MasterScope Virtual DataCenter Automation v4 - NEC · PDF fileMasterScope Virtual DataCenter Automation v4.0 First Step Guide ... Internet Explorer, ... in a command line

MasterScope Virtual DataCenterAutomation v4.0

First Step Guide

1st EditionApril, 2017

NEC Corporation

DisclaimerThe copyrighted information noted in this document shall belong to NEC Corporation.

Copying or revising this document, in whole or in part, is strictly prohibited without thepermission of NEC Corporation.

This document may be changed without prior notice.

NEC Corporation shall not be liable for any technical or editing errors or omissions in thisdocument.

NEC Corporation shall not be liable for the accuracy, usability, or certainty of information notedin this document.

Copyright Information• SigmaSystemCenter, MasterScope, Network Manager, NEC Storage, ESMPRO,

EXPRESSBUILDER, EXPRESSSCOPE, SIGMABLADE, UNIVERGE, andProgrammableFlow are registered trademarks of NEC Corporation.

• VMware is a trademark or registered trademark of VMware, Inc. in the United States and othercountries.

• Microsoft, Windows, Windows Server, Windows Vista, Internet Explorer, SQL Server, andHyper-V are trademarks or registered trademarks of Microsoft Corporation in the United Statesof America and other countries.

• Linux is a trademark or registered trademark of Linus Torvalds in the United States of Americaand other countries.

• Red Hat is a trademark or registered trademark of Red Hat, Inc. in the United States and othercountries.

• Intel and Itanium are trademarks or registered trademarks of Intel Corporation in the UnitedStates of America and other countries.

• Apache, Apache Tomcat, and Tomcat are trademarks or registered trademarks of ApacheSoftware Foundation.

• Oracle, Solaris, Java, and WebLogic are registered trademarks of Oracle Corporation and itssubsidiaries and affiliates in the United States of America and other countries.

• SAP is a trademark or registered trademark of SAP AG in Germany and other countries.

• Fortinet, FortiGate, FortiClient, and FortiGuard are registered trademarks of Fortinet, Inc. OtherFortinet products contained in this guide are trademarks of Fortinet, Inc.

• Thunder Series and AX Series of A10 Networks is a registered trademark of A10 Networks,Inc.

• Catalyst, IOS, Cisco IOS, Cisco, Cisco Systems, and Cisco logo are trademarks or registeredtrademarks of Cisco Systems, Inc. in the United States of America and other countries.

• F5, F5 Networks, F5 logo, and product names in the text are trademarks or registeredtrademarks of F5 Networks, Inc. in the United States of America and other countries.

Other system names, company names, and product names in this document are trademarks orregistered trademarks of their respective companies.

i

The ® and ™ marks are not included in this document.

Notes on exporting this productIf this product (including its software) is subject to regulation under the Foreign Exchange andForeign Trade Law, it will be necessary to follow the procedures required by this law when exportingthis product, such as obtaining an export license from the Japanese Government. If you requiredocuments from NEC in order to obtain an export license, please contact the dealer where youpurchased your MasterScope product, or your local NEC sales office.

ii

PrefaceTarget Readers and Objective

This document provides the users to use this product first with the description on the productoverview, system design method, and latest operating environment of Virtual DataCenterAutomation.

Overview of the DocumentThe chapters in this document mainly describe Virtual DataCenter Automation, with NetworkAutomation described in a supplementary fashion. If Network Automation is not explicitly described,assume that the explanation is the same as that of Virtual DataCenter Automation.

Notation Rules of This DocumentThis document describes precautions, important items, and related information as follows.

NoteIndicates precautions, warnings, and supplementary notes for the function, operation, and setting

TipIndicates the location of reference destination information

Notation rulesIn addition, the following notation rules are applied in this document.

Notation How to use Example

XXXXX Used before and after the items (text boxes,check boxes, or tabs, etc.) to be displayed inthe dialog box or used for screen names(dialog boxes, windows, and others).

Enter the machine name in theMachine name text box.All check boxSetting window

" "XXXXX

Used used before and after other manualname.

"Installation Guide"Installation Guide

[ ] in a commandline

Indicates that the specification of the valuein [ ] can be omitted.

add [/a] Gr1

Monospace font(courier new)

Indicates the outputs (messages, prompts,and others) from the command line orsystem.

Perform the following command.replace Gr1

Italicizedmonospace font(courier new)< >

Indicates the items to be replaced with avalid value and input by users.When a space is included in the value, place“ “ before and after the value.

add GroupNameInstallPath="Install Path"<Install DVD>

iii

ContentsChapter 1. Virtual DataCenter Automation.............................................................................. 1

1.1 What is Virtual DataCenter Automation ? .............................................................................2

1.2 What is Virtual DataCenter Automation Standard Edition ? ..................................................3

1.3 What is Network Automation ? .............................................................................................3

1.4 Virtual DataCenter Automation Capabilities .........................................................................31.4.1 Resource management.................................................................................................41.4.2 Provisioning and orchestration ....................................................................................51.4.3 Monitoring ..................................................................................................................71.4.4 Asset Management ....................................................................................................141.4.5 Custom Monitoring for Tenants.................................................................................161.4.6 Asset Management for Tenants .................................................................................221.4.7 Software Repository..................................................................................................241.4.8 Integrated ID Management........................................................................................261.4.9 Provisioning of Physical Machines............................................................................261.4.10 Visualization of Tenant Networks............................................................................26

1.5 Network Automation Capabilities .......................................................................................27

Chapter 2. Virtual DataCenter Automation Configuration .................................................. 282.1 Management Target of Virtual DataCenter Automation.......................................................29

2.1.1 Network ....................................................................................................................292.1.2 Storage ......................................................................................................................302.1.3 Server........................................................................................................................30

2.2 System Management Domain..............................................................................................312.2.1 Overview of Management Domain............................................................................312.2.2 Pod............................................................................................................................312.2.3 Zone..........................................................................................................................312.2.4 P-Flow Domain.........................................................................................................312.2.5 Site............................................................................................................................32

2.3 Virtual DataCenter Automation Basic Configuration ..........................................................322.3.1 Consisting Components.............................................................................................322.3.2 Installed Functions ....................................................................................................33

2.4 Server configuration of Virtual DataCenter Automation......................................................342.4.1 For Single Pod...........................................................................................................342.4.2 For Single Pod (VM Monitoring Server Configuration) ............................................352.4.3 For Multiple Pods......................................................................................................362.4.4 For Multiple Pods (Zone Configuration) ...................................................................372.4.5 For Multiple Sites......................................................................................................38

2.5 Virtual DataCenter Automation License..............................................................................39

Chapter 3. System Design.......................................................................................................... 403.1 Studying Network Configuration (Standard Configuration) ................................................41

3.1.1 Public Cloud .............................................................................................................41

iv

3.1.2 Private Cloud ............................................................................................................433.1.3 On-premises Cloud....................................................................................................453.1.4 Utilization of the P-Flow Network ............................................................................473.1.5 Multiple Pods ............................................................................................................493.1.6 Multiple Sites ............................................................................................................503.1.7 IP Address Design.....................................................................................................523.1.8 User Authentication for Network Devices .................................................................53

3.2 Customization of Network Configuration............................................................................533.2.1 Public Cloud .............................................................................................................53

3.3 Studying Storage Configuration ..........................................................................................543.3.1 Storage Configuration ...............................................................................................543.3.2 Point of View of Storage Pool ...................................................................................563.3.3 Study point for storage configuration ........................................................................563.3.4 Storage device...........................................................................................................573.3.5 Storage capacity ........................................................................................................583.3.6 Extendibility..............................................................................................................593.3.7 Availability................................................................................................................603.3.8 Functionality .............................................................................................................603.3.9 Backing up ................................................................................................................61

3.4 Studying Configuration of Virtualization Base ....................................................................633.4.1 Configuration Examples of Virtualization Base in VMware vCenter Server

Management Environment ...........................................................................................633.4.2 Configuration Examples of Virtualization Base in Hyper-V Environment.................643.4.3 Configuration Examples of Virtualization Base in KVM Environment......................65

3.5 Studying VM Template .......................................................................................................663.5.1 Linkage between VM Template and Resource Pool...................................................693.5.2 VM Template Creation Policy ...................................................................................723.5.3 Using VM Template ..................................................................................................733.5.4 Sharing of the VM Template .....................................................................................74

3.6 Studying DC Resource Group Configuration ......................................................................763.6.1 DC Resource Group ..................................................................................................76

3.7 Studying Resource Pool Configuration ...............................................................................773.7.1 Resource Pool ...........................................................................................................773.7.2 Resource Pool and Sub-pool......................................................................................783.7.3 Configuration Examples of Sub-pool ........................................................................79

3.8 Studying Resource Pool for Each Cloud..............................................................................813.8.1 Public Cloud .............................................................................................................813.8.2 Private Cloud ............................................................................................................833.8.3 On-premises Cloud....................................................................................................84

Chapter 4. Design of Operation Management Server Configuration ................................... 854.1 Studying ID Management ...................................................................................................86

4.1.1 Users Handled in ID Management.............................................................................864.1.2 Precautions for ID Management ................................................................................864.1.3 ID Management Configuration..................................................................................86

v

4.2 Studying DB Configuration.................................................................................................874.2.1 Point of View for DB Configuration..........................................................................874.2.2 DB Configuration......................................................................................................88

4.3 Studying Management of 100000 Virtual Machines............................................................894.3.1 Point of View for Management of 100000 Virtual Machines .....................................894.3.2 Configuration of Management of 100000 Virtual Machines ......................................89

Chapter 5. Design of Optional Function .................................................................................. 915.1 Studying Distribution Package Configuration .....................................................................92

5.2 Studying Physical Machine Configuration ..........................................................................935.2.1 Physical Machine Configuration ...............................................................................935.2.2 Physical machines .....................................................................................................935.2.3 Network ....................................................................................................................945.2.4 Storage ......................................................................................................................945.2.5 OS Image ..................................................................................................................94

Chapter 6. Operating Environments/System Requirements ................................................. 956.1 Virtual DataCenter Automation Version Information ..........................................................96

6.2 Global Management Server.................................................................................................96

6.3 Management Server ............................................................................................................97

6.4 VM Monitoring Server........................................................................................................98

6.5 Managed Machine (Virtual Base) ........................................................................................996.5.1 System Requirements................................................................................................996.5.2 Virtual Machine Base ................................................................................................996.5.3 Managed Guest OS .................................................................................................100

6.6 Managed Machine (Physical Machine) .............................................................................101

6.7 Management Agent ...........................................................................................................102

6.8 Console .............................................................................................................................103

6.9 ID Management Server .....................................................................................................103

6.10 DB Server .......................................................................................................................104

6.11 Service Governor ............................................................................................................105

6.12 Network Devices.............................................................................................................106

6.13 Storage ............................................................................................................................107

6.14 Distributed Middleware...................................................................................................107

6.15 Monitored Middleware....................................................................................................108

Appendix A. Revision History................................................................................................. 110

Appendix B. Manual System....................................................................................................111

Appendix C. Managed Guest OS require packages.............................................................. 113

Appendix D. License Information .......................................................................................... 115

Glossary...................................................................................................................................... 116

vi

List of FiguresFigure 3-1 Gold level ...............................................................................................................59Figure 3-2 Silver/Bronze level .................................................................................................59Figure 4-1 Configuration example (local allocation of DB on servers) .....................................88Figure 4-2 Configuration example (allocation of the DB server) ..............................................89

vii

List of TablesTable 3-1 [Storage SAN configuration] ..................................................................................55Table 3-2 [Storage NAS configuration] ..................................................................................55Table 6-2 platform compatible with remote host for each Oracle Database version ..............109Table 6-3 Platform compatible with the remote host for each application version.................109

viii

Chapter 1. Virtual DataCenter AutomationThis section gives a product overview of Virtual DataCenter Automation.

Contents1.1 What is Virtual DataCenter Automation ? ....................................................................................2

1.2 What is Virtual DataCenter Automation Standard Edition ? .........................................................3

1.3 What is Network Automation ? ....................................................................................................3

1.4 Virtual DataCenter Automation Capabilities ................................................................................3

1.5 Network Automation Capabilities ..............................................................................................27

Chapter 1. Virtual DataCenter Automation

1

1.1 What is Virtual DataCenter Automation ?Virtual DataCenter Automation is software making it possible to manage the infrastructure of a datacenter in the cloud.

The data center has been managed without using virtualization. However, virtualization has beenwidely used to ensure system flexibility and improve work efficiency. Recently, cloud has beenattracting attention as a means of centrally managing the IT infrastructure of the data center.

There are two types of requirements in the IT system managing the data center: requests for andprovision of IT resources.

The cycle of IT resource requests and provision of the same generally required a few months beforevirtualization was introduced. However, its introduction has slashed the required time to a few weeks.In fact, virtualization only makes the phase where the server is prepared for providing the IT resourcemore efficient. To automate the overall cycle of IT resource request and provision, cloud is crucial.


2

Cloud requires a service portal as a means of IT resource request and infrastructure management as ameans of IT resource provision respectively. Virtual DataCenter Automation is the software makingit possible to manage the infrastructure.

1.2 What is Virtual DataCenter AutomationStandard Edition ?

Virtual DataCenter Automation provides functions required for cloud operations in all-in-one.However, Virtual DataCenter Automation Standard Edition allows users to select a desired functionaccording to their use cases.

The current version of Virtual DataCenter Automation Standard Edition can be used in cooperationwith the following components related to Virtual DataCenter Automation.

• Resource management function (SigmaSystemCenter)

• Monitoring function (SystemManager G)

Operations can be automated by controlling these from through the Virtual DataCenter AutomationStandard Edition portal.

1.3 What is Network Automation ?Network Automation is a product that includes only the network orchestration functions of VirtualDataCenter Automation, and can be incorporated even in systems in which IT from multiple vendorsis already being operated. This allows networks that utilize SDN to be automatically constructed andoperated even if the system includes a combination of OpenFlow and existing networks.

1.4 Virtual DataCenter Automation CapabilitiesVirtual DataCenter Automation automates systemwide operations in addition to providing advancedinfrastructure management. It achieves a cloud system with superior usability and operability bylinking with a service portal that provides a self-service infrastructure.

The infrastructure management standardizes and automates operations through the centralizedmanagement of ICT resources. Virtual DataCenter Automation achieves the best infrastructure


3

management for cloud systems with its advanced resource pool management and operationsautomation functions.

NoteIt's different that a service portal on a figure is an example and is built by a bundled Virtual DataCenterAutomation portal.

1.4.1 Resource managementDiverse ICT resources (servers, networks, and storage units) and multiple virtual infrastructures arecentrally managed with the cloud, and these resources must be grouped into a resource pool. Throughthis centralization, the operation of diverse ICT resources can be standardized. Virtual DataCenterAutomation integrates a wide range of ICT resources, including existing assets. It enables you todivide resource pools for each division and department and also provides a sub-pool function inaddition to standardizing operations. Flexible, practical cloud environment operations that maintainICT resources for each department can be achieved by limiting management privileges to a fixedresource pool range.

1. Resource pool management

The resource pool is a function that collects and centrally manages resources including CPUs,memory devices, storage units, and networks, and dynamically distributes these resources toeach job. In Virtual DataCenter Automation, the resource pool is used to operate resourcesefficiently, so that costs can be reduced. You can visually check the usage status of eachresource from the resource pool list screen of the web console.

2. Controlling resources

Start and stop, snapshot creation, console connection, and other operations can be controlledfor a virtual machine in Virtual DataCenter Automation.

3. Optimized Placement

Virtual DataCenter Automation maintains the proper load of a virtual machine server bymonitoring the load status of the virtual machine server.


4

If the load is high, the load is adjusted by live migration of virtual machines from a loaded virtualmachine server to other virtual machine server which loads are not very high.

If the high load is not alleviated by moving virtual machines, SigmaSystemCenter can start and usenew virtual machine servers

1.4.2 Provisioning and orchestrationAn additional element that is important for infrastructure management is the flexible extraction ofICT resources and the automated configuration of this extraction. MasterScope Virtual DataCenterAutomation not only configures virtual machines and assigns physical machines, but also automatesa series of settings necessary for the machines actually used for tasks such as storage allocation,network setting, installation of applications, or monitor setting. This frees ICT resourceadministrators of setting-related tasks, and users can start using the resources at the time they areextracted. In addition, provisioning scenarios (automation procedures) verified by NEC are providedwith the standard product, and these practical configuration scenarios can be used immediately.These scenarios can be easily customized to specific jobs by using the editing function from the GUI.

1. Provisioning/activation

Virtual DataCenter Automation can configure the machine to be managed, manageconfiguration information, change the configuration, and execute autonomous restoration froma machine failure. Users obtain permission to use resources through the activation process thatfollows provisioning.

2. Request management

Request management receives orchestration requests through the service governor andexecutes the scenario corresponding to the request. This function manages the progress andresults of the received request and provides a means for cancelling the request depending onthe situation. The orchestration results are asynchronously returned to the requester.

3. Schedule management


5

Schedule management controls the starting and stopping of monitoring for each category of theserver and message monitoring functions. Schedule management also manages the schedulesof scenarios that must be regularly executed and controls the scenarios that are executed notregularly but at a specified time.

Schedule management can also automatically stop monitoring when servers are down, such asat night and during maintenance, and automatically start monitoring when the servers start.

4. Controlling scenario

Scenarios required by the orchestration function (such as virtual machine creation, deletion,and reconfiguration) are executed. Workflows are executed from request management andschedule management. Work is automated by defining process flows for each job.

Responding to the functions specific to scenario controls such as job date and non-flowexecutions enables the control and monitoring of advanced operational flows.

Support for the non-flow execution in particular enables the monitoring and control ofworkflows that instruct starting and stopping at any timing in addition to supporting traditionalworkflows that follow a fixed procedure.

5. Controlling network devices

Streamlines the settings of the network devices (firewall, load balancer, SSL-VPN device, L2switch, etc.) in the data center as a virtual network for each tenant.

• Creation of tenant firewall and load balancer

• Setting of SSL-VPN

• Creation of VLANs (production VLAN, tenant administration VLAN (Note: To bedescribed later), etc.)

• etc.

6. Controlling storage devices

Virtual DataCenter Automation is a product that automates virtual data centers. The storagesettings scenario improves the efficiency of installing new storage units and setting upadditional storage units, thereby reducing setup costs.

The following settings can be specified as the basic functions of the vDCA storage settingsscenario:

• Settings when the storage unit is first installed

• Settings when storage units are added

• Settings of a storage unit when a VM server is added

7. Automatically discovering managers

Provisioned agents automatically apply monitoring definitions when connected to managers bysetting monitoring definitions in advance for management target machines that performprovisioning, enabling monitoring to start.

8. Service governor

The service governor provides an integrated interface for linking with external products (suchas a service portal).

The service governor of Virtual DataCenter Automation allows you to orchestrate themanagement target machines from the service portal.


6

1.4.3 MonitoringVirtual DataCenter Automation provides a function for the integrated monitoring of an entire cloudsystem, including work systems configured on virtual machines. Diverse monitoring functions suchas detecting silent failures, identifying the range of impact, and automating the troubleshootingprocess, reduces downtime and supports the realization of the high availability required for mission-critical system use.

