This doth be a machine-wrought text which may contain errors!
When we speak of operational architecture, we mean all those parts which do together comprise the IT infrastructure of an enterprise. ‘Tis of networks, servers, storage, services, and security, and how all doth hang together.
What is an Operational Architecture?
An operational architecture doth be an overview of all IT components within an environment, and how they are linked together. Think upon it as a map of the whole IT system. It includeth all, from physical hardware to software and security measures.
For a small enterprise, this may be as simple as a router, a server, and some PCs. For a larger company, it may include hundreds of servers, sundry networks, cloud services, and much more.
Network Components
The network doth form the very foundation of an operating architecture. Without it, no devices may commune one with another.
| Component | What it doth perform | Example |
|---|---|---|
| Switch | Connecteth devices within a local area network (LAN) | Unifi Switch, TP-Link |
| Router | Sendeth traffic ‘twixt diverse networks | Thine home router, ISP router |
| Gateway | The entry point ‘twixt thy network and the internet | Oft combined with the router |
| Firewall | Filtereth traffic and blocketh unwelcome access | pfSense, OPNsense, Unifi Gateway |
| Access Point (AP) | Granteth wireless connection to the network | Unifi AP, TP-Link AP |
Hvordan henger det sammen?
A common order doth proceed thus:
Internet → Router/Gateway → Firewall → Switch → Devices (PCs, servers, APs)
The Switch doth bind all within, and the Router/Firewall doth govern what passeth forth and back.
Task the First – Map Thy Home Network
What manner of network gear doth thou possess within thy dwelling? Most folk have at the least a router from their internet provider. Endeavour to discover:
- Hast thou a router, a switch, or a combination of both?
- Dost thou possess a separate access point, or is WiFi built into the router itself?
- What is the IP address of thy router? (Hint:
ipconfigin the terminal on Windows)
Servers and Clients
In a working architecture, we do distinguish ‘twixt servers and clients:
| Role | Description | Example |
|---|---|---|
| Server | A machine which doth offer services unto others | Webserver, fileserver, printserver |
| Client | A machine which doth use the services offered | Thy PC, mobile, tablet |
A server need not be a great, costly machine. An old laptop running Linux and sharing files o’er the network is, technically speaking, a server. ‘Tis of the role, not the size, that we speak.
Formfaktorer
Servers do exist in divers physical forms:
- Tower - Doth resemble a common desktop machine. ‘Tis apt for lesser environs.
- Rack - Is mounted within a server cabinet (rack). The standard for data centres, forsooth.
- Blade - Compact modules which are set within a chassis. Used in great data centres.
Storage
Data must needs be stored in some place. Within an operational architecture, there doth exist divers options:
| Type | Explanation | Example |
|---|---|---|
| Local Disk | Storage directly within the machine | SSD, HDD in a PC or server |
| NAS | Network storage shared ‘twixt devices | Synology, TrueNAS |
| SAN | Dedicated storage network for high performance | Used in large data centres |
| Cloud Storage | Storage with a cloud provider | OneDrive, Google Drive, S3 |
NAS vs. SAN
- NAS (Network Attached Storage) doth share files o’er common network. Easy ‘tis to set up.
- SAN (Storage Area Network) doth employ a separate, dedicated network for storage. Swifter, yet more complex.
For most small and middling companies, NAS is more than sufficient.
Services and Software
The servers within an operational architecture do run divers services. Here are some common ones:
| Service | What it doth | Example |
|---|---|---|
| E-mail and Interaction | Communication and collaboration | Microsoft 365, Google Workspace |
| File Servers | To store and share files internally | SharePoint, SAMBA |
| Web Servers | To deliver web pages unto users | Nginx, Apache |
| Print Server | To share printers ‘twixt devices | CUPS (Linux), Windows Print Server |
| Software | Applications wherewith the users do labour | Office, Teams, Visual Studio Code |
Watchfulness and Security
To keep a working architecture sound, we require insight into what doth transpire:
| Component | What it doth do | Example |
|---|---|---|
| Logging-server | Gathereth log data from servers and services | Grafana + Loki, Graylog |
| Watchfulness | Showeth status and performance in real time | Grafana, Zabbix, Uptime Kuma |
| Access Control | Governeth who hath access to what | Username/password, MFA |
| Antivirus | Protecteth against malware | Windows Defender, ClamAV |
| Backup | Security copy of data and systems | Proxmox Backup, Veeam |
Backup is no choice, good sir
A sound rule of thumb doth be the 3-2-1 rule:
- 3 copies of thy data
- 2 divers storage mediums (e.g., disc + cloud)
- 1 copy without the premises (offsite)
Task the Second - Dost Thou Observe 3-2-1?
Ponder upon thine own school files:
- How many copies hast thou of thy projects?
- Dost thou employ only OneDrive, or hast thou aught locally as well?
- What doth befall shouldst thou lose access to thy Microsoft account?
Many do discover that they possess but a single copy. ‘Tis sufficient until it is not.
Virtualisation
Instead of possessing a physical machine for each service, we may employ virtualisation to run divers services upon the selfsame hardware:
| Technology | Explanation | Example |
|---|---|---|
| Virtual Machines (VM) | Whole operating systems that run upon a common hardware | Proxmox, VMware |
| Containers | Light, isolated environments for single applications | Docker, Podman |
Virtualisation is one of the most principal concepts in modern IT operation. ‘T doth save space, power, and render the managing of services more facile.
To Conjure It Together
Here doth lie an example of how a simple operational architecture might appear for a school of modest size:
Internett
│
▼
[Ruter / Brannmur]
│
▼
[Switch]──────────────────────────────────┐
│ │ │ │
▼ ▼ ▼ ▼
[Server] [AP WiFi] [Printer] [Elev-PCer]
│
├── VM: Webserver (Nginx)
├── VM: Filserver (SAMBA)
└── Docker: Grafana + Loki
This survey doth demonstrate ‘tis need not be complex. The point is to possess an overview of that which doth exist, and how ‘tis linked together.
Task the Third - Depict the School’s Architecture
Essay to draw a simple overview of the IT infrastructure at thy school (or home). Use freely pen and paper, or a tool such as draw.io.
- What network devices doth exist?
- How many networks dost thou deem the school possess? (Hint: scholars and staff are like to be upon divers networks)
- What services do ye employ daily? (WiFi, file storage, printing, e-mail…)
Thou needest not know all. The point is to begin to think in systems.
Summary
A works architecture doth concern itself with understanding the whole:
- Network doth bind all things together
- Servers do deliver services
- Storage doth preserve the data
- Security doth guard against threats
- Monitoring doth grant thee insight
- Virtualisation doth save resources
When thou canst describe these components and explain how they are linked, thou hast a good understanding of the works architecture.