Internet Data Centers (IDCs) are the computing centers of the
future. With the emergence of the global marketplace, organizations of all sizes are feeling the pressure to extend their Internet presence around the world, conduct business on a 24x7 basis, and provide customers with 99.999% availability â€ all while reducing costs and keeping a sharp focus on their core business. Indeed, by utilizing IDCs and their economies of scale, companies can accrue the benefits of a world-class infrastructure at a fraction of the cost of dedicated, on-site facilities. Even some Internet Service Providers (ISPs) locate their equipment in
Internet data centers to gain benefits including high-speed, multi-homed Internet connectivity, geographic distribution; high security; redundant backup power, air conditioning, and fire suppression; and skilled network and system administration staff. The wide availability of key applications, scalability, and both hardware and software reliability are reasons why IDCs are choosing Sun servers to manage their operations. Sunâ„¢s Netraâ€žÂ¢ server product line delivers carrier-grade reliability in compact, rack-mount NEBS Level 3 certified packages. Sunâ„¢s Enterprise server products include new rack-mount systems supporting up to four processors. As more processing capacity is required, Sunâ„¢s Enterprise servers can host up to 64 UltraSPARCâ€žÂ¢ processors in a single, symmetric multiprocessing system. All in all, Sun provides the most reliable, flexible, and scalable platform for hosting critical management systems â€ resulting in increased responsiveness and greater quality of service for customers
Internet Data Center Overview
Internet data centers are shared facilities where many organizations can share a single, comprehensive infrastructure to economically host Internet servers and services. In contrast to corporate data center environments, iDCs tend to be deployed at multiple, geographically-dispersed sites connected with highspeed, wide-area networks. iDC environments are heterogeneous, often supporting servers from many different vendors rather than the limited number found in corporate data centers. When visitors to the sites hosted at an iDC are considered, the number of users is in the millions, and the number of transactions handled are far greater than corporate data centers routinely experience. Common to both corporate data centers and Internet data centers are requirements for around-the-clock operation, comprehensive management services and systems, and skilled system administration staff.
Compelling Reasons for Using iDCs
Because of the compelling business and technical reasons for using iDCs, companies like Above Net, Exodus, Digital Island, HostPro, Level 3, Navisite, and Qwest have become household names in the dot-com world â€ with an array of familiar telephone companies and Internet service providers joining the ranks. The reasons companies utilize iDCs for outsourced services and colocation include:
Â¢ Time to Market
For many companies, reducing time to market is key to success. With Internet data centers already established with physical plant, redundant and back-up power, and high-speed Internet connectivity, companies that leverage an iDCâ„¢s existing facilities can bring their product to market much more quickly than the traditional model of on-site hosting. And with traffic to sites often doubling every six months, the time needed to scale services is minimized with iDCs because it is their business to make needed space and computing facilities available quickly.
Â¢ Reduced Risk
Companies that utilize iDC services reduce their risk in two ways. First, they decrease risk because the functions they outsource are usually those with which an iDC has more experience and competence â€ these services include Web hosting and common IT functions like e-mail outsourcing. Second, because the cost of services are fixed on a contractual basis, there is less risk of spiraling costs due to unforeseen circumstances.
Â¢ Redundant, High-Speed Connectivity
By combining the power of many tenants, iDCs can purchase highbandwidth network services and deliver Internet connectivity from multiple carriers simultaneously. With the traffic volume, iDCs have the clout to make strategic peering arrangements with other facilities and providers, resulting in topologically-superior connectivity that results in fewer hops â€ and therefore less latency â€ between large numbers of end users and the iDC. These peering relationships are so strategic that they are often closelyguarded business secrets.
Â¢ Economical Infrastructure
The physical infrastructure necessary to support high-availability services is much more economical with larger the facilities. High-security data centers, redundant, conditioned power supplies, multiple air conditioning systems, fire suppression, and backup generators with days or weeks worth of fuel are often more costly than a single company can afford â€ yet these are requirements for providing the 24-by-7 availability that Internet users expect.
