03 Compute Cloud Services
03 Compute Cloud Services
03 Compute Cloud Services
Foreword
Compute resources are essential to the development of enterprise service systems. For
cloud computing, compute services are the most important cloud services.
In this section, we will learn about the compute services on HUAWEI CLOUD.
3 Huawei Confidential
Objectives
4 Huawei Confidential
Compute Cloud Services
Elastic Cloud Server Bare Metal Server Auto Scaling Cloud Container Engine
(ECS) (BMS) (AS) (CCE)
5 Huawei Confidential
Contents
6 Huawei Confidential
What Is ECS?
An ECS is a basic computing unit that consists of vCPUs, memory, an OS, and Elastic Volume
Service (EVS) disks. After an ECS is created, you can use it on the cloud similarly to how you
would use your local computer or physical server.
Memory
NIC
Disk Network
vCP vCPU
Image
U
ECS
7 Huawei Confidential
Why ECS?
management
Vulnerability scans
8 Huawei Confidential
ECS Architecture
10 Huawei Confidential
Scenarios – Internet
Application Scenarios
Website R&D and testing, and small-scale databases
Recommended ECS
General-computing ECSs
Recommendation Reasons
ELB VPC Requirements: To minimize upfront deployment and
O&M costs, applications need to be deployed on only one
or just a few servers, but there are no special
requirements for CPU performance, memory, disk
capacity, or bandwidth, strong security and reliability.
Solution: General-computing ECSs provide a balance of
11 Huawei Confidential
Scenarios – E-Commerce
Application Scenarios
Recommended ECS
Memory-optimized ECSs
ELB VPC
Recommendation Reasons
12 Huawei Confidential
Scenarios – Graphics Rendering
Application Scenarios
Graphics rendering and engineering drawing
Recommended ECS
GPU-accelerated ECSs
13 Huawei Confidential
Scenarios – Data Analysis
Application Scenarios
Recommended ECS
Disk-intensive ECSs
14 Huawei Confidential
Scenarios – High-Performance Computing
Application Scenarios
Recommended ECS
ELB VPC High-performance computing ECSs
Recommendation Reasons
15 Huawei Confidential
Purchasing an ECS
Confirm the
Configure basic Configure advanced End
Start Configure network. configurations and
settings. settings.
buy the ECS.
16 Huawei Confidential
Configuring Basic Settings
Set Billing Mode, Region, AZ, CPU Architecture, and Specifications.
17 Huawei Confidential
Configuring Network
Select a VPC, subnet, and security groups for the ECS.
18 Huawei Confidential
Configuring Advanced Settings
Set ECS Name, Login Mode, Cloud Backup and Recovery, ECS Group, and Advanced Options.
19 Huawei Confidential
Access Methods
HUAWEI CLOUD provides a web-based management platform. You can access ECSs through
the management console or HTTPS-based REST APIs.
Use an API if you need to integrate the ECSs into a third- After registering on HUAWEI CLOUD, log in to the
party system for secondary development. management console and click Elastic Cloud Server
under Compute on the homepage.
20 Huawei Confidential
Logging In to a Windows ECS
Select a login method and log in to the ECS.
Password- VNC
authenticated ECS
RDP
Mobile terminal
Mac
21 Huawei Confidential
Logging In to a Linux ECS
The method of logging in to an ECS varies depending on the login authentication configured
when you purchased the ECS.
VNC+Password
Password-
SSH password+EIP
authenticated ECS
Mobile terminal
Key-pair-
SSH key+EIP
authenticated ECS
22 Huawei Confidential
Reinstalling/Changing an ECS OS
Scenarios: If the OS of an ECS fails to start, requires optimization, or cannot meet service
requirements, reinstall or change the OS.
Notes
• Only the original image of the ECS can be used to reinstall the OS.
• Changing the OS will change the system disk of the ECS. After the change,
there will be a new system disk ID, and the original system disk will be
gone.
