Training Package Code and Title: ICT - Information and Communications Technology (Release 2)

Training Package Code and Title: ICT - Information and Communications Technology (Release 2)

Qualification National Code and Title: ICT50120 Diploma of Information Technology (Networking)

ICT40120 Certificate IV in Information Technology (Networking) State code: BFG0

AC10

Assessment Title AT2 Project - MultiTier

Unit National Code & Title ICTCLD502 - Design and implement highly available cloud infrastructure.

Date Due Date Received

Student Name Gavin Pasindu Dharmapala Student ID 30005261

Student Declaration I declare that the evidence submitted is my own work:

..

Assessor Name

Assessment Decision Satisfactory Not Yet Satisfactory

Assessor Signature Date

Is student eligible for reassessment (Re-sit)? No Yes Reassessment Date:

Feedback to student

Via Blackboard (LMS) Please check Grade section.

Feedback from student

Via Blackboard (LMS) Please use Comment section during submission.

Student signature Date

Assessment Instructions

TO THE ASSESSOR

Type of Assessment Build Project Multi-tier Architecture

Assessment Due Date Week 9

Location of Assessment Classroom

Conditions Assessor to ensure that the noise levels, natural interactions, and time variances are maintained as they would in the be in the ICT industry.

Learners are required to complete the required tasks in class and submit the required documentation electronically via Blackboard

Elements and Criteria As detailed in the assessment plan

You are required to make sure that all students meet the elements, performance criteria, and oral communication items as outlined in the provided checklist.

TO THE STUDENT

Purpose of Assessment You are required to show you can:

ICTCLD502 - Design and implement highly available cloud infrastructure.

Identify high availability requirements.

Evaluate architecture availability.

Design cloud-based architecture for high availability

Implement cloud-based architecture for high availability.

Finalise cloud infrastructure.

You are required to meet the elements, performance criteria, and oral communication items as outlined in the provided checklist.

Allowable Materials Blackboard (Topic by topic) will include the following: Weekly Readings, Class notes, and Weekly Activities.

Required Resources Computer with:

Internet Access

Word processing software

Access to Learning Management System (LMS)

Access to AWS Learner Labs

Reasonable Adjustment In some circumstances, adjustments to assessments may be made for you. If you require support for literacy and numeracy issues; support for hearing, sight, or mobility issues; changes to assessment times/venues; use of special or adaptive technology; considerations relating to age, gender and cultural beliefs; the format of assessment materials; or presence of a scribe you need to inform your lecturer.

Assessment Submission All questions and activities must be attempted.

You could type your answers directly into this assessment or embed external documents/reports as objects.

The use of research tools and peers in formulating answers is acceptable but the work submitted must be your own work.

Final project documentation is to be uploaded to the appropriate area in the Blackboard course created for this unit.

If you are marked as NYS (Not Yet Satisfactory) on your first attempt, you will be provided with another opportunity to re-attempt the assessment.

Checklist is now on the last page.

Scenario Project Brief

The client has 2 offices in a city building. The client has 2 servers in a nearby datacenter.

The client provides design and project management services for their customers. Several files are generated for each customer, and these are kept on the file server in a folder for each customer. The web server hosts a job scheduling database that tracks job tasks and their details and status as well as bookings made for each job. Now, only staff have access to information on both servers.

The opportunity:

The server hardware is due for replacement as warranties are about to expire. The client has requested consulting services as they consider a move to cloud services.

Consider the business needs and project requirements to design a cloud solution that is highly available and resilient to disasters.

The move to the cloud would provide another opportunity to provide customers of the business read access to the details of their job bookings only.

The problem:

After watching the impact of recent floods in QLD and NSW and bushfires in VIC last year the customer is worried about the impact to the business if the servers at the datacentre are lost. Last year a trojan was uploaded to the file server resulting in a ransom demand and files on the file server were encrypted.

The customer files were unavailable for 8 hours while the server was restored from backups. The customer information created 4 hours prior to the outage was lost and had to be recreated from conversation notes and emails.

The client has emphasized the importance of making sure that customer information is not lost even in disaster conditions.

The client wants a plan to ensure the data is resilient.

The client is concerned about the security of the dynamic web service as it opens to customers as well as employees. They want the customers to have a good experience using this portal. If bookings are lost or corrupted this might have consequences such as penalties from downstream contractors.

This important for the reputation of the business.

Resources provided:

Several files for use with the assessment are provided in SQL Jason, php and python are provided to students to minimised time lost due to possible file formatting issues. Students are also encouraged to use material and walkthroughs provided to assist then in this project. Note that students are not allowed to copy / paste screenshots from walkthrough documents into their project.