1. Machine Status and Failure Monitoring

SigmaSystemCenter can monitor the status of the machines. This function monitors usage andoperating status of each machine resource including terminal equipment in real-time. Inaddition, the function monitors errors and thresholds of CPU, memory, or disks periodicallyand if any failure is generated, the function reports you immediately. The system can recoverfrom a failure when an event is detected by the machine status monitoring function.

2. Message monitoring

Centrally manages the messages generated by performance monitoring, application logmonitoring, etc. Messages by linkage with the other products are also integrated. Classifyingthe messages into each operation items and displaying them in the tree view so that user canidentify the business impact immediately in case of any system failure. Enormous messagescan be filtered and necessary information is selectively displayed.


7

Stopping and resuming monitoring can be automatically controlled using the schedulefunction. This enables to discard the messages and avoid the unnecessary notifications in caseof regular system maintenance, for instance.

• Registers the schedule for selected category from the monitoring view

• Batch schedule registration is available by defining a schedule to the category group

3. Service process monitoring

In addition to alive monitoring of important service/process, monitors from the operation pointof view. When incidents occur, it notifies which business will be influenced & affected.


8

4. Application log, syslog, and event log monitoring

Monitors the application log, event log and syslog and displays and informs only the necessaryinformation.

5. Network Operation Management


9

It allows you to manage the configuration, failure, and performance of the network utilizingNetwork Manager. Network Manager provides a function that displays configuration maps forthe visual management of IPv4/IPv6 networks, a topology management function that displaysthe wiring conditions of network devices, and a function that graphically displays the pathbetween any two points in the network. Network Manager can detect failures and notify themto the administrator quickly by monitoring alive status, SNMP traps, and MIBs with ICMP(Internet Control Message Protocol).

Also, in Network Manager, performance information is accumulated through its periodiccollection from a management information base (MIB) by equipment that supports SNMP. Thecollected information can be used for real time analysis and the creation of performancereports. The collected data is automatically saved in the CSV (Comma Separated Value)format.

6. Current Alerts

Only the unresolved alert information that must be checked and investigated is displayed, andonce resolved, the alert information is automatically deleted. Since only the current alerts arenotified on-screen, you are protected against overlooking important failures.

7. Performance monitoring

It graphically displays the performance status (CPU, memory, etc.) of each server.

Monitors the capacity of the CPU, memory, etc… Also, generates the message when thethreshold is exceeded.


10

Performance data can be accumulated and charted as statistics.

8. Audit log management

Manages operating status and automatically processes with the help of/by monitoring theterminal/Manager. Each operation and result is recordable as the audit logs for future tracing.And it is also possible to send a report when certain audit log is being generated.

9. Operation control


11

This feature issues a predetermined action by using the time, generation of a specific message,or an operator's operation as a trigger.

Enables to submit commands to Manager/Agent with a simple step. Avoid forgetting to issuecommands by defining a complex command execution as an "operation". The definedoperation can be executed manually by the operator or automatically by using a specificinternal event, scheduler, or timer as a trigger. The commands included in the operation can beexecuted sequentially, in parallel, or on multiple Agents in parallel.

10. Manager linkage

The whole system can be centrally monitored by linking multiple managers in a hierarchy.Manager of Manager (MOM) collects the messages from Region Manager (RM).

* You can specify whether to use linkage for each category in the business view.

11. Application linkage

Here the text filled message is sent as an output which is collected by SystemManager G to theexternal applications. The record format of write-out file can be selected and the user can


12

specify various character encoding (UTF-8, Shift-JIS, etc.) to write log files. Log rotation isalso made available.

12. System performance analysis (Option)

Performance information can be automatically obtained on SystemManager G, and analyzed inreal time. Automatic analysis is simply realized by input performance data without anyprofessional knowledge or complex setup. Performance information is automatically acquiredin SystemManager G and analyzed in real time.

• Automatic detection of silent failures

The performance information correlations that do not change during normal operation(invariant) are automatically learned and modeled. An unusual behavior that does notmatch that model is detected as a silent failure. Real-time automatic analysis makes itpossible to issue a warning message when a failure is detected.

• Automation and visualization of analysis and cause determination

You can significantly reduce the time necessary to determine the cause, because the coreelement of the detected unusual behavior and its extent of impact are intuitively shown ina pie chart or map.

• Recording and viewing responses

Responses that have been made can be recorded. Recorded responses are accumulatedand searched for based on similarities with other failures. This helps you reduce the timenecessary to respond to any subsequent unusual behavior that is similar.

• Description of the basic screen

The simple and easy-to-understand basic screen enables you to see the analysis results ata glance.

• Automatic analysis of persistent relationships (invariant)

The system is automatically analyzed using performance information to detect failureoccurrence.

- Automatic analysis does not require special knowledge or a complex setup.

- Because the persistent relationships between performance information sets arefocused on, it is not necessary to change settings even if the load temporarilyfluctuates, such as due to a special advertising campaign.

- Additional analysis can be automatically controlled using an external command.

- Real-time analysis can be performed in SystemManager G.

13. ServiceManager linkage (Option)

By linking with MasterScope ServiceManager, which is used for IT service management, thisfeature ensures that all important incidents are addressed and realizes total system IT servicemanagement.

* The Manager does not support Windows Server 2008 when the ServiceManager linkagefeature is used.

14. Linkage function for service portal messages

This function uses HTTP communication to link specific messages detected by the operationmonitoring server (SystemManager G) with an external product (such as a service portal). Themessages can be simultaneously transmitted to multiple destinations.

15. Service port monitoring function


13

This function monitors the opening and closing of the service port and outputs thecorresponding message if the state changes. Recovery can be also performed by extracting thismessage and making recovery settings for the message. In addition, the state change of themonitoring port can be reported to the operator by using the report function.

1.4.4 Asset Management1. Displaying asset information

Collected asset information is displayed on a simple screen. You can divide and viewinformation in groups, organized by, for example, division or floor, based on usage. Ahierarchical view that can flexibly handle the organization of large companies can be used. Inaddition, data center operators can separate and manage management information on thecompany level.

Asset information for each machine can be displayed in lists organized by category. Customer-specific management items can be added and viewed.


14

2. Searching asset information

Assets matching specific criteria can be displayed in a list through a filtered search. By usingsearch criteria, an administrator can limit the configuration information viewed to only thatwhich is desired.

You can use flexible searches in which multiple criteria, such as asset names, users, anddevices names, are specified. Frequently used searches can be registered to the tree view sothat you can quickly view a list of assets that match the search criteria. Arithmetic operationsor comparison between items can be set in the search criteria, and required information can bedisplayed in a batch.

3. Alert function

The alert function can send notifications linked with the search function and monitoringconditions by e-mail. The function sends e-mail notifications concerning the movement ofassets, approaching lease/rental end dates, an insufficient number of software licenses,unauthorized software usage, and other status alerts. The alert function can be set to link withthe search function and monitoring criteria settings to send violation notifications.

4. Contract management


15

Contract management associates lease, rental, and maintenance contract periods, rates,statuses, and other basic contract information with asset information, enabling the integratedmanagement and confirmation of this information.

5. Distributing and executing software

Batch distribution is available for commercial packaged software, proprietary applications, andsecurity patches. Specification of a distribution destination is flexible, enabling you to specifyspecific groups or a list of terminals extracted from search results. You can also selectmandatory distribution or optional distribution according to usage. Distribution progress canbe viewed in a list.

6. License key management

The following logical assets can be managed in Virtual DataCenter Automation.

• OS product key

• License key for software/middleware

The license key registered according to each cloud configuration can be used as necessary suchas when creating a new virtual machine or installing new software to a virtual machine.

7. Software installation image management

Virtual DataCenter Automation allows you to register the installation images for software,security patches, etc. By utilizing the registered installation images, you can install thesoftware or security patch to the virtual machine extracted from the newly created virtualmachines or search results. By working with the license key management, you can associatethe virtual machine in which the software was installed with the license key of the installedsoftware.

8. Management information output

Asset information, software license information, and contract information managed in the assetmanagement database can be output in CSV format. This information can be utilized asconfiguration information in other operations management software or when analyzinginformation based on customer-specific needs.

1.4.5 Custom Monitoring for TenantsFor resources assigned to the tenant administrator by the IaaS provider, Operation ManagementAppliance *1 can provide functions that allow the tenant administrator to customize what to monitorfor integrated monitoring. It minimizes downtime with various monitoring functions such as sensingof silent failure, identification of affected areas, and automation of responses, to support therealization of higher availability.

*1 Function to provide custom monitoring, asset management, and software patch distribution and application for the tenantadministrator and the machine image where products necessary for the custom monitoring function or softwarerepository function for the tenant are set up in advance.


16

The following functions are available in custom monitoring for tenants.

1. Monitoring of machine status and failure

The tenant administrator can monitor the usage and operation states of the machine resourcesassigned by the IaaS provider in real time. It also monitors errors and threshold values of theCPU, memory, and disks periodically, so it can report to the administrator by emailimmediately in the event of a failure.

In addition, it can execute commands on the virtual machine for automatic recovery in theevent of a failure triggered by an event detected via machine state monitoring.

2. Message monitoring function

This function manages messages occurring in performance monitoring and application logmonitoring as well as messages received from the modules of this product in an integratedfashion.

It displays messages occurring in the system in trees grouped by host or by task, so theaffected area can be identified immediately in the event of a failure. Only the messages


17

required for monitoring are selectively displayed out of a large volume of messages, so currentmessages regarding the failure won't be scrolled down and off the screen.

In monitoring by task, stopping and resuming of monitoring can be controlled automaticallywith schedules in units of category groups. Therefore, messages occurring in time zones thatare not to be monitored, such as in periodic maintenance, are discarded, preventingunnecessary notifications. Schedules can be registered for any category from the console.Schedules can be set for a category group to register them to the categories under the group ina batch.

3. Service process monitoring function

It performs live monitoring of processes in units of operation systems as well as monitoringimportant processes in the operation system in units of nodes. In the event of a failure, it cannotify affected tasks.


18

4. Application log monitoring, syslog monitoring, and event log monitoring functions

This function monitors logs output by the application program, event logs, and syslogs,extracts necessary information, and reports as messages.

5. Report function


19

This function reports by email in the event of an alert such as a server stop or process stop.Simultaneous reporting to multiple destinations is available.

6. Performance monitoring function

This function displays the operation state (CPU/memory usage) of the server graphically. Itcan also display the operation state of the database and application server.

It monitors the CPU usage and memory usage, and displays a message when the thresholdvalue is exceeded.


20

It accumulates performance data as statistical information and displays them in graphs.

7. Internal control management (trail management) function

This function supports internal control by managing operations and result history as logs (auditlogs) for operations and automatically executed processing on the console/manager.

It can also report when an audit log of specific importance occurs.

8. Middleware monitoring function


21

This function monitors the operation state (CPU/memory usage) of the middleware installed inthe virtual machine and the process states. The operation state can be displayed in a graph oroutput in CSV format with the performance monitoring function.

9. Integration of login accounts with the ID management server

You can log into the console of Operation Management Appliance with the tenantadministrator account stored on the ID management server. Appropriate rights can be assignedto each user.

1.4.6 Asset Management for TenantsOperation Management Appliance can be used to provide the functions to manage informationresources for the resources assigned to the tenant administrator by the IaaS provider on the tenantadministrator side. It realizes streamlining of asset management operation of the tenant administratorand effective utilization of assets with a wide variety of asset management functions such asmanagement and searching of asset information or distribution of software.

The following functions are available in asset management for tenants.

1. Asset information display

It displays collected asset information on a simple screen. It can be browsed in groupsaccording to usage, such as by department or by building floor. It allows hierarchical displaythat flexibly supports organizations of large corporations. For data center providers, it can alsoseparate management information into units of companies and allows you to manage theinformation.


22

It lists asset information of each machine by category. Management items specific to acustomer can be added and displayed.

2. Asset information search

You can narrow down to assets that match specific conditions to display them in a list. Searchconditions can be used in combination to display just the configuration information that theadministrator wants to check. Flexible searches with multiple conditions such as asset name,user, and device name, etc. can be performed. Search conditions that are used frequently can beregistered in the tree view that allows you to obtain a list of assets that match the searchconditions. "Four arithmetic operations" and "Comparison among items" can be specified assearch conditions for batch display of required information.


23

3. Asset management alert

It allows email notification (reporting) in conjunction with the search function and monitoringconditions. Asset movement, forthcoming end of lease/rental, insufficient software licenses,and use of unauthorized software can be notified by email. Transmission settings for emails inthe event of a violation can be specified in conjunction with the search function andmonitoring condition settings.

4. Contract management

It can associate basic information regarding contracts such as lease, rental, and maintenancecontractual periods, fees, and statuses with asset information so that it can be managed andchecked in an integrated fashion.

5. Software distribution and execution

Batch distribution of commercially available package software, proprietary applicationsoftware, and security patches can be performed. Distribution destinations can be specifiedflexibly such as specific groups and a list of terminals extracted from search conditions. Forceddistribution and voluntary distribution can be selected according to the usage. The progress ofdistribution can be checked in the list.

6. License key and package distribution

The following license keys can be managed.

• OS product keys

• Software/middleware license keys

• Global IP addresses (IPv4 addresses, IPv6 addresses)

License keys registered based on the cloud configuration can be used as needed when a newvirtual machine is created or when new software is installed in a virtual machine.

7. Management information output

Asset information, software license information, and contract information managed in the assetmanagement database can be output in CSV format. It can be used as configurationinformation of other operation management software or for analysis based on the customer'sspecific needs.

1.4.7 Software RepositoryA data center or multiple data centers require the management of VM templates, etc., and theiroperation costs increase. The software repository allows you to manage the management targets such


24

as a VM template in an integrated fashion. Operation without focusing on the existence of themanagement target decreases the operation costs.

Tenants may want to install the application in a virtual machine, make it a template, and createmultiple virtual machines, or they may want to migrate the existing virtual machine into their ownenvironment for Virtual DataCenter Automation. The software repository provides functions fortenants to deal with these cases.

1. Function for providers and resellers

By registering the following management targets to the software repository only once, they canbe shared among multiple data centers and in a data center. This leads to a decrease in theoperation cost.

• VM template

• Software(including middleware)/patch

• OS image

The shared management targets can be provisioned from each data center.

• Registration and distribution of software/patches, assignment of licenses along withdistribution

• Registration of OS images and provisioning of physical servers

• Registration of VM templates and provisioning of virtual machines

2. Functions for tenants

The following functions are provided.

• Creation of VM templates and provisioning of virtual machines

NoteThe software repository needs a dedicated volume for storage to store the management target. For storage, ashared disk or local disk can be used. If a shared disk is used, CIFS and NFS are supported as protocols.They have the following characteristics.

• CIFS: No additional component is required. Setting allowing Guest access is required for the volume.• NFS: NFS service must be installed to each server.


25

For the settings of the volume, see 5.7.1 Setting up the Software Repository Environment in VirtualDataCenter Automation Configuration Guide.

NoteIf the server configuration is multiple sites, a shared disk must be placed in each site, and a dedicatedvolume must be created for each of them, for distribution and sharing of software / patch. In addition, in oneManagement Server of a site that has a Global Management Server, you must install the components ofManaged Machines. For multiple sites, see "2.4.5 For Multiple Sites (page 38)". For the settings of themanagement server, see 2.5.1 Components Installed on the Management Server in Virtual DataCenterAutomation Installation Guide. For the setting multiple sites, 5.7.1 Setting up the Software RepositoryEnvironment and 5.7.6 Managing Packages (for Multiple Sites) in Virtual DataCenter AutomationConfiguration Guide.

NoteSoftware images and VM images managed by the software repository are stored in a volume on the fileserver. Consider backing up the images. For consideration of backups, see "3.3.9 Backing up (page 61)".

1.4.8 Integrated ID ManagementTo utilize various ICT resources in a data center within an appropriate function range, individualauthentication and an approval framework are required. In Virtual DataCenter Automation, usersregistered in the service portal are managed in the ID management server in an integrated fashion. Bythe network devices working with the ID management server, individual user registration and userright settings in the operation management function and network devices are not required. This leadsto a decrease in management cost and operation costs.

1.4.9 Provisioning of Physical MachinesAs a resource to assign to tenants, Virtual DataCenter Automation is compatible not only with virtualmachines on the virtualization base, but also with physical machines. Existing physical machines canbe used effectively.

1. Provisioning and automation

Similarly to virtual machines, it allows you to provision and automate physical machines. Onrequest, physical servers can be assigned, a network can be set (VLAN setting), and storagecan be set (assignment of FC and iSCSI).

2. Operation of physical machines

It allows you to turn the power ON/OFF, back up, and restore the physical machine.

3. Management of gold images

By utilizing the software repository, physical machine gold images can be managed.

1.4.10 Visualization of Tenant NetworksTenant networks assigned by Virtual DataCenter Automation (VLANs, tenant firewalls, loadbalancers, etc.) and the logical configuration diagrams in the servers allocated to those networks canbe automatically created and checked by using Virtual DataCenter Automation. The created logicalconfiguration diagrams can also be freely edited and saved by system operators. NetworkAutomation also provides functions that enable physical information to be verified immediately fromlogical configuration diagrams, making it easy to monitor the networks of a large number of tenants.


26

1.5 Network Automation CapabilitiesThe functions that can be implemented in Network Automation, whose role is to simply orchestratenetwork resources, are described below.

Function Network Automation

Resource Management Virtual appliances such as virtual load balancers and virtual firewalls, as well asnetwork resources such as IP addresses and VLAN IDs can be pooled. Resourcemanagement, such as managing the total amount of resources, the amount of used andunused resources, and the amount of reserved resources, can be performed in poolunits.

Orchestration, Provisioning All the network settings required to use services, such as allocation of L2 switches,firewalls, and load balancers to VLANs, filter policy settings, user authenticationsettings, are automated. Network provisioning across multiple data centers can beautomated by linking with the UNIVERGE PF series, which uses OpenFlowtechnology.

Integrated ID Management Supported in the same way as Virtual DataCenter Automation.

Tenant networkvisualization

Supported in the same way as Virtual DataCenter Automation.


27

Chapter 2. Virtual DataCenter AutomationConfigurationThis section describes the configuration of the system to which Virtual DataCenter Automation isinstalled.

Contents2.1 Management Target of Virtual DataCenter Automation..............................................................29

2.2 System Management Domain.....................................................................................................31

2.3 Virtual DataCenter Automation Basic Configuration .................................................................32

2.4 Server configuration of Virtual DataCenter Automation.............................................................34

2.5 Virtual DataCenter Automation License.....................................................................................39

Chapter 2. Virtual DataCenter Automation Configuration

28

2.1 Management Target of Virtual DataCenterAutomation

To configure data centers that utilize Virtual DataCenter Automation, it is necessary to understandthe management targets (network, storage, and server) of Virtual DataCenter Automation and whichmanagement domain is used for the management target. For the management domain, see"2.2 System Management Domain (page 31)".

2.1.1 NetworkThe network used in the Virtual DataCenter Automation system is described below. For details ofnetwork design, see "3.1 Studying Network Configuration (Standard Configuration) (page 41)".

