Implementation
This chapter describes how to implement an IBM Spectrum Virtualize for Public Cloud on Amazon Web Services (AWS) environment and provides detailed instructions about the following topics:
5.1 Implementing IBM Spectrum Virtualize for Public Cloud on Amazon Web Services
This section contains instruction for implementing IBM Spectrum Virtualize for Public Cloud on AWS. The IBM Spectrum Virtualize for Public Cloud on AWS implementation starts from the following assumption: The required IBM Spectrum Virtualize Licenses are bought and you have access to IBM Passport Advantage.
Designed for software-defined environments (SDEs), IBM Spectrum Virtualize for Public Cloud on AWS represents a solution for public cloud implementations, and includes technologies that complement and enhance public cloud offering capabilities.
IBM Spectrum Virtualize for Public Cloud on AWS provides for the deployment of
IBM Spectrum Virtualize software in public clouds in Amazon Cloud. IBM Spectrum Virtualize for Public Cloud on AWS provides a monthly license to deploy and use IBM Spectrum Virtualize for Public Cloud on AWS to enable hybrid cloud solutions, offering the ability to have storage as service in a multicloud environment.
IBM Spectrum Virtualize software in public clouds in Amazon Cloud. IBM Spectrum Virtualize for Public Cloud on AWS provides a monthly license to deploy and use IBM Spectrum Virtualize for Public Cloud on AWS to enable hybrid cloud solutions, offering the ability to have storage as service in a multicloud environment.
Table 5-1 shows IBM Spectrum Virtualize for Public Cloud on AWS at a glance on Amazon Cloud.
Table 5-1 IBM Spectrum Virtualize for Public Cloud on AWS at a glance
|
Items
|
On AWS
|
|
Storage supported
|
Amazon Cloud Elastic Block Store (EBS)
|
|
Licensing approach
|
Simple, flat cost per managed terabyte and monthly licensing
|
|
Platform
|
IBM Spectrum Virtualize for Public Cloud on AWS installed on an Elastic Compute Cloud (EC2) instance
|
5.1.1 Installing IBM Spectrum Virtualize for Public Cloud on AWS
The IBM Spectrum Virtualize for Public Cloud installation uses AWS CloudFormation templates that simplify provisioning and management on AWS. These templates are available on AWS Marketplace and simplify the provisioning and installation process.
Ensure that all prerequisites are complete before you install the IBM Spectrum Virtualize for Public Cloud software from AWS Marketplace (https://aws.amazon.com/marketplace).
|
Note: Before installing IBM Spectrum Virtualize for Public Cloud on AWS, make sure that you have the key pair (ssh_key) defined and accessible after installation. This key is used to access the Bastion host and any other EC2 instances that are created and other key-based authentication.
|
To install the IBM Spectrum Virtualize for Public Cloud software, complete these steps:
1. Go to the IBM Spectrum Virtualize for Public Cloud BYOL Marketplace Offering (or just search for “IBM Spectrum Virtualize” on the AWS marketplace.
If you have not done so, log in to with your AWS account, as shown in Figure 5-1.
Figure 5-1 IBM Spectrum Virtualize for Public Cloud AWS Marketplace page
2. Scroll down from the Overview section to Pricing or select it from the menu items at the top of the Marketplace page, and input or validate the following information for your installation:
– Region
– Fulfillment Option (using an existing virtual private cloud (VPC) or a new VPC)
– EC2 Instance type (The current default is c5.4xlarge.)
AWS Marketplace provides a dynamic pricing display based on your selections. If you are satisfied with your selections, click the Continue to Subscribe link in the upper right corner of the page and follow the instructions, as shown in Figure 5-2.
Figure 5-2 IBM Spectrum Virtualize for Public Cloud on AWS Marketplace Pricing Summary
3. The Terms and Conditions window opens and shows the Product information, as shown in Figure 5-3. After you are satisfied with what you see, click Continue to Configuration.
Figure 5-3 IBM Spectrum Virtualize for Public Cloud AWS Marketplace Terms and Conditions
4. Now, specify whether a New VPC is wanted or if you want to deploy into an existing VPC. In this example, we choose a new VPC, which carries the reminder that only a single Availability Zone is provided by default, so the Bastion host and the initial IP quorum are placed in the same Availability Zone as the IBM Spectrum Virtualize nodes. We elaborate on the significance of this setup and the steps to remediate it by adding another subnet in a different Availability Zone, starting a private network-only EC2 instance into that new Availability Zone, and installing the IP quorum application on that server. There is also an opportunity to change the software version if others are available, and change the region of AWS for the deployment. After all the options are finalized, click Continue to Launch, as shown in Figure 5-4.
Figure 5-4 Continue to Launch
5. The CloudFormation template opens, which automates the rest of the installation after some key parameters are input. The default action is the launch of the CloudFormation process, so click Launch, as shown in Figure 5-5.
