Skip navigation
Help

Server

warning: Creating default object from empty value in /var/www/vhosts/sayforward.com/subdomains/recorder/httpdocs/modules/taxonomy/taxonomy.pages.inc on line 33.

This is a guest post written by Claude Johnson, a Lead Site Reliability Engineer at salesforce.com.

The following is an architectural overview of salesforce.com’s core platform and applications. Other systems such as Heroku's Dyno architecture or the subsystems of other products such as work.com and do.com are specifically not covered by this material, although database.com is. The idea is to share with the technology community some insight about how salesforce.com does what it does. Any mistakes or omissions are mine.

This is by no means comprehensive but if there is interest, the author would be happy to tackle other areas of how salesforce.com works. Salesforce.com is interested in being more open with the technology communities that we have not previously interacted with. Here’s to the start of “Opening the Kimono” about how we work.

Since 1999, salesforce.com has been singularly focused on building technologies for business that are delivered over the Internet, displacing traditional enterprise software. Our customers pay via monthly subscription to access our services anywhere, anytime through a web browser. We hope this exploration of the core salesforce.com architecture will be the first of many contributions to the community.

0
Your rating: None

CloudFlare's CDN is based on Anycast, a standard defined in the Border Gateway Protocol—the routing protocol that's at the center of how the Internet directs traffic. Anycast is part of how BGP supports the multi-homing of IP addresses, in which multiple routers connect a network to the Internet; through the broadcasts of IP addresses available through a router, other routers determine the shortest path for network traffic to take to reach that destination.

Using Anycast means that CloudFlare makes the servers it fronts appear to be in many places, while only using one IP address. "If you do a traceroute to Metallica.com (a CloudFlare customer), depending on where you are in the world, you would hit a different data center," Prince said. "But you're getting back the same IP address."

That means that as CloudFlare adds more data centers, and those data centers advertise the IP addresses of the websites that are fronted by the service, the Internet's core routers automatically re-map the routes to the IP addresses of the sites. There's no need to do anything special with the Domain Name Service to handle load-balancing of network traffic to sites other than point the hostname for a site at CloudFlare's IP address. It also means that when a specific data center needs to be taken down for an upgrade or maintenance (or gets knocked offline for some other reason), the routes can be adjusted on the fly.

That makes it much harder for distributed denial of service attacks to go after servers behind CloudFlare's CDN network; if they're geographically widespread, the traffic they generate gets spread across all of CloudFlare's data centers—as long as the network connections at each site aren't overcome.

0
Your rating: None

Aurich Lawson / Thinkstock

The corporate data center is undergoing a major transformation the likes of which haven't been seen since Intel-based servers started replacing mainframes decades ago. It isn't just the server platform: the entire infrastructure from top to bottom is seeing major changes as applications migrate to private and public clouds, networks get faster, and virtualization becomes the norm.

All of this means tomorrow's data center is going to look very different from today's. Processors, systems, and storage are getting better integrated, more virtualized, and more capable at making use of greater networking and Internet bandwidth. At the heart of these changes are major advances in networking. We're going to examine six specific trends driving the evolution of the next-generation data center and discover what both IT insiders and end-user departments outside of IT need to do to prepare for these changes.

Beyond 10Gb networks

Network connections are getting faster to be sure. Today it's common to find 10-gigabit Ethernet (GbE) connections to some large servers. But even 10GbE isn't fast enough for data centers that are heavily virtualized or handling large-scale streaming audio/video applications. As your population of virtual servers increases, you need faster networks to handle the higher information loads required to operate. Starting up a new virtual server might save you from buying a physical server, but it doesn't lessen the data traffic over the network—in fact, depending on how your virtualization infrastructure works, a virtual server can impact the network far more than a physical one. And as more audio and video applications are used by ordinary enterprises in common business situations, the file sizes balloon too. This results in multi-gigabyte files that can quickly fill up your pipes—even the big 10Gb internal pipes that make up your data center's LAN.

Read 34 remaining paragraphs | Comments

0
Your rating: None


Nvidia CEO Jen-Hsun Huang unveils the Nvidia Grid server at the company's CES presentation.

Andrew Cunningham

The most interesting news to come out of Nvidia's two-hour-plus press conference Sunday night was doubtlessly the Tegra 4 mobile processor, followed closely by its intriguing Project Shield tablet-turned-handheld game console. However, company CEO Jen-Hsun Huang also revealed a small morsel of news about the cloud gaming initiative that Nvidia talked up back in May: the Nvidia Grid, the company's own server designed specifically to serve as the back-end for cloud gaming services.

Thus far, virtualized and streaming game services have not set the world on fire. OnLive probably had the highest profile of any such service, and though it continues to live on, it has been defined more by its troubled financial history than its success.

We stopped by Nvidia's CES booth to get some additional insight into just how the Grid servers do their thing and how Nvidia is looking to overcome the technical drawbacks inherent to cloud gaming services.

Read 14 remaining paragraphs | Comments

0
Your rating: None

Fifteen years ago, you weren't a participant in the digital age unless you had your own homepage. Even in the late 1990s, services abounded to make personal pages easy to build and deploy—the most famous is the now-defunct GeoCities, but there were many others (remember Angelfire and Tripod?). These were the days before the "social" Web, before MySpace and Facebook. Instant messaging was in its infancy and creating an online presence required no small familiarity with HTML (though automated Web design programs did exist).

Things are certainly different now, but there's still a tremendous amount of value in controlling an actual honest-to-God website rather than relying solely on the social Web to provide your online presence. The flexibility of being able to set up and run anything at all, be it a wiki or a blog with a tipjar or a photo hosting site, is awesome. Further, the freedom to tinker with both the operating system and the Web server side of the system is an excellent learning opportunity.

The author's closet. Servers tend to multiply, like rabbits. Lee Hutchinson

It's super-easy to open an account at a Web hosting company and start fiddling around there—two excellent Ars reader-recommended Web hosts are A Small Orange and Lithium Hosting—but where's the fun in that? If you want to set up something to learn how it works, the journey is just as important as the destination. Having a ready-made Web or application server cuts out half of the work and thus half of the journey. In this guide, we're going to walk you through everything you need to set up your own Web server, from operating system choice to specific configuration options.

Read 90 remaining paragraphs | Comments

0
Your rating: None

A newly discovered form of malware that targets Linux servers acting as Web servers allows an attacker to directly inject code into any page on infected servers—including error pages. The rootkit, which was first publicly discussed on the Full Disclosure security e-mail list on November 13, appears to be crafted for servers running the 64-bit version of Debian Squeeze and NGINX.

An analysis of the rootkit by Kaspersky Labs found that the malware inserts HTML iframe elements into every page served up to Web browsers connecting to the server. It does this by replacing the code that builds TCP/IP packets (tcp_sendmsg) with its own code. The malware then retrieves the code to be inserted into the iframe by connecting, botnet-like, to a command and control network with an encrypted password.

The rootkit, designated as Rootkit.Linux.Snakso.a by Kaspersky, is a new approach to drive-by downloads. They usually are based on PHP script—not code injected into the kernel of the operating system. Because the new rootkit infects the entire server and not just a specific page, the malware could affect dozens or even hundreds of websites at a time if it infects the server of a Web hosting provider.

Read 1 remaining paragraphs | Comments

0
Your rating: None