Page 1
1Module I
1
INTRODUCTION TO INFORMATION
STORAGE
Unit Structure
1.0 Objective
1.1 Introduction
1.2 Information Storage
1.3 Data
1.4 Types of Data
1.5 Big Data
1.6 Information
1.7 Storage
1.8 Evolution of Storage Architecture
1.9 Data Center Infrastructure
1.10 Core Elements of Data Centre
1.11 Key Characteristics of Data Centre
1.12 Managing a Data Centre
1.13 Virtualization and Cloud Computing
1.14 Summary
1.15 Review Your Learning
1.16 Questions
1.17 Further Reading
1.18 References
1.0 OBJECTIVES
1.Differentiate between data and information and its processing
2.Interpret core elements of Data Centre
3.Evaluate different storage architectures
4.Understand classic, virtualized and cloud environments
5.Comprehend Virtualization and C loud Computing
1.1 INTRODUCTION
Information is ever more important in our daily lives nowadays.
We have become information dependent in this 21st century, living in anmunotes.in
Page 2
2on-command, on -demand world, which means, we need information as
and when it is required. We use the Internet every day for surfing,
participating in social networks, sending and receiving emails, sharing
pictures and videos, and using other applications. Equipped with a
growing number of content -generating devices, more information is
created by individuals than by organiz ations (including business,
governments, nonprofits and so on). Information created by individuals
gains value when shared with others. When created, information resides
locally on devices, such as cell phones, smart phones, tablets, cameras,
and laptops. To be shared, this information needs to be uploaded to central
data repositories (data centres) via networks. Although most of the
information is created by individuals, it is stored and managed by a
relatively small number of organizations. The importance ,d e p e n d e n c y ,
and volume of information for the business world also continue to grow at
astounding rates. Businesses depend on fast and reliable access to
information critical to their success. Examples of business processes or
systems that rely on digital information include airline reservations,
telecommunications billing, Internet commerce, electronic banking, credit
card transaction processing, capital/stock trading, health care claims
processing, life science research, and so on. The increasing depende nce of
businesses on information has amplified the challenges in storing,
protecting, and managing data. Legal, regulatory, and contractual
obligations regarding the availability and protection of data further add to
these challenges. Organizations usually maintain one or more data centers
to store and manage information. A data center is a facility that contains
information storage and other physical information technology (IT)
resources for computing, networking, and storing information. In
traditional da ta centers, the storage resources are typically dedicated for
each of the business units or applications. The proliferation of new
applications and increasing data growth have resulted in islands of discrete
information storage infrastructures in these dat a centers. This leads to
complex information management and underutilization of storage
resources. Virtualization optimizes resource utilization and eases resource
management. Organizations incorporate virtualization in their data centers
to transform them into virtualized data centers (VDCs). Cloud computing,
which represents a fundamental shift in how IT is built, managed, and
provided, further reduces information storage and management complexity
and IT resource provisioning time. Cloud computing brings in a fully
automated request -fulfilment process that enables users to rapidly obtain
storage and other IT resources on demand. Through cloud computing, an
organization can rapidly deploy applications where the underlying storage
capability can scale -up and scale -down, based on the business
requirements.
In this chapter, we will see the evolution of information storage
architecture from a server -centric model to an information -centric model.
We will also see an overview of virtualization and cloud computing .munotes.in
Page 3
31.2INFORMATION STORAGE
Organizations process data to derive the information required for
their day -today operations. Storage is a repository that enables users to
persistently store and retrieve this digital data.
1.3 DATA
Data is a collection of raw facts from which conclusions might be
drawn. Handwritten letters, a printed book, a family photograph, printed
and duly signed copies of mortgage papers, a bank’s ledgers, and an
airline ticket are all examples that contain data. Before the advent of
computers, the methods adopted for data creation and sharing were limited
to fewer forms, such as paper and film. Today, the same data can be
converted into more convenient forms, such as an e-mail message, an e -
book, a digital image, or a digital movie. This data can be generated using
a computer and stored as strings of binary numbers (0s and 1s), as shown
in Figure 1.1. Data in this form is called digital data and is accessible by
the u ser only after a computer processes it.
Figure 1.1: Digital Data
With the advancement of computer and communication
technologies, the rate of data generation and sharing has increased
exponentially. The following is a list of some of the factors that have
contributed to the growth of digital data:
1.Increase in data -processing capabilities : Modern computers provide
a signif icant increase in processing and storage capabilities. This
enables the conversion of various types of content and media from
conventional forms to digital formats.
2.Lower cost of digital storage : Technological advances and the
decrease in the cost of stor age devices have provided low -cost storage
solutions. This cost benefit has increased the rate at which digital data
is generated and stored.
3.Affordable and faster communication technology : The rate of
sharing digital data is now much faster than traditio nal approaches. A
handwritten letter might take a week to reach its destination, whereas it
typically takes only a few seconds for an e -mail message to reach its
recipient.munotes.in
Page 4
44.Proliferation of applications and smart devices :S m a r tp h o n e s ,
tablets, and newer digital devices, along with smart applications, have
significantly contributed to the generation of digital content
Inexpensive and easier ways to create, collect, and store all types of
data, coupled with increasing individual and business needs, have le d
to accelerated data growth, popularly termed data explosion. Both
individuals and businesses have contributed in varied proportions to
this data explosion.
The importance and value of data vary with time. Most of the data
created holds significance for a short term but becomes less valuable over
time. This governs the type of data storage solutions used. Typically,
recent data which has higher usage is stored on faster and more expensive
storage. As it ages, it may be moved to slower, less expensive but reliable
storage.
Following are some examples of research and business data:
1.Customer data : Data related to a company’s customers, such as order
details, shipping addresses, and purchase history.
2.Product data : Includes data related to various aspects of ap r o d u c t ,
such as inventory, description, pricing, availability, and sales.
3.Medical data : Data related to the healthcare industry, such as patient
history, radiological images, details of medication and other treatment,
and insurance information.
4.Seismi cd a t a : Seismology is a scientific study of earthquakes. It
involves collecting data and processes to derive information that helps
determine the location and magnitude of earthquakes.
1.4 TYPES OF DATA
Data can be classified as structured or unstructured (see Figure 1 -
2) based on how it is stored and managed. Structured data is organized in
rows and columns in a rigidly defined format so that applications can
retrieve and process it efficiently. Structur ed data is typically stored using
a database management system (DBMS). Data is unstructured if its
elements cannot be stored in rows and columns, which makes it difficult to
query and retrieve by applications. For example, customer contacts that
are stored in various forms such as sticky notes, e -mail messages, business
cards, or even digital format files, such as .doc, .txt, and .pdf. Due to its
unstructured nature, it is difficult to retrieve this data using a traditional
customer relationship management application. A vast majority of new
data being created today is unstructured. The industry is challenged with
with new architectures, technologies, techniques, and skills to store,
manage, analyze, and derive value from unstructured data from numerous
sources.munotes.in
Page 5
5
Figure 1.2: Types of Data
1.5 BIG DATA
Big data is a new and evolving concept, which refers to data sets
whose sizes are beyond the capability of commonly used software tools to
capture, store, manage, and process within acceptable time limits. It
includes both structured and unstructured data generated by a variety of
sources, including business application tra nsactions, web pages, videos,
images, e -mails, social media, and so on. These data sets typically require
real-time capture or updates for analysis, predictive modelling, and
decision making. Significant opportunities exist to extract value from big
data. The big data ecosystem (see Figure 1 -3) consists of the following:
1.Devices that collect data from multiple locations and generate new
data about this data (metadata).
2.Data collectors who gather data from devices and users.
3.Data aggregators that compile the collected data to extract meaningful
information.
4.Data users and buyers who benefit from the information collected and
aggregated by others in the data value chain.munotes.in
Page 6
6
Figure 1.3: Big Data Ecosystem
Traditional IT infrastructure and data processing tools and
methodologies are inadequate to handle the volume, variety, dynamism,
and complexity of big data. Analysing big data in real time requires new
techniques, architectures, and tools that provide high performance,
massively parallel processing (MPP) data platforms, and advanced
analytics on the data sets. Data science is an emerging discipline, which
enables organizations to derive business value from b ig data. Data science
represents the synthesis of several existing disciplines, such as statistics,
math, data visualization, and computer science to enable data scientists to
develop advanced algorithms for the purpose of analyzing vast amounts of
informa tion to drive new value and make more data -driven decisions.
1.6 INFORMATION
Data, whether structured or unstructured, does not fulfill any
purpose for individuals or businesses unless it is presented in a meaningful
form. Information is the intelligence and knowledge derived from data.
Businesses analyze raw data to identify meani ngful trends. On the basis of
these trends, a company can plan or modify its strategy. For example, a
retailer identifies customers’ preferred products and brand names by
analyzing their purchase patterns and maintaining an inventory of those
products. Eff ective data analysis not only extends its benefits to existing
businesses, but also creates the potential for new business opportunities by
using the information in creative ways.
1.7 STORAGE
Data created by individuals or businesses must be stored so that it
is easily accessible for further processing. In a computing environment,
devices designed for storing data are termed storage devices or simply
storage. The type of storage used varies based on the type of data and themunotes.in
Page 7
7rate at which it is created and used. Devices, such as a media card in a cell
phone or digital camera, DVDs, CD -ROMs, and disk drives in personal
computers are examples of storage devices. Businesses have several
options available for storing data, inc luding internal hard disks, external
disk arrays, and tapes.
1.8 EVOLUTION OF STORAGE ARCHITECTURE
Historically, organizations had centralized computers (mainframes)
and information storage devices (tape reels and disk packs) in their data
center. The evolution of open systems, their affordability, and ease of
deployment made it possible for business un its/departments to have their
own servers and storage. In earlier implementations of open systems, the
storage was typically internal to the server. These storage devices could
not be shared with any other servers. This approach is referred to as
server -centric storage architecture (see Figure 1 -4 [a]). In this architecture,
each server has a limited number of storage devices, and any
administrative tasks, such as maintenance of the server or increasing
storage capacity, might result in unavailability of in formation. The
proliferation of departmental servers in an enterprise resulted in
unprotected, unmanaged, fragmented islands of information and increased
capital and operating expenses.
Figure 1.4: Evolution of Storage Architecture
To overcome these challenges, storage evolved from server -centric
to information -centric architecture (see Figure 1 -4 [b]). In this
architecture, storage devices are managed cen trally and independent ofmunotes.in
Page 8
8servers. These centrally -managed storage devices are shared with multiple
servers. When a new server is deployed in the environment, storage is
assigned from the same shared storage devices to that server. The capacity
of shared s torage can be increased dynamically by adding more storage
devices without impacting information availability. In this architecture,
information management is easier and cost -effective. Storage technology
and architecture continue to evolve, which enables organizations to
consolidate, protect, optimize, and leverage their data to achieve the
highest return on information assets.
1.9 DATA CENTER INFRASTRUCTURE
Organizations maintain data centers to provide centralized da ta-
processing capabilities across the enterprise. Data centers house and
manage large amounts of data. The data center infrastructure includes
hardware components, such as computers, storage systems, network
devices, and power backups; and software compone nts, such as
applications, operating systems, and management software. It also
includes environmental controls, such as air conditioning, fi re
suppression, and ventilation. Large organizations often maintain more than
one data center to distribute data pr ocessing workloads and provide
backup if a disaster occurs.
1.10 CORE ELEMENTS OF DATA CENTRE
Five core elements are essential for the functionality of a data center:
1.Application: A computer program that provides the lo gic for
computing operations.
2.Database management system (DBMS): Provides a structured way to
store data in logically organized tables that are interrelated
3.Host or compute: A computing platform (hardware, firmware, and
software) that runs applications and databases
4.Network: A data path that facilitates communication among various
networked devices
5.Storage: A device that stores data persistently for subsequent use
These core elements are typically viewed and managed as separate
entities, but all the elements must work together to address data -
processing requirements.
Figure 1 -5 shows an example of an online order transaction system that
involves the five core elements of a data center and illustrates their
functionality in a business process.munotes.in
Page 9
9
Figure 1.5: Example of an online order transaction system
Acustomer places an order through a client machine connected
over a LAN/ WAN to a host running an order -processing application. The
client accesses the DBMS on the host through the application to provide
order -related information, such as the customer’s nam e, address, payment
method, products ordered, and quantity ordered. The DBMS uses the host
operating system to write this data to the physical disks in the storage
array. The storage networks provide the communication link between the
host and the storage array and transports the request to read or write data
between them. The storage array, after receiving the read or write request
from the host, performs the necessary operations to store the data on
physical disks.
1.11 KEY CHARACTERISTICS OF DATA CENTRE
Uninterrupted operation of data centers is critical to the survival
and success of a business. Organizations must have a reliable
infrastructure that ensures that data is accessible at all times. Although the
character istics shown in Figure 1 -6 are applicable to all elements of the
data center infrastructure, the focus here is on storage systems.
1.Availability : A data center should ensure the availability of
information when required. Unavailability of information could cost
millions of dollars per hour to businesses, such as financial services,
telecommunications, and e -commerce.
2.Security : Data centers must establish policies, procedures, and core
element integration to prevent unauthorized access to information
3.Scalability : Business growth often requires deploying more servers,
new applications, and additional databases. Data center resources
should scale based on requirements, without interrupting business
operations.
4.Performance : All the elements of the data c enter should provide
optimal performance based on the required service levels.
5.Data integrity : Data integrity refers to mechanisms, such as error
correction codes or parity bits, which ensure that data is stored and
retrieved exactly as it was received.
6.Capacity : Data center operations require adequate resources to store
and process large amounts of data, efficiently. When capacity
requirements increase, the data center must provide additional capacity
without interrupting availability or with minimal dis ruption. Capacitymunotes.in
Page 10
10may be managed by reallocating the existing resources or by adding
new resources.
7.Manageability : A data center should provide easy and integrated
management of all its elements. Manageability can be achieved
through automation and reducti on of human (manual) intervention in
common tasks.
Figure 1.6: Key Characteristics of Data Centre
1.12 MANAGING A DATA CENTRE
Managing a data center involves many tasks. The key management
activities include the following:
1.Monitoring : It is a continuous process of gathering information on
various elements and services running in a data center. The aspects of
ad a ta center that are monitored include security, performance,
availability, and capacity.
2.Reporting : It is done periodically on resource performance, capacity,
and utilization. Reporting tasks help to establish business justifications
and chargeback of cost s associated with data center operations.
3.Provisioning : It is a process of providing the hardware, software, and
other resources required to run a data center. Provisioning activities
primarily include resources management to meet capacity, availability,
performance, and security requirements.
Virtualization and cloud computing have dramatically changed the
way data center infrastructure resources are provisioned and managed.
Organizations are rapidly deploying virtualization on various elements of
data centers to optimize their utilization. Further, continuous cost pressure
on IT and on -demand data processing requirements have resulted in the
adoption of cloud computing.munotes.in
Page 11
111.13 VIRTUALIZATION AND CLOUD COMPUTING
Virtualization is a technique of abstracting physical resources, such
as compute, storage, and network, and making them appear as logical
resources. Virtualization has existed in the IT industry for several years
and in different forms. Common examples of virtualization are virtual
memory used on computer systems and partitioning of raw disks.
Virtualization enables pooling of physical resources and providing an
aggregated view of the physical resource capabilities. For example,
storage virtualization enabl es multiple pooled storage devices to appear as
a single large storage entity. Similarly, by using compute virtualization,
the CPU capacity of the pooled physical servers can be viewed as the
aggregation of the power of all CPUs (in megahertz). Virtualizat ion also
enables centralized management of pooled resources. Virtual resources
can be created and provisioned from the pooled physical resources. For
example, a virtual disk of a given capacity can be created from a storage
pool or a virtual server with sp ecific CPU power and memory can be
configured from a compute pool. These virtual resources share pooled
physical resources, which improves the utilization of physical IT
resources. Based on business requirements, capacity can be added to or
removed from th e virtual resources without any disruption to applications
or users. With improved utilization of IT assets, organizations save the
costs associated with procurement and management of new physical
resources. Moreover, fewer physical resources means less sp ace and
energy, which leads to better economics and green computing. In today’s
fast-paced and competitive environment, organizations must be agile and
flexible to meet changing market requirements. This leads to rapid
expansion and upgrade of resources wh ile meeting shrinking or stagnant
IT budgets. Cloud computing addresses these challenges efficiently. Cloud
computing enables individuals or businesses to use IT resources as a
service over the network. It provides highly scalable and flexible
computing th at enables provisioning of resources on demand. Users can
scale up or scale down the demand of computing resources, including
storage capacity, with minimal management effort or service provider
interaction. Cloud computing empowers self -service requesting through a
fully automated request -fulfilment process. Cloud computing enables
consumption -based metering; therefore, consumers pay only for the
resources they use, such as CPU hours used, amount of data transferred,
and gigabytes of data stored. Cloud inf rastructure is usually built upon
virtualized data centers, which provide resource pooling and rapid
provisioning of resources.
1.14 SUMMARY
●This chapter described the importance of data, information, and
storage infr astructure.
●Meeting today’s storage needs begins with understanding the type of
data, its value, and key attributes of a data center.munotes.in
Page 12
12●The evolution of storage architecture and the core elements of a data
center covered in this chapter provided the foundat ion for information
storage and management.
●The key elements of data centres are explained in the chapter.
●The emergence of virtualization has provided the opportunity to
transform classic data centers into virtualized data centers.
●Cloud computing is fu rther changing the way IT resources are
provisioned and consumed.
1.15 REVIEW YOUR LEARNING
●Can you explain the need to information storage and retrieval?
●Explain how data are managed using Data Centre?
●Are you able t o write the key elements of Data centres?
●Can you relate data and information in your data to day internet /
application usage?
1.16 QUESTIONS
1.What is structured and unstructured data?
2.Explain the challenges of storing and managing unstructured data.
3.Discuss the benefits of information -centric storage architecture over
server -centric storage architecture.
4.What are the attributes of big data? Research and prepare a
presentation on big d ata analytics.
5.Research how businesses use their information assets to derive
competitive advantage and new business opportunities.
6.Research and prepare a presentation on personal data management
1.17 FURTHER READING
●http://aad.tpu.ru/practice/EMC/Information%20Storage%20and%20M
anagement -v.2.pdf
●https://nptel.ac.i n/courses/106/108/106108058/
●https://nptel.ac.in/content/storage2/courses/106108058/lec%2007.pdf
●http://www.ictacademy.in/pages/Information -Storage -and-
Management.aspx
●https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwi
M8Kq6isHyAhUEkmYCHbJyDXAYABAAGgJzbQ&ae=2&ohost=w
ww.google.com&cid=CAESQeD28QNmzUxhr6qtgEwm24g2Yc -
TeMC_24a0sxeZf9MitA7Q rS5Vz4VE3XfWSwFvX0iAKPoH4fT4Q
mSj7PhnMAQF&sig=AOD64_1Y3y_5vJpAZOJybqnNONsE6wNay
Q&q&adurl&ved=2ahUKEwjvsaG6isHyAhXjxTgGHTvKBEEQ0Qx
6BAgDEAE
●https://www.coursera.org/lecture/big -data-management/data -storage -
RplBYmunotes.in
Page 13
13●https://www.coursera.org/courses?query=data%20storage
●https://www.coursera.org/lecture/technical -support -
fundamentals/storage -RLNIZ
●https://www.coursera.org/learn/cloud -storage -big-data-analysis -sql
1.18 REFERENCES
1.Information Storage and Management: Storing, Managing and
Protecting Digital Information in Classic, Virtualized and Cloud
Environments, EMC, John & Wiley Sons, 2ndEdition, 2012 \
2.Information Storage and Management, Pankaj Sharma
3.Information Technology Proj ect Management, Jack T Marchewka
4.Information Storage and Management, I A Dhotre
❖❖❖❖
munotes.in
Page 14
142
DATA CENTRE ENVIRONMENT
Unit Structure
2.0 Objectives
2.1 Introduction
2.2 Application
2.3 Database Management Systems
2.4 Host (Compute)
2.4.1 Operating Systems
2.4.2 Device Driver
2.4.3 Volume Manager
2.4.4 File Systems
2.5 Compute Virtualization
2.6 Connectivity
2.6.1 Physical Components of Connectivity
2.6.2 Interface Protocols
2.6.2.1 IDE/ATA and Serial ATA
2.6.2.2 SC SI and Serial SCSI
2.6.2.3 Fibre Channel
2.6.2.4 Internet Protocol (IP)
2.7 Storage
2.8 Disk Drive Components
2.8.1 Platter
2.8.2 Spindle
2.8.3 Read / Write Head
2.8.4 Actuator Arm Assembly
2.8.5 Drive Controller Board
2.8.6 Physical Disk Structure
2.8.7 Z one Bit Recording
2.8.8 Logical Block Addressing
2.9 Disk Drive Performance
2.9.1 Disk Service Time
2.9.2 Disk I/O Controller Utilization
2.10 Host Access to Data
2.11 Direct Attached Storage
2.11.1 DAS Benefits and Limitationsmunotes.in
Page 15
152.12 Storage Design Based on Application Requirements and Disk
Performance
2.13 Disk Native Command Queuing
2.14 Introduction to Flash Drive
2.15 Components and Architecture of Flash Drives
2.16 Features of Enterprise Flash Drives
2.17 Concept in Prac tice: VMware ESXi
2.18 Summary
2.19 Review Your Learning
2.20 Questions
2.21 Further Reading
2.22 References
2.0 OBJECTIVES
1.Explain need and applications of virtualization
2.Differentiate Compute, Desktop and Memory Virtualization
3.Describe different Storage Media
4.Analyse Data Addressing
2.1 INTRODUCTION
Today, data centres are essential and integral parts of any business,
whether small, medium, or large in size. The core elements of a data
center are host, storage, connectivity (or network), applications, and
DBMS that are managed centrally. These elements work together to
process and store data. With the evolution of virtualization, data centers
have also evolved from a classic data center to a virtualized data center
(VDC). In a VDC, physical resources from a classic data center are pooled
together and provided as virtual resources. This abstraction hides the
complexity and limitation of physical resources from the user. By
consolidating IT resources using virtualization, organizations can optimize
their infrastructure utilization and reduce the total cost of owning an
infrastructure. Moreover, in a VDC, virtual resources are created usin g
software that enables faster deployment, compared to deploying physical
resources in classic data centers. This chapter covers all the key
components of a data center, including virtualization at compute, memory,
desktop, and application. Storage and net work virtualization is discussed
later in the book. With the increase in the criticality of information assets
to businesses, storage —one of the core elements of a data center —is
recognized as a distinct resource. Storage needs special focus and attent ion
for its implementation and management. This chapter also focuses on
storage subsystems and provides details on components, geometry, and
performance parameters of a disk drive. The connectivity between the host
and storage facilitated by various techno logies is also explained.munotes.in
Page 16
162.2 APPLICATION
An application is a computer program that provides the logic for
computing operations. The application sends requests to the underlying
operating system to perform read/write (R/W) operations on the storage
devices. Applications can be layered on the database, which in turn uses
the OS services to perform R/W operations on the storage devices.
Applications deployed in a data centre environment are commonly
categorized as business applications, infrastructure management
applications, data protection applications, and security applications. Some
examples of these applications are e -mail, enterprise resource planning
(ERP), decision support system (DSS), resource management, backup,
authentication and antivirus applications, and so on. The characteristics of
I/Os (Input/Output) g enerated by the application influence the overall
performance of storage system and storage solution designs.
Application virtualization breaks the dependency between the
application and the underlying platform (OS and hardware). Application
virtualizatio n encapsulates the application and the required OS resources
within a virtualized container. This technology provides the ability to
deploy applications without making any change to the underlying OS, fi le
system, or registry of the computing platform on which they are deployed.
Because virtualized applications run in an isolated environment, the
underlying OS and other applications are protected from potential
corruptions. There are many scenarios in which conflicts might arise if
multiple applications or multiple versions of the same application are
installed on the same computing platform. Application virtualization
eliminates this conflict by isolating different versions of an application and
the associated O/S resources.
2.3 DATABASE MANAGEMENT SYSTEMS
A database is a structured way to store data in logically organized
tables that are interrelated. A database helps to optimize the storage and
retrieval of data. A DBMS controls the creation, maintenance, and use of a
database. The DBMS processes an application’s request for data and
instructs the operating system to transfer the appropriate data from the
storage.
2.4 HOST (COMPUTE)
Users store and retrieve data through applications. The computers
on which these applications run are referred to as hosts or compute
systems. Hosts can be physical or virtual machines. A compute
virtualization software enables creating virtual machines on top of a
physical compute infrastruc ture. Compute virtualization and virtual
machines are discussed later in this chapter. Examples of physical hostsmunotes.in
Page 17
17include desktop computers, servers or a cluster of servers, laptops, and
mobile devices. A host consists of CPU, memory, I/O devices, and a
collection of software to perform computing operations. This software
includes the operating system, file system, logical volume manager, device
drivers, and so on. This software can be installed as separate entities or as
part of the operating system. The C PU consists of four components:
Arithmetic Logic Unit (ALU), control unit, registers, and L1 cache. There
are two types of memory on a host, Random Access Memory (RAM) and
Read -Only Memory (ROM). I/O devices enable communication with a
host. Examples of I/ O devices are keyboard, mouse, monitor, etc.
Software runs on a host and enables processing of input and output (I/O)
data. The following section details various software components that are
essential parts of a host system.
2.4.1 Operating Systems
In a traditional computing environment, an operating system
controls all aspects of computing. It works between the application and the
physical components of a compute system. One of the services it provides
to the application is data access. The operating system also monitors and
responds to user actions and the environment. It organizes and controls
hardware components and manages the allocation of hardware resources.
It provides basic security for the access and usage of all managed
resources. An operating system also performs basic storage management
tasks while managing other underlying components, such as the fi le
system, volume manager, and device drivers. In a virtualized compute
environment, the virtualization layer wor ks between the operating system
and the hardware resources. Here the OS might work differently based on
the type of compute virtualization implemented. In a typical
implementation, the OS works as a guest and performs only the activities
related to applica tion interaction. In this case, hardware management
functions are handled by the virtualization layer.
Memory Virtualization
Memory has been, and continues to be, an expensive component of
a host. It determines both the size and number of applications tha tc a nr u n
on a host. Memory virtualization enables multiple applications and
processes, whose aggregate memory requirement is greater than the
available physical memory, to run on a host without impacting each other.
Memory virtualization is an operating s ystem feature that virtualizes the
physical memory (RAM) of a host. It creates virtual memory with an
address space larger than the physical memory space present in the
compute system. The virtual memory encompasses the address space of
the physical memory and part of the disk storage. The operating system
utility that manages the virtual memory is known as the virtual memory
manager (VMM). The VMM manages the virtual -to-physical memory
mapping and fetches data from the disk storage when a process reference s
a virtual address that points to data at the disk storage. The space used by
the VMM on the disk is known as a swap space. A swap space (also
known as page file or swap file) is a portion of the disk drive that appears
to be physical memory to the operat ing system. In a virtual memorymunotes.in
Page 18
18implementation, the memory of a system is divided into contiguous blocks
of fixed -size pages. A process known as paging moves inactive physical
memory pages onto the swap file and brings them back to the physical
memory when required. This enables efficient use of the available
physical memory among different applications. The operating system
typically moves the least used pages into the swap file so that enough
RAM is available for processes that are more active. Access to swap fi le
pages is slower than access to physical memory pages because swap fi le
pages are allocated on the disk drive, which is slower than physical
memory.
2.4.2 Device Driver
A device driver is special software tha t permits the operating
system to interact with a specific device, such as a printer, a mouse, or a
disk drive. A device driver enables the operating system to recognize the
device and to access and control devices. Device drivers are hardware -
dependent an d operating -system -specific.
2.4.3 Volume Manager
In the early days, disk drives appeared to the operating system as a
number of continuous disk blocks. The entire disk drive would be
allocated to the file system or other data entity used by the operating
system or application. The disadvantage was lack o f flexibility. When a
disk drive ran out of space, there was no easy way to extend the file
system’s size. Also, as the storage capacity of the disk drive increased,
allocating the entire disk drive for the file system often resulted in
underutilization of storage capacity. The evolution of Logical Volume
Managers (LVMs) enabled dynamic extension of file system capacity and
efficient storage management. The LVM is software that runs on the
compute system and manages logical and physical storage. LVM is an
intermediate layer between the file system and the physical disk. It can
partition a larger -capacity disk into virtual, smaller -capacity volumes (the
process is called partitioning) or aggregate several smaller disks to form a
larger virtual volume. (The pr ocess is called concatenation.) These
volumes are then presented to applications. Disk partitioning was
introduced to improve the flexibility and utilization of disk drives. In
partitioning, a disk drive is divided into logical containers called logical
volumes (LVs) (see Figure 2 -1). For example, a large physical drive can
be partitioned into multiple LVs to maintain data according to the fi le
system and application requirements. The partitions are created from
groups of contiguous cylinders when the hard disk is initially set up on the
host. The host’s fi le system accesses the logical volumes without any
knowledge of partitioning and physical structure of the disk.munotes.in
Page 19
19
Figure 2.1: Disk Partitioning and Concatenation
Concatenation is the process of grouping several physical drives
and presenting them to the host as one big logical volume (see Figure 2 -1).
The LVM provides optimized stor age access and simplifies storage
resource management. It hides details about the physical disk and the
location of data on the disk. It enables administrators to change the storage
allocation even when the application is running. The basic LVM
components are physical volumes, volume groups, and logical volumes. In
LVM terminology, each physical disk connected to the host system is a
physical volume (PV). The LVM converts the physical storage provided
by the physical volumes to a logical view of storage, wh ich is then used by
the operating system and applications. A volume group is created by
grouping together one or more physical volumes. A unique physical
volume identifier (PVID) is assigned to each physical volume when it is
initialized for use by the LVM . Physical volumes can be added or
removed from a volume group dynamically. They cannot be shared
between different volume groups, which means that the entire physical
volume becomes part of a volume group. Each physical volume is
partitioned into equal -sized data blocks called physical extents when the
volume group is created. Logical volumes are created within a given
volume group. A logical volume can be thought of as a disk partition,
whereas the volume group itself can be thought of as a disk. A volume
group can have a number of logical volumes. The size of a logical volume
is based on a multiple of the physical extents. The logical volume appears
as a physical device to the operating system. A logical volume is made up
of non -contiguous physical extent s and may span multiple physical
volumes. A file system is created on a logical volume. These logical
volumes are then assigned to the application. A logical volume can also be
mirrored to provide enhanced data availability.
2.4.4 File Systems
A file is a collection of related records or data stored as a unit with a
name. A file system is a hierarchical structure of files. A file system
enables easy access to data files residing within a disk drive, a disk
partition, or a logical volume. A file system consists of logical structuresmunotes.in
Page 20
20and software routines that control access to files. It provides users with the
functionality to create, modify, delete, and access files. Access to files on
the disks is controlled by the permi ssions assigned to the file by the owner,
which are also maintained by the file system. A file system organizes data
in a structured hierarchical manner via the use of directories, which are
containers for storing pointers to multiple files. All file syste ms maintain a
pointer map to the directories, subdirectories, and files that are part of the
file system. Examples of common file systems are:
1.FAT 32 (File Allocation Table) for Microsoft Windows
2.NT File System (NTFS) for Microsoft Windows
3.UNIX File System (UFS) for UNIX
4.Extended File System (EXT2/3) for Linux
Apart from the files and directories, the file system also includes a
number of other related records, which are collectively called the
metadata. For example, the metadata in a UNIX environment cons ists of
the super block, the in odes, and the list of data blocks free and in use. The
metadata of a file system must be consistent for the file system to be
considered healthy. A super block contains important information about
the file system, such as th e file system type, creation and modification
dates, size, and layout. It also contains the count of available resources
(such as the number of free blocks, in odes, and so on) and a flag
indicating the mount status of the file system. An inode is associat ed with
every file and directory and contains information such as the file length,
ownership, access privileges, time of last access/modification, number of
links, and the address of the data. A file system block is the smallest “unit”
allocated for storin g data. Each file system block is a contiguous area on
the physical disk. The block size of a file system is fixed at the time of its
creation. The file system size depends on the block size and the total
number of file system blocks. A file can span multi ple file system blocks
because most files are larger than the predefined block size of the file
system. File system blocks cease to be contiguous and become fragmented
when new blocks are added or deleted. Over time, as files grow larger, the
file system b ecomes increasingly fragmented. The following list shows the
process of mapping user files to the disk storage subsystem with an LVM
(see Figure 2 -2):
1.Files are created and managed by users and applications.
2.These files reside in the file systems.
3.The f ile systems are mapped to file system blocks.
4.The file system blocks are mapped to logical extents of a logical
volume.
5.These logical extents in turn are mapped to the disk physical extents
either by the operating system or by the LVM.
6.These physical extents are mapped to the disk sectors in a storage
subsystem. If there is no LVM, then there are no logical extents.
Without LVM, file system blocks are directly mapped to disk sectors.munotes.in
Page 21
21
Figure 2.2: Process of Mapping User Files to Disk Storage
The file system tree starts with the root directory. The root
directory has a number of subdirectories. A file system should be mounted
before it can be used.
A file system can be either a journaling file system or a no
journaling file system. No journaling file systems cause a potential loss of
files because they use separate writes to update their data and metadata. If
the system crashes durin g the write process, the metadata or data might be
lost or corrupted. When the system reboots, the file system attempts to
update the metadata structures by examining and repairing them. This
operation takes a long time on large file systems. If there is i nsufficient
information to re -create the wanted or original structure, the files might be
misplaced or lost, resulting in corrupted file systems. A journaling file
system uses a separate area called a log or journal. This journal might
contain all the data to be written (physical journal) or just the metadata to
be updated (logical journal). Before changes are made to the file system,
they are written to this separate area. After the journal has been updated,
the operation on the file system can be performe d. If the system crashes
during the operation, there is enough information in the log to “replay” the
log record and complete the operation. Journaling results in a quick file
system check because it looks only at the active, most recently accessed
parts o f a large file system. In addition, because information about the
pending operation is saved, the risk of files being lost is reduced. A
disadvantage of journaling file systems is that they are slower than other
file systems. This slowdown is the result of the extra operations that have
to be performed on the journal each time the file system is changed.
However, the much -shortened time for file system checks and the file
system integrity provided by journaling far outweighs its disadvantage.
Nearly all fil e system implementations today use journaling. Dedicated
file servers may be installed to manage and share a large number of files
over a network. These file servers support multiple file systems and usemunotes.in
Page 22
22file-sharing protocols sp ecific to the operating system —for example,
NFS and CIFS.
2.5 COMPUTE VIRTUALIZATION
Compute virtualization is a technique for masking or abstracting
the physical hardware from the operating system. It enables multip le
operating systems to run concurrently on single or clustered physical
machines. This technique enables creating portable virtual compute
systems called virtual machines (VMs). Each VM runs an operating
system and application instance in an isolated mann er. Compute
virtualization is achieved by a virtualization layer that resides between the
hardware and virtual machines. This layer is also called the hypervisor.
The hypervisor provides hardware resources, such as CPU, memory, and
network to all the virtu al machines. Within a physical server, a large
number of virtual machines can be created depending on the hardware
capabilities of the physical server. A virtual machine is a logical entity but
appears like a physical host to the operating system, with its own CPU,
memory, network controller, and disks. However, all VMs share the same
underlying physical hardware in an isolated manner. From a hypervisor
perspective, virtual machines are discrete sets of fi les that include VM
configuration fi le, data files ,a n ds oo n .
Typically, a physical server often faces resource -conflict issues
when two or more applications running on the server have conflicting
requirements. For example, applications might need different values in the
same registry entry, different v ersions of the same DLL, and so on. These
issues are further compounded with an application’s high -availability
requirements. As a result, the servers are limited to serve only one
application at a time, as shown in Figure 2 -3 (a). This causes organization s
to purchase new physical machines for every application they deploy,
resulting in expensive and inflexible infrastructure. On the other hand,
many applications do not take full advantage of the hardware capabilities
available to them. Consequently, resou rces such as processors, memory,
and storage remain underutilized. Compute virtualization enables users to
overcome these challenges (see Figure 2 -3 [b]) by allowing multiple
operating systems and applications to run on a single physical machine.
This tech nique significantly improves server utilization and provides
server consolidation.
Figure 2.3: Server Virtualizationmunotes.in
Page 23
23Server consolidat ion enables organizations to run their data center
with fewer servers. This, in turn, cuts down the cost of new server
acquisition, reduces operational cost, and saves datacenter floor and rack
space. Creation of VMs takes less time compared to a physical server
setup; organizations can provision servers faster and with ease. Individual
VMs can be restarted, upgraded, or even crashed, without affecting the
other VMs on the same physical machine. Moreover, VMs can be copied
or moved from one physical machine to another without causing
application downtime. Nondisruptive migration of VMs is required for
load balancing among physical machines, hardware maintenance, and
availability purposes.
Desktop Virtualization :
With the traditional desktop, the OS, applications, and user
profiles are all tied to a specific piece of hardware. With legacy desktops,
business productivity is impacted greatly when a client device is broken or
lost. Desktop virtualizat ion breaks the dependency between the hardware
and its OS, applications, user profiles, and settings. This enables the IT
staff to change, update, and deploy these elements independently.
Desktops hosted at the data centerrun on virtual machines; users rem otely
access these desktops from a variety of client devices, such as laptops,
desktops, and mobile devices (also called thin devices). Application
execution and data storage are performed centrally at the data center
instead of at the client devices. Beca use desktops run as virtual machines
within an organization’s data center, it mitigates the risk of data leakage
and theft. It also helps to perform centralized backup and simplifies
compliance procedures. Virtual desktops are easy to maintain because it i s
simple to apply patches, deploy new applications and OS, and provision or
remove users centrally.
2.6 CONNECTIVITY
Connectivity refers to the interconnection between hosts or
between a host and peripheral devices, su ch as printers or storage devices.
The discussion here focuses only on the connectivity between the host and
the storage device. Connectivity and communication between host and
storage are enabled using physical components and interface protocols.
2.6.1 Physical Components of Connectivity
The physical components of connectivity are the hardware
elements that connect the host to storage. Three physical components of
connectivity between the host and storage are the host i nterface device,
port, and cable (Figure 2 -4). A host interface device or host adapter
connects a host to other hosts and storage devices. Examples of host
interface devices are host bus adapter (HBA) and network interface card
(NIC). Host bus adaptor is a n application -specific integrated circuit
(ASIC) board that performs I/O interface functions between the host and
storage, relieving the CPU from additional I/O processing workload. A
host typically contains multiple HBAs. A port is a specialized outlet th atmunotes.in
Page 24
24enables connectivity between the host and external devices. An HBA may
contain one or more ports to connect the host to the storage device. Cables
connect hosts to internal or external devices using copper or fiber optic
media.
Figure 2.4: Physical Components of Connectivity
2.6.2 Interface Protocols
A protocol enables communication between the host and storage .
Protocols are implemented using interface devices (or controllers) at both
source and destination. The popular interface protocols used for host to
storage communications are Integrated Device Electronics/Advanced
Technology Attachment (IDE/ATA), Small C omputer System Interface
(SCSI), Fibre Channel (FC) and Internet Protocol (IP).
2.6.2.1 IDE/ATA and Serial ATA
IDE/ATA is a popular interface protocol standard used for
connecting storage devices, such as disk drives and CD-ROM drives. This
protocol supports parallel transmission and therefore is also known as
Parallel ATA (PATA) or simply ATA. IDE/ATA has a variety of
standards and names. The Ultra DMA/133 version of ATA supports a
throughput of 133 MB per second. In a ma ster-slave configuration, an
ATA interface supports two storage devices per connector. However, if
the performance of the drive is important, sharing a port between two
devices is not recommended. The serial version of this protocol supports
single bit ser ial transmission and is known as Serial ATA (SATA). High
performance and low -cost SATA has largely replaced PATA in newer
systems. SATA revision 3.0 provides a data transfer rate up to 6 Gb/s.
2.6.2.2 SCSI and Serial SC SI
SCSI has emerged as a preferred connectivity protocol in high -end
computers. This protocol supports parallel transmission and offers
improved performance, scalability, and compatibility compared to ATA.
However, the high cost associated with SCSI limits its popularity among
home or personal desktop users. Over the years, SCSI has been enhanced
and now includes a wide variety of related technologies and standards.
SCSI supports up to 16 devices on a single bus and provides data transfermunotes.in
Page 25
25rates up to 640 MB/s (for the Ultra -640 version). Serial attached SCSI
(SAS) is a point -to-point serial protocol that provides an alternative to
parallel SCSI. A newer version of serial SCSI (SAS 2.0) supports a data
transfer rate up to 6 Gb/s. This book’s Appendix B provides more details
on the SCSI architecture and in terface.
2.6.2.3 Fibre Channel
Fibre Channel is a wide ly used protocol for high -speed
communication to the storage device. The Fibre Channel interface
provides gigabit network speed. It provides a serial data transmission that
operates over copper wire and optical fibre. The latest version of the FC
interface (16FC) allows transmission of data up to 16 Gb/s.
2.6.2.4 Internet Protocol (IP)
IP is a network protocol that has been traditionally used for host -to-
host traffic. With the emergence of new technologies, an IP network has
become a viable option for host -to-storage communication. IP offers
several advantages in terms of cost and maturity and enables organizations
to leverage their existing IP -based network. iSCSI and FCIP protocols are
common examples that leverage IP f or host -to-storage communication.
2.7STORAGE
Storage is a core component in a data centre. A storage device uses
magnetic, optic, or solid -state media. Disks, tapes, and diskettes use
magnetic media, whereas CD/DVD uses optical media for storage.
Removable Flash memory or Flash drives are examples of solid -state
media.
In the past, tapes were the most popular storage option for backups
because of their low cost. However, tapes have various limitations in
terms of perform ance and management, as listed here:
1.Data is stored on the tape linearly along the length of the tape.
Search and retrieval of data are done sequentially, and it invariably
takes several seconds to access the data. As a result, random data
access is slow and time -consuming. This limits tapes as a viable
option for applications that require real -time, rapid access to data.
2.In a shared computing environment, data stored on tape cannot be
accessed by multiple applications simultaneously, restricting its
useto one application at a time.
3.On a tape drive, the read/write head touches the tape surface, so the
tape degrades or wears out after repeated use.
4.The storage and retrieval requirements of data from the tape and
the overhead associated with managing the t ape media are
significant.
Due to these limitations and availability of low -cost disk drives,
tapes are no longer a preferred choice as a backup destination formunotes.in
Page 26
26enterprise -class data centers. Optical disc storage is popular in small,
single -user computing environments. It is frequently used by individuals
to store photos or as a backup medium on personal or laptop computers. It
is also used as a distribution medium for small applications, such as
games, or as a means to transfer small amount s of data from one computer
system to another. Optical discs have limited capacity and speed, which
limit the use of optical media as a business data storage solution. The
capability to write once and read many (WORM) is one advantage of
optical disc stora ge. A CD -ROM is an example of a WORM device.
Optical discs, to some degree, guarantee that the content has not been
altered. Therefore, it can be used as a low -cost alternative for long -term
storage of relatively small amounts of fixed content that do not change
after it is created. Collections of optical discs in an array, called a jukebox,
are still used as a fixed -content storage solution. Other forms of optical
discs include CD -RW, Blu -ray disc, and other variations of DVD. Disk
drives are the most popu lar storage medium used in modern computers for
storing and accessing data for performance -intensive, online applications.
Disks support rapid access to random data locations. This means that data
can be written or retrieved quickly for a large number of s imultaneous
users or applications. In addition, disks have a large capacity. Disk storage
arrays are configured with multiple disks to provide increased capacity
and enhanced performance.
Disk drives are accessed through predefined protocols, such as
ATA, Serial ATA (SATA), SAS (Serial Attached SCSI), and FC. These
protocols are implemented on the disk interface controllers. Earlier, disk
interface controllers were implemented as separate cards, which were
connected to the motherboard to provide communicat ion with storage
devices. Modern disk interface controllers are integrated with the disk
drives; therefore, disk drives are known by the protocol interface they
support, for example SATA disk, FC disk, and so on.
2.8 DIS K DRIVE COMPONENTS
The key components of a hard disk drive are platter, spindle, read -
write head, actuator arm assembly, and controller board (see Figure 2 -5).
I/O operations in a HDD are performed by rapidly moving the arm across
the rotating fl at platt ers coated with magnetic particles. Data is transferred
between the disk controller and magnetic platters through the read -write
(R/W) head which is attached to the arm. Data can be recorded and erased
on magnetic platters any number of times. Following se ctions detail the
different components of the disk drive, the mechanism for organizing and
storing data on disks, and the factors that affect disk performance.munotes.in
Page 27
27
Figure 2.5: Disk Drive Components
2.8.1 Platter
A typical HDD consists of one or more flat circular disks called
platters (Figure 2 -6). The data is recorded on these platters in b inary codes
(0s and 1s). The set of rotating platters is sealed in a case, called the Head
Disk Assembly (HDA). A platter is a rigid, round disk coated with
magnetic material on both surfaces (top and bottom). The data is encoded
by polarizing the magnetic area, or domains, of the disk surface. Data can
be written to or read from both surfaces of the platter. The number of
platters and the storage capacity of each platter determine the total
capacity of the drive.
Figure 2.6: Spindle and Platter
2.8.2 Spindle
A spindle connects all the platters (refer to Figure 2 -6) and is
connected to a motor. The motor of the spindl e rotates with a constant
speed. The disk platter spins at a speed of several thousands of revolutionsmunotes.in
Page 28
28per minute (rpm). Common spindle speeds are 5,400 rpm, 7,200 rpm,
10,000 rpm, and 15,000 rpm. The speed of the platter is increasing with
improvements in technology, although the extent to which it can be
improved is limited.
2.8.3 Read / Write Head
Read/Write (R/W) heads, as shown in Figure 2 -7, read and write
data from or to platte rs. Drives have two R/W heads per platter, one for
each surface of the platter. The R/W head changes the magnetic
polarization on the surface of the platter when writing data. While reading
data, the head detects the magnetic polarization on the surface of the
platter. During reads and writes, the R/W head senses the magnetic
polarization and never touches the surface of the platter. When the spindle
is rotating, there is a microscopic air gap maintained between the R/W
heads and the platters, known as the head flying height. This air gap is
removed when the spindle stops rotating and the R/W head rests on a
special area on the platter near the spindle. This area is called the landing
zone. The landing zone is coated with a lubricant to reduce friction
betwe en the head and the platter.
The logic on the disk drive ensures that heads are moved to the
landing zone before they touch the surface. If the drive malfunctions and
the R/W head accidentally touches the surface of the platter outside the
landing zone, a head crash occurs. In a head crash, the magnetic coating
on the platter is scratched and may cause damage to the R/W head. A head
crash generally results in data loss.
Figure 2.7: Actuator Arm Assembly
2.8.4 Actuator Arm Assembly
R/W heads are mounted on the actuator arm assembly, which
positions the R/W head at the location on the platter where the data needs
tobe written or read (refer to Figure 2 -7). The R/W heads for all platters
on a drive are attached to one actuator arm assembly and move across the
platters simultaneously.munotes.in
Page 29
292.8.5 Drive Controller Board
The controller (ref er to Figure 2 -5 [b]) is a printed circuit board,
mounted at the bottom of a disk drive. It consists of a microprocessor,
internal memory, circuitry, and firmware. The firmware controls the
power to the spindle motor and the speed of the motor. It also man ages the
communication between the drive and the host. In addition, it controls the
R/W operations by moving the actuator arm and switching between
different R/W heads and performs the optimization of data access.
2.8.6 Physical Disk Structure
Data on the disk is recorded on tracks, which are concentric rings
on the platter around the spindle, as shown in Figure 2 -8. The tracks are
numbered, starting from zero, from the outer edge of the platter. The
number of tracks per inch (TPI) on the platter (or the track density)
measures how tightly the tracks are packed on a platter. Each track is
divided into smaller units called sectors. A sector is the smallest,
individually addressable unit of storage. The track and sector str ucture is
written on the platter by the drive manufacturer using a low -level
formatting operation. The number of sectors per track varies according to
the drive type. The first personal computer disks had 17 sectors per track.
Recent disks have a much larg er number of sectors on a single track.
There can be thousands of tracks on a platter, depending on the physical
dimensions and recording density of the platter.
Figure 2.8: Disk Structure: Sectors, Tracks and Cylinders
Typically, a sector holds 512 bytes of user data, although some
disks can be formatted with larger sector sizes. In addition to user data, a
sector also stores other information, suc h as the sector number, head
number or platter number, and track number. This information helps the
controller to locate the data on the drive. A cylinder is a set of identical
tracks on both surfaces of each drive platter. The location of R/W heads is
referred to by the cylinder number, not by the track number.munotes.in
Page 30
302.8.7 Zone Bit Recording
Platters are made of concentric tracks; the outer tracks can hold
more data than the inner tracks because the outer tracks are physicall y
longer than the inner tracks. On older disk drives, the outer tracks had the
same number of sectors as the inner tracks, so data density was low on the
outer tracks. This was an inefficient use of the available space, as shown
in Figure 2 -9( a ) .Z o n e db i t recording uses the disk efficiently. As shown
in Figure 2 -9 (b), this mechanism groups tracks into zones based on their
distance from the center of the disk. The zones are numbered, with the
outermost zone being zone 0. An appropriate number of sectors p er track
are assigned to each zone, so a zone near the center of the platter has fewer
sectors per track than a zone on the outer edge. However, tracks within a
particular zone have the same number of sectors.
Figure 2.9: Zoned Bit Recording
2.8.8 Logical Block Addressing
Earlier drives used physical addresses consisting of the cylinder,
head, and sector (CHS) number to refer to specific locations on the disk,
as shown in Figure 2 -10 (a), and the host operating system had to be aware
of the geometry of each disk used. Logic al block addressing (LBA), as
shown in Figure 2 -10 (b), simplifies addressing by using a linear address
to access physical blocks of data. The disk controller translates LBA to a
CHS address, and the host needs to know only the size of the disk drive in
terms of the number of blocks. The logical blocks are mapped to physical
sectors on a 1:1 basis.
Figure 2.10: Physical Address and Logical Block Add ress
In Figure 2 -10 (b), the drive shows eight sectors per track, eight
heads, and four cylinders. This means a total of 8 × 8 × 4 = 256 blocks, somunotes.in
Page 31
31the block number ranges from 0 to 255. Each block has its own unique
address. Assuming that the sector hold s 512 bytes, a 500 GB drive with a
formatted capacity of 465.7 GB has in excess of 976,000,000 blocks.
2.9 DISK DRIVE PERFORMANCE
A disk drive is an electromechanical device that governs the
overall performance of the storage system environment. The various
factors that affect the performance of disk drives are discussed in this
section.
2.9.1 Dis k Service Time
Disk service time is the time taken by a disk to complete an I/O
request. Components that contribute to the service time on a disk drive are
seek time, rotational latency, and data transfer rate.
Seek Time
The seek time (also called access time) describes the time taken to
position the R/W heads across the platter with a radial movement (moving
along the radius of the platter). In other words, it is the time taken to
position and settle the arm and the head over the correct track. Therefore ,
the lower the seek time, the faster the I/O operation. Disk vendors publish
the following seek time specifications:
1.Full Stroke : The time taken by the R/W head to move across the
entire width of the disk, from the innermost track to the outermost
track.
2.Average : The average time taken by the R/W head to move from
one random track to another, normally listed as the time for one -
third of a full stroke.
3.Track -to-Track : The time taken by the R/W head to move
between adjacent tracks.
Each of these specifications is measured in milliseconds. The seek
time of a disk is typically specified by the drive manufacturer. The
average seek ti me on a modern disk is typically in the range of 3 to 15
milliseconds. Seek time has more impact on the read operation of random
tracks rather than adjacent tracks. To minimize the seek time, data can be
written to only a subset of the available cylinders. This results in lower
usable capacity than the actual capacity of the drive. For example, a 500
GB disk drive is set up to use only the first 40 percent of the cylinders and
is effectively treated as a 200 GB drive. This is known as short -stroking
the dri ve.
Rotational Latency
To access data, the actuator arm moves the R/W head over the
platter to a particular track while the platter spins to position the requested
sector under the R/W head. The time taken by the platter to rotate and
position the data u nder the R/W head is called rotational latency. Thismunotes.in
Page 32
32latency depends on the rotation speed of the spindle and is measured in
milliseconds. The average rotational latency is one -half of the time taken
for a full rotation. Similar to the seek time, rotationa l latency has more
impact on the reading/writing of random sectors on the disk than on the
same operations on adjacent sectors. Average rotational latency is
approximately 5.5 ms for a 5,400 -rpm drive, and around 2.0 ms for a
15,000 -rpm (or 250 -rps revolut ion per second) drive as shown here:
Average rotational latency for a 15,000 rpm (or 250 rps)
drive = 0.5/250 = 2 milliseconds
Data Transfer Rate
The data transfer rate (also called transfer rate) refers to the
average amount of data per unit time that the drive can deliver to the
HBA. It is important to first understand the process of read/write
operations to calculate data transfer rates. In a read operation, the data
first moves from disk platters to R/W heads; then it moves to the drive’ s
internal buffer. Finally, data moves from the buffer through the interface
to the host HBA. In a write operation, the data moves from the HBA to the
internal buffer of the disk drive through the drive’s interface. The data
then moves from the buffer to t he R/W heads. Finally, it moves from the
R/W heads to the platters. The data transfer rates during the R/W
operations are measured in terms of internal and external transfer rates, as
shown in Figure 2 -11.
Figure 2.11: Data Transfer Rate
Internal transfer rate is the speed at which data moves from a
platter’s surface to the internal buffer (cache) of the disk. The internal
transfer rate takes into account factors such as the seek time and rotational
latency. External transfer rate is the rate at which data can move through
the interface to the HBA. The external transfer rate is generally the
advertised speed of the interface, such as 133 MB/s f or ATA. The
sustained external transfer rate is lower than the interface speed.
2.9.2 Disk I/O Controller Utilization
Utilization of a disk I/O controller has a significant impact on the
I/O response time. To understand this impact, consider that a disk can be
viewed as a black box consisting of two elements: n Queue: The location
where an I/O request waits before it is processed by the I/O controller n
Disk I/O Controller: Processes I/Os waiting in the queue one by one The
I/O requests arrive at the controller at the rate generated by the
application. This rate is also called the arrival rate. These requests are held
in the I/O queue, and the I/O controller processes them one by one, asmunotes.in
Page 33
33shown in Figure 2 -12. The I/O arri val rate, the queue length, and the time
taken by the I/O controller to process each request determines the I/O
response time. If the controller is busy or heavily utilized, the queue size
will be large and the response time will be high.
Figure 2.12: I/O Processing
Based on the fundamental laws of disk drive performance, the
relationship between controller utilization and average respon se time is
given as Average response time (TR) = Service time (TS ) / (1 –
Utilization) where TS is the time taken by the controller to serve an I/O.
As the utilization reaches 100 percent —that is, as the I/O controller
saturates —the response time is c loser to infinity. In essence, the saturated
component, or the bottleneck, forces the serialization of I/O requests,
meaning that each I/O request must wait for the completion of the I/O
requests that preceded it. Figure 2 -13 shows a graph plotted between
utilization and response time.