Figure 5-5 Launching the CloudFormation templates
6. Next is the stack creation process. Use the defaults and do not change the Amazon Simple Storage Service (S3) URL. This template location is provided by IBM Spectrum Virtualize for Public Cloud and contains critical information for installation automation. Click Next, as shown in Figure 5-6.
Figure 5-6 Starting the CloudFormation stack creation
7. Provide the stack name that will be the basis of the IBM Spectrum Virtualize cluster or system name. Specify the availability zone and modify the network parameters as needed. The default for the whole VPC is 10.0.0.0/16 or 10.0.0.0-10.0.255.255. The default settings are perfectly functional for public and private clouds, especially in a new VPC. For more information, see Figure 5-7.
Figure 5-7 CloudFormation Stack: Name
8. Set the access filter as needed. For this example, we did not restrict which IPs were allowed to access sv_cloud. There is an opportunity to change the EC2 server size for the IBM Spectrum Virtualize nodes and the Bastion host, as shown in Figure 5-8.
Figure 5-8 Access filter configuration
9. Finally, in the configuration page that is shown in Figure 5-9, specify the size of the two EBS gp2 volumes that are put into a pool as part of the cluster creation.
Figure 5-9 CloudFormation Stack: Initial EBS gp2 volume size
10. Next is the summary and acknowledgment page. This page has two steps. Review your selections and edit them if necessary, as shown in Figure 5-10 and Figure 5-11.
Figure 5-10 CloudFormation Stack: Use the default template
Figure 5-11 CloudFormation Stack: Review the selections
Figure 5-12 CloudFormation Stack: Create the stack
12. The stack creation process takes about 20 minutes for new VPCs and 15 minutes for existing VPCs. Progress can be monitored by going to the AWS console and selecting CloudFormation → Stacks, and then clicking the Events tab. After the stack and associated WorkloadStack reaches CREATE_COMPLETE, the environment is ready for interaction, as shown in Figure 5-13.
Figure 5-13 CloudFormation Stack: Creation complete
13. In this same view, you can view important IP address information by clicking the Outputs tab, as shown in Table 5-2.
Table 5-2 Output of CloudFormation auto-provisioning after AWS finishes stack creation
|
Name
|
IP address
|
Description
|
|
IBMSVClusterIP
|
10.0.64.246
|
IBM Spectrum Virtualize Cloud Cluster IP
|
|
IBMSVNode1Port1NodeIP
|
10.0.64.26
|
IBM Spectrum Virtualize Node1 Port1 Node IP
|
|
IBMSVNode1Port2NodeIP
|
10.0.64.9
|
IBM Spectrum Virtualize Node1 Port2 Node IP
|
|
IBMSVNode1PortIP1
|
10.0.64.239
|
IBM Spectrum Virtualize Node1 Port IP1
|
|
IBMSVNode1PortIP2
|
10.0.64.239
|
IBM Spectrum Virtualize Node1 Port IP2
|
|
IBMSVNode1ServiceIP
|
10.0.64.100
|
IBM Spectrum Virtualize Node1 Service IP
|
|
IBMSVNode2Port1NodeIP
|
10.0.64.50
|
IBM Spectrum Virtualize Node2 Port1 Node IP
|
|
IBMSVNode2Port2NodeIP
|
10.0.64.122
|
IBM Spectrum Virtualize Node2 Port2 Node IP
|
|
IBMSVNode2PortIP1
|
10.0.64.57
|
IBM Spectrum Virtualize Node2 Port IP1
|
|
IBMSVNode2PortIP2
|
10.0.64.57
|
IBM Spectrum Virtualize Node2 Port IP2
|
|
IBMSVNode2ServiceIP
|
10.0.64.177
|
IBM Spectrum Virtualize Node2 Service IP
|
|
IBMSVQuorumClientEC2IP
|
10.0.32.105
|
IBM Spectrum Virtualize Quorum Client EC2 Private IP
|
|
IBMSVVersion
|
8.3.0.0
|
IBM Spectrum Virtualize Cloud version
|
5.2 Logging in to IBM Spectrum Virtualize for Public Cloud on AWS
When the creation of CloudFormation is complete, you can log in to IBM Spectrum Virtualize for Public Cloud for further configuration. Because this is the only server with an externally exposed address, it has the following functions:
•The SSH jump host
•GUI proxy
•Cloud Call Home gateway
•SMTP gateway (optionally)
•Remote Support Proxy (RSP) server (optionally)
•Storage Insights DataCollector host (optionally)
5.2.1 Using SSH to access the Bastion host
Use the AWS console to access the list of EC2 instances and look for an instance that starts with your stack name and ends in IBM-SV-QuorumNode. Above it are the two IBM Spectrum Virtualize nodes. Select the QuorumNode instance or Bastion host and look for the IPv4 Public IP in the Description tab, as shown in Figure 5-14.
