I saw a question and answer post a few days ago. After I finished answering, I realized that this post was from last year and no one responded. He asked some questions about Huawei Cloud. Here is a summary and explanation of some of the concepts. The friends of HUAWEI CLOUD are helpful.
Article directory
Region
From the perspective of geographical location and network latency, public services such as elastic computing, block storage, object storage, VPC network, elastic public network IP, and mirroring are shared in the same Region. Regions are divided into general regions and dedicated regions. A general region refers to a region that provides general cloud services for public tenants. A dedicated region refers to a dedicated region that only carries the same type of business or provides business services for specific tenants (Huawei Cloud official concept definition).
In the concept of Region, public cloud and private cloud are consistent, and they both refer to geographical regions (regions selected when creating ECS, such as East China, Central China, South Africa, etc.). A Region may span several provinces and cover multiple data centers, and a Region has most of the capabilities except disaster recovery.
For Region, it usually includes access delay (that is, the delay for users in the Region to obtain services must be within a certain range, such as 100ms), coverage (exceeding the delay, for example, will affect the quality of service, so it is recommended to plan another Region/Region) and disaster recovery (each Region is usually distributed in different geographical locations, of course, different Regions can also be planned in the same geographic location as required) attributes. For HUAWEI CLOUD Stack, the following principles are usually referred to in Region planning:
- If the delay between two physical data centers exceeds 2ms, different Regions need to be planned.
- The management traffic, storage traffic, and business traffic between devices in a Region are relatively large, and have high requirements for network bandwidth. Therefore, a Region usually does not span physical data centers.
- The management plane in the Region communicates with each other. If the project has strict security requirements, some high-security services can be deployed in a separate Region.
- Cloud Server Disaster Recovery Service (CSDR) is cross-region disaster recovery. When using this service, you need to plan the main Region and disaster recovery Region.
Currently, HUAWEI CLOUD has opened cloud services in multiple regions around the world, and you can choose the region and availability zone that suits you according to your needs. For more information, see the HUAWEI CLOUD global site .
From personal experience, when creating a cloud region, I usually choose a data center that is close to my location.
Physical Region and Logical Region ( other than HUAWEI CLOUD )
Not all physical Regions are visible to the final tenants under the unified IAM. It is necessary to control certain Regions to be visible to specific tenants or user groups, while other Regions are not visible or directly accessible, such as financial exclusive Regions, government exclusive Regions, etc.; Region physical capacity growth Up to the upper limit, existing customers can see the old Region, and new tenants can only open to the new Region, instead of exposing two or more Regions in the same geographical area to the final tenant at the same time.
The Cloud Alliance is an organization. Operators establish a cooperative cloud alliance to realize the sharing of resources and networks among the alliances.
Typical scenario: Two Regions have been built in a certain region, and the resource scalability of Region1 is limited. It is desired to restrict the use of new users, and only existing users can see it; the Cloud Alliance Region is only open to some ordinary users; users in the financial zone are only allowed to access the exclusive financial Region.
Virtual Private Cloud (VPC, Virtual Private Cloud)
Virtual Private Cloud (Virtual Private Cloud) is an isolated and private virtual network environment that users apply for on HUAWEI CLOUD. Users can freely configure sub-services such as IP address segments, subnets, and security groups in the VPC, and can also apply for elastic bandwidth and elastic public network IP to build business systems. (Huawei Cloud official concept definition).
VPC is a virtual network that can be defined by users; it is a concept defined for the basic network (classic network) of the public cloud; it is a custom logically isolated network space on the public cloud. Define the boundaries of the user's private cloud. At the same time, the VPC can also be connected to our data center through VPN or dedicated line for flexible deployment of hybrid cloud.
VPC is mainly a function at the network level. Its purpose is to allow us to build an isolated virtual network environment on the cloud platform that can manage configurations and policies by ourselves, thereby further improving the security of our resources in the AWS environment. We can manage our own subnet structure, IP address range and allocation method, network routing strategy, etc. in the VPC environment. Since we can control and isolate the resources in the VPC, this is like a private cloud computing environment for us (quoted from the explanation that is widely copied from the Internet, this summary is very important, otherwise it will not It was turned around by everyone, so the key points are highlighted here for easy understanding).
Personal understanding (only on behalf of individuals): VPC can be understood as a local area network, in which you can create subnets and do whatever you want.
In addition, it should be noted that the VPC cannot be migrated to other regions, but can only be created. 2023年1月19日00:42:00At least that's what I know so far ( ).
Whether there is a VPC across Regions ( recommended )
In general, a VPC user chooses to be in a Region and will not cross Regions. If the user's business needs to cross regions, the current solution needs to create different VPCs in different regions, and then connect.
Personally, I know that Amazon has released cross-region services. VPC PeeringIf you are interested, you can find them yourself. This article mainly focuses on Huawei Cloud.
The following figure shows the cross-region VPC interconnection architecture of HUAWEI CLOUD:
Availability Zone (AZ, Availability Zone)
An AZ is a collection of one or more physical data centers , with independent wind, fire, water and electricity. In the AZ, resources such as computing, network, and storage are logically divided into multiple clusters. Multiple AZs in a Region are connected through high-speed optical fibers to meet the needs of users to build high-availability systems across AZs (Huawei Cloud official concept definition).
