A techie guys view

I think people really need help on this.

I often spend a few minutes perusing the job listings on CL just to see who is hiring for what.

I think it is very easy to stay away from companies that are "misguided" I guess is the way to put it.

Know what you are hiring for.

If you are looking for someone to maintain servers, do dba work, support desktops, etc. you ARE NOT looking for a Network Administrator. The main focus of a network admin is to feed are care for networks. Not your stupid M$ Winblows server. Most really good network administrators are afraid of M$ because it has a propensity to blow up when we need it most. We love *nix OSes.

We all have our strengths. When you are building a (usually want to be) enterprise network do not hire a Sysadmin to do it for you. Spend some bucks and hire a part-time network architect to do the design and build for you. It will pay off in many ways.

When I build out a network I ask all of the questions that a dedicated Sysadmin (most likely) not think about. Most people do not end up with networks and systems that can scale. They will reach a critical mass that will require replacement of equipment. I design a network to grow until a point that you are running enough traffic that spending the money to open a second data center, building a new network, etc. is the least of your worries. You will have money if you have a good business model.

The life of a really good network.

1. Design a network and systems to handle about twice the traffic you anticipate. Make sure that you can grow by adding boxes (and perhaps relatively inexpensive leaf switches.)

2. You will have to replace your load-balancers. You should be running, at minimum, TCP offload. Make sure your next pair can handle the growth of a pod at least. You can then use the pair that you are removing from the

3. Replace the Firewalls between your app servers and the DB layer. Then make sure these are in redundant pair so you can use them in the next architecture. (Remove one, flip the routes, then move number 2.)

4. Rinse and repeat. You can also at this point start to build "pods," "islands," "silos" or what ever you want to call them.

The hard part about all of this? Getting it right the first time. There are many many questions to be answered. If you dont, you will end up with gear that just does not work for you. You dont really get good money for gear on Ebay.

I think most of us know that Google reads our email. I decided to run some tests to try and figure out how they read it. Honestly I think they could do some improving on it.

I sent some mail between hotmail and gmail. It immediately picked up on what "we" were mailing about. Then, as often happens with email, I changed the topic of our conversation in the email. The targeted advertising did not change.

Only if you change the subject of the email does it change advertising.

Just thought y'all may be interested.

I was at the Cafe this morning having my coffee on the patio fix when someone asked me a question about connecting to the wireless access point. I helped her get connected and then she asked me a question....

"Is it safe to access my online banking here?"

(Alot of people I know can stop reading here...y'all better know this or I will laugh at you.)

For those of you who know me you know I am not going to give the simple answer. Online banking? Provided you use going to your bank....Yes. That is no problem. You know what I wouldnt use? Any online email (Yahoo, Google, Hotmail, etc.) I also wouldnt log into your blog (depending on what you are using for blogging.) There are many things I wouldnt do. Me? I basically wouldnt do anything.

Basically if you dont see https to start the address I can read it. It is (for the most part) that simple.

Me? Eh....not exactly. There are a couple of ways that I secure my traffic from outside my house. I used to have a SSL VPN and piped all of the traffic through that. I am working on that box at the moment so I pipe all of my browser traffic through an SSH tunnel to a squid proxy at my house. Not the cleanest but it works.

What is the above gobbledygook? Basically I like my security. I dont want anyone to be able to see what I am doing on my laptop when I am out roaming the world.

Here are a couple of things to look at:

Go to gmail and access your account. The password is encrypted (note the https) as soon as you are authenticated everything in is the clear. If I set up my box to read what people are doing.....you read something, I can read it. You send something...I can read it. And so on and so on....

Wordpress? It may be an "upgrade" or whatever but on the simple one I started up a while ago (that I never have time to update) when I log in as admin my PASSWORD is sent in the clear.

Now here is the thing....some people know about this. I would think it would be more people...but it isnt. Here is the big thing that most people dont think about or dont know: You may be even more vulnerable at work.

