Anda di halaman 1dari 37

SoftLayer Fundamentals

Connecting to the Cloud SoftLayer Networking, Part 2

2014 IBM Corporation

Trademarks
IBM, the IBM logo, and ibm.com are trademarks or registered trademarks of International Business Machines Corp., registered in
many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of
IBM trademarks is available on the web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.
Intel and Pentium are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other
countries.
Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both.
Microsoft, Windows, Windows NT, and the Windows logo are trademarks of Microsoft Corporation in the United States, other
countries, or both.
Java and all Java-based trademarks and logos are trademarks or registered trademarks of Oracle and/or its affiliates.
CDNLayer, CloudLayer, KnowledgeLayer, RescueLayer, SoftLayer, and StorageLayer are trademarks or registered
trademarks of SoftLayer, Inc., an IBM Company.
Other company, product, or service names may be trademarks or service marks of others.
The information contained in this document has been submitted to any formal IBM test and is distributed on an as is basis
without any warranty either express or implied. The use of this information or the implementation of any of these techniques is a
customer responsibility and depends on the customer's ability to evaluate and integrate them into the customers operational
environment. While each item may have been reviewed by IBM for accuracy in a specific situation, there is no guarantee that the
same or similar results will result elsewhere. Customers attempting to adapt these techniques to their own environment do so at
their own risk.
Copyright International Business Machines Corporation 2014. All rights reserved. This document may not be
reproduced in whole or in part without the prior written permission of IBM. Note to U.S. Government Users Documentation
related to restricted rights Use , duplication or disclosure is subject to restrictions set forth in GSA ADP Schedule Contract with
IBM Corp.
2

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

2014 IBM Corporation

Meet your speakers

Jody Cefola is the SoftLayer Channels Integration leader focused on


partner enablement from IBM. Jody had 10 years in channel development
and execution working with all types of partners and international
experience with channel execution in Europe and Asia Pacific.

Steven W. Schiffer is an advisory architect for the IBM Global Technology


Services (GTS) Global Cloud Ecosystem team. Steven has more than five
years of experience with IBM cloud architecture (both private and public
infrastructures). He holds a Masters of Science in IT Management from the
University of Texas at Dallas and a bachelors degree in Computer Science
from the University of North Texas.

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

2014 IBM Corporation

Your cloud strategy is your business strategy


Pacesetters use cloud to surface insights from data. They reimagine business
models, make better decisions and serve customers in new ways to create winning
business outcomes.

Almost

Nearly

2x

2.5x

the revenue growth

higher gross profit


growth than peers

With so much at stake, you don't want just any cloud


Source: IBM Center for Applied Insights Under cloud cover: How leaders are accelerating competitive differentiation that surveyed
802 cloud decision makers and users, spanning 13 countries and 24 industries.

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

2014 IBM Corporation

Tap into SoftLayer. Leverage significant investment to build


skills starting with SoftLayer Fundamentals

7.6
#1
2.5X
7.6
66%
7.6

value for service channel partners has become technical


training1

Revenue growth for Business Partners who have embraced


cloud2

of CIOs who are reengineering IT plan to look for outside


help new skills, tools and capabilites3

Sources: 1. Forrester Research, Cloud Channel Trends, 2013 to 2014, February 2013, 2. IDC: Worldwide channel and alliances 2013 top 10 predictions, January 2013,3. IBM CIO
study, 2011,

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

2014 IBM Corporation

SoftLayer Fundamentals is a series of technical webinars to


provide knowledge on the capabilities to help build solutions
Webinar
Date

Topic #

Topic

February 25

Changing the landscape, not the definition - SoftLayer overview

February 27

One size does not fit all Defining the SoftLayer cloud architecture

March 4

Connecting to the cloud SoftLayer network options, part 1

March 6

Connecting to the cloud SoftLayer network options, part 2

March 11

Keep safe Securing your virtual instances

March 13

Storing your data Understanding SoftLayer storage options

March 18

Flexible and on demand Understanding SoftLayer managed services

March 20

You cant manage what you dont monitor SoftLayer management and
monitoring

March 25

Evaluating cloud providers - Leveraging SoftLayer differentiators

For general SoftLayer overview presentations


Lance Crosby, SoftLayer CEO, main tent at IBM PWLC: http://www.youtube.com/watch?v=t9h2cXwcUvA
Grow your cloud business - leveraging the IBM acquisition of SoftLayer:
https://engage.vevent.com/rt/ibm~1017?token=NTU2MTY1MjY0MDAxMjExMDgxN0NIRUNLX0RBVEVfQU5EX0VOVFJJ
RVNfQ09VTlQ
Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