Network Topology

Project Requirements

Design and implement at least one fault tolerant cloud infrastructure on a cloud platform resilient to networking, compute, storage, database and data centre failures.

Design and deploy automated infrastructure scaling for at least one business need.

Simulate failures of at least one component and demonstrate is fault tolerant.

Use cloud management console, software development kits or command line tools.

Define, monitor and record resource availability in cloud environment, including:

reliability

recoverability

service levels

scalability.

Part B High Availability

Assessment Task 1.1(Refer to reliability Pillar- Well architected.)

Explain what reliability, recoverability, and service levels mean and explain what is required to achieve it.

ANSWER:

Reliability: In cloud architecture, reliability refers to a system or service performing consistently and without interruption. It includes automated failover mechanisms, load balancing, redundancy, high availability, resilience, and quick recovery from failures. Even in the face of disruptions or hardware/software failures, a dependable cloud architecture ensures that services remain usable and operational. This calls for tactics like keeping data backup copies, automating failover procedures, watching for prompt action, and distributing workloads among resources. To meet user expectations, ensure business continuity, and reduce service downtime, reliability is crucial.

Recoverability: In a cloud architecture, recoverability refers to the capacity to promptly and successfully restore systems, data, and services to their operational state after a failure or disruption. It entails putting disaster recovery plans into place, as well as effective recovery procedures. Platforms for the cloud provide a range of tools and services that facilitate automated backups, replication across availability zones, and quick service restoration. Recoverability makes sure that any unanticipated downtime or data loss is minimized, enabling companies to quickly resume operations and maintain service continuity. The protection of user satisfaction, the reduction of service interruptions, and data integrity are essential components of cloud architecture.

Service Levels: In cloud architecture, service levels refer to predetermined performance metrics and commitments that cloud providers make to their clients. These metrics take into account factors like service availability, response time, and up-time percentage. These standards are outlined in cloud service level agreements (SLAs), which also include details on compensation or other remedies in the event of service interruptions or failures. These contracts aid in establishing clear expectations between service providers and clients, ensuring that the cloud services adhere to predetermined performance and reliability standards. To guarantee that the cloud environment consistently meets the company's operational needs, minimizing disruptions, and ensuring a positive user experience, monitoring and maintaining service levels is crucial.

Assessment Task 1.2

Describe typical cloud components of the architecture that you built. You could use a table for this to link to the organisations business needs.

ANSWER:

Components Description Business Need

File Server A File Server is a computer attached to a network that provides a location for shared disk access. A File server provides a central location to store all the business files and so that multiple users can work on the same documents and other data.

2) Job Web Server A web server is computer software and underlying hardware that accepts requests via HTTP or its secure variant HTTPS. A Web Server can process and manage the HTTP/HTTPS requests from the business app/website. This allows the company data to be accessed by the company and its 3rd Party consumers.

3) Layer 3 Switch A Layer 3 switch is a switch that can perform routing functions in addition to switching. The Switch acts as both a switch and a router. It acts as a switch to connect devices that are on the same subnet or virtual LAN at lightning speed.

Assessment Task 1.3

Describe the shared model.

Describe AWS responsibilities.

Describe customer responsibilities.

You could use a table to link the above to business requirements.

ANSWER:

Shared Model: The division of security responsibilities between the cloud service provider (CSP) and the client is outlined in the shared responsibility model for cloud computing. The customer is in charge of protecting their applications, data, and access, while the CSP is in charge of protecting the cloud infrastructure. This means that while customers manage their virtual machines, applications, and user access, the CSP takes care of duties like physical security and core services. Through coordinated efforts from the provider and the client, this collaboration ensures a secure cloud environment.

AWS Responsibilities: According to the shared responsibility model, AWS is accountable for overseeing the physical security of data centers, protecting the virtualization and hypervisor infrastructure, upholding host operating system security, offering a safe network environment, and guaranteeing the security of database and storage services. In addition, AWS provides DDoS protection, adheres to industry standards, and oversees a number of security-related services. Within AWS, customers are in charge of protecting their data, apps, and configurations, including user access management, firewall rules, access controls, and encryption. By giving users autonomy and flexibility over their unique workloads and apps, this shared responsibility model seeks to create a secure cloud environment.

Customer Responsibilities: Customers are in charge of protecting their data, apps, and configurations inside their cloud environments under the shared responsibility model. This covers duties like data encryption, IAM-managed user access management, network security configuration, host operating system and application security, security group and firewall rules setup, application layer security implementation, resource monitoring, compliance standards observance, and disaster recovery planning. It is also the responsibility of customers to ensure that their staff receives education and training in security best practices. The underlying cloud infrastructure and some services are managed by AWS, but maintaining a safe and legal cloud environment requires customer diligence in these areas.

