Класификация
Observingtheserverfromdifferentangles,youcanhavedifferentclassificationmethodsfortheserver.Belowwewilldiscusstheclassificationoftheserverfromdifferentangles.
1.Accordingtodifferentarchitectures,serverscanbedividedintotwoimportantcategories:IAarchitectureserversandRISCarchitectureservers.
Thisclassificationstandardismainlybasedonthedifferentprocessorarchitecturesusedbythetwoservers.TheCPUusedintheRISCarchitectureserverisaso-calledreducedinstructionsetprocessor.ThemainfeatureofthereducedinstructionsetCPUisthatitusesfixed-lengthinstructionsandusespipelinestoexecuteinstructions.Theprocessingofsuchaninstructioncanbedividedintoseveralstages,andtheprocessorsettingsaredifferent.Theprocessingunitexecutesthedifferentstagesofinstructions.Forexample,iftheinstructionprocessingisdividedintothreestages,whentheNthinstructionisinthethirdprocessingstage,theN+1thinstructionwillbeinthesecondprocessingstage,N+2Instructionswillbeinthefirstprocessingstage.ThiskindofpipelineprocessingofinstructionsmakestheCPUhavetheabilitytoprocessinstructionsinparallel,whichenablestheprocessortoprocessmoreinstructionsperunitoftime.TheIAarchitectureserverusestheCISCarchitecture,thatis,thecomplexinstructionsetarchitecture.Thisarchitectureischaracterizedbylongerinstructions,strongerinstructions,andmoreexecutablefunctionsforasingleinstruction,sowecanincreasecomputingUnit,whichenablesthefunctionperformedbyaninstructiontobeexecutedinparallelatthesametimetoimprovecomputingpower.Foralongtime,thetwoarchitectureshavebeengrowingincompetitionwitheachother,andbothhaveachievedrapiddevelopment.TheIAarchitectureserveradoptsanopenarchitecture,sotherearealargenumberofhardwareandsoftwaresupporters,andithasmadeconsiderableprogressinrecentyears.
2.Theservercanbedividedintoworkgroupserver,departmentserverandenterpriseserveraccordingtothedifferentscaleoftheserver.
Thisclassificationmethodisarelativelyoldclassificationmethod,whichismainlyclassifiedaccordingtothescaleoftheserverapplicationenvironment.Forexample,acomputernetworkenvironmentwithabouttenclientsissuitableforusingaworkgroupserver.Thiskindofserveroftenuses1processor,smallharddiskcapacityandnotverystrongnetworkthroughput;acomputernetworkwithdozensofclientsissuitablefordepartment-levelservers,whicharerelativelypowerful,andoftenuse2processors.,Largermemoryanddiskcapacity,diskI/OandnetworkI/Ocapabilitiesarealsostrong,sothatthisservercanhaveenoughprocessingpowertoaccepttheservicerequirementsproposedbytheclient;andenterprise-levelserversareofteninInanetworkenvironmentwithmorethan100clients,inordertorespondtoalargenumberofservicerequests,suchserversoftenuse4processors,havealargenumberofharddisksandmemory,andcanbefurtherexpandedtomeethigherdemands.Alotofaccess,sothenetworkspeedanddiskspeedofthiskindofservershouldalsobeveryhigh.Tomeetthisrequirement,multiplenetworkcardsandmultipleharddrivesareoftenusedforparallelprocessing.Alltheabovedescriptionsareveryinaccurate,andtherearemanyspecialcircumstances.Forexample,anetworkmayhavemanyclients,butmayhavefewaccesstotheserver.Thereisnoneedtohaveasuper-functionalenterprise-levelserver.DuetothesefactorsTheexistenceofthiskindofserverclassificationmethodismorequalitativeratherthanquantitative,thatistosay,fromthegroupleveltothedepartmentleveltotheenterpriselevel,theperformanceoftheserverisgraduallystrengthened,andothervariouscharacteristicsaregraduallystrengthened..
