This blog is for the open exchange of ideas relating to IBM Systems, storage and storage networking hardware, software and services.
(Short URL for this blog: ibm.co/Pearson )
Tony Pearson is a Master Inventor, Senior IT Architect and Event Content Manager for [IBM Systems for IBM Systems Technical University] events. With over 30 years with IBM Systems, Tony is frequent traveler, speaking to clients at events throughout the world.
Lloyd Dean is an IBM Senior Certified Executive IT Architect in Infrastructure Architecture. Lloyd has held numerous senior technical roles at IBM during his 19 plus years at IBM. Lloyd most recently has been leading efforts across the Communication/CSI Market as a senior Storage Solution Architect/CTS covering the Kansas City territory. In prior years Lloyd supported the industry accounts as a Storage Solution architect and prior to that as a Storage Software Solutions specialist during his time in the ATS organization.
Lloyd currently supports North America storage sales teams in his Storage Software Solution Architecture SME role in the Washington Systems Center team. His current focus is with IBM Cloud Private and he will be delivering and supporting sessions at Think2019, and Storage Technical University on the Value of IBM storage in this high value IBM solution a part of the IBM Cloud strategy. Lloyd maintains a Subject Matter Expert status across the IBM Spectrum Storage Software solutions. You can follow Lloyd on Twitter @ldean0558 and LinkedIn Lloyd Dean.
Tony Pearson's books are available on Lulu.com! Order your copies today!
Safe Harbor Statement: The information on IBM products is intended to outline IBM's general product direction and it should not be relied on in making a purchasing decision. The information on the new products is for informational purposes only and may not be incorporated into any contract. The information on IBM products is not a commitment, promise, or legal obligation to deliver any material, code, or functionality. The development, release, and timing of any features or functionality described for IBM products remains at IBM's sole discretion.
Tony Pearson is a an active participant in local, regional, and industry-specific interests, and does not receive any special payments to mention them on this blog.
Tony Pearson receives part of the revenue proceeds from sales of books he has authored listed in the side panel.
Tony Pearson is not a medical doctor, and this blog does not reference any IBM product or service that is intended for use in the diagnosis, treatment, cure, prevention or monitoring of a disease or medical condition, unless otherwise specified on individual posts.
The developerWorks Connections Platform is now in read-only mode and content is only available for viewing. No new wiki pages, posts, or messages may be added. Please see our FAQ for more information. The developerWorks Connections platform will officially shut down on March 31, 2020 and content will no longer be available. More details available on our FAQ. (Read in Japanese.)
Continuing my romp through Australia and New Zealand, the last Storage Optimisation Breakfast of the week was Brisbane, which the locals here refer to as [Brisvegas], probably for all of the nightlife and casinos here.
The IBM office building is conveniently across the street from my hotel, the [Sofitel Brisbane]. The hotel also sits above central station, which allows quick transportation to the airport.
This time, we had a tag team of two people from James Cook University (JCU) to present their success story. First up was Kent Adams, the Director or Information Technology and Resources. JCU is recognized as one of the top 5 percent of Universities worldwide, and as a result, their data storage requirements are growing at 400 percent per year! Their latest purchase put out for RFP was for at least 40TB that could handle at least 20,000 IOPS. The winning solutions was an IBM XIV disk system.
Behind the scenes at all the events this week here in Australia were, from left to right, Natalie from GPJ Australia, the local subsidiary of the George P. Johnson events management we use in the states; Sonia Phillips, IBM Advisory Marketing Lead for Dynamic Infrastructure Optimisation and Cloud Computing, Demand Programs, for Australia and New Zealand; and Monika Lovgren, IBM Marketing and Execution Lead for Workload Optimised Systems for Australia.
The second speaker was Lee Askew, one of the Storage Administrators. Overall, the JCU team have been amazed at how well this box works. When they started it up, they expected to spend the next 24-36 hours formatting RAID ranks, but not with the XIV. It was ready in 2 minutes and they started provisioning storage right away. Their own tests to fail a drive found they can do a full rebuild to redundancy in 9 minutes. It took 8-36 hours on their previous disk array. Failing a full data module took only 75 minutes to bring back to redundancy.
After a long and tiring week, I was able to relax by walking through this beautiful King Edward park near the IBM building. This had a nice variety of plants and flowers, and with the surprise visit of a lizard about the length of my arm that crossed my path.
JCU also uses Asynchronous Mirror to replicate data to another XIV at distance. Again, as with all aspects of IBM XIV, the solution works as advertised. They are well positioned to grow from the 18,000 students they have today, to their target goal of 25,000 students they want to have by 2015.
Worldwide, IBM has done well with colleges and universities, and this was a great example of how partnering with IBM for your IT infrastructure can make a huge difference!
In the first two cities, Adam Beames, system administrator for Tennis Australia, presented. Tennis Australia is most known for running the [Australian Open], the first Grand Slam tennis tourney of the year, but they also run some smaller events, such as the Brisbane International, the Sydney International, the Hobart International, the Davis Cup, the Fed Cup and the Pro Tour. They have 150 full time staff, and another 180 staff contributed from their eight member associations they support.
Of these events, the Australian Open is by far the biggest, with over 9 million unique visitors to the website for the few weeks in January every year. For this, Tennis Australia leverages IBM cloud computing services. The rest of the year, they have deployed their own "private cloud" for running the other events. During the month of January, Tennis Australia grows their staff from 300 to 4500 people.
