I’ve just finished watching a talk at RIPE71 conference by Karl Brumund for Dyn about real-world experience of building a small-scale datacenter and using automation etc. etc. and it had a lot of great lessons.
They attempted to build the data centre using traditional design before realising that vendor simply did not support the features they needed. Simple things like MPLS & 6PE ……
If you are designing a small to medium data centre then you should consider watching this video.
- Whitebox switches work.
- Automation is your friend.
- BGP Communities can be used for automation and configuration
- Putting security into the application instead of firewalls saved much money and time.
- You can use Anycast IP in OSPF in a small data centre.
Legacy Designs Didn’t Work
Use Anycast IP In the Data Center
I have used used Anycast on Internet but never seriously considered using it in production inside the data centre.
Security – No Firewalls.
Using firewalls was a huge operational problem and there was no fix. Therefore, get rid of the problem and make the developers responsible for securing the servers. aka IPtables on the hosts using an configuration management system.