您现在访问的是微软AZURE全球版技术文档网站,若需要访问由世纪互联运营的MICROSOFT AZURE中国区技术文档网站,请访问 https://docs.azure.cn.

规划 Avere vFXT 系统Plan your Avere vFXT system

本文介绍如何规划 Azure 定位并根据需要适当地设置大小的群集新 Avere vFXT。This article explains how to plan a new Avere vFXT for Azure cluster that is positioned and sized appropriately for your needs.

在访问 Azure 市场或创建任何 VM 之前,请考虑群集如何与 Azure 中的其他元素交互。Before going to the Azure Marketplace or creating any VMs, consider how the cluster will interact with other elements in Azure. 规划好要将群集资源定位在专用网络和子网中的哪个位置,并确定后端存储的位置。Plan where cluster resources will be located in your private network and subnets, and decide where your back-end storage will be. 确保创建的群集节点足够强大,可以支持自己的工作流。Make sure that the cluster nodes you create are powerful enough to support your workflow.

请继续阅读了解更多信息。Read on to learn more.

资源组和网络基础结构Resource group and network infrastructure

考虑好 Avere vFXT for Azure 部署元素的位置。Consider where the elements of your Avere vFXT for Azure deployment will be. 下图显示了 Avere vFXT for Azure 组件的可能排列方式:The diagram below shows a possible arrangement for the Avere vFXT for Azure components:

显示一个子网中的群集控制器和群集 VM 的示意图。

规划 Avere vFXT 系统的网络基础结构时,请遵循以下准则:Follow these guidelines when planning your Avere vFXT system's network infrastructure:

  • 应使用为 Avere vFXT 部署创建的新订阅来管理所有元素。All elements should be managed with a new subscription created for the Avere vFXT deployment. 优势包括:Benefits include:

    • 更简单的成本跟踪 - 在一个订阅中查看和审核由资源、基础结构和计算循环产生的所有成本。Simpler cost tracking - View and audit all costs from resources, infrastructure, and compute cycles in one subscription.
    • 更轻松的清理 - 完成项目后,可以删除整个订阅。Easier cleanup - You can remove the entire subscription when finished with the project.
    • 方便分区资源的配额-保护其他关键工作负荷免受可能限制通过隔离 Avere vFXT 客户端和单个订阅中的群集的资源。Convenient partitioning of resource quotas - Protect other critical workloads from possible resource throttling by isolating the Avere vFXT clients and cluster in a single subscription. 提供大量的高性能计算工作流的客户端时,这可以避免冲突。This avoids conflict when bringing up a large number of clients for a high-performance computing workflow.
  • 将客户端计算系统定位在靠近 vFXT 群集的位置。Locate your client compute systems close to the vFXT cluster. 后端存储可以位于较远的位置。Back-end storage can be more remote.

  • VFXT 群集和群集控制器 VM 应位于同一资源组中,同一虚拟网络 (vnet) 中使用相同的存储帐户。The vFXT cluster and the cluster controller VM should be located in the same virtual network (vnet), in the same resource group, and use the same storage account. 自动化的群集创建模板处理大多数情况下。The automated cluster creation template handles this for most situations.

  • 群集必须位于其自身的子网中,以避免与客户端或计算资源发生 IP 地址冲突。The cluster must be located in its own subnet to avoid IP address conflicts with clients or compute resources.

  • 群集创建模板可以创建该群集,包括资源组、 虚拟网络、 子网,以及存储帐户的所需的基础结构资源的大多数。The cluster creation template can create most of the needed infrastructure resources for the cluster, including resource groups, virtual networks, subnets, and storage accounts. 如果你想要使用已存在的资源,请确保它们满足此表中的要求。If you want to use resources that already exist, make sure they meet the requirements in this table.

    ResourceResource 使用现有?Use existing? 要求Requirements
    资源组Resource group 是的如果为空Yes, if empty 必须为空Must be empty
    存储帐户Storage account 如果创建群集后连接的现有 Blob 容器是Yes if connecting an existing Blob container after cluster creation
    如果在群集创建过程中创建新的 Blob 容器否No if creating a new Blob container during cluster creation
    现有的 Blob 容器必须为空Existing Blob container must be empty
     
    虚拟网络Virtual network Yes 如果创建新的 Azure Blob 容器必须包含存储服务终结点Must include a storage service endpoint if creating a new Azure Blob container
    子网Subnet Yes

IP 地址要求IP address requirements

确保群集的子网具有足够大的 IP 地址范围,以支持群集。Make sure that your cluster's subnet has a large enough IP address range to support the cluster.

