Anatomy of a Design: Building a robust server architecture
This is the third post in a series about IT infrastructure design.
We laid out what our hypothetical law firm needs in our last post. Today, we’ll focus our attention on the server, where the work actually gets done.
Building the right server based on our needs
Before we begin, we need to make some more assumptions about the applications a law firm might use to properly specify the right server. Our first assumption will be the firm is using Office 365 for e-mail and Microsoft Office applications. We’ll also assume that Voice over IP (VoIP) services are provided by a carrier, and only an external network connection is required to make and receive calls. It’s possible to wirelessly connect the phones to the network, but if the firm uses regular VoIP phones, running additional cables to each desk and a primary power over Ethernet (POE) switch will do the trick.
Our final assumption is that most of the remaining functions can be provided by single applications sold in suites from various software companies. The only exception might be document management and storage applications, which could be two different applications. Part of our assumption is that certain specifications, such as CPU, memory, and storage capacity, will be met by the server.
What do we need? Let’s add it up
If we list our requirements (these will vary based on different vendors’ applications), and add in potential virtual desktops, here’s what we arrive at:
Based on these requirements, we’d suggest virtual infrastructure — a virtual host running multiple virtual guest operating systems to support the firm’s applications and users. While we could use physical servers, it represents too much extra management and a waste of resources. In our virtual infrastructure, the CPUs and, to some degree, the memory will be shared among the applications and desktops.
But a single server does represent a violation of the requirement of being highly available. To remedy this weakness, redundant connections for external storage and network, as well as redundant power and fans, will be employed. Our backups will protect against data loss and we’ll add some additional features to the server to prevent any single component from failing.
Finding the right solution through floor plans and server designs
Visuals will help us check our approach. Figure 1 is the floor plan of our hypothetical law office, complete with dedicated offices for the lawyers and cubicles for the administrative assistants and paralegals. There is also space for a kitchen and conference room.
Marked on the diagram are the locations of various wireless access points; while there may be better placements for these access points, the current setup should more than cover all of the cubicles and offices. Cable drops for the VoIP phones aren’t shown, but let’s assume wires can be run along the perimeter of the office space to each office, cubicle, and the conference room.
Next we’ll examine a diagram of the overall network that details connections for the wireless access points, desktops, and laptops (Figure 2). The network diagram shows the server with two connections to our POE switch and a dedicated storage array. The virtual machines or virtual guests that will run our applications are all contained within a single server. We also have enough capacity to run four or more virtual desktops.
Now for a breakdown of the server design, or specifications to support our law firm. We only need enough CPU cores to support about half of our needs; because all of the cores required by an application aren’t in use at the same time, some of these resources can be shared. But that’s not true for memory, which is locked to a virtual guest’s operating environment. If we’re forced to use a CPU with more cores, we can simply install more memory than needed –what application doesn’t do better when it has more than enough memory?
If we use the right memory DIMM size, we should have extra slots to add additional memory later. The same is true for the CPU. We’ll specify one CPU with at least 16 cores or more, and reserve the spare slot for future expansion as needed. Let’s examine a general diagram (Figure 3) of how this would look, including all of the redundant connections and components (fans, power supplies, cabling, controllers, disks, etc.).
Can you spot the glaring issue? The network switch represents a single point of failure. If it fails, all work ceases – bad news for a law firm dependent on the billable hour.
Network switches rarely fail, and the one we’d look for (from a reputable vendor) would have dual power supplies and sufficient ports, which should ensure a long life. But we could avoid that trouble by employing a second switch. This diagram shows another design, complete with enough redundant connections to satisfy almost anyone (Figure 4).
Since we have more than enough wireless access points by a safe margin, losing three of the access points wouldn’t prevent any work from getting done, but it would be slightly annoying. A single connection for the VoIP phones isn’t shown, but because we have spare ports, it shouldn’t present a problem.
Check your shopping list twice
At this point, we’ve addressed almost every aspect of the firm’s requirements, including the ability to support virtual desktops. Below is our shopping list and the necessary specifications required to build out our custom, 21st-century IT infrastructure for the law firm. The items on this list can be purchased through a third-party vendor for agnostic advice and favorable pricing.
We haven’t yet mentioned some of the software products listed in our shopping list: The VEEAM backup software provides protection for our virtual guests, backing up the data to the internal storage on the server. VEEAM also allows for almost instant recovery, running the backup directly from the backup storage.
Additionally, the wireless management software supports the access points. One option is the use of a network gateway or firewall to support the access points’ connections. This saves ports on the primary switch and should include the ability to manage the wireless network and secure user access.
Our next post will detail how to run this infrastructure in the cloud.