Figure 5-14 Public IP of QuorumNode (Bastion host)
Using the IP address, run ssh to access the Bastion host. Figure 5-15 shows the output.
Figure 5-15 Running ssh to access the Bastion host
5.2.2 Configuring the Bastion host
To configure the Bastion host, complete the actions in the following sections.
Enabling GUI access
Run ssh to access the Bastion host by using the ssh-key that you specified during the installation, as shown in Example 5-1.
Example 5-1 SSH connection to the Bastion host to enable GUI access to the IBM Spectrum Virtualize instance
[centos@svpc-bastion~]$ enable-sv-cloud-management-gui
|
Note: Port forwarding of port 8443, which is needed for GUI access, is disabled by default. For added security, you should enable it.
|
Configuring the Remote Support Proxy server
An RSP is a server that can be deployed to use the remote support assistance features that are offered in the IBM Spectrum Virtualize software. This section describes how to install the RSP server and configure the proxy in IBM Spectrum Virtualize to enable remote support connections into the cluster.
For the purposes of this book, assume that a separate virtual server is created in the environment that has access to both the public network and the private network, including routes to the subnet in which IBM Spectrum Virtualize is running. Additionally, for this guide, assume that the virtual server that is deployed is Red Hat Linux 7.x.
Complete the following steps:
1. Get the RSP software from your product support page. At the time of writing, this code is under the Others category, as shown in Figure 5-16.
Figure 5-16 Downloading code from the product support page
2. After the code is downloaded to the administrators laptop, you must upload the file to the server in which the proxy will be installed. To do so, run the scp command. You also must install the redhat-lsb package if it is not already installed. When the file is uploaded to the server and all prerequisite packages are installed, you can proceed with the installation, as shown in Example 5-2 on page 61.
Example 5-2 Installing the Remote Support Proxy
[root@itso-dal10-sv-rsp ~]# chmod +x supportcenter_proxy-installer-rpm-1.3.2.1-b1501.rhel7.x86_64.bin
[root@itso-dal10-sv-rsp ~]# ./supportcenter_proxy-installer-rpm-1.3.2.1-b1501.rhel7.x86_64.bin
Starting installer, please wait...
|
Tip: In order for the installation to succeed, make sure that the required packages are installed. On Red Hat systems, install the packages redhat-lsb and bzip2. On SUSE systems, install the package insserv.
|
3. When the installer is started, you see the International License Agreement for Non-Warranted Programs. To complete the installation, enter 1 to accept the license agreement and complete the installation.
4. When the installation completes, you must configure the proxy server to listen for connections. You can do this by editing the configuration file supportcenter/proxy.conf, which is in the /etc directory. The minimum modification that is required is to edit the fields ListenInterface and ListenPort. By default, the file has “?” as the value for both of them.
5. To complete the configuration, specify ListenInterface with the interface name in Linux that has access to the IBM Spectrum Virtualize clusters. You can discover this name by running the ifconfig command, and identifying the interface that accesses the AWS Cloud private network. Additionally, set ListenPort to the TCP port number to listen on for remote support requests. A sample configuration file is shown in Example 5-3.
|
Tip: Note the internal address of the Bastion host. In Example 5-3, it is 10.0.32.86. We could have gotten it from the same AWS console view where we got the public IP, but it is useful to be able to find it from ifconfig on the server. The internal IP is used for a number of configuration items on the IBM Spectrum Virtualize system. Also, note the port that is specified for ListenPort of the remote proxy because it will be needed later in EasySetup for Support Proxy.
|
Example 5-3 Sample proxy configuration
[centos@svpc-bastion ~]$ ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.32.86 netmask 255.255.224.0 broadcast 10.93.4.127
inet6 fe80::490:fbff:fed6:7120 prefixlen 64 scopeid 0x20<link>
ether 06:90:fb:d6:71:20 txqueuelen 1000 (Ethernet)
RX packets 58690 bytes 59492454 (56.7 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 15492 bytes 2239603 (2.1 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 46 bytes 2693 (2.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 46 bytes 2693 (2.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@itso-dal10-sv-rsp ~]# cat /etc/supportcenter/proxy.conf
# Configuration file for remote support proxy 1.3
# Mandatory configuration
# Network interface and port that the storage system will connect to
ListenInterface eth0
ListenPort 8988
#Remote support for SVC and Storwize systems on the following front servers
ServerAddress1 129.33.206.139
ServerPort1 443
ServerAddress2 204.146.30.139
ServerPort2 443
# Optional configuration
# Network interface (lo for local) for status queries
# StatusInterface ?
# StatusPort ?
# HTTP proxy for connecting to the Internet
# HTTPProxyHost ?
# HTTPProxyPort ?
# Optional authentication data for HTTP proxy
# HTTPProxyUser ?
# HTTPProxyPassword ?
# External logger (default is none)
# Logger /usr/share/supportcenter/syslog-logger
# Restricted user
# User nobody
# Log file
# LogFile /var/log/supportcenter_proxy.log
# Optional debug messages for troubleshooting
# DebugLog No
# Control IPv4/IPv6 usage
# UseIPv4 yes
# UseIPv6 yes
# UseIPv6LinkLocalAddress no
6. When the service is configured, you must start the service so that the server can start listening for requests. Optionally, you can also configure the service to start on system start. To start the service, run either the service or systemctl command. To make the service start on system start, run the chkconfig command. Both of these processes are shown in Example 5-4.
