Tony Pearson is a Master Inventor and Senior IT Architect for the IBM Storage product line at the
IBM Executive Briefing Center in Tucson Arizona, and featured contributor
to IBM's developerWorks. In 2016, Tony celebrates his 30th year anniversary with IBM Storage. He is
author of the Inside System Storage series of books. This blog is for the open exchange of ideas relating to storage and storage networking hardware, software and services.
(Short URL for this blog: ibm.co/Pearson )
My books are available on Lulu.com! Order your copies today!
Safe Harbor Statement: The information on IBM products is intended to outline IBM's general product direction and it should not be relied on in making a purchasing decision. The information on the new products is for informational purposes only and may not be incorporated into any contract. The information on IBM products is not a commitment, promise, or legal obligation to deliver any material, code, or functionality. The development, release, and timing of any features or functionality described for IBM products remains at IBM's sole discretion.
Tony Pearson is a an active participant in local, regional, and industry-specific interests, and does not receive any special payments to mention them on this blog.
Tony Pearson receives part of the revenue proceeds from sales of books he has authored listed in the side panel.
Tony Pearson is not a medical doctor, and this blog does not reference any IBM product or service that is intended for use in the diagnosis, treatment, cure, prevention or monitoring of a disease or medical condition, unless otherwise specified on individual posts.
This week I am in Orlando, Florida for the IBM Edge conference. This is the last day, so it ends early for people who want to get home to their datacenters (er.. families) for the weekend.
How Real-Time Compression Can Maximize Storage Efficiency for Production Applications
This was a split session with two speakers. First, Ian Rimmer, Senior IT Engineer and Architect at iBurst, presented their experience with the IBM Real-Time Compression Appliance in front of NetApp NAS storage arrays. Second, Jerry Haigh, IBM offering manager for IBM System Storage, presented the new Real-Time compression feature announced this week on IBM SAN Volume Controller (SVC) and Storwize V7000.
iBurst is the #1 Wireless Telecom for South Africa. The also offer cable broadband and VOIP. They have 200 employees servicing 120,000 subscriber/households. They need to keep five years' worth of text files, and have chosen real-time compression of their NAS storage. This was before IBM acquired the Storwize company, as they have been using it for the past six years.
The monetary savings from compression was used to purchase Performance Accelerator Modules (PAM) cards for their NetApp NAS gear, which benefit from the compression (more data stored in SSD to improve performance).
For backup, they use NDMP with Symantec NetBackup that keeps data in its compressed form as it is written to tape. They have an IBM TS3100 library with LTO tape as the backup repository.
Jerry Haigh presented Real-Time compression for primary disk data. Unlike the competition, this is designed to be used with primary data, including databases, and does this real-time, not post-process. In some performance tests, DB2 compressed on 48 drives out-performed the same data uncompressed on 96 drives. In another test focused on VMware Vmark benchmark, the compressed data was able to be same or better performance as uncompressed. In a third test with SVC virtualizing XIV running Oracle ORION test, the Oracle databases compressed 50 to 64 percent, and had better performance.
For those who already have SVC or Storwize V7000, consider a 45-day trial to check out compression for yourself.
NAS File Systems: Access and Authentication
Mark Taylor, IBM Technical Specialist for SONAS, N series and Storwize V7000 Unified, presented the nuances of authentication and authorization for NAS file systems. The differences between these two are:
Authentication - Yes, you are who you are.
Authorization - Yes, you are permitted to do what you are trying to do
(Prior to working with SONAS, my only experience with access and authentication in NAS was setting up my LAN at home, which I have connecting my Mac, Linux and Windows machines. I have both N series and SONAS at the IBM Executive Briefing Center in Tucson, Arizona, so I know first-hand how complicated NAS access and authentication systems can be.
A few months ago, I taught "Intro to NAS" as one of my topics at the Top Gun class in Argentina and Brazil. Several of the students had mentioned they thought they knew NAS solutions but had not realized all the technical issues with access and authentication that I discussed in my presentation.)
Mark explained the differences between Windows NTFS-style System identifiers (SID), versus UNIX-style user and group identifiers (UID, GID). For NAS solutions that support both CIFS and NFS, there are four options:
Microsoft Active Director (AD) extended with Identity Management for UNIX, formerly known as Services for UNIX (SFU). AD servers normally store SID information, but the extensions add extra columns to hold UID/GID mappings.
AD with Network Information Service (NIS) server. The problem with this approach is that AD and NIS are separate databases, and you need to coordinate updates to them, and their backups.
Lightweight Directory Access Protocol (LDAP) with SAMBA extensions. LDAP holds UID/GID information, and the SAMBA extensions adds extra columns to hold SID mapping.
Local mapping. The dangerous part of local mapping is that the storage admin is also the security admin, and you may want different people doing these roles.
Of these four methods, Mark recommends the first and third as best practices for multi-protocol authentication.
SID-to-UID mapping, UID-to-SID mapping
SONAS and Storwize V7000
SID-to-UID/GID mapping, NFS v4 ACLs
NFS v4 ACLs
Mark then explained how NFS v4 ACLs work, basically an ordered collection of "Access Control Elements" or ACEs. Each ACE on the ACL may "allow" or "deny" the request. You want to avoid "Inheritance" as that can cause problems and unxpected results.
That's it folks. Next week, I am spending time with my research buddies at the Almaden Research Center near San Jose, California, and then it is off to Moscow, Russia to kick off a series of IBM events called "Edge Comes to You" (ECTY).