Adam had been there since 2005, and told how back then they were using beige-colored IBM PC 330 tower servers, on a plastic shelf that was sagging from the weight. This server had six hot-swappable drives, 4.5GB each. There was also a mysterious "blue box" that served as their serial distribution panel, operated by a laptop running Windows 95, with a spare laptop just in case for high-availability.
The situation started to improve in 2008, Tennis Australia brought in BladeCenter H with HS20, HS21 and HS22 blade servers, and x3850 M2 machines for VMware virtual machines, and boot over SAN to an IBM XIV disk system. This allows them to run all of the other tennis events throughout the year. It provided N+1 redundancy, and made the process of provisioning servers and storage simple and efficient.
This is the view of Melbourne from the IBM office. The tall 975 foot building on the left with the golden bumblebees at the base is the famous [Eureka Tower], Melbourne's tallest residential building.
As Paul Harvey would say, at Melbourne we got to hear [the rest of the story] from Chris Yates, the CIO of Tennis Australia. He came on board in November 2007, just six weeks prior to the big Australian Open of January 2008. Witnessing how bad the IT was for the infrastructure, he partnered with IBM to deploy all the solutions that Adam mentioned in the first two cities. The transformation over the past two years has been a phenomenal success, with some of the best recognized international tennis organizations crediting Tennis Australia for some of the best run events.
IBM is also using its [cloud computing services to help the US Open] as well. In both the Australian Open and the US Open, IBM provides a cloud computing capability that allows the operation to scale up dramatically for the tournament. IBM rapidly creates and provisions services on a common infrastructure -- services that are mission-critical to the tennis tournament.
I'm down here in Australia, where the government is a bit stalled for the past two weeks at the moment, known formally as being managed by the [Caretaker government]. Apparently, there is a gap between the outgoing administration and the incoming administration, and the caretaker government is doing as little as possible until the new regime takes over. They are still counting votes, including in some cases dummy ballots known as "donkey votes", the Australian version of the hanging chad. Three independent parties are also trying to decide which major party they will support to finalize the process.
While we are on the topic of a government stalled, I feel bad for the state of Virginia in the United States. Apparently, one of their supposedly high-end enterprise class EMC Symmetrix DMX storage systems, supporting 26 different state agencies in Virginia, crashed on August 25th and now more than a week later, many of those agencies are still down, including the Department of Motor Vehicles and the Department of Taxation and Revenue.
Many of the articles in the press on this event have focused on what this means for the reputation of EMC. Not surprisingly, EMC says that this failure is unprecedented, but really this is just one in a long series of failures from EMC. It reminds me of the last time EMC had a public failure with a dual-controller CLARiiON a few months ago that stopped another company from their operations. There is nothing unique in the physical equipment itself, all IT gear can break or be taken down by some outside force, such as a natural disaster. The real question, though, is why haven’t EMC and the State Government been able to restore operations many days after the hardware was fixed?
In the Boston Globe, Zeus Kerravala, a data storage analyst at Yankee Group in Boston, is quoted as saying that such a high-profile breakdown could undermine EMC’s credibility with large businesses and government agencies. “I think it’s extremely important for them,’’ said Kerravala. “When you see a failure of this magnitude, and their inability to get a customer like the state of Virginia up and running almost immediately, all companies ought to look at that and raise their eyebrows.’’
Was the backup and disaster recovery solution capable of the scale and service level requirements needed by vital state
agencies? Had they tested their backups to ensure they were running correctly, and had they tested their recovery plans? Were they monitoring the success of recent backup operations?
Eventually, the systems will be back up and running, fines and penalties will be paid, and perhaps the guy who chose to go with EMC might feel bad enough to give back that new set of golf clubs, or whatever ridiculously expensive gift EMC reps might offer to government officials these days to influence the purchase decision making process.
(Note: I am not accusing any government employee in particular working at the state of Virginia of any wrongdoing, and mention this only as a possibility of what might have happened. I am sure the media will dig into that possibility soon enough during their investigations, so no sense in me discussing that process any further.)
So what lessons can we learn from this?
Lesson 1: You don't just buy technology, you also are choosing to work with a particular vendor
IBM stands behind its products. Choosing a product strictly on its speeds and feeds misses the point. A study IBM and Mercer Consulting Group conducted back in 2007 found that only 20 percent of the purchase decision for storage was from the technical capabilities. The other 80 percent were called "wrapper attributes", such as who the vendor was, their reputation, the service, support and warranty options.
Lesson 2: Losing a single disk system is a disaster, so disaster recovery plans should apply
IBM has a strong Business Continuity and Recovery Services (BCRS) services group to help companies and government agencies develop their BC/DR plans. In the planning process, various possible incidents are identified, recovery point objectives (RPO) and recovery time objectives (RTO) and then appropriate action plans are documentede on how to deal with them. For example, if the state of Virginia had an RPO of 48 hours, and an RTO of 5 days, then when the failure occurred on August 25, they could have recovered up to August 23 level data(48 hours prior to the incident) and be up and running by August 30 (five days after the incident). I don't personally know what RPO and RTO they planned for, but certainly it seems like they missed it by now already.
Lesson 3: BC/DR Plans only work if you practice them often enough
Sadly, many companies and government agencies make plans, but never practice them, so they have no idea if the plans will work as expected, or if they are fundamentally flawed. Just as we often have fire drills that force everyone to stop what they are doing and vacate the office building, anyone with an IT department needs to practice BC/DR plans often enough so that you can ensure the plan itself is solid, but also so that the people involved know what to do and their respective roles in the recovery process.
