Campus Virtualization Update

farrierlimpingInternet και Εφαρμογές Web

31 Οκτ 2013 (πριν από 3 χρόνια και 5 μήνες)

47 εμφανίσεις

Campus Virtualization Update

Laurie Collinsworth

1/25/2012

CIT’s Managed Servers



2

0
200
400
600
800
1000
1200
1400
Jun07
Dec07
Jun08
Dec08
Jun09
Dec09
Jun10
Dec 10
June 11
Dec 11
Physical to Virtual Comparison

Physi cal
VM's
Campus Virtualization Initiative started in April 2011

• Increase in
VM’s

since April 2011 is 386, ~50/month

• Decrease in Physical servers since April is 38, ~5/month


~ 50 retirements


~ 15 new servers (
eg
. Oracle RAC, Email routers, FIM)

Blade Center in Rhodes Hall

CIT’s
Virtualization Progress


Identity Management


59
VMs
, all Extra Tier


Virtualized Apps:


AD
Cerificate

Service


Quest Migration


Radius


Kproxy/WebDAV


Enterprise Directory


Permit Service


Web Services


Cold Fusion Hosting


180
VMs

for CF9


Redundant load balanced (
eg:cornell.edu

on 8
VMs
)


55 websites, 78 test and dev sites


Kuali


60
VMs
, multiple
JVMs

per VM


Horizontal scaling


Black Board


14
VMs

for Version 9


Architecture
stress tested before each new release


Kronos


12
VMs


LAMP Hosting


50
VMs

for LAMP 2.0



3

CIT’s Moves to Cloud (Software as a Service)


Current cloud apps


Gmail


Box.net

(pilot)


Campfire (CIT incident response)



Planned migration


OnDemand

Remedy


WorkDay


CIT effort/time tracking (internal)



Investigations


As applications are designed or upgraded,
time is taken to see if
SaaS

or out
-
sourcing
is a viable option.


4

Hurdles to Virtualization


AD Migration
-

in progress


Licensing


cost factor, OS level requirements


Services scheduled to be retired or replaced


Mainframe printing


Oracle
WebLogic



Prioritizing of Staff to migrate applications


Typically applications are upgraded as servers are replaced,
not all at once.


Consultants configure applications and leave.


Staff reassignments or reductions



5

Non
-
supported Applications


Hyper
-
V,
Xen

Desktop, ESX


Domain Controllers, DNS, DHCP


VPN, Firewalls, network scanners


Cpanel

and other system and network
management software


Virtual appliances


Grey area: User “landing” machines really need
a separate security level within the datacenter.
(
eg
: logging onto a server to run user apps such
and mail and browsing the internet)

6

Enablers for Virtualization


AD Migration


in progress


VM typically faster if physical server >2 yrs old


Self
-
serve VM provisioning


Self
-
serve CNAME creation


Monitoring and Reporting


Projects for PCI & off
-
site DR


Documentation

7

Self
-
Serve for Service Groups


Available since Oct 12, 2011


8 Service Groups configured


CIT

Infrastructure, Facilities, Forest Home, Library


SAS, CALS, Arts & Sciences, COECIS


30 authorized requestors


63 provisioned
VMs

(50 Windows, 13 Linux)


https://vmselfserv.serverfarm.cornell.edu/


http://sysdocs.cit.cornell.edu/twiki/bin/view/Docu
mentation/VmSelfServForCustomers



8

Self
-
serve Configurations


Pre
-
configuration for Service Groups


Service group, authorized requestors, approvals


Predefined projects, accounts, destination networks


Network size, network firewall, load balancer,
ACLs


Default server administrators, local firewall


Windows: default Active Directory OU and domain
-
based policies


Linux: default
Cfengine

class and SFAM
role(s
).


Predefined name: sf
-
agoit
-
001.serverfarm.cornell.edu


Web page options:
vCPU
, Memory,
filespace
, C4C

9

New DNSDB feature


Available since Nov 10, 2011


Netadmins

of a DNS domain name can create
CNAMES without owning the target name or IP
space.


http://dnsdb.cit.cornell.edu/dnsdb
-
cgi/batch.pl


addcname

myfiles.cals.cornell.edu

sf
-
agoit
-
001.serverfarm.cornell.edu


addcname

myotherfiles.cals.cornell.edu

cloudhost001.providor.com



10

Monitoring and Reporting


From the ground up we monitor:


Power and cooling


Key
-
card door access


SAN storage arrays and network equipment


Ethernet network equipment


HP Chassis, blades, temperature


VMware environment (ESX hosts)


OS level environment (CPU, Memory, I/O,
filesystem

usage)


Registered applications (web, db,
ldap
, etc)


11

Foglight

monitors
Vmware

Opsview

monitors the OS level parameters and handles traps

Projects for PCI and off
-
site DR


PCI hardware in
-
house and racked


Geneva router to be upgraded


DR hardware in design phase


14

http://www.it.cornell.edu/cms/services/managed_servers/options/vmware/index.cfm

http://
www.it.cornell.edu/cms/services/managed_servers/faq.cfm

Resources


Infrastructure Virtualization Initiative


http://www.cit.cornell.edu/about/projects/virtual/

17