Upload
gavin-ball
View
218
Download
3
Embed Size (px)
Citation preview
© 2015 IBM Corporation
IBM Cloud: Think it. Build it. Tap into it.
Carlos Aguado FidalgoIBM Cloud Technical SalesCarlos Aguado FidalgoIBM Cloud Technical Sales
Jueves de Softlayer
© 2015 IBM Corporation
Agenda
1. Introducción al Cloud – Modelo IaaS
2. IBM Softlayer
1. Computación
2. Almacenamiento
3. Redes
4. Seguridad
5. Soluciones (Disaster Recovery, Backup, etc)
3. Demo práctica del Portal
© 2015 IBM Corporation
¿Qué puede aportar Cloud?
ElasticidadAccesibilidadRápidoaprovisionamiento
Pago por uso
2 Transformación de un modelo CAPEX a OPEX
1 Acelerar el despliegue de nuevos productos y servicios
4Facilitar la expansión internacional3 Manejar completamente tu infraestructura
© 2015 IBM Corporation
Beneficios del cloud – IT tradicional vs Cloudca
pacit
y
time
traditional IT infrastructuredynamic cloud infrastructure
actual loadforecasted load
undercapacityundercapacity
undercapacityundercapacity
overcapacityovercapacity
flexible capacityflexible capacity
LOAD
INFRASTRUCTURE PLANNING
reduction ofInitialinvestment
© 2015 IBM Corporation
Virtual Server BasicsShared (public node) or private (private node) environmentRun on Citrix XenServer hypervisorHypervisor managed by SoftLayer, client sees OS leveland aboveProvisioned with Local or SAN-based storageMonthly or hourly options availableDepolyed in 30 minutes or less
Local vs. SAN-based StorageLocal Storage
− Best performance− Disks in RAID10− Ideal for low-transactional operations− No high availability options
SAN-based Storage− Default storage option for Virtual Servers− High availability− Ideal for light, front-end operations− Ability to assign larger volumes
Private Clouds on SoftLayerBare Metal Server provisioned with a customer-specified hypervisorCustomer manages hypervisor and all VMs provisioned on the hypervisorAvailable with the following SoftLayer-supported hypervisors:
− Citrix XenServer− Microsoft Hyper-V− VMWare
Customer is responsible for any associated fees with licensing on hypervisors, including operating systemsfor VMs.
Helpful LinksVirtual Servers topic page on KnowledgeLayerSet Up a Virtual Server on KnowledgeLayer Set Up a Hypervisor on KnowledgeLayerVirtual Servers page on softlayer.com
Virtual Servers
© 2015 IBM Corporation
Chassis, Processor, DrivesAvailable in all Data CentersIntel-powered, x86 serversSingle, Dual, or Quad Proc models Chassis Sizes
− 1U = 4 drives− 2U = 12 drives− 3U = ~12 drives (GPU only)− 4U = 36 drives
Drive Types− SATA− SAS-SCSI− SSD
Redundant Power on all 2U, 3U, and 4U servers
Network FeaturesStandard
− 500 GB Outbound Public Network Bandwidth− Single-path network connections on public, private, and
management− 100 Mbps connectivity in all Data Centers
Upgrades− Dual-path network connections− Upgraded port speed from 100 Mbps to 1GB or 10 GB.− Bandwidth pooling for two or more severs on an
account− Unlimited Public Network bandwidth− Provisioning with private network only connectivity
(public network ports shut down at time of initial configuration)
Bare Metal BasicsPhysical deviceSingle-tenant environmentMost powerful server availableCustom-provisioned in 2-4 hoursManaged through Customer Portal or API, controlleddirectly on device through IPMI, KVM/IP, or SSH/RDP24x7x365 support comes standard
Helpful LinksBare Metal Server page on softlayer.comBare Metal Server topic page on KnowledgeLayerSet up a Bare Metal Server on KnowledgeLayer
Bare Metal Servers
© 2015 IBM Corporation
Supported Operating Systems
Fixed Configuration
Helpful LinksBare Metal Server page on softlayer.com(select Hourly tab)Bare Metal Server topic page on KnowledgeLayerSet up a Bare Metal Server on KnowledgeLayer
Operating System Hourly Availability Monthly Availability
CentOS 5 (32-bit) X X