Lesson 4: This can serve as a wake-up call to consider Cloud Computing as an alternative option
Are you still doing IT in your own organization? Do you feel all of the IT staff have been adequately trained for the job? If your biggest disk system completely failed, not just a minor single or double drive failure, but a huge EMC-like failure, would your IT department know how to recover in less than five days? Perhaps this will serve as a wake-up call to consider alternative IT delivery options. The advantage of big Cloud Service Providers (Microsoft, Google, Yahoo, Amazon, SalesForce.com and of course, IBM) is that they are big enough to have worked out all the BC/DR procedures, and have enough resources to switch over to in case any individual disk system fails.
Continuing my romp through Australia and New Zealand, today I presented in Hobart, the second city on my seven-city tour. Hobart is on a separate island called Tasmania, just south of the main Australian continent. The island is heart-shaped, and Hobart is in the lower right ventricle.
Hobart boasts the second deepest harbour in the Southern Hemisphere (yesterday's Sydney Harbour being the first). It is quite cold here, but at least the skies are clear.
I stayed in the [Henry Jones Art Hotel], named after the famous owner of the IXL Jam Company. When I arrived, they presented me with a list of 18 known convicts that shared my last name: PEARSON. I checked and made sure I was not on the list. Then it was explained to me that here in Australia, everyone values their criminal ancestors, as this is how the country was formed. The names were from registry archives from the 19th century.
In keeping with the concept of an art hotel, each of the rooms were unique, which is a nice way of saying that they fit whatever they could into the spaces available. It's been a while since I stayed at a hotel with the phone at one end of the room, but the electrical outlet at the other. The thermostat was hidden in the bathroom, and I had to master some 16 different ropes to put down the shades, as the bright light from the [Cenotaph] was keeping me awake. I was able to take pictures of some of the art sculptures from the balcony.
This was a smaller event than Sydney, with only about two dozen attendees. This makes sense, as Hobart population is only about 250,000 people. Tasmania island hold about 1 million people overall, concentrated mostly along the center line of the island.
As we had done in Sydney, Anna Wells presented IBM strategy and products, Adam Beames, system administrator for Tennis Australia (shown here in the picture at left) presented his experiences transforming their datacenter, and I presented the future trends in storage.
In appreciation for Adam's presentations in Sydney and Hobart, I presented him with a copy of my book, [Inside System Storage: Volume I], available from my publisher, Lulu.com, in paperback, hard cover, and now also in eBook format for those with Kindle, Nook or other digital book readers. See panel at right on this blog for ordering information.
This week and next, I am down under in Australia and New Zealand for a seven-city Storage Optimisation Breakfast series of presentations to clients and prospects. My first city for this seven-city tour was Sydney, Australia.
Here is the view from my room at the [Shangri-La hotel], including the famous [Sydney Opera House] and Circular Quay, from which to take a water taxi or ride the Manly Ferry. [Sydney harbour] is the deepest harbour in the Southern Hemisphere, allowing boats of all sizes to enter. This section of the city is known as "The Rocks".
Sydney is a very modern metropolis. The last time I was in Sydney was in May 2007 to teach an IBM Top Gun class. My post back then on [Dealing with Jet Lag] is as relevant now as it was back then. In addition to being 9 hours off-shifted from last week in Dallas, Texas, I also have to deal with the colder climate, about 40 degrees F cooler down here. The weather is crisp and clear, it is Winter going into Spring down here as the seasons are flipped below the equator.
Many of the buildings are recognizable from the movie ["The Matrix"] which was filmed here. We joked that this seven-city trip was also similar to [The Adventures of Priscilla, Queen of the Desert], in that both journeys started in Sydney. If you haven't seen the latter, I highly recommend it to get to learn more about Australia as a country.
(Completely useless trivia: Actor Hugo Weaving appeared in both movies. While most people associate him with Australia, where he has lived since 1976, he actually was born in Nigeria, and traveled extensively because his father worked in the computer industry.)
Here I am standing next to our banner.
The line-up for each event is simple. After all the attendees sit down for breakfast, we have the following three sessions:
First, Anna Wells, local IBM Executive for Storage Sales in Australia and New Zealand presents IBM's strategy for storage, and how IBM plans to address Storage Efficiency, Data Protection and Service Delivery. She then highlights various products that are currently available to help meet customer needs, including XIV and the SAN Volume Controller (SVC).
Second, we have a client or two share their success story. We will have different speakers at the different locations.
Third, I present on future trends that will impact the storage marketplace. With only 40 minutes for my section, I decided to focus on just three specific trends, with a mix of some colorful analogies to help emphasize my key points.
We had a great turn-out for our first event in Sydney, lots of clients and prospects came out for this. There is a lot of enthusiasm for IBM's vision, thought leadership, and broad portfolio of storage solutions.
