Izvi ndizvo zvinotaridzika senzvimbo yekutarisa yeNORD-2 data center iri muMoscow
Iwe wakaverenga kanopfuura kamwechete nezve matanho anotorwa kuti ave nechokwadi chekuchengetedza ruzivo (IS). Chero anozviremekedza eIT nyanzvi anogona kudoma zviri nyore 5-10 ruzivo rwekuchengetedza ruzivo. Cloud4Y inopa kutaura nezve chengetedzo yeruzivo rwenzvimbo dzedata.
Paunenge uine ruzivo rwekuchengetedza data data, zvakanyanya "dzivirirwa" zvinhu ndezvi:
- ruzivo zviwanikwa (data);
- maitiro ekuunganidza, kugadzirisa, kuchengetedza uye kutumira ruzivo;
- vashandisi vehurongwa uye vashandi vekuchengetedza;
- zvivakwa zveruzivo, zvinosanganisira Hardware nesoftware maturusi ekugadzirisa, kufambisa uye kuratidza ruzivo, kusanganisira nzira dzekuchinjana ruzivo, masisitimu ekuchengetedza ruzivo uye zvivakwa.
Iyo data data nzvimbo yebasa inoenderana nemuenzaniso wemasevhisi anopihwa (IaaS/PaaS/SaaS). Zvinotaridzika sei, ona mufananidzo uri pazasi:
Chiyero cheiyo data centre yekuchengetedza mutemo zvinoenderana nemhando yemasevhisi anopihwa
Chinhu chinonyanya kukosha chekugadzira mutemo wekuchengetedza ruzivo kuvaka muenzaniso wekutyisidzira uye vanotyora. Chii chingave chinotyisa kune data data?
- Zviitiko zvakashata zvechisikigo, zvakaitwa nevanhu uye zvemagariro evanhu
- Magandanga, matsotsi, nezvimwe.
- Kutsamira kune vatengesi, vanopa, vanobatana, vatengi
- Kukundikana, kukundikana, kuparadza, kukuvadza kune software uye hardware
- Vashandi venzvimbo yedata vari kuita kutyisidzira kwekuchengetedza ruzivo vachishandisa kodzero dzakapihwa zviri pamutemo nemasimba (vanotyora kuchengetedzwa kweruzivo rwemukati)
- Vashandi venzvimbo yedata vanoshandisa kutyisidzira kwekuchengetedza ruzivo kunze kwekodzero dzakapihwa zviri pamutemo nemasimba, pamwe nemasangano asina hukama nevashandi vepa data, asi vachiedza kuwana kusingatenderwe uye zviito zvisina mvumo (vanotyora ruzivo rwekunze vanotyora)
- Kusatevedzera zvinodiwa nevakuru vevatariri uye vanodzora, mutemo wezvino
Ongororo yenjodzi - kuona zvinogona kutyisidzira uye kuongorora huwandu hwemhedzisiro yekuitwa kwavo - kuchabatsira kusarudza nemazvo mabasa akakosha ayo nyanzvi dzekuchengetedza ruzivo rwe data centre dzinofanirwa kugadzirisa, uye kuronga mabhajeti ekutenga hardware nesoftware.
Kuve nechokwadi chekuchengetedza inzira inoenderera inosanganisira matanho ekuronga, kuita uye kushanda, kutarisa, kuongorora uye kuvandudzwa kweruzivo rwekuchengetedza ruzivo. Kugadzira ruzivo rwekuchengetedza manejimendi masisitimu, anonzi "".
Chikamu chakakosha chemitemo yekuchengetedza ndeyekugoverwa kwemabasa uye mabasa evashandi pakuita kwavo. Mitemo inofanirwa kugara ichiongororwa kuratidza shanduko mumutemo, kutyisidzira kutsva, uye kudzivirirwa kuri kubuda. Uye, hongu, kutaurirana ruzivo rwekuchengetedza zvinodiwa kune vashandi uye kupa dzidziso.
