des virtualization
DESCRIPTION
DES Virtualization. IPMA Briefing 2012. A New Opportunity - DES. Legislative mandate to consolidate 5 agencies into DES Consolidate support to DES and support 2 existing agencies and 1 new agency IT support responsibility includes OFM, Governor’s Office and CTS - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: DES Virtualization](https://reader036.vdocument.in/reader036/viewer/2022062814/568166d2550346895ddae54a/html5/thumbnails/1.jpg)
DES Virtualization
IPMA Briefing 2012
![Page 2: DES Virtualization](https://reader036.vdocument.in/reader036/viewer/2022062814/568166d2550346895ddae54a/html5/thumbnails/2.jpg)
A New Opportunity - DES
• Legislative mandate to consolidate 5 agencies into DES
• Consolidate support to DES and support 2 existing agencies and 1 new agency
• IT support responsibility includes OFM, Governor’s Office and CTS
• Challenges abound – disparate storage, duplicate applications, redundant infrastructure, firewall separation
![Page 3: DES Virtualization](https://reader036.vdocument.in/reader036/viewer/2022062814/568166d2550346895ddae54a/html5/thumbnails/3.jpg)
DES at InceptionInternet
SGN
R
R
R
R
R
Enterprise Applications
SSV FirewallCurrent DES Issues:- Isolated- A2A Traffic over SGN- Firewall obstruction- Conf Rm to agency logon via SGN
DES Current StateNetwork Consolidation Status 10/5/11
DRAFT
d
GOV Workstations
d
GA Workstations
d
DOP Workstations
d
CR Workstations
d
DIS Workstations
d
CTS Workstations
d
Dept of PrintingWorkstations
d
OFM Workstations
PrintFile/App/Web
File/App/Web
File/App/Web
File/App/Web
File/App/Web
DES FirewallCTS FirewallDOP FirewallGA FirewallOFM Firewall
OFM AD
DOP ADGA AD
PRT AD
DIS ADDomains
![Page 4: DES Virtualization](https://reader036.vdocument.in/reader036/viewer/2022062814/568166d2550346895ddae54a/html5/thumbnails/4.jpg)
By the Numbers…
• DES as new agency October 1st, 2011– 345 servers, 63% virtualized– VMware was primary platform– 3 SAN enabled virtual farms
![Page 5: DES Virtualization](https://reader036.vdocument.in/reader036/viewer/2022062814/568166d2550346895ddae54a/html5/thumbnails/5.jpg)
Virtual Objectives
• Consolidate hardware in single “vFarm”• Extend layer 2 to virtualize existing pre-
DES agency infrastructures• Support “come as you are” vDC to
expedite virtualization and consolidation• Build new DES branded virtual data center
topology for DES services eClient and eApp
![Page 6: DES Virtualization](https://reader036.vdocument.in/reader036/viewer/2022062814/568166d2550346895ddae54a/html5/thumbnails/6.jpg)
Virtual Data Centers…
![Page 7: DES Virtualization](https://reader036.vdocument.in/reader036/viewer/2022062814/568166d2550346895ddae54a/html5/thumbnails/7.jpg)
DES Future Services
DCwa.lcl DC
wa.lclwa.lcl
eClient.wa.lcl eApp.wa.lcl
vDCeClient.wa.lcl
vDCeApp.wa.lcl
DCeClient.wa.lcl
vDCeClient.wa.lcl
DCeApp.wa.lcl
DCeApp.wa.lcl
vDCeApp.wa.lcl
Users
d
Workstations
File&Print
Mgmt Demarcation
CTS provisioned domain / CTS-DES shared
ownership / admin
DES provisioned services / DES administration
App/Web/SQLApp/Web/SQL
Shared Admin Domain ModelDRAFT 1/27/12
eClient & eApp Domains Washington StateAD Forest wa.lcl
DCeClient.wa.lcl
![Page 8: DES Virtualization](https://reader036.vdocument.in/reader036/viewer/2022062814/568166d2550346895ddae54a/html5/thumbnails/8.jpg)
Present Virtual Work
• Virtualize 93 more servers to hit 90%• Migrate 3 ESX farms to 1 shared farm• Scale to support anticipated Windows
server growth of 7 – 10% per year• Build out network to support enterprise
services and desired efficiency
![Page 9: DES Virtualization](https://reader036.vdocument.in/reader036/viewer/2022062814/568166d2550346895ddae54a/html5/thumbnails/9.jpg)
DES Shared Virtual Platform
• VMware ESX4i• HP DL380 G7 rackable servers• RAM (lots of it)• EqualLogic iSCSI storage• Licensing at the processor level• More RAM!
