Anda di halaman 1dari 20

Cloud Infrastructure and Services

Version 2
Lab Guide
October 2014

EMC2 PROVEN PROFESSIONAL

Copyright
Copyright 1996, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012
2013, 2014 EMC Corporation. All Rights Reserved. EMC believes the information in this publication is
accurate as of its publication date. The information is subject to change without notice.
THE INFORMATION IN THIS PUBLICATION IS PROVIDED AS IS. EMC CORPORATION MAKES NO
REPRESENTATIONS OR WARRANTIES OF ANY KIND WITH RESPECT TO THE INFORMATION IN THIS
PUBLICATION, AND SPECIFICALLY DISCLAIMS IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS
FOR A PARTICULAR PURPOSE.
Use, copying, and distribution of any EMC software described in this publication requires an applicable
software license.
EMC2, EMC, Data Domain, RSA, EMC Centera, EMC ControlCenter, EMC LifeLine, EMC OnCourse, EMC
Proven, EMC Snap, EMC SourceOne, EMC Storage Administrator, Acartus, Access Logix, AdvantEdge,
AlphaStor, ApplicationXtender, ArchiveXtender, Atmos, Authentica, Authentic Problems, Automated
Resource Manager, AutoStart, AutoSwap, AVALONidm, Avamar, Captiva, Catalog Solution, C-Clip,
Celerra, Celerra Replicator, Centera, CenterStage, CentraStar, ClaimPack, ClaimsEditor, CLARiiON,
ClientPak, Codebook Correlation Technology, Common Information Model, Configuration Intelligence,
Configuresoft, Connectrix, CopyCross, CopyPoint, Dantz, DatabaseXtender, Direct Matrix Architecture,
DiskXtender, DiskXtender 2000, Document Sciences, Documentum, elnput, E-Lab, EmailXaminer,
EmailXtender, Enginuity, eRoom, Event Explorer, FarPoint, FirstPass, FLARE, FormWare, Geosynchrony,
Global File Virtualization, Graphic Visualization, Greenplum, HighRoad, HomeBase, InfoMover,
Infoscape, Infra, InputAccel, InputAccel Express, Invista, Ionix, ISIS, Max Retriever, MediaStor,
MirrorView, Navisphere, NetWorker, nLayers, OnAlert, OpenScale, PixTools, Powerlink, PowerPath,
PowerSnap, QuickScan, Rainfinity, RepliCare, RepliStor, ResourcePak, Retrospect, RSA, the RSA logo,
SafeLine, SAN Advisor, SAN Copy, SAN Manager, Smarts, SnapImage, SnapSure, SnapView, SRDF,
StorageScope, SupportMate, SymmAPI, SymmEnabler, Symmetrix, Symmetrix DMX, Symmetrix VMAX,
TimeFinder, UltraFlex, UltraPoint, UltraScale, Unisphere, VMAX, Vblock, Viewlets, Virtual Matrix, Virtual
Matrix Architecture, Virtual Provisioning, VisualSAN, VisualSRM, Voyence, VPLEX, VSAM-Assist,
WebXtender, xPression, xPresso, YottaYotta, the EMC logo, and where information lives, are registered
trademarks or trademarks of EMC Corporation in the United States and other countries.
All other trademarks used herein are the property of their respective owners.
Copyright 2014 EMC Corporation. All rights reserved. Published in the USA.

Revision Date: 10-17-2014


Revision Number: 1.0 MR-1CP-CISV2

EMC2 PROVEN PROFESSIONAL

Document Revision History

EMC2 PROVEN PROFESSIONAL

Rev #

File Name

Date

1.0

First Release

10/17/2014

This page intentionally left blank.

EMC2 PROVEN PROFESSIONAL

Table of Contents
COPYRIGHT..........................................................................................................2
DOCUMENTREVISIONHISTORY...........................................................................3
LAB1:CLOUDINFRASTRUCTURELAYERS..............................................................7
LAB2:SERVICEMANAGEMENTANDSECURITY...................................................13

EMC2 PROVEN PROFESSIONAL

This page intentionally left blank.

EMC2 PROVEN PROFESSIONAL

Lab 1: Cloud Infrastructure Layers

Purpose:

Toreinforcetheconceptspresentedinthelectureportionof
thecourse,module1throughmodule6.

Tasks:

Participantsarerequiredtoprovideasolutionforthe
deliverablesbasedonthegivenscenarioandrequirements.

