SoftLayer Fundamentals Connecting to Th 1283769
-
Upload
vincent-martinez -
Category
Documents
-
view
18 -
download
0
description
Transcript of SoftLayer Fundamentals Connecting to Th 1283769
© 2014 IBM Corporation
SoftLayer Fundamentals Connecting to the Cloud – SoftLayer Networking, Part 2
© 2014 IBM Corporation © Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM.
IBM®, the IBM logo, and ibm.com are trademarks or registered trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of
IBM trademarks is available on the web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.
Intel and Pentium are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other
countries.
Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both.
Microsoft, Windows, Windows NT, and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both.
Java and all Java-based trademarks and logos are trademarks or registered trademarks of Oracle and/or its affiliates.
CDNLayer®, CloudLayer®, KnowledgeLayer®, RescueLayer®, SoftLayer®, and StorageLayer® are trademarks or registered
trademarks of SoftLayer, Inc., an IBM Company.
Other company, product, or service names may be trademarks or service marks of others.
The information contained in this document has been submitted to any formal IBM test and is distributed on an “as is” basis
without any warranty either express or implied. The use of this information or the implementation of any of these techniques is a customer responsibility and depends on the customer's ability to evaluate and integrate them into the customer’s operational
environment. While each item may have been reviewed by IBM for accuracy in a specific situation, there is no guarantee that the
same or similar results will result elsewhere. Customers attempting to adapt these techniques to their own environment do so at their own risk.
© Copyright International Business Machines Corporation 2014. All rights reserved. This document may not be
reproduced in whole or in part without the prior written permission of IBM. Note to U.S. Government Users – Documentation
related to restricted rights – Use , duplication or disclosure is subject to restrictions set forth in GSA ADP Schedule Contract with IBM Corp.
Trademarks
2
© 2014 IBM Corporation © Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 3
Meet your speakers
Jody Cefola is the SoftLayer Channels Integration leader focused on
partner enablement from IBM. Jody had 10 years in channel development
and execution working with all types of partners and international
experience with channel execution in Europe and Asia Pacific.
Steven W. Schiffer is an advisory architect for the IBM Global Technology
Services (GTS) Global Cloud Ecosystem team. Steven has more than five
years of experience with IBM cloud architecture (both private and public
infrastructures). He holds a Masters of Science in IT Management from the
University of Texas at Dallas and a bachelor’s degree in Computer Science
from the University of North Texas.
© 2014 IBM Corporation © Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 4
Your cloud strategy is your business strategy
Pacesetters use cloud to surface insights from data. They reimagine business
models, make better decisions and serve customers in new ways to create winning
business outcomes.
With so much at stake, you don't want just any cloud…
Source: IBM Center for Applied Insights Under cloud cover: How leaders are accelerating competitive differentiation that surveyed
802 cloud decision makers and users, spanning 13 countries and 24 industries.
2x the revenue growth
Almost
2.5x higher gross profit
growth than peers
Nearly
© 2014 IBM Corporation © Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 5
Tap into SoftLayer. Leverage significant investment to build
skills starting with SoftLayer Fundamentals
7.6 Revenue growth for Business Partners who have embraced
cloud2 7.6 2.5X
7.6 of CIO’s who are reengineering IT plan to look for outside
help – new skills, tools and capabilites3 7.6 66%
Sources: 1. Forrester Research, Cloud Channel Trends, 2013 to 2014, February 2013, 2. IDC: Worldwide channel and alliances 2013 top 10 predictions, January 2013,3. IBM CIO
study, 2011,
7.6 value for service channel partners has become technical
training1
7.6 #1
© 2014 IBM Corporation © Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM.
