Академический Документы
Профессиональный Документы
Культура Документы
Version 2
Lab Guide
October 2014
Copyright
Copyright 1996, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012
2013, 2014 EMC Corporation. All Rights Reserved. EMC believes the information in this publication is
accurate as of its publication date. The information is subject to change without notice.
THE INFORMATION IN THIS PUBLICATION IS PROVIDED AS IS. EMC CORPORATION MAKES NO
REPRESENTATIONS OR WARRANTIES OF ANY KIND WITH RESPECT TO THE INFORMATION IN THIS
PUBLICATION, AND SPECIFICALLY DISCLAIMS IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS
FOR A PARTICULAR PURPOSE.
Use, copying, and distribution of any EMC software described in this publication requires an applicable
software license.
EMC2, EMC, Data Domain, RSA, EMC Centera, EMC ControlCenter, EMC LifeLine, EMC OnCourse, EMC
Proven, EMC Snap, EMC SourceOne, EMC Storage Administrator, Acartus, Access Logix, AdvantEdge,
AlphaStor, ApplicationXtender, ArchiveXtender, Atmos, Authentica, Authentic Problems, Automated
Resource Manager, AutoStart, AutoSwap, AVALONidm, Avamar, Captiva, Catalog Solution, C-Clip,
Celerra, Celerra Replicator, Centera, CenterStage, CentraStar, ClaimPack, ClaimsEditor, CLARiiON,
ClientPak, Codebook Correlation Technology, Common Information Model, Configuration Intelligence,
Configuresoft, Connectrix, CopyCross, CopyPoint, Dantz, DatabaseXtender, Direct Matrix Architecture,
DiskXtender, DiskXtender 2000, Document Sciences, Documentum, elnput, E-Lab, EmailXaminer,
EmailXtender, Enginuity, eRoom, Event Explorer, FarPoint, FirstPass, FLARE, FormWare, Geosynchrony,
Global File Virtualization, Graphic Visualization, Greenplum, HighRoad, HomeBase, InfoMover,
Infoscape, Infra, InputAccel, InputAccel Express, Invista, Ionix, ISIS, Max Retriever, MediaStor,
MirrorView, Navisphere, NetWorker, nLayers, OnAlert, OpenScale, PixTools, Powerlink, PowerPath,
PowerSnap, QuickScan, Rainfinity, RepliCare, RepliStor, ResourcePak, Retrospect, RSA, the RSA logo,
SafeLine, SAN Advisor, SAN Copy, SAN Manager, Smarts, SnapImage, SnapSure, SnapView, SRDF,
StorageScope, SupportMate, SymmAPI, SymmEnabler, Symmetrix, Symmetrix DMX, Symmetrix VMAX,
TimeFinder, UltraFlex, UltraPoint, UltraScale, Unisphere, VMAX, Vblock, Viewlets, Virtual Matrix, Virtual
Matrix Architecture, Virtual Provisioning, VisualSAN, VisualSRM, Voyence, VPLEX, VSAM-Assist,
WebXtender, xPression, xPresso, YottaYotta, the EMC logo, and where information lives, are registered
trademarks or trademarks of EMC Corporation in the United States and other countries.
All other trademarks used herein are the property of their respective owners.
Copyright 2014 EMC Corporation. All rights reserved. Published in the USA.
Rev #
File Name
Date
1.0
First Release
10/17/2014
Table of Contents
COPYRIGHT..........................................................................................................2
DOCUMENTREVISIONHISTORY...........................................................................3
LAB1:CLOUDINFRASTRUCTURELAYERS..............................................................7
LAB2:SERVICEMANAGEMENTANDSECURITY...................................................13
Purpose:
Toreinforcetheconceptspresentedinthelectureportionof
thecourse,module1throughmodule6.
Tasks:
Participantsarerequiredtoprovideasolutionforthe
deliverablesbasedonthegivenscenarioandrequirements.
References:
Module:IntroductiontoCloudComputing
Module:BuildingtheCloudInfrastructure
Module:PhysicalLayer
Module:VirtualLayer
Module:ControlLayer
Module:ServiceandOrchestrationLayers
Company Profile
Afinancialorganizationhas6000employeesandprovidesservicestomorethan20
millioncustomers.TodeliverITservicestoitsbusinessunits,theorganizationoperates
twodatacentersattwodifferentgeographiclocations.Thedatacentersruntheir
businessapplicationsonmorethan300physicalcomputesystems.Theinfrastructure
components(computesystems,networkdevices,andstoragedevices)are
heterogeneousinnature.Someoftheapplicationsareproprietary(developedin
housebytheorganization)andsomeofthemareofftheshelf.
Organizations Challenges
Overthepast10years,theorganizationhasmadeseveralstrategicinvestmentsto
builditsmarketshare.However,theorganizationisnowfacingachallengetocope
withthefastchangingdemandsofcustomersaboutservicesprovidedbythe
organization.Thesedemandsareforcingtheorganizationtodevelopanddeploy
severalnewapplicationsandmaketheservicesavailabletothecustomersrapidly.
Withthecurrentinfrastructure,rapiddeploymentofapplicationisverydifficult.The
utilizationofthecomputesystems,network,andstorageislessthan20percentofthe
availablecapacity.Also,deployinganewapplicationtakesalongtimebecauseit
involvespurchasingnewcomputesystems,installingsoftware,configuringnetwork
andstorage,andconfiguringsecurity.
Deliverables
Theorganizationwantstotransformtheirexistingdatacentertocloudinfrastructure
toleveragethebenefitsofcloud.Theywouldliketobuildthecloudinfrastructureby
repurposingtheirexistinginfrastructure.Afterdeployingnewservicestothe
consumerstheorganizationisexpectingcloudbursttooccurfromtimetotime.They
donotwanttoinvestmoneyontheinfrastructuretoprovisionresourcestomeetthe
requirementsoftheoccasionalincreaseinthepeakworkload.
Theorganizationplanstodevelopseveralnewapplicationstooffernewservicesto
theircustomers.Theproprietaryapplicationprovidestheorganizationcompetitive
advantageandtheythereforewanttosetupanenvironmentforitontheir
infrastructure.Theyalsorequiretheenvironmenttoenabledevelopment,testing,and
deploymentofscalableapplicationsinanagilemanner.Theyalsowanttosetupan
environmenttodeploytheproprietaryandofftheshelfapplications.
Astheexistinginfrastructureisheterogeneousnature,theorganizationrequiresthe
abilitytoautomatetheprovisioningandconfigurationtasksbasedondefinedpolicies.
Theorganizationrequirestheabilitytodynamically,uniformly,andeasilymodifyand
managetheirinfrastructure.Also,theorganizationrequirestheabilitytodiscoverthe
availableunderlyingresourcesandprovidesanaggregatedviewoftheresources.
Solution:
Theorganizationneedstodeploythevirtual,control,orchestration,andservicelayers
ontheexistingphysicallayertobuildthecloudinfrastructure.
Followingpointsdetailshowdifferentlayersandapproachaddresstheorganizations
challenges:
1. Deployingvirtuallayer:
a. Enablesimprovingtheutilizationofinfrastructurecomponents
i. WiththehelpofVMs,VLANs,VSANs,thinLUNsandsoon
b. Enablesrapiddeploymentofcomputesystemsforapplications
i. WiththehelpofVMtemplateandvirtualappliance
2. Deployorchestrationlayer:
a. Enablesautomatedprovisioningandconfigurationoftasksbasedon
definedpolicies
3. Softwaredefinedapproach:
a. Abilitytodynamically,uniformly,andeasilymodifyandmanagetheir
infrastructure
b. Abilitytodiscovertheavailableunderlyingresourcesandprovidesan
aggregatedviewoftheresources
4. Brownfielddeploymentoptionandintegratingbestofbreedcloud
infrastructurecomponents
a. Enablerepurposingtheirexistinginfrastructuretobuildthecloud
5. Hybriddeploymentmodel
a. Enableaccommodatingincreasedpeakworkloadthatmayoccurfrom
timetotime
10
6. PlatformasaService
a. Enabledevelopmentandtestingofscalableapplicationsinanagile
manner
7. InfrastructureasaService
a. Enabledeploymentofproprietaryandofftheshelfapplications
End of Lab 1
11
12
Purpose:
Toreinforcetheconceptspresentedinthelectureportionof
thecourse,Module8:SecurityandModule9:Service
Management
Tasks:
Participantsarerequiredtoprovideasolutionforthe
deliverablesbasedonthegivenscenarioandthe
requirements.
References:
Module:Security
Module:ServiceManagement
13
Scenario
Acloudserviceprovideruses50percentofitsdatacenterequipmenttosetupacloud
infrastructure.Theremainingequipmentisusedforinternaloperationsandfor
testing.Thecloudinfrastructureconsistsofahypervisorcluster.Aresourcepoolis
createdbyaggregatingtheavailableresourcesofthehypervisorcluster.Thecloud
infrastructureisusedtoprovidecomputeservices.Theservicesareallocated
necessaryprocessingpowerandmemoryresourcesfromtheresourcepool.
Thehypervisorclusteriscomposedof10identicalphysicalcomputesystems
containing2redundant(passive)computesystems.Thismeansthattheclustercan
absorbuptotwocomputesystemfailuresandcontinuetosupportallservicesatthe
samelevelofperformance.Theavailableprocessingpowerandmemoryperphysical
computesystemintheclusterisequalto19.2GHzand64GBrespectively.The
existingresourcesinthedatacentercanmeetcapacityrequirementofservicesin
shortterm.However,theprovidershouldprocureandprovisionadditionalresources
asrequiredtoavoidthecapacityissuesinfuture.Further,theproviderisconcerned
aboutsecurityattacksthatmaycompromisethehypervisorsrunningonthephysical
computesystems.Theprovidershouldtakecontrolmeasurestoprotectagainstsuch
attacks.
14
Thecapacitymanagementprocessinaserviceprovidersorganizationisshowninthe
figure.Theprocesscomprisesseveralactivities,showninrectangularboxes.The
processalsoconsistsofconditions.Theyallowtheprocesstobranchintodifferent
directions,dependingonwhethertheconditionsaremetornot.
Given:Thethresholdsforoverutilizationandunderutilizationofresourcesare70
percentand40percentutilizationoftotalresourcecapacityrespectively.Theseare
usedtodeterminewhethertheresourcepoolisoverutilizedorunderutilized.
15
Deliverables
EstablishtherequiredcapacitymanagementactivitiesmarkedbyX1andX2inthe
figureforbelowcases:
Case1:Processingpoweralreadyallocatedtoservicesfromtheresourcepoolis
equalto32.8GHzandmemorycapacityalreadyallocatedtoservicesfromthe
resourcepoolisequalto123GB
Case2:Processingpoweralreadyallocatedtoservicesfromtheresourcepoolis
equalto88.2GHzandmemorycapacityalreadyallocatedtoservicesfromthe
resourcepoolisequalto320GB
Listthecontrolmeasuresthatcanaddresstheproviderssecurityconcern.
16
Numberofcomputesystemsintheclusterisequalto10(8activeand2
redundant)
Totalprocessingcapacityofresourcepool=8*19.2GHz=153.6GHz
Totalmemorycapacityofresourcepool=8*64GB=512GB
Utilization(%)ofprocessingcapacityofresourcepool=(32.8/153.6)*100=21.4
%
Utilization(%)ofmemorycapacityofresourcepool=(123/512)*100=24%
Astheresourcesareunderutilized(<40%),activityX1needstobecarriedout
ActivityX1:
o Transfersomeoftheunderusedcomputesystemstoanother
environmentthatisunderresourced
o Reducethesizeofresourcepool,ensuringthatresourceutilizationis
withinthenormalutilizationlimits(>40%and<70%)
17
Availableprocessingcapacityofresourcepool=8*19.2GHz=153.6GHz
Availablememorycapacityofresourcepool=8*64GB=512GB
Utilization(%)ofprocessingcapacityofresourcepool=(88.2/153.6)*100=57.4
%
Utilization(%)ofmemorycapacityofresourcepool=(320/512)*100=62.5%
Although,resourceutilizationiswithinthenormalutilizationlimits(>40%and
<70%),enoughresourcesarenotavailabletosatisfythefuturedemandfor
capacity.Hence,activityX2needstobecarriedout.
ActivityX2:
o Determinecurrentcapacityreserves
o Establishcapacityconsumptiontrends
o Forecastfuturedemandforcapacity
o Planforprocurementandprovisioningofadditionalcapacity
18
Controlmeasurestoprotecthypervisorsagainstattacksare:
o Installsecuritycriticalhypervisorupdateswhentheyarereleasedbythe
hypervisorvendor
o Hardenhypervisor
o Accesstohypervisormanagementservershouldberestrictedto
authorizedadministrators
o Encryptnetworktrafficwhenmanagingremotely
o Deployfirewallbetweenthemanagementsystemandtherestofthe
network
o Rotateordeletelogfileswhentheyreachacertainsizetoprotect
againstdenialofservice
End of Lab 2
19
20