Example 5-4 Starting the service
[root@itso-dal10-sv-rsp ~]# service supportcenter_proxy start
Starting IBM remote support proxy: [ OK ]
[root@itso-dal10-sv-rsp ~]# chkconfig supportcenter_proxy on
7. When the service starts, you are ready to configure IBM Spectrum Virtualize to use the proxy to initiate remote support requests.
5.2.3 Logging in to the IBM Spectrum Virtualize for Public Cloud cluster and completing the installation
When the installation is complete, you can log in to the IBM Spectrum Virtualize for Public Cloud on AWS cluster through the WebGUI, as shown in Figure 5-17 by using the Bastion public IP address as a proxy after the enable-sv-cloud-management-gui command is run on the Bastion host. Complete the following steps:
1. With the proxy enabled, open a browser to the Bastion public IP, and append the port ID (:8443) to access the IBM Spectrum Virtualize WebGUI. In our example, it was https://3.210.203.197:8443.
Figure 5-17 Logging in to WebGUI
Figure 5-18 EasySetup: Welcome window
3. You are redirected to the Change Password window, as shown in Figure 5-19. Change your password, and then click Apply and Next to open the next window.
Figure 5-19 Easy Setup: Change Password
4. You can change your cluster name, which defaults to the stack ID name and -WorkloadStack-{stack unique identifier}. As a best practice, trim the unique identifier at the end, as shown in Figure 5-20. Click Apply and Next to open the next one.
Figure 5-20 EasySetup: Trimming the system name
5. Insert your capacity license in accordance with your IBM agreement, as shown in Figure 5-21. Click Apply and Next to open the next window.
|
Note: An IBM Spectrum Virtualize for Public Cloud license uses simple TiB values instead of Storage Capacity Units, which keeps the licensing model simple and still realizes economic benefits through thin provisioning and IBM Easy Tier by allowing for overallocation of the EBS volumes that are purchased and allowing for the use of fewer expensive high-performance EBS volumes and cheaper low-performance volumes.
|
Figure 5-21 EasySetup: Licensed Functions
6. You do not need to set the Date and Time because it is controlled by AWS. IBM Spectrum Virtualize for Public Cloud on AWS is configured by the AWS time server by using underlying operating system methods. Changing the time server or setting a static time is not recommended and might cause difficulties. For more information about the AWS time server, see Setting the Time for Your Linux Instance.
Make sure that the time zone is set. For ease of troubleshooting across multiple time zones, it is a best practice to use GMT or UTC+0, as in Figure 5-22 on page 67.
Figure 5-22 EasySetup: Time Zone
7. IBM Spectrum Virtualize for Public Cloud on AWS is preconfigured with Cloud Call Home that uses the Bastion host as a gateway. When the EasySetup process enters the Call Home configuration, Cloud Call Home verifies the connection to the support center, as shown in Figure 5-23.
Figure 5-23 EasySetup: Cloud Call Home verification
8. This verification should succeed, as shown in Figure 5-24, which is the System Location window.
Figure 5-24 EasySetup: Successful Cloud Call Home and System Location information
9. Finish the Call Home configuration by entering the contact information, as shown in Figure 5-25.
Figure 5-25 EasySetup: Contact information
10. Next is the IBM Storage Insights configuration, which you do not have to do during EasySetup. It requires registering for a no-charge account and installation of a DataCollector, which can be installed on the Bastion host. Figure 5-26 shows the IBM Storage Insights configuration window. Skip this step for now.
