Thoughts on Hardware selection

Thought I digress a bit on the how's and whys of server hardware selection.  There are lots of ideas on this but it should always come down to xxx requirements:

1. The hardware must be capable of supporting the solution both now and for the next 3-5 years.
2. Performance and cost (both capital and recurring/operational)must be balanced.
3. Reliability and cost must be balanced.
4. Risk and cost must be balanced.

Notice the theme here?  Note how cost figures into almost everything?  The one good thing is that cost is the easiest component to figure.  Performance is not too hard to divine these days either.  But reliability and risk are tougher.

Chosing just the best equipment can be an expensive undertaking, what with budget constraints.  So often, just good enough has to do.  And, surprisingly, there is a lot of good less expensive equipment out there that will do the job just fine.

For SANS:
There is no doubt that that EMC, NetAPP or HP SAN will get the job done, but do you really need that level of performance?  Perhaps a LeftHand solution or even a PROMISE SAN can fill the bill.  Maybe, you can acquire a backup unit with the initial purchase, that may make the need for a support contract unnecessary.  Is fiber really the right answer, or will iSCSI provide sufficient throughput? 

For Networking:
Do you really need smart switches everywhere or just at critical junctures?  What about network wiring when VOIP/POE is involved?  Home runs or put the POE equipement in the department closets?  Use one vendor or the most cost effective soluton?

For Servers:
Do we virtualize/cluster/replicate?  Do I use 3U 4 processor unit for 48 cores and a built in RAID array, or the 2U 4 node 2 processor unit (total 96 cores) with a single or mirrored array for each node and a SAN with MPIO?

How do you decide?

The next several postings will address these issues.  First up: Server selection.

Practical Computing in the Cloud (ported from old site)

Cloud computing is the current hot topic in IT.  Providers are pushing it, vendors are pushing it, consultants are pushing it.  About the only people who don't get it are at Corp HQ... and the users.

In a nutshell...

Pros:

• 7/24 monitoring is available
• Server management is available
• Network management is available
• Server redundancy is available
• 7/24 management is available
• Network redundancy is available
• Business Continuity is less risky
• VOIP is more pragmatic across multiple sites
• Backups can be easier to accomplish and more secure
• Security is centralized
• Compliance is easier (HIPPA, SOX)

Cons:

• Loss of Total Control of Administration
• Security across the corporate WAN
• Loss of Control of Cost
• A Good Business Continuity Plan is Mandatory

The explanation (point by point) starting with the Pros...

