Classification
Observingtheserverfromdifferentangles,youcanhavedifferentclassificationmethodsfortheserver.Belowwewilldiscusstheclassificationoftheserverfromdifferentangles.
1.Accordingtodifferentarchitectures,serverscanbedividedintotwoimportantcategories:IAarchitectureserversandRISCarchitectureservers.
Thisclassificationstandardismainlybasedonthedifferentprocessorarchitecturesusedbythetwoservers.TheCPUusedintheRISCarchitectureserverisaso-calledreducedinstructionsetprocessor.ThemainfeatureofthereducedinstructionsetCPUisthatitusesfixed-lengthinstructionsandusespipelinestoexecuteinstructions.Theprocessingofsuchaninstructioncanbedividedintoseveralstages,andtheprocessorsettingsaredifferent.Theprocessingunitexecutesthedifferentstagesofinstructions.Forexample,iftheinstructionprocessingisdividedintothreestages,whentheNthinstructionisinthethirdprocessingstage,theN+1thinstructionwillbeinthesecondprocessingstage,N+2Instructionswillbeinthefirstprocessingstage.ThiskindofpipelineprocessingofinstructionsmakestheCPUhavetheabilitytoprocessinstructionsinparallel,whichenablestheprocessortoprocessmoreinstructionsperunitoftime.TheIAarchitectureserverusestheCISCarchitecture,thatis,thecomplexinstructionsetarchitecture.Thisarchitectureischaracterizedbylongerinstructions,strongerinstructions,andmoreexecutablefunctionsforasingleinstruction,sowecanincreasecomputingUnit,whichenablesthefunctionperformedbyaninstructiontobeexecutedinparallelatthesametimetoimprovecomputingpower.Foralongtime,thetwoarchitectureshavebeengrowingincompetitionwitheachother,andbothhaveachievedrapiddevelopment.TheIAarchitectureserveradoptsanopenarchitecture,sotherearealargenumberofhardwareandsoftwaresupporters,andithasmadeconsiderableprogressinrecentyears.
2.Theservercanbedividedintoworkgroupserver,departmentserverandenterpriseserveraccordingtothedifferentscaleoftheserver.
Thisclassificationmethodisarelativelyoldclassificationmethod,whichismainlyclassifiedaccordingtothescaleoftheserverapplicationenvironment.Forexample,acomputernetworkenvironmentwithabouttenclientsissuitableforusingaworkgroupserver.Thiskindofserveroftenuses1processor,smallharddiskcapacityandnotverystrongnetworkthroughput;acomputernetworkwithdozensofclientsissuitablefordepartment-levelservers,whicharerelativelypowerful,andoftenuse2processors.,Largermemoryanddiskcapacity,diskI/OandnetworkI/Ocapabilitiesarealsostrong,sothatthisservercanhaveenoughprocessingpowertoaccepttheservicerequirementsproposedbytheclient;andenterprise-levelserversareofteninInanetworkenvironmentwithmorethan100clients,inordertorespondtoalargenumberofservicerequests,suchserversoftenuse4processors,havealargenumberofharddisksandmemory,andcanbefurtherexpandedtomeethigherdemands.Alotofaccess,sothenetworkspeedanddiskspeedofthiskindofservershouldalsobeveryhigh.Tomeetthisrequirement,multiplenetworkcardsandmultipleharddrivesareoftenusedforparallelprocessing.Alltheabovedescriptionsareveryinaccurate,andtherearemanyspecialcircumstances.Forexample,anetworkmayhavemanyclients,butmayhavefewaccesstotheserver.Thereisnoneedtohaveasuper-functionalenterprise-levelserver.DuetothesefactorsTheexistenceofthiskindofserverclassificationmethodismorequalitativeratherthanquantitative,thatistosay,fromthegroupleveltothedepartmentleveltotheenterpriselevel,theperformanceoftheserverisgraduallystrengthened,andothervariouscharacteristicsaregraduallystrengthened..