SoftLayer Fundamentals is a series of technical webinars to
provide knowledge on the capabilities to help build solutions
Webinar
Date Topic # Topic
February 25 1 Changing the landscape, not the definition - SoftLayer overview
February 27 2 One size does not fit all – Defining the SoftLayer cloud architecture
March 4 3 Connecting to the cloud – SoftLayer network options, part 1
March 6 4 Connecting to the cloud – SoftLayer network options, part 2
March 11 5 Keep safe – Securing your virtual instances
March 13 6 Storing your data – Understanding SoftLayer storage options
March 18 7 Flexible and on demand – Understanding SoftLayer managed services
March 20 8 You can’t manage what you don’t monitor – SoftLayer management and
monitoring
March 25 9 Evaluating cloud providers - Leveraging SoftLayer differentiators
For general SoftLayer overview presentations
Lance Crosby, SoftLayer CEO, main tent at IBM PWLC: http://www.youtube.com/watch?v=t9h2cXwcUvA
Grow your cloud business - leveraging the IBM acquisition of SoftLayer:
https://engage.vevent.com/rt/ibm~1017?token=NTU2MTY1MjY0MDAxMjExMDgxN0NIRUNLX0RBVEVfQU5EX0VOVFJJ
RVNfQ09VTlQ
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 7
Upon completion of this webinar, you should be able to:
• Understand load balancing
• Know the difference between global and local
balancing
• Order a local and a global load balancer
• Configure services in a local load balancer
• Understand the different SoftLayer firewalls
• Understand IP addresses in SoftLayer
• Using SoftLayer’s Domain Name Service
• Interfacing with SoftLayer VLANs
7
Connecting to the cloud – SoftLayer Networking Part 2
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 8
In this topic, you will learn about
• VIP options for load balancing
• Various balancing methods
Balancing data with SoftLayer local load balancer
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 9
Balancing data with SoftLayer local load balancer
The SoftLayer local load balancing is based on Array Networks and utilizes industry-
standard techniques. These techniques include round-robin, lowest latency, least
connections, shortest response, and IP persistence to balance traffic among two or more
servers. Local load balancing can be activated and configured in real-time, with servers
added to or removed from the balancing pool on-demand with little or no downtime.
Be aware of the following regarding local load balancing:
• Public network VLAN load balancing only.
• Local load balancing is limited to Layer 4.
• No console access; managed through the Customer Portal.
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 10
• Common (shared) load balancing
deployment
• Only one virtual IP address provided:
250 VIP connections per second
(with SSL option)
500 VIP connections per second
(with SSL option)
1,000 VIP connections per second
(with SSL option)
2,500 VIP connections per second
• Dedicated load balancing deployment
• Up to eight virtual IP addresses:
15,000 VIP connections per second
with SSL only
100,000 VIP connections per
second with SSL only
Selecting VIP options
VIP
connections
per second
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 11
Round
robin
Shortest
response
Least
connections
Consistent
hash IP
VIP
connections
per second
SoftLayer data center
Local
load
balancer
The local load balancer utilizes round robin, shortest response, least connections,
and consistent hash IP as methods to balance traffic among two or more servers in a
data center.
Balancing methods
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 12
Round
robin
Shortest
response
Least
connections
Consistent
hash IP
VIP
connections
per second
SoftLayer data center
Local
load
balancer
Routing to servers
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 13
In this topic, you will learn about
• Examples of global load balancing
configurations
• VIP options for global load balancing
• Various balancing methods
• Citrix NetScaler load balancer
Balancing data with SoftLayer global load balancer
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 14
The SoftLayer global load balancer is based on F5 Networks and allows you to load
balance your websites between servers in different physical data center locations. By
using an Anycast DNS system, the global load balancer is capable of providing highly
redundant DNS resolution to clients as well as direct clients to the optimal data center site
relative to location.
Be aware of the following regarding global load balancing:
• No console access; managed through the Customer Portal.
• Anycast DNS system is capable of providing redundant DNS resolution to clients and
directing clients to data center sites relative to location.
• Global load balancing is limited to Layer 4.
• Servers are added to or removed from the balancing pool on demand.
SoftLayer global load balancer
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 15
Below are two examples of how the configure the global load balancer – simple and
complex.
Configuring examples
Example
Simple configuration A simple configuration of the global load balancer consists of two
servers in two different locations. With geography-based load
balancing, users are directed to the data center location to which
they are closest. In the event of a failure of either server, traffic is
directed to the remaining server.
Complex
configuration
A complex configuration of the global load balancer consists of
the global load balancer connecting to multiple local load
balancers at each physical location, with an additional fallback
location available in the event all sites fail.
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 16
VIP
connections
per second
Selecting VIP options
Deployment options:
• 50 VIP connections per second
• 100 VIP connections per second
• 200 VIP connections per second
• 500 VIP connections per second
• 1,000 VIP connections per second
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 17
Weighted
round robin
Geography
Round
robin
Failover
VIP
connections
per second
Global
load
balancer
The global load balancer utilizes weight round robin, geography, round robin, and
failover as methods to balance traffic among two or more servers in one or more data
centers.
Resides in
all SoftLayer
data centers
and PoPs
Balancing methods
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 18
VIP
connections
per second
SoftLayer data center 1 Global
Load
balancer SoftLayer data center 2
Routing to servers
Weighted
round robin
Geography
Round
robin
Failover
Resides in
all SoftLayer
data centers
and PoPs
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 19
Using the SoftLayer Citrix NetScaler load balancer
The SoftLayer Citrix NetScaler load balancer is a web application delivery appliance. It is
designed to accelerate application performance, and ensure application availability and
protection while substantially lowering costs.
Citrix NetScaler load balancer is
• Available for deployment in both public and private networks in SoftLayer.
