How Haplo keeps your data safe

In my role as Haplo’s Systems Administrator, one of my responsibilities is to ensure that Haplo is more than providing the most flexible software platform, it’s also about providing a hosting platform that takes the best possible care of your data.

To do so, we closely and carefully control everything that goes into our hosting platform.

All our equipment is located in our own dedicated locked racks in data centres run by specialists. They provide us with network connectivity, power and cooling, and physical security.

Everything in the rack is ours. We own it, we select it, and we configure it. Nobody outside Haplo has any access to our equipment. The only thing that comes into the rack that isn’t ours is a pair of network feeds and a pair of independent power feeds.

Everything is duplicated. In each rack there are two firewalls and two network switches, connected to the redundant network connections supplied by the data centre. Each server is connected to both network switches, and has two power supplies, fed from the independent power feeds. The failure of any component will not affect the availability of our service; the system is configured to seamlessly and automatically route around any failures.

And we have two data centres. Both sites are set up identically, and software and data are automatically synchronised between the two sites, so if one site has a problem we can easily run all our operations from the other site.

Each location has multiple servers, again to provide a level of redundancy, and to give us the capacity we need to operate the service. Rather than using preconfigured server configurations, we use servers which enable us to select precisely which components are used – down to specific processor models, memory type, disk drives – and exactly how they’re wired up. This sort of attention to detail up front makes it much easier to operate a quality service in the long run.

All data is stored on enterprise class Solid State Drives. These not only give much higher performance than traditional hard drives, but don’t suffer from regular mechanical failures, and also generate less heat so they don’t give so much stress to power supplies and cooling fans.

As the operating system, we run OmniOS, a descendant of the OpenSolaris project. I was a leading member of OpenSolaris, continue to be heavily involved in illumos, and contribute in various ways to several illumos distributions, including helping with the recent evolution of OmniOS to having a new life as a true community project.

There are two key features that are critical to our operations: Zones and ZFS.

Everything runs in Zones, securely isolated instances of the operating system. If you’re familiar with Docker, Zones are a functional superset that’s been battle-tested in production for over a dozen years.

Data is protected by ZFS, the last word in file systems. The key features of ZFS that are important to us are data integrity and data management.

ZFS maintains cryptographic checksums of every piece of data stored, so it can detect any corrupted data. In the (rare) event of finding corrupted data, ZFS will get another copy of the data from a different drive, and repair the data corruption, guaranteeing data integrity. Built into ZFS is a process called a scrub, which automatically reads and verifies every single piece of data stored; we run a scrub of all our drives every week to proactively look for data errors.

ZFS also supports snapshots, which we take regularly – in the event of a software or user error, we can easily revert the data to an earlier state. We also use ZFS features to reliably replicate data between the two sites.

I hope that gives a feel of the care and attention to detail we at Haplo put in to ensure your data is safe and secure. However if you have any questions, please contact us at hello@haplo-services.com.

Subscribe