SUBTASKS: 3.6.1. Consider governance and enterprise Risk Management: The ability of an organization to govern and measure enterprise risk introduced by cloud computing. Items such as legal precedence for agreement breaches, ability of user organizations to adequately assess risk of a cloud provider, responsibility to protect sensitive data when both user and provider may be at fault, and how international boundaries may affect these issues. 3.6.2. Consider legal issues: Contracts and Electronic Discovery Potential legal issues when using cloud computing. Issues touched on in this section include protection requirements for information and computer systems, security breach disclosure laws, regulatory requirements, privacy requirements, international laws, etc. 3.6.3. Adhere to compliance and audit: Maintaining and proving compliance when using cloud computing. Issues dealing with evaluating how cloud computing affects compliance with internal security policies, as well as various compliance requirements (regulatory, legislative, and otherwise) are discussed here. This domain includes some direction on proving compliance during an audit. 3.6.4. Manage information and data security: Managing data that is placed in the cloud. Items surrounding the identification and control of data in the cloud, as well as compensating controls that can be used to deal with the loss of physical control when moving data to the cloud, are discussed here. Other items, such as who is responsible for data confidentiality, integrity, and availability are considered. 3.6.5. Understand traditional security, business continuity and disaster recovery: How cloud computing affects the operational processes and procedures currently used to implement security, business continuity, and disaster recovery. The focus is to discuss and examine possible risks of cloud computing, in hopes of increasing dialogue and debate on the overwhelming demand for better enterprise risk management models. Further, this subtask touches on helping people to identify where cloud computing may assist in diminishing certain security risks, or entails increases in other areas. 3.6.6. Evaluate data center operations: How to evaluate a provider’s data center architecture and operations. This is primarily focused on helping users identify common data center characteristics that could be detrimental to on-going services, as well as characteristics that are fundamental to long-term stability. 3.6.7. Incident Response, Notification and Remediation: Proper and adequate incident detection, response, notification, and remediation. This attempts to address items that should be in place at both provider and user levels to enable proper incident handling and forensics. This subtask will help to understand the complexities the cloud brings to your current incident-handling program. 3.6.8. Application Security: Securing application software that is running on or being developed in the cloud. This includes items such as whether it’s appropriate to migrate or design an application to run in the cloud, and if so, what type of cloud platform is most appropriate (SaaS, PaaS, or IaaS). 3.6.9. Encryption and Key Management: Identifying proper encryption usage and scalable key management. This subtask is not prescriptive, but is more informational in discussing why they are needed and identifying issues that arise in use, both for protecting access to resources as well as for protecting data. 3.6.10. Identity and Access Management: Managing identities and leveraging directory services to provide access control. The focus is on issues encountered when extending an organization’s identity into the cloud. This subtask provides insight into assessing an organization’s readiness to conduct cloud-based Identity, Entitlement, and Access Management (IdEA). 3.6.11. Virtualization: The use of virtualization technology in cloud computing. This subtask addresses items such as risks associated with multi-tenancy, VM isolation, VM coresidence, hypervisor vulnerabilities, etc. This subtask focuses on the security issues surrounding system/hardware virtualization, rather than a more general survey of all forms of virtualization. 3.6.12. Security as a Service: Providing third party facilitated security assurance, incident management, compliance attestation, and identity and access oversight. Security as a service is the delegation of detection, remediation, and governance of security infrastructure to a trusted third party with the proper tools and expertise. Users of this service gain the benefit of dedicated expertise and cutting edge technology in the fight to secure and harden sensitive business operations.