Type Description Share ina pod

Share ina zone

Share ina site

Shareamongsites

L2SW Layer 2 switch for the operationmanagement network used for device controlfrom the Virtual DataCenter Automationmanagement server, and layer 2 switchaccommodating the tenant network. In theVirtual DataCenter Automation system, aVLAN tag is used to separate the networkamong different tenants. Accordingly, the L2switch to be used in the virtualization boardand to support IEEE 802.1Q is required. Usean L2 switch whose maximum active VLANnumber is 1000 or more. Note that someswitches have a number of 500 or fewerdepending on the device type. Consider thenetwork redundant system to select thedevice.

√ - - -

Tenant FW Firewall device used for the tenant network.Use the firewall device that supports themulti-tenant function. Consider themaximum tenant number to select the device.

- √ - -

Back-end FW The multi-tenant function is not required forthe back-end firewall.

- √ - -

SSL-VPN device Use the devices that support LDAP linkage,VLAN support, and the group access controlfunction. In addition, some firewall devicesthat support the multi-tenant function containthe tenant firewall and SSL-VPN device as asingle device.

- √ - -

Router Router connected to the Internet and used forthe operation management network on theprovider side.

- √ - -

Load Balancer Load balancer used for the tenant network.Use the load balancer that supports the multi-tenant function. At this time, consider themaximum tenant number to select the device.

- √ - -

UNC Device used for the programmable flow (P-Flow) implementing the OpenFlowtechnology. Manages multiple PFCs

- - - √


29


Share ina zone

Share ina site

Shareamongsites

(programmable flow controllers) in anintegrated fashion. Enables centralmanagement of VTNs and the setting ofVTNs spanning different PFCs.

PFC Device used for the programmable flow (P-Flow) implementing the OpenFlowtechnology. By connecting the differentblade housing to the PFS (programmableflow switch), the different pods areconnected at the L2 level.

- √ - -

PFS Device used for the programmable flow (P-Flow) implementing the OpenFlowtechnology. The PFC (programmable flowcontroller) provides the central control ofmultiple PFSs.

- √ - -

2.1.2 StorageThe storage used in the Virtual DataCenter Automation system is described below. For details ofstorage design, see "3.3 Studying Storage Configuration (page 54)".


Share ina zone

Share ina site

Shareamongsites

Storage for tenants Storage connected to a hypervisor anddirectly used by virtual machines to beprovided to tenants.

√ - - -

Storage for thesoftware repository

Storage to share and manage VM templates,etc. Use the NAS device.

- √ - -

2.1.3 ServerThe server used in the Virtual DataCenter Automation system is described below.


Share ina zone

Share ina site

Shareamongsites

Hypervisor Server accommodating virtual machines oftenants. Use VMWare ESXi or Hyper-V.

√ - - -

VM template Template from which virtual machines arecreated.

- - - √

Virtual machine Virtual machines operating on hypervisorassigned during the provisioning process.

√ - - -

Gold image of thephysical machine

Disk image including OS and profile forprovisioning of physical machines.

- - - √

Physical machines Physical machines assigned during theprovisioning process.

√ - - -


30

2.2 System Management Domain2.2.1 Overview of Management Domain

Virtual DataCenter Automation defines four management domains (pod, zone, P-Flow domain andsite) as cloud system configuration.

2.2.2 Pod"Pod" is defined as a management domain to manage 1000VLAN and 1000 virtual machines within anetwork range connected to the L2 switch. The maximum number of active VLAN IDs that can bemanaged in a single network device is 1024. The element 1000VLAN is based on this feature. Thenetwork assigned to each tenant is basically created in one pod.

2.2.3 Zone"Zone" is defined as a management domain consisting of four pods at maximum. The upper limit ofVLAN IDs is 4096 as a specification. Therefore, the range where a VLAN ID is uniquely identifiedis defined as "zone". Communication between pods within a zone is realized as communication at theL2 level.

2.2.4 P-Flow DomainP-Flow domain is defined as a group of pods or zones to which the PFSs managed by a single PFCbelong. Connection on the L2 communication level is possible exceeding the upper-limit VLAN IDof 4096 between each pod and between zones by using programmable flow (P-Flow) equipment. Inaddition, the tenant NW can be built across sites by using IX router or other equipment that extendsL2-level communication between sites. When installing PFC at each site, install UNC at the sametime to enable control of multiple PFCs.


31

2.2.5 Site"Site" is defined as each pod group connected via a router. Communication between sites is realizedas communication at the L3 level using a dedicated line or IP-VPN. For example, a data centerconnected via a router and geographically separated, or the connection via a router even in the samedata center, is defined as "site". Site consists of one or multiple zones.

2.3 Virtual DataCenter Automation BasicConfiguration2.3.1 Consisting Components

Virtual DataCenter Automation consists of the following products.

The components required for the manager function are listed below: All of the following componentsof the manager function are installed using Virtual DataCenter Automation Integrated Installer(database excluded). Because Network Automation functionality is limited to network orchestration,it does not include all the components required for the manager function. The components requiredfor the manager function are indicated by in the NWA column in the table below. Besides, VirtualDataCenter Automation Portal is bundled as the service portal.

Component list NWA

(1) SigmaSystemCenter component*1

(2) DeploymentManager component

(3) SystemManager G component*2 √

(4) Network Manager component*3 √

(5) AssetSuite component

(6) Cloud provider API component √

(7) Database √

(8) Identity Manager component √

*1 For details of the SigmaSystemCenter component, see 2.1.4. Component and Product Configuration inthe SigmaSystemCenter First Step Guide.

*2 In Network Automation, SystemManager G components are configured, but the functions are limited.This means that virtual machine failure monitoring cannot be implemented.

*3 In Network Automation, Netvisor Pro components are configured, but the functions are limited. Thismeans that performance analysis cannot be implemented.

Each component responds to the function of Virtual DataCenter Automation as the figure below.


32

2.3.2 Installed FunctionsThe functions installed to operate Virtual DataCenter Automation are listed below. Install them withthe Virtual DataCenter Automation Integrated Installer. For the installation order, see the VirtualDataCenter Automation Installation Guide, and Network Automation Installation Guide.

Function Role NWA

Global ManagementServer

Manages and monitors all resources in Virtual DataCenter Automation in anintegrated fashion. Provides a single-point gateway function working withan external function such as a service portal (Virtual DataCenter AutomationPortal, etc.). Use local or remote DB.

√

Global ManagementServer console

Provides functions to monitor and control the resources managed by theglobal management server.

√

Management server Provides functions to control (creation and deletion) and monitor thestorage, network, virtualization base, and virtual machines (VM). Use localor remote DB.

√

Management serverconsole

Provides functions to browse and control the resources managed by themanagement server.

√

VM Monitoring Server Provides functions to monitor and control virtual machines. Plays the role ofreducing the management server load when monitoring virtual machines.The VM monitoring server is installed when IaaS providers monitor virtualmachines in detail. Use local or remote DB.

VM monitoring serverconsole

Provides functions to browse and control the resources managed by the VMmonitoring server.

ID management server Manages authentication IDs of the IaaS providers who use VirtualDataCenter Automation and of the tenant administrators who accessresources in a tenant in an integrated fashion.

√

Managed machine Provides functions to monitor and control by installation in the virtualizationbase such as a management target virtual machine, physical machine, ESX,or Hyper-V.

Management agent Provides a function to monitor the management target ESX, Hyper-V, andstorage. Normally, it is installed in the same machine as the managementserver.


33

For details about the system requirements, installation procedure, and the operation method in virtualDataCenter Automation Portal, refer to Virtual DataCenter Automation Portal User's Manual(Installation Guide) and Virtual DataCenter Automation Portal User's Manual (Operation Guide).

2.4 Server configuration of Virtual DataCenterAutomation

This section describes an assumed configuration of Virtual DataCenter Automation. When usingNetwork Automation, replace this configuration with one in which only the network devices arecontrolled.

2.4.1 For Single PodThis is the basic configuration of Virtual DataCenter Automation. A single pod of a certain datacenter is managed. The management server is configured so as to control and monitor the NWdevices, storage devices, hypervisors, and provisioned virtual machines. This also processes requestsfrom the portal server and their replies, brings together management servers, and configures theglobal management server to realize integrated monitoring and management.


34

Tenant number 200 per pod at maximum

Virtual machinenumber(Number ofmachines managedunder a globalmanagement server)

1000 per pod at maximum• Allocates 1 to 6 blade housings per pod.• Allocates 8 blade servers per blade housing.• Allocates 24 virtual machines per blade server.

24 x 7 x 6 ≈ 1000

VLAN number 1000 per pod at maximum

2.4.2 For Single Pod (VM Monitoring Server Configuration)Also for a single pod can the VM monitoring function be divided as shown in the figure below and ahierarchical configuration can be employed. The VM monitoring server monitors the VM, and themanagement server controls and monitors the others. This configuration enables the VM monitoringitems and frequency to be increased without increasing the load on the management server. InNetwork Automation, the VM monitoring server cannot be installed, so this configuration is notsupported.


35

VM monitoringserver number

1 to 4 per management server

Virtual machinenumber (Number ofmachines managedunder VMmonitoring server)

256 per VM monitoring server

2.4.3 For Multiple PodsThis configuration consists of multiple pods in certain data center. The management server isconfigured by pods.


36

Management servernumber

100 at maximum (Number of machines managed under global management server)

2.4.4 For Multiple Pods (Zone Configuration)This configuration manages multiple zones of a certain data center. The management server isconfigured by pods similarly to the previous section.


37

2.4.5 For Multiple SitesThis configuration is used when managing multiple sites across multiple data centers. Themanagement server is configured by pods similarly to the previous section. Only one globalmanagement server is configured in either site. For multiple sites, the ID management servers areconfigured per site.


38

2.5 Virtual DataCenter Automation LicensePrepare the appropriate license in the required quantity according to the configuration.

TipPrice information can be obtained from the following website:http://www.nec.com/en/global/prod/masterscope/vdcautomation/


39

http://www.nec.com/en/global/prod/masterscope/vdcautomation/

Chapter 3. System DesignThis section describes considerations for the system design of Virtual DataCenter Automation.

Contents3.1 Studying Network Configuration (Standard Configuration) .......................................................41

3.2 Customization of Network Configuration...................................................................................53

3.3 Studying Storage Configuration .................................................................................................54

3.4 Studying Configuration of Virtualization Base ...........................................................................63

3.5 Studying VM Template ..............................................................................................................66

3.6 Studying DC Resource Group Configuration .............................................................................76

3.7 Studying Resource Pool Configuration ......................................................................................77

3.8 Studying Resource Pool for Each Cloud.....................................................................................81

Chapter 3. System Design

40

3.1 Studying Network Configuration (StandardConfiguration)

The standard network model assumed in Virtual DataCenter Automation is described in each cloudmodel (public cloud, private cloud, and on-premises cloud). In addition, the consideration for the IPaddress design, user authentication, and network devices will be described. First, network differenceamong the cloud models and precautions are listed below.

Public cloud Private cloud On-premises cloud

IP Address ofbusiness VLAN

Unique per tenant.However, can be changedfreely after assigning VM.

Unique per tenant.Parts of the IP address systemof the user Intranet.

Unique per tenant.Part of the user Intranet.

IP Address oftenant VLAN

Unique within the system.Cannot be changed.

Unique within the system.Parts of the IP address systemof the user Intranet.

Unique within the system.Part of the user Intranet.

IP Address ofmanagementVLAN



Unique within the system.Part of the user Intranet.

Access to businessVLAN

Internet access.One-to-one NAT for globaland local IP addresses.

Intranet access via a WANservice line.

Intranet access.

Access to tenantVLAN

Internet access or an accessvia SSL-VPN device.

Intranet access via a WANservice line.

Intranet access.

Communicatingbetween VM andthe operationmanagement server

Communicating withoperation management servervia provider administrationVLAN and back-endFirewall.

Same as on the left. Same as on the left.

3.1.1 Public CloudThe public cloud is a cloud model in which multiple tenants use the Virtual DataCenter Automationsystem configured in the data center of the IaaS provider. The path is limited to the Internet whentenant administrators or service users access VM on the Virtual DataCenter Automation system. Theconfiguration elements and usage of the public cloud are described using the following table andfigure:

In addition, IEEE 802.1Q tag VLAN is used in the standard network model to separate networks ofdifferent tenants while sharing network devices and cables.

NetworkConstituentElements

Used solo/SharedNecessary/

Recommended/Option

Usage

1 Tenant Firewall Used solo by tenantNecessary

Prepare one per tenant. Tenant Firewall is connected withpublic VLAN, production VLAN, and tenant administrationVLAN to provide NAT function for the routing betweenVLANs, Firewall, and global/local IP address.

2 Public VLAN Used solo by tenantNecessary

Prepare one or more per tenant. The public VLAN connectsthe tenant Firewall with an Internet router. Global IP addressis allocated to the IP address space of public VLAN.


41



Recommended/Option

Usage

3 Business VLAN Used solo by tenantNecessary

Prepare more than one per tenant. The Business VLANconnects the tenant firewall with the VM. Service usersaccess the applications on the VM via an Internet router,public VLAN, tenant firewall, and Business VLAN.

4 Tenant VLAN Used solo by tenantNecessary

Prepare one per tenant. The Tenant VLAN connects theSSL-VPN device with the tenant firewall or VM. Tenantadministrators set the tenant Firewall, maintain the VM suchas an application setup on VM, use the VPN, and access thetenant Firewall and VM securely via the Internet, SSL-VPNdevice, and tenant administration VLAN.

5 Management VLAN Used solo by tenantNecessary

Prepare one per tenant. The Management VLAN connectsthe back-end Firewall with the VM and is used for Agentcommunication between the operation management serverand the VM.

6 Internet router Shared by tenantNecessary

Prepare one per data center. The Internet router connects theInternet with the public VLAN.

7 SSL-VPN device Shared by tenantNecessary

Prepare one per data center. The SSL-VPN device connectsthe Internet with the tenant administration VLAN. A VPNfunction is provided to facilitate secure access from thetenant administrator to the tenant Firewall and VM via theInternet. In each tenant’s administration VLAN, the securitypolicy is set to SSL-VPN device so that only the relatedtenant administrator can access.

8 Back-end Firewall Shared by tenantNecessary

Prepare one per data center. The back-end firewall connectsthe Management VLAN with the operation managementLAN being used to connect the operation managementserver. To separate the operation management LAN of thedifferent tenants, a Firewall function is provided.

9 Portal server Firewall Shared by tenantNecessary

Prepare one per data center. The portal server Firewallconnects the Internet with the portal server. A Firewallfunction is provided for secure separation.

10 Tenant LB Used solo by tenantOption

Prepare one per tenant. Tenant LB is connected to theBusiness VLAN and Tenant VLAN and provides an LBfunction for tenants. To perform authentication with the IDmanagement server, the tenant LB is used to set the access tothe ID management server.

11 Operationmanagement LAN

Shared by tenantNecessary

The operation management LAN is used to connect theportal server, back-end Firewall, server accommodating theVM and the operation management server of the VirtualDataCenter Automation system.

12 Live migration LAN Shared by tenantRecommended

The live migration LAN is used for communication duringlive migration by connecting the server accommodating theVM.

13 ID managementserver


The ID management server provides the function to integratelogin accounts of IaaS providers and login accounts forresources assigned to tenants and manage them. This isconnected to the operation management LAN to enable youto access from the devices or NW devices that useauthentication functions.


42



Recommended/Option

Usage

14 NAS Shared by tenantNecessary

NAS is prepared to use the software repository functions toshare VM templates, software, patches, and OS imagesamong pods and manage them.

3.1.2 Private CloudThe private cloud is a cloud model in which multiple tenants use the Virtual DataCenter Automationsystem configured in the data center of the IaaS provider. An IP-VPN or a closed network WANservice is used as the path when tenant administrators or service users access VM on VirtualDataCenter Automation system. The configuration elements and usage of the private cloud aredescribed using the following table and figure:



Recommended/Option

Usage

1 Tenant Firewall Used solo by tenantNecessary

Prepare one per tenant. The tenant firewall is connected withthe WAN service VLAN, public VLAN, Business VLAN,and Tenant VLAN to provide NAT function for the routingbetween VLANs, Firewall and global/local IP address. Topublicize a job via the Internet, the tenant Firewall must beset carefully to separate the Internet from the network withina user company. To perform authentication with the IDmanagement server, the tenant LB is used to set the access tothe ID management server.

2 WAN service VLAN Used solo by tenantNecessary

Prepare one per tenant. The WAN service VLAN connectsthe tenant Firewall with the WAN service router.

3 Public VLAN Used solo by tenant Prepare one or more per tenant in case a job is publicized viathe Internet. The public VLAN connects the tenant firewall


43



Recommended/Option

Usage

Option with an Internet router. A global IP address is allocated tothe address space of the VLAN.

4 Business VLAN Used solo by tenantNecessary

Prepare more than one per tenant. The Business VLANconnects the tenant Firewall with the VM. A job ispublicized in a user company by accessing the applicationson the VM via the WAN service line, WAN service router,WAN service LAN, tenant Firewall, and Business VLAN. Ajob is publicized via the Internet by accessing theapplications on the VM via the Internet, Internet router,public VLAN, tenant Firewall, and Business VLAN.

5 Tenant VLAN Used solo by tenantRecommended

Prepare one per tenant. The Tenant VLAN connects thetenant Firewall with the VM. Tenant administrators maintainthe VM such as an application setup by access to VM via theWAN service line, WAN service router, WAN serviceVLAN, and Tenant VLAN. In the private cloud notpublicizing a job via the Internet, the Tenant VLAN can bereplaced with the Business VLAN.


The Management VLAN connects the back-end Firewallwith the VM and is used for Agent communication betweenthe operation management server of the IaaS provider andthe VM.

7 WAN ervice router Used solo by tenantNecessary

Prepare one per tenant. The WAN service router connects theWAN service line with the WAN service VLAN.

8 Internet router Shared by tenantOption

Prepare one per data center. The Internet router connects theInternet with the public VLAN.

9 SSL-VPN device Shared by tenantOption

Prepare one per data center in case secure VM access via theInternet is provided. The SSL-VPN device connects theInternet with the Tenant VLAN. A VPN function is providedto facilitate secure access from the enant administrator to thetenant Firewall and VM via the Internet. In each TenantVLAN, the security policy is set to the SSL-VPN device sothat only the related tenant administrator can access.

10 Back-end Firewall Shared by tenantNecessary

Prepare one per data center. The back-end firewall connectsthe Management VLAN with the operation managementLAN being used to connect the operation managementserver. To separate the operation management LAN of thedifferent tenants, a Firewall function is provided.

11 Portal server Firewall Shared by tenantNecessary

Prepare one per data center. The portal server Firewallconnects the Internet with the portal server. A Firewallfunction is provided for secure separation.







44



Recommended/Option

Usage

14 Live migration LAN Shared by tenantRecommended







3.1.3 On-premises CloudThe on-premises cloud is a cloud model in which single or multiple tenants use the VirtualDataCenter Automation system configured in the data center of a user company. The path is limitedto the user Intranet when tenant administrators or service users access VM on a Virtual DataCenterAutomation system. The configuration elements and usage of the on-premises cloud are describedusing the following table and figure:



Recommended/Option

Usage

1 Front-end L3 switch Shared by tenantNecessary

Prepare one in the Virtual DataCenter Automation system.The front-end L3 switch is connected with the user Intranet,


45



Recommended/Option

Usage

Business VLAN, and Tenant VLAN to provide functions forthe routing between VLANs, and Firewall.

2 Business VLAN Shared by tenantNecessary

Prepare more than one in Virtual DataCenter Automationsystem. The production VLAN connects the front-end L3switch with the VM. A job is publicized in a user companyby accessing the applications on the VM via the userIntranet, L3 switch, and production VLAN. In the on-premises cloud, the production VLAN can be replaced withthe No-tag LAN.

3 Tenant VLAN Used solo by tenantRecommended

Prepare one per tenant. The Tenant VLAN connects thefront-end L3 switch with the VM. Tenant administratorsmaintain the VM such as an application setup on the sameby access the VM via the user Intranet, L3 switch, andTenant VLAN. In the on-premises cloud, Tenant VLAN canbe replaced to Business VLAN.


Prepare one per tenant. The Management VLAN connectsthe back-end L3 switch and is used for Agentcommunication between the operation management serverand the VM.

5 Back-end L3 switch Shared by tenantNecessary

Prepare one in the Virtual DataCenter Automation system.The back-end L3 switch connects the Management VLANwith the operation management LAN being used to connectthe operation management server. To separate the operationmanagement LAN of the different tenants, a Firewallfunction is provided.






8 Live migration LAN Shared by tenantOption








46

3.1.4 Utilization of the P-Flow NetworkThe programmable flow (P-Flow) that implements OpenFlow technology consists of a programmableflow controller (PFC) and programmable flow switch (PFS). In the programmable flow, the PFCcontrols paths and the PFS transfers packets. A path information transaction between the PFC andPFS with the OpenFlow protocol realizes packet transfer by central control. In the programmableflow, objects such as virtual routers (vRouter) or virtual bridges (vBridge) are used to define thevirtual network (Virtual Tenant Network, VTN).

The P-Flow network realizes flexible network configuration without limitation of the layer 2 switchsuch as the network visualization base on the centrally controlled path information, VLAN ID upperlimit, or loop measures.

1. Network visualization

The GUI of the PFC allows you to check data communication paths on network physicalconfiguration and on logical/physical configuration for each tenant.


47

2. Flexible network configuration (VLAN expansion)

In the legacy network consisting of a layer 2 switch, the network is assigned from a single podwhose connectivity is assured to tenants. The P-Flow network allows you to connect multiplepods at the layer 2 level. Virtual DataCenter Automation provides a VLAN expansion functionto assign the network across multiple pods. In the VLAN expansion function, the system isconfigured using the network across two pods and virtual machines assigned from two pods.

When there is a shortage of server resources on the pod where the tenant is stored, the tenantnetwork can be extended to another pod to supplement insufficient server resources.

3. Designing the P-Flow domain


48

When designing the P-Flow domain, please make the pod space where you'd like to assumethat resource accommodation is possible belong to the identical P-Flow domain. When the P-Flow domain is divided into plural, resource accommodation can't be performed between thepod to which I belong between the separate P-Flow domains.

For example when consisting of a pod and the P-Flow domain of the construction like thefollowing figure, the resource accommodation propriety between the pods will be a street inthe following table.

Pod1 Pod2 Pod3 Pod4 Pod5 Pod6

Pod1 - √ √ √

Pod2 √ - √ √

Pod3 √ √ - √

Pod4 √ √ √ -

Pod5 - √

Pod6 √ -

4. Resource accommodation between P-Flow domains using UNC

Resource accommodation can be performed between P-Flow domains by using UNC in aconfiguration with multiple P-Flow domains. For example, resource accommodation ispossible between all pods in the configuration shown in the figure below. Note that it isnecessary to set up a communication route that supports L2 communication between each P-Flow domain.

3.1.5 Multiple PodsNetwork

ConstituentElements

Used solo/SharingNecessary/

Recommended/Optional

Usage

1 PFS Shared by tenantNecessary

By connecting the different blade housing to the PFS(programmable flow switch), the different pods areconnected at the L2 level.

2 PFC Shared by tenantNecessary

The PFC (programmable flow controller) provides thecentral control of multiple PFSs.


49

3.1.6 Multiple SitesThis is a model to configure the previously described public cloud configuration, private cloudconfiguration, and on-premises cloud configuration by the management domain of multiple sites. Thefollowing figure shows the network configuration in the multiple-site environment of private cloudconfiguration.

The figure below is an image of a tenant network that spans multiple sites.

The network in the same tenant can be created across multiple sites by connecting the network fortenant communication on the L2 level between sites. BC and DR can be also supported with thisconfiguration.


Dedicated/SharedNecessary/


Usage

1 PFS Tenant sharedNecessary

Connect different pods on the L2 level by connectingdifferent blade servers by using the PFS (programmable flowswitch).

2 PFC Tenant sharedNecessary

The PFC (programmable flow controller) provides centralcontrol of multiple PFSs.

3 UNC Tenant sharedNecessary

The UNC (unified network coordinator) provides centralcontrol of multiple PFCs.


50

The following sections describe automation of resource interchange *1 and disaster recovery inmultiple-site configuration by taking the following logical network configuration as an example.

The diagram below shows the state where Tenant A has configured an operation system at Site 1.

Assume that the operation system cannot be expanded at Site 1 due to insufficient resources. Whenthis state occurs, Virtual DataCenter Automation automatically extends to another site at the L2 levelby checking the vacancy of the resources held by the sites to make network resources available. Thisallows the tenant to configure one operation system across sites without any regard to sites.

The diagram below shows the state where the network is extended from Site 1 to Site 2 and oneoperation system is configured across the sites.

*1 Resource interchange is to use vacant network resources with no regard to location when network resources in a certainrange become depleted.


51

The tenant can also configure other operation systems at different sites with sites in mind.

Virtual DataCenter Automation can extend at the L2 level as required, so a disaster recoveryenvironment can be configured by configuring active and standby operation systems at each site.

3.1.7 IP Address DesignBased on the standard network model described above, design an IP address considering the number,size, and allocation method of the IP address space.

1. Number of the IP address space

The number of the IP address space (the number of VLAN) is determined according to thenumber of tenants provided by the Virtual DataCenter Automation system and the averagenumber of VLAN per tenant. (See "2.2 System Management Domain (page 31)".）

2. VLAN types

Review the type of VLAN assigned to the tenant. Types are classified into Business VLAN,Tenant VLAN, Management VLAN, Public VLAN, and WAN service VLAN. (See"3.1 Studying Network Configuration (Standard Configuration) (page 41)")


52

3. Size of the IP address space

The size in the necessary IP address space is designed based on the following index everyVLAN types.

4. Allocation of IP address

Examples of the public cloud IP address design are listed in the table below.

VLAN type Numberof VLAN

Allocation VLAN ID IP address space

Public VLAN 240 11-250 1.1.x.x/28

Tenant VLAN 240 261-500 172.18.x.x/24

Management VLAN 240 511-750 172.17.x.x/24

Business VLAN 3000 1011-4011 172.16.x.x/28

In case of multiple sites or multiple zones, the IP address space might be designed in each siteor zone. The global IP address assigned to a public VLAN in a multi-site environment isassigned from one pool in which the range of IP addresses held by the provider is registered.

3.1.8 User Authentication for Network DevicesIn the Virtual DataCenter Automation system, a guest OS on the VM, tenant firewall, tenant LB,SSL-VPN device, and service portal must be considered for user authentication of tenantadministrators.

Assign an initial ID and password for the guest OS on the VM. Subsequently, the tenantadministrator uses the OS function to manage users. For tenant Firewall, tenant LB, SSL-VPNdevice, and service portal, use LDAP linkage for authentication. By LDAP linkage between the userauthentication function of the tenant firewall, tenant LB, SSL-VPN device, and the user informationof the service portal, individual user information need not be registered on the tenant LB.Synchronization with the user information of the service portal is available.

3.2 Customization of Network ConfigurationIn the previous section, the standard network model assumed in Virtual DataCenter Automation isdescribed in each cloud model (public cloud, private cloud, and on-premises cloud). In this section,configuration in the event of use of optional functions and customization of network configurationare described below.

3.2.1 Public CloudCustomized network configuration in the public cloud configuration is described below.




Usage

1 Data transfer VLAN Used solo by tenantOption

Prepare one per tenant. The data transfer VLAN connects theoperation management appliance and back-end firewall. Useit to transfer data when using the VM import function.

2 Back-end firewall(data transfer VLAN)

Shared by tenantOption

Prepare one per tenant. The back-end firewall connects thedata transfer VLAN and operation management LAN toprovide a routing function among LANs.


53




Usage

3 Physical server Used solo by tenantOption

Connect the physical server with devices (L2 switch, etc.)available for VLAN control so that the virtual systems intenants are connected when assigning physical machines(instead of virtual machines) to tenants as resources.

4 OperationManagementAppliance

Used solo by tenantOption

Assigns to each tenant, and provides custom monitoringfunction for tenant administrators, asset managementfunction, and distribution/application function for softwarepatches.

3.3 Studying Storage ConfigurationThe perspective and consideration when studying the storage configuration will be listed below.

3.3.1 Storage Configuration• Entire storage configuration

This section describes the configuration examples of the storage assumed in Virtual DataCenterAutomation. In this configuration, the storage is used in the SIGMABLADE server unit. Youcan add the resource in the SIGMABLADE unit. The backing up can be made in the storageunit.

• Storage configuration

For the above entire storage configuration, the detailed storage configuration is described.


54

Table 3-1 [Storage SAN configuration]

Item Overview

(1) Storage main unit Housing part of the main storage unit

(2) Addition storage housing Housing part for the disk drive connectionAdd for each additional storage housing if there is no capacity inthe disk drive slot.

(3) Disk Disk drive (SAS, SATA, and others)

(4) Array controller Redundant configuration of the storage device controller

(5) Communication cable 8Gigabit Fibre Channel (FC) connection

(6) SAS controller Redundant and multiplexing of communication control due tothe 8Gigabit Fibre Channel configuration

Table 3-2 [Storage NAS configuration]

Item Overview

(1) Storage main unit Housing part of the main storage unit

(2) Addition storage housing Housing part for the disk drive connectionAdd for each additional storage housing if there is no capacity inthe disk drive slot.

(3) Disk Disk drive (SAS, SATA, and others)

(4) Array controller Redundant configuration of the storage device controller

(5) Communication cable 10Gigabit Fibre Channel (FC) connection

⑥ LAN controller Redundant and multiplexing of communication control due to10Gigabit Ethernet configuration

• Usage of storage

Usage of storage assumed in Virtual DataCenter Automation is described.


55

Usage Overview

Storage fortenants

This is the storage resource provided directly to tenants.

Storage forproviders andresellers

This is the storage resource for providers and resellers. This is used in the softwarerepository. Since multiple Virtual DataCenter Automation use and share it, use of NAS-configuration storage is recommended.

3.3.2 Point of View of Storage PoolThe storage pool is the storage capacity available when allocating the virtual disk of the system area(OS boot) or data area of the virtual machine. The points of view of the storage pool are describedbelow.

• The storage pool manages the logical disk that was extracted from storage and the virtual diskstored in the logical disk.

• The virtual disk is extracted from the logical disk and provided. However, there is the risk ofreducing usage efficiency for the logical disk if the flexibility of the virtual disk size forextracting is enhanced. There also is the risk of losing continuity in the disk and of the accessperformance declining if the disk is extracted regardless of size and then returned repeatedly.Therefore, it is recommended to extract the virtual disk in fixed size units to resolve the aboveproblem. Assuming the smallest virtual disk size to be a single unit, manage the number ofvirtual disks that can be stored in the logical disk.

• Considering the attributes of the division based on the service level, division in tenant units,division due to the load balancing and availability requirement, and others, multiple storagepools can exist.

• If provisioning is requested for the storage pool, a virtual disk of size equivalent to the specifiedvirtual disk unit is extracted from the corresponding logical disk.

3.3.3 Study point for storage configurationThe item and perspective when studying the Virtual DataCenter Automation storage configurationwill be listed below. The study points when studying the Virtual DataCenter Automation storageconfiguration will be listed below.

1. Storage device (including connecting configuration between server and storage)

2. Storage capacity

3. Extendibility

4. Availability

5. Functionality

6. Backing up

The storage available in Virtual DataCenter Automation and the above storage requirements will belisted.

Item

NECStorage

EMC NetApp Remarks

1 Storage device

Storage device with standard modelconfiguration

NECStorage MSeries

VNXSeries

FAS Series


56

Item

NECStorage

EMC NetApp Remarks

Connecting configuration

FC connection √ √

iSCSI connection √

NAS connection √

2 Storage capacity (number of virtual machine)

From initial to maximum VM √ √ √ Escalating themaximum number ofvirtual machines.

Storage capacity (service model)

Virtual disk area √ √ √

RDM area √ √ X If it is an NASconfiguration, RDM isnot supported.

3 Extendibility

Adding a disk unit √ √ √

Adding additional storage housing √ √ √

4 Availability

Redundant configuration of disk,controller, power, and others

√ √ √

Non-stop 24 hour operation √ √ √ Planned maintenancestoppages are excluded.

5 Functionality

Using the ThinProvisioning function √ √ √ Virtualizing the storageso

6 Backing up

Replication in housing D2DT2 √ √ The number ofgeneration managementmust be studied.Replication in housing + Replication

in snapshot housing√

Replication in external tape devicehousing + snapshot replication

√ √ √ The external tape deviceand the number ofgeneration managementmust be studied.D2D2T √ √ √

3.3.4 Storage deviceThe storage capable of Virtual DataCenter Automation is required. See "6.13 Storage (page 107)" todetermine the storage device. Also, to determine the connecting configuration between the server andstorage device, select the connecting configuration and transfer speed that correspond to the storagedevice or recommended. The selection examples are listed below.

Storage device FC iSCSI NAS

NEC Storage

EMC

NetApp


57

connectingconfiguration

Transfer speed

FC 8Gbps

iSCSI 10Gbps

NAS 10Gbps / 1Gbps

3.3.5 Storage capacityStudying the following items for each storage usage will allow you to calculate the storageconfiguration and capacity. Therefore, you can plan the addition of a disk or the addition ofadditional storage housing.

• Storage for tenants

- Number of VMs

Studying the resource provision plan ranging from the VM number at initial introduction tothe maximum VM number will allow you to calculate the storage capacity necessary forthe VM.

- Service model

For the disk area provided as the service menu as well, studying the service model from aperformance or operation perspective is recommended. Study the storage configurationsuch as the HDD or RAID according to the service menu in the provided disk area such aswhen prioritizing performance or prioritizing capacity efficiency (cost performance).Studying the service menu and its provisions will allow you to calculate the storageconfiguration and capacity.

* Reference examples of service model

The reference examples when studying the service model are described below.

Prepare 3 levels of service model. (categorized into Gold, Silver, and Bronze)

+ Gold:

You can select both the virtual disk and RDM areas for the data area.

Use SAS for HDD to prioritize the data transfer capability.

Replication backing up is available.

+ Silver:

You can select only the virtual disk for the data area.

Use SATA for HDD to prioritize the cost performance of the service model.

Replication backing up is available.

+ Bronze:

You can select only the virtual disk for the data area.

Use SATA for HDD to prioritize the cost performance of the service model.

Replication backing up is not available.


58

Figure 3-1 Gold level

Figure 3-2 Silver/Bronze level

* Virtual disk area and RDM area

Reference examples when studying the service model are described below.

The following figure is a storage image of the virtual disk and RDM areas.

- Storage for providers and resellers

The storage for providers and resellers is used in the software repository. For how tocalculate storage capacity, see "3.5.4 Sharing of the VM Template (page 74)".

3.3.6 ExtendibilityStudy the flexible disk capacity extension if the capacity must be extended due to lack of diskcapacity or server resource addition.


59

3.3.7 AvailabilityThe study points for the storage reliability configuration are listed below. Study the policy for theavailability. If non-stop 24-hour operation (excluding planned maintenance stoppages) is a generalrule as a service level, the redundant configuration is recommended for the components and path asfar as possible to ensure availability.

Item Conditions

Control board Redundant mechanism in the storage main unit (Cache memory/shared memory, controller,and others).

Disk Redundant configuration by RAID configuration and hot spare.

Communicationboard

Duplicate the HBA and LAN boards to be connected to the server.

Communication path Duplicate or multiplex the path to communicate with the server.

Power supply The redundant configuration enables the power unit to operate continuously in case ofsingle failure.

FAN The redundant configuration enables the FAN to operate continuously in case of singlefailure.

3.3.8 FunctionalityThe functions to streamline the Virtual DataCenter Automation operation are provided in storagedevices. These functions are not necessary. Use them as necessary.

• Thin Provisioning

In the ThinProvisioning function, the storage resource is virtualized and allocated to reduce andeffectively use the physical storage capacity. The disk usage variation between disks can beabsorbed by setting the disk size to be created to sufficiently larger value than the actual usage.Using the ThinProvisioning function for the purpose of the absorption is valid. If theThinProvisioning function is used, the capacity must be monitored as follows:

- Monitoring so that the total of actual usage of LDs is smaller than the pool capacity

- Monitoring so that the actual usage of LDs is smaller than the created LD size

- In consideration of the lead time taken for adding a disk, set thresholds to avoid physicalcapacity shortage.

The ThinProvisioning function corresponds to NEC Storage, EMC, and NetApp storagedevices. For details about the ThinProvisioning function, see the specification of the storagedevice to be used.


60

• Exclusion of overlapped data

The overlapped data exclusion function allows you to exclude the overlapped data in thestorage. This leads to deletion of data usage and enhancement of capacity efficiency. Whenstoring data including the same information such as a template, the VM created from thetemplate, or daily backed-up data, storage usage capacity is deleted and capacity efficiency isenhanced.

The overlapped data exclusion function corresponds to NEC Storage (HS series), EMC, andNetApp storage devices. For details of this function, see the specification of the storage deviceto be used.

3.3.9 Backing upTo back up, you can use the function provided by the storage device uses. See the specification of thestorage to be used and study the backup method.

The standard perspective of backing up is described below.

For the generation management policy for backing up, the number of generation to be stored in thestorage, that to be stored in the secondary backing up (external device), and the timing for backing upmust be studied. Use the tape device, virtual tape device (HYDRAstor), and others for the externaldevice.

The following areas must be backed up:

• ESX area backing up

• Virtual server backing up

• Template area

The configuration examples in backing up are described below.

• [Backing up the virtual disk area in SAN configuration (NEC Storage)]

- The virtual server backs up the area by Replication in LD unit periodically (at 3 o'clockdaily, for example).

- The system and data areas are also backed up simultaneously.


61

- Backing up by Replication is valid only for one generation. If retaining multiplegenerations, store the backed up area in the tape.

• [Backing up with the snapshot function in the NAS configuration (NetApp)]

- Use the VMware snapshot function for backing up to enable immediate backing up bytenant administrators.

- Obtain unit of the snapshot is VM unit and multiple generations can be obtained forstorage.

