1 / 31

Best Practices for Private Cloud Implementation

VIR301. Best Practices for Private Cloud Implementation. Peter J. Meister Group Technical Product Manager Server and Cloud Platform Division Microsoft Corporation. Agenda. Introduction – Best Practices Session Journey to the Cloud Licensing Operating System

sun
Télécharger la présentation

Best Practices for Private Cloud Implementation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. VIR301 Best Practices for Private Cloud Implementation Peter J. Meister Group Technical Product Manager Server and Cloud Platform Division Microsoft Corporation

  2. Agenda • Introduction – Best Practices Session • Journey to the Cloud • Licensing • Operating System • Hyper-V Network Perf./Tuning Settings • Hyper-V Host Cluster • Virtual Machine and Virtual Machine Storage/Networking • SCVMM 2008 R2 • Backup and Disaster Recovery • Security • Summary/Q&A

  3. Are you deploying a Private Cloud Today? Do you already have a Private Cloud in Operation?

  4. Journey to the Cloud Cloud Computing Virtualized Computing Private | Public • IT as a Service Traditional Datacenter Just-in-time, self-service provisioning and scaling of services on shared hardware

  5. The Microsoft Private Cloud VALUE Application Driven Comprehensive and Open Cloud under Your Control!

  6. Microsoft’s Private Cloud Management Focuses on the Applications Hyper-V Hyper-V Hyper-V • With Microsoft’s Private Cloud applications and end-user demands automatically trigger resource optimizations, such as VM migration, new VMs, or other reconfigurations of resources based on business needs.

  7. Comprehensive and Open Hyper-V Network Storage 3rd Party Management Multiple Hypervisors Multiple Operating Systems Multiple Development Platforms Links to rest of IT infrastructure

  8. Cloud Under Your Control VM ROLE Private Cloud Public Cloud IDENTITY MANAGEMENT DATABASE DEVELOPMENT MOBILITY

  9. Hyper-V CloudMicrosoft Private Cloud Solutions ON-PREMISES PRIVATE CLOUD PRE-CONFIGURED PRIVATE CLOUD HOSTED PRIVATE CLOUD Hyper-V Cloud Accelerate DEPLOYMENT OPTION Hyper-V Cloud Deployment Guides Hyper-V Cloud Service Providers Hyper-V Cloud Fast Track MPN Hyper-V Cloud Partners Hyper-V Cloud Services PROGRAMS

  10. IaaS Builds on Virtualization Admin/Tenant Interfaces Additional layers required for IaaS Orchestration Layer Management Layer Automation Layer Virtualization Layer Hardware Layer Virtualization provides the foundation. Storage Network Compute Facility

  11. Licensing Versions of Windows Server 2008 R2, such as Standard, Enterprise, and Datacenter editions, include “virtualization use rights.” This is the right and license to run a specified number of Windows-based virtual machines. Note that this right does not limit the number of virtual machines the host can run; rather, it denotes the number of Windows guest licenses that are included. • Windows Server 2008 R2 Standard: Includes use rights for one running virtual machine • Windows Server 2008 R2 Enterprise: Includes use rights for up to four virtual machines. This does not limit the number of guests that the host can run; it means that licenses for four Windows guests are included. To run more than four guests, you simply need to ensure you have valid Windows Server licenses for the additional virtual machines • Windows Server 2008 R2 Datacenter: Includes unlimited virtualization use rights, which lets you run as many guests as you like on the physical server running Windows Server 2008 R2 Datacenter edition

  12. Management Cluster Best Practices When managing eight nodes or more, you should provide high availability to the management systems. You can achieve high availability using a management host cluster that typically consists of two nodes. SAN Storage • Provide a dedicated 2-node or more host cluster for Hyper-V cloud management if the Hyper-V cloud is 8 nodes or larger • Deploy all management products in high-availability virtual machines on the management cluster • Configure the cluster with a storage area network (SAN) and storage array that is compatible with Windows Failover Clustering • Implement gigabit Ethernet or higher for all switched Ethernet network infrastructure Management VMs SAN Storage Failover Hyper-V Cloud:Management Cluster Cluster Nodes(up to 16 per cluster Failover Hyper-V Cloud:Host Cluster