3.Accordingtothedifferentfunctionsoftheserver,wecandividetheserverintomanycategories
Suchasfile/printserver,thisistheearliesttypeofserver,itcanperformfilestorageandprinterresourcesharingService,sofar,thiskindofserverisstillwidelyusedintheofficeenvironment.Thedatabaseserverrunsadatabasesystemforstoringandmanipulatingdata,andprovidingdataqueryandmodificationservicestonetworkedusers.Thiskindofserverisalsoaserverwidelyusedincommercialsystems.WEBserver,E-MAILserver,NEWSserver,PROXYserver,theseserversarealltypicalINTERNETapplications,theycancompletethestorageandtransmissionofhomepage,e-mailservice,newsgroupservice,etc.Alltheserversmentionedabovearenotjustahardwaresystem,theyoftenrealizetheirspecificfunctionsthroughthecombinationofhardwareandsoftware.
Характеристика
От тези аспекти можете да измерите дали сървърът е постигнал предназначението си; R: Надеждност; A: Наличност; S: Мащабируемост; U: Използваемост, лекота на използване; M: Управляемост, което е стандартът за измерване на RASUM на сървъра.
1. Мащабируемост
Serversmusthaveacertaindegreeof"scalability",becauseenterprisenetworkscannotremainunchangedforalongtime,especiallyintoday'sinformationage.Iftheserverdoesnothaveacertaindegreeofscalability,andwhenthenumberofusersincreases,itwillbeincompetent.Aserverworthtensofthousandsorevenhundredsofthousandswillbeeliminatedinashortperiodoftime,whichisunbearableforanyenterprise.Inordertomaintainscalability,itisusuallynecessarytohaveacertainamountofexpandablespaceandredundantcomponentsontheserver(suchasdiskarrayrackpositions,PCIandmemoryslotpositions,etc.).
Scalabilityisembodiedinwhethertheharddiskcanbeexpanded,whethertheCPUcanbeupgradedorexpanded,whetherthesystemsupportsavarietyofoptionalmainstreamoperatingsystemssuchasWindowsNT,LinuxorUNIX,etc.OnlyinthiswaycantheinitialinvestmentbemaintainedMakefulluseofitinthelaterstage.
2.Лекота на използване
ThefunctionoftheserverismuchmorecomplicatedthanthatofaPC.Itnotonlyreferstoitshardwareconfiguration,butalsoreferstoitssoftwaresystemconfiguration.Forserverstoachievesomanyfunctions,itisunimaginablewithoutcomprehensivesoftwaresupport.However,toomanysoftwaresystemsmaycausetheserver'sperformancetodecrease,andmanagementpersonnelcannoteffectivelymanipulateit.Therefore,whendesigningservers,manyservermanufacturersmustfullyconsidertheavailabilityandstabilityoftheserver,andmustalsoworkhardontheeaseofuseoftheserver.
Theeaseofuseoftheserverismainlyreflectedinwhethertheserveriseasytooperate,whethertheusernavigationsystemiscomplete,whetherthechassisdesignishumane,whetherthereisakeyrecoveryfunction,whetherthereisanoperatingsystembackup,andwhetherthereisAdequatetrainingsupportandotheraspects.
3. Наличност
Foraserver,averyimportantaspectisits"availability",thatis,theselectedservercanmeettherequirementsoflong-termstableworkandcannotbeusedfrequently.Somethingwentwrong.Infact,itisequivalenttothereliabilityproposedbySun.
Becausetheserverisfacingusersoftheentirenetwork,notasingleuser,inlargeandmedium-sizedenterprises,theserverisusuallyrequiredtobeuninterrupted.Insomespecialapplicationareas,someservershavetoworkuninterruptedeveniftheyarenotusedbyusers,becausetheymustcontinuouslyprovideuserswithconnectionservices,regardlessofwhetheritisonoroffwork,whetheritisaworkingday,abreak,oraholiday.Thisisthefundamentalreasonwhytheservermusthaveextremelyhighstability.
Generallyspeaking,specializedservershavetoworkuninterrupted7X24hours,especiallylikesomelarge-scalenetworkservers,suchasserversusedbylargecompanies,webservers,andiqdeWEBserversthatprovidepublicservices.Fortheseservers,theremayonlybeonenumberofrealworkstartups,thatis,thetimeitwasputintoofficialuseafteritwaspurchasedandfullyinstalledandconfigured.Afterthat,itworkeduninterrupteduntilitwascompletelyscrapped.Ifsomethinggoeswrongateveryturn,thenetworkcannotmaintainnormaloperationforalongtime.Inordertoensurethattheserverhasahigh"availability",inadditiontorequiringthequalityofallaccessories,necessarytechnicalandconfigurationmeasures,suchashardwareredundancy,onlinediagnosis,etc.,canalsobetaken.