• Only option to load balance non-public network-facing servers and virtual instances.
• Allowed up to, and including, Layer 7.
• Includes 5 TB of public outbound bandwidth and unlimited private network bandwidth per
device.
The deployment options for Citrix NetScaler Standard and Platinum Editions are
• 10 Mbps, 200 Mbps, and 1 Gbps.
• One, two, four, eight, or 16 public IP addresses.
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 20
Using the SoftLayer Citrix NetScaler load balancer (cont.)
Standard Edition Platinum Edition
• TCP buffering
• TCP multiplexing
• SSL offload and
acceleration
• Client and server TCP
optimizations
• L4 DoS defenses
• Layer 7 content filtering
• HTTP rewrite
• URL rewrite
• Citrix Access Gateway
• Layer 4 load balancing
• Layer 7 content
switching
• AppExpert rate controls
• IPv6
• TCP buffering
• TCP multiplexing
• SSL offload and
acceleration
• Cache redirection
• Client and server TCP
optimizations
• Citrix AppCompress for
HTTP
• Citrix AppCache
• L4 DoS defenses
• Layer 7 content filtering
• HTTP rewrite
• URL rewrite
• Citrix Access Gateway
• Layer 7 DoS defenses
• NetScaler Application
Firewall
• Layer 4 load balancing
• Layer 7 content
switching
• AppExpert rate controls
• IPv6
• Global server load
balancing
• Surge protection
• Priority queuing
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 21
In this topic, you will learn about
• Managed firewalls
• FortiGate security appliance
• Vyatta gateway appliance
Setting up firewalls in SoftLayer
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 22
SoftLayer’s hardware firewalls utilize the Fortinet FortiGate 300 Series firewalls. You
select from a dedicated hardware firewall or a standard hardware firewall based on your
need.
• Dedicated firewalls protect one, multiple, or all servers that share the same VLAN for
the highest assurance of uptime.
• Standard firewalls provide individual servers an additional layer of server security.
The firewalls are provisioned on demand without service interruptions.
Working with SoftLayer’s managed firewall
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 23
Working with SoftLayer’s managed firewall (cont.)
Dedicated hardware firewalls Standard (shared) hardware firewall
Deployment options:
• 1 Gbps dedicated
• 1 Gbps dedicated with high availability
Deployment options:
• 10 Mbps
• 100 Mbps
• 1 Gbps
• Protect an entire defined VLAN.
• Designed rules to be applied to entire
VLAN or to single servers in defined
VLAN.
• Managed through customer portal and
API.
• Provides firewall, anti-virus, and
intrusion prevention.
• Applied to individual servers (dedicated
server or CCI)
• Designed rules for all IPs assigned to
designated server or for a single IP
address on the server
• Managed through Customer Portal and
API
• Provides firewall and anti-virus based
security.
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 24
The deployment options for the FortiGate security application are single deployment or
high availability.
The hardware is the same as the SoftLayer managed hardware firewall offering
(FortiGate 300 series).
There is direct access to the FortiGate's console and native management tools. The
console and tools provide complete, granular control over advanced firewall and security
features. These security features include anti-virus, intrusion detection, intrusion
prevention, and VPN capabilities (IPSec, PPTP, and L2TP).
Using the FortiGate security appliance
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 25
The Vyatta gateway appliance is designed to allow for advanced network routing and
configuration of a portion of or the entire account for a customer in SoftLayer.
Using the Vyatta gateway appliance
Deployment options
CPU RAM Disk configuration Disk options
Xeon Quad Core 1230 3.2
Ghz
Xeon Quad Core 1270 3.4
Ghz
4 GB
8 GB
12 GB
16 GB
32 GB
JBOD
RAID 0
RAID 1
RAID 5
RAID 10
SATA
SATA 10K
SCSI 10K
SCSI 15K
SSD
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 26
Capabilities:
• IPSec VPN tunnels
• NAT
• Firewall services
• Router services
All Vyatta capabilities can be managed through either the SSH shell CLI or by connecting
to the Vyatta Network OS GUI via the SoftLayer VPN and private IP address.
Note: A customer may not have a
SoftLayer shared or dedicated firewall
service and a Vyatta network gateway
device assigned to the same VLAN.
Using the Vyatta gateway appliance (cont.)
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 27
In this topic, you will learn about SoftLayer IP
addresses.
Establishing additional IP address blocks
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 28
Understanding IP addresses in SoftLayer
IP block type Description
Static IP block
A block of IP Addresses that are routed directly to a specific IP on
the network.
Portable IP block Any IP block that can be used on multiple servers within a single
VLAN concurrently. Portable IP address are switchable within a
VLAN from server to server. There are two types of portable IP
blocks:
• Routed to VLAN is a static IP block that is routed to an entire
VLAN rather than a specific IP address. This IP block provides
the customer access to all IPs within the block.
