In my last blog on this, I discussed some of the Capacity best practices. I am now going to briefly touch on the remainder of the book:
- Networking. The section talks about best practices in a data center. This includes different networks for different functions (e.g., production, admin) and different NIC cards on different machines to segment traffic. It also discusses the usage of Virtual IPs.
- Security. Here, the discussion centers on the principle of “Least Privilege”. Strategies for not having to run things as root are discussed, as well as how to deal with outbound passwords so that they cannot be compromised.
- Availability. He begins with a strategy on how to document required availability to avoid ambiguity. Strategies for load balancing and clustering are discussed, as well as how to appropriately use reverse proxies (looks like I need to play with Squid).
- Administration. There are a number of strategies discussed here that will make administrators lives a lot easier. This includes making the QA environment more closely resemble the production environment. I particularly liked how his discussion around zero, one or many. If you have 20 servers in a farm, it makes a big difference to have more than one in QA (though 20 isn’t needed) in terms of issues discovered. He discussed strategies for dealing with configuration files, and how to facilitate clear start-ups and shut-downs.
- Design Summary. This chapter delves into a number of general design considerations for consider for production, including making your application as easy to operate as possible.
- Transparency. This book goes deep into strategies to reveal as much about the internal operations of the servers and the systems as a whole. After going through some of his black Friday failure strategies, I would want to have as many of these as possible!
I appreciate good computer science books. This is, seriously, one of the best books I have ever read. It has made a HUGE difference in my understanding and capabilities in this area. I strongly recommend it.