Cloud infrastructure from scratch

Cloud infrastructure from scratch

The case study describes the project in which we have deployed and configured an IT infrastructure based on Windows OS servers.

PROJECT SPECIFICS

The customer was focused on the fact that infrastructure management after migration to the SIM-cloud will be concentrated in the hands of his technical staff. Therefore, the SIM-Networks technical support specialists taught the client’s staff the basic skills for working with the OpenStack platform.

Preferring to keep his usual proprietary Windows server OS, the client wished SIM-Networks experts would be involved in software products licensing.

Customer’s requirements specification:

  • deploy IT infrastructure and conduct personnel training connected to the use of the SIM-Cloud;
  • set up network connection between client instances;
  • create and configure network tunnels between the client's office and its cloud infrastructure, as well as between the cloud infrastructure and a separate development platform (stage).

PROJECT IMPLEMENTATION

Having started the project, we estimated the IT infrastructure deployment degree of complexity, taking into account the need to configure an IPsec VPN between the OPNsense cloud virtual router and the Kerio client router in site-to-site mode.

The customer did not give us access to the nodes, that was the tunnel tuning and diagnosing specifics. Configuring the L2TP tunnel between the router and client instances was done in order to bypass the limitations of Windows OS, taking into account the features of work for NAT (Network address translation). As a result, we found an effective way to enable permission to connect to the L2TP / IPSec server, if it is behind NAT.

IT infrastructure scheme proposed by SIM-Networks technical experts

IT infrastructure scheme proposed by SIM-Networks technical experts

We have made a comprehensive training connected to the cloud infrastructure management, where we have learnt the customer’s technical staff to create new disks, set their volume depending on the selected operating systems, and run instances on disks.

With the help of our technical experts, customer’s employees were able to configure the interaction of instances in the network, taking into account the separately located DevOps site, to set permissive rules for incoming traffic and restrictions on the instance ports, using security groups.

The client received practical recommendations on how to configure VPN, firewall, routing and optimal organization of NAT for web servers Internet access.

The possibility to switch from Windows trial versions to licensing ones without losing custom settings while resetting was very important for the customer. We have familiarized the client’s staff with the features of licensing and leased the package of distributions necessary for work.

PROJECT SUMMARY

Based on our experience and customer wishes, we have built the IT infrastructure in SIM-Cloud from scratch. During the project, the network connection between customer’s instances was set up; network tunnels are configured between the client’s office and the cloud infrastructure, as well as between the cloud infrastructure and the devops site.

The customer’s staff has received a full-fledged training connected to the basics skills for working with the cloud and has independently made the first settings.

The customer has received a license from SIM-Networks for all distributions necessary for the infrastructure operation.


More cases