Availability Zone is a resource isolation area and fault tolerance area. The same partitionable arbitrary computation must be able to access arbitrary storage.
-
In a Region, there will be one or more physical AZs, and multiple physical AZs form an AZ group. Multiple physical AZs in the same physical AZ group meet the AZ latency requirements, that is, the internal latency of ECS between any AZs of tenants, as long
<2msas If the delay and isolation conditions are met, then one physical AZ may belong to two physical AZ groups at the same time. -
Because the two AZs in the same region are in the same computer room or the same campus, their network latency is low, so they can generally be used for physical disaster recovery in the same city , which is often referred to as " Three Centers in Two Places" in the same city two centers.
- Generally, the logical AZ number visible to the tenant is separated from the physical AZ number . For example, the logical AZ1 seen by the tenant (the AZ name seen on the cloud management platform interface) actually corresponds to the physical AZ3, and the logical AZ2 corresponds to the physical AZ1. Each logical AZ is mapped as A physical AZ that is not visible to tenants. The mapping relationship between physical AZs and logical AZs is determined by the operation strategy . Different tenants have different mapping strategies to avoid resource imbalance caused by tenant AZ number selection preferences.
Users make choices and considerations when selecting Region and AZ.
For the AZ availability zone, here is a written test question:
Availability partitions in OpenStack are logical partitions of physical resources (computing, storage, and network) and are collections of user-oriented resources. When dividing available partitions, the division principles are as follows:
- All resource clusters in an availability zone must come from a virtualization environment.
- All resource clusters in an availability zone must use the same storage.
- All resource clusters in an availability zone must use the same DVS.
Relationship between Region, AZ and VPC ( important )
In the above explanation concepts, some relationships among the three have actually been interspersed. Generally, a VPC can only be created under one Region, but it can span multiple AZs . Below you can refer to a relationship diagram I drew to better understand the relationship between the three.
Logical View of Regions and Availability Zones
In order to facilitate your understanding, Huawei Cloud is used as an example here to express the relationship between Region and AZ more intuitively in a graphical way.
1. User Perspective View
For users, the corresponding view is as follows:
2. Cloud user/cloud tenant view
The view for cloud users is as follows:
3. Cloud O&M manager view
The views for cloud operation and maintenance managers are as follows:
The administrator has the highest authority of the system and can see all the details of the system's physical structure and engineering deployment plan.
Under the two logical levels of Region (cascaded OpenStack) and AZ that ordinary tenants can see, system administrators can also see DC (site), POD (cascaded OpenStack), host aggregate (a group of homogeneous physical server), host (several homogeneous physical servers), node (that is, a cluster in vCenter or FusionCompute), and server (that is, a physical server).
How to choose a region?
When choosing an area, you need to consider the following factors:
-
Relevant laws and regulations
This must be put first, that is, when you want to choose a region, you must consider whether it complies with national or related policies, such as the EU agreement, or the data policy of mainland China, etc. If the enterprise or user has no restrictions on the above, then that is This can be ignored.
-
geographic location
In general, it
就近原则is recommended to choose the nearest area close to you or your customers, which can reduce network delay and improve access speed .
There is an introduction on Huawei's official website: In terms of infrastructure, BGP network quality, and resource operation and configuration, there is little difference between regions in mainland China.
In this way, if you or your target users are in mainland China, you don't need to consider the network delay caused by different regions.- Users who have business in Asia-Pacific regions other than mainland China can choose regions such as
香港,新加坡,曼谷or .雅加达 - Users who have business in the African region can choose the South African
约翰内斯堡region . - Users who have business in the European region can choose the French
巴黎region (cooperation region). - Users who have business in the South America region can choose
墨西哥,圣地亚哥or圣保罗region - In North America, unfortunately, HUAWEI CLOUD does not have regional nodes for the time being, you know ( updated on January 17, 2023 ).
- Users who have business in Asia-Pacific regions other than mainland China can choose regions such as
Huawei's global node distribution map ( click here for official data ):
-
resource price
What is said here is that the price of the same service is different in different regions.
Note : For resource prices in different regions, please refer to HUAWEI CLOUD Service Price Details .
How to choose an availability zone?
Whether to place resources in the same availability zone mainly depends on your requirements for disaster recovery capability and network latency.
- If your application requires high disaster recovery capabilities, it is recommended that you deploy resources in different availability zones in the same region.
- If your application requires low network latency between instances, it is recommended that you create resources in the same availability zone.
In short, when users choose Region and AZ, they mainly consider three factors: geographical location, service connectivity, price, and resources.
References
- Selecting optimal high availability and disaster recovery topology for your on-premises application
- Introduction to "Three Centers in Two Places" and "Active-Active" - Disaster Recovery Technical Solution
- Regions and Availability Zones
- Cloud region (region), availability zone (AZ), cross-region data replication (Cross-region replication) and disaster recovery (Disaster Recovery) (Part 1)
- Cross-regional VPC communication
Note : This article was originally
bluetatapublished by: https://bluetata.blog.csdn.net/ Reprinted please be sure to indicate the source.