• Monitoring - As opposed to having to hire and schedule operators and admins to be available 7/24/365, the hosting provider will usually provide an option to monitor the network and servers.  All good.  However, this doesn't mean that you can get rid of your admins.  You still need people who know how everything is put together so that when that critical business function breaks (the one you spend $100,000+ each year on for development), there are people available who know how to troubleshoot the problem quickly using procedures that they defined for recovery, so your downtime is minimized.  Monitoring does not imply management or recovery.
• Server Management - Good as far as it goes.  Need patches installed?  As long as they work perfectly, no problem.  But throw in application, device, driver incompatibilities along with the occasional bug, and you can quickly find yourself addressing a two stage process (to test systems first before production), or else dealing with how to roll back patches on a machine that can be anywhere in the US, and is not available via the network anymore.
• Network Management - A very good idea, if done by your IP Provider or possibly one of their recommended 3rd party partners.  This will generally keep accidents from happening.
• Server Redundancy is available - Several OSs now support remote clustering - where different cluster members are at different locations.  This is a step up from traditional clustering solutions in that each member server is in a different geographical area.  Issues are syncing due to latency, and updating the servers. 
• 7/24 Management is available - Provided you can set up good inter corporate communications, get a workable schedule put together and competent remote support, this is a major benefit.  No longer do you have to employ staffers for 3 shifts to ensure up-time.  Lower payroll costs but higher MRC.
• Network Redundancy is available -  No longer do you have to provide multiple network connections to the datacenter as your (nationwide) provider can provide that as a matter of course (but you still have to put it in the contract).  However, you still have to address the issue of whether to set up redundant connections for each work site (decision for the COO and CFO).
• Business Continuity is less risky - What this means is that you have more resources available in case of an emergency.  In fact, Sungard can even provide you with a temp office space with equipment per contract, which can be upgraded if necessary.  While there are others that can provide the office space option, most are limited geographically or by the number of users that they can support that way.  There are numerous providers that can provide simple server hosting space.  The problem is maintaining sufficient staff in your business so that they can keep everything in sync and up to date.
• VOIP is more pragmatic across multiple sites - VOIP should always be part of any cloud solution for a multiple site entity.  Employ an MPLS network with firewall and VPN in the cloud.  Use the same network/security for VOIP.  This can expand the use of VOIP to your entire sales force anywhere wireless access is available via a softphone program on the users computer or laptop.  Reduces the cell phone minute charges for your traveling employees, particularly for international users.
• Backups can be easier to accomplish and more secure - With an MPLS cloud based network backbone, and using data compression/encryption, backups can be done to your hosted backup servers/SANS from all connected business sites (provided they have adequate bandwidth).  The issue here is error recovery and the need for redundant network connections to ensure that the backups get done on time.
• Security is centralized - You no longer need a firewall at every site, just a good router that supports MPLS.  This means having a single firewall guy on staff as opposed to one per site.  And now all he does is tell the provider how to set up the firewall, so he will be awake in the morning and into the office on time (usually).
• Compliance is easier (HIPPA, SOX) - Recent interpretations with HIPPA and SOX state that for compliance, a company must be able to provide document discovery for the last 3 years, and verify that regular complete backups of pertinent data are performed.  A cloud solution can simplify the need to provide proper business continuity techniques (backups, auditing, reporting), by simplifying the backup procedure, providing independent verification for auditing and standardize all aspects of reporting.   This is done by reducing the staff required at each site to manage these tasks.  This tasking is now done by your providers management group, using management tool suites.  Again you have the expense, but it is centralized, contracted, and outsourced.  Giving you a legally defensible position if the need arises.

And now the Cons...

• Loss of Total Control of Administration - With all the outsourcing and geographical distribution in the Cloud solution, good management is essential, especially with the contractual agreements.  All envolved parties need to fully comprehend what they are purchasing (COO, CTO, CIO, CSO, CFO) and be in agreement that is meets their corporate needs.
• Security across the corporate WAN - Now you can support a mobile workforce... and that is the problem.  Whether it be bots, pornography, viruses, or an e-mail from cousin Sady with the latest baby pictures, the security issues you face now will require much more forethought and planning.  With cloud computing, Security must always be foremost in everyone's mind.  With everyone/thing connected, one compromised smartphone can lead to the pillaging of the entire environment if appropriate defenses are not in place.
• Loss of Control of Cost - By outsourcing the cloud environment management and monitoring tasking, you are now at the mercy of your providers limitations.  While you may be able to negotiate a good initial contract, expect the costs to go up once your provider has you locked in.  Changing providers will be prohibitively expensive.  Be wary also as to the financial stability of the selected providers and the equipment and software vendors they employ in your solution.
• A Good Business Continuity Plan is Mandatory - With the disbursement of the the corporate datacenter into the cloud, you have greatly increased the complexity of your environment in exchange for better flexibility, reliability and redundancy.  With the implementation of a cloud solution, you have to face the need for a verifiable Business Continuity plan.  A good plan is thorough, detailed and exacting in its procedures.  It is also updated as often as any element of the environment.  This can be as often as every week.  As you may gather, this is a costly undertaking.  Unfortunately, it is essential for corporate viability.  Many larger companies will not do business with companies that do not have the capability to address a systematic failure within 24 hours and who can prove that they can do so.

All in all a cloud solution is in every business's future.  Just remember that with this solution you need expert guidance in every facet, and you will still have to maintain in-house expertise to maintain that environment.

Downside of the Cloud and Hosted solutions

I had the occasion to stop off at one of Chicago's premiere theatres recently.  I didn't really want to go there, given the weather, but I did want to secure tickets for an upcoming show.  I hadn't been able to get to their ticketing web site for the last 3 days.  Thirty minutes later, I left with my order reservation and a promise that I could come back and pick up my tickets once they were able to charge my credit card.  The person behind the ticket counter informed me that their servers were inaccessible due to a problem with their Internet connection, which has been more down than up for most of the week.  On the upside, the theatre is just down the street, so that won't be very painful...  for me.