4.Управляемост
Amongthemainfeaturesoftheserver,thereisanotherimportantfeature,thatis,the“manageability”oftheserver.Althoughwesaythattheserverneedstoworkcontinuouslywithoutinterruption,nomatterhowgoodtheproductis,itmayfail.Takeasayingthatpeopleoftensay:Itisnotthatitisnotknownthatitmaybebroken,butthatitisnotknownwhenitisbroken.Althoughtheserverhassufficientguaranteeintermsofstability,itshouldalsohavenecessarymeasurestoavoiderrors,findproblemsintime,andcanbemaintainedintimeifitfails.Thisnotonlyreducesthechanceofservererrors,butalsogreatlyimprovestheefficiencyofservermaintenance.Infact,itistheserviceabilityproposedbySun.
Themanageabilityoftheserverisalsoreflectedinwhethertheserverhasanintelligentmanagementsystem,whetherithasanautomaticalarmfunction,whetherithasanindependentandsystematicmanagementsystem,andwhetherithasanLCDmonitor.Onlyinthisway,theadministratorcanmanageeasilyandworkefficiently.
Външен вид
Racktype
Външният вид на Frack сървъра не изглежда като компютър, а като превключвател, с 1U (1U=1,75 инча=4,445 CM), 2U, 4U и други спецификации. Rack сървърът е инсталиран в стандартен 19-инчов шкаф. По-голямата част от тази структура е функционален сървър.
Forinformationservicecompanies(suchasISP/ICP/ISV/IDC),physicalparameterssuchasservervolume,powerconsumption,andheatgenerationmustfirstbeconsideredwhenchoosingaserver,becauseinformationservicecompaniesusuallyuselargeThededicatedcomputerroomuniformlydeploysandmanagesalargenumberofserverresources.Thecomputerroomisusuallyequippedwithstrictsecuritymeasures,agoodcoolingsystem,andamultiplebackuppowersupplysystem.Thecostofthecomputerroomisquiteexpensive.Howtodeploymoreserversinalimitedspaceisdirectlyrelatedtotheservicecostofanenterprise.Usually,rack-mountedserverswithamechanicalsizethatmeetsthe19-inchindustrialstandardareused.Rack-mountedserversalsohaveavarietyofspecifications,suchas1U(4.45cmhigh),2U,4U,6U,8U,etc.Generally,1Urack-mountedserversarethemostspace-saving,buttheirperformanceandscalabilityarepoor,andtheyaresuitableforuseinrelativelyfixedbusinessareas.Productsabove4Uhavehigherperformanceandgoodscalability,andgenerallysupportmorethan4high-performanceprocessorsandalargenumberofstandardhot-swappablecomponents.Managementisalsoveryconvenient.Manufacturersusuallyprovidecorrespondingmanagementandmonitoringtools,whicharesuitableforkeyapplicationswithalargeamountofaccess,buttheyarelargeinsizeandlowinspaceutilization.
Острие
Остриеserverreferstoaserverunitthatcanbepluggedintomultiplecard-typeserverunitsinarack-mountedchassiswithastandardheighttoachievehighavailabilityandhighdensity.Each"blade"isactuallyasystemmotherboard.Theycanstarttheirownoperatingsystemsthroughthe"onboard"harddisk,suchasWindowsNT/2000,Linux,etc.,whicharesimilartoindependentservers.Inthismode,eachmotherboardrunsitsownsystemandservesthespecifiedDifferentusergroupsarenotrelatedtoeachother,socomparedtorackserversandcabinetservers,theperformanceofasingle-chipmotherboardislower.However,administratorscanusesystemsoftwaretoassemblethesemotherboardsintoaservercluster.Intheclustermode,allmotherboardscanbeconnectedtoprovideahigh-speednetworkenvironmentandshareresourcesatthesametimetoservethesameusergroup.Insertinganew"blade"intheclustercanimproveoverallperformance.Andbecauseeach"blade"ishot-swappable,thesystemcanbeeasilyreplacedandmaintenancetimeisreducedtoaminimum.