3.Accordingtothedifferentfunctionsoftheserver,wecandividetheserverintomanycategories
Suchasfile/printserver,thisistheearliesttypeofserver,itcanperformfilestorageandprinterresourcesharingService,sofar,thiskindofserverisstillwidelyusedintheofficeenvironment.Thedatabaseserverrunsadatabasesystemforstoringandmanipulatingdata,andprovidingdataqueryandmodificationservicestonetworkedusers.Thiskindofserverisalsoaserverwidelyusedincommercialsystems.WEBserver,E-MAILserver,NEWSserver,PROXYserver,theseserversarealltypicalINTERNETapplications,theycancompletethestorageandtransmissionofhomepage,e-mailservice,newsgroupservice,etc.Alltheserversmentionedabovearenotjustahardwaresystem,theyoftenrealizetheirspecificfunctionsthroughthecombinationofhardwareandsoftware.
Features
Fromtheseaspects,youcanmeasurewhethertheserverhasachieveditsdesignpurpose;R:Reliability;A:Availability;S:Scalability;U:Usabilityeaseofuse;M:Manageability,whichistheRASUMmeasurementstandardoftheserver.
1.Scalability
Serversmusthaveacertaindegreeof"scalability",becauseenterprisenetworkscannotremainunchangedforalongtime,especiallyintoday'sinformationage.Iftheserverdoesnothaveacertaindegreeofscalability,andwhenthenumberofusersincreases,itwillbeincompetent.Aserverworthtensofthousandsorevenhundredsofthousandswillbeeliminatedinashortperiodoftime,whichisunbearableforanyenterprise.Inordertomaintainscalability,itisusuallynecessarytohaveacertainamountofexpandablespaceandredundantcomponentsontheserver(suchasdiskarrayrackpositions,PCIandmemoryslotpositions,etc.).
Scalabilityisembodiedinwhethertheharddiskcanbeexpanded,whethertheCPUcanbeupgradedorexpanded,whetherthesystemsupportsavarietyofoptionalmainstreamoperatingsystemssuchasWindowsNT,LinuxorUNIX,etc.OnlyinthiswaycantheinitialinvestmentbemaintainedMakefulluseofitinthelaterstage.
2.Easeofuse
ThefunctionoftheserverismuchmorecomplicatedthanthatofaPC.Itnotonlyreferstoitshardwareconfiguration,butalsoreferstoitssoftwaresystemconfiguration.Forserverstoachievesomanyfunctions,itisunimaginablewithoutcomprehensivesoftwaresupport.However,toomanysoftwaresystemsmaycausetheserver'sperformancetodecrease,andmanagementpersonnelcannoteffectivelymanipulateit.Therefore,whendesigningservers,manyservermanufacturersmustfullyconsidertheavailabilityandstabilityoftheserver,andmustalsoworkhardontheeaseofuseoftheserver.
Theeaseofuseoftheserverismainlyreflectedinwhethertheserveriseasytooperate,whethertheusernavigationsystemiscomplete,whetherthechassisdesignishumane,whetherthereisakeyrecoveryfunction,whetherthereisanoperatingsystembackup,andwhetherthereisAdequatetrainingsupportandotheraspects.
3.Availability
Foraserver,averyimportantaspectisits"availability",thatis,theselectedservercanmeettherequirementsoflong-termstableworkandcannotbeusedfrequently.Somethingwentwrong.Infact,itisequivalenttothereliabilityproposedbySun.
Becausetheserverisfacingusersoftheentirenetwork,notasingleuser,inlargeandmedium-sizedenterprises,theserverisusuallyrequiredtobeuninterrupted.Insomespecialapplicationareas,someservershavetoworkuninterruptedeveniftheyarenotusedbyusers,becausetheymustcontinuouslyprovideuserswithconnectionservices,regardlessofwhetheritisonoroffwork,whetheritisaworkingday,abreak,oraholiday.Thisisthefundamentalreasonwhytheservermusthaveextremelyhighstability.
Generallyspeaking,specializedservershavetoworkuninterrupted7X24hours,especiallylikesomelarge-scalenetworkservers,suchasserversusedbylargecompanies,webservers,andiqdeWEBserversthatprovidepublicservices.Fortheseservers,theremayonlybeonenumberofrealworkstartups,thatis,thetimeitwasputintoofficialuseafteritwaspurchasedandfullyinstalledandconfigured.Afterthat,itworkeduninterrupteduntilitwascompletelyscrapped.Ifsomethinggoeswrongateveryturn,thenetworkcannotmaintainnormaloperationforalongtime.Inordertoensurethattheserverhasahigh"availability",inadditiontorequiringthequalityofallaccessories,necessarytechnicalandconfigurationmeasures,suchashardwareredundancy,onlinediagnosis,etc.,canalsobetaken.
4.Manageability
Amongthemainfeaturesoftheserver,thereisanotherimportantfeature,thatis,the“manageability”oftheserver.Althoughwesaythattheserverneedstoworkcontinuouslywithoutinterruption,nomatterhowgoodtheproductis,itmayfail.Takeasayingthatpeopleoftensay:Itisnotthatitisnotknownthatitmaybebroken,butthatitisnotknownwhenitisbroken.Althoughtheserverhassufficientguaranteeintermsofstability,itshouldalsohavenecessarymeasurestoavoiderrors,findproblemsintime,andcanbemaintainedintimeifitfails.Thisnotonlyreducesthechanceofservererrors,butalsogreatlyimprovestheefficiencyofservermaintenance.Infact,itistheserviceabilityproposedbySun.
Themanageabilityoftheserverisalsoreflectedinwhethertheserverhasanintelligentmanagementsystem,whetherithasanautomaticalarmfunction,whetherithasanindependentandsystematicmanagementsystem,andwhetherithasanLCDmonitor.Onlyinthisway,theadministratorcanmanageeasilyandworkefficiently.
Appearance
Racktype
Theappearanceofrackserverdoesnotlooklikeacomputer,butlikeaswitch,with1U(1U=1.75inch=4.445CM),2U,4Uandotherspecifications.Therackserverisinstalledinastandard19-inchcabinet.Mostofthisstructureisafunctionalserver.
Forinformationservicecompanies(suchasISP/ICP/ISV/IDC),physicalparameterssuchasservervolume,powerconsumption,andheatgenerationmustfirstbeconsideredwhenchoosingaserver,becauseinformationservicecompaniesusuallyuselargeThededicatedcomputerroomuniformlydeploysandmanagesalargenumberofserverresources.Thecomputerroomisusuallyequippedwithstrictsecuritymeasures,agoodcoolingsystem,andamultiplebackuppowersupplysystem.Thecostofthecomputerroomisquiteexpensive.Howtodeploymoreserversinalimitedspaceisdirectlyrelatedtotheservicecostofanenterprise.Usually,rack-mountedserverswithamechanicalsizethatmeetsthe19-inchindustrialstandardareused.Rack-mountedserversalsohaveavarietyofspecifications,suchas1U(4.45cmhigh),2U,4U,6U,8U,etc.Generally,1Urack-mountedserversarethemostspace-saving,buttheirperformanceandscalabilityarepoor,andtheyaresuitableforuseinrelativelyfixedbusinessareas.Productsabove4Uhavehigherperformanceandgoodscalability,andgenerallysupportmorethan4high-performanceprocessorsandalargenumberofstandardhot-swappablecomponents.Managementisalsoveryconvenient.Manufacturersusuallyprovidecorrespondingmanagementandmonitoringtools,whicharesuitableforkeyapplicationswithalargeamountofaccess,buttheyarelargeinsizeandlowinspaceutilization.
Blade
Bladeserverreferstoaserverunitthatcanbepluggedintomultiplecard-typeserverunitsinarack-mountedchassiswithastandardheighttoachievehighavailabilityandhighdensity.Each"blade"isactuallyasystemmotherboard.Theycanstarttheirownoperatingsystemsthroughthe"onboard"harddisk,suchasWindowsNT/2000,Linux,etc.,whicharesimilartoindependentservers.Inthismode,eachmotherboardrunsitsownsystemandservesthespecifiedDifferentusergroupsarenotrelatedtoeachother,socomparedtorackserversandcabinetservers,theperformanceofasingle-chipmotherboardislower.However,administratorscanusesystemsoftwaretoassemblethesemotherboardsintoaservercluster.Intheclustermode,allmotherboardscanbeconnectedtoprovideahigh-speednetworkenvironmentandshareresourcesatthesametimetoservethesameusergroup.Insertinganew"blade"intheclustercanimproveoverallperformance.Andbecauseeach"blade"ishot-swappable,thesystemcanbeeasilyreplacedandmaintenancetimeisreducedtoaminimum.
