Designed for High Availability
Fault
-
Tolerant Design
Shared Storage across 4 Nodes. Each Node:
▪
6 X 900GB SAS 10k RPM hard drives configured RAID 5 +
hot standby
▪
10Gbps interconnects (storage), 1Gbps (network)
Node Pairs
–
Storage shadowed on Pair
▪
Failure of Node
–
VM can be lit up on pair member that
is still live.
CPU
RAM
Storage (HD)
CPU
RAM
vm1
vm2
Storage (HD)
VHD
ghosted
vhd1
vhd1
vhd2
vhd2
vhd3
vhd3
vm3
1.
If Node 1 Fails
2.
HRE
Administrator
intervenes and
activates VM
on remaining
Node Pair
vm2
vm1
First Level
-
Live & Standby
VMs
–
VHD duplicated to
pair node
Storage available for guest
VM to backup to
Host Machine
V
M
V
M
V
M
V
M
V
M
Host Machine
V
M
V
M
V
M
V
M
V
M
Live and Standby
VMs
Guest VM backs up to Storage Facility
Initiated by Guest VM
–
NOT by Host/HRE
HRE
–
responsible for storage
–
not backup and
recovery procedure inside VM
Storage
facility
Host Machine
V
M
V
M
V
M
V
M
V
M
HRE Tenant VM
initiates backup at
Guest VM level
–
putting data into
Storage Facility at
HRE or other location
(Tenant choice).
@10Mbps
internet
Node
1
Node
2
Node
3
Node
4
Node
…
Node
…
…
VPN
Admi
n
Private LAN
Storage LAN
Bridge FW
Bridge FW
Node Pair 2
Node Pair 1
Node Pair <n>
Utility Servers
Internet
Public Network
IRCan
FW
Private
FW1
Private
FW2
VPN
endpoint
Web
Server
Database
Server
Tenant A
minicloud
SSC Infrastructure
–
Data Centre, Rack, Power, Network
HRE Infrastructure
–
Virtualization Fabric, Storage,
VLANs, VPN
Tenant Application
–
Servers (OS, Applications),
Network Devices, Administration
Administration
Monitoring
From the “ground up”
–
Layered
Infrastructure + HRE +
Tenant Application
ONLY Tenant
Application is C&A
eligible.
Large Dependency on
HRE
▪
Therefore, leverage
common information
for C&A Process on HRE
and SSC infrastructure.
Provide a flexible, upgradable, dependable, infrastructure that
Government departments can use to host applications and projects,
involving FLOSS applications and tools.
Provide the capability to implement each project
’
s security policy,
within the greater responsibilities of The Crown.
Provide a solution that
doesn
’
t
“
get in the way
”
of receiving a
certificaton
from SSC authority.
OTRS
Ubuntu
KVM
Ganeti
DRBD
MediaWiki
Openswan
OpenVPN
Unbound
& NSD
BackupPC
Nagios
Munin
Apache
Postfix
Pylons
Monthly
–
Guaranteed Outage
Network and other maintenance performed in a
maintenance window.
Assured outage of 1
-
hr / month (UNDER
DISCUSSION @HRE Governance Level)
D: get version #s of KVM etc.
Enter the password to open this PDF file:
File name:
-
File size:
-
Title:
-
Author:
-
Subject:
-
Keywords:
-
Creation Date:
-
Modification Date:
-
Creator:
-
PDF Producer:
-
PDF Version:
-
Page Count:
-
Preparing document for printing…
0%
Comments 0
Log in to post a comment