Figure 5-26 EasySetup: IBM Storage Insights
11. Configure your RSP, as shown in Figure 5-27.
Figure 5-27 EasySetup: Remote Support Proxy
|
Note: This step assumes that you have deployed an RSP. Again, the Bastion host is a logical choice. Note the internal IP address of the Bastion host and the ListenPort that was specified in 5.2.2, “Configuring the Bastion host” on page 60.
|
12. Figure 5-28 shows a summary of your configuration. Your cluster setup is complete.
Figure 5-28 EasySetup: Summary
|
Note: Call Home is set up with Cloud Call Home. However, email notification is useful for event notification and can be set up after the EasySetup process is done. The Bastion host runs an SMTP service and can be used as the email gateway.
|
5.3 Configuring the cloud quorum
IP quorum applications are used in Ethernet networks to resolve failure scenarios when half the nodes on the system become unavailable. These applications determine which nodes can continue processing host operations and avoids a split-brain scenario where both halves attempt to service independently I/O, which causes corruption. As part of the installation of IBM Spectrum Virtualize for Public Cloud on AWS, a Bastion host is provisioned and the IP quorum application is installed and configured on this instance. This Bastion host operates as the IP quorum and the network gateway for the configuration.
|
Note: An IP quorum is configured during the installation. You configure an extra IP quorum only if you want to enhance the fault tolerance by putting the active one in a different Availability Zone for installations into new VPCs.
|
There are strict requirements on the IP network with using IP quorum applications. All IP quorum applications must be reconfigured and redeployed to hosts when certain aspects of the system configuration change. These aspects include adding or removing a node from the system or when node service IP addresses are changed.
Other examples include changing the system certificate or experiencing an Ethernet connectivity issue.
An Ethernet connectivity issue prevents an IP quorum application from accessing a node that is still online.
If an IP application is offline, it must be reconfigured because the system configuration changed.
To view the state of an IP quorum application in the management GUI, select Settings → System → IP Quorum, as shown Figure 5-29.
Figure 5-29 IP quorum example from the GUI
Even with IP quorum applications on an EC2 instance, quorum disks are required on each node in the system to contain backups of the configuration and recovery information. On-EC2 instances where IBM Spectrum Virtualize connectivity with its nontraditional back-end storage connectivity, the quorum disks cannot be on external storage or internal disk as in SAN Controller Volume or FlashSystem systems. Therefore, they are automatically allocated on the EC2 instance boot device for each IBM Spectrum Virtualize node.
The IBM Spectrum Virtualize command lsquorum shows only the IP quorum.
The maximum number of IP quorum applications that can be deployed is five. Applications can be deployed on multiple hosts to provide redundancy.
For stable quorum resolutions, an IP network must provide the following requirements:
•Connectivity from the servers that are running an IP quorum application to the service IP addresses of all nodes.
•The network must also deal with the possible security implications of exposing the service IP addresses because this connectivity can also be used to access the service assistant interface if the IP network security is configured incorrectly.
•Port 1260 is used by IP quorum applications to communicate from the hosts to all nodes.
•The maximum round-trip delay must not exceed 80 milliseconds (ms), which means 40 ms each direction.
•A minimum bandwidth of 2 MBps is guaranteed for node-to-quorum traffic.
IBM Knowledge Center describes the IP quorum configuration.
|
Note: The current Cloud Formation Template (CFT) for new VPCs deploys the Bastion host (which houses the initial IP quorum device) into the same Availability Zone as the IBM Spectrum Virtualize nodes. If deploying into an existing VPC, it is possible to place that Bastion host on a subnet that is in a different Availability Zone from the IBM Spectrum Virtualize nodes.
However, if you are deploying into a new VPC that is created as part of the IBM Spectrum Virtualize installation process, it is a best practice that you create a new subnet in that VPC that belongs to a different Availability Zone. Then, start a new secure EC2 instance by using only a private interface in that new subnet with no direct access from the internet. Then, you deploy an IP quorum application on that server and restart the one on the Bastion host so that the secure, redundant IP quorum is the active quorum device.
In summary, here are the steps for deploying a second IP quorum server with a new VPC:
1. Create a subnet within the VPC in a different Availability Zone than the IBM Spectrum Virtualize nodes and Bastion host.
2. Start a new EC2 instance. You can use the Amazon Linux Amazon Machine Images (AMI) 2018.03.0 image from the quick start because it has Java preinstalled. The default type of t2.micro is suitable but do not select Review and Launch.
3. Click Next: Configure Instance Details and select the correct VPC and subnet that you created in step 1. Leave Public IP disabled for added security and use an existing security group (same as the Bastion host).
4. Click Review and Launch to review the configuration and then click Launch.
5. Select the keypair that was used during the creation of the cluster because the keypair is needed to access the new EC2 instance.
6. After the instance is provisioned, run the scp command on the private key that is used to access the Bastion host over to the Bastion host.
7. Run ssh to access the Bastion host and run scp to transfer the ip_quorum.jar file from the Bastion host over to the new EC2 instance by using the private key:
scp -i ~/.ssh/privkey.pem /usr/local/bin/ip_quorum.jar ec2-user@{new EC2 IP}:
8. Run ssh to access the new EC2 instance and test the ip_quorum service:
java -jar ~/ip_quorum.jar
9. Set up the quorum as a service or install a cronjob to ensure that it is always running.
10. Exit the new EC2 instance and restart the ip_quorum service on the Bastion host:
systemctl restart ip-quorum
|
5.4 Configuring the back-end storage
IBM Spectrum Virtualize for Public Cloud on AWS uses the back-end storage that is provided by AWS Cloud EBS as external MDisks. As part of the initial default installation, two gp2 EBS volumes are allocated and put into a pool on the IBM Spectrum Virtualize cluster (Figure 5-30). If more or even different storage is want, complete the following steps.