Кула
Кулаservershouldbethemostwidelyseenandeasiesttounderstandserverstructuretype,becauseitsshapeandstructurearethesameastheverticaloneweusuallyuse.ThePCissimilar.Ofcourse,becausetheservermotherboardsaremorescalableandhavemoreslots,theyarelargerthanordinarymotherboards.Therefore,thehostchassisofthetowerserverisalsolargerthanthestandardATXchassis,anditisgenerallyreserved.Enoughinternalspaceforredundantexpansionofharddiskandpowersupplyinthefuture.
Becausethetowerserverchassisisrelativelylarge,theserverconfigurationcanalsobeveryhigh,andtheredundantexpansioncanbeverycomplete,soitsapplicationrangeisverywide,anditshouldbesaidthattheserverwiththehighestutilizationrateisКулаserver.Thegeneral-purposeserverweusuallytalkaboutisgenerallyatowerserver,whichcanintegrateavarietyofcommonservicesintoone,whetheritisaspeedapplicationorastorageapplication,itcanbesolvedbyusingatowerserver.
Кабинет стил
Insomehigh-endenterpriseservers,duetothecomplexinternalstructureandmanyinternalequipment,somealsohavemanydifferentequipmentunitsorseveralserversareplacedinacabinetInthiscase,thiskindofserverisarackserver.Thecabinettypeisusuallyacombinationofracktypeandbladetypeserversplusotherequipment.
Forimportantcompaniessuchassecurities,banks,postandtelecommunications,systemswithcompletefailureself-repaircapabilitiesshouldbeadopted,andredundancymeasuresshouldbeadoptedforkeycomponents,anddual-systemheatcanalsobeusedforserversusedinkeyservices.Backupahigh-availabilitysystemorahigh-performancecomputer,sothattheavailabilityofthesystemcanbewellguaranteed.
Проблеми със сигурността
1.Сервърът е влоша работна среда
Forcomputernetworkservers,theoperatingenvironmentisveryimportant.Theenvironmentreferredtoheremainlyincludestwoaspects:operatingtemperatureandairhumidity.Therelationshipbetweennetworkserverandelectricityisveryclose.Electricityisthebasisofenergysupporttoensureitsnormaloperation.Thetemperatureandhumidityrequirementsoftheoperatingenvironmentofpowerequipmentareusuallyrelativelystrict.Inthecaseofhightemperature,thenetworkserverTheoveralltemperatureofthepowersupplywillalsocontinuetorise.Ifthetemperaturetolerancethresholdisexceeded,theequipmentwillbedamagedtovaryingdegrees,orevencauseafire.Ifthehumidityintheenvironmentistoohigh,alargeamountofwatervaporwillaccumulateinthenetworkserver,whichcaneasilycauseelectricleakageaccidentsandseriouslythreatenthepersonalsafetyofusers.
2.Lackofcorrectawarenessofnetworkserversecuritymaintenance
Duringtheoperationofthesystem,somecomputeruserslackbasicawarenessofnetworkserversecuritymaintenance,sotheycannotprovidesecuritymaintenanceforthenetworkserver.Payfullattentiontoit.Duringthelong-termuseofthecomputer,thelackofeffectivesafetymaintenancemeasureseventuallyledtoaseriesofoperationalfailuresofthenetworkserver.Atthesametime,becausesomeusersdidnotchoosethecorrectfirewallsoftware,variousloopholescontinuedtoappearinthesystem,andtheuser'spersonalinformationwaseasilyleaked.
3. Твърде много уязвимости в системата на сървъра
Computernetworkitselfhasthecharacteristicsofopennessandfreedom.Thisattributenotonlyhastechnicaladvantages,itwillalsoaffectthesecurityofthecomputersystemtoacertainextent.createathreat.Oncethereareprogramloopholesthataredifficulttorepairinthesystem,somecriminalsarelikelytousetheloopholestosearchforinformationinthebufferandthenattackthecomputersystem.Inthisway,notonlytheuserinformationisexposedtotheriskofleakage,butthecomputeroperatingsystemwillalsobecompromised.damage.