Tower
Towerservershouldbethemostwidelyseenandeasiesttounderstandserverstructuretype,becauseitsshapeandstructurearethesameastheverticaloneweusuallyuse.ThePCissimilar.Ofcourse,becausetheservermotherboardsaremorescalableandhavemoreslots,theyarelargerthanordinarymotherboards.Therefore,thehostchassisofthetowerserverisalsolargerthanthestandardATXchassis,anditisgenerallyreserved.Enoughinternalspaceforredundantexpansionofharddiskandpowersupplyinthefuture.
Becausethetowerserverchassisisrelativelylarge,theserverconfigurationcanalsobeveryhigh,andtheredundantexpansioncanbeverycomplete,soitsapplicationrangeisverywide,anditshouldbesaidthattheserverwiththehighestutilizationrateisTowerserver.Thegeneral-purposeserverweusuallytalkaboutisgenerallyatowerserver,whichcanintegrateavarietyofcommonservicesintoone,whetheritisaspeedapplicationorastorageapplication,itcanbesolvedbyusingatowerserver.
Cabinetstyle
Insomehigh-endenterpriseservers,duetothecomplexinternalstructureandmanyinternalequipment,somealsohavemanydifferentequipmentunitsorseveralserversareplacedinacabinetInthiscase,thiskindofserverisarackserver.Thecabinettypeisusuallyacombinationofracktypeandbladetypeserversplusotherequipment.
Forimportantcompaniessuchassecurities,banks,postandtelecommunications,systemswithcompletefailureself-repaircapabilitiesshouldbeadopted,andredundancymeasuresshouldbeadoptedforkeycomponents,anddual-systemheatcanalsobeusedforserversusedinkeyservices.Backupahigh-availabilitysystemorahigh-performancecomputer,sothattheavailabilityofthesystemcanbewellguaranteed.
Securityissues
1.Theserverisinapooroperatingenvironment
Forcomputernetworkservers,theoperatingenvironmentisveryimportant.Theenvironmentreferredtoheremainlyincludestwoaspects:operatingtemperatureandairhumidity.Therelationshipbetweennetworkserverandelectricityisveryclose.Electricityisthebasisofenergysupporttoensureitsnormaloperation.Thetemperatureandhumidityrequirementsoftheoperatingenvironmentofpowerequipmentareusuallyrelativelystrict.Inthecaseofhightemperature,thenetworkserverTheoveralltemperatureofthepowersupplywillalsocontinuetorise.Ifthetemperaturetolerancethresholdisexceeded,theequipmentwillbedamagedtovaryingdegrees,orevencauseafire.Ifthehumidityintheenvironmentistoohigh,alargeamountofwatervaporwillaccumulateinthenetworkserver,whichcaneasilycauseelectricleakageaccidentsandseriouslythreatenthepersonalsafetyofusers.
2.Lackofcorrectawarenessofnetworkserversecuritymaintenance
Duringtheoperationofthesystem,somecomputeruserslackbasicawarenessofnetworkserversecuritymaintenance,sotheycannotprovidesecuritymaintenanceforthenetworkserver.Payfullattentiontoit.Duringthelong-termuseofthecomputer,thelackofeffectivesafetymaintenancemeasureseventuallyledtoaseriesofoperationalfailuresofthenetworkserver.Atthesametime,becausesomeusersdidnotchoosethecorrectfirewallsoftware,variousloopholescontinuedtoappearinthesystem,andtheuser'spersonalinformationwaseasilyleaked.
3.Toomanyvulnerabilitiesintheserversystem
Computernetworkitselfhasthecharacteristicsofopennessandfreedom.Thisattributenotonlyhastechnicaladvantages,itwillalsoaffectthesecurityofthecomputersystemtoacertainextent.createathreat.Oncethereareprogramloopholesthataredifficulttorepairinthesystem,somecriminalsarelikelytousetheloopholestosearchforinformationinthebufferandthenattackthecomputersystem.Inthisway,notonlytheuserinformationisexposedtotheriskofleakage,butthecomputeroperatingsystemwillalsobecompromised.damage.
