In the rapid development of information technology today, whether the government or enterprises, the reliance on information is more and more strong, and the modern information infrastructure is built around the data, how to ensure the basic application data security of land and resources information System, business continuity of reliability, has become one of the most important technical parameters in the construction of information system. Therefore, from the application layer, data layer and link layer to consider the data center, and the use of two high-performance servers to do hot standby, to ensure that the application layer will not be down, so that the system can continue to be accessed and read and write. The data layer takes into account the stability of the database and the requirements for read and write performance, two small machines can be used for hot standby to ensure the high availability of the database. From the stability and security considerations of the data store, the data in the database should also be centrally stored in a professional disk array to ensure that the security of data storage can be flexibly expanded in the future and can effectively increase productivity and reduce management costs. To the small machine and the storage connection, we also should adopt the De Chinglu Standard, guarantees the link layer to be foolproof. To prevent data loss and damage caused by virus intrusion, misoperation, and other causes, we also need to make a backup of our own data, taking into account a higher level of security, and the brothers to each other offsite data backup, in the data to increase a higher security, but also can effectively save costs. The following implementations are explained individually from the system topology to each layer.
2. The solution
2.1 Topology Map
(Figure I)
The use of high stability minicomputer and extended minicomputer installation of the database program, and installation of minicomputer thermal standby software, to achieve dual-computer minicomputer hot standby.
Medium-High-end disk array cabinet as primary storage in the scenario, recommend the use of end-to-end fiber-optic structure of the device, with FC fiber interface, it is best to have Ethernet interface, can provide Fc-san, Ip-san and even Nas and many other access methods, and depending on their actual situation, flexible choice of access mode.
The scheme is a redundant link architecture, 2 servers have been hot standby through the backbone and 2 minicomputer connected together, and 2 minicomputer through the Fibre Channel switch connected to the primary storage, that is, FC San architecture. Each server is configured with dual Fibre Channel cards, with the storage manufacturer's own link switching software, to achieve link automatic switching and load balancing characteristics, not only improve the reliability, but also greatly improve the performance.
The proposal is to configure a 4Gb fibre disk and make a RAID5 and reserve one for the hot spare. Part of the space is used to store real-time data and part of it is used for backup data.
The local data is backed up, the policy is set to make an incremental backup every half hour, a full backup is done once a week, and the backup media selects an entry-level disk array to avoid the pitfalls of the tape library.
Taking into account the higher levels of data security, while local backup is done, part of the space on the brothers ' disk array is set aside to make a full backup weekly, with professional backup software that backs up important data through the fibre-optic network to the storage disk array in the Brother County.
2.2 Implementation of the scheme
The connection of this system can be seen from figure one, we install the application on the High-performance server, and then the server through the backbone network and small machine connected together, call the data in a minicomputer database, minicomputer above the installation of the database program, minicomputer through the fiber link and storage server connected together, The actual resulting data is stored on the storage device.
Consider the security of the data, detach the application from the database program, and only run the application on the application server. If you use only one application server, the server is down, but the data is still there. But will cause the whole application to be broken, users can not access and read and write, so consider using two application servers for hot standby, when an application server down, the application will automatically switch to another server, to ensure that the business can operate normally. The application server is connected through the backbone network and the minicomputer, and the link can be connected by using the original backbone network or using the Ethernet dedicated fiber link.
Considering the importance of the data, we will use the database installed on the small machine, minicomputer due to multi-layer hardware architecture and dedicated operating system, can guarantee the stability of the operation and can provide very good read and write performance and not easily infected by the virus. The application layer of hot standby although has been done, but in case of the database level of minicomputer only one, if the minicomputer downtime, will not be able to provide data reading and writing, so we are at the database level also uses two minicomputer each other for hot standby. At ordinary times when reading and writing data, two small machines in the data reading and writing synchronization, when there is a minicomputer downtime, the other is still able to support the normal operation of the system.
After both the application server and the database server are foolproof, we have to consider the connection between the data and the storage part. Storage devices are used because of the professionalism of the storage device so that it can provide high security and stability, all parts are dual, to achieve redundancy, to ensure that the device will not be a single point of failure and loss of data, and all the data stored in storage can facilitate the management and backup operations. In addition, the storage array of hard disk is a professional storage dedicated hard disk, the quality of the general server hard disk can be compared to the hard disk in storage will generally use RAID to fault-tolerant control, when there is a disk change, the data can also be automatically calculated. Finally, the storage array of hard disk can be flexible expansion, to facilitate future data growth can be enlarged.
However, the minicomputer is connected through the fiber switch and storage, in case the fiber cable is broken or the fiber switch is broken, which will affect the reading and writing of the whole system data, so we introduce the De Chinglu mechanism:
Each minicomputer is configured with two 4GB HBAs (Fibre Channel card) cards, in addition to configure two 8-port fiber switches, the switch is 24, the initial activation of 8, the future can be increased according to the required module can be upgraded to 16 or 24, and the switch for redundancy design more stable and safe. Each minicomputer is connected to two optical switches, and two fiber switches are connected to two fiber optic cables, respectively. Connected to the storage of two control heads, fully realize the redundancy of the link layer, to eliminate the single point of failure, in the storage itself with the special link switching software with the cooperation, when there is line disconnection or switch failure, The system automatically switches the data running on the failed link to a healthy link, and De Chinglu can also play a load-balanced role when there is no problem.