CentOS 5 (64-bit) X XCentOS 6.0 (32-bit) X XCentOS 6.0 (64-bit) X XFreeBSD 10.x (32-bit) X XFree BSD 10.x (64-bit) X XFreeBSD 9 Latest (32-bit) X XFreeBSD 9 Latest (64-bit) X XUbuntu 14.04 X XVMWare ESXi 5.5 X XRed Hat Enterprise Linux 5 (32-bit) with per-processor licensing XRed Hat Enterprise Linux 5 (64-bit) with per-processor licensing XRed Hat Enterprise Linx 6 (32-bit) with per-processor licensing XRed Hat Enterprise Linux 6 (64-bit) with per-processor licensing XWindows Server 2008 Enterprise Edition SP2 (32-bit) X XWindows Server 2008 Enterprise Edition SP2 (64-bit) X XWindows Server 2008 R2 Enterprise Edition (64-bit) X XWindows Server 2008 R2 Stanrdard Edition (64-bit) X XWindows Server 2008 R2 Web Edition (64-bit) X XWindows Server 2012 R2 Standard Edition (64-bit) X XWIndows Server 2012 Standard Edition X X
Use CaseBatch Anaytics or ProcessingSoftware certify an application on a HW configPerformance Testing
Fixed Configuration
© 2015 IBM Corporation
High Performance Computing with GPUs
NVidia K10 TeslaMaximum 2 Cards per 3u ServerPurpose Built GPGPUCuda Parallel Computing2 X Kepler GPUs (GK104)3072 Nvidia Cores (1536 per GPU)8 GB GDDR5Use Cases
− General Purpose GPU – HPC− Hundreds of applications accelerated − Computational Chemistry− Computational Finance− Fluid Dynamics− Medical Imaging− Weather and Climate− Machine Learning
UpgradesDual-path network connections up to 10GbpsBandwidth pooling for two or more severs on an accountUnlimited Public Network bandwidthProvisioning with private network only connectivity (public network ports shut down at time of initial configuration)2nd GPU CardUp to 8 internal HDDs with choice of SATA, SAS or SSD
NVidia K2 GRIDMaximum 2 Cards per 3u ServerRemote Visualization/ 3D RenderingVirtualization of GPU Functionality2 X Kepler GPUs (GK104)3072 NVidia Cores (1536 per GPU)8 GB GDDR5Can be used for GRID Gaming with updated driver from NVidiaUse Case: Network delivered GPU acceleration for Gaming,Virtual Desktop and Cloud Application
Helpful LinksNVidia Grid Virtualization for Enterprise on NVidia.comNVidia GRID for Gaming: on Nvidia.comHigh Performance Computing with Tesla on Nvidia.comGPU Applications by Domain on Nvidia.com
© 2015 IBM Corporation
Self-managed virtualized environmentsAvailable Hypervisors
Citrix Xen− Extensive API− Features include XenMotion, HA, AWB,/HPM − Licenses per server directly from Citrix
Microsoft Hyper-V− API Available (WMI)− Features include Live migration, host clustering for free− SL offers Hyper-V with Datacenter Edition− No Per VM fee
VMware− Extensive API (VIX API)− Extensive management tools− Features include vMotion, Storage Motion, DRS, PM (based on license)− SL licenses per RAM reserved for VMs
Virtuozzo− OS Virtualization, Para Virtualized− Guest OS must be based on primary OS− VM’s created at the OS Level
© 2015 IBM Corporation
FeaturesGoverned by Scale Manage privilege. Groups may be given unique names for quick identification. Groups assigned to regions, then narrowed to data centeror VLAN.Member counts capped by max and min, with optional desired member count to immediately scale the groupto the desired count. Assets used for metric collection by monitoring robots to trigger scaling policies. Up-to-date group status indicates scaling activity for the group in real time. Optional VLAN integration with multi-VLAN supportOptional Load Balancer integration when LB already exists and is identified when building the Auto Scale Group.
Scalable TriggersBased on time, CPU utilizationBandwidth levels coming in or out of the device. The CPU and bandwidth scaling methods utilize monitoring agents to trigger policies.Optional cool down may be added to any policy to minimize false triggers
Management DetailsCreate Auto Scale Groups, Policies and CooldownsMonitor the status of scaling group and activitiesEdit the scaling groups, policies and triggersDelete a group and cancel all associated membersGrant or revoke Auto Scale privileges for sub-users through “Scale Manage” privilege
How it worksGroup > Policy > Trigger format.Group consists of one or more policies with optional triggers and cool down periodsPolicies indicate scaling actions and are invoked by triggers.Triggers are conditions that may be satisfied once, recurring or by monitored resource..
