200 likes | 210 Vues
Learn how to design and provide reliable network and system services, including understanding service requirements, servers vs services, customer requirements, operational requirements, open architecture, and more.
E N D
CIT 470: Advanced Network and System Administration Services CIT 470: Advanced Network and System Administration
Topics • Service Requirements • Open Architecture • Service Design Principles CIT 470: Advanced Network and System Administration
Servers vs Services A server is a piece of hardware. A service is the function that is provided by one or more servers. CIT 470: Advanced Network and System Administration
Services • Distinguish structured computing environment from some standalone PCs. • Large orgs linked through shared services to ease communication and optimize resources. • Typical environments have many services • Fundamental: net, DNS, email, auth, printing. • Typical: DHCP, backup, directory, file, license. • Services often depend on other services • Almost everything depends on DNS. CIT 470: Advanced Network and System Administration
Providing a Service • A service is more than hardware+software. • A service must be • Reliable. • Scalable. • Monitored. • Maintained. • Supported. CIT 470: Advanced Network and System Administration
Servers and Services For a service to be reliable, servers should: • Be as simple as possible. • Have minimum software to run service. • Depend on as few other services as possible. • Depend only on services that are at least as reliable as the service running on the server. • Have access restricted to SAs. • Be as few as needed for performance + reliability. CIT 470: Advanced Network and System Administration
Customer Requirements Customers are the reason for the service. • How do they intend to use it? • What features do they need? • What features would they like to have? • How critical is the service? • What levels of availability and support are needed? Service Level Agreement (SLA) • Enumerates services. • Defines level of support. • Commits to response times for problem types. CIT 470: Advanced Network and System Administration
Operational Requirements Essential to designing a reliable service • What services does it depend upon? • What other services will depend upon it? • How does it interoperate with other services? • How can it be integrated with auth/dir services? • How does the service scale? • How can the service be upgraded? • Downtime requirements. • What systems are affected? CIT 470: Advanced Network and System Administration
Open Architecture Service should be built around open standards • Check IETF RFCs to see if it’s an open protocol. • Example service: SMTP • Example products: exim, postfix, qmail, sendmail. • Open standards don’t require open source. Allows vendors to make interoperable products. • Avoids vendor lock-in. • Allows vendor competition (cheaper prices for you.) • Decouples client selection from server selection. • Avoids need for protocol gateways. CIT 470: Advanced Network and System Administration
Requests for Comments (RFCs) • Documentation for Internet protocols, technologies, and methodologies. • Standards track RFCs describe Internet standards (TCP, IP, SMTP) and must be approved by IETF. • Experimental RFCs may become standards. • Best Common Practice RFCs describe how to run services or use protocols. • Informational RFCs is a catch-all including proprietary protocols, April Fool’s jokes, etc. • Available from http://www.rfc-editor.org/ CIT 470: Advanced Network and System Administration
Principles for Designing a Reliable Service Simplicity • The more features, the more bugs. • Simplicity increases reliability, ease of maintenance. Vendor Relations • Can be helpful about configuring service. • Let vendors compete for your business. • Stick to vendors who develop for your platform. CIT 470: Advanced Network and System Administration
Machine Independence Will eventually move service to new host. • Want to avoid having a downtime. • Want to avoid reconfiguring every desktop. Use generic DNS alias for machine • Mail server has name romero • DNS alias is smtp Use virtual IP addresses for non-name svcs • Machine has usual IP address: 192.168.1.54 • Virtual: ifconfig eth0:0 192.168.1.5 CIT 470: Advanced Network and System Administration
Dedicated Machines Put each service on its own machine(s). • If a server crashes, only impacts one service. • Easier to debug if only one service running. • Performance tuning easier with one service. • If you can’t afford a new machine, use a VM. CIT 470: Advanced Network and System Administration
Environment Safe environment • Improves reliability: AC, UPS, physical security. • Data center usually provides faster network too. • Only rely on services provided by data center. Restricted access • Customers should not need to login to servers. • More logins decrease stability, performance. • Even Windows can be stable w/o user logins. CIT 470: Advanced Network and System Administration
Principles for Designing a Reliable Service Service components should be tightly coupled. • Other than redundant components. • Share same power source, network. • Reduces service dependencies (single points of failure.) Centralize management of service • Managed by one set of SAs. • Support for service by single helpdesk. • Document service. CIT 470: Advanced Network and System Administration
Performance Latency vs throughput • Latency is delay before data received. • Throughput is how much data sent per second. • Performance problems typically affects one. • Increasing the other will not solve your problem. Remote sites • May have high latency to main site. • Do you need secondary servers at remote sites? CIT 470: Advanced Network and System Administration
Capacity Planning Estimate capacity from testing. • Test server at 100 qps, 200 qps, until slow. • Identify resources used by each query • RAM • Disk • Network • CPU Can service be split onto multiple servers? • Can it be done w/o users noticing? CIT 470: Advanced Network and System Administration
Principles for Designing a Reliable Service Monitoring • Availability, problems, performance. • Auto-alert front line support. • Customers shouldn’t discover problems before SA. • Capacity planning: CPU, mem, disk, network, licenses. Service Rollout • First impressions are difficult to change. • Be ready for support: docs, trained helpdesk. • Use one, some, many technique. CIT 470: Advanced Network and System Administration
Key Points Servers vs desktops • Requirements and hardware differences. Redundancy • Full vs n+k redundancy. • Hot plug vs hot spare. Services • Requirements: service, server, customer, op. • Machine independence and open architectures. Performance • Latency vs. throughput. CIT 470: Advanced Network and System Administration
References • Mark Burgess, Principles of System and Network Administration, Wiley, 2000. • Aeleen Frisch, Essential System Administration, 3rd edition, O’Reilly, 2002. • Thomas Limoncelli, Christine Hogan, Strata Chalup, The Practice of System and Network Administration, 2nd ed, Limoncelli and Hogan, Addison-Wesley, 2007. CIT 470: Advanced Network and System Administration