Building network: So many tasks
It feels like insurmountable task with so many different things one needs to take care of. Many would think "Oh, just throw in a router and do the BGP", but infact, there is a plethora of other things you need to account for.
DNS Servers: These need to be properly configured recursive servers, 2 are required. Has to be secure, hardened, and contain filtering for possible DNS attacks (poisoning, amplifaction etc.)
DHCP/PXE: In our case also a DHCP and PXE server is needed, with dynamic on-the-fly idempotent configuration.
Monitoring, web: Web server for displaying monitoring data, out-of-band, discreet connection via separate physical links and on separately routed network. This same server can serve multiple purposes with multi-ip setup, such as inbound VPN etc. However, for security we will propably have all tasks separately.
Monitoring, calculation: A server which does the actual calculations and drawing the graphs for monitoring, which are then synced for the displaying one. Due to the sheer volume "simple" calculation will take a lot of effort, and in this manner there can be multiple nodes to just calculate the graphs to keep up. Munin will not work here neither, and there needs to be things ensuring data corruption does not happen (Munin is extra happy to corrupt your data at high volume)
Management: There needs to be a management server which is primarily connected out-of-band.
These are just some servers to configure, of course there are other concerns as well as the electrical infrastructure, UPS, racks itself, building and testing the servers etc. Never mind all configurations need to be thoroughly tested before taken into production.
Business wise these are annoying tasks, as traditionally none of these tasks are actually marketable, these are so called "hidden" features people normally does not care about, unless they break down, but it's the marketable things which brings in the business to pay for all of this.
Miercuri, MaI 8, 2013