  13. Operating System Your host operating system should be tuned for highest performance in a Hyper-V cloud environment. The following are general considerations for the Hyper-V host operating system. • Use Windows Server 2008 R2 with either the Full or Server Core installation option. Note that there is no upgrade path from Server Core to Full or vice-versa, so make this selection carefully • Use the latest hardware device drivers • Join the Hyper-V parent partition OS to a domain • Enable the Hyper-V Server role and failover clustering • Apply relevant Windows updates, including out-of-band (OOB) updates not offered on Microsoft Update. The list of Hyper-V updates can be found at http://technet.microsoft.com/en-us/library/ff394763%28WS.10%29.aspx • Confirm that all nodes, networks, and storage are accepted by the Cluster Validation Wizard

  14. Hyper-V Network Perf./Tuning Settings A key factor in configuring a cloud architecture such that it provides flexibility and elasticity is network optimization. The following Hyper-V R2 settings can improve your network performance: • Enable TCP checksum offload. This reduces the load on the host server’s CPU, improves overall network throughput, and is fully supported by Live Migration • Enable jumbo frames. Hyper-V in Windows Server 2008 R2 extends jumbo frame support to virtual machines. Jumbo frames provide up to six times larger payloads per packet, improves overall throughput, and reduces CPU load for large file transfers • Enable Virtual Machine Queue (VMQ) for 10 gigabit Ethernet networks. VMQ lets a single network interface card (NIC) in the host server appear as multiple NICs to VMs by letting the host’s NIC place packets directly into individual VM memory stacks. Each VM NIC buffer is assigned a VMQ, which avoids excess packet copies and route lookups in the virtual switch. This results in less data in the host’s buffers and an overall performance increase

  15. IP Addressing Segregating the networks on which your private cloud is built should be a key design consideration. Subnets for the various facets of the private cloud architecture should be separate and distinct. Place the cluster heartbeat network on a distinctly separate subnet from the host management network Do not share the virtual machine network adapter with the host operating system. The physical NIC that is used by VMs should not have an IP address assigned to it Separate and isolate the iSCSI network from the host and VM networks. Use a dedicated IP range for the storage devices Hyper-V Network Perf./Tuning Settings (cont.) MPIO Configuration When configuring a disk device to be managed by Multipath I/O (MPIO) for multipath access, the hardware ID for the disk device is required to be present in two different locations in the registry in order to be claimed by MPIO and the Device Specific Module (DSM) that is managing connection to the device. These two locations are: • HKLM\System\CurrentControlSet\Control\MPDEV\MPIOSupportedDeviceList • HKLM\System\CurrentControlSet\Services\<DSMNAME>\Parameters\DsmSupportedDeviceList

  16. MPIO Configuration (cont) If the device will be associated with the Microsoft DSM (MSDSM), then the <DSM NAME> will be MSDSM. If the device connection will be handled by a vendor-provided DSM, then the name of this key will be dependent on the service name associated with the DSM in the HKLM\System\CurrentControlSet\Services registry hive Configure the hardware ID for a specific disk device so that it is associated with one DSM in the services key. This ensures that the device is only available to be claimed by the desired DSM when multiple DSMs have the ability to support a given device Hyper-V Network Perf./Tuning Settings (cont.) Network Interface Controller Teaming NIC Teaming or Link Aggregation (IEEE 802.3ad) bonds physical NICs together to form one or more logical network link that sends traffic to all NICs in the team. This lets a single NIC, cable, or switch sustain a planned or unplanned outage without disrupting the host’s Ethernet traffic • Implement NIC teaming to provide high availability to the virtual machine networks. Team two or more NICs into a logical NIC that can be used by the VMs • Do not use NIC teaming for storage traffic in conjunction with iSCSI or FCoE. Storage networking should take advantage of MPIO

  17. A Hyper-V host cluster is a group of servers that operate together to increase the availability of applications and services. Hyper-V clustering facilitates high-availability configurations where if one of the cluster nodes fails, a failover node begins to provide service, restarting the VMs from the failed node onto a failover node. When planning downtime for a node, Live Migration moves running VMs from one node to another with no perceptible interruption to the VM. Implement a dedicated network for managing the infrastructure. Ensure that all Hyper-V hosts have a dedicated network adapter connected to the management network for exclusive use by the parent partition. If the server hardware contains out-of-band management adapters, implement a dedicated network for these adapters also. If using iSCSI, implement a dedicated iSCSI network or virtual local area network (VLAN). If using 1 GB Ethernet NICs, ensure two NICs are dedicated to iSCSI traffic to ensure redundancy. If using 10 GB Ethernet NICs, ensure a teamed, virtual NIC is presented to the parent partition for iSCSI traffic to ensure redundancy. Enable Cluster Shared Volumes (CSV) for storing multiple virtual machines on a single logical unit number (LUN). Implement a dedicated CSV/cluster communication network. If you are using 1 GB Ethernet NICs, ensure that all Hyper-V hosts have a dedicated network adapter connected to the CSV network for exclusive use by the parent partition. If using 10 GB Ethernet NICs, ensure a teamed, virtual NIC is presented to the parent partition for CSV traffic to ensure redundancy. Implement a dedicated Live Migration network. If using 1 GB Ethernet NICs, ensure that all Hyper-V hosts have a dedicated network adapter connected to the Live Migration network for exclusive use by the parent partition. If using 10 GB Ethernet NICs, ensure a teamed, virtual NIC is presented to the parent partition for Live Migration traffic to ensure redundancy. Utilize a dedicated or shared 10 GB Ethernet connection for the Live Migration network. This significantly reduces the time required to move VMs between hosts with zero downtime during maintenance or update windows. Implement one or more dedicated VM networks. If using gigabit Ethernet NICs, ensure that all Hyper-V hosts have two or more dedicated network adapters connected to the VM network for exclusive use by the guest VMs. If using 10 gigabit NICs, ensure a teamed, virtual NIC is presented to the guest VMs to ensure redundancy. Hyper-V Host Cluster

  18. Hyper-V Guest Virtual Machine Design Standardization is a key design tenet for VMs. A standardized collection of virtual machine templates can ensure predictable performance and can greatly improve capacity planning. Use documented, standardized configurations for all VMs, including management and tenant VMs. Standardized, documented VMs ease provisioning and maintenance of virtual machine environments Virtual Machine and Virtual Machine Storage/Networking

  19. Virtual Machine Storage Several factors can affect virtual machine storage. Several storage options are available to virtual machines, but the benefits and drawbacks of each option should be weighed against performance and host storage requirements. Implement fixed virtual disks for production VMs. A fixed disk allocates the full size of the disk upon creation and provides better performance and monitoring of storage availability Dynamically expanding disks are also an option for production use, though they carry other risks such as storage oversubscription and fragmentation. Use this type of virtual disk with caution Do not use differencing disks for production server workloads Use pass-through disks only in cases where you require absolute maximum performance and the loss of features, such as snapshots and portability, is acceptable. Note that since the performance difference between pass-through and fixed disks is minimal, there are very few scenarios where pass-through disks are required When using iSCSI within a VM, ensure that a separate virtual network is used for access to the iSCSI storage. If the VM iSCSI network is shared with regular Ethernet traffic, implement quality of service (QoS) to provide performance guarantees to the different networks. Consider using jumbo frames within the guest VM to improve iSCSIperformance Virtual Machine and Virtual Machine Storage/Networking (cont.)

