Citrix Systems 4.2 13.2. Large-Scale Redundant Setup

Chapter 13. Choosing a Deployment Architecture

158

13.2. Large-Scale Redundant Setup

This diagram illustrates the network architecture of a large-scale CloudPlatform deployment.

• A layer-3 switching layer is at the core of the data center. A router redundancy protocol like VRRP

should be deployed. Typically high-end core switches also include firewall modules. Separate

firewall appliances may also be used if the layer-3 switch does not have integrated firewall

capabilities. The firewalls are configured in NAT mode. The firewalls provide the following functions:

• Forwards HTTP requests and API calls from the Internet to the Management Server. The

Management Server resides on the management network.

• When the cloud spans multiple zones, the firewalls should enable site-to-site VPN such that

servers in different zones can directly reach each other.

• A layer-2 access switch layer is established for each pod. Multiple switches can be stacked to

increase port count. In either case, redundant pairs of layer-2 switches should be deployed.

Contents

Main Page Page Page Page Page Page Page Getting More Information and Help 1.1. Additional Documentation Available 1.2. Citrix Knowledge Center 1.3. Contacting Support Page Concepts 2.1. What Is CloudPlatform? 2.2. What Can CloudPlatform Do? 2.3. Deployment Architecture Overview 2.3.1. Management Server Overview 2.3.2. Cloud Infrastructure Overview 2.3.3. Networking Overview Page Page Cloud Infrastructure Concepts 3.1. About Regions 3.2. About Zones Page 3.3. About Pods 3.4. About Clusters 3.5. About Hosts 3.6. About Primary Storage 3.7. About Secondary Storage 3.8. About Physical Networks 3.8.1. Basic Zone Network Traffic Types 3.8.2. Basic Zone Guest IP Addresses 3.8.3. Advanced Zone Network Traffic Types 3.8.4. Advanced Zone Guest IP Addresses 3.8.5. Advanced Zone Public IP Addresses 3.8.6. System Reserved IP Addresses Page Upgrade Instructions 4.1. Upgrade from 3.0.x to 4.2 Page Page Page Page Page Page Page XenServer or KVM: ESXi 4.2. Upgrade from 2.2.x to 4.2 Page Page Page Page Page Page Page XenServer or KVM: ESXi 4.3. Upgrade from 2.1.x to 4.2 4.4. Upgrading and Hotfixing XenServer Hypervisor Hosts 4.4.1. Upgrading to a New XenServer Version Page 4.4.2. Applying Hotfixes to a XenServer Cluster Page Page Page Installation 5.1. Who Should Read This 5.2. Overview of Installation Steps 5.3. Minimum System Requirements 5.3.1. Management Server, Database, and Storage System Requirements 5.3.2. Host/Hypervisor System Requirements 5.3.3. Hypervisor Compatibility Matrix 5.3.3.1. CloudPlatform 4.x 5.3.3.2. CloudPlatform 3.x 5.3.3.3. CloudPlatform 2.x 5.4. Management Server Installation 5.4.1. Management Server Installation Overview 5.4.2. Prepare the Operating System Page 5.4.3. Install the Management Server on the First Host 5.4.4. Install and Configure the Database 5.4.4.1. Install the Database on the Management Server Node Page 5.4.4.2. Install the Database on a Separate Node Page 5.4.5. About Password and Key Encryption 5.4.6. Changing the Default Password Encryption 5.4.7. Prepare NFS Shares 5.4.7.1. Using a Separate NFS Server 5.4.7.2. Using the Management Server As the NFS Server Page 5.4.8. Prepare and Start Additional Management Servers 5.4.9. Management Server Load Balancing 5.4.10. Prepare the System VM Template 5.4.11. Installation Complete! Next Steps 5.5. Setting Configuration Parameters 5.5.1. About Configuration Parameters Page 5.5.2. Setting Global Configuration Parameters 5.5.3. Setting Local Configuration Parameters 5.5.4. Granular Global Configuration Parameters Page Page Page Page User Interface 6.1. Supported Browsers 6.2. Log In to the UI Username Password 6.2.2. Root Administrator's UI Overview 6.2.3. Logging In as the Root Administrator 6.2.4. Changing the Root Password 6.3. Using SSH Keys for Authentication 6.3.1. Creating an Instance from a Template that Supports SSH Keys 6.3.2. Creating