Course Syllabus & Structure

Virtualization and Cloud Infrastructure

Back to Course Index

Course Overview

This 11-week course introduces 3rd-year undergraduates to virtualization and cloud computing using Proxmox VE and OpenStack on lab PCs (i7, 24 GB RAM). Students progress from foundational virtualization concepts through to advanced cloud infrastructure management and automation. The course emphasizes hands-on labs, supplemented by theoretical notes, practical demonstrations, and real-world scenarios.

Learning Outcomes

By the end of the course, students will: 1. Explain virtualization principles and hypervisor architectures (Type-1 vs Type-2) 2. Install, configure, and manage Proxmox VE for enterprise virtualization 3. Deploy and manage virtual machines (VMs) with proper resource allocation 4. Configure virtual networking using Linux bridges, VLANs, and network namespaces 5. Implement storage solutions including snapshots, backups, and templates 6. Work with containerization technologies (LXC, Docker, Kubernetes) 7. Build and manage Proxmox clusters with high availability (HA) 8. Understand cloud computing service models (IaaS, PaaS, SaaS) 9. Install and manage OpenStack cloud infrastructure 10. Deploy and manage cloud instances with proper networking and security 11. Implement persistent storage solutions using OpenStack Cinder 12. Automate cloud operations using APIs, scripts, and Infrastructure as Code tools

Week 1: Introduction to Virtualization

Objectives

• Understand the purpose and benefits of virtualization.
• Differentiate between Type-1 and Type-2 hypervisors.
• Explore hypervisor architecture, focusing on KVM and QEMU.

Key Concepts

• Virtualization Overview: Virtualization abstracts hardware (CPU, RAM, storage, network) to run multiple operating systems on one machine, improving resource utilization, scalability, and isolation.
• Types of Hypervisors:
• Type-1 (Bare-Metal): Runs directly on hardware (e.g., Proxmox VE, VMware ESXi). Offers better performance for enterprise use.
• Type-2 (Hosted): Runs on a host OS (e.g., VirtualBox, VMware Workstation). Easier setup, less efficient.
• KVM and QEMU: KVM turns Linux into a Type-1 hypervisor; QEMU emulates hardware for VMs, working with KVM.
• Use Cases: Server consolidation, development/testing, disaster recovery.

Lecture Content

1. Why Virtualize?: Reduces hardware costs, simplifies management, enables dynamic scaling.
2. Hypervisor Architecture: Type-1 hypervisors interact directly with hardware; Type-2 rely on a host OS. Use diagrams (hardware → hypervisor → VMs).
3. Proxmox VE Introduction: Open-source, Debian-based platform using KVM for VMs and LXC for containers. Features web-based management.
4. Comparison: Proxmox VE (enterprise, bare-metal) vs. VirtualBox (desktop, hosted) vs. VMware ESXi (proprietary, bare-metal).

Supplementary Video Resources

• QEMU, KVM, and Virt-Manager basics: YouTube (Beginner-friendly KVM setup).
• Linux hypervisor with libvirt/QEMU/KVM: YouTube (Stack and setup guide).

Lab Reference

Students install Proxmox VE 8.x on lab PCs and explore its web interface, reinforcing hypervisor types.

Interactive Session Suggestions

• Face-to-Face Focus: Poll on video challenges (e.g., KVM vs. QEMU). Demo hardware compatibility fixes.
• Class Discussions: Discuss real-world virtualization use cases (e.g., small business applications).
• Student Presentations: Assign 1-2 students to present (5-10 min) on Type-1 vs. Type-2 hypervisors, using video/notes examples.

Assessment

Short quiz on virtualization concepts and hypervisor types.

Resources

• Proxmox VE Documentation
• KVM/QEMU Overview

Week 2: Virtual Machines (VMs)

Objectives

• Create and configure virtual machines.
• Understand resource allocation (CPU, RAM, disk).
• Install a guest OS in a VM.

Key Concepts

• Virtual Machine: Software emulation of a physical computer (virtual CPU, memory, storage, network).
• Resource Allocation: Assigning vCPUs, RAM, disk space without overcommitting host resources.
• Guest OS: Operating system (e.g., Linux, Windows) inside a VM.
• QEMU Guest Agent: Service in guest OS for hypervisor integration (e.g., shutdown, resource reporting).