If you were at work and I was paid to spy on you I could tell many things that you are doing, especially if you are a non-techie person. There are so many ways I can go about it...just a few: install a keylogger on your machine, put a tap on your network port, pipe all of your traffic to my machine....many ways.

Are you scared about someone seeing what you are doing? Do you think you are secure? It is a scary world we live in these days...

Please hire the right people.

There are many approaches to hiring in the tech industry. There are some people who "get it" but most dont. It seems as a company grows they get worse at hiring good technical resources.

IMHO there are two types of Managers/Directors/VPs. Those who are afraid and those who are not.

The ones that are afraid tend to hire people who have less experience / skills than they do. This makes them feel smarter. And their teams end up being huge.

The ones who are not afraid get the best. In my past management experience I always try to hire people that are smarter than I am. If they are not smarter than I am they almost become a waste of my time. I have to spend too much time explaining what I want and then teaching them how to do the implementation.

Face it. Your staff is what makes you succeed.

This is especially prevalent in non-technology companies. In so many of them IS/IT is put under finance. So you have a CFO who really doesnt understand the actual technology side of things. What does he end up looking for? Degrees. He usually prefers an MBA. WHY? Why do you look for this in someone who is leading technology in your company? So he makes it easier for Mr CFO to talk ROI, CapEx, depreciation, etc. but most of the time he is blowing smoke up your....

He then goes out and really does not know what to look for in the people under him. Who does he turn to? Oh usually IGS, EDS, etc. Then? Company gets old technology at inflated prices.

It happens all the time. The reason I bring this up is I was looking at doing some work for a company. The exact situation happened. I was referred by someone who WAS working for the company. He got pissed off and left. They just called me this morning and needed to talk about limitations on their SAN. Not the SAN that I had recommended but the smaller, cheaper one they ended up with after "working with" highly regarded technology company. Now? 100k SAN out the door because it will not scale with their needs.

I have seen this over and over. The CFO driven org that scrimped on Load Balancers only to have to upgrade in 14 months. The cage that filled up because "4 racks is enough." The DB servers that "will last us at least 3 years."

Best one ever was a company that purchased a SAN without doing any looking into the lifespan. After using it for 14 mos they received an End of Support notification from the manufacturer. Who did they buy the SAN from? CDW.

Who actually buys a SAN from CDW? You would not believe how many people do. Consult a great independent contractor or at minimum a trusted VAR. They are out there for a reason.

Who should we be more afraid of?

Is Microsoft really to be feared these days?

Well they do still control the desktop and many server environments in the Corporate world. Browser share is there. But what of the overall direction their business is heading?

As we move from generation to generation we adapt to what works for us.

In '99 I was working for a large company and one of my pet projects was playing with Linux. "It would never catch Solaris." "It will never hurt Windows" and on and on. Now I had been working with Solaris since it was introduced in '92 to replace SunOS. It was great but prohibitively expensive for all of the startups that were coming around at the time. Linux was going to be the future.

In late 99 and 2k I was building an ASP and it was the first time I ever deployed Linux in production. And it worked like a charm. To serve DNS for a massive amount of Windows boxes for a Windows network.

There is also this little search engine that was using it. They were growing quickly (and I am still a dumb@$$ for not joining in '99.)

Now look at where we are. That nimble startup is now to be feared much more than the behemoth becuase they get it. They understand what I saw in '99. We are going back to the mainframe, the network is the computer, days of old. It is inevitable.

My mom uses linux now. Why? Because that is all she needs. Unless you are a high-end gamer all you need is a browser. That is it.

Other than simple browsing you can read your mail on Gmail, you have docs, media players, etc. If you are a gamer you also have many games at your disposal. You have your second life, you have "casual games" (have to plug the brother-in-law for his cool game, Burger Shop, www.gobit.com.) Your Salesforce, your netsuite, rearden commerce, and the list goes on and on. The cloud is the computer.

All of this with a minor amount of plugins, etc.

