Lesson Contents
Data centers have changed a lot in the last few decades. We went from manually installing network devices and servers to automation with orchestrators and APIs. Instead of installing everything on bare metal, we use virtualization with hypervisors and containers.
We also have new applications such as big data and artificial intelligence (AI). Because of globalization, enterprises are on multiple continents.
Many workloads and applications have been moved to data centers. The cloud has accelerated this process because you can start any resource in a couple of seconds. Traditional data centers are no longer sufficient.
Today’s data centers have different challenges and requirements than in the past. This lesson provides an overview.
Requirements
Here is an overview of today’s data center requirements.
Add video(s) for data-center-challenges-requirements-pp-4k
Agility
Agility means how long it takes to fulfill an application request. This time should be reduced to a minimum in a modern data center. When someone wants to deploy an application, it shouldn’t take days for someone to allocate resources and deploy the application. Ideally, they should be able to deploy an application themselves in minutes. To accomplish this, we require automation. DevOps practices with CI/CD play an important role here.
Scalability
The global data center market is growing because of data-intensive applications such as big data and AI. Data centers can have thousands of tenants, so the underlying infrastructure should be able to scale. This applies to physical hardware such as network devices and servers. It should be easy to add additional capacity. Vendors offer prefabricated modules to accomplish this.
This also applies to the protocols in use. To give you one example: VXLAN has become popular in data centers because of the limitations of VLANs and spanning tree.
Elasticity
A modern data center should be able to increase capacity without interrupting existing workloads. Tenants should be able to scale their workloads horizontally or vertically.
Horizontal scaling (scaling out) means adding more servers, VMs, and containers to distribute the load. For example, a web application that experiences high traffic can scale horizontally by adding additional web servers to a load balancer. This process should happen without downtime.
Vertical scaling (scaling up) means we add more resources. For example, increasing the CPU, RAM, or storage of a VM. This should work without or minimum downtime.
Availability
Data centers operate 24/7/365, so high availability is important. We need redundant hardware, components, protocols with failover, etc. Disaster recovery is also important in case the primary data center fails. High-availability architectures such as multi-region deployments and active-active configurations are possible. Data Center Interconnect (DCI) provides this can take over seamlessly in case of failure.
Cost
Electriciy and cooling are a major cost in data centers. Nowadays, thanks to the cloud, it’s common to pay only for the resources used. You pay exactly for what you need. The virtual machine (VM) you run, its underlying storage, the data transfer costs, etc.
The total cost of ownership (TCO) consists of capital expenditure (CAPEX) and operating expenditure (OPEX). Reducing the OPEX is a top priority.
Environment
DCs contribute significantly to global greenhouse gas emissions. It’s estimated that data centers are responsible for 2.5 – 3.5% of global greenhouse gas emissions. That might not sound like a lot, but it’s more than the aviation industry, which accounts for about 2.5%.
Regulatory constraints and limited land availability are also challenges in some regions. For example, cooling systems require significant water resources. Google had plans for a data center in Chile that would require 169 liters of water per second. This is in area that already struggles with drought.
To minimize their environmental footprint, new data centers should focus on renewable energy sources, energy efficiency, and ESG (Environmental, Social, and Governance) practices.
Power
Data centers use about 1-1.5% of global electricity. Electricity is required to power equipment such as network devices and servers and for cooling.
Newer data centers have increased the temperature set points to reduce the amount of required cooling. For example, the Microsoft Dublin data center has a design that allows its servers to run temperatures up to 95 degrees Fahrenheit (35 degrees Celsius).
Raising the baseline temperature in a data center saves a lot of money because you require less cooling.
Open Standards
Many data centers try to avoid vendor lock-in regarding hardware and software. In networking, open network operating systems (NOS) are on the rise. An example of a NOS is SONiC. This open-source project was initiated by Microsoft and runs on different hardware. For example, you can run SONiC on certain Cisco routers and switches.
An example of a protocol is FabricPath, a proprietary Cisco technology. Data centers had to use Cisco hardware and software. It has mostly been replaced with VXLAN, which is an open standard.
