Storage

You are currently browsing articles tagged Storage.

The End of the Infrastructure Engineer?

Wednesday, September 14, 2011 in Networking, Storage, Virtualization by slowe | 50 comments

Is the age of the infrastructure engineer over? While I was at VMworld 2011, I listened to a speaker talk about how people like me—people who are conversant in virtualization, networking, storage, servers, and data center hardware—are going to have to evolve/migrate into the application development space in order to survive in the “new cloud world” (my phrase, not the speaker’s). This speaker isn’t the only one, either. This started me thinking. Are infrastructure engineers really a relic of the past, like punch cards?

I think we can all agree that the heavily-specialized infrastructure teams of the past—the networking team, the server team, the storage team—are no longer sufficient in the brave new world of converged infrastructure that blends networking, virtualization, and storage all together. I’d agree, in general terms, that IT infrastructure folks need to broaden beyond their core strengths into adjacent technologies in order to remain relevant. Storage engineers need to learn some networking and some virtualization. Virtualization engineers absolutely need to know storage, and networking is becoming a necessity as well. Networking engineers need to embrace virtualization and understand the impact of storage on their networks. Whether or not the silos ever come down fully or whether we’ll just “install sliding partitions,” as one colleague of mine said, isn’t yet clear. It is clear, though, that some blurring of the lines between these teams is a given.

Is it a given, though, that infrastructure engineers have to move up the stack into the application layer(s)? From an awareness perspective—meaning becoming more aware of the applications running on their infrastructure—I’d agree. Application development, though? That one I’m not so sure about. Yes, it will be/is helpful to understand what goes into application development and the infrastructure dependencies that are the result of the development choices. Again, that’s awareness, and yes—infrastructure engineers need enhanced awareness of adjacent technologies and the relationships with their core technology strengths. Awareness, though, is fundamentally different than being well-versed in application development.

Maybe I’m just being naive or ignorant, but regardless of how many layers of abstraction are inserted into the stack—and virtualization, in its simplest form, is another layer of abstraction—someone still has to manage the infrastructure. OK, so you’ve built a “private cloud” and you have highly virtualized infrastructure, pooled resources, self-service provisioning, etc. Someone still has to manage it. Someone still has to ensure that there is sufficient capacity, and that someone needs to understand the core technologies that make the private cloud tick. If we’re all moving “up the stack,” who’s left behind to manage the infrastructure?

This is why I’m not yet convinced that the age of the infrastructure engineer is over. Even if you have virtualized your servers, virtualized your network, and virtualized your storage, management of this infrastructure is still necessary. People who understand this infrastructure—both virtual and physical—are still necessary. Engineers who know the relationships among the virtualization layers and the various technologies are still necessary. Yes, the infrastructure engineer will change, grow, and evolve, but I think that the death of the infrastructure engineer is greatly exaggerated. We can’t all move up the stack into application development; someone has to stay behind and make sure everything runs the way it’s expected to run.

What do you think? Speak up and share your thoughts in the comments.

Tags: , ,

Technology Short Take #14

Monday, September 12, 2011 in Networking, Storage, Virtualization by slowe | No comments

Welcome to Technology Short Take #14, another collection of links and tidbits of information I’ve gathered over the last few weeks. Let’s dive right in!

Networking

Much of my focus in the networking space recently has been around virtualization-centric initiatives, so the items on this list might seem a bit skewed in that direction. Sorry!

  • I’ve been doing some reading on 802.1Qbg (Edge Virtual Bridging). I still have a long way to go, but I think that I’m starting to better understand this draft and the problem(s) it’s attempting to address. As usual when I’m dealing with networking-related technologies, especially data center-focused networking technologies, I’m finding some of Ivan Pepelnjak’s articles useful. For example, he wrote an article on how EVB should ease VLAN configuration pains; this article is helpful in translating the terms the IEEE uses (like “virtual station interface” and “EVB station”) into terms virtualization-friendly folks like me can understand (like “vNIC” and “Hypervisor supporting EVB”, respectively). Ivan also provides a rough comparison of 802.1Qbh/FEX and 802.1Qbg, which I also found helpful in better understanding both technologies. There is still much that I want/need to understand, such as how 802.1Qbg affects or is affected by VXLAN, the recent darling of the cloud networking space.
  • Speaking of VXLAN, a number of articles have emerged since the announcement of VXLAN last week at VMworld 2011 in Las Vegas. Jon Oltsik of Network World called it “Cloud Network Segmentation at Layer 2.5″, which is catchy but doesn’t really delve into the details of VXLAN and how it plays into/with related data center protocols. Of course, there’s also the obligatory VMware post on the technology, talking about how great it is—naturally—but failing to again provide substantive information on the relationships between VXLAN and other, related data center technologies. If anything, Allwyn’s post made VXLAN seem even more proprietary and linked to vCloud Director and vShield Edge than I’d understood it to be. Fortunately, Ivan weighed in on the proposed new standard and also provided some information on the relationship between VXLAN, OTV, and LISP. I’m still digging into VXLAN myself and I plan to post an article within the next week or so (I’ve been a bit busy with moving halfway across the United States).
  • Ivan also has a post with more details on the Brocade VCS fabric load-balancing behaviors that’s worth having a look.