Virtualizationtechnology
Introduction
Virtualizationreferstothevirtualizationofacomputerintomultiplelogicalcomputersthroughvirtualizationtechnology.Itisabroadterm,ThepurposeistosimplifytheITinfrastructure.Theobjectsofvirtualizationcanincludevirtualizationofservers,theInternet,desktops,andarchivespaces.Sincetheconceptofvirtualizationwasproposed,itsadvantageshavebeenwellknowntomostpeople,andservervirtualizationhasbecomepopular.Foralongtimeinthepast,halfoftheworld'sservershavebeenvirtualized.Someofitsownproblemsaregraduallyexposedtoeveryone.Forexample,theprocessofservervirtualizationhasoverturnedsomeoftheoriginalbasicstructure,sothatthesecurityofthevirtualservercannotbeguaranteed.Onthisbasis,visitsomeSoftwaremaycausetheharmofpersonalprivacyoutflow,whichwillalsoaffectthesharedvirtualserver,anditsstoragemethodalsogreatlyincreasestheprobabilityofinformationtheft.Itcanbeseenthattheshortcomingsofvirtualizationneedtobesolvedurgently.Accordingtoasystematicstudy,mostvirtualserversaremorevulnerabletoattacksthanphysicalservers.
Advantages
1.Integratingresources
Completingresourceintegrationisthemaintaskofservervirtualization.Intheinformationage,variousindustrieshavedevelopedThenumberofdatashowsexplosivegrowth.Howtorealizethecomprehensiveutilizationofthesedataandresourcesisanurgentproblemforallmajorindustriestosolve.Theresearchanddevelopmentandapplicationofcomputerservervirtualizationtechnologyprovidetechnicalsupportandapplicationplatformfortherealizationofresourceintegration.Especiallyinrecentyears,thecontinuouspopularizationofcloudcomputingtechnologyandtheincreasinglyadvancedcentralizedresourcemanagementprovideconditionsforthedevelopmentandpromotionofcloudtechnology.Atpresent,theutilizationrateofcomputerhardwareresourcesbymajorenterprisesislessthan20%,andthephenomenonofresourcewasteisstillItisveryserious.Throughservervirtualizationtechnology,theoriginalapplicationcanbeconcentratedinacertaincomputerserver,whichcanpromotethecompany'smaterialresourceutilizationratetogreatlyincrease,therebyreducingtheinvestmentofvarioushardwareandsavingcosts..
2.Lowenergyconsumption
Intheinformationage,technologicalinnovationisthetoppriorityandthemainwaytoreduceresourceconsumption.CloudcomputingtechnologyhasbeenpopularizedandwidelypromotedintheITindustry.Cloudcomputingtechnology.Computerservervirtualizationisthemainwaytoimproveresourceutilization,anditcanalsomanageenergyconsumptionreasonably.Virtualizationtechnologycansimulatedifferentscenarios,soastoachieveacomprehensivesysteminspectionofvarioushardwareandsoftwareinthecomputersystem.Whenproblemsarefound,theyaredisplayedontheinterfaceimmediately,remindingrelevantpersonneltodealwiththemintime,soastoreduceenergyconsumptionandachievegreendevelopment.thegoalof.
3.Reduceoperatingcosts
Underthebackgroundofcontinuousbusinesstransformationofinformationserviceproviders,intensificationhasputforwardhigherrequirementsforcostcontrol,andinvestmenthasbecomemorerefined.ThekeyforanenterprisetoachieveIT-basedoperationisprideandconcentratedinvestmentindatacenters.Thiscontentmainlyinvolvestwoaspects:①Theinvestmentincomputerhardwareandlicensingservicesupport.②Thecostinvestmentundertakenbythecomputersystemoperationandmaintenancecangivefullplaytotheperformanceoftheserverthroughthecomputerservervirtualizationtechnology.
4.Applicationismoreflattened
Throughservervirtualizationtechnology,computerserverapplicationplatformscanbeflattenedandtransparent.Intheinformationage,datacenterplatformsareincreasingyearbyyear,andcomputerserversTheapplicationofdifferentplatformsisbecomingmoreandmorecomplex.Inthespecificoperationprocessofdifferentplatforms,itisnecessarytofullyconsiderthelevelofdifferentoperatingsystemsandmiddleware.Servervirtualizationtechnologycaneffectivelysolvethistypeofproblem,isolateapplicationsandhardwareplatformsfromeachother,andachieveplatformrestrictions.