Lecture Content

1. VM Creation Process: Define parameters (CPU cores, RAM, disk type), select ISO, configure boot order.
2. Resource Management: Balance allocation to avoid performance bottlenecks.
3. Guest OS Installation: Use ISO images, automated installs.
4. Proxmox VM Features: Cloning (identical VM copies), snapshots (state saves), console access (VNC/SPICE).

Supplementary Video Resources

• Proxmox setup and first VM: YouTube (Installation to VM creation).
• VM creation in Proxmox: YouTube (Ubuntu VM setup).

Lab Reference

Students create an Ubuntu Server VM, install qemu-guest-agent, and test VM operations (start, stop, pause, clone).

Interactive Session Suggestions

• Face-to-Face Focus: Review screenshots; debug resource allocation issues (e.g., overcommitment) in groups.
• Class Discussions: Share VM installation challenges from videos.
• Student Presentations: Assign 1-2 students to demo cloning or resource adjustment.

Assessment

Submit screenshots of running VM with resource summary.

Resources

• Proxmox VE VM Management
• Ubuntu Server Installation Guide

Week 3: Containers and Resource Management

Objectives

• Understand differences between LXC containers, Docker, Podman, and VMs.
• Practice lightweight virtualization with containers in Proxmox.
• Explore container use in cloud environments like OpenStack.

Key Concepts

• Cloud Relevance: Docker dominates in OpenStack (Zun for containers, Magnum for Kubernetes clusters); Podman is used in Red Hat-based clouds for security.

Lecture Content

1. Container Architecture: Containers share the host kernel, reducing overhead compared to VMs. Compare LXC (Proxmox-native), Docker (daemon-based, cloud-standard), and Podman (daemonless, secure).
2. LXC in Proxmox: Managed via Proxmox’s web interface, similar to VMs. Example: Create an LXC container with pct create.
3. Docker and Podman: Introduce Docker’s role in clouds (e.g., OpenStack’s Zun/Magnum) and Podman’s security advantages. Highlight Docker’s dominance in public/private clouds and Podman’s rise in Red Hat environments.
4. Resource Limits: Set CPU/memory limits to prevent overuse (e.g., pct set <ID> -cpulimit 1 for LXC, docker run --memory 512m for Docker).
5. Performance Comparison: Containers (LXC, Docker, Podman) have faster boot times and lower resource usage than VMs, critical for cloud scalability.
6. OpenStack Connection: Preview how OpenStack (Week 7–11) uses Docker for container workloads (Zun) and orchestration (Magnum), with Podman as an alternative in secure deployments.

Supplementary Video Resources

• LXC in Proxmox: YouTube (Compares to VMs, setup guide).
• Docker vs. Podman: YouTube (Explains differences, cloud use cases).
• Docker basics: YouTube (Beginner guide to Docker containers).

Lab Reference

Students create LXC containers in Proxmox, set resource limits, and compare performance (e.g., boot times) with VMs. Optional: Install Docker or Podman in a VM to run a simple container (e.g., docker run nginx or podman run nginx) and compare with LXC.

Interactive Session Suggestions

• Face-to-Face Focus: Use student write-ups to identify container setup issues (e.g., resource limits). Demo Docker/Podman vs. LXC boot times in groups.
• Class Discussions: Prompt “From videos, when would you use Docker vs. Podman vs. LXC in a cloud like OpenStack?” to connect to Weeks 7–11.
• Student Presentations: Assign 1-2 students to present (5-10 min) a comparison of LXC, Docker, and Podman, focusing on cloud use cases.

Assessment

Reflective write-up comparing VM and container (LXC, Docker, or Podman) performance, including boot time and resource usage.

Resources

• Proxmox LXC Documentation
• Docker Documentation
• Podman Documentation
• OpenStack Zun

Week 4: Virtual Networking and Linux Networking Fundamentals

Objectives

• Understand Linux networking concepts using the ip command.
• Explore network namespaces, Linux bridges, veth interfaces, VLANs, and Open vSwitch (OVS).
• Apply these to Proxmox network modes (bridge, NAT, VLAN).