The ECTY conferences will be a smaller subset of the Edge conference here in Orlando, but offered in other countries for those who were unable to travel to the United States.
I have been working on Information Lifecycle Management (ILM) since before they coined the phrase. There were several break-out sessions on the third day at the [IBM System Storage Technical University 2011] related to new twists to ILM.
The Intelligent Storage Service Catalog (ISSC) and Smarter ILM
Hans Ammitzboll, Solution Rep for IBM Global Technology Services (GTS), presented an approach to ILM focused on using different storage products for different tiers. Is this new? Not at all! The original use of the phrase "Information Lifecycle Management" was coined in the early 1990s by StorageTek to help sell automated tape libraries.
Unfortunately, disk-only vendors started using the term ILM to refer to disk-to-disk tiering inside the disk array. Hans feels it does not make sense to put the least expensive penny-per-GB 7200 RPM disk inside the most expense enterprise-class high-end disk arrays.
IBM GTS manages not only IBM's internal operations, but the IT operations of hundreds of other clients. To help manage all this storage, they developed software to supplement reporting, monitoring and movement of data from one tier to another.
The Intelligent Storage Service Catalog (ISSC) can save up to 80 percent of planning time for managing storage. What did people use before? Hans poked fun at chargeback and showback systems that "offer savings" but don't actually "impose savings". He referred to these as Name-and-Shame, where the top 10 offenders of storage usage.
His storage pyramid involves a variety of devices, with IBM DS8000, SVC and XIV for the high-end, midrange disk like Storwize V7000, and blended disk-and-tape solutions like SONAS and Information Archive (IA) for the lower tiers.
Mark Taylor, IBM Advanced Technical Services, presented the policy-driven automation of IBM's Scale-Out NAS (SONAS). A SONAS system can hold 1 to 256 file systems, and each file system is further divided into fileset containers. Think of fileset containers like 'tree branches' of the file system.es.
SONAS supports policies for file placement, file movement, and file deletion. These are SQL-like statements that are then applied to specific file systems in the SONAS. Input variables include date last modified, date last accessed, file name, file size, fileset container name, user id and group id. You can choose to have the rules be case-sensitive or case-insensitive. The rules support macros. A macro pre-processor can help simplify calculations and other definitions that are used repeatedly.
Each file system in SONAS consists of one or more storage pools. For file systems with multiple pools, file placement policies can determine which pool to place each file. Normally, when a set of files are in a specific sub-directory on other NAS systems, all the files will be on the same type of disk. With SONAS, some files can be placed on 15K RPM drives, and other files on slower 7200 RPM drives. This file virtualization separates the logical grouping of files from the physical placement of them.
Once files are placed, other policies can be written to migrate from one disk pool to another, migrate from disk to tape, or delete the file. Migrating from one disk pool to another is done by relocation. The next time the file is accessed, it will be accessed directly from the new pool. When migrating from disk to tape, a stub is left in the directory structure metadata, so that subsequent access will cause the file to be recalled automatically from tape, back to disk. Policies can determine which storage pool files are recalled to when this happens.
Migrating from disk to tape involves sending the data from SONAS to external storage pool manager, such as IBM Tivoli Storage Manager (TSM) server connected to a tape library. SONAS supports pre-migration, which allows the data to be copied to tape, but left on disk, until space is needed to be freed up. For example, a policy with THRESHOLD(90,70,50) will kick in when the file system is 90 percent full, file will be migrated (moved) to tape until it reaches 70 percent, and then files will be pre-migrated (copied) to tape until it reaches 50 percent.
Policies to delete files can apply to both disk and tape pools. Files deleted on tape remove the stub from the directory structure metadata and notify the external storage pool manager to clean up its records for the tape data.
If this all sounds like a radically new way of managing data, it isn't. Many of these functions are based on IBM's Data Facility Storage Management Subsystem (DFSMS) for the mainframe. In effect, SONAS brings mainframe-class functionality to distributed systems.
Understanding IBM SONAS Use Cases
For many, the concept of a scale-out NAS is new. Stephen Edel, IBM SONAS product offering manager, presented a variety of use cases where SONAS has been successful.
First, let's consider backup. IBM SONAS has built-in support for Tivoli Storage Manager (TSM), as well as supporting the NDMP industry standard protocol, for use with Symantec NetBackup, Commvault Simpana, and EMC Legato Networker. While many NAS solutions support NDMP, IBM SONAS can support up to 128 session per interface node, and up to 30 interface nodes, for parallel processing. SONAS has a high-speed file scan to identify files to be backed up, and will pre-fetch the small files into cache to speed up the backup process. A SONAS system can support up to 256 systems, and each file system can be backed up on its own unique schedule if you like. Different file systems can be backed up to different backup servers.
SONAS also has anti-virus support, with your choice of Symantec or McAfee. An anti-virus scan can be run on demand, as needed, or as files are individually accessed. When a Windows client reads a file, SONAS will determine if it has been already scanned with the most recent anti-virus signatures, and if not, will scan before allowing the file to be read. SONAS will also scan new files created.
Successful SONAS deployments addressed the following workloads:
content capture including video capture
high performance computing, research and business analytics
"Cheap and Deep" archive
worldwide information exchange and geographically distant collaboration
SONAS is selling well in Government, Universities, Healthcare, and Media/Entertainment, but is not limited to these industries. It can be used for private cloud deployments and public cloud deployments. Having centralized management for Petabytes of data can be cost-effective either way.
IBM SONAS brings the latest techologies to bring a Smarter ILM to a variety of workloads and use cases.