Cloud computing abilities are in high demand these days, and many aspirants are sharpening their skills in this area in order to secure a profitable career. Let’s take a look at some common cloud architecture interview questions. Though these questions pertain to Oracle infrastructure, they apply to all providers.
Q1. What is IaaS, PaaS, SaaS?
- Infrastructure as a service (IaaS)
- Development as a service (PaaS)
- Software as a service (SaaS)
All are terms for cloud-based software that is ready to use.
Q2. What is the difference between IaaS, PaaS, and SaaS services?
IaaS (Infrastructure as a Service)
Customers can install software according to their needs on these bare computing units. This will cover the storage, network bandwidth, and CPU power requirements.
PaaS (Platform as a Service)
PaaS combines IaaS with certain pre-installed software (based on customer requirements) that can be utilised to create custom apps. Each component, of course, has its own price.
IaaS services are not available here, and only PaaS services are available, despite the fact that the software is hosted on the vendor’s infrastructure (IaaS)
SaaS (Software as a Service)
A full-fledged operational application to solve a business need is referred to as SaaS. Although SaaS applications can be installed on IaaS, only SaaS services can be used.
All of the above services have factors such as compute load, network bandwidth, and storage, which are all dependent on client transaction loads. All of these things go into determining subscription (rental) rates.
Q3. What is VCN?
VCN is the short for Virtual Cloud Network. Cloud architects must configure virtual devices once a cloud infrastructure has been deployed by the cloud provider. One of them is VCN.
Q4. What is VCN Peering, and how does it work? Tell us about some of the features of VCN peering.
Connectivity between resources in various VCNs is configured using VCN peering. following are the features of VCN peering.
- The traffic never leaves the provider network.
- The traffic is never sent outside of the provider’s network.
- It is not necessary to use a public IP address.
- Higher security and faster connectivity.
- Peeking within an area is referred to as Local, while peering across regions is referred to as Remote Peering.
Q5. How does local VCN peering work?
Make a link between LPG and electricity (local peering Gateway), Update the route table as well as the security list. To build a connection, you’ll need IAM policies.
Q6. What is the process of transit routing between many VCNs?
DRGs (dynamic routing gateways) are used for remote pairing. A Peering Relationship is formed by connecting the RPCs of two DRGs from two different regions. We’ll need to update the route table and security list, as well as define IAM policies.
Q7. What is the process of transit routing between many VCNs?
Other VCNs are locally peered with the hub VCN, which acts as a hub. The traffic is routed through the hub. DRG’s route table has rules to target an LPG or private IP, while LPG’s route table contains rules to target DRG or private IP.
Q8. What is VCN connect, and how does it work?
VPN Connect is a managed VPN solution that establishes a secure connection between on-premises and Cloud (OCI) VCN using IPSec VPN Connection.
Q9. What are the components that make up a VPN connection?
Dynamic Routing Gateway (DRG) is an acronym for Dynamic Routing Gateway. At OCI, the VPN comes to an end. Customer-premises-equipment (CPE) is a term that refers to the equipment that In an on-premises network, the VPN router CPE object is the name of the representation that will be produced in OCI. IPSec Connection: Routing will be set up after the DRG and CPE have been configured.
Q10. What routing choices are available when creating a VPN?
There are both static and dynamic settings available. Static is the default setting.
Q11. When switching the routing type of a tunnel, how do you avoid downtime?
One tunnel at a time should be completed.
Q12. What exactly is FastConnect?
FastConnect is a dedicated private network link between OCI and its network partners that provides a high-speed, elastic network in 1Gbps and 10Gbps increments. Can be used to connect remote data centers or public resources (private peering) (public peering).
Q13. What protocol is FastConnect based on?
Border Gateway Protocol (BGP) is an acronym for Border Gateway Protocol.
Q14. What is a Virtual Circuit, exactly?
A virtual circuit is a network path that operates over a physical network to offer a single logical link between a customer edge router and a DRG.
Q15. What is Compute Quota, and how does it work?
Compute quotas are resources that are assigned at different levels to manage utilization. as an example It regulates the number of instances that can be launched at the compartment level.
Q16. What exactly is BYOI?
Customers can use the BYOI capability to upload their own operating system image to the cloud.
Q17. What is the difference between horizontal and vertical scaling?
Vertical scaling adds more resources to a single compute, while horizontal scaling adds more compute devices or nodes.
Q18. What is the difference between a console connection and a network connection? What are the differences between the two types?
Remote troubleshooting is possible thanks to the console connection. Serial (SSH) console connections and VNC console connections are the two types.
Q19. What exactly is BYOH?
Bring your own Hypervisor (BYOH). This enables clients to extend their on-premises environments to the cloud while also allowing them to install older operating systems and pre-configured virtual machines. Three hypervisors are currently supported.
- Oracle Virtual Machine (OVM)
- KVM
- Hyper-V is a virtualization technology developed by Microsoft.
Q20. What methods do you have for gaining access to your OCI resources?
CLI is for Command Line Interface, and SDK stands for Software Development Kit, which may be used to call OCI services in Java or Ruby. Python is a programming language that can be used.vhttp://restapis.com
IAM console for Oracle cloud infrastructure.
Q21. What is TerraForm, and why is it important?
TerraForm is a code-based virtualization and provisioning system for OCI resources. It can assist with OCI environment automation.
Q22. What exactly is Ansible?
Used for OCI resource provisioning, orchestration, and configuration management.
Q23. What exactly is an Availability Domain?
Region with data centers from where services can be delivered
Q24. Is it possible for an availability domain to have numerous data centers?
Yes
Q25. What exactly is a region?
Multiple Availability domains can be found in a geographical region.
Q26. What is the location of the user identities?
Service for managing identity and access
Q27. What is a Compartment?
It is the logical boundary inside a tenancy as well as the grouping of resources (such as storage, network, and user access) for a specific logical department ( eg. Finance)
Q28. What is the purpose of a user access policy?
IAM policies are used to provide users access and manage access control. Users are assigned to groups and policy states, such as which group has access to which information.
Q29. Is it possible to implement compartment level access?
Yes, as well as nested compartments.
Q30. Is it possible for a compartment to contain resources from distinct regions?
Yes. When you need a global presence, you use resources from several places.
Q31. On a Vanila OCI instance, how many compartments do you get?
The root compartment is the only one.
Q32. What is the definition of Principal?
The principal determines who has access to the resources; it can be the root user or an IAM user. User who is part of a group, a principal is granted an access policy. For example (eg. a VM instance).
Q33. What’s the point of having an instance principal?
To prevent storing direct user credentials
Q34. In OCI, how does authentication work?
- Password for the user.
- Public Private Key for API Signing
- A collection of random text and integers make up an authorization token.
Q35. What is the procedure for obtaining authorization?
Following authentication, authorization is handled by IAM policies established at the compartment and tenancy levels.
Q36. What does the framework of a policy look like?
The following structure is used to define policies. Allow (Subject) to verb) resource-type) in (location) where (conditions) are met, examples are:
- Allow group (group name) in tenancy to (verb) (resource-type).
- Allow (group name) to (verb) (resource-type) in compartment [where criteria apply]