Key Concepts

• Linux Networking with ip Command: The ip command (from iproute2) manages network interfaces, IP addresses, routes, and more, replacing older tools like ifconfig. Example commands:
• ip link show: Display network interfaces.
• ip addr add 192.168.10.5/24 dev eth0: Add IP address.
• ip route add default via 192.168.10.1: Set default gateway.
• Network Namespaces: Isolate network configurations (interfaces, routes, firewall rules) to simulate multiple hosts. Example: sudo ip netns add ns1.
• Linux Bridges: Virtual Layer 2 switches connecting interfaces (e.g., VMs, containers) like a physical LAN. Example: sudo ip link add name br0 type bridge.
• Virtual Ethernet (veth) Interfaces: Paired virtual interfaces acting like a cable, connecting namespaces or bridges. Example: sudo ip link add vethA type veth peer name vethB.
• VLANs: Logical network segmentation using IEEE 802.1Q tags for isolation. Example: sudo ip link add link eth0 name eth0.10 type vlan id 10.
• Open vSwitch (OVS): Advanced virtual switch supporting VLANs, tunneling, and Software Defined Networking (SDN). Example: sudo ovs-vsctl add-br br0.
• Proxmox Network Modes:
• Bridge: Connects VMs to physical network with own IPs (e.g., vmbr0).
• NAT: Hides VMs behind host IP for private networks.
• VLAN: Segments networks for isolation, security.
• Virtual LAN: VMs/containers communicate as if on a physical LAN.

Lecture Content

1. Linux Networking Basics: Introduce the ip command for managing interfaces (ip link), IPs (ip addr), and routes (ip route). Emphasize its role in configuring virtual networks.
2. Network Namespaces: Explain how namespaces isolate network stacks, useful for simulating complex networks in Proxmox labs.
3. Linux Bridges and veth: Cover bridges as virtual switches and veth pairs as connectors for namespaces or VMs, foundational for Proxmox’s bridge mode (vmbr0).
4. VLANs: Discuss VLAN tagging for network segmentation, aligning with Proxmox VLAN mode.
5. Open vSwitch (OVS): Introduce OVS as an advanced alternative to Linux bridges, supporting SDN and VLANs. Highlight its components (ovs-vswitchd, ovsdb-server) and basic setup.
6. Proxmox Networking: Connect Linux networking concepts to Proxmox’s bridge, NAT, and VLAN modes. Example: vmbr0 as a Linux bridge.
7. Use Case: Web server (public) + database (private) setup using bridges and VLANs.
8. Troubleshooting: Address misconfigurations (e.g., incorrect bridge settings, firewall rules).

Supplementary Video Resources

• Linux networking with ip command: YouTube (Beginner guide to ip commands).
• Network namespaces and bridges: YouTube (Practical demo of namespaces, veth, bridges).
• Open vSwitch basics: YouTube (Introduction to OVS setup and VLANs).

Lab Reference

Students configure a Linux bridge, connect VMs, test connectivity with ping/SSH, simulate web+database setup using Proxmox. Pre-lab exercises: 1. Use ip link show to list interfaces. 2. Create two namespaces, connect with veth, test ping. 3. Set up a Linux bridge, attach veth interfaces, verify connectivity.

Interactive Session Suggestions

• Face-to-Face Focus: Map student network diagrams on whiteboard; troubleshoot ip command or namespace issues live.
• Class Discussions: Prompt “How do namespaces or VLANs enhance Proxmox networking, based on videos?” to connect Linux concepts to labs.
• Student Presentations: Assign 1-2 students to present (5-10 min) on a Linux networking concept (e.g., ip command or OVS VLANs) and its relevance to Proxmox.

Assessment

Lab report with network diagram, proof of connectivity, and Linux networking exercise outputs (e.g., ip link show, ping results).

Resources

• Proxmox Networking
• Linux Bridge Basics
• iproute2 Documentation
• Open vSwitch

Week 5: Storage and Backup

Objectives

• Understand local, shared, and distributed storage.
• Manage snapshots, backups, templates in Proxmox.

Key Concepts

• Storage Types:
• Local: Host disk storage (e.g., LVM, ZFS).
• Shared: Network-based (e.g., NFS, iSCSI).
• Distributed: Scalable, fault-tolerant (e.g., Ceph).
• Snapshots: Point-in-time VM state copies for rollback.
• Backups: Full VM/container copies for disaster recovery.
• Templates: Preconfigured VMs for quick instance creation.