23 Huawei Confidential
Modifying ECS Specifications
If the specifications of an existing ECS cannot meet service requirements, modify the ECS
specifications as needed, for example, by increasing the number of vCPUs or adding memory.
Notes
To modify the specifications of a yearly/monthly ECS, select the target specification, pay the
difference in price or claim the refund, and restart the ECS.
There is no need to make an additional up front payment and there are no refunds if you modify the
specifications of a pay-per-use ECS.
24 Huawei Confidential
Resetting the ECS Login Password
Scenarios: The ECS password is lost or has expired.
Prerequisites: One-click password reset plug-ins have been installed on the ECS.
Notes: ECSs created using a public image have the one-click password reset plug-in installed by default.
25 Huawei Confidential
Contents
26 Huawei Confidential
What Is BMS?
Bare Metal Server (BMS) combines the scalability of VMs with the high performance of physical servers. It provides
dedicated servers on the cloud, delivering the performance and security required by core databases, critical
applications, high-performance computing (HPC), and Big Data.
VPC Auditing
Storage Backup
27 Huawei Confidential
Why BMS?
Agile High
Deployment Performance
and O&M
28 Huawei Confidential
Configuring Basic Settings
Set Billing Mode, Region, AZ, CPU Architecture, and Specifications.
29 Huawei Confidential
BMS Architecture
30 Huawei Confidential
Scenarios - Core Database
ECS cluster
BMS cluster Application Scenarios
EVS
Requirements: Some critical database services cannot be
deployed on VMs and must be deployed on physical servers
BMS
ECS that have dedicated resources, isolated networks, and assured
performance.
VBS Solution: The BMS service meets these database service
BMS
requirements by providing high-performance servers
dedicated to individual users.
OBS
31 Huawei Confidential
Scenarios - High Performance Computing (HPC)
...
Application Scenarios
Intelligent Connected Smart
Vehicles (ICV) manufacturing
Supercomputing centers and DNA sequencing. For high
performance and high throughput scenarios, BMSs with the latest
... CPUs, coupled with a 100 Gbit/s network, provide low latency and
GPU Accelerated Cloud BMS OBS Big Data
Server high performance services.
(GACS)
Recommendation Reasons
VPC
Requirements: In HPC scenarios, such as supercomputer centers and
Enterprise user DNA sequencing, massive volumes of data need to be processed and
EVS
the computing performance, stability, and real-time responsiveness
BMS BMS need to be stellar.
(HPC node) (HPC node) Solution: HPC node (BMS)
32 Huawei Confidential
Comparisons Between a BMS, ECS, and Physical Server
33 Huawei Confidential
BMS Lifecycle Management
Create
Delete
Search
BMS Stop
Start
Restart
Log in
36 Huawei Confidential
Creating a BMS - Network Configuration
Configure the VPC, NICs, enhanced high-speed NICs, security groups, and the EIP.
37 Huawei Confidential
BMS Network
Five types of networks are available for BMS: VPC, high-speed network, enhanced high-speed
network, user-defined VLAN, and InfiniBand network. They are isolated from each other.
High-speed network
... interface
Bond QinQ
System-maintained VLAN NIC
supporting VPC and high-speed
... network
InfiniBand
ToR VPC HB User-defined VLAN NIC
Switch
InfiniBand NIC
38 Huawei Confidential
BMS Network - VPC
A VPC is a logically isolated, configurable, and manageable virtual network. It helps to improve the
security of BMSs in the cloud system and simplifies network deployment.
39 Huawei Confidential
BMS Network - High-Speed Network
A high-speed network is an internal network between BMSs. It provides high bandwidth for connecting BMSs in the same AZ. If
you want to deploy services requiring high throughput and low latency, you can create high-speed networks.
High-speed networks share the same physical plane with VPCs. A high-speed network carries only east-west traffic and supports
only layer-2 communication because it does not support layer-3 routing.
bond0 bond0
40 Huawei Confidential
BMS Network - Enhanced High-Speed Network
An enhanced high-speed network is a high-quality, high-speed, low-latency internal network for
BMSs to communicate with each other.