Like most theatres these days, they have either outsourced, or hosted their ticketing system offsite to simplify their cost structure and to make it more accessible to customers.

Like most businesses with the datacenter outside the building, they are dependent upon their Internet Provider, and, as it turns out, that is where the problem lies.

My guess is that they have redundant connections, but that doesn't help when the problem is related to issues at the datacenter.  The potential causes are many:

• Indifferent or incompetent engineers/admins/management
• Bad documentation
• Growth (in traffic levels, number of sites or servers hosted)
• Reliance on marginal or 'past live' components in the network
• Hardware failure
• Insufficient or missed monitoring or audits
• Accident or fire
• Untested failover scenarios

So while the cloud, and outsourcing can reduce Asset valuation and payroll obligations on the balance sheet, it can also lead to increased downtime if not properly designed, implemented, documented and most importantly, tested.

A key facet of reducing this downtime on the client side is redundant IP connections.  But to make this work, you have to test it and verify that failover can occur smoothly, without loss of a transaction (short delays are usually acceptable).

However, on the server side (hosted/cloud), there isn't much you can do.  You are at the mercy of the hosting/provider's ability to support their product.  Even if you provide the circuit(s), they still have to get it/them connected - safely, securely, and reliably - to your servers.  This is no mean trick.

So if you do decide on a cloud or hosted solution make sure you do the following:

• Research your prospective provider thoroughly.
• Talk with their other clients
• Document every aspect and procedure
• Test, test and test
• And test some more

Lastly, don't forget to define and test a procedure that you will use when the solution eventually fails, which it will.  I leave you a few mantra's of IT Directors everywhere:

• Murphy is the patron saint of computing.
• He who has physical control of the assets, rules.

You need to allow for one and obtain the other.

Till next time...

Ironspeed - A way to build Web applications more efficiently

Like most developers, I am always looking for ways to be able to do my job more efficiently.  This means:

• Creating fewer bugs
• Reducing the time and amount of code I have to test
• Guaranteeing application security
• Reducing development time.

I mostly focus my work in the Windows World.  There Visual Studio is king.  Not perfect by any means, but certainly worth its cost.  Back in 2003, I also started using a new tool that I had read about in one of the trade journals, called IronSpeed Designer.

IronSpeed is a tool with which you can build a basic fully functional Web application in as little as 10 minutes (time required relates directly to the number of screens and tables involved), once you have the database designed.  It does this by using boilerplate code to generate IIS compatible ASP.NET applications based upon a set of control XML files it generates during the building process.  You tell it the database to use, the screens you want, what options you need and it puts together basic apps for every screen. 

Embedded security access code is an option.  That gives you the capability to use a unique user access setup in your database, integrate with Windows...   or you can use your own scheme and code it yourself.

Once you have the base application, you can use their designer to add, modify or move fields as needed.  If you add fields, relationships and tables to the database, you can do that and then  just tell Ironspeed to update it's database references and you are good to go (of course you would still need to add the fields to the screens where they are needed manually).

You use a drag and drop process to change screen and component layouts, usually setting up multiple levels of tables to subdivide the screen as necessary.  Ironspeed also supports tabbing now, so it is easier to implement screens with numerous fields.

To further reduce your workload, you have the capability to generate reports and to define a report cell, you can use a fairly straight forward formula procedure (as in excel) to define a column.  As a bonus, it integrates with Microsoft Sharepoint.

Ironspeed currently supports the following database environments:

• Oracle
• MySQL
• Microsoft SQL
• Microsoft Access

You also have several state management models from which to choose.

Code customization is also straight forward if you are familiar with the Visual Studio scheme.  You can also use Ironspeed in conjunction with Visual Studio to do line by line debugging with breaks.

While it does take time to learn, this is a great developers tool.  They have an active forum and actually listen to their user base.  Additionally, they have good training videos and live web sessions too.  A great tool for the experienced coder.  You can download a free14 day trial version from their site at:

http://ironspeed.com/