Lecture Content

1. Storage Models: Local (fast, limited) vs. shared (scalable, network-dependent).
2. Proxmox Storage: Supports LVM, ZFS, NFS backends.
3. Snapshots vs. Backups: Snapshots for quick recovery, backups for archival.
4. Templates: Standardize deployments.

Supplementary Video Resources

• Snapshots and backups in Proxmox: YouTube (Securing VMs guide).
• Templates and snapshots: YouTube (Ubuntu VM cloning demo).

Lab Reference

Students add storage volume, take/restore snapshots, create VM templates, optionally mount NFS storage.

Interactive Session Suggestions

• Face-to-Face Focus: Simulate recovery scenarios using student backups.
• Class Discussions: Share home lab storage preferences from videos.
• Student Presentations: Assign 1-2 students to demo snapshot restoration.

Assessment

Submit exported VM template and backup log.

Resources

• Proxmox Storage
• ZFS Overview

Week 6: Proxmox Cluster and High Availability (Optional)

Objectives

• Understand clustering and high availability (HA) in Proxmox.
• Learn cluster configuration process.

Key Concepts

• Clustering: Multiple Proxmox nodes act as a single system for resource sharing, load balancing.
• High Availability (HA): VMs restart on another node if one fails.
• Live Migration: Move running VMs between nodes without downtime.
• Corosync: Clustering engine for node communication.

Lecture Content

1. Cluster Benefits: Centralized management, resource pooling, fault tolerance.
2. Proxmox Cluster Setup: Requires synchronized time, static IPs, Corosync.
3. HA Mechanisms: Monitors nodes, triggers VM restarts.
4. Limitations: HA needs shared storage, three nodes for reliability.

Supplementary Video Resources

• 2-node cluster with HA: YouTube (Raspberry Pi quorum).
• HA cluster on a budget: YouTube (Affordable guide, Ceph prep).

Lab Reference

Students join Proxmox nodes into a cluster, enable live migration, test failover (if hardware allows).

Interactive Session Suggestions

• Face-to-Face Focus: Simulate failover using screenshots; address setup issues.
• Class Discussions: Discuss HA reliability from videos.
• Student Presentations: Assign 1-2 students to present cluster setup.

Assessment

Cluster configuration screenshots and short reflection.

Resources

• Proxmox Cluster Guide
• High Availability

Week 7: Transition to Cloud Computing Concepts

Objectives

• Explain IaaS, PaaS, SaaS, and cloud architecture layers.
• Understand virtualization’s role in cloud computing.

Key Concepts

• Cloud Service Models:
• IaaS: Virtualized resources (e.g., OpenStack, AWS EC2).
• PaaS: Development platforms (e.g., Heroku).
• SaaS: Internet-delivered software (e.g., Google Workspace).
• Cloud Architecture: Layers include hardware, virtualization, orchestration, services.
• Virtualization in Cloud: Hypervisors enable IaaS clouds by abstracting hardware. Proxmox VE uses KVM. Other hypervisors in popular clouds:
• VMware ESXi: VMware Cloud, enterprise private clouds (robust performance).
• Microsoft Hyper-V: Microsoft Azure (Windows Server integration).
• Xen: AWS EC2, Citrix clouds (lightweight, scalable).
• KVM: Google Cloud Platform, Red Hat OpenShift, OpenStack (open-source, flexible).
• OpenStack: IaaS platform using KVM (default), Xen, or ESXi. Used in private (e.g., CERN, Walmart) and public (e.g., Rackspace) clouds.
• Containers in OpenStack: OpenStack supports containers as workloads (via Zun for Docker/Podman, Magnum for Kubernetes) and for deploying services (e.g., Kolla’s Docker-based deployments). Containers offer lightweight alternatives to VMs, complementing Proxmox’s LXC (Week 3) and enabling scalable, isolated applications in IaaS clouds.

Lecture Content

1. Cloud Computing Overview: On-demand, scalable resource delivery.
2. Service Models: Compare IaaS, PaaS, SaaS with examples.
3. OpenStack Introduction: Open-source IaaS for compute, storage, networking.
4. Virtualization Role: Hypervisors enable scalability, multi-tenancy. Compare Proxmox VE (KVM) with ESXi, Hyper-V, Xen, and OpenStack’s hypervisor flexibility. Discuss Docker/Podman in OpenStack’s container services (Zun, Magnum).