Servers

  • This article on AES-NI in the newer Intel CPUs is a great look at the benefits of adding symmetric encryption support at the CPU level. Almost makes me want to go out and buy a new MacBook Pro so that I could use File Vault 2 with hardware encryption support…

Storage

  • One cool find recently is this series of “hands-on” posts by Henri Hamalainen (aka @henriwithani) on the EMC VNXe 3300. I had the pleasure of meeting Henri in person at VMworld this year, and he mentioned that he’d started a series of posts on the VNXe 3300. His posts are here: part 1, part 2, part 3, part 4, part 5, and part 6. (Part 7 hasn’t yet been written.)
  • There’s been quite a hubbub going on in the FCoE space, with so many articles flashing back and forth from various contributors I’m still having a hard time deciphering all of it. From what I can tell, it all started with an article by a VP at Juniper about FCoE over TRILL. That sparked Ivan Pepelnjak to coin some new terms: “dense-mode FCoE” (in which FCFs exist at every hop) and “sparse-mode FCoE” (in which LAN switches may forward FCoE frames without any FCoE awareness). That, in turn, sparked an article by Tony Bourke in which he creates more new modes of operation: single hop FCoE (SHFCoE), dense-mode FCoE (DMFCoE), and sparse-mode FCoE (SMFCoE). A fantastic (and very informative) discussion ensued in the comments to that article and the follow-up article. Ivan also responded to Tony’s post as well with a post on FCoE network elements classification. I’m not sure that all the contributors ever came to a consensus, but you’ll learn a lot about FCoE and related technologies just following along, that’s for sure.
  • By the way, this transcript of questions and answers from a live FCoE webcast has some great information buried in it as well.
  • This is an older article, but Stephen Foskett does a good job with discussing FCoE vs. iSCSI. Like so many other IT-related decisions, it’s not an “either-or” discussion—it’s about finding the right tool to do the job.
  • This article provides one suggestion for handling zoning with multiple storage arrays, and provides some good information on EMC CLARiiON/VNX arrays in the process.

Virtualization

  • The idea of stretched clusters and interconnecting data centers continues to be an idea many people are interested in exploring. Rawley Burbridge, of IBM, discusses how this might be done using IBM SVC and VMware vSphere in this three-part series (part 1, part 2, and part 3).
  • Kendrick Coleman, in conjunction with a collection of folks from both VMware and VCE, recently published an article on design considerations for vCloud Director on a Vblock. I haven’t yet read the full document, primarily because it appears to require a Facebook login in order to download. (I don’t use Facebook.)
  • Andre Leibovici—who I had the pleasure of meeting in person at VMworld—has an article on how to modify the Windows Registry settings (or apply Group Policy) for the VMware View Client in order to integrate self-service password reset.
  • The VMware vCloud Architecture Toolkit (vCAT) version 2.0 is now available; get it here (via Beaker).
  • Forbes Guthrie—the lead author with whom I worked on VMware vSphere Design, published earlier this year—posted some great 10Gb Ethernet-related information from VMworld session SPO3040.
  • This is a slightly older post from Hany Michael, but a good one nevertheless; he posts information on how to publish the vCloud Director portal on the Internet.

I guess that will wrap things up for this time around. Thanks for reading, and I hope that you found something useful in this varied mix of links. Feel free to share more in the comments below!

Tags: , , , , ,

Technology Short Take #13

Thursday, August 25, 2011 in Networking, Storage, Virtualization by slowe | 1 comment

Welcome to Technology Short Take #13. It’s been a while since my last Technology Short Take, and much has happened (vSphere 5 was announced, HP discontinued the TouchPad and webOS, and I announced my move to Denver). Here are a few data center technology-related links that stood out to me over the last few weeks. I hope you find something useful!