Keytechnology
1.CPUvirtualizationtechnology
VirtualizethephysicalCPUinthecomputerserverintoavirtualCPU,andthesystemoperationcanuseoneorMultiplevirtualCPUscanbeisolatedfromeachotherbyvirtualizingtheCPUsinthecomputerserversystem.Atpresent,manycomputeroperatingsystemsarebuiltbasedontheX86architecture.Inthesystemdevelopmentanddesign,theCPUismainlyinvolvedinfourlevelsintheoperationprocess,namelyRing0,Ring1,Ring2,andRing3.Amongthem,Ring0belongstotheinstructionlevelandcaneffectivelyexecuteanyinstruction.Forexample,themodificationofCPUoperationiscompletedinRing0.ForvirtualizedX86systems,avirtuallayerneedstobesetupbetweentheoperatingsystemandthehardwareatthesametime.Ring0canonlyruninthevirtuallayerundernormalcircumstances,sothatsomespecialinstructionscannotbedirectlyappliedtothehardware.Virtualizationtechnologycaneffectivelyexecutevariousinstructions.Inthecomputerservervirtualization,anadvancedbinarycodedynamictranslationmachineisused,andbothordinaryinstructionsandprivilegedinstructionscanbeeffectivelyexecuted.Applyingmoreadvancedpre-insertionandtrappinginstructionsdirectlyactonthevirtualmachine.Thevirtualmachineperformsinstructiontranslationandthenperformsrelatedoperations.Comparedwithtraditionalvirtualizationtechnology,thisapproachrealizesmulti-systemoperation,whichiscurrentlytherealizationofCPUvirtualization.Keytechnology.
2.Memoryvirtualizationtechnology
Memoryvirtualizationisthecoreofrealizingcomputerservervirtualization.Asweallknow,computermemorydeterminestheoperatingefficiencyandstabilityofcomputersystems.MemoryvirtualizationThemainprincipleofvirtualizationistouniformlymanageallthememoryintheserver,andthenthroughthevirtualizationencapsulationtechnology,thememorycanrunwellinthevirtualmachine.Inturn,eachvirtualmachinecanrunwell.Intheprocessofrealizingcomputerservervirtualization,memoryvirtualizationtechnologyandCPUvirtualizationtechnologyareequallyimportant,andthefrequencyofaccesstimesisalsoconsistentwitheachother.Thekeytovirtualizedmemoryistorealizethereasonablemanagementofphysicalmemory,andrealizethereasonabledivisionofmemory,andbuildaconsistentmappingrelationshipwiththememoryaddressrequiredbythevirtuallayerandthememoryaddressofthecomputerserver,therebyensuringthememoryoftheentirevirtuallayerAccesscanbeconsistentinvirtualizedmemoryandphysicalmemory.
3,equipment,I/Oandnetworkportvirtualizationtechnology
Intheprocessofcomputerservervirtualization,equipmentandI/Oarealsothemaincomponentsofthecomputersystem.Itisnecessarytorealizevirtualizationtomaketheserveralsorealizevirtualization.Comparedwithmemoryvirtualization,device,I/O,andnetworkportvirtualizationaremainlyrealizedthroughprofessionalpackagingtechnologytoprovidetechnicalsupportfortheoperationofvirtualmachines.ItoftenmeetstheneedsofvirtualmachinesfordeviceaccessandI/Orequests.Inthecomputerservervirtualizationplatform,ithaslaidasolidfoundationfortherealizationofdeviceandI/Ovirtualization.Inthespecificoperation,therearecertaindifferencesinthecomputerserverforeachdevicemodel,configuration,parameter,etc.,buttheactualrealizationofthecomputerserver,theexchangeofdataandinformationbetweenthevirtualmachineandthephysicalmachine,showstheapplicationofservervirtualizationtechnologyEffect.Thereasonableapplicationofthistechnologycannotonlyexpandtheapplicationscopeofcomputerservervirtualizationtechnology,butalsogreatlyreducethedegreeofdependenceontheunderlyingcomputerhardwareintheinformationage.Aslongasthevirtualplatformissetup,mutualmigrationondifferentphysicalmachinescanberealized.
4.Real-timevirtualmigrationtechnology
Themechanismofthisvirtualtechnologyandbasestationsofthandoverisbasicallythesame.Twolinksareconstructedinthecomputerserver,andthevirtualmachineisintheactualoperationprocess.,TherelativelycompleteoperatingenvironmentcanbequicklymigratedfromHarajukuaircrafttoShinjukuaircraft.Theentiremigrationprocessrequiresaveryshorttime,andusertechnologyhardlynoticesanychanges.Inshort,real-timevirtualmigrationtechnologyistheprocessofdatacopying,transmission,andswitching,whichisofgreatsignificancetothemaintenanceofcomputerserverhardware.