the SSH Keypair 6.3.3. Creating an Instance 6.3.4. Logging In Using the SSH Keypair 6.3.5. Resetting SSH Keys Page Steps to Provisioning Your Cloud Infrastructure 7.1. Overview of Provisioning Steps 7.2. Adding Regions (optional) 7.2.1. The First Region: The Default Region 7.2.2. Adding a Region 7.2.3. Adding Third and Subsequent Regions 7.2.4. Deleting a Region 7.3. Adding a Zone 7.3.1. Create a Secondary Storage Mount Point for the New Zone 7.3.2. Steps to Add a New Zone 7.3.2.1. Basic Zone Configuration Page Page 7.3.2.2. Advanced Zone Configuration Page Page Page Page 7.4. Adding a Pod 7.5. Adding a Cluster 7.5.1. Add Cluster: KVM or XenServer 7.5.2. Add Cluster: OVM 7.5.3. Add Cluster: vSphere 7.5.3.1. VMware Cluster Size Limit 7.5.3.2. Adding a vSphere Cluster Page Page 7.6. Adding a Host 7.6.1. Adding a Host (XenServer, KVM, or OVM) 7.6.1.1. Requirements for XenServer, KVM, and OVM Hosts 7.6.1.1.1. XenServer Host Additional Requirements 7.6.1.1.2. KVM Host Additional Requirements 7.6.1.2. Adding a XenServer, KVM, or OVM Host 7.6.2. Adding a Host (vSphere) 7.7. Adding Primary Storage 7.8. Adding Secondary Storage 7.8.1. Adding an NFS Secondary Staging Store for Each Zone 7.9. Initialize and Test Page Page Installing XenServer for CloudPlatform 8.1. System Requirements for XenServer Hosts 8.2. XenServer Installation Steps 8.3. Configure XenServer dom0 Memory 8.4. Username and Password 8.5. Time Synchronization 8.6. Licensing 8.6.1. Getting and Deploying a License 8.7. Install CloudPlatform XenServer Support Package (CSP) 8.8. Primary Storage Setup for XenServer 8.9. iSCSI Multipath Setup for XenServer (Optional) 8.10. Physical Networking Setup for XenServer 8.10.1. Configuring Public Network with a Dedicated NIC for XenServer (Optional) 8.10.2. Configuring Multiple Guest Networks for XenServer 8.10.3. Separate Storage Network for XenServer (Optional) 8.10.4. NIC Bonding for XenServer (Optional) 8.10.4.1. Management Network Bonding 8.10.4.2. Creating a Private Bond on the First Host in the Cluster 8.10.4.3. Public Network Bonding 8.10.4.4. Creating a Public Bond on the First Host in the Cluster 8.10.4.5. Adding More Hosts to the Cluster 8.10.4.6. Complete the Bonding Setup Across the Cluster Page Installing KVM for CloudPlatform 9.1. System Requirements for KVM Hypervisor Hosts 9.1.1. Supported Operating Systems for KVM Hosts 9.1.2. System Requirements for KVM Hosts 9.2. Install and configure the Agent 9.3. Installing the CloudPlatform Agent on a KVM Host 9.4. Physical Network Configuration for KVM 9.5. Time Synchronization for KVM Hosts 9.6. Primary Storage Setup for KVM (Optional) Page Page Installing VMware for CloudPlatform 10.1. System Requirements for vSphere Hosts 10.1.1. Software requirements Apply All Necessary Hotfixes 10.1.2. Hardware requirements 10.1.3. vCenter Server requirements: 10.1.4. Other requirements: 10.2. Preparation Checklist for VMware 10.2.1. vCenter Checklist 10.2.2. Networking Checklist for VMware 10.3. vSphere Installation Steps 10.4. ESXi Host setup 10.5. Physical Host Networking 10.5.1. Configure Virtual Switch 10.5.1.1. Separating Traffic 10.5.2. Configure vCenter Management Network 10.5.3. Configure NIC Bonding for vSphere 10.6. Configuring a vSphere Cluster with Nexus 1000v Virtual Switch 10.6.1. About Cisco Nexus 1000v Distributed Virtual Switch 10.6.2. Prerequisites and Guidelines 10.6.3. Nexus 1000v Virtual Switch Preconfiguration 10.6.3.1. Preparation Checklist 10.6.3.1.1. vCenter Credentials Checklist 10.6.3.1.2. Network Configuration Checklist 10.6.3.1.3. VSM Configuration Checklist 10.6.3.2. Creating a Port Profile 10.6.3.3. Assigning Physical NIC Adapters 10.6.3.4. Adding VLAN Ranges 10.6.4. Enabling Nexus Virtual Switch in CloudPlatform 10.6.5. Configuring Nexus 1000v Virtual Switch in CloudPlatform 10.6.6. Removing Nexus Virtual Switch 10.6.7. Configuring a VMware Datacenter with VMware Distributed Virtual Switch 10.6.7.1. About VMware Distributed Virtual Switch 