References:

Module:IntroductiontoCloudComputing
Module:BuildingtheCloudInfrastructure
Module:PhysicalLayer
Module:VirtualLayer
Module:ControlLayer
Module:ServiceandOrchestrationLayers

EMC2 PROVEN PROFESSIONAL

Company Profile

Afinancialorganizationhas6000employeesandprovidesservicestomorethan20
millioncustomers.TodeliverITservicestoitsbusinessunits,theorganizationoperates
twodatacentersattwodifferentgeographiclocations.Thedatacentersruntheir
businessapplicationsonmorethan300physicalcomputesystems.Theinfrastructure
components(computesystems,networkdevices,andstoragedevices)are
heterogeneousinnature.Someoftheapplicationsareproprietary(developedin
housebytheorganization)andsomeofthemareofftheshelf.
Organizations Challenges

Overthepast10years,theorganizationhasmadeseveralstrategicinvestmentsto
builditsmarketshare.However,theorganizationisnowfacingachallengetocope
withthefastchangingdemandsofcustomersaboutservicesprovidedbythe
organization.Thesedemandsareforcingtheorganizationtodevelopanddeploy
severalnewapplicationsandmaketheservicesavailabletothecustomersrapidly.
Withthecurrentinfrastructure,rapiddeploymentofapplicationisverydifficult.The
utilizationofthecomputesystems,network,andstorageislessthan20percentofthe
availablecapacity.Also,deployinganewapplicationtakesalongtimebecauseit
involvespurchasingnewcomputesystems,installingsoftware,configuringnetwork
andstorage,andconfiguringsecurity.

Continued on next page

EMC2 PROVEN PROFESSIONAL

Deliverables

Theorganizationwantstotransformtheirexistingdatacentertocloudinfrastructure
toleveragethebenefitsofcloud.Theywouldliketobuildthecloudinfrastructureby
repurposingtheirexistinginfrastructure.Afterdeployingnewservicestothe
consumerstheorganizationisexpectingcloudbursttooccurfromtimetotime.They
donotwanttoinvestmoneyontheinfrastructuretoprovisionresourcestomeetthe
requirementsoftheoccasionalincreaseinthepeakworkload.
Theorganizationplanstodevelopseveralnewapplicationstooffernewservicesto
theircustomers.Theproprietaryapplicationprovidestheorganizationcompetitive
advantageandtheythereforewanttosetupanenvironmentforitontheir
infrastructure.Theyalsorequiretheenvironmenttoenabledevelopment,testing,and
deploymentofscalableapplicationsinanagilemanner.Theyalsowanttosetupan
environmenttodeploytheproprietaryandofftheshelfapplications.
Astheexistinginfrastructureisheterogeneousnature,theorganizationrequiresthe
abilitytoautomatetheprovisioningandconfigurationtasksbasedondefinedpolicies.
Theorganizationrequirestheabilitytodynamically,uniformly,andeasilymodifyand
managetheirinfrastructure.Also,theorganizationrequirestheabilitytodiscoverthe
availableunderlyingresourcesandprovidesanaggregatedviewoftheresources.

Continued on next page

EMC2 PROVEN PROFESSIONAL

Solution:

Theorganizationneedstodeploythevirtual,control,orchestration,andservicelayers
ontheexistingphysicallayertobuildthecloudinfrastructure.
Followingpointsdetailshowdifferentlayersandapproachaddresstheorganizations
challenges:
1. Deployingvirtuallayer:
a. Enablesimprovingtheutilizationofinfrastructurecomponents
i. WiththehelpofVMs,VLANs,VSANs,thinLUNsandsoon
b. Enablesrapiddeploymentofcomputesystemsforapplications
i. WiththehelpofVMtemplateandvirtualappliance
2. Deployorchestrationlayer:
a. Enablesautomatedprovisioningandconfigurationoftasksbasedon
definedpolicies
3. Softwaredefinedapproach:
a. Abilitytodynamically,uniformly,andeasilymodifyandmanagetheir
infrastructure
b. Abilitytodiscovertheavailableunderlyingresourcesandprovidesan
aggregatedviewoftheresources
4. Brownfielddeploymentoptionandintegratingbestofbreedcloud
infrastructurecomponents
a. Enablerepurposingtheirexistinginfrastructuretobuildthecloud
5. Hybriddeploymentmodel
a. Enableaccommodatingincreasedpeakworkloadthatmayoccurfrom
timetotime

Continued on next page

EMC2 PROVEN PROFESSIONAL

10

6. PlatformasaService
a. Enabledevelopmentandtestingofscalableapplicationsinanagile
manner
7. InfrastructureasaService
a. Enabledeploymentofproprietaryandofftheshelfapplications

End of Lab 1

EMC2 PROVEN PROFESSIONAL

11

This page intentionally left blank.

EMC2 PROVEN PROFESSIONAL

12

Lab 2: Service Management and Security

Purpose:

Toreinforcetheconceptspresentedinthelectureportionof
thecourse,Module8:SecurityandModule9:Service
Management

Tasks:

Participantsarerequiredtoprovideasolutionforthe
deliverablesbasedonthegivenscenarioandthe
requirements.

