I hate the term 'Cloud' as it refers broadly to an approach that has been around for a long time, so it really is a buzzword and nothing more, but I'll concede that it is simpler to just use the term in the interest of brevity...
In considering replacement network hardware for our cheapish-and-cheerfulish Netgear kit we're faced with a few core options. HP, Dell, Cisco Meraki are in the mix, as are some other less well known players, but for a single IT staff resourced company Meraki is so tempting as to be worth taking the risks associated with a cloud managed system. I have a Meraki AP and an 8 port Meraki switch that I got for free by attending some webinars (cunning strategy, IMO) and they really are so very easy to provision and manage and look good too (not that it matters when they will be mostly hidden away).
There are lots of nay-sayers around using Cloud for one thing or another, and the privacy and security oriented part of me (with it's roots in my early days as a *nix sysadmin) agrees with them all. However, we have taken the plunge for many management and commercial reasons, not least of which being the trend in our industry and our lean approach to IT staffing. So the fact that Meraki is cloud managed is OK with me, in this context. Horror stories about delayed renewals taking networks down merely re-enforce the need to manage one's contracts properly (and are increasingly older stories, so I suspect it is more well managed in general now).
Having said that, we are not a huge operation IT-wise, and our environment on-premise is mostly virtual. This puts us in the VMWare Essentials Plus license band, which suits us almost perfectly, being affordable (though not cheap) and allowing us a HA cluster at our larger site and a single server at the smaller site (so resilience between sites at the application level and at one site at the infrastructure level).
I have always used LAGs to mitigate against bandwidth problems for the VMWare physical connections, though of course the ability for a LAG to mitigate the problem is a lot more limited than people often think. The added resilience is handy too. On our NetGear switches we just set up a LAG and ignore LACP and it just works. On the Meraki switch we are told (by Meraki) that this will not work - their documented method is to enable LACP and use a VMWare distributed switch, which we can't do as the Essentials Plus license doesn't include that feature. Upgrading to a full vSphere license is pretty costly (looks like somewhere around the £5-6K mark, with an associated annual maintenance increase - a lot for one tiny feature IMO).
Meraki theorise that doing the same as we do now, but turning RSTP off on the LAG will work. They warn about the chance of loops, but from my understanding of vSwitches spanning tree is not necessary as the vSwitch prevents loops itself.
Of course, I can't commit to the new hardware without being sure that this will work, so it's time to vmotion all the guests onto one of the two cluster nodes and move the freed up host to my 8 port meraki switch for some testing (I could dredge up enough hardware to build a test system, just about, but I would feel better using my live host and it would be a lot quicker - 1 man IT dept, remember...)
Mind you, I do have an apprentice starting soon, so if I don't get to this before then they could learn a lot by building out a VMWare host.... Hmm.
Whichever I decide I'll post the results of the test here as I cannot find any posts on the Internet saying whether this works (which makes me wonder if many people use Essentials Plus)
UPDATE: I did the testing with the production ESXi host and couldn't persuade the Meraki and the server to work reliably with an aggregated link - ports would shutdown (presumably because the Meraki was trying to use LACP and VMware wasn't) and some VLANs worked but others didn't. What did work was to use "Route based on the originating virtual port" - sadly the Essentials license doesn't include the variant of this that takes load into account, so there's no clever load balancing, but there is some arbitrary spread and at least the links are redundant. The nice thing about this is it requires no configuration on the switch other than making the ports into trunks.
Friday, 25 September 2015
Friday, 18 September 2015
Domino 9.0.1FP4 vs Backups Exec 2014, round 2
After resisting for a long time I gave up and removed Backup Exec from our production Domino server and set up a separate server just for backups. I didn't want to purchase another Windows license, and whilst I love linux I didn't want to wrestle with IBM's Linux requirements and their Domino install process (none of which is that bad, but there's only one of me here).
So I popped some extra disk space into my network monitor machine, which is recently new and has lots of spare resources and stuck Domino 9.0 on there, which is fully supported by BE.
So I popped some extra disk space into my network monitor machine, which is recently new and has lots of spare resources and stuck Domino 9.0 on there, which is fully supported by BE.
- I now have a pull-only Domino server, with a 30 min schedule. This gives me a 30 minute 'quick recovery' window is someone screws up (well, kinda)
- The production Domino server no longer gets constant errors reported in the DDM - looks like all the fixups and compact clashes were down to BE
- No more disk errors, no more database corruption
- Backups no longer get exceptions and run a bit faster too
So I wish I had done this earlier.
The network monitor is another post waiting to be written. PRTG is a lovely NMS...
Wednesday, 2 September 2015
HP Intelligent Provisioning nightmares
Much like https://supertekboy.com/2013/06/03/hp-intelligent-provisoning-firmware-update-failed/#.VebpBPZVjX8 I am once again unable to get the HP Intelligent Provisioning to apply updates to a brand new HP sever (just a little DL60 this time).
It escapes me just how HP can ship hardware with this kind of problem. I just want my SmartUpdate DVD back, at least it worked!
Tried static IP addresses, DHCP, separate network interface, different port on the back, nothing works.
Sigh.
[UPDATE: giving up and downloading the HP SP DVD]
[UPDATE: amusingly whilst trying to login to the HP Support site, which doesn't seem to want to work, the server started updating. I had to use the 2nd NIC and specifically go into the provisioning set up to change to that NIC even though it was already selected]
It escapes me just how HP can ship hardware with this kind of problem. I just want my SmartUpdate DVD back, at least it worked!
Tried static IP addresses, DHCP, separate network interface, different port on the back, nothing works.
Sigh.
[UPDATE: giving up and downloading the HP SP DVD]
[UPDATE: amusingly whilst trying to login to the HP Support site, which doesn't seem to want to work, the server started updating. I had to use the 2nd NIC and specifically go into the provisioning set up to change to that NIC even though it was already selected]
Subscribe to:
Comments (Atom)