E-Government Cloud (E-government Cloud) belongs to governmental cloud, combines the characteristics of cloud computing technology, streamlines, optimizes and integrates government management and service functions, and realizes various business process management and function service through informatization means. Provide reliable basic IT service platform for government departments at all levels. E-Government cloud through the unified standard not only conducive to the interconnection between the various government clouds, to avoid "information island", but also to avoid duplication of construction, save construction funds.
Ningbo e-Government cloud by Ningbo, the purpose is to improve e-government services for Ningbo to form a convenient and scalable infrastructure cloud platform, and then the traditional e-government applications to the cloud platform, can effectively improve its service efficiency and service capabilities.
The origin of cloud construction
Cloud Construction has a long history, many enterprises and governments have claimed that our information center construction is cloud, but these are really clouds?
• Parrot: The cloud Computing project, but in fact is the construction of data set, will be based on the data set of projects are called "cloud computing", the concept of packaging far away from the cloud computing technology and service model itself.
• Virtualization is the cloud: the use of server virtualization software (such as VMware ESX, etc.), the existing engine room servers and new servers for virtualization integration, the existing business applications from physical machine deployment to virtual machine deployment. But does not realize the cloud computing "the self-service application, the automation orchestration, the fast delivery" the core value, is not the real meaning "the cloud computing".
• Lack of AC service on the cloud: purchasing servers, storage, network, virtualization software, cloud Platform software to build a real cloud platform, but this platform does not run the key business applications, the Bureau is also unwilling and their own business applications migrated to the cloud platform, the "cloud" effect has not really played out.
• Construction decentralization: The same province, the same system has a number of cloud computing project construction, size, standards and architecture are different, cloud computing center resources and operation of the lack of vertical unified management, not to mention the sharing of resources up and down. Unable to use these numerous resources to solve the problem of sudden impact and backup, can not achieve the real demand for cloud computing, flexible expansion of the purpose.
So, the real cloud should be like this.
Hardware layer: Build servers, networks, storage resource pools, and consider multiple tenants and different security levels of business isolation, each resource pool may be a physical or logical construction.
IaaS layer: The IaaS layer mainly includes the virtualization layer and the cloud service layer. Through the virtualization technology, the solution coupling between resources and physical devices is realized, which satisfies the rapid deployment and migration of the business system. Through the cloud service layer to realize the resource self-service request, each tenant's organization management and the business flow approval, as well as the tenant request resources carries on the automation orchestration and the delivery.
PAAs layer: The PAAs layer needs to realize the unified authentication authorization, the unified Data Service and the Cross-platform development and the operating environment, guarantees the future business application background data unification, the architecture unification, provides the foundation for the Cross-platform deployment and the government affairs data sharing.
Business layer: In order to ensure the good compatibility of the existing government affairs business a application system, can let more bureau to move the business to the government cloud platform, need to provide compatible with the virtual machine in the non cloud environment, do not change the existing software deployment environment, deploy the business migration to the virtual machine.
Ningbo e-Government cloud construction scheme topology map
Network construction
In the two centers, 2 sets of CE12808 core switches are deployed to achieve virtualized clusters, with 6 pairs of bare fiber connections between them, of which 4 pairs are used as business channels and 2 pairs for future extensions. In addition to the CE12808 side of each set hanging USG6650 Unified firewall for security filtering.
It construction overview
It construction mainly focuses on the construction of two pools, that is, cloud computing resource pool and storage resource pool, the computing resources of Ningbo e-Government cloud construction are pooled by business classification, and the integration of server resources is realized by virtualization, and the disaster tolerance is also taken into account. At the bottom of the storage layer is a dual-live data center approach to build.
It Construction-computing pool
Users are divided into 8 Business Server clusters based on their current business functions, with each cluster using 2 S5710-52c-ei for application pooling and N server deployment VMware virtualization. In addition to the benefits of the old server, another new purchase RH2288 V2 Server 24 units for business needs.
It Construction-storage pool
2 sets of SNS2248 fiber switches are deployed in the two-center rooms, and 4 pairs of raw fiber-optic switches are deployed between the rooms.