REFERENCES: http://cloudsecurityalliance.org http://csrc.nist.gov/publications/PubsNISTIRs.html
3.7. Architect a solution to provide storage capacity, data protection and recovery to support the infrastructure, applications and services SUBTASKS: 3.7.1. Data and storage management architectural design is a critical component of cloud 3.7.1.1. Effective cloud storage management include 3.7.1.1.1. Understanding customer’s existing infrastructure, future state requirements, regulatory requirements, any business issues customer is trying to resolve and SLAs 3.7.1.1.2. Data protection, data archive and disaster recovery requirements (where does data reside 3.7.1.1.3. Data security 3.7.1.1.4. Storage utilization and optimization 3.7.1.1.5. Change management and data migration procedures 3.7.1.1.6. Bandwidth between data centers 3.7.1.1.7. Automation (i.e. automation of incident response such as threshold limit settings and remediation) 3.7.2. Understand uses cases for file, block and object storage Object Storage File-Based Storage Block-Based Storage Transaction units Objects (files with Files Blocks custom metadata) Supported type of No-inplace update Supports in-place Supports in-place update support; updates updates updates create new object versions Protocols REST and SOAD CIFS and NFS SCSI, Fibre over HTTP Channel, SATA Metadata Support Support of custom Fixed file-system Fixed system metadata attributes attributes Best suited for Relatively static file Shared file data Transactional data data and as cloud and frequently storage changing data Biggest strength Scalability and Simplified access High performance distributed access and management of shared files
3.7.3. Understand OpenStack storage platforms 3.7.3.1. Openstack has two primary storage platforms 3.7.3.1.1. Swift 3.7.3.1.2. Cinder 3.7.3.2. Software Defined Storage (SDS) 3.7.3.2.1. SDS is a model that encompasses systems of record (SOR) and systems of engagement (SOE) across hardware and software solutions providing greater flexibility and scalability leverage storage virtualization, policy automation, backup and copy management, analytics and optimization, API integration, security and massive scale-out architecture for big data and analytics. 3.7.3.2.2. IBM Spectrum SDS Solutions a) IBM Spectrum Control b) IBM Spectrum Protect c) IBM SDS
REFERENCES: http://www.redbooks.ibm.com/redpapers/pdfs/redp5121.pdf http://searchcloudstorage.techtarget.com/feature/How-an-object-store-differs-from- fileand-block-storage http://cleversafe.com/resources http://www.ibm.com/systems/storage/spectrum/
3.8. Architect an elastic and scalable environment SUBTASKS: 3.8.1. Specify the difference between Elastic Resources and Scalable Resources. 3.8.2. Define policies for Elastic Resources. Elastic scaling means that businesses can scale up and scale down IT services based on current demand and business goals. As opposed to designing systems for peak load which results in unused resources, elastic scaling means businesses use what they are required to meet their business goals and no more. 3.8.2.1. Elastic Compute 3.8.2.2. Elastic Networking 3.8.2.3. Elastic Storage 3.8.3. Define policies for Scalable Resources. Considerations for Scalable Architecture, which include not just the provisioning of resources on a platform basis to meet the service needs and agreements but also the cross platform migration of applications or workloads to maintain and/or enhance the profitability of running client workloads on a cloud. 3.8.3.1. Scalable Compute 3.8.3.2. Scalable Networking 3.8.3.3. Scalable Storage 3.8.3.4. Ensure both Vertical and Horizontal scaling policies are considered when sizing. 3.8.4. Describe infrastructure limitations that would benefit from Cloud Bursting. 3.8.5. Describe infrastructure bottlenecks that would benefit from Load Balancing. 3.8.5.1. Local Load Balancing 3.8.5.2. Global Load Balancing
REFERENCES: http://knowledgelayer.softlayer.com/topic/load-balancing https://www.ibm.com/cloud- computing/bluemix/load-balancing Section 4 - Managing a Cloud Infrastructure 4.1. Validate that the Cloud Infrastructure Architecture design follows the IBM Cloud Service Management framework SUBTASKS: 4.1.1. Understand the Cloud Service Management framework 4.1.1.1. Incident management, problem management, change management, configuration management, and operations are sub-domains of the service management architecture. 4.1.1.1.1. Incident management – Restores normal service operation as quickly as possible and minimizes the adverse effect on business operations, ensuring that the best possible levels of service quality and availability are maintained. Capabilities include event correlation, monitoring, log monitoring, collaboration, notification, dashboard, and runbooks. 4.1.1.1.2. Problem management – Resolves the root causes of incidents to minimize the adverse impact of incidents caused by errors, and to prevent the recurrence of incidents related to these errors. Capabilities include root cause analysis, incident analysis, and aspects of incident management. 4.1.1.1.3. Change management – Ensures that standardized methods and procedures are used for efficient handling of all changes. Capabilities include backlog, develop, test, approve, and change. 4.1.1.1.4. Configuration management – Focuses on maintaining the information required to deliver a service, including relationships. Capabilities include request configuration, topology, and approve configuration. 4.1.1.1.5. Operations – Includes processes to recommend best practice for requirements analysis, planning, design, deployment, and ongoing operations management and technical support of cloud-based applications. Capabilities include runbook, dashboard, and collaboration 4.1.1.2. Describe the functional requirements met by implementing CSM 4.1.1.2.1. Visibility to the availability and performance of applications and services. Ability to rapidly perform problem determination and restore the service. 4.1.1.2.2. Effectively manage change, mitigate new threats from more interconnected services and infrastructures, and ensure compliance. 4.1.1.2.3. Orchestrate service delivery across dynamic cloud, ensure service quality, and enable continuous delivery of new capabilities at the speed of business. 4.1.1.3. Describe the non-functional requirements addressed by implementing CSM 4.1.1.3.1. Availability and performance Support the need for highest availability by proactive monitoring and rapid restoration of services. 4.1.1.3.2. Collaboration Enable close collaboration between application and cloud infrastructure, and between business, development, and operations. 4.1.1.3.3. Scalability Ability to scale management and operations together with the business needs.