Figure 2.13: Utilization Vs. Response Time
The graph indicates that the response time changes are nonlinear as
the utiliz ation increases. When the average queue sizes are low, the
response time remains low. The response time increases slowly with
added load on the queue and increases exponentially when the utilization
exceeds 70 percent. Therefore, for performance -sensitive applications, it is
common to utilize disks below their 70 percent of I/O serving capability.
2.10 HOST ACCESS TO DATA
Data is accessed and stored by applications using the underlying
infrastructure. The key components of this infrastructure are the operating
system (or file system), connectivity, and storage. The storage device can
be internal and (or) external to the host. In either case, the host controller
card accesses the storage devices using predefined protocols ,s u c ha s
IDE/ATA, SCSI, or Fibre Channel (FC). IDE/ATA and SCSI are
popularly used in small and personal computing environments for
accessing internal storage. FC and iSCSI protocols are used for accessing
data from an external storage device (or subsyste ms). External storage
devices can be connected to the host directly or through the storagemunotes.in
Page 34
34network. When the storage is connected directly to the host, it is referred
as direct -attached storage (DAS), which is detailed later in this chapter.
Understanding access to data over a network is important because it lays
the foundation for storage networking technologies. Data can be accessed
over a network in one of the following ways: block level, file level, or
object level. In general, the application requests data from the file system
(or operating system) by specifying the filename and location. The file
system maps the file attributes to the logical block address of the data and
sends the request to the storage device. The storage device converts the
logical block address (LBA) to a cylinder -head-sector (CHS) address and
fetches the data. In a block -level access, the file system is created on a
host, and data is accessed on a network at the block level, as shown in
Figure 2 -14 (a). In this case, raw disks or l ogical volumes are assigned to
the host for creating the file system. In a fi le -level access, the file system
is created on a separate file server or at the storage side, and the file -level
request is sent over a network, as shown in Figure 2 -14 (b). Beca use data
is accessed at the file level, this method has higher overhead, as compared
to the data accessed at the block level. Object -level access is an intelligent
evolution, whereby data is accessed over a network in terms of self -
contained objects with a unique object identifier.
Figure 2.14: Host Access to Storage
2.11 DIRECT ATTACHED STORAGE
DAS is an archit ecture in which storage is connected directly to the
hosts. The internal disk drive of a host and the directly -connected external
storage array are some examples of DAS. Although the implementation of
storage networking technologies is gaining popularity, DAS has remained
suitable for localized data access in a small environment, such as personal
computing and workgroups. DAS is classified as internal or external,
based on the location of the storage device with respect to the host. In
internal DAS architec tures, the storage device is internally connected to
the host by a serial or parallel bus (see Figure 2 -15 [a]). The physical bus
has distance limitations and can be sustained only over a shorter distance
for highspeed connectivity. In addition, most inter nal buses can supportmunotes.in
Page 35
35only a limited number of devices, and they occupy a large amount of space
inside the host, making maintenance of other components difficult. On the
other hand, in external DAS architectures, the host connects directly to the
external storage device, and data is accessed at the block level (see Figure
2-15 [b]). In most cases, communication between the host and the storage
device takes place over a SCSI or FC protocol. Compared to internal DAS,
an external DAS overcomes the distance and device count limitations and
provides centralized management of storage devices.
Figure 2.15: Internal and External DAS Architecture
2.11.1 DAS Benefits and Limitations
DAS requires a relatively lower initial investment than storage
networking architectures. The DAS configuration is simple and can be
deployed easily and rapidly. The setup is managed using host -based t ools,
such as the host OS, which makes storage management tasks easy for
small environments. Because DAS has a simple architecture, it requires
fewer management tasks and less hardware and software elements to set
up and operate. However, DAS does not scal e well. A storage array has a
limited number of ports, which restricts the number of hosts that can
directly connect to the storage. When capacities are reached, the service
availability may be compromised. DAS does not make optimal use of
resources due to its limited capability to share front -end ports. In DAS
environments, unused resources cannot be easily reallocated, resulting in
islands of over -utilized and under -utilized storage pools.munotes.in
Page 36
362.12 STORAGE DESIGN BASED ON APPLICATION
REQUIREMENTS AND DISK PERFORMANCE
Determining storage requirements for an application begins with
determining the required storage capacity. This is easily estimated by the
size and number of file systems and database components used by
appli cations. The I/O size, I/O characteristics, and the number of I/Os
generated by the application at peak workload are other factors that affect
disk performance, I/O response time, and design of storage systems. The
I/O block size depends on the file system and the database on which the
application is built. Block size in a database environment is controlled by
the underlying database engine and the environment variables. The disk
service time (TS ) for an I/O is a key measure of disk performance; TS ,
along with disk utilization rate (U), determines the I/O response time for
an application. As discussed earlier in this chapter, the total disk service
time (TS ) is the sum of the seek time (T), rotational latency (L), and
internal transfer time (X):
TS = T + L+X
Consider an example with the following specifications provided for a disk:
●The average seek time is 5 ms in a random I/O environment;
therefore, T = 5 ms.
●Disk rotation speed of 15,000 revolutions per minute or 250
revolutions per second —from w hich rotational latency (L) can be
determined, which is one -half of the time taken for a full rotation
or L = (0.5/250 rps expressed in ms).
●40 MB/s internal data transfer rate, from which the internal transfer
time (X) is derived based on the block size of the I/O —for
example, an I/O with a block size of 32 KB; therefore X = 32
KB/40 MB.
Consequently, the time taken by the I/O controller to serve an I/O
of block size 32 KB is (TS ) = 5 ms + (0.5/250) + 32 KB/40 MB = 7.8 ms.
Therefore, the maximum number of I/Os serviced per second or
IOPS is (1/TS ) = 1/(7.8 × 10 -3)=1 2 8I O P S .
Table 2 -1 lists the maximum IOPS that can be serviced for different block
sizes using the previous disk specifications.munotes.in
Page 37
37Table 2.1: IOPS Per formed by Disk Drive
The IOPS ranging from 116 to 140 for different block sizes
represents the IOPS that can be achieved at potentially high levels of
utilization (close to 100 percent). As discussed in Section 2.7.2, the
application response time, R, increases with an increase in disk controller
utilization. For the same preceding example, the response time (R) for an
I/O with a block size of 32 KB at 96 percent disk controller utilization is
R = TS /(1 –U) = 7.8/(1 –0.96) = 195 ms
If the application demands a faster response time, then the
utilization for the disks should be maintained below 70 percent. For the
same 32 -KB block size, at 70 -perce nt disk utilization, the response time
reduces drastically to 26 ms. However, at lower disk utilization, the
number of IOPS a disk can perform is also reduced. In the case of a 32 -KB
block size, a disk can perform 128 IOPS at almost 100 percent utilization ,
whereas the number of IOPS it can perform at 70 -percent utilization is 89
(128 x 0.7). This indicates that the number of I/Os a disk can perform is an
important factor that needs to be considered while designing the storage
requirement for an application .
Therefore, the storage requirement for an application is determined
in terms of both the capacity and IOPS. If an application needs 200 GB of
disk space, then this capacity can be provided simply with a single disk.
However, if the application IOPS req uirement is high, then it results in
performance degradation because just a single disk might not provide the
required response time for I/O operations.
Based on this discussion, the total number of disks required (DR) for an
application is computed as f ollows:
DR=M a x( D C,DI)
Where DC is the number of disks required to meet the capacity,
and DI is the number of disks required to meet the application IOPS
requirement. Let’s understand this with the help of an example.
Example: Consider an example in which the capacity requirement for an
application is 1.46 TB. The number of IOPS generated by the application
at peak workload is estimated at 9,000 IOPS. The vendor specifies that a
146-GB, 15,000 -rpm drive is capable of doing a max imum 180 IOPS. In
this example, the number of disks required to meet the capacity
requirements will be 1.46 TB/146 GB = 10 disks.munotes.in
Page 38
38To meet the application IOPS requirements, the number of disks
required is 9,000/180 = 50. However, if the application is re sponse -time
sensitive, the number of IOPS a disk drive can perform should be
calculated based on 70 -percent disk utilization. Considering this, the
number of IOPS a disk can perform at 70 percent utilization is 180 * 0.7 =
126 IOPS. Therefore, the number of disks required to meet the application
IOPS requirement will be 9,000/126 = 72.
As a result, the number of disks required to meet the application
requirements will be Max (10, 72) = 72 disks.
The preceding example indicates that from a capacity -perspective,
10 disks are sufficient; however, the number of disks required to meet
application performance is 72. To optimize disk requirements from a
performance perspective, various solutions are deployed in a real -time
environment. Examples of these soluti ons are disk native command
queuing, use of fl ash drives, RAID, and the use of cache memory.
2.13 DISK NATIVE COMMAND QUEUING
Command queuing is a technique implemented on modern disk
drives that determines the executio n order of received I/Os and reduces
unnecessary drive -head movements to improve disk performance. When
an I/O is received for execution at the disk controller, the command
queuing algorithms assign a tag that defines a sequence in which the
commands shoul d be executed. With command queuing, commands are
executed based on the organization of data on the disk, regardless of the
order in which the commands are received. The commonly used algorithm
for command queuing is seek time optimization. Commands are ex ecuted
based on optimizing read/write head movements, which might result in the
reordering of commands. Without seek time optimization, the commands
are executed in the order they are received. For example, as shown in
Figure 2 -16 (a), the commands are exe cuted in the order A, B, C, and D.
The radial movement required by the head to execute C immediately after
A is less than what would be required to execute B. With seek time
optimization, the command execution sequence would be A, C, B, and D,
as shown in Figure 2 -16 (b).
Figure 2.16: Disk Command Queuingmunotes.in
Page 39
39Access Time Optimization is another command queuing algorithm.
With this algorithm, commands are executed based on the combination of
seek time optimization and an analysis of rotational latency for optimal
performance. Command queuing is also implemented on modern storage
array controllers, which might further supplement the command queuing
implemented on the disk drive.
2.14 INTRODUCTIO N TO FLASH DRIVE
With the growth of information, storage users continue to demand
ever-increasing performance requirements for their business applications.
Traditionally, high I/O requirements were met by simply using more disks.
Availability of enterpris e class fl ash drives (EFD) has changed the
scenario. Flash drives, also referred as solid -state drives (SSDs), are new
generation drives that deliver ultra -high performance required by
performance -sensitive applications. Flash drives use semiconductor -based
solid -state memory (fl ash memory) to store and retrieve data. Unlike
conventional mechanical disk drives, flash drives contain no moving parts;
therefore, they do not have seek and rotational latencies. Flash drives
deliver a high number of IOPS with v ery low response times. Also, being
a semiconductor -based device, flash drives consume less power, compared
to mechanical drives. Flash drives are especially suited for applications
with small block size and random -read workloads that require consistently
low (less than 1 millisecond) response times. Applications that need to
process massive amounts of information quickly, such as currency
exchange, electronic trading systems, and real -time data feed processing
benefit from flash drives. Compared to convent ional mechanical disk
drives, EFD provides up to 30 times the throughput and up to one -tenth
the response time (<1ms compared with 6 -10 ms). In addition, flash drives
can store data using up to 38 percent less energy per TB than traditional
disk drives, wh ich translates into approximately 98 percent less power
consumption per I/O.
Overall, flash drives provide better total cost of ownership (TCO) even
though they cost more on $/GB basis. By implementing flash drives,
businesses can meet application performance requirements with far fewer
drives (approximately 20 to 30 times less num ber of drives compared to
conventional mechanical drives). This reduction not only provides savings
in terms of drive cost, but also translates to savings for power, cooling,
and space consumption. Fewer numbers of drives in the environment also
means less cost for managing the storage.
2.14.1 Components and Architecture of Flash Drives
Flash drives use similar physical form factor and connectors as
mechanical disk drives to maintain compatibility. This enables easy
replacement of a mechanical disk drive with a fl ash drive in a storage
array enclosure. The key components of a fl ash drive are the controller,
I/O interface, mass storage (collection of memory chips), and cache. The
controller manages the functioning of the drive, and the I/O interfacemunotes.in
Page 40
40provides power and data access. Mass storage is an array of nonvolatile
NAND (negated AND) memory chips used for storing data. Cache serves
as a temporary space or buffer for data transaction and operations. A fl ash
drive use s multiple parallel I/O channels (from its drive controller to the fl
ash memory chips) for data access. Generally, the larger the number of fl
ash memory chips and channels, the higher the drive’s internal bandwidth,
and ultimately the higher the drive’s performance. Flash drives typically
have eight to 24 channels. Memory chips in fl ash drives are logically
organized in blocks and pages. A page is the smallest object that can be
read or written on a fl ash drive. Pages are grouped together into blocks.
(These blocks should not be confused with the 512 -byte blocks in
mechanical disk drive sectors.) A block may have 32, 64, or 128 pages.
Pages do not have a standard size; typical page sizes are 4 KB, 8 KB, and
16 KB. Because fl ash drives emulate mechanical drives that use logical
block addresses (LBAs), a page spans across a consecutive series of data
blocks. For example, a 4 -KB page would span across eight 512 -byte data
blocks with consecutive addresses. In fl ash drives, a read operation can
happen at the page level, whereas a write or an erase operation happens
only at the block level.
2.14.2 Features of Enterprise Flash Drives
The key features of enterprise class fl ash drives are as follows: n
NAND fl ash memory tech nology:
1.NAND memory technology is well suited for accessing random
data. A NAND device uses bad block tracking and error -correcting
code (ECC) to maintain data integrity and provide the fastest write
speeds.
2.Single -Level Cell (SLC) -based fl ash: NAND tec hnology is
available in two different cell designs. A multi -level cell (MLC)
stores more than one bit per cell by virtue of its capability to
register multiple states, versus a single -level cell that can store
only 1 bit. SLC is the preferred technology fo r enterprise data
applications due to its performance and longevity. SLC read speeds
are typically rated at twice those of MLC devices, and write speeds
are up to four times higher. SLC devices typically have 10 times
higher write erase cycles, compared to MLC designs. In addition,
the SLC fl ash memory has higher reliability because it stores only
1 bit per cell. Hence, the likelihood for error is reduced.
3.Write levelling technique: An important element of maximizing a
fl ash drive’s useful life is ensuri ng that the individual memory
cells experience uniform use. This means that data that is
frequently updated is written to different locations to avoid
rewriting the same cells. In EFDs, the device is designed to ensure
that with any new write operation, th e youngest block is used.munotes.in
Page 41
412.15 CONCEPT IN PRACTICE: VMWARE ESXI
VMware is the leading provider for a server virtualization solution.
VMware ESXi provides a platform called hypervisor. The hypervisor
abstracts CPU, mem ory, and storage resources to run multiple virtual
machines concurrently on the same physical server. VMware ESXi is a
hypervisor that installs on x86 hardware to enable server virtualization. It
enables creating multiple virtual machines (VMs) that can ru n
simultaneously on the same physical machine. A VM is a discrete set of
files that can be moved, copied, and used as a template. All the files that
make up a VM are typically stored in a single directory on a cluster file
system called Virtua l Machine File System (VMFS). The physical
machine that houses ESXi is called the ESXi host. ESXi hosts provide
physical resources used to run virtual machines. ESXi has two key
components: VMkernel and Virtual Machine Monitor. VMkernel provides
functional ity similar to that found in other operating systems, such as
process creation, file system management, and process scheduling. It is
designed to specifically support running multiple VMs and provide core
functionality such as resource scheduling, I/O stac ks, and so on. The
virtual machine monitor is responsible for executing commands on the
CPUs and performing Binary Translation (BT). A virtual machine monitor
performs hardware abstraction to appear as a physical machine with its
own CPU, memory, and I/O d evices. Each VM is assigned a virtual
machine monitor that has a share of the CPU, memory, and I/O devices to
successfully run the VM.
2.16 SUMMARY
●This chapter detailed the key elements of a data center environment —
application, DBMS, host, connectivity, and storage.
●The data flows from an application to storage through these elements.
●Physical and logical components of these entities affect the overall
performance of the application.
●Virtualization at different c omponents of the data centre provides
better utilization and management of these components.
●Storage is a core component in the data centre environment. The disk
drive is the most popular storage device that uses magnetic media for
accessing and storing d ata.
●Flash -based solid -state drives (SSDs) are a recent innovation, and in
many ways, superior to mechanical disk drives.
●Modern disk storage systems use hundreds of disks to meet application
performance requirements.
●Managing the capacity, performance, and reliability of these large
numbers of disks poses significant challenges.munotes.in
Page 42
422.17 REVIEW YOUR LEARNING
●Can you explain hard disk structure?
●Can you explain what is Seek Time, Transfer Time, Access Time of
data?
●Areyou able to Virtualization?
●Explain Physical connectivity components used in data centre.
●Can you relate day to day data usage by application on real time basis?
2.18 QUESTIONS
1.Explain disk drive components with neat, labelled diagram.
2.Explain Direct Attached Storage. Explain its limitations and benefits.
3.Explain Disk Native Command Queuing.
4.Explain Components and Architectures of Flash Drives.
5.Explain working with VmwareEsxi.
6.What are the advantages of a virtualized data centre over a classic data
centre?
7.An application specifies a requirement of 200 GB to host a database
and other files. It also specifies that the storage environment should
support 5,000 IOPS during its peak wo rkloads. The disks available for
configuration provide 66 GB of usable capacity, and the manufacturer
specifies that they can support a maximum of 140 IOPS. The
application is response time sensitive, and disk utilization beyond 60
percent does not meet th e response time requirements. Compute and
explain the theoretical basis for the minimum number of disks that
should be configured to meet the requirements of the application.
8.Which components constitute the disk service time? Which component
contributes t he largest percentage of the disk service time in a random
I/O operation?
9.The average I/O size of an application is 64 KB. The following
specifications are available from the disk manufacturer: average seek
time = 5 ms, 7,200 RPM, and transfer rate = 40 MB /s. Determine the
maximum IOPS that could be performed with this disk for the
application. Using this case as an example, explain the relationship
between disk utilization and IOPS.
10.Refer to Question No. 9 based on the calculated disk service time, plot
agraph showing the response time versus utilization, considering the
utilization of the I/O controller at 20 percent, 40 percent, 60 percent,
80 percent, and 100 percent. Describe the conclusion that could be
derived from the graph.
11.Research other element s of a data centre besides the core elements
discussed in this chapter, including environmental control parameters
such as HVAC (heat, ventilation, and air -condition), power supplies,
and securitymunotes.in
Page 43
432.19 FURTHER READING
●http://aad.tpu.ru/practice/EMC/Information%20Storage%20and%20M
anagement -v.2.pdf
●https://nptel.ac.in /courses/106/108/106108058/
●https://nptel.ac.in/content/storage2/courses/106108058/lec%2007.pdf
●http://www.ictacademy.in/pages/Information -Storage -and-
Management.aspx
●https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwi
M8Kq6isHyAhUEkmYCHbJyDXAYABAAGgJzbQ&ae=2&ohost=w
ww.google.com&cid=CAESQeD28QNmzUxhr6qtgEwm24g2Yc -
TeMC_24a0sxeZf9MitA7Qr S5Vz4VE3XfWSwFvX0iAKPoH4fT4Q
mSj7PhnMAQF&sig=AOD64_1Y3y_5vJpAZOJybqnNONsE6wNay
Q&q&adurl&ved=2ahUKEwjvsaG6isHyAhXjxTgGHTvKBEEQ0Qx
6BAgDEAE
●https://www.coursera.org/lectur e/big -data-management/data -storage -
RplBY
●https://www.coursera.org/courses?query=data%20storage
●https://www.coursera.org/lecture/technical -support -
fundamentals/storage -RLNIZ
●https://www.coursera.org/learn/cloud -storage -big-data-analysis -sql
2.20 REFERENCES
1.Information Storage and Management: Storing, Managing and
Protecting Digital Information in Classic, Virtualized and Cloud
Environments, EMC, John & Wiley Sons, 2ndEdition, 2012
2.Information Storage and Management, Panka jS h a r m a
3.Information Technology Project Management, Jack T Marchewka
4.Information Storage and Management, I A Dhotre
❖❖❖❖munotes.in
Page 44
443
DATA PROTECTION
Unit Structure
3.0 Objectives
3.1 Introduction
3.2 RAID Implementation Methods
3.2.1 Software RAID
3.2.2 Hardware RAID
3.3R A I DA r r a yC o m p o n e n t s
3.4 RAID Techniques
3.4.1 Striping
3.4.2 Mirroring
3.4.3 Parity
3.4.4 RAID Levels
3.4.4.1 RA ID
3.4.4.2 RAID
3.4.4.3 Nested RAID
3.4.4.4 RAID
3.4.4.5 RAID
3.4.4.6 RAID
3.4.4.7 RAID
3.5 RAID Impact on Disk Performance
3.5.1 Application IOPS and RAID Configuration
3.6R A I DC o m p a r i s o n
3.7H o tS p a r e s
3.8Summary
3.9 Review Your Learning
3.10 Questions
3.11 Further Reading
3.12 References
3.0 OBJECTIVES
1.Explain basic data storage options and its components
2.Analyse data protection mechanisms using various RAID levels.munotes.in
Page 45
453.1 INTRODUCTION
In the late 1980s, rapid adoption of computers for business
processes stimulated the growth of new applications and databases,
significantly increasing the demand for storage capacity and performance.
At that time, data was stored on a single large, expens ive disk drive called
Single Large Expensive Drive (SLED). Use of single disks could not meet
the required performance levels because they could serve only a limited
number of I/Os. Today’s data centres house hundreds of disk drives in
their storage infras tructure. Disk drives are inherently susceptible to
failures due to mechanical wear and tear and other environmental factors,
which could result in data loss. The greater the number of disk drives in a
storage array, the greater the probability of a disk f ailure in the array. For
example, consider a storage array of 100 disk drives, each with an average
life expectancy of 750,000 hours. The average life expectancy of this
collection in the array, therefore, is 750,000/100 or 7,500 hours. This
means that a d isk drive in this array is likely to fail at least once in 7,500
hours. RAID is an enabling technology that leverages multiple drives as
part of a set that provides data protection against drive failures. In general,
RAID implementations also improve the s torage system performance by
serving I/Os from multiple disks simultaneously. Modern arrays with flash
drives also benefit in terms of protection and performance by using RAID.
In 1987, Patterson, Gibson, and Katz at the University of California,
Berkeley, published a paper titled “A Case for Redundant Arrays of
Inexpensive Disks (RAID).” This paper described the use of small -
capacity, inexpensive disk drives as an alternative to large -capacity drives
common on mainframe computers. The term RAID has been re defined to
refer to independent disks to reflect advances in the storage technology.
RAID technology has now grown from an academic concept to an
industry standard and is common implementation in today’s storage
arrays. This chapter details RAID technology , RAID levels, and different
types of RAID implementations and their benefits.
3.2 RAID IMPLEMENTATION METHODS
The two methods of RAID implementation are hardware and
software. Both have their advantages and disadvantages and are d iscussed
in this section.
3.2.1 Software RAID
Software RAID uses host -based software to provide RAID
functions. It is implemented at the operating -system level and does not use
a dedicated hardware controller to manage the RAID arr ay. Software
RAID implementations offer cost and simplicity benefits when compared
with hardware RAID. However, they have the following limitations:munotes.in
Page 46
461.Performance : Software RAID affects overall system performance.
This is due to additional CPU cycles required to perform RAID
calculations.
2.Supported features : Software RAID does not support all RAID
levels.
3.Operating system compatibility : Software RAID is tied to t he host
operating system; hence, upgrades to software RAID or to the
operating system should be validated for compatibility. This leads to
inflexibility in the data -processing environment.
3.2.2 Hardware RAID
In hardware RAID imple mentations, a specialized hardware controller
is implemented either on the host or on the array. Controller card RAID is
ah o s t -based hardware RAID implementation in which a specialized RAID
controller is installed in the host, and disk drives are connecte d to it.
Manufacturers also integrate RAID controllers on motherboards. A host -
based RAID controller is not an efficient solution in a data center
environment with a large number of hosts. The external RAID controller is
an array -based hardware RAID. It ac ts as an interface between the host
and disks. It presents storage volumes to the host, and the host manages
these volumes as physical drives. The key functions of the RAID
controllers are as follows:
1.Management and control of disk aggregations
2.Translati on of I/O requests between logical disks and physical
disks
3.Data regeneration in the event of disk failures
3.3 RAID ARRAY COMPONENTS
A RAID array is an enclosure that contains several disk drives and
supporting hardware to implem ent RAID. A subset of disks within a
RAID array can be grouped to form logical associations called logical
arrays, also known as a RAID, set or a RAID group (see Figure 3.1).
Figure 3.1: Components od RAID arraymunotes.in
Page 47
473.4 RAID TECHNIQUES
RAID techniques —striping, mirroring, and parity —form the
basis for defining various RAID levels. These techniques determine the
data availabilit y and performance characteristics of a RAID set.
3.4.1 Striping
Striping is a technique to spread data across multiple drives (more
than one) to use the drives in parallel. All the read -write heads work
simultaneously, allowing mor e data to be processed in a shorter time and
increasing performance, compared to reading and writing from a single
disk. Within each disk in a RAID set, a predefined number of contiguously
addressable disk blocks are defi ned as a strip. The set of aligned strips that
spans across all the disks within the RAID set is called a stripe. Figure 3 -2
shows physical and logical representations of a striped RAID set.
Strip size (also called stripe depth) describes the number of blocks
in a strip and is the maximum amount of data that can be written to or read
from a single disk in the set, if the accessed data starts at the beginning of
the strip. All strips in a stripe have the same number of blocks. Having a
smaller strip size means that data is broken into small er pieces while
spread across the disks.
Stripe size is a multiple of strip size by the number of data disks in
the RAID set. For example, in a five -disk striped RAID set with a strip
size of 64 KB, the stripe size is 320 KB(64KB * 5). Stripe width refer s to
the number of data strips in a stripe. Striped RAID does not provide any
data protection unless parity or mirroring is used, as discussed in the
following sections.
Figure 3.2: Striped RAID Setmunotes.in
Page 48
483.4.2 Mirroring
Mirroring is a technique whereby the same data is stored on two
different disk drives, yielding two copies of the data. If one disk drive
failure occurs, the data is intact on the surviving disk drive (see Figure 3 -
3) and the controller continues to service the host’s data requests from the
surviving disk of a mirrored pair. When the failed disk is replaced with a
new disk, the controller copies the data from the survi ving disk of the
mirrored pair. This activity is transparent to the host. In addition to
providing complete data redundancy, mirroring enables fast recovery from
disk failure. However, disk mirroring provides only data protection and is
not a substitute fo r data backup. Mirroring constantly captures changes in
the data, whereas a backup captures point -in-time images of the data.
Mirroring involves duplication of data —the amount of storage capacity
needed is twice the amount of data being stored. Therefore , mirroring is
considered expensive and is preferred for mission -critical applications that
cannot afford the risk of any data loss. Mirroring improves read
performance because read requests can be serviced by both disks.
However, write performance is slig htly lower than that in a single disk
because each write request manifests as two writes on the disk drives.
Mirroring does not deliver the same levels of write performance as a
striped RAID.
Figure 3.3: Mirrored Disks in an array
3.4.3 Parity
Parity is a method to protect striped data from disk drive failure
without the cost of mirroring. An additional disk drive is added to hold
parity, a mathematical construct that allows re -creation of the missing
data. Parity is a redundancy technique that ensures protection of data
without maintaining a full set of duplicate data. Calculation of parity is a
function of the RAID controller.
Parity information can be stored on separate, dedicated disk drives
or distributed across all the drives in a RAID set. Figure 3 -4s h o w sa
parity RA ID set. The first four disks labelled “Data Disks,” contain the
data. The fifth disk, labelled “Parity Disk,” stores the parity information,
which, in this case, is the sum of the elements in each row. Now, if one ofmunotes.in
Page 49
49the data disks fails, the missing value can be calculated by subtracting the
sum of the rest of the elements from the parity value. Here, for simplicity,
the computation of parity is represented as an arithmetic sum of the data.
However, parity calculation is a bitwise XOR operation.
A bit -by-bit Exclusive -OR (XOR) operation takes two -bit patterns
of equal length and performs the logical XOR operation on each pair of
corresponding bits. The result in each position is 1 if the two bits are
different, and 0 if they are the same. The truth table of the XOR operation
is shown next. (A and B denote the inputs and C, the output after
performing the XOR operation.) If any of the data from A, B, or C is lost,
it can be reproduced by performing an XOR operation on the remaining
available data. For examp le, if a disk containing all the data from A fails,
the data can be regenerated by performing an XOR between B and C.
ABC
000
011
101
110
Compared to mirroring, parity implementation considerably
reduces the cost associated with data protection. Consider an example of a
parity RAID configuration with five disks where four disks hold data, and
the fifth holds the parity information. In this example, parity requires only
25 percent extra disk space compared to mirroring, which requires 1 00
percent extra disk space. However, there are some disadvantages of using
parity. Parity information is generated from data on the data disk.
Therefore, parity is recalculated every time there is a change in data. This
recalculation is time -consuming and affects the performance of the RAID
array. For parity RAID, the stripe size calculation does not include the
parity strip. For example in a five (4 + 1) disk parity RAID set with a strip
size of 64 KB, the stripe size will be 256 KB (64 KB * 4).
3.4.4 RAID Levels
Application performance, data availability requirements, and cost
determine the RAID level selection. These RAID levels are defined on the
basis of striping, mirroring, and parity techniques. Some RAID levels use
a single technique, whereas others use a combination of techniques. Table
3-1 shows the commonly used RAID levels.
Table 3.1: RAID Levels
munotes.in
Page 50
503.4.4.1 RAID 0
RAID 0 configuration uses data striping techniques, where data is
striped across all the disks within a RAID set. Therefore, it utilizes the full
storage capacity of a RAID set. To read data, all the strips are put back
together by the controller. Figure 3 -5 shows RAID 0 in an array in which
data is striped across five disks. When the number of drives in the RAID
set increases, performance improves because more data can be read or
written simultaneously. RAID 0 is a good option fo r applications that need
high I/O throughput. However, if these applications require high
availability during drive failures, RAID 0 does not provide data protection
and availability.
Figure 3.5: RAID 0 Figure 3. 6:R A I D1
3.4.4.2 RAID 1
RAID 1 is based on the mirroring technique. In this RAID
configuration, data is mirrored to provide fault tolerance (see Figure 3 -6).
A RAID 1 set consists of two disk drives and every write is written to both
disks. The mirroring is tra nsparent to the host. During disk failure, the
impact on data recovery in RAID 1 is the least among all RAID
implementations. This is because the RAID controller uses the mirror
drive for data recovery. RAID 1 is suitable for applications that require
high availability and cost is no constraint.
3.4.4.3 Nested RAID
Most data centers require data redundancy and performance from
their RAID arrays. RAID 1+0 and RAID 0+1combine the performance
benefits of RAID 0 with the redundancy bene fits of RAID 1. They use
striping and mirroring techniques and combine their benefits. These typesmunotes.in
Page 51
51of RAID require an even number of disks, the minimum being four (see
Figure 3 -7).
Figure 3.7: Nested RAID
RAID 1+0 is also known as RAID 10 (Ten) or RAID 1/0.
Similarly, RAID 0+1 is also known as RAID 01 or RAID 0/1. RAID 1+0
performs well for workloads with small, random, write -intensive I/Os.
Some applicati ons that benefit from RAID 1+0 include the following:
1.High transaction rate Online Transaction Processing (OLTP)
2.Large messaging installations
3.Database applications with write intensive random -access
workloads
A common misconception is that RAID 1+0 and RAID 0+1 are the
same. Under normal conditions, RAID levels 1+0 and 0+1 offer identical
benefits. However, rebuild operations in the case of disk failure differ
between the two. RAID 1+0 is also called striped mi rror. The basic
element of RAID 1+0 is a mirrored pair, which means that data is first
mirrored and then both copies of the data are striped across multiple disk
drive pairs in a RAID set. When replacing a failed drive, only the mirror is
rebuilt. In other words, the disk array controller uses the surviving drive in
the mirrored pair for data recovery and continuous operation. Data from
the surviving disk is copied to the replacement disk. To understand the
working of RAID 1+0, consider an example of six di sks forming a RAID
1+0 (RAID 1 first and then RAID 0) set. These six disks are paired into
three sets of two disks, where each set acts as a RAID 1 set (mirrored pair
of disks). Data is then striped across all the three mirrored sets to form
RAID 0. Follow ing are the steps performed in RAID 1+0 (see Figure 3 -7
[a]):
Drives 1+2 = RAID 1 (Mirror Set A)
Drives 3+4 = RAID 1 (Mirror Set B)
Drives 5+6 = RAID 1 (Mirror Set C)
Now, RAID 0 striping is performed across sets A through C. In
this configuration, if d rive 5 fails, then the mirror set C alone is affected. It
still has drive 6 and continues to function and the entire RAID 1+0 array
also keeps functioning. Now, suppose drive 3 fails while drive 5 was beingmunotes.in
Page 52
52replaced. In this case the array still continues to function because drive 3 is
in a different mirror set. So, in this configuration, up to three drives can
fail without affecting the array, as long as they are all in different mirror
sets. RAID 0+1 is also called a mirrored stripe. The basic element of
RAID 0+1 is a stripe. This means that the process of striping data across
disk drives is performed initially, and then the entire stripe is mirrored. In
this configuration if one drive fails, then the entire stripe is faulted.
Consider the same example of six disks to understand the working of
RAID 0+1 (that is, RAID 0 first and then RAID 1). Here, six disks are
paired into two sets of three disks each. Each of these sets, in turn, act as a
RAID 0 set that contains three disks and then these two sets are mi rrored
to form RAID 1. Following are the steps performed in RAID 0+1 (see
Figure 3 -7[ b ] ) :
Drives 1 + 2 + 3 = RAID 0 (Stripe Set A)
Drives 4 + 5 + 6 = RAID 0 (Stripe Set B)
Now, these two stripe sets are mirrored. If one of the drives, say
drive 3, fails, the entire stripe set A fails. A rebuild operation copies the
entire stripe, copying the data from each disk in the healthy stripe to an
equivalent disk in the failed stripe . This causes increased and unnecessary
I/O load on the surviving disks and makes the RAID set more vulnerable
to a second disk failure.
3.4.4.4 RAID 3
RAID 3 stripes data for performance and uses parity for fault
tolerance. Parity information is stored on a dedicated drive so that the data
can be reconstructed if a drive fails in a RAID s et. For example, in a set of
five disks, four are used for data and one for parity. Therefore, the total
disk space required is 1.25 times the siz e of the data disks. RAID 3 always
reads and writes complete stripes of data across all disks because the
drives operate in parallel. There are no partial writes that update one out of
many strips in a stripe. Figure 3 -8 illustrates the RAID 3 implementati on.
RAID 3 provides good performance for applications that involve large
sequential data access, such as data backup or video streaming.
Figure 3.8: RAID 3 Figure 3.9:R A I D5 Figure 3. 10:RAID 6munotes.in
Page 53
533.4.4.5 RAID 4
Similar to RAID 3, RAID 4 stripes data for high performance and
uses parity for improved fault tolerance. Data is striped across all disks
except the parity disk in the array. Parity information is stored on a
dedicated disk so that the data can be rebuilt if a drive fails. Unlike RAID
3, data disks in RAID 4 can be accessed independently so that specific
data elements can be read or written on a single disk without reading or
writing an entire stripe. RAID 4 provides good read throughput and
reasonable wri te throughput.
3.4.4.6 RAID 5
RAID 5 is a versatile RAID implementation. It is similar to RAID
4 because it uses striping. The drives (strips) are also independently
accessible. The difference between RAID 4 and RAID 5 is the parit y
location. In RAID 4, parity is written to a dedicated drive, creating a write
bottleneck for the parity disk. In RAID 5, parity is distributed across all
disks to overcome the write bottleneck of a dedicated parity disk. Figure
3-9 illustrates the RAID 5 implementation.
RAID 5 is good for random, read -intensive I/O applications and
preferred for messaging, data mining, medium -performance media
serving, and relational database management system (RDBMS)
implementations, in which database administrators (DB As) optimize data
access.
3.4.4.7 RAID 6
RAID 6 works the same way as RAID 5, except that RAID 6
includes a second parity element to enable survival if two disk failures
occur in a RAID set (see Figure 3 -10). Therefore, a RAID 6
implementation requires at least four disks. RAID 6 distributes the parity
across all the disks. The write penalty (explained later in this chapter) in
RAID 6 is more than that in RAID 5; therefore, RAID 5 writes perform
better than RAID 6. The rebuild opera tion in RAID 6 may take longer than
that in RAID 5 due to the presence of two parity sets.
3.5 RAID IMPACT ON DISK PERFORMANCE
When choosing a RAID type, it is imperative to consider its impact
on disk performance and application IOPS.
In both mirrored and parity RAID configurations, every write
operation translates into more I/O overhead for the disks, which is referred
to as a write penalty. In a RAID 1 implementation, every write operation
must be performed on two disks configu red as a mirrored pair, whereas in
a RAID 5 implementation, a write operation may manifest as four I/O
operations. When performing I/Os to a disk configured with RAID 5, the
controller has to read, recalculate, and write a parity segment for everymunotes.in
Page 54
54data wri te operation. Figure 3 -11 illustrates a single write operation on
RAID 5 that contains a group of five disks.
Figure 3.11: Write Penalty in RAID 5
The parity (P) at the controller is calculated as follows:
Ep = E1 + E2 + E3 + E4 (XOR operations)
Whenever the controller performs a write I/O, parity must be
computed by reading the old parity (Ep old) and the old data (E4 old) from
the disk, which me ans two read I/Os. Then, the new parity (Ep new) is
computed as follows:
Ep new = Ep old –E4 old + E4 new (XOR operations)
After computing the new parity, the controller completes the write
I/O by writing the new data and the new parity onto the disks, amounting
to two write I/Os. Therefore, the controller performs two disk reads and
two disk writes for every write operation, and the write penalty is 4.
In RAID 6, which maintains dual parity, a disk write requires three
read operations: two parity and one data. After calculating both new
parities, the controller performs three write operations: two parity and an
I/O. Therefore, in a RAID 6 implementation, the controller performs six
I/O operations for each write I/O, and the write penalty is 6.
3.5.1 Application IOPS and RAID Configuration
When deciding the number of disks required for an application, it
is important to consider the impact of RAID based on IOPS generated by
the application. The total disk load should be computed by considering the
type of RAID configuration and the ratio of read compared to write from
the host.
The following example illustrates the method to compute the disk
load in different types of RAID.munotes.in
Page 55
55Consider an application that generates 5,200 IOPS, with 60 percent
of them being reads. The disk load in RAID 5 is calculated as follows:
RAID 5 disk load (reads + writes) = 0.6 * 5,200 + 4 * (0.4 * 5,200)
[because the write penalty for RAID 5 is 4]
=3 ,120 + 4 ¥ 2,080 = 3,120 + 8,320 = 11,440 IOPS
The disk load in RAID 1 is calculated as follows:
RAID 1 disk load = 0.6* 5,200 + 2 * (0.4 * 5,200) [because every write
manifests as two writes to the disks]
=3 , 1 2 0+2 *2 , 0 8 0=3 , 1 2 0+4 , 1 6 0=7 , 2 8 0I O P S
The computed disk load determines the number of disks required
for the application. If in this example a disk drive with a specification of a
maximum 180 IOPS needs to be used, the number of disks required to
meet the workload for the RAID configuration would be as follows:
RAID 5: 11,440/180 = 64 disks
RAID 1: 7,280/180 = 42 disks (approximated to the nearest even number)
3.6 RAID COMPARISON
Following table shows the comparison b etween all RAID levels.
Table 3.2: Comparison of Common RAID Types
3.7 HOT SPARES
A hot spare refers to a spare drive in a RAID array that temporarily
replaces a failed disk drive by taking the identity of the failed disk drive.
With the hot spare, one of the following methods of data recovery ismunotes.in
Page 56
56performed depending on the RAID implemen tation: n If parity RAID is
used, the data is rebuilt onto the hot spare from the parity and the data on
the surviving disk drives in the RAID set. n If mirroring is used, the data
from the surviving mirror is used to copy the data onto the hot spare.
When a new disk drive is added to the system, data from the hot spare is
copied to it. The hot spare returns to its idle state, ready to replace the next
failed drive. Alternatively, the hot spare replaces the failed disk drive
permanently. This means that it is no longer a hot spare, and a new hot
spare must be configured on the array. A hot spare should be large enough
to accommodate data from a failed drive. Some systems implement
multiple hot spares to improve data availability. A hot spare can be
configure d as automatic or user initiated, which specifies how it will be
used in the event of disk failure. In an automatic configuration, when the
recoverable error rates for a disk exceed a predetermined threshold, the
disk subsystem tries to copy data from the failing disk to the hot spare
automatically. If this task is completed before the damaged disk fails, the
subsystem switches to the hot spare and marks the failing disk as
unusable. Otherwise, it uses parity or the mirrored disk to recover the data.
In the case of a user -initiated configuration, the administrator has control
of the rebuild process. For example, the rebuild could occur overnight to
prevent any degradation of system performance. However, the system is at
risk of data loss if another disk fail ure occurs.
3.8 SUMMARY
Individual disks are prone to failures and pose the threat of data
unavailability.
RAID addresses data availability requirements by using mirroring and
parity techniques.
RAID implementations with striping enhance I/O performance by
spreading data across multiple disk drives, in addition to redundancy
benefits.
This chapter explained the fundamental constructs of striping,
mirroring, and parity, which form the basis for various RAID levels.
Selection of a RAID level depends on the performance, cost, and data
protection requirements of an application.
RAID is the cornerstone technology for several advancements in
storage.
The intelligent storage systems discussed in the next chapter
implement RAID along w ith a specialized operating environment that
offers high performance and availability.munotes.in
Page 57
573.9 REVIEW YOUR LEARNING
Can you explain requirement of RAID protection?
Can you explain RAID 0 -6 Levels?
Are you able to explain benefits of RAID levels?
Are you able to explain impact of RAID on disk performance?
3.10 QUESTIONS
1.Why is RAID 1 not a substitute for a backup?
2.Research RAID 6 and its second parity computation.
3.Explain the process of data recovery in case of a drive failure in RAID
5.
4.What are the benefits of using RAID 3 in a backup application?
5.Discuss the impact of random and sequential I/Os in different RAID
configurations.
6.An application has 1,000 heavy us ers at a peak of 2 IOPS each and
2,000 typical users at a peak of 1 IOPS each. It is estimated that the
application also experiences an overhead of 20 percent for other
workloads. The read/write ratio for the application is 2:1. Calculate
RAID corrected IO PS for RAID 1/0, RAID 5, and RAID 6.
7.For Question 6, compute the number of drives required to support the
application in different RAID environments if 10 K RPM drives with a
rating of 130 IOPS per drive were used.
8.What is the stripe size of a five -diskRAID 5 set with a strip size of 32
KB? Compare it with the stripe size of a five -disk RAID 0 array with
the same strip size.
3.11 FURTHER READING
http://aad.tpu.ru/practice/EMC/Information%20Storage%20and%20M
anagement -v.2.pdf
https://nptel.ac.in/courses/106/108/106108058/
https://nptel.ac.in/content/storage2/courses/106108 058/lec%2007.pdf
http://www.ictacademy.in/pages/Information -Storage -and-
Management.aspx
https://www. googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwi
M8Kq6isHyAhUEkmYCHbJyDXAYABAAGgJzbQ&ae=2&ohost=w
ww.google.com&cid=CAESQeD28QNmzUxhr6qtgEwm24g2Yc -
TeMC_24a0sxeZf9MitA7QrS5Vz4VE3XfWSwFvX0iAKPoH4fT4Q
mSj7PhnMAQF&sig=AOD64_1Y3y_5vJpAZOJybqnNONsE6wNay
Q&q&adurl&v ed=2ahUKEwjvsaG6isHyAhXjxTgGHTvKBEEQ0Qx
6BAgDEAEmunotes.in
Page 58
58https://www.coursera.org/lecture/big -data-management/data -storage -
RplBY
https://www.coursera.org/courses?query=data%20storage
https://www.coursera.org/lecture/technical -support -
fundamentals/storage -RLNIZ
https://www.coursera.org/learn/cloud -storage -big-data-analysis -sql-
pdf/
3.12 REFERENCES
1.Information Storage and Management: Storing, Managing and
Protecting Digital Information in Classic, Virtualized and Cloud
Environments, EMC, J ohn & Wiley Sons, 2ndEdition, 2012
2.Information Storage and Management, Pankaj Sharma
3.Information Technology Project Management, Jack T Marchewka
4.Information Storage and Management, I A Dhotre
munotes.in
Page 59
59Module I I
4
INTELLIGENT STORAGE SYSTEM
Unit Structure
4.0Intelligent Storage System
4.1Front -End Command Queuing
4.2Cache Mirroring and Vaulting
4.3Logical Unit number
4.4LUN Masking
4.5 Intelligent Storage Array
4.6High -end Storage System
4.7Midrange Storage System
4.8 Summary
4.9 Questions
4.10References
4.0 INTELLIGENT STORAGE SYSTEM
Business -critical applications require high levels of performance,
availability, security, andscalability. Ahard diskdrive isacore element of
storage that governs the perf ormance of any storage system. Some of the
older disk array technologies could notovercome performance constraints
due to the limitations of a hard diskanditsmechanical components. RAID
technology made an important contribution to enhancing storage
performance and reliability, but hard disk drives even with a RAID
implementation could not meet performance requirements oftoday’s
applications.
With advancements intechnology, anew breed ofstorage solutions
known asanintelligent storage system hasevolved. Theintelligent storage
systems detailed inthis chapter arethefeature -rich RAID arrays that
provide highly optimized I/O processing capabilities. These arrays have an
operating environment that controls themanagement, allocation, and
utilization ofstorage resources. These storage systems areconfigured with
large amounts ofmemory called cache anduse sophisticated algorithms to
meet the I/O requirements of performance -sensitive applications.
Components of An Intelligent Storage System
Anintelligent storage system consists offour keycomponents:
front end, cache, back end, andphysical disks .F i g u r e4 -1 illustrates these
components and their interconnections. An I/O request received from themunotes.in
Page 60
60host at the front -end port isprocessed through cache andtheback end, to
enable storage andretrieval ofdata from thephysical disk.Aread request
canbeserviced directly from cache ifthe requested data is found in cache.
Figure 4-1:Components ofanintelligent storage system
4.1FRONT END
Thefront endprovides theinterface between thestorage system and
thehost. It consists of two components: front -end ports and front -end
controllers. The front -end ports enable hosts to connect to the intelligent
storage system. Each front -endporthasprocessing logic thatexecutes the
appropriate transport protocol, such asSCSI, Fibre Channel, oriSCSI, for
storage connections. Redundant ports areprovided onthefront endforhigh
availability.
Front -end controllers route data to and from cache vi a the internal
data bus. When cache receives write data, thecontroller sends an
acknowledgment message back to the host. Controllers optimize I/O
processing by using command queuing algorithms.
Front -EndCommand Queuing
Command queuing is a technique imp lemented on front -end
controllers. It determines the execution order of received commands and
can reduce unnecessary drive head movements and improve disk
performance. When a command isreceived forexecution, thecommand
queuing algorithms assigns a tag t hat defines a sequence in which
commands should be executed. With command queuing, multiple
commands can be executed concurrently based on the organization of data
on the disk, regardless of the order in which the commands were received.
Themost commonly used command queuing algorithms areasfollows:
■First InFirst Out (FIFO) :This isthedefault algorithm where
commands are executed in the order in which they are received (Figure 4 -2
[a]). There is no reordering of requests for optimization; therefore, it is
inefficient interms ofperformance.munotes.in
Page 61
61■Seek Time Optimization: Commands are executed based on
optimizing read/write head movements, which may result in reordering of
commands. Without seek time optimization, the commands are
executed in the order they are received. For example, as shown in Figure
4-2(a), the commands are executed in the order A, B, C and D. The radial
movement required bythehead toexecute Cimmediately after Ais
less than what would be required to execute B. With seek time
optimization, the command execution sequence would be A, C, B and D,
asshown inFigure 4-2(b).
Figure 4-2:Front -endcommand queuing
■Access Time Optimization: Commands areexecuted based onthe
combination of seek time optimization and an an alysis of rotational
latency foroptimal performance.
Command queuing can also be implemented on disk controllers
and this mayfurther supplement thecommand queuing implemented onthe
front -endcontrollers. Some models of SCSI and Fibre Channel drives h ave
command queuing implemented ontheir controllers.
4.2CACHE
Cache isanimportant component that enhances the I/O
performance inan intelligent storage system. Cache issemiconductor
memory where data isplaced temporarily to reduce thetime requir ed to
service I/O requests from the host. Cache improves storage system
performance byisolating hosts from themechanical delays associated with
physical disks, which aretheslowest compo nents ofanintelligent storage
system. Accessing data from aphysi caldisk usually takes a few
milliseconds because of seek times and rotational latency. If a diskhasto
beaccessed bythehost forevery I/Ooperation, requests arequeued, which
results inadelayed response. Accessing data from cache takes lessthana
millisecond. Write data isplaced incache andthen written todisk. After
thedataissecurely placed incache, thehostisacknowledged immediately.munotes.in
Page 62
62Structure ofCache
Cache isorganized intopages orslots, which isthesmallest unitof
cache allocatio n. The size of a cache page is configured according to the
application I/O size. Cache consists ofthedata store andtagRAM. Thedata
store holds thedatawhile tagRAM tracks thelocation ofthedata inthe
datastore (seeFigure 4-3)and in disk.
Entries in tag RAM indicate where data is found in cache and
where the data belongs on the disk. Tag RAM includes a dirty bit flag,
which indicates whether the data in cache has been committed to the disk
or not. It also contains time-based information, such asthetime oflast
access, which isused to identify cached information that has not been
accessed for a long period andmay befreed up.
Figure 4-3:Structure ofcache
Read Operation with Cache
When a host issues a read request, the front -end controller accesses
the tag RAM to determine whether the required data is available in cache.
If the requested data is found in the cache, it is called a read cache hit or
read hit anddata issent directly tothehost, without anydisk operation
(seeFigure 4-4[a]). This provides a fast response time to the host (about a
millisecond). If the requested dataisnotfound incache, itiscalled acache
miss andthedata must beread from thedisk (see Figure 4-4[b]). The
back-end controller accesses the app ropriate disk and retrieves the
requested data. Data is then placed in cache and is finally sent to the host
through the front -end controller. Cache misses increase I/Oresponse time.
Apre-fetch, orread-ahead, algorithm is used when read requests
are se quential. In a sequential read request, a contiguous set of
associated blocks is retrieved. Several other blocks that have not yet been
requested by the host canberead from thedisk andplaced intocache in
advance. When thehost subsequently requests theseblocks, theread
operations will beread hits. This process significantly improves the
response time experienced by the host. The intelligent storage system
offers fixed and variable pre -fetch sizes. Infixed pre -fetch , the intelligent
storage system p re-fetches a fixed amount of data. It is most suitable when
I/O sizes are uniform. In variable pre -fetch ,t h e storage system pre -fetches
an amount of data in multiples of the size of the host request. MaximumCache
Disk
munotes.in
Page 63
63pre-fetch limits thenumber ofdata blocks that canbe pre -fetched to
prevent the disks from being rendered busy with pre -fetch attheexpense
ofother I/O.
Read performance is measured in terms of the read hit ratio, or the
hit rate ,usually expressed as a percentage. This ratio is the number of read
hits with respect to the total number of read requests. A higher read hit
ratio improves theread performance.
Figure 4-4:Read hitandreadmiss
Write Operation with Cache
Write operations with cache provide performance advantages over
writing directl y to disks. When an I/O is written to cache and
acknowledged, it is completed in far less time (from the host’s
perspective) than it would take to write directly to disk. Sequential writes
also offer opportunities for optimization because many smaller writ es can
be coalesced for larger transfers to disk drives with the use of cache.
Awrite operation with cache isimplemented inthefollowing ways:
Write -back cache: Data isplaced incache andanacknowledgment issentto
thehost immediately. Later, data from several writes arecommitted (de-
staged) tothedisk. Write response times aremuch faster, asthewrite
operations areisolated from themechanical delays ofthedisk. However,
uncommitted data is at risk of loss in the event of cache failures.
■Write-through cache: Data is placed in the cache and immediately
writ-tentothedisk, andanacknowledgment issent tothehost. Because
datais committed to disk as it arrives, the risks of data loss are low but
write response time is longer because of the disk operations.
Cache can be bypassed under certain conditions, such as very large
sizewrite I/O.Inthisimplementation, ifthesizeofanI/Orequest exceeds
thepre-defined size, called write aside size,writes aresent tothedisk
directly toreducethe impact of large writes consuming a large cache area.
This is particularly useful in an environment where cache resources are
constrained and must be made available forsmall random I/Os.munotes.in
Page 64
64Cache Implementation
Cache canbeimplemented aseither dedic atedcache orglobal cache.
With dedicated cache, separate setsofmemory locations arereserved for
reads andwrites. In global cache, both reads and writes can use any of the
available memory addresses. Cache management ismore efficient ina
global cacheimplementation, asonly one global set of addresses has to be
managed.
Global cache may allow users tospecify thepercentages ofcache
available forreads and writes in cache management. Typically, the read
cache is small, but it should be increased if the application being used is
read intensive. In other global cache implementations, theratio ofcache
available forreads versus writes isdynamically adjusted based on the
workloads.
Cache Management
Cache isafinite and expensive resource that needs proper
management. Even though intelligent storage systems can be configured
with large amounts of cache, when allcache pages arefilled, some pages
have tobefreed uptoaccom modate new data andavoid performance
degradation. Various cache management algorithms areimplemented in
intelligent storage systems toproactively maintain asetoffreepages anda
listofpages thatcanbepotentially freed upwhenever required:
■Least Recently Used (LRU): An algorithm that continuously
monitors data access in cache and identifies the cache pages that have not
been accessed foralong time. LRU either frees upthese pages ormarks
them forreuse. This algorithm isbased ontheassumption thatdata which
hasn’t been accessed for a while will not be requested by t he host.
However, if a page contains write data that has not yet been committed to
disk, data willfirst be written to disk before the page is reused.
■Most Recently Used (MRU): An algorithm that is the converse of
LRU. InMRU, thepages thathave been accessed most recently arefreed
upormarked forreuse. This algorithm isbased ontheassumption that
recently accessed datamaynotberequired forawhile.
Ascache fills, thestorage system must take action toflush dirty
pages (data written into the c ahce but not yet written to the disk) in order to
manage its availability. Flushing istheprocess ofcommitting data from
cache tothedisk. On the basis of the I/O access rate and pattern, high and
low levels called watermarks are set in cache to manage the flushing
process. High watermark (HWM) is the cache utilization level at which the
storage system starts high -speed flushing of cache data. Low watermark
(LWM) is the point at which the storage system stops thehigh-speed or
forced flushing andreturn stoidleflush behavior. The cache utilization
level, as shown in Figure 4 -5, drives the mode offlushing to be used:
■Idle flushing: Occurs continuously, at a modest rate, when the cache
utilization level is between the high and low watermark.munotes.in
Page 65
65■High waterm arkflushing: Activated when cache utilization hitsthe
highwatermark. Thestorage system dedicates some additional resources to
flush-ing. This type offlushing hasminimal impact onhost I/O
processing.
