Upload
mabel-murphy
View
219
Download
0
Embed Size (px)
Citation preview
Data Center and Network Planning and Services
Mark Redican
IET
CCFIT Update Feb 13, 2012
Faculty/Research Computing Support Services
• Windows, Mac, & Unix/Linux Server Administration and consulting– Databases, web services, etc.
• Workstation & Mobile Device Support• Desktop/Laptop Management• Software/Hardware Installation• Backup & Data Recovery• Cyber-Safety Evaluation, Compliance & Reporting
Faculty/Research Computing Support:When & Where IET Services Make Sense
• Identifying effective solutions and quantifying true costs when creating proposals.
• Server configuration at the start of a project.• Providing systems administration and desktop support
for the duration of projects.– Service Level Agreements for on-going system
management and support.– Ad-hoc support can augment departmental or other
support resources.
Faculty/Research Computing Support:When & Where IET Services Make Sense
• Forensics and Malware Removal
• Secure PC and Server Configuration
• Software & Hardware Installation
• Hardware Repair
• Laptop Loaner Service
• Technical Consulting
Infrastructure Computing Services
• Co-location Services
• Virtual Server Hosting
• Network Administration
• High speed networking – Optical, 10 Gig Ethernet– Research Network
• Firewall & VPN Services
• Technical Consulting
Infrastructure Computing Services :When & Where IET Services Make Sense
• Proper server room space is unavailable or too costly to maintain.
• Offload server hardware management.• Development servers or short term computing needs.• Offload firewall and VPN hardware and service
management.• Network performance tuning.• Research partnerships
– Sanitized network data– Managed access to network infrastructure
Data Center Project
• Build, buy or lease a permanent data center
• Joint facility – UCD and UCDHS
• Modern, energy efficient space – 30,000+ sq ft– Build out in phased manner
– Supports all flavors of computing resources
• Decommission ad hoc server rooms on campus
• Consultant hired – recommendations being developed
Data Center Expansion to Quest
• Provost approved funding for Quest
• Quest is a tier III colocation facility at McClellan BP
• Interim space until permanent data center on-line
• 800 sq ft – 30 racks
• 800 sq ft expansion option
Data Center Expansion to Quest
• Space available at Quest - April 2012
• Expect first compute load May 2012
• May 2012 – June 2013 move DC equipment– Majority moved by January 2013
– Vacated space available for research computing
– Project subsidizing co-location costs
• January 2013 and on move department equipment
Strategy
• Virtualize majority of systems (500 pieces of equipment)
• Hire 1-2 contract FTE to assist transition
• Purchase second SAN
• Purchase additional VM blade chassis
• Move services at virtual layer
Benefits of Strategy
• Risk mitigation – VM migrations
• Ongoing replication of data between sites
• Virtualization good– Cost effective– Reduced footprint– Reduced energy consumption
Networking
Departmental Co-location
• Some space at Quest is identified for departmental co-location
• Campus server consolidation efforts– Minimize investments in ad hoc server rooms– Service Consolidation– Server Virtualization– Co-location
Costs
• Campus is funding most of Quest
• No additional costs passed on to clients
• Similar costing to existing co-location rates – No co-location fees for research computing
• Off site SAN replication will be part of most basic services
• Addresses need for reliable facility, additional space and disaster recovery
Campus IT Initiatives
• Data Center• Centralized Security• Centralized E-mail / Unified Communications• Enterprise Active Directory
• Opportunity to restructure the campus network and network management
Campus IT Initiatives
• Data Center– Joint Data Center w/ UCDHS– Build/Buy/Lease modern facility– Quest, Campus Data Center for interim needs
Campus IT Initiatives
• Centralized Security– Sustainable funding for existing services– Centrally managed firewalls– Identity and access management
• Centralized E-mail / Unified Communications– uConnect/Office 365– Davismail– Lync/UM
Campus IT Initiatives• Enterprise Active Directory
– Consolidate DNS, Kerberos, LDAP– Certificate services– Network access control– BigFix
• Asset, patch and energy management– Anti-virus management– Sharepoint document management– Business applications (.NET)
Example: Dept. VLAN
Servers
CENIC/Internet
End-Users
Core/Area Routers
Building Routers
EthernetSwitches
VLANs span network core
Dept. ManagedDHCP
Static DNSIP based security
Dept Firewall
Campus Network Future State
Servers (DMZ)
CENIC/Internet
End-Users
Core/Area Routers
Building Routers
EthernetSwitches
Data Center
HPC
Servers (Data)
Firewalls
User Firewalls
GenericUser VLANs(Dynamic)
IP Core & Services
Centrally ManagedDHCP
Dynamic DNS802.1xCerts
Identity based security
Questions
• Thank You