Supplementary Video Resources

• SaaS, PaaS, IaaS basics: YouTube (Clear explanation with examples).
• OpenStack with Containers (Zun and Magnum): YouTube (Overview of container services).

Lab Reference

Students deploy a nested Ubuntu VM in Proxmox for OpenStack installation.

Interactive Session Suggestions

• Face-to-Face Focus: Poll on video takeaways; highlight cloud model differences and container use in OpenStack.
• Class Discussions: Prompt “How do containers (from Week 3 and videos) compare to VMs in OpenStack’s IaaS model?”
• Student Presentations: Assign 1-2 students to present (5-10 min) on a cloud architecture layer or OpenStack’s container services (Zun vs. LXC).

Assessment

Short quiz on cloud types and OpenStack architecture.

Resources

• OpenStack Overview
• NIST Cloud Definition
• VMware ESXi
• Xen Project
• Microsoft Hyper-V
• OpenStack Zun

Week 8: The Cloud Foundation (Identity, Images, Networking)

Objectives

• Understand the "Dependency Chain": Identity -> Image -> Network.
• Manage Projects and Users (Keystone).
• Manage Images (Glance).
• Configure Networks, Subnets, and Routers (Neutron).

Key Concepts

• Keystone: The Registrar. Nothing happens without a Token.
• Glance: The Image Library. Storing disk images.
• Neutron: The Virtual Wiring. Creating strict isolation between tenants.

Lecture Content

1. Identity (Keystone): Authentication vs Authorization.
2. Images (Glance): Formats (QCOW2 vs ISO) and Metadata.
3. Networking (Neutron): The "Provider Network" vs "Self-Service Network".

Lab Reference

Students create a "Tenant Environment": New Project, New User, Upload Ubuntu Image, Create Private Network + Router.

Assessment

Screenshot of the Network Topology view in Horizon.

Week 9: Compute Operations (Nova & Security)

Objectives

• Understand Nova Architecture (API, Scheduler, Compute).
• Deploy Instances using the Foundation (Week 8 resources).
• Secure instances with Security Groups and Keypairs.

Key Concepts

• Nova Scheduler: Filters and Weighers.
• Security Groups: Stateful Firewalls (Ingress/Egress).
• Keypairs: SSH Injection via Cloud-Init.

Lecture Content

1. Nova Deep Dive: The "Cell" architecture and "Shared Nothing" model.
2. The Boot Process: Tracing the request from API to Hypervisor.
3. Security Layers: Project Isolation vs Network Isolation vs Firewall Rules.

Lab Reference

Students launch instances into their Week 8 network, configure Security Groups for SSH/Web, and debug boot failures via Console Logs.

Assessment

Successful SSH login to a VM and cat /etc/hostname.

Week 9: Compute and Networking in OpenStack

Objectives

• Launch and manage instances in OpenStack.
• Configure internal and external networks.

Key Concepts

• Instances: VMs managed by Nova.
• Networking:
• Internal Network: Private instance communication.
• External Network: Connects instances externally.
• Floating IP: Public IP for instance access.
• Glance Images: Disk images for instances.

Lecture Content

1. Instance Lifecycle: Image upload to termination.
2. Neutron Networking: Networks, subnets, routers, floating IPs.
3. Security Considerations: Isolate internal networks.
4. OpenStack Workflow: Image → network → instance → floating IP.

Supplementary Video Resources

• OpenStack Compute (Nova): YouTube (Nova intro).
• Neutron networking: YouTube (Beginner guide).

Lab Reference

Students upload image to Glance, create network/subnet/router, launch instance, access via SSH.

Interactive Session Suggestions

• Face-to-Face Focus: Highlight networking pitfalls using documented steps.
• Class Discussions: Discuss floating IP security risks.
• Student Presentations: Assign 1-2 students to present instance launch workflow.

Assessment

Documented steps and screenshot of running instance.

Resources

• OpenStack Networking Guide
• Nova Documentation

Week 10: Storage & Persistence (Cinder)

Objectives

• Distinguish between Ephemeral (Nova) and Persistent (Cinder) storage.
• Manage Volumes, Snapshots, and Backups.

Key Concepts

• Ephemeral Storage: Dies with the VM.
• Block Storage (Cinder): Persistent, mountable drives (like USB sticks).
• Object Storage (Swift): HTTP-based storage (like S3).