Технология за виртуализация
Въведение
Virtualizationreferstothevirtualizationofacomputerintomultiplelogicalcomputersthroughvirtualizationtechnology.Itisabroadterm,ThepurposeistosimplifytheITinfrastructure.Theobjectsofvirtualizationcanincludevirtualizationofservers,theInternet,desktops,andarchivespaces.Sincetheconceptofvirtualizationwasproposed,itsadvantageshavebeenwellknowntomostpeople,andservervirtualizationhasbecomepopular.Foralongtimeinthepast,halfoftheworld'sservershavebeenvirtualized.Someofitsownproblemsaregraduallyexposedtoeveryone.Forexample,theprocessofservervirtualizationhasoverturnedsomeoftheoriginalbasicstructure,sothatthesecurityofthevirtualservercannotbeguaranteed.Onthisbasis,visitsomeSoftwaremaycausetheharmofpersonalprivacyoutflow,whichwillalsoaffectthesharedvirtualserver,anditsstoragemethodalsogreatlyincreasestheprobabilityofinformationtheft.Itcanbeseenthattheshortcomingsofvirtualizationneedtobesolvedurgently.Accordingtoasystematicstudy,mostvirtualserversaremorevulnerabletoattacksthanphysicalservers.
Предимства
1.Интегриране на ресурси
Completingresourceintegrationisthemaintaskofservervirtualization.Intheinformationage,variousindustrieshavedevelopedThenumberofdatashowsexplosivegrowth.Howtorealizethecomprehensiveutilizationofthesedataandresourcesisanurgentproblemforallmajorindustriestosolve.Theresearchanddevelopmentandapplicationofcomputerservervirtualizationtechnologyprovidetechnicalsupportandapplicationplatformfortherealizationofresourceintegration.Especiallyinrecentyears,thecontinuouspopularizationofcloudcomputingtechnologyandtheincreasinglyadvancedcentralizedresourcemanagementprovideconditionsforthedevelopmentandpromotionofcloudtechnology.Atpresent,theutilizationrateofcomputerhardwareresourcesbymajorenterprisesislessthan20%,andthephenomenonofresourcewasteisstillItisveryserious.Throughservervirtualizationtechnology,theoriginalapplicationcanbeconcentratedinacertaincomputerserver,whichcanpromotethecompany'smaterialresourceutilizationratetogreatlyincrease,therebyreducingtheinvestmentofvarioushardwareandsavingcosts..
2. Ниска консумация на енергия
Intheinformationage,technologicalinnovationisthetoppriorityandthemainwaytoreduceresourceconsumption.CloudcomputingtechnologyhasbeenpopularizedandwidelypromotedintheITindustry.Cloudcomputingtechnology.Computerservervirtualizationisthemainwaytoimproveresourceutilization,anditcanalsomanageenergyconsumptionreasonably.Технология за виртуализацияcansimulatedifferentscenarios,soastoachieveacomprehensivesysteminspectionofvarioushardwareandsoftwareinthecomputersystem.Whenproblemsarefound,theyaredisplayedontheinterfaceimmediately,remindingrelevantpersonneltodealwiththemintime,soastoreduceenergyconsumptionandachievegreendevelopment.thegoalof.
3.Намалете оперативните разходи
Underthebackgroundofcontinuousbusinesstransformationofinformationserviceproviders,intensificationhasputforwardhigherrequirementsforcostcontrol,andinvestmenthasbecomemorerefined.ThekeyforanenterprisetoachieveIT-basedoperationisprideandconcentratedinvestmentindatacenters.Thiscontentmainlyinvolvestwoaspects:①Theinvestmentincomputerhardwareandlicensingservicesupport.②Thecostinvestmentundertakenbythecomputersystemoperationandmaintenancecangivefullplaytotheperformanceoftheserverthroughthecomputerservervirtualizationtechnology.
4.Приложението е по-сплескано
Throughservervirtualizationtechnology,computerserverapplicationplatformscanbeflattenedandtransparent.Intheinformationage,datacenterplatformsareincreasingyearbyyear,andcomputerserversTheapplicationofdifferentplatformsisbecomingmoreandmorecomplex.Inthespecificoperationprocessofdifferentplatforms,itisnecessarytofullyconsiderthelevelofdifferentoperatingsystemsandmiddleware.Servervirtualizationtechnologycaneffectivelysolvethistypeofproblem,isolateapplicationsandhardwareplatformsfromeachother,andachieveplatformrestrictions.
