Migrate to DFS from UNC file shares? Complications..
-
@Dashrender
Now this was a bit pointed, and I'm hoping you say, iSCSI isn't going over the router between subnets - to which I would reply, then we need to remove it and any other protocols not going between subnets, listing them just adds confusion.A: The router is just tagging/mangle the TCP/UDP ports so i can do QoS. Otherwise, everything is at switch level.
What security do you think you gain by not using VLAN 0?
on managed switches, when applicable or on most company installs, I'll create a different VLAN rather than VLAN0/1. As old security article and documentation of security issues of default VLAN on managed switches.
If you can have two shares, one for those working at the main location, and a separate one for the remote, and people can accept a minor delay when looking at the remote ones, but they live mostly in the local ones.. that would solve it to.. and no replication would be required.
You know.. This is a good point and an Idea I've had. This office is doing a function or product offering to our clients, almost a seperate entity. In theory, we could have a secondary server there with AD integration for local authentication, and then data saved on this local server. Then if that file share needs to be accessed back from Main site -- thats no problem.
The issue is just convergence or keeping the information in one centralized area. I've been pushing for them to also spend money on a new platform such as salesforce so everything with our clients, functions and employee transparancy (as far as items completed by employees). Thats another mess
In regards to DFS File lock.. This would actually create a huge issue. We have quite a few Excel spreadsheets which are actually shared spreadsheets that are updated everyday and nearly open all day long. This is another issue. Essentially have an in-house call center that will take notes/info requests and log into a spreadsheet formatted columns..
You've given me some real thought about the mere fact of just pulling out my hardware and putting my foot down. Will they fire me, for this? Probably not. As many others have said and see; it can be difficult for management or even a CEO to find value in IT and what they do for the company. However, when there is an issue -- its put onto us to get back online and working again.
2 weeks ago we had 3 hour downtime due to our print server crashing. Print spooler blew-up (soon as service starts, TCP/IP stack fails). due to the XenServer node not having resources.... I had to spin-up another VM on my equipment to setup an all new print server and re-install and push the printers back out to users.
..
-
@ntoxicator said:
@Dashrender said:
64 GB RAM - is that all? My little server has 64, my big one has 120 GB, and you can easily buy servers today that will hold 512 GB + RAM. As for your storage, well, yeah - you have a storage problem. You just need to solve it. You might need more storage than a single typical server chassis can handle (though you can buy HPE and Dell servers that hold something like 18 drives - so you'd need some pretty crazy storage before you'd climb over that and need to go to DAS or NAS or SAN)
@Dashrender : this was also an example. To be all honest, We would actually need over 128GB of ram, and of-course the storage size to suite our needs.
I considered a XenServer HA setup with a HA setup for Network SAN units. Other users on here have bashed me for this idea and suggested a setup similar to Scale Computing (Where storage is local to servers).
Sux if someone bashed you here on ML - we try to be better than that other forum. That said, talking frankly and asking you to think critically is something most push for here at ML, sadly this comes off as bashing. That said, yeah I know bashing does still actually happen here on ML.
Scale is definitely a good solution, but it's not for everyone. it's not cheap to get into, $25K to start. Another option would be StarWinds vSAN software with Hyper-V (starwinds is free for 2 nodes if you are in SpiceWorks) or DRBD with XenServer (software is all free).
-
@Dashrender said:
@ntoxicator said:
@Dashrender said:
64 GB RAM - is that all? My little server has 64, my big one has 120 GB, and you can easily buy servers today that will hold 512 GB + RAM. As for your storage, well, yeah - you have a storage problem. You just need to solve it. You might need more storage than a single typical server chassis can handle (though you can buy HPE and Dell servers that hold something like 18 drives - so you'd need some pretty crazy storage before you'd climb over that and need to go to DAS or NAS or SAN)
@Dashrender : this was also an example. To be all honest, We would actually need over 128GB of ram, and of-course the storage size to suite our needs.
I considered a XenServer HA setup with a HA setup for Network SAN units. Other users on here have bashed me for this idea and suggested a setup similar to Scale Computing (Where storage is local to servers).
Sux if someone bashed you here on ML - we try to be better than that other forum. That said, talking frankly and asking you to think critically is something most push for here at ML, sadly this comes off as bashing. That said, yeah I know bashing does still actually happen here on ML.
