The Logical Datacenter Designer

The Logical Datacenter Designer

The infrastructure architect's primary task is to model the network and datacenter onto which the application will be deployed. Using Visual Studio the architect will define the metadata and configuration requirements by using the Logical Datacenter Designer. Specifically, this means defining the following characteristics:

• Types of servers (application Hosts)

• Communication pathways between Host (server endpoints)

• Types of communication boundaries (Zones)

• Communication connection points (zone endpoints)

• Types of services enabled

• Configuration of application services

• Adding or removing setting resources to logical servers and endpoints

Creating Logical Datacenter Diagrams

Logical datacenter diagrams are created independent of the application-development process. In other words, the infrastructure architects using Visual Studio 2005 Team System might not necessarily be doing any coding on the project itself. It is important to design these diagrams before the application development gets underway. The application architecture must be vetted against the logical datacenter diagram to ensure that it will deploy. The more time the architect spends accurately designing the network diagram, the more complete it will be for this and future application-development efforts.

NOTE
Every project will be different. In some cases, the logical datacenter diagram may be developed in tandem with, or even after, the application diagram. This would occur in cases where an infrastructure is being configured for a specific application. Regardless of the order, the logical datacenter diagram must be completed before any validation can be performed.

At a high level, here are the steps to create a logical datacenter diagram:

1. Create a new Distributed System Solution project.

2. Select the Logical Datacenter as a template.

3. Design your logical datacenter by adding and configuring the appropriate Host's logical servers (application Hosts), adding and configuring the appropriate endpoints, and connecting those endpoints.

TIP
When you create a new project, Visual Studio will name the logical datacenter diagram the same name as the project. This isn't always what you want. What I like to do is delete this .ldd file and add a new logical datacenter diagram to the (now empty) project, but this time I can specify a more meaningful name.

You can add the following shapes to your diagram:

• Zones

  The boundaries—such as domains, perimeter networks, or other isolated security areas

• Endpoints

  The communication gateways into or out of the Hosts logical servers and Zones, including both client- and server-side gateways (Web site, HTTP, database, and generic)

• Hosts

  The various application Hosts (IISWeb, database, Windows, and generic)

Zones

Zones are a logical container of Hosts. Zones do not necessarily map to anything specific in the datacenter, and only serve as a method of encapsulation. This encapsulation allows the architect to essentially hide the servers, ports, and pathways contained within the Zone, while exposing only a minimal number of public ports. This is similar to the concept of design classes in .NET—you have private members exposed through well-controlled public methods. Zones can represent a boundary, such as a firewall, VLAN, or security networks. Zones convey to the developer that they are about to cross a boundary (security, physical, network, and so on).

Here are a few examples of what Zones can represent:

• Internet

• VPN

• Perimeter network (also known as DMZ, demilitarized zone, and screened subnet)

• Firewalls

NOTE
Remember, a Zone doesn't have to represent a physical border or trust boundary. A Zone can be any logical collection of Hosts as well.

From a diagramming standpoint, you should strive to design your datacenter using Zones if possible. They force you to hide your sensitive servers and ports, only revealing a few public access points. Some other examples of this type of encapsulation include a hardened database Zone and an intranet Web portal Zone. Both of these examples can contain embedded Hosts and connection pathways, but expose only a minimal number of ports to the other clients and servers.

Here are the steps to create a Zone:

1. Drag a Zone onto your diagram.

2. Name the Zone using its property window or by changing it directly in the designer.

3. Specify other properties, settings, or constraints.

4. Add Hosts to the Zone

5. Add, edit, or remove any of the Zone endpoints.

Zones can also contain other Zones. You might use this capability to define your complicated datacenter in an easy-to-read way. For example, suppose you have a secure Zone, and within that zone, you have a corporate intranet Zone and a secure data Zone. Both inner Zones are considered secure.

When you decide that your datacenter diagram needs to have a Zone removed you can simply delete it. If your Zone isn't empty and contains Hosts, you have the option of just deleting the Zone. This will leave the Hosts that were contained in the diagram. You can also choose to delete all the contained Hosts as well as the Zone. Figure 5-1 shows you these deletion options. You can delete multiple Zones at the same time by selecting them all first.

Figure 5-1 Deleting Zones

TIP
You should think carefully before deleting any Hosts or other components of your diagram. This is especially true if you've already validated applications against these diagrams. Changes at this point could adversely affect a successful deployment.

Endpoints

When you initially drag and drop a Zone onto the diagram it has one inbound endpoint, represented by an inward-pointing arrow, and one outbound endpoint, represented by an outward-pointing arrow. These endpoints are usually on opposite sides of the Zone. Typically, Zones need at least one inbound endpoint so that you can connect them to a client application or Host. Zones can also have an outbound endpoint which will allow it to communicate with other servers or Zones.

TIP
When configuring Zone endpoints, remember that the communication flow can be inbound, outbound, or bidirectional. This setting is extremely important, especially when communication flow will be behind networking hardware or software that will physically constrain the flow. You want to ensure that the diagram matches the actual datacenter.

After defining the direction of the endpoint, you should define any constraints. The first type of constraint is to specify what type of Host or application can communicate. This is where the real value of the logical datacenter diagram is set. By specifying the types of connections that can be made to and from these endpoints, as well as any additional constraints (such as the security method, IP port number, and so on), you're actually specifying what type of traffic your Zone can support. This detail is essential to ensure an environment that is secure but still capable of running the application.

Endpoint constraints affect only what passes into and out of the Zone; they don't affect what is restricted inside the Zone. If you want to further constrain the endpoints between Hosts in a Zone, set the appropriate constraints on their endpoints. Also, when creating the Zone endpoint constraints, keep in mind the constraints of the physical servers inside the Zone. For example, don't block the physical port 1433 when the servers inside of that logical Zone must communicate using that port number.