■Forced flushing: Occurs intheevent ofalarge I/Oburst when cache
reaches 100percent ofitscapacity, which significantly affects theI/O
response time. Inforced flushing, dirty pages areforcibly flushed to
disk.
Figure 4-5:Types offlushing
Cache Data Protection
Cache isvolatile memory, soapower failure oranykind ofcache
failure willcause thelossofdatanotyetcommitted tothedisk. This riskof
losing uncommitted data held incache canbemitigated using cache
mirroring andcache vaulting :
■Cache mirroring: Each write to cache is h eld in two different
memory locations on two independent memory cards. In the event of a
cache failure, the write data will still be safe in the mirrored location and
canbecommitted tothedisk. Reads arestaged from thedisk tothe
cache; therefore, in the event of a cache failure, the data can still be
accessed from the disk. As only writes are mirrored, this method results in
better utilization of the available cache.
Incache mirroring approaches, theproblem ofmaintaining cache
coherency is introduc ed. Cache coherency means that data in two different
cache locations must beidentical atalltimes. Itistheresponsibility ofthe
array operating environment to ensure coherency.
■Cache vaulting: Cache isexposed totheriskofuncommitted dataloss
duetopower failure. This problem canbeaddressed invarious ways: power -
ingthememory with abattery until ACpower isrestored orusing battery
power to write the cache content to the disk. In the event of extended
power failure, using batteries isnotaviable option because inintelligent
storage systems, large amounts of data may need to be committed to
numerous disks andbatteries may notprovide power forsufficient timeto
write each piece ofdatatoitsintended disk. Therefore, storage vendors usea
set of physical disks to dump the contents of cache during power failure.
This iscalled cache vaulting andthedisks arecalled vault drives. When
power is restored, data from these disks is written back to write cache and
then written to the intended disks.munotes.in
Page 66
66Back End
Theback endprovides aninterface between cache andthephysical
disks. Itconsists oftwo components: back-end ports and back-end
controllers. The back endcontrols data transfers between cache andthe
physical disks. From cache, data issenttotheback endandthen routed to
thedestination disk. Physical disks areconnected toports ontheback end.
Theback endcontroller communicates withthedisks when performing reads
andwrites andalsoprovides additional, butlimited, temporary datastorage.
Thealgorithms implemented onback-endcontrollers provide error detection
andcorrection, along with RAID functionality.
For high data protection and availability, storage systems are
configured with dual controllers with multiple ports. Suchconfigurations
provide analternate pathtophysical disks intheevent ofacontroller orport
failure. This reliability isfurther enhanced ifthedisks arealsodual-ported. In
that case, each disk port canconnect toaseparate controller. Multiple
controllers alsofacilitate loadbalancing.
Physical Disk
Aphysical disk stores data persistently. Disks areconnected tothe
back-endwith either SCSI or a Fibre Channel interface (discussed in
subsequent chap ters). Anintelligent storage system enable stheuseofa
mixture ofSCSI orFibre Channel drives and IDE/ATA drives.
4.3 LOGICAL UNIT NUMBER
Physical drives orgroups ofRAID protected drives canbelogically
split into volumes known aslogical volumes, commonly referred toas
Logical Unit Numb ers (LUNs). The use of LUNs improves disk
utilization. For example, without the use of LUNs, a host requiring only
200 GB could be allocated an entire 1TB physical disk. Using LUNs, only
therequired 200GBwould beallocated tothehost, allowing the remaining
800 GB to be allocated to other hosts. In the case of RAID protected
drives, these logical units are slices of RAID setsandarespread across all
thephysical disks belonging tothatset.Thelogical units canalsobeseen as
alogical partition ofaRAID setthatispresented toahost asaphysical
disk. Forexample, Figure 4-6shows aRAID setconsisting offivedisks that
have been sliced, orpartitioned, into several LUNs. LUNs 0and1are
shown in the figure.munotes.in
Page 67
67
Figure 4-6:Logical unitnumber
Note how a portion of each LUN resides on each physical disk in
the RAID set.LUNs 0and1arepresented tohosts 1and2,respectively, as
physical volumes for storing and retrieving data. Usable capacity of the
physical volumes is determined by the RAI Dt y p eo f the RAID set.
The capacity ofaLUN canbeexpanded byaggregating other
LUNs with it. The result of this aggregation is a larger capacity LUN,
known as a meta -LUN . The mapping of LUNs to their physical location
on the drives is man -aged bytheoperating environment ofanintelligent
storage system.
4.4 LUN MASKING
LUN masking isaprocess thatprovides dataaccess control bydefining
which LUNs ahost can access. LUN masking function istypically
implemented atthefront endcontroller. This ensures thatvolume access by
servers iscontrolled appropriately, preventing unauthorized oraccidental use
inadistributed environment.
Forexample, consider astorage array withtwoLUNs thatstore dataof
thesales andfinance departments. Without LUNmasking, both departments
caneasily seeandmodify each other’s data, posing ahigh risk todata
integrity andsecurity. With LUN masking, LUNs areaccessible only tothe
designated hosts.
4.5INTELLIGENT STORAGE ARRAY
Intelligent storage systems generally fallintooneofthefollowing
twocategories:
■High -end storage systems
■Midrange storage systemsmunotes.in
Page 68
68Traditionally, high-endstorage systems have been implemented with
active -active arrays, whereas midrange storage systems used typically in
small -andmedium -sized enterprises have been implemented with active -
passive arrays .Active -passive arrays provide optimal storage solutions atlower
costs. Enterprises make useofthiscost advantage andimplement active -
passive arrays tomeet specific applicatio nrequirements such asperformance,
availability, and scalability. The distinctions between these two
implementations arebecoming increasingly insignificant.
4.6 HIGH -END STORAGE SYSTEMS
High -endstorage systems, referred toasactive -active arrays, are
generally aimed at large enterprises for centralizing corporate data. These
arrays are designed with a large number of controllers and cache memory.
An active -active array implies that the host can perform I/Os to its LUNs
across any of the available paths(see Figure 4 -7).
Figure 4-7:Active -active configuration
To address the enterprise storage needs, these arrays provide the
following capabilities:
■Large storage capacity
■Large amounts ofcache toservice host I/Os optimally
■Fault tolerance architect ure to improve data availability
■Connectivity tomainframe computers andopen systems hosts
■Availability ofmultiple front -end ports and interface protocols to
serve a large number of hosts
■Availability ofmultiple back-end Fibre Channel orSCSI RAID
contr ollers to manage disk processing
■Scalability tosupport increased connectivity, performance, and
storage capacity requirements
■Ability tohandle large amounts ofconcurrent I/Os from anumber
ofservers and applications
■Support for array -based local and re mote replicationmunotes.in
Page 69
69In addition to these features, high -end arrays possess some unique
features and functionals that are required for mission -critical
applications in large enterprises.
4.7MIDRANGE STORAGE SYSTEM
Midrange storage systems are also referre d to as active -passive
arrays and they are best suited for small -and medium -sized enterprises. In
an active -passive array, ahostcanperform I/Os toaLUN only through the
paths totheowning controller of that LUN. These paths are called active
paths .The other paths are passive with respect tothisLUN. Asshown in
Figure 4-8,thehost canperform reads orwrites totheLUN only through
thepath tocontroller A,ascontroller A is the owner of that LUN. The path
to controller B remains passive and no I/Oactivity isperformed through
thispath.
Midrange storage systems are typically designed with two
controllers, each of which contains host interfaces, cache, RAID
controllers, and disk drive interfaces.
Figure 4-8:Active -passive configuration
Midra ngearrays aredesigned tomeet therequirements ofsmall and
medium enterprises; therefore, they host less storage capacity and global
cache than active -active arrays. There arealso fewer front-endports for
connection toservers. However, they ensure hi gh redundancy and high
performance for applications with predictable workloads. They also
support array -based local and remote replication.
4.8 SUMMARY
This chapter detailed the features and components of the intelligent
storage system —front end, cache , back end, and physical disks. The
active -active and active -passive implementations of intelligent storagemunotes.in
Page 70
70systems were also described. An intelligent storage system provides the
following benefits to an organization:
■Increased capacity
■Improved perfo rmance
■Easier storage management
■Improved data availability
■Improved scalability and flexibility
■Improved business continuity
■Improved security and access control
An intelligent storage system is now an integral part of every
mission -critical da ta center. Although a high -end intelligent storage
system addresses information storage requirements, it poses a challenge
for administrators to share information easily and securely across the
enterprise.
Storage networking is a flexible information -centric strategy that
extends the reach of intelligent storage systems throughout an enterprise.
It provides a common way to manage, share, and protect information.
4.9 QUESTIONS
1.Explain the components of an Intelligent Storage System.
2.What is front -end command queuing? Explain the common command
queuing algorithms.
3.What is cache? Explain the structure of cache.
4.Explain the read and write cache operations.
5.How is cache implemented and managed?
6.Discuss the cache data protection.
7.What ar e solid state devices? Explain.
8.Explain the concept of Logical Unit number.
9.What are the two categories of intelligent storage systems?
4.10 REFERENCES
1.Data Center Virtualization Fundamental s,Gustavo Alessandr o
Andrade Santan a,Cisco Press1stEdition 2014.
munotes.in
Page 71
715
STORAGE AREA NETWORKS
Unit Structure
5.0Storage Consolidation
5.1Fibre Channel: Overview
5.2Components of San
5.3FC Connectivity
5.4Fibre Channel Ports
5.5Fibre Channel (FC) Architecture
5.6Zoning
5.7 Fibre Channel Login Types
5.8Fibre Channe l Topologies
5.9Summary
5.10 Questions
5.11 References
5.0 STORAGE CONSOLIDATION
Organizations are experiencing an explosive gr owth in information.
This infor mation needs tobestored, protected, optimized, andmanaged
efficiently. Data center managers areburdened withthechallenging task of
providing low -cost, high -performance information management solutions.
Aneffective information management solution must provide thefollowing:
■Just-in-time information tobusiness users: Information must be
available to business users when they need it. The explosive growth in
online storage, proliferation of new servers and applications, spread
ofmission -critical data throughout enterprises, anddemand for24×7
dataavailability are some of the challenges that need to be addr essed .
■Integration ofinformation infrastructure with business processes:
Thestorage infrastructure should be integrated with various business
pro-cesses without compromising its security and integrity.
■Flexible and resilient storage architecture: The st orage
infrastructure must provide flexibility andresilience thataligns with
changing business requirements. Storage should scale without
compromising performance requirements of the applications and, at the
same time, the total cost of managing informati on must be low.
Direct -attached storage (DAS) is often referred to as a stovepiped
storage environment. Hosts “own” the storage and it is difficult to managemunotes.in
Page 72
72and share resources on these isolated storage devices. Efforts to organize
this dispersed data le d to the emergence of the storage area network
(SAN). SAN is a high -speed, dedicated network ofservers andshared
storage devices. Traditionally connected over Fibre Channel (FC) networks,
a SAN forms a single -storage pool andfacilitates data centraliza tionand
consolidation. SAN meets thestor-age demands efficiently with better
economies of scale. A SAN also provides effective maintenance and
protection of data.
This chapter provides detailed insight intotheFCtechnology onwhich
aSAN is deployed and also reviews SAN design and management
fundamentals.
5.1 FIBRE CHANNEL: OVERVIEW
The fibre channel methodology has means to implement three
topologies: point -to-point links, arbitrated loops (shared bandwidth loop
circuits), and bandwidth switched fabrics that provide SANs with the
ability to do bandwidth multiplexing by supporting simultaneous data
transmission between various pairs of devices. Any storage device on the
loop can be accessed through a fibre channel switch (FCSW) or hub. The
fibre chan nel switch can support entry -level (8 –16 ports) to enterprise -
level (64 –128 ports) systems. Under the ANSI X3T11 standards
regulation, up to 126 storage devices (nodes) can be linked in the fiber
channel arbitrated loop (FC -AL) configuration, with the stor age interface
bandwidth about 100 Mbits/s for transferring large files. More than 70
companies, including industry -leading vendors of disk arrays and computer
and networking systems, support the FC -AL voluntary standards. The FC -
AL topology is used primari ly to connect disk arrays and FC devices.
Originally developed as the high -speed serial technology of choice for
server –storage connectivity, the FC -AL methodology is extended to the
FC-SL standard that supports isochronous and time -deterministic services ,
including methods of managing loop operational parameters and QoS
definitions, as well as control. The FC -VI regulation establishes a fibre
channel -virtual interface architecture (FC -VIA) mapping standard. See the
chapter on fibre channels for more infor mation about various
implementations of the technology in various network configurations,
including SANs.
Because of the high cost of the FC interconnect components and
separation of storage and servers at the wide area network scale (resulting
in slow ca pabilities of WAN –SANs with fibre channel), alternatives to FC
technologies have been developed. The ipStorage technology (Barker &
Massiglia, 2001, p. 187) employs TCP/IP as a storage interconnect. The
Internet Engineering Task Force (IETF) has proposed the iSCSI ( Internet
SCSI ) standards that address the issues of long distances (WAN -scale),
reducing the interconnect cost, high security, and complex storage network
topologies. The iSCSI is layered on top of the TCP/IP protocol hierarchy
and can instantly access all modern transmission media and topologies.munotes.in
Page 73
73TCP/IP and related protocols have been implemented in the server -based
systems that allow the most general storage networks to be constructed
with the iSCSI methodology. The main challenge is a reductio n of the
iSCSI processor overhead of operating iSCSI packets below the Fibre
Channel overhead level.
TheSANandItsEvolution
Astorage area network (SAN) carries databetween servers (also known
ashosts )andstorage devices through fibre channel switch es(seeFigure 5-1).
ASAN enables storage consolidation andallows storage tobeshared across
multiple servers. Itenables organizations toconnect geographically dispersed
servers andstorage.
Figure 5-1:SAN implementation
A SAN can be considered as an extended and shared storage bus
within a data center, consisting of various storage devices and specific
interfaces (e.g., fibre channel, ESCON, HIPPI, SCSI, or SSA) rather than
the Ethernet (Peterson, 1998). In order to be connected to the enterprise
network, the SAN utilizes technologies similar to those of LANs and
WANs: switches, routers, gateways, and hubs (see Figure 5-1). Wide area
network carrier technologies, such as asynchronous transfer mode (ATM)
or synchronous optical networks, can be used for remote archival data
storing and backup. As an important element of modern distributed
networking architectures of storage -centric enterprise information
processing, SAN technology represents a significant step toward a fully
networked secure data stor age infrastructure that is radically different from
traditional server -attached storage (Clark, 1999). The SAN represents a
new segment of the information services industry called storage solution
providers (SSP). However, isolated SANs cannot realize SSPs ’s e r v i c e s ,
such as real -time data replication, failover, storage hosting, and remote
vaulting.munotes.in
Page 74
745.2COMPONENTS OFSAN
ASAN consists ofthree basic components: servers, network
infrastructure, andstorage. These components canbefurther broken down
into thefollowing keyelements: node ports, cabling, interconnecting
devices (such asFC switches orhubs), storage arrays, and SAN
management software.
5.2.1 Node Ports
Infibre channel, devices such ashosts, storage andtapelibraries are
allreferred toasnodes.Each node isasource ordestination ofinformation
foroneormore nodes. Each node requires one or more ports to provide a
physical interface for communicating with other nodes. These ports are
integral components of an HBA and the storage front -endadapters. A port
operates in full -duplex data transmission mode with a transmit (Tx) link
and a receive (Rx) link (see Figure 5-3).
Figure 5-2:FCSAN evolutionmunotes.in
Page 75
75
Figure 5-3:Nodes, ports, andlinks
5.2.2Cabling
SAN implementations useoptical fiber cabling. Copper canbeused
forshorter distances forback-endconnectivity, asitprovides abetter signal -
to-noise ratiofordistances upto30meters. Optical fiber cables carry datain
theform oflight. There aretwotypes ofoptical cables, multi -mode and
single -mode.
Multi -mode fiber (MMF) cable carries multiple beams of light
projected at different angles simultaneously onto the core of the cable (see
Figure 5-4( a ) ) . Based on t he bandwidth, multi -mode fibers are classified as
OM1 (62.5µm), OM2 (50µm) and laser optimized OM3 (50µm). In an
MMF transmission, multiple light beams traveling inside thecable tend to
disperse andcollide. This collision weakens thesignal strength afterittravels
acertain distance —aprocess known asmodal dispersion . An MMF cable is
usually used for distances of up to 500 meters because ofsignal
degradation (attenuation) duetomodal dispersion.
Single -mode fiber (SMF) carries asingle rayoflightprojected atthe
center ofthecore(seeFigure 5-4(b)). These cables areavailable indiameters
of7–11microns; themost common size is9microns. InanSMF
transmission, asingle light beam travels inastraight linethrough thecore of
thefiber. Thesmall core andthesingle light wave limits modal dispersion.
Among alltypes offibre cables, single -mode provides minimum signal
attenuation over maximum distance (upto10km). Asingle -mode cable is
used forlong-distance cable runs, limited only bythepower ofthelaser atthe
transmitter andsensitivity ofthereceiver.munotes.in
Page 76
76
Figure 5-4:Multi -mode fiber andsingle -mode fiber
MMFs aregenerally used within data centers forshorter distance
runs, while SMFs are used for longer distances. MMF transceive rs are less
expensive as compared to SMF transceivers.
A Standard connector (SC) (see Figure 5-5( a ) )a n daL u c e n t
connector (LC) (seeFigure 6-5(b))aretwocommonly used connectors for
fiber optic cables. AnSC is used for data transmission speeds up t o 1 Gb/s,
whereas an LC is used for speeds up to 4 Gb/s. Figure 5-6 depicts a Lucent
connector and a Standard connector.
AStraight Tip (ST) is a fiber optic connector with a plug and a socket
that is locked with a half -twisted bayonet lock (see Fi gure 5-5 (c)). In the
early days ofFCdeployment, fiber optic cabling predominantly used ST
connectors. Thisconnector is often used with Fibre Channel patch panels.
Figure 5-5:SC,LC,andSTconnectors
The Small Form -factor Pluggable (SFP) is an opt ical transceiver
used in optical communication. The standard SFP+ transceivers support
data ratesupto10Gb/s.
5.2.3 Interconnect Devices
As the name suggests these devices are used for connection
between hosts in the SAN environment and Hubs, switches and
directors are the examples of interconnecting devices.munotes.in
Page 77
77Hubs physically connect nodes in a logical loop or a physical star
topology and are used as communication equipment in FC -AL
applications.
Switches directly route data from 1 physical port to dif ferent one
and are thus are more intelligent than hubs.
Directors works the same way as FC switches, but directors have higher port
count and fault tolerance capacity. They are also larger than switches and are deployed for
data center works.
5.2.3 Stora ge Arrays
The main aim ofany SANnetwork istoprovide storage
resources toitshost. SAN implementations supplement the standard
features of storage arrays by providing high accessibility and redundancy,
improved performance, business continuity, and mul tiple host
connectivity.
The large storage capacities offered by modern storage arrays have
been exploited in SAN environments for storage consolidation and
centralization.
5.2.4SAN Management Software
SANmanagement application package handles theinterface s
between hosts, interconnect devices, andstorage arrays .
SAN management software is very important as it allows the
complete management of different resources from a single point and also
gives the complete structure of the SAN environment.
It provides key management functions, as well as mapping of storage devices,
switches, and servers, observance and generating alerts for discovered devices, and logical
partitioning of the SAN, known as partitioning.
5.3 FC CONNECTIVITY
The FC architecture supports three basic interconnectivity options:
point -to-point, arbitrated loop (FC-AL), andfabric connect.
5.3.1 Point -to-Point
Point -to-point is the simplest FC configuration —two devices are
connected directly toeach other, asshown inFigure 5-6.This
configuration provides a dedicated connection for data transmission
between nodes. However, the point -to-point configuration offers limited
connectivity, asonly twodevices cancommunicate with each other ata
given time. Moreover, itcannot bescaled toaccommodate a large number
of network devices. Standard DAS usess point -to-point connectivity.munotes.in
Page 78
78
Figure 5-6:Point -to-point topology
5.3.2 Fibre Channel Arbitrated Loop
IntheFC-ALconfiguration, devices areattached toashared loop,
asshown inFigure 6-7.FC-ALhasthecharacteristics ofatoken ring
topology andaphysical startopology. InFC-AL,each device contends with
other devices toperform I/Ooperations. Devices ontheloop must “arbitrate”
togain control oftheloop. Atanygiven time, only o ne device can perform
I/Ooperations on the loop.
Asaloop configuration, FC-ALcanbeimplemented without any
interconnecting devices bydirectly connecting onedevice toanother inaring
through cables. However, FC-ALimplementations may also usehubs
whereby thearbitrated loop isphysically connected in astar topology.
TheFC-ALconfiguration hasthefollowing limitations interms
ofscalability:
FC-AL shares the bandwidth in the loop. Only one device can
perform I/Ooperations atatime. Because each device inaloop hastowait
foritsturn to process an I/O request, the speed of data transmission is low
inan FC -AL topology.
Figure 5-7:Fibre Channel arbitrated loopmunotes.in
Page 79
79
o
9 8 4
Node B (Target) Node C
7
Transmit65
Receive
Port #4Port PortPort #3
Receive TransmitFC-AL uses 8 -bit addressing. It can support up to 127 devices on a
loop.
Adding or removing a device results in loop re -initialization, which can
cause a momentary pause in loop traffic.
FC-ALTransmission
When anode intheFC-ALtopology attempts totransmit data, the
node sends anarbitration (ARB) frame to each node on the lo op. If two
nodes simultaneously attempt to gain control of the loop, the node with the
highest priority is allowed to communicate with another node. This priority
is determined on thebasis ofArbitrated Loop Physical Address (AL-PA)
andLoop ID,described later in this chapter.
When theinitiator node receives theARB request itsent, itgains
control oftheloop. Theinitiator then transmits data tothenode with which it
has established a virtual connection. Figure 5-8 illustrates the process of data
transmission in anFC-AL configuration.
N
FCHub
Figure 5-8:Data transmission inFC-AL
Node Awant tocommunicate with Node B
1.High priority initiator, Node A inserts the ARB frame in the loop.
ARB frame is passed to the next node (Node D) in theloop.
2.Node D receives high priority ARB, therefore remains idle. ARB is
forwarded to next node (Node C) in the loop.
3.Node C receives high priority ARB, therefore remains idle. ARB is
forwarded to next node (Node B) in the loop.
4.Node B receives high priori ty ARB, therefore remains idle and ARB
is forwarded to next node (Node A) in the loop.
5.Node A receives ARB back; now it gains control of the loop and
can start communicating with target Node B.de A(Initiator)NodeD1 3
Transmit
Port #1 Port2
PortReceive
Port #2
Receive Transmit
munotes.in
Page 80
805.3.3 Fibre Channel Switched Fabric
Fibre Channel (FC)isah i g h -speed data transfer protocol
providing in -order, lossless delivery of raw block data. Fibre Channel is
primarily used to connect computer data storage toservers instorage area
networks (SAN) in commercial data centers .
Fibre Channel networks form a switched fabric because the
switches in a network operate in unison as o ne big switch. Fibre Channel
typically runs on optical fiber cables within and between data centers, but
can also run on copper cabling. Supported data rates include 1, 2, 4, 8, 16,
32, 64, and 128 gigabit per second resulting from improvements in
successive technology generations.
There are various upper -level protocols for Fibre Channel,
including two for block storage. Fibre Channel Protocol (FCP) is a
protocol that transports SCSI commands over Fibre Channel
networks.[3][4]FICON is a protocol that transports ESCON commands,
used by IBM mainframe computers, over Fibre Channel. Fibre Channel
can be used to transport data from storage systems that use solid -state flash
memory storage medium by transporting NVMe protocol commands.
Figure 5-9:Fibre Channel switched fabric
When thenumber oftiers inafabric increases, thedistance thata
fabric management message musttravel toreach each switch inthefabric
alsoincreases. The increase in the distance also increases the time taken to
propagate and complete a fabric reconfiguration event, such as the addition
of a new switch, orazone setpropagation event (detailed later inthis
chapter). Figure 6-10illustrates two -tier and three -tier fabric architecture.munotes.in
Page 81
81
Figure 5-10:Tiered structure ofFC-SWtopology
FC-SW Transmission
FC-SW uses switches that are intelligent devices. They can switch
data traffic from an initi ator node to a target node directly through switch
ports. Frames arerouted between source and destination by the fabric.
Asshown inFigure 5-11,ifnode Bwants tocommunicate with node
D,Nodes should individually login firstandthen transmit data viatheFC-
SW. This linkisconsidered adedicated connection between theinitiator
andthetarget.
Figure 5-11:Data transmission inFC-SWtopologymunotes.in
Page 82
825.4FIBRE CHANNEL PORTS
There are differe nt types of Fibre Channel ports.
Let’s have a look
Quick ReferenceShort
NameDescriptive
NameDevice
TypePort FunctionN-portNode PortNodeport used to connect a node to a
Fibre Chanel switchF-portFabric Port
SwitchesSwitchport used to connect the Fibre
Channel fabric to a nodeL-portLoop Port
NodesNodeport u sed to connect a node to a
Fibre Channel loopNL-portNode LoopNodesNode port which connects to both
loops and switchesFL-portFabric +
Loop PortSwitchesSwitch port which connects to
both loops and switchesE-portExpansion
PortSwitchesUsed to ca scade fibre channel
switches togetherG-portGeneral PortSwitchesGeneral purpose port which can
be configured to emulate other
port typeU-portUniversal
portSwitchesIntial port state on a switch before
anything has connected and it
changes personali ty to an
operation state (E -port, F -port, fl -
port) or a transitional state like a
g-portmunotes.in
Page 83
83
Figure 5-12:Fibre channel ports
5.5FIBRE CHANNEL ARCHITECTURE
TheFCarchitecture represents truechannel/network integration with
standard interconnecting de vices. Connections in a SAN are accomplished
using FC. Traditionally, transmissions from host to storage devices are
carried out over channel connections such asaparallel bus. Channel
technologies provide high levels of performance with low protocol
overheads. Such performance is due to the static nature of channels and the
high level of hardware and software integration provided bythechannel
technologies. However, these technologies suffer from inherent limitations
in terms of the number of devices tha tc a nb e connected and the distance
between these devices.
Fibre Channel Protocol (FCP) is the implementation of serial
SCSI -3o v e ra n FC network. In the FCP architecture, all external and
remote storage devices attached to the SAN appear as local devices to the
host operating system. The keyadvantages of FCP are as follows:
■Sustained transmission bandwidth over long distances.
■Support for a larger number of addressable devices over a network.
Theoretically, FC can support over 15 million device addresses on a
network.
■Exhibits thecharacteristics ofchannel transport andprovides speeds up
to 8.5 Gb/s (8 GFC).
The FCstandard enables mapping several existing Upper Layer
Protocols (ULPs )to FC frames for transmission, including SCSI, IP, High
Performance Parallel Interface (HIPPI), Enterprise System Connection
(ESCON), andAsynchronous Transfer Mode (ATM).munotes.in
Page 84
845.5.1 Fibre Channel Protocol Stack
Itiseasier tounderstand acommunication protocol byviewing itasa
structure ofindependent layers. FCP defines thecommunication protocol in
five layers: FC-0through FC-4(except FC-3layer, which isnot
implemented). Inalayered communication model, thepeer layers oneach
node talktoeach other through defined protocols. Figure 6-13illustrates the
fibre chann elprotocol stack.
Figure 5-13:Fibre channel protocol stack
FC-4Upper Layer Protocol
FC-4istheuppermost layer intheFCP stack. This layer defines the
application interfaces and theway Upper Layer Protocols (ULPs) are
mapped tothelower FC layers . The FC standard defines several protocols
that can operate on the FC-4layer (seeFigure 5-13).Some oftheprotocols
include SCSI, HIPPI Framing Protocol, Enterprise Storage Connectivity
(ESCON), ATM, andIP.
FC-2Transport Layer
The FC -2 is the transp ort layer that contains the payload, addresses
of the source anddestination ports, andlinkcontrol information. TheFC-2
layer pro-vides Fibre Channel addressing, structure, and organization of
data (frames, sequences, and exchanges). It also defines fa bric services,
classes of service, flow control, and routing.
FC-1Transmission Protocol
This layer defines the transmission protocol that includes serial
encoding and decoding rules, special characters used, and error control. At
the transmitter node, an 8-bit character is encoded into a 10 -bit
transmissions character. This character is then transmitted to the receiver
node. At the receiver node, the 10-bitcharacter ispassed totheFC-1layer,
which decodes the10-bitcharacter intothe original 8 -bit character.
FC-0Physical Interface
FC-0isthelowest layer intheFCP stack. This layer defines the
physical interface, media, andtransmission ofrawbits.TheFC-0specification
includes cables, con-nectors, andoptical andelectrical parameters fora
variety ofdatarates. TheFCtransmission can use both electrical and optical
media.munotes.in
Page 85
855.5.2Fibre Channel Addressing
An FC address is dynamically assigned when a port logs on to the
fabric. The FCaddress hasadistinct format thatvaries according tothetype
ofnode portinthefabric. These ports canbeanN_port andanNL_port ina
public loop, oranNL_port in a private loop.
The first field of the FC address of an N_port contains the domain
ID of the switch (seeFigure 6-14).This isan8-bitfield. Outofthepossible
256domain IDs,239 are available for use; the remaining 17 addresses are
reserved for specific services. For example, FFFFFC is reserved for the
name server, and FFFFFE is reserved forthefabric login service. The
maximum possible number ofN_ports in a switched fabric is calculated a s
239 domains 256 areas 256 ports =15,663,104 Fibre Channel
addresses.
23222120191817161514131211109876543210
Domain ID Area ID Port ID
Figure 5-14:24-bitFCaddress ofN_port
Thearea IDisused toidentify agroup ofF_ports. Anexample ofa
group ofF_ports would be a card on the switch with more than one port on it.
The last field intheFCaddress identifies theF_port within thegroup.
FCAddress ofanNL_port
The FC addressing scheme for an NL_port differs from other ports.
The two upper bytes intheFCaddresses oftheNL_ports inaprivate loop
areassigned zero values. However, when anarbitrated loop isconnected toa
fabric through anFL_port, itbecomes apublic loop. Inthiscase, anNL_port
supports afabric login. The two upper bytes ofthis NL_port arethen
assigned apositive value, called a loop identifier , by the switch. The loop
identifier is the same for all NL_ports on a given loop.
Figure 5-15 illustrates the FC address of an NL_port in both a
public loop and a private loop. The last field in the FC addresses of the
NL_ports, in both public andprivate loops, identifies theAL-PA.There are
127allowable AL-PAaddresses; one address is reserved for the FL_port on
the switch.
23222120191817161514131211109876543210
Loop ID AL_PA ID
NL_Port, Public Loopmunotes.in
Page 86
8623222120191817161514131211109876543210
Unused AL_PA ID
NL_Port, Private Loop
Figure 5-15:24-bitFCaddress ofNL_port
World Wide Names
Each device intheFCenvironment isassigned a64-bitunique
identifier called theWorld Wide Name (WWN). The Fibre Channel
environment uses twotypes of WWNs: World Wide Node Name (WWNN)
and World Wide Port Name (WWPN). Unlike an FC address, which is
assigned dynamically, a WWN is a static name foreach device onanFC
network. WWNs aresimilar totheMedia Access Control (MAC) addresses
used inIPnetworking. WWNs areburned intothe hardware or assigned
through software. Several configuration definitions inaSAN useWWN for
identifying storage devices and HBAs. The name server inan FC
environment keeps the association of WWNs to the dynamically cre -ated
FCaddresses fornodes. Figure 5-16illustrates theWWN structure foran
array and the HBA.
World Wide Name -Array
5 0 0 6 0 1 6 0 0 0 6 0 0 1 B 2
0101 0000 0000 01100000 00010110 00000000 0000 0110 0000 0000 0001 10110010Company ID 24bits PortModel Seed 32bits
Figure 5-16:World Wide Names
5.5.3FCFrame
AnFCframe (Figure 6-17)consists offive parts: start offrame
(SOF) ,frame header ,data field,cyclic redundancy check (CRC) ,andendof
frame (EOF) .
The SOF andEOF actasdelimiters. Inaddition tothisrole, the
SOF isaflagthat indicates w hether the frame is the first frame in a
sequence of frames.
The frame header is 24 bytes long and contains addressing
information for theframe. Itincludes thefollowing information: Source ID
(S_ID), Destination ID (D_ID), Sequence ID (SEQ_ID), Sequenc eC o u n t
(SEQ_CNT), Originating Exchange ID (OX_ID), and Responder
Exchange ID (RX_ID), in addition to some control fields.World Wide Name -HBA
1 0 0 0 0 0 0 0 c 9 2 0 d c 4 0Reserved 12 bits Company ID 24bitsCompany Specific 24bitsmunotes.in
Page 87
87
Figure 5-17: FC frame
The S_ID and D_ID are standard FC addresses for the source port
and the destination port, respectively. Th e SEQ_ID and OX_ID identify
the frame as a component ofaspecific sequence and exchange,
respectively.
Theframe header alsodefines thefollowing fields:
■Routing Control (R_CTL) :This field denotes whether theframe is
alinkcontrol frame or a data fra me. Link control frames are nondata
frames thatdonotcarry anypayload. These frames areused forsetup and
messaging. In contrast, data frames carry the payload and are used for data
transmission.
■Class Specific Control (CS_CTL) :This field specifies linkspeeds for
class 1 and class 4 data transmission.
■TYPE : This field describes the upper layer protocol (ULP) to be
carried on the frame if it is a data frame. However, if it is a link control
frame, thisfield isused tosignal anevent such as“fabric busy.” For
example, iftheTYPE is08,andtheframe isadata frame, itmeans thatthe
SCSI willbe carried on an FC.
■Data Field Control (DF_CTL) :A1-byte field thatindicates the
existence ofanyoptional headers atthebeginning ofthedatapayload. Itisa
mecha nism to extend header information into the payload.
■Frame Control (F_CTL) :A3-byte field that contains control
information related toframe content. Forexample, oneofthebitsinthisfield
indicates whether this is the first sequence of the e xchange.
Thedatafield inanFCframe contains thedatapayload, upto2,112
bytes oforiginal data—inmost cases, SCSI data. Thebiggest possible payload
anFCframe candeliver is2,112 bytes ofdata with 36bytes offixed
overhead. Alinkcontrol frame,bydefinition, hasapayload of0bytes. Onlymunotes.in
Page 88
88dataframes carry apayloa d. The CRC checksum facilitates error detection
for the content of the frame. This checksum verifies data integrity by
checking whether the content of the frames was received corre ctly. The
CRC checksum is calculated by the sender before encoding attheFC-1
layer. Similarly, itiscalculated bythereceiver after decoding atthe FC -1
layer.
5.5.4 Structure and Organization of FC Data
In an FC network, data transport is analogous t o a conversation
between two people, whereby aframe represents aword, asequence
represents asentence, andan exchange represents a conversation.
Exchange operation: Anexchange operation enables twoN_ports to
iden-tifyandmanage asetofinformatio nunits. This unitmaps toa
sequence. Sequences can beboth unidirectional and bidirectional
depending upon thetype ofdata sequence exchanged between the
initiator andthetarget.
Sequence: A sequence refers to a contiguous set of frames that are sent
fromoneporttoanother. Asequence corresponds toaninformation unit,
asdefined by the ULP.
Frame: Aframe isthefundamental unit ofdata transfer atLayer 2.Each
frame can contain up to 2,112 bytes of payload.
5.5.5 Flow Control
Flow control defines thepace oftheflow ofdata frames during
data transmis -sion. FCtechnology uses twoflow-control mechanisms:
buffer -to-buffer credit (BB_Credit) andend-to-endcredit (EE_Credit).
BB_Credit
FCuses theBB_Credit mechanism forhardware -based flow contro l.
BB_Credit controls the maximum number of frames that can be present
over the link at anygiven point intime. Inaswitched fabric, BB_Credit
management may takeplace between any two FC ports. The transmitting
port maintains a count of free receiver buffers and continues tosend
frames ifthecount isgreater than 0.TheBB_Credit mechanism provides
frame acknowledgment through theReceiver Ready (R_RDY) primitive .
EE_Credit
Thefunction ofend-to-endcredit, known asEE_Credit, issimilar to
thatofBB_Credit. When aninitiator andatarget establish themselves asnodes
communicat -ingwith each other, they exchange theEE_Credit parameters
(part ofPortLogin).
TheEE_Credit mechanism affects theflow control forclass 1and
class 2traffic only.munotes.in
Page 89
895.5.6 Classes ofService
The FC standards define different classes of service to meet the
requirements ofawide range ofapplications. Thetable below shows three
classes ofservices andtheir features (Table 6 -1).
Table 5-1:FCClass ofServicesClass 1Class 2Class 3
Communication
typeDedicated
connectionNondedicated
connectionNondedicated
connection
Flow control End-to-end
creditEnd-to-end
credit B-to-B
creditB-to-Bcredit
Frame delivery In order
deliveryOrder not
guaranteedOrder not
guara nteed
Frame
acknowledgementAcknowledged Acknowledged Notacknowledged
Multiplexing No Yes Yes
Bandwidth
utilizationPoor Moderate High
Another class ofservices isclass F,which isintended forusebythe
switches communicating through ISLs. Class F is similar to Class 2, and it
provides notification ofnondelivery offrames. Other defined Classes 4,5,
and6areusedforspecific applications. Currently, these services arenotin
common use.
5.6ZONING
Zoning is an FC switch function that enables nodes within the
fabric to be logically segmented into groups that can communicate with
each other (see Figure 5-18). When a device (host or storage array) logs
onto a fabric, it is registered with thename server. When aportlogs onto
thefabric, itgoesthrough a device discovery process with other devices
registered in the name server. Thezoning function controls thisprocess by
allowing only themembers inthesame zone to establish these link -level
services.
Figure 5-18:Zoningmunotes.in
Page 90
90Multiple zone sets may be defined in a fabric, but only one zone set
can be active at a time. A zone set is a set of zones and a zone is a set of
members. A member may be in multiple zones. Members, zones, and zone
sets form the hierarchy defined in the zoning process (see F igure 5-19).
Members are nodes within theSAN thatcanbeincluded inazone. Zones
comprise asetofmembers thathave access tooneanother. Aportoranode
canbeamember ofmultiple zones. Zone setscomprise agroup ofzones
thatcanbeactivated ordeactivated asasingle entity inafabric. Only one
zone setperfabric canbeactive atatime. Zone sets are also referred to as
zone configuration
Fig:5-19:Members, zones, andzone set
Types ofZoning
Zoning canbecategorized intothree types:
Hard and Soft Zoning
Hard zoning is zoning which is implemented in hardware. Soft
zoning is zoning which is implemented in software.
Hard zoning physically blocks access to a zone from any device
outside of the zone.
Soft zoning uses filtering implement ed in fibre channel switches to
prevent ports from being seen from outside of their assigned zones. The
security vulnerability in soft zoning is that the ports are still accessible if
the user in another zone correctly guesses the fibre channel address.
munotes.in
Page 91
91WWN Zoning
WWN zoning uses name servers in the switches to either allow or
block access to particular World Wide Names (WWNs) in the fabric.
A major advantage of WWN zoning is the ability to recable the
fabric without having to redo the zone information.
WWN zoning is susceptible to unauthorized access, as the zone can be bypassed
if an attacker is able to spoof the World Wide Name of an authorized HBA.
Port Zoning
Port zoning utilizes physical ports to define security zones. A users
access to data is d etermined by what physical port he or she is connected
to.
With port zoning, zone information must be updated every time a
user changes switch ports. In addition, port zoning does not allow zones to
overlap.
Port zoning is normally implemented using hard zoning, but could
also be implemented using soft zoning.
Figure 5-20shows thethree types ofzoning onanFCnetwork.
Figure 5-20:Types ofzoningmunotes.in
Page 92
92Zoning isused inconjunction with LUN masking forcontrolling
server access tostorage. However, these aretwodifferent activities. Zoning
takes place atthefabric level andLUN masking isdone atthearray level.
5.7FIBRE CHANNEL LOGIN TYPES
Fabric services define three login types:
■ Fabric login (FLOGI) isperformed between anN_port andan
F_por t.Tolog on to the fabric, a device sends a FLOGI frame with the
World Wide Node Name (WWNN) andWorld Wide Port Name (WWPN)
parameters to the login service at the well -known FC address FFFFFE. In
turn, the switch accepts the login and returns an Accept ( ACC) frame with
theassigned FC address for the device. Immediately after the FLOGI, the
N_port registers itself with thelocal name server ontheswitch, indicating its
WWNN, WWPN, and assigned FC address.
■ Port login (PLOGI) isperformed between anN_por tand
another N_port toestablish asession. Theinitiator N_port sends aPLOGI
request frame tothetarget N_port, which accepts it.The target N_port
returns anACC to the initiator N_port. Next, the N_ports exchange service
parameters relevant to the se ssion.
Process login (PRLI) isalso performed between anN_port and
another N_port. This login relates totheFC-4ULPs such asSCSI. N_ports
exchange SCSI -3-related service parameters. N_ports share information
about the FC-4t y p e in use, the SCSI init iator, or the target.
5.8FCTOPOLOGIES
Fabric design follows standard topologies toconnect devices. Core-
edge fabric isoneofthepopular topology designs. Variations ofcore-edge
fabric and mesh topologies are most commonly deployed inSAN
implementa tions.
5.8.1 Core -Edge Fabric
Inthecore-edge fabric topology, there aretwotypes ofswitch tiers
inthis fabric. The edge tierusually comprises switches and offers an
inexpensive approach toadding more hosts in a fabric. The tier at the edge
fans out from the tier at the core. Thenodes ontheedge cancommunicate
with each other.
The core tier usually comprises enterprise directors that ensure
high fabric availability. Additionally alltraffic hastoeither traverse
through orterminate atthistier.Inatwo-tierconfiguration, allstorage
devices areconnected tothecore tier, facilitating fan-out. The host-to-
storage traffic hastotraverse oneandtwo ISLs in a two -tier and three -tier
configuration, respectively. Hosts used for mission -critical applications can
be connected directly to the core tier and consequently avoid traveling
through the ISLs to process I/O requests from these hosts.munotes.in
Page 93
93
The core -edge fabric topology increases connectivity within the
SAN while conserving overall portutilizatio n.Ifexpansion isrequired, an
additional edge switch canbeconnected tothecore. This topology canhave
different variations. In asingle -core topology , all hosts are connected to the
edge tier and all storage is connected to the core tier. Figure 5-21depicts
the core and edge switches in asingle -core topology.
Fig. 5 -21 Single Core Topology
Adual-core topology canbeexpanded toinclude more coreswitches.
However, tomaintain thetopology, itisessential thatnewISLs arecreated to
connect eachedge switch tothenew core switch thatisadded. Figure 5-22
illustrates thecoreandedge switches in adual-core topology.
Figure 5-22 Dual Core topology
Edge Tier
FCSwitch FCSwitch FCSwitch
Fig. 5 -22munotes.in
Page 94
94Benefits andLimitations ofCore -Edge Fabric
Thecoreedge fabric provides one-hopstorage access toallstorage in
thesystem. Because traffic travels in a deterministic pattern (from the edge
to the core), a core-edge provides easier calculation ofISLloading andtraffic
patterns. Because each tier’s switch isused foreither storage orhosts, onecan
easily identify which resources are approaching their capacity, making it
easier to develop a set of rules for scaling and apportioning.
Aw e l l -defined, easily reproducible building -block approach makes
rolling outnew fabrics easier. Core-edge fabrics canbescaled tolarger
environments bylinking core switches, adding more core switches, oradding
more edge switches. This method can be used to extend the existing simple
core-edge m odel or to expand thefabric intoacompound orcomplex core-
edge model.
However, thecore-edge fabric may lead tosome performance -
related prob-lems because scaling a core -edge topology involves
increasing the number of ISLs in the fabric. As more edge switches are
added, the domain count in the fabric increases. Acommon bestpractice isto
keep thenumber ofhost-to-storage hops unchanged, at one hop, in a core -
edge. Hop count represents the total number of devices a given piece of
data (packet) passes through. Generally a large hop count means greater
the transmission delay between data traverse from its source to destination.
Asthenumber ofcores increases, itmay beprohibitive tocontinue
tomain -tain ISLs from each core to each edge switch. Wh en this happens,
the fabric design canbechanged toacompound orcomplex core-edge
design.
5.8.2Mesh Topology
In mesh topology each device is connected to every other device on
the network through a dedicated point -to-point link. When we say
dedicated, it means that the link only carries data for the two connected
devices only. Let’s say we have n devices in the network then each device
must be conn ected with (n -1) devices of the network. Number of links in a
mesh topology of n devices would be n(n -1)/2.
Advantages of Mesh topology :
1. No data traffic issues as there is a dedicated link between two devices
which means the link is only available for those two devices.
2. Mesh topology is reliable and robust as failure of one link doesn’t affect
other li nks and the communication between other devices on the network.
3. Mesh topology is secure because there is a point -to-point link thus
unauthorized access isnotpossible.
4. Fault detection is easy.munotes.in
Page 95
95
Figure 5-23:Mesh Topology
In a mesh topology, ea ch switch is directly connected to other
switches by using ISLs. This topology promotes enhanced connectivity
within the SAN. When the number of ports on a network increases, the
number of nodes that can participate and communicate also increases.
Am e s h topology may be one of the two types: full mesh or partial
mesh. In a full mesh, every switch is connected to every other switch in the
topology. Full mesh topology may be appropriate when the number of
switches involved is small. A typical deployment woul d involve up to four
switches or directors, with each of them servicing highly localized host -to-
storage traffic. In a full mesh topology, a maximum of one ISL or hop is
required for host -to-storage traffic.
In a partial mesh topology, several hops or ISL s may be required
for the traffic to reach its destination. Hosts and storage can be located
anywhere in the fabric, and storage can be localized to a director or a
switch in both mesh topologies. A full mesh topology with a symmetric
design results in an even number of switches, whereas a partial mesh has
an asymmetric design and may result in an odd number of switches. Figure
5-24 depicts both a full mesh and a partial mesh topology. munotes.in
Page 96
96
Figure 5-24:-Partial and Full Mesh Topology
5.9 SUMMARY
The SAN h as enabled the consolidation of storage and benefited
organizations by lowering the cost of storage service delivery. SAN
reduces overall operational cost and downtime and enables faster
application deployment. SANs and tools that have emerged for SANs
enable data centers to allocate storage to an application and migrate
workloads between different servers and storage devices dynamically. This
significantly increases server utilization.
SANs simplify the business -continuity process because
organizations ar e able to logically connect different data centers over long
distances and provide cost -effective, disaster recovery services that can be
effectively tested.
The adoption of SANs has increased with the decline of hardware
prices and has enhanced the matur ity of storage network standards. Small
and medium size enterprises and departments that initially resisted shared
storage pools have now begun to adopt SANs.
This chapter detailed the components of a SAN and the FC
technology that forms its backbone. FC meets today’s demands for
reliable, high -performance, and low -cost applications.
The interoperability between FC switches from different vendors
has enhanced significantly compared to early SAN deployments. The
standards published by a dedicated study gro up within T11 on SAN
routing, and the new product offerings from vendors, are now
revolutionizing the way SANs are deployed and operated.munotes.in
Page 97
97Although SANs have eliminated islands of storage, their initial
implementation created islands of SANs in an enterpri se. The emergence
of the iSCSI and FCIP technologies, detailed in Chapter 6, has pushed the
convergence of the SAN with IP technology, providing more benefits to
using storage technologies.
5.10 QUESTIONS:
1.Give an overview of Fibre Channel. hub.
2.What is S AN? How is it implemented?
3.Explain the components of SAN.
4.What are the different types of connectors? Explain each.
5.Compare FC switch and FC Hub.
6.State and explain the different FC connectivity options.
7.Discuss the FC -SW data transmission.
8.What are the dif ferent fibre channel ports? Explain.
9.Explain the fibre channel protocol stack.
10.Discuss the fibre channel addressing.
11.With the help of a diagram, explain the FC frame.
12.Explain the flow control in FC technology.
13.What are the different classes of FC service? Explain each.
14.What is Zoning? What are its different types? Explain.
15.What are the different login types defined by fabric services? Explain
each.
16.State and explain the different FC topologies to connect devices.
5.11REFERENCES
1.Data Center Virtualization Fundamental s,Gustavo Alessandr o
Andrade Santan a,Cisco Press1stEdition 2014.
munotes.in
Page 98
986
IPSAN
Unit Structure
6.1ISCSI Protocol
6.2Native and Bridged ISCSI
6.3FCIP Protocol
6.4 Summery
6.5 Questions
6.6References
6.1 ISCSI PROTOCOL
Traditional SAN environments allow block I/Oover Fibre Channel,
whereas NAS environments allow file I/O over IP -based networks.
Organizations need theperformance andscalability ofSAN plus theease
ofuseandlower TCO ofNAS solutions. Theemergence of IPtechnology
thatsupports block I/Oover IPhaspositioned IPforstorage solutions.
IPoffers easier managemen tand better interoperability. When
block I/Ois run over IP, the existing network infrastructure can be
leveraged, which is more economical than investing in new SAN hardware
and software. Many long-distance, disaster recovery (DR) solutions are
already leveraging IP-based networks. Inaddition, many robust andmature
security options arenow avail -able forIPnetworks. With theadvent of
block storage technology thatleverages IPnetworks (the result isoften
referred toasIPSAN), organizations canextendthegeographical reach of
their storage infrastructure.
IP SAN technologies can be used in a variety of situations. Figure
6-1 illustrates the co -existence of FC and IP storage technologies in an
organization where mission -critical applications are se rviced through FC,
and business -critical applications andremote office applications make use
ofIPSAN. Disaster recovery solutions can also be implemented using
both of these technologies.
Two primary protocols thatleverage IPasthetransport mechani sm
areiSCSI andFibre Channel over IP (FCIP).munotes.in
Page 99
99
Figure 6-1:Co-existance ofFCandIPstorage technologies
iSCSI is the host -based encapsulation of SCSI I/O over IP using an
Ethernet NIC card oraniSCSI HBA inthehost. Asillustrated inFigure 6-2
(a),IPtraffic is routed over a network either to a gateway device that
extracts the SCSI I/O from theIPpackets ortoaniSCSI storage array. The
gateway canthen send theSCSI I/OtoanFC-based external storage array,
whereas aniSCSI storage array can ha ndle the extraction and I/O natively.
FCIP usesapairofbridges (FCIP gateways) communicating over TCP/IP as
thetransport protocol. FCIP isused toextend FCnetworks over distances
and/or anexisting IP-based infrastructure, asillustrated inFigure 6-2(b).
Today, iSCSI is widely adopted for connecting servers to storage because
itis relatively inexpensive and easy to implement, especially in
environments where anFCSAN does notexist. FCIP isextensively used in
disaster -recovery implementations, where dataisduplicated ondiskortape
toanalternate site. This chapter describes iSCSI and FCIP protocols,
components and topologies in detail.
munotes.in
Page 100
100
(b) FCIP Implementation
Figure 6-2:iSCSI andFCIP implementation
ISCSI
iSCSI is an IP -based protoc ol that establishes and manages
connections between storage, hosts, andbridging devices over IP.iSCSI
carries block -level data over IP -based networks, including Ethernet
networks and the Internet. iSCSI isbuilt ontheSCSI protocol by
encapsulating SCSI commands anddatainorder toallow these encapsulated
commands anddatablocks tobetransported using TCP/IP packets.
6.1.1Components ofiSCSI
Host (initiators), targets, and an IP -based network are the principal
iSCSI components. The simplest iSCSI impleme ntation does not require
any FC components. IfaniSCSI -capable storage array isdeployed, a
host itself canactasaniSCSI initiator, anddirectly communicate with
thestorage over anIP network. However, in complex implementations
that use an existing F Carray foriSCSI connectivity, iSCSI gateways or
routers areused toconnect theexisting FC SAN. These devices perform
protocol translation from IP packets to FC packets and vice -versa, thereby
bridging connectivity between the IP andFCenvironments.
6.1.2iSCSI Host Connectivity
iSCSI host connectivity requires a hardware component, such as a
NIC with a software component (iSCSI initiator) oraniSCSI HBA. Inorder
tousetheiSCSI protocol, asoftware initiator oratranslator must be
installed toroute theSCSI commands to the TCP/IP stack.
Astandard NIC, aTCP/IP offload engine (TOE) NIC card, andan
iSCSI HBA arethe three physical iSCSI connectivity options.
Astandard NIC isthesimplest andleast expensive connectivity
option. Itiseasy to implemen t because most servers come with at least
one, and in many cases two, embedded NICs. Itrequires only asoftware
initiator foriSCSI functionality. However, theNIC provides noexternal
processing power, which places additional overhead on the host CPU
because it is required to perform all the TCP/IP and iSCSI processing.
If a standard NIC is used in heavy I/O load situations, the host
CPU may become abottleneck. TOE NIC help alleviate thisburden. Amunotes.in
Page 101
101TOE NIC offloads theTCP management functions from thehostandleaves
iSCSI functionality tothehost processor. The host passes theiSCSI
information totheTOE card andtheTOE card sends theinformation tothe
destination using TCP/IP. Although thissolution improves performance,
theiSCSI functionality isstillhandled byasoftware initiator, requiring
host CPU cycles.
AniSCSI HBA iscapable ofproviding performance benefits, asit
offloads theentire iSCSI andTCP/IP protocol stack from thehostprocessor.
UseofaniSCSI HBA isalsothesimplest wayforimplementing aboot from
SAN environment viaiSCSI. Ifthere isnoiSCSI HBA, modifications have
tobemade tothebasic operating system toboot ahost from thestorage
devices because theNICneeds toobtain anIPaddress before theoperating
system loads. The functionality ofaniSCSI HBA isvery similar tothe
functionality ofanFCHBA, butitisthemost expensive option.
Af a u l t -tolerant host connectivity solution can be implemented
using host -based multipathing software (e.g., EMC Power Path)
regardless of the type of physical connectivity. Multiple NICs canalsobe
combined vialink aggregation technologies toprovide failover orload
balancing. Complex solutions may alsoinclude theuseofvendor -specific
storage -array software thatenables theiSCSI host toconnect tomultiple
ports onthearray with multiple NICs orHBAs.
6.1.3Topologies for iSCSI Connectivity
The topologies used to implement iSCSI can be categorized into two
classes:
1.Native
2.Bridged
Native topologies do not have any FC components ; they per -form all
communication over IP. The initiators may be either directly attached
to targets or connected using standard IP routers and switches.
Bridged topologies enable the co -existence of FC with IP by providing
iSCSI -to-FC bridging functionali ty. For example, the initiators can
exist in an IP environment while the storage remains in an FC SAN.