Many people I know who were running Windows are now running Linux. Windows has to make a drastic change or it will die. No windows? No office. No exchange. Lose those and MS is no longer a financially stable company.

Where are we going? My PC in my pocket. No....I am not talking about some useless little device with a crappy screen, etc. I see us having an iPhone like device that becomes our life. Use it as a phone, small browser, email, media player, etc. It can then leverage the storage that is on it to be "docked" into a machine with real horsepower.

This is why I fear Google much more than Microsoft. They move quickly and they get it.

Where are we going to go with the datacenter infrastructure?

Think about where we are now versus where we were 8-10 years ago.

Back in 2k I designed an infrastructure from the ground up. At the time it was completely state of the art. Pair of border routers, 4 load balanced firewalls, 2 tiers of redundant load balanced cores with redundant leaf (rack) switches hanging off of each core. There was also a secondary set of LB FWs inbetween the app server layer and the DB layer. It was incredible. Foundry (majority of the equipment) actually took a number of companies in to look at the architecture, including Deutsche Bank.

The app and DB servers were all compaq proliants and we had an 1 TB EMC Sym as our SAN. All of this was globally redundant to a mirror datacenter on the east coast.

It was a really amazing setup. Completely fault tolerant on all levels.

From some rumors I am hearing, which may or may not be correct, we will be able to basically duplicate the same storage and power into a single 42U rack. 2 REDUNDANT architectures in the same rack.

In 2 chassis.

Lets take a look at how this (in theory) could happen.
Cisco recently released the Nexsus 7K switch, which just won Best of Interop this week in Vegas.

It has a 15 Tbps backplane to be future-proofing for either 40Gbps or 100Gbps ethernet (whichever one finally wins the next standard but that is another topic.) I have seen one of these bad boys in action and it is a really cool box. I am still going to have some issues with Cisco and oversubcription of ports. The current big 10Gig blade has 32 ports. Cool. Would be really cool if it wasnt 4:1 oversubscribed. The blade only has a 80Gbps connection to the fabric so fully populated you will only get 4Gig out of each 10Gig port.

This is not where it gets interesting.....

This is where it does. I have heard that there is going to be a blade that will house SAS disks right into the chassis. 32 2.5" SAS disks. That is over 9TB raw. This would be so cool. Even cooler? I have heard that you are going to be able to put server type blades into the chassis as well.

So....we have a 10 slot chassis. What should we do with this?

Ok....we need to have a sup engine. We also need some connectivity. 2 blades down, 8 remaining.

Now storage. 2 slots 32 disks upto 9TB of disk. 2 more down and 6 to go.

Now I am not sure how the server blades would work. Looking at an IBM or a HP blade chassis and the size of the blade I could imagine you could get 2 blades per slot. Perhaps using something like the SPA adapter used in the Catalyst 6K line. Lets even pretend you can only get one 4 proc blade per slot.
6 blades with 4x4 core procs and lets say 32 Gig of RAM per slot.

That is 64 cores with 192 GB of RAM that can work with a 15Tbps backplane to communicate with the network and the storage.
A box like this would have the same have about the same horse power in 21U that I used to have in 10 racks (420U) in a datacenter.

This has been the problems I have had with Blade Centers....you can only do so much with them. They are only good for raw cpu cycles. You still need a separate switching and storage environment.

In what could be available from Cisco you have, well, a nexus. You have full layer 1 to 7 in one box.

Everything in one box. If there was intelligent virtualization you could spin VMs up and down as needed and as a chassis becomes overloaded you could spin up idle chassis to take over the load.
Rumor has it Cisco spent about 250,000,000 on the development of this box. It is going to be FCoE capable and it will be ready to take the next generation ethernet standard whether it is 40 or 100 Gig. If they add storage and intelligence we are really going to be moving forward. Even if you dont want to put all of your server resources into the chassis you will be able to run some very interesting network analysis with a blade. As the cpus are right in the chassis you can span a huge amount of traffic for any DPI application.

I think this could be really cool.