Simplifying administration and enhancing user experience for QTSC through Private cloud solution

About QTSC

Established in 2001, Quang Trung Software City (QTSC) is one of the key projects for the development plan of Ho Chi Minh City (HCMC). Over the past 15 years, QTSC has become the largest software city in Vietnam, covering a total area of 43 hectares and hosting 55 information technology (IT) companies with over 21,000 employees.

QTSC-Telecom is a subsidiary of QTSC, responsible for ensuring infrastructure and providing diverse telecommunications and IT services, including internet connectivity, data center infrastructure services, cloud computing services, business continuity assurance services, e-government infrastructure services, and information security assurance services. These services cater to the activities of businesses within QTSC as well as other enterprises and government agencies in HCMC and throughout Vietnam.

Current Status and Needs

QTSC is one of the pioneering organizations in Vietnam that provides cloud-based telecommunications and IT infrastructure services for businesses, particularly government agencies, with shared applications, email systems, and e-government infrastructure. However, the cloud computing platform that has been established for a while has revealed some limitations in terms of management capabilities, interaction capabilities, and responsiveness to customer requirements.

Meanwhile, with the rapid growth of cloud computing, the demand for service provision from businesses, government agencies, and individuals is increasing quickly. This not only requires the addition and upgrade of IT infrastructure equipment but also calls for the improvement of technology and management processes in cloud computing systems, aiming to:

  • Optimize operations and simplify administration.
  • Build a cloud computing platform with high user interaction capabilities.
  • Integrate automation into infrastructure and service development to accelerate the time-to-market of products and services.

Challenges in the Implementation Process

The infrastructure system of QTSC-Telecom currently provides services to e-government, critical agencies, and businesses, making any changes and innovations in the operating model a significant challenge. Careful and meticulous calculations are necessary for each work item to minimize service disruptions

The IT infrastructure, especially the network infrastructure of QTSC-Telecom, is highly complex and consists of multiple components from different manufacturers. It features specialized network layers that are segmented and protected by dedicated firewall devices. Upgrading or making changes can lead to unforeseen errors, resulting in time-consuming troubleshooting.

Due to the urgent need to upgrade service quality for customers, QTSC-Telecom must swiftly accelerate the deployment of the solution in the last quarter of 2020, ensuring that services are ready to be provided by the beginning of 2021.

HPT's Solution

HPT, as a trusted and longstanding partner of QTSC, has been chosen by QTSC to implement the project. After a thorough survey and detailed analysis of the current situation, closely collaborating with QTSC, VMware, and nearly all equipment and solution providers for QTSC, HPT and QTSC have agreed on the design and commenced the project implementation in late 2020. The key components and stages of the project are as follows:

1. Deployment of the VMware vRealize Suite Private Cloud Solution

The VMware vRealize Suite is the chosen solution for QTSC-Telecom, utilizing VMware's most advanced virtualization technology combined with renowned products such as vSphere, vCenter, vRA, vRO, vROM, NSX, and SRM. This creates a multi-tasking, flexible, and highly responsive cloud computing system.

The system is built in a cluster model, consisting of the following components:

  • F5 BigIP Cluster is used as the load balancing system.
  • The vRA system provides information for automation, certificate management, and configuration.
  • The IaaS Manager system handles logic operations, interactions, and lifecycle management of virtual servers.
  • The IaaS Web Server system is used as the administration interface and user task interaction.
  • The MS SQL Always On system serves as the primary data storage.
  • The NSX system provides an automated networking environment.
  • The vRO system is used for automation tasks.
  • The vSphere and vCenter systems provide the virtualization environment.

2. Building IaaS Automation Blueprints and Workflows

HPT, based on the practical requirements of QTSC, will design and develop pre-built designs and service processes (referred to as blueprints) on vRA to facilitate rapid and simplified infrastructure deployment. With just a few clicks on the vRA interface, users can create an IT infrastructure with diverse components such as load balancers, frontend web servers, web service servers, database servers, cache servers, etc. These servers will be interconnected and automatically provisioned with defined network configurations. In just a few minutes, users will have a complete IT system ready to support application and service development.

3. Implementing DC-DR Solution with NSX

Network connections will be virtualized using NSX, combined with NSX components to perform tasks such as security, routing, and switching on the VMware infrastructure. This enables administrators to manage a unified network system and integrate with security devices from various vendors to enhance system security. Additionally, the solution allows for stretch clusters, extending a logical data center across multiple physical locations, reducing the need for network management resources, especially in cases where workloads are spread across different workload domains.

The main components of the NSX model include:

  • NSX Manager (Primary + Secondary): Provides a GUI and API for creating, configuring, and monitoring NSX components.
  • Controller Cluster: The control component that manages virtual networks and overlay tunnels.
  • Edge Services Gateways (ESG): Used for edge routing between NSX and external networks or between different UDLRs.
  • UDLR: The key component for routing between VXLAN, virtual networks, and physical networks. It enables communication between virtual machines within the logical switch.

Result of the project

After more than 3 months of implementation using a parallel and incremental approach (to avoid disrupting the services provided by QTSC), followed by training and 24/7 technical support for operation and issue resolution, fine-tuning of scripts and operational procedures, HPT has successfully deployed and integrated the Private Cloud solution based on VMware vRealize Suite for QTSC. This is a large and complex solution that requires the deployment team to have deep expertise, a clear understanding of requirements, and effective collaboration with the customer.

The upgraded private cloud system has enabled QTSC-Telecom to automate the installation and deployment of applications and tasks. Installations can be based on pre-built templates and scripts, minimizing the time required to build the IT infrastructure and accelerating the speed of bringing products and services to the market to serve customers.

The system also provides a GUI interface, allowing end users to interact and perform management functions and resource allocation for servers and networks. It supports user provisioning, permission management, and revocation. Additionally, the system fully supports DevOps capabilities, enabling QTSC-Telecom administrators to automate the provisioning and decommissioning of virtual machines, automatically scale resources based on actual workload needs. Moreover, the Private Cloud is scalable, compatible, and integrated with hyper-V, OpenStack, KVM, and public clouds like AWS, Azure, providing diversity in system construction and integration.

The implementation of the DC-DR model with NSX increases network readiness, simplifies network construction and management, and contributes to the stability of services, even in the event of a disaster.