HCIP Study Notes-Computing Service Planning-2

The Computing Industry Continues to Evolve

Cloud Computing Service Model

Huawei Cloud Computing Service

Advantages of cloud computing

• On-demand self-service:
  • Users order software, servers or other services themselves on a self-service basis. This is done through an internet portal.
• Resource pool:
  • Users can share the systems and services of the cloud data center. In other words, each user gets a part of the server, database or storage system among other customers. This is possible because of a technology called virtualization. Of course, the different areas of the client are strictly separated from each other.
• Extreme elasticity
  • Cloud computing services automatically adapt to user needs. For example, they can order more servers or more powerful servers or order additional Office licenses. This on-demand model allows the IT environment to adapt to actual needs without requiring users to install I systems in their own homes.
• pay as much as you use
  • Cloud computing services are known as pay-per-use services. The service provider can check the services and functions used by the customer in detail and charge corresponding fees. This is why cloud service providers bill by the hour or by the minute.
• Broadband internet access:
  • Cloud services are accessible over the normal open web. In other words, the user does not need any special tools.

Elastic Cloud Server ECS

• Stable and reliable:
  • Rich disk types: Provide common IO, high IO, general-purpose SSD, ultra-high IO, and ultra-fast SSD types of cloud hard disks, which can support the needs of different business scenarios of cloud servers.
• High Data Reliability:
  • Based on a distributed architecture, the elastically scalable virtual block storage service has high data reliability and high I/O throughput, and can ensure fast data migration and recovery when any copy fails to avoid data loss caused by a single hardware failure.
  • Support backup and recovery of cloud server and cloud hard disk: automatic backup strategy can be set in advance to realize online automatic backup. You can also back up the cloud server and cloud hard disk data at a specified point in time through the console or API at any time as needed.
• Security:
  • Multiple security services, multi-dimensional protection: Web application firewall, vulnerability scanning and other security services provide 6 multi-dimensional protection.
  • Security assessment: Provides a security assessment of the user's cloud environment to help users quickly discover security weaknesses and threats while providing security configuration checks and giving security practice recommendations to effectively reduce or avoid losses caused by viruses and malicious attacks in the network.
  • Intelligent process management: Provide intelligent process management services, based on a customizable whitelist mechanism, automatically prohibit the execution of illegal programs, and ensure the security of ECS.
  • Vulnerability scanning: supports general web vulnerability detection, third-party application vulnerability detection, port detection, fingerprint identification and other scanning services.

ECS product architecture

• By combining with other cloud services, ECS can realize computing, storage, network and other functions:
  • ECS is deployed in different availability zones, and failures in some availability zones will not affect other availability zones in the same region.
  • Cloud monitoring is an important part of maintaining ECS ​​reliability, availability, and performance. Through cloud monitoring, users can observe ECS resources.

ECS naming rules

Introduction to ECS types

• General entry type:
  • It is suitable for scenarios where the CPU utilization is usually kept low, but occasionally requires a very high instantaneous CPU usage.
• General calculation type:
  • Websites and web applications that have high requirements on the performance of network sending and receiving packets, lightweight databases and cache servers 0 lightly loaded enterprise applications.
• General compute-enhanced:
  • Applicable to various medium and heavy-duty enterprise applications such as Web applications, e-commerce platforms, short video platforms, online games, insurance and finance that have higher performance requirements for computing and networks
• Memory Optimized:
  • Massively parallel processing data warehouses, MapReduce and Hadoop distributed computing, distributed file systems, network file systems, log or data processing applications.
• Disk Enhanced:
  • Distributed file system, network file system, log or data processing application
• High performance computing type:
  • Computing and storage systems for genetic engineering, game animation, and biopharmaceuticals.

The above statistics are as of the end of August 2022.

How to choose the right cloud server

• How to choose a server type?
  • Business scenario: The user should select the cloud server in the area closest to the business according to the principle of proximity based on the area to which the company's business belongs. This can reduce network delay and improve access speed.
• Resource consumption: Try to make full use of the purchased ECS resources, so that the cloud server can maximize the operation of the company's business.
• Specification matching: In the follow-up content, taking an Internet company as an example, the three stages of company development (startup stage, growth stage, and mature stage) are divided according to the company size, and a suitable cloud is recommended based on the three different stages. Service type.
• Cost control: It is not that the cloud server with higher configuration is suitable, the higher the configuration, the higher the cost. You can evaluate the specifications of the cloud server in advance according to your business. Later, when resources are insufficient, you can expand the capacity of the cloud server or replace it with a more suitable cloud server. Whether it is expansion or change, it is very convenient.