6.2 NATIVE ISCSI CONNECTIVITY:
1.If an iSCSI -enabled array is deployed, FC components are not needed
for iSCSI connectivity in the native topology. In the example shown in
Figure(a), the array has one or more Ethernet NICs that are connected
to a standard Ethernet switch and configured with an IP address and
listening port.
2.Once a client/ initiator is configured with the appropriate target
information, it co nnects to the array and requests a list of available
LUNs. A single array port can service multiple hosts or initiators as
long as the array can handle the amount of storage traffic that the hosts
generate. the array and requests a list of available LUNs. As i n g l e
array port can service multiple hosts or initiators as long as the array
can handle the amount of storage traffic that the hosts generate.munotes.in
Page 102
102
1.Bridged iSCSI Connectivity:
A bridged iSCSI implementation includes FC components in its
configuration. Following figure (b) illustrates an existing FC storage
array used to service hosts connected through iSCSI.
1.The array does not have any native iSCSI capabilities —that is, it does
not have any Ethernet ports. Therefore, an external device, called a
bridge, router, gateway, or a multi -protocol router, must be used to
bridge the communication from the IP network to the FC SAN.
2.In this configuration, the bridge device has Ethernet ports connected to
the IP network, and FC ports connected to the storage. The se ports are
assigned IP addresses, similar to the ports on an iSCSI -enabled array.
3.The iSCSI initiator/host is configured with the bridge’s IP address as
its target destination. The bridge is also configured with an FC initiator
or multiple initiators.
2.iSCSI Protocol Stack
Thearchitecture ofiSCSI isbased ontheclient/server model. Figure
6-4displays amodel oftheiSCSI protocol layers and depicts the
encapsulation order ofSCSI commands fortheir delivery through a
physical carrier.munotes.in
Page 103
103
Figure 6-4:iSCSI protocol stack
SCSI isthecommand protocol thatworks attheapplication layer of
theOSI model. The initiators and targets use SCSI commands and
responses totalktoeach other. The SCSI command descriptor blocks, data,
and status messages areencapsulated into TCP/IP and transmitted across
the network between initiators and targets.
iSCSI is the session -layer protocol that initiates a reliable session
between a device that recognizes SCSI commands and TCP/IP. The iSCSI
session -layer interface isresponsible forhandling login, authentication,
target discovery, andsession management. TCP is used with iSCSI at the
transport layer to provide reliable service.
TCP isused tocontrol message flow, windowing, error recovery, and
retrans -mission. I t relies upon the network layer of the OSI model to
provide global addressing andconnectivity. The layer -2protocols atthe
data linklayer ofthismodel enable node -to-node communication for each
hop through a separate physical network.
Communication between aniSCSI initiator andtarget isdetailed next.
3.iSCSI Discovery
Aninitiator must discover thelocation ofthetarget onanetwork, and
thenames ofthetargets available toitbefore itcanestablish asession. This
discovery cantake place intwoways: Send Targets discovery andinternet
Storage Name Service (iSNS) .
In Send Targets discovery, the initiator is manually configured
with the tar -get’s network portal, which it uses to establish a discovery
session with the iSCSI service on the targ et. The initiator issues the Send
Targets command, and the target responds with the names and addresses
of the targets available tothe host.munotes.in
Page 104
104iSNS (see Figure 8-5)enables theautomatic discovery ofiSCSI
devices onanIPnetwork. Theinitiators andtargetscanbeconfigured to
automatically register themselves with theiSNS server. Whenever aninitiator
wants toknow thetargets thatitcanaccess, itcanquery theiSNS server for
alistofavailable targets .
Figure 6-5:Discovery using iSNS
Discov ery can also take place byusing Service Location
Protocol (SLP). However, thisislesscommonly used than SendTargets
discovery and iSNS .
4.iSCSI Names
Aunique worldwide iSCSI identifier, known asaniSCSI name ,isused
toname theinitiators andtarge tswithin aniSCSI network tofacilitate
communication. Theunique identifier canbeacombination ofdepartment,
application, manufacturer name, serial number, asset number, oranytagthat
canbeused torecognize andmanage astorage resource. There aretwo
types ofiSCSI names:
■iSCSI Qualified Name (IQN): An organization must own a
registered domain name in order to generate iSCSI Qualified Names. This
domain name does nothave tobeactive orresolve toanaddress. Itjust
needs tobe reserved to preve nt other organizations from using the same
domain name to generate iSCSI names. A date is included in the name to
avoid potential conflicts caused bytransfer ofdomain names; the
organization is required to have owned the domain name on that date. An
exam pleof an IQN is iqn.2008 -02.com.example:optional_string
Theoptional_string provides aserial number, anasset number, oranyofthe
storage device identifiers.
■Extended Unique Identifier (EUI): An EUI is a globally unique
iden-tifier based ontheIEEE EUI-64naming standard. AnEUI
comprises the eui prefix followed by a 16 -character hexadecimal name,
such as eui.0300732A32598D26.
The16-character partofthename includes 24bitsforthecompany
name assigned by IEEE and 40 bits for a unique ID, such as as e r i a l
number. This allows for a more streamlined, although less user -friendly,munotes.in
Page 105
105name string because the resulting iSCSI name is simply eui followed by
thehexadecimal WWN.
In either format, the allowed special characters are dots, dashes,
and blank space s. The iSCSI Qualified Name enables storage
administrators to assign meaningful names to storage devices, and
therefore manage those devices more easily.
Network Address Authority (NAA) isanadditional iSCSI node
name type toenable worldwide naming form at as defined by the
InterNational Committee forInformation Technology Standards (INCITS)
T11 -Fibre Channel (FC) pro-tocols andused bySerial Attached SCSI
(SAS). This format enables SCSI storage devices containing both iSCSI
ports andSAS ports tousethesame NAA -based SCSI device name. This
format isdefined byRFC3980, “T11 Network Address Authority (NAA)
Naming Format foriSCSI Node Names.”
5.iSCSI Session
An iSCSI session is established between an initiator and a target. A
session ID (SSID), wh ich includes an initiator ID (ISID) and a target ID
(TSID), identifies asession. The session can be intended forone of the
following:
■Discovery ofavailable targets totheinitiator andthelocation ofa
specific target on a network
■Normal operation ofiSCSI (transferring data between initiators and
targets)
TCP connections may beadded andremoved within asession.
Each iSCSI connection within the session has a unique connection ID
(CID).
6.iSCSI PDU
iSCSI initiators and targets communicate using iSCS IP r o t o c o l
Data Units (PDUs). All iSCSI PDUs contain one or more header segments
followed by zero or more data segments. The PDU is then encapsulated
into an IP packet tofacilitate the transport.
APDU includes thecomponents shown inFigure 6-6.TheIPheader
provides packet -routing information thatisused tomove thepacket across a
network. TheTCP header contains theinformation needed toguarantee the
packet’s delivery to the target. The iSCSI header describes how to extract
SCSI commands and data f or the target. iSCSI adds an optional CRC,
known as the digest ,b e y o n d theTCP checksum andEthernet CRC to
ensure datagram integrity. Theheader and the data digests are optionally
used in the PDU to validate integrity, data placement, and correct
operati on.munotes.in
Page 106
106
Figure 6-6:iSCSI PDU encapsulated inanIPpacket
Asshown inFigure 6-7,each iSCSI PDU does notcorrespond ina1:1
relationship with anIPpacket. Depending onitssize, aniSCSI PDU canspan
anIPpacket oreven coexist with another PDU inthesame packet. Therefore,
each IPpacket andEthernet frame canbeused more efficiently because fewer
packets andframes arerequired totransmit theSCSI information.
Figure 6-7:Alignment ofiSCSI PDUs with IPpackets
7.Ordering andNumbering
iSCS I communication between initiators and targets is based on
the request -response command sequences. A command sequence may
generate multiple PDUs. Acommand sequence number (CmdSN) within
aniSCSI session isused tonumber allinitiator -to-target command PDUs
belonging tothesession. This num-berisused toensure thatevery command
isdelivered inthesame order inwhich itistransmitted, regardless ofthe
TCP connection thatcarries thecommand inthesession.
Command sequencing begins with thefirstlogin command andthe
CmdSN isincremented byoneforeach subsequent command. TheiSCSI
target layer isresponsible fordelivering thecommands totheSCSI layer in
theorder oftheir CmdSN. This ensures thecorrect order ofdata and
commands atatarget even when there are multiple TCP connections
between an initiator and the target using portal groups.
Similar tocommand numbering, astatus sequence number (StatSN)
isused tosequentially number status responses, as shown in Figure 6-8.munotes.in
Page 107
107These unique numbersareestablished at the level of the TCP connection.
Figure 6-8:Command andstatus sequence number
A target sends the request -to-transfer (R2T) PDUs to the initiator
when it is ready toaccept data. Data sequence number (DataSN) isused to
ensure in-order delivery of data within the same command. The DataSN
and R2T sequence numbers are used to sequence data PDUs and R2Ts,
respectively. Each of these sequence numbers isstored locally asan
unsigned 32-bitinteger counter defined byiSCSI. These numbers are
communicated between theinitiator andtarget in the appropriate iSCSI
PDU fields during command, status, and data exchanges.
Inthecase ofread operations, theDataSN begins atzero andis
incremented byone foreach subsequent data PDU inthat command
sequence. Inthecaseofawrite operation, thefirstunsolicited dataPDU orthe
first data PDU inresponse toanR2T begins with aDataSN ofzero and
increments byoneforeach subsequent dataPDU. R2TSN issettozeroatthe
initiation ofthecommand andincremented byoneforeach subsequent R2T
sentbythetarget forthatcommand.
8.iSCSI Error Handling andSecurity
TheiSCSI protocol addresses errors inIPdata delivery. Command
sequencing isused forflow control ,themissing commands, andresponses,
anddata blocks aredetected using sequence numbers. Useoftheoptional
digest improves com-munication integrity inaddition toTCP checksum
andEthernet CRC.
The error detection and recovery in iSCSI can be classi fied into
three levels: Level 0 = Session Recovery, Level 1 = Digest Failure
Recovery and Level 2 = Connection Recovery. Theerror -recovery level is
negotiated during login.
■Level 0: If an iSCSI session is damaged, all TCP connections need to
beclosed and alltasks andunfulfilled SCSI commands should be
completed. Then, the session should be restarted via the repeated login.
■Level 1:Each node should beable toselectively recover alostor
damaged PDU within asession forrecovery ofdatatransfer. Atthislevel,
CmdSN1 CmdSN2
StatSN1 StatSN1 StatSN2
PDU#1 PDU#1 PDU#1
PDU#2 PDU#2
PDU#3 PDU#3
PDU#4
munotes.in
Page 108
108identifica -tionofanerror anddata recovery attheSCSI task level is
performed, andan attempt to repeat the transfer of a lost or damaged
PDU is made.
■Level 2:New TCP connections areopened toreplace afailed
connection. The new connection picks up where the old one failed.
iSCSI may be exposed to the security vulnerabilities of an unprotected
IPnetwork. Some ofthesecurity methods thatcanbeused areIPSec
andauthentication solutions such as Kerberos and CHAP (challenge -
handshake aut hentication protocol).
6.3FCIP
Organizations arenow looking fornew ways totransport data
throughout theenterprise, locally over theSAN aswell asover longer
distances, toensure thatdata reaches alltheusers who need it.One ofthe
best ways toachieve thisgoalistointerconnect geographically dispersed
SANs through reliable, high-speed links. This approach involves
transporting FC block data over the existing IP infrastructure used
throughout the enterprise.
The FCIP standard has rapidly gain ed acceptance as a manageable,
cost-effective way to blend the best of two worlds: FC block -data storage
and the proven, widely deployed IP infrastructure. FCIP is a tunneling
protocol that enables distributed FC SAN islands to be transparently
interconne cted over existing IP -based local, metropolitan, and wide -area
networks. As a result, organizations now have a better way to protect,
store, and move their data while leveraging investments inexisting
technology.
FCIP usesTCP/IP asitsunderlying protoc ol.InFCIP, theFCframes
areencap sulated onto theIPpayload, asshown inFigure 6-9.FCIP does
notmanipulate FCframes (translating FC IDs for transmission).
When SAN islands areconnected using FCIP, each interconnection
iscalled anFCIP link.Asuccessful FCIP linkbetween twoSAN islands
results inafullymerged FC fabric.
Figure 6-9:FCIP encapsulationmunotes.in
Page 109
1091.FCIP Topology
AnFCIP environment functions asifitisasingle cohesive SAN
environment. Before geographically dispersed SANs are merged, a fully
functional layer 2 network exists on the SANs. This layer 2 network is a
standard SAN fabric. These physically independent fabrics are merged
into a single fabric with an IP link between them.
AnFCIP gateway router isconnected toeach fabric viaastandard FC
connec tion (see Figure 6-10). Thefabric treats these routers likelayer 2
fabric switches. Theother portontherouter isconnected toanIPnetwork
andanIPaddress isassigned to that port. This is similar to the method of
assigning an IP address to an iSCSI port on a gateway. Once IP
connectivity is established, the two independent fabrics are merged into a
single fabric. When merging the two fabrics, all the switches and routers
must have unique domain IDs, and the fabrics must contai n unique zone
set names. Failure to ensure these requirements will result in a segmented
fabric. The FC addresses on each side of the link are exposed to the other
side, and zoning or masking can be done to any entity in the new
environment.
2.FCIP Performance andSecurity
Performance, reliability, andsecurity should always betaken into
consideration when implementing storage solutions. Theimplementation of
FCIP isalsosubject tothesame consideration.
From theperspective ofperformance, multipl epaths tomultiple
FCIP gate-ways from different switches in the layer 2 fabric eliminates
single points of failure and provides increased bandwidth. In a scenario of
extended distance, the IP network may be a bottleneck if sufficient
bandwidth is not av ailable. In addition, because FCIP creates a unified
fabric, disruption in the underlying IP network can cause instabilities in
the SAN environment. These include a segmented fabric, excessive
RSCNs, andhosttimeouts.munotes.in
Page 110
110The vendors ofFCswitches have recog nized some ofthe
drawbacks related toFCIP and have implemented features toprovide
additional stability, such asthecapability tosegregate FCIP traffic intoa
separate virtual fabric.
Security isalsoaconsideration inanFCIP solution because thedata
istrans mitted over public IPchannels. Various security options areavailable
toprotect thedatabased ontherouter’s support. IPSec isonesuch security
measure thatcanbe implemented in the FCIP environment.
6.4SUMMARY
iSCSI hasenabled ITorganizations togain thebenefits ofstorage
networking architecture at reasonable costs. Storage networks can now be
geographically distributed with thehelpofhybrid IPSAN technology, which
enhances storage utilization across enterprises. FCIP hasemerge dasa
solution forimplementing viable business continuity across enterprises.
Because IP SANs are based on standard Ethernet protocols, the
concepts, security mechanisms, and management tools are familiar to
administrators. This has enabled therapid adoption ofIPSAN in
organizations. Theblock -level I/Orequirements ofcertain applications that
cannot bemade with NAS canbetargeted forimplementation with iSCSI.
This chapter detailed thetwoIPSAN technologies, iSCSI andFCIP.
The next chapter focuses onCAS, another important storage networking
technology thataddresses theonline storage andretrieval ofcontent and
long-term archives.
6.5QUESTIONS :
1.How do FC and IP storage technologies coexist? Explain.
2.What is iSCSI? What are its components?
3.Explain the iSCSI host connectivity.
4.State and explain the topologies for iSCSI connectivity.
5.Explain the iSCSI protocol stack.
6.How does discovery take place in iSCSI?
7.State and explain the two types of iSCSI names.
8.With the help of a diagram, explain the iSCSI PDU encapsulated in an
IP packet.
9.Explain the ordering and numbering in iSCSI.
10.How are errors and security handled in iSCSI? Explain.
11.What is FCIP? Explain.
12.Explain the FCIP topology.
13.Discuss the FCIP performance and security.
6.6REFERENCES
1.Data Center Virtualization Fundamental s,Gustavo Alessandr o
Andrade Santan a,Cisco Press1stEdition 2014.
munotes.in
Page 111
1117
NETWORK -ATTACHED STORAGE
Unit Structure
7.0Objectives
7.1 Introduction
7.2 General -Purpose Servers versus NAS Devices
7.3 Advantages/Benefits of NAS
7.4 File Systems and Network File Sharing
7.4.1 Accessing a File System
7.4.2 Network File Sharing
7.5 Components of NAS
7.6 NAS I/O Operation
7.7 NAS Implementations
7.7.1 Unified NAS
7.7.2 Gateway NAS
7.7.3 Scale -Out NAS
7.8 NAS File -Sharing Protocols
7.8.1 NFS
7.8.2 CIFS
7.9 Factors Affecting NAS Performance
7.10 File -Level Virtualization
7.11 Object -Based and Unified Storage
7.12 Object -Based Storage Devices
7.12.1 Object -Based Storage Architecture
7.12.2 Components of O SD
7.12.3 Object Storage and Retrieval in OSD
7.12.4 Benefits of Object -Based Storage
7.12.5 Common Use Cases for Object -Based Storage
7.13 Content -Addressed Storage
7.14 CAS Use Cases
7.14.1 Healthcare Solution: Storing Patient Studies
7.14.2 Finance Solution: Storing Financial Records
7.15 Unified Storage
7.15.1 Components of Unified Storage
7.16 Summary
7.17 Review Questions
7.18 Referencesmunotes.in
Page 112
1127.0 OBJECTIVE
In this chapter we will study Network -based file sharing which
support flexibili ty to share files over long distances among a large number
of users. A NAS device provides file -serving functions such as storing,
retrieving, and accessing files for applications and clients. We will see
benefits of NAS in detail. There are different ways to access and process a
file in networking. We will study two main components of NAS (NAS
head and storage).
NAS I/O operation and NAS implementation is covered in this
chapter. Most NAS devices support multiple file -service protocols to
handle file I/O requests to a remote file system. As we know that NFS and
CIFS are the common protocols for file sharing. We will also cover facts
that affect NAS Performance. Tremendous growth of unstructured data
has posed new challenges to IT administrators and storage
managers.These challenges demand a smarter approach to manage
unstructured data based on its content rather than metadata about its name,
location, and so on. Object -based storage is a way to store file data in the
form of objects based on its content and other attributes rather than the
name and location.This chapter details object -based storage, its
components, and operation. It also details content addressed storage
(CAS), a spec ial type of OSD. Further, this chapter covers the components
and data access method in unified storage.
7.1 INTRODUCTION
File sharing means providing common file access to more than one
user.One method for file shar ing iscopying files to portable media such as
CD, DVD, or USB drives and providingthem to all users who want to
access it. But this method is not suitable when common file to be shared
among large number of users at different locations .This problem can be
solved by Network -based file sharing which provides the flexibility to
share files over long distances among a large number of users. Client -
Server technology is used for file sharing over a network. File servers are
used to store files to be shared among users.
These servers are either connected to direct -attached storage
(DAS) orstorage area network (SAN) -attached storage. But a SAN is a
poor choice if an organization lacks the financial resources to purchase,
deploy and maintain it. And if there is a lo t of traffic in the storage area
network, then operations will be extremely slow. NAS devices are rapidly
becoming popular with enterprise and small businesses in many industries
as an effective, scalable, low -cost storage solution.
An NAS device is a sto rage device connected to a network that
allows storage and retrieval of data from a central location for authorized
network users and varied clients. NAS devices are flexible and scale out,munotes.in
Page 113
113meaning that as you need additional storage, you can add to what y ou
have. NAS is like having a private cloud in the office. It’s faster, less
expensive and provides all the benefits of a public cloud on site, giving
you complete control.
7.2 GENERAL -PURPOSE SERVERS VERSUS NAS
DEVICES
A NAS device provides file -serving functions such as
storing,retrieving, and accessing files for applications and clients. A
general -purpose server can be used to host any application because it runs
ag e n e r a l -purpose operating system. Unlike a general -purpose server, a
NAS device is dedic ated to file -serving. It has specialized operating
system dedicated to file serving by using industry -standard protocols, as
shown in Figure 7 -1.
Figure 7 -1General -Purpose Servers versus NAS Devices
7.3 ADVANTAGES/BENEFITS OF NAS
NAS has the following benefits:
Comprehensive access to information: NAS enables efficient file
sharing and supports many -to-one and one -to-many configurations.
The many -to-one configuration enables a NAS device to serve
many clients simultaneously. The one -to-many configuration
enables one client to connect with many NAS d evices
simultaneously.
Improved efficiency: NAS delivers better performance compared
to a general -purpose file server because NAS uses an operating
system specialized for file serving.munotes.in
Page 114
114Improved flexibility: NAS is compatible with clients on both
UNIX and W indows platforms.
Centralized storage: NASminimizes data duplication on client
workstations by centralizing data storage. It also provides better
data protection.
Simplified management: To manage file systems efficiently NAS
Provides a centralized console .
Scalability: Because of the high -performance and low -latency, the
devices of NAS are scalable and can be easily accessed remotely.
High availability: NAS o ffers efficient replication and recovery
options, enabling high data availability. A NAS device supp orts
clustering technology for failover.
Security: NAS e nsures security, user authentication, and file
locking with industry -standard security schemas.
Low cost: NAS uses commonly available and inexpensive
Ethernet components.
Ease of deployment: Configuration at the client is minimal,
because the clients have required NAS connection software built
in.
7.4 FILE SYSTEMS AND NETWORK FILE SHARING
Afile system is a process that manages how and where data on a
storage disk is stored, accessed and managed. Many file systems maintain a
file access table to simplify the process of searching and accessing files.
7.4.1 Accessing a File System
Before using a file system, it must be mounted. Dur ing the boot
process, the operating system mounts a local file system. The mount
process creates a link between the file system on the NAS and the
operating system on the client. The operating system organizes files and
directories in a tree -like structure and grants the privilege to the user to
access this structure. The tree is rooted at a mount point.The mount point
is named using operating system conventions. Users and applications can
access the entire tree from the root to the leaf nodes as file syste m
permissions allow. Files are located at leaf nodes, and directories and
subdirectories are located at intermediate roots. The file system is
uncounted when access to the file system terminated. Figure 7 -2s h o w s
general directory structure.munotes.in
Page 115
115
Figure 7 -2: General Directory Structure
7.4.2 Network File Sharing
Network file sharing refers to storing and retrieving files over a
network. In afile -sharing environment, the creator or owner ofa file
determines the type of access like read, write, execute, append, etc. to be
given to other users. When multiple users tr y to access a shared file
simultaneously a locking scheme is provided to maintain data integrity
and, at the same time, make this sharing possible.
Some examples of file -sharing methods are file transfer protocol
(FTP),Distributed File System (DFS) and the peer -to-peer (P2P) model.
FTP is a client -server protocol for transmitting file over a network.
AnFTP server and an FTP client communicate with each other using
TCP/IP protocol connections .It's also one of the oldest protocols in use
today and is a co nvenient way to move files around. FTP is not a secure
method ofdata transfer because it uses unencrypted data transfer over a
network. Secure Shell (SSH) adds security to the original FTP
specification, which is referred to as Secure FTP (SFTP).
ADistribu ted File System (DFS) is a file system that
isdistributed on multiple fileservers or multiple locations. It allows
programs to access or store isolated files as they do with the local ones,
allowing programmers to access files from any network or compute r.
Standard client -server file sharing protocols enable the owner of a file to
set the required type of access, such as read -only or read -write, for a
particular user or group of users. Using this protocol, the clients mount
remote file systems that are av ailable on dedicated file servers.
Apeer-to-peer (P2P) file sharing model uses a peer -to-peer
network.P2P enables client machines to directly share files with each other
over a network. Clients use a file sharing software that searches for othermunotes.in
Page 116
116peer clie nts.This differs from the client -server model that uses file servers
to store files for sharing.
7.5 COMPONENTS OF NAS
A NAS device has 2 main components:
NAS head -The NAS head contains below components:
oCPU and memory
oOne or more network interface cards (NICs), which provide
connectivity to the client network.
oAn optimized operating system for managing the NAS
functionality.
oNFS, CIFS, and other protocols for file sharing.
oIndustry -standard storage protocols and ports to connect and
manage physical disk resources.
Storage -Storage contains files to be shared. The storage could be
external to the NAS device and shared with other hosts.
Figure 7 -3 NAS Components
7.6 NAS I/O OPERATION
When a client request for file, NAS provides file -level data access to
its clients. File I/O is a high -level request that specifies the file to be
accessed. For example, a client may request a file by specifying its name,
location, or other attributes. The NAS operating system keeps track of the
location of files on the disk volume and co nverts client fileI/O into block -
level I/O to retrieve data. The process of handling I/Os in a
NASenvironment is as follows:munotes.in
Page 117
1171.The client packages an I/O request into TCP/IP and forwards it
through the network stack. The NAS device receives this request
from the network.
2.The NAS device converts the I/O request into an appropriate
physical storage request, which is a block -level I/ O, and then
performs the operation on the physical storage.
3.When the NAS device receives data from the storage, it processes
and repackages the data into an appropriate file protocol response.
4.The NAS device packages this response into TCP/IP again and
forwards it to the client through the network.
Figure 7 -4NAS I/O Operation
7.7 NAS IMPLEMENTATIONS
There are three ways of NAS implementations:
1.Unified NAS
2.Gateway NAS
3.scale -out NAS
7.7.1 Unified NAS
Theunified NAS is a combination of NAS and SAN approaches.
Theunified NAS combines NAS -based and SAN -based data access with
common storage platform and provides a common interface for managing
both the environmen ts. Unified NAS performs file serving and storing of
file data, along with providing access to block -level data. It supports both
CIFS and NFS protocols for file access and iSCSI and FC protocols for
block level access. Due to consolidation of NAS -based an dS A N -based
access on a single storage platform, unified NASreduces an organization’s
infrastructure and management costs.
A unified NAS contains one or more NAS heads and storage in a
single system. NAS heads are connected to the storage controllers (SCs) ,
which provide access to the storage. These storage controllers also provide
connectivity to iSCSI and FC hosts. The storage may consist of different
drive types, such as SAS, ATA ,FC, and flash drives, to meet different
workload requirements.munotes.in
Page 118
118Unified NAS Connectivity
Each NAS head in a unified NAS has front -end Ethernet ports,
which connect to the IP network. The front -end ports provide connectivity
to the clients and service the file I/O requests. Each NAS head has back -
end ports, to provide connectivity to the storage controllers. iSCSI and FC
ports on a storage controller enable hosts to access the storage directly or
through a storage network at the block level. Figure 7 -5 illustrates an
example of unified NAS connectivity.
Figure 7 -5 Unified NAS Connectivity
7.7.2 Gateway NAS
In agateway implementation, the NAS device has external storage,
and there is separate managing interface for the NAS device and storage.
A gateway NAS device consists of one or more NAS heads and uses
external and independently managed storage. Similar to unified NAS, the
storage is shared with other applications that use block -level I/O.
Management functions in this type of solution are more complex than
those in a unified NASenvironment because there are separate
administrative tasks for the NAShead and the storage. A gateway solution
can use the FC infrastructure, suchas switches and directors for accessing
SAN -attached storage arrays or direct attached storage arrays.
The gateway NAS is more scalable compared to unified NAS
because NASheads and storage arrays can be independently scaled up
when required. For example, NAS heads can be added to scale up the
NAS device performance. When the storage limit is reached, it can scale
up, adding capacity on the SAN, independent of NAS heads. Similar to amunotes.in
Page 119
119unified NAS, a gateway NAS also enables high utilization of storage
capacity by sharing it with the SAN environme nt.
Gateway NAS Connectivity
In a gateway solution, the front -end connectivity is similar to that
in a unified storage solution. Communication between the NAS gateway
and the storage system is achieved through a traditional FC SAN. To
deploy gateway NAS solution, some factors must be considered, like
multiple paths for data, redundant fabrics, and load distribution. Figure 7 -6
illustrates an example of gateway NAS connectivity.
Figure 7 -6 Gateway NAS Connectivity
Implementation of both unified and gateway solutions requires
analysis of the SAN environment. This analysis is required to determine
the feasibility of combining the NAS workload with the SAN workload.
Analyze the SAN to determine whether the workload is primarily read or
write, and if it is random or sequential. Also determine the predominant
I/O size in use. Typically, NAS workloads are random with small I/O
sizes. I ntroducing sequential workload with random workloads can be
disruptive to the sequential workload. Therefore, it is recommended to
separate the NAS and SANdisks. Also, determine whether the NAS
workload performs adequately with the configured cache in the storage
system.
7.7.3 Scale -Out NAS
The scale -outNAS implementation combines multiple nodes to
form a cluster NAS system. A node may consist of either the NAS head or
storage or both. Scale -out NAS enables grouping multiple nodes together
to constructa clustered NAS system. A scale -out NAS provides the
capability to scale its resources by simply adding nodes to a clustered
NAS architecture. The cluster works as a single NAS device and is
managed centrally. Nodescan be added to the cluster, when more
performance or more capacity is needed, without causing any downtime.
Scale -out NAS provides the flexibility to use many nodes of moderate
performance and availability characteristics to produce a total system thatmunotes.in
Page 120
120has better aggregate p erformance and availability. It also provides ease of
use, low cost, and theoretically unlimited scalability.
Scale -out NAS creates a single file system that runs on all nodes in
the cluster. All information is shared among nodes, so the entire file
syste m is accessible by clients connecting to any node in the cluster. As
data is sent from clients to the cluster, the data is divided and allocated to
different nodes in parallel. When a client sends a request to read a file, the
scale -out NAS retrieves the a ppropriate blocks from multiple nodes,
recombines the blocks into a file, and presents the file to the client. As
nodes are added, the file system grows dynamically and data is evenly
distributed to every node. Each node added to the cluster increases the
aggregate storage, memory, CPU, and network capacity. Hence, cluster
performance also increases.
Scale -out NAS supports heavy concurrent ingest workloads —
blending capacity, performance, and simplicity to provision storage. By
scaling within a single clust er, memory and network resources are
optimized across operations. In a scale -out architecture, new hardware can
be easily added and configured to support changing business requirements.
Scale -Out NAS Connectivity
Scale -out NAS clus ters use separate internal and external networks
for back -endand front -end connectivity, respectively. An internal network
provides connections for intracluster communication, and an external
network connection enables clients to access and share file data .E a c h
node in the cluster connects to the internal network.
Figure 7 -7Scale -Out NAS Connectivity
The internal network offers high throughput and low latency and
uses high -speed networking technology, such as InfiniBand or Gigabit
Ethernet. To enable clients to access a node, the node must be connected
to the external Ethernet network. Redundant intern al or external networks
may be used for high availability. Figure 7 -7 illustrates an example of
scale -outNAS connectivity.munotes.in
Page 121
1217.8 NAS FILE -SHARING PROTOCOLS
Network -attached storage (NAS) is file -level computer data storage
server connected to a computer network providing data access to a
heterogeneous group of clients. NAS not only operates as a file server, but
is specialized for this task either by its hardware, software, or
configuration of those elements.
Two common NAS file sharing protoc ols are:
1.NFS –Network File System Protocol Traditional UNIX
environment file sharing protocol
2.CIFS –Common Internet File System Protocol Traditional
Microsoft environment file sharing protocol, based upon the
Server Message Block Protocol.
7.8.1 NFS
NFS is a client/server application that enables a computer user
view and optionally store and update files on a remote computer as though
they were on the user's own computer. It uses Remote Procedure Calls
(RPC) to communi cate between computers. Following operations can be
done:
Searching files and directories
Opening, reading, writing to, and closing a file
Changing file attributes
Modifying file links and directories
The user's system requires an NFS client to connect to the NFS
server. Since the NFS server and client use TCP/IP to transfer files,
TCP/IP must be installed on both systems. Currently, three versions of
NFS are in use:
NFS version 2 (NFSv2): Uses UDP to provide a stateless network
connection between a client and a server. Features, such as
locking, are handled outside the protocol.
NFS version 3 (NFSv3): The most commonly used version, which
usesUDP or TCP, and is based on the stateless protocol design. I t
includes extra features like a 64 -bit file size, asynchronous writes,
and additional file attributes.
NFS version 4 (NFSv4): Uses TCP and is based on a tasteful
protocol design.It offers enhanced security.
7.8.2 CIFS
CIFS is client/server application protocol, which enables client’s
programs make requests for files and services on remote computers on the
Internet. CIFS is a public (or open) variation on Microsoft’s Server
Message Block (SMB) protocol. Like SMB, CIFS runs at a higher levelmunotes.in
Page 122
122than, and uses the Internet's TCP/IP protocol. CIFS is viewed as a
complement to the existing Internet application protocols such as the File
Transfer Protocol (FTP) and the Hyper Text Transfer Protocol (HTTP).
The CIFS protocol all ows the client to:
i) Get access to files that are local to the server and read and write
to them
ii) Share files with other clients using special locks
iii) Restore connections automatically in case of network failure
iv) Use Unicode file names
In general, CIFS gives the client user better control of files than
FTP. It provides a potentially more direct interface to server programs
than currently available through a Web browser and the HTTP protocol.
CIFS runs over TCP/IP and uses DNS (Domain N aming Service)
for name resolution. These file system protocols allow users to share file
data across different operating environments as well as provide a means
for users to transparently migrate from one operating system to another.
7.9 FACTORS AFFECTIN G NAS PERFORMANCE
NAS uses IP network, bandwidth, and IP -related latency problems to
affect NAS performance. Network congestion is one of the most critical
latency sources in the NAS environment. Additional factors affecting NAS
performance at various levels are :
The number of hops -The number of hops used in a NAS system can
affect the speed and performance. As you increase the number of hops,
latency also increases as there is a requirement for IP processing in
every hop. This will eventuall y cause a delay at the router and affect
the overall performance.
File/directory lookup and metadata requests -The NAS device files
are accessed by NAS clients, and the process that leads to the correct
file or directory in the system can affect NAS performance and cause
delays. This delay can happen because of various reasons, including
deep directory structures o r bad file system layout. If the disk system
is over -utilized, you will witness a considerable degradation in the
performance. If you look to get past these issues, you must consider
shifting to a flattened directory structure.
Over utilized NAS devices -When multiple clients are working on a
NAS platform and try to access multiple files simultaneously, the
utilization levels of the NAS device shoot up and slow down the entire
framework. The utilization statistics will aid you in understanding the
levels i n which you are running. This issue is also a result of a flawed
file system.
Authentication with a directory service such as LDAP -Bandwidth
is a very pertinent factor to be considered when it comes to the
authentication service. The authentication reque sts cannot bemunotes.in
Page 123
123accommodated if there is a lack of adequate bandwidth and other vital
resources. The overall process can lead to an increase in latency,
especially when the authentication takes place.
Active Directory, or NIS -It is essential to have at lea st a single
machine to take up the role of a NIS server in any network. The
system could face bandwidth issues, and there will be an increase in
latency in the case of Active directories or NIS.
Retransmission -Sometimes, in NAS systems, s ets of data that do not
reach the respective destination get retransmitted, and this is one of the
main reasons for the increase in latency. Retransmission can be
attributed to several reasons, such as buffer overflows, link errors, and
flow control mechan isms.
Overutilized clients -Overutilization of clients in CIFS or NFS
systems is again a parameter that adds to latency. In these cases, the
client might require more time for processing the transmissions from
the server.
Over utilized routers and switche s-Considering overutilized clients,
the devices involved also get overutilized. Such a network takes more
time to respond than a device that is functioning optimally.
7.10 FILE -LEVEL VIRTUALIZATION
` Virtualization on block leve lmeans that storage capacity is made
available to the operating system or the applications in the form of virtual
disks. Virtualization on file level means that the virtualization entity
provides virtual storage to the operating systems or applications in the
form of files and directories. Implementation of file -level virtualization is
common in NAS or file -server environments. It provides non -disruptive
file mobility to optimize storage utilization.
Inblock -level storage , a storage device such as a hard disk drive
(HDD) is identified as something called a storage volume . A storage
volume can be treated as an individual drive, a “block”. This gives a
server's operating system the ability to have access to the raw storage
sections. The storage blocks can be modified by an administrator, adding
more capacity, when necessary, which makes block storage fast, flexible,
and reliable. File-level virtualization creates a logical pool of storage,
enabling users to use a logical path , rather than a physical path, to access
files.
File-level virtualization simplifies file mobility. It provides user or
application independence from the location where the files are stored.
File-level storage is a type of storage that has a file system installed
directly onto it where the storage volumes appear as a hierarchy of files to
the server, rather than blocks. This is different from block type storage,
which doesn't have a default file system and needs to have an
administrator create one in order for non -administrator users to navigate
and find data.munotes.in
Page 124
124Figure 7 -8 illustrates a file -serving environment before and after
the implementation of file -level virtualization.
Figure 7 -8 File -serving environment before and after file -level
virtualization
One benefit of using file storage is that it is easier to use. Most
people are familiar with file system navigation as opposed to storage
volumes found in block -level storage, where more knowledge about
partitioning is required to create volumes.
7.11OBJECT -BASED AND UNIFIED STORAGE
We know that more than90 percent of data generated is
unstructured. This growth of unstructured data has created challenges to
IT administrators and storage managers. With this g rowth, traditional
NAShas become inefficient. Data growth adds high overhead to the
network -attached storage (NAS). NASalso manages large amounts of
metadata generated by hosts, storage systems, and individual applications.
This adds to the complexity and latency in searching and retrieving files.
These challenges demand a smarter approach to manage unstructured data
based on its content rather than metadata about its name, location, and so
on.Object -based storage is a w ay to store file data in the form of objects
based on its content and other attributes rather than the name and location.
Object storage systems allow retention of massive amounts of unstructured data .
Unified storage has emerged as a great solution that consolidates block,
file, and object -based access within one unified platform. It supports
multiple protocols for data access and can be managed using a single
management interface.
7.12 OBJECT -BASED STORAGE DEVICES
An OSD is a device that organizes and stores unstructured data, such as
movies, office documents, and graphics, as objects. Object -based storage
provides a scalable, self -managed, protected, and shared storage option.munotes.in
Page 125
125OSD stores datain the form of objects . OSD uses flat address space to
store data. Therefore, there is no hierarchy of directories and file s; as a
result, a large number of objects can be stored in an OSD system (see
Figure 7 -9).An object might contain user data, related metadata (size, date,
ownership, and so on), and other attributes of data (retention, access
pattern, and so on). Each obje ct stored in the system is identified by a
unique ID called the object ID .
Figure 7 -9O b j e c t -Based Storage Device
7.12.1 Object -Based Storage Architecture
An I/O in the traditional block access method passes through
various layers in the I/O path. The I/O generated by an application passes
through the file system, the channel, or network and reaches the disk
drive. When the file system receives the I/O from an application, the file
system maps the incoming I/O to the disk blocks. The block interface is
used for sending the I/O over the channel or network to the storage device.
The I/O is then written to the block allocated on the disk drive.
The file system has two components:
The user component of the file system performs functions such as
hierarchy management, naming, and user access control.
Thestorage component maps the files to the physical location on the
disk drive.
When an application accesses data stored in OSD, the request is
sent to the file system user component. The file system user component
communicates to the OSD interface, which in turn sends the re quest to the
storage device. The storage device has the OSD storage component
responsible for managing the access to the object on a storage device.
After the object is stored, the OSD sends an acknowledgment to the
application server. The OSD storage comp onent manages all the requiredmunotes.in
Page 126
126low-level storage and space management functions. It also manages
security and access control functions for the objects.
Figu re 7-10Traditional Vs. Object -Based Storage
7.12.2 Components of OSD
The OSD system is typically composed of three key components:
nodes, private network, and storage. Figure 7 -11 illustrates the
components of OSD.
Figure 7 -11 Key components of OSD
The OSD system is composed of one or more nodes . A node is a
server that runs the OSD operating environment and provides services to
store, retrieve, and manage data in the system. It has two key services:munotes.in
Page 127
127The metadata service is responsible for generating the object ID from
the contents (and can also include other attributes of data) of a file, &
maintains the mapping of the object IDs and the file system
namespace.
The storage service manages a set of disks on which the user data is
stored.
The OSD nodes connect to the storage via an internal network
which provides node -to-node connectivity and node -to-storage
connectivity. The application server accesses the node to store and retrieve
data over an external network.
OSD typically uses low -cost and high -density disk drives to store
the objects. As more capacity is required, more disk drives can be added to
the system.
7.12.3 Object Storage and Retrieva l in OSD
The process of storing objects in OSD is illustrated in Figure 7 -12.
Figure 7 -12 Storing objects on OSD
The data storage process in an OSD system is as follows:
1)The application server presents the file to be stored to the OSD node.
2)The OSD node divides the file into two parts: user data and metadata.
3)The OSD node generates the object ID using a specialized algorithm.
The algorithm is executed against the contents of the user data to
derive an ID unique to this data.
4)For future access, the OSD node stores the metadata and object ID
using the metadata se rvice.
5)The OSD node stores the user data (objects) in the storage device
using the storage service.munotes.in
Page 128
1286)An acknowledgment is sent to the application server stating that the
object is stored.
After an object is stored successfully, it is available for retrieval .A
user accesses the data stored on OSD by the same filename. The
application server retrieves the stored content using the object ID. This
process is transparent to the user.
The process of retrieving objects in OSD is illustrated in Figures 7 -13.
Figure 7 -13 Object retrieval from an OSD
The process of data retrieval from OSD is as follows:
1)The application server sends a rea d request to the OSD system.
2)The metadata service retrieves the object ID for the requested file.
3)The metadata service sends the object ID to the application server.
4)The application server sends the object ID to the OSD storage service
for object retrieval.
5)The OSD storage service retrieves the object from the storage device.
6)The OSD storage service sends the file to the application server.
7.12.4 Benefits of Object -Based Storage
Object -based storage devices for unstructured data provide
numerous benefits over traditional storage solutions. The key benefits of
object -based storage are as follows:
Security and reliability .O S Dm a k eu s eo fs p e c i a l ized algorithms
to create objects that provide strong data encryption capability. In
OSD, request authentication is performed at the storage device
rather than with an external authentication mechanism.
Platform independence: Objects are abstract container s of data,
including metadata and attributes. This attribute allows objects to
be shared across heterogeneous platforms locally or remotely.munotes.in
Page 129
129Scalability: Due to the use of FL at address space, object -based
storage can handle large amounts of data without i mpacting
performance. Keep adding data, forever. There's no limit.
Manageability: Object -based storage has an inherent intelligence
to manage and protect objects. It uses self -healing capability to
protect and replicate objects. Policy -based management capability
helps OSD to handle routine jobs automatically.
Reduction in cost. Due to the scale -outnature of object storage,
it's less costly to store all your data.
Faster data retrieval. Due to the categorization structure of object
storage, and the lack of folder hierarchy, you can retrieve your data
much faster.
7.12.5 Common Use Cases for Object -Based Storage
There are multiple use cases for object storage. For example, it can
assist you in the following ways:
Deliver rich media .Define workflows by leveraging industry -
leading solutions for managing unstructured data. Reduce your
costs for globally distributed rich media.
Manage distributed content .Optimize the value of your data
throughout its lifecycle and deliver competitive storage services.
Embrace the Internet of Things (IoT) .Manage machine -to-
machine data efficiently, support artificial intelligence and
analytics, and compress the cost and time of the design process.
Content addressed storage (CAS) is a special t ype of object -based
storage device purposely built for storing fixed content. Another use case
for OSD is cloud -based storage and a web interface to access storage
resources &provides inherent security, scalability, and automated data
management. OSD suppo rts web service access via representational state
transfer (REST) and simple object access protocol (SOAP).
7.13 CONTENT -ADDRESSED STORAGE
CAS is an object -based storage device designed for secure online
storage and retrieval of fixed content. CAS stores user data and its
attributes as an object. The stored object is assigned a globally unique
address, known as a content address (CA). CAS pro vides an optimized
and centrally managed storage solution. Data access in CAS differs from
other OSD devices. In CAS, the application server accesses the CAS
device only via the CAS API running on the application server. However,
the way CAS stores data is similar to the other OSD systems.
CAS provides following key features for storing fixed content. The
key features of CAS are as follows:munotes.in
Page 130
130Content authenticity: It assures the genuineness of stored content.
This is achieved by generating a unique content a ddress for each
object and validating the content address for stored objects at
regular intervals.
Content authenticity is assured because the address assigned to
each object is as unique as a fingerprint.
Content integrity: It provides assurance that the stored content
has not been altered. CAS uses a hashing algorithm for content
authenticity and integrity. If the fixed content is altered, CAS
generates a new address for the altered content, rather than
overwrite the original fixed content.
Location indep endence: CAS uses a unique content address,
rather than directory path names or URLs, to retrieve data. This
makes the physical location of the stored data irrelevant to the
application that requests the data.
Single -instance storage (SIS): CAS uses a uni que content address
to guarantee the storage of only a single instance of an object.
When a new object is written, the CAS system is polled to see
whether an object is already available with the same content
address
Retention enforcement: Protecting and r etaining objects is a core
requirement of an archive storage system. After an object is stored
in the CAS system and the retention policy is defined, CAS does
not make the object available for deletion until the policy expires.
Data protection: CAS ensures that the content stored on the CAS
system is available even if a disk or a node fails & provides both
local and remote protection to it. In the local protection option,
data objects are either mirrored or parity protected. In mirror
protection, two copies of the data object are stored on two different
nodes in the same cluster.
Fast record retrieval: CAS stores all objects on disks, which provides
faster access to the objects compared to tapes and optical discs.
Load balancing: CAS distributes objects acr oss multiple nodes to
provide maximum throughput and availability.
Scalability: CAS allows the addition of more nodes to the cluster
without any interruption to data access and with minimum
administrative overhead.
Event notification: CAS continuously m onitors the state of the
system and raises an alert for any event that requires the
administrator’s attention. The event notification is communicated to
the administrator through
SNMP, SMTP, or e -mail.munotes.in
Page 131
131Self-diagnosis and repair: CAS automatically detects a nd repairs
corrupted objects and alerts the administrator about the potential
problem.
Audit trails: CAS keeps track of management activities and any
access or disposition of data. Audit trails are mandated by compliance
requirements.
7.14 CAS USE CASES
Organizations have deployed CAS solutions to solve several
business challenges. Two solutions are given below.
7.14.1 Healthcare Solution: Storing Patient Studies
Large healthcare centers examine hundreds of patients every day
and generate large volumes of medical records. Each record might be
composed of one or more images that range in size from approximately 15
MB for a standard digital X -ray to more than 1 GB for oncology studies.
The p atient records a restored online for a specific period of time for
immediate use by the attending physicians. Even if a patient’s record is no
longer needed, compliance requirements might stipulate that the records
be kept in the original format for severa ly e a r s .
Medical image solution providers offer hospitals the capability to
view medical records, such as X -ray images, with acceptable response
times and resolution to enable rapid assessments of patients. Figure 7 -14
illustrates the use of CAS in this s cenario. Patients’ records are retained on
the primary storage for 60 days after which they are moved to the CAS
system. CAS facilitates long -term storage and at the same time, provides
immediate access to data, when needed.
Figure 7 -14 Storing patient studies on a CAS system
7.14.2 Finance Solution: Storing Financial Records
In a typical banking scenario, images of checks, each
approximately 25 KB in size,are created and sent to archive services over
an IP network. A check imaging service provider might process
approximately 90 million check images per month. Typically, check
images are actively processed in transactional systems for about 5 days.munotes.in
Page 132
132For the next 60 days, check images may be requested by banks or
individual consumers for verification purposes; beyond 60 days, access
requirements drop drastically. Figure 7 -15 illu strates the use of CAS in
this scenario. The check images are moved from the primary storage to the
CAS system after 60 days, and can be held there for long term based on
retention policy. Check imagingis one example of a financial service
application that is best serviced with CAS. Customer transactions initiated
by e-mail, contracts, and security transaction records might need to be
kept online for 30 years; CAS is the preferred storage solution in such
cases.
Figure 7 -15Storing financial records on a CAS system
7.15 UNIFIED STORAGE
Aunified storage architecture, which combines block -level and
file-level access in a single storage system. It supports multiple protocols,
such as CIFS, NFS, iSCSI, FC, etc.
7.15.1 Components of Unified Storage
A unified storage syste m consists of the following key
components: storage controller, NAS head, OSD node, and storage. Figure
7-16 illustrates the block diagram of a unified storage platform.
The unified controller provides the functionalities of block storage,
file storage, an d object storage. It contains iSCSI, FC, FCoE, and IP front -
end ports for direct block access to application servers and file access to
NAS clients.
For block -level access , the controller configures LUNs and
presents them to application servers and the LUN s presented to the
application server appear as local physical disks. A file system is
configured on these LUNs at the server and is made available to
applications for storing data. ForNAS clients , the controller configures
LUNs and creates a file system on these LUNs and creates a NFS, CIFS,
or mixed share, and exports the share to the clients.munotes.in
Page 133
133
Figure 7 -16 Unified Storage Platform
TheOSD node accesses the storage through the storage controller
using a FCor FCoE connection. The LUNs assigned to the OSD node
appear as physical disks configured by the OSD nodes, enabling them to
store the data from the web application servers.
Data Access from Un ified Storage
In a unified storage system, block, file, and object requests to the storage
travel through different I/O paths. Figure 7 -16 illustrates the different I/O
paths for block, file, and object access.
Block I/O request: The application servers a re connected to an FC,
iSCSI, or FCoE port on the storage controller. The server sends a
block request over an FC, iSCSI, or FCoE connection. The storage
processor (SP) processes the I/O and responds to the application
server.
File I/O request: The NAS cli ents (where the NAS share is mounted
or mapped) send a file request to the NAS head using the NFS or CIFS
protocol. The request is converted into a block request, and forwarded
to storage controller. Upon receiving the block data from the storage
controlle r, the NAS head again converts the block request back to the
file request and sends it to the clients.
Object I/O request: The web application servers send an object
request, typically using REST or SOAP protocols, to the OSD node.
The request received by OSD is converted into a block request, and is
send to the disk through the storage controller. The controller in turn
processes the block request and responds back to the OSD node, which
in turn provides the requested object to the web application server.munotes.in
Page 134
1347.16SUMMARY
File sharing means providing common file access to more than one
user.Client -Server technology is used for file sharing over a network. NAS
devices are rapidly becoming popular with enterprise and small businesses
in many industries as an effective, scalable, low -cost storage solution. A
NAS device provides file -serving functions such as storing, retrieving, and
accessing files for applicat ions and clients. Afile system is a process that
manages how and where data on a storage disk is stored, accessed and
managed. Many file systems maintain a file access table to simplify the
process of searching and accessing files.
When a client request fo r file, NAS provides file -level data access
to its clients. File I/O is a high -level request that specifies the file to be
accessed. Theunified NAS is ac o m b i n a t i o no fN A Sa n dS A Na p p r o a c h e s . In a
gateway implementation, the NAS device has external storage , and there is
separate managing interface for the NAS device and storage.The scale -out
NAS implementation combines multiple nodes to form a cluster NAS
system. NFS is a client -server protocol for file sharing that is commonly
used on UNIX systems.CIFS is a client -server application protocol that
enables client programs to make requests for files and services on remote
computers over TCP/IP.
NAS uses IP network; therefore, bandwidth and latency issues
associated with IP affect NAS performance.Object -based st orage provides
a scalable, self -managed, protected, and shared storage option. CAS is an
object -based storage device designed for secure online storage and retrieval of fixed
content. Unified storage consolidates block, file, and object access into one
stora ge solution. It supports multiple protocols, such as CIFS, NFS, iSCSI,
FC, FCoE, REST, and SOAP.
7.17REVIEW QUESTIONS
1.What are advantages of NAS (Network -Attached Storage)?
2.What are components of NAS (Network -Attached Storage)? Explain
with diagram.
3.Explain NAS input -output operation.
4.What are different types of NAS implementations? Explain any in
detail?
5.Explain Unified NAS implementation.
6.Explain gateway NAS implementation.
7.Explain scale -out NAS implementation.
8.Explain NFS protocol for file sharing.
9.Explain CIFS protocol for file sharing.
10.What are different factors that affect NAS performance at different
levels?
11.Explain File -level virtualization.
12.Compare File level virtualization with block level virtualization.munotes.in
Page 135
13513.What is Object -Based Storage Device? Explain Architecture Object -
Based Storage.
14.What is Object -Based Storage Device? Explain Components of
Object -Based Storage.
15.Show the process of storing and retrieving objects in OSD with
diagram.
16.What are key benefits o fo b j e c t -based storage?
17.What is CAS (Content -Addressed Storage)? Explain The key features
of CAS.
18.What is unified storage? What are different components of unified
storage? How Data is accessed from Unified Storage?
7.18REFERENCES
Information Storage and Management: Storing, Managing, and
Protecting Digital Information in Classic, Virtualized, and Cloud
Environments by Somasundaram Gnanasundaram and Alok
Shrivastava, 2ndEdition Publisher: John Wiley & Sons.
https://www.ippartners.com.au/it -news/defining -storage -area-
networks -sans-network -attached -storage -nas-and-unified -storage/
https://www.mycloudwiki.com
https://www.netapp.com
https://whatis.techtarge t.com
https://www.ques10.com/p/2557/explain -nas-file-sharing -protocols/
https://www.promax. com/blog/factors -that-impact -remote -nas-
performance
munotes.in
Page 136
1368
INTRODUCTION TO BUSINESS
CONTINUITY
Unit Structure
8.0Objectives
8.1 Introduction
8.2 Information Availability
8.2.1 Causes of Information Unavailability
8.2.2 Consequences o f Downtime
8.2.3 Measuring Information Availability
8.3 BC Terminology
8.4 BC Planning Life Cycle
8.5 Failure Analysis
8.5.1 Single Point of Failure
8.5.2 Resolving Single Points of Failure
8.5.3 Multipathing Software
8.6 Business Impact Analysis
8.7 BC Te chnology Solutions
8.8Summary
8.9Review Questions
8.10 References
8.0OBJECTIVES
This chapter describes the factors that affect information
availability and the consequences of information unavailabilit y. It also
explains the key parameters that govern any Business Continuity (BC)
strategy and the roadmap to develop an effective BC plan. We will study
BC planning life cycle also.
8.1INTRODUCTION
In modern times, continuous access to information is a must for the
smooth functioning of business operations. Unavailability of information
cost is greater than ever, and outages in key industries cost millions of
dollars per hour. Threats to information availability, s uch as natural
disasters, unplanned occurrences, and planned occurrences, could result in
the inaccessibility of information & becomes critical for businesses to
define an appropriate strategy that can help them overcome these crises.munotes.in
Page 137
137Business continuity i s an important process to define and implement these
strategies.
Business continuity is the advance planning and preparation undertaken
to ensure that an organization will have the capability to operate its critical
business functions during emergency eve nts. Events can include natural
disasters, a business crisis, pandemic, workplace violence, or any event
that results in a disruption of your business operation. It is important to
remember that you should plan and prepare not only for events that will
stop functions completely but for those that also have the potential to
adversely impact services or functions.
Common technology services designed for business continuity
consist of cloud data backups , cloud -based disaster recovery as a service
(DRaaS) for infrastructure outages, and managed security plans that
protect against increasingly sophisticated cyber attacks.