Avere vFXT 群集使用以下 IP 地址:The Avere vFXT cluster uses the following IP addresses:

  • 一个群集管理 IP 地址。One cluster management IP address. 此地址可在群集中的不同节点之间移动,但必须始终可用,以便可以连接到 Avere 控制面板配置工具。This address can move from node to node in the cluster but is always available so that you can connect to the Avere Control Panel configuration tool.
  • 对于每个群集节点:For each cluster node:
    • 至少有一个面向客户端的 IP 地址。At least one client-facing IP address. (所有面向客户端的地址由群集的 vserver 管理,此工具可根据需要在节点之间移动这些地址。)(All client-facing addresses are managed by the cluster's vserver, which can move them among nodes as needed.)
    • 一个用于群集通信的 IP 地址One IP address for cluster communication
    • 一个实例 IP 地址(分配给 VM)One instance IP address (assigned to the VM)

如果使用 Azure Blob 存储,则还可能需要群集 VNet 中的 IP 地址:If you use Azure Blob storage, it also might require IP addresses from your cluster's vnet:

  • 一个 Azure Blob 存储帐户需要至少五个 IP 地址。An Azure Blob storage account requires at least five IP addresses. 如果将 Blob 存储定位在群集所在的同一 VNet 中,请记住此要求。Keep this requirement in mind if you locate Blob storage in the same vnet as your cluster.
  • 如果使用群集虚拟网络外部的 Azure Blob 存储,应在 VNet 中创建存储服务终结点。If you use Azure Blob storage that is outside the virtual network for your cluster, you should create a storage service endpoint inside the vnet. 此终结点不使用 IP 地址。This endpoint does not use an IP address.

可以选择将网络资源和 Blob 存储(如果已使用)定位在不包含该群集的其他资源组中。You have the option to locate network resources and Blob storage (if used) in different resource groups from the cluster.

vFXT 节点大小vFXT node size

充当群集节点的 VM 决定了请求吞吐量和缓存的存储容量。The VMs that serve as cluster nodes determine the request throughput and storage capacity of your cache.

每个 vFXT 节点是相同的。Each vFXT node will be identical. 也就是说,如果创建三节点群集,则会获得三个具有相同类型和大小的 VM。That is, if you create a three-node cluster you will have three VMs of the same type and size.

实例类型Instance type vCPUvCPUs 内存Memory 本地 SSD 存储Local SSD storage 最大数据磁盘数Max data disks 非缓存磁盘吞吐量Uncached disk throughput NIC(计数)NIC (count)
Standard_E32s_v3Standard_E32s_v3 3232 256 GiB256 GiB 512 GiB512 GiB 3232 51,200 IOPS51,200 IOPS
768 MBps768 MBps
16,000 MBps (8)16,000 MBps (8)

每个节点的磁盘缓存可配置,范围为 1000 GB 到 8000 GB。Disk cache per node is configurable and can rage from 1000 GB to 8000 GB. 每个节点的 4 TB 是 Standard_E32s_v3 节点的建议的缓存大小。4 TB per node is the recommended cache size for Standard_E32s_v3 nodes.

有关这些虚拟机的其他信息,请参阅 Microsoft Azure 文档:For additional information about these VMs, read the Microsoft Azure documentation:

帐户配额Account quota

确保订阅具有足够的容量,可以运行 Avere vFXT 群集以及所用的任何计算系统或客户端系统。Make sure that your subscription has the capacity to run the Avere vFXT cluster as well as any computing or client systems being used. 有关详细信息,请阅读 vFXT 群集的配额Read Quota for the vFXT cluster for details.

后端数据存储Back-end data storage

当数据不在缓存中时,Avere vFXT 群集应当将数据存储在何处?Where should the Avere vFXT cluster store your data when it's not in the cache? 决定你的工作集是要长期存储在新的 Blob 容器中、现有云中还是硬件存储系统中。Decide whether your working set will be stored long term in a new Blob container or in an existing cloud or hardware storage system.

若要对后端使用 Azure Blob 存储,应在创建 vFXT 群集的过程中创建一个新容器。If you want to use Azure Blob storage for the back end, you should create a new container as part of creating the vFXT cluster. 此选项会创建并配置新容器,以便在准备好群集后,该容器可供使用。This option creates and configures the new container so that it is ready to use as soon as the cluster is ready.

有关详细信息,请阅读创建 Avere vFXT for AzureRead Create the Avere vFXT for Azure for details.

备注

只能将空的 Blob 存储容器用作 Avere vFXT 系统的核心文件管理器。Only empty Blob storage containers can be used as core filers for the Avere vFXT system. vFXT 必须能够管理其对象存储,而无需保留现有数据。The vFXT must be able to manage its object store without needing to preserve existing data.

请阅读将数据移到 vFXT 群集,了解如何使用客户端计算机和 Avere vFXT 缓存高效地将数据复制到群集的新容器。Read Moving data to the vFXT cluster to learn how to copy data to the cluster's new container efficiently by using client machines and the Avere vFXT cache.