• [Recovery in SAN configuration (NEC Storage)]

- The files can be restored from the RV area at once in case of a disk failure. ((1) in theabove figure)

- In case of a logical failure (file deletion and others), recognize the LD in the RV areamanually, mount the virtual disk area to the virtual server as another area, and restore thefile by the tenant administrator. ((2) and (3) in the above figure)

• [Recovery in NAS configuration (NetApp)]


62

- The files can be restored from Snapshot area at once in case of a disk failure. (1 in theabove figure)

- In case of a logical failure (file deletion and others), recognize the LD in the Snapshot areamanually, mount the virtual disk area to the virtual server as another area, and restore thefile by the tenant administrator. (2 and 3 in the above figure)

3.4 Studying Configuration of Virtualization BaseThis section describes the configuration examples of the virtualization base.

3.4.1 Configuration Examples of Virtualization Base inVMware vCenter Server Management Environment

The configuration examples of the virtualization base in the VMware vCenter Server managementenvironment are as follows:


63

The points of the configuration examples are described below.

1. Install the VMware vCenter Server on the management server and register the VM server.

2. Connect the LAN with the BMC of the VM server to manage the VM server with Out-of-Band.

3. NIC#1 of the VM server is designated as NIC for management of the VM server.

4. NIC#2 of the VM server is used for connection of VLAN for tenants.

5. NIC#3 of the VM server is used only for live migration.

6. NIC#4 of the VM server is used only for NAS to ensure the access performance for the NASdata store.

7. The SAN data store and RDM disk volume are shared by all VM servers.

8. The NAS data store is shared by all VM servers.

3.4.2 Configuration Examples of Virtualization Base in Hyper-V Environment

Configuration examples of the virtualization base in the Hyper-V environment are as follows:


64


1. Installation of the virtualization base software is not required for the management server.

2. Prepare the domain controller to manage Hyper-V cluster. Also enables the DHCPserverfunction.




6. NIC#3 of the VM server is used for live migration and heartbeat.

7. The SAN data store and RDM/quorum disk volume are shared by all VM servers.

3.4.3 Configuration Examples of Virtualization Base in KVMEnvironment

Configuration examples of the virtualization base in the KVM environment are as follows:


65


1. Installation of the virtualization base software is not required for the management server.

2. Enable the DHCP server function.




6. NIC#3 of the VM server is used for live migration and heartbeat.

7. The NFS data store and RDM/quorum disk volume are shared by all VM servers.

3.5 Studying VM TemplateThe VM template consists of hardware settings of the virtual machine and information such as an OSimage, and is a form to create the virtual machine. Using the VM template can greatly reduce theworkload involved in the virtual machine installation. Virtual DataCenter Automation provides 3types of template methods. These methods can be classified into the complete copying type anddifferential information retaining type.

• Full Clone [Complete copying type]

The Full Clone uses the standard template for the virtual base products. The virtual machinecreated in Full Clone corresponds to the image directly copied from the standard templateimage. Guest OS information such as the host name or IP address is set using the function ofeach virtual base product. The diagram below describes the procedure for virtual machinecreation using the Full Clone method.


66

Master VM is the virtual machine and the source of the template creation. The template for theFull Clone method is created from the master VM and the virtual machine is created.

- Advantages

1. Facilitates template configuration work by the IaaS provider.

2. The created virtual machine is independent from the Master VM.

- Disadvantage

1. The virtual machine creation requires time due to the complete copy.

• Differential Clone [Differential information retaining type]

The Differential Clone creates only differential information based on the base. The capacity issmall and creation time may be reduced. However, management costs are incurred because themaster VM snapshot must be managed. The diagram below describes the procedure for virtualmachine creation using the Differential Clone method.

Master VM status is stored as snapshot. The images of the mater VM with the snapshot obtainedare created as a replica VM. For the virtual machine, only the differential information is createdbased on a replica VM. In Virtual DataCenter Automation, the Differential Clone method isrecommended because the large-scale VM environment can be swiftly created and the resourceconsumption can be greatly reduced.

- Advantages

1. Responding to requests from IaaS and tenant users, the virtual machine can beswiftly provided.


67

2. Updates of patches, etc. for the operating virtual machine can be swiftly applied.

3. IaaS providers can manage the image generation.

4. IaaS providers, IaaS resellers, and tenant administrators can configure the large-scale virtual machine within the scope of the limited storage resource.

- Disadvantage

1. Replica VM and the virtual machine that refers to the image must be allocated in thesame datastore. Moving between storages is constrained.

The Differential Clone method can be used to reconstruct the virtual machine.

During the reconstruction processing, another replica VM is created from the snapshot createdat the same time as the system change (patch application for master VM and others) and usedfor the new master image of the virtual machine. Via reconstruction processing, the system canbe effectively upgraded, since jobs common to all virtual machines with the same templatesettings can be performed in a single process, such as snapshot creation or operation settingsduring the reconstruction, etc. The concept of the reconstruction is described in the followingfigure.

• Disk Clone [Complete copying type]

In Disk Clone, a virtual machine is created by copying the image created from the master VM.The management of the images created from the same master VM can be easily managed withthe image management function. Unlike the Differential Clone, no snapshot of the master VM isrequired, which facilitates management. The diagram below describes the procedure for thevirtual machine creation using the Disk Clone method.


68

- Advantages

1. IaaS providers can manage the image generation.

- Disadvantage

1. The virtual machine creation requires time due to the complete copy.

For the availability of each template in each virtual environment, see the table below. Productsrequiring specific information settings for guest OS are described in brackets ( ). Therecommended patterns are described in bold face. Not-recommended patterns are described initalics.

Environment to bemanaged

Full Clone Differential Clone Disk Clone

VMware (vCenter Servermanagement)

Available (vCenterServer)

Available (vCenterServer)

Available *1(vCenterServer)

Hyper-V cluster Not available Available (DPM) Available (DPM)

KVM Not available Available (DPM) Available (DPM)

*1 The Disk Clone for VMware (vCenter Server management) is not recommended due to thefollowing disadvantages: templates cannot be used in the vCenter Server and the performanceduring the virtual machine creation declines compared with Full Clone.

In Hyper-V, use a VM template separately according to usage.

3.5.1 Linkage between VM Template and Resource PoolFirst, the valid range of VM template for each virtualization base is described. The valid range ofVM template differs depending on the virtualization base. The valid ranges of VM template are listedbelow. The VM template cannot be shared by different virtualization bases.

Virtualization basetype

Template type Target range of virtual machine server

VMware (vCenter Servermanagement)

Full Clone The virtual machine server must be managed by thesame vCenter Server management server as the template


69

Virtualization basetype

Template type Target range of virtual machine server

being used. The templates cannot be shared by VMwarevCenter Servers.

Differential Clone The virtual machine server must be managed by thesame vCenter Server management server as the templatebeing used. The templates cannot be shared by VMwarevCenter Servers.

Disk Clone The virtual machine server must be managed by thesame vCenter Server management server as the templatebeing used. The templates cannot be shared by VMwarevCenter Servers.

Hyper-V cluster Differential Clone The virtual machine server must be connected with thedatastore in the storage destination of the image linkedwith the template. The templates cannot be shared byHyper-V clusters.

Disk Clone The virtual machine server must be connected with thedatastore in the storage destination of the image linkedwith the template. The templates cannot be shared byHyper-V clusters.

KVM Differential Clone The virtual machine server must be connected with thedatastore in the storage destination of the image linkedwith the template.

Disk Clone The virtual machine server must be connected with thedatastore in the storage destination of the image linkedwith the template.

IaaS providers must prepare VM templates available in each OS for multiple IaaS resellers and tenantadministrators. The valid template range differs depending on the virtualization base, hence thenumber of templates required for the system configuration also differs.

The following description is based on the assumption that IaaS providers extracted 3 resource pools,and IaaS resellers and tenant administrators determine the operation using the VM template for OS.

• In VMware

Data centers 01 and 02 in the figure are those in the VMware vCenter Server. The VMwarevCenter Server manages 2 data centers. 2 resource pools are extracted from SSC for ESX servermanaged by data center 01, while 1 resource pool is extracted for ESX server managed by datacenter 02. The VM template for OS is managed by the ESX server extracted as resource pool 01of data center 01.


70

According to the configuration in the above figure, only 1 VM template for OS must be created.The reason why only 1 VM template is required is that the VM template can be shared in thesame resource pool, by the resource pools and by the different data centers in VMware.

• In the Hyper-V cluster

Hyper-V では、Hyper-V クラスタごとに SSC のリソースプールを切り出します。 OS 用VM テンプレートはリソースプール 01 として切り出した Hyper-V で管理しています。

上図の構成における作成しなければいけない VM テンプレート数は、リソースプールごとに用意する必要があるために、3 テンプレートとなります。これは、Hyper-V クラスタの場合には、クラスタをまたがるテンプレートの共有はできず、リソースプールをまたがるテンプレートの共有もできないからです。

• In KVM

In KVM, the SSC resource pool is extracted for each group to share the data store. The VMtemplate for OS is managed by KVM extracted as resource pool 01.

According to the configuration in the above figure, 3 VM templates must be created because thetemplate must be prepared for each resource pool. The reason why 3 templates are required isthat the templates cannot be shared by resource pools in KVM.

Next, the linkage between VM templates and the resource pool is described. The VM template islinked with the resource pool within the valid VM template range described above. The virtualmachine created from the VM template is allocated to the virtualization server extracted as theresource pool and to the datastore. The following figure describes the extraction of resources for IaaSresellers or tenant administrators by IaaS providers.


71

IaaS providers extracted the resource pool for each combination of virtualization base and storage.They extracted the resource pool considering the machine specification of the virtualization base,storage performance, and capacity. In the figure, the "Gold" tag is assigned to VMware resource pool01 because it is extracted from the virtualization base and storage equipped with high processingperformance.

The sub-pool is extracted from the resource pool for IaaS resellers or the tenant administrator. Thesub-pools extracted from "Gold" and "Silver" resource pools can be allocated to the same IaaSadministrator or tenant administrator at this point. In this case, the actual VM is allocated to theresource from which the "Gold" resource pool is extracted when creating the VM with the templatelinked with the "Gold" resource pool. In the figure, it is allocated to the most appropriatevirtualization base or datastore area among the virtualization bases (VMware ESX#01, 02, and 03)and the storage EMC datastore areas (datastore#01, 02, and 03).

IaaS providers and tenant administrators must use the template considering that it is linked with theresource pool. IaaS providers must design the system considering the available template range.

3.5.2 VM Template Creation PolicyThe creation policy for the VM template is described below.

IaaS providers create a VM template in all systems of public cloud, private cloud, and on-premisescloud. The management of IaaS resellers differs from that of tenant administrators respectively.Therefore, it is recommended to create a template with security provided from the OS applied,instead of installing application-specific software to the template. Update the service pack (forWindows servers) or kernel (for Red Hat Enterprise Linux servers), and then create the template.

The template is applied in the Windows server according to the above policy in the figure below.


72

The generation can be managed relating to image management in the Differential Clone method. Inthis case, IaaS providers must appropriately manage the default images to be used for the template.

3.5.3 Using VM TemplateFully understand the VM template features of Virtual DataCenter Automation and the linkage withthe resource pool, and then operate it according to the public cloud, private cloud, and on-premisescloud systems. The figure below describes an example of using the template by tenant administratorsin the public cloud system.

Responding to requests from IaaS resellers and tenant administrators, the IaaS provider allocates sub-pools and creates a VM template.

Each tenant administrator uses the template to create a virtual machine. Tenant administrator Acreates a VM using the template (Full Clone method) linked with the resource pool "Gold" so thatusers can access it securely at any time.

Tenant administrator B creates a VM using the template (Disk Clone method) linked with theresource pool "Silver" considering the cost and performance.


73

Tenant administrator C creates a VM using the template (Differential Clone method) linked with theresource pool "Gold" due to requests to provide many users with a quick-access environment andsecure access at any time.

Tenant administrators must select the VM template considering cost performance, time required forconfiguration, access performance during operation, and others.

3.5.4 Sharing of the VM TemplateTo allocate multiple units of Virtual DataCenter Automation (management server), study the VMtemplate share function.

Virtual DataCenter Automation replicates the VM templates among the management servers when aVM template is required and automatically registers the VM template to allow you to use it.

Environment of Managed machine VM Template Sharing function

VMware (vCenter Server management) Available (vCenter Server)

Hyper-V Cluster Not available

KVM Not available

NoteWhen using the VM template sharing function, it is only possible to specify VM template sharing for onevirtualization platform in the same management server, and that is the VMware vCenter Server managementenvironment.

The diagram below provides an overview of VM template sharing.

• Entire configuration

NAS devices are installed in each site to store the VM template as shown in the diagram below.For the network configuration, see "3.1 Studying Network Configuration (StandardConfiguration) (page 41)".


74

• Flow of VM template replication

The flow of VM template replication is described below.

Create the data store for each management server on the NAS, and register it in the hypervisor.

Virtual DataCenter Automation controls the hypervisor so that the VM template is created onthe above data store when creating the VM template. (1)

If the VM template is required by the management server when creating virtual machines, themanagement server copies the template from the data store. (2)


75

If the VM template does not exist in the NAS located in the management server site but the VMtemplate exists in other sites, the VM template is copied across sites using the hypervisor. (3)

When copying is finished, the management server registers the VM template in the hypervisor.(4)

The study points when using this function are described below.

1. Installation of NAS

NAS devices are installed in each site to store the VM template. The VM templates forIaaS providers are replicated according to the number of management servers. Therefore,the disk capacity obtained from the calculation formula below is required.

Necessary NAS disk size = Disk usage of all templates X Number of managementdevices

Example:

When creating 50 VM templates with 20GB virtual disks and there are 10 managementservers

20GB X 50 templates X 10 devices = 10TB

For a VM template created by an IaaS reseller or tenants, capacity is required accordingto the number of management servers used by the IaaS reseller or tenants.

Calculate the necessary NAS disk capacity based on the above concept.

2. Network protocol between the management server and NAS

The management server mounts the NAS data store to replicate the VM template. Toaccess the shared files on the NAS, the NFS protocol or CIFS protocol can be used.Enable this protocol and set the access privileges in the NAS setting to access themanagement server. When the NFS protocol is selected, the user mapping server must beinstalled for NFS authentication.

The characteristics of NFS and CIFS are as follows. It is recommended to use NFSbecause setting is automated by workflows.

NFS CIFS

Advantages

• A datastore can be created with thelogical disk creation workflow for thesoftware repository.

• No additional component is required.• No user mapping server (ActiveDirectory

setting) is required.

Disadvantage

• NFS service must be installed on themanagement server.

• Installation of a user mapping server(ActiveDirectory setting) is required.

• Setting to enable CIFS protocol must beperformed manually to the storage.

3.6 Studying DC Resource Group ConfigurationThis section describes the resource group configuration.

3.6.1 DC Resource GroupA DC resource group is a pool of virtual machines, virtual network devices, and logical resourcesprovisioned by vDC Automation. Pooling these makes it possible to centrally manage andautomatically control a large amount of resources.

• Virtual machine (SigmaSystemCenter resource pool)


76

• Virtual network devices (virtual firewall, virtual load balancer)

• Logical resource (VLAN/IP subnet, global IP address, OS license)

A DC resource group consists of resource groups that group management groups. A managementgroup is a pool of resources in one pod. Multiple management groups are created from one pod. Byusing ProgrammableFlow, you can group multiple management groups created from multiple pods tocreate a resource group that covers multiple pods or multiple sites.

NoteVirtual DataCenter Automation assigns all the virtual machines, virtual network devices, and VLANs thatmake up a tenant from one resource group. Usually, a resource group consists of resources in one pod. Toassign resources that are used across multiple pods or multiple sites to a tenant, you must define the resourcegroup hierarchically. This allows you to assign resources within the range of the same resource group.

Create a SigmaSystemCenter resource pool and configure network devices with Network Managerbefore creating a resource group. [Device Setting] is used to register the physical network devices tobe controlled by Virtual DataCenter Automation. Then, register the SigmaSystemCenter resourcepool, virtual network devices, and logical resources as components of the management group.However, ensure that the number of VLANs you register in the management group does not exceedthe maximum number of active VLANs in the network device or the virtual switch of the hypervisorin the pod. Check the usage and availability of resources in each resource group in the managementgroup.

3.7 Studying Resource Pool ConfigurationThis section describes the resource pool and sub-pool configurations.

3.7.1 Resource PoolThe resource pool is a concept of SigmaSystemCenter whereby the amount of resources that can beallocated to the virtual machine is abstracted for management. A resource pool is created for eachvirtualization base such as the datacenter/cluster of VMware and Hyper-V cluster.

The following resources can be abstracted in the resource pool.

• CPU


77

The number of virtual CPUs that can be allocated to the virtual machine

• Memory

The size of memory that can be allocated to the virtual machine

• Disk

The disk capacity to which the images of the system disk and extended disk of the virtualmachine can be allocated

• Disk volume for RDM

The cluster of the disk volume to which the extended disk of the virtual machine can beallocated with RDM. The disk volume is divided into groups for each size in 10GByte units.The number of disks is managed for each group.

3.7.2 Resource Pool and Sub-poolThe sub-pool is the concept of the partial resource pool that can be created by extracting from theresource pool.

The resource pool and sub-pool are described below.

• Resource pool

This is the pool created by summing up the total of the hardware resources that constitute thevirtualization base. The resource pool size is a physical resource amount, and depends on thehardware specification.

• Sub-pool

This pool is created by extracting a certain amount of resources from the resource pool. Thesub-pool size is the upper limit of the resource consumption restricted by the software. If theovercommit is valid for the sub-pool, a sub-pool can be created with the resource pool capacityexceeded.

Virtual DataCenter Automation recommends the configuration created by extracting a sub-pool withthe overcommit valid from the resource pool and allocating it, instead of directly allocating theresource pool to the resource user. By extracting a sub-pool, resources can be assigned flexibly toindividual IaaS providers or tenants.

The concept of the resource pool and sub-pool is described in the following figure. Please note thatthe resources exceeding the physical resource amount are allocated to the sub-pool by setting theovercommit.


78

3.7.3 Configuration Examples of Sub-poolThe sub-pool configuration varies depending on how to allocate the resource as follows.

• Allocating the resource to a tenant via an IaaS reseller

- The sub-pool is allocated to the IaaS reseller.

- The size of the sub-pool is determined based on the sales target for each IaaS reseller.

• Allocating the resource to a tenant without an IaaS reseller

- The sub-pool is allocated to a tenant.

- The size of the sub-pool is determined based on the demand forecast for each IaaS reseller.

The following figure is the resource pool configuration example when allocating the resource to atenant via an IaaS reseller:


79

• For the VMware resource pool, “VMware Gold” and “VMware Silver” are prepared accordingto the service level.

• For the Hyper-V resource pool, the shared resource pool “Hyper-V” and solo resource pool"Hyper-V Dedicated" are prepared.

• For tenants 1 and 2, select either of the sub-pools of "VMware Gold", "VMware Silver", and"Hyper-V" allocated to the IaaS reseller A, and create the virtual machine.

• For tenants 3 and 4, select either of the sub-pools of "VMware Gold", "VMware Silver", and"Hyper-V" allocated to IaaS reseller B, and create the virtual machine.

• For tenants 5, only the sub-pool of "Hyper-V Dedicated" allocated to IaaS reseller C isavailable. Note that a sub-pool is extracted and allocated via an IaaS reseller even if the resourcepool is used solo bya tenant.