You will learn more about settings and constraints later in this chapter.

Clients and Servers (Hosts)

You are allowed to have empty Zones on your diagram, but this is only beneficial for documentation purposes. More than likely, your Zones will contain Host servers and interconnecting communication pathways.

Here are the various server prototypes you can add to the diagram:

• DatabaseServer

  A server hosting a database

• IISWebServer

  A Web server that hosts ASP.NET Web applications

• WindowsClient

  A desktop machine in the enterprise, representing an end-user client application

• GenericServer

  A server of an unspecified type in the datacenter, which you can extend to represent a custom server type

NOTE
There's no direct correlation between logical servers and physical machines. One logical server can be implemented on several physical machines (as in a Web farm), and many logical servers can be implemented on a single physical server (as with a Web server and database server running on the same hardware). This flexibility of what the logical datacenter represents means that you don't have to buy a complete Web farm datacenter for each of your developers just because that's the environment that the application will eventually get deployed to. The logical datacenter is flexible enough to represent a smaller QA environment as well as the scaled-out production environment.

To add Hosts to your Zone, you can drag any of the server prototypes from the toolbox (shown in Figure 5-2) and drop them inside the Zone. You can also right-click the Zone, select the Add New option, and then position the newly added Host manually. Just like Zones, these Hosts can also have settings, constraints, and endpoints.

Figure 5-2 Logical Datacenter Designer toolbox

NOTE
A frequently asked question is whether the Logical Datacenter Designer can probe for the servers on the network and determine their configurations and constraints automatically. A few years ago, Microsoft had a similar feature called AutoDiscovery, in its Visio 2002 Network Tools edition. Future releases of Windows Management tools may offer this capability to Team System, providing the ability to generate a logical model from the physical model. Today, there is support for importing IIS settings into your IISWebServer Host. Figure 5-3 shows the dialog box that appears when you right-click an IISWebServer Host and select Import Settings.

Figure 5-3 Importing settings from an IIS Web server

Connecting Endpoints

Once you've added Hosts to the diagram, connect them to indicate which communication pathways exist. There are several ways to do this:

• Hold down the Alt key while dragging from one Host or Zone to another.

• Right-click the Host or Zone and use the Connect option.

• Use the connection tool from the toolbox.

Here are the various endpoint types:

• DatabaseClientEndpoint

  A consumer of a database connection

• GenericClientEndpoint

  A consumer of a nonspecific connection

• GenericServerEndpoint

  The provider side of a nonspecific connection

• HTTPClientEndpoint

  The consumer side of an HTTP connection

• WebSiteEndpoint

  The provider/server side of an HTTP connection

• ZoneEndpoint

  A communication endpoint on the edge of a Zone

NOTE
Notice that there is no DatabaseServerEndpoint. This absence is by design because you cannot delete the default DatabaseServerEndpoint on a DatabaseServer Host. Therefore, you never need to add one back. You also cannot add additional DatabaseServerEndpoints.

TIP
If you're having difficulty lining up the endpoints and connection of two services let the designer do it for you. Simply right-click the connection line and then select Redraw Connection. This should tidy things up. If you're good with a mouse, you can also route the connections and move the endpoints manually.

Figure 5-4 shows a Zone containing an IIS Web server that has the properly configured and connected endpoints.

Figure 5-4 An example of a logical datacenter diagram containing a Zone

Reusing Custom Server Prototypes

As you create and configure logical servers, you might find that you want to reuse these Hosts on other diagrams. This makes sense, especially when you have a standard configuration for your IIS Web servers with a specific version of Windows, .NET, and security. If this is the case, you can create your own custom prototypes and save them to the toolbox. Right-click the item, or a group of items, and use the Add to Toolbox feature. Specify a friendly name and a graphical bitmap image to represent the toolbox item. Visual Studio will save the host as a Logical Datacenter Designer prototype file (.lddprototype). You will be prompted for the file name and path.

TIP
These prototypes are saved in a proprietary format rather than XML, so they are not easily edited. Any changes have to be made by using the designer and then saving a new prototype.

You are allowed to save the following as prototypes to the toolbox:

• Logical server

• Group of servers

• Zone

• Group of Zones

Later when you're editing a diagram, you can locate your new Host under the Logical Servers section in the toolbox and drag it onto your design surface. It will have all the same settings and constraints that you gave it initially, and you can change any to suit the new datacenter if need be.

NOTE
These prototypes are saved to a folder on your hard drive. By default, this is found under \Common7\Tools\DesignerPrototypes\Prototypes. It is possible to save your prototypes to other folders or drives, as long as you edit the registry and add those paths to the list that Visual Studio searches when populating the toolbox. By default, the registry location is \HKLM\SOFTWARE\Microsoft\VisualStudio\8.0\EnterpriseTools\DesignerPrototypeFolders. There is a value named PrototypesFolder1, which contains the preceding default path. You can add additional string values with additional paths here.

TIP
By default, any Hosts or Zones that you add to the toolbox will appear under the Logical Servers section. Use the Add Tab feature by right-clicking in the toolbox to add a new tab. You can then drag and drop your toolbox items onto that new tab to organize your toolbox. As shown in Figure 5-5, I have created a new tab called Logical Servers (Custom). If you want to share your Zones and Hosts with other architects, copy the .lddprotype file to a shared folder, and other users can download them to their machines.

Figure 5-5 The Logical Datacenter Designer toolbox with a custom CertifiedIISWebServer prototype