Networking

Servers

Storage

  • Sometimes it seems like people don’t fully understand the level of compatibility between FC and FCoE. This post by Vijay Swami provides a good review of the impact of FCoE on the average storage administrator—in most cases, no impact at all.
  • Erik Smith has a good review of the FC/FCoE connectivity options for EMC storage platforms in this post. It’s worth taking a quick look if you are interested in more detail on what sort of FCoE connectivity options are supported.
  • On the flip side, here’s information from Cisco on storage interoperability with UCS.
  • This two-part series by Itzik Reich on Citrix XenDesktop 5 with EMC VNX and FAST Cache is a good read, especially if you are considering XenDesktop for your VDI environment. Part 1 is here, and part 2 is here.
  • Here’s another look at the impact of FAST Cache on VDI workloads.

Virtualization

  • This post on application consolidation by Scott Drummonds is an old post (from January 2010), but it’s still a good one. In this post, Scott shares data from tests assessing the impact of consolidating sequential access workloads with random access workloads on the same datastore. The results of the tests underscore the importance of knowing the I/O profile of your workloads.
  • Here’s a workaround for using static MAC addresses that fall outside the normal range that vSphere allows.
  • Cormac Hogan has a great series of blog posts on new storage features in vSphere 5. Part 1 covers VMFS-5, part 2 discusses Storage vMotion, part 3 covers VAAI, and so forth. This is definitely worth reading. Of course, there is this vSphere 5 book slated to come out in early October that will discuss all these features, too…
  • I have a whole collection of posts by William Lam; he’s been on a roll: a summary of the updates to esxcli, information on enabling support for nested 64-bit and Hyper-V VMs, and information on enabling nested Fault Tolerance.

Security

  • I came across this article on how to protect Hyper-V hosts against ARP spoofing. Unless I’m mistaken—and that’s certainly very possible—I don’t think that the vSwitch/distributed vSwitch security policies around MAC address changes and forged transmits protect against ARP spoofing. Anyone have any additional information on how a VMware vSphere shop would protect against ARP spoofing? Is it even necessary?
  • Harley Stagner has a pretty good write-up of the Nexus 1000V Virtual Security Gateway (VSG). The VSG—and the Nexus 1000V, for that matter—are products in which I’m very interested, but just haven’t had the time to really spend with them. Perhaps in the future!

It’s time to wrap up now, but thanks for reading. Feel free to share any other interesting or useful links you’ve found, or any thoughts on the links I included here, in the comments.

Tags: , ,

Looking Again at VASA

Thursday, August 25, 2011 in Storage, Virtualization by slowe | 3 comments

In early August, I wrote a post titled A Deeper Look at VASA, in which I provided some additional details on how VASA (the vSphere Storage APIs for Storage Awareness) worked and some of the potential limitations of the initial VASA implementation in vSphere 5. My original post was not intended to slam VASA; rather, my goal was to provide some additional information about how VASA works so that users can appropriately understand how best to incorporate this functionality into their environments.

Since that article was published, Cormac Hogan of VMware has published an article on the VMware vSphere blog that contains a “sneak peek” at some of the VASA implementations from various storage vendors. Now that we’ve had the ability to see how the various storage vendors are implementing VASA, I’d like to go back and look at the information about VASA in light of this new information.

In my first VASA post, I explained that the VASA protocol specification allows the storage provider to pass up only a single system-provided capability, and I outlined three different options for how storage vendors might use this functionality. Based on the information in Cormac’s post (which I highly recommend you read), it would appear that a couple of the storage vendors have chosen to embed multiple attributes (RAID, disk type, snapshots, etc.) in the name of the system-provided capability. For example, Cormac’s article shows that Dell EqualLogic will use system-provided capabilities like “RAID, SNAP” or “RAID, SNAP, REPLICATED”. This is a perfectly acceptable use of the system-provided capability, as I outlined in my previous article. The only drawback—and this isn’t really a drawback as much as an observation—is that the overall list of potential system-provided capabilities can grow very long as more individual attributes are added to the name.

Similarly, NetApp has chosen to include specific storage attributes in the name of the system-provided capabilities, creating capabilities like “Fiber Channel Disks; Dedupe” and “SATA Disks; Dedupe; Replication”. Again, a perfectly acceptable workaround for the “one system-provided capability per datastore” limitation found in the VASA protocol specification.