The following figure is the resource pool configuration example when allocating the resource to atenant without IaaS reseller.


80

• For the VMware resource pool, "VMware Gold" and "VMware Silver" are prepared accordingto the service level.

• For the Hyper-V resource pool, the shared resource pool "Hyper-V" and solo resource pool"Hyper-V Dedicated" are prepared.

• For tenants 1, select either of the sub-pools of "VMware Gold", "VMware Silver", and "Hyper-V" allocated to tenant 1, and create the virtual machine.

• For tenants 2, select either of the sub-pools of "VMware Gold", "VMware Silver", and "Hyper-V" allocated to tenant 1, and create the virtual machine.

• For tenants 3, only the sub-pool of "Hyper-V Dedicated" allocated to tenant 3 is available. Notethat a sub-pool is extracted and allocated, even if the resource pool is used solo by a tenant.

3.8 Studying Resource Pool for Each CloudVirtual DataCenter Automation assumes 3 types of cloud configurations as a cloud applicationpattern: public cloud, private cloud, and on-premises cloud.

The point of view for the resource pool in each cloud configuration is described below.

3.8.1 Public CloudThe public cloud assumed in Virtual DataCenter Automation is the cloud configuration operated byallocating the resource pool for shared or solo use to multiple companies using the externallyoperated data center.


81

The features of the public cloud are described below.

1. The IaaS provider operates the data center. He/she sells the resources directly or indirectly viaan IaaS reseller to the tenants. To sell the resource directly, the provider and tenants agree onthe conditions of use (price, SLA, and others), and then conclude an agreement for use.Conversely, to sell the resource via an IaaS reseller, the provider and reseller agree on theservice contents (Infrastructure type/SLA and others), and then conclude a sales agreement.

2. The resource pool in the data center is used solo or shared by tenants or IaaS reseller.According to the demand forecast of the tenants or the sales target of the IaaS reseller, therequired quantity of the resource is divided as a sub-pool to be allocated to the tenant or IaaSreseller.

3. The IaaS reseller is the sales agency or reseller selling the resource of the virtual system.He/she sells the resources to the tenants holding a basic agreement with him/herself within thescope of the agreement with the IaaS provider.

4. The tenant is a company organization using the external data center. A tenant administratorbelongs to the tenant and manages the tenant’s virtual system. The tenant holding an agreementfor use with the IaaS provider uses the virtual system within the scope of the agreement.Conversely, the tenant holding a basic agreement with the IaaS reseller purchases the virtualsystem on an on-demand basis.

5. Internet access to the virtual system in the data center is available. To secure Internet accesssafety, an SSL-VPN device is installed in the data center.


82

3.8.2 Private CloudThe private cloud assumed in Virtual DataCenter Automation is the cloud configuration operated byallocating the resource pool for solo use to multiple companies using the externally operated datacenter.

The features of the private cloud are described below.

1. The IaaS provider operates the data center. He/she sells the resources directly or indirectly viaan IaaS reseller to the tenants. To sell the resource directly, the provider and tenants agree onthe conditions of use (price, SLA, and others), and then conclude an agreement for use.Conversely, to sell the resource via an IaaS reseller, the provider and reseller agree on theservice contents (Infrastructure type/SLA and others), and then conclude a sales agreement.

2. The resource pool in the data center is used solo by the tenants or IaaS reseller. According tothe demand forecast of the tenants or the sales target of the IaaS reseller, the required quantityof the resource is divided as a sub-pool to be allocated to the tenant or IaaS reseller.

3. The IaaS reseller is the sales agency or reseller selling the resource of the virtual system.He/she sells the resources to the tenants holding a basic agreement with him/herself within thescope of the agreement with the IaaS provider.

4. The tenant is a company organization using the external data center. A tenant administratorbelongs to the tenant and manages the tenant’s virtual system. The tenant holding an agreementfor use with the IaaS provider uses the virtual system within the scope of the agreement.Conversely, the tenant holding a basic agreement with the IaaS reseller purchases the virtualsystem on an on-demand basis.


83

5. Internet access to the virtual system in the data center is available. To secure Internet accesssafety, an SSL-VPN device is installed in the data center.

6. Conversely, the virtual system in the data center can be accessed via a closed-network WANservice such as an IP-VPN or dedicated line.

3.8.3 On-premises CloudThe on-premises cloud assumed in Virtual DataCenter Automation is the cloud configurationoperated by allocating the resource pool for shared or solo use to multiple internal organizations(departments, subsidiaries, and others) using the data center internally operated.

The features of the on-premises cloud are described below.

1. The IaaS provider operating the data center is the IT section which manages a data center atthe inside of the company. The provider and tenants agree on the conditions of use (price,SLA, and others), and then conclude an agreement for use.

2. The resource pool in the data center is used solo or shared by tenants. According to thedemand forecast of the tenants, the required quantity of the resource is extracted as a sub-poolto be allocated to the tenant.

3. The tenant is an internal organization (department or subsidiary) using the internal data center.A tenant administrator belongs to the tenant and manages the tenant’s virtual system. Thetenant uses the virtual system within the scope of the agreement held with the IaaS provider.

4. Intranet access to the virtual system in the data center is available.


84

Chapter 4. Design of Operation ManagementServer ConfigurationThis chapter provides supplementary notes for the standard configuration.

Contents4.1 Studying ID Management ..........................................................................................................86

4.2 Studying DB Configuration........................................................................................................87

4.3 Studying Management of 100000 Virtual Machines...................................................................89

Chapter 4. Design of Operation Management Server Configuration

85

4.1 Studying ID Management4.1.1 Users Handled in ID Management

The type of user information handled in Virtual DataCenter Automation is described below.

IaaS provider Tenant administrator

Operation management function √ -

Network devices √ √

• IaaS providers using the operation management function

The operation management function is used for the management of login accounts forSystemManager G and AssetSuite, Network Manager, SigmaSystemCenter, andDeploymentManager components that constitute Virtual DataCenter Automation. If IaaSproviders integrally manage their login accounts using the ID management server, they can loginto the monitor screen of each function by the login accounts created for the ID managementserver, instead of creating login accounts for each function. The users (IaaS providers) areregistered when configuring the data center.

• IaaS providers managing network devices

Network devices mean Fortinet FortiGate, A10 Thunder/AX series, F5 BIG-IP compatible withVirtual DataCenter Automation. IaaS providers managing network devices are registered whenconfiguring the data center. The users (IaaS providers) are registered when configuring the datacenter. Register them in network devices without using the ID management server.

• Tenant administrators using network devices

Automation allows tenant administrators to log into the devices within the scope of the virtualresource such as the VDOM(Virtual domain provided by the firewall virtualization function ofFortgate) assigned to tenants or partition. Users (tenant administrators) are registered whenassigning to tenants.

As Virtual DataCenter Automation, the MasterScope Identity Manager component (included in thisproduct) and Active Directory can be used for ID management. For how to register accounts, seeChapter 8 Setting up the ID Management Server in the Virtual DataCenter AutomationConfiguration Guide.

4.1.2 Precautions for ID ManagementIaaS providers can register accounts individually. However, automation does not enable functionsother than those described above.

Manage the accounts that IaaS users in a tenant uses for operation separately from this IDmanagement server. Study measures such as introducing an authentication server into the virtualmachine assigned to tenants.

When using Active Directory for the ID management server, handled users must be managed in thesame hierarchy. For details, see 8.3 Using Active Directory in Virtual DataCenter AutomationConfiguration Guide.

4.1.3 ID Management ConfigurationAllocate one ID management server per site. The ID management server must be allocated so thatusers can access the authentication function using this server from network devices.


86

For multiple sites, allocate one server per site, and synchronize among ID management servers usingthe replication function.

4.2 Studying DB Configuration4.2.1 Point of View for DB Configuration

In Virtual DataCenter Automation, the possible DB Configuration is as follows.

• Local DB (Recommendation setting)

DB is allocated on the servers (global management server, management server, and VMmonitoring server).

• Remote DB

DB is allocated to other servers (global management server, management server, and VMmonitoring server) as the DB server.

When managing large-scale virtual machines, allocate the DB server so that the data of 100,000 orfewer virtual machines per DB server can be stored. Allocate the DB server to avoid access fromservers to the DB server across multiple sites.

When managing 100,000 virtual machines (the largest Virtual DataCenter Automationconfiguration), the data of 100,000 virtual machines are stored in one global management server, the


87

data of 1000 virtual machines are stored in one management server, and the data of 256 virtualmachines are stored in one VM monitoring server.

4.2.2 DB ConfigurationLocally allocate the DB used in Virtual DataCenter Automation to a global management server,management server, and VM monitoring server.

Figure 4-1 Configuration example (local allocation of DB on servers)

Instead of allocating the DB used in Virtual DataCenter Automation to a global management server,management server, and VM monitoring server, allocate the DB to other servers as the DB server.


88

Figure 4-2 Configuration example (allocation of the DB server)

4.3 Studying Management of 100000 VirtualMachines4.3.1 Point of View for Management of 100000 VirtualMachines

When managing large-scale virtual machines, the performance of the global management server thatprocesses requests from portal servers may be bottlenecked. In this case, allocate a load balanceramong portal servers. Dividing the service governor function of the global management server andallocating the divided functions enables scale out of the global management server.

4.3.2 Configuration of Management of 100000 VirtualMachines

Allocate a load balancer between the portal server and global management server. By allocatingmultiple service governor functions of the global management server to the back end of the loadbalancer, the load can be divided.


89

For how to set, see 3.1 Redundant Configuration of the Service Governor in the Virtual DataCenterAutomation Installation Guide.


90

Chapter 5. Design of Optional FunctionThis chapter describes considerations for the Virtual DataCenter Automation optional function.

Contents5.1 Studying Distribution Package Configuration ............................................................................92

5.2 Studying Physical Machine Configuration .................................................................................93

Chapter 5. Design of Optional Function

91

5.1 Studying Distribution Package ConfigurationTo install software in the created VM, the software must be registered as a distribution package. Thedistribution package refers to a set of information that consists of a group of files to be distributedand the settings of post-distribution operation. The point of view and considerations when studyingintroduction of the distribution package are described.

• Supported middleware

The middleware distributions described in "6.14 Distributed Middleware (page 107)".

• Distribution package unit

Create the distribution package for each middleware version. Create the package so that thecombination of package name and version is unique. Register the same package name andversion as the product name and version. The same number of packages with the same productname shall be created as there are product versions.

Example: Package name: Oracle, Package version: 10

Package name: Oracle, Package version: 11g

• Configuration of servers for storing a distribution package

The server configuration studied when creating the distribution package is described.

NAS devices are installed in each site to store the distribution package as shown in the diagrambelow. The created distribution package is stored in all NAS installed in the sites.

Since the files necessary for installing each software program are included in the distributionpackage, the size of one distribution package is approximately a few MB to a few GB.Therefore, secure the disk capacity according to the distribution package to be created in NAS.


92

5.2 Studying Physical Machine Configuration5.2.1 Physical Machine Configuration

As a resource to assign to tenants, Virtual DataCenter Automation is compatible not only with virtualmachines on the virtualization base, but also with physical machines. The study points when handlingphysical machines are listed below.

Item Details

Physicalmachines

Serial number of physical machines, installed CPU, memory, NIC, and HBA

Network Number of installed NICs, NW devices of connecting destinations

Storage Embedded disk configuration, external storage, OS boot configuration

OS image Creation policy, sharing scope

5.2.2 Physical machinesPhysical machines are assigned one by one in response to requests. It is recommended to preparemultiple physical machines with the same configuration and same specification so that the samemachine can be assigned in response to requests for the same specification. To meet requests fordifferent specifications, prepare physical machines for each specification.


93

Physical machines are controlled in SigmaSystemCenter, DeploymentManager of the managementserver component. Therefore, their support devices must be considered.

5.2.3 NetworkFor the connection between the network device assigned to tenants and physical machines, theVLAN enables communication between other network devices, between virtual machines, andbetween physical machines when the L2 switch is connected according to "3.2 Customization ofNetwork Configuration (page 53)".

As a study point, plan the number of NICs to be installed in physical machines, and the number ofports and L2 switches that connect the NICs, when adding physical machines.

5.2.4 StorageLocal storage embedded in physical machines and external storage for SAN/NAS are provided inphysical machines.

• Local storage

When physical machines that include embedded disks are assigned, storage is provided withoutcontrolling storage. To change the embedded disk configuration, the work must be performed ina physical machine. Therefore, it cannot be changed easily.

• External storage

External storage is provided by assigning it from the storage devices of SAN (FC/iSCSI) orNAS to the physical machines to be assigned. The connection configuration of physicalmachines and the storage device and control of the storage device must be considered. Externalstorage enables the SAN boot and iSCSI boot configuration.

5.2.5 OS ImageAn OS image is a pattern of the OS to be installed in physical servers. Similarly to the VM templatesof virtual machines, OS can be installed from one image in physical servers by setting a different hostname or IP address.

An OS image strongly depends on the hardware configuration of a master machine of the creationsource. An OS image can be installed in physical machines with the same configuration as a mastermachine. For the availability of installation in physical machines with different configurations, seeQ4. Restriction of Machines Used in Main and Standby Machines under Configuration in theSigmaSystemCenter FAQ (Japanese only).


94

Chapter 6. Operating Environments/SystemRequirementsBefore the installation of Virtual DataCenter Automation, the system must be designed with carefulconsideration of system requirements, hardware environments, and others. This section describes theVirtual DataCenter Automation operating environment.

Contents6.1 Virtual DataCenter Automation Version Information .................................................................96

6.2 Global Management Server........................................................................................................96

6.3 Management Server ...................................................................................................................97

6.4 VM Monitoring Server...............................................................................................................98

6.5 Managed Machine (Virtual Base) ...............................................................................................99

6.6 Managed Machine (Physical Machine) ....................................................................................101

6.7 Management Agent ..................................................................................................................102

6.8 Console ....................................................................................................................................103

6.9 ID Management Server ............................................................................................................103

6.10 DB Server ..............................................................................................................................104

6.11 Service Governor ...................................................................................................................105

6.12 Network Devices....................................................................................................................106

6.13 Storage ...................................................................................................................................107

6.14 Distributed Middleware..........................................................................................................107

6.15 Monitored Middleware...........................................................................................................108

Chapter 6. Operating Environments/System Requirements

95

6.1 Virtual DataCenter Automation VersionInformation

The version information of the components included in Virtual DataCenter Automation v4.0 is listedbelow.

Function name Version

SigmaSystemCenter 3.6

DeploymentManager 6.6

SystemManager G 7.0

Network Manager 6.1.2.32

AssetSuite 3.2.1.17

Identity Manager 5.1.0

Network Automation 3.0

Topology Template Orchestrator 1.0

6.2 Global Management ServerTo operate the standard function of Virtual DataCenter Automation, and Network Automation, thefollowing system requirements must be met for the global management server.

To use the same management server for Virtual DataCenter Automation, Network Automation andlinked products, the system requirements of linked products must also be met.

When using vDC Automation portal for the service portal, also refer to Chapter 1 OperatingEnvironments in Virtual DataCenter Automation Portal Installation Guide.

Type System Requirements

CPU At least Intel Compatible 2GHz 4 Core*1

Memory capacity*2 At least 8GB*1

Disk capacity*3 At least 50GB

NIC At least 1Gbps

OS*4 • Windows Server 2008 Standard (x64) R2 / R2 SP1• Windows Server 2008 Enterprise (x64) R2 / R2 SP1• Windows Server 2012 Standard / R2• Windows Server 2012 Datacenter / R2• Windows Server 2016 Standard• Windows Server 2016 Datacenter

Display resolution At least 1024X768 pixels

Required software • Microsoft SQL Server 2012 (64bit) or later• .NET Framework 3.5 Service Pack 1• .NET Framework 4.0• Web browser

Remarks To construct storage for the software repository with NFS sharing, the NFS servicemust be installed.


96

*1 Necessary system resource changes with number of Management Server under Global Managementserver.

*2 The memory capacity used in the database (minimum: 1GB, recommended: at least 4GB) is included.*3 The disk capacity necessary for installing components. Separately, free space of 1GB or more is

required in %TMP% or %TEMP% as the working area during installation.The disk capacity for the database used for components is required separately.To install the linked product to the same management server, the disk capacity for the linked product isrequired separately.

*4 Only the full installation is supported. Server Core installation is not supported.

6.3 Management ServerTo operate the standard function of Virtual DataCenter Automation, and Network Automation, thefollowing system requirements are required for the management server.

To use the same management server for Virtual DataCenter Automation, Network Automation, andlinked products, the system requirements of the linked products must also be met. For details aboutthe system requirements required when using the virtual environment management function, see"6.5 Managed Machine (Virtual Base) (page 99)".


CPU At least Intel Compatible 2GHz 4 Core*1

Memory capacity*2 At least 16GB*1


NIC At least 1Gbps


Display resolution At least 1024X768 pixels

Required software • Microsoft SQL Server 2012 (64bit) or later• IIS version 6.0 or later• .NET Framework 3.5 Service Pack 1• Microsoft Chart Controls for Microsoft .NET Framework 3.5*5

• .NET Framework 4.5.2• ASP.NET 2.0• Windows Management Framework 4.0• Web browser

Remarks • A DHCP server is required on the same network as the DPM server.*6

• To install DPM on the management server, JRE (Java Runtime Environment 32 bitversion) 6.0 Update29 is required.*7

• To control PET reception with Out-of-Band Management, SNMP Service must beinstalled.


97

Type System Requirements• To use ESMPRO/ServerManager from the browser, JRE (Java Runtime

Environment) 5.0 or later must be installed to the machine using the browser.• To use VMware in the virtualization base and use template replication and brought-

in VM functions, VMware vSphere PowerCLI, NFS service must be installed.• To construct storage for the software repository with NFS sharing, the NFS service

must be installed.

*1 The necessary system resources vary depending on the number of hosts of virtual machines to bemanaged by the management server.



*4 Only the full installation is supported. Server Core installation is not supported.*5 The installer operates during the component installation to install automatically.*6 Operation without the DHCP server is also available. If not using a DHCP server, some functions are

restricted.*7 JRE6.0 Update29 is included in this product.

6.4 VM Monitoring ServerTo operate the standard function of VM monitoring server, the following system requirements mustbe met.

To use the same management server for linked products, the system requirements of linked productsmust also be met.


CPU At least Intel Compatible 2GHz 2 Core

Memory capacity*1 At least 4GB


NIC At least 1Gbps


Required software Microsoft SQL Server 2012 (64bit) or later

Remarks • VM Monitoring Server must be installed on the same subnet as a ManagementServer.

• To construct storage for the software repository with NFS sharing, the NFS servicemust be installed.


98




6.5 Managed Machine (Virtual Base)You can manage the integrated virtual base as below in Virtual DataCenter Automation.

• VMware

• Hyper-V

• KVM

This chapter describes the virtual environment that can be managed with Virtual DataCenterAutomation.

6.5.1 System Requirements• System requirements for the VMware-linked environment

For the latest requirements for the VMware-linked environment, see the manuals of productsissued by VMware, and the website below.

http://www.nec.co.jp/vmware/

• System requirements for the Hyper-V environment

For the latest requirements for the Hyper-V environment, see the website below.

http://www.nec.com/en/global/support/index.html

NoteNote that the guest OS listed in the above website is differs from the guest OS supported by VirtualDataCenter Automation.