Figure 5-30 Default EBS gp2 volumes that are specified during CloudFormation template configuration
1. To order back-end storage, log in to the AWS Console.
2. Sign in to the AWS Console, click Services in the upper left corner of browser window, and then click EC2.
3. Under Resources, click Volumes. In the window that opens, you can create volumes and view current volumes.
|
Note: The AWS CloudFormation template provides two gp2 EBS volumes of a size that is specified during the CloudFormation template configuration for use with your
IBM Spectrum Virtualize cluster. Either before adding EBS volumes to a storage pool or as a part of the assignment process, be sure to follow the recommendation for properly aligning the EBS volume type to IBM Spectrum Virtualize performance expectations in accordance with Table 4-2 on page 44.
|
4. To create a volume, click Create Volume in upper left of the window.
5. Select the volume type and size of the volume that is required, as shown in Figure 5-31.
|
Note: When you create an EBS volume, ensure that you choose the same Availability Zone as the IBM Spectrum Virtualize for Public Cloud on AWS instance.
|
Figure 5-31 EBS: Create Volume on the AWS Console
Volumes that are created are viewable on the AWS Console in the EBS volumes section, and they should have a status of Available.
As shown in Figure 5-32, there are two pools that are created on IBM Spectrum Virtualize for Public Cloud on AWS and each pool has one MDisk assigned, which is the EBS external storage that is purchased on AWS Cloud.
6. To create pool on IBM Spectrum Virtualize for Public Cloud on AWS, log in to
the IBM Spectrum Virtualize for Public Cloud on AWS GUI and select Pools → Create Pool.
the IBM Spectrum Virtualize for Public Cloud on AWS GUI and select Pools → Create Pool.
Figure 5-32 Pool creation
7. After the pool is created, select Action → Discover Storage, as shown in Figure 5-32 on page 75. The EBS volumes that were purchased on AWS Cloud and are free and unused are visible under Unassigned MDisk. To cross-verify that the correct volume is added to the pool, check to see whether the EBS Volume ID is the same volume ID that is seen on the AWS Cloud console.
8. Add storage in the form of MDisks to the pool. There can only be 16 MDisks per I/O group.
9. Now, you can create a VDisk and assign the volume for host access by using iSCSI.
5.4.1 Configuring an IBM Spectrum Virtualize volume
In this section, you create a volume by using the pool that was created with the EBS volumes or MDisks. Volumes can be fully allocated or thinly provisioned (space-efficient). The default pre-allocation that is indicated by the command-line interface (CLI) below Example 5-5 is 2% (specified by the real size (rsize)). You have 98% of the capacity for the volumes that is available in the pool for other volumes until this volume claims it.
Example 5-5 Thinly provisioned (space-efficient) volume creation by using the CLI
svctask mkvdisk -autoexpand -grainsize 256 -mdiskgrp 2 -name thin-test -rsize 2% -size 32212254720 -unit b -warning 80%
Figure 5-33 shows thinly provisioned (space-efficient) volume creation by using the GUI.
Figure 5-33 Thinly provisioned (space-efficient) volume creation with the GUI
Thinly provisioned volumes allow users the ability to over-provision the EBS volumes and therefore reduce the overall operational cost in AWS.
5.4.2 Configuring the host and volume mapping
To use the volume that you created, you must map it to a host object. The host object represents a single Bare Metal Server on your cloud account and its iSCSI-qualified identifier (IQN), which is similar to a worldwide port name (WWPN) for an FC host.
To create a host object, you must collect its IQN. The place and the procedure to collect the IQN from can vary with each operating system. For the appropriate steps for an operating system, see the documentation for it.
When you create your host object and map your volume, depending on what operating system you using, you must install the iSCSI initiator and run some specific operations to use your mapped volumes with the hosts.
Linux host
Install the Linux software iSCSI initiator. The initiator software on RHEL systems is packaged as iscsi-initiator-utils, and the suggested version is 6.2.0.873-35 or later. The initiator software on SUSE Linux Enterprise Server systems is packaged as open-iscsi, and the suggested version is 6.2.0.873-33.2 or later.
According to IBM Knowledge Center, set the IQN; target discovery; and authentication, and enable multipathing for the Linux hosts.
After creating the host object and mapping VDisks to it, on the IBM Spectrum Virtualize cluster, scan for the disks on the host by using the specific iSCSI command, just like an anon-premises IBM Spectrum Virtualize Cluster.