Enhanced high-speed BMS BMS
network
Switch
41 Huawei Confidential
BMS Network - User-defined VLAN
You can allocate VLAN subnets to isolate traffic in scenarios such as SAP HANA and virtualization.
User-defined VLAN NICs are in pairs. You can configure NIC bonds to achieve high availability.
42 Huawei Confidential
BMS Network - InfiniBand Network
An InfiniBand network features low latency and high bandwidth, and is good for high performance
computing (HPC) projects. An InfiniBand network supports two communication modes: RDMA and
IPoIB.
To create an InfiniBand network, you must select a flavor that supports InfiniBand NICs during BMS
creation.
43 Huawei Confidential
Creating a BMS - Advanced Configuration
Configure the BMS name, login mode, and advanced settings.
44 Huawei Confidential
Using a BMS - Reinstalling the OS
If the OS of a BMS fails to start, gets infected by a virus, or requires optimization, reinstall the
OS.
45 Huawei Confidential
Contents
46 Huawei Confidential
What Is IMS?
Image Management Service (IMS) allows you
to manage the entire lifecycle of your images.
You can create ECSs or BMSs from public,
private, or shared images. You can also create
a private image from a cloud server or an
external image file to make it easier to
migrate workloads to the cloud or on the
cloud.
47 Huawei Confidential
Why IMS?
Secure Convenient
Thoroughly tested mainstream OSs for Different types of images for cloud
public images server creation
Multiple copies of image files stored on Multiple methods for private image
Object Storage Service (OBS) creation
Private images encrypted by Key
Secure
Private images can be shared or
Management Service (KMS) replicated between accounts, regions,
and cloud platforms
Centralized Convenient
Centralized Flexible
Self-service platform for image Flexible Image management on the console or
management using APIs
Batch deployment and upgrade of Public images, private images, and
application systems Marketplace images for flexible
Compliance with industry standards for choices
service migration between cloud
platforms
48 Huawei Confidential
Image Types
A public image is a standard image provided by the
cloud platform. It contains an OS and various
preinstalled applications, and is available to all users.
A private image is created by users and is visible only
to the user who created it.
A shared image is a private image another user has
shared with you.
A Marketplace image is a third-party image published
in the Marketplace. It has an OS, various applications,
and custom software preinstalled.
49 Huawei Confidential
Scenarios - Migrating Servers to the Cloud or in the Cloud
Application Scenarios
Recommendation Reasons
You can import local images to the cloud platform and use the images to
quickly create cloud servers for service migration to the cloud. You can also
share or replicate images across regions to migrate ECSs between accounts and
regions.
51 Huawei Confidential
Scenarios - Deploying a Specific Software Environment
Application Scenarios
Application OS
...
ECS
Middleware
52 Huawei Confidential
Scenarios - Backing Up Server Environments
Application Scenarios
Middleware Data You can create an image from an ECS to back up the ECS. If
Back up Restore the ECS breaks down for some reason, you can use the image
to restore it.
Application OS
IMS
Middleware Data
53 Huawei Confidential
Creating a Private Image
54 Huawei Confidential
Creating a System Disk Image from a Windows ECS
This course will show how to create a system disk image from a Windows ECS as an example.
Use the
Install the PV Windows ECS
Configure a
Start Install Cloudbase-Init. driver and UVP to create a End
Windows ECS.
VMTools. system disk
image.
55 Huawei Confidential
Configuring a Windows ECS
Prepare a Windows ECS and check whether the ECS NIC is configured to use DHCP.
56 Huawei Confidential
Installing Cloudbase-Init
To ensure that ECSs created from a private image are configurable, you are advised to install
Cloudbase-Init on the ECS before using it to create a private image.
57 Huawei Confidential
Installing the PV Driver and UVP VMTools
To ensure that ECSs created from a private image support both Xen and KVM virtualization,
install the PV driver and UVP VMTools on the ECS before using it to create a private image.
