Rancho Cucamonga, Calif., has a new data center that was originally meant to provide redundancy. But now, it's become a path toward the cloud, remote workforce, improved backups and more for the city.
SAN FRANCISCO — For the city of Rancho Cucamonga, Calif., the future looked a whole lot like the past: servers in a government building, blinking and humming and working their unseen magic.
But Rancho Cucamonga’s second data center, part of a public safety campus the fire department finished building this year, is all about preparing the city for change. It’s the gate that give it access to a world free from tape backups, a world with cloud, a world where employees can work remote.
At the VMworld 2019 conference, city CIO Darryl Polk explained that the second data center is connected to the original data center three miles away via municipally owned fiber. The city’s plan is to use a “stretch cluster” architecture, which uses virtualization to spread operations between the two sites. Software will monitor the performance of both, and if one starts to degrade, then it will automatically reroute traffic to the other.
“The intent was really redundancy, but along the way it’s allowed us to increase capacity,” he said. “By going to an active-active, it actually gives us more computer for the same footprint, as opposed to just doing an A/B with redundancy where it’s simply mirroring and not actually providing services. And it provides kind of additional load balancing across all our network where now we can have traffic going into either site and they both have the capacity to fail over and become the single site and carry on most of the operations without interruption. But in the meantime, we’re getting value … out of both sites.”
The setup is all about improving IT in the city in such a way that creates opportunities without being too prescriptive. For example, Polk said Rancho Cucamonga wants to move toward a private cloud model. But it doesn’t have to.
“For me, I looked at it as kind of this opportunity to eventually hop-scotch out, where we can take us out of our existing data center and we can go to a hybrid cloud, or put the A node of our data center as a B node in another municipality that’s outside our seismic zone, so someplace like Henderson, Nevada, or Vista, California, or up here in the Bay Area where if we get hit, they won’t — we can still have that resiliency.”
Along the way, the city has moved its backups from tape to cloud. That has, he said, vastly improved the process for restoring from backup, as well as erased the problem of tapes degrading over time.
“We would have to call [our tape storage vendor] and say, ‘Hey, can you bring back the tapes for this date?’ And they would bring back the tapes and we would go back and reload that environment for that day and find the files we need to restore,” Polk said. “And with Veeam [Software] and with cloud, we’re able to just really expedite that process. This went from two or three days and a lot of staff effort to just a very minimal few clicks, find the files and restore them. So I think it’s really helped our customer experience, it’s helped take that load off the team.”
The new data center architecture also gives the city a path to let employees work remotely in the future while still giving them the ability to connect securely to the environment they would have in city hall.
That’s a big change from the previous design in Rancho Cucamonga, which was more fortress-like.
“Our previous … strategy was a campus network that was guarded from the outside, perimeter defenses and limited access to get into the network. Ideally we wanted to limit it to physical access where you were on a network cord or you had a white-listed device on our existing Wi-Fi footprint,” he said.
But in a world where city IT has to compete with the nimble, cloud-based architecture of tech startups, he said that’s an untenable paradigm.
“What I’m seeing and what I think government’s catching onto is that the industry at large is moving toward a diversified workforce … so for us, it’s either we recognize that model and start preparing for it or deal with the consequences when we’re not competitive in five years, when the private sector offers working from home, working from anywhere, working remotely, and then we’re telling them we don’t have the infrastructure to provide that,” he said.
Of course, security is always an IT worry when a workforce goes remote. So some of the announcements out of VMworld — like VMware’s acquisition of the endpoint protection firm Carbon Black — help make Polk’s vision a little clearer.
“Now we’re going into mobility, people expect access to the environment through mobile devices [and] we’ve got IoT that’s getting layered on through municipal broadband. We’re looking at getting into IoT with our street lights, getting into smart street lights that have cameras with noise detection, that type of thing,” he said. “So the perimeter is just getting redefined continually … that’s what Carbon Black seems to build for us, is the ability to go out there and say, 'Hey we’re going to set rules for all of these endpoints, and we’re going to allow for a system to flex where it needs to flex but still provide security wherever that new edge winds up.'”
It’s all opportunity. Technology changes; Polk can’t be sure what will be necessary tomorrow. But he’s good with that.
“If it never plays out, we’re real good with what we’ve got,” he said. “But if that opportunity ever arrives at our doorstep, we’ll be ready for it.”