8.2 INFORMATION AVAILABILITY
Information availability (IA) refers to the ability of the
infrastructure to function according to business expectations during its
specif ied time of operation. Information availability ensures that people
(employees, customers, suppliers, and partners) can access information
whenever they need it. Information availability can be defined with the
help of reliability, accessibility and timeli ness
Reliability: This reflects a component’s ability to function without
failure, under stated conditions, for a specified amount of time.
Accessibility: This is the state within which the required
information is accessible at the right place, to the ri ght user.
Timeliness: Defines the exact moment or the time window (a
particular time of the day, week, month, and/or year as specified)
during which information must be accessible. For example, if
online access to an application is required between 8:00 am and
10:00 pm each day, any disruptions to data availability outside of
this time slot are not considered to affect timeliness.
8.2.1 Causes of Information Unavailability
Various planned and unplanned incidents result in data
unavailability. Planned outages include
installation/integration/maintenance of new hardware, software upgrades
or patches, taking backups, application and data restores, facility
operations (renovatio n and construction), and refresh/migration of the
testing to the production environment.
Unplanned outages include failure caused by database corruption,
component failure, and human errors. Another type of incident that may
cause data unavailability is natural or man -made disasters such as flood,
fire, earthquake, and contamination.munotes.in
Page 138
138
Figure 8.1 disruptors of data availability
8.2.2 Consequences of Downtime
Downtime is the amount of time during the agreed service time
that the service is not available. Information unavailability or downtime
outcome in loss of productivity, revenue, poor financial performance and
damage to reputation. Loss of productivity includes red uced output per
unit of labor, equipment, and capital. Loss of revenue includes direct loss,
compensatory payments, future revenue loss, billing loss, and investment
loss. Poor financial performance affects revenue recognition, cash flow,
discounts, paymen t guarantees, credit rating, and stock price. Damages to
reputations may result in a loss of confidence or credibility with
customers, suppliers, financial markets, banks, and business partners.
The business impact of downtime is the sum of all losses su stained
as a result of a given disruption. An important metric, average cost of
downtime per hour , provides a key estimate in determining the appropriate
BC solutions. It is calculated as follows:
Average cost of downtime per hour = average productivity loss per
hour + average revenue loss per hour
Where:
Productivity loss per hour = (total salaries and benefits of all
employees per week)/(average number of working hours per week)
Average revenue loss per hour = (total revenue of an organization
per week)/(average number of hours per week that an organization
is open for business)
The average downtime cost per hour may also include estimates of
projected revenue loss due to other consequences, suc ha sd a m a g e d
reputations, and the additional cost of repairing the system.munotes.in
Page 139
1398.2.3 Measuring Information Availability
IA relies on the availability of both physical and virtual components of
a data center & failure of these might disrupt IA. A failure is the
termination of a component’s capability to perform a required function.
The component’s capability can be restored by performing an external
corrective action, such as a manual reboot, repair, or replacement of the
failed component(s). Proactive risk analysis, performed as part of the BC
planning process, considers the component failure rate and average repair
time, which are measured by mean time between failure (MTBF) and
mean time to repair (MTTR):
Mean Time Between Failure (MTBF): It is the average time
available for a system or component to perform its normal
operations between failures. It is the measure of system or
component reliability and is usually expressed in hours.
Mean Time To Repair (MTTR): It is the average time required
to repair a failed component. While calculating MTTR, it is
assumed that the fault responsible for the failure is correctly
identified and the required spares and pe rsonnel are available.
MTTR includes the total time required to do the following
activities: Detect the fault, mobilize the maintenance team,
diagnose the fault, obtain the spare parts, repair, test, and restore
the data.
Figure 8 -2 illustrates the various information availability metrics
that represent system uptime and downtime.
Figure 8 -2 Information Availability metrics
IA is the time period during which a system is in a condition to
perform its intended function upon demand. It can be expressed in terms
of system uptime and downtime and measured as the amount or
percentage of system uptime:
IA = system uptime/(system uptime + system downtime)munotes.in
Page 140
140Where system uptime is the period of time during which the system
is in an accessible state; when it is not accessible, it is termed as system
downtime . In terms of MTBF and MTTR, IA could also be expressed as
IA = MTBF/(MTBF + MTTR)
Uptime per year is b ased on the exact timeliness requirements of
the service.
8.3 BC TERMINOLOGY
Disaster recovery: Refers to the process of restoring operations,
including information technology resources, within a predetermined
timeframe. The disaster recovery plan is a critical component of the
business continuity plan.
Disaster restart: This is the process of restarting business operations
with mirrored consistent copies of data an d applications.
Recovery -Point Objective (RPO): This is the point in time to which
systems and data must be recovered after an outage. A large RPO
signifies high tolerance to information loss in a business. Based on the
RPO, organizations plan for the freq uency with which a backup or
replica must be made. For example, if the RPO is 6 hours, backups or
replicas must be made at least once in 6 hours. Figure 8 -3( a )s h o w s
various RPOs and their corresponding ideal recovery strategies.
oRPO of 24 hours: Backups are created at an offsite tape library
every midnight. The corresponding recovery strategy is to restore
data from the set of last backup tapes.
oRPO of 1 hour: Shipping database logs to the remote site every
hour.
oRPO in the order of minutes: Mirroring d ata asynchronously to a
remote site
oNear zero RPO: Mirroring data synchronously to a remote site
Figure 8 -3 Strategies to meet RPO and RTO targets
Recovery -Time Objective (RTO): The time within which systems
and applications must be recovered after an outage. Businesses canmunotes.in
Page 141
141optimize disaster recovery plans after defining the RTO for a given
system. For example, if the RTO is 2 hours, it requires disk -based
backup because it enable s a faster restore than a tape backup.
However, for an RTO of 1 week, tape backup will likely meet the
requirements. Some examples of RTOs and the recovery strategies to
ensure data availability are listed here (refer to Figure 8 -3[ b ] ) :
oRTO of 72 hours: Restore from tapes available at a cold site.
oRTO of 12 hours: Restore from tapes available at a hot site.
oRTO of few hours: Use of data vault at a hot site
oRTO of a few seconds: Cluster production servers with
bidirectional mirroring, enabling the applications to run at both
sites simultaneously.
Data vault: A repository at a remote site where data can be
periodically or continuously copied (either to tape drives or disks) so
thatthere is always a copy at another site.
Hot site: A site where an enterprise’s operations can be moved in the
event of disaster. It is a site with the required hardware, operating
system, application, and network support to perform business
operations, wh ere the equipment is available and running at all times.
Cold site: A site where an enterprise’s operations can be moved in the
event of disaster, with minimum IT infrastructure and environmental
facilities in place, but not activated
Server Clustering: Agroup of servers and other necessary resources
coupled to operate as a single system. Clusters can ensure high
availability and load balancing. Typically, in failover clusters, one
server runs an application and updates the data, and another is kept as
standby to take over completely, as required.
8.4 BC PLANNING LIFE CYCLE
BC planning must follow a disciplined approach like any other
planning process. From the conceptualization to the realization of the BC
plan, a life cycle of a ctivities can be defined for the BC process. The BC
planning life cycle includes five stages (see Figure 8 -4):
1. Establishing objectives
2. Analyzing
3. Designing and developing
4. Implementing
5. Training, testing, assessing, and maintainingmunotes.in
Page 142
142
Figure 8 -4 BC Planning Life Cycle
1. Establish objectives:
Determine BC requirements.
Estimate the scope and budget to achieve requirements.
Select a BC team that includes subject matter experts from all
areas of the business, whether internal or external.
Create BC policies.
2. Analysis:
Collect information on data profit, business processes,
infrastructure support, dependencies, and frequency of using
business infrastructure.
Conduct a Business Impact Analysis (BIA).
Identify critical business processes and assign recovery priorities.
Perform risk analysis f or critical functions and create mitigation
strategies.
Perform cost benefit analysis for available solutions based on the
mitigation strategy.
Evaluate options.
3. Design and develop:
Define the team structure and assign individual roles and
responsibilit ies. For example, different teams are formed for
activities, such as emergency response, damage assessment, and
infrastructure and application recovery.
Design data protection strategies and develop infrastructure.
Develop contingency solutions.munotes.in
Page 143
143Develop em ergency response procedures.
Detail recovery and restart procedures.
4. Implement:
Implement risk management and mitigation procedures that
include backup, replication, and management of resources.
Prepare the disaster recovery sites that can be utilized if a disaster
affects the primary data center.
Implement redundancy for every resource in a data center to avoid
single points of failure.
5. Train, test, assess, and maintain:
Train the employees w ho are responsible for backup and
replication of business -critical data on a regular basis or whenever
there is a modification in the BC plan.
Train employees on emergency response procedures when
disasters are declared.
Train the recovery team on recovery procedures based on
contingency scenarios.
Perform damage -assessment processes and review recovery plans.
Test the BC plan regularly to evaluate its performance and identify
its limitations.
Assess the performance reports and identify limitations.
Update the BC plans and recovery/res tart procedures to refl ect
regular changes within the data center.
8.5 FAILURE ANALYSIS
Failure analysis involves analyzing both the physical and virtual
infrastructure components to identify systems that are susceptible to a
single point of failure and implementing fault -tolerance mechanisms.
8.5.1 Single Point of Failure
Asingle point of failure refers to the failure of a component that
can terminate the availability of the entire system or IT service. Figure 8 -5
depicts a system setup in which an application, running on a VM, provides
an interface to the client and performs I/O operations. The client is
connected to the s erver through an IP network, and the server is connected
to the storage array through an FCconnection.munotes.in
Page 144
144
Figure 8 -5 single point of failure
In a setup in which each component must function as required to
ensure da ta availability, the failure of a single physical or virtual
component causes the unavailability of an application & results in
disruption of business operations. For example, failure of a hyper visor
can affect all the running VMsand the virtual network, which are hosted
on it. In the setup shown in Figure9 -5, several single points of failure can
be identified. A VM, a hypervisor, an HBA/NIC on the server, the
physical server, the IP network, the FC switch, the storage array ports, or
even the storage arra y could be a potential single point of failure.
8.5.2 Resolving Single Points of Failure
To reduce single points of failure, systems are designed with
redundanc y,such that the system fails only if all the components in the
redundancy groupfail. This ensures that the failure of a single component
does not affect data availability. Data centers follow stringent guidelines
to implement fault tolerance for uninterrup ted information availability.
Careful analysis is performed to eliminate every single point of failure.
The example shown in Figure 8 -6represents all enhancements in the
infrastructure to mitigate single points of failure:
Configuration of redundant HBAs at a server to mitigate single
HBA failure.
Configuration of NIC teaming at a server allows protection against
single physical NIC failure. It allows grouping of two or more
physical NICs and treating them as a single logic al device. With
NIC teaming, if one of the underlying physical NICs fails or its
cable is unplugged,the traffic is redirected to another physical NIC
in the team.
Configuration of redundant switches to account for a switch
failure.
Configuration of multi ple storage array ports t o mitigate a port
failure
RAID and hot spare configuration to ensure continuous operation
in the event of disk failure
Implementation of a redundant storage array at a remote site to
mitigate local site failuremunotes.in
Page 145
145Implementing server (or compute) clustering, a fault -tolerance
mechanism whereby two or more servers in a cluster access the
same set of data volumes. Clustered servers exchange a heartbeat
to inform each other about their health. If one of the servers or
hyper visors fails, the other server or hyper visor can take up the
workload.
Implementing a VM Fault Tolerance mechanism ensures BC in the
event of a server failure. This technique creates duplicate copies of
each VM on another server so that when a VM failure is detected,
the duplicate VM can be used for failover.
Figure 8 -6 Resolving single points of failure
8.5.3 Multipathing Software
Configuration of multiple paths increases the data availability
through path failover. If servers are configured with one I/O pa th to the
data, there will beno access to the data if that path fails. Redundant paths
to the data eliminate the possibility of the path becoming a single point of
failure. Multiple paths to data als o improve I/O performance through load
balancing among the pathsand maximize server, storage, and data path
utilization.munotes.in
Page 146
146In practice, merely configuring multiple paths does not serve the
purpose. Even with multiple paths, if one path fails, I/O does not reroute
unless the system recognizes that it has an alternative path. Multipathing
software provides the functionality to recognize and utilize alternative I/O
paths to data, also manages the load balancing by distributing I/Os to all
available, activ e paths.
Multipathing software intelligently manages the paths to a device
by sendingI/O down the optimal path based on the load balancing and
failover policy settingfor the device. It also takes into account path usage
and availability before deciding the path through which to send the I/O. If
a path to the device fails,it automatically reroutes the I/O to an alternative
path.In a virtual environment, multipathing is enabled either by using
thehypervisor’s built -in capability or by running a third -party so ftware
module,added to the hypervisor.
8.6 BUSINESS IMPACT ANALYSIS
Abusiness impact analysis (BIA) is a process that helps an organization
determine and evaluate the potential effects of a problem on its operations. A
business impact analysis (BIA) identifies which business units, operations,
and processes are essential to the survival of the business. It evaluates the
financial, operational, and service impacts of a disruption to essential
business processes. A BIA inc ludes the following set of tasks:
Determine the business areas.
For each business area, identify the key business processes critical
to its operation.
Determine the attributes of the business process in terms of
applications, databases, and hardware and so ftware requirements.
Estimate the costs of failure for each business process.
Calculate the ma ximum tolerable outage and defi ne RTO and RPO
for each business process.
Establish the minimum resources required for the operation of
business processes.
Determi ne recovery strategies and the cost for implementing them.
Optimize the backup and business recovery strategy based on
business priorities.
Analyze the current state of BC readiness and optimize future BC
planning.
8.7 BC TECHNOLOGY SOLUTIONS
After analyzing the business impact of an outage, designing the
appropriate solutions to recover from a failure is the next important
activity. One or more copies of the data are maintained using any of themunotes.in
Page 147
147following strategies so that data ca n be recovered or business operations
can be restarted using an alternative copy:
Backup: Data backup is a predominant method of ensuring data
availability. The frequency of backup is determined based on RPO,
RTO, and the frequency of data changes.
Local r eplication: Data can be replicated to a separate location within
the same storage array. The replica is used independently for other
business operations. Replicas can also be used for restoring operations
if data corruption occurs.
Remote replication: Data in a storage array can be replicated to
another storage array located at a remote site. If the storage array is
lost due to a disaster, business operations can be started from the
remote storage array.
8.8SUMMARY
Business continuity (BC) is an integrated and enterprise -wide
process that includes all activities (internal and external to IT) that a
business must perform to mitigate the impact of planned and unplanned
downtime. Information availability (IA) refers to the ability of an IT
infrastructure to function according to business expectations during its
specified time of operation.Information unavailability or downtime results
in loss of productivity, lossof revenue, poor financial performance, and
damage to reputation.The business impact of downtime is the sum of all
losses sustained as a result of a given disruption.A business impact
analysis (BIA) identifi es which business units, operations, and processes
are essential to the survival of the busi ness.
8.9REVIEW QUESTIONS
1.What is Information Availability? What are causes of Information
Unavailability?
2.What are causes of Information Unavailability? Explain effect of
Information Unavailability on business.
3.Explain Life Cycle of BC Planning.
4.What is Single Point of Failure? How resolve Single Point of Failure?
Explain with example.
5.What is business impact analysis (BIA)? What are different set of BIA
tasks.munotes.in
Page 148
1488.10REFERENCES
Information Storage and Management: Storing, Managing, and
Protecting Digital Information in Classic, Virtualized, and Cloud
Environments by Somasundaram Gnanasundaram and Alok
Shrivastava, 2ndEdition Publisher: John Wiley & Sons.
http://www.sis.pitt.edu/lersais/research/sahi/resources/labs/drp/Lab_IR
_DR_BC_Planning_BC.pdf
https://en.wikipedia.org/wiki/Business_continuity_planning
https://www.ques10.com/p/20620/what -is-information -availability -
and-information -u/
https://www.in ap.com/blog/business -continuity
munotes.in
Page 149
1499
BACKUP AND ARCHIVE
Unit Structure
9.0Objectives
9.1 Introduction
9.2 Backup Purpose
9.2.1 Disaster Recovery
9.2.2 Operational Recovery
9.2.3 Archival
9.3 Backup Considerations
9.4 Backup Granularity
9.5 Recovery Considerations
9.6 Backup Methods
9.7 Backup Architecture
9.8 Backup and Restore Operations
9.9 Backup Topologies
9.10 Backup in NAS Environments
9.10.1 Server -Based and Serverless Backup
9.10.2 NDMP -Based Backup
9.11 Backup Targets
9.11.1 Bac kup to Tape
9.11.2 Backup to Disk
9.11.3 Backup to Virtual Tape
9.12 Data Deduplication for Backup
9.12.1 Data Deduplication Methods
9.12.2 Data Deduplication Implementation
9.13 Backup in Virtualized Environments
9.14 Data Archive
9.15 Archiving Solution Architecture
9.16 Summary
9.17 Review Questions
9.18 Referencesmunotes.in
Page 150
1509.0OBJECTIVES
This chapter includes details about the purposes of the backup,
backup and recovery considerations, backup methods, architecture,
topologies, and backup targets. Backup optimization using data
deduplication and backup in a virtualized environment are also covered in
the chapter. Further, this chapter covers types of data archives and
archiving solution a rchitecture.
9.1 INTRODUCTION
Companies and people are very dependent on data. Whereas a
person cannot survive without air, water, and food, businesses cannot
survive without data. Hence data is very important in business. A backup
is a copy of important data that is stored on an alternative location, so it
can be recovered if deleted or it becomes corrupted that can be used to
protect organizations against data loss. Organizations are facing problem
in the task of backing up because of heavy increasing amount of data. This
task becomes more challenging with the growth of information, stagnant
IT budgets, and less time for taking ba ckups. Moreover, organizations
need a quick restore of backed up data to meet business service -level
agreements (SLAs).
To implement a successful backup and recovery solution we have
to evaluate the various backup methods with their recovery consideration s.
Organizations generate and maintain large volumes of fixed data
content. This fixed content is rarely accessed after a period of time and
needs to be retained for several years to meet regulatory compliance.
Accumulation of this data on the primary sto rage increases the overall
storage cost to the organization. Further, this increases the amount of data
tobe backed up, which in turn increases the time required to perform the
backup.
Data archiving is the process of moving data that is no longer
active ly used to a separate storage device for long -term retention.
Basically, it is stored in low-cost secondary storage. Data archiving
reduces the amount of data to be backed up and hence time is also
reduced.
9.2 BACKUP PURPOSE
There are 3 purposes of data backups:
1.Disaster recovery
2.Operational recovery
3.Archivalmunotes.in
Page 151
1519.2.1 Disaster Recovery
One purpose of backups is to address disaster recovery needs.
Disaster recovery relies upon the replication of data and comp uter
processing in an off -premises location not affected by the disaster. When
servers go down because of a natural disaster, equipment failure or cyber -
attack, a business needs to recover lost data from a second location where
the data is backed up. RTO ( Recovery Time Objective) is defined as the
time it takes for an organization’s IT infrastructure to come back online
and be fully functional post a disaster. RPO (Recovery Point Objective)
reflects the number of transactions lost from the time of the event up to the
full recovery of the IT infrastructure.
When tape -based backup is used as a disaster recovery option, the
backup tape media is shipped and stored at an offsite location. Later, these
tapes can be recalled for restoration at the disaster recov ery site. Ideally, an
organization can transfer its computer processing to that remote location
as well in order to continue operations. This allows organizations to bring
production systems online in a relatively short period of time if a disaster
occurs.
9.2.2 Operational Recovery
Unlike Disaster recovery, operational recovery deals with more
“routine” kinds of failures. The events that requi re recovery are, in this
case, smaller in impact. While Disaster Recovery deals with high -impact
events affecting the IT infrastructure, operational recovery deals with
errors that appear in a business’ daily life: an accidental file deletion, a
code error , a file that is wrongly saved etc. For example, it is common for a
user to accidentally delete an important e -mail or for a file to become
corrupted, which can be restored using backup data.
9.2.3 Archival
Backups are also performe d to address archival requirements. An
archive is frequently used to ease the burden on faster and more frequently
accessed data storage systems. Older data that is unlikely to be needed
often is put on systems that don’t need to have the speed and accessi bility
of systems that contain data still in use. Archival storage systems are
usually less expensive, as well, so a strong motivation is to save money on
data storage .
9.3 BACKUP CONSIDERATIONS
All enterprises need reliable, efficient data protection and recovery
–it is fundamental to business survival. In recent years, mid -sized
businesses and distributed enterprises have been largely underser ved by
data protection hardware due to its high cost at a time when enterprises
struggle to keep up with the rising tide of data.munotes.in
Page 152
152Backup speed is important but recovery speed is where the data
protection plan proves its worth. In the event of a system cr ash or disaster,
how fast can critical data be recovered and accessed? Businesses should
establish a recovery time objective (RTO) and a recovery point objective
(RPO). By establishing an RTO and RPO, a business can maximize
business continuity by creating a tiered data protection system that ensures
the least possible loss of the most important data
Another consideration is the retention period, which defines the
duration for which a business needs to retain the backup copies. Some data
is retained for ye ars and some only for a few days. For example, data
backed up for archival is retained for a longer period than data backed up
for operational recovery.
Organizations must also consider the granularity of backups. The
development of a backup strategy must include a decision about the most
appropriate time for performing a backup to minimize any disruption to
production operations. The location, size, numbe r of files, and data
compression should also be considered because they might affect the
backup process. Location is an important consideration for the datato be
backed up. Consider a data warehouse environment that uses the backup
data from many sources. The backup process must address these sources
for transactional and content integrity.
The file size and number of files also influence the backup process.
Backing up large -size files (for example, ten 1 MB files) takes less time,
compared to backing up an equal amount of data composed of small -size
files (for example, ten thousand 1 KB files).
Data compression and data deduplication are widely used in the
backup environment because these technologies save space on the media.
Many backup devices have bui lt-in support for hardware -based data
compression. Some data, such as application binaries, do not compress
well, whereas text data does compress well.
9.4 BACKUP GRANULARITY
Backup granularity describes the level of detail characterizing backup
data.Backup granularity depends on business needs and the required
RTO/RPO.Based on the granularity, backups can be categorized as full,
incremental and cumulative (differential). Most organizations use a
combination of these three backup types to meet their backup and
recovery requirements. Figure 9 -1 shows the different backup granularity
levels.
\munotes.in
Page 153
153
Figure 9 -1Backup Granularity
Full backup: I t is a backup of the complete data on the production
volumes at a certain point in time. A full backup copy is created by
copying the data on the production volumes to a secondary storage
device. It provides a faster recovery but requires more storage spac e
and time to back up.
Incremental backup: It copies the data that has changed since the last
full or incremental backup, whichever has occurred more recently.
This is much faster because the volume of data backed up is restricted
to changed data, but it t akes longer to restore.
Cumulative or differential backup: It copies the data that has changed
since the last full backup. This method takes longer than incremental
backup but is faster to restore.
Restore operations vary with the granularity of the backup. A full
backup provides a single repository from which the data can be easily
restored. The process of restoration from an incremental backup requires
the last full backup and all the incremental b ackups available until the
point of restoration. A restore from a cumulative backup requires the last
full backup and the most recent cumulative backup.munotes.in
Page 154
154Figure 9 -2 shows an example of restoring data from incremental backup.
Figure 9 -2Restoring data from incremental backup
In this example, a full backup is performed on Monday evening.
Each day after that, an incremental backup is performed. On Tuesday, a
new file (File4 in the figure) is added, and no other files have changed.
Consequently, only File4 is copied during the incremental backup
performed on Tuesday evening. On Wednesday, no new files are added,
but File3 has been modified. Therefore, only the modified File3 is copied
during the incremental backup on Wednesday evening. Similarly, the
incremental backup on Thursday copies only File5. OnFriday morning,
there is data corruption, which requires data restoration from the backup.
The first step toward data restoration is restoring all data from the full
backup of Monday evening. The next step is applying the incremental
backups of Tuesday, Wednesday, and Thursday. In this manner, data can
be successfully recovered to its previous state, as it existed on Thursday
evening.
Figure 9 -3 shows an example of restoring data from cumulative backup.
Figure 9 -3Restoring data fromcumulative backup
In this example, a full backup of the business data is taken on
Monday evening.Each day after that, a cumulative backup is taken. On
Tuesday, File 4 is added and no other data is modified since the previous
full backup of Monday evening. Consequently, the cumulative backup on
Tuesday evening copies onlyFile 4. On Wednesday, File 5 is added. The
cumulative backup taking plac e onWednesday evening copies both File 4
and File 5 because these files have been added or modified since the last
full backup. Similarly, on Thursday, File 6 isadded. Therefore, themunotes.in
Page 155
155cumulative backup on Thursday evening copies all three files: File 4, Fil e
5, and File 6. On Friday morning, data corruption occurs that requires data
restoration using backup copies. The first step in restoring data is to
restore all the data from the full backup of Monday evening. The next step
isto apply only the latest cumu lative backup, which is taken on Thursday
evening.In this way, the production data can be recovered faster because
its needs only two copies of data —the last full backup and the latest
cumulative backup.
9.5 RECOVERY CONSIDERATIONS
The retention period is a key consideration for recovery, derived
from an RPO. For example, users of an application might request to
restore the application data from its backup copy, which was created a
month ago. This determines the retention period for the backup. Therefore,
the minimum retention period of this application data is one month.
However, the organization might choose to retain the backup for a longer
period of time because of internal policies or external factors, such as
regulatory dire ctives.
If the recovery point is older than the retention period, it might not
be possible to recover all the data required for the requested recovery
point. Long retention periods can be defined for all backups, making it
possible to meet any RPOwithin t he defined retention periods. However,
this requires a large storage space, which translates into higher cost.
Therefore, while defining the retention period, analyze all the restore
requests in the past and the allocated budget.
RTO relates to the time t aken by the recovery process. To meet the
defined RTO, the business may choose the appropriate backup granularity
to minimize recovery time. In a backup environment, RTO influences the
type of backup media that should be used. For example, a restore from
tapes takes longer to complete than a restore from disks.
9.6 BACKUP METHODS
Hot backup and cold backup are the two methods deployed for a
backup. A hot backup is performed whilst users are still logged into a
system, whereas a cold backup is done with all users offline. The reason
for performing hot backups is that it minimizes downtime on a day -to-day
basis, which is especially useful for systems that require 24/7 operation.
The i ssue with hot backups is that if data is changed whilst the backup is
being performed there may be some inconsistencies, such as the previous
state of the file being included in the backup rather than the latest one. Hot
backups also take up computer resou rces, so machine and server
performance can be affected during backups.munotes.in
Page 156
156Cold backups, sometimes known as offline backups, are the safest
way to backup data as no files can be changed during the backup. Cold
backups can be performed on a copy of data too, such as that stored in an
offsite repository. The benefit of cold backups is that the backup can’t be
affected by live viruses or hacking attempts. They also won’t be affected
by power surges, making them the most reliable way to backup your data.
Obviousl y, the downside is that during this time no users can access the
system. It can also take longer to recover from a disaster with cold
backups as moving the data from the cold backup site to being fully
operational can cause delays.
Consistent backups of d atabases can also be done by using a cold
backup. This requires the database to remain inactive during the backup.
Of course, the disadvantage of a cold backup is that the database is
inaccessible to users during the backup process.
Hot backups should be used when downtime has to be as low as
possible (When you have a low RTO) and cold backups should be used
when no users have to access the system. You don’t have to use just one
backup method of course. You could run hot backups throughout the week
and the n perform a cold backup on Friday evenings or over the weekend
when users won’t be using the system. Depending on the data set size, a
cold backup may only take an hour or less, which may not cause any
disruption to some businesses.
To ensure consistency , it is not enough to back up only the
production data for recovery. Certain attributes and properties attached to
a file, such as permissions, owner, and other metadata, also need to be
backed up. These attributes are as important as the data itself and m ust be
backed up for consistency.
In a disaster recovery environment, bare-metal recovery (BMR)
refers to a backup in which all metadata, system information, and
application configurations are appropriately backed up for a full system
recovery. BMR build s the base system, which includes partitioning, the
file system layout, the operating system, the applications, and all the
relevant configurations. The base system is recovered first by BMR before
starting the recovery of data files. Some BMR technologies —for
example server configuration backup (SCB) —can recover a server even
onto dissimilar hardware.
9.7BACKUP ARCHITECTURE
The common and widely used Backup Architecture is based on the
Server -Client mo del. Figure 9 -4 illustrates the backup architecture. Any
backup architecture is composed of the following four components.
Backup Servers
Backup Clients
Media Servers
Backup Destinations/Targetsmunotes.in
Page 157
157
Figure 9 -4 Backup Architecture
Thebackup server manages the backup operations and maintains
the backup database, which contains information about the backup
configuration and backup metadata. The backup configuration contains
information about when to run backups, which client data to be backed up,
and s o on. The backup metadata contains information about the backed up
data.
The role of a backup client is to gather the data that is to be
backed up and send it to the backup server. The backup client can be
installed on application servers, mobile clients , and desktops. It also sends
the tracking information to the backup server.
Media Servers connect to the backup destinations and make it
available to backup clients so that they can send data to the backup target.
In IBM TSM terminology, media servers are referred as Primary Library
Manager and other TSM servers as Library Clients. The media servers
controls one or more backup devices. Backup devices may be attached
directly or through a network to the Media Servers. The Media Servers
sends the tracking information about the data written to the backup device
to the backup server. Typically, this information is used for recoveries. For
example, a media server might be connected to a pool of storage over an
FC network and make that storage available to backup clients over an
SAN.
Aw i d er a n g eo f backup destinations/targets are currently
available such as tape, disk, and virtual tape library. Traditional backup
solutions primarily used tape as a backup destination and modern backup
approaches tend to use disk b ased pools which are shared over SAN or
LAN. Disk arrays can also be used as virtual tape libraries to combine themunotes.in
Page 158
158benefits of Disk and Tape. Now, organizations can also back up their data
to the cloud storage. Many service providers offer backup as a serv ice that
enables an organization to reduce its backup management overhead.
9.8 BACKUP AND RESTORE OPERATIONS
A significant network communication is built between different
components of a backup infrastructure when backup operation is initiated.
The backup operation is typically initiated by a server, but it can also be
initiated by a client. The backup server in itiates the backup process for
different clients based on the backup schedule configured for them. For
example, the backup for a group of clients may be scheduled to start at
11:00 p.m. every day.
Figure 9 -5 Backup Operation
The backup server coordinates the backup process with all the
components in a backup environment (see Figure 9 -5). Here the regularity
of maintaining the backup is run by backup serve r. The backup server
retrieves the backup -related information from the backup catalog and,
based on this information, instructs the storage node to load the
appropriate backup media into the backup devices. Simultaneously, it
instructs the backup clients t o gather the data to be backed up and send it
over the network to the assigned storage node. After the backup data is
sent to the storage node, the client sends some backup metadata (the
number of files, name of the files, storage node details, and so on) to the
backup server. The storage node receives the client data, organizes it, and
sends it to the backup device. The storage node then sends additional
backup metadata (location of the data on the backup device, time of
backup, and so on) to the backup se rver. The backup server updates the
backup catalog with this information.
After the data is backed up, it can be restored when required. A
restore process must be manually initiated from the client. Some backup
software has a separate application for resto re operations. These restoremunotes.in
Page 159
159applications are usually accessible only to the administrators or backup
operators. Figure 10 -6 shows are store operation.
Upon receiving a restore request, an administrator opens the
restore application to view the list of cli ents that have been backed up.
While selecting the client for which a restore request has been made, the
administrator also needs to identify the client that will receive the restored
data. Data can be restored on the same client for whom the restore reque st
has been made or on any other client. The administrator then selects the
data to be restored and the specified point in time to which the data has to
be restored based on the RPO. Because all this information comes from
the backup catalog, the restore a pplication needs to communicate with the
backup server.
Figure 9 -6 Restore Operation
The backup server instructs the appropriate storage node to mount
the specific backup media onto the backup device. Data is then read and
sent to the client that has been identified to receive the restored data. Some
restorations are successfully accomplis hed by recovering only the
requested production data. For example, the recovery process of a
spreadsheet is completed when the specific file is restored. In database
restorations, additional data, such as log files, must be restored along with
the producti on data. This ensures consistency for the restored data.
9.9 BACKUP TOPOLOGIES
There are 4 topologies are used in a backup environment:
1.direct -attached backup
2.LAN -based backup
3.SAN -based backup
4.Mixed backupmunotes.in
Page 160
1601-Direct -attached b ackup :
In the direct connection backup mode, the backup data is directly
backed up from the host to tape, without going through the LAN. The
backup task is initiated by the backup client and directly backs up the data
to the tape device connected to the client. In this model, we cannot
perform centralized management and it is difficult to expand the existing
environment. The main advantage of this backup topology is fast speed,
and tape devices can maximize their own I/O speed. Because t he tape
device is closely connected to the data source and provided exclusively for
the host, the speed of backing up and restoring data can be optimized. The
disadvantage of direct -attached backups is that backups consume host I/O
bandwidth, memory, and C PU resources, so they affect the performance of
the host and its applications. In addition, direct -attached backups have
distance limitations, especially when using short -range connections such
as SCSI. The example in Figure 9 -7 shows that the backup devic e is
directly attached and dedicated to the backup client.
Figure 9 -7 Direct -attached Backup
2-LAN-based backup:
Inthe LAN -based backup mode, the backu p data is backed up
from the host to the tape through the LAN. The backup server acts as a
control center to control all backup tasks (see Figure 9 -8). In this mode, we
can perform centralized management but the high load rate of the LAN
may be a problem be cause all data will pass through the LAN. The main
advantage of this backup topology is the ability to centrally manage
backup and tape resources, thereby improving operational efficiency. The
disadvantage is that the backup process may affect the producti on system,
client network, and applications because it consumes CPU, I/O bandwidth,
LAN bandwidth, and memory.munotes.in
Page 161
161
Figure 9 -8LAN -Based Backup
4-SAN-based bac kup:In the SAN -based backup mode (LAN -Free),
backup data is transferred through the SAN, and the LAN is only used to
transfer metadata. The backup metadata contains information about the
file being backed up, such as the file name, backup time, file size and
permissions, file owner, and tracking information used to quickly locate
and restore data. SAN -based backup optimizes the entire backup process,
including providing optical fiber performance, high reliability, long
distance, no LAN to transmit backup data, no need for a dedicated backup
server, and high -performa nce backup and recovery. This model can
provide better backup performance and more simplified management, but
requires additional investment in facility construction. Figure 9 -9
illustrates a SAN -based backup.
In this example, a client sends the data to b e backed up to the
backup device over the SAN. Therefore, the backup data traffic is
restricted to the SAN, and only the backup metadata is transported over
the LAN. The volume of metadata is insignificant when compared to the
production data; the LAN perf ormance is not degraded in this
configuration.munotes.in
Page 162
162
Figure 9 -9SAN -Based Backup
4-Mixed topology :The mixed topology uses both the LAN -based and
SAN -based topologies, as shown in Figure 9 -10. This topology might be
implemented for several reasons, including cost, server location, reduction
in administrative overhead, and performance considerations.
Figure 9 -10Mixed Backup
9.10 BACKUP IN NAS ENVIRONMENTS
The use of a NAS head imposes a new set of considerations on the
backup and recovery strategy in NAS environments. It heads use a
proprietary operating system and file system structure that supports
multiple file -sharing protocols. In the NAS environment, backups can be
implemented in different ways: server based, server less, or using Network
Data Management Protocol (NDMP).Common implementations are
NDMP 2 -way and NDMP 3 -way.
9.10.1 Server -Based and Serverless Backup
In an application server -based backup , the NAS head retrieves
data from a storage array over the network and transfers it to the backup
client running on the appli cation server. The backup client sends this data
to the storage node, which in turn writes the data to the backup device.
This results in overloading the network with the backup data and using
application server resources to move the backupdata. Figure 9 -11
illustrates server -based backup in the NAS environment.munotes.in
Page 163
163
Figure9 -11 Server Based Backup in NAS environment
In a serverless backup , the network share is mounted dire ctly on
the storage node. This avoids overloading the network during the backup
process and eliminates the need to use resources on the application server.
Figure 9 -12 illustrates server less backup in the NAS environment. In this
scenario, the storage nod e,which is also a backup client, reads the data
from the NAS head and writes it to the backup device without involving
the application server. Compared to the previous solution, this eliminates
one network hop.
Figure9 -12 Serverless Backup in NAS environment
9.10.2 NDMP -Based Backup
NDMP is a protocol designed for efficient NAS backups. It is
similar to serverless backups where the data can be sent directly from th e
NAS device to the backup device without having to pass through a backupmunotes.in
Page 164
164media server. As the amount of unstructured data continues to grow
exponentially, organizations face the daunting task of ensuring that critical
data on NAS systems are protected. Mo st NAS heads run on proprietary
operating systems designed for serving files. To maintain its operational
efficiency generally it does not support the hosting of third -party
applications such as backup clients.
NDMP is an industry -standard TCP/IP -based p rotocol specifically
designed for a backup in a NAS environment. It communicates with
several elements in the backup environment (NAS head, backup devices,
backup server, and so on) for data transfer and enables vendors to use a
common protocol for the bac kup architecture. Data can be backed up
using NDMP regardless of the operating system or platform. NDMP backs
up and restores data without losing the data integrity and file system
structure with respect to different rights and permission in different file
systems. NDMP optimizes backup and restore by leveraging the high -
speed connection between the backup devices and the NAS head. In
NDMP, backup data is sent directly from the NAS head to the backup
device, whereas metadata is sent to the backup server.
The key components of an NDMP infrastructure are NDMP client
and NDMP server. NDMP client is the NDMP enabled backup software
installed as add -on software on backup server. The NDMP server has two
components: data server and media server. The backup operati on occurs as
follows:
Backup server uses NDMP client and instructs the NAS head to
start the backup.
The NAS head uses its data server to read the data from the
storage.
The NAS head then uses its media server to send the data read by
the data server to the backup device
The actual backup data is either directly transferred to backup device
(NDMP 2 -way) or through private backup network (NDMP 3 -way), by the
NAS head.
NDM P2-way (Direct NDMP method) –In this method, the backup
server uses NDMP over the LAN to instruct the NAS head to start the
backup. The data to be backed up from the storage is sent directly to
the backup device. In this model, network traffic is minimiz ed on the
production network by isolating backup data movement from the NAS
head to a locally attached backup device. During the backup, metadata
is transferred via NDMP over the LAN to the backup server. During a
restore operation, the backup server uses NDMP over the LAN to
instruct the NAS to start restoring files. Data is restored from the
locally attached backup device.munotes.in
Page 165
165
Figure9 -13NDMP2 -way Backup
NDMP 3 -way (Remote NDMP method) –In this method, the backup
server uses NDMP over the LAN to instruct the NAS head to start
backing up data to the backup device attached to NAS head. These
NAS devices can be connected over a private backup network to
reduce the impact on the production LA Nn e t w o r k .D u r i n gt h eb a c k u p ,
the metadata is sent via NDMP by the NAS head to the backup server
over the production LAN network. NDMP 3 -way is useful when there
are limited backup devices in the environment. It enables the NAS
head to control the backup d evice and share it with other NAS heads
by receiving backup data through NDMP.
Figure9 -14NDMP3 -way Backupmunotes.in
Page 166
1669.11 BACKUP TARGETS
There are different devices are available for backup targets. Tape
and disk libraries are the two most commonly used backup targets. In the
past, tape technology was the predominant target for backup due to its low
cost. But performance and management limi tations associated with tapes
and the availability of low -cost disk drives have made the disk a viable
backup target.
9.11.1 Backup to Tape
Tapes, a low -cost solution, are used extensively for backup. Tape
drives are used to read/ write data from/to a tape cartridge (or
cassette).Tape drives are referred to as sequential, or linear, access devices
because the data is written or read sequentially. A tape cartridge is
composed of magnetic tapes in a plastic enclosure. Tape mounting is the
process of inserting a tape cartridge into a tape drive. The tape drive has
motorized controls to move the magnetic tape around, enabling the head to
read or write data.
Several types of tape cartridges are available. They vary in size,
capacity, shape, density, tape length, tape thickness, tape tracks, and
supported speed.
Physical Tape Library
A tape library is a high -capacity storage system used for storing,
retrieving, reading from and writing to tape cartridges. A tape library
contains racks of cartridges and multiple tape drives with a robotic system
used for automatically changing tape cartridges. A filing system that uses
a barcode reader or an RF scanner allows the tape library to find the
correct tape to load either for writing or for readi ng.Figure 9 -15 shows a
physical tape library.
Figure 9 -15 Physical Tape Librarymunotes.in
Page 167
167Tape drives read and write data from and to a tape. Tape cartridges
are placed in the slots when not in use by a tape drive. Robotic arms are
used to move tapes between cartridge slots and tape drives. Mail or
import/export slots are used to add or remove tapes from the library
without opening the access doors (refer to Figure 9 -15 Front View).
When a backup process starts, the robotic arm is instructed to load
a tape to a tape drive. This process adds delay to a degree depending on
the type of hardware used, but it generally takes 5 to 10 seconds to mount
a tape. After the tape is mounted, addit ional time is spent to position the
heads and validate header information. This total time is called load to
ready time , and it can vary from several seconds to minutes. The tape
drive receives backup data and stores the data in its internal buffer. This
backup data is then written to the tape in blocks. During this process, it is
best to ensure that the tape drive is kept busy continuously to prevent gaps
between the blocks. This is accomplished by buffering the data on tape
drives. The speed of the tape d rives can also be adjusted to match data
transfer rates.
Tape drive streaming ormultiple streaming writes data from
multiple stream son a single tape to keep the drive busy. As shown in
Figure 9 -16, multiple streaming improves media performance, but it h as
an associated disadvantage. The backup data is interleaved because data
from multiple streams is written on it. Consequently, the data recovery
time is increased because all the extra data from the other streams must be
read and discarded while recoveri ng a single stream.
Figure 9 -16 Multiple streams on tape media
Many times, even the buffering and speed adjustment features of a
tape drive fail to prevent the gaps, causing the “ shoe shining effect ”o r
“back hitching .”Shoe shining is the repeated back and forth motion a tape
drive makes when there is an interruption in the backup data stream. For
example, if a storage node ends data slower than the tape drive writes it to
the tap e, the drive periodically stops and waits for the data to catch up.
After the drive determines that there is enough data to start writing again,
it rewinds to the exact place where the last write took place and continues.
This repeated back -and-forth motio n not only causes a degradation of
service, but also excessive wear and tear to tapes.
When the tape operation finishes, the tape rewinds to the starting
position and it is uncounted. The robotic arm is then instructed to move
the unmountedtape back to th e slot. When a file or a group of files require
restores, the tape must move to that file location sequentially before it canmunotes.in
Page 168
168start reading. This process can take a significant amount of time,
especially if the required files are recorded at the end of the tape. Modern
tape devices have an indexing mechanism that enables a tape to be fast
forwarded to a location near the required data.
Tapes are extensively used for the on -premises and long -term off -
site retention of data. Installing a new tape system tak es a tremendous
investment. We know that tapes are not that costly, but it may be very
expensive to transport the tapes from one data center to the other safely.
9.11.2 Backup to Disk
backup -to-disk has several advantages over trad itional tape backup
for both technical and business reasons .B a c k u p -to-disk systems offer ease
of implementation, reduced cost, speed and improved quality of service.
With continued improvements in storage devices to provide faster access
and higher storag e capacity, a prime consideration for backup and restore
operations, backup -to-disk will become more prominent in organizations.
Some backup products allow for backup images to remain on the
disk for a period of time even after they have been staged. This enables a
much faster restore. Figure 9 -17 shows a recovery scenario comparing
tape versus diskin a Microsoft Exchange environment that supports 800
users with a 75 MBmailbox size and a 60 GB database. As shown in the
figure, a restore from the disk took 24 minutes compared to the restore
from a tape, which took 108 minutes for the same environment.
Figure 9 -17 Tape verses disk restore
Recovering from a full backup copy stored on disk and kept onsite
provides the fastest recovery solution. Using a disk enables the creation of
full backups more frequently, which in turn improves RPO and RTO.
Disk-based backups generally provide better data security than
tape. Physically accessing hard disks contained in a drive array is harder
than gaining access to tapes in cold storage. Physical disks in drive arrays
are usually monitored closely. Furthermore, data contained in disk -based
backups is usually spread across multiple drives in what is called
Redundant Array of Ind ependent Disks (RAID systems). The complete set
of data required to reconstruct a virtual machine or many virtual machines
may be spread across multiple hard disks in the RAID group.munotes.in
Page 169
1699.11.3 Backup to Virtual Tape
A virtual tape lib rary (VTL) is a technology for data backup and
recovery that uses tape libraries or tape drives along with their existing
software for backup. The virtual tape library system emulates the former
magnetic tape devices and data formats, but performs much fas ter data
backups and recovery. It is able to avoid the data streaming problems that
often occur with tape drives as a result of their slow data transfer speeds.
Virtual Tape Library
Avirtual tape library (VTL) has the same components as that of a
physica l tape library, except that the majority of the components are
presented as virtual resources. For the backup software, there is no
difference between a physical tape library and a virtual tape library. Figure
9-18 shows a virtual tape library. Virtual tap e libraries use disks as backup
media. Emulation software has a database with a list of virtual tapes, and
each virtual tape is assigned space ona LUN. A virtual tape can span
multiple LUNs if required. File system awareness is not required while
backing u p because the virtual tape solution typically uses raw devices.
Figure 9 -18 Virtual Tape Library
Similar to a physical tape library, a robot mount i s virtually
performed when a backup process starts in a virtual tape library. However,
unlike a physical tape library, where this process involves some
mechanical delays, in a virtual tape library it is almost instantaneous. Even
theload to ready time is much less than in a physical tape library.
After the virtual tape is mounted and the virtual tape drive is
positioned, the virtual tape is ready to be used, and backup data can be
written to it. Inmost cases, data is written to the virtual tape immediately .
Unlike a physical tape library, the virtual tape library is not constrained by
the sequential access and shoe shining effect. When the operation is
complete, the backup software issues a rewind command. This rewind ismunotes.in
Page 170
170also instantaneous. The virtual tape is then uncounted, and the virtual
robotic arm is instructed to move it back to a virtual slot.
The steps to restore data are similar to those in a physical tape
library, but the restore operation is nearly instantaneous. Even though
virtual tapes are based on disks, which provide random access, they still
emulate the tape behavior.
A virtual tape library appliance offers a number of features that are
not available with physical tape libraries. Some virtual tape libraries offer
multiple emulation engines configured in an active cluster configuration.
An engine is a dedicated server with a customized operating system that
makes physical disks in the VTL appear as tapes to the backup
application. With this feature, one engine can pick up the virtual resource s
from another engine in the event of any failure and enable the clients to
continue using their assigned virtual resources transparently.
Data replication over IP is available with most of the virtual tape
library appliances. This feature enables virtual tapes to be replicated over
an inexpensiveIP network to a remote site. As a result, organizations can
comply with offsite requirements for backup data. Connecting the engines
of a virtual tape library appliance to a physical tape library enables the
virtua l tapes to be copied onto the physical tapes, which can then be sent
to a vault or shipped to an offsite location.
9.12 DATA DEDUPLICATION FOR BACKUP
Traditional backup solutions do not provide any inherent capability
to prevent du plicate data from being backed up. Earlier back up leads to a
lot of duplicate data. Backing up duplicate data results in unnecessary
consumption of resources, such as storage space and network bandwidth.
Deduplication is also one of the Storage Capacity O ptimization
techniques which will identify the duplicate data and making sure that
duplicate data is not stored again. Storage systems that implement
deduplication technique achieve this by inspecting data and checking
whether copies of the data already ex ist in the system. If a copy of this
data already exists, instead of storing additional copies, pointers are used
to point to the copy of the data.
For example, a typical email system might contain 50 instances of
the same 2 MB file attachment. If the emai l platform is backed up or
archived, all 50 instances are saved, requiring 100 MB storage space. With
data deduplication, only one instance of the attachment is actually stored;
each subsequent instance is just referenced back to the one saved copy
reducin g storage and bandwidth demand to only 2 MB.
Technologies, such as data deduplication, improves storage
efficiency and reduces the amount of data that needs to be transmitted over
the network. This not only enhances backup speed but also frees up space
for additional files, which in turn leads to significant cost savings over
time. By eliminating duplicate copies, dedupe optimizes storage capacity,munotes.in
Page 171
171increases on -appliance retention and reduces the landing zone space
required for backups.
9.12.1 Data Deduplication Methods
There are two methods of deduplication:
1.File level deduplication
2.Subfile leveldeduplication
1-File-level deduplication: File-level deduplication, also called Single -
Instance storage, compares files to be archived with the ones already
stored. It detects and removes redundant copies of identical files. While
storing a file, its attributes are checked against an index, if it is unique, it is
stored, and if not, only a pointer (stub) is created to an existing similar file.
This is simple and fast but does not address the problem of the duplicate
content within the file.
2-Subfile deduplication: Sub-file deduplication breaks t he file into
smaller chunks (contiguous blocks of data) and then uses a specialized
algorithm to detect redundant data within and across a file. As a result, it
eliminates duplicate data across files. There are 2 methods of sub -file
deduplication:
Fixed -Length block: In this process, a file is divided into fixed -length
blocks, and a hash algorithm is used to find redundant data.
Variable -Length Segment: It’s an alternative that divides a file into
chunks of different sizes leading to dedupe efforts to achi eve better
results.
9.12.2 Data Deduplication Implementation
Deduplication for backup can be implemented in 2 ways:
1.Source -Based Data Deduplication
2.Target -Based Data Deduplication
1-Source -Based Data Deduplication
In this scenario deduplication performed on client side i.e. before it
transmitted By processing the data before transmitting we can reduce the
transmitted amount of data and therefore it reduces the network bandwidth
and this less bandwidth is required fo r the backup software.
Deduplication on source side uses the engine at client side which checks
for the duplication against the deduplication index which is located on the
backup server. This is done with the help of the backup agent who is
aware of the d eduplication which is located at the client side and who is
responsible for backs up only unique data or blocks. And those unique
blocks of data will be transmitted to the disk. The result of this kind of
technology i.e. source based deduplication improves bandwidth as well as
the storage utilization. Figure 9 -19 shows source -based data deduplication.munotes.in
Page 172
172
Figure 9 -19 Source -based data deduplication
Source -based deduplication increases the overhead on the backup
client, which impacts the performance of the backup and application
running on the client.Source -based deduplication might also require a
change of backup software ifit is not supported by bac kup software.
2-Target -Based Data Deduplication
Target -based deduplication, sometimes referred to as hardware -
based deduplication or Destination side deduplication which is widely
used in current backup environments. In target -based deduplication, the
processof deduplication occurs on the target machine, such as a
deduplicating backup appliance. These appliances tend to be purpose -built
appliances with their own CPU, RAM, and persistent storage (disk). This
approach relieves the host (source) of the burde n of deduplicating, but it
does nothing to reduce network bandwidth consumption between source
and target. It is also common for deduplicating backup appliances to
deduplicate or compress data being replicated between pairs of
deduplicating backup applianc es.Figure 9 -20 shows target -based data
deduplication.
Some manufacturers now tout the ability to deliver source and
target -based deduplication under a single management framework. In this
scenario, all backup workloads are controlled and optimized from a single
console and a common disk storage appliance maintains all the backup
data. While this seems like the logical progression for architecting
deduplication into data center environments, it has not been deployed on
the same scale to date as homogenous s ource and target -based solutions.munotes.in
Page 173
173
Figure 9 -20Target -based data deduplication
9.13 BACKUP IN VIRTUALIZED ENVIRONMENTS
In a virtualized environment, it is vital to back up the virtual
machine data (OS, application data, and configuration) to prevent its loss
or corruption due to human or technical errors. There are two approaches
for performing a backup in a virtualized en vironment: the traditional
backup approach and the image -based backup approach.
In the traditional backup approach , a backup agent is installed
either on the virtual machine (VM) or on the hypervisor. Figure 9 -21
shows the traditional VM backup approach. If the backup agent is installed
on a VM, the VM appears as a physical server to the agent. The backup
agent installed on the VM backsup the VM data to the backup device. The
agent does not capture VM files, such as the virtual BIOS file, VM swap
file, log s, and configuration files. There fore, for a VM restore, a user
needs to manually re -create the VM and then restore
data onto it.
If the backup agent is installed on the hypervisor, the VMs appear
as aset of files to the agent. So, VM files c an be backed up by performing
a file system backup from a hypervisor. This approach is relatively simple
because it requires having the agent just on the hypervisor instead of all
the VMs.The traditional backup method can cause high CPU utilization on
theserver being backed up.munotes.in
Page 174
174
Figure 9 -21 Traditional VM Backup
In the traditional approach, the backup should be performed when
the server resources are idle or during a low activity period on the
network. Also consid er allocating enough resources to manage the backup
on each server when a largenumber of VMs are in the environment.
Image -based backup operates at the hypervisor level and
essentially takes a snapshot of the VM. It creates a copy of the guest OS
and all the data associated with it(snapshot of VM disk files), including
the VM state and application configurations. The backup is saved as a
single file called an “image,” and this image is mountedon the separate
physical machine –proxy server, which acts as a b ackup client.The backup
software then backs up these image files normally. (see Figure 9 -22).This
effectively offloads the backup processing from the hypervisor and
transfers the load on the proxy server, thereby reducing the impact to VMs
running on the hypervisor. Image -based backup enables quick restoration
of a VM.
Figure 9 -22Image -based Backupmunotes.in
Page 175
175The use of deduplication techniques significantly reduces the
amount of datato be backed up in a virtualized environment. The
effectiveness of deduplicationis identified when VMs with similar
configurations are deployed in a datacenter. The deduplication t ypes and
methods used in a virtualized environment are the same as in the physical
environment.
9.14 DATA ARCHIVE
Data is accessed and modified at varying frequencies between the
time it is created and discarded. Some data frequent ly changes, for
example, data accessed by an Online Transaction Processing (OLTP)
application. Another category of data is fixed content, which defines data
that cannot be changed. X -rays and pictures are examples of fixed content
data. It is mandatory for all organizations to retain some data for an
extended period of time due to government regulations and
legal/contractual obligations. Some examples of fixed content asset
include electronic documents, e -mail messages, Web pages, and digital
media. Ar e p o s itory where fixed content is stored is known as an archive.
It can be implemented as online, near line, or offline based on the
means of access:
Online archive: The storage device is directly connected to the
host to make the data immediately available. T his is best suited for
active archives.
Nearline archive : The storage device is connected to the host and
information is local, but the device must be mounted or loaded to
access the information.
Offline archive: The storage device is not directly connected,
mounted, or loaded. Manual intervention is required to provide this
service before information can be accessed.
An archive is often stored on a write once read many (WORM)
devices, such as a CD -ROM. These dev ices protect the original file from
being overwritten. Some tape devices also provide this functionality by
implementing file locking capabilities in the hardware or software.
