?

Log in

No account? Create an account

Previous Entry | Next Entry

The Network Is the Computer

Single sign-on plus borked domain controller (and no backup thereof) equals single point of failure.

Tags:

Comments

( 4 comments — Leave a comment )
bradhicks
Jan. 27th, 2009 02:49 pm (UTC)
Which is why nobody in their right mind, no matter how cheap they are, sets up a Windows networking domain without a backup domain controller. Even if you then go on to use the machine for something else, like print or fax spooling, you're deeply screwed if you have a single domain controller and it goes down. And it tells you this during installation of the first domain controller, it comes up early in every certification class for a Windows server product, and it's prominently displayed in the manual. (I used to do this for a living.)

Of course, if it was all set up for your company by a consultant, and the consultant was chosen because he's a relative of, fellow church member with, or golf buddy of the CEO, it might not do you any good to point this out.
rpkrajewski
Jan. 27th, 2009 03:02 pm (UTC)
Ah, it turns out there WAS a backup domain controller, but both it and the primary were using the same supposedly unkillable RAID/NAS system, which, of course, died (or was wounded – it's coming back now).

There was actually an argument about the wisdom of this setup a while back. I guess it's been decided now :|
bradhicks
Jan. 27th, 2009 04:20 pm (UTC)
Ah, yes, the "unkillable RAID." That's one you pretty much have to learn about the hard way, because RAID arrays generate so many false alarms (and give no stronger indications on the serious alarms) that it's almost impossible for anybody to tell in advance when a particular RAID is going to die. And while the MTBF is longer than for a single hard disk of the same capacity, the failure state is worse. Hopefully there were backups.

Personally, I was always a huge fan of triple-redundancy, even if the third backup was a bailing-wire-and-twine Rube Goldberg device. It's based on my perception of what failure rates humans in general will tolerate. A single point of failure goes down way too often for my taste. It's highly unusual for two points of failure to go down simultaneously, but if the consequences are dire, "highly unusual" isn't unusual enough for me. On the other hand, that combined failure rate being about the one that normal people will tolerate, multiplying in the chance of a third point of failure going down a the same time as the other two brings it to just about where I like it, just about where I think the price/performance curve optimizes.

I have some truly lovely stories about main and backup systems going down at the same time from my years in the financial services industry, but I won't bore you with them. Instead, I'll tell you what I told people about diskettes when I was giving them "this is your first personal computer" classes back around 1990: "Magnetic media are made out of cloud-stuff. Sooner or later, they evaporate. So if you have a file stored on one magnetic medium, sooner or later you will lose it. It's very unusual for two of them to evaporate at the same time; if you have two copies of something, and when one of them evaporates you make another copy, you'll probably always have it. But if your entire career depends on not losing your last copy of something, you absolutely must have three copies. And one of those three copies has to be stored somewhere else, where the same fire or other accident won't wipe all three of them out."

I found that the "cloud stuff" and "evaporate" metaphors worked really well for a wide variety of people. And they're sadly appropriate metaphors for late 20th/early 21st century computer technology in general.
substitute
Jan. 27th, 2009 09:29 pm (UTC)
DHCP is awesome that way too.
( 4 comments — Leave a comment )

Profile

into battle
rpkrajewski
Daddy-O à Go-Go

Latest Month

December 2016
S M T W T F S
    123
45678910
11121314151617
18192021222324
25262728293031

Tags

Powered by LiveJournal.com
Designed by Jamison Wieser