若要使用现有的本地存储系统,必须在创建 vFXT 群集后将该系统添加到其中。If you want to use an existing on-premises storage system, you must add it to the vFXT cluster after it is created. 有关如何将现有存储系统添加到 Avere vFXT 群集的详细说明,请阅读配置存储Read Configure storage for detailed instructions about how to add an existing storage system to the Avere vFXT cluster.

群集访问Cluster access

Avere vFXT for Azure 群集位于专用子网中,并且该群集没有公用 IP 地址。The Avere vFXT for Azure cluster is located in a private subnet, and the cluster does not have a public IP address. 必须采用某个方法来访问专用子网以执行群集管理和客户端连接。You must have some method of accessing the private subnet for cluster administration and client connections.

访问选项包括:Access options include:

  • 跳转主机 - 向专用网络中的一个单独 VM 分配一个公用 IP 地址,并使用它来创建到群集节点的 SSL 隧道。Jump host - Assign a public IP address to a separate VM within the private network, and use it to create an SSL tunnel to the cluster nodes.

    提示

    如果在群集控制器上设置公用 IP 地址,则可以使用它作为跳转主机。If you set a public IP address on the cluster controller, you can use it as the jump host. 有关详细信息,请阅读群集控制器用作跳转主机Read Cluster controller as jump host for more information.

  • 虚拟专用网络 (VPN) - 配置到专用网络的点到站点或站点到站点 VPN。Virtual private network (VPN) - Configure a point-to-site or site-to-site VPN to your private network.

  • Azure ExpressRoute - 通过任一 ExpressRoute 合作伙伴配置专用连接。Azure ExpressRoute - Configure a private connection through an ExpressRoute partner.

有关这些选项的详细信息,请参阅有关 Internet 通信的 Azure 虚拟网络文档For details about these options, read the Azure Virtual Network documentation about internet communication.

群集控制器用作跳转主机Cluster controller as jump host

如果你在群集控制器上设置了公用 IP 地址,则可以使用它作为跳转主机来从专用子网外部联系 Avere vFXT 群集。If you set a public IP address on the cluster controller, you can use it as a jump host to contact the Avere vFXT cluster from outside the private subnet. 但是,因为控制器有权修改群集节点,这会带来小小的安全风险。However, because the controller has access privileges to modify cluster nodes, this creates a small security risk.

为了提高安全性具有公共 IP 地址的控制器,部署脚本会自动创建限制为仅端口 22 的入站的访问的网络安全组。To improve security for a controller with a public IP address, the deployment script automatically creates a network security group that restricts inbound access to port 22 only. 可以通过锁定对 IP 源地址范围的访问来进一步保护系统,换句话说,只允许从你打算将其用于群集访问的计算机进行连接。You can further protect the system by locking down access to your range of IP source addresses - that is, only allow connections from machines you intend to use for cluster access.

创建群集时,可以选择是否在群集控制器上创建公用 IP 地址。When creating the cluster, you can choose whether or not to create a public IP address on the cluster controller.

  • 如果创建新的 VNET 或新子网,系统会为群集控制器分配一个公用 IP 地址。If you create a new vnet or a new subnet, the cluster controller will be assigned a public IP address.
  • 如果选择现有的 VNET 和子网,则群集控制器将仅具有专用 IP 地址。If you select an existing vnet and subnet, the cluster controller will have only private IP addresses.

VM 访问角色VM access roles

Azure 使用基于角色的访问控制(RBAC) 授权群集 Vm 执行某些任务。Azure uses role-based access control (RBAC) to authorize the cluster VMs to perform certain tasks. 例如,群集控制器需要授权才能创建和配置群集节点 Vm。For example, the cluster controller needs authorization to create and configure the cluster node VMs. 群集节点需要能够分配或重新分配到其他群集节点的 IP 地址。The cluster nodes need to be able to assign or reassign IP addresses to other cluster nodes.

两个内置的 Azure 角色用于 Avere vFXT 虚拟机:Two built-in Azure roles are used for the Avere vFXT virtual machines:

如果需要自定义 Avere vFXT 组件的访问权限角色,必须定义你自己的角色并向 Vm 中在创建时分配它。If you need to customize access roles for Avere vFXT components, you must define your own role and then assign it to the VMs at the time they are created. 不能在 Azure Marketplace 中使用部署模板。You cannot use the deployment template in the Azure Marketplace. 查阅 Microsoft 客户服务和支持通过 Azure 门户中打开票证,如中所述获取有关您的系统的帮助Consult Microsoft Customer Service and Support by opening a ticket in the Azure portal as described in Get help with your system.

后续步骤:了解部署过程Next step: Understand the deployment process

部署概述大致介绍了创建 Avere vFXT for Azure 系统并使其准备好提供数据所要执行的所有步骤。Deployment overview gives the big picture of all of the steps needed to create an Avere vFXT for Azure system and get it ready to serve data.