2014 IBM Corporation

Connecting to the cloud SoftLayer Networking Part 2


Upon completion of this webinar, you should be able to:
Understand load balancing
Know the difference between global and local
balancing
Order a local and a global load balancer
Configure services in a local load balancer
Understand the different SoftLayer firewalls
Understand IP addresses in SoftLayer
Using SoftLayers Domain Name Service
Interfacing with SoftLayer VLANs

77

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Balancing data with SoftLayer local load balancer


In this topic, you will learn about
VIP options for load balancing
Various balancing methods

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Balancing data with SoftLayer local load balancer


The SoftLayer local load balancing is based on Array Networks and utilizes industrystandard techniques. These techniques include round-robin, lowest latency, least
connections, shortest response, and IP persistence to balance traffic among two or more
servers. Local load balancing can be activated and configured in real-time, with servers
added to or removed from the balancing pool on-demand with little or no downtime.
Be

aware of the following regarding local load balancing:


Public network VLAN load balancing only.
Local load balancing is limited to Layer 4.
No console access; managed through the Customer Portal.

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Selecting VIP options

VIP
connections
per second

Common (shared) load balancing


deployment
Only one virtual IP address provided:
250 VIP connections per second
(with SSL option)
500 VIP connections per second
(with SSL option)
1,000 VIP connections per second
(with SSL option)
2,500 VIP connections per second

Dedicated load balancing deployment


Up to eight virtual IP addresses:
15,000 VIP connections per second
with SSL only
100,000 VIP connections per
second with SSL only

10

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Balancing methods
The local load balancer utilizes round robin, shortest response, least connections,
and consistent hash IP as methods to balance traffic among two or more servers in a
data center.

SoftLayer data center


Round
robin

VIP
connections
per second

Shortest
response
Least
connections

Local
load
balancer

Consistent
hash IP

11

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Routing to servers

SoftLayer data center


Round
robin

VIP
connections
per second

Shortest
response
Least
connections

Local
load
balancer

Consistent
hash IP

12

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Balancing data with SoftLayer global load balancer


In this topic, you will learn about
Examples of global load balancing
configurations
VIP options for global load balancing
Various balancing methods
Citrix NetScaler load balancer

13

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

SoftLayer global load balancer


The SoftLayer global load balancer is based on F5 Networks and allows you to load
balance your websites between servers in different physical data center locations. By
using an Anycast DNS system, the global load balancer is capable of providing highly
redundant DNS resolution to clients as well as direct clients to the optimal data center site
relative to location.
Be aware of the following regarding global load balancing:
No console access; managed through the Customer Portal.
Anycast DNS system is capable of providing redundant DNS resolution to clients and
directing clients to data center sites relative to location.
Global load balancing is limited to Layer 4.
Servers are added to or removed from the balancing pool on demand.

14

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Configuring examples
Below are two examples of how the configure the global load balancer simple and
complex.
Example

15

Simple configuration

A simple configuration of the global load balancer consists of two


servers in two different locations. With geography-based load
balancing, users are directed to the data center location to which
they are closest. In the event of a failure of either server, traffic is
directed to the remaining server.

Complex
configuration

A complex configuration of the global load balancer consists of


the global load balancer connecting to multiple local load
balancers at each physical location, with an additional fallback
location available in the event all sites fail.

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Selecting VIP options

VIP
connections
per second

16

Deployment options:
50 VIP connections per second
100 VIP connections per second
200 VIP connections per second
500 VIP connections per second
1,000 VIP connections per second

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Balancing methods
The global load balancer utilizes weight round robin, geography, round robin, and
failover as methods to balance traffic among two or more servers in one or more data
centers.

Resides in
all SoftLayer
data centers
and PoPs

Weighted
round robin

VIP
connections
per second

Geography
Round
robin

Global
load
balancer

Failover

17

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Routing to servers

Resides in
all SoftLayer
data centers
and PoPs

Weighted
round robin

SoftLayer data center 1

VIP
connections
per second

Geography

Round
robin

Global
Load
balancer
SoftLayer data center 2

Failover

18

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Using the SoftLayer Citrix NetScaler load balancer


The SoftLayer Citrix NetScaler load balancer is a web application delivery appliance. It is
designed to accelerate application performance, and ensure application availability and
protection while substantially lowering costs.
Citrix NetScaler load balancer is
Available for deployment in both public and private networks in SoftLayer.
Only option to load balance non-public network-facing servers and virtual instances.
Allowed up to, and including, Layer 7.
Includes 5 TB of public outbound bandwidth and unlimited private network bandwidth per
device.