Lecture Content

1. Storage Tiers: Performance vs Cost.
2. Cinder Architecture: Helping the Hypervisor talk to the SAN.
3. Data Safety: Snapshots (Instant) vs Backups (Off-site).

Lab Reference

Students attach a 10GB Volume to their Instance, format it (EXT4), write data, snapshot it, and restore it to a new volume.

Assessment

Screenshot of the mount command showing the attached volume.

Week 11: Automation and Cloud API

Objectives

• Learn cloud automation using CLI or scripts.
• Understand OpenStack REST API basics.

Key Concepts

• Automation: Scripts/tools for efficient resource management.
• OpenStack CLI: Commands for instance/network management.
• REST API: Programmatic interface for automation.
• Ansible/Terraform: Infrastructure-as-code tools (optional).

Lecture Content

1. Why Automate?: Scalability, repeatability in clouds.
2. OpenStack CLI: Commands for launching instances, networks.
3. REST API Basics: HTTP requests for OpenStack services.
4. Scripting Example: Python/Bash script for instance launch.

Supplementary Video Resources

• OpenStack CLI commands: YouTube (Beginner guide).
• REST API via CLI: YouTube (Command-line tutorial).

Lab Reference

Students complete three labs: 1. Automation: Scripting instance launches with Bash and Cloud-Init. 2. Configuration: Managing server fleets with Ansible. 3. Infrastructure as Code: Deploying declarative stacks with Heat.

Interactive Session Suggestions

• Face-to-Face Focus: Run student scripts; debug API issues.
• Class Discussions: Share automation tool insights from videos.
• Student Presentations: Assign 1-2 students to demo script.

Assessment

Submit working automation script and output logs.

Resources

• OpenStack CLI Guide
• OpenStack API

Instructor Notes

• Lab Setup: Ensure lab PCs (i7, 24 GB RAM) support nested virtualization. Pre-install Proxmox ISOs, Ubuntu images, and Docker/Podman for Week 3 optional labs.
• Pacing: Weeks 1–6 (virtualization), 7–11 (cloud). Adjust lab time per student progress.
• Interactivity: Require pre-session prep (notes, videos, labs). Use polls (e.g., Mentimeter) for engagement. Track student presentations for participation.
• Week 3 Note: Docker/Podman content prepares students for OpenStack’s container services (Zun, Magnum) in Weeks 7–11. Emphasize Docker’s prevalence in clouds and Podman’s security benefits.
• Week 4 Note: Linux networking content is foundational for Proxmox labs. Encourage students to practice ip commands and namespace exercises before labs.
• Optional Enhancements:
• Use Git for lab submissions.
• Demonstrate Ceph for distributed storage.
• Introduce Terraform/Ansible for automation.
• Discuss cloud security (multi-tenancy, encryption).

Instructions for Creating a Markdown File

1. Copy the Text: Select all the text above.
2. Paste into a Text Editor: Open a text editor (e.g., VS Code, Notepad++), create a new file, and paste the text.
3. Save as .md: Save the file with a .md extension (e.g., Virtualization_Cloud_Notes.md).
4. Optional Conversion to Word:
5. Paste the text into Microsoft Word.
6. Use Heading 1 for week titles (e.g., ## Week 3: Containers and Resource Management).
7. Use Heading 2 for subsections (e.g., ### Objectives).
8. Apply bullet points/lists for clarity.
9. Adjust font (e.g., Arial, 12pt) and spacing (e.g., 1.15 line spacing).
10. Save as .docx (e.g., Virtualization_Cloud_Notes.docx).

Notes on Updates

• Week 3 Revisions: Added Docker and Podman to complement LXC, focusing on Docker’s dominance in private/public clouds (e.g., OpenStack’s Zun/Magnum) and Podman’s security benefits in Red Hat environments. Optional lab tasks include running Docker/Podman containers to prepare for OpenStack labs.
• Week 4: Retained comprehensive Linux networking content (ip command, namespaces, bridges, veth, VLANs, OVS) to ensure a strong foundation for Proxmox networking labs.
• Week 7: Included containers (Docker/Podman) in OpenStack context to bridge Week 3 and cloud lessons.
• 11-Week Structure: Maintained by streamlining Docker/Podman content to focus on essentials, keeping LXC primary for Proxmox labs.