Risk
1.Thevirtualizationprojectdidnotinitiallyinvolveinformationsecurity.
Anauthoritativestudyfoundthatlessthanhalfofthescientificresearchprojectswerenotincompliancewithsafetyregulationswhentheywereinitiallycreatedandplanned.Sometimeswhenworkingingroups,securityissuesaredeliberatelyforgotten,buttheproblemscausedbyvirtualizationcannotbeignored.Thedisadvantagesofworkingwithmultiplevirtualizedserversaremoreseriousthanthosecausedbynon-virtualization..Therefore,itismorecumbersometostudytheseissues.
2.Thehiddendangersoftheunderlyingvirtualizationplatformaffectallhostedvirtualmachines.
Virtualizingaserverislikerunningaprogramonacomputer,anditrequiresaplatform.Theplatformhasmoreorlessbugsandisneglectedbypeople.Recently,somelargevirtualizationvendorshaverepeatedlyreportedthattherearehiddensecurityrisksinthevirtualizationproductionline,andthesehiddendangershavenotbeenresolved.Therefore,somepeoplechoosetoattacktheunderlyingvirtualizationplatformwhentheywanttoattack,andescapesecuritydetectionbycontrollingthecentralsystem.Inturn,theviruswasbroughtintoeachserver,attackeditsshortcomings,andobtainedthepermissiontoreadalltheinformation,whichledtothedisclosureofinformation.
3.Thevirtualnetworkbetweenvirtualmachinesinvalidatestheexistingsecuritypolicies.
Somewell-knownvirtualizationmanufacturersusethemethodofestablishingvirtualmachinesandvirtualnetworkcardssothatvirtualmachinescanbeassociatedwitheachothertorealizetheabilityofsendingandreceivinginformation.Theprotectionscopeofsomemainstreamprotectionsystemscanonlyprotecttheinandouttrafficofconventionalservers,butcannotseethetraffictransmissionbetweenvirtualmachines,andcannotprovideguaranteeforvirtualizedtraffictransmission.
4.Virtualmachinesofdifferentsecuritylevelsarenoteffectivelyisolated.
Somevirtualizationmanufacturersaretryingtovirtualizeallservers,whichnotonlyreducesexpensesbutalsospeedsupproduction.Theseserversincludemanysystemswithhighprivacylevels,sovirtualmachinesarerequiredtobesufficientlysecure.Ifserverswithdifferentsecurityindexesarenotseparated,theyaredominatedbythesameserver,andthesecurityofhigh-levelvirtualmachineswillbereducedandcontrolledbylowerones.
5.Lackofsecurityaccesscontroltothehypervisor.
Thevirtualmachinemanagementprogramislikethecentralnervoussystemofthehumanbrain.Itcontrolsalltheactivitiesofthevirtualmachine,issuesinstructionstoeachstep,andsupervisesandcorrectsthefunctionsatbothends.Therefore,permissionsmustbeestablishedtopreventrandomChange.Ifthereisnosuchaccessright,HKswillconnecttothecentralnervoussystemthroughtheaddress.Eveniftheycannoteasilyentertheprogram,theycancreatemultipleserverstofullyloadthehypervisor,forcethehypervisortocrashanddestroyallvirtualmachines.