ECS selection

Selection one

• T6 example:
  • The performance of the general-purpose entry-level T6 is constrained by the benchmark performance and CPU credits, and is only suitable for scenarios where the CPU utilization is usually kept low and needs to be increased instantaneously.
  • It is suitable for scenarios where the CPU utilization rate is usually kept low, but occasional high instantaneous CPU usage is required, such as microservices.
• S6 instance:
  • Equipped with the second-generation Intel @Xeon Scalable processor, it is equipped with Huawei's self-developed 25 GE intelligent high-speed network card to provide higher network bandwidth and PPS sending and receiving capabilities, providing higher cost performance.
  • Websites and web applications that have high requirements on network packet sending and receiving performance.
• S7 instance:
  • Equipped with the third-generation Intel @Xeon@ scalable processor, it is equipped with Huawei's self-developed 25GE intelligent high-speed network card, which provides higher network bandwidth and PPS sending and receiving capabilities, and provides higher cost performance.
• What is network sending and receiving packet PPS?
  • Network packet sending and receiving PPS refers to the number of network data packets that ECS can process per second, including the two directions of sending and receiving packets without distinguishing between internal and external network traffic. The packet sending and receiving capability of the network indicates the maximum capability that can be achieved by adding the direction and the inbound direction. The unit of network sending and receiving packets is PPS, that is, packets per second, which means the number of packets sent per second.

Selection two

• C3 instance:
  • C3-type ECS is a series of newly launched ECS specifications with higher performance and more stable computing power. It is equipped with Intel@Xeon@Scalable processor, supporting high-performance network, comprehensive performance and stability, and meeting the requirements for business stability. And enterprise-level applications with high computing performance requirements.
  • Small and medium-sized databases, caches, and search clusters that require high stability
• Example of C6s:
  • The C6s cloud server is equipped with the second-generation Intel @Xeon@ scalable processor, which has the characteristics of high performance, high stability, low latency, and high cost performance. It is suitable for Internet, games, rendering and other scenarios, especially for computing and Scenarios with high requirements on network stability.
  • It is suitable for scenarios such as the Internet, games, and rendering, especially for scenarios with high requirements for computing and network stability. Such as game business scenarios, rendering scenarios, and other scenarios.
• C7 example:
  • Equipped with third-generation Intel. The Xeon@Scalable Processor has been fully upgraded in terms of performance, security, and stability. The maximum number of cores has been upgraded to 128 U, and the memory frequency has been upgraded to 3200 MHz. It supports secure boot and provides a safe and reliable cloud environment.
  • It is suitable for medium and heavy-duty enterprise applications such as Web applications, e-commerce platforms, short video platforms, online games, insurance and finance, etc. that have higher performance requirements for computing and networks.

Selection three

• M7 example:
  • The M7 elastic cloud server is equipped with the third-generation Intel @Xeon@ scalable processor, which has been fully upgraded in terms of performance, security, and stability. The maximum number of cores has been upgraded to 128 U, and the memory frequency has been upgraded to 3200 MHz; it supports secure boot , providing a secure and trusted cloud environment, suitable for high-memory computing applications.
  • High-performance data warehouse, memory database, MapReduce and Hadoop distributed computing, distributed file system and network file system, log or data processing applications.
• D7 example:
  • The main applications are massively parallel processing (MPP) data warehouses, MapReduce and Hadoop distributed computing, and big data computing.
  • Distributed file system, network file system, log or data processing application.
• 17 Examples:
  • Use high-performance NVMe SSD local disks to provide high storage IOPS and low read and write latency
  • Applicable to high-performance relational databases, non-relational databases, ElasticSearch and other scenarios0