Each of the two rooms deployed a set of virtual storage Gateway vis6600t,vis6600t for the two-node configuration, 2 computer room through the fiber switch interconnection to form 4 node cluster, improve the virtualization performance and stability.
Each of the two rooms deployed a set of s5600t Unified Storage array, through the virtual gateway to achieve a dual-live data center deployment. At the same time, backup critical data to an old store and improve the security of critical data.
Network Management Unified
Ningbo e-Government cloud hardware equipment platform has a unified management network, the use of Huawei S12808 a virtual many functions to achieve a cluster-type core switch under a fictitious and independent management subnet, the subnet connected to all the hardware devices on the cloud platform, can support the implementation of the same Web section Unified network Management. This is also the biggest advantage of Huawei's data center program.
Break the tradition and drive efficient office
• Reduce government spending
It will cost more than decentralized construction to centralize the purchasing expenditure of e-government in various government departments and regions to build a cloud computing platform.
• Provide strong backstage guarantee for the operation of government affairs portal, the development of government information resources and the application of government affairs system
Government Information disclosure contains a large number of pictures and video information, government sites need to deal with massive data, it needs to use IaaS as the core of the cloud Computing Center as an effective support. At the same time, with the development and utilization of government information resources, large data centralization and information exchange require high computational ability. The cost of the construction and operation of the traditional government data center is rising, so we need to use the cloud computing model to improve the efficiency of the data center and reduce the construction cost of the government data center.
· PAAs as the core cloud service platform will help "service-oriented government system" construction
The establishment of e-government system can make government workers know the most concerned problems in time, make the policy and laws drawn by government departments more clear, can improve the efficiency of government, shorten the distance between government and people, and maintain social stability.
• Cloud-based exchange platform will achieve synergy between government departments ' information linkage and governmental affairs work
The feature of "information integration and resource sharing" in cloud computing mode will play a great role in e-Government information exchange platform, through the application of Exchange platform, establish "Information Bridge" between government departments, government departments and social service departments, and connect each unit's e-government system to the cloud platform. Through the internal information drive engine of the cloud platform, to realize the coordination of information integration, exchange, sharing and government affairs among different e-government systems will greatly improve the overall working efficiency of the governmental organs at all levels.
Project Win Point
• Integrated hardware solutions, integrated network management solutions, mature cloud Model solutions cast customer success;
• Adopt a layered framework to achieve scale-out of various levels and facilitate future expansion;
• All layers adopt advanced virtualization technology to realize hardware redundancy and performance overlay of network equipment, 0 interruption of business system and loss of data 0.
Post-Business Growth point
• High-performance database cluster area implemented after business growth;
• Increase the development test area;
• Increase the unified operation dimension area;
• The cloud of information centres of other government agencies;
• The extension of the local government cloud;
• The cloud of storage.
Project experience Sharing
From the overall solution
• Cloud's big integration project, the first heavy operation dimension, at present can realize integration integration hardware platform only Huawei;
• The Government's own technical staff is weak, once there are problems, the most fear is the shifting responsibility;
• Cloud platform architecture with strong scalability and compatibility, to reassure users of the future by a vendor bundle of concerns;
• Full redundancy of network hardware plus OS virtualization to ensure network security and user business is sustainable;
• Storage virtualization plus a dual-live data center to ensure data business continuity, user data 0 loss and isomerization of old equipment integration.
From the product
• Huawei as a world brand, with a good reputation, and product cost-effective;
• Huawei research and development capabilities of the world leader, and follow-up has been guaranteed;
• Backbone network with the industry's best performance and the most scalable switches to ensure that users in the next 5 years of business growth network demand;
• Server virtualization focus on computing capabilities, Huawei server performance testing the world leader;
• Storage virtualization performance can be linear growth and ensure dual-live data center performance advantages, storage arrays using advanced RAID2.0 architecture, plus the expansion of the cache and the internal storage of LUNs to ensure front-end business data read and write performance of the strong output.