|
Dear
Network Administrators,
This
CPTTM NetAdmin newsletter is to bring useful news to
you, Network Administrators in
Macau, for references without obligations, so that you can do your jobs
easier and better! Hope you like it. if you'd like to unsubscribe or
recommend your friends to subscribe, just email me at alan@cpttm.org.mo. Old issues are available here.
Topics
in this issue:
Switching
from
tapes to USB disks for backup
At Cyber-Lab we were using DAT tapes for backups.
However, we had been facing quite some problems:
- Stability: Sometimes we got random I/O errors. We
never found out the cause. Maybe our environment is too dusty.
- Labor: We had to clean the drive (even
weekly!).
- Capacity: Our tape could only hold 12G of data (It
claims it can backup 24G with compression enabled, although in our case
it's much less than that), while we had more data to backup.
So we had to find a better solution. Mainly we could
choose between a new tape system and a hard disk-based system.
Finally we chose hard disk. Here is why:
- Upfront cost: In order to store backups offsite, we
can use USB disks for portability (MOP800 for a 120G USB disk). As we
keep 4 monthly backups, 4 weekly backups and 4 daily backups, we need
12 USB disks and the total is MOP9,600. If we go for a tape
drive, a low end 100G LTO-1 tape drive costs about MOP5000. As
each 100G LTO-1 tape costs about MOP240, 12 tapes will cost an
extra MOP2,880. So the total is MOP7880. The upfront cost
per GB for USB disks is MOP80, while that for tapes is MOP78.8. Not
much difference here.
- Running cost: At least in our environment a tape has
a shorter life span than a hard disk. So we will have to buy new tapes
from time to time.
- Labor: A tape drive must be cleaned regularly. This
adds up our labor cost.
- Stability: Our experience shows that hard disks are a
lot more stable than tapes. A given hard disk simply works or doesn't
work and there is no middle ground.
- Easy to backup: A tape drive can be accessed by a
single server at a time. To backup multiple servers we have to assign
disjoint time slots to each server for backup. With hard disks, the
servers can write to the disk at the same time (even though
performance will be affected but it will sitll work).
- Easy to restore: The backup for a server appears as a
file on the hard disk, but it is just a block on the tape without any
name.
So it is easy to locate the correct backup on the hard disk. In
addition, most computers support USB, it means we easily access
the backups in case of disaster. With a tape drive, we have to find a
computer supporting SCSI.
- Extensibility: If in the future we need to store more
than 120GB, we can buy more disks (the same size or larger) and plug in
two disks for a single backup. Alternatively, if a single new disk is
large enough for a single backup, the old one can be
recycled for other purposes. In contrast, tapes can't be
combined like this nor can they be used for other purposes.
Tip: If you're thinking about using USB disks for backups, make sure
your server and the disks support USB 2.0. It can deliver a speed of
about 40MB per second, which is 140GB per hour. With USB 1.1, the speed
is 1/40 of that (3.5GB per hour). Also, with USB 2.0, when performing
network backups, fast Ethernet (100Mbps) should be the bottleneck, not
the USB bus.
How
logging
affects performance
We had a Windows 2003 server consuming more and more  memory
with time (as much
as 50M). Finally, we found it was the
audit log: It contained a large number of "Success Audit" events.
The logging service uses a technology called "memory map file" to write
to the log. If the log is large, it takes up a lot of memory. Finally
we changed the log limit from 128M to 32M (enough for 8 days). So
you may want to check how large a log you need to make some memory
available to applications.
As another incident, we had a Linux server running
Apache and Tomcat. We found the
performance was quite slow. Finally we found that it was debug level
logging was enabled in jk_mod, the component linking Apache and Tomcat.
Why was it enabled? The tutorial we followed had this option
turned on and we blindly followed it. After disabling it, it felt like
the server was twice as
fast!
It means a single log setting can ruin the performance
of your server! You may wonder how to find the root cause? In Linux
there is a simple way to locate I/O performance issues (source):
- Run "vmstat 2". If the "wa" value is high (>=75%),
the system is I/O bound.
- Run "iostat -x 5" to see which device has a high
util% value.
- Run "ps aux | grep D" a few times to see which
processes usually have a STAT of D. They're waiting for I/O.
- Run "lsof commandline" to see what files they're
accessing.
Top 10
security
tools for Windows
Take a look at these tools.
You may find some useful.
Upcoming
courses for network administrators
In addition, there are some courses your
kids may enjoy:
Feedbacks
Any
questions, ideas
or experiences to share? Contact me at
28781313 or alan@cpttm.org.mo. We
also
have two more
newsletters: CIO
newsletter and Software developer newsletter. If you are interested,
you can read them at the following links: CIO
newsletter and Software developer newsletter.
Until
next time,
Alan
Au
|