Ключова технология
1.Технология за виртуализация на процесора
VirtualizethephysicalCPUinthecomputerserverintoavirtualCPU,andthesystemoperationcanuseoneorMultiplevirtualCPUscanbeisolatedfromeachotherbyvirtualizingtheCPUsinthecomputerserversystem.Atpresent,manycomputeroperatingsystemsarebuiltbasedontheX86architecture.Inthesystemdevelopmentanddesign,theCPUismainlyinvolvedinfourlevelsintheoperationprocess,namelyRing0,Ring1,Ring2,andRing3.Amongthem,Ring0belongstotheinstructionlevelandcaneffectivelyexecuteanyinstruction.Forexample,themodificationofCPUoperationiscompletedinRing0.ForvirtualizedX86systems,avirtuallayerneedstobesetupbetweentheoperatingsystemandthehardwareatthesametime.Ring0canonlyruninthevirtuallayerundernormalcircumstances,sothatsomespecialinstructionscannotbedirectlyappliedtothehardware.Технология за виртуализацияcaneffectivelyexecutevariousinstructions.Inthecomputerservervirtualization,anadvancedbinarycodedynamictranslationmachineisused,andbothordinaryinstructionsandprivilegedinstructionscanbeeffectivelyexecuted.Applyingmoreadvancedpre-insertionandtrappinginstructionsdirectlyactonthevirtualmachine.Thevirtualmachineperformsinstructiontranslationandthenperformsrelatedoperations.Comparedwithtraditionalvirtualizationtechnology,thisapproachrealizesmulti-systemoperation,whichiscurrentlytherealizationofCPUvirtualization.Ключова технология.
2.Технология за виртуализация на паметта
Memoryvirtualizationisthecoreofrealizingcomputerservervirtualization.Asweallknow,computermemorydeterminestheoperatingefficiencyandstabilityofcomputersystems.MemoryvirtualizationThemainprincipleofvirtualizationistouniformlymanageallthememoryintheserver,andthenthroughthevirtualizationencapsulationtechnology,thememorycanrunwellinthevirtualmachine.Inturn,eachvirtualmachinecanrunwell.Intheprocessofrealizingcomputerservervirtualization,memoryvirtualizationtechnologyandCPUvirtualizationtechnologyareequallyimportant,andthefrequencyofaccesstimesisalsoconsistentwitheachother.Thekeytovirtualizedmemoryistorealizethereasonablemanagementofphysicalmemory,andrealizethereasonabledivisionofmemory,andbuildaconsistentmappingrelationshipwiththememoryaddressrequiredbythevirtuallayerandthememoryaddressofthecomputerserver,therebyensuringthememoryoftheentirevirtuallayerAccesscanbeconsistentinvirtualizedmemoryandphysicalmemory.
3, оборудване, технология за виртуализация на I/O и мрежови портове
Intheprocessofcomputerservervirtualization,equipmentandI/Oarealsothemaincomponentsofthecomputersystem.Itisnecessarytorealizevirtualizationtomaketheserveralsorealizevirtualization.Comparedwithmemoryvirtualization,device,I/O,andnetworkportvirtualizationaremainlyrealizedthroughprofessionalpackagingtechnologytoprovidetechnicalsupportfortheoperationofvirtualmachines.ItoftenmeetstheneedsofvirtualmachinesfordeviceaccessandI/Orequests.Inthecomputerservervirtualizationplatform,ithaslaidasolidfoundationfortherealizationofdeviceandI/Ovirtualization.Inthespecificoperation,therearecertaindifferencesinthecomputerserverforeachdevicemodel,configuration,parameter,etc.,buttheactualrealizationofthecomputerserver,theexchangeofdataandinformationbetweenthevirtualmachineandthephysicalmachine,showstheapplicationofservervirtualizationtechnologyEffect.Thereasonableapplicationofthistechnologycannotonlyexpandtheapplicationscopeofcomputerservervirtualizationtechnology,butalsogreatlyreducethedegreeofdependenceontheunderlyingcomputerhardwareintheinformationage.Aslongasthevirtualplatformissetup,mutualmigrationondifferentphysicalmachinescanberealized.
4.Технология за виртуална миграция в реално време
Themechanismofthisvirtualtechnologyandbasestationsofthandoverisbasicallythesame.Twolinksareconstructedinthecomputerserver,andthevirtualmachineisintheactualoperationprocess.,TherelativelycompleteoperatingenvironmentcanbequicklymigratedfromHarajukuaircrafttoShinjukuaircraft.Theentiremigrationprocessrequiresaveryshorttime,andusertechnologyhardlynoticesanychanges.Inshort,real-timevirtualmigrationtechnologyistheprocessofdatacopying,transmission,andswitching,whichisofgreatsignificancetothemaintenanceofcomputerserverhardware.
