Monday, 30 September 2019

Back to Basics - Open System Interconnect - FC Layers - Infrastructure Services BIND

Upper layers - Application, Presentation and Session - Performs all task of upper layer in the application or browser itself.
Application Layer - Top layer of the OSI has many protocols like http, ftp, telnet, smtp that are used by the application to communicate to lower layers of OSI.

Presentation Layer - Data received from the application layer is in ASCII format, that needs to be translated into EBCDIC.
·         ASCII -> EBCDIC
·         Compression
·         Encryption (SSL)

Session Layer - Connection establishment is done using APIs (NetBIOS). Performs Authentication, Authorization.  Session management by keeping track of order and type data received. It terminates connections when not required.

Low Layer - Transport, Network, Data, Physical
Transport Layer - It performs Segmentation, Flow control (Sender and Receiving devices communicate with each for agreed speed of data flow) and Error Control(checksum) of data. TCP is connection oriented for reliable communication and required to acknowledge.  UDP is connectionless and does not required to send acknowledgement because of this reason it is faster than reliable TCP protocol. Each segment of data has port number and order id to identify originating application and proper ordering of data segments.

Network Layer - Segments received from Transport layer are placed(encapsulated) in the packet with source and destination IP address.  Performs the routing.  It Also checks for suitable paths using RIP(Interior gateway protocol used in INTRADomain routing i.e. routing within single autonomous system, based on distance vector which chooses route with minimum number of hop count. Max hop count supported are 15. protocol UDP port 20) OSPF(Interior Gateway Protocol used in INTRADomain routing i.e. routing between single autonomous system(network controlled by single entity) based on the shortest path, IP protocol port 89, link state), BGP(Exterior Gateway Protocol used in INTERDomain routing i.e. routing between multiple autonomous systems based on best path selection TCP protocol port 179 path vector)

Data Layer - Packets received are appended with MAC address (12 hexadecimal character) of source and destinations.  Frames reached to device using destination MAC address. At destination, MAC address is removed and IP address in the packet used to reach to correct IP address.

Physical Layer - Transfers frames in binary and convert them to electric signal(copper), light(fiber) or waves(wireless) depending on the media used.

Receiving side performs all given operations in reverse and eventually application on local system communicates to application on remote system.

OSI model is theoretical in practical we TCP/IP Layer model is used. Good things is that it is similar to OSI model.  Upper three layer of OSI Application, Presentation and Session are merged to form single Application Layer. In TCP/IP layer model there are five layer Application, Transport(segments), Network(packets), Data(frames), and Physical.

Like OSI model Fibre Channel has similar layer structure.  It has 5 layers(starting from 0) in cotrast with the 7 layers of OSI.


FC-4: Defines application interfaces that can execute over Fibre Channel. It performs mapping of protocol like (SCSI-FCP), means it allows SCSI commands to use FC infrastructure using FCP.  Similarly we can have IP (FC-IP), FICON (FC-SB-2), FC-TAPE (FCP-2).  There is newer one FC-NVMe which allows NVMe to use FC and is generally call NVMe over FC (Maps SCSI to Fibre Channel using FCP)

FC-3: performs advanced features like striping(transfering 1 data units to multiple links), hunt group(mapping multiple ports to single node) 

FC-2: It divides data into frames. It perform flow control and checks how much data needs to be sent and classes of service (Frames payload 2112 byte,  Sequence is formed by a set of one or more related frames transmitted unidirectional from 1 N-Port to other,  Exchange is nonconcurrent sequence for a single operation)

FC-1: Performs encoding/decoding 8b/10b (1,2,4,8) 64b/66b(10,16,32)

FC-0: Defines physical link in the system cables, sfp

Socket type LGA (Land Grid Array), PGA (Pin Grid Array), BGA (Ball Grid Array) - The way a CPU interfaces with the socket on a motherboard.  LGA is used on Intel sockets with pins as part of the socket.  AMD's AM4 solution, PGA, has the pins are on the processor, and these fit into holes on the socket.  AMD's Threadripper CPU also use LGA sockets. A BGA socket is one in which the processor is permanently soldered to the motherboard, typically on a laptop.


