Tag Archives: colocation

Progressing towards a true backup site

A while back, I moved our production site into a Tier 4 co-location in NJ. Our former primary site became the backup, and things went very smoothly.

Now we’re continuing on with our plans of centralizing our company in the northeast of the US. To advance these plans, I’m less than a week away from building a backup site into another tier 4 colo operated by the same company as the primary, but in Philadelphia. This will give us the benefit of being able to lease a fast (100Mb/s) line between the two sites on pre-existing fiber. I cannot tell you how excited I am to be able to have that sort of bandwidth and not rely on T1s.

The most exciting part of this backup site will be that it will use almost exactly the same equipment as the primary site, top to bottom. Back when we were ordering equipment for the primary site, we ordered 2 Dell PowerEdge 1855 enclosures, and we ordered 20 1955s to fill them up. Our SAN storage at the primary is a Dell-branded EMC AX4-5, and we just bought a 2nd for the backup site (though the backup site’s storage is only single controller while the primary has redundant controllers. We can always purchase another if we need). We’re using the same load balancer as the primary, and we’ll have the same Juniper Netscreen firewall configuration. Heck, we’re even going to have the same Netgear VPN concentrator. It’s going to be a very good thing.

I don’t know that I’ll have time to create the same sort of diagrams for the rack as I did before, but I should be able to make an adequate spreadsheet of the various pieces of equipment. When all of the pieces are done and in place, I am going to install RackTables to keep track of what is installed where. I mentioned RackTables before on my twitter feed and got some very positive feedback, so if you’re looking for a piece of software to keep track of your installed hardware, definitely check that out.

The rest of this week will be spent configuring various network devices. I knocked out the storage array on Monday and two ethernet switches & the fiber switch yesterday. Today I’ll be doing the Netscreens, one of the routers (the other will be delivered Friday), and the VPN box. Don’t look for extensive updates until next week, when I’ll review the install process.

Proper Disclosure of Technology

As you might have read, I recently moved some equipment into the NJ colocation. One of the documents I generated for that move was the rack diagram, showing all of the equipment being installed, and where in the rack it went.

Being sort of proud of it, I showed it to some people in the corporate HQ when I was in the office there, and the CEO saw it. He asked, “This is all the equipment in the rack?”. I verified that it was, and he said, “Good. Now get with X (the head salesman) and work on text describing this for him. I want to use it in marketing materials.”

Now, on a certain level, I don’t mind selling the company’s product based on our technology. In fact, I’m pretty proud of what I’ve managed to put together, and I think if you’re going to throw almost $100,000 into technology, that technology should help you actively recoup the expenditures.

My main concern is security. I’m certainly not someone who relies on security through obscurity (although it never hurts to have some of that, too), but I’m questioning what information I should release.

I’ve gone to measures on this blog to not reveal the name of the company that I work for, mostly because I don’t think it’s important to the blog itself, but also because I’d rather not reveal the internal structure of my company to anyone interested in learning more about it. It’s none of their business.

In that same light, I don’t really want sales material handed out stating that I’ve got 2 Juniper SSG5s setup in a cluster configuration, and that when they hit our website, they’re actually talking to high availability Kemp LoadMaster 1500s. If I’ve done my job right, even with that knowledge, they wouldn’t be able to break in, but it’s still more information than I feel is comfortable.

The path that I’m leaning to not having the sales guy release any of the diagrams I’ve made this far, and not mention any of the specific technologies we’re using, but only vague generalities. “High Availability clustered firewalls” instead of SSG5s, and “multiple redundant load balancers” rather than LoadMaster1500s. I haven’t decided what I want to do about operating systems. Personally, I think the fact that we’re a linux house means that our servers are more reliable. I’m sure a Windows admin would feel the opposite. I suppose it’s much like any other divisive choice, and that polite conversation should steer away from it. Religion, politics, income, and operating system choice.

Any ideas on how you or your company approach this issue (or how you would, given the chance?)