References:

Module:Security
Module:ServiceManagement

EMC2 PROVEN PROFESSIONAL

13

Scenario

Acloudserviceprovideruses50percentofitsdatacenterequipmenttosetupacloud
infrastructure.Theremainingequipmentisusedforinternaloperationsandfor
testing.Thecloudinfrastructureconsistsofahypervisorcluster.Aresourcepoolis
createdbyaggregatingtheavailableresourcesofthehypervisorcluster.Thecloud
infrastructureisusedtoprovidecomputeservices.Theservicesareallocated
necessaryprocessingpowerandmemoryresourcesfromtheresourcepool.
Thehypervisorclusteriscomposedof10identicalphysicalcomputesystems
containing2redundant(passive)computesystems.Thismeansthattheclustercan
absorbuptotwocomputesystemfailuresandcontinuetosupportallservicesatthe
samelevelofperformance.Theavailableprocessingpowerandmemoryperphysical
computesystemintheclusterisequalto19.2GHzand64GBrespectively.The
existingresourcesinthedatacentercanmeetcapacityrequirementofservicesin
shortterm.However,theprovidershouldprocureandprovisionadditionalresources
asrequiredtoavoidthecapacityissuesinfuture.Further,theproviderisconcerned
aboutsecurityattacksthatmaycompromisethehypervisorsrunningonthephysical
computesystems.Theprovidershouldtakecontrolmeasurestoprotectagainstsuch
attacks.

Continued on next page

EMC2 PROVEN PROFESSIONAL

14

Thecapacitymanagementprocessinaserviceprovidersorganizationisshowninthe
figure.Theprocesscomprisesseveralactivities,showninrectangularboxes.The
processalsoconsistsofconditions.Theyallowtheprocesstobranchintodifferent
directions,dependingonwhethertheconditionsaremetornot.
Given:Thethresholdsforoverutilizationandunderutilizationofresourcesare70
percentand40percentutilizationoftotalresourcecapacityrespectively.Theseare
usedtodeterminewhethertheresourcepoolisoverutilizedorunderutilized.

Continued on next page

EMC2 PROVEN PROFESSIONAL

15

Deliverables

EstablishtherequiredcapacitymanagementactivitiesmarkedbyX1andX2inthe
figureforbelowcases:
Case1:Processingpoweralreadyallocatedtoservicesfromtheresourcepoolis
equalto32.8GHzandmemorycapacityalreadyallocatedtoservicesfromthe
resourcepoolisequalto123GB
Case2:Processingpoweralreadyallocatedtoservicesfromtheresourcepoolis
equalto88.2GHzandmemorycapacityalreadyallocatedtoservicesfromthe
resourcepoolisequalto320GB
Listthecontrolmeasuresthatcanaddresstheproviderssecurityconcern.

Continued on next page

EMC2 PROVEN PROFESSIONAL

16

Solution for Case 1

Numberofcomputesystemsintheclusterisequalto10(8activeand2
redundant)
Totalprocessingcapacityofresourcepool=8*19.2GHz=153.6GHz
Totalmemorycapacityofresourcepool=8*64GB=512GB
Utilization(%)ofprocessingcapacityofresourcepool=(32.8/153.6)*100=21.4
%
Utilization(%)ofmemorycapacityofresourcepool=(123/512)*100=24%
Astheresourcesareunderutilized(<40%),activityX1needstobecarriedout
ActivityX1:
o Transfersomeoftheunderusedcomputesystemstoanother
environmentthatisunderresourced
o Reducethesizeofresourcepool,ensuringthatresourceutilizationis
withinthenormalutilizationlimits(>40%and<70%)

Continued on next page

EMC2 PROVEN PROFESSIONAL

17

Solution for Case 2

Availableprocessingcapacityofresourcepool=8*19.2GHz=153.6GHz
Availablememorycapacityofresourcepool=8*64GB=512GB
Utilization(%)ofprocessingcapacityofresourcepool=(88.2/153.6)*100=57.4
%
Utilization(%)ofmemorycapacityofresourcepool=(320/512)*100=62.5%
Although,resourceutilizationiswithinthenormalutilizationlimits(>40%and
<70%),enoughresourcesarenotavailabletosatisfythefuturedemandfor
capacity.Hence,activityX2needstobecarriedout.
ActivityX2:
o Determinecurrentcapacityreserves
o Establishcapacityconsumptiontrends
o Forecastfuturedemandforcapacity
o Planforprocurementandprovisioningofadditionalcapacity

Continued on next page

EMC2 PROVEN PROFESSIONAL

18

Solution for Security

Controlmeasurestoprotecthypervisorsagainstattacksare:
o Installsecuritycriticalhypervisorupdateswhentheyarereleasedbythe
hypervisorvendor
o Hardenhypervisor
o Accesstohypervisormanagementservershouldberestrictedto
authorizedadministrators
o Encryptnetworktrafficwhenmanagingremotely
o Deployfirewallbetweenthemanagementsystemandtherestofthe
network
o Rotateordeletelogfileswhentheyreachacertainsizetoprotect
againstdenialofservice

End of Lab 2

EMC2 PROVEN PROFESSIONAL

19

This page intentionally left blank.

EMC2 PROVEN PROFESSIONAL

20