Simplified Storage, Storage Directions And Trends
Download
Report
Transcript Simplified Storage, Storage Directions And Trends
Simplified Storage, Storage
Directions And Trends
Simple SANs
SAN Security
Rahul Auradkar
Partner Program Manager
Keith Hageman
Technical Evangelist
Agenda
SAN Complexities & Adoption Blockers
SAN Deployment/Configuration
SAN Security
…
Windows Server 2003 Storage Technologies
Industry Initiatives with Microsoft Platforms
SAN Simplification with Windows
SAN Security
Storage Solution Adoption Trends
Half the cost of SAN
SAN
Low Cost
SAN
iSCSI
NAS
DAS
Gateways
SME
LE
SAN Complexities &
Adoption Blockers
Obstacles to Faster SAN Adoption
Absence of O.S. SAN Facilities
Security
Path Fail-over
Snap-Shot
LUN Management
Expensive Storage Networking Hardware
Multiple Storage Management Interfaces
Build-a-SAN Studies
5 attempts of 6-9 people
SAN Configuration
Server, HBA, Switch & Storage Array – 1 each
Goal – Build-a-SAN in under 4 hours
Technical – server and storage aware
Not specifically SAN trained
Cable server to switch to storage array
Zone switch
Create LUN, format, assign drive letter
Write data to volume
Results – 100% failure
Windows Server 2003
Storage Technologies
Windows Server 2003
Storage Goals
Data Protection and Recovery
Availability, Scalability, and Performance
Volume Shadow Copy Services (VSS)
Automated System Recovery (ASR)
Multipath IO (MPIO)
Distributed File System (DFS)
File and System Performance (SMB, NFS, Chkdsk, Vrfydsk)
Interoperability
Virtual Disk Service (VDS)
SAN friendliness (SAN Boot, Flexible Volume Mounting, Storport, SNIAbased HBA Management API)
Best Platform for Storage Solutions
Writers
Writers
User Mode
Microsoft Answer
Windows Server 2003 Storage Stack
Requestors
Applications
Volume
Shadow
Copy
Service
Virtual Disk
Service
(Point-in-time
copies)
(RAID, disk
access,
Enclosures)
SW Provider
SW Provider
HW Providers
HW Providers
Removable
Storage
Manager
(tape and
optical media
management)
WMI
Microsoft
Kernel Mode
File Systems
Partners
Volume Snapshot
Volume Management
Multipath I/O
DSM
DSM
Disk
Tape
Changer
SCSIPort
Storport
iSCSIprt
Miniport(s)
MS MPIO
DSM
iSCSI Initiator
Class
IDEPort
Port
Miniport
Volume Shadow Copy
Service (VSS)
VSS Components
Volume Shadow Copy Service
Coordinators all components
Requestors
Invokes VSS to a create shadow copy
Writers – Represents Apps and Windows Services
(i.e., SQL, Exchange, AD, etc.)
Backup applications
Shadow copy management applications
Differentiates VSS from competitors
Participate in shadow copy creation process
Providers
Create shadow copies
System provider
Hardware snapshots
VSS Requestors
Backup Requestors
Shadow Copy Management
Applications
Aelita
CommVault Shadow Explorer 1.3*
BakBone NetVault 7.1
Datacore SANmelody
CA BrightStor ARCserve Backup v11
Datacore SANsymphony
CA BrightStor Enterprise Backup v10.5*
EMC Snapview Integration MS Exchange*
CommVault Galaxy*
FalconStor Snapshot Agent for VSS
CommVault Qinetix*
HP Fast Recovery Solutions
Dantz
Microsoft Vrfydsk (Resource Kit)
EMC ERM 2.1.1*
NetApp
EMC Legato Networker 7.1
Xiotech/CA*
IBM Tivoli Storage Manager 5.2
HP Data Protector 5.1*
Microsoft NTBackup
StBernard Open File Manager 9.1
Ultrabac
Veritas Backup Exec 9.1
VSS Writers
Windows Server 2003 service writers (in-box)
COM+
Certificate Server
Cluster Server
DHCP Server
Event Log
Removable Storage
Terminal Server
File Replication Service
Active Directory
WINS
WMI
IIS
SFP
Registry
SQL 2000/MSDE
Application writers with increased functionality
Exchange 2003 (SP1 Incr/Diff)
SQL Server 2000 (in-box)
VSS Providers
Hardware Providers
Software Providers
EMC CLARiiON
Datacore
EMC Symmetrix
Microsoft
FalconStor (iSCSI)
StorageCraft
EqualLogic (iSCSI)
Veritas Storage Foundation for Windows
HP EVA
HP VA
HP XP (32 & 64-bit)
IBM ESS
IBM FastT
Intransa (iSCSI)
LSI Logic
NetApp
NEC
StorageTek SVA
XIOtech 3D
XIOtech Magnitude
Virtual Disk Service (VDS)
VDS – What Is It?