MBR - EFI
MBR has a partition table that indicates where the partitions are located on the disk drive, and with this particular partition style, only volumes up to 2TB (2,048GB) are supported. An MBR drive can have up to four primary partitions or can have three primary partitions and one extended partition that can be divided into unlimited logical drives.
Windows Server 2012 R2 can only boot off an MBR disk unless it is based on the Extensible Firmware Interface (EFI); then it can boot from GPT. An Itanium server is an example of an EFI-based system. GPT is not constrained by the same limitations as MBR. In fact, a GPT disk drive can support volumes of up to 18EB (18,874,368 million terabytes) and 128 partitions. As a result, GPT is recommended for disks larger than 2TB or disks used on Itanium-based computers.

 

Basic - Dynamic

Windows Server 2012 R2 supports two types of disk configurations: basic and dynamic. Basic disks are divided into partitions and can be used with previous versions of Windows. Dynamic disks are divided into volumes and can be used with Windows 2000 Server and newer releases. When a disk is initialized, it is automatically created as a basic disk, but when a new fault-tolerant (RAID) volume set is created, the disks in the set are converted to dynamic disks. Fault-tolerance features and the ability to modify disks without having to reboot the server are what distinguish dynamic disks from basic disks.  A basic disk can simply be converted to a dynamic disk without loss of data. When a basic disk is converted, the partitions are automatically changed to the appropriate volumes. However, converting a dynamic disk back to a basic disk is not as simple. First, all the data on the dynamic disk must be backed up or moved. Then, all the volumes on the dynamic disk have to be deleted. The dynamic disk can then be converted to a basic disk. Partitions and logical drives can be created, and the data can be restored.

WDS - Windows Deployment Service
WSUS - Windows Server Update Service
IANA - Internet Assigned Number Authority (Governing Body maintaining IP Address)
ICANN - Internet Corporation for Assigned Named and numbers (Governing Body maintaining DNS service). This assigns the control of TLD to one or more organization. In turn, organization delegates portion of  DNS namespace to other organization.  for example example.com. Registrar has delegated the control over example.com node in the dns tree while controlling TLD of .com.  Within the portion of example.com dns host and records can be created. example.com can be further divided into ksa.example.com india.example.com called subdomain each domain and subdomain are associated with DNS nameserver. It means every node in the dns can have 1 or more server to give authoritative answer to queries about that domain. At the root of domain namespace are root servers.

Given are 3 excerpts from MCSA Windows 2012R2 Sybex Study Guide showing name resolution and reverse resolution


From MCSA Certificate Exam sybex publication





  1. DNS sends recursive query to look for india.example.com to local DNS server and in case it find no zone corresponding
  2. Forwards the request to root servers. Root name server has authority for root domain. In turn root server provides the IP address of name server  for .com top level domain.
  3.  Local server send the request  of www.india.example.com to received IP
  4. name server for www.example.com send IP address of nameserver authoritative for www.example.com
  5. Local DNS server send the resolutions request to server authoritative for www.india.example.com which  In turns provide IP address of server authoritative for www.india.example.com
  6. Local DNS provides the IP to client

DNS zone is a portion of DNS namespace over which specific DNS server has authority. Within zones there are Resource Record that define hosts and other type of information that make up database for the zone.

Bye...

Monday, 23 September 2019

Miscellaneous - My reference  blogs coming later...