Check the multipath output (run multipath -ll) to ensure that your VDisks are attached correctly through the multipath tool. A typical output of a VDisk should be like in Example 5-6.
Example 5-6 Linux multipath -ll output example
mpathch (3600507680181820bc800000000000009) dm-1 IBM ,2145
size=500G features='1 queue_if_no_path' hwhandler='0' wp=rw
|-+- policy='round-robin 0' prio=50 status=active
| |- 26:0:0:5 sdf 8:80 active ready running
| `- 27:0:0:5 sdl 8:176 active ready running
`-+- policy='round-robin 0' prio=10 status=enabled
|- 28:0:0:5 sdr 65:16 active ready running
`- 29:0:0:5 sdx 65:112 active ready running
Windows host
The software iSCSI initiator is built in to the system on Windows 2008 and later. Access the iSCSI initiator either from the Control Panel or search from the Start menu.
Discover the iSCSI target either by using Send Targets or by using iSNS. For more information, see IBM Knowledge Center.
Connect to the discovered targets, as demonstrated in IBM Knowledge Center IBM Knowledge Center.
Now, the mapped volumes are visible to Windows disk management services. The system volumes can be initialized, formatted, and mounted. You can view the details of the discovered disks by using the Windows Command Prompt. An example output is shown in Example 5-7.
Example 5-7 Diskpart command example
DISKPART> list disk
Disk ### Status Size Free Dyn Gpt
________ __________ _______ _______ ___ ___
Disk 0 Online 149 GB 78 GB *
Disk 1 Online 149 GB 78 GB *
Disk 2 Online 565 MB 565 MB
Disk 3 Online 337 MB 337 MB
DISKPART> select disk 2
Disk 2 is now the selected disk.
DISKPART> detail disk
IBM 2145 SCSI Disk Device
Disk ID: 00000000
Type : iSCSI
Bus : 0
Target : 2
LUN ID : 0
There are no volumes.
5.5 Configuring a site-to-site virtual private network IPSec tunnel for hybrid cloud connectivity in AWS Cloud
This section describes how to configure hybrid cloud connectivity between the AWS Cloud and the on-premises environment. This section also describes the lab setup and the steps to configure the site-to-site IPSec tunnel for communication between AWS Cloud and the on-premises site.
The virtual private network (VPN) IPSec site-to-site tunnel creates a secure communication network between the AWS Cloud infrastructure and on-premises infrastructure. Network communication between the private subnets is controlled by the access control list (ACL) that is populated when you create the VPN IPSec site-to-site tunnel.
AWS configuration for the VPN IPSec tunnel
This section describes the steps that are required at the VPC level in AWS Cloud for establishing the IPSec tunnel.
1. Create a customer gateway: Log into the AWS console with resource provisioning privileges, select Services at the upper left, and then VPC. Select Virtual Private Network (VPN) in the pane on the left. Click the customer gateways and input the required details.
2. Create the virtual private gateways: Click the Virtual private gateways section in the VPC and configure the required details.
3. Attach a virtual private gateway to the VPC.
4. Create a site-to-site VPN connection in AWS Console: Select the virtual private gateway and customer gateway parameters. Attach the virtual private gateway to the VPC in AWS.
5. After the site-to-site connection is complete, a configuration file is generated for the end-to-end point. This step creates two tunnels in the VPC, and the same configuration file is used for the configuration at the other end of the tunnel.
5.6 Configuring replication from on-premises IBM Spectrum Virtualize to IBM Spectrum Virtualize for Public Cloud on AWS
This section describes how to configure replication from an on-premises solution that could be a FlashSystem or SAN Volume Controller system to an IBM Spectrum Virtualize for Public Cloud on AWS solution.
Our example uses a FlashSystem system in the on-premises data center and a two-node
IBM Spectrum Virtualize for Public Cloud on AWS as a DR storage solution.
IBM Spectrum Virtualize for Public Cloud on AWS as a DR storage solution.
This scenario uses IBM Spectrum Virtualize Global Mirror with Change Volume (GMCV) to replicate the data from the on-premises data center to AWS Cloud.
This implementation starts with the assumption that the IP connectivity between the on-premises data center and AWS Cloud is established through a Multiprotocol Label Switching (MPLS) or VPN connection. Because there are multiple ways to implement the IP connectivity, this section does not consider that specific configuration. For more information, contact your organizations’s network technical specialist.
To configure the GMCV, complete the following steps:
1. Configure your IBM Spectrum Virtualize Private IP ports so that they are enabled for remote copy. This configuration is required on both sites, as shown in Figure 5-34.
Figure 5-34 Remote copy IP port example
a. You are redirected to choose which copy group to use, as shown in Figure 5-35.
Figure 5-35 Group 1 configuration example
b. Repeat steps 1 on page 79 and a for all of the IP ports that you want to configure, and you end up with a similar configuration as shown in Figure 5-36.