10.6.7.2. Prerequisites and Guidelines 10.6.7.3. Preparation Checklist Page 10.6.7.4. Enabling Virtual Distributed Switch in CloudPlatform 10.6.7.5. Configuring Distributed Virtual Switch in CloudPlatform 10.7. Storage Preparation for vSphere (iSCSI only) 10.7.1. Enable iSCSI initiator for ESXi hosts 10.7.2. Add iSCSI target 10.7.3. Create an iSCSI datastore 10.7.4. Multipathing for vSphere (Optional) 10.8. Add Hosts or Configure Clusters (vSphere) Page Bare Metal Installation 11.1. Bare Metal Host System Requirements 11.2. About Bare Metal Kickstart Installation 11.2.1. Limitations of Kickstart Baremetal Installation 11.3. Provisioning a Bare Metal Host with Kickstart 11.3.1. Download the Software 11.3.2. Set Up IPMI 11.3.3. Enable PXE on the Bare Metal Host 11.3.4. Install the PXE and DHCP Servers 11.3.5. Set Up a File Server Page 11.3.6. Create a Bare Metal Image 11.3.7. Create a Bare Metal Compute Offering 11.3.8. Create a Bare Metal Network Offering 11.3.9. Set Up the Security Group Agent (Optional) Page 11.3.10. (Optional) Set Bare Metal Configuration Parameters 11.3.11. Add a Bare Metal Zone 11.3.12. Add a Bare Metal Cluster 11.3.13. Add a Bare Metal Host 11.3.14. Add the PXE Server and DHCP Server to Your Deployment 11.3.15. Create a Bare Metal Template 11.3.16. Provision a Bare Metal Instance 11.3.17. Test Bare Metal Installation 11.3.18. Example CentOS 6.x Kickstart File Chapter 11. Bare Metal Installation 148 11.3.19. Example Fedora 17 Kickstart File Example Ubuntu 12.04 Kickstart File 149 11.3.20. Example Ubuntu 12.04 Kickstart File Chapter 11. Bare Metal Installation 150 11.4. Using Cisco UCS as Bare Metal Host CloudPlatform 11.4.1. Registering a UCS Manager 11.4.2. Associating a Profile with a UCS Blade 11.4.3. Disassociating a Profile from a UCS Blade Page Installing Oracle VM (OVM) for CloudPlatform 12.1. System Requirements for OVM Hosts 12.2. OVM Installation Overview 12.3. Installing OVM on the Host(s) 12.4. Primary Storage Setup for OVM 12.5. Set Up Host(s) for System VMs Choosing a Deployment Architecture 13.1. Small-Scale Deployment 13.2. Large-Scale Redundant Setup 13.3. Separate Storage Network 13.4. Multi-Node Management Server 13.5. Multi-Site Deployment Page Network Setup 14.1. Basic and Advanced Networking Basic Advanced 14.2. VLAN Allocation Example 14.3. Example Hardware Configuration 14.3.1. Dell 62xx 14.3.2. Cisco 3750 14.4. Layer-2 Switch Example Configurations 14.4.1. Dell 62xx 14.4.2. Cisco 3750 14.5. Hardware Firewall 14.5.1. Generic Firewall Provisions 14.5.2. External Guest Firewall Integration for Juniper SRX Page 14.5.3. External Guest Firewall Integration for Cisco VNMC 14.5.3.1. Using Cisco ASA 1000v Firewall, Cisco Nexus 1000v dvSwitch, and Cisco VNMC in a Deployment 14.5.3.1.1. Guidelines 14.5.3.1.2. Prerequisites 14.5.3.1.3. Using Cisco ASA 1000v Services 14.5.3.2. Adding a VNMC Instance 14.5.3.3. Adding an ASA 1000v Instance 14.5.3.4. Creating a Network Offering Using Cisco ASA 1000v 14.5.3.5. Reusing ASA 1000v Appliance in new Guest Networks 14.6. External Guest Load Balancer Integration (Optional) 14.7. Topology Requirements 14.7.1. Security Requirements 14.7.2. Runtime Internal Communications Requirements 14.7.3. Storage Network Topology Requirements 14.7.4. External Firewall Topology Requirements 14.8. Guest Network Usage Integration for Traffic Sentinel 14.9. Setting Zone VLAN and Running VM Maximums Page Amazon Web Service Interface 15.1. Amazon Web Services EC2 Compatible Interface Limitations: 15.2. System Requirements 15.3. Enabling the AWS API Compatible Interface 15.4. AWS API User Setup Steps (SOAP Only) 15.4.1. AWS API User Registration 15.4.2. AWS API Command-Line Tools Setup 15.5. Supported AWS API Calls Page Page Page Additional Installation Options 16.1. Installing the Usage Server (Optional) 16.1.1. Requirements for Installing the Usage Server 16.1.2. Steps to Install the Usage Server 16.2. SSL (Optional) 16.3. Database Replication (Optional) Page 16.3.1. Failover