Scale is definitely a good solution, but it's not for everyone. it's not cheap to get into, $25K to start. Another option would be StarWinds vSAN software with Hyper-V (starwinds is free for 2 nodes if you are in SpiceWorks) or DRBD with XenServer (software is all free).
XenServer has HALizard as well.
-
Thanks for insight and input. I've looked at those solutions as well. I think the point other ML users were getting at, is the cost standpoint. As for true HA setup. I would need multiple XenServer hosts and ofcourse redundant SAN storage and ofcourse switches. With that, the cost would be close to or greater than an investment with Scale Computing Cluster.
I would feel more comfortable with something with support. XenServer is a solid solution. However, I'm just very cautious and worry about HALizard or DRBD with XenServer for local storage. I would have to fill up a 2U-3U server with drives to size and a hardware raid card on each node.
Where be nearly the same cost to get a 'barebone' 1U server with simple RAID-1 for host operating system, and then networked storage that is directly attached to a core switch/backbone switch to that of the servers & network storage so rides on same subnet/switch. Or best, directly connected to back of servers.... can go on and on lol.
But great point regarding DFS and the file locking.... i see that being a large issue.
-
@ntoxicator What you're talking about there with two 1U servers and NAS/SAN is an inverted pyramid of doom (IPOD).
Scott wrote something up on this (again) this morning.
http://mangolassi.it/topic/8743/risk-single-server-versus-the-smallest-inverted-pyramid-design
He explains why this is a bad design.
Also, in all of my discussion around HA (Starwind, DBRD) I never mentioned SAN or external storage. Will you need twice the amount in each of two server to have yourself covered? Of course, but if you don't, well then you don't ever actually have HA. If you have that shared storage you're talking about, what happens if that storage fails?
Ok I'll stop there and let you read Scott's post.
-
@ntoxicator said:
Thanks for insight and input. I've looked at those solutions as well. I think the point other ML users were getting at, is the cost standpoint. As for true HA setup. I would need multiple XenServer hosts and ofcourse redundant SAN storage and ofcourse switches. With that, the cost would be close to or greater than an investment with Scale Computing Cluster.
I would feel more comfortable with something with support. XenServer is a solid solution. However, I'm just very cautious and worry about HALizard or DRBD with XenServer for local storage. I would have to fill up a 2U-3U server with drives to size and a hardware raid card on each node.
Where be nearly the same cost to get a 'barebone' 1U server with simple RAID-1 for host operating system, and then networked storage that is directly attached to a core switch/backbone switch to that of the servers & network storage so rides on same subnet/switch. Or best, directly connected to back of servers.... can go on and on lol.
But great point regarding DFS and the file locking.... i see that being a large issue.
You should look at some of @scottalanmiller's articles about the IPOD and when you should choose network storage. I haven't seen anywhere here that mentions how much data you have on your network.
You would definitely need a hardware RAID card why would you ever consider getting a server without one? You can do MD RAID on XenServer, and KVM, this is completely enterprise grade. However in this instance it is probably better to offload that to a hardware controller.
-
So I'm seeing as quick and dirty solution.... Would be to get CEO/CFO to spend some money on a capable server to have at the satellite office. I'll use as a slave AD server that way users can authenticate locally to that onsite box. Only issue would then be the roaming profiles -- although they load fairly quickly over there (sign-on).
Can create local network share for the files they need and they would be set... then fire up offsite backup.
at same time I can press issue back full circle about the company's current hardware needs.
NOTE: This would only be a 1 year solution.... as supposibly we had approval from the county for us to take-over and build out a larger facility that we will move into late 2017....
he has yet to realize the cost of getting infrastructure installed there.. bahaha...
-
Sounds doable.
You can also change AD users at the remote site to save their roaming profiles to that server.
And you'll want to change their redirected folders to that server as well.
-
I absolutely refuse to use my own gear. It just allows the company to continue to put off spending money. I just keep proposing something. Every time something gets complained about, I just bitch about under spending on infrastructure. If it gets to me, I simply quit and go work for someone else that refuses the concept of spending money to update and scale infrastructure.