Matanho esangano
Dzimwe nyanzvi hadzina chokwadi nezve "pepa" chengetedzo, ichifunga chinhu chikuru seunyanzvi hunoshanda kuramba kuedza kubira. Chiitiko chechokwadi mukuchengetedza ruzivo rwekuchengetedza mumabhangi chinoratidza zvinopesana. Nyanzvi dzekuchengetedza ruzivo dzinogona kunge dziine hunyanzvi hwekuziva uye kudzikisira njodzi, asi kana vashandi vepa data vakasatevedzera mirairo yavo, zvese zvichave pasina.
Chengetedzo, sekutonga, haiunzi mari, asi inongoderedza njodzi. Nokudaro, inowanzobatwa sechinhu chinoshungurudza uye chechipiri. Uye apo nyanzvi dzezvokuchengetedza dzinotanga kushatirwa (nekodzero dzose dzokuita kudaro), kukakavadzana kunowanzomuka nevashandi nevakuru vemadhipatimendi anoshanda.
Kuvapo kwezviyero zveindasitiri uye zvinodiwa zvekutonga kunobatsira vashandi vezvekuchengetedza kuchengetedza zvinzvimbo zvavo munhaurirano nevatungamiriri, uye yakabvumidzwa chengetedzo yeruzivo marongero, mirau nemirau inobvumira vashandi kuti vatevedzere zvinodiwa zvakataurwa ipapo, zvichipa hwaro hwesarudzo dzisingawanzo kufarirwa.
Dziviriro yenzvimbo
Kana nzvimbo yedata ichipa masevhisi uchishandisa iyo colocation modhi, kuve nechokwadi chekuchengetedza kwemuviri uye kutonga kwekuwana kumidziyo yemutengi kunouya pamberi. Nechinangwa ichi, zvivharo (zvikamu zvakakomberedzwa zvehoro) zvinoshandiswa, zviri pasi pekutariswa kwevhidhiyo yemutengi uye uko kuwana kwevashandi ve data data kunogumira.
Munzvimbo dzemakombuta dzehurumende dzine kuchengeteka kwemuviri, zvinhu zvakanga zvisina kuipa pakupera kwezana remakore rapfuura. Paive nekutonga kwekupinda, kutonga kwekupinda munzvimbo, kunyangwe pasina makomputa uye makamera evhidhiyo, sisitimu yekudzima moto - kana pakaitika moto, freon yaingoburitswa mukamuri yemuchina.
Mazuva ano, kuchengeteka kwemuviri kunovimbiswa kunyange zviri nani. Access control uye manejimendi masisitimu (ACS) yave nehungwaru, uye nzira dzebiometric dzekurambidza kupinda dziri kuunzwa.
Masisitimu ekudzimisa moto ave akachengeteka kune vashandi uye zvishandiso, pakati pazvo zvigadziriso zvekudzivirira, kuzviparadzanisa nevamwe, kutonhora uye hypoxic mhedzisiro panzvimbo yemoto. Pamwe chete nemasisitimu anosungirwa ekudzivirira moto, nzvimbo dzedhata dzinowanzoshandisa aspiration-mhando yekutanga yekuona moto system.
Kuchengetedza nzvimbo dze data kubva kune zvekutyisidzira kwekunze - moto, kuputika, kuparara kwezvivakwa zvekuvaka, mafashamo, magasi anoparadza - makamuri ekuchengetedza uye ma safes akatanga kushandiswa, umo sevha midziyo inodzivirirwa kubva kunenge zvese zvekunze zvinokuvadza.
The weak link ndiye munhu
"Smart" vhidhiyo yekutarisa masisitimu, volumetric tracking sensors (acoustic, infrared, ultrasonic, microwave), mafambisirwo ekudzora masisitimu akadzikisa njodzi, asi haana kugadzirisa matambudziko ese. Nzira idzi hadzizobatsiri, semuenzaniso, apo vanhu vakanyatsopinzwa munzvimbo yedata nemidziyo chaiyo "vakakochekerwa" pane chimwe chinhu. Uye, sezvinowanzoitika, snag netsaona ichaunza matambudziko makuru.