- 1vpc(virtual private cloud) has  1vgw(virtual gateway). 1 vpn has 1 cgw(customer gateway - logical aws entity associated with customer premises equipment router)
- 1 vgw  and 1 cgw can have n vpn
- well architect framework - Performance efficiency(scaling resources when there is more demand and scaling down when demand is less automatically), Reliability(multi az),Operational Excellence(system manager single place to maintain entire infrastructure, cloudwatch for performance monitoring),Cost Optimization(pay as you use model, big discounts for reserved instances, serverless application model help developer to run code without provisioning any instance thus saving cost and time),Security(comply with pci dss, hippa, iso27001. Inspector for performing security checks for CVE, Cloudtrail and config(non-repudiation, masie based on AI able to find Personal Identity information PII in S3)
- Authorization(IAM),  Authentication(IAM), Accounting(Trusted Advisor)
- Confidentiality(IAM, encryption KMS/ cloudHSM), Integrity, Availability(AZ)
- RDS Commercial Oracle and SQl Server, open source MariaDB, MySQL, PostgreSQL, AWS Native Aurora DB based on MySQL and PostgresSQL.
- RAM Resource Access Manager sharing of resources by using sharable subnet.  No need of vpc peering.
- Cloud development kit from aws provides framework for developer to perform resource provisioning using programing languages supported by CDK java, nodejs ruby etc. yaml - cloudformation 
 

Thursday, 19 September 2019

Miscellaneous - My reference 

NTNX ABS(pro), AFS(ultimate)
- Time streamer - Snapshot - local replication.
- Async replication uses proprietary technology that replicates between nutanix cluster. Replication snapshot.
- Stretch cluster with sync replication. With AOS 5.1 witness node performs automatic failover.
- NGT Nutanix Guest tools can be installed on VM to perform additional functionalities. Similar to VMware Tools.
- Nutanix Cloud connect feature enables you to configure AWS and remote site for virtual machine backup. AWS EC2 instance m1.xlarge and 30TB of S3 bucket.
- Protection strategy 1-1 1-many many-1 many-many
- Prism built-in to every acropolis localized 1to1. Prism central(license required) is vm that can manage multiple clusters (standard edition). Prism central pro - adds operational insight, capacity planning, and performance monitoring.
-nCLI configure nutanix cluster(login in system where ncli is installed or cvm) aCLI manage the Acropolis portion of the nutanix environment( login in cvm)host, network, snapshot and vm.
- cvm 2 network (private 192.168.5.2) and other is connect to host management public ip
Pulse -> Nutanix cloud base analytic engine  similar to(callhome/ESRS -> CloudIQ) 
-stargate entry gate for nfs/smb/iscsi
- casandra - metadata about the the data RF2 - 3nodes RF3 5 nodes

- prism management gui
- zeus zookeeper db is configuration db RF2 - 3nodes RF3 5 nodes
- Curator decision maker algorithm map reduce
- Acropolis starter, pro, ultimate. In case multiple license are applied features defaults to features of lowest license.
- Reclaim license before destroying cluster for reus
  • Nutanix - STIG (security technical implementation guide) standards required for DoD to provide certificates.


Tuesday, 17 September 2019

Miscellaneous - My reference 

- Transient sudden rise in voltage for a short period of time of 5 nanoseconds to 50 nanoseconds. ESD and lightning  ESD are example. ESD can have 8000Volts for a billionth of a second. This time is enough to damage electronic item. solution is Transient voltage surge suppressor and ground the extra voltage.
- Spike-Surge-Swell(high voltage) / Sag(low voltage) in voltage for short period less than minute can be conditioned by UPS. State of the art ups have power factor of 1 i.e. va=w.  ups that I may buy for pc may have power factor of 60% i.e. 100va will give 60watts.
- Over voltage or under voltage is high or low voltage for longer than 1 minutes. damages electrical equipment. I will not use my water pump during over or under voltage as it is directly connected without any stabilizer. My ac is getting power through stabilizer it should handle over and under voltage condition. for DC you need to have power conditioner and UPS. same is require for voltage fluctuation.
- IN dc standby power need is fulfilled by DG or by battery
- DG component starter starts the DG, alternator converts mechanical energy to AC, voltage regulator controls the voltage produced by alternator, governor determines the quality of AC output. Once the AC is stabilized it power feeding will start from DG. When two or more generators are paralleled for more output or redundancy they must be governed at the same speed. If two DG are out of sync one of them will carry larger fraction of load which needs correction that is done by governor.
- 42U 19" standard rack 1U=1.75inch ADU - Air Distribution Unit
ARU - Air removing unit,
- Never mix hot and cold aisle
- Use of blanking panel for open space in rack improves air flow
- Use thermostat normally you don't always need 22 degree Celsius 24 degree Celsius is okay in many cases
- Environment cooling can be used to reduce overall cost
- proper cabling, avoid spaghetti of cables  