ECS optimization

Create the overall process of ECS

Create ECS-basic configuration rules

• Select "Billing Mode", "Yearly/Monthly" or "Pay as You Need"
  • Yearly/monthly subscription: After the user purchases the cloud server configuration, he can set the purchase duration according to his needs, and the system will deduct the account balance according to the purchase price once.
  • Pay-as-you-go: After the user purchases the cloud server configuration, there is no need to set the purchase duration, and the system will deduct fees from the account balance according to the consumption duration.
  • Bidding billing: HUAWEI CLOUD sells available computing resources at a certain discount, and its price changes in real time with market supply and demand. This billing model is discounted sales and real-time price changes.
• Regions and Availability Zones: The intranets of cloud service products in different regions are not connected to each other. Please choose an area close to the business, which can reduce network delay and improve access speed.
• Select "Specification": The public cloud provides various types of ECS for users to choose from. For different application scenarios, ECS with different specifications can be selected. You can view the online ECS types and specifications in the list, or enter the specification name, or search for target specifications based on vCPU and memory size
• A mirror image is a server or disk template that contains software and necessary configurations, including operating systems or business data, as well as application software and proprietary software. Images are divided into public images, private images, shared images, and market images.
• Types of system disks: There are mainly high IO type, general-purpose SSD, ultra-high IO type, and extremely fast SSD. By default, the type and size of the system disk need to be specified.

Create ECS-other configuration

• The network configuration of ECS includes:
  • Subnet: A subnet is a network used to manage the ECS network plane. It can provide IP address management and DNS services. The IP addresses of ECS in the subnet belong to the subnet.
  • Security group: A security group is a logical grouping that provides access policies for ECSs that have the same security protection requirements and trust each other. It is used to strengthen the security protection of ECS.
  • Adding an expansion network card: optional configuration.
• The advanced configuration of ECS includes:
  • Cloud server name: The name can be customized, but it must comply with the naming rules. If multiple ECS systems are purchased at the same time, the suffixes will be automatically added sequentially.
  • Login Credentials: "Key Pair" refers to using a key as the ECS authentication method, and "Password" refers to using the set initial password as the ECS authentication method. For the Linux operating system, use the initial password of the root user, and for the Windows operating system, use the initial password for the Administrator user.
  • Cloud backup: cloud backup provides backup protection for cloud hard disks and ECS, and supports the use of backup data to restore data on cloud servers and cloud hard disks
  • Cloud server group: Set up a cloud server group, optional configuration, the ECS in the cloud server group will follow the anti-affinity policy, and create them as dispersedly as possible on different hosts.
  • Advanced options: advanced configuration, optional configuration, etc.

Applications

Dedicated Hosting DeH

• Economical: Tenants can bring existing licenses of Microsoft Windows Server, Microsoft SQL Server, Microsoft Office, etc., thus saving licensing expenses.
• Security: DeH service adds another layer of computing resource isolation for tenants, and workloads on dedicated hosts will not be disturbed by workloads of other tenants.
• Compliance: The isolation of physical hosts will help sensitive businesses meet regulatory compliance requirements.
• Elasticity: Dedicated hosting can be issued within a few minutes, flexible application.
• Reliable: DeH service supports 99.95% availability

Comparison between DeH and ECS

• Users can create cloud servers on dedicated hosts to meet users' higher requirements for isolation, security, and performance. At the same time, users can also continue to use the server-side software license before migration when migrating their business to a dedicated host, that is, they support their own license, which can save costs and improve the autonomy of cloud servers.

Migrate ECS from DeH

• Migration Notes:
  • The cloud server in the shutdown state can perform the migration operation
• Usage scenario: When the user does not use the ECS deployed on the DeH or wants to consider deleting it after a period of time, the user can first migrate the ECS on the DeH to the public pool

Application Scenario

Bare Metal Server BMS

• Safe and reliable
  • BMS is a user-specific computing resource that supports VPC, security group isolation, and host security-related component integration. The BMS based on the DynaSky architecture supports cloud disks as system disks and data disks, and supports hard disk backup and recovery capabilities; it supports docking with dedicated storage to meet Business security and reliability requirements for enterprise data security and supervision.
• Excellent performance:
  • BMS inherits the characteristics of physical servers, has no virtualization overhead and performance loss, and releases 100% of computing power resources. Combined with Huawei's self-developed DynaSky software and hardware collaboration architecture, it supports high-bandwidth, low-latency cloud storage, and cloud network access performance; it meets the deployment density and performance requirements of key services such as enterprise databases, big data, containers, HPC, and AI.
• Agile deployment efficiency:
  • Based on DynaSky acceleration hardware, BMS supports cloud disks to be quickly provisioned as system disks, resource provisioning at the minute level, based on a unified console, open API and SDK, and supports self-service resource life cycle management and operation and maintenance
• Rapid integration of cloud services and solutions:
  • Based on a unified VPC model, BMS supports fast models of public cloud services, helping enterprise customers realize the integration of key business cloud solutions such as databases, big data, containers, HPC, and AI, and accelerate the efficiency of business cloudization online.

Introduction to the four network types

• Virtual private cloud network:
  • Users can define network features such as security groups, VPNs, IP address segments, and bandwidth in VPC. Users can easily manage and configure the internal network through VPC, and make safe and fast network changes. At the same time, users can customize the access rules within and between security groups to strengthen the security protection of the BMS.
• High-speed network, compared with the previous generation of high-speed network, the enhanced high-speed network has the following three advantages:
  • The bandwidth is increased to 10 GE and above.
  • Tenants can customize the number of network planes and support up to 4K subnets.
  • Supports BMS virtualization to access the external network.
• Custom VLAN network:
  • The NICs of a custom VLAN network appear in pairs, and users can configure bonds to achieve high availability. The custom VLAN network currently does not support cross-AZ intercommunication.

Application Scenario

• Database scenario:
  • Government, enterprise, and financial key database services must be carried by physical servers with exclusive resources, network isolation, and guaranteed performance. BMS provides users with exclusive high-performance physical servers to meet business needs.
• Big data scenario:
  • Internet big data-related businesses, including typical businesses such as big data storage and analysis. Supports bare metal local 0 storage and a storage-computing separation solution combined with OBS services.
• Container scenario:
  • Internet elastic business load. Compared with virtual machines, BMS provides higher deployment density, lower resource overhead and more agile deployment efficiency. Based on cloud-native technology, it helps customers achieve the goal of reducing cloud costs.
• High-performance computing/AI scenarios:
  • In high-performance computing scenarios such as supercomputing, gene sequencing, and artificial intelligence, the amount of data processed is large, and BMS meets business demands for high computing performance, high stability, and high real-time performance of servers.

Comparison between BMS and other servers

Cloud phone CPH

• The cloud mobile phone is implemented based on Huawei TaiShan ARM server, and integrates multiple cost-effective professional GPU graphics cards to provide professional graphics and image processing capabilities
• Cloud phone provides video, audio and touch SDK. Based on the terminal equipment, customers can develop corresponding APPs to obtain the audio and video of the cloud mobile phone, and can also collect touch commands, such as touch screen, slide, click and other operation commands, so as to execute them on the cloud mobile phone.

Cloud Phone Engine CCE

• Simple and easy to use:
  • One-stop automatic deployment and operation and maintenance of container applications, the entire life cycle is completed in one stop in the container service
  • Deep integration of application service grid and Helm standard template, truly out of the box.
• high performance:
  • Based on years of industry technology accumulation in computing, network, storage, and heterogeneity, it provides an industry-leading high-performance cloud container engine to support high-concurrency and large-scale business scenarios
  • Using high-performance bare metal NUMA architecture and high-speed IB network card, AI computing performance is improved by more than 3-5 times.
• Safe and reliable:
  • High reliability: Nodes and workloads in the cluster support cross-availability zone (AZ) deployment, helping users to easily build a multi-active business architecture, ensuring that the business system can continue to run in the event of host failure, computer room interruption, natural disasters, etc., and obtain the support of the production environment High stability, realizing zero interruption of business system.
  • High security: Private clusters are completely controlled by users, and deeply integrate IAM and Kubernetes RBAC capabilities, allowing users to set different RBAC permissions for sub-users on the interface.
• Open Compatibility:
  • On the basis of Docker technology, the cloud container engine provides containerized applications with a series of complete functions such as deployment and operation, resource scheduling, service discovery and dynamic scaling, which improves the convenience of large-scale container cluster management
  • The cloud container engine is based on the mainstream Kubernetes implementation in the industry, and is closely synchronized with the latest version of the community. It is fully compatible with Kubernetes API and Kubectl.

Function Workflow FunctionGraph

• When users use FunctionGraph, they do not need to activate or pre-configure computing, storage, network and other services. FunctionGraph provides and manages the underlying computing resources, including server CPU, memory, network and other configuration resource maintenance, code deployment, elastic scaling, load balancing, For security upgrades, resource operation monitoring, etc., users only need to provide program packages according to the programming languages ​​supported by FunctionGraph, upload them and run them.

mirror service