Resilient Search Requires Resilient Infrastructure

With over 20 years of aggregate experience in network architecture and systems engineering, ESR leverages best-of-breed design methodologies in order to provide customers with the SLA and uptime requirements demanded by high-volume search.

Performance

Sub-second search requirements coupled with ever-increasing document corpuses put high throughput and low latency at the forefront of ESR's design considerations. Techniques for addressing performance needs include (but certainly not limited to):

  • Leverage of ASICs and FPGAs to offload cpu-bound processes (i.e. TOE cards, VPN concentrators, ACLs in hardware)
  • Maximizing link utilization through 802.1ad ethernet aggregation, multiple STP instances, equal-cost load balancing, and jumbo frames
  • Back-hauling traffic over MPLS to reduce routing-state persistance at network core
  • IP multicast and IGMP snooping
  • Custom route analysis (BGP table optimization, latency probing for optimizing egress border routing)

Scalability

Various aspects of search scale in different ways; some scale linearly as systems are added, others logarithmically. Each search process requires different network and systems requirements in order to scale relative to the customer's needs. ESR will ensure that the customer's hardware footprint will perform as load increases over time. Scalability techniques include:

  • eBGP/iBGP for scalable border routing
  • flow-based routing
  • Network designs that employ OSPF/EIGRP to propagate internal routes in a scalable fashion
  • High-performance load balancers (NetScaler, Cisco, Foundry, LVS)
  • TCP multiplexing
  • SAN, NAS, iSCSI, and RAID for scalable storage
  • Proper selection of network/systems infrastructure (Cisco, Juniper, Foundry, Extreme, Force10)

High Availability

SLA requirements for high-volume search clusters often allude to 99.9% uptime, thus redundancy and resiliency are key in providing customers with successful search. Techniques for high availibity include:

  • Failover for all network devices (including load balancers) via HSRP or CARP
  • Bandwidth capacity planning and ethernet bonding
  • Redundant node
  • Redundant internal routing
  • Redundant external routing
  • Redundant switching
  • Redundant storage blades

Security

For customers that have especially sensitive data indexed in their search clusters, ESR provides a myriad of services to help the customer maintain security as well as ward off spurious attack. Security techniques include:

  • Persistant vulnerability assessment
  • VPN concentrators and crypto cards
  • End-to-end application-level encryption, as well as network/systems-level encryption
  • Network device hardening
  • Server hardening
  • Redundant firewalls
  • DDOS mitigation

Accountability

ESR requires all deployments to be accountable; they should perform as promised, as expected. While there is no set of formulas that will ensure a given amount of performance, reporting tools can be used to demonstrate and characterize performance so that, if necessary, modifications can be made until the customer is completely and utterly content with product. Techniques for ensuring accountability include:

  • Rigorous benchmarking and regression testing to demonstrate and characterize performance metrics such as QPS, DPS, in indexing, and latency
  • On-going reporting for 95th percentile bandwidth utilization and systems resource utilization
  • Sflow/Netflow reports to show the customer where their traffic is going and where customer traffic is coming from

Contact ESR now to get an assessment of your infrastructure.