Â¢ Comprehensive Support
Just as the connectivity and physical infrastructure of iDCs is shared, so is the support staff. In todayâ„¢s competitive labor market, it is difficult to hire, train, and retain skilled staff members for maintaining Internet services around the clock â€ and when companies are able to hire the staff they need, it is much more strategic to assign them to core business issues rather than the mechanics of operating a data center. The ability of iDCs to provide support services often tilts the balance of whether a company is willing to outsource the hosting of their services.
Range of Services
There is a wide range of services available from Internet data centers, and the ways in which they differentiate themselves can be characterized in three dimensions:
Â¢ Quality of Service
iDCs can provide quality of service that can be quantified on a range from Ëœdata gradeâ„¢ availability of 99 percent to Ëœcarrier gradeâ„¢ availability of 99.999 percent. Considering that a 99 percent available facility allows up to 87 hours â€ more than three days â€ of down time per year, the use of highestquality facilities can have an enormous attraction for customers. Zona Research (1999) estimates that USD $4.35 billion will be lost per year due to Web site outages and slow response times. In order to attract customers that require guaranteed uptime, most iDCs today offer Service Level Agreements (SLAs) that specify both measurable service goals and penalties if they are not met.
Â¢ Services Offered
There is a spectrum of services offered by Internet data centers, including pre-packaged and custom Web hosting using dedicated servers, shared servers, and even multi-tier e-commerce implementations; they also provide Web-based application hosting, customer server co-location, and often standard IT services such as e-mail outsourcing. Today, hosting services make up the majority of an iDCâ„¢s business, with co-location services lagging significantly behind. Some forward-looking iDCs are providing an imaginative array of new data storage services:
Â¢ Backup services, using shared tape library facilities, can be used to backup user data over a separate dedicated network, with off-site copies
maintained by the iDC.
Â¢ Database services enable customers to outsource the implementation and maintenance of their own database software, while capitalizing on the economies of scale achieved by iDCs providing services to multiple customers. When supplying database services, the iDCâ„¢s monitoring facilities provide direct benefits to users, but also provide upselling opportunities to the iDC as additional customer storage space is required.
Â¢ Storage-on-demand services deliver continuous storage availability by using high-end storage systems for multiple customers.
Many iDCs provide a range of options for server ownership, which usually has an influence on the support services that can be provided. iDCs that do not own the servers in their facilities provide what is known as co-location services; those which own the servers and lease them directly or indirectly to their customers provide hosting services. Internet data centers generally provide both co-location and hosting. The iDCs that provide sophisticated
management services often do so only for the systems that they own and maintain because this combination gives them the most control â€ and enhances their ability to meet strict service-level agreements.
Â¢ Support Services
iDCs vary in the set of support choices they provide, ranging from almost no support to full-service application-level monitoring and management. iDCs that provide simple co-location services are often referred to as rack, stack, and ping facilities, where servers are hosted and only their ability to respond to an ICMP echo request is monitored. In the middle of the spectrum are facilities that closely monitor bandwidth usage and response times, and sometimes track the user experience by loading specific URLs and even performing transactions. These iDCs automatically create trouble tickets and respond quickly when server performance varies from predetermined limits. At the high end are facilities that provide full-service monitoring capabilities that go beyond measuring parameters that are visible by end users; these facilities monitor and manage the entire customer infrastructure including database systems, management systems and credit card clearing functions.
The Internet data center market is developing rapidly, and with this growth has come a scramble to provide imaginative services that best serve the needs of a broad set of customers. Some of the interesting variations include:
Â¢ Content Distribution
Digital Island provides content distribution services. With caching servers hosting their customersâ„¢ Web content at strategic points in their global network, end users access the content that is topologically closest to them â€ resulting in lower response times from anywhere in the globe. Key to Digital Islandâ„¢s strategy is its DNS servers which intelligently resolve usersâ„¢ address requests to provide the address of the nearest caching server. Digital Islandâ„¢s services enable its customers to easily extend their reach around the globe, giving end users high performance as if they are accessing a nearby site â€ regardless of their location.