  20. Virtual Machine Networking Poor virtual machine networking design can severely affect virtual machine performance. Architects should give careful consideration when planning how virtual machines communicate with each other, with the host, and with external networks. Hyper-V provides several types of networks to VMs. Private network: The network that provides communications between virtual machines only Internal network: The network that provides communications between the host server and virtual machines External network: The network that provides communications between a virtual machine and a physical network by creating an association to a physical network adapter on the host server Keep the following recommendations in mind when configuring virtual machine networking. Always use synthetic virtual network adapters when possible. Use emulated network adapters only for unsupported guest operating systems or in special circumstances such as if the guest VM needs to Pre-Boot Execution Environment (PXE) boot For private cloud scenarios, use one or more external networks per VM. Segregate the networks with VLANs and other network security infrastructure as needed Virtual Machine and Virtual Machine Storage/Networking (cont.)

  21. Microsoft System Center Virtual Machine Manager (VMM) 2008 R2 facilitates centralized management of physical and virtual IT infrastructure, increased server utilization, and dynamic resource optimization across multiple virtualization platforms. It includes end-to-end capabilities that let administrators plan, deploy, manage, and optimize the virtual infrastructure. In a Microsoft private cloud environment, VMM is used to manage only Hyper-V Cloud Fast Track hosts and guests in a single data center. No additional virtualization should be managed by VMM Implement VMM on a dedicated VM and use a remote SQL Server 2008 instance Place the VMM library on a dedicated, high-performance VHD or pass-through disk Integrate VMM with Microsoft Operations Manager 2007 Performance and Resource Optimization (PRO) should be used with automatically implemented tips System Center Virtual Machine Manager 2008 R2

  22. The backup solution should support the Hyper-V Volume Shadow Copy Service (VSS) writer for host-based backup Backup storage should be separate from the SAN. SAN snapshot technology can be used in conjunction with a mechanism to move the backup off the production SAN The backup solution should have the capability to restore individual files from the VM backup The backup solution should have application awareness Backup and Disaster Recovery

  23. Microsoft Hyper-V was designed to minimize the attack surface on the virtual environment. The hypervisor itself is isolated to a microkernel, independent of third-party drivers. Host portions of the Hyper-V activities are isolated in a parent partition, separate from each guest. The parent partition itself is a virtual machine. Each guest virtual machine operates in its own child partition. In addition to the usual security best practices for physical servers, the following are recommended security best practices for a Hyper-V environment: Consider using domain isolation with IP Security (IPSec) for both hosts and guests Secure the communications between the Hyper-V server and its administrators and users Security

  24. Summary and Q/A Microsoft private cloud provides agility and cost-savings benefits to enterprise customers, service providers and end users. By following the recommended best practices for deploying the private cloud software infrastructure outlined in this presentation, you will achieve higher levels of service, increased cost savings, and the computing resource elasticity and high availability you demand. Feel free to Ping me any questions and feedback: petermei@microsoft.com

  25. Next Steps • Learn more about Microsoft Private Cloud on http://www.microsoft.com/privatecloud • Learn more about Microsoft private cloud solutions on http://www.microsoft.com/hypervcloud • Work with your Microsoft representative to discuss licensing options and which solution is best for you • Talk to Microsoft Services and Partners about conducting an assessment or proof of concept

  26. Track Resources • Don’t forget to visit the Cloud Power area within the TLC (Blue Section) to see product demos and speak with experts about the Server & Cloud Platform solutions that help drive your business forward. • You can also find the latest information about our products at the following links: • Cloud Power - http://www.microsoft.com/cloud/ • Private Cloud - http://www.microsoft.com/privatecloud/ • Windows Server - http://www.microsoft.com/windowsserver/ • Windows Azure - http://www.microsoft.com/windowsazure/ • Microsoft System Center - http://www.microsoft.com/systemcenter/ • Microsoft Forefront - http://www.microsoft.com/forefront/

  27. Resources • Connect. Share. Discuss. http://northamerica.msteched.com Learning • Sessions On-Demand & Community • Microsoft Certification & Training Resources www.microsoft.com/teched www.microsoft.com/learning • Resources for IT Professionals • Resources for Developers http://microsoft.com/technet http://microsoft.com/msdn

  28. Complete an evaluation on CommNet and enter to win!

  29. © 2011 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

More Related