-
@BBigford said:
I absolutely refuse to use my own gear. It just allows the company to continue to put off spending money. I just keep proposing something. Every time something gets complained about, I just bitch about under spending on infrastructure. If it gets to me, I simply quit and go work for someone else that refuses the concept of spending money to update and scale infrastructure.
This is position I'm at, and why I've been searching. no forward movement for myself at company. As I do more than IT role here, also some management side with employee's. Very involved.
-
@Dashrender said:
Sounds doable.
You can also change AD users at the remote site to save their roaming profiles to that server.
And you'll want to change their redirected folders to that server as well.
Another great point.
I have a template use that I use for new user creation. Yes, I can modify the profile path to the new server UNC path. However, within GPO i have it specifically set for which folder for the User directory for their folder redirection.
basically, I would have to create a new GPO policy and also a new Security Group for these users at remote site? And link this Security group to the new GPO? Just thinking out loud.
-
@BBigford said:
I absolutely refuse to use my own gear. It just allows the company to continue to put off spending money.
Yes, it's empowering in a bad way.
-
@ntoxicator said:
@Dashrender said:
Sounds doable.
You can also change AD users at the remote site to save their roaming profiles to that server.
And you'll want to change their redirected folders to that server as well.
Another great point.
I have a template use that I use for new user creation. Yes, I can modify the profile path to the new server UNC path. However, within GPO i have it specifically set for which folder for the User directory for their folder redirection.
basically, I would have to create a new GPO policy and also a new Security Group for these users at remote site? And link this Security group to the new GPO? Just thinking out loud.
correct, you would have a new OU and new GPOs.
When you say you're saying you have it specifically set for which folder for the User directory, I assume you're using something like \servername\sharename%username% ?
-
@scottalanmiller said:
@BBigford said:
I absolutely refuse to use my own gear. It just allows the company to continue to put off spending money.
Yes, it's empowering in a bad way.
Not covering it up with janky work arounds (when you KNOW the company has the money to upgrade critical services) and dumping your own money in, makes the situation glare its ugly face. If the higher ups start experiencing the problem, then things start getting funding real quick.
I know when something pisses our CEO off, like an old server that is hindering company performance, and the bottom line has been money, we have that "thing" (hardware or software), overnight.
-
Well,
I just put a candid email reminder to the CEO and CFO (his father). See below his response... in in awe as to what to even reply to... Note, that my role here is "Director of IT"
I view you as my technology partner, my consultant, and my guide to help me steer this growing ship. You have mentioned several times that we are near capacity and things are growing old. I would expect some sort of written technology plan that outlines and itemizes our equipment, its life expectancy, its scheduled replacement data, and its cost. Then I would expect your analysis and recommendation on the priorities. From that point we would meet as a team to discuss timelines and priorities. How else can we plan and prepare?
We are both getting into unchartered territories with company size and technology needs. I find myself busier than ever and unable to be involved in each detail. I need data, analysis, and recommendations that will help company to grow and be efficient. I am relying upon you for those things.
So I put the challenge back to you. Can you please do some research and find out what other companies that are our size do when they are planning for technology and infrastructure plans? How can we professionalize our technology systems and processes just like we are doing in the rest of the company? What technology do we have now, what do we need (the gaps), and what are the costs?
Get it organized and professionalized and we will work together to make it a reality.
-
@ntoxicator Keep in mind this is a public forum. If the CEO or CFO saw you were posting verbatim of an email, they might look down upon that...
-
I see that, good point. However, its a moot point.
Essentially, this is same info he's provided before (verbally) in meetings. When I brought up the information, data, quotes and our capacity and have asked for company forecasting; it goes back into a queue of 'timelines and priorities'.
I'm just over it, when I feel I have no control or say to better the technology needs. The fact we had downtime last week.
-
@ntoxicator As to the email though, that sounds 100% like a response I would expect. There is nothing that is unreasonable about any of that. For anything over $2500, we have to submit a breakdown of all those things that were mentioned, and a little more, to the engineering manager. Anything over $5000 goes to the director of IT. Anything over $20,000 goes to the VP of operations. To simplify things, we now just report to the VP of ops. But nonethelss, we still have to do a breakdown and submit it for approval. It ensures quality, return on investment, and that everything is being vetted through the proper channels.
-
If that wasn't the response coming from someone that high up, I would be deeply concerned.
-
What you really need is a template. Let me see what I can find from something I previously submitted.