REFERENCES: https://developer.ibm.com/architecture/serviceManagement https://developer.ibm.com/architecture/pdfs/IBMCloud-ACServiceManagementArchite cture.pdf
4.2. Describe analytic capabilities as it pertains to predicting and improving future performance based on patterns SUBTASKS: 4.2.1. Explain predictive analytics 5.2.1.1. Predictive models exploit patterns found in historical and transactional data to identify risks and opportunities. 5.2.1.2. Models capture relationships among many factors to allow assessment of risk or potential associated with a particular set of conditions, guiding future decision making 4.2.2. Describe log capturing and event correlation 5.2.2.1. Every device on a network generates some kind of logs for each and every action carried out on the network. 5.2.2.2. Capturing and analyzing the log files are important tasks for investigating the performance of the target network, as they contain information about all the system, device, and user activities that took place within the network 4.2.3. Describe the capabilities of IBM Operations Analytics - Log Analysis (formerly IBM SmartCloud Analytics - Log Analysis) 5.2.3.1. Analyze the full breadth of operational data types to help identify, isolate and resolve problems. The software integrates data from multiple sources including logs, events, metrics, support documents and trouble tickets 4.2.4. Describe the capabilities of Bluemix Monitoring and Analytics 5.2.4.1. Gain the visibility and control you need over your application. Determine the response time your users see, understand the performance and availability of the application components, leverage analytics to keep your application up and performing well, and get automatically notified if application problems occur. 5.2.4.2. Monitor the health and Availability of your applications. 5.2.4.3. Performance Monitoring of your application runtimes. 5.2.4.4. Log Analytics to quickly find errors in your application logs. 5.2.4.5. Alerting and Notification support to send you events if application problems occur. 5.2.4.6. Identify the root cause of application problems with line of code diagnostics. 5.2.4.7. Intelligently search through logs and metric data to find the answers to your application problems. 5.2.4.8. Add Monitoring and Analytics to an application. 4.2.5. Describe the capabilities of IBM Runbook Automation 5.2.5.1. Create and execute runbooks, event-triggered guidance and automated tasks for faster, consistent problem investigation, diagnosis and resolution. 5.2.5.2. Author and enable runbook execution for manual runbooks, semi- automated runbooks and fully automated runbooks to support varying skill sets and resource availability. 5.2.5.3. Use runbook execution tracking statistics to identify opportunities for implementing automation and track progression of improvements. 5.2.5.4. Strengthen reliability by controlling your operations with consistent and automated responses
REFERENCES: https://developer.ibm.com/architecture/serviceManagement http://www.ibm.com/software/products/en/ibm-runbook-automation https://en.wikipedia.org/wiki/Predictive_analytics https://ilabs.eccouncil.org/log-capturing- event-correlation-2/ http://www.ibm.com/software/products/en/ibm-operations-analytics--- log-analysis https://www.ibm.com/marketing/iwm/iwm/web/signup.do?source=swg- Tivoli_Organic&S _PKG=ov25282 https://www.youtube.com/watch?v=Dw-nFPILlU0&feature=youtu.be https://new- console.ng.bluemix.net/catalog/services/monitoring-and-analytics
4.3. Describe accounting and billing strategies for a cloud environment SUBTASKS: 5.3.1. Understand cloud billing, usage and accounting methods in the cloud 5.3.1.1. Subscription-based pricing – In this model, customers pay to have access to the product/service for a period of time (i.e. monthly, yearly or seasonal). Allows unlimited usage during subscription period so customer pays same amount regardless of resources utilized. 5.3.1.2. Elastic pricing or consumption-based pricing – Cost is tied to actual utilization paying only for resources and/or services consumed (i.e. disk space, CPU time, network, service functions) 5.3.1.3. Market-based or spot pricing – Based on supply and demand driven by market forces (i.e. when computing and storage resources are in high demand, spot market will drive prices of services up) 5.3.1.4. Chargeback/Showback – Correlates utilization back to cloud consumers or corporate departments. Can also be used to determine budget requirements. 5.3.2. Describe Cloud Cost Management, IBM’s accounting and billing strategy for a cloud environment 5.3.2.1. Provides lifecycle financial management from budgeting to usage accounting billing and reporting. 5.3.2.2. Incorporates advanced analytic reporting and usage metering for virtual and cloud computing, storage and network resources. 5.3.2.3. Supports cloud showback and chargeback processes providing accurate meeting and cost rating tool for tracking business processes against budgets 5.3.2.4. Integrates secure cloud usage reporting with cloud provisioning and management products allowing users to better manage infrastructure cost of cloud offerings REFERENCES: https://www.ibm.com/Search/?q=smartcloud+cost+management&lnk=mhsrch&v=18& en=utf&lang=en&cc=us&hpp=10&o=0&co=us&lo=any
Next Steps 1. Take the IBM Certified Solution Architect - Cloud Platform Solution V2 assessment test. Use the promotion code 2018StudyAssess20 for $20 off each assessment.
2. If you pass the assessment exam, visit pearsonvue.com/ibm to schedule your testing sessions. Use the promotion code 2018StudyCert20 to receive 20% off the exam.
3. If you failed the assessment exam, review how you did by section. Focus attention on the sections where you need improvement. Keep in mind that you can take the assessment exam as many times as you would like ($10 per exam), however, you will still receive the same questions only in a different order.