AWS For Dummies - 2 - Virtualization
In Last Article I spoke about Why AWS is easy to start with but hard to master. If you want to go deep its a ocean of Information.
I ask a common Question to people how they rate themselves in AWS in a scale of 7. 85% time the answer I hear is 6 or 5 to be safe. In reality when I ask that Question I am looking for a counter question "Which All Services "
No one , Mark it No one knows all AWS Services well. Its myriad of Technology . We can excel in 5 or 7 services at max but saying I am expert makes myself a fool and this is how most of the Interviews starts.
In this 2nd Edition of "Learn Amazon Web Services ( AWS ) in a Simple Way" I would talk about the Building Blocks of Any Cloud Services with some inclination to AWS.
Hypervisor
We Optimize things to save better. Resource Optimization is the key. That's why Cookies comes in smaller size so people can share without breaking it. So does Chips and many other thing, this is how the "Shared Economy" runs.
In nutshell in One Physical hardware Different instances runs but they are isolated from each other via a highly customized version of Xen hypervisor developed for AWS. The AWS firewall resides within the hypervisor layer, between the physical network interface and the instance’s virtual interface so each Instance feel like its their own abode.
The Xen hypervisor takes advantage of para-virtualization. The CPU provides four separate privilege modes (0-3) called rings. Ring 0 is the most privileged and 3 the least. Rather than executing in Ring 0 as most operating systems do, the guest OS runs in a lesser-privileged Ring 1 and applications in the least privileged Ring 3. This explicit virtualization of the physical resources leads to a clear separation between guest and hypervisor, resulting in additional security separation between the two.
Instance Isolation
All packets must pass through the hypervisor and related firewall, thus an instance cannot access or connect to other instances similar to that of separate physical hosts. The physical memory on the hypervisor is separated using similar mechanisms.
Contrary to earlier beliefs thats Cloud is not Secure, AWS has come a long way to show what can be achieved in Shared Economy model with Security Intact.
Now that You know how Cloud Instances are secured/isolated from each other, I would go ahead with Elasticity in my next Post.
Sr Manager -Software Development at Verizon
6 年From next time onwards will ask which all services??
Good Exp in handling customer escalations and Triaging Incidents and crisis. Supporting 24/7 Environment with good client handling experience of Global customers across EMEA/NA/APAC regions
6 年Good explanation