Helpful LinksAuto Scale with SL APIAuto Scale on KnowledgeLayer
Auto Scale
© 2015 IBM Corporation
Local / Server Disk Software Defined Storage
High-capacity bare metal servers with up to 36 drives per server, options include:
− SATA: cost effective storage up to 6TB drives, typical use cases are for file servers
− SAS: highest performing spinning disks up to 600GB per drive, suitable for a variety of uses
− SSD: highest performing local disk option with up to 800GB per sold state disk
QuantaStor (OSNEXUS)− iSCSI SAN and NAS access − Installed on Bare Metal with local disks− Customer controls all aspect of storage (design/build your own
storage solution)− Single tenant environment− Supports thin provisioning, I/O optimization, replication, encryption,
compression, HA via CEPH and GlusterFS, etc.
Endurance Storage Performance Storage
Highly durable and resilient enterprise grade storage iSCSI block level access (HA connectivity via MPIO) File level access – NFS (HA connectivity via routed TCP/IP) Volume sizes ranging from 20GB to 12TB IOPS tiers - 0.25 IOPS/GB (low I/O), 2 IOPS/GB (general purpose), 4
IOPS/GB (high intensity - ~49K IOPS w/ 12TB LUN) Can stripe across LUNs to achieve larger volumes and IOPs Allows for concurrent access from multiple servers (e.g. clustered
databases) Optional (hourly, daily, weekly) snapshot and replication (across data
centers)
Highly durable and resilient enterprise grade storage iSCSI block level access (HA connectivity via MPIO) File level access – NFS (HA connectivity via routed TCP/IP) Volume sizes ranging from 20GB to 12TB IOPS ranging from 100 to 6,000 Can stripe across LUNs to achieve larger volumes and IOPs Ideal for most applications requiring predictable levels of performance
FTP / NAS Object Storage
Scalable file level storage Ideal for managing and sharing data between systems (e.g. archival,
backups, and less frequently accessed files) No replication options
Dynamic, pay-as-you-go pricing Ideal for archive, backups, streaming media, web and static
content delivery Searchable, taggable Replicated across at least 3 servers within each data center Accessible via Customer Portal or REST API (integrated with CDN –
delivered via Edgecast)
Storage
© 2015 IBM Corporation
EVault Idera
Backs up data at file system level (file level) Web console for each agent “Set-and-Forget” configuration (hourly, daily, weekly,
custom) Only accessible from SoftLayer servers Back-ended by enterprise grade storage managed by
SoftLayer Data can be encrypted and compressed in transit and
at rest Multi-site backup optional
Disk to disk backup solution (block level) Software installed on Bare Metal server with internal disks Agent based; first backup is a full backup with incremental
forever after; each new backup is a recovery point (daily, weekly, monthly, etc.)
Accessible from non-SoftLayer servers Single tenant, customer-controlled environment Single interface for all backups and devices including self-
managed VMs Data can be encrypted and compressed Multi-site backup optional
Storage Bring Your Own Most of the SoftLayer storage offerings (e.g. QuantaStor,
NAS, Endurance Storage and Object Storage) can be utilized as backup storage
Use the servers and storage provided by SoftLayer to build/bring your own backup solution, for example Tivoli Storage Manager including TSM Node Replication,Veeam, etc.
Backups
© 2015 IBM Corporation
Network Components at SoftLayer
Generic Network Layout Loadbalancers Firewalls Gateway: Vyatta
© 2015 IBM Corporation
Data Center & Network Point of Presence
Network Point of Presence
India
China
Hong Kong
Singapore
MelbourneSydney
Tokyo
Seattle
San Jose
Los Angeles
Mexico City
Houston
Denver
Miami
AtlantaWashington D.C.