Security
Security is important, not only from outside threats but also in cases of multi-tenancy where traffic between tenants has to be isolated. Here are some security items to think about:
- Physical Security:
- Access Control Systems: Biometric systems, key cards, and RFID badges to restrict physical access.
- Surveillance Systems: CCTV cameras and 24/7 monitoring to detect and deter unauthorized access.
- Secure Facility Design: Use of mantraps, security checkpoints, and secure perimeter fencing.
- Network Security:
- Firewalls and IDS/IPS: Implement firewalls and intrusion detection/prevention systems to monitor and protect network traffic.
- Encryption: Strong encryption protocols for data in transit and at rest to prevent data breaches.
- Virtual Private Networks (VPNs): Secure remote access for employees and clients through VPNs.
- Authentication and Access Control:
- Multi-Factor Authentication (MFA): Ensuring strong user authentication mechanisms.
- Role-Based Access Control (RBAC): Restricting access based on user roles and responsibilities.
- Data Integrity and Confidentiality:
- Data Encryption: Encrypting sensitive data to ensure confidentiality and integrity.
- Hashing: Using hashing techniques to verify data integrity.
- Threat Detection and Response:
- Real-Time Monitoring: Continuous monitoring of network traffic and system activities.
- Security Information and Event Management (SIEM): Implementing SIEM solutions for comprehensive threat detection and response.
- Application Security:
- Secure Development Practices: Ensuring secure coding practices to prevent vulnerabilities.
- Regular Security Testing: Conducting penetration testing and vulnerability assessments.
- Incident Response and Management:
- Incident Response Plan: Establishing and regularly updating an incident response plan.
- Security Operations Center (SOC): A dedicated team that monitors and responds to security incidents.
- Patch Management:
- Automated Patch Deployment: Regular and automated deployment of security patches to all systems.
- Patch Monitoring: Continuous monitoring for patch effectiveness and compliance.
- User Training and Awareness:
- Security Training Programs: Regular employee training on security best practices and awareness.
- Phishing Simulations: Conducting phishing simulations to educate and test employee readiness.
- Vendor and Third-Party Security:
- Vendor Assessments: Regular security assessments of third-party vendors.
- Third-Party Compliance: Ensuring third-party compliance with security standards and policies.
- Zero Trust Architecture:
- Zero Trust Principles: Implementing a zero-trust security model to continuously verify all users and devices.
- Micro-Segmentation: Isolating network segments to limit the spread of potential breaches.
- Security Policy and Governance:
- Comprehensive Security Policies: Developing and enforcing robust security policies and procedures.
- Regular Audits and Reviews: Conducting regular security audits and policy reviews.
Automation
As explained earlier, applications in data centers are expected to launch in seconds or minutes, not days or weeks. To accomplish this, we need automation instead of manually configuring devices individually. Automation also frees up human resources and reduces costs.
Nowadays, data centers extensively utilize automation technologies, including Software-Defined Networking (SDN) and orchestrators like Kubernetes for containerized application deployment and scaling.
Conclusion
Significant advancements in automation, virtualization, and global scalability have marked the evolution of data centers over the past few decades. Modern data centers are now equipped to handle complex applications such as big data and AI, driven by the need for agility, scalability, elasticity, and high availability.
Automation technologies, including SDN and orchestration tools, are essential in ensuring that resources can be deployed quickly and efficiently.
The shift towards cloud computing has accelerated the migration of workloads to data centers, rendering traditional data center models insufficient. Today’s data centers face new challenges, including environmental impact, energy consumption, and security threats, which require innovative solutions. Emphasis on renewable energy, energy efficiency, and open standards helps mitigate environmental concerns and vendor lock-in.
High availability and disaster recovery strategies, such as multi-region deployments and active-active configurations, are essential to maintaining uninterrupted service. Security measures, both physical and network-based, ensure the protection of sensitive data and the integrity of operations in multi-tenant environments.