1 / 13

IRCan HRE

Designed for High Availability. IRCan HRE. HRE – VM Fabric. Fault-Tolerant Design Shared Storage across 4 Nodes. Each Node: 6 X 900GB SAS 10k RPM hard drives configured RAID 5 + hot standby 10Gbps interconnects (storage), 1Gbps (network) Node Pairs – Storage shadowed on Pair

talmai
Download Presentation

IRCan HRE

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Designed for High Availability IRCan HRE

  2. HRE – VM Fabric • Fault-Tolerant Design • Shared Storage across 4 Nodes. Each Node: • 6 X 900GB SAS 10k RPM hard drives configured RAID 5 + hot standby • 10Gbps interconnects (storage), 1Gbps (network) • Node Pairs – Storage shadowed on Pair • Failure of Node – VM can be lit up on pair member that is still live.

  3. Node Pair vm2 vm1 If Node 1 Fails HRE Administrator intervenes and activates VM on remaining Node Pair CPU RAM Storage (HD) VHD ghosted vhd1 vhd2 vhd3 Storage (HD) vm1 vm2 vhd1 vhd2 vm3 vhd3 CPU RAM

  4. HRE – Backup Approaches • First Level - Live & Standby VMs – VHD duplicated to pair node • Storage available for guest VM to backup to VM VM VM VM VM Host Machine Live and Standby VMs VM VM VM VM VM Host Machine

  5. HRE – VM Guest Backup • Guest VM backs up to Storage Facility • Initiated by Guest VM – NOT by Host/HRE • HRE – responsible for storage – not backup and recovery procedure inside VM Storage facility HRE Tenant VM initiates backup at Guest VM level – putting data into Storage Facility at HRE or other location (Tenant choice). VM VM VM VM VM Host Machine

  6. HRE Networking internet @10Mbps Bridge FW Bridge FW Node Pair 1 Node Pair 2 Node Pair <n> Utility Servers Node 1 Node 2 Node 3 Node 4 Node … Node … VPN Admin … Private LAN Storage LAN

  7. Internet HRE – Tenant Cloud IRCan FW Public Network VPN endpoint Private FW1 Tenant A minicloud Web Server Database Server Private FW2

  8. Technical Layers Tenant Application – Servers (OS, Applications), Network Devices, Administration HRE Infrastructure – Virtualization Fabric, Storage, VLANs, VPN Monitoring Administration SSC Infrastructure – Data Centre, Rack, Power, Network

  9. C&A • From the “ground up” – Layered • Infrastructure + HRE + Tenant Application • ONLY Tenant Application is C&A eligible. • Large Dependency on HRE • Therefore, leverage common information for C&A Process on HRE and SSC infrastructure.

  10. Problem • Provide a flexible, upgradable, dependable, infrastructure that Government departments can use to host applications and projects, involving FLOSS applications and tools. • Provide the capability to implement each project’s security policy, within the greater responsibilities of The Crown. • Provide a solution that doesn’t “get in the way” of receiving a certificaton from SSC authority.

  11. Packages Ubuntu KVM Ganeti OTRS DRBD MediaWiki Unbound & NSD Openswan OpenVPN BackupPC Nagios Munin Apache Postfix Pylons

  12. Maintenance Windows • Monthly – Guaranteed Outage • Network and other maintenance performed in a maintenance window. • Assured outage of 1-hr / month (UNDER DISCUSSION @HRE Governance Level)

  13. ACTION ITEMS • D: get version #s of KVM etc.

More Related