Maintenance
1.Payattentiontotheconstructionofthecomputerroomenvironment
Thecomputerroomenvironmenthasanimportanteffectonthenormaloperationoftheserver.Therefore,themostimportantpartofservermaintenanceandmaintenanceistodoagoodjobintheconstructionofthecomputerroomenvironment.Ensuresufficientspaceinthecomputerroomfortheinstallationandconfigurationofserver-relatedequipment.Thepartitionsandfloorsofthecomputerroommustbehandledwithanti-staticandotherdetails.Thefirepreventionworkofthecomputerroomisalsoveryimportant,andthefirepreventiontreatmentofwallsandcablesmustbedonewell.Intheeventofafire,howtoensurethesafetyofequipmentandhowtoensuretheorderlyevacuationofpersonnelareallfactorsthatneedtobeconsideredintheconstructionofthecomputerroom.Thetemperatureandhumidityofthecomputerroomshouldalsobemaintainedwithinacertainrange.Temperatureandhumidityhaveagreatinfluenceonthenormaloperationofelectronicproducts.Aserverisanelectronicdevicethatissensitivetotemperatureandhumidity.Ifthecomputerroomwheretheserverislocatedistoodry,itisveryeasyforpeopletogeneratestaticelectricityintheprocessofcontactingtheequipmentinthecomputerroom.Thiskindofstaticelectricitygenerallyhasthousandsofvoltsoreventensofthousandsofvolts,whichisverydangeroustothenormaloperationoftheserverandcaneasilycauseseriousaccidents.Howtoscientificallyandreasonablydoagoodjobinthelayoutandmanagementofthecomputerroomisthekeytotheconstructionofthecomputerroom.Atpresent,therearestillmanyareasthatneedtobeperfectedinthemanagementofcomputerserverroomsinourcountry.Forexample,themodernizationlevelofcomputerroommanagementisnothigh,andmanymonitoringandmaintenancetasksarecompletedsolelybymanpower,andthereisnoinformation-basedandnetworkedmanagementmechanism.Infact,thereisnotmuchdifficultyinthedesignorimplementationoftheelectronicdetectionsystem,butduetoourinsufficientattention,theoveralllevelofcomputerroomconstructionisstillhoveringatalowlevel.
2.Doagoodjobinhardwaremaintenance
Thehardwarecompositionoftheserverismorecomplicated,andthemaintenanceoftheserverhardwareshouldbeperformedbyprofessionals.Whenmaintainingandmaintainingstorageequipment,weshouldfirsttestitscapacitytoseeifoperationssuchasexpansionareneeded.Thestoragecapacitymustbeabletomeettheneedsofthetask,andleaveacertainamountofredundancy.Whendisassemblingandupdatingtheserverequipment,besuretokeeptheequipmentinapower-offstateandperformgroundingtreatment.Eventhesimplestpartsarereplaced,theselinkscannotbeomitted.Forsomeunfamiliarparts,readtheinstructionsandreferencedocumentsrepeatedlyandcarefully,andavoidblindlydismantlingthemifyouarenotsureaboutit.Cleantheserverregularly.Dusthasastrongimpactontheworkofhardware,especiallyfordevicesthatoperateathightemperaturesandhighspeedssuchasservers.Thedamagecausedbyalargeamountofdusttotheequipmentisoftenfatal.Thedustremovalworkmustbecarriedoutinascientificandorderlymanner,anditcannotbetakenforgrantedorrecklessly.Payspecialattentiontotheprotectionofthepowersupplysystemduringthedustremovalprocess.
3.Maintainserversoftwarewell
Softwareisanimportantpartoftheserver,andthestableandefficientoperationoftheserverisinseparablefromthecorrespondingsoftware.Weneedtoconductregularinspectionsontheserver'ssoftwaresystem,discovervulnerabilitiesintime,andinstallofficialpatchesintime.Whenexpandingtheserverdatabase,ifconditionspermit,itisbesttobackuptheoriginaldatatoavoidunnecessarylosses.
4.Doagoodjobinpowercontrol
Doagoodjobinpowercontrol.Withouttheguaranteeofstablepower,theservercannotworknormally.Electroniccontrolisaverycriticalbuteasilyoverlookedissue.Atthebeginningoftheconstructionofthecomputerroom,weshouldgivefullconsiderationtothepowerguaranteeoftheserver.Itisnecessarytodesignandconfigureastableandreliablepowersupplysystemforthecomputerroom.Thissystemalsohastheabilitytodealwithandrespondtoemergencies,suchasunpredictablepoweroutages,lightning,etc.
5.Passwordmanagement
Theserver’spasswordmanagementisthemostcriticalpartoftheserver’sdefensecapabilities.Themanagementandreplacementofpasswordsshouldformalong-termmechanism.Weneedtochangethepasswordoftheserverregularly,andthepasswordshouldbemanagedbyadedicatedperson.Theselectedpasswordmusthaveacertaindegreeofprofessionalismandacertaindegreeofcomplexity.Itisbesttocombinenumbersandletters,andcombineupperandlowercase.Indailyinspections,wemustdoagoodjobofloggingstatisticsandclosesomeportsthatarenotusedverymuch.