Риск
1.Thevirtualizationprojectdidnotinitiallyinvolveinformationsecurity.
Anauthoritativestudyfoundthatlessthanhalfofthescientificresearchprojectswerenotincompliancewithsafetyregulationswhentheywereinitiallycreatedandplanned.Sometimeswhenworkingingroups,securityissuesaredeliberatelyforgotten,buttheproblemscausedbyvirtualizationcannotbeignored.Thedisadvantagesofworkingwithmultiplevirtualizedserversaremoreseriousthanthosecausedbynon-virtualization..Therefore,itismorecumbersometostudytheseissues.
2.Thehiddendangersoftheunderlyingvirtualizationplatformaffectallhostedvirtualmachines.
Virtualizingaserverislikerunningaprogramonacomputer,anditrequiresaplatform.Theplatformhasmoreorlessbugsandisneglectedbypeople.Recently,somelargevirtualizationvendorshaverepeatedlyreportedthattherearehiddensecurityrisksinthevirtualizationproductionline,andthesehiddendangershavenotbeenresolved.Therefore,somepeoplechoosetoattacktheunderlyingvirtualizationplatformwhentheywanttoattack,andescapesecuritydetectionbycontrollingthecentralsystem.Inturn,theviruswasbroughtintoeachserver,attackeditsshortcomings,andobtainedthepermissiontoreadalltheinformation,whichledtothedisclosureofinformation.
3.Thevirtualnetworkbetweenvirtualmachinesinvalidatestheexistingsecuritypolicies.
Somewell-knownvirtualizationmanufacturersusethemethodofestablishingvirtualmachinesandvirtualnetworkcardssothatvirtualmachinescanbeassociatedwitheachothertorealizetheabilityofsendingandreceivinginformation.Theprotectionscopeofsomemainstreamprotectionsystemscanonlyprotecttheinandouttrafficofconventionalservers,butcannotseethetraffictransmissionbetweenvirtualmachines,andcannotprovideguaranteeforvirtualizedtraffictransmission.
4.Virtualmachinesofdifferentsecuritylevelsarenoteffectivelyisolated.
Somevirtualizationmanufacturersaretryingtovirtualizeallservers,whichnotonlyreducesexpensesbutalsospeedsupproduction.Theseserversincludemanysystemswithhighprivacylevels,sovirtualmachinesarerequiredtobesufficientlysecure.Ifserverswithdifferentsecurityindexesarenotseparated,theyaredominatedbythesameserver,andthesecurityofhigh-levelvirtualmachineswillbereducedandcontrolledbylowerones.
5. Липса на защитен контрол на достъпа до хипервайзора.
Thevirtualmachinemanagementprogramislikethecentralnervoussystemofthehumanbrain.Itcontrolsalltheactivitiesofthevirtualmachine,issuesinstructionstoeachstep,andsupervisesandcorrectsthefunctionsatbothends.Therefore,permissionsmustbeestablishedtopreventrandomChange.Ifthereisnosuchaccessright,HKswillconnecttothecentralnervoussystemthroughtheaddress.Eveniftheycannoteasilyentertheprogram,theycancreatemultipleserverstofullyloadthehypervisor,forcethehypervisortocrashanddestroyallvirtualmachines.