• System requirements for the KVM environment

For the latest requirements for the KVM environment, see the website below.

http://www.nec.co.jp/linux/linux-os/kvm.html

6.5.2 Virtual Machine BaseThe virtual machine base and management software required during the virtual environmentmanagement support the following:

TipThe latest requirements of Virtual DataCenter Automation can be obtained from the following website:http://www.nec.com/en/global/prod/masterscope/vdcautomation/

• VMware vCenter Server 5.0, 5.1, 5.5, 6.0, 6.5

• VMware ESXi 5.0, 5.1, 5.5, 6.0, 6.5 *1


99

http://www.nec.co.jp/vmware/

http://www.nec.com/en/global/support/index.html

http://www.nec.co.jp/linux/linux-os/kvm.html


• Windows Server 2012 R2 Hyper-V / 2016 Hyper-V *2

• Ret Hat Enterprise Linux 6.8 KVM

• Ret Hat Enterprise Linux 7.3 KVM

NoteOn KVM, the following packages and libraries must be installed.

• Packages: redhat-lsb

6.5.3 Managed Guest OSThe following guest OS on the virtual machine base is supported in Virtual DataCenter Automation.


Virtual machine base Guest OS

VMware ESXi*1*2 • Windows Server 2008 Standard (x86) SP1 / SP2• Windows Server 2008 Enterprise (x86) SP1 / SP2• Windows Server 2008 Standard (x64) R2 / R2 SP1• Windows Server 2008 Enterprise (x64) R2 / R2 SP1• Windows Server 2008 Datacenter (x64) R2 / R2 SP1• Windows Server 2012 Standard / R2• Windows Server 2012 Datacenter / R2• Windows Server 2016 Standard• Windows Server 2016 Datacenter• Red Hat Enterprise Linux 5 (x86)*3

• Red Hat Enterprise Linux 5 AP (x86)*3

• Red Hat Enterprise Linux 6 (x86)*3

• Red Hat Enterprise Linux 6 (AMD64/EM64T)*3


Windows Server 2012 R2Hyper-V / 2016 Hyper-V*2*4

• Windows Server 2008 Standard (x64) R2 / R2 SP1• Windows Server 2008 Enterprise (x64) R2 / R2 SP1• Windows Server 2008 Datacenter (x64) R2 / R2 SP1• Windows Server 2008 Standard (x86, x64) SP1 / SP2• Windows Server 2008 Enterprise (x86, x64) SP1 / SP2• Windows Server 2012 Standard / R2• Windows Server 2012 Datacenter / R2• Windows Server 2016 Standard• Windows Server 2016 Datacenter

Red Hat Enterprise LinuxKVM

• Red Hat Enterprise Linux 6 (x86)*5



*1 ESXi of the free license is not managed.

*2 Only the cluster configuration is supported in Hyper-V.


100


*1 The support requirements of the VMware guest OS must be met for the supported guest OS. For thelatest support requirements, see the manuals of products issued by VMware.

*2 Free space of 400MB or more is required for installation of the managed machine component. Also,the following free space is required separately as the working area during installation.

• For Windows, 1GB or more in %TMP% or %TEMP• For Linux, 1GB or more in /tmp

*3 See "Appendix C. Managed Guest OS require packages (page 113)". The packages and libraries mustbe installed.

*4 The maximum number of virtual CPUs to be supported varies depending on the OS. For details, seethe following website:http://www.microsoft.com/japan/windowsserver2008/technologies/hyperv-guestos.mspx

*5 The guest OS to be creation in Differential Clone. When other OS support is required, please contactus.

Windows Server 2003 and Red Hat Enterprise Linux 4 will be supported in response to an RPQrequest. Please contact us.

6.6 Managed Machine (Physical Machine)The following physical machine operating environment is supported in Virtual DataCenterAutomation.



Model*1 • Blade serverSIGMABLADE(B120d,B110d,B120d-h,B120a,B120a-d,B120b, B120b-Lw,B120b-d,B120b-h,120Bb-6,120Bb-m6,120Bb-d6, 140Ba-10,B140a-T),120Ba-4,110Ba-e3/-m3,420Ma

• ECO CENTER*2

• Scalable HA server*2

• Express5800/100 series• 6200 series fabric interconnect*3

• UCS 5100 series blade server chassis, Cisco UCS B series blade

OS*4 • Windows Server 2008 Standard (x86) SP1 / SP2*5

• Windows Server 2008 Enterprise (x86) SP1 / SP2*5

• Windows Server 2008 Standard (x64) R2 / R2 SP1*5

• Windows Server 2008 Enterprise (x64) R2 / R2 SP1*5

• Windows Server 2008 Datacenter (x64) R2 / R2 SP1*5

• Windows Server 2012 Standard / R2*5

• Windows Server 2012 Datacenter / R2*5

• Windows Server 2016 Standard*5

• Windows Server 2016 Datacenter*5

• Red Hat Enterprise Linux 5 (x86)


101

http://www.microsoft.com/japan/windowsserver2008/technologies/hyperv-guestos.mspx


Type System Requirements• Red Hat Enterprise Linux 5 (AMD64/EM64T)• Red Hat Enterprise Linux 5 AP (x86)• Red Hat Enterprise Linux 5 AP (AMD64/EM64T)• Red Hat Enterprise Linux 6 (x86)• Red Hat Enterprise Linux 6 (AMD64/EM64T)• Red Hat Enterprise Linux 7

Hardware specification • Network adapter (compatible with Wake-on-LAN, recommended link speed:1000Base or higher)

• CPU, memory, disk capacity*6 etc. are compatible with the OS and application tobe operated.

• When using the out-of-band management function, use the model containing thebaseboard management controller (BMC) that is compatible with RMCP or RMCP+.

*1 For details of the Express5800 series support model, see the available device list of MasterScopeDeploymentManager.Application of the MasterScope DeploymentManager model support module may be required.

*2 For the management function by the out-of-band management controller, only some serial numbers ofExpress5800/A1080a will be supported. Some functions will be restricted.

*3 The installed UCS Manager is Version 1.4 or later.*4 The available management target OS depends on the support OS of the target hardware.*5 Full installation and Server Core installation are supported.

For the disk replication OS installation function of MasterScope DeploymentManager, only fullinstallation is supported.For some models of SIGMABLADE, please note that the Wake-on-LAN is not supported in the eventof Server Core installation.

*6 Free space of 400MB or more is required for installation of the managed machine component. Also,the following free space is required separately as the working area during installation.

• For Windows, 1GB or more in %TMP% or %TEMP• For Linux, 1GB or more in /tmp

Windows Server 2003 and Red Hat Enterprise Linux 4 will be supported in response to an RPQrequest. Please contact us.

6.7 Management AgentTo operate the management agent function, the following system requirements must be met.


CPU At least Intel Compatible 1GHz

Memory capacity 32MB or larger

Disk capacity 200MB or larger*1

OS • Windows Server 2008 Standard (x86/x64) SP1 / SP2• Windows Server 2008 Enterprise (x86/x64) SP1 / SP2• Windows Server 2008 Standard R2 / R2 SP1• Windows Server 2008 Enterprise R2 / R2 SP1


102

Type System Requirements• Windows Server 2012 Standard / R2• Windows Server 2012 Datacenter / R2• Windows Server 2016 Standard• Windows Server 2016 Datacenter

Required software Microsoft Visual C++ 2005 SP1 Redistributable Package (x86)*2

Additional software • NEC Storage Manager Ver3 or later*3

• NetApp OnCommand Core 5.0.2 or later*4

*1 Free space of 1GB or more is required separately in %TMP% or %TEMP% during installation of themanagement agent.

*2 For how to install, see the Virtual DataCenter Automation Installation Guide.*3 To manage NEC Storage, installation in the same machine is required.*4 To collect NetApp performance information, installation to the same machine is required.

6.8 ConsoleTo operate the console function of the global management server, management server, and VMmonitoring server, the following system requirements must be met.



Memory capacity At least 1GB

Disk capacity At least 1GB*1

OS • Windows Server 2008 (x86) SP1 / SP2• Windows Server 2008 (x64) R2 / R2 SP1• Windows Server 2012 / R2• Windows Server 2016• Windows 7 (x86) SP1• Windows 7 (x64) SP1• Windows 8

Required software Internet Explorer 7, 8 ,9, 10(when using the Web monitoring screen)*2

*1 Free space of 1GB or more is required separately in %TMP% or %TEMP% during installation of theconsole.

*2 When using tenant network view for Internet Explorer 10, necessary to operate it with a compatibilirymode.

*1 Open the "F12 Developer tool" in "tool" menu.*2 Changed blowser mode.

6.9 ID Management ServerTo operate the standard function of Virtual DataCenter Automation, the following systemrequirements for the ID management server must be met.


103

To use the same management server for linked products, the system requirements of linked productsmust also be met.





NIC At least 1Gbps


Required software • Java execution environment JRE7update3 (included in product DVD)• Apache Tomcat (64bit) Ver7.0.26 (included in product DVD)• Any of the following browsers

- InternetExplorer8- InternetExplorer9- InternetExplorer10- Firefox12- Safari5

*1 To install the linked product to the same management server, the memory capacity for the linkedproduct is required separately.

*2 To install the linked product to the same management server, the disk capacity for the linked product isrequired separately.


6.10 DB ServerTo use a DBSM as a server separately from the global management server, management server, andVM monitoring server and to use the Virtual DataCenter Automation standard function, the followingsystem requirements must be met for the DB server.

Virtual DataCenter Automation is based on the SQL Server 2012 or later system requirement to useSQL Server.

To use the same management server for Virtual DataCenter Automation and linked products, thesystem requirements of linked products must also be met.




Disk capacity*2 At least 6GB*3

NIC At least 1Gbps

OS Based on SQL Server 2012 or later system requirements


104


Display resolution 800 X 600 pixels or more

Required software • Microsoft SQL Server 2012 or later• .NET Framework 3.5 Service Pack 1• .NET Framework 4.0• Windows PowerShell

*1 This is the recommended value of SQL Server 2012. To secure optimum performance, the capacitymust be larger as the database size is larger.

*2 This is the free disk space necessary for installation of the minimum necessary SQL Server 2012components. The necessary disk free space varies depending on the SQL Server 2012 component to beinstalled.To install the linked product to the same management server, the disk capacity for the linked product isrequired separately.

*3 The necessary disk space is standard. This varies depending on the environment (VM, network device,storage device, etc.) of the monitored VM.Disk capacity to store the SQL Server transaction log, data, and log backup is separately required.

6.11 Service GovernorTo use as a server separately from the global management server due to the load distributionconfiguration of the service governor and to use the Virtual DataCenter Automation standardfunction, the following system requirements must be met for the servers to which the servicegovernor is introduced.

To use the same management server for Virtual DataCenter Automation and linked products, thesystem requirements of linked products must also be met.



Memory capacity At least 4GB

Disk capacity At least 2GB

NIC At least 1Gbps


Display resolution At least 800 X 600 pixels

Required software Web browser



105

6.12 Network DevicesA script template of network automation in Virtual DataCenter Automation corresponds to thefollowing network equipment and the version. Please inquire about the latest support situation.


ProgrammableFlow • Network CoordinatorUNIVERGE PF6800 Network Coordinator (V5.1/V6.0/V6.1/V6.2/V6.3/V7.0/V7.1/V7.2)

• ProgrammableFlow ControllerUNIVERGE PF6800 (V5.0/V5.1/V6.0/V6.1/V6.2/V6.3/V7.0/V7.1/V7.2)

• ProgrammableFlow SwitchUNIVERGE PF5200 Series (V5.0/V5.1/V6.0)UNIVERGE PF5340 (V6.2/V6.3/V7.1)UNIVERGE PF5459 (Ver 7.1)

Layer 2 switch Cisco switchCisco IOS 12*1

SIGMABLADE switch module BLADE OS CLI, or AOS CLI*2

Firewall (Multi TenantFunction)*3

Fortinet FortiGate FortiOS 5.4

SSL-VPN device (MuitiTenant Function)*4

Fortinet FortiGate FortiOS 5.4

Load balancer (MultiTenant Function)

A10 Thunder 2.7F5 BIG-IP 11.4/12.1

Virtual Switch*5 • VMware

Virtual Switch for vSphere*6

vSphere Distributed Switch*6

• Hyper-VHyper-V virtual switch(default switch)

• KVMKVM virtual switch(default switch)

Layer2 switch for physicalserver*7

Devices indicated on (ProgrammableFlow switch)Devices indicated on (Layer2 switch)

*1 The equipment for which port base VLAN and tag VLAN are practicable is a target.*2 It doesn't correspond to SCLI.*3 It's used as tenant firewall or back-end firewall*4 Using Multi Tenant Function.*5 The virtual switch of the virtualization base is controlled by SigmaSystemCenter.*6 To have to put port group setting of virtual SW into effect and synchronize in case of an addition of

ESXi and a replace, use of the dispersion virtual switch is recommended.*7 The switch for network control of an expenditure target physical server to a tenant.


106

6.13 StorageThe storage management software supported in Virtual DataCenter Automation and the storage to bemanaged in Virtual DataCenter Automation are listed below.

Type System Requirements*1

Hardware type • iStorage M Series• iStorage D Series• iStorage E Series• iStorage S Series• EMC VNX Series (Block only)• NetApp FAS2500 Series• NetApp FAS8000 Series

Required software • iStorage- NEC Storage Manager Ver7 or later*2

- NEC Storage Manager Integration Base Ver7 or later• EMC VNX

- Navisphere/Unisphere Manager- Navisphere/Unisphere CLI 07.31, 07.32, 07.33*2

• NetAppData ONTAP 8.0.x (8.0.2 or later), 8.1.x, 8.2.x

*1 For details, see SigmaSystemCenter FirstStepGuide.*2 Installation in the same machine as the management agent is required.

6.14 Distributed MiddlewareThis section describes the middleware supported by Virtual DataCenter Automation (assetdistribution function).

• Windows *3

Middleware Supported version

Apache Apache HTTP Server 2.2

Tomcat Apache Tomcat 7.0

IIS IIS 7.5*2

WebOTX WebOTX Application Server Standard V8.4

WebLogic Oracle WebLogic Server 11gR1 (10.3)

PostgreSQL PostgreSQL 9.1

MySQL MySQL Community Server

Oracle Oracle Database 11g Release 2 (11.2)

SQL Server SQL Server® 2008 R2 SP1 - Express Edition

*1 Supported only when OS is Windows Server 2008 (x64) R2.

*3 For OS, see "Chapter 6. Operating Environments/System Requirements (page 95)".


107

• Linux *3

Middleware Supported version

Apache Apache HTTP Server 2.2

Tomcat Apache Tomcat 6.0

WebOTX WebOTX Application Server Standard V8.4

WebLogic Oracle WebLogic Server 11gR1 (10.3)

PostgreSQL PostgreSQL 8.4

MySQL MySQL Server 5.1

Oracle Oracle Database 11g Release 2 (11.2)

6.15 Monitored MiddlewareThis section describes the support version of the middleware supported by Virtual DataCenterAutomation (middleware monitoring).

The following middleware is monitored by Virtual DataCenter Automation.

Platform compatible with a remote host OracleDatabase

*1*2

WebLogic

Server*1

SQLServer

SAP

Windows Server 2003 (SP1, SP2) (32bit) √ √ √ √

Windows Server 2003 (SP1, SP2) (x64) √ √ √ √

Windows Server 2003 R2 (SP1, SP2) (32bit) √ √ √ √

Windows Server 2003 R2 (SP1, SP2) (x64) √ √ √ √

Windows Server 2008 (SP1, SP2) (32bit) √ √ √ √

Windows Server 2008 (SP1, SP2) (x64) √ √ √ √

Windows Server 2008 R2 (SP N/A, SP1) √ √ √ √

Windows Server 2012 √ √ √ √

Windows Server 2012 R2 √ √ √ √

Red Hat Enterprise Linux 5 (x86) √ √ -

Red Hat Enterprise Linux 5 (x86_64) √ √ -

Red Hat Enterprise Linux 6 (x86) √ - -

Red Hat Enterprise Linux 6 (x86_64) √ √ -

Oracle Enterprise Linux 5 -

Oracle Linux 6 (UEK R2) (x86_64) -

*1 When using the Oracle Database and WebLogic Server with a Named User Plus (NUP) license, thecount for one user is required for monitoring.

*2 The support status for each Oracle version is separately listed.*3 √：Supported, Blank: Not supported, -: Out of range according to the product definition


108

Table 6-2 platform compatible with remote host for each Oracle Database version

Remote host 10gR2 11gR1 11gR2 12cR1

Windows Server 2003 (SP1, SP2) (32bit) √ * √ -

Windows Server 2003 (SP1, SP2) (x64) √ * √ -

Windows Server 2003 R2 (SP1, SP2) (32bit) √ * √ -

Windows Server 2003 R2 (SP1, SP2) (x64) √ * √ -

Windows Server 2008 (SP1, SP2) (32bit) √ * √ -

Windows Server 2008 (SP1, SP2) (x64) √ * √ √

Windows Server 2008 R2 (SP N/A, SP1) √ - √ √

Windows Server 2012 - - √ √

Windows Server 2012 R2 - - √ √

Red Hat Enterprise Linux 5 (x86) √ * √ -

Red Hat Enterprise Linux 5 (x86_64) √ * √ √

Red Hat Enterprise Linux 6 (x86) - - √ -

Red Hat Enterprise Linux 6 (x86_64) - - √ √

Oracle Enterprise Linux 5 -

Oracle Linux 6 (UEK R2) (x86_64) - -

Table 6-3 Platform compatible with the remote host for each application version

Application Version Monitoringavailability

Supplementary

OracleDatabase

10gR1 ×

10gR2 √

11gR1 * Monitoring by 11gR1 clients is not available. Monitoring byclients of other versions that can be connected to 11gR1 Oracle

DB server is available.

11gR2 √

12cR1 √

WebLogic 9.2

10.0

10.3

11gR1 √ Java1.5 and Java6 are available.

12c √ Java6 and Java7 are available.

SQL Server 2005 √ The MW library is not required for SQL Server monitoring.

2008 √

2008R2 √

2012 √

SAP 7.0

7.3 √


109

Appendix A. Revision History• First edition (June. 2016): Newly created

Appendix A. Revision History

110

Appendix B. Manual System• For Virtual DataCenter Automation, information on the product overview, installation, settings,

operation, and maintenance is included in the following manuals. The role of each manual isdescribed below.

- Virtual DataCenter Automation First Step Guide

This document is intended for Virtual DataCenter Automation or Network Automationusers and includes details of the product overview, system design method, operationenvironment, and others.

- Virtual DataCenter AutomationInstallation Guide, Network Automation Installation Guide

This document is intended for system administrators and includes details of how to install,upgrade install, and uninstall Virtual DataCenter Automation or Network Automation.

- Virtual DataCenter Automation Configuration Guide

This document is intended for system administrators in charge of overall post-installationsettings and those post-setting operation/maintenance. The procedure from the post-installation settings to the operation is provided based on the actual workflow.Maintenance operation is also described.