* RAM is always limiting factor
![Page 10: DES Virtualization](https://reader036.vdocument.in/reader036/viewer/2022062814/568166d2550346895ddae54a/html5/thumbnails/10.jpg)
Storage
• iSCSI based 1GB I/F ethernet storage• 89.24 TB of RAID50 SAS & SATA disk• 16% in near term snapshots• Thin provisioned, over provisioned• Replicated to TierPoint data center• Fully virtualized
![Page 11: DES Virtualization](https://reader036.vdocument.in/reader036/viewer/2022062814/568166d2550346895ddae54a/html5/thumbnails/11.jpg)
Layer 2 Extensions enabled…
• Virtualize “in place” – no change for existing applications
• Built-in backup / recovery– vRanger immediately picks up new guests
• Shared storage scalability– Growth accommodated at multi-agency level
• Operational mgmt by designated leads– Spread vFarm mgmt to key leads with
appropriate training
![Page 12: DES Virtualization](https://reader036.vdocument.in/reader036/viewer/2022062814/568166d2550346895ddae54a/html5/thumbnails/12.jpg)
Layer 2 “Extended”
![Page 13: DES Virtualization](https://reader036.vdocument.in/reader036/viewer/2022062814/568166d2550346895ddae54a/html5/thumbnails/13.jpg)
Virtual Console
• Virtual Console roles– Resource Pool Admin– Resource Pool Server Admin
• Attempted “linked consoles”– End client still needs direct access to primary
console• Jumpbox model
– RDP to console, run locally with pre-DES AD accounts set to virtual Data Centers
![Page 14: DES Virtualization](https://reader036.vdocument.in/reader036/viewer/2022062814/568166d2550346895ddae54a/html5/thumbnails/14.jpg)
VMware Converter
• VM converter “needs”– Virtual Console enabled guest within each
pre-DES network– Migration host with kernal (ip) on each client
network– No affinity during transition to invidual VM
host
![Page 15: DES Virtualization](https://reader036.vdocument.in/reader036/viewer/2022062814/568166d2550346895ddae54a/html5/thumbnails/15.jpg)
Security
• pre-DES agencies had different security policies and data risks
• New security team and unified strategy at DES key enabler
• Building to support security spectrum– vLAN separation– vSwitch separation– vFirewall security & audit
![Page 16: DES Virtualization](https://reader036.vdocument.in/reader036/viewer/2022062814/568166d2550346895ddae54a/html5/thumbnails/16.jpg)
Why Virtualize? Story 1• AFRS Data Warehouse
– Problem: Existing DW is operating 2 Windows 2003 x64 servers with SQL Server 2005 and team wants to migrate to Windows 2008 R2 x64 with SQL Server 2008 R2 Enterprise. Migration of data and transition is expected to take in excess of a month.
– Server 1: 2.85 TB of storage on 3 SAN volumes F, G, H– Server 2: 1.65 TB of storage on 2 SAN volume F, G
![Page 17: DES Virtualization](https://reader036.vdocument.in/reader036/viewer/2022062814/568166d2550346895ddae54a/html5/thumbnails/17.jpg)
Why Virtualize? Story 2• ERDC P20 Data Warehouse
– Problem: The new P20 Data Warehouse for the Economic Research & Development Council (ERDC) needed the ability to “recover” a full infrastructure platform (QA, DEV, Sandbox or Prod) to any given day / week in recent history.
![Page 18: DES Virtualization](https://reader036.vdocument.in/reader036/viewer/2022062814/568166d2550346895ddae54a/html5/thumbnails/18.jpg)
Lessons Learned• Cross train early and often• Change management and disciplined approach• Keep capacity for maintenance (n+1+ a little more)• Script configurations wherever possible for consistency
(powershell or ???)• Don’t assume – validate throughput, monitor links for even
load distribution, etc. (Windows perfmon, VMware esxtop, switch CLI)
• Don’t underestimate RAM and storage• Have your customers tout your success (nothing sells your
service more than a happy customer)• Patience – build in quality rather than rework
![Page 19: DES Virtualization](https://reader036.vdocument.in/reader036/viewer/2022062814/568166d2550346895ddae54a/html5/thumbnails/19.jpg)
Questions