Based on Cormac’s article, it sounds like HP’s VASA implementation will be very similar.

What about EMC’s VASA implementation? I know what it will look like, but I haven’t gotten approval to share that with anyone publicly yet, so I’ll have to defer on any comments regarding EMC’s VASA implementation. EMC does have a working VASA implementation and will provide VASA support, as outlined in Cormac’s article.

So, based on this information and seeing how the vendors are “bypassing” the protocol limitation by overloading the system-provided capability name string, it would seem to me that there isn’t really a strong limitation here. Personally, I would still recommend to VMware to stop using the term “capability” and find some other term, as I think that it leads users to believe VASA is something other than what it is (something more granular). I also think that VASA has a lot of room to grow and become more powerful in future releases, and I’m looking forward to seeing how this functionality evolves.

What do you think? Do these VASA implementations look useful? What part of VASA (and profile-driven storage) do you think will be most useful to you in your specific environment? I’d love to hear what you think, so feel free to speak up in the comments below.

Tags: , , ,

A Deeper Look at VASA

Friday, August 12, 2011 in Storage, Virtualization by slowe | 13 comments

Much has been said and written about VASA (the vSphere APIs for Storage Awareness), a key part of vSphere 5 and the “magic” behind the new profile-driven storage functionality. I recently had the opportunity to dive a bit deeper into VASA, and discovered some information that I felt was important to share with the virtualization community. This post probably won’t earn me any brownie points at VMware, but at least we’ll all have a better idea of what VASA can and cannot do.

The basic premise of VASA is that something called the VASA provider (also referred to as a storage provider in the vSphere Client UI) supplies something called capabilities about datastores. It is widely believed that for each datastore the VASA provider will pass up multiple capabilities like deduplication, replication, snapshot status, RAID level, drive type, or performance (IOps/MBps) capacities. vSphere administrators could then use some arbitrary combination of these capabilities to create a VM storage profile. VM storage profiles can then help determine which datastores are compatible (support the necessary capabilities) or incompatible (don’t support the required capabilities) when creating new VMDKs, performing Storage vMotion operations, cloning a VM, or deploying a VM from a template.

This sounds pretty cool, right? Unfortunately, that’s not how VASA works.

The VASA protocol actually limits the storage provider to supplying (or assigning) only one capability to each datastore. That’s right—each datastore can have only one capability provided by the VASA provider (a capability assigned by the storage provider is also referred to as a system-provided capability). So instead of VASA providing up individual attributes like RAID level, drive type, etc., and allowing vSphere administrators to build VM storage profiles from these attributes, the VASA provider must supply a single “meta-attribute” that is a sum of the various configuration options. This means you’ll see system-provided capabilities like:

  • A concatenation of various attributes lumped together in a single label, like “RAID 5;Thin;Deduplicated;SAS/FC Drives”
  • A generic but descriptive label, like “High Performance”
  • A fully generic label such as “Gold” or “Silver”

<aside>At this point it should be fairly obvious that the use of the word “capability” in the manner that VASA and profile-driven storage use it is horribly misleading. “Label,” as I’ve used above, is far more accurate.</aside>

The VASA provider will then assign one of these system-provided capabilities to the datastore. vSphere administrators have the option of applying one user-defined capability to a datastore as well. This means that, at most, any given datastore may have a maximum of two capabilities: one system-provided and one user-defined.

Because your datastores may have no more than two capabilities assigned, your VM storage profiles can also have no more than two capabilities selected. Think about it—if you select three capabilities (which the UI will let you do), all datastores will be found incompatible because none of them have all three capabilities.

This behavior is a far cry from what many people expected and believed VASA would do, myself included. I expected VASA to be far more powerful and far more flexible than it is, and I would imagine that a fairly significant number of readers were under the same impression.

I’d love to hear from the readers. What were your impressions of what VASA would deliver, and how do they compare to the reality? Feel free to share your thoughts in the comments below.

Tags: , , ,

BRKSAN-3707: Advanced SAN Services

Thursday, July 14, 2011 in Networking, Storage by slowe | No comments

This is BRKSAN-3707, Advanced SAN Services, presented by Mike Dunn.

According to TIP’s Storage Research, the top five storage initiatives are deduplication, technology refresh, tiered storage build-out, archiving, and consolidation.