Поддръжка
1.Payattentiontotheconstructionofthecomputerroomenvironment
Thecomputerroomenvironmenthasanimportanteffectonthenormaloperationoftheserver.Therefore,themostimportantpartofservermaintenanceandmaintenanceistodoagoodjobintheconstructionofthecomputerroomenvironment.Ensuresufficientspaceinthecomputerroomfortheinstallationandconfigurationofserver-relatedequipment.Thepartitionsandfloorsofthecomputerroommustbehandledwithanti-staticandotherdetails.Thefirepreventionworkofthecomputerroomisalsoveryimportant,andthefirepreventiontreatmentofwallsandcablesmustbedonewell.Intheeventofafire,howtoensurethesafetyofequipmentandhowtoensuretheorderlyevacuationofpersonnelareallfactorsthatneedtobeconsideredintheconstructionofthecomputerroom.Thetemperatureandhumidityofthecomputerroomshouldalsobemaintainedwithinacertainrange.Temperatureandhumidityhaveagreatinfluenceonthenormaloperationofelectronicproducts.Aserverisanelectronicdevicethatissensitivetotemperatureandhumidity.Ifthecomputerroomwheretheserverislocatedistoodry,itisveryeasyforpeopletogeneratestaticelectricityintheprocessofcontactingtheequipmentinthecomputerroom.Thiskindofstaticelectricitygenerallyhasthousandsofvoltsoreventensofthousandsofvolts,whichisverydangeroustothenormaloperationoftheserverandcaneasilycauseseriousaccidents.Howtoscientificallyandreasonablydoagoodjobinthelayoutandmanagementofthecomputerroomisthekeytotheconstructionofthecomputerroom.Atpresent,therearestillmanyareasthatneedtobeperfectedinthemanagementofcomputerserverroomsinourcountry.Forexample,themodernizationlevelofcomputerroommanagementisnothigh,andmanymonitoringandmaintenancetasksarecompletedsolelybymanpower,andthereisnoinformation-basedandnetworkedmanagementmechanism.Infact,thereisnotmuchdifficultyinthedesignorimplementationoftheelectronicdetectionsystem,butduetoourinsufficientattention,theoveralllevelofcomputerroomconstructionisstillhoveringatalowlevel.
2.Направете добра поддръжка на хардуера
Thehardwarecompositionoftheserverismorecomplicated,andthemaintenanceoftheserverhardwareshouldbeperformedbyprofessionals.Whenmaintainingandmaintainingstorageequipment,weshouldfirsttestitscapacitytoseeifoperationssuchasexpansionareneeded.Thestoragecapacitymustbeabletomeettheneedsofthetask,andleaveacertainamountofredundancy.Whendisassemblingandupdatingtheserverequipment,besuretokeeptheequipmentinapower-offstateandperformgroundingtreatment.Eventhesimplestpartsarereplaced,theselinkscannotbeomitted.Forsomeunfamiliarparts,readtheinstructionsandreferencedocumentsrepeatedlyandcarefully,andavoidblindlydismantlingthemifyouarenotsureaboutit.Cleantheserverregularly.Dusthasastrongimpactontheworkofhardware,especiallyfordevicesthatoperateathightemperaturesandhighspeedssuchasservers.Thedamagecausedbyalargeamountofdusttotheequipmentisoftenfatal.Thedustremovalworkmustbecarriedoutinascientificandorderlymanner,anditcannotbetakenforgrantedorrecklessly.Payspecialattentiontotheprotectionofthepowersupplysystemduringthedustremovalprocess.
3.Поддържайте добре софтуера на сървъра
Softwareisanimportantpartoftheserver,andthestableandefficientoperationoftheserverisinseparablefromthecorrespondingsoftware.Weneedtoconductregularinspectionsontheserver'ssoftwaresystem,discovervulnerabilitiesintime,andinstallofficialpatchesintime.Whenexpandingtheserverdatabase,ifconditionspermit,itisbesttobackuptheoriginaldatatoavoidunnecessarylosses.
4.Doagoodjobinpowercontrol
Doagoodjobinpowercontrol.Withouttheguaranteeofstablepower,theservercannotworknormally.Electroniccontrolisaverycriticalbuteasilyoverlookedissue.Atthebeginningoftheconstructionofthecomputerroom,weshouldgivefullconsiderationtothepowerguaranteeoftheserver.Itisnecessarytodesignandconfigureastableandreliablepowersupplysystemforthecomputerroom.Thissystemalsohastheabilitytodealwithandrespondtoemergencies,suchasunpredictablepoweroutages,lightning,etc.
5.Управление на пароли
Theserver’spasswordmanagementisthemostcriticalpartoftheserver’sdefensecapabilities.Themanagementandreplacementofpasswordsshouldformalong-termmechanism.Weneedtochangethepasswordoftheserverregularly,andthepasswordshouldbemanagedbyadedicatedperson.Theselectedpasswordmusthaveacertaindegreeofprofessionalismandacertaindegreeofcomplexity.Itisbesttocombinenumbersandletters,andcombineupperandlowercase.Indailyinspections,wemustdoagoodjobofloggingstatisticsandclosesomeportsthatarenotusedverymuch.