Â¢ Management Services
Some providers focus on the service end of their business. eManage.com bundles space from other hosting facilities and integrates management functions on a cafeteria plan basis. With plans tailored for each customer, eManage.com offers network and firewall, platform (CPU, disk., etc.), Web server, application server, and database management services. Their services
encompass software and hardware support, and they have the ability to exchange trouble tickets with their hosting facilities, speeding the problem resolution process.
Â¢ Management without Hosting
The importance of sophisticated management services is not lost on companies that are growing so quickly that they desire service monitoring independent sources outside of the iDC â€ and these companies sometimes purchase third-party monitoring services that access their sites from multiple locations on the Internet. Freshwater Software, which develops
end-to-end monitoring software used in many iDCs, offers a service package which monitors customersâ„¢ site performance and servers remotely through its network operations center in Boulder, Colorado. Their Web site monitoring facilities can report on end-to-end responsiveness and functionality of complete customer scenarios including the actual purchase of products and credit-card payment on e-commerce sites.
There are several major components to an Internet data centerâ„¢s physical infrastructure, including the building, security, environmental protection, power, and the physical distribution of data centers. All iDCs consider each of these factors carefully; what weight they give to each area determines to some extent the customer base they will attract. Some iDCs have additional space available for a fast recovery from major disasters; all iDCs maintain off-site backups for recovery of customer data. A typical Internet data center incorporates design considerations including building, security and access control, electric power, and protection from environmental problems including fire, flood, and wind storms.
The buildings in which Internet data centers are located are usually designed or chosen for their ability to provide a high level of security from intruders, vandals, terrorists, and from environmental concerns such as floods, earthquakes, and tornadoes. The degree to which the buildings themselves are designed to offer protection vary widely. Many have strategically-placed barriers to prevent damage from car bombs. Some are located on upper floors to prev nt access by penetration of outside walls, and offers protection from flooding. One hosting facility in Canada uses a retired Royal Bank vault with a double underground perimeter that prevents underground tunneling into the facility. Some iDCs that focus on co-location are situated in prime areas for easy access by customers, while those which focus on hosting place less emphasis on location.
Security and Access Control
All aspects of physical security are considered in the design of Internet data centers. A staff of security guards is on duty around the clock, and surveillance cameras are used to observe and record all activity inside and outside of the data center â€ including underneath the raised floor. Customer access is carefully controlled, and every entrance and exit by any Customer, employee, or visitor is permanently on record. Physical access is usually granted only after the visitorâ„¢s ID is checked and a magnetic card swiped; further authentication is often performed, including matching biometric factors such as hand and retinal scans. To prevent Ëœtailgating,â„¢ some iDCs employ a man trap that allows only one person at a time to enter
through an air-lock style passageway. Once inside, the customer has keys that only unlock their specific rack, cage, or cabinets â€ in fact, some iDCs even have no master key to prevent any unauthorized access even by security personnel. Security in the back-end of the data center is equally important. Because of the premium for space inside the data center, staging areas are often provided for customers to assemble and test their equipment before installing it into racks. Access to these areas, and areas leading to the loading docks is also tightly controlled.
Internet data centers provide conditioned power to their customersâ„¢ equipment, with both battery and generator backup. Battery backup enables the data center to continue operation during the brief period between a power failure and the automatic spin-up of diesel generators. In order to ensure the rapid availability of diesel-generated power, hot water can be circulated through the generators so that they are always ready for a warm start. Some
iDCs have suficient fuel storage for a day or more; some are prepared to operate for weeks on backup power. Redundant power is an important feature of Internet data centers. Some iDCs
go so far as to obtain independent power feeds from different sub-stations. Most have multiple generators, and feed power from two different sources to each rack. Customers using equipment with dual power supplies â€ like Sun Enterprise servers â€ can connect to both power sources and operate uninterrupted through the loss of one of the two feeds.