This week I am down under, starting my 7-city Storage Optimisation Breakfast roadshow on Tuesday in Sydney, Australia. I can't be at two places at once, and it seems whenever I am one place, lots of my coworkers are somewhere else at another conference or event. For those at [VMworld 2010] conference in San Francisco this week, IBM is a Platinum Sponsor and hosting a variety of presentations and activities. Here are some things to look forward to:
Session ID SP9638 - Getting the MAX from your Virtualization Investment
Monday 1:30pm, Moscone South Room 309
Speaker: Bob Zuber, IBM System x Program Director
Speaker: Clod Barrera Distinguished Engineer and Chief Technical Strategist
Clod and I just finished Solutions University 2010 in Dallas, and here he is going to VMworld! You already know that virtualization is beneficial. Exploit virtualization to its MAXimum and move beyond virtualization 101 where you have virtualized web, file/print, and DHCP type workloads. Now it is time to take virtualization to the next step and virtualize business infrastructure applications such as ERP, Messaging, CRM, and Database. With IBM solutions you can take the virtualization journey to build a smarter data center through; 1) Consolidation, 2) Management, 3) Automation and 4) Optimization. Attend this session and learn the key considerations for virtualizing mission-critical workloads and the best practices for a virtual data center that delivers a REAL return on your investment.
Session ID TA8065 - Storage Best Practices, Performance Tuning and Troubleshooting
Speaker: Duane Fafard, Senior XIV Storage Architect, IBM
Monday 10:30 AM Moscone South Room 301
Wednesday 03:00 PM Moscone West Room 2005
The industry has solved many of the challenges of virtualization applications by delivering innovative server solutions that automatically migrate load to available resources, but the complete environment requires both the network and the storage to be part of the equation. Designing, managing, and troubleshooting intricate storage environments in today’s age have become more and more complex. This session will discuss storage best practices, performance challenges, and resolving issues in the storage area network using native tools within the environment. With the techniques learned in this session, the storage administrator will be able to use these best practices to design proper storage solutions and pinpoint troubled areas quickly and accurately.
Session ID SS1012 - Expert Panel: How Smarter Systems can Address your Business Challenges
Wednesday, 12-1pm, Room 135
This is IBM's "Super Session". At IBM, we know that all business challenges such as sprawling IT infrastructure, poor performance and rising management costs are solvable on a smarter planet. With Smarter Systems, IBM can help you increase utilization and flexibility, reduce complexity and cost, respond to business changes swiftly and effectively, and enable end-to-end resiliency and security. Alex Yost, Vice President and Business Line Executive for IBM System x and BladeCenter hosts a panel of Virtualization experts:
James Northington, Vice President and Business Line Executive, IBM System x
Donn Bullock, Vice President of Sales, Mainline Information Systems, Inc.
Dylan Larson, Director of Advanced Software and Server Technologies, Intel Data Center Group
Richard, McAniff, Chief Development Officer and Member of the Office of the President, VMware
Siddhartha (Sid) Chatterjee, Ph.D, Vice President, Strategy & Partnerships, IBM Systems Software
David Guzman, Chief Information Officer and Senior Vice President, Global Technology Solution, Acxiom
Next week is [VMworld 2010], so I thought today would be a good day to write a blog post about reporting and managing virtual guest images.
As the original lead architect for IBM Tivoli Storage Productivity Center, I am no stranger to reporting and management tools. Needless to say, if you have lots of virtual guest images, it makes sense to deploy reporting and management software. I had never heard of Veeam before, but I decided to check out Veeam Reporter 4.0, an enterprise-level reporting solution specifically designed for large Virtual Infrastructure (VI3) and vSphere virtual environments that allows you to automatically discover and collect information about your VMware virtual environment.
Their 90-page User Guide offered these helpful "First Steps" on page 9 which I used as the master plan for my evaluation.
Install Veeam Reporter 4.0
The instructions appeared fairly straightforward: Download [the latest version] of the application. Unpack the downloaded archive and run the VeeamReporter.exe file. Then follow the installation wizard steps. What could go wrong?
I should have known better. Like IBM Tivoli Storage Productivity Center, Veeam Reporter is designed to be installed on its own server-class machine with its own application web server and database. I wasn't going to stand up a new server in our lab just for this contest, so I decided to just install it on my Windows XP SP3, which Veeam had listed as a supported operating system level. I ran into a series of installation issues, including installing IIS, installing SQL server, and installing the SRSS component. I am more familiar with IBM's WebSphere Application Server and DB2 combination used in IBM's own products, and have experience with Apache and MySQL on a standard LAMP stack, so my lack of experience with IIS and SQL server made the installation more difficult. Many thanks to all the support personnel at Veeam, Microsoft, and my internal IT department to finally get all of this working.
It appears you can set this up as a client/server environment, where the Veeam Reporter server runs IIS and SQL Server, and then you have a browser on your client machine point to that server. In my cases, I have client browser and server all on one machine.
Create and run a collection job
This step also seemed fairly standard for reporting tools. Once you launch Veeam Reporter 4.0 for the first time, you need to retrieve data from your virtual infrastructure to be able to generate reports. To start the created collection job, select it and click the Start button on the toolbar. If you have a vCenter server in your VI environment, we recommend that you create a job for it to immediately collect data for all objects in its hierarchy. After that, you will be able to select VI objects that were engaged in the performed job using the Workspace, and generate reports for it.
I signed up for this contest August 7, but step 1 above took me two weeks to resolve all the installation iissues. I wanted to get my blog post entry for the contest BEFORE the start of VMworld. Since I am in Dallas, Texas this week for the IBM Storage Solutions University, I had to go through several firewalls for my laptop to tunnel through and get to my VMware Center back in Tucson.
Click on the graphic above to see larger view.