• Secondary to VLAN is designed to be used within a virtual
environment. It requires that the network, gateway, and
broadcast IPs be bound directly to the VLAN rendering these IPs
unusable by the customer. This block is used in conjunction with
a virtual machine. (To have one usable IP address for a server
you need at least four IP addresses in a block.)
Each SoftLayer server (virtual or bare metal) comes with one primary IPv4 address.
Additional IP blocks are available in quantities of one, two, four, eight, 16, or 32.
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 29
Understanding IP addresses in SoftLayer (cont.)
Global IP's provide IP flexibility by letting users shift workloads between servers (even in
different data centers). Global IPs also provide IP persistence by allowing for transitions
between servers and virtual instance’s. This is a direct competitor to Amazon Elastic IPs,
without the limitation of being defined to a specific region.
Deployment options include:
• Monthly charge per deployed IP address.
• IP destination change through the customer portal or API commands.
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 30
In this topic, you will learn about SoftLayer’s
Domain Name System offering.
Using SoftLayer’s Domain Name System service
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 31
A customer has four options for using a named server with their SoftLayer infrastructure:
1. Use your (the customer’s) domain name registrar name servers to manage your (the
customer’s) domain names.
2. Use SoftLayer name servers to manage your domain names.
3. Use a third party DNS service to manage your domain names.
4. Run your own name servers on your server to manage your domain names.
SoftLayer DNS services:
• Public option (SoftLayer manages the customer’s domain). Public name servers act
as authoritative name servers for domain names that reside in SoftLayer DNS
servers and are managed through Customer Portal. These servers "answer" and
"resolve" domain names to a company’s IP address for the general Internet
population.
• Private Network. Resolving name servers are located on the private network and act
as DNS resolvers for a customer’s server. The private resolvers slave from SoftLayer
public name servers so they are always up to date. This is a convenience service for
customers.
Using Domain Name System (DNS)
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 32
What is a VLAN?
Virtual LAN (VLAN) is a networking concept in which network interfaces on different
routers, switches, and servers act as if they're on the same local network broadcast
domain.
How are VLANs used by SoftLayer?
SoftLayer servers are provisioned on “private VLANs” that are created per router (in a
data center) for the public and private networks. See the diagram below.
Describing a VLAN
VLAN
1
VLAN
2
VLAN
3
VLAN
4
VLAN
5
VLAN
6
Public network Private network
DC1
DC2
DC3
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 33
Spanning
• VLAN spanning is turned off by default.
• VLAN spanning enables a server or virtual instance connection to multiple VLANs
and data centers on the SoftLayer private network.
• IPs on the private VLANs in a customer account will be able to communicate once
spanning is enabled. There is no current discrete spanning separation.
• Five minutes to 15 minutes to activate VLAN spanning.
• Option is available to span private VLAN of two separate SoftLayer accounts.
• Cost is $25 per account.
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 34
• A customer can
segment their
provisioned
physical and
virtual servers
onto one or more
private VLANs.
• Customer VLANs
across one or
more data centers
can be
interconnected via
the SoftLayer
private network.
• Distributed denial
of service (DDoS)
protection is
provided on the
SoftLayer public
network via Cisco
Guard devices.
Planning an advanced VLAN design
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 35
? ?
Questions
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 36
Leading Edge
Trusted
Completely Free
Recommended actions
Sign up for a free 1 month trial account:
http://www.softlayer.com/info/free-
cloud/skills100
Within 60 days, register as a SoftLayer
partner with a viable SL opportunity (time
frame, workload, configuration) at:
http://www.softlayer.com/partners/ibm-
partners
© Copyright IBM Corp. 2014. All rights reserved.
Course materials may not be reproduced in whole or in part without the prior written permission of IBM.
Attend other SoftLayer Fundamentals webinars or download
the replay and materials at your convenience
Please remember to download the glossary of terms
Webinar
Date Topic # Topic
February 25 1 Changing the landscape, not the definition - SoftLayer overview
February 27 2 One size does not fit all – Defining the SoftLayer cloud architecture
March 4 3 Connecting to the cloud – SoftLayer network options, part 1
March 6 4 Connecting to the cloud – SoftLayer network options, part 2
March 11 5 Keep safe – Securing your virtual instances
March 13 6 Storing your data – Understanding SoftLayer storage options
March 18 7 Flexible and on demand – Understanding SoftLayer managed services
March 20 8 You can’t manage what you don’t monitor – SoftLayer management and
monitoring
March 25 9 Evaluating cloud providers - Leveraging SoftLayer differentiators
37