Redundant air conditioning capacity is installed so that mechanical failures can occur without an unacceptable rise in data center temperatures. Systems using chilled water or freon often have separate external cooling or condenser systems, helping to ensure that there are at least two complete systems with no single point-of-failure.
Hand-in-hand with a fully-redundant physical infrastructure is a fullyredundant network architecture. There are three levels to consider in iDC network architectures:
Â¢ Virtually all Internet data centers have more than one location, and highspeed interconnects facilitate geographically-distributed customer sites that keep running even through the failure of a single data center.
Â¢ Inside the data center is another redundant infrastructure that distributes traffic with minimal delay from the centerâ„¢s core routers to the customer servers.
Â¢ Also inside the data center are additional non-public networks used for management functions, administration, backups, and for connecting the components of multi-tier environments, for example Web servers, database servers, and application servers. Whether discussing the routing between distributed data centers or within a single one, several concepts are important:
Â¢ Fully-Meshed Connectivity
An ideal iDC architecture has fully-meshed connectivity both between and within each data centers. A fully-meshed architecture has at least one path directly connecting every component (Figure 2.) This enables routing or switching to take place using the shortest path first, falling back to secondary, multiple-hop paths in the event that a primary path becomes
disconnected. In practice, only some iDCs have fully-meshed connectivity between data centers, while many have fully-meshed architectures within the data center.
Â¢ Layered Architectures
Layered architectures in iDCs are used to optimize performance, security, and to provide a level of abstraction for the network. Performance can be optimized by seeking a balance between the layers where packets are routed versus where they are switched. Security is enhanced by layering in packet filters and firewalls where appropriate, and by isolating customer network segments through Virtual Local Area Networks (VLANs). VLANs can be
used to limit the Impact of denial-of-service attacks on individual customers. Finally, layering isolates routers and switches from their peers so that, for example, a change in a serverâ„¢s MAC address doesnâ„¢t require all network components to adjust their IP routing and switching tables. iDC network architectures, both local and global, layer their components into a core layer, where the number of routers is small and the latency is minimal; a border layer where policy-based connectivity is delivered; and an access layer, where packets are distributed â€ via routing and switching â€ to the appropriate physical servers.
Global Routing Strategies
Almost all Internet data centers have multiple locations that are interconnected via high-speed switched networks. Having multiple locations provides iDCs and their customers with a set of benefits that add up to more than the sum of the parts:
Â¢ The most obvious benefit is that more locat ions means more capacity and performance because there is more data center availability across a geographic region.
Â¢ Customers utilizing a geographically-distributed iDC may host a redundant server infrastructure in a second location, enabling fail-over from one to another in the event of a complete failure in one center.
Â¢ Finally, the iDCâ„¢s backbone network can be used to carry traffic bound for its customers from its various Points of Presence (POPs) to the customer servers. This gives the end user a lower-latency connection than the public Internet, and gives the iDC customer more of a global presence. Some iDCs, like Digital Island, capitalize on their global network by providing caching servers in their POPs that can deliver content with even lower latency than access across the iDC backbone network. Geographically-distributed data centers are interconnected with redundant switched networks, and utilize Open Shortest-Path First routing (OSPF) between them. Based on both economic and network latency costs, each link
between data ce ters can be assigned a cost and traffic routed based on those costs. Network traffic can be balanced between connections when equal costs are assigned, and backup paths are created when unequal costs are assigned. For establishing peering relationships and connectivity to other backbone providers, Border Gateway Protocol (BGP) is used.