MontrealChicago
London
Frankfurt
Paris
Amsterdam
Brazil
New York City
Toronto
Dallas
CMS Data Center
The expanding global cloud footprint offers you access to our infrastructure choices through 40 data centers and network pointsof presence for improved global reach and performance
40 data centers worldwidein 15 countries and five continents globally – connecting CMS locations to SL locations
Geographically dispersed points of presence (PoPs)bring connectivity to our carrier-grade netwoark backbone closer to the end user
These PoPs, combined with over 2,000 Gbps connectivity between our data centers around the world, can deliver exceptional bandwidth and connectivity
© 2015 IBM Corporation
Triple-network architecture
High-performance public network with transit from multiple tier-1 carriers
Secure OOB management via VPN
Private network for intra-application and inter-facility communications,
access to shared services
Native IPv6 support
Virtual racks for integrated management
Complete suite of network services
© 2015 IBM Corporation
SoftLayer Network Overview
Network Details
© 2015 IBM Corporation
SoftLayer® IP backbone: Looking Glass offering SoftLayer Looking Glass is an interactive resource that is available to the public. Looking Glass can be used to test latency between SoftLayer data
centers, and between a router location and target address, subnet or hostname. Latency tests between a location and its target are conducted using a variety of methods, including ping and traceroute commands. Users can also
test network latency through a variety of test downloads based on size and data center location. Users operate Looking Glass under the premise that only manual queries will be made.
SoftLayer Looking Glass is available at http://lg.softlayer.com/
Network Planning
© 2015 IBM Corporation
Local Load BalancersMultitenantProxy Connections – traffic passes through load balancer for the duration of the connectionSingle Virtual IP (VIP)Pricing based on connections per secondUp to Layer 4 load balancingSSL Offloading optionalIdeal for fewer than 5000 connections/secondNo high availability optionPublic network traffic only
Dedicated Load Balancers with SSLSingle TenantProxy ConnectionsSingle VIP, with additional VIPs available by requestHigh availability optional (at additional fee)Up to Layer 4 load balancing2600 <15,000/sec connections; 6600 < 100000/secPublic network traffic only Helpful Links
Load Balancing Topic Page in KnowledgeLayerGlobal Load Balancing Options in KnowlegeLayerNetScaler VPX Data Sheet (Citrix)
NetScaler VPXManaged in GUIUtilizes static or portable IP addressesHigh Availability Optional (at additional fee – 2x cost)Up to Layer 7 load balancingDatabase balancingGlobal Load Balancing (GSLB) option requires Platinum LicensePublic and Private Network traffic
NetScaler MPXFeatures similar to VPXManaged in GUIPublic and Private Network trafficHigh Availability Optional (at additional fee – 2x cost)Requires approval from networkingRacked on available COD rackFor customers that want full control and connections over 100000/secDifferent prices for different versions
Load Balancers
© 2015 IBM Corporation
Standard Single Server Firewall (Multitenant)Secure single serverManaged via portalControl inbound rule set
Quick Comparison
Pricing
http://www.softlayer.com/firewalls
Dedicated Fortigate Security ApplianceHA optionSecures all servers in a single VLANGUI console accessControl inbound/outboundApplication Layer scanningNeed to be ordered separately1Gbps firewall with redundant links
Secure 1or more VLANs
Traffic control
High Availability
Portal access
Standard firewall
Single server
Inbound only
N/A
Dedicated firewall
Single public VLAN
Inbound only
Active/Passive
Fortigate appliance
Single public VLAN GUI
Console
Vyatta Gateway GUI
Console
Firewall Quick Reference Guide
Gateway: VyattaHA options Secures multiple VLANs in the same server room (private network)GUI console accessControl inbound/outbound
Dedicated Hardware Firewall (Single tenant)HA option (Active/Passive)Secures all servers in a single VLANManaged via portalControl inbound rule set
© 2015 IBM Corporation
Overview:Customer configurable routing devicePlaced in front of customer specified VLANs Servers on that VLAN route through the Vyatta Gateway Appliance as the first network hop.Configured to do almost anything that can be done with a Cisco ASA or Juniper device such as routing, NAT, Firewall, Logging, and VPN termination
Use Cases: VPN Termination via the Public Network: Support for IPSec VPN, SSL-VPN, and GRE can extend customer’s corporate network.NAT Based Configurations
− Allow access “private network only” devices. Robust Firewall Requirements
− Stateful packet inspection, reporting, traffic monitoring can all be accomplished
Multi-Tiered Networking − DMZs, or the ability to separate servers on separate VLANs
Greater Control
Gateway: Vyatta
© 2015 IBM Corporation
CDN BasicsSoftLayer partners with Edgecast for all Content Delivery services.As of July 2014 Edgecast routes content through 44 geographicallydiverse nodes.Charged on a per GB basis for bandwidth.Offer standard and SSL delivery options
Global Standard vs Global PremiumGlobal Standard is the default for most CDN services. Delivers from SoftLayer POPs around the globe.Global Premium is required for premium transit routes, including Vietnam, Malaysia, Philippines, Korea, and other Asia-Pacific countries.