Basa re data data rinogona kukanganiswa nekushandiswa zvisina kunaka kwezviwanikwa zvayo nevashandi, semuenzaniso, kuchera zvisiri pamutemo. Data centre infrastructure management (DCIM) masisitimu anogona kubatsira mune idzi kesi.
Vashandi vanodawo dziviriro, sezvo vanhu vachiwanzonzi ndivo vanonyanya kudzivirirwa muhurongwa hwekudzivirira. Kurwiswa kwakanangwa nematsotsi enyanzvi kazhinji kazhinji kunotanga nekushandiswa kwemagariro einjiniya nzira. Kazhinji masisitimu akachengetedzwa zvakanyanya anoparara kana kukanganiswa mushure mekunge mumwe munhu adzvanya/kudhawunirodha/kuita chimwe chinhu. Njodzi dzakadai dzinogona kuderedzwa nevashandi vekudzidzisa uye nekushandisa maitiro epasi rose mumunda wekuchengetedza ruzivo.
Kudzivirirwa kweinjiniya zvivakwa
Kutyisidzira kwechinyakare kukushanda kwenzvimbo yedata ndiko kutadza kwemagetsi uye kutadza kwemaitiro ekutonhodza. Takatojaira kutyisidzira kwakadaro uye takadzidza kubata nazvo.
Chimiro chitsva chave kuunzwa kwakapararira kwemidziyo ye "smart" yakabatana kunetiweki: inodzorwa UPSs, hungwaru kutonhora uye kufefetera masisitimu, akasiyana ma controller uye masensa akabatana nekutarisa masisitimu. Paunenge uchivaka data center yekutyisidzira modhi, haufanirwe kukanganwa nezve mukana wekurwiswa kweiyo network network (uye, pamwe, pane yakabatana IT network yedata data). Kuomesa mamiriro ezvinhu inyaya yekuti zvimwe zvemidziyo (semuenzaniso, chiller) inogona kutamiswa kunze kwenzvimbo yedata, toti, padenga reimba yekurenda.
Kudzivirirwa kwenzira dzekukurukurirana
Kana iyo data data ichipa masevhisi kwete chete maererano neiyo colocation modhi, saka ichafanirwa kubata nekudzivirira kwegore. Sekureva kweCheck Point, gore rapfuura chete, makumi mashanu neshanu muzana emasangano pasi rese akarwiswa pazvimiro zvavo zvemakore. DDoS inorwisa inomisa mabhizinesi, mavhairasi ekuvharidzira anoda rudzikinuro, kurwiswa kwakanangana nemabhangi masisitimu kunotungamira mukubiwa kwemari kubva kumaakaundi emunyori.
Kutyisidzira kwekupindira kwekunze zvakare kunetseka data centre ruzivo rwekuchengetedza nyanzvi. Iyo inonyanya kukosha kune nzvimbo dzedata kurwiswa kwakanangana nekukanganisa kupihwa kwesevhisi, pamwe nekutyisidzirwa kwekubira, kuba kana kugadziridzwa kwedata riri muiyo chaiyo zvivakwa kana kuchengetedza masisitimu.
Kuchengetedza nzvimbo yekunze yenzvimbo yedata, masisitimu echizvino-zvino anoshandiswa nemabasa ekuona uye kusarerekera kodhi yakaipa, kutonga kwekushandisa uye kugona kupinza Threat Intelligence proactive kuchengetedza tekinoroji. Mune zvimwe zviitiko, masisitimu ane IPS (intrusion prevention) mashandiro anoiswa nekugadziriswa otomatiki kweiyo siginecha yakaiswa kumiganhu yenzvimbo yakachengetedzwa.