Assessment Task 2.1

First look at the design principles for reliability in AWS well architected framework.

Review and identify the high availability requirements that the existing on-prem architecture does not have.

ANSWER:

The AWS Well-Architected Framework places a strong emphasis on fundamental ideas for creating dependable systems. Distributed systems, redundancy and recovery, fast failure detection, horizontal scaling, automated resource management, and reliable data backup and recovery techniques are all encouraged. To improve the dependability of systems in the cloud environment, these guidelines are crucial.

Finding any gaps in high availability requirements is critical when analysing the current on-premises architecture. To guarantee that the system can keep working even in the event of a component failure, first evaluate the architecture for single points of failure and add redundancy where necessary. Second, consider load balancing as a means of distributing traffic uniformly and offering redundancy. To identify and address problems as soon as possible, think about putting in place systems for data centre failover, monitoring, and alerting. Evaluate disaster recovery plans, scalability, backup and restore protocols, and high availability feature testing on a regular basis to enhance the resilience and dependability of the current on-premises architecture.

Organisations can improve the resilience of their on-premises architecture, guaranteeing business continuity and reducing downtime, by attending to these high availability requirements.

Assessment Task 2.2

Identify(list) the Single Points of Failure (SPOF). You could use a table to list the issues with the current on-Premise environment.

ANSWER:

Assessment Task 2.3

Determinethe components that will scale vertically(instance type, size of EBS volume if you choose to use one)For these components, discuss what are the potential issues with system availability.

ANSWER:

Assessment Task 2.4

Based on your understanding of business needs, list your recommendations for improvements you have identified to the architecture to improve reliability.

ANSWER:

My recommendations for improvements that Ive identified to improve reliability to the architecture are

Assessment Task 3.1

For your design, create/paste in the naming, IP addressing, and security groups tables, updating these tables at a later stage if necessary.

ANSWER:

Assessment Task 3.2

Paste in the SPOF table from 2.2 and identify if SPOF is mitigated or removed by adding a column and updating the table.

ANSWER:

Assessment Task 3.3

Identify what components will vertically scale and to what level.

What are the potential effects on System Availability?

ANSWER:

Assessment Task 3.5

Make sure that the architecture diagram is titled, components labelled with names, addresses, etc...

Reference Multi-Tier Architecture design.

ANSWER:

Assessment Task 4.1 (Implementation Plan)

Record the planned tasks in a logical order, with notes such as commands required or scripts, how you will verify the configuration, how you will test the configuration, time required to complete the task.

During the implementation, utilise AWS resources, learning content and the supplied support files.

ANSWER:

Tasks Description Notes (commands/scripts) Verification/Testing Time to Complete

Assessment Tasks 4.2 (Test Plan)

Write the functional tests to verify that the web app works .e.g. does the landing page load?

Did you test all the tasks you implemented?

ANSWER:

Tasks Description Notes (commands/scripts) Verification/Testing Time to Complete

Ensure that you review your testing with the Lecturer and receive sign off.

Assessment Task 4.3 (Monitoring Metrics)

Based on the AWS monitoring content, identify the Cloud Watch Metrics to be monitored.

ANSWER:

Metric Monitor level

Assessment Task 4.4 (Failure Simulation)

First review and then utilise simulation resources available in AWS and Blackboard content.

Describe the failure simulation. Describe the results of the simulation.

ANSWER:

Assessment Task 4.5 (Load Simulation)

Based on the simulation resources, describe the load simulation process.

Describe the load simulation. Describe the results of the simulation.

ANSWER:

Assessment Task 5.1

What else could be improved, adjusted or revised for the initial AWS Architecture?

Make some recommendations on architectural changes for the next iteration /cycle of development.

ANSWER:

Assessment Task 5.2

Are the recommendations or changes compliant with both AWS architecture framework and possible legislation requirements?

ANSWER:

Assessment Task 5.3

Ask a colleague to review your findings for tasks 5.1 and 5.2 and add some feedback here.

ANSWER:

Checklist is now on the last page.

Learners name

Observer/Assessors name

Unit National Code & Title ICTCLD502

Design and implement highly-available cloud infrastructure

State Code

Date of Assessment

Procedure/Task

Observation of project Tasks

Instructions for assessor Observation of candidates in project tasks for microservices and serverless builds

Did the candidate demonstrate the ability to do the following? Yes No Assessor Comments:

(This section must contain the lecturers notes/comments)

Section A High Availability

Identify high availability requirements.

Evaluate architecture availability.

Design cloud-based architecture for high availability

Implement cloud-based architecture for high availability.

Finalise cloud infrastructure.

[end]