Figure 5-36 IBM Spectrum Virtualize configuration complete
c. Run the same configuration for the on-premises FlashSystem storage system or SAN Volume Controller, as shown in Figure 5-37 and Figure 5-38.
|
Note: It is important to understand what versions of IBM Spectrum Virtualize software are supported. For supported and interoperability versions, see IBM Spectrum Virtualize Family of Products Inter-System Metro Mirror and Global Mirror Compatibility Cross Reference.
|
Figure 5-37 On-premises copy group example
Figure 5-38 On-premises configuration completion example
2. Create a cluster partnership between the on-premises data center and IBM Spectrum Virtualize for Public Cloud on AWS from the on-premises GUI, as shown in Figure 5-39.
Figure 5-39 Create Partnership setup example
3. Complete the partnership creation from on-premises, as shown in Figure 5-40.
Figure 5-40 Inserting an IP address example
4. As you can see in Figure 5-41, the partnership is partially complete. You must complete the partnership in the IBM Spectrum Virtualize on-premises GUI.
Figure 5-41 Partnership partially configured
5. Complete the partnership configuration in the IBM Spectrum Virtualize on-premises GUI, as shown in Figure 5-42 and Figure 5-43 on page 84.
Figure 5-42 Create partnership example
Figure 5-43 Partnership example
6. Now, your partnership is fully configured, as shown in Figure 5-44.
Figure 5-44 Fully configured example
|
Note: The connection might take a few seconds to synchronize, but double-clicking Partnership reveals the confirmed status of the partnership quicker.
|
7. In our example, we have an on-premises 100 GiB volume with its Change Volume (CV) that must be replicated to a 100 GiB volume in the AWS Cloud instance that is defined in our IBM Spectrum Virtualize for Public Cloud installation. The on-premises volumes are thin-provisioned, but this is not a specific requirement. It is just a choice. The CV can be thin-provisioned or fully provisioned, regardless of whether the master or auxiliary volume is thin-provisioned or space-efficient.
The CV must store only the changes that accumulated during the cycle period, so it should use real capacity when possible, as shown in Figure 5-45.
Figure 5-45 Volumes example
8. Create a volume remote copy relationship for a GMCV from the on-premises data center, as shown in Figure 5-46.
Figure 5-46 Creating a relationship
9. Select the type of relationship, as shown in Figure 5-47.
Figure 5-47 Global Mirroring with Change Volumes example
10. Select the remote system, as shown in Figure 5-48 on page 87, and select the volumes that must be in the relationship, as shown in Figure 5-49 on page 87.
Figure 5-48 Remote system
Figure 5-49 Master and auxiliary volumes example
11. In our example, we select No, do not add a master change volume, as shown in Figure 5-50. They are added later.
Figure 5-50 Do not add change volume example
Figure 5-51 Do not start relationship example
13. Edit the relationship and set the Cycling Mode and Cycling Period.
14. Add the CV volumes to your relationship on both sides, as shown in Figure 5-52, Figure 5-53 on page 90, and Figure 5-54 on page 90.
Figure 5-52 Adding a change volume from the on-premises site
Figure 5-53 Selecting the change volume from the on-premises site
Figure 5-54 Adding the change volume to the AWS Cloud site
15. Now, start your relationship from the on-premises site, as shown in Figure 5-55 on page 91.
Figure 5-55 Starting the relationship
16. Now, you can create a GM consistency group and add your relationship to it, as shown in Figure 5-56 and Figure 5-57 on page 92.
Figure 5-56 Adding a consistency group
Figure 5-57 Add Relationship to Consistency Group
Figure 5-58 Consistency group status
Figure 5-59 Copying status
In our example, we show the status by using the IBM Spectrum Virtualize for AWS Cloud GUI.
When the copy approaches completion, the CV algorithm starts to prepare a freeze time in accordance with the cycling windows. When your copy reaches 100%, a FlashCopy is taken from the auxiliary volume to the auxiliary-CV to be used in case of real disaster or DR test. At 100%, the status is consistent copying.
What we have described is just an example of how to configure a GMCV relationship from an on-premises solution to an IBM Spectrum Virtualize for Public Cloud on AWS solution. It can be valuable to configure a snapshot (FlashCopy) of your GMCV auxiliary volume to be used for DR testing or other purposes.
The previous steps were completed by using the GUI, but they can also be done by using the CLI.
For more information about how to manage FlashSystem, IBM Spectrum Virtualize, or SAN Volume Controller copy functions, see the following publications:
•Implementing the IBM Storwize V7000 with IBM Spectrum Virtualize V8.2.1, SG24-7938
•IBM System Storage SAN Volume Controller and Storwize V7000 Best Practices and Performance Guidelines, SG24-7521
•Implementing the IBM System Storage SAN Volume Controller with IBM Spectrum Virtualize V8.1, SG24-7933
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.