In Valid Logic

Endlessly expanding technology

Datacenter fun

<p>I had posted a while ago about my fascination with servers, and this weekend I expanded upon my setup a little bit further.  I previously had a single server installed, and additional hardware spam filter.  Recently I'd decided the spam filter wasn't working out quite how I liked it since their licensing of "per-user" was too wide on what was considered a user.  Additionally, on the main server, I was pretty much reaching my capacity in terms of disk space.</p> <p>After 6 months of having it deployed, I had it to a nice level where the services I was offering were nice and stable, the server was paying for itself pretty well, and I'd decided to kick it up a notch closer to where I'd ultimately envisioned it.</p> <p>My vision is basically to have a high availability server with no single point of failure.  This isn't really something I can do overnight, so doing it incrementally as I can make certain upgrades.  Overall, need multiple virtual server nodes with failover, shared storage with replication and failover (multi-pathing), each server hooked up to two ethernet switches in spanning tree, all servers with redundant power supplies hooked up to separate power circuits, etc.  It isn't necessarily rocket science, basically just two of everything.  This kind of goal is a ways off.  It isn't necessarily expensive to do if you do it as you have the demand/income to do it.</p> <p>Why do something like this?  Because it is fun… if that makes any sense.  It is a little bit of a challenge and can be interesting to attempt.  IE, for redundant storage, want to play around with looking at Solaris + ZFS + SunCluster (to get HA-ZFS) + iSCSI Target.  Surprisingly, that setup is not some super expensive enterprise setup, just takes some time to configure and test.</p> <p>So what all did I do this weekend?  I basically went from a single server to five servers, plus my own switch, and added in a hardware firewall.  Software firewalls are ok, but can be annoying sometimes.  I've seen Windows updates that reset some firewall rules, or reactivate the firewall on NICs that it was disabled on before.  They don't protect against things like DoS/DDoS.  And I've seen exploits/viruses that are actually kind enough to open up firewall ports for the backdoors they install.  How nice of them.</p> <p>It total, it took me 14 hours to get everything up and running.  Was one obstacle after another, since additional power was added, but it wasn't brought into the rack, I had a last-minute configuration change made to the firewall that broke some stuff (doh), installing the rails and running cables was a pain since the rack is very tight on space (not conducive to nice cable management).  And then I had to migrate a bunch of data and repurpose the old server, which took forever and then some.  So I was there from about 12 noon til about 2am… but it was a good time… just not something I want to do that often.</p> <p>So now my little network is made up of Dell servers, HP ProCurve networking, and Juniper routing/security.  That 24 port switch fills up quickly when you have 3 connections per server (one for public traffic, one for iSCSI traffic, and one for remote management).</p>

Wednesday, October 17, 2007

blog comments powered by Disqus