Monday, 16 September 2019

Miscellaneous - My reference 

- 99.999 uptime may not give right picture. for example DC1 and DC2 down for 5 minutes. 
DC1 down once for 5 minute
DC2 down 10 times each with downtime of 30 second each. Total downtime is 5 minute here
Time to recover should be considered as well
- Total flooding fire extinguishing system - halon(ozon depeleter) not used, flourine based compounds and compound with inert gases.
water sprinklers get activated at 75 degree centigrade
- tmp 22-24 celcius with max approved by ashare 27.22 celcius. important frequent temperature variance can alter characteristics of chip. That is one among many reason why servers are not powered off even when it is not required for processing.
- Humidity 40-60% low humidity will increase the chances of static charges high humidity can cause droplets and corrosion.
-CRAC unit should not work in competition. one is cooling-dehumidifying and other heating-humidfying. use of dcim/bms can be used to check this condition.
CRAC units should be tested to ensure that measured temperatures(supply and return) and humidity readings are consistent with design values. Set points for temperature and humidity shuld be consistent on all CRAC units in the data center. Unequal set points will lead to demand fighting and fluctuations in the room.

CRAC computer room air condition self contained precision cooling.Good for small data center.
CRAH computer room air handlers work with big chillers. good for bigger dc and also cost less than CRAC for moderate or bigger dc(>500KW) 
spot cooler / floor mounted coolers 1KW to 5 KW
large floor mounted cooler - 20kw to 200kw
CRAC - 100KW to 400KW
CRAH - 500KW+
Air cooled DX system requires roof(3m)
Air cooled self contained system require duct
Glycol cooled system requires roof (3m)
Water cooled system requires roof(3m)
chilled water system requires roof (3m)
 
Increase in temperature requires more humidity to maintain relative humidity. Rise in temperature cause more vapors that can be trapped then it actually has hence vapors concentration decreases you need to use humidifier to maintain vapor concentration.
With cooling opposite is the case as temperature decrease ability to hold humidity decreases so density of vapors increases so you need to dehumidify to maintain relative humidity.


Sunday, 15 September 2019

Miscellaneous - My reference
  •  Deduplication Compression Erasure Coding
    • Deduplication - fingerprints using sha-1
    • Compression - lz4(inline) lz4ha(postprocess)
    • EC - generally post process. Logic built inside the system initiates migration from RF2/RF3 to EC.
      • For frequently access data avoid deduplication and compression as both of them are resource intensive
      • VDI workload and backup good for dedupliaction
      • regular files good for compression
      • CAD files bad for compression
      •  High IO requirement do not use EC.
    • For EC minimum 4 nodes. vSAN implemented only in All-Flash  Nutanix is implemented with hybrid as well.  Same is true with compression and deduplication.
    • For large block say 16KB(Nutanix) it is less resource intensive to perform deduplication than 4KB (like solidfire and NetApp)
  • RF2-FTT1 2 copies of data is maintained  and 3 copies of metadata and configuration is maintained. Can withstand 1 disk or node failure.
  • RF3-FTT3 3 copies of data is maintained and 5 copies of metadata and configuration is mainatained. Can withstand 2 disk or 2 node failure. (For nutanix with RF3 storage container can be Replication factor of 2 or Replication factor of 3. No RF changes to EC enabled storage container)
  • FTT 1 Raid 1 - minimum 3 nodes
  • EC Raid 5 - minimum 4 nodes 
  • ESXi and NTNX boot partition remain unencrypted. SEDs support encrypting individual disk partitions selectively using the “BAND” feature (a range of blocks).