I was able to create and run a collection job. I have a WMware ESX 3.5 host running five guest images and 14 datastores. This seemed to be enough to evaluate the basic features of this reporting tool. Veeam Reporter let's you run the collection process manually, or set a "periodic" schedule to collect data every hour.
Generate reports manually or create a reporting job
Finally, I get to the fun part: To generate report manually, click the Workspace tab, select a necessary VI object from the tree view, date and collection job session, choose reports and click the Create Report button.
At this point, I am reminded of a famous poem:
To see a world in a grain of sand
And a heaven in a wild flower,
Hold infinity in the palm of your hand
And eternity in an hour.
- William Blake
When evaluating products, try to imagine what the reports would look like with hundreds of virtual guest images. Certainly, I can see some potential, even though I had rather limited data to work with. In theory, the tool can create Visio output files, but you need to have Microsoft Visio installed. I have only "Visio Viewer" so I was unable to create any visio files with this product.
The reports can be exported to PDF, Word or Excel formats. Here is an example of an Excel spreadsheet export. While it has 14 bars for the 14 datastores, there are no labels, and the misleading details link in the lower right corner is non-functional. The only way for me to figure out what each referred to was to go back to my vCenter client, which kind of defeats the purpose of having a separate reporting tool.
This same report exported to PDF spanned across four pages, leaving the re-assembly to be done with a pair of scissors and celophane tape.
When you create reports, you can use SRSS or Veeam's internal proprietary format. Only SRSS reports can be put on the dashboard, so I recommend that.
Customize your dashboard
The fourth and final step is to configure your own dashboard: To add reports to the Dashboard, you should first create and save them using Workspace of Veeam Reporter 4.0. Keep in mind that you can add to the Dashboard only saved SSRS-based reports. To customize the Dashboard, click the Dashboard tab and then click the Edit Dashboard button. Customize the layout by dragging blue borders from the right and the bottom of the screen. Then, drag reports from the Reports list and drop them onto the created cells.
The "Free Edition" only allows you to put a single report on the dashboard, so as in step 3, you have to use your imagination of what the potential of the full license would looke like with multiple reports are on a single pane of glass.
(FTC Disclosure: I work for IBM, the leader in server virtualization worldwide, and the number #1 reseller of VMware. In this post, I review [Veeam Reporter 4.0] as my official entry for their blogging contest. IBM and Veeam do not have any business relationshiop that I know of, other than both being VMware business partners, so I am treating them here as an Independent Software Vendor (ISV). Veeam has not compensated me in any manner for this review, this review is not to be taken as an endorsement of Veeam or its products, and I was not provided any full or evaluator license keys. The review is based entirely on my experience using the "Free Edition" available to all for download. None of this blog post was pre-reviewed by anyone from Veeam. IBM, of course, also offers similar software, which I mention below for comparison purposes.)
At this point, you might be thinking, "Doesn't IBM offer something like this?" Of course it does! IBM is the leader in infrastructure reporting, monitoring and management software. Last October, [IBM unveiled IBM Systems Director VMcontrol] software. Not only does IBM Systems Director VMcontrol provide similar support for your VMware environment, it also manages Microsoft Hyper-V and Xen deployments, PowerVM on POWER-based serves, and even z/VM guest images on the System z mainframes. Combined with the rest of the IBM Systems Director, you can manage all of your physical and virtual servers with a single tool from a single pane of glass. How cool is that?
I would like to think Doug Hazelman, Senior Director of Product Strategy at Veeam, for organizing this awesome blogging contest. If you liked this blog post, click here to [vote for me] to get counted for this contest.
Well, it's Tuesday again, and you know what that means! IBM Announcements!
Today, IBM announced its latest IBM Tivoli Key Lifecycle Manager (TKLM) 2.0 version. Here's a quick recap:
Centralized Key Management
Centralized and simplified encryption key management through Tivoli Key Lifecycle Manager's lifecycle of creation, storage, rotation, and protection of encryption keys and key serving through industry standards. TKLM is available to manage the encryption keys for LTO-4, LTO-5, TS1120 and TS1130 tape drives enabled for encryption, as well as DS8000 and DS5000 disk systems using Full Disk Encryption (FDE) disk drives.
Partitioning of Access Control for Multitenancy
Access control and partitioning of the key serving functions, including end-to-end authentication of encryption clients and security of exchange of encryption keys, such that groups of devices have different sets of encryption keys with different administrators. This enables [multitenancy] or multilayer security of a shared infrastructure using encryption as an enforcement mechanism for access control. As Information Technology shifts from on-premises to the cloud, multitenancy will become growingly more important.
Support for KMIP 1.0 Standard
Support for the new key management standard, Key Management Interoperability Protocol (KMIP), released through the Organization for the Advancement of Structured Information Standards [OASIS]. This new standard enables encryption key management for a wide variety of devices and endpoints. See the
[22-page KMIP whitepaper] for more information.
As much as I like to poke fun at Oracle, with hundreds of their Sun/StorageTek clients switching over to IBM tape solutions every quarter, I have to give them kudos for working cooperatively with IBM to come up with this KMIP standard that we can both support.
Support for non-IBM devices from Emulex, Brocade and LSI
Support for IBM self-encrypting storage offerings as well as suppliers of IT components which support KMIP, including a number of supported non-IBM devices announced by business partners such as Emulex, Brocade, and LSI. KMIP support permits you to deploy Tivoli Key Lifecycle Manager without having to worry about being locked into a proprietary key management solution. If you are a client with multiple "Encryption Key Management" software packages, now is a good time to consolidate onto IBM TKLM.