58 Huawei Confidential
Using a Windows ECS to Create a System Disk Image
On the Image Management Service page, click Create Image.
In the Image Type and Source area, select System disk image for Type.
By default, ECS is selected for Source. Select an ECS from the list.
59 Huawei Confidential
Image Management - Modifying Image Information
You can modify the image name, description,
minimum and maximum memory, NIC multi-
queue, and SR-IOV driver.
60 Huawei Confidential
Image Management - Deleting an Image
Note that:
Deleted private images cannot be retrieved. Perform this operation only when absolutely necessary.
After a private image is deleted, it cannot be used to create cloud servers or EVS disks.
After a private image is deleted, ECSs created from the image can still be used and are still billed. However, the OS cannot be
reinstalled for the ECSs and an ECS with the same configuration cannot be recreated.
Deleting the source image of a replicated image has no effect on the replicated image. Similarly, deleting a replicated
image has no effect on its source.
61 Huawei Confidential
Image Management - Sharing an Image
You can share your private images.
62 Huawei Confidential
Image Management - Encrypting an Image
You can create an encrypted image to securely
store data.
Encrypted images cannot be shared with other
users or published in the Marketplace.
The system disk of an ECS created from an
encrypted image is also encrypted, and its key
is the same as the image key.
If an ECS has an encrypted system disk,
private images created from the ECS are also
encrypted.
63 Huawei Confidential
Image Management - Replicating an Image Within a Region
You may need to replicate an image in
the following scenarios:
Creating an unencrypted version of an
encrypted image
Replicating an encrypted image
Creating an encrypted version of an
unencrypted image
64 Huawei Confidential
Image Management - Replicating an Image Across Regions
You can replicate an image from one region to another and use the replicated image to create
identical ECSs. This allows you to more quickly migrate services across regions.
65 Huawei Confidential
Image Management - Exporting an Image
You can export an image if you want to:
Store the image on specified storage
devices.
Use the image to create servers on other
cloud platforms.
66 Huawei Confidential
Contents
67 Huawei Confidential
What Is AS?
Auto Scaling (AS) automatically adjusts resources to keep up with changes in demand based on pre-
configured AS policies. You can specify AS configurations and policies based on service requirements.
These configurations and policies free you from having to repeatedly adjust resources to keep up with
service changes and spikes in demand, helping you reduce the resources and manpower required.
vCPU
3 GB 32 GB ROM
68 Huawei Confidential
Why AS?
Improved
High fault tolerance availability Improved availability
AS checks ECSs powering AS ensures proper resources deployed
applications and replaces faulty for applications.
instances with new ones.
69 Huawei Confidential
AS Architecture
AS automatically adjusts compute resources based on service demands and configured AS policies. The number of
ECS instances changes to match service demands, ensuring service availability.
Configure a scheduled or periodic
Configure an alarm-based policy.
policy.
Add Remove
300 visits 1000 visits 300 visits
Cloud Eye ECS Scheduled
Controls
Scaling triggered by alarms based on scaling. Scaling triggered by a scheduled or
metrics, such as vCPUs, memory, disk, periodic policy
or incoming traffic
70 Huawei Confidential
Scenarios – Web Applications
Application Scenarios
E-commerce
website
E-commerce websites
Heavy-traffic web portals
ELB
Recommendation Reasons
....
E-commerce: During big promotions, E-commerce websites
AS ECS ECS
need more resources. AS automatically scales out ECS
instances and bandwidth within minutes to ensure that
Content update promotions go smoothly.
Heavy-traffic portals: Service load changes are difficult to
Website data (images, static web pages, large files,
and videos) predict for heavy-traffic web portals. AS dynamically scales
in or out ECS instances based on monitored ECS metrics,
such as vCPU usage and memory usage.
