Converged Campus Cloud

Background

Construction trend

During the Education Informationization 2.0, campus informationization has entered the stage of new smart campus construction, and the campus service system has transitioned from the "construction + application" mode to the "convergence + innovation" mode. Major Tasks in 2021 released by the Ministry of Education of PRC brought forward the task: ensure high-quality planning that meets the time requirements for the "14th Five-Year".

The traditional campus data center is constructed as a service-oriented silo, aiming to implement functions. In the construction stage of the new smart campus and the "14th Five-Year Plan", computing, storage and other resources are required periodically during the teaching process, and quick deployment of the basic or innovative experimental environment is required for scientific research. Besides, the smart service system updates rapidly. It is crucial to implement the construction of the smart campus with the idea of "cloud-enabling".

Customer pain points

1. Traditional hardware

• Early hardware facilities of the campus service system are constructed as silos, in which IT resources are inflexibly dispatched, physical resources feature poor scalability, and linear expansion is not supported.

• Hardware resources for different departments are constructed repeatedly, resulting in low usage or even waste of IT resources.

• The operation and maintenance (O&M) and management interfaces are not unified, resulting in unsustainable operation and updates of data and information.

2. Current virtualization

• Teaching experiments periodically require stable environments for computing and storage, and scientific research and innovation require R&D and testing environments. However, traditional virtualization is insufficient in service functions in scenarios of teaching, scientific research, and innovation.

• Traditional virtualization cannot support the construction of a campus resource platform. O&M personnel struggle to cope with resource application methods including telephone and email, as well as manual network and security adjustment and matching after computing resources are created.

3. Current campus cloud platform

• The faculties and departments of campuses have increasing demands for computing resources in teaching and scientific research. However, the existing campus-level IT resource platform cannot provide such support, and the resource procurement process takes a long time.

• The data center capacity and budget for the campus cannot support the data recovery of important service systems.

Solution overview

Overall architecture of the campus cloud solution

In 2020, based on the overall development strategy of Unicloud, Tsinghua Unigroup announced the integration of its private cloud, public cloud, artificial intelligence (AI), video cloud, and software service capabilities, and established the "Unicloud and Smart Business Group". H3C fully unifies the technology, brand, market, and service, presents an entirely new appearance with the new "Unicloud" brand, and strives to develop the "Cloud & Intelligence" business.

Based on OpenStack, K8s, KVM, and other mainstream open-source architectures, H3C campus cloud solution is compatible with existing platforms and can be expanded on demand and evolves smoothly, providing customers with various implementation solutions including homogeneous hybrid cloud, heterogeneous hybrid cloud, and UIS on UniCloud to create a full-stack smart integrated solution for full-scenario coverage.

Key service capabilities

Compatible with mainstream virtualization/bare metal environments

H3C cloud management platform is compatible with the mainstream operating environments of data centers. It can migrate existing resources to the cloud, make reasonable use of existing resources, and flexibly meet expansion needs.

Same network with heterogeneous resources

Unified resource pooling of bare metal servers and cloud hosts: H3C is the first one in China to support the L2 forwarding within the same network segment for bare metal and cloud hosts. The Leaf switch supports VXLAN termination, and the full interconnection structure performs the Layer 2 forwarding in the Spine device, eliminating the performance bottleneck of the L3 gateway.

It adopts the "SDN + Overlay" EVPN solution to decouple logical and physical networks, and uses a hardware switch as an Overlay gateway, connecting heterogeneous resources such as virtual machines, bare metal, and minicomputers to the service virtual network.

Integrated security cloud service

Integrated deployment: The security cloud platform is closely integrated with the cloud management platform. The tenant/account/asset information is automatically synchronized, and no additional physical resources are required for deployment.

Integrated service catalog: The security cloud implements resource management, policy management, and resource monitoring for various security services on the cloud, and delivers a more complete service catalog with the cloud management platform.

Integrated dispatching: Same as other services on the cloud management platform, the security cloud can also dispatch the SDN controller to schedule, orchestrate, configure, and deliver security services.

Various implementation forms

It supports flexible and diverse implementation forms including private cloud, homogeneous hybrid cloud, and heterogeneous hybrid cloud. The "simple" hyper-converged resources are comprehensively pooled for a smooth upgrade to an "efficient" resource convergence platform for the campus, implementing the unified management and intelligent dispatching of campus computing power, and laying a technological foundation for the innovation of campus informationization. The "smart" digital mid-end provides data processing tool components for the whole process, and establishes a data standard system that meets the characteristics of campus informationization and an accurate digital brain for the innovation of campus informationization.