Kuchengetedza kubva kuDDoS kurwiswa, makambani eRussia, sekutonga, anoshandisa ekunze ehunyanzvi masevhisi anotsausa traffic kune mamwe ma node uye anosefa mugore. Kudzivirirwa kudivi revashandisi kunoshanda zvakanyanya kupfuura kudivi revatengi, uye nzvimbo dzedata dzinoita sevamiriri vekutengesa masevhisi.
Kurwiswa kwemukati meDDoS kunogonekawo munzvimbo dzedata: munhu anorwisa anopinda mumaseva asina simba akadzivirirwa ekambani imwe inobata michina yayo ichishandisa colocation modhi, uye kubva ipapo inoita kuramba kwekurwiswa kwesevhisi kune vamwe vatengi veiyi data data kuburikidza netiweki yemukati. .
Tarisa pane virtual environments
Izvo zvinodikanwa kuti titarise zvakananga zvechinhu chakadzivirirwa - kushandiswa kwezvishandiso zvekushandisa, masimba ekuchinja muIT zvivakwa, kubatana kwesevhisi, apo kurwisa kwakabudirira kune mumwe mutengi kunogona kutyisidzira kuchengetedzwa kwevavakidzani. Semuenzaniso, nekubira iyo yekumberi docker uchishanda muKubernetes-based PaaS, anorwisa anogona kubva awana ruzivo rwese password uye kunyange kuwana kune orchestration system.
Zvigadzirwa zvakapihwa pasi peiyo sevhisi modhi zvine yakakwira degree re automation. Kuti usakanganise bhizinesi, matanho ekuchengetedza ruzivo anofanirwa kuiswa kune isingasviki dhigirii re otomatiki uye yakatwasuka scaling. Kuyera kunofanirwa kuve nechokwadi pamatanho ese ekuchengetedza ruzivo, kusanganisira otomatiki yekutonga kwekuwana uye kutenderera kwemakiyi ekuwana. Basa rakakosha kuyera kwemamodule anoshanda anoongorora network traffic.
Semuyenzaniso, kusefa network traffic pakushandisa, network uye masesheni mazinga munzvimbo dzakanyanya virtualized data dzinofanirwa kuitwa pamwero we hypervisor network modules (semuenzaniso, VMware's Distributed Firewall) kana nekugadzira sevhisi cheni (chaiyo firewall kubva Palo Alto Networks) .
Kana paine kushaya simba pamwero we virtualization yezviwanikwa zvekombuta, kuedza kugadzira yakazara ruzivo rwekuchengetedza sisitimu padanho repuratifomu kuchave kusashanda.
Mazinga ekuchengetedza ruzivo mu data center
Iyo yakajairika nzira yekudzivirira ndeye kushandiswa kweakasanganiswa, akawanda-level ekuchengetedza ruzivo masisitimu, anosanganisira macro-segmentation pafirewall level (kugoverwa kwezvikamu zveakasiyana anoshanda nzvimbo dzebhizinesi), micro-segmentation yakavakirwa pane chaiwo firewalls kana tagging traffic yemapoka. (mushandisi mabasa kana masevhisi) anotsanangurwa nemaitiro ekuwana.
Chinhanho chinotevera ndechekuona zvinokanganisa mukati uye pakati pezvikamu. Traffic dynamics inoongororwa, izvo zvinogona kuratidza kuvepo kwezviitwa zvakashata, senge network scanning, kuedza kurwiswa neDDoS, kudhawunirodha data, semuenzaniso, nekuchekeresa mafaera edatabase uye kuaburitsa muzvikamu zvinoonekwa nguva nenguva panguva refu. Huwandu hukuru hwetraffic hunopfuura nepanzvimbo yedata, saka kuti uone kusanzwisisika, unofanirwa kushandisa epamberi yekutsvaga algorithms, uye pasina ongororo yepakiti. Izvo zvakakosha kuti kwete chete zviratidzo zvehutsinye uye zvinosemesa chiitiko zvinozivikanwa, asiwo mashandiro emalware kunyangwe mune encrypted traffic pasina kuibvisa, sezvakarongwa muCisco mhinduro (Stealthwatch).