- Virtual DataCenter Automation Cluster Configuration Guide, Network Automation ClusterConfiguration Guide

This document is intended for system administrators who configure the cluster system forthe Virtual DataCenter Automation or Network Automation includes details of how toconfigure it.

- Virtual DataCenter Automation API Reference

This document includes details of the API provided to the service portal by VirtualDataCenter Automation or Network Automation.

- Virtual DataCenter Automation Portal Installation Guide, Virtual DataCenter AutomationPortal Operations Guide

This document is intended of system administrators who install and use the operations forVirtual DataCenter Automation Portal.

• For Virtual DataCenter Automation Standard Edition, information on the product overview,installation, settings, operation, and maintenance is included in the following manuals. The roleof each manual is described below. For the configuration that uses the Virtual DataCenterAutomation Standard Edition Topology Template Orchestrator Option, refer to the "withTopology Template Orchestrator" manuals.

- Virtual DataCenter Automation Standard Edition Setup Guide

This document is intended for system administrators and includes details of how to install,initial settings, and uninstall Virtual DataCenter Automation Standard Edition.

- Virtual DataCenter Automation Standard Edition Portal User Manual (Install)

This document is intended for system administrators and includes details of how to installand uninstall Virtual DataCenter Automation Standard Edition portal.

- Virtual DataCenter Automation Standard Edition Portal User Manual (ResourceManagement)

Appendix B. Manual System

111

This document is intended of system administrators who use the operations for VirtualDataCenter Automation Portal Resource Management function.

- Virtual DataCenter Automation Standard Edition Portal User Manual (Monitoring)

This document is intended of system administrators who use the operations for VirtualDataCenter Automation Portal Monitoring function.

- Virtual DataCenter Automation Standard Edition Topology Template Orchestrator OptionUser's Guide

This document is intended for system administrators and includes details of how to installand uninstall Virtual DataCenter Automation Standard Edition Topology TemplateOrchestrator Option.

TipContact a sales representative for the latest edition of any Virtual DataCenter Automation manual.

Appendix B. Manual System

112

Appendix C. Managed Guest OS requirepackages

The following packages and libraries must be installed (* indicates a numeric value).

Package

RHEL 5 bc

compat-libstdc++-33 (32bit version)

e2fsprogs-libs (32bit version)

glibc (32bit version)

libgcc (32bit version)

ncompress

ncurses (32bit version)

net-tools

procps

redhat-lsb

rpm-build

sysstat(either of 5.0.5, 6.0.2, 7.0.0, 7.0.2)

openssh

openssh-server

openssh-clients

openssl

libpthread.so.0

libc.so.*

ld-linux.so.2

sg3_utils

RHEL 6 bc


glibc


libuuid (32bit version)

ncompress

ncurses-libs (32bit version)

redhat-lsb

rpm-build

net-tools

sysstat(9.0.4)

procps

openssh

Appendix C. Managed Guest OS require packages

113

Package

openssh-server

openssh-clients

openssl

libpthread.so.0

libc.so.*

ld-linux.so.2

sg3_utils

RHEL 7 bc


glibc


libuuid(32bit version)

ncompress

ncurses-libs (32bit version)

redhat-lsb

rpm-build

sysstat(10.1.5)

procps-ng

iproute

openssh

openssh-server

openssh-clients

openssl

libpthread.so.0

libc.so.*

ld-linux.so.2

sg3_utils

Appendix C. Managed Guest OS require packages

114

Appendix D. License InformationThis product partially includes open-source software. For details of the licensing conditions of thesoftware, please refer to the following files included. The source code is released based on LGPL.Please make inquiries if replication, alteration, or distribution of the open-source software is desired.

<Install DVD>:\oss_license• PXE Software Copyright (C) 1997 - 2000 Intel Corporation.

• This product includes JRE (Java Runtime Environment) distributed by Oracle Corporation at nocharge. You must agree to the licensing conditions for use. For details of the copyright orproperty, refer to the following LICENSE files.

<Folder in which JRE is installed>:\LICENSE• Some icons used in this program are based on Silk Icons released by Mark James under a

Creative Commons Attribution 2.5 License. Visit http://www.famfamfam.com/lab/icons/silk/ formore details.

• This product includes software developed by Routrek Networks, Inc.

Appendix D. License Information

115

GlossaryGlossary

■ BMCAn abbreviation of "Baseboard Management Controller".

■ Business VLANThe VLAN used for the virtual machine production.

■ CLARiXStorage of EMC products.

■ CSV(Cluster Shared Volumes)File system simultaneously accessible from multiple servers installed for Hyper-V in WindowsServer 2008 R2. Recommended for Live Migration.

■ ConsoleThe console is connected to the manager function to browse the information managed by themanager function and control the managed machines. There are 3 types; global management serverconsole, management server console, and VM monitoring server console. Also called "Viewer" or"SVC".

■ DataCenterBundles the virtual machine servers. Corresponds to the DataCenter of vCenter Server whenmanaging the vCenter Server environment. vCenter Server cluster is used equally to the DataCenterin Virtual DataCenter Automation. To manage the Hyper-V cluster environment, only oneDataCenter is created. No addition or deletion is allowed.

■ Data center administratorThe person or service provider organization managing the overall services from the standpoint of theservice provider. Manages (configures, adds, responds to a failure) the hardware resources utilized inthe cloud service. Lends the managed resources to tenants as a service.

■ Data Transfer VLANPrepare one per tenant. The back-end firewall connects the data transfer VLAN and operationmanagement LAN to provide a routing function among LANs.

116

■ DHCP serverDHCP is an abbreviation of "Dynamic Host Configuration Protocol". In the network, the DHCPserver is equipped with a function dynamically allocating an IP address to the computer. Respondingto the request from DHCP client, DHCP server allocates information previously prepared such as IPaddress, subnet mask, or domain name.

■ Differential CloneCreates a virtual machine based on the basic image created from the master VM. The virtual machinecreated by Differential Clone retains only the differential information from the basic image.

■ Disk CloneCreates a virtual machine by directly copying the basic image created from the master VM.

■ Disk volumeIn Virtual DataCenter Automation, refers to the logical disk consisting of multiple physical disks andrecognized as a single disk from OS. Known as "LD" in NEC Storage, and "logical disk" in EMCstorage.

■ DPMAn abbreviation of "DeploymentManager". Distributes/updates OS, applications, and software(patches, etc.) to the machine to be managed, starts/stops the machine responding to the instructionsfrom SystemProvisioning.

■ DPM clientDPM component. Installed to the DPM machine to be managed for management using DPM.

■ DPM command lineDPM component. Enables the status of the DPM machine to be managed and processed to bechecked by command line entry.

■ DPM serverDPM component. Manages the DPM machine to be managed. Processes the DPM machine to bemanaged responding to the instructions from the DPM Web console.

■ ESMPRO/ServerManager, ESMPRO/ServerAgentMachine management software attached with the Express5800 Series as standard. When managing aphysical machine, Virtual DataCenter Automation monitors it via ESMPRO/ServerManager.

117

■ ESXVMware product enabling the virtual machine.

■ ESXiVMware product enabling the virtual machine.

■ FASxxxx SeriesStorage of NetApp products.

■ Full CloneCreates a virtual machine based on the standard template of the virtual base products created from themaster VM.

■ Global Management ServerServer in which the components necessary for the manager function (described in "2.3.2 InstalledFunctions (page 33)") are installed. Also called GM.

■ Global ObjectA global object is a variable that can be shared between scenarios. Using a global object enables thetransfer of information and flow synchronization between scenarios.

■ HBAAn abbreviation of "Host Bus Adapter". The interface card to connect the storage devices. Includingthe Fibre Channel controller.

■ HW Profile CloneCreates a vacant VM based on HW Profile information and restores the basic image using the DPMfunction to create a virtual machine.

■ Hyper-VVirtualization technology owned by Microsoft. Embedded in Windows Server 2008/R2 as standard.

■ Hyper-V clusterClustered Hyper-V. Virtual DataCenter Automation only supports this configuration in WindowsServer 2008 R2.

■ Hyper-V managerMicrosoft's standard Hyper-V management console.

118

■ IaaSA service configuration providing an environment capable of supporting the use of any software aswell as OS, middleware, and application with the virtual machine. There may be 2 cases dependingon the configuration providing IaaS users with software: IaaS users' software prepared by the IaaSservice side or by IaaS users themselves.

■ IaaS providerA provider managing the data center or operations generally using Virtual DataCenter Automation.Ensures resources supplied according to the demand forecast and allocates them to tenants.

■ IaaS resellerA sales agency or reseller who sells the resources of the virtual system. Ensures a sub-pool from IaaSproviders and sells the resources to tenant administrators.

■ IaaS userA person or organization utilizing the IaaS service. Includes the administrators, users, and operatorsof the provided virtual computer. In Virtual DataCenter Automation, included in tenantadministrators.

■ IISAn abbreviation of "Internet Information Services". Software for the Internet server provided byMicrosoft.

■ Image builderDPM tool. Creates an image file such as OS, and registers it to the DPM server.

■ Integration servicesA component installed on the virtual machine on Hyper-V. Performance will be improved and anadditional function will be available.

■ IPMIAn abbreviation of "Intelligent Platform Management Interface". Provides an interface to obtainsensor information, power operation and the device logs for the device.

■ MachineThe generic name of the physical/virtual machines that can be managed with Virtual DataCenterAutomation.

119

■ Maintenance modeMode used for ignoring a failure report such as during machine maintenance work. Any machinefailure occurring while the maintenance mode is set is not restored based on the policy.

■ Master machineBy configuring the machine as a creation source, and cloning the machine image to another machine,multiple machines with the same configuration can be created. This creates a source machine in themaster machine.

■ Master VMA virtual machine to be the creation source of the template used for the virtual machine creation.

■ Management serverThe server on which the component required for the manager function (described in "2.3.2 InstalledFunctions (page 33)") are installed. Also called MoM.

■ Managed machineThe machine to be managed in Virtual DataCenter Automation.

■ Management VLANThe VLAN used for managing the virtual machines of tenants by IaaS providers or VirtualDataCenter Automation.

■ MSFC (Microsoft Failover Cluster)A cluster function included in Microsoft Windows Server Enterprise Edition or later. Required forLive Migration of Hyper-V virtual machine.

■ MigrationMigrates the virtual machine stored in the shared disk to another virtual machine server. When thepower of the virtual machine is on, live migration of the machine is performed while it keepsoperating (Hot Migration). When the power of the virtual machine is off, the machine is migratedwith the power off (Cold Migration). Suspending and migrating the virtual machine with the poweron is Quick Migration.

■ NASAn abbreviation of "Network Attached Storage". A storage device used as a file server.

■ NEC StorageNEC storage product.

120

■ NEC Storage ManagerThe name of NEC storage management software.

■ Network ManagerGeneric name for Network Manager products (network operation management software).

■ On-premises cloudCloud configuration to set devices in the user companies (on-premises).

■ OOBAn abbreviation of "Out-of-Band". A management method to directly manage and operate hardwareinstead of communication with software operated on hardware.

■ OperationUsing the SigmaSystemCenter to allocate machines to hosts and register them to a group.

■ Operation groupThe SigmaSystemCenter manages the machines in group units during operation. Group managementcan reduce the work load of machine management and operation cost. A group of the machines usedfor the same purpose is known as an operation group. The SigmaSystemCenter manages themachines as resources. With the [Resource] view of the Web console, the group can be created toclassify and display the machines to be managed. This group is the "resource group".

■ Operation Management ApplianceProvides monitoring function and software repository function to tenant administrators.

■ Operation Management Appliance TemplateTo assign the operation management appliance machines, templates of virtual and physical machinesare used. Those templates are called as "Operation Management Appliance Template".

■ Operation Management Appliance MachineVirtual and physical machines to which the operation management appliance is installed.

■ Operation Management Appliance MasterVirtual and physical machines which are source of operation management appliance templates.

121

■ Operation Management LANConnects portal server, back-end Firewall, servers accommodating VM, and operation managementserver of Virtual DataCenter Automation system.

■ OrchestrationAn architecture layer capable of managing one cloud base. Manages the cloud base triggeringrequests from the service portal and events having occurred in the system. Provisioning, appropriateallocation in the data center and operation automation are included in orchestration.

■ PETAn abbreviation of "Platform Event Trap". Directly reports the occurrence of events in BIOS orhardware from BMC, etc. using an SNMP trap.

■ Physical machineGeneric name of substantial hardware machines. Includes general machines and virtual machineservers in the physical machine.

■ PolicyRestoration process settings in the event of failure such as "What type of process must be set to theautomatic execution in case of a machine failure?". In the SigmaSystemCenter, the restorationprocess can be set for the virtual machine base such as ESMPRO/ServerManager or vCenter Server,Out-of-Band Management function, and machine failures detected by SystemMonitor PerformanceMonitoring.

■ Private cloudA configuration in which companies configure a cloud computing system only for their own use, andprovides departments in the companies or group companies with the cloud service.

■ Primary NICThe NIC to be connected with the network to manage the machines.

■ ProvisioningAn architecture layer to provide a virtualized resource pool and the management function of thephysical/virtual machines. Including physical/virtual server management functions, storage/networkmanagement functions (as a resource pool).

■ Public cloudA business configuration to secure/release resources freely by customers based on vast resources tobe owned.

122

■ PXE bootAn abbreviation of "Preboot eXecution Environment". A BIOS function to start the machine orinstall the OS using the network. Used for machine detection and software distribution in DPM.

■ RDMAn abbreviation of "Raw Device Mapping". A function enabling the virtual machine to directlyaccess to the disk volume by bypassing the virtualization layer of the disk.

■ Resource poolConsists of the physical total values of storage on the multiple VM servers to be managed, CPU, andmemory resource. The sub-pool can be extracted from the resource pool as needed.

■ RMCP/RMCP+An abbreviation of "Remote Management Control Protocol". A protocol to remotely execute IPMIinstructions via the network. Uses UDP.

■ Root resource poolSame as the resource pool.

■ SANAn abbreviation of "Storage Area Network". Sets the network only for the storage and providesmachines with storage.

■ Scenario control/ScenarioScenario control is a function in the SystemManager G component. It is used to execute workflows.Scenario is the name of a workflow defined by the scenario control. In Virtual DataCenterAutomation, workflows for typical operations are provided as scenarios in the scenario controlfunction.

■ Service modelThe resource pool line up for each quality provided by service providers. In the service model, theresource pool is classified into "Gold", "Silver" and "Bronze" for each quality.

■ Service portalThe function which can cooperate with vDC Automation to use interface of a service governor isoffered. Virtual DataCenter Automation Portal is relevant. It's possible to mount a service portaloriginally based on API where it's opened as well as something established.

123

■ Service providerManages the resources of cloud and tenants and provides them as a service.

■ Shared diskThe disk volume that can be shared by multiple machines.

■ SLAAn abbreviation of "Service Level Agreement". An agreement on service quality made between theservice providers and tenant/virtual system administrators. Service quality includes not only thesystem operating rate but also guidelines for security measures, internal information reports, andinquiry support processing, etc.

■ SNMP TrapCommunication in SNMP (Simple Network Management Protocol). SNMP agents notify managersof events.

■ Software RepositoryThis is a component to manage (registration, deletion, and group management) the software (VMs,middleware, patches, etc.) as templates so as to install such software in the managed server.

■ SQL ServerManagement software to configure and operate the relational database provided by Microsoft. VirtualDataCenter Automation uses SQL Server as the database to store the system configurationinformation.

■ Sub-poolConsists of the upper storage limits that can be allocated to the virtual machine, CPU, and memoryresource. A sub-pool can be created by extracting from the resource pool. However, a sub-pool with acapacity exceeding that of the resource pool can be created by overcommitting.

■ SysprepA tool to effectively operate Microsoft Windows OS.

■ SystemMonitor Performance MonitoringA SigmaSystemCenter component to monitor machine resource usage.

124

■ SystemProvisioningSigmaSystemCenter core component. Configures the machine to be managed, manages theconfiguration information, changes the configuration, and executes autonomous restoration from amachine failure, etc.

■ Task schedulerAutomatic execution utility of the program prepared as standard in the Windows OS. Task schedulerenables the set program to be automatically executed at the set time.

■ TenantThe unit used for borrowing the computing resources from service providers as a service. Chargeswill be incurred to this unit.

■ Tenant administratorThe person or organization managing IaaS users under a tenant and acting as the window for DCadministrators as a representative of tenants. Manages (creates or deletes) IaaS users who actuallyuse the resource. Manages the resource usage within a tenant and pays the service providersaccording to the management result.

■ Tenant VLANThe VLAN used for managing the virtual machines of tenants by tenant managers.

■ vCenter ServerA VMware product for integrated management of multiple ESXs and of the virtual machineconfigured on them. Also used as a generic name including vCenter Server in this document.

■ Virtual systemVM, and a system consisting of a combination of the provided network and storage source. This is aunit and managed as one system. For IaaS users, the virtual system is a unit of the scope of authorityfor operation and reference. IaaS users can add or delete resources to/from the virtual system if theyhave the authority. Resource usage within the virtual system can be managed.

■ vSphere ClientA VMware product equipped with the virtual machine and a user interface capable of creating,managing, and monitoring the resource and host of the virtual machine.

■ VLANTechnology capable of configuring the logical network separately from the physical networkconfiguration, and dividing the network into multiple broadcast domains.

125

■ VMAn abbreviation of "Virtual Machine". Means the same as the virtual machine listed in this glossary.Refer to the term "Virtual machine".

■ VMFSAn abbreviation of "Virtual Machine File System". In Virtual DataCenter Automation, the termVMFS is also used to refer to the VMFS volume, corresponding to Datastores items in themanagement screen of the Virtual Infrastructure Client. The VMFS volume houses the virtualmachine disk, etc. of the virtual machine.

■ VMSAn abbreviation of "Virtual Machine Server". Means the same as the virtual machine server listed inthis glossary. Refer to the term "Virtual machine server".

■ VM ImageFile group constituting a VM (virtual machine).

■ VM ImportUse VM image as a virtual machine.

■ VM Monitoring ServerServer in which the components necessary for the manager function (described in "2.3.2 InstalledFunctions (page 33)") are installed. Also called as RM.

■ VM ServerMeans the same as the virtual machine server listed in this glossary. Refer to the term "Virtualmachine server".

■ VNXStorage of EMC products.

■ WOL (Wake On LAN)Turns the power of the computer connected by LAN on via a network from other computers. Usedwhen turning the power on remotely in DPM.

■ WorkflowDefines the detailed process orders required to achieve the purpose (execution of instruction). Usedwhen automating operations. Administrator workflow (approval flow) is not included.

126

(Example) In VM creation, a series of works such as adding a charge, securing a resource, orprovisioning based on the self-service portal instruction as a trigger.

■ WWNAn abbreviation of "World Wide Name". An identification code uniquely allocated to the Host BusAdapter. Unique identifier in SAN. Allocated also to Host Bus Adapter.

127

MasterScope Virtual DataCenter Automation v4.0First Step Guide

April, 2017 1st Edition

NEC Corporation

©NEC Corporation 2012-2017

Documents

MasterScope Virtual DataCenter Automation v4 - NEC · PDF fileMasterScope Virtual DataCenter Automation v4.0 First Step Guide ... Internet Explorer, ... in a command line