Solution highlights

Full-stack and full-scenario

With the standardized converged architecture, the solution provides various IaaS and PaaS services, including computing, storage, network, security, AI, big data, Docker, microservices, and DevOps.

Compatible and open

The solution is compatible with VMware, Hyper-V, KVM, Xen, and CAS heterogeneous virtualization platforms and supports virtualization of PowerVM and HP minicomputers. Moreover, the solution is compatible with multiple manufacturers' device storage, heterogeneous Virtual eXtensible Local Area Network (VXLAN), and third-party security devices. Existing resources can be migrated to the cloud to achieve unified and flexible dispatching of IT resources.

Flexible self-service

The cloud network security integration solution implements flexible self-service and efficient control of computing, storage, network, and security, as well as the north-south and east-west service chain. AsiaInfo’s agentless antivirus software fully guarantees the security of access, application, and data.

Market practice

Customer benefits

• Data center resources are managed in a unified manner, which provides an integrated full-stack service catalog for teachers and students. IT resources can be flexibly scheduled.

• The cloud network security integration architecture provides "public cloud" services to build a cloud for the campus and IT resource services for all faculties and departments of the campus, improving equipment utilization and reducing the overall construction costs.

• Innovative services such as AI and big data, as well as PaaS services such as containers, microservices, and development and testing cloud environments are available, building a flexible and stable environment and experimental platform for teaching and scientific research.

• The homogeneous hybrid cloud, heterogeneous hybrid cloud, and UIS on UniCloud create a comprehensive hybrid cloud that enables easier access to and more convenient utilization of the cloud. It can meet soaring computing requirements and support critical data recovery of major services on demand in a timely manner.

Excellent practice

H3C campus cloud

H3C assists 20 A-class universities with the campus cloud, accounting for nearly 50%. More than 350 universities participate in campus cloud practice.

Tsinghua University

Goal: Provide comprehensive IT resource services covering teaching projects and scientific research projects for 50,000 teachers and students in the university, implement the isolation and differentiated security protection of IT resources for different research groups of faculties and departments, and provide the cloud drive service for each teacher and student.

Solution components: H3Cloud OS Education Edition (2000VM) as the overall cloud platform operating system, H3C CAS (240 CPU) as the server virtualization platform, H3C ONEStor (13 PB) distributed storage as a unified cloud storage resource pool, an SDN-based 100G core switching network with two M9006 integrated security gateways as a unified cloud network or cloud security resource pool, and 120 HPE DL380 servers as hardware computing and storage resources. The overall cloud platform supports IPv6.

The service catalog of the H3C cloud platform is comprehensive and concise and connected to the unified authentication system of the campus, which is convenient for teachers and students to use. The 100G cloud drive service is available for all teachers and students. The SDN-based cloud-network convergence function meets the requirements of dynamic security protection for different faculties and departments. The cloud platform fully supports IPv6 (virtualization, cloud platform, cloud network, and cloud security). The same manufacturer provides the overall solution, and different components of the cloud platform are well linked, which is convenient for unified management and maintenance.

Xi'an Jiaotong University (XJTU)

XJTU is a key comprehensive research-oriented university in China under the direct administration of the Ministry of PRC, one of the first nine universities of the "985 Project", and also one of the 36 A-class universities. Taking the lead to implement the informationization construction, XJTU has built complete application systems for teaching, learning, high-performance computing, campus management, and campus services. To integrate resources and adapt to the rapid development of smart campus needs, it is necessary to build a unified campus cloud platform.

The solution consists of H3Cloud OS, H3C Cloud CMP, and H3C CAS. H3C cloud network security O&M integrated solution simplifies O&M and adopts security devices such as the multiservice integrated gateway H3C SecPath M9000 series products, the unified O&M platform U-Center, ONEStor distributed storage system, hyper-converged all-in-one machine, and switch.

H3C campus cloud solution helped XJTU implement the cloud-enabled management of two campuses, and solved the O&M difficulties of two campuses for administrators of the XJTU network center with the integrated O&M solution of campus cloud network security.