Just because I was offended and thought there was a better way didn’t mean we could make the change, it took work and time. This is a kind of complexity that I am especially offended by psuedo-security which doesn’t really make things more secure but makes you feel like it and makes something else more complicated. I don’t remember how hosts were decided on which vlan they were on inside those networks, some large part of it was probably which load balancer they were on. Website hosts were on website and database but not corporate. I wasn’t around when these decisions were made, I think the idea was to keep the database hosts on the database network secure from the internet, they were on the database and the corporate net, but not on the website. Each host in the datacenter had two NICs and were attached to two of the three networks, depending on the purpose of the host. There were three main networks: website, database, and corporate. When I started at Amazon in late 2002, we had two datacenters and they were filled with L2 and vlans. You will get different answers with different people, and different companies/cultures involved in the discussion, but the point is to do the analysis and understand the tradeoffs. You must weight the complexity of operating all the features you’ve been asked for and ask if there is a better way of doing that. Often as you are thinking about the tradeoffs and want to simplify the network, you have to have a discussion with the people using the network. I think it might be helpful to go through examples I’ve experienced of simplifying networks. Remember, engineering is the art of tradeoffs, so the areas that bring complexity are worth examining to see how to make things better. Just because a network is complex doesn’t mean that it’s wrong. Everything comes down to how well you can operate your network over time. The more complex the network, the harder to operate, the more fragile, and the harder to make changes. There are many reasons: people believe vendor hype, like shiny things, the business asks for things that require complexity, or you didn’t plan well enough for growth, etc. I think people build too complicated networks and not enough consider how hard it will be to operate those over time. You’ve probably heard people say that networks are too complex and need to be made simpler.
Simplifying networks (and lessons in Engineering tradeoffs)
0 kommentar(er)