Single interface for managing block
storage whether done by
OS software, or
RAID storage hardware, or
other storage virtualization engines
Vendor and technology neutral
Interconnect neutral
Focus is virtualization and innovation in
hardware for auto-management
VDS Components
Command Line
Interfaces
Diskpart / Diskraid
Disk
Management
Management
Application(s)
Virtual Disk Service
Software Providers
- Basic Disk
- Dynamic Disk
Hardware Provider(s)
Disks
LUNs
Drives
Spindle
Spindle
- Hardware
- MS functionality
- 3rd party functionality
VDS Providers
Windows Server 2003 providers (in-box)
Basic disk (partitions, volumes)
Dynamic disk (partitions, volumes,
spanning, mirror, RAID-5, Stripes)
Third-Party Providers
Datacore SANmelody
Hitachi Thunder
Datacore SANsymphony
IBM FastT
EMC CLARiiON
LSI Logic
EMC Symmetrix
NetApp
HP EVA
StorageTek SVA
HP MSA
Veritas Storage Foundation for Windows 4.0
HP VA
XIOtech 3D
HP XP
XIOtech Magnitude
Hitachi Lightning
VDS Applications
Windows Server 2003 Applications (in-box)
Disk Management MMC
Diskraid CLI (Resource Kit)
Diskpart CLI
Third-Party Applications
CommVault Shadow Explorer 1.3
Datacore SANmelody
Datacore SANsymphony
ElipSAN iSCSI
HP Fast Recovery Solutions
IOMega
Qlogic VDS SANSurfer
Microsoft Automated Deployment
Services
Stratus
Veritas Storage Foundation for
Windows 4.0
VDS 1.1 – MS MPIO & iSCSI
Feature additions
Schedule
Integrated MPIO management
Support for iSCSI hardware
Better SDK docs, sample code, and tests for IHVs
Managed code wrappers for ISVs
Beta SDK – June, 2004
RTM Q4, 2004
“Designed for Windows” logo program
VDS 1.0 or 1.1 (TBD) in HCT 12.1 (W2K3 SP1)
Integration of MS MPIO & iSCSI
Part of Osaka release available in beta this month
Microsoft MPIO binaries are included with this release
of iSCSI as well as a generic iSCSI DSM written and
supported by Microsoft
iSCSI DSM designed to work with all SPC-2 or later
compliant iSCSI targets
Additionally, Microsoft MPIO partners will have access
to iSCSI DSM source and can add functionality and
release their own Microsoft MPIO iSCSI solution to
customers
Logo program will be available only for iSCSI multipath
solutions based on Microsoft MPIO
Simple SANs
The Solution:
Virtual Disk Service
Simplify & Cost Reduce SAN Array Management
Virtual
Disk
Services
Partner Driven Simple SAN initiative
SAN’s
Very successful in the high-end enterprise
VERY COMPLEX to deploy, expensive ($/byte), lack of end-to-end prescriptive
configurations
Mid-Market
Customers open to networked storage
solutions
data explosion, server consolidation, cost support this BUT …
Need SANs with modular arrays
Ease of initial deployment, provisioning; reasonable cost for ongoing management
More favorable cost to capacity – the trend-lines here are positive
Solutions
from Key Industry partners
Windows Server 2003 hosts
Low-cost, simple fabrics that includes pre-configured switches and HBAs
Integrated applications & management consoles on Windows Server 2003
SAN Config - Accelerator
RADIUS Security
MPIO Path Fail-over
VSS Snap-Shot
VDS LUN Management
Affordable Storage Networking Hardware
One Simple Storage Management Interface
Protocol Agnostic - iSCSI or FC
Powerful O.S. Storage Networking Facilities
SANsurfer® VDS Manager
Windows 2003 Server
application
Complements VDS CLI with
an easy to use GUI
Functions
Device discovery
LUN configuration
RAID management
Disk formatting
Distributed with QLogic
HBAs, switches and SAN
Connectivity Kit for Windows
2003
Downloadable from
QLogic.com
Complementary to VDS CLI
CLI for Windows storage experts
Must know command strings, syntax and flags
Typo’s
Must know the environment
QLogic VDS GUI those that don’t want to be Windows
storage experts
One intuitive easy to use interface
Uses HBA API for auto discovery of devices
Maps and displays storage network topology
Configure cross platform devices from one interface
Point and Click
Accelerates mass adoption
SANsurfer VDS Manager
SAN Security
Enterprise SAN Security
Phases of implementation
Physical Lock-down &
Protection of Data at
Rest
1. Out of Band Management Access
Simple Authentication
2. Switch-based proprietary device security
Present today
PHASE I
Out of Band Authentication,
Authorization and Audit (AAA)
RADIUS with AD/LDAP