Figure 3 illustrates a set of four data centers distributed across the world
Although the network is not fully meshed, it can survive the loss of two links. For example,
if all connectivity between San Francisco and Los Angeles is lost, traffic can be routed via New York and Chicago.At each POP, each ATM Permanent Virtual Circuit (PVC) terminates in each of two core routers. Each POP typically has its own peering relationships and Internet backbone connections so that it can operate independently and can accept transit traffic for the other locations.
Switched Data Center Infrastructure
Within the data center is a fully-meshed, switched fabric that is layered for performance, security, and isolation of customer devices. A layer of core routers transfers traffic from the iDC backbone and, following policy-based routing rules, routes it down to a set of distribution switches which pass the traffic on to the access layer (Figure 4). Customer equipment is provided connectivity into the access layer, often with two feeds, each from a separate access switch. The hierarchy of the data centerâ„¢s public network enables a fan-out to a large number of servers without introducing any significant latency. iDCs typically use routers and switches with VLAN capability. The use of Virtual LANs enables customers to be isolated from each other, and it enables a single subnet to extend across switch boundaries to serve separate racks or cages. The use of a fully-meshed, switched infrastructure ensures that any single failure â€
all the way to the server cable drop â€ will result in network traffic being routed over an alternate path.
Figure 4 Hierarchical, fully-meshed network architecture within the data center.
With the hierarchical structure of an iDCâ„¢s network, high-traffic services can be inserted into appropriate layers of the infrastructure. For example, a backup or database service can be served from the distribution layer, providing a highcapacity path accessible to each hosted server. A fact of life in Internet data centers is that larger customers will demand access to higher layers of the hierarchy â€ a request that is often accommodated for an extra charge.
Connectivity for pri vate services like storage-on-demand or backup may be separated logically from the existing public network using VLANs, or may separated physically through the use of separate physical networks.
Â¢ Sales Cycle Support
Sales cycle support includes managing customer information for pre-sales support, and sales and order processing. Provisioning and configuration processes may be automated, Web-based systems, or may be internal systems managed by sales staff; they typically provide support for initial sales as well as upgrades later in the customer relationship.
Â¢ Customer Reports
Customer-ready reports with up-to-date usage statistics are often a selling point for iDCs. These reports contain bandwidth usage information, SLA compliance data, and information on problems reported and their resolution. When more sophisticated services are supported, these reports contain resource usage information that can be used to pro-actively upgrade
services before critical thresholds are reached â€ for example, they can be used to prompt the procurement of additional database table space before a critical shortage results in loss of customer business.
Â¢ Help Desk Support
There are several aspects to the help desk support function. Traditional help desk support systems provide interfaces for customer service representatives to quickly identify, resolve, or escalate service issues. Some iDCs provide direct access to these services for their more sophisticated customers, including APIs that enable their software to generate trouble
tickets if they identify any service-related problems. Finally, systems which enable customers to browse symptom and resolution information can reduce iDC staff workload by empowering customers to solve their own problems without requiring a service call.
Â¢ Billing, Invoicing, and Collection
Billing, invoicing, and collection systems provide the obvious functions both in terms of postal mail interactions with customers as well as enabling Webbased account review, bill presentment, and payment. Depending on the granularity of billing unit, some billing systems must support a highbandwidth, real-time workload, receiving and processing information for
small billing increments for a large number of customers.
Building Internet data centers requires careful consideration of the functional requirements they impose, difficult decisions on architectures for integrating the software tools that meet those requirements, and choices on what combination of management systems provide the best coverage of the functional areas. Many data centers go through a maturation process of initially bringing to market a few simple service offerings managed with a set of tools that are integrated in a point-to-point fashion. They use Sun servers for managing their networks, and use Sun for the raw iron necessary to provide a spectrum of hosting services. With the flexibility and capacity of Sun servers â€ with up to 64 processors each â€ iDCs rapidly increase the sophistication of the services they provide as they work their way up the learning curve. Beginning with colocation and dedicated hosting services, they add sophisticated, highlyavailable multi-tier Web hosting environments, and augment them with shared database and backup services.