The deployment options for Citrix NetScaler Standard and Platinum Editions are
10 Mbps, 200 Mbps, and 1 Gbps.
One, two, four, eight, or 16 public IP addresses.

19

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Using the SoftLayer Citrix NetScaler load balancer (cont.)


Standard Edition
TCP buffering
TCP multiplexing
SSL offload and
acceleration
Client and server TCP
optimizations
L4 DoS defenses
Layer 7 content filtering
HTTP rewrite
URL rewrite
Citrix Access Gateway
Layer 4 load balancing
Layer 7 content
switching
AppExpert rate controls
IPv6

20

Platinum Edition
TCP buffering
TCP multiplexing
SSL offload and
acceleration
Cache redirection
Client and server TCP
optimizations
Citrix AppCompress for
HTTP
Citrix AppCache
L4 DoS defenses
Layer 7 content filtering
HTTP rewrite
URL rewrite

Citrix Access Gateway


Layer 7 DoS defenses
NetScaler Application
Firewall
Layer 4 load balancing
Layer 7 content
switching
AppExpert rate controls
IPv6
Global server load
balancing
Surge protection
Priority queuing

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Setting up firewalls in SoftLayer


In

21

this topic, you will learn about


Managed firewalls
FortiGate security appliance
Vyatta gateway appliance

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Working with SoftLayers managed firewall


SoftLayers hardware firewalls utilize the Fortinet FortiGate 300 Series firewalls. You
select from a dedicated hardware firewall or a standard hardware firewall based on your
need.
Dedicated firewalls protect one, multiple, or all servers that share the same VLAN for
the highest assurance of uptime.
Standard firewalls provide individual servers an additional layer of server security.
The firewalls are provisioned on demand without service interruptions.

22

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Working with SoftLayers managed firewall (cont.)


Dedicated hardware firewalls

Standard (shared) hardware firewall

Deployment options:
1 Gbps dedicated
1 Gbps dedicated with high availability

Deployment options:
10 Mbps
100 Mbps
1 Gbps

Protect an entire defined VLAN.


Designed rules to be applied to entire

Applied to individual servers (dedicated

VLAN or to single servers in defined


VLAN.

Managed through customer portal and


API.

Provides firewall, anti-virus, and


intrusion prevention.

server or CCI)

Designed rules for all IPs assigned to


designated server or for a single IP
address on the server

Managed through Customer Portal and


API

Provides firewall and anti-virus based


security.

23

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Using the FortiGate security appliance


The deployment options for the FortiGate security application are single deployment or
high availability.
The hardware is the same as the SoftLayer managed hardware firewall offering
(FortiGate 300 series).
There is direct access to the FortiGate's console and native management tools. The
console and tools provide complete, granular control over advanced firewall and security
features. These security features include anti-virus, intrusion detection, intrusion
prevention, and VPN capabilities (IPSec, PPTP, and L2TP).

24

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Using the Vyatta gateway appliance


The Vyatta gateway appliance is designed to allow for advanced network routing and
configuration of a portion of or the entire account for a customer in SoftLayer.
Deployment options

25

CPU

RAM

Disk configuration

Disk options

Xeon Quad Core 1230 3.2


Ghz
Xeon Quad Core 1270 3.4
Ghz

4 GB
8 GB
12 GB
16 GB
32 GB

JBOD
RAID 0
RAID 1
RAID 5
RAID 10

SATA
SATA 10K
SCSI 10K
SCSI 15K
SSD

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Using the Vyatta gateway appliance (cont.)


Capabilities:
IPSec VPN tunnels
NAT
Firewall services
Router services
All Vyatta capabilities can be managed through either the SSH shell CLI or by connecting
to the Vyatta Network OS GUI via the SoftLayer VPN and private IP address.

Note: A customer may not have a


SoftLayer shared or dedicated firewall
service and a Vyatta network gateway
device assigned to the same VLAN.

26

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Establishing additional IP address blocks


In this topic, you will learn about SoftLayer IP
addresses.

27

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Understanding IP addresses in SoftLayer


Each SoftLayer server (virtual or bare metal) comes with one primary IPv4 address.
Additional IP blocks are available in quantities of one, two, four, eight, 16, or 32.

28

IP block type

Description

Static IP block

A block of IP Addresses that are routed directly to a specific IP on


the network.