PHASE II
In-Band Audits for In-band events
RADIUS with Policy Engine
PHASE III
In-band Fabric (FC) region of trust
DH-CHAP w/RADIUS, Kerberos, AD,
LDAP
Corresponds to phases in
the future roadmap
PHASE IV
PKI Security w/MS Cert Authority
Enterprise Frameworks with policy control
Advanced Authentication – EAP
Host (HBA) to Fabric to Storage binding
SAN Security – Phase I
Out-of-band User AAA
IP Network
Clients
SAN Mgmt
Console
Server
Host
1
Users
(AD/LDAP)
User AAA
3
2
Switch
HBAs
Storage
Sub
system
Directory Lookup
Switch Pass
Through
Fabric/Fibre Channel Network
RADIUS
SERVER
Complete Out-of-band
user AAA
SAN Security – Phase II, III, IV
In-Band Device AAA
IP Network
Clients
SAN Mgmt
Console
Server
Host
Users
(AD/LDAP)
6
4
Fabric Devices
Dir Lookup
Devices zone of trust
Switch
RADIUS
Fabric/Fibre Channel Network
SERVER
5
Fabric devices AAA & Policy
HBAs
Storage
Sub
system
4,5,6 In-band Zone
of trust with Advanced
Policy
SAN Fabric Security
Partner Support For MS RADIUS initiative
>90% of Market
Partner
Support
Brocade
Qlogic
(Switch and HBAs)
McData
Cisco
Inrange
In discussions
Emulex
In discussions
(HBAs)
Enterprise SAN Security
Radius Implementation
Customer Benefits
Enterprise Security Integration
Ease of security administration (user and device security management)
Enterprise security does not address SAN Security today – but SANs a are
critical piece of the Enterprise Infrastructure
Seamless integration into existing networks for advanced features
Eliminate SAN security complexity
Single point (RADIUS) to create and administer user and device Authentication
Authorization and Administration (AAA)
Common mgmt of user and device profiles across LAN and SAN
Advanced Policy creation and enforcement
Dynamic policies with Microsoft's Internet Authentication Service (RADIUS)
User policy, group policy (Active Directory)
Device and SAN policies (server and application policies)
Enterprise SAN Security
Radius Implementation
What’s new
Current SAN Security solutions are non-existent,
insecure or isolated from the Enterprise : this integrates
SAN Security into the overall Enterprise Security
framework
Industry leaders working together to address SAN
Security – Standards based implementation
Use of existing RADIUS Authentication to integrate a
new class of users (SAN administrators)
Use of existing policy engines (dynamic policies in
RADIUS, user/group/device policies from AD)
Enterprise SAN Security
Radius Implementation
Competitive advantage for Microsoft and Partners
Microsoft:
Microsoft will be first to market in addressing SAN Security that integrates with
existing enterprise security (partnering with the leading players in the industry)
Holistically address SAN security (as compared to islands of security and policy in
the competitive platform offerings – Linux and Unix)
Partners:
Ability to integrate widely deployed SAN markets with market leading frameworks
for Enterprise security
Proliferation of SANs to smaller enterprises
SAN security fits within the context of overall Enterprise Security and is not an
isolated solution
Partnership with widely deployed Enterprise infrastructure provider (MS)
Call To Action
Storage products are TOO hard to deploy
for end users; especially MORG/SORG
Make your product(s) compatible with
Microsoft’s partner-driven Storage
Security Initiative & Storage Simplification
Initiative
Request the Windows Storage Services
SDKs and DDKs to develop VDS, VSS,
iSCSI, Storport and MPIO solutions
Community Resources
Community Sites
List of Newsgroups
http://www.microsoft.com/communities/chats/default.mspx
http://www.microsoft.com/seminar/events/webcasts/default.mspx
Locate a local user group(s)
http://communities2.microsoft.com/communities/newsgroups/enus/default.aspx
Attend a free chat or webcast
http://www.microsoft.com/communities/default.mspx
http://www.microsoft.com/communities/usergroups/default.mspx
Non-Microsoft Community Sites
http://www.microsoft.com/communities/related/default.mspx
Additional Resources
Email
Web Resources:
VDSAPI @ microsoft.com
VSSAPI @ microsoft.com
Specs: http://www.microsoft.com/storage
Whitepapers:
http://www.microsoft.com/storage
Related Sessions
TW04084 – Windows Storage Services
Interfaces & Adoption Trends