Role-based access control for administrators that allows multiple administrators with different roles and permissions to be defined, helping increase the security of sensitive key management operations and better separation of duties. For example, that new-hire college kid might get a read-only authorization level, so that he can generate reports, and pack the right tapes into cardboard boxes. Meanwhile, for that storage admin who has been running the tape operations for the past ten years, she might get full access. The advantage of role-based authorization is that for large organizations, you can assign people to their appropriate roles, and you can designate primary and secondary roles in case one has to provide backup while the other is out of town, for example.
Wrapping up my week's theme of storage optimization, I thought I would help clarify the confusion between data reduction and storage efficiency. I have seen many articles and blog posts that either use these two terms interchangeably, as if they were synonyms for each other, or as if one is merely a subset of the other.
Data Reduction is LOSSY
By "Lossy", I mean that reducing data is an irreversible process. Details are lost, but insight is gained. In his paper, [Data Reduction Techniques", Rajana Agarwal defines this simply:
"Data reduction techniques are applied where the goal is to aggregate or amalgamate the information contained in large data sets into manageable (smaller) information nuggets."
Data reduction has been around since the 18th century.
Take for example this histogram from [SearchSoftwareQuality.com]. We have reduced ninety individual student scores, and reduced them down to just five numbers, the counts in each range. This can provide for easier comprehension and comparison with other distributions.
The process is lossy. I cannot determine or re-create an individual student's score from these five histogram values.
This next example, complements of [Michael Hardy], represents another form of data reduction known as ["linear regression analysis"]. The idea is to take a large set of data points between two variables, the x axis along the horizontal and the y axis along the vertical, and find the best line that fits. Thus the data is reduced from many points to just two, slope(a) and intercept(b), resulting in an equation of y=ax+b.
The process is lossy. I cannot determine or re-create any original data point from this slope and intercept equation.
In this last example, from [Yahoo Finance], reduces millions of stock trades to a single point per day, typically closing price, to show the overall growth trend over the course of the past year.
The process is lossy. Even if I knew the low, high and closing price of a particular stock on a particular day, I would not be able to determine or re-create the actual price paid for individual trades that occurred.
Storage Efficiency is LOSSLESS
By contrast, there are many IT methods that can be used to store data in ways that are more efficient, without losing any of the fine detail. Here are some examples:
Thin Provisioning: Instead of storing 30GB of data on 100GB of disk capacity, you store it on 30GB of capacity. All of the data is still there, just none of the wasteful empty space.
Space-efficient Copy: Instead of copying every block of data from source to destination, you copy over only those blocks that have changed since the copy began. The blocks not copied are still available on the source volume, so there is no need to duplicate this data.
Archiving and Space Management: Data can be moved out of production databases and stored elsewhere on disk or tape. Enough XML metadata is carried along so that there is no loss in the fine detail of what each row and column represent.
Data Deduplication: The idea is simple. Find large chunks of data that contain the same exact information as an existing chunk already stored, and merely set a pointer to avoid storing the duplicate copy. This can be done in-line as data is written, or as a post-process task when things are otherwise slow and idle.
When data deduplication first came out, some lawyers were concerned that this was a "lossy" approach, that somehow documents were coming back without some of their original contents. How else can you explain storing 25PB of data on only 1PB of disk?
(In some countries, companies must retain data in their original file formats, as there is concern that converting business documents to PDF or HTML would lose some critical "metadata" information such as modificatoin dates, authorship information, underlying formulae, and so on.)
Well, the concern applies only to those data deduplication methods that calculate a hash code or fingerprint, such as EMC Centera or EMC Data Domain. If the hash code of new incoming data matches the hash code of existing data, then the new data is discarded and assumed to be identical. This is rare, and I have only read of a few occurrences of unique data being discarded in the past five years. To ensure full integrity, IBM ProtecTIER data deduplication solution and IBM N series disk systems chose instead to do full byte-for-byte comparisons.
Compression: There are both lossy and lossless compression techniques. The lossless Lempel-Ziv algorithm is the basis for LTO-DC algorithm used in IBM's Linear Tape Open [LTO] tape drives, the Streaming Lossless Data Compression (SLDC) algorithm used in IBM's [Enterprise-class TS1130] tape drives, and the Adaptive Lossless Data Compression (ALDC) used by the IBM Information Archive for its disk pool collections.
Last month, IBM announced that it was [acquiring Storwize. It's Random Access Compression Engine (RACE) is also a lossless compression algorithm based on Lempel-Ziv. As servers write files, Storwize compresses those files and passes them on to the destination NAS device. When files are read back, Storwize retrieves and decompresses the data back to its original form.
As with tape, the savings from compression can vary, typically from 20 to 80 percent. In other words, 10TB of primary data could take up from 2TB to 8TB of physical space. To estimate what savings you might achieve for your mix of data types, try out the free [Storwize Predictive Modeling Tool].
So why am I making a distinction on terminology here?
Data reduction is already a well-known concept among specific industries, like High-Performance Computing (HPC) and Business Analytics. IBM has the largest marketshare in supercomputers that do data reduction for all kinds of use cases, for scientific research, weather prediction, financial projections, and decision support systems. IBM has also recently acquired a lot of companies related to Business Analytics, such as Cognos, SPSS, CoreMetrics and Unica Corp. These use data reduction on large amounts of business and marketing data to help drive new sources of revenues, provide insight for new products and services, create more focused advertising campaigns, and help understand the marketplace better.
