Develer’s technological infrastructure: an interview with Stefano Fedrigo
An interview with Stefano Fedrigo, system administrator and developer, to discover Develer’s technological infrastructure.
What do you do at Develer?
I am a passionate software programmer, preferring to focus more on hardware: drivers, open source operating systems and communication protocols are my world. My strength is that of mastering a large number of technologies, some of which are particularly complex.
In addition to my software development activity for customers, I am also involved in the management of technological infrastructure: from the administration of IT systems to security.
What are the biggest challenges you’ve encountered in systems management?
With the recent move to new, larger premises and the significant increase in the number of employees (we have gone from 20 people to more than 50 in just a few years), new needs and complexities have emerged.
Undoubtedly one of my most important responsibilities is guaranteeing the availability of our services on an ongoing basis (High Availability) and ensuring that any problem can be resolved quickly in order to ensure uninterrupted operation both for our developers and for the customer. My main goal is therefore to allow the Develer staff to work without becoming stressed, for users to enjoy a seamless experience, while minimising management and maintenance times.
The Wi-Fi network
Another significant technological challenge was the installation of the Wi-Fi network at the new premises. Ensuring coverage for a large number of users, with high expectations in terms of high bandwidth and connection stability, at a 1300 m² site, was a complex but rewarding activity.
The Ethernet network
We also had stringent needs for the Ethernet connection:
- High performance
- an infrastructure that can be easily upgraded in the future
- flexibility in the management of many different sub-networks dedicated to various services and company departments
- a system that could be modified in a simple way by changing the daily work requirements of the developers
All with the maximum possible bandwidth and reliability.
What are the solutions that have proven most effective?
To ensure service continuity, one of the most effective but also very interesting solutions to implement was the structuring of our data centre, making extensive use of server virtualisation. For this purpose, we created a mini-cluster on which to run virtual machines, adopting KVM (Kernel-based Virtual Machine) and LXC (Linux Containers) as an infrastructure.
The system thus created with KVM proved to be extremely versatile, allowing the migration of virtual machines from one server to another in live mode, managing the hardware resources of the servers. even remotely, and many other features that allow us to minimise the restart/maintenance times.
Moreover, thanks to LXC, our programmers have access to virtual machines, with large CPU resources, to be activated and deactivated as required.
For Wi-Fi connectivity, undoubtedly a winning choice was to rely on enterprise-grade hardware; then a whole series of measures were decisive to effectively manage the layout of the environment and of the Wi-Fi users in the building, carefully choosing the position and configuration of the numerous access points to avoid interference and to optimise the use of available bandwidth.
We adopted policies such as, for example, using devices (such as laptops supplied to developers) that had minimum connectivity requirements, including a sufficient number of antennas to ensure minimum bandwidth and support for Wi-Fi extensions which included fast roaming.
An important requirement that we set ourselves and which we achieved was to guarantee uninterrupted Wi-Fi connectivity to users who move around the premises, for example being able to communicate continuously in conference calls or VoIP calls while moving through various areas of the office and passing from the coverage of one access point to another.
An essential feature of the access points we use is the centralised controller, which is fundamental for managing and optimising the entire network. Another useful feature is the dynamic use of the radio band, which automatically decides which channels to use, synchronising the access points together and checking for any interference between them.
We then performed a large number of tests and measurements and the results are extremely positive: even in the most remote place of the office the Wi-Fi speed is never less than 30 Mbyte/s.
For the Ethernet network, solutions were used such as remotely managed switches for each work island and 10 Gbit/s fibre optic connections between core switches and islands for maximum bandwidth, and also the flexibility to have many different subnets for the various uses (for example a dedicated network for the embedded department and another that would guarantee maximum security, etc.).
Come work with us!
Is there anything new that you are thinking of implementing?
The tendency to strategically outsource certain services continues, integrating SaaS or PasS solutions such as CloudFlare, GitHub, CircleCI, AppVeyor, Slack or Google GSuite whenever their use is more suited to our needs. Intentionally choosing to use external services allows us to dedicate more time and resources to those activities where it is more appropriate to manage internally.
Another step we are working on concerns the implementation of the new IPv6 protocol: we have already implemented it for our LAN and we have activated an IPsec VPN with authentication managed through x509 certificates (very useful and safe). We will shortly be extending IPv6 connectivity on all our servers: not that this is an immediate requirement, but we intend to prepare in advance by “getting our hands on” these new technologies that will become essential in the near future.
Do you want to discover the hardware of Develer? Download the technical datasheet.