OBS
71 Huawei Confidential
AS Basic Concepts
Scaling actions triggered by Execution interval of alarm-based Scaling of bandwidth based on the
configured AS policies policy bandwidth scaling policy you
configured
72 Huawei Confidential
Getting Started with AS
73 Huawei Confidential
Creating an AS Configuration
Configuration Template options
If you have special requirements on the You can use an existing ECS to quickly create
specifications of the ECSs used for capacity an AS configuration. Then, the specifications
expansion, specify the specifications in a of this ECS, such as the vCPUs, memory,
template and use it to create an AS image, disk, and ECS type, will be applied to
configuration. Then, the specifications will be ECSs added to the AS group in scaling actions.
applied to the ECSs added to the AS group in
scaling actions.
74 Huawei Confidential
Creating an AS Group
An AS group consists of a collection of instances and AS policies that have 1
similar attributes and apply to the same scenario. It is the basis for enabling or
disabling AS policies and performing scaling actions.
AS automatically scales in or out instances or maintains a fixed number of
instances in an AS group through scaling actions triggered by configured AS
policies.
When creating an AS group, you need to configure parameters, such as Max.
Instances, Min. Instances, Expected Instances, and Load Balancing.
75 Huawei Confidential
Creating an AS Policy
Main parameters: Policy Type and Cooldown Period
76 Huawei Confidential
Contents
77 Huawei Confidential
What Is CCE?
Cloud Container Engine (CCE) is a highly scalable, high-performance, enterprise-class
Kubernetes service for you to run containers and applications. With CCE, you can easily deploy,
manage, and scale containerized applications on HUAWEI CLOUD.
78 Huawei Confidential
Why CCE?
79 Huawei Confidential
CCE Architecture
Graphical Console K8s native API K8s native CLI
Event
Container K8s cluster K8s container
Auto scaling orchestration management orchestration
81 Huawei Confidential
Scenario - Auto Cluster Scaling
Function Description
Kubernetes cluster CCE adjusts compute resources based on auto scaling policies
to handle fluctuating service loads. Specifically, CCE
automatically adds or reduces cloud servers for your cluster or
Node N
containers for your workload.
Agent Benefits
EL Node 2
B Flexible: Multiple scaling policies are supported and
containers can be provisioned within seconds when specific
User Node 1 conditions are met.
Highly available: Pods are automatically monitored and
82 Huawei Confidential
Scenario - DevOps
Function Description
CCE automatically completes code compilation, image build,
grayscale release, and container-based deployment based on code
sources. CCE can interconnect with your CI/CD systems. You can
containerize traditional applications and deploy them in the cloud.
Testing
CI/CD
83 Huawei Confidential
Scenario - Hybrid Cloud
HUAWEI K8s cluster
CLOUD Function Description
Environment-independent containers allow you to seamlessly
App App migrate applications and data between private and public clouds.
ELB K8s cluster You can achieve efficient resource usage and realize disaster
Software recovery (DR).
Repository for
Container
App App
Container service
SWR
Benefits
Same container O&M
DC or VPN
image and chart personnel
Lower costs: Resource pools on HUAWEI CLOUD support
rapid service scaling during peak hours, for only a fraction of
User K8s cluster
the cost involved in building private clouds from scratch.
On-cloud DR: Your services can be deployed both on-premises
84 Huawei Confidential
Scenario - AI Computing
Use Case
K8s cluster Node 1 AI computing
Benefits
Machine learning
services
Outstanding performance: The bare-metal NUMA
GPU acceleration architecture and high-speed InfiniBand NICs drive a three-
Master to five-fold improvement in AI computing performance.
Efficient computing: GPUs are shared and scheduled
ELB
User
among multiple containers, greatly reducing computing
Machine learning costs.
services
Proven success: AI containers are compatible with all
85 Huawei Confidential
CCE Concepts
A cluster is a collection of cloud resources required for running containers, such as cloud
Cluster servers and load balancers.
A pod consists of one or more related containers that share the same storage and network
Pod space.
A Service is an abstraction which defines a logical set of pods and a policy by which to
Service access them (sometimes this pattern is called a microservice).
A container is a running instance of a Docker image. Multiple containers can run on the
Container same node.