Portable IP block

Any IP block that can be used on multiple servers within a single


VLAN concurrently. Portable IP address are switchable within a
VLAN from server to server. There are two types of portable IP
blocks:
Routed to VLAN is a static IP block that is routed to an entire
VLAN rather than a specific IP address. This IP block provides
the customer access to all IPs within the block.
Secondary to VLAN is designed to be used within a virtual
environment. It requires that the network, gateway, and
broadcast IPs be bound directly to the VLAN rendering these IPs
unusable by the customer. This block is used in conjunction with
a virtual machine. (To have one usable IP address for a server
you need at least four IP addresses in a block.)

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Understanding IP addresses in SoftLayer (cont.)


Global IP's provide IP flexibility by letting users shift workloads between servers (even in
different data centers). Global IPs also provide IP persistence by allowing for transitions
between servers and virtual instances. This is a direct competitor to Amazon Elastic IPs,
without the limitation of being defined to a specific region.
Deployment options include:

29

Monthly charge per deployed IP address.

IP destination change through the customer portal or API commands.

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Using SoftLayers Domain Name System service


In this topic, you will learn about SoftLayers
Domain Name System offering.

30

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Using Domain Name System (DNS)


A customer has four options for using a named server with their SoftLayer infrastructure:
1. Use your (the customers) domain name registrar name servers to manage your (the
customers) domain names.

2. Use SoftLayer name servers to manage your domain names.


3. Use a third party DNS service to manage your domain names.
4. Run your own name servers on your server to manage your domain names.
SoftLayer DNS services:
Public option (SoftLayer manages the customers domain). Public name servers act
as authoritative name servers for domain names that reside in SoftLayer DNS
servers and are managed through Customer Portal. These servers "answer" and
"resolve" domain names to a companys IP address for the general Internet
population.

31

Private Network. Resolving name servers are located on the private network and act
as DNS resolvers for a customers server. The private resolvers slave from SoftLayer
public name servers so they are always up to date. This is a convenience service for
customers.
Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Describing a VLAN
What is a VLAN?
Virtual LAN (VLAN) is a networking concept in which network interfaces on different
routers, switches, and servers act as if they're on the same local network broadcast
domain.
How are VLANs used by SoftLayer?
SoftLayer servers are provisioned on private VLANs that are created per router (in a
data center) for the public and private networks. See the diagram below.

Public network

Private network
DC1

VLAN
1

VLAN
5
VLAN
4

VLAN
2
VLAN
3

DC2

32

DC3
VLAN
6

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Spanning

33

VLAN spanning is turned off by default.


VLAN spanning enables a server or virtual instance connection to multiple VLANs
and data centers on the SoftLayer private network.
IPs on the private VLANs in a customer account will be able to communicate once
spanning is enabled. There is no current discrete spanning separation.
Five minutes to 15 minutes to activate VLAN spanning.
Option is available to span private VLAN of two separate SoftLayer accounts.
Cost is $25 per account.

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Planning an advanced VLAN design


A customer can
segment their
provisioned
physical and
virtual servers
onto one or more
private VLANs.
Customer VLANs
across one or
more data centers
can be
interconnected via
the SoftLayer
private network.
Distributed denial
of service (DDoS)
protection is
provided on the
SoftLayer public
network via Cisco
Guard devices.

34

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Questions

?
35

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Recommended actions
Sign up for a free 1 month trial account:
http://www.softlayer.com/info/freecloud/skills100
Within 60 days, register as a SoftLayer
partner with a viable SL opportunity (time
frame, workload, configuration) at:
http://www.softlayer.com/partners/ibmpartners

36

Leading Edge

Trusted

Completely Free

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.

Attend other SoftLayer Fundamentals webinars or download


the replay and materials at your convenience
Webinar
Date

Topic #

Topic

February 25

Changing the landscape, not the definition - SoftLayer overview

February 27

One size does not fit all Defining the SoftLayer cloud architecture

March 4

Connecting to the cloud SoftLayer network options, part 1

March 6

Connecting to the cloud SoftLayer network options, part 2

March 11

Keep safe Securing your virtual instances

March 13

Storing your data Understanding SoftLayer storage options

March 18

Flexible and on demand Understanding SoftLayer managed services

March 20

You cant manage what you dont monitor SoftLayer management and
monitoring

March 25

Evaluating cloud providers - Leveraging SoftLayer differentiators

Please remember to download the glossary of terms


37

Copyright IBM Corp. 2014. All rights reserved.


Course materials may not be reproduced in whole or in part without the prior written permission of IBM.