There are certainly enough methods of reducing the quantity of storage capacity consumed, like thin provisioning, data deduplication and compression, to warrant an "umbrella term" that refers to all of them generically. I would prefer we do not "overload" the existing phrase "data reduction" but rather come up with a new phrase, such as "storage efficiency" or "capacity optimization" to refer to this category of features.
IBM is certainly quite involved in both data reduction as well as storage efficiency. If any of my readers can suggest a better phrase, please comment below.
In preparation for my [upcoming trip to Australia and New Zealand], I decided to upgrade my smartphone. My service provider T-Mobile offered me the chance to try out any new phone for 14 days for only ten dollar re-stocking fee. For the past 16 months, I have used the Google G1 phone. This is based on a storage-optimized Android operating system, based on open source Linux, with applications processed in a storage-optimized virtual machine called Dalvik, based on open source Java. According to Wikipedia, Android-based phones have #1 market share [outselling both BlackBerry OS and Apple iOS phones]. There are over 70 different companies using Android, driven away from the proprietary interfaces from Apple, BlackBerry and Microsoft.
Since I was already familiar with the Android operating system, I chose the Samsung Galaxy S Vibrant. I liked my G1, but it had only a small amount of internal memory to store applications. The G1 supported an external Micro SDHC card, but this only was used for music and photos. There was no way to install applications on the memory card, so I found myself having to uninstall applications to make room for new ones. By contrast, the Vibrant has 16GB internal memory, plenty of room for all applications, and supports Micro SDHC up to 32GB in size. My model can pre-installed with a 2GB card, of which 1.4GB is consumed by James Cameron's full-length movie Avatar. On the G1, swapping out memory cards was relatively easy. On the Vibrant, you have to take the phone apart to swap out cards, so I won't be doing that very often. I will probably just get a 32GB card and leave it in there permanently.
(FTC disclosure: I work for IBM. IBM has working relationships with Oracle, Google, and lots of other companies. IBM offers its own commercial version of Java related tools. I own stock in IBM, Apple, Google. I have friends and family who work at Microsoft. My review below is based entirely on my own experience of my new Samsung Galaxy S Vibrant phone. Samsung has created different models for different service providers. The T-Mobile Vibrant is an external USB storage device with telephony capabilities, comparable to the AT&T Captivate, Verizon Fascinate, or Sprint Epic 4G. The majority of mobile phones in the world contain IBM technology. This post is not necessarily an endorsement for Samsung over other smartphone manufacturers, nor T-Mobile over other service providers. I provide this information in context of storage optimization, state-of-the-art for smartphones in general, and disputes related to software patents between companies. I hold 19 patents, most of which are software patents.)
When Oracle acquired Sun Microsystems, it inherited stewardship of Java. Java is offered in two flavors. Java Standard Edition (SE) for machines that are planted firmly on or below your desk, and Java Micro Edition (ME) for machines that are carried around. Most Java-based phones limit themselves to Java ME, but Google decided to base its smartphones on the more powerful Java SE, but then optimize for the limited storage and computing resources. These two levels of Java have radically different licensing terms and conditions, so Larry Ellison of Oracle cried foul. On The Register, Gavin Clarke has an excellent article with details of the Oracle-vs-Google complaint. Daniel Dilger opines that Oracle [might kill Google’s Android and software patents all at once]. Fellow blogger Mark Twomey (EMC) on his StorageZilla blog, argues that [it's not about Android phones, but Android everything].
My Vibrant is roughly the size of a half-inch stack of 3x5 index cards in my hand. In my humble opinion, the problem is the grey area between mobile phone and the desktop personal computer. Laptops, netbooks, iPads, tablet computers, eBook readers, and smartphones fall somewhere in between. At what point do you stop licensing Java SE and start licensing Java ME instead?
Let's take a look at all the stuff my new Samsung Vibrant can do, and let you decide for yourself. I have 140 applications installed, which I can access alphabetically. I also have up to seven screens which I can fill with application icons and widgets to simplify access. The screen measures about 4 inches diagonally. Click on each image below to see the full 480x800 resolution.
Each screen has five rows. On my first screen, I have the first two rows related to photography. This includes a camera, camcorder, bar-code scanner and visual search engine (Google Goggles). I am not happy with Flickr Droid app in uploading photos, so I might need to find another app for that. Other reviews I read complain that the Vibrant's camera does not have am LED flash for night time shots, and that there is no forward facing camera to do Skype or FaceTime-style videoconferencing. I think it is fine the way it is. An interesting feature of the camera app is that it uses the volume up/down buttons to zoom in and out.
The next two rows related to books and documents. In addition to both Amazon's Kindle and Barnes and Noble's Nook eBook readers, I have Dropbox to make it easy to transfer files between all my machines, a camera-scanner that generates PDFs, and ThinkFree, which appears to be based on OpenOffice open source software to create, view and edit WORD documents, EXCEL spreadsheets and PowerPoint presentations.
My second screen is for music and video entertainment.
The top row is consumed by a single widget for [Pandora], an internet radio station, not to be confused with the Pandora moon that the movie Avatar is based on. I-heart-radio, Slacker, and Last.fm are other internet radio stations. Be careful when roaming in another country, as the $15-per-MB transfer fees can really add up. While the Galaxy S has a built-in FM radio, T-Mobile has decided to disable this feature in its Vibrant model, in favor of internet-based radio stations.
