- Posted by bwf
- On May 7, 2015
- 0 Comments
We are pleased to be partnering with the Strategic Investment Board in providing a fully managed, high availability hosting platform for a number of their current projects. For those who do not know about SIB here is some information from their website:
“Strategic Investment Board Limited (SIB) supports the public sector in the delivery of infrastructure projects. A small Asset Management Unit works with the Executive to implement their Asset Management Strategy. We also provide strategic advice to Ministers on the development and roll-out of the Executive’s infrastructure Investment Strategy (ISNI)”
You may view SIBs website here: http://www.sibni.org/
Our System Administrators are highly skilled at designing the perfect tailored solution to meet the exact hosting needs of any client. We worked within our Carrickfergus office to design and build the solution which we built in our Maidenhead data centre.
So what did we deploy?
1. We were tasked with deploying a private server solution on its own hardware and infrastructure.
2. We were tasked with the securing of the platform on the understanding that the platform would be subject to extensive penetration testing by a specialist server security firm.
3. We were tasked with setting up a backup solution for the platform.
4. We were tasked with testing and documenting failover scenarios on the platform
5. We were tasked with ensuring we had proper procedures in place on who does what in the very unlikely event that something goes wrong so the websites can be back on line in as fast a time as possible.
6. We were tasked with managing the platform on an ongoing monthly basis and monitoring the critical services 24/7.
By the way as an aside if anyone ever needs to employ the services of a security specialist to perform penetration testing to test your server solutions you would not go far wrong in contacting Vertical Structure a respected Belfast Based company. Simon and his team are respected and well known in the industry with a wealth of experience.
So here is what we setup:
High Availability Load Balancer
This is a server hosted on our VMware platform which has built in failover. This server has been tested and fails over perfectly in under 1 minute when we simulated a fault on the host node. This server will handle all incoming traffic to the websites hosted by the SIB and will distribute that traffic to the web servers and database servers as appropriate. Storage for this server is on an enterprise EMC VNC Storage SAN which has insane redundancy as standard.
Backup Load Balancer
This server should never be needed but is a small VM set up identically to the first one and kept turned off. Should the balancer fail we switch this server on and quickly ramp up the resources and switch the IP to bring the platform back on line. The backup LB is in a different data centre segment to allow for continued uptime should one segment have temporary connectivity issues.
Two Web Servers
Two powerful web servers provide the SIB with the ability to handle double the traffic than a single server would be capable of handling. The setup is also scalable and additional web servers can be easily added to ramp up the capacity of the solution. We did benchmark tests to determine the max number of concurrent connections the system could handle and this information was made available to the client. Storage for one of the web servers is provided on an enterprise EMC VNC Storage SAN which has insane redundancy as standard. Both web servers are in different data centre segments to allow for continued uptime should one segment have issues.
Two Database Servers
Two scalable database servers were deployed. One on our VMware High Availability Platform and one on another server to give some additional failover layers. Storage for one of the database servers is provided on an enterprise EMC VNC Storage SAN which has insane redundancy as standard. Both database servers are in different data centre segments to allow for continued uptime should one segment have issues.
Backup is provided on a backup server with 4 drives in RAID 10 for added protection. R1Soft Enterprise Backup scripts are used to ensure regular backups are performed with data retention as specified by the client.
Situational Response Documentation
What could go wrong and how will it affect up time and how long will it take to fix. Many of the situations will have zero downtime. Some will have a small downtime with a high priority to fix. Having the architecture as it is will result in a fast recovery should the worst happen which is very unlikely. The document will ensure no confusion or delay regardless of what staff member is on duty.
DDoS Protection & Security Audits
The setup sits behind Arbor Networks equipment which is well known to be very effective at scrubbing attack traffic directed against the servers.
Extensive work was undertaken on server security and a number of tools were used internally to test the cluster with excellent results. We are confident the solution is as bullet proof as we can make it.