As at December 2009, various servers in IT are running under Windows 2000 Server operating system. Microsoft had decided not to support Windows 2000 platform OS on July 2010. IT plans to migrate those servers which do not have hardware/application constraint into Windows 2003 platform.
As there are over 20 servers and the related hardware boxes are over 5 years, existing hardware also facing upgrade issue. To cater the software and hardware upgrade requirements, IT go for server consolidation and virtualization exercise according to the technology trend and "Green-IT" strategy.
In 2007, IT started some casual experiments on virtualization product such as VMware workstation 6, VMware Player and VMware Server were tested on virtual technology and the result is encouraging. On November 2009, an IBM 3560 M2 server with 16G RAM was used to setup an environment as a pilot test on server consolidation. Finally, 10 testing and production servers in Mongkok IT were migrated to this pilot server. All servers run smoothly and no major problem was observed. The positive result proves that server consolidation is fleasible to implement in the shop.
2. Project Definition
Get your grade
or your money back
using our Essay Writing Service!
The purpose of the project is to replace outdated servers with a powerful and expandable server (vm-server) with enough capacity to run multiple virtual machines concurrently. The implementation should allow future improvement on the infrastructure of the Bank's IT foundation. As this is the initial stage of server migration, advance feature such as dynamic migration of live system to backup / standby vm-server is not catered.
One VMware vSphere 4.0 server will be setup in Mongkok and West Point site. These servers will connected to core-switch using 2 NICs to provide high availability. 2 more NICs will be connected to a HA firewall system (with 2 Fortigate FG60 firewall) to provide service to virtual servers that need network access filtering.
As stated in 2.1, dynamic migration of live system is not catered. However, there is time that the vm-server needs to shutdown for hardware maintenance and upgrade. Under such situation, IT will setup temporary server(s) for live system migration (vMotion). After the service completed, the servers will vMotion back to the vm-server. Since a 30-days trial license key with full feature is available, there is no extra software investment about a powerful machine is required.
A vCenter Server which provide administration and "physical to virtual" server migration services will be setup. This server contains database of inventory of all vm-servers and their clients (virtual machine). It is important for management of the virtualized environment. To allow it to existing during hardware failure or DR drill processing, the server will be setup as virtual machine but run on the free version of vSphere server (ESXi 4.0).
SAN storage will be used as data store for the virtual machine image. All disk space will be allocated during system migration to improve processing efficiency. Since the SAN datastore hold all images of virtual machines, strict access control of the data store is required.
On network access filtering, 2 Fortigate FG60 firewalls will setup a HA system. VDOM / VLAN will be used to provide network isolation for systems behind the firewall. One cannot access servers in another subnet by changing the IP address to the subnet one intended to access.
New technologies being used in the project include :-
Server virtualization (VMware vSphere 4)
System backup by snapshoting a running image
Shift a running system to another hardware box without service interruption (vMotion)
VLAN / VDOM for network isolation under a single firewall port (under Fortigate FW)
Some HA systems are running by Windows Server clustering. To migrate such systems into virtual envorionment, multiple vm machines are required. As there is only 1 vm server in each site, these systems cannot migrate to virtual machines.
The bandwidth of firewall ports is 100Mbps. After consoldation, the total bandwidth may exist the ceiling and cause congestion. Close monitoring of the network utilization is required.
To be update when necessary.
4. Project Board and Project Team Structure
Mr. Burton Cheng (IT Department )
Project Assurance Information Security Review Project Manager
Always on Time
Marked to Standard
Ms. Esther Tsang Mr. Lewis LEUNG Mr. Wai Lap CHIK
Mr. Joseph LEUNG
Mr. Vincent WONG
Mr. Nicholas CHOI
Team Members' Job and Responsibilities
Main Jobs / Responsibilities
Mr. W.L. CHIK
Project Manager at SCB site
Guideline setting and evaluation of progress
Mr. Joseph LEUNG
Network and firewall setup. Take part in overall administration. Report on exception and difficulty.
Mr. Nicholas CHOI
Server setup and migration.
Mr. Vincent WONG
Support on SAN space assignment and administration
5. Project Controls with Reporting and Monitoring Mechanisms
MRTG chart on network utilization
VSphere server internal performance tool for system monitoring
Automatic tool to be develop upon gaining more experience
Mr. Joseph LEUNG is to monitoring the project and seek help on technical issues. Problems failed to solve in 1 week and no progress from 3rd parties should forward to Mr. WL CHIK who evaluate and escalate to a higher degree.
6. Project Filing Structure
Project Initiation Document
Z:\SSS\Project\Server Consolidation and Virtualization\PID - Server Consolidation and Virtualization.doc
Project Quality Plan
Initial Project Plan
System Test Plan and test case
Source ready for rollout
Object ready for rollout