Muganhu wekupedzisira kuchengetedzwa kwemidziyo yekupedzisira yetiweki yenzvimbo: maseva uye chaiwo michina, semuenzaniso, nerubatsiro rwevamiririri vakaiswa pamagumo emidziyo (virtual michina), inoongorora I / O mashandiro, kudzima, makopi uye network zviitiko, kutumira data kune , uko masvomhu anoda simba guru rekombuta anoitwa. Ikoko, kuongororwa kunoitwa uchishandisa Big Data algorithms, muchina logic miti inovakwa uye anomalies anoonekwa. Algorithms ndeyekuzvidzidzira zvichienderana nehuwandu hukuru hwe data inopihwa netiweki yepasi rose yemasensa.
Iwe unogona kuita pasina kuisa vamiririri. Maturusi emazuva ano ekuchengetedza ruzivo anofanirwa kunge asina mumiriri uye akabatanidzwa mumasystem anoshanda padanho re hypervisor.
Matanho akanyorwa anoderedza zvakanyanya njodzi dzekuchengetedza ruzivo, asi izvi zvingave zvisina kukwana kune data nzvimbo dzinopa otomatiki epamusoro-ngozi yekugadzira maitiro, semuenzaniso, zvidyarwa zvemagetsi enyukireya.
Regulatory zvinodiwa
Zvichienderana neruzivo rwuri kugadziridzwa, zvemuviri uye virtualized data center zvivakwa zvinofanirwa kusangana zvakasiyana chengetedzo zvinodiwa zvinoiswa mumitemo uye indasitiri zviyero.
Mitemo yakadaro inosanganisira mutemo "Pamunhu Data" (152-FZ) uye mutemo "Pakuchengetedzeka kweKII Facilities yeRussian Federation" (187-FZ), iyo yakatanga kushanda gore rino - hofisi yemuchuchisi yatove kufarira. mukufambira mberi kwekushandiswa kwayo. Kukakavadzana pamusoro pekuti nzvimbo dzedata ndedzezvidzidzo zveCII dzichiri kuenderera mberi, asi kazhinji, nzvimbo dzedata dzinoda kupa masevhisi kune zvidzidzo zveCII dzinofanira kutevedzera zvinodiwa nemutemo mutsva.
Izvo hazvizove nyore kune data centers inobata hurumende ruzivo masisitimu. Maererano neChirevo cheHurumende yeRussian Federation yaMay 11.05.2017, 555 Nha. Uye nzvimbo yedata inoda kugamuchira GIS inofanira kutanga yasangana nezvinodiwa zvekutonga.
Kwemakore makumi matatu apfuura, data centre yekuchengetedza masisitimu yakauya kure: kubva kune nyore kudzivirira kwemuviri masisitimu uye matanho ehurongwa, ayo, zvisinei, haana kurasikirwa nekukosha kwawo, kune yakaoma akangwara masisitimu, ayo anowedzera kushandisa zvinhu zvehungwaru hwekugadzira. Asi kukosha kwemaitiro hakuna kuchinja. Iwo matekinoroji emazuva ano haakuponese pasina matanho ehurongwa uye kudzidziswa kwevashandi, uye mapepa haakuponese iwe pasina software uye tekinoroji mhinduro. Chengetedzo yenzvimbo yedata haigone kuvimbiswa kamwe chete uye zvachose; inguva yemazuva ese kuedza kuona kutyisidzira kwekutanga uye kugadzirisa zvizere matambudziko ari kubuda.
Ndezvipi zvimwe zvaungaverenga pane blog?
β
β
β
β
β
Nyorera kune yedu -chiteshi, kuti usapotsa chinyorwa chinotevera! Isu tinonyora kwete kanopfuura kaviri pavhiki uye chete pabhizinesi. Tinokuyeuchidzawo kuti unogona Cloud mhinduro Cloud4Y.
Source: www.habr.com