Archives implemented using tape devices and optical disks involve many
hidden c osts. The traditional archival process using optical disks and tapes
is not optimized to recognize the content, so the same content could be
archived several times. Additional costs are involved in offsite storage of
media and media management. Tapes and o ptical media are also
susceptible to wear and tear.
Content addressed storage (CAS) is disk -based storage that has
emerged as an alternative to tape and optical solutions. CAS meets the
demand to improve data accessibility and to protect, dispose of, and
ensure service -level agreements(SLAs) for archive data.munotes.in
Page 176
1769.15ARCHIVING SOLUTION ARCHITECTURE
Archiving solution architecture has three key components:
archiving agent, archiving server, and archiving storag e device (see Figure
9-23).An archiving agent is software installed on the application server.
The agent is responsible for scanning the data that can be archived based
on the policy defined on the archiving server. Next data is identified for
archiving, i t is sent to the archiving server by the agent. Then the original
data on the application server is replaced with a stub file, which contains
the address of the archived data. The size of this file is small and
significantly saves space on primary storage, & is used to retrieve the file
from the archive storage device.
Figure 9 -23 Archiving solution architecture
An archiving server is software installed on a host that enables
administrators to configure the policies for archiving data. Policies can be
defined based on file size, file type, or creation/ modification/access time.
The archiving server receives the data to be archived fr om the agent and
sends it to the archive storage device.
An archiving storage device stores fixed content. Different types of
storage media options such as optical, tapes, and low -cost disk drives are
available for archiving.
9.16SUMMARY
Abackup is an additional copy of production data, created and
retained for thesole purpose of recovering lost or corrupteddata. Data
archiving is the process of moving data that is no longer actively
used,from primary storage to a low -cost secondary storage. Backu p
granularity depends on business needs and the required RTO/RPO.Based
on the granularity, backups can be categorized as full, incremental
andcumulative. Hot backup and cold backup are the two methods
deployed for a backup.A backup system commonly uses the client -server
architecture with a backup server and multiple backup clients.Three basicmunotes.in
Page 177
177topologies are used in a backup environment: direct -attached
backup,LAN -based backup, and SAN -based backup. NDMP is an industry -
standard TCP/IP -based protocol specifica lly designedfor a backup in a
NAS environment.
9.17REVIEW QUESTIONS
1.What is backup? What are purposes of backups?
2.What are backup considerations? Explain in detail.
3.Explain different backup granularity levels in detail.
4.Explain methods deployed for a ba ckup in detail.
5.Explain Backup Architecture with diagram.
6.Explain Backup operation with diagram.
7.Explain restore operation with diagram.
8.Explain different backup topologies in detail.
9.Explain Server -Based and Serverless Backup in detail.
10.Explain NDMP -Based Backup with diagram.
11.Explain backup to tape in detail.
12.Explain backup to disk in detail.
13.Explain backup to virtual tape in detail.
14.What is Data deduplication? Explain different data deduplication
methods.
15.How backup is done in Virtualize d Environments?
16.What is data archive? How it can be implemented?
17.Explain Archiving Solution Architecture with diagram.
9.18REFERENCES
Information Storage and Management: Storing, Managing, and
Protecting Digital Information in Classic, Virtualized, and C loud
Environmentsby Somasundaram Gnanasundaram and Alok
Shrivastava, 2ndEdition Publisher: John Wiley & Sons.
https://cloudian.com/guides/data -backup/data -archive/
https://cloudian.com/guides/data -backup/data -backup -in-depth/
https://www.mycloudwiki.com/san/backup -methods/
https://spanning.com/blog/types -of-backup -understanding -full-
differential -incremental -backup/
https://www.oo -software.com/en/different -methods -for-data-backups
https://helpcenter.veeam.com/docs/backup/vsphere/backup_architectur
e.html?ver=110
https://www.jigsawacademy.com/blogs/cloud -
computing/deduplication/
munotes.in
Page 178
178Unit IV
10
LOCAL REPLICATION
Unit Structure
10.0 Objectives
10.1 Introduction
10.2 Uses of Local Replicas
10.3 Data Consistency
10.3.1 Replicated file system consistency
10.3.2 Replicated database consistency
10.4 Local Replication Technologies
10.4.1 Local Replication with Host -Based
10.4.1.1 Replication with LVM -Based
10.4.1.2 Advantages of LVM -Based Replication
10.4.1.3 Limitations of LVM -Based Replication
10.4.1.4 File system snapshot
10.4.2 Local Replication with Storage Array -Based
10.4.2.1 Full Volume Mirroring
10.4.2.2 Pointer -Based
10.4.2.3 Full -Volume Replication
10.4.2.4 Pointer -Based Virtual Replicat ion
10.4.2.5 Network -Based Virtual Replication
10.4.3 Continuous Data Protection (CDP)
10.4.3.1 Local Replication Operations
10.4.3.2 Tracking changes to source and Replica restore
10.4.3.3 Creating multiple Replicas
10.5 Summary
10.6 Review Questions
10.7 Referencesmunotes.in
Page 179
17910.0 OBJECTIVES:
This chapter would make you understand the following concepts:
●Local replication and the uses of local replicas
●Data Consistency considerations when replicating file systems and
databases
●Different replication technologies: Host -based and Array -based
●Creating multiple replicas
10.1 INTRODUCTION:
In this digital environment data storage and management are
becoming more complex. It is difficult for organization to adopt real time
data integration s trategies and will help for better management of large
volumes of complex data. The primary aim of the replication is to improve
data availability and accessibility with the help of cloud storage.
Data Replication is used for creating one or more exact copies of
storage database as well as for the purpose of fault tolerance. Replication
provides recoverability and restart ability.
Recoverability is a service that enables the restoration of remote
machine data with the help of cloud -based system. To avoid database loss
or database corruption we used the recoverability service in cloud storage.
It gives a business recover from any disaster, for the purpose of recovery
time objective (RTO) and recovery point objective (RPO) as part of their
disaster recovery plan. Replication is the process of reproducing data and
Replica is the exact copy.Replication can be classified into two major
categories namely Local Replication and Remote Replication. Local
Replication is the replicating data within the same array or the same data
center.
Source Replica (Target)
Figure: 10.1 Local ReplicationREPLICATIONmunotes.in
Page 180
18010.2 USES OF LOCAL REPLICAS:
●Alternate source for backup
For the backup purpose local replica maintains exact point -in-time
(PIT) copy of the source database. The various operations and services
are available for backup.
●Fast Recovery
If data corrupt and loss on the source side then local replica can be
used to recover the corrupted or lo ssy data.
●Decision support
Reporting is the main aim in Decision support which will reduce the
input/output pressure on the production device.
●Testing Platform
If the test gives the successful result, then upgradation can be
implemented on the production s ide.
●Data migration
Data migration is for smaller capacity of data to larger capacity of
data.
10.3 DATA CONSISTENCY
Consistency ensures the usability of replica. It can be achieved
with the various ways for file system and database before creating the
replica. Consistent replica ensures that the data buffered in the host is
captured on the disk when the replica is created.
The data staged in the cache and not yet committed to the disk
should be flushed before taking the replica. Storage array operating
environment takes care of flushing its cache before the replication
operation is started.
10.3.1 Replicated file system consistency
File system is two types namely offline and online. Offline file
system is Un -mount file system while Online file system is flushing host
buffers.munotes.in
Page 181
181
Figure 10.3.1: File System replication
Buffer data in host memory of the file system is useful to improve
application response time.
Data writ ten periodically with the help of buffered information in
to the disk. In Unix operating systems, the sync daemon is the process
where it flushes the buffer data into the disk at the given intervals and
some -times in between the given intervals replica may be created,
Therefore the use of host memory buffer is it flushed to ensure data
consistency on the replica, before its creation.
In the figure 10.3.1 shows the flushing of buffer to its source,
which is then replicated. If the host memory buffers, are not flushed, data
on the replica will not contain the information that was buffered in the
host. Data is automatically mounted to the replica and buffers would be
flushed. File system replication process is completed, the replica file
system can be useful for different operations.
10.3.2 Replicated database consistency
Database consistency is of two types offline and online. Offline
database consistency will give the result shutdown database and Online
database system will give two types of result a) Using dependent write
input and output principles b) Holding input and outputs to source before
creating replica.
Database can be stored in various files, file systems as well as
various devices. The aim of replicated consistently is to ensure that the
replica is restorable and restart -able.munotes.in
Page 182
182
Figure 10.3.2 Dependent write consistency on sources
If the database is offline then there is no operations of input and
output, no updates will occur during offline so replic a will be consistent.
If the database is online then there is availability of input and
output operations. Whenever transaction occurs the database will also be
updated continuously. In online mode database backup is also consistent
when the changes made to the database. It requires additional steps for
taking backup and restore. We can do these backup process automatically
for reducing human error and alleviating administrative work. Most of the
database support online or hot backups. When the database is in the hot
backup mode, there will be increased logging activity of that time.
Steps/sequence of operations in a hot backup mode.
1)To issue a database checkpoint to flush buffers to disk and place
the database in hot backup mode.
2)Copy of Point -in-time (PIT) is taken out for the hot backup mode.
3)Logs are collected and then applied to the replica to restore the
database consistently.
Figure 10.3.2 shows the process of flushing the buffer from host to source:
Input/Outputs. The proce sses 1 to 4 must be complete, if the transaction to
be completed successfully. Input/Output 4 is depending on Input/Output 3
will give the result only after completing the process 3. Input/Output 3 is
depending on Input/Output 2, which will be depend on In put/Output 1.
Each Input/Output completes only after completion of the previous
Input/Outputs.munotes.in
Page 183
183Dependent write Input/Output Principle
●Dependent Write: A write input/output that will not be issued by an
application until a prior related write input/output has completed.
●Logical dependency, not a time dependency
●Inherent in all database management systems (DBMS)
●E. g. page (data) write is dependent write Input/output based on a
successful log write
●Necessary for protection against local outages
●Power failures create a dependent write consistent image
●A restart transforms the dependent write consistent to transitionally
consistent
▪i.e. Commi tted transactions will be recovered, in -flight
transaction will be discarded.
During replica creation all the writes to the source devices are get
captured on the replica devices for ensuring data consistency.
Figure 10.3.3 shows the process of replication from source to replica,
Input/Output processes 1 to 4 must be carried out for the data to be
consistent on the replica.
Figure 10.3.3 Dependent write consistency on r eplica
Point -in-Time (PIT) copy for multiple devices created very
quickly. Input/Output transaction 3 and 4 were copied to the replica
devices, bout input/output transactions 1 and 2 were not copied. In this
case, the data on the replica is not consistent with the data on source. If the
data associated with the transaction will be not available on replica, then
replica must be inconsistent.
Another method to ensure the consistency is to make sure that
write Input/Output to all sources devices is held duri ng the creation of
replica. This creates a consistent image on the replica. If the input/output
munotes.in
Page 184
184operation is held for too long time then databases and applications can
time out automatically.
10.4 LOCAL REPLICATION TECHNOLOGIES
There are two major techno logies for Local Replication namely,
1) Host -Based
Example of Host -Based local replication technologies are file
system replication and LVM (Logical Volume managers) -Based
replication.
2) Storage -based
Full-volume mirroring, Pointer -based full -volume re plication and
pointer -based virtual replication can be implemented with the help of
Storage array -based replication.
10.4.1 Local Replication with Host -Based
LVM -based replication and file system (FS) replication are two
common methods of host -based loca l replication
10.4.1.1Replication with LVM -Based
●In Logical Volume managers (LVM) -Based replication, the logical
volume manager is responsible for creating and controlling the host -
level logical volumes. Logical Volume managers has three
components: Physical Volumes (Physical disk), volume groups, and
logical volumes. A volume group is created by grouping one or more
physical volumes. Logical volumes are created within a given volume
group. A volume group can have multiple logical volumes. Logical
Volume Manag ers-Based replication, each logical block in a logical
volume is mapped to two physical blocks on two different physical
volumes. An application write to a logical volume is written to the two
physical volumes by the Logical Volume Managers device drivers.
This is known as LVM mirroring. Mirrors can be split, and the data
contained therein can be independently accessed.munotes.in
Page 185
185
Figure 10.4.1.1 LVM -Based Replication
10.4.1.2 Advantages of LVM -Based Replication
LVM -Based Replication technology is not dependent on vendor
specific storage system. It is a part of the operating system and does not
require any additional license to deploy the LVM applications.
10.4.1.2Limitations of LVM -Based Replication
An application generated write translates into two writes on the
device. i.e. disk, because of these writes the additional burden on the host
CPU will come and effect of this burden will decrease the application
performance. There are two volume groups, we can use only one host
group a t any given time. To trace the changes to the mirrors is challenging
in LVM. Performing incremental synchronization operation is challenging
in LVM. Replica and the source both groups are stored on the same
volume group, so replica itself may not available if there is an error in the
both volume group.
If server fails, then both replica as well as source both volume
groups are not available until the server will come back in online mode.
10.4.1.4 File system snapshot
File system snapshot is pointer -based replica. It requires a fraction
of space used by the original file system. It can be used FS itself or for
LVM. It uses the principle Copy on First Write (CoFW).While creating a
snapshot, a block -map and a bitmap are created in the metadata on the
snapshot file system. The use of bitmap is to keep track of blocks that are
changed on the production file system after creation of the snapshot. The
use of block -map is for addressing purpose where data is to be read whenmunotes.in
Page 186
186the data is accessed from the snapshot fi le system. If the bit is ‘zero’ then
the read operation is directed to the production file system. If the bit is
‘one’ then the block address is got from block -map and data is read from
that address.
10.4.2 Local Replication with Storage Array -Based
Array operating environment performs the local replication
process. Host resources (CPU, Memory) are not useful in the replication
process. For Business operation an alternate host is used for replica which
is useful for replica for accessing the data. Sto rage-array -based replication
process, number of replica devices required, it must be selected on the
same array and then data is replicated between source -replica pairs.
Database is divided over multiple physical volumes and to ensure all
replicated device s must be consistent PIT copy of the database.
Figure 10.4.2 Storage -array -based replication
Figure 10.4.2 shows source and target storage array based local replication
are in the same array and accessed by the different hosts. Storage -array -
based local replication is get categorized in following ways.
●Full Volume Mirroring
●Pointer -Based Full Volume replication
●Pointer -Based virtual replication
●Replica devices is also known as target devices; which is accessed by
Business operation Host.
10.4.2.1 Full Volume Mirroring
Figure 10.4.2.1 (a): Full volume mirroring with source attached to
replicamunotes.in
Page 187
187The production host is attached to the source and then
establishment of replica of the source is automatically generated. Data
which is exist on source is get copied into target or replica. Source and the
replica is on the same storage array. Whenever data is get updated on
source it is automatically updated on target as well. Both source and target
data is identical data. Target is also known as mirror of the source so it is
known as replica. During synchronization, target is attached to the source,
that t ime target is not available to any other host. Only production host can
have accessed to the source.
Figure 10.4.2.1 (b) Full volume mirroring with source detached from
replica
After completion of the synchroniz ation step, then the target
detached from the source and is available for the Business continuity
operations or any other host as well. The figure shows the full volume
mirroring when the target is detached from the source. Source and target
get accessed f or the operations namely read and write by the production
host. After splitting source and target it will be the Point -in-time(PIT)
copy of the source. The source is detached from the target that Point -in-
time (PIT) of a replica is determined by that time.
Example If the point -in-time for the target is 5.00 pm it means the
detachment from source to target time is also 5.00 pm
Changes of source and replica can be tracked, after detachment of
each point -in-time. In full volume mirroring, during synchronizati on
process, the target is not accessible, till detachment from the source host.
If database is large then it will take longer time.
10.4.2.2 Pointer -Based full Volume Replication
It is an alternative method to full volume mirroring where data is
management is done by using pointers. Data is generated in bitmap for
keeping track. It provides full copies of source data on the target. No need
to wait for data synchronization to and de tached of. Activation time is
defines with the help of PIT copy of source.
Pointer -Based replication can be activated by different ways.
1.Copy on First Access (CoFA) mode
2.Full copy mode
In both mode, the activation time created a protection bitmap for all
data on the source devices.munotes.in
Page 188
188Source is already having a data which is being mirror into a replica
where target which is not being used.
Figure 10.4.2.2 Copy on first access (CoFA) –Write to source
So original data is copied from source to replica. In case of new
data is coming from source that time target is also update the data. So that
full mirroring is done. While updating or coping data the source is waiting
until all data is get copied from source to targ et.
Figure 10.4.2.2 Copy on first access (CoFA) –read from target
Read operation request from the Business host to the target at first
time access after the transaction activation the replication process start ed.munotes.in
Page 189
189i.e. data is copied from the source to the target so that it will be available
to host.
Write operation instructions given to the target that time the
replication process started and the data is get copied from source to the
target. After completion o f this process, new data which is updated on the
target get copied from source to replica.
In both read and write operation, protection bit for that block is
reset. It shows the data has been copied from source to the target. Pointer
to the data on the so urce side is get discarded.
Copy operation will not work during read and write operation on
the same data block. so copy operation do not triggered so introduce the
term Copy on First Access.
Incase of replication Process termination, then the target device
has all data that we can access till termination, that time not able to access
entire data of the source at the point -in-time. Data on the target cannot be
used as well as cannot be restore. I t is not a full replication at source side.
Full copy mode, the name states all data is get copied from source
to the target on backend side. If no need of accessing of data required for
entire data is get copied block at the target side.
Entire data fr om the source is copied to the target in full copy
mode. During process of replication termination, target side will have
entire data from source side at the point -in-time of activation. This means
the target is a responsible for recovery, restore and othe rb u s i n e s s
continuity operation.
Figure 10.4.2.2 Copy on First Access (CoFA) –write to targetmunotes.in
Page 190
190The main difference between pointer based full copy mode and full
volume mirroring is that the target is accessible immediately after the
activation of transaction in full copy mode. Opposite of that, one has to
wait for the process of synchronization and detachment to access the target
in full -volume mirroring.
10.4.2.3 Full -Volume Replication
Pointer -based full volu me replication and full volume mirroring
both technologies require the target devices as large as source devices.
In both technologies in full copy mode can provide incremental
resynchronization or restore capacity.
10.4.2.4 Pointer -Based Virtual Replica tion
In case of pointer based virtual replication, the target contains
pointer which is pointing to the location of data where data at the source
side.
Target does not contain data. Target is also known as virtual
replica.
Pointer based virtual replicati on, the data which is available at
source device, protection bitmap is created. Granularity can range from
512 byte blocks to 64 KB blocks or more.
During write operation, that time data is get copied to the
predefined area in the array. This area is also known as store location.
The pointer at the target side is updated that time address of data is
get saved on location. After this process the next action of write is updated
on the source side.
munotes.in
Page 191
191
Figure 10.4.2.4a) Pointer -Based virtual replication –write to source
For write operation instructions issued to the target first time after
the activation of sessi on. Original data is get copied from source to the
location data. Pointer is get updated at the location where data is saved.
One more copy of the original data is get created at the location where
data is get saved before the new write instruction is ge tu p d a t e do nt h e
location where data is get saved.
Figure 10.4.2.4 b) Pointer -based virtual replication –write to targetmunotes.in
Page 192
192Read instruction issued to the target, data will not change the data
blocks because of so urce read operation when the session activation.
CoFW technology is useful for pointer based virtual replication. Write
operation on the same data block is not trigger a copy operation on the
same data block at source or target side. Combined data view at target side
for unchanged data of the source side and the data which is saved at
location side. Invalidates the data of the target side as there is no
availability of source devices.
10.4.2.5 Network -Based Virtual Replication
In network -based replication, the process of replication occurs at
the network layer. Replication between two devices i.e. from server and
the storage system. From server and the storage systems, network -based
replication can work for a large volume of servers and the storage systems.
It will work for different heterogeneous environments. Mostly used
network -based replication technique is continuous data protection (CDP).
10.4.3 Continuous Data Protection (CDP)
Continuous data protection is a solution for network -based
replication. I t provides the capacity to restore the data at virtual machine
platforms. It will not work like traditional data loss and recovery system,
in traditional data protection, limited number of recovery of data occurs
and in case of loss, the system can be roll back only to the last available
recovery point.
Continuous Data Protection is opposite of transitional data loss and
recovery. It tracks all the changes to the production volumes and maintains
consistent point -in-time. CDP is useful for local as well as r emote
replication of data. Data can be replicated more than two sites using
synchronous and asynchronous replication. CDP supports the duplication,
compression (WAN optimization techniques) to reduce bandwidth
requirements, and also optimal utilization of bandwidth.
10.4.3.1 Local Replication Operations
CDP Components
1)Journal volume –It uses to store the data which has changed on the
production volume at the time of replication process activated.
Journal contains metadata and data with the operation rollback and
recovery points.
The space required for Journal is get configured by using how far back
the recovery point can go.
2)CDP appliance –It is an intelligent hardware platform which work on
CDP software and manages local and remote data replication.
3)Write splitter –It is useful to write the server or host and it splits each
write into two copies. Write splitting work at host or storage system
level.munotes.in
Page 193
193
Figure 10.4.3.1 Continuous D ata Protection Local and remote
replication operation
CDP local and remote replication operations working model will
use the different CDP components like write splitter for the use of
deployment at the se rver level.munotes.in
Page 194
194In CDP replication replica is synchronized with the source side,
and then the process of replication is initialized. After the process of
replication initialization, all the writes are get divided into two copies from
the source i.e. product ion volume.
One copy is sent to the source site at local CDP appliance and the
another one is sent to the production volume, after sending the copy the
next step is at source site, local appliance writes the data to the journal and
then data in turn is w ritten to the local replica.
If the stored file is accidently corrupted or deleted then local
journal enables to recover the application data at the point in time.
The local and remote replication operations are similar in network -
based CDP replication.
Comparison of Local Replication Technologies
Parameter Full-volume
mirroringPointer -based
full-volume
replicationPointer -based
virtual
replication
Performance
impact on
source sideNo impact CoFA mode -
Some impact
Full copy –no
impactVery high
impact
Size of target At least the same
as the source sideAt least the
same as the
source sideSmall fraction
of the source
side.
Accessibility
of source for
restorationNot required CoFA mode -
required
Full copy -not
requiredRequired
Accessibility
to targetOnly after
synchronization
and detachment
from the sourceImmediately
accessibleImmediately
accessible
10.4.3.2 Tracking changes to source and Replica restore
The main aim of local replication is point -in-time copy for data
recov ery and restore operations, during recovery and restore operations the
target must be updated.
At the time of replica creation, the bitmap is created at block of
data. One bit per block of data. Bit of the source and target is set to ‘zero’.
Updating at the source or target side then flagged by setting the
appropriate bit to ‘one’ in the bitmap block data.munotes.in
Page 195
195Different operations like resynchronization and restore requires
then the source bitmap and target bitmap is operated using the Logical O R
operation.
All bitmap block data is also get modified either at source or target
side. It enables the copy of replica of all blocks between the source and
target side. Data movement is depend on the resynchronization or the
restore operations.
If resyn chronization, then changes to the target are overwritten
with the corresponding blocks data from the source. In the given diagram
block no 3,4 and 8 on the target from the left side.
If restore, then updated data to the source are overwritten with the
corresponding blocks data from the target. In the given diagram block 1,4
and 6 on the source.
In both the operations (resynchronization or restore) changes of
data to the source side or the target side cannot be simultaneously
happened.
Figure 10.4.3.2 Tracking changes
10.4.3.3 Creating multiple Replicas
In Storage -array -based replication Process source devices are used
to maintain replication relationships with multiple targets. Changes at
source side made firs t and then each target side can be tracked.
Incremental resynchronization of the target enabled. Point -in-time copymunotes.in
Page 196
196can be used for various Business Continuity operations and at the time of
restore operation.
Figure shows an example where copy is created every six hours
from the same source.
If the data on the source side is get loss or corrupted then the data
can be restore from the latest Point -in-Time copy.
Storage -Array -based replication process also enables the creation
of multiple concurrent Point -in-time replicas. All replicas will contain the
same data. One or more of the replicas can be set aside for the restore and
recovery operations. Other replicas a re used for the decision support
activities.
Figure 10.4.3.3 Multiple replicas created at different point -in-time
10.5 SUMMARY
This chapter gives detailed study about local replication which
contains local repl ication terminology, uses of local replication, Replica
consistency, Consistency of a replicated file systems and database. Host
based local replication, LVM based replication its advantages as well as
limitations. Storage array -based local replication wit hf u l l -volume
mirroring, pointer -based, full -volume replication, Pointer -based virtual
replication, network -based local replication. Continuous data protection,
CDP, local replication operation, tracking changes to source and replica,
creating multiple rep licas.
10.6 EXERCISES
1) Discuss Local replication technologies in detail.
2) What is the importance of recoverability and consistency in local
replication?munotes.in
Page 197
1973) What are the considerations for performing backup from a local
replica?
4) Discuss about mul tiple replica
5) What are the uses of a local replica in various business operations.
10.7 REFERENCES:
Information storage and management: storing, managing and
protecting digital information in Classic, Virtualized an d Cloud
Environments, EMC author, by Joh Wiley and Sons 2ndedition 2012.
https://books.google.co.in/books?id=PU7gkW9ArxIC&printsec=frontcove
r&dq=information+storage+and+management&hl=en&newbks=1&newbk
s_redir=1&sa=X&ved=2ahUKEwjjx_nakNPxAhWy4zgGHWUpCjcQ6A
EwAHoECAsQAg
https://books.google.co.in/books?id=sCCfRAj3aCgC &printsec=frontcover
&dq=information+storage+and+management&hl=en&newbks=1&newbks
_redir=1&sa=X&ved=2ahUKEwjjx_nakNPxAhWy4zgGHWUpCjcQ6AE
wAXoECAIQAg
https://www.youtube.com/watch?v=H0T6a2ok6zw
❖❖❖❖
munotes.in
Page 198
19811
REMOTE REPLICATION
Unit Structure
10.0 Objectives
11.1 Introduction
11.1.1 Modes of remote replication
11.2 Remote Replication Technologies
11.2.1 Remote Replication with Host -based
11.2.2 Remote Replication with LVM -Based
11.3 Host -Based Log Shipping
11.4 Storage Array -Based Remote Replication
11.4.1 Remote Replication with Synchronous Replication Mode
11.4.2 Remote replication with Asynchronous Replication Mode
11.4.3 Disk -Buffered Replication Mode
11.4.4 Network -Based Remote Replication Mode
11.4.5 CDP Remote Replication
11.5 Three -Site Replication
11.5.1 Three -Site Replication –Cascade/Multi -hop
11.5.2 Three -Site Replication –Synchronous + Asynchronous
11.5.2 Three -Site Replication –Synchronous + Disk Buffered
11.5.3 Three -Site Replication –Triangle/Multitarget
11.5.4 Data Migration Solution
11.5.5 Remote Replication and Migration in a Virtualized
Environment
11.6 Summary
11.7 Review Questions
11.8 References
11.0 OBJECTIVES:
This chapter deals with remote replication processes of creating
replicas with reference to the remote locations. To study the remote
replication may be either synchronous or asynchronous, Replication
occurs occur in the three different places namely host or server, storage
array, or in the network.munotes.in
Page 199
19911.1 INTRODUCTION:
The process in which creating repli cas of information assets at
remote location is called as Remote replication. Organizations mitigate the
risk related to regionally driven outages resulting from human -made or
natural disasters using remote replicas. It can also be used in business
operati ons like that of local replicas. The source is the infrastructure where
the information assets are stored at primary site whereas target is referred
to the infrastructure where the replica is stored at the remote site. Source
hosts or target hosts are the hosts that access the source or target
respectively. In this chapter we will study about various remote replication
technologies, with the important steps to plan and design proper remote
replication solutions. Also, this chapter describes network requirem ents
and management considerations in the remote replication process.
Concepts -
1) Synchronous and Asynchronous Replication
2) LVM Based Replication
3) Host based Log Shipping
4) Disk -Buffered Replication
5) Three -Site Replication
11.1.1 MODES OF REMOTE R EPLICATION
1)Synchronous
2)Asynchronous
Synchronous Replication –
The process of copying data over a local area network (LAN) or
storage area network (SAN) or wide area network (WAN) so that there are
many copies of the data. It writes data to the primary and secondary sites
at the same time so that data remains current between the sites. Writes
must be executed by the source and the target, before declaring “write
complete” to the host. Until each preceding write has been completed and
acknowledged , additional writes on the source cannot occur which also
ensures data replicates all time and is identical on the source. After this the
writes are sent to the remote locations exactly in the same order in which
they were received by the source. Thus, wri te order is always maintained.
If there is a failure of the source site, it provides zero or nonzero RPO and
lowest RTO.
But with any kind of synchronous remote application, the
application response increases. The distance between the sites, available
bandwidth, and infrastructure of network connectivity decides the degree
of impact on the response time. The distance over which the synchronous
replication can be deployed depends on application’s ability to tolerate
extension in response time. Mostly, it is deployed for range of less than
200 KM (125miles) between two sites.munotes.in
Page 200
200
Figure 11.1 Synchronous Replication
11.2 REMOTE REPLICATION TECHNOLOGY
Remote replication of data can be organised by the storage arrays
or the hosts. There are a few other options which include special
appliances to replicate data over the SAN or the LAN, and replication on
storage arrays over SAN.
Figure 11.2 Asynchronous Replication
11.2.1 Remote Replication with Host -Based
In this type of remote replication, it uses one or many components
of the host to manage and perform the operations. There are two basic
ways to advance towards host -based remote replication : Database
replicatio n ( via log shipping) and LVM based replication.munotes.in
Page 201
20111.2.2 Remote Replication with LVM Based
This type of replication is managed and performed at volume
group levels. Firstly it writes to the source volumes and then transmits to
the remote host by LVM. After this the LVM on the remote host recieves ,
writes and then commits them to the remote volu me groups.
Before the starting of the application , identical volume groups, logical
volumes and files systems are created at source and target sites. Initially
the coordination of the data between source and replica can be performed
in many different way s. One of them is to have backup the source data to
tape and then restore the data to the remote replica. Another option is , it
can be performed by replicating over IP network. Upto completion of the
initial synchronization, production work on the source volumes is
naturally paused. After synchronization, production work can be resumed
on the source volumes and replication of the data can be achieved on the
existing standard IP network.
Figure 11.2.2 LVM -based Remote Replication
Both synchronous and asynchronous modes of data transfer are
supported by LVM -based remote replication. In asynchronous mode,
writes are line up in a log file at the source and then sent to the remote
host in respective order in which they were received. The size of log file
regulates the RPO at the remote site. In case of network failure, writes
continue to gather in the log file. In case if the log file gets filled before
the failure is determined, then a full resynchronization is re quired upon
network availability. In case of a failure at source site, using the data on
the remote replicas, applications can be started again on the remote host.munotes.in
Page 202
202LVM -based remote replication removes the need for SAN
infrastructure. It is independent of t he storage arrays and types of disks at
remote sites and source. Most of the operating systems are shipped with
LVMs, so that supplementary licenses and specific hardware are not
required.
The replication process makes an addition overhead on the host
CPU s. The CPU resources which are there on the source host are shared
between replication tasks and applications, may cause performance
deprivation of the application.
As remote host is involved in the replication process, it has to be
uninterruptedly active and available. Particularly in the case of
applications using federated databases, LVM -based remote replication is
not accurate to the mark.
11.3 HOST -BASED LOG SHIPPING
Database replication via log shipping which is supported by most
of the databases i sah o s t -based replication technology. Inside logs
transactions to the source database are captured, and then periodically sent
by the source host to the remote host. The logs are then received by the
remote host and applied to the remote database.
Before starting the production work and replicating of log files, all
appropriate component of the source database are replicated to remote site.
The process is done when the source database is shut down.
In the next step, the production work is started on sour ce database.
The remote database is started on a standby mode. The database is not
available for transactions in standby mode. Few executions allow reading
and writing from standby database.
All DBMS’ s switch log files are configured before time intervals,
or when a log file is saturated. The present log file is shut down at the time
of log switching and a new log file is opened. When there is a log switch,
the log which was shut down gets sent from so urce host to remote host.
The remote host receive the log and updates standby database.
The procedure ensures that the standby database is reliable till the
end of the log. RPO at the remote site is limited and rest on on the size of
the log and occurrenc e of log switching. Provided that the network
bandwidth, latency and rate of update available, and frequency of log
switching should be considered when defining the best size of the log file.munotes.in
Page 203
203
Figure 11.3 Host -Based Log Shipping
As the source host doesn’t provide each and every update and
buffer them, this alleviates the burden on the source host CPU. The
existing standard IP network, same as that of LVM -Based remote
replication can be used for replicating log fil es. Host -based log shipping
does not rule accurate, mainly in the case of applications using federated
databases.
11.4 STORAGE ARRAY BASED REMOTE
REPLICATION
In storage array -based remote replication, the array operating
environment and resources perform and oversee information replication.
This soothes the weight on the host computer chips, which can be better
used for running an application. A source and its imitation gadget dwell on
various capacity exhibits. In different executions, the capacity regul ator is
utilized for both the host and replication responsibility. Information can be
communicated from the source stockpiling cluster to the objective
stockpiling exhibit over a common or a devoted organization.
Replication between clusters might be acte d in coordinated,
asynchronous, or circle cushioned modes. Three -site far off replication can
be carried out utilizing a blend of coordinated mode and offbeat mode, just
as a mix of simultaneous mode and circle cradled mode.
11.4.1 Remote Replication with Synchronous Replication Mode
In array based synchronous remote replication, composes should
be focused on the source and the objective before recognizing "compose
total" to the host. Extra composes on that source can't happen until eachmunotes.in
Page 204
204previous compose h as been finished and recognized. The cluster based
coordinated replication measure is displayed in Figure 11.4.1.
Figure 11.4.1 a) Array -based synchronous remote replication
On account of coordinated replicatio n, to upgrade the replication
cycle and to limit the effect on application reaction time, the compose is
put on store of the two clusters. The savvy stockpiling exhibits can de -
stage these keeps in touch with the fitting plates later.
On the off chance that the replication joins fizzle, replication is
suspended; in any case, creation work can proceed with continuous on the
source stockpiling cluster. The cluster working climate can monitor the
composes that are not sent to the far -off c apacity exhibit. At the point
when the organization joins are re -established, the gathered information
can be communicated to the far -off capacity exhibit. During the hour of
organization interface blackout, if there is a disappointment at the source
site,some info will be disappeared and the RPO at target will be non -zero.
For Synchronous remote replication, network bandwidth equivalent to or
larger than maximum written workload between the sites should be
provided every time. Figure 14 -6 demonstrates the write workload
(expressed in MB/s) overtime. The “Max” line indicated in Figure 14 -6
demonstrates the required bandwidth that must be provided for
synchronous replication. Bandwidths less than max write workload result
in an intolerable upsurge in applica tion response time.munotes.in
Page 205
205
Figure 11.4.1 b) Network bandwidth requirement for synchronous
replication
11.4.2 Remote Replication with Asynchronous Replication Mode
In exhibit based offbeat far off replication mode, dis played in
Figure 11.4.2, a compose is focused on the source and quickly recognized
to the host. Information is supported at the source and communicated to
the distant site later. The source and the objective gadgets don't contain
indistinguishable informat ion consistently. The information on the
objective gadget is behind that of the source, so the RPO for this situation
isn't zero.
Like coordinated replication, asynchronous replication composes
are set in store on the two exhibits and are later de -arrange d to the suitable
circles.
Figure 11.4.2 a) Array -based asynchronous remote replicationmunotes.in
Page 206
206A few executions of asynchronous far -off replication keep up with
compose requesting. A period stamp and succession number are appended
to each compose when it is gotten by the source. Composes are then
communicated to the far -off exhibit, where they are focused on the far -off
copy in the specific request in which they were buffered at the source.
This certainly ensures consis tency of information on the far -off imitations.
Different executions guarantee consistency by utilizing the ward compose
standard inborn to most DBMSS. The composes are supported for a
predefined timeframe. Toward the finish of this length, the support is shut,
and another cradle is opened for ensuing composes. All writes in the shut
cushion are sent together and focused on the far -off copy.
Figure 11.4.2 b) Network bandwidth requirement for asynchronous
replicat ion
Asynchronous remote replication gives network data transfer
capacity cost savings, as just transfer speed equivalent to or more
noteworthy than the normal compose responsibility is required, as
addressed by the "Normal" line in Figure 14 -8. During tim es when the
compose responsibility surpasses the normal transmission capacity,
adequate cushion space must be arranged on the source stockpiling exhibit
to hold these composes.
11.4.3 Disk -Buffered Replication Mode
Disk-buffered replication is a mix of ne arby and far off replication
technology. A predictable PIT neighbourhood copy of the source gadget is
first made. This is then repeated to a distant reproduction on the objective
exhibit.
The grouping of activities in a circle cradled distant replication is
displayed in Figure 11.4.3. Toward the start of the cycle, the organization
joins between the two clusters are suspended and there is no transmission
of information. While creation application is running on the source gadget,
a reliable PIT neighbourhoo d copy of the source gadget is made. Themunotes.in
Page 207
207organization joins are empowered, and information on the nearby
reproduction in the source exhibit is communicated to its distant imitation
in the objective cluster. After synchronization of this pair, the organizat ion
connect is suspended and the following nearby copy of the source is made.
Alternatively, a neighbourhood PIT reproduction of the distant gadget on
the objective exhibit can be made. The recurrence of this pattern of tasks
relies upon accessible connect ion transmission capacity and the
information change rate on the source gadget.
Figure 11.4.3 Disk -buffered remote replication
Exhibit based replication innovations can follow changes made to
the source and target gadgets. Thus, all resynchronization activities should
be possible gradually.
For instance, a nearby imitation of the source gadget is made at
10:00 AM and this informa tion is sent to the far -off copy, which requires
one hour to finish. Changes made to the source gadget after 10:00 AM are
followed. Another imitation of the source gadget is made at 11:00 AM by
applying track changes between the source and neighbourhood
reproduction (10:00 AM duplicate). During the following pattern of
transmission (11:00 AM information), the source information has moved
to 12:00 PM The neighbourhood copy in the far -off cluster has the 10:00
AM information until the 11:00 AM information is effectively sent to the
distant imitation. In the event that there is a disappointment at the source
site preceding the fulfilment of transmission, then, at that point the most
pessimistic scenario RPO at the far -off site would be two hours (as the
distant site has 10:00 AM information).
11.4.4 Network Based Remote Replication Mode
For the Network Based Remote replication mode, the replication
occurs at the network layer between the server and the storage systems. By
divesting replication from server and s torage systems, network -basedmunotes.in
Page 208
208replication can work across a huge number of server platforms and storage
systems, making it perfect for extremely diverse surroundings. One of the
most widely used Network based replication technique is the Continuous
Data Pr otection (CDP).
11.4.5 CDP Remote Replication
Figure 11.4.5 CDP Remote Replication
Continuous data protection (CDP) is a network -based replication
key which delivers the ability to restore data and VMs to a ny preceding
PIT. Traditional data protection technologies offer a restricted number of
retrieval points. Suppose there is a data loss, system can be moved back to
the preceding accessible retrieval point. However, CDP paths all the
variations to the produ ction volumes and regulates constant point -in-time
images.
This is how the CDP is made to restore data to any previous PIT.
CDP is supported by both the local and the remote replication of data and
VM to meet fu nctioning and adversity recovery respectively. In CDP
application, data can be replicated to additional sites using synchronous
and asynchronous replication. CDP chains various WAN optimization
techniques (deduplication, compression) to decrease bandwidth
necessities, and also optimally uses the accessible bandwidth.
11.5 THREE -SITE REPLICATION
In synchronous and asynchronous replication, below usual
circumstances the load is successively at the source site. Processes at the
source site will notbe interru pted by any disappointment to the target site
or to the network used for replication. The replication process resumes as
soon as the link or target site issues are resolved. The source site endures
to function deprived of any remote protection. If disappoi ntment happens
at the source site through this time, RPO will be extended.munotes.in
Page 209
209In synchronous replication, source and target sites are typically
within 200KM (125 miles) of to each other. Henceforth, in the occurrence
of a regional disaster, both the source an d the target sites could turn out to
be inaccessible. This leads to extended RPO and RTO because the past
recognized decent copy of data would have to come from alternative
source, such as offsite tape library. Regional disaster will not disturb the
target site in asynchronous replication, as the sites are naturally kilometres
apart.
If the source site be unsuccessful, production can be transferred to
the target site, but there will be no remote protection till the let -down is
determined.
Three -sitereplication is used to ease the dangers recognized in
two-site replication. In three -site replication, data from the source site is
replicated to two remote data centres. Replication can be synchronic to
one of the two data centres, providing a zero RPO so lution. It can be
asynchronous or disk buffered to the other remote data centre, providing a
limited RPO. Three -site remote replication can be applied as a
cascade/multi -hop or a triangle/multi -target solution.
11.5.1 Three -Site Replication -Cascade/Multi -Hop
In the cascade/multi -hop mode of replication, data streams from
source to transitional storage array, known as a bunker, in the initial hop
and then from a bunker to a storage array at a remote site in the next hop.
Replication amongst the source and t he bunker occur synchronously, but
replication between bunker and remote site can be attained in two ways:
disk-buffered mode or asynchronous mode.
11.5.2 Three -Site Replication -Synchronous+ Asynchronous
This method services a combination of synchronous and
asynchronous remote replication technologies. Synchronous replication
happens between the source and the bunker. Asynchronous replication
occurs between the bunker and the remote site. The remote replica inside
the bunker performs as the source for th e asynchronous replication to
generate remote replica at the remote site. Figure 11.5.2 a) demonstrates
the synchronous + asynchronous method.munotes.in
Page 210
210
Figure 11.5.2 a) Three -site replication with synchronous +
asynchrono us
RPO on the remote site is generally on the instruction of minutes in
this application. In this method, at least of three storage devices are
mandatory (including the source) to replicate one storage device. The
devices comprising a synchronous remote r eplica at the bunker and the
asynchronous replica at the remote are the additional two devices.
Suppose if there is tragedy at the source, processes are
unsuccessful over to the bunker site with zero or near zero data damage.
Unlike the synchronous two -site situation, there is still remote protection
available at the third site. The RPO among the bunker and third site can be
on the order of minutes.
If there is a tragedy at the bunker site or if there is a network link
disappointment between the source and bunker sites, the source site will
remain to operate as normal but deprived of any remote replication. This
situation is very similar to two -site replication when a
disappointment/tragedy occurs at the target site. The apprises to the
remote site canno t occur due to the disappointment in the bunker site.
Hence, the data at the remote site keeps dropping behind, but the
advantage here is that if the source miss the mark during this time,
operations can be continued at the remote site. RPO at the remote s ite rest
on on the time difference between the bunker site disappointment and
source site disappointment.
A regional disaster in three -site cascade/multi -hop replication is
identical to a source site disappointment in two -site asynchronous
replication. Op erations will failover to the remote site with an RPO on the
order of minutes. There is no remote protection till the regional tragedy is
determined. Local replication technologies could be used at the remote site
during this time.munotes.in
Page 211
211If a disaster occurs at the remote site, or if the network links
between the bunker and the remote site be unsuccessful, the source site
remains to work as normal with disaster recovery protection provided at
the bunker site.
11.5.2 Three -Site Replication -Synchronous + Disc Bu ffered
This method services a mixture of local and remote replication
technologies.
Synchronous replication occurs between the source and the bunker:
A constant PIT local replica is formed at the bunker. Data is conducted
from the local replica at the bunker to the remote replica at the remote site.
A local replica can be formed at the re mote site after data is established
from the bunker. Figure 11.5.2 b) illustrates the synchronous + disk
buffered method.
In this technique, atleast four storage devices are mandatory
(including the source) to replicate one storage device. The remaining t hree
devices are the synchronous remote replica at the bunker, a steady PIT
local replica at the bunker, and the replica at the remote site. RPO at the
remote site is regularly in the order of hours in this application. For
example, if a local replica is c reated at 10:00 am at the bunker and it takes
an hour to conduct this data to the remote site, variations made to the
remote replica at the bunker since 10:00 am are traced. Therefore only one
hour’s worth of data has to be resynchronized between the bunke ra n dt h e
remote site during the subsequent cycle. RPO in this case will also be two
hours, alike to disk -buffered replication.
Figure 11.5.2 b) Three -site replication with synchronous + disk
bufferedmunotes.in
Page 212
212The proc edure of making the consistent PIT replica at the bunker
and incrementally informing the remote replica and the local replica at the
remote site occurs uninterruptedly in a cycle. This procedure can be
automatic and controlled from the source.
11.5.3 Thre e-Site Replication -Triangle/Multitarget
In this three -site triangle/multi -target replication, data at the source
storage array is simultaneously replicated to two dissimilar arrays. The
source -to-bunker site (target 1) replication is synchronous, with a n ear-
zero RPO. The source to remote site (target 2) replication is asynchronous,
with an RPO of minutes. The distance between the source and the remote
site could be miles away. This type of configuration does not depend on
the bunker site for informing dat a on the remote site, because data is
asynchronously derivative to the remote site directly from the source.
The important benefit of three -site triangle/multi -target replication
is the capability to failover to whichever of the two remote sites in the ca se
of source site disappointment, with tragedy recovery (asynchronous)
protection between them. Resynchronization between the two persisting
target sites is incremental. Tragedy retrieval protection is always available
in the occurrence of any one site dis appointment.
During normal operations all three sites are accessible and the load
is at the source site. At any given prompt, the data at the bunker and the
source is alike.
The data at the remote site is overdue data at the source and the
bunker. The re plication network links between the bunker and remote sites
will be in place but not in practice. Thus, during normal operations there is
no data drive between the bunker and remote arrays. The alteration in the
data between the bunker and remote sites are tracked, so that in the event
of a source site tragedy, operations can be continued at the bunker or the
remote sites with incremental resynchronization between the sites.
11.5.4 Data Migration Solution
Specialized replication techniques are Data migrati on and mobility
solution, it is useful to enable or creating remote PIT copies. These copies
help for data migration, mobility, content distribution and disaster
recovery. Data migration solution gives the result of moves data between
various heterogeneous storage arrays. Data may move from one array to
the other array over SAN or WAN. This technology is useful for
application and server operating system which is independently because
the replication operations are performed by any one storage array.
Data mobility refers to moving data between various
heterogeneous storage arrays for performance, cost or other reason. In
push operation data move from the array (control) to the remote array, that
time control devices are act like a source, while remote devic ei st a r g e t .I n
pull operation, data is moved from the remote array to the control array tomunotes.in
Page 213
213the remote device, that time remote device act like the source, and the
control device is the target.
Data migration solutions perform push and pull operations for data
movement.
Remote replication and migration in a virtualized environment are
the data migration solution. Virtual migration is a process where
movement of virtual machines from one hypervisor to another virtual
machines without power cutting at the virtual machines.
11.5.5 Remoter replication and migration in a virtualized
environment
In a virtualized environment, all Virtual Machine data and VM
configuration file residing on the storage array of the primary s ite are
replicated to the storage array at the remote site. This process is visualized
to the Virtual Machines. The Logical unit numbers are get replicated
between the two sites using the storage array replication methodology. It
may be either synchronous for limited distance, near to zero RPO or
asynchronous for more distance, non -zero RPO.
Virtual Machine migration is a technique used for ensuring
Business Continuity for the hypervisor failure or for maintenance which is
scheduled. It is also useful for load balancing at the time of multiple
virtual machines are running on the same hypervisor.
There are two commonly used techniques for virtual migration
namely hypervisor -to-hypervisor and array -to-array migration
Figure 11.5.5 a) Hypervisor -to-hypervisor VM migrationmunotes.in
Page 214
214
Figure 11.5.5 b) Array -to array VM migration
11.6 SUMMARY
This chapter gives the detail study of remote replication. Remote
replication enable s various business operations to the rapidly restarted at a
remote site. Replica of the source data as well as target site which is useful
for backup and testing purpose. It is also helping for data repurposing.
Examples are report generation, decision sup port, and data warehousing.
By using remote replication ensuring the improvements in production
performance at the source.
Remote replication is also useful for data center migrations,
without much disturbance to the production operations because the
applications accessing where the source data is not at all affected.
Chapter also describes the different types of remote repli cation
solutions: the distance between the primary site and the remote site which
replication technology solutions for deploy with synchronous and
asynchronous replications.
11.7 EXERCISES
1)What is remote replication? Explain in detail modes of remote
replication.
2)Discuss about remote replication technologies
3)Give the difference between synchronous replication mode and
asynchronous replication mode.munotes.in
Page 215
2154)Discuss the effects of a bunker failure in a three -site replication for the
following implementation:
a)Multi drop -synchronous + disk buffered
b)Multidrop –synchronous + asynchronous
c)Multi -target
5)Discuss the remote replication and migration in a virtualized
environment solution.
11.8 REFERENCES:
Information storage and management: storing, managing and
protect ing digital information in Classic, Virtualized and Cloud
Environments, EMC author, by Joh Wiley and Sons 2ndedition 2012.
https://books.google.co.in/books?id=PU7gkW9ArxIC&printse c=frontcove
r&dq=information+storage+and+management&hl=en&newbks=1&newbk
s_redir=1&sa=X&ved=2ahUKEwjjx_nakNPxAhWy4zgGHWUpCjcQ6A
EwAHoECAsQAg
https://books.google.co.in/books?id=sCCfRAj3aCgC&printsec=frontcover
&dq=information+storage+and+management&hl=en&newbks=1&newbks
_redir=1&sa=X&ved=2ahUKEwjjx_nakNPx AhWy4zgGHWUpCjcQ6AE
wAXoECAIQAg
❖❖❖❖
munotes.in
Page 216
21612
CLOUD COMPUTING
Unit Structure
Objectives
12.1 Introduction
12.1.1 Cloud Enabling Technologies
12.2 Characteristics of Cloud Computing
12.3 Benefits of Cloud Computing
12.4 Cloud Service Models
12.4.1 Infrastructure -as-a-Service
12.4.2 Platform -as-a-Service
12.4.3 Software -as-a-Service
12.5 Cloud Deployment Models
12.5.1 Public Cloud
12.5.2 Private Cloud
12.5.3 Community Cloud
12.5.4 Hybrid Cloud
12.6 Cloud Computing Infrastructure
12.6.1 Physical Infrastructure
12.6.2 Virtual Infrastructure
12.6.3 Applications and Platform Software
12.6.4 Cloud Management and Service Creation Tools
12.7 Cloud Challenges
12.7.1 Challenges for Consumer
12.7.2 Challenges for Providers
12.8 Cloud Adoption Considerations
12.9 Summary
12.10 Review Questions
12.11 References
12.0 OBJECTIVES
Cloud computing is a model for on demand network access with
the help of computing resources like networks, storage, servers,munotes.in
Page 217
217applications and services, which can be use with various services with
minimal economy scale.
12.1 INTRODUCTION
Cloud computing is the services provided on computing devices
which requires network of remote servers hosted on internet with the
various services like server s, storage, software, networking, databases,
analytics and intelligence on the internet (“the cloud”) for faster
innovation, allocation of flexible resources as well as economies of the
scale.
In short Cloud computing is useful for manipulating, configuri ng
and accessing the various applications online. It also gives the services
like online data storage, infrastructure and various applications.
Cloud refers to Internet or Network. Cloud is something which is
present at remote location.
Computing refers to service provider over network. May be Public
or Private networks.
12.1.1 CLOUD ENABLING TECHNOLOGIES
Grid computing, virtualization, utility computing, service -oriented
architecture are the various enabling technologies of cloud computing.
●Grid comput ing–It is emerging enabling technology. Useful for
distributed systems and the network or Internet. At the same time,
it enables to work on heterogeneous computers in a network for
working together on a single task. It is also known as parallel
computing . Grid computing is best for large workloads.
●Utility computing –It is a service provider model. As per the
requirement of the customer Service provider prepares computing
resources available to the customer, charges depending on the
demand services and u sage.
●Virtualization –It is a technique which allows to share single
physical instance of an application or resource among multiple
organizations or customers. It works on multiple operating system
and applications on the same server at the same time.
Virtualization is the process of creating a virtual or logical view of
a server operating system, a storage device or networking services.
The technology uses in virtualization is known as a virtual machine
monitor (VM).
●Service Oriented Architecture (SOA) –It provides a various
service that can communicate with each other on the network.
Various services work together to run various activities.munotes.in
Page 218
21812.2 CHARACTERISTICS OF CLOUD COMPUTING
1.On Demand self -service –Various services like email, server service
orapplication network can be provided without requiring any
interaction with each service provider.
Cloud service providers gives the services on demand self -services
like Microsoft, IBM and saleforce.com, Amazon Web Service.
2.Broad Network Access –Cloud ca pabilities and capacity are available
over the network and we can access through standard mechanism that
promote use by different heterogeneous clients like mobile phones,
laptops.
3.Resource pooling –Service providers resources get pooled to serve
multipl e consumer requirements with different physical and virtual
resources, dynamically assigned and reassigned to consumer demand.
Resources consist of storage allocation, processing, network
bandwidth and memory.
4.Rapid elasticity –To the consumer, the capab ilities available for
provisioning often appear to be unlimited and can be appropriated in
any quantity at any time.
Capabilities can be elastically provisioned and released, in some cases
automatically, to scale rapidly outward and inward commensurate wi th
demand.
5.Measured service: Cloud systems automatically control and optimize
resource use by leveraging a metering capability at some level of
abstraction appropriate to the type of service (e.g. storage, processing,
bandwidth and active user accounts).
Resource usage can be monitored, controlled, and reported providing
transparency for both the provider and consumer of the utilized
service.
12.3 BENEFITS OF CLOUD COMPUTING
Cloud computing offers the following benefits:
●Reduced Infrastructure cost –Cloud services can be purchased
which is based on pay -as-per-usage or subscription pricing. This
reduces or eliminates the consumer’s IT capital expenditure.
●Business Agility -Cloud computing provides the capability to
allocate and scale computing capaci ty. Cloud computing reduces the
time and cost to deploy the new applications and services from
months to minutes. It enables the businesses to respond more quickly
to market changes and reduce time -to-market.munotes.in
Page 219
219●Flexible scaling –One of the major benefits o f cloud computing for
any business which has opted cloud computing can increase or
decrease the bandwidth as per requirement.
●High availability –Cloud computing has the capacity to ensure
resource availability at varying levels depending on the consumer ’s
demand.
12.4 CLOUD SERVICE MODELS
Cloud service models consist of three types Infrastructure -as-a-
Service (IaaS), Platform -as-a-Service (PaaS) and Software -as-a-Service
(SaaS).
12.4.1 Infrastructure -as-a-Service: Service includes provision of
hardwa re and software for processing, the data storage, networks and any
required infrastructure for deployment of operating systems and
applications which would normally be needed in a data -center managed by
the user.The consumer does not manage or control the underlying cloud
infrastructure but has control over operating systems and deployed
applications and possibly limited control of select networking components
e.g host firewalls.
IaaS is the base layer of the cloud services stack. It serves as the
foundati on for both SaaS and PaaS layers.
Amazon Elastic Compute Cloud (Amazon EC2) is an example of IaaS that
provides scalable compute capacity, on -demand, in the cloud. It enables
consumers to leverage Amazon’s massive computing infrastructure with
noup-front capital investment.
