Over at the Ethergeek blog last week, Josh Stephens had an interesting piece on the challenges of finding experts with data center expertise. Another trend that I see is the centralization of IT staff to main data centers. Gone are the days of having a dedicated IT person at sites which run a number of local services or applications.
This brings its own problems as it can be cost and time prohibitive travelling to these sites to diagnose and fix problems. The good news is that there are a number of technologies out there that can make this task easier.
- Out-of-band management allows for console access to remote servers. This level of access is just like standing in front of the server. Using a web browser you can see error messages on the server console and boot up from media like CDROMs and USB sticks. Normally, you will have a dedicated network card available for this service. From a security point of view, I recommend that you connect this network card to a secure management network which is protected with access control lists.
- In-band management allows you to get remote desktop access once an operating system has finished its boot up process. An example of this is the Microsoft Remote Desktop Protocol service (RDP). Just make sure your servers are fully patched as vulnerabilities do exist with the RDP service.
- Deploying servers as virtual machines allow you to change settings like memory and CPU allocations remotely. Most virtual platforms will also report on how each virtual machine is performing so that you can take the appropriate action when things get busy. The one thing to watch with this approach is that some applications, especially databases, will run better on physical servers. This is due to the large volumes of data reads and writes which can slow down when travelling across virtual infrastructures.
- Network monitoring standards like SNMP and WMI allow you to gather performance metrics which can be then stored in a central location. Data is normally collected in two ways. Firstly, a network monitoring tool will periodically check metrics like CPU or memory usage. This data can then be trended so that you can spot when something is getting overloaded. Secondly, remote servers can be configured to send alerts when something goes wrong. You will normally find out about problems quicker when the server sends the alert. I covered this topic in more detail in a previous blog post which looked at ways for managing a network more efficiently.
- So far I have looked at ways for monitoring and managing remote servers and applications. It is also important to know what is happening on remote LANs. You can gather some network performance information using SNMP but I find that this data is better for WAN management. Traffic analysis tools can be used to troubleshoot problems by looking at network traffic. There are two main technologies available in this space, those that do flow analysis and those that capture network packets. Flow statistics are normally available from devices that can route data between two networks. If your remote networks are flat (single subnet) or you don't have flow options on your network switches then packet capture is an option. Packet capture operates by connecting a traffic analysis system to a mirror port on a network switch. The mirror port will then send a copy of the network traffic going to and from any server or device that you are interested in to the traffic analysis application.
Do you have any tips for managing remote networks and data centers? I'd love to hear of other ways for making this task easier.
Darragh
Darragh Delaney is head of technical services at NetFort. As Director of Technical Services and Customer Support, he interacts on a daily basis with NetFort customers and is responsible for the delivery of a high quality technical and customer support service. Follow Darragh on Twitter @darraghdelaney