Image An image is a binary that includes all of the requirements for running a container.
86 Huawei Confidential
CCE Configuration Process
87 Huawei Confidential
Creating a Cluster
When creating a CCE cluster, set the billing mode, region, cluster version, management scale,
and number of master nodes.
88 Huawei Confidential
Scaling a Cluster
CCE automatically scales a cluster (adding or releasing worker nodes) according to the scaling
policies you configure. For example, when workloads cannot be scheduled into the cluster due
to insufficient cluster resources, scale-out will be automatically triggered.
89 Huawei Confidential
Upgrading a Cluster
Currently, you can upgrade only CCE clusters containing VM nodes. CCE clusters consisting of
BMS nodes or nodes created from private images, CCE Turbo clusters, and Kunpeng clusters
cannot be upgraded.
90 Huawei Confidential
Contents
91 Huawei Confidential
What Is DeH?
A Dedicated Host (DeH) is a physical
server fully dedicated for your own
services. DeH allows you to ensure
performance by keeping compute
resources isolated. DeH also allows you
to use your existing software licenses, so
you can leverage existing investments to
save money.
92 Huawei Confidential
What Is FunctionGraph?
FunctionGraph allows you to run your code
without provisioning or managing servers, while
ensuring high availability and scalability. All
you need to do is upload your code and set
execution conditions, and FunctionGraph will
take care of the rest. You pay only for what you
use and you are not charged when your code is
not running.
93 Huawei Confidential
Quiz
1. (True or False) There is a hypervisor layer in containerization, just like the traditional
virtualization featuring VMs.
A. True
B. False
2. (True or False) The functions of an IMS image are the same as those of an ISO image.
A. True
B. False
94 Huawei Confidential
Summary
This chapter described compute cloud services. After completing this course, you will
be able to understand each phase of technical transformation, from hardware,
virtualization, cloud platform, and to cloud services. In this process, many new
products, such as Elastic Cloud Server (ECS) and Cloud Container Engine (CCE) will
be used. Both of these products can be used to deploy application systems, but the
technical architectures are different. Therefore, to better help enterprises migrate their
service systems to the cloud, you need to clearly understand the technical details of
each cloud service.
95 Huawei Confidential
Recommendations
Huawei iLearning
https://e.huawei.com/en/talent/
HUAWEI CLOUD Help Center
https://support.huaweicloud.com/intl/en-us/help-novice.html
HUAWEI CLOUD Academy
https://edu.huaweicloud.com/intl/en-us/
96 Huawei Confidential
Acronyms and Abbreviations
AI: Artificial intelligence
API: Application Programming Interface
AS: Auto Scaling
BMS: Bare Metal Server
CCE: Cloud Container Engine
CI/CD: Continuous Integration/Continuous Delivery
CISC: Complex Instruction Set Computer
CPH: Cloud Phone
CPU: Central Processing Unit
DeH: Dedicated Host
97 Huawei Confidential
Acronyms and Abbreviations
DevOps: Development and Operations
DHCP: Dynamic Host Configuration Protocol
ECS: Elastic Cloud Server
EI: Enterprise Intelligence
GPU: Graphics Processing Unit
HPC: High Performance Computing
HTTPS: Hypertext Transfer Protocol over Secure Sockets Layer
IB: InfiniBand
IMS: Image Management Service
K8s: Kubernetes
98 Huawei Confidential
Acronyms and Abbreviations
IPoIB: Internet Protocol over Infiniband
NUMA: Non-Uniform Memory Access
RDMA: Remote Direct Memory Access
RISC: Reduced Instruction Set Computer
SR-IOV: Single Root Input/Output Virtualization
VLAN: Virtual Local Area Network
VPC: Virtual Private Cloud
99 Huawei Confidential
Thank you. 把数字世界带入每个人、每个家庭、
每个组织 , 构建万物互联的智能世界 .
Bring digital to every person, home, and
organization for a fully connected,
intelligent world.