Figure 12.4.1 Infrastructure -as-a-Servicemunotes.in
Page 220
22012.4.2 Platform -as-a-Service –PaaS is a cloud offering that provides
infrastructure for development and deployment of applications. It pr ovides
the middleware, development tools, and artificial intelligence to create
powerful applications. PaaS services gives the bundled together with the
network infrastructure and storage services. With PaaS we can enables
faster time to market, multiplatf orm development and easy collaboration.
Figure 12.4.2 Platform as a Service
12.4.3 Software -as-a-service -SaaS is a model in which software
provides the services on demand of the consumer. It is known as softw are
+ services as well as it is also known as on -demand software and web -
hosted or web -based software. SaaS application are usually used by the
user with the help of web browser. SaaS has a model for various business
applications like messaging software, p ayroll processing of employees,
CAD software, accounting software, customer relationship management
(CRM), DBMS software, Enterprise resource planning (ERP), Geographic
information systems (GIS), management information systems (MIS) and
many more various a pplications.
Figure 12.4.3 a) Software as a Service(SaaS Model)munotes.in
Page 221
221
Figure b): SaaS cloud
Table: IaaS, PaaS and Saas
munotes.in
Page 222
22212.5CLOUD DEPLOYMENT MODELS
Cloud computing is classified into four different deployment
models namely public, private, community and hybrid. Cloud Deployment
models provide the services on the basis of how cloud infrastructure is
organised and usage of it.
12.5.1 Public cloud –In a public cloud model, cloud infrastructure is
provision for the general public usage. It may be manged, owned and
operated by a business academic, or government organization, or some
combination of them. It exists on the premises of the cloud service
provider.
Consumers can use the various cloud services offered by the
providers via the Internet and pay as per usage charges or subscription
fees. The main advantage of public cloud is its less capital cost with high
scalability. For consumers, these benefits come with few risks where no
control over the various infrastructure or resources in the cloud, the
network performance, security of confidential data and interoperability
problem may occur. Examples of public cloud service provi ders are
Google, Amazon and Saleforce.com all these business community uses
public cloud that provides various cloud services to organizations and
individuals.
Figure 12.5.1 Public Cloud
12.5.2 Private Cloud –In private cloud model, cloud infrastructure is
provision for the exclusive use by the individual organization for multiple
consumers.
Example It may use for owned, managed and operated by the
various business community or organization, where third partymunotes.in
Page 223
223involvement or few combinations of them. There are two different
variations to the private cloud model namely On -premise private cloud
and Externally hosted private clouds.
a)On-premise private cloud –It is also known as internal cloud, which
is hosted by an organization within its own data centers. It is useful for
management or standardization of various cloud service processes as
well security. It is having limitations about size and resource
scalability. It is very useful for the organization which req uire
complete control over their applications, configurations of
infrastructure and security purpose.
b)Externally hosted private cloud –This type of private cloud is useful
for hosting the externals to business organizations. It may be managed
by third par ty as well. Third party organization gives the various
facilities an exclusive cloud environment for a specific organization
with full guarantee of confidentiality and privacy.
Figure 12.5.2 On -Premise and externally hosted private clouds.
12.5.3 Community Cloud –In community cloud the various services
provision for infrastructure for exclusive use by a specific community of
consumers from various business organizations that ha ve shared with
various services like security requirements, compliance considerations,
policy etc. It can be owned, managed and operated by one or more of the
organizations in the community, a third party or combination of both as
well. It is cost effectiv e because cloud is shared in various organizations or
a community. It is compatible with every user so it is scalable and flexible.munotes.in
Page 224
224Security is more in community cloud as compare to public cloud but less
secure than the private cloud. In Community cloud sl ow adaptation of
data. It may be not good choice for some organization. Responsibilities of
sharing among organizations is very difficult.
Example: Government organization in India may share the computing
infrastructure in the cloud to manage data.
Figure 12.5.3 Community cloud
12.5.4 Hybrid Cloud –In hybrid cloud model, It is a combination of two
or more cloud infrastructure may be private, public or community. Hybrid
cloud = public cloud + private cloud. These combination of public and
private create a unified, automated, and well managed computing
environment. The activities which are critical are performed by private
cloud whereas non -critical activities are performed by public cloud.
Hybrid cloud is useful i n finance, universities and healthcare centers. It is
secure because of private cloud and flexible because of public cloud. It is
cheaper than private cloud. It helps in cost cutting with the parameter as
infrastructure and application support. It accepts all demands of company
related with need of space, memory and system. Networking issues ,
Reliability and Infrastructure compatibility are the issues in Hybrid cloud.
Examples of hybrid cloud are Microsoft, Google, Amazon, Cisco
and NetApp.
Figure 12.5.4 Hybrid cloudmunotes.in
Page 225
22512.6 CLOUD COMPUTING INFRASTRUCTURE
It is a collection of software as well as hardware that gives the five
essential characteristics of cloud computing. Cloud computing
infrastructure consist of various layers:
●Physical Infrastructure
●Virtual Infrastructure
●Applications and platform software
●Cloud management and service creation tools
12.6.1 Physical Infrastructure –The physical infrastructure consists of
physical computing resources, which include physical servers, storage
systems and networks. Physical servers are connected to each other, to the
storage systems, and to the clients with the help of networks, such as FC
SAN, IP, IP SAN, or FCoE networks. Cloud service providers may use
physical computing resources from one or more data centers to provide
services. Computing resources are get distributed across various data
centers, connectivi ty must be established between them.
12.6.2 Virtual Infrastructure –Cloud service provider employ
virtualization technologies to build a virtual infrastructure layer on the top
of the physical infrastructure.
Virtualization enables fulfilling some of th e cloud characteristics,
such as resource pooling and rapid elasticity. It helps to reduce the cost of
providing the cloud services. Some cloud service providers may not have
completely virtualized their physical infrastructure, but they are adopting
virtualization for better efficiency and optimization.
12.6.3 Applications and Platform Software –This layer includes a suite
of business applications and platform software, such as the operating
system and database. Platform software provides the environment on
which business applications can run i.e. VM. Applications and platform
software are hosted on virtual machines to create SaaS and PaaS. For
SaaS, both the application and platform software are provided by cloud
service providers. In case of PaaS, only the platform software is provided
by cloud service providers; consumers export their applications to the
cloud. In short Software platform service get provided by cloud.
12.6.4 Cloud Management and Service Creation Tools –The cloud
management and service creation tools, this layer consists of three types of
software;
1) Physical and virtual infrastructure management software
2) Unified management software
3) User -access management software
All these three types of software interact with each other for the
provision of cloud servicesmunotes.in
Page 226
2261)Physical and virtual infrastructure management software –The
physical and virtual infrastructure management software is offered by
the vendors of various infrastructure resources and third -party
organizations. Example a st orage array has its own management
software. Similarly, network and physical servers are managed
independently using network and compute management software
respectively. This software provides interfaces to construct a virtual
infrastructure from the phys ical infrastructure. It depends on vendor’s
perspective or third party perspective.
2)Unified management software –Unified management software
interacts with all standalone physical and virtual infrastructure
management software. It collects information on the existing physical
and virtual infrastructure configurations, connectivity and utilization.
Unified management software compiles this information and provides
a consolidated view of infrastructure resources scattered across one or
more data centers. It allows an administrator to monitor performance,
capacity and availability of physical and virtual resources centrally.
Unified management software provides a single management interface
to configure physical and virtual infrastructure and calculate both
CPU, memory, network, and storage pools. By using configuration
commands to respective physical and virtual infrastructure
management software, which executes the instructions. The main
function of unified management software is to automate the creation of
cloud services. It enables administration to define service attributes
like power of CPU, memory, storage capacity, bandwidth of network,
name and description of applications and resource location, platform
software and backup policy. If any request comes from consumer’s
side then the unified management software it will create a service
based on the pre -defined service parameters.
3)User-access management software –It is web -based user interface to
consumers. Consumers can use the browsing the service catal ogue and
request cloud services. The user -access management software
authenticates users before forwarding their request to the unified
management software. It is useful to monitor allocation or utilization
of resources associated to the cloud service inst ances. On the basis of
allocations of resources, it generates a charge back report. It is useful
for consumer and the service provider.munotes.in
Page 227
227
Figure 12.6 Cloud infrastructure layers
12.7 CLOUD CHALLENGES
Cloud compu ting is associate with cloud service, consumer and
service providers and all of them have been facing few challenges.
12.7.1 Challenges for Consumers
Cloud services providers gives the usage of multiple data security,
while consumers may not be able to tr ansfer control of business data
which is critical to the cloud. Cloud services providers are using multiple
data centers which are located at different countries to give the cloud
services, These data get replicated or move between different data centers
for high availability and for load distribution services, where as consumers
may not be able to give these services. Some of the cloud service
providers give the options to the consumers to select the location for
storing their data. It may create problem i n data protection as well as data
privacy concerns and regulatory compliance requirements like EU data
protection directive and U.S. safe harbor program, it may create adaptation
of cloud computing challenges for the consumers. Cloud services may not
suppo rt for consumer’s desired expectations to run the applications on
cloud, might be because of highly specialized or not compatible operating
system, programming languages which is required to develop or run the
applications. Vendor lock -in option may occur difficulties for consumers
when they want to change their cloud service provider. High migration
cost while moving the data from one service provider to the another, cost
effect may also the challenge for consumers.munotes.in
Page 228
22812.7.2 Challenges for Providers
Cloud service providers might not provide every time the various
service levels. Most of the software vendors does not have cloud -ready
software licensing model. Few software vendors give the standardized
cloud license with high cost as compared to the tra ditional licensing cost.
Cloud software licensing complexity may cause the challenges while
deploying the software at vendor’s side in the cloud. Cloud resources are
get distributed and service demands also changes as per vendor’s
requirement so cloud serv ice providers have the provision of physical
resources for peak demand of all vendors or consumers and to calculate
the actual of the services which is going to provide by service provider.
Agreement between the cloud service providers and the tenant of mu ltiple
clouds may create a challenge.
12.8 CLOUD ADOPTION CONSIDERATIONS
Cloud adoption has some key points as follows:
a)Selection of a deployment model: Convenience versus risk is a key
factor for selection of on a cloud adoption. Selection of right cloud for
deployment model.
Public cloud is useful for individuals or for start -up businesses, in case
of public cloud cost reduction offered by it but the security as well as
availability risk in the cloud. Small or medium business organizations
will not be willing for deployment of the online transaction processing
in the public cloud as customer data and service levels may impact
their business, in that case customer can select hybrid cloud for
business operatio ns. For backup, archive and testing attributes can be
deploy with the help of public cloud.
b)Application suitability: All applications are not good for a public cloud
so this may be incompatibility between the cloud platform software
and the consumer appli cations, or for business organizations as well.
They are basically designed, developed and maintained in house.
Because of high risk organizations are not ready to move all
applications to the public cloud. These applications are good for the
on-premise pr ivate cloud.
c)Financial advantage: While adopting the cloud financial benefits
provides a cost savings. The analysis of cost -saving shows the
comparision between total cost of ownership (TCO) and the return on
investment (ROI) in the cloud cost benefits . Calculating the
expenditures for infrastructure resources, business organization must
include the capital expenditure (CAPEX) which contains cost of
storage, servers, operating systems, application, real estate, network
equipment and operation expenditur e (OPEX) which contains
personnel, backup, power and cooling, maintenance and so on. Themunotes.in
Page 229
229cloud adaptation cost includes the cost of migrating the cloud,
compliance and security, subscription fees etc.
d)Selection of a cloud service provider: Selection of a cloud service
provider is very important for a public cloud. It depends on the
services which are provided to the consumers. Security, privacy
requirements, rules and regulations should check while selecting the
service provider with good customer services support.
e)Service -level agreement (SLA): Quality of service (QoS) is an
important factor in cloud service such as throughput and uptime is also
the services of cloud. QoS is a part of an service level agreement
between the consumer and the provider. Befor e adopting the cloud
service, every consumer have to check whether the QoS meets with
their requirements or not.
12.9 SUMMARY
Cloud computing chapter gives the detail study about the cloud
characteristics, benefits, services, deployment models and infra structure as
well. It also describes cloud challenges, cloud challenges for consumers,
cloud challenges for providers and adaptation considerations.
12.10 EXERCISE
1) What are the various characteristics of cloud computing?
2) Discuss different cloud challenges.
3) Explain benefits of cloud computing.
4) Discuss cloud adaptation in detail
5) Discuss different cloud services in detail.
12.11 REFERENCES
Information storage and management: storing, managing and protecting
digital information in Classic , Virtualized and Cloud Environments, EMC
author, by Joh Wiley and Sons 2ndedition 2012.
https://books.google.co.in/books?id=PU7gkW9ArxIC&printsec=frontcove
r&dq=information+storage+and+management&hl=en&newbks=1&newbk
s_redir=1&sa=X&ved=2ahUKEwjjx_nakNPxAhWy4zgGHWUpCjcQ6A
EwAHoECAsQAgmunotes.in
Page 230
230https://books.google.co.in/books?id=sCCfRAj3aCgC &printsec=frontcover
&dq=information+storage+and+management&hl=en&newbks=1&newbks
_redir=1&sa=X&ved=2ahUKEwjjx_nakNPxAhWy4zgGHWUpCjcQ6AE
wAXoECAIQAg
https://ww w.slideshare.net/golujain/characteristics -of-cloud -computing -
as-per-nist
https://www.zoho.com/creator/paas/
https://en.wikipedia.org/wi ki/Software_as_a_service
https://www.javatpoint.com/community -cloud
https://www.javatpoint.com/hybrid -cloud
❖❖❖❖
munotes.in
Page 231
231Unit V
13
SECURING THE STORAGE
INFRASTRUCTURE
Unit Structure
13.0 Objectives
13.1 Introduction
13.2 Information Security Framework
13.2.1 Confidentiality
13.2.2 Integrity
132.3 Availability
14.2.4Accountability
13.3 Risk Triad
13.3.1 Assets
13.3.2 Threats
13.3.3 Vulnerability
13.4 Storage Security Domains
13.4.1 Securing the Application Access Domain
13.4.2 Securing the Management Access Do main
13.4.3 Securing Backup, Replication, and Archive
13.5 Security Implementations in Storage Networking
13.5.1 FC SAN
13.5.2 NAS
13.5.3 IP SAN
13.6 Summary
13.7Review your Learning
13.8 Review Questions
13.9 Further Reading
13.10 References
13.0 OBJECTIVES
After going through this unit, you will be able to learn
Basic storage security implementations, such as the security
architecture and protection mechanisms in FC -SAN, NAS, and IP -SAN,
are covered in this chapter.munotes.in
Page 232
232In addition, in virtualized and cloud systems, this chapter discusses
new security considerations.
Further, this chapter describes the additional security
considerations in virtualized and cloud environments.
13.1 INTRODUCTION
Important data, such as i ntellectual property, personal identities,
and financial transactions, is routinely processed and stored in storage
arrays accessible via the network. As a result, storage is now more
vulnerable to a variety of security threats which have the potential to
damage business -critical data and disrupt critical services. In both
traditional and virtualized data centres, securing storage infrastructure has
become an essential part of the storage management process. It's a time -
consuming but crucial process for mai ntaining and securing sensitive data.
Because organisations have less control over shared IT
infrastructure and the enforcement of security controls, storage security in
a public cloud environment is more complicated. Furthermore,
multitenancy in a cloud environment allows multiple users to share
resources, such as storage. Data may be tampered across tenants as a result
of such sharing.
13.2 INFORMATION SECURITY FRAMEWORK
The fundamental information security architecture is designed to
accomplish four s ecurity objectives: confidentiality, integrity, and
availability (CIA), as well as responsibility. All security standards,
procedures, and controls required to minimise threats in the storage
infrastructure environment are included in this framework.
13.2.1 Confidentiality:
Ensures that information is kept private and that only authorised
users have access to it. Users that need access to information must be
authenticated. Data in transit (data sent over a network) and data at rest
(data stored on a prim ary storage device, backup media, or in archives)
can both be encrypted to ensure privacy. Confidentiality necessitates the
implementation of traffic flow protection mechanisms as part of the
security protocol, in addition to preventing unauthorised users from
accessing information. These safeguards often include the concealment of
source and destination addresses, the frequency with which data is
delivered, and the volume of data sent.
13.2.2 Integrity:
Ensures that the data hasn't been tampered. Integrit y protection
necessitates the detection and prevention of unwanted data tampering ormunotes.in
Page 233
233destruction. For both data and systems, ensuring integrity necessitates
methods such as error detection and correction.
14.2.3Availability:
This assures that authorized users have consistent and timely
access to these systems' systems, data, and applications. Protection against
unwanted data deletion and denial of service is required for availability.
The availability of sufficient resources to deliver a service is also
implied by availability.
13.2.4 Accountability:
All events and actions that occur in the data centre infrastructure
must be accounted for. For security purposes, the accountability service
keeps a trail of occurrences that can be audited or traced afterwards.
14.3RISK TRIAD
Threats, assets, and vulnerabilities are all part of the risk triangle.
When a threat agent (an attacker) exploits an existing vulnerability to
compromise an asset's security services, for example, if a sensit ive
document is sent over an unsecured channel without any protection, an
attacker may get unauthorised access to the document and violate its
confidentiality and integrity. This could result in a loss of revenue for the
company. In this case, the risk of business loss derives from an attacker
using the vulnerability of unencrypted communication to gain access to
the document and tamper with it.
Organizations rely on vulnerabilities to control risks because they
can't completely eradicate threat agents tha t arrive in numerous forms and
sources to their assets. Organizations can use countermeasures to lessen
the likelihood of attacks and the severity of their consequences.
The first step in determining the scope of potential threats and
dangers in an IT inf rastructure is to conduct a risk assessment. The
procedure evaluates risk and aids in the identification of appropriate
controls to reduce or eliminate it. Risk assessment helps prioritise security
measures investment and provisioning based on the value of assets.
Threats to an IT system must be examined along with potential
vulnerabilities and existing security controls to determine the likelihood of
an unfavourable event occurring.
The impact of an adverse incident on important business activities is
used to determine its severity. IT assets and resources can be ascribed a
relative value of criticality and sensitivity based on this research. For
example, a high -criticality value could be assigned to an IT system
component if an assault on it could result in the entire shutdown of
mission -critical services.munotes.in
Page 234
234The three essential parts of the risk triangle are examined in the
following sections:
Assets, threats and vulnerabilities are considered from the
perspective of risk identification and control analysi s.
Fig . Risk Tried
13.3.1 Assets:
Information is one of an organization's most valuable assets.
Hardware, software, and other infrastructure components necessary to
access the information are examples of other assets. Organizations must
design a set of parameters to ensure that resources are available to
authorised users and trustworthy networks in order to protect these
assets. Storage resources, network infrastructure, and organisational
policies are all affected by these elements.
There are two goals to security measures. The first goal is to make
sure that authorised users may readily access the network. It should also
be dependable and stable in a variety of environm ents and usage volumes.
The second goal is to make it difficult for potential attackers to gain access
to the system and compromise it.
Unauthorized access, viruses, worms, trojans, and other harmful
software programmes should all be protected by the secu rity procedures.
To reduce the amount of potential security threats, security solutions
should include choices to encrypt vital data and terminate unnecessary
services. The security strategy must ensure that operating system and other
software updates are installed on a regular basis. Simultaneously, it must
provide sufficient redundancy in the form of replication and mirroring of
production data to prevent catastrophic data loss in the case of a data
compromise. All users are informed about the policies co ntrolling network
use in order for the security system to function properly.
Two main factors can be used to assess the success of a storage
security methodology. One, the cost of putting the system in place should
be a small percentage of the value of th e data being secured. Two, a
potential attacker should pay a high price in terms of money, effort, and
time.munotes.in
Page 235
23513.3.2 Threats:
Threats are attacks that could be launched against an IT
infrastructure. There are two types of attacks: active and passive. Attemp ts
to acquire unauthorised access to a system are known as passive attacks.
They put information confidentiality in risk. Data alteration, denial of
service (DoS), and repudiation assaults are examples of active attacks.
They expose the integrity, availabi lity, and accountability of data.
●An unauthorised user tries to change information for malevolent
purposes in a data modification attack. A data alteration attack
might target data in transit or data at rest. Data integrity is
compromised by these attacks. Attacks that disable legitimate
users' access to resources and services are known as denial of
service (DoS) attacks. In most cases, these assaults do not entail
gaining access to or altering information. Instead, they put data
availability at risk. A DoS attack occurs when a network or website
is deliberately flooded in order to impede lawful access to
authorised users.
●Repudiation is an attack on the information's accountability. It tries
to offer misleading information by impersonating someone or
denyin g the occurrence of an event or a transaction. A repudiation
assault, for example, would entail executing an activity and then
destroying any evidence that could be used to show the identity of
the user (attacker) who carried it out. Circumventing the repo rting
of security events or tampering with the security log to mask the
attacker's identity are examples of repudiation attacks.
13.3.3 Vulnerability:
Access points to information are frequently open to prospective
assaults. Each path may c ontain a number of access points that grant
varying levels of access to the storage resources. It's critical to put in place
suitable security controls at all stages along an access path. Defense in
depth refers to putting security measures in place at eac h access point
along each access path.
If one component of security is compromised, security advocates
adopting numerous security measures to lessen the risk of security risks.
It's also known as a "layered security technique." Security allows for more
time to notice and respond to an attack because there are several security
measures in place at various levels. A security breach's breadth or impact
can be reduced due to this.
When determining the amount to which an environment is
vulnerable to security t hreats, three elements must be considered: attack
surface, attack vector, and work factor. The many entry points that an
attacker can use to start an assault are referred to as the attack surface.
Each component of a storage network has the potential to be as o u r c eo fmunotes.in
Page 236
236vulnerability. An attacker can leverage all of the component's external
interfaces, such as the hardware and management interfaces, to carry out
numerous assaults. The attacker's attack surface is made up of these
interfaces. If enabled, even unused network services can become part of
the attack surface.
An attack vector is a step or a set of steps that must be followed to
complete an attack. For example, an attacker might use a flaw in the
management interface to launch a snoop attack, in whi ch the attacker
changes the storage device's configuration to allow traffic to be accessed
from another host. The data in transit can be snooped via this diverted
traffic.
The amount of time and effort necessary to exploit an attack vector
is referred to as the work factor. When attempting to retrieve sensitive
information, for example, attackers evaluate the time and effort required to
carry out a database attack. This could entail figuring out who has access
to what, figuring out the database schema, and developing SQL queries.
Instead, they may select a less effort -intensive technique to exploit the
storage array by connecting to it directly and reading from the raw disc
blocks, based on the work factor.
Organizations can apply specific control measures after assessing
the environment's susceptibility. Any control mechanisms should take into
account all three parts of infrastructure: people, process, and technology,
as well as their interactions. The first stage in securing persons is to
determine and co nfirm their identity. Selective controls for their access to
data and resources can be implemented based on their identify. Processes
and procedures are the primary determinants of any security measure's
effectiveness. The procedures should be based on a t horough awareness of
environmental concerns, as well as the relative sensitivity of various types
of data and the requirements of various stakeholders for data access. The
adoption of technology is neither cost -efficient nor aligned with the
priorities of enterprises without an effective methodology. Finally, for the
technology or controls to be effective, they must assure compliance with
the processes, policies, and people. The goal of these security systems is to
reduce vulnerability by lowering attack su rfaces and increasing work
factors. Technical or nontechnical controls can be used. Nontechnical
controls are normally implemented through administrative and physical
controls, whereas technical controls are usually done using computer
systems. Security an d personnel policies, as well as standard procedures,
are examples of administrative controls that govern the safe execution of
diverse operations. Setting up physical barriers, such as security guards,
fences, or locks, are examples of physical controls.munotes.in
Page 237
237Controls are classified as:
Preventative
The preventive control aims to prevent an attack; the detective
control determines whether an assault is underway; and the remedial
controls are executed after an attack is discovered. Preventive measures
stop vulnerabilities from being exploited, preventing or reducing the
impact of an attack.
Detective, or corrective based
Detective controls identify attacks and trigger preventative or
corrective controls, whereas corrective controls decrease the impact of an
attack. An Intrusion Detection/Intrusion Prevention System (IDS/IPS)
example, is a detective control that assesses whether an attack is in
progress and then seeks to stop it by terminating a network connection or
activating a firewall rule to restrict traffic.
13.4 STORAGE SECURITY DOMAINS
Storage devices that are connected to a network increase the risk
level and are more vulnerable to network -based security risks. However,
as storage settings become more networked, storage devices are becoming
incre asingly vulnerable to security attacks from a variety of sources. To
protect a storage networking environment, specific controls must be
established. This necessitates a more in -depth examination of storage
networking security as well as a thorough underst anding of the access
paths to storage resources. If a specific path is unlawful and needs to be
blocked by technical controls, make sure these measures aren't
compromised. If each component in the storage network is regarded a
potential access point, the a ttack surface of all of these access points must
be examined in order to determine the vulnerabilities associated with
them.
Access paths to data storage can be grouped into three security
domains to identify dangers that apply to a storage network: appli cation
access, administration access, and backup, replication, and archive. The
three security domains of a storage system environment are depicted in
Figuremunotes.in
Page 238
238
Fig. Storage security domains
Application access to stored data via the storage network is the
first security domain. The second security domain covers management
access to storage and connection devices, as well as the data they contain.
Storage administrators who configure and administer the
environment use this domain the most. Backup, replication, and archive
access make up the third domain. The backup media, like the access points
in this domain, has to be protected.
Identify the existing dangers inside each of the security domains
and classify the th reats depending on the type of security services —
availability, confidentiality, integrity, and accountability to safeguard the
storage networking environment. The next stage is to choose and apply
appropriate controls as dangers are discovered.
13.4.1 Securing the Application Access Domain
The application that access data through a file system or a database
interface may be included in the application access domain.
Identifying dangers in the environment and implementing suitable
controls is a crucial step in securing the application access domain.
Physical security is also a significant concern when it comes to preventing
media theft. In a storage networking context, Fig. depicts application
access. All V1 volumes are accessible to Host A, and all V2 volumes are
accessible to Host B. These volumes are classified as confidential,
restricted, or public, depending on the level of access. In this scenario,
some conceivable dangers include host A spoofing the identity or
elevating to host B's credentials to get access to host B's resources.
Another hazard is an unauthorised host gaining network access; the
attacker on this host may attempt to mimic the identity of another host and
tamper with data, probe the network, or launch a DoS assault. In addition,
anysort of media theft could jeopardise security. These threats can posemunotes.in
Page 239
239several serious challenges to the network security; therefore, they need to
be addressed.
Fig. : Security threats in an application access domain
Controlling User Access to Data
User’s access to data is controlled by access control services. The
hazards of spoofing host identity and increasing host privileges are
mitigated by these services. B oth of these issues jeopardise data security
and integrity.
User and host authentication (technical control) and authorization
are the access control procedures used in the application access domain
(administrative control). These mechanisms may exist ou tside the storage
network's boundaries, necessitating the interconnection of various systems
with other enterprise identity management and authentication systems,
such as systems that provide strong authentication and authorization to
protect user identiti es from spoofing. Access control lists can be created
on NAS devices to limit user access to specified files. Information Rights
Management (IRM), which specifies which users have what rights to a
document, is used by the Enterprise Content Management appl ications to
enforce data access. Authenticating a node when it tries to connect to a
network is the first step towards restricting access at the host level.
Authentication procedures used by different storage networking
technologies, such as iSCSI, FC, an dI P-based storage, include Challenge -munotes.in
Page 240
240Handshake Authentication Protocol (CHAP), Fibre Channel Security
Protocol (FC -SP), and IPSec, respectively.
After a host has been authenticated, the next step is to establish
security controls for the storage resource s that the host is authorised to
access, such as ports, volumes, or storage pools. Zoning is a switch
control strategy that divides the network into certain data traffic pathways;
LUN masking defines which hosts have access to which storage devices.
Some d evices allow you to map a host's WWN to a specific FC port and
then to a specific LUN. The most secure method is to connect the WWN
to a physical port.
Finally, administrative controls such as defined security rules and
standards must be applied. Administ rative controls must be audited on a
regular basis to ensure that they are working properly. Significant events
are logged on all participating devices to enable this. Unauthorized access
to event logs should be avoided because they may fail to achieve the ir
objectives if the logged content is subjected to unauthorised modifications
by an attacker.
Protecting the Storage Infrastructure
Protecting the storage infrastructure from unauthorised access
entails safeguarding all of the infrastructure's components . Unauthorized
modification of data in transit that compromises data integrity, denial of
service that compromises availability, and network surveillance that
compromises confidentiality are all concerns that security rules for
securing the storage infrast ructure address.
There are two types of security controls for securing the network:
network infrastructure integrity and storage network encryption. A fabric
switch function that assures fabric integrity is one of the controls for
assuring infrastructure integrity. This is accomplished by preventing
unauthorised hosts from being added to the SAN fabric. The usage of
IPSec for safeguarding IP -based storage networks and FC -SP for
protecting FC networks are two storage network encryption technologies.
Root or administrator privileges for a specific device are not
granted to every user in a secure storage environment. Instead, role -based
access control (RBAC) is used to assign users the privileges they need to
carry out their jobs. A role can be used to indicate a work function, such as
an administrator. Privileges are linked to roles, and people gain access to
these privileges as a result of their roles.
When defining data centre protocols, it's also a good idea to think
about administrative controls li ke "separation of roles." A clear division of
responsibilities ensures that no single person can both specify and carry
out an action. The person who permits the creation of administrative
accounts, for example, should not be the same person who uses them. Inmunotes.in
Page 241
241the following part, we'll go through how to secure management access in
further depth.
Storage system management networks should be logically
separated from other enterprise networks. This segmentation is necessary
to make management easier and to imp rove security by limiting access to
components that are part of the same segment. IP network segmentation is
enforced, for example, at Layer 3 with the use of routers and firewalls, and
at Layer 2 with the use of VLANs and port -level security on Ethernet
switches.
Finally, physical access to the device console and FC switch
cabling must be managed to ensure the storage infrastructure's security. If
an unauthorised user physically gains access to a device, all other
specified security mechanisms fail, and t he equipment becomes unreliable.
Data Encryption
Protecting data kept within storage arrays is the most crucial part
of data security. At this level, threats include data manipulation, which
undermines data integrity, and media theft, which jeopardises da ta
availability and confidentiality. Encrypt the data on the storage media or
the data before it is transmitted to the disc to guard against these risks. It's
also crucial to choose a strategy for ensuring that data that's been wiped at
the end of its life cycle is totally erased from discs and can't be rebuilt for
malevolent purposes.
Data should be encrypted as close as feasible to its source. If
encryption on the host device is not practicable, an encryption appliance
can be used to encrypt data at the storage network's point of entry.
Encryption devices that encrypt data between the host and the storage
media can be implemented on the fabric. These techniques can secure data
in transit as well as data at rest on the target device.
Adding antivirus scan s and file extension controls to NAS devices
can improve data integrity even more. The use of MD5 or SHA -256
cryptographic algorithms ensures data integrity in the case of CAS by
detecting any changes in content bit patterns. Furthermore, before the disc
is removed, the data erasure service verifies that the data has been
completely overwritten by bit sequence. The data classification policy of
an organisation determines whether the disc should be wiped before being
discarded and the level of erasure requir ed based on regulatory
requirements.
13.4.2 Securing the Management Access Domain
Every device in the storage network has management access,
whether it's for monitoring, provisioning, or controlling storage resources.
The majority of management software i ncludes a CLI, a system
management console, or a web -based interface. Because the damage that
can be produced by employing storage management applications ismunotes.in
Page 242
242significantly broad, it is critical to implement adequate controls for
safeguarding these applicat ions. Figure shows a storage networking
architecture in which production hosts are connected to a SAN fabric and
access production storage array A, which is replicated with remote storage
array B. On Host A, this configuration also contains a storage
manag ement platform. An unauthorised host spoofing the user or host
identity to operate the storage arrays or network is a possible hazard in this
setting. An illegal host, for example, could get management access to
remote array B.
Fig. Security threats in a management access domain
Allowing administration access over an external network raises the
risk of an unauthorised host or switch connecting to the network. In these
situations, putting in place adequate security measures precludes some
types of remote communication from taking place. Using secure
communication methods, such as Secure Shell (SSH) or Secure Sockets
Layer (SSL) /Transport Layer Security (TLS), protects against these
threats effectively. Unauthorized access and changes to the infrastructure
can be detected using event log monitoring. Event logs should be kept
outside of shared storage systems so that they can be e xamined if the
storage is hacked.
The available security controls on the storage management
platform must be confirmed, and these controls must be adequate to securemunotes.in
Page 243
243the total storage environment. An attacker cannot alter the entire storage
array and caus e unbearable data loss by reformatting storage media or
making data resources unavailable unless the administrator's identity and
role are protected against spoofing attempts.
Controlling Administrative Access
Controlling administrative access to storage tries to prevent an
attacker from impersonating an administrator or increasing privileges to
get administrative access. Both of these dangers jeopardise the security of
data and equipment. Administrative access restriction and other auditing
approaches are used to impose responsibility of users and processes in
order to protect against these dangers. For each storage component, access
control should be implemented. It may be necessary to integrate storage
devices with third -party authentication directories, such as Lightweight
Directory Access Protocol (LDAP) or Active Directory, in various storage
setups.
According to security best practises, no single person should have
complete authority over the system. If an administrator user is required,
the number o f activities that require administrative permissions should be
kept to a minimum. Instead, RBAC should be used to allocate various
administrative duties. Auditing logged events is a crucial control
mechanism for tracking an administrator's operations. Howe ver, access to
administrative log files and their content must be protected. Deploying a
reliable Network Time Protocol on each system that can be synchronized
to a common time is another important requirement to ensure that
activities across systems can b e consistently tracked. In addition, having a
Security Information Management (SIM) solution supports effective
analysis of the event log files.
Protecting the Management Infrastructure
Encrypting management traffic, implementi ng management access
rules, and following IP network security best practises are all ways to
protect the management network architecture. The usage of IP routers and
Ethernet switches to restrict traffic to certain devices is one of these best
practises. T he threat of an unauthorised device connecting to the network
and gaining access to the management interfaces is reduced by restricting
network activity and access to a small number of hosts. Access controls
need to be enforced at the storage -array level t o specify which host has
management access to which array. Some storage devices and switches
can restrict management access to particular hosts and limit the
commands that can be issued from each host.
Encrypting management traffic, implementing managemen ta c c e s s
rules, and following IP network security best practises are all mechanisms
to protect the management network architecture. IP routers and Ethernet
switches are used to restrict traffic to certain devices as part of these best
practises. The threat of an unauthorised device connecting to the network
and gaining access to management interfaces is reduced by restrictingmunotes.in
Page 244
244network activity and access to a small number of hosts. To summarize,
security enforcement must focus on the management communication
between devices, confidentiality and integrity of management data, and
availability of management networks and devices.
13.4.3 Securing Backup, Replication, and Archive
The third domain to protect against an attack is backup,
replication, and archive. A backup, as described in Chapter 10, is copying
data from a storage array to backup media like tapes or discs. Backup
security is complicated, and it relies on backup software that connects to
storage arrays. It also depends on how the storage infrastructur es at the
primary and secondary locations are configured, especially with remote
backup solutions that use a remote tape device or array -based remote
replication. Organizations must ensure that the disaster recovery (DR) site
maintains the same level of se curity for the backed up data. Protecting the
backup, replication, and archive infrastructure requires addressing several
threats, including spoofing the legitimate identity of a DR site, tampering
with data, network snooping, DoS attacks, and media theft. Such threats
represent potential violations of integrity, confidentiality, and availability.
Figure depicts a generic remote backup configuration in which data on a
storage array is duplicated to secondary storage at the DR site through a
DR network. Thre ats at the transmission layer must be addressed in a
remote backup system where the storage components are separated by a
network. Otherwise, an attacker can impersonate the backup server's
identity and request that the host transfer its data. An illegal h ost posing
as the backup server may result in a remote backup to an unauthorised and
unknown location. Furthermore, attackers can utilise the DR network
connection to manipulate with data, snoop on the network, and launch a
denial -of-service attack against the storage devices. The physical threat of
a backup tape being lost, stolen, or misplaced, especially if the tapes
contain highly confidential information, is another type of threat. Backup -
to-tape applications are vulnerable to severe security implicati ons if they
do not encrypt data while backing it up.munotes.in
Page 245
245
Figure: Security threats in a backup, replication, and archive environment
13.5SECURITY IMPLEMENTATIONS IN STORAGE
NETWORKING
The following discussion details some of the basic security
implementations in FC SAN, NAS, and IP -SAN environments.
13.5.1 FC SAN
In comparison to IP -based networks, traditional FC SANs have a
built-in security advantage. An FC SAN can be thought of as a private,
isolated network with fewer nodes than an IP network. Consequently, FC
SANs impose fewer security threats. With converged networks and
storage consolidation, however, this picture has changed, driving rapid
expansion and mandating designs for big , sophisticated SANs that cover
several sites across the organisation. For FC SANs, there is currently no
one complete security solution available. Many security methods in FC
SANs have evolved from their IP networking counterparts, resulting in
mature sec urity solutions. Fibre Channel Security Protocol (FC -SP)
standards (T11 standards), published in 2006, align security mechanisms
and algorithms between IP and FC interconnects. These standardsmunotes.in
Page 246
246describe protocols to implement security measures in a FC fabri c, among
fabric elements and N -Ports within the fabric. They also include
guidelines for authenticating FC entities, setting up session keys,
negotiating the parameters required to ensure frame -by-frame integrity
and confidentiality, and establishing and d istributing policies across an
FC fabric.
FC SAN Security Architecture
Because of their size and complexity, storage networking setups
are a potential target for illegal access, theft, and misuse. As a result,
security tactics are built on the defence in depth principle, which calls for
numerous levels of security to be integ rated. This ensures that the assets
under protection are not jeopardised if one of the security controls fails.
Figure depicts the several levels (zones) of a storage networking
environment that must be guarded, as well as the security solutions that
can b e used. FC SANs not only suffer from certain risks and
vulnerabilities that are unique, but also share common security problems
associated with physical security and remote administrative access. In
addition to implementing SAN -specific security measures, organizations
must simultaneously leverage other security implementations in the
enterprise. Lists a variety of protection techniques that must be adopted in
different security zones. List certain security procedures that aren't
exclusive to SAN but are u biquitous data centre techniques. Two -factor
authentication, for example, is commonly used; in a basic implementation,
it entails the use of a username/password as well as an additional security
component, such as a smart card, for authentication.
Basic S AN Security Mechanisms
LUN masking and zoning, switch -wide and fabric -wide access
control, RBAC, and logical partitioning of a fabric (Virtual SAN) are the
most commonly used SAN security methods.
munotes.in
Page 247
247
Fig. FC SAN se curity architecture
Table Security Zones and Protection StrategiesSECURITY
ZONESPROTECTION STRATEGIESZone A
(Authentication at
the Management
Console)(a) Restrict management LAN access toauthorized users (lock down MAC addresses);(b) implement VPN tunneling for secure remoteaccess to the management LAN; and (c) use two -
factor authentication for network access.Zone B (Firewall)Block inappropriate traffic by (a) filtering outaddresses that should not be allowed on yourLAN; and(b) screening for allowable protocols,block ports that are not in use.Zone C (AccessControl -Switch)Authenticate users/administrators of FC switchesusingRemote Authentication Dial In User Service(RADIUS), DH -CHAP (Diffie -HellmanChallengeHandshake Authentication Protocol),and so on.munotes.in
Page 248
248SECURITY
ZONESPROTECTION STRATEGIESZone D (Host to
switch)Restrict Fabric access to legitimate hosts by (a)implementing ACLs: Known HBAs can connecton specific switch ports only; and (b)implementing asecure zoning method, such asport zoning (also known as hard zoning).Zone E (Switch to
Switch/Switch to
Router)Protect traffic on fabric by (a) using E -Portauthentication; (b) encrypting the traffic intransit; and
(c) implementing FC switch controls and port
controls.Zone F (Distance
Extension)Implement encryption for in -flight data (a) FC -
SP for long -distance FC extension; and (b) IPSecfor SAN extension via FCIP.Zone G (Switch to
Storage)Protect the storage arrays on your SAN via (a)WWPN based LUN masking; and (b) S_IDlocking: masking based on source FC address.
LUN Masking and Zoning
The primary SAN security measures used to defend against
unwanted access to storage are LUN masking and zoning. LUN masking
and zoning are discussed in length in Chapters 4 and 5. The WWPNs of
the source HBAs are used to mask the LUNs supplied to a front end
storage port in standard LUN masking implementations on storage arrays.
A more powerful variation of LUN masking may be available on
occasion, wit h masking based on source FC addresses. It has a technique
for locking down a node port's FC address to its WWN. In security -
conscious environments, WWPN zoning is the favoured option.
Securing Switch Ports
Additional security methods, such as port bindin g, port lockdown,
port lockout, and persistent port disable, can be enabled on switch ports in
addition to zoning and LUN masking. Only the appropriate switch port
can connect to a node for fabric access, and port binding limits the
number of devices that can attach to a particular switch port. WWPN
spoofing is reduced, but not eliminated, by port binding. Port lockdown
and port lockout restrict a switch port’s type of initialization. Typical
variants of port lockout ensure that the switch port cannot func tion as an
E-Port and cannot be used to create an ISL, such as a rogue switch. Some
variants ensure that the port role is restricted to only FL -Port, F -Port, E -
Port, or a combination of these. Persistent port disable prevents a switch
port from being enabl ed even after a switch reboot.
Switch -Wide and Fabric -Wide Access Control
The requirement to adequately manage SAN security grows as
enterprises expand their SANs locally or over longer distances. Accessmunotes.in
Page 249
249control lists (ACLs) on the FC switch and fabric bi nding on the fabric can
be used to ensure network security.
The device connection control and switch connection control
policies are both included in ACLs. The device connection control policy
defines which HBAs and storage ports are allowed to connect to the
fabric, preventing illegal devices from doing so. The switch connection
control policy, likewise, specifies which switches are permitted to join the
fabric, prohibiting illegal switches from doing so.
Role-based access control enhances SAN security b y blocking
unauthorised management actions on the fabric. It allows the security
administrator to grant roles to users when they log into the fabric, allowing
them to designate specified privileges or access permissions. The zone
admin job, for example, ha s the ability to edit the fabric's zones, whereas a
basic user can only see fabric -related data like port types and logged -in
nodes.
Logical Partitioning of a Fabric: Virtual SAN
VSANs allow you to create numerous logical SANs from a single
physical SAN. They enable the construction of bigger consolidated fabrics
while maintaining the needed security and isolation. In a VSAN, logical
partitioning is depicted in Figure
By populating each VSAN with switch ports, the SAN
administrator can construct unique VS ANs. The switch ports are split
among two VSANs in this example: 10 and 20 for the Engineering and
HR divisions, respectively. Despite the fact that they share physical
switching equipment with other divisions, they can be controlled as
separate fabrics. Z oning should be done for each VSAN to secure the
entire physical SAN. Each managed VSAN can have only one active zone
set at a time.
Because management and control traffic on the SAN —which
may include RSCNs, zone set activation events, and more —does not
cross VSAN boundaries, VSANs reduce the impact of disruptive events.
As a result, VSANs are a cost -effective way to create segregated physical
fabrics. By isolating fabric events and giving permission control within a
single fabric, they contribute to information availability and security.
13.5.2 NAS
NAS is open to multiple exploits, including viruses, worms,
unauthorized access, snooping, and data tampering. Various security
mechanisms are implemented in NAS to secure data and the storage
networking infrastructure.munotes.in
Page 250
250
Fig. : Securing SAN with VSAN
Permissions and access control lists (ACLs) are the first line of
defence for NAS resources, limiting access and sharing. These
permissions are applied in addition to the behaviours and attributes that
come standard with files and folders. Other authentication and
authorisation systems, such as Kerberos and directory services, are also
used to confirm network users' identities and define their privileges.
Firewalls safeguard storage infrastructure from unauthorised access and
malicious assaults in the same way.
NAS File Sharing: Windows ACLs
ACLs are divided into two categories in Windows: discretionary
access control lists (DACLs) and system access control lists (S ACLs)
(SACLs). The access control is determined by the DACL, sometimes
known as the ACL. If auditing is enabled, the SACL specifies which
accesses must be audited.
Windows also supports the concept of object ownership in addition
to these ACLs. The owner of an item has hard -coded permissions to that
object, which are not need to be granted explicitly in the SACL. Eachmunotes.in
Page 251
251object's owner, SACL, and DACL are all statically stored as attributes.
Windows also offers the functionality to inherit permissions, which allows
the child objects existing within a parent object to automatically inherit
the ACLs of the parent object.
ACLs are also applied to directory objects known as security
identifiers (SIDs). These are automatically generated by a Windows
server or domain when a user or group is created, and they are abstracted
from the user. In this way, though a user may identify his login ID as
“User1,” it is simply a textual re presentation of the true SID, which is
used by the underlying operating system. Internal processes in Windows
refer to an account’s SID rather than the account’s username or group
name while granting access to an object. ACLs are set by using the
standard Windows Explorer GUI but can also be configured with CLI
commands or other third -party tools.
NAS File Sharing: UNIX Permissions
A user is an ab straction in the UNIX operating system that defines
a logical entity for assigning ownership and operation privileges to the
system. A user might be a person or a computer programme. Regardless
of whether it is a person, a system action, or a device, a UNI X system is
only aware of the user's privileges to execute specific operations on the
system and identifies each user by a user ID (UID) and a username. In
UNIX, users can be organized into one or more groups. The concept of
group serves the purpose to ass ign sets of privileges for a given resource
and sharing them among many users that need them. For example, a
group of people working on one project may need the same permissions
for a set of files.
UNIX permissions define the operations that any ownership
relation can do with respect to a file. To put it another way, these
permissions define what the owner, the owner group, and everyone else
can do with the file. Three bits are used to describe access permissions for
any given ownership relationship. Read (r) access is indicated by the first
bit, write (w) access by the second bit, and execute (x) access by the third
bit. Because UNIX defines three ownership relations (Owner, Group, and
All), each ownership relationship requires a triplet (defining the acce ss
permission), resulting in nine bits. Each bit has two options: set or clear.
When displayed, a set bit is marked by its corresponding operation letter
(r, w, or x), a clear bit is denoted by a dash ( -), and all are put in a row,
such as rwxr -xr-x. In th is example, the owner can do anything with the fi
le, but group owners and the rest of the world can read or execute only.
When displayed, a character denoting the mode of the fi le may precede
this nine -bit pattern. For example, if the fi le is a director y, it is denoted as
“d”; and if it is a link, it is denoted as “l.”
NAS File Sharing: Authentication and Authorization
Standard file -sharing protocols, such as NFS and CIFS, are used
by NAS devices in a file -sharing environment. As a result, authenticatio nmunotes.in
Page 252
252and authorization on NAS devices are implemented and supported in the
same way they are in a UNIX or Windows file sharing environment.
Authentication needs a login credential lookup on a Network
Information System (NIS) server in a UNIX environment to v alidate the
identity of a network user. A Windows domain controller, which houses
the Active Directory, authenticates a Windows client in the same way.
The Active Directory uses LDAP to access information about network
objects in the directory and Kerberos for network security. NAS devices
use the same authentication techniques to validate network user
credentials. Figure depicts the authentication process in a NAS
environment.
Fig: Securing user access in a NAS environment
User privileges in a network are defined by authorization. The
authentication methods used by UNIX and Windows users are very
different. UNIX files employ mode bits to define access rights for owners,
groups, and other users, but Windows files use an ACL to all ow or deny
certain permissions to a specific user for a specific file.
NAS devices allow both of these approaches for UNIX and
Windows users, however when UNIX and Windows users access and
share the same data, complications develop. The integrity of both
permission procedures must be preserved if the NAS device supports
multiple protocols. A way of mapping UNIX rights to Windows and vice
versa is provided by NAS device suppliers, allowing for a multiprotocol
environment to be supported. When developing a N AS solution, keep in
mind the complexity of multiprotocol support. Validate the domain
controller and NIS server connectivity and bandwidth at the same time.
Kerberosmunotes.in
Page 253
253Kerberos is a network authentication protocol that uses secret -key
cryptography to offer strong authentication for client/server applications.
It employs cryptography to allow a client and server to establish their
identity over an unsecured network connection. After proving their
identities, the client and server might choose to encrypt all of their
communications to preserve privacy and data integrity.
In Kerberos, authentications occur between clients and servers.
The client gets a ticket for a service and the server decrypts this ticket by
using its secret key. Any entity, user, or host t hat gets a service ticket for a
Kerberos service is called a Kerberos client. The term Kerberos server
generally refers to the Key Distribution Center (KDC). The KDC
implements the Authentication Service (AS) and the Ticket Granting
Service (TGS). The KDC has a copy of every password associated with
every principal, so it is absolutely vital that the KDC remain secure. In
Kerberos, users and servers for which a secret key is stored in the KDC
database are known as principals.
Kerberos is usually used in a NAS context to authenticate against a
Microsoft Active Directory domain, but it may also be used to perform
security functions in UNIX settings. The steps in the Kerberos
authentication procedure are represented in Fig. :
1.The user logs on to the workstatio n in the Active Directory domain (or
forest) using an ID and a password. The client computer sends a
request to the AS running on the KDC for a Kerberos ticket. The KDC
verifies the user’s login information from Active Directory. (This step
is not explicit ly shown in Figure)
2.The KDC responds with an encrypted Ticket Granting Ticket (TGT)
and an encrypted session key. TGT has a limited validity period. TGT
can be decrypted only by the KDC, and the client can decrypt only the
session key.
3.When the client requ ests a service from a server, it sends a request,
consisting of the previously generated TGT, encrypted with the session
key and the resource information to the KDC.
4.The KDC checks the permissions in Active Directory and ensures that
the user is authorized to use that service.
5.The KDC returns a service ticket to the client. This service ticket
contains fields addressed to the client and to the server hosting the
service.
6.The client then sends the service ticket to the server that houses the
required resourc es.
7.The server, in this case the NAS device, decrypts the server portion of
the ticket and stores the information in a key tab file. As long as the
client’s Kerberos ticket is valid, this authorization process does not
need to be repeated. The server autom atically allows the client to
access the appropriate resources.munotes.in
Page 254
2548.A client -server session is now established. The server returns a session
ID to the client, which tracks the client activity, such as file locking, as
long as the session is active.
Figure Kerberos authorization
Network -Layer Firewalls
Because NAS systems use the IP protocol stack, they are
susceptible to a variety of assaults launched via the public IP network. In
NAS setups, network layer firewalls are used to defend the NAS devices
from various security concerns. These network -layer firewalls can inspect
network packets and compare them to a set of security rules that have been
established. Packets that do not comply with a security rule are dropped
and do not proceed to their destination. A source address (network or
host), a destination address (network or host), a port, or a combination of
those parameters can be used to create rules (source IP, destination IP, and
port number).
Figure depicts a typical firewall implementation. A demilitarized
zone (DMZ) is commonly used in networking environments. A DMZ
provides a means to secure internal assets while allowing Internet -based
access to various resources. In a DMZ environment, servers that need to
be accessed through the Internet are placed between two sets of firewalls.
Application -specific ports, such as HTTP or FTP, are allowed through the
firewall to the DMZ servers. However, no Internet -based traffic is
allowed to penetrate the second set of fi rewalls and gain access to the
internal network.munotes.in
Page 255
255
Figure : Securing a NAS environment with a network -layer firewall
The servers in the DMZ may or may not be allowed to
communicate with internal resources. In such a setup, the server in the
DMZ is an Internet -facing web application accessing data stored on a
NAS device, which may be located on the internal private networ k. A
secure design would serve only data to internal and external applications
through the DMZ.
The servers in the DMZ may or may not be allowed to
communicate with internal resources. In such a setup, the server in the
DMZ is an Internet -facing web appli cation accessing data stored on a
NAS device, which may be located on the internal private network. A
secure design would serve only data to internal and external applications
through the DMZ.
13.5.3 IP SAN
The basic security measures utilised in IP SAN s ettings are
described in this section. The Challenge -Handshake Authentication
Protocol (CHAP) is a fundamental authentication technique that network
devices and hosts have extensively embraced. CHAP uses a secret code or
password to allow initiators and ta rgets to verify each other's identity.
CHAP secrets are usually 12 to 128 character long and random. The
secret is never transferred directly over the communication channel;
instead, it is converted into a hash value and then exchanged using a one -
way hash function. A hash function, using the MD5 algorithm, transforms
data in such a way that the result is unique and cannot be changed back to
its original form. Figure depicts the CHAP authentication process.munotes.in
Page 256
256
Fig.A Securing IPSAN with CHAP authentication
If the initiator requires reverse CHAP authentication, the initiator
uses the same technique to authenticate the target. The initiator and the
target must both know the CHAP secret. The target and the initiator e ach
keep a CHAP entry that contains the name of a node and the secret
connected with it. The same steps are executed in a two -way CHAP
authentication scenario. After these steps are completed, the initiator
authenticates the target. If both authentication steps succeed, then data
access is allowed. CHAP is often used because it is a fairly simple
protocol to implement and can be implemented across a number of
disparate systems. iSNS discovery domains function in the same way as
FC zones. Discovery domains p rovide functional groupings of devices in
an IP -SAN. For devices to communicate with one another, they must be
configured in the same discovery domain. State change notifications
(SCNs) inform the iSNS server when devices are added to or removed
from a dis covery domain. Figure B depicts the discovery domains in
iSNS.
Fig. B: Securing IPSAN with iSNS discovery domainsmunotes.in
Page 257
25713.6 SUMMARY
The continuing expansion of the storage network has exposed data
center resources and storage infrastructures to new vulnerabilities. IP -
based storage networking has exposed storage resources to traditional
network vulnerabilities. Data aggregation has als o increased the potential
impact of a security breach. In addition to these security challenges,
compliance regulations continue to expand and have become more
complex. Data center managers are faced with addressing the threat of
security breaches from bot h within and outside the organization.
Organizations are adopting virtualization and cloud as their new
IT model. However, the key concern preventing faster adoption is
security. The cloud has more vulnerabilities compared to a traditional or
virtualized data center. This is because cloud resources are shared among
multiple consumers. Also the consumers have limited control over the
cloud resources. Cloud service providers and consumers are facing threat
of security breaches in the cloud environment.
This chapter detailed a framework for storage security and
provided mitigation methods that can be deployed against identified
threats in a storage networking environment. It also detailed the security
architecture and protection mechanisms in SAN, NAS, and IP -SAN
environments. Further, this chapter touched on the security concerns and
measures in a virtualized and cloud environment.
13.7REVIEW YOUR LEARNING
Can explain information security framework?
Explain RISK TRIAD
Can you write STORAGE SECURITY DOMAINS
Explain Securing the Application Access Domain
How to Protecting the Storage Infrastructure
Explain details some of the basic security implementations in FC SAN, NAS,
and IP -SAN environments
13.8 QUESTIONS
1.What is Information Security Framework
2.Explain part of the risk triangle.
