Sunday, 26 February 2012

Seven Cloud Computing Rules

Today I’d like to cover cloud computing, the design in a nutshell.
I'm going to try and cover some very detailed practice in seven rules.

One you need to keep in mind is that any hard coding is rule number one not to break, as you can’t work in a cloud where instances and server names are fix, so the first thing that you need to get used to working with alias and Cnames as you have to be able to move seamlessly from one server/instance to another without it.

Two avoid all single point of failure (SPF) this is something that is often overlooked with the small components such as switches/routers/firewalls as without this instance and servers can’t fail over Rule.

Three you need to pick a load balancing algorithm as fail over times are often slow in a Active/Passive i highly recommend Active/Active, also take into account other types of fail over not just when there is unplanned outages but also the options for maintenance, as it very useful to be able to do upgrades and work on problem hardware/software without having the service down.

Four the solution you use must be able to scale up, most likely you'll not have the dream budget on day one to allow you to build a cloud 100 times bigger than you need and even if you did chances are that demand will grow beyond your first scope.

Five be careful of issues with scaling the network, some protocols don't scale up to 4000 nodes well and can cause timeouts while recalculating network paths and this also comes back to the point three about active active as well hot standby isn't as good as active active.

Six just because its a cloud doesn't mean its just one big box that you throw everything in, when you have web servers, db servers and email server etc don't just put them in one big lan as that going to be unmanageable try to create VLAN's for each service stream, example

1) Service VLAN, this zone should have things that all the others will need like DNS servers certificate server maybe even Proxy depending on your setup
2) Web VLAN this one is quite easy needs lookups to service VLAN for DNS etc and most like likely need ports to DB VLAN and SMTP VLAN as well but only those ports and some port 80/443 to service the outside world
3) DB VLAN most likely will need no external access at all however need access to service VLAN for authentication and maybe SMTP VLAN to send messages
4) SMTP VLAN needs access to service VLAN to lookup DNS and authenticate connections from outside clients perhaps but no access to DB or WEB VLAN

over all you get to around 8 VLAN's in most designs once you split off each of the streams, one big advantage with this is that you are able to see where traffic is going/should be going without 100s of firewall rules and this make management of the network layer easier as you scale up

Seven don't forget the goals you want redundancy at all times even when you want to work on something, this doesn't always mean clusters could be mirrors or synced content, remember you should be able to do your work on the cloud during the day without anyone being aware that its done.
Service announcements are also key with large stake holders/user bases you don't want to have a one to one about every thing so make sure you've an fast and effective communication system.
Document the ways of working not just to pass the ISO standards but also remember you might be on sick leave or hit by a passing comet (stranger things have happened trust me) what ever the reason just pretend that someone else has to work on it so documents should be many and simple, anything over 3 pages no one reads!!! remember that, also try to avoid human error (the more things you need a person to do the greater the chance of a mistake) so script as many of the commands down to press this button, and follow up on this point in your problem management, so that solutions to problem if you can't fix them outright are also quick.

So now your at the end of the seven rules you can start to build your clouds, and it doesn't matter if they are private, public or hybrid the same rules will apply.

No comments: