The Edge in Sight?

In networking, as in life, we often use the same terms to mean many different things. One of the biggest culprits of this in networking is “edge.” An edge device is usually considered to be a device that connects into a network in only one place. Traffic can flow from an edge device, or it can flow to an edge device, but it can never, ever flow through an edge device. I say never—that’s not entirely true, but I’ll get back to that later. In a campus network, the edge devices are things like users’ computers, laptops, and printers; mobile phones; and tablets.

In data centers, the end devices are servers or, more than likely in the SDDC, virtual machines, or possibly containers. The exception to the rule about traffic not flowing through an edge device is the “edge router,” which more often than not takes the form of a firewall: a perimeter firewall. If we consider north/south versus east/west traffic flows, north/south traffic flows move between the edge and the core, and east/west circumnavigates the network, to take the globe analogy a step further. This distinction becomes important as we look at the direction that networking has taken, and the direction I believe it will continue to take.

To continue reading

Software-Defined… Backup?

There are three pillars to the software-defined data centre (SDDC): software-defined compute, software-defined storage, and software-defined networking. Without any one of these three, the whole edifice of the data centre falls down. We build all three to be resilient, “designed for failure,” and robust. Each can be built and rebuilt from scripts that are stored in distributed version control systems. But at the bottom of every application stack in our SDDC, there is a database or file store that cannot—by definition—be re-created from scripts. This is the core data that we mine and make profit from. What happens if (or when) the edifice collapses? How is that core data protected, and is traditional backup up to the task?

There are few fundamental rules to backup, but the one everyone has agreed on for the last thirty years is the “rule of threes.” Three copies of the data: online, offline, and offsite. Without the first, we have no working system. Without the second, errors can creep into our copies, rendering them useless. As nice as instant snapshots are, corruption of uncopied blocks renders all snapshots based off that block useless. Modern Trojans use encryption to keep our data from us in an attempt at blackmail. Finally, offsite protects us from the catastrophic physical failures: fire, theft, and flood.

to continue reading