3.Write a short note on
a.Assets
b.Threats
c.Vulnerability
4.Explain how storage devices that are connected to a network increase
the risk level.
5.Describe protecting the storage infrastructure.munotes.in
Page 258
2586.How securing the management access domain
7.Explain FC SAN Security Architecture
8.Explain how VSANS allow you to create numerous logical sans from
a single physical SAN
9.How NAS is open to multiple exploits, including viruses, worms,
unauthorized access, snooping, and data tampering?
10.What are the various security mechanisms are implemented in NAS
for storage n etworking infrastructure?
11.What Various security mechanisms are implemented in NAS to
secure data ?
12.Describe NAS File Sharing: Authentication and Authorization
13.Network -Layer Firewalls
14.How to s ecuring IPSAN with CHAP authentication ?
13.8 FURTHER READING
●https://nptel.ac.in/content/storage2/courses/106108058/lec%2007.pdf
●http://www.ictacademy.in/pages/Information -Storage -and-
Management.aspx
●https://www.coursera.org/lecture/technical -support -
fundamentals/storage -RLNIZ
13.9 REFERENCES
1.Information Storage and Management: Storing, Managing and
Protecting Digital Information in Classic, Virtualized and Cloud
Environments, EMC, John & Wiley Sons, 2ndEdition, 2012
2.Information Storage and Management, Pankaj Sharma
❖❖❖❖munotes.in
Page 259
25914
SECURING STORAGE INFRASTRUCTURE
IN VIRTUALIZED AND CLOUD
ENVIRONMENTS
Unit Structure
14.0 Objectives
14.1 Introduction
14.2 Security Concerns
14.3 RSA and VMware Security Products
14.3.1 RSA SecureID
14.3.2 RSA Identity and Access Management
14.3.3 RSA Data Protection Manager
14.3.4 VMware vShield
14.4 Monitoring the Storage Infrastructure
14.4.1 Monitoring Parameters
14.4.2 Components Monitored
14.4.3 Monitoring Examples
14.4.4 Alerts
13.5 Review Questions
13.6 Further Reading
13.7 References
14.0 OBJECTIVES
After going through this chapter , you will be able to learn
Security threads, Data storage in virtualized and cloud contexts,
and RSA and VMware Security Products.
Also learn monitoring the storage infrastructure
14.1 INTRODUCTION
So far, this chapter has solely discussed security threats and
countermeasures in a traditional data centre. These hazards and
countermeasures apply to data storage in virtualized and cloud contexts as
well. However, due to multitenancy and a lack of control over cloud
resources, virtualized and cloud computing environments pose new
vulnerabilities to an organization's data. A public cloud poses higher
security risks than a private cloud, necessitating additional safeguards.munotes.in
Page 260
260Because cloud users (consumers) in a public cloud typically have limited
control over resources, enforcing securi ty methods by consumers is
comparably difficult. From a security perspective, both consumers and
cloud service providers (CSP) have several security concerns and face
multiple threats. Security concerns and security measures are detailed
next.
14.2 SECURI TY CONCERNS
Virtualization and cloud computing are being increasingly adopted
by businesses, but there are significant security risks. Multitenancy, attack
velocity, information assurance, and data privacy are the four main
security problems.By virtue of virtualization, multitenancy allows
numerous independent tenants to share the same set of storage resources.
Despite the advantages of multitenancy, it remains a major security
problem for both users and service providers. The attack surface is
increased w hen numerous VMs are co -located on a single server and
share the same resources. It's possible that a tenant's business -critical data
is accessed by other tenants running apps on the same resources.
Velocity -of-attack refers to a situation in which any existing
security threat in the cloud spreads more rapidly and has a larger impact
than that in the traditional data center environments. Information
assurance for users ensures confidentiality, integri ty, and availability of
data in the cloud. Also, the cloud user needs assurance that all the users
operating on the cloud are genuine and access the data only with
legitimate rights and scope.
Data privacy is also a major concern in a virtualized and clou d
environment. A CSP needs to ensure that Personally Identifiable
Information (PII) about its clients is legally protected from any
unauthorized disclosure.
14.2 .2 Security Measures
At the computing, network, and storage layers, security
mechanisms can b e introduced. In virtualized and cloud systems, these
security measures performed at three layers minimize the risks.
At the Compute Level, Security Securing a computational
infrastructure entails ensuring the actual server, hypervisor, virtual
machine, a nd guest operating system are all secure (OS running within a
virtual machine). Implementing user authentication and authorization
systems is part of physical server security. These techniques identify users
and grant them server access privileges. . These mechanisms identify
users and provide access privileges on the server. To minimize the attack
surface on the server, unused hardware components, such as NICs, USB
ports, or drives, should be removed or disabled.munotes.in
Page 261
261For all the VMs running on it, a hyperviso r is a single point of
security failure. Rootkits and viruses put on a hypervisor make antivirus
software deployed on the guest OS difficult to detect. Security -critical
hypervisor updates should be installed on a regular basis to protect against
attacks. In addition, the hypervisor management system must be
safeguarded. Malicious assaults and management system infiltration can
affect all current VMs and allow attackers to generate new ones. Only
authorised administrators should have access to the managemen ts y s t e m .
A second firewall must also be deployed between the management system
and the rest of the network. VM isolation and hardening are some of the
common security mechanisms to effectively safeguard a VM from an
attack. VM isolation helps to prevent a compromised guest OS from
impacting other guest OSs. VM isolation is implemented at the hypervisor
level. Apart from isolation, VMs should be hardened against security
threats. Hardening is a process to change the default configuration to
achieve greater security.
Apart from the measures to secure a hypervisor and VMs,
virtualized and cloud environments also require further measures on the
guest OS and application levels.
Security at the Network Level
Firewalls, intrusion detection, demilitarised zones ( DMZs), and
data-in-flight encryption are some of the most important network security
mechanisms.
A firewall prevents unauthorised access to networks while
allowing only lawful communications. A firewall can also protect
hypervisors and virtual machines (V Ms) in a virtualized and cloud
environment. If remote administration is allowed on a hypervisor, for
example, a firewall should restrict access to all remote administration
interfaces. VM -to-VM traffic is likewise protected by a firewall. A
Virtual Firewal l can be used to provide this firewall function (VF). A VF
is a firewall service running entirely on the hypervisor. A VF provides
packet filtering and monitoring of the VM -to-VM traffic. A VF gives
visibility and control over the VM traffic and enforces p olicies at the VM
level.
Intrusion Detection (ID) is the process to detect events that can
compromise the confidentiality, integrity, or availability of a resource. An
ID System (IDS) automatically analyses events to check whether an event
or a sequence of events match a known pattern for anomalous activity, or
whether it is (statistically) different from most of the other events in the
system. It generates an alert if an irregularity is detected. DMZ and data
encryption are also deployed as security measures in the virtualized and
cloud environments. However, these deployments work in the same way
as in the traditional data center.munotes.in
Page 262
262Security at the Storage Level
Compromises at the compute, network, and physical security
layers pose major vulnerabilities to storage systems in virtualized and
cloud settings. This is due to the fact that storage systems are only
accessible via computing and network infrastructure. To ensure storage
security, suitable security mechan isms should be in place at the compute
and network levels.
Common security mechanisms that protect storage include the
following: nAccess control methods to regulate which users and processes
access the data on the storage systems.Zoning and LUN -
masking,E ncryption of data -at-rest (on the storage system) and data -in-
transit. Data encryption should also include encrypting backups and
storing encryption keys separately from the data. nData shredding that
removes the traces of the deleted data
Apart from thes e methods, employing VSANs to isolate different
types of traffic improves the security of storage systems even further. In
the case of hypervisor -based storage, additional security measures are
required to safeguard the storage. Separate LUNs for VM compon ents and
VM data may be required for hypervisors using clustered file systems that
support multiple VMs.
14.3 CONCEPTS IN PRACTICE: RSA AND VMWARE
SECURITY PRODUCTS
RSA, EMC's security division, is the leading provider of security,
risk, and compliance s olutions, assisting businesses in overcoming their
most difficult and sensitive security challenges.
For virtualized and cloud settings, VMware provides secure and
reliable virtualization solutions. RSA SecureID, RSA Identity and Access
Management, RSA Data Protection Manager, and VMware vShield are all
covered in this area.
14.3.1 RSA SecureID
Two-factor authentication with RSA SecurID adds an extra layer
of protection, ensuring that only authorised users have access to systems
and data. RSA SecurID is based on two factors: what the user knows
(password or PIN) and what the user owns (an authenticator device). It is
far more trustworthy than reusable passwords when it comes to user
authentication. Every 60 seconds, it generates a new one -time password
code, making it difficult for anyone other than the legitimate user to enter
the proper token code at any one time. Users combine their secret
Personal Identification Number (PIN) with the token code that appears on
their SecurID authenticator display at th e time to gain access to their
resources. The result is a unique, one -time password to assure a user’s
identity.munotes.in
Page 263
26314.3.2 RSA Identity and Access Management
Through access management, the RSA Identity and Access
Management product manages identity, security , and access restrictions
for physical, virtual, and cloud -based environments. It allows trusted
identities to engage with systems and access in a secure and free manner.
RSA Access Manager and RSA Federated Identity Manager are two
products in the RSA Ide ntity and Access Management family. RSA
Access Manager allows businesses to manage authentication and
authorization policies for a large number of users, online web portals, and
application resources from a single location. Access Manager provides
seamless user access with single sign -on (SSO) and preserves identity
context for greater security. RSA Federated Identity Manager enables end
users to collaborate with business partners, outsourced service providers,
and supply -chain partners or across multiple o ffices or agencies all with a
single identity and logon.
14.3.3 RSA Data Protection Manager
RSA Data Protection Manager enables deployment of encryption,
tokenization, and enterprise key management simply and affordably. The
RSA Data Protection Manager fa mily is composed of two products:
Application Encryption and Tokenization and Enterprise Key
Management. nApplication Encryption and Tokenization with RSA Data
Protection Manager helps to achieve compliance with regulations related
to PII by quickly embedd ing the encryption and tokenization of sensitive
data and helping to prevent data loss. It begins at the point of creation and
ensures that data is encrypted throughout transmission and storage. n
Enterprise key management is a simple solution for encrypti ng keys at the
database, file server, and storage levels. Its goal is to make encryption
deployment in the organisation as simple as possible. It also assists in
ensuring that information is adequately secured and accessible at all times
during its life cy cle.
14.3.4 VMware vShield
The VMware vShield family includes three products:
vShield App
VMware vShield App is a hypervisor -based application -aware
firewall solution. It protects applications in a virtualized environment
from network -based threats by providing visibility into network
communications and enforcing granular policies with security groups.
VMware vShield App observes network activity between virtual
machines to define and refine firewall policies and secure business
processes through detail ed reporting of application traffic. For a
virtualized environment.
vShield Edge
VMware vShield Edge delivers comprehensive perimeter network
protection. It is installed as a virtual appliance and acts as a network
security gateway for all virtualized ho sts. It offers a variety of services,munotes.in
Page 264
264including firewall, VPN, and DHCP (Dynamic Host Configuration
Protocol).
vShield Endpoint.
VMware vShield Endpoint is a hardened special security VM with
antivirus software from a third party. VMware vShield Endpoint
streamlines and accelerates antivirus and antimalware deployment
because antivirus engine and signature fi les are updated only within the
special security VM. VMware vShield Endpoint improves VM
performance by offloading file scanning and other tasks from VMs to the
security VM. It prevents antivirus storms and bottlenecks associated with
multiple simultaneous antivirus and antimalware scans and updates. It
also satisfies audit requirements with detailed logging of antivirus and
antimalware activities.
14.4 MONITORING THE STORAGE INFRASTRUCTURE
Monitoring is one of the most important aspects that forms the
basis for managing storage infrastructure resources. Monitoring provides
the performance and accessibility status of various components. It also
enables administrators to perform essential management activities. This
monitoring also aids in the analysis of storage infrastructure resource use
and consumption. This research aids capacity planning, forecasting, and
the most efficient use of these resour ces. The ambient characteristics of
the Storage infrastructure, such as heating and power supply, are also
monitoring.
14.4.1 Monitoring Parameters
Accessibility, capacity, performance, and security should all be
monitored in storage infrastructure compo nents. The availability of a
component to perform its desired action throughout a given time period is
referred to as accessibility. Checking the availability status of hardware
components (for example, a port, an HBA, or a disc drive) or software
componen ts (for example, a database) requires evaluating the warnings
issued by the system. A port failure, for example, may result in a cascade
of availability warnings.
To avoid a single point of failure, a storage infrastructure employs
redundant components. A component failure might result in an outage that
affects application availability, or it could result in performance
deterioration even if accessibility is not affected. Continuously monitoring
each component's anticipated accessibility and reporting an y deviations
aids the administrator in identifying malfunctioning components and
planning remedial action to meet SLA criteria.
The quantity of storage infrastructure resources available is
referred to capacity. Examining the free space available on a fil e system or
a RAID group, mailbox quotas assigned to users, or the number of ports
accessible on a switch are all examples of capacity monitoring.munotes.in
Page 265
265Insufficient capacity causes performance degradation or possibly
application/service outage. By preventing fa ilures before they happen,
capacity monitoring assures continuous data availability and scalability.
For example, if 90% of the ports in a given city are in use,If more arrays
and servers need to be placed on the same fabric, this might suggest that a
new switch is needed. Analytical tools are commonly used in capacity
monitoring to do trend analysis. These patterns assist in determining future
resource requirements as well as estimating deployment times.
Performance monitoring assesses the efficiency of v arious storage
infrastructure components and aids in the identification of bottlenecks.
Performance monitoring examines and assesses behaviour in terms of
response time or capacity to execute at a certain level. It also deals with
resource usage, which has an impact on how resources behave and
respond. Performance measurement is a difficult process that entails
evaluating multiple components based on a number of interconnected
factors. The total number of Disk I/O, application response time, and
network use are all factors to consider and server -CPU usage are two
examples of performance metrics that should be considered.
Unauthorized access, whether inadvertent or intentional, may be
tracked and prevented by monitoring a storage infrastructure for security.
Unauthorized configuration modifications to storage infrastructure
resources can be tracked with security monitoring. Security monitoring,
for example, keeps track of and reports on the initial zoning configuration
as well as any later changes.
14.4.2 Co mponents Monitored
The components of the storage environment that should be monitored for
accessibility, capacity, performance, and security include hosts, networks,
and storage. Physical or virtualized components can be used.
Hosts
The accessibility of a host is determined by the state of availability
of its hardware components and software processes. A host's NIC failure,
for example, might render the host inaccessible to its users. Server
clustering is a system that ensures high availability in the ev ent of a server
failure.
It's critical to keep track of a host's file system capacity usage to
ensure that apps have enough storage space. The loss of file system space
causes application availability to be disrupted. Monitoring aids in
estimating the ra te of expansion of the file system and predicting when it
will reach 100%.As a result, the administrator can proactively expand the
file system's space (manually or automatically) to avoid application
downtime. Virtual provisioning technology is used.munotes.in
Page 266
266Allows for efficient storage capacity management, although it is
extremely reliant on capacity monitoring.
The basic goal of host performance monitoring is to keep track of
how much of various server resources, such as CPU and mem ory, are
being used. For example, if a server running an application consistently
sees 80 percent CPU use, the server may be running out of processing
power, resulting in decreased performance and slower response times.
Administrators can address the issue by upgrading or adding additional
CPUs, as well as redistributing the burden across various servers. To
satisfy performance needs in a virtualized environment, more CPU and
memory may be dynamically assigned to VMs from the pool, if available.
On server s, security monitoring entails recording login failures as
well as the execution of illegal programmers or software activities. The
danger identified informs proactive actions against unauthorized access to
the systems. An administrator, for example, can d isable a user's access if
numerous login failures are recorded.
Storage Network
To guarantee that communication between the server and the
storage array is not disrupted, storage networks must be monitored. Access
to data across the storage network is contingent on the physical and logical
components of the storage network being accessible. Switches, ports, and
cables are the physical components of a storage network. Constructs such
as zones are among the logical components. Data is unavailable when on e
or more physical or logical components fail. Errors in zoning, such as
supplying the wrong WWN for a port, result in the port being unable to be
accessed, possibly preventing a host from accessing its storage.
The number of available ports in the fabri c, the usage of the inter
switch connections, or individual ports, and each interconnect device in
the fabric are all monitored during capacity monitoring in a storage
network. Capacity monitoring offers all of the necessary data for future
fabric resource planning and optimization.
Monitoring the storage network's performance allows you to
analyze individual component performance and detect network
bottlenecks. Monitoring port performance, for example, entails calculating
the receiver or transmit li nk usage metrics, which show how busy the
switch port is. I/O queuing on the server might be caused by heavily
utilizing ports, resulting in poor performance.
Network latency, packet loss, bandwidth usage for I/O, network
faults, packet retrans mission rates, and collisions are all things to keep an
eye on when it comes to IP networks.munotes.in
Page 267
267Storage network security monitoring detects any unauthorized
modifications to the fabric's configuration, such as changes to zone
policies that might compromise d ata security. Login failures and illegal
access to switches for administrative modifications should be continually
documented and monitored.
Storage
For its physical components and different operations, the
storage array's accessibility should be checked . Individual component
failure does not normally impair the accessibility of storage arrays because
they are often built with redundant components. Failure of any process in
the storage array, on the other hand, might cause business activities to be
disrup ted or jeopardized. The failure of a replication task, for example, has
an impact on disaster recovery capabilities. If hardware or process issues
occur, certain storage arrays include the ability to transmit messages to the
vendor's support center, known as a call home.
A storage array's capacity monitoring allows the administrator to
anticipate storage demands based on capacity usage and consumption
patterns. The administrator can use information regarding unconfirmed
and unallocated storage space to de termine if a new server can be given
storage capacity from the storage array.
Various performance measures, such as utilization rates of various
storage array components, I/O response time, and cache utilization, can be
used to monitor a storage array. A component of a storage array that is
overworked, for example, may cause performance deterioration.
A storage array is often a shared resource that is vulnerable to
security attacks. Monitoring security helps track unlawful storage array
configuration a nd guarantees that only authorized users have access to it.
14.4.3 Monitoring Examples
A storage infrastructure necessitates the installation of an end -
to-end system that actively monitors all of its components' parameters.
Early detection and preemptive alerting guarantee that essential assets
continue to provide uninterrupted service. Furthermore, the monitoring
tool should assess the consequences of a failure and determine the root
cause of symptoms.
Accessibility Monitoring
Because of thei r linkages and interdependence, the failure of one
component might influence the accessibility of another. Consider the
following scenario: H1, H2, and H3 are three servers in a storage system.
Each and every server as illustrated in Figure A, are configur ed with two
HBAs, each linked to the production storage array by two switches, SW1
and SW2. On the storage array, all of the servers share two storage ports,
and multipath software is installed on all of themmunotes.in
Page 268
268
Figure A: Switch failure in a storage infrastructure
The multipath software begins a path failover i fo n eo ft h e
switches (SW1) fails, and all of the servers continue to access data through
the other switch, SW2. However, because there is no redundant switch, a
second switch failure may render the array inaccessible. Monitoring for
accessibility allows a n administrator to identify a switch failure and take
necessary action before another happens.
In most situations, the administrator is notified of a failing
component's symptoms and can take action before it fails.
Capacity Monitoring
Servers H1, H2, and H3 are linked to the production array by
two switches, SW1 and SW2, in the situation depicted in Figure B Each
of the servers is uniquemunotes.in
Page 269
269
Figure B: Monitoring storage array capacity
Is the amount of storage on the storage array that has been
assigned. In this configuration, when a new server is deployed, the
applications on the new server must be provided storage capacity from the
production storage array. Monitoring the array's availa ble capacity
(configurable and unallocated) allows you to decide ahead of time if the
array will be able to offer enough storage for the new server. Also,
monitoring the number of ports available on SW1 and SW2 also aids in
determining whether the new serv er can be connected to the switches.
The following example demonstrates the significance of fi
le system capacity monitoring on fi le servers. Figure C depicts the
environment of a file system when it is full, resulti ng in application outage
when capacity is not available.munotes.in
Page 270
270Monitoring is in place. When capacity thresholds on the file
system are surpassed, monitoring may be trusted to send a notification. A
warning message is sent when the file system reaches 66 percent of its
capacity, and a critical message is sent when the file system reaches 80
percent of its capacity (see Figure C. This allows the administrator to take
steps to expand the file system before it reaches its maximum capacity.
Monitoring the file system in advance can help prevent application
outages caused by a shortage of file system capacity.
Server File System
(a) No Monitoring
(b) File System Monitoring
Figure C: Monitoring server file system space
Performance Monitoring
Figure shows how important it is to keep track on the performance
of storage arrays. Switches SW1 and SW2 link servers H1, H2, and H3
(each with two HBAs) to the storage array in this example. To access
LUNs, the three servers use the same storage ports on the storage array. .
A new server with a high -workload application must be installed to use the
same storage port as H1, H2, and H3.
Monitoring array port utilization guarantees tha t the new server
does not have a negative impact on the other servers' performance. The
solid and dotted lines in the graph depict use of the shared storage port in
this case. If the port usage prior to deploying the new server is close to
100%, then insta lling the new server is not advised since it may have an
influence on the existing server's performance.
The other servers' performance However, if the port's usage prior
to the new server's deployment is closer to the dotted line, there is room to
add a new server.
munotes.in
Page 271
271
Figure: Monitoring array port utilization
Most servers come with tools that allow you to keep track of
your server's CPU utilization. For example, as illustrated in Figure 14 -5,
Windows Task Manager displays CPU and memory utilization. These
technologies, on the other hand, a re ineffective in monitoring hundreds of
servers in a data center. Intelligent performance monitoring solutions
capable of simultaneously monitoring numerous servers are required in a
data center setting.munotes.in
Page 272
272
Figure: Monitoring the CPU and memory usage of a server
Security Monitoring
Figure shows how important it is to keep an eye on the security of
a storage array.
The storage array is shared in this case by two workgroups, WG1
and WG2. WG1's data should not be available to WG2, and vice versa. A
user from WG1 may attempt to create a local duplicate of data from WG2.
It is difficult to detect such a breach of information security if the action is
not observed or recorded. If this activity is monitored, a warning message
can be delivered to suggest a remedial action or at the very least enable
detection as part of routine auditing.
The tracking of login attempts at the host is an example of host
security monitoring. If the login ID and password entered are corre ct, the
login is permitted; otherwise, the login attempt fails. If this activity is
monitored, a warning message can be provided to suggest a remedial
action or, at the very least, allow detection as part of routine auditing
activities. Monitoring login at tempts at the host is an example of host
security monitoring. If the login ID and password are correct, or if the
login attempt fails, the login is permitted.munotes.in
Page 273
273
Figure Monitoring security in a storage array
14.4.4 Alerts
Event alerting is an important element of monitoring. Alerting
keeps administrators informed about the state of different components and
processes —for example, failures of power, discs, memory, or switches,
which might have a nega tive influence on service availability and
necessitate prompt administrative action. Other events, such as a fi le
system approaching its capacity limit or a soft media fault on discs, are
considered warning indicators and may necessitate administrator
intervention.
Administrators can use monitoring tools to designate severity
levels based on the severity of the detected issue. An alert is sent to the
administrator, a script is laun ched, or an incident ticket is filed if a
situation with a specific severity level occurs. Informational notifications
to life -threatening warnings are all possible. Information alerts give useful
information without requiring the administrator's participa tion. An
example of an information alert is the establishment of a zone or LUN.
Warning alerts necessitate administrative action in order to contain the
notified circumstance. Accessibility is unaffected. If an alert shows that
the number of soft media def ects on a disc is reaching a predefined
threshold value, the administrator can determine whether the disc should
be replaced. Because the situation may compromise overall performance,
security, or availability, fatal alerts demand rapid response. If a disc fails,
for example, the administrator must ensure that it is replaced as soon as
possible.
Administrators can respond quickly and proactively to
problems thanks to continuous monitoring and automatic alerts. The
information provided by alerting assists administrators in prioritizing their
reaction to occurrences.
munotes.in
Page 274
27414.5 QUESTIONS
1.What are the layers minimize the risks in virtualized and cloud
systems.
2.State and explain most important network security mechanisms.
3.Write a short note on RSA SecureID
4.What are the default products included in VMware vShield family.
5.Explain why monitoring is one of the most important aspects that
forms the basis for managing storage infrastructure resources?
6.Why components of the storage environment that should be
monitored?
14.6 FURTHER READING
https://site s.google.com/site/testwikiforfirstciscolab/shd/14 -securing -
the-storage -infrastructure
http://www.ictacademy.in/pages/Information -Storage -and-
Management.aspx
14.7 REFERENCES
1.Information Storage and Management: Storing, Managing and
Protecting Digital Information in Classic, Virtualized and Cloud
Environments, EMC, John & Wiley Sons, 2ndEdition, 2012
2.Information Storage and Management, P ankaj Sharma
munotes.in
Page 275
27515
STORAGE INFRASTRUCTURE
MANAGEMENT ACTIVITIES
Unit Structure
15. 1 Introduction
15.2 Storage Infrastructure Management Activities
15.2.1 Availability Management
15.2.2 Capacity Management
15.2.3 Performance Management
15.2.4 Security Management
15.2.5 Reporting
15.2.6 Storage Infrastructure Management in a Virtualized
Environment
15.2.7 Storage Management Examples
15.3 Storage Infrastructure Management Challenges
15.4 Developing an Ideal Solution
15.4.1 Storage Management Initiative
15.4.2 Enterpris e Management Platform
15.5 Information Lifecycle Management
15.6 Storage Tiering
15.6.1 Intra -Array Storage Tiering
15.6.2 Inter -Array Storage Tiering
15.7 Concepts in Practice: EMC Infrastructure Management Tools
15.7.1 EMC Control Center and Pro -sphere
15.7.2 EMC Uni -sphere
15.7.3 EMC Unified Infrastructure Manager (UIM)
13.8 Summery
13.9 Review Questions
13.10 References
15.0 OBJECTIVES:
After completing this chapter you will be able to :
Lean major storage infrastructure components that should be
monitored.
Lean Storage Infrastructure Management Challenges and its
solutions
Also learn Storage Tieringmunotes.in
Page 276
27615. 1 INTRODUCTION
Unprecedented data growth, application proliferation, business
process complexity, and need Information growth, application
prolif eration, business process complexity, and needs have never been
greater. Information availability 24 hours a day, seven days a week has
increased the demand on storage infrastructure.
Managing storage infrastructure efficiently is essential for
companies to solve these issues and maintain business continuity. To
reach the needed service level, comprehensive storage infrastructure
management necessitates the use of intelligent tools and procedures.
Performance twseaking, data protection, access control, cen tral auditing,
and satisfying compliance requirements are all possible with these
technologies. They also guarantee that current resources are consolidated
and efficiently utilizing reducing the need for continuous infrastructure
investment. The management process establishes processes for addressing
diverse activities, such as incidents, problems, and change requests, in an
efficient manner. Because of the interdependence of the components, it is
critical to manage not only the individual components, but t he
infrastructure as a whole.
Information Life -cycle Management (ILM), for example, is a
storage infrastructure management strategy that optimizing storage
investment while achieving service requirements. ILM assists in the
management of information depen ding on its business value.
Managing storage infrastructure necessitates a variety of tasks,
including access, capacity, performance, and security management. All of
these actions are intertwined and should be examined in order to achieve
the best results rate of return on investment. The paradigm of storage
infrastructure management has shifted drastically as a result of
virtualization technologies.
The return on investment monitoring and control of storage
infrastructure is covered in this chapter. It also explains the industry
requirements for creating storage resource management software. This
chapter also covers ILM, its advantages, and storage tiering.
15.2STORAGE INFRASTRUCTURE MANAGEMENT
ACTIVITIES
The growing complexity of managin g storage infrastructures is
due to the rapid expansion of information, proliferation of applications,
heterogeneous infrastructure, and high service -level requirements. Storage
virtualization and additional technologies, including as data duplication
and compression, virtual provisioning, federated storage access, and
storage tiring, have, nevertheless, emerged.munotes.in
Page 277
277Availability management, capacity management, performance
management, security management, and reporting are some of the major
storage infrastruct ure management tasks done in a data center.
15.2.1 Availability Management
Establishing a good guideline based on specified service levels to
assure availability is a crucial responsibility in availability management.
All availability -related issues for c omponents or services are managed as
part of availability management to guarantee that service standards are
fulfilled. Provisioning redundancy at all levels, including components,
data, and even locations, is a crucial task in availability management.
When a server is installed to support a key business function, for example,
high availability is required. Two or more HBAs, multipath software, and
server clustering are typically used to accomplish this. At least two
separate fabrics and switches with built -in redundancy must be used to
link the server to the storage array. Furthermore, storage arrays should
include built -in redundancy for various components and enable both local
and distant replication.
15.2.2 Capacity Management
The objective of capacity management is to guarantee that resources
are available in sufficient quantities to meet service level requirements.
Capacity management also include capacity optimization based on cost
and future requirements. On a regular basis, capacity manage ment does a
capacity analysis that compares allocated storage to anticipated storage.
It also offers trend analysis based on consumption rates, which must
be balanced against storage acquisition and deployment schedules.
Capacity management is an example of storage provisioning. It entails
tasks like establishing RAID sets and LUNs and assigning them to the
host. Another form of capacity management is enforcing capacity quotas
for users. By allocating a fixed number of user quotas, users are pre vented
from exceeding the given capacity.
Data duplication and compression technologies have decreased the
quantity of data that has to be backed up, and therefore the amount of
storage space that needs to be managed.
15.2.3 Performance Managem ent
All components' operating efficiency is ensured by performance
management. Performance analysis is a crucial activity that aids in the
identification of storage infrastructure component performance. This study
determines whether or not a component ac hieves its performance targets.
When deploying a new application or server in an existing storage
system, certain performance management tasks must be completed. Every
component must be verified to ensure that it meets the service level
requirements for performance. For example, operations on the server, such
as volume configuration and database architecture, can be optimized to
achieve the desired performance levels. It is necessary to fine -tune themunotes.in
Page 278
278application layout, the configuration of n umerous HBAs, and clever
multipath software. Designing and deploying sufficient ISLs in a multi
switch fabric with sufficient bandwidth to achieve the desired performance
levels are among the performance management responsibilities on a SAN.
When consideri ng end -to-end performance, storage array configuration
duties include selecting the proper RAID type, LUN layout, front -end
ports, back -end ports, and cache configuration.
15.2.4 Security Management
The security management activity's main goal is to maintain
information confidentiality, integrity, and availability in both virtualized
and non -virtualized settings. Unauthorized access to storage infrastructure
components is prevented by security management. Security administration
duties, for exa mple, include maintaining user accounts and access policies
that enable users to execute role -based activities when deploying an
application or a server. Configuring zoning to prevent an illegal HBA
from accessing particular storage array ports is one of t he security
management responsibilities in a SAN system. In a SAN system, security
management duties include configuring zoning to prevent an illegal HBA
from accessing certain storage array ports. Similarly, a storage array's
security management duty incl udes LUN masking, which limits a host's
access to only the LUNs that are intended.
15.2.5 Reporting
Keeping track of and obtaining data from multiple components and
processes is part of reporting on a storage system. Trend analysis, capacity
planning, chargeback, and performance reports are generated using this
data. Capacity planning reports provide current and historical statistics on
storage, file systems, database tables -pace, ports, and other resources.
Device allocation, local or distant re plicas, and fabric configuration are all
included in the configuration and asset management reports. This report
also includes a detailed inventory of all the equipment, including purchase
dates, lease status, and maintenance records. Detailed information
regarding the performance of various storage infrastructure components
may be found in performance reports.
15.2.6 Storage Infrastructure Management in a Virtualized
Environment
The complexity of storage infrastructure management has been
subst antially reduced thanks to virtualization technologies. In reality, the
flexibility and simplicity of management of virtualization at all layers of
the IT infrastructure are major reasons for its widespread adoption.
Storage virtualization ha s allowed for dynamic data transfer and
storage volume expansion. Storage volumes may be dynamically extended
to suit capacity and performance needs without causing any disruptions.
Data may be moved both inside and between data centers because
virtualizat ion removes the link between the storage volumes displayed to
the host and its actual storage. While reconfiguring the physical
environment, this has made the administrator's responsibilities easier.munotes.in
Page 279
279Another innovation that has altered the infr astructure management
cost and complexity picture is virtual storage provisioning. Storage
capacity is allocated in advance in traditional provisioning in anticipation
of future expansion. Because growth is uneven, some users or apps may
reach capacity lim its, while others may have surplus capacity that goes
unused. Virtual provisioning can help to solve this problem and make
capacity management easier. Storage is allocated from the shared pool to
hosts on -demand in virtual provisioning. This enhances stora ge capacity
usage and, as a result, simplifies capacity management.
Network management efficiency has also benefited from
virtualization. VSANs and VLANs make the administrator's job simpler
by conceptually isolating separate networks rather t han physically
separating them using management tools.
On a same physical network, many virtual networks may be
established, and node reconfiguration can be done fast without any
physical modifications. It also addresses some of the security concerns
thatcould arise in a traditional setting.
Compute virtualization on the host side has made host deployment,
configuration, and migration easier than in a physical environment.
Virtualization of compute, application, and memory resources has
enhan ced provisioning while also contributing to high resource
availability.
15.2.7 Storage Management Examples
Examples of various storage management actions are provided in
the next section.
Example 1: Storage Allocation to a New Server/Host
Consider adding a new RDBMS server to your existing non -
virtualized storage environment. Before the server is physically connected
to the SAN, the administrator must first install and configure the HBAs
and device drivers as part of storage management o perations. Multi -path
software can be installed on the server as an option, although this may
need additional configuration. The SAN should also be linked to storage
array ports.
The administrator must then execute zoning on the SAN
switch es in order to grant the new server access to the storage array ports
through its HBAs. The new server's HBAs should be connected to various
switches and zoned with distinct array ports to guarantee redundant routes
between the server and the storage array .
In addition, the administrator must configure LUNs on the array
and allocate these LUNs to the front -end ports of the storage array. In
addition, the storage array is configured using LUN masking, which
blocks access to LUNs by a single server.munotes.in
Page 280
280Depending on the operating system used, the server then finds
the LUNs assigned to it via a bus rescan procedure or, in certain cases, a
server reboot. A volume manager can be used to manage the host's logical
volumes and file syst ems. The number of logical volumes or file systems
that must be built is determined by how the storage will be used by a
database or application. The administrator's job also include setting up a
database or application on the newly formed logical volumes or file
systems. The final step is to enable the database or program to use the
additional file system space. The actions conducted on a server, a SANs,
and a storage array for the allocation of storage to a new server are
depicted in Figure
Provisioning storage to a VM that runs an RDBMS in a
virtualized environment necessitates distinct administrative activities. A
physical link must be created between the physical server that hosts the
VMs and the storage array through the SANs, jus t like in a non -virtualized
environment. A VSAN may be trusted to transmit data between the
physical server and the storage array at the SANs level. The VSAN
separates this storage traffic from the rest of the SAN's traffic.
Additionally, the administrator can set up zoning within the VSANs.
Administrators must build thin LUNs from the shared storage pool
and assign these thin LUNs to the storage array front -end ports on the
storage side. LUNs masking is required on the storage array, just as it is in
ap hysical environment.
Figure Storage allocation tasks
The hypervisor detects the allocated LUNs on the physical server.
To store and manage VM files, the hypervisor constructs a logical volume
and file system. The administrator next builds a virtual machine (VM) and
installs the operating system and database management system on it. The
hypervisor produces a virtual disc file and other VM files in the hypervisor
file system when constructing the VM. The RDBMS data is stored on the
virtual disc file, which appears to the VM as a SCSI drive. Alternatively,
the hypervisor can activate virtual provisioning and allocate a thin virtualmunotes.in
Page 281
281disc to the VM. Multi -paths generally available natively on hypervisors. A
third-party multi -path program can be loaded on the hypervisor if desired.
Example 2: File System Space Management
Administrators must do activities to offload data from an
existing fi le system to avoid a fi le system from running out of capacity.
This might involve r emoving files that are no longer needed or archiving
data that hasn't been viewed in a long time.
Alternatively, an administrator can expand the size of the file
system by extending it and prevent a service interruption. A dynamic
extension of fi le syste ms, often known as.
The operating system or logical volume manager (LVM) in use
determines the logical volume. In the flow chart, Figure depicts the
procedures and considerations for extending fi le systems.
Figure : Extending a file system
Example 3: Chargeback Report
The storage infrastructure management activities required to
produce a chargeback report are explored in this example.
A configuration in a storage infrastructure is shown in Figure .
Three Two switche s, SW1 and SW2, link servers with two HBAs to a
storage array.SW1 and SW2 On each of the servers, individualmunotes.in
Page 282
282departmental applications operate. Local and distant duplicates are created
using array replication technology. The production device is labelled A ,
the local duplicate device is labelled B, and the final device is labelled C.
A chargeback analysis for each department is used to generate a
report detailing the precise amount of storage resources consumed by each
application. If the b illing unit is based on the quantity of raw storage
(usable capacity plus protection supplied) estimated for a department's
application, the precise amount of raw space estimated for each
application must be disclosed. A example report is shown in Figure The
information about two people is shown in the report. Payroll 1 and
Engineering 1 are two apps.
ApplicationStorag
e
(GB)Productio
n
Storage
Raw
(GB)Local
Replic
a
Storag
eR a w
(GB)Remot
e
Replic
a
Storag
eR a w
(GB)Total
Storag
e
Raw
(GB)Chargeba
ckCost$ 5/Raw(GB)
Payroll_1 100 200 100 125 425 $2 1 2 5
Engineering
_1200 250 200 250 700 $3 5 0 0
Figure : Chargeback report
The first step in calculating chargeback charges is to match the
application to the precise quantity of raw sto rage required for that
application.
The Payroll 1 application storage space is tracked from file
systems to logical volumes, volume groups, and LUNs on the array, as
shown in Figure . The storage space utilized for local replication and
distant replication is also identified when the applications are duplicated.
The program uses Source Vol1 and Vol2 in the example given (in the
production array).munotes.in
Page 283
283
Figure : Correlation of capacity configured for an application
After the array devices have been identified, the amount of
storage assigned to the program may be readily calculated. Consider the
following scenario: Source Vol1 and Vol2 are both 50 GB in size, and the
application is allotted 100 GB (50 + 50)
For local replication, 100 GB is allotted, while for distant
replication, 100 GB is allotted. Based on the RAID protection that is
utilize for various array devices, the raw storage configured for the
application is calculated from th e assigned storage.
The raw space needed by the production volumes of the Payroll
1 application is 200 GB if they are RAID 1 -protected. If the local copies
are on unprotected volumes and the distant replicas are protected using a
RAID 5 c onfiguration, the local replica will utilized 100 GB of raw space
and the remote replica will use 125 GB. As a result, the Payroll 1 program
uses a total raw capacity of 425 GB. The overall storage cost for the
Payroll 1 application will be $2,125 (assumin ga$ 5p e rG Bs t o r a g ec o s t ) .
To create the chargeback report, this process must be done for each
application in the business.
Chargeback reports can be expanded to include the cost of
additional resources in the setup, such as the numb er of switch ports,
HBAs, and array ports. Data center managers utilized chargeback reports
to ensure that storage customers are informed of the prices of the services
they have requested.
15.3STORAGE INFRASTRUCTURE MANAGEMENT
CHALLENGES
It's d ifficult to keep track of and manage today's complicated
storage infrastructure. This is due to the environment's variety in terms of
storage arrays, networks, servers, databases, and applications.
Heterogeneous storage arrays, for example, differ in terms of capacity,
performance, security, and architecture.
Each component in a data center is generally equipped with
vendor -specific management tools. Because the tools may not be
compatible, understanding the overall condition of the environmen t is
difficult in an environment with many tools in an ideal world,munotes.in
Page 284
284management tools would bring together data from all components in one
location. Such tools give a complete picture of the environment, as well as
a speedier root cause analysis and resolut ion of alarms.
15.4DEVELOPING AN IDEAL SOLUTION
An ideal solution would provide actionable information into the
overall infrastructure's condition as well as root cause investigation for
each failure. In a multi -vendor storage environment, this solut ion should
also enable central monitoring and administration, as well as an end -to-
end view of the storage infrastructure.
The capacity to connect one component's activity with the
behaviour of another is a benefit of end -to-end monitoring. In many
situat ions, examining each component separately may not be sufficient to
determine the root of the problem. The central monitoring and
management system should collect data from all components and handle it
via a single user interface. It must also offer a way f or administrators to be
notified of various occurrences via e -mail and Simple Network
Management Protocol (SNMP) traps. It should also be able to create
monitoring reports and perform automatic task automation routines.
By utilize common AP Is, data model language, and taxonomy,
the optimal solution must be built on industry standards. This allows
policy -based management to be implemented across heterogeneous
devices, services, applications, and deployed topologies.
The SNMPs protocol was formerly the industry standard for
managing multi -vendor SANs systems. SNMPs, on the other hand, was
insufficient for delivering the level of detail necessary to control the SANs
environment. The unavailability of automatic discovery functions and
weak modeling constructs are some inadequacy of SNMPs in a SANs
environment. Despite these drawbacks, SNMPs continues to play a
significant role in SAN administration, even as newer open storage SAN
management standards develop to better monitor and c ontrol storage
settings.
15.4.1 Storage Management Initiative
The Storage Networking Industry Association (SNIA) has
been working on a project to provide a standard storage management
interface. Storage Management Initiative -Specificati on is a specification
produced by SNIA (SMI -S). The Web -Based Enterprise Management
(WBEM) technology and the Distributed Management Task Force's
(DMTF) Common Information Model are used to create this standard. The
goal of the effort was to provide extens ive interoperability and
administration across heterogeneous storage and SAN components. Visit
www.snia.org for additional details.munotes.in
Page 285
285Users and sellers alike will benefit from SMI -S. It creates a
standardized, abstracted model to which the phy sical and logical
components of a storage system may be mapped. This paradigm is used by
management program for standardized, end -to-end control of storage
resources, such as storage resource management, device management, and
data management.
Device software developers may use SMI -S to provide a unified
object model that includes data about controlling a wide range of storage
and SAN components. SMI -S-compliant devices make policy -based
storage management framework implementation and accep tance easier,
quicker, and more widespread. Furthermore, SMI -S eliminates the
requirement for manufacturers to build their own management interfaces,
allowing them to focus on value -added functionality.
15.4.2 Enterprise Management Platform
Anenterprise management platform (EMPs) is a collection of tools
that work together to manage and monitor a company's storage
infrastructure. These apps include unified frameworks that allow for end -
to-end control of both real and virtual resources.
These apps can keep an eye on storage infrastructure components
and send out alerts when something goes wrong. These warnings can be
shown on a console with the defective component highlighted in a
different color, or they can be set to send an e -mail. In addition to
monitoring, an EMP includes administration capability, which can be built
right into the EMPs or launched through the component manufacturer's
own management application.
An EMP also makes it simple to schedule activities that m ust be
done on a regular basis, such as resource provisioning, configuration
maintenance, and problem investigation. To make storage infrastructure
management easier, these systems include comprehensive analytical,
remedial, and reporting capabilities. EMC s Control Center and EMCs pro -
sphere are instances of EMPs, as stated in section 15.7 "Concepts in
Practice."
15.5INFORMATION LIFECYCLE MANAGEMENT
If information is not handled properly, it may be costly in both
traditional data centers an d virtualised settings. To handle information
effectively, you'll need more than just the tools. You'll also need a good
management plan. This strategy should address the following key
challenges that exist in today’s data centers.
Expand digital universe: Information is growing at an exponential
rate. The multi -fold rise in information growth has been attributed
to the creation of copies of data to ensure high availability and
reuse.munotes.in
Page 286
286Increasing dependency on information: The strategic use of data is
critic al to a company's success and gives competitive advantages in
the marketplace.
Changing value information: Information that is useful today may
be less valuable tomorrow. Information's worth fluctuates a lot
throughout time.
Understanding the value of inf ormation throughout its life cycle is
crucial to developing a plan to tackle these issues. When information is
originally produced, it has the greatest value and is often accessed.
Information becomes less valuable to the business as it matures and is
accessed less regularly.
Understanding the value of information aids in the deployment of
suitable infrastructure in response to changing information value.
For example, the value of information (customer data) in a
sales order application varies from the moment the purchase is placed until
the warranty is invalid . When a firm receives a new sales order and
processes it to deliver the goods, the information has the greatest value.
Customer data does not need to be available for real -time ac cess once the
order has been fulfilled. Until a warranty claim or another event
necessitates its use, the firm can shift this data to less costly secondary
storage with reduced performance. The firm can discard the information
once the warranty has expired .
Figure: Changing value of sales order information
Information Life -cycle Management (ILM) is a proactive
technique that allows an IT company to efficiently manage information
throughout its life cycle while adhering to predefined busine ss standards.
ILM automates the alignment of business objectives and procedures with
service levels from data generation through data disposal. This enables a
company's storage system to be optimized for optimum return on
investment. The following main ben efits of implementing an ILM
approach that directly address the issues of information management:
Lower Total Cost of Ownership (TCO): Infrastructure and
administrative expenses are aligned with the value of information.
As a consequence, resources aren't squandered, and complexity
isn't added by handling low -value data over high -value data.munotes.in
Page 287
287Simplified management: Process stages and interfaces with
separate tools are integrated, and automation is increased.
Maintaining compliance: By understanding what data must be
protected for how long.
Optimized utilization: By deploying storage tiering.
15.6STORAGE TIERING
Storage tiering is a method of organizing several storage types
into a hierarchy (tiers). This allows for the cost -effective storage o ft h e
correct data in the proper tier based on service level needs. Each tier offers
varying degrees of security, performance, and pricing. High -performance
solid -state drives (SSDs) or FC drives, for example, can be designated as
tier 1 storage for often accessible data, whereas low -cost SATA drives can
be designated as tier 2 storage for less frequently accessed data.
Application performance is improved by storing frequently used data on
SSD or FC. Moving less -frequently accessed data to SATA can free up
storage capacity and lower storage costs in high -performance SSDs. This
data flow is governed by defined tiering regulations. Tiering policies can
be based on a variety of factors, including file type, size, frequency of
access, and so on. For example, if a policy specifies, "Move the files that
haven't been accessed in the previous 30 days to the lower tier," all files
that meet this criteria are moved to the lower tier.
Storage tiering can be carried out manually or automatically. The
conv entional technique of manual storage tiering is for the storage
administrator to monitor the storage workloads on a regular basis and shift
the data across the tiers. Manual storage tiering is difficult and time -
consuming. Automated storage tiering streaml ines the storage tiering
process by moving data across levels in a non -disruptive manner. The
application workload is proactively monitored in automated storage
tiering, and active data is automatically transferred to a higher
performance tier, while idle data is automatically moved to a greater
capacity, lower performance tier. Within (intra -array) or between (inter -
array) storage arrays, data can be moved across levels.
15.6.1 Intra -Array Storage Tiering
Intra-array storage tiering is the tec hnique of tiering storage within
a storage array. It optimize speed and cost by allowing the efficient usage
of SSD, FC, and SATA devices within an array. The objective is to keep
SSDs busy by keeping the most often accessed data on them and
transferring l ess frequently accessed data to SATA drives. The objective is
to keep SSDs busy by keeping the most often accessed data on them and
transferring less frequently accessed data to SATA drives. Data transfer
between tiers can be done at the LUNs or sub -LUNs l evel. Implementing a
layered cache can boost speed even further. The next sections cover LUNs
tiering, sub -LUNs tiering, and cache tiering.munotes.in
Page 288
288Storage tiering has traditionally been done at the LUNs level,
when a whole LUNs is moved from one sto rage tier to another In that
LUNs, this movement comprises both active and inactive data. This
approach is ineffective in terms of cost and performance.
Storage tiering is now possible at the sub -LUNs level .A LUNs is
split down into smalle r parts and rated at that level in sub -LUNs level
tiering. The value proposition of automated storage tiring is substantially
enhanced when data is moved at a finer granularity, such as 8 MB. At the
sub-LUNs level, tiring effectively transfers active data to faster drives
while less active data is moved to slower drives.
(a) LUN Tiering
(b) Sub -LUN Tiering
Figure : Implementation of intra -array storage tiering
As illustrated in Figure tiering can also be done at the cache level.
Ab i gc a c h e in a storage array boosts speed by storing a large quantity of
frequently requested data in the cache, allowing most reads to be delivered
directly from it. Configuring a big cache in the storage array, on the other
hand, is more expensive.
Utilizing the SSDs on the storage array is another option for
increasing the cache capacity. SSDs are utilized as a large capacity
secondary cache in cache tiering to allow tiering between DRAM (primary
cache) and SSDs (secondary cache). Server flash -caching is a secon d tier
of caching in which a flash -cache card is put in the server to improve the
application's performance even more.munotes.in
Page 289
289
Figure: Cache tiering
15.6.2 Inter -Array Storage Tiering
Inter-array storage tiering is the process of tiering stor age
between storage arrays. Inter -array storage tiering automates the
identification of active and inactive data in order to move it between the
arrays to different performance or capacity tiers. . A two -tiered storage
environment is illustrated in Figure . The primary storage is optimized for
performance, while the secondary storage is optimized for capacity and
cost. The policy engine, which may be software or hardware and is where
rules are defined, allows data to be moved from main to secondary storage
when it is inactive or seldom accessed. The policy engine produces a tiny
space -saving stub fi le in the main storage for each archived fi le that
refers to the data on the secondary storage. When a user attempts to access
a file from its original location on main storage, the user is transparently
given the file from secondary storage.
Figure Implementation of inter -array storage tieringmunotes.in
Page 290
29015.7CONCEPTS IN PRACTICE: EMC
INFRASTRUCTURE MANAGEMENT TOOLS
Due to the huge quantity of heterogeneou sr e s o u r c e si nt o d a y ' s
world, businesses are having difficulty managing their IT infrastructure.
Physical resources, virtualized resources, and cloud resources are all
possibilities. EMC provides a variety of tools to meet a variety of business
needs. EMC Control Center and Pro -Sphere are software suites that can
control storage infrastructure from end to end, while EMC Unisphere is
software that manages EMC storage arrays like VNX and VNX. The V -
block infrastructure is managed using EMC Unified Infrastruct ure
Manager (UIM) (cloud resources). Visit www.emc.com for additional
details.
15.7.1 EMC Control Center and Pro -sphere
EMC Control -Center is a collection of storage resource
management (SRM) products that work together to manage a multi -vend or
storage environment. It aids in the management of a big, complicated
storage environment that spans all layers and includes hosts, storage
networks, storage, and virtualization.
Storage planning, provisioning, monitoring, and reporting are just
af e wo f the features Control -Center offers. It supports the
implementation of an ILM strategy by offering full storage infrastructure
management. It also gives you a complete picture of your networked
storage infrastructure, including SAN, NAS, and host storag er e s o u r c e s ,a s
well as a virtual environment. It has a central administration console, new
component discovery, quota management, event management, root cause
analysis, and charge back capabilities. Access control, data confidentiality,
data integrity, lo gging, and auditing are all built -in security capabilities in
Control -Center. It has a straightforward, user -friendly UI that provides
insight into the ensuing complicated connections. To find the components
in the environment, Control -Center employs an ag ent.
EMC Pro -Sphere is also storage resource management software
designed to match the needs of today's cloud computing environment. In a
virtual and cloud environment, EMC Pro -Sphere boosts productivity and
service standards. The followin g major features are included in Pro -
Sphere:
End-to-end visibility: It gives insight into the intricate interactions
between items in big, virtual systems using a simple, easy -to-use
interface.
Multi -site management: Pro -Sphere's federated design collects data
from several sites and simplifies data administration between data
centers from a single console. Pro -Sphere is controlled via a web
browser, allowing for convenient remote management via the
Internet.munotes.in
Page 291
291Improved productivity in growing virtual environ ments: Pro-
Sphere provides Smart Organizes, a unique technology that groups
items with similar characteristics into a user -defined group for
administrative purposes. This allows IT to manage assets or create
data collection policies using a policy -based ap proach.
Fast, easy, and efficient deployment: Agent -less discovery
eliminates the burden of deploying and managing host agents. Pro -
Sphere is packaged as a virtual appliance that can be installed in a
short time.
Delivery of IT as a service: Service levels may now be monitored
from the host to the storage layers with Pro -Sphere. This enables
companies to maintain constant service levels at an appropriate
price -performance ratio while offering IT -as-a-service to fulfil
business objectives.
15.7.2 EMC Uni -sphere
EMC Uni -sphere is a unified storage management platform
that lets you manage EMC VNX and EMC VNX storage arrays with
simple user interfaces. Uni -sphere is web -based and allows storage arrays
to be managed remotely. The following a re some of Uni -sphere's major
features:
Offers unified storage management for files, blocks, and objects
Allows all devices in a management domain to be accessed with a
single sign -on.
Supports automatic storage tiering and ensures that data is kept in
theappropriate tier to maximize performance and minimize costs.
Allows you to handle both real and virtual components.
15.7.3 EMC Unified Infrastructure Manager (UIM)
For V -blocks, EMC Unified Infrastructure Manager is a
unified managemen t solution. (Chapter 13 discusses V -block.) It allows
for the configuration of V -block infrastructure resources as well as the
activation of cloud services. It provides a single user interface for
managing numerous V -blocks, removing the need to configure compute,
network, and storage individually using various virtual infrastructure
management systems. UIM provides a dashboard that displays how the V -
block infrastructure is managed and resources are allocated. This allows
an administrator to keep track of the configuration and usage of the V -
block infrastructure resources, as well as plan for future capacity needs. A
topology or map view of the V -block infrastructure is also provided by
UIM, allowing an administrator to easily find and understand the linkag es
of the V -block infrastructure components and services. It has an alerts
interface that allows administrators to view warnings for V -block
infrastructure resources and associated services that have been affected by
issues. Configuration. It validates com pliance with configuration best
practices. It also prevents conflicting resource identity assignments, formunotes.in
Page 292
292example, accidentally assigning a MAC address to more than one virtual
NIC
15.8 SUMMARY
The proliferation of data, its criticalit y, and organizations'
rising reliance on digital data are resulting in bigger, more sophisticated
storage systems. These infrastructures are becoming more difficult to
manage. If a catastrophic failure happens, poorly managed storage systems
can put the en tire organization at risk.
The operations of monitoring and managing the storage
infrastructure were covered in this chapter. This chapter also covered
Information Life -cycle Management and its advantages, as well as storage
tiering. Its advantages and storage tiering.
15.9EXERCISES
1.Explain the storage infrastructure management a ctivities in details.
2.What is the role of Storage Infrastructure Management in a
Virtualized Environment
3.Write a short note on Storage Management with exampl e.
4.What are the challenges of Storage Infrastructure Management .
5.Explain Information Lifecycle Management
6.Describe Storage Tiering in details.
7.Explain Intra-Array Storage Tiering
8.Explain Inter-Array Storage Tiering
15.10 REFERENCES
Information storage a nd management: storing, managing and protecting
digital information in Classic, Virtualized and Cloud Environments, EMC
author, by Joh Wiley and Sons 2ndedition 2012.
munotes.in