I am glad the Samsung Vibrant uses the same 3.5mm combo audio jack that I mentioned in my blog post about my
[New ThinkPad T410]. This allows me to use the same headset for both my laptop and my cell phone.
For those who use Microsoft Windows Media Player v10 or above, this phone lets you transfer over your songs, playlists and videos via the USB cable in PMC mode. The TED application shows 18-minute videos of lectures at conferences that focus on Technology, Entertainment and Design. MobiTV offers live streaming of popular Television shows, normally ten dollars monthly, but I got a free 30-day trial in the deal.
Screen 3 is focused on travel. I have a 30-day free trial of GoGo, the new Wi-Fi networks on various airlines. Hopefully, I will get to try this out on my upcoming flights. When GoGo is not available, the Extended Controls widget allows me to turn the phone into "Airplane mode", which would allow me to read eBooks and listen to pre-recorded music and videos stored on my phone. Most of the apps on Android are free, but Extended Controls, shown here in the top row, cost me money but well worth it. With this you can customize different size widgets with all the appropriate setting toggles you want. On this one, I can toggle Wi-Fi, Data transfer, GPS positioning, and Airplane mode.
Google Maps, Google Places and Google Sky Map are all well represented here. I also like TripIt, which is a free Software-as-a-Service for managing your trip itenerary, and syncs up with their online website. Currency and Language translation can help on international travel. The standard Alarm Clock also includes Time Zone conversion as well.
My screen 4 is my central home page. There are four buttons on the bottom of the phone: Menu, Home, Back, and Search. Hit the "Home" button on any screen, and it jumps immediately to Screen 4. From here, I can get to any of the other screens with just swiping my finger across the surface. Therefore, I chose to keep this screen simple.
For meetings, I have a big clock, and an Extended Controls widget to set my phone on silent/vibrate mode, and show my battery status. I put icons here for apps that I might need in a hurry, like Camera, Evernote, or Shazam. For those not familiar with Shazam, it will listen to the microphone for whatever song is playing in the background where you are, and it will identify the song's title and artist.
The "Starred" folder lists those five or so contacts that I have marked with a "star" to be on this short list. From here, I can call or send them an SMS text message.
Screen 5 is for office productivity. I have a 2x2 widget from Astrid to list my to-do items. I have a 1x2 widget showing my last call. My calendar syncs up with my Google calendar online.
The Locale widget allows me to change which on-screen keyboard to use. There is the standard Android keyboard which allows voice-to-text input, the Samsung keyboard that offers [XT9 mode], and the new ["Swype"] keyboard that allows you to write words quickly with squiggles swiped across the keyboard. The Swype is incredible accurate when I am typing in English. When I am communicating in Spanish, it gets in the way, spell-checking when it shouldn't.
Screen 6 is for my social media, news and search facilities. I have HootSuite Lite for managing my Twitter and Facebook posts. For news junkies, NPR, USA Today and CNN all offer mobile versions.
I have a selection of browsers, including Opera Mini 5, and Dolphin Browser HD. The latter offers a variety of special add-ons similar to Firefox on a desktop system. I also have specialty search sites, including the Internet Movie Database (IMDB), Fandango for local movie times, and Dex for local phone listings.
Screen 7 is for system administration. The top row is another "Extended Controls" widget, this time to change between 2G and 3G networks, brightness setting, set the the time-out interval for when the screen should automatically shut off, and a "stay awake" to turn off the screen saver altogether.
I can do some really powerful things here. For example, I have an application to let me use secure shell (ssh) to access our systems at work. I also can "tether" my laptop to my Vibrant, for those few times when Wi-Fi is not available, to let my laptop use the phone's signal as a dial-up modem. It is slower than Wi-Fi, but might be just what I need in a pinch.
The bottom row is the same across all seven screens, which you can customize. I left the bottom row in its original default, with options to make phone calls, look up contacts, and send text messages. The bottom right corner launches a list of all applications alphabetically, to access those not on my seven main screens.
Just in case I switch to a local SIM card while abroad in another country, I asked T-mobile to unlock my phone, which they happily did at no additional charge. For example, while I am in Australia, I can either leave my T-Mobile USA chip in the phone, and pay roaming charges per minute, or I can purchase a SIM chip from a local phone company with pre-paid minutes. This often includes unlimited free incoming calls to a local Australian phone number, and voicemail.
Unlocking the phone to use different SIM cards is different than "jailbreaking", a term that refers to Apple's products. For Android phones, jailbreaking is called "rooting", as the process involves getting "root" user access that you normally don't have. The only reason I have found to have my phone "rooted" was to take these lovely screen shots, using the "Screen Shot It" application. This is another application that I paid for. I used the free trial for a few screenshots first to check it out, liked the results, and bought the application.
So, this new smartphone looks like a keeper. I got a screen protector to avoid scratching, and a two-piece case that snaps around the phone to give it more heft. All my chargers are "Mini USB" for my old G1 phone, and this new Vibrant phone is "Micro USB" instead, so I had to order new ones for my car, my office, and for my iGo (tip A97).
This review is more to focus on the fact that the IT industry is changing, and what was traditionally performed on personal computers are now being done on new handheld devices. Android provides a platform for innovation and healthy competition. Let's all hope Oracle and Google can work out their differences amicably.