The three main sections of the presentation are SAN consolidation with virtualization, tiered storage and backup design, and Fibre Channel over Ethernet (FCoE).

The presentation starts with SAN consolidation using virtualization. This is really a discussion of virtual SANs (VSANs), which allow you to consolidate SANs onto the same hardware but still providing logical separation of fabrics. In order to move between VSANs, you need to use Inter-VSAN Routing (IVR).

When is IVR needed? When an initiator in one VSAN needs to talk to a target in another VSAN. IVR maintains isolation while allowing for resource sharing.

A common use for IVR is to provide common SAN services, like a shared tape library. IVR would allow media servers in individual VSANs to talk to a shared tape library in a “common” VSAN.

Setting up IVR involves creating an IVR topology. This means you need to manually define the VSANs that will be used for IVR on each switch (all switches that perform IVR will need identical configuration). After defining the IVR topology, you activate it. Then you create your IVR zones and IVR zoneset, just like creating regular zones and zoneset.

IVR works by creating a virtual domain in each VSAN that represents the other VSANs in the topology. Likewise, it creates virtual devices in each VSAN that represent the devices in the other VSANs. This means that logically the initiator thinks the target is in the same VSAN.

Keep in mind that IVR doesn’t perform FC ID translation, so domain IDs have to be unique across all VSANs.

IVR does have a Network Address Translation (NAT) mode (IVR NAT). With IVR NAT, the virtual switch is given a randomly available domain ID; this means that you don’t need unique domain IDs across all VSANs. IVR NAT is the preferred method of IVR moving forward.

Some operating systems or devices need persistent FC IDs, so IVR NAT allows for static definitions of domain IDs and FC IDs.

Another use case for IVR is SAN extension. You can use IVR to isolate the “remote site” VSAN from the production VSAN, limiting edge VSAN events to only that VSAN. The recommended configuration uses a transit VSAN that connects the two data centers. This keeps the VSANs in each data center isolated to only that data center. (Think of it like a /30 network between two routers.)

A question was asked about using FCIP and whether IVR is needed in this sort of situation. In this case, IVR would not be necessary.

Mike next launches into a quick review of SAN designs. In a core-edge design, there are core switches where storage is attached and edge switches where hosts are attached. This sort of design generally tops out at about 1,700 devices.

For larger environments, you can use an edge-core-edge design. Storage devices have their own edge switches, as do servers, and the edge-to-edge traffic passes through the core. This sort of design tops out at about 4,200 devices.

That discussion was a lead-in to a discussion of NPV/NPIV. This is a topic I’ve covered previously, so I didn’t take notes on this section.

Mike did share some good information on the maximum number of logins per port (42 in switch mode, 114 in NPV mode—watch this value if you are using nested NPIV, which is the term for NPIV hosts connecting to an NPV mode switch) and logins per switch (MDS 9124/9124e/9134/9148).

After discussing NPV/NPIV, Mike moves on to discuss a feature called FlexAttach. FlexAttach resolves the issue of needing to modify zoning and zonesets when an HBA or server needs to be replaced. Basically, any host connecting to an F-port configured as a FlexAttach port will assume the virtual WWPN assigned to that F-port. This eliminates the need to reconfigure zones or zonesets if you replace the server or HBA connected to that F-port. If you’re familiar with the behavior of HP VirtualConnect, this appears to be very similar in behavior. FlexAttach is supported on the MDS platform, but is not supported on the Nexus platform.

(Side question: Is FlexAttach leveraged in UCS for vHBA configurations?)

That wraps up the first section; Mike now moves into a discussion of tiered storage and backup design. In this section he will discuss Data Mobility Manager (DMM), SANTap, and Storage Media Encryption (SME).

To perform data migrations, there are different approaches:

  • Server/software-based
  • Array-based
  • Appliance-based

Each of these approaches has advantages and disadvantages. Cisco’s solution is DMM, which is a SAN-based migration solution. DMM does both online and offline data migration, uses FC redirects to allow transparent insertion/removal, and is very fast (4.2TB/hr).

FC Redirect is a target-based mechanism for transparently redirecting traffic to a target. With regard to DMM specifically, when using DMM for data migration, FC redirect is used to redirect traffic to the DMM process itself. DMM then sends the I/Os to both the original (source) and destination locations on the SAN. In this regard, it sounds like DMM is performing a form of write-splitting.

In synchronous mode, when