nutanix‐database‐automation‐ncp‐db‐ncp‐db‐65‐exam‐questions_11 - itnett/FTD02H-N GitHub Wiki
Here is an extensive "Do's and Don'ts" guide for Section 2 of the Nutanix Database Service (NDB) exam blueprint. This guide covers deploying, configuring, and setting up high availability for an NDB instance, helping you understand the correct steps and avoid common pitfalls.
Section 2 – Describe NDB Concepts
Objective 2.1: Deploy an NDB Instance
| Deployment Step | Do Not Answer This (Incorrect Choice) | Choosing This is the Safest Choice (Correct Answer) |
|---|---|---|
| Downloading the NDB Instance | "NDB can be downloaded from any third-party website." | "Download the NDB instance from the official Nutanix Support Portal." |
| Importing NDB Instance | "Use any hypervisor's format for importing the NDB instance." | "Use the appropriate format (e.g., QCOW2 for AHV, OVA for ESXi) for importing NDB." |
| Creating an NDB Instance | "Creating the NDB instance can be done without specific network configurations." | "Ensure the correct network configurations (e.g., VLAN, IP ranges) are set for NDB." |
| Assigning a Static IP Address | "Assign a dynamic IP address for flexibility." | "Always assign a static IP address to the NDB instance for consistent network access." |
| Logging onto NDB | "Log in with any user account." | "Use the administrator credentials provided during setup to log into NDB." |
| Running the Installation Wizard | "The installation wizard is optional and can be skipped." | "Complete the NDB Installation Wizard for proper configuration and initialization." |
| NDB Network Requirements | "No specific network requirements are needed for installation." | "Follow the NDB network requirements (e.g., specific ports, network segmentation)." |
Objective 2.2: Configure an NDB Instance
| Configuration Task | Do Not Answer This (Incorrect Choice) | Choosing This is the Safest Choice (Correct Answer) |
|---|---|---|
| Change NTP/DNS Settings | "NTP/DNS settings can only be changed via GUI." | "Change NTP/DNS settings via the NDB server CLI to ensure proper configuration." |
| Determine Network Firewall Ports | "All network ports are open by default." | "Identify and configure necessary firewall ports (e.g., 443, 9440, 3205, 3260)." |
| Configure Network Segmentation | "NDB can run on any network without segmentation." | "Configure network segmentation to isolate NDB traffic and improve security." |
| Change Language Settings | "Language settings are fixed after installation." | "Use the NDB settings menu to change the language settings at any time." |
| Configure SSL Certificate | "SSL certificates are not required for secure communication." | "Configure an SSL certificate to secure NDB communication." |
| Deploy NDB High Availability | "High Availability (HA) is not needed for NDB." | "Deploy NDB High Availability to ensure continuous service and failover capabilities." |
| NDB Initial Configuration | "Initial configuration can be skipped." | "Follow the initial configuration guidelines to properly set up NDB after deployment." |
Objective 2.3: Configure NDB High Availability
| High Availability Task | Do Not Answer This (Incorrect Choice) | Choosing This is the Safest Choice (Correct Answer) |
|---|---|---|
| Configure High Availability | "HA configurations are the same for all environments." | "Configure HA according to the specific NDB environment (e.g., multiple clusters)." |
| Ensure Service Resiliency | "Service resiliency does not require HA." | "Ensure service resiliency by deploying NDB in a High Availability setup." |
| Control Plane Configuration | "Control Plane configuration is static and cannot be adjusted." | "Discuss and configure NDB Control Plane for optimal scalability and performance." |
| Scalability Options | "NDB does not support scalability." | "NDB supports Control Plane scalability through appropriate configurations." |
| NDB Service Resiliency | "Service resiliency is automatic and needs no configuration." | "Ensure service resiliency by configuring HA and monitoring health status of NDB." |
| NDB Management Plane Availability | "NDB management plane does not need HA configurations." | "Enable High Availability for NDB management plane to prevent service interruptions." |
Explanations for Correct Choices:
-
Download, Import, and Create NDB Instance: Ensure you download from official sources, use the correct formats, and follow network requirements.
-
Assign a Static IP Address: A static IP is crucial for reliable access and integration with other network components.
-
Log Onto NDB and Run the Installation Wizard: Use administrator credentials to complete the initial configuration through the wizard, which is mandatory.
-
NTP/DNS Settings: These are essential for accurate timekeeping and domain resolution. Configure them via CLI for flexibility.
-
Network Firewall Ports and Segmentation: Proper firewall and network segmentation settings are necessary to secure NDB traffic.
-
SSL Certificate Configuration: SSL is crucial for securing communications between NDB components and clients.
-
Deploy High Availability: Ensures minimal downtime and service continuity, which is critical for production environments.
-
Control Plane Configuration and Scalability: Must be correctly configured to ensure that NDB scales well and remains resilient to failures.
Tips for Remembering Critical Tasks and Steps:
- Use Checklists: Create a checklist for each step in deploying and configuring NDB to ensure nothing is missed.
- Understand Dependencies: Know which configurations depend on others (e.g., SSL requires network settings to be correctly configured).
- Practice Network Settings: Memorize key ports and network requirements by creating flashcards.
- Simulate Installations: Use lab environments to practice installing and configuring NDB.
By following these "Do's and Don'ts," you can ensure you understand the steps required to deploy, configure, and set up high availability for NDB instances and avoid common mistakes on the exam.
Here is a list of the key NDB network requirements that you need to remember:
NDB Network Requirements:
-
Ports:
- 443 (HTTPS): Used for secure web access to NDB GUI.
- 9440 (Prism Central): Required for communication between NDB and Nutanix Prism Central.
- 3205 (iSCSI Initiator): Used by NDB for iSCSI initiator communication to connect with storage.
- 3260 (iSCSI Target): Used for iSCSI target communication, providing access to storage devices.
- 5985 (WinRM HTTP): Used for communication with Windows Database Server VMs.
- 9389 (SQL Server AG Provisioning): Required for Active Directory integration for SQL Server Always On Availability Groups (AG).
-
Network Configuration:
- Static IP Address: Assign a static IP to the NDB instance to ensure consistent and reliable network communication.
- VLAN Configuration: Define VLANs to segregate network traffic and secure communications for database operations.
- Subnet Mask and Gateway: Configure appropriate subnet mask and default gateway to ensure the NDB instance can communicate across the network.
- DNS Server Configuration: Provide DNS server IP addresses to resolve domain names for network services.
- NTP Server Configuration: Configure Network Time Protocol (NTP) servers to ensure consistent timekeeping across NDB instances and related components.
-
Firewall Rules:
- Ensure that all required ports (443, 9440, 3205, 3260, 5985, 9389) are open between the NDB instance, database server VMs, Prism Central, and external services.
- Configure rules to allow secure communication between NDB and Active Directory, storage devices, and other infrastructure components.
-
SSL Certificates:
- Configure SSL certificates to secure communications between NDB components, clients, and any external systems.
-
Network Segmentation:
- Use network segmentation to isolate NDB traffic from other network traffic, enhancing security and performance.
Additional Considerations:
- NDB must have connectivity to the Nutanix cluster(s) where the databases are managed.
- Ensure proper network bandwidth to handle the database provisioning, patching, cloning, and backup operations.
- Verify compatibility of network settings with both the AHV or ESXi hypervisors and any integrated third-party solutions.
These network requirements are crucial for ensuring that the Nutanix Database Service operates correctly and securely in your environment.