HTTP Large Object vs HTTP Small ObjectHTTP Large Object
− Videos and Objects over 300k − Utilizes SSD for storage− Delivers peak performance and fast start times
HTTP Small Object− Designed for objects under 300k− Delivers content directly from RAM− Ideal for HTML, CSS, Java
CDN
© 2015 IBM Corporation
Monitoring BasicsClients must configure monitors and alerts on each device or account.Automated monitoring tickets are customer facing only.
Additional Monitoring OptionsAutomated Reboot from Monitoring: Monitoring system automatically reboots the server when a monitoring alert is issued.24/7/365 NOC Monitoring: A personal notification will be sent in the event a monitoring alert is issued.
TCP MonitoringComplimentary TCP includes PING monitoring only.
− Default setting:• Public IP with 0 second delay• Recommended that clients update default to avoid
false positives.− Advanced TCP Options (additional fee)
• DNS: Generic NSLOOKUP on address• DNS Custom: NSLOOKUP on specific domain• FTP: FTP connection on Port 21• HTTP: HTTP connection on Port 80• HTTP Custom: HTTP connection on Port 80, with check
for given response text• HTTPS: HTTP connection on Port 443• IMAP: IMAP connection on address• LDAP: LDAP connection on address• NNTP: NTTP connection on address• POP: POP connection on address• SMTP: SMTP connection on address• SSH: SSH connection on Port 22• TCP Custom: TCP connection to specified port• TELNET: TELNET connection on Port 23• UDP SIP: UDP connection to specified port
Nimsoft MonitoringBasic Monitoring: Hardware and OS
− CPU, Disk, and Memory− Process− Remote System and Windows Services
Advanced Monitoring: System Health− DHCP− File Checking− LDAP− Mounted File Systems− NTP− Network Traffic− Performance− SNMP
Premium Monitoring: Application− Apache− DNS− Email− IIS− MSSQL− MYSQL− TomCat
Monitoring
© 2015 IBM Corporation
SoftLayer API at a glance
SoftLayer [main] API Version 3.0 API provides 2,200 function calls to over 180 services
Supports REST, SOAP & XML-RPC interfaces
Clients implemented in C#, Perl, PHP, Python, Ruby, VB .Net, command line Python client
Is a major direct source of revenue
Accessible from mobile devices as well
To begin using the API:Enable the API use from Customer Portal
Create unique secret API key
Authentication based on user and API key
Choose language client library
Basic Concepts: Endpoint (public or private)
Service (e.g. Account, Storage..)
Method or Action (e.g. getUsers())
Data Types (String, boolean, int and Complex)
Properties (local, relational, count)
Result limits (rows filtering)
Object Masks (properties filtering)
Object Storage API: Based on OpenStack Swift
REST-based
Clients: Java, Ruby, PHP, Python
Supports Containers and Objects
Content Delivery Network integration
Search integration
Message Queue API: REST-based
64k max
Key/value pair message fields
Clients: C#, Java, Ruby, PHP, Python
Supports Topics, Topic Tags, Subscriptions
Persistent via Cloudant data layer
© 2015 IBM Corporation
Support Levels24x7 support via phone, chat, and ticket
Level 1 Support (CST)− Frontline support team− Handles common client issues− Escalates complex issues to Level 2 Support
Level 2 Support (CSA)− Escalation team− Handles complex client issues− Highly certified in a variety of systems
Managed Hosting− MySQL and MSSQL Database Administrators− Systems Administrators− Handles various tasks, including:− Patching− Backups− Implementation− Monitoring
Support
Self-Enabled SupportAutomation built-in to Customer Portal
API available to authorized users on each account
NotificationsEvent Subscriptions
− Unplanned Incidents (UIP)− RAID Alerts− Configured through Customer Portal
Attributes− Internal configuration− Sends notifications when created or moved− Supported by Level 1, Level 2, and Hardware Groups− Multi-Customer Schedule Maintenance− DDOS Mitigation− Includes all Managed Hosting tickets− Billing Tickets
Cloud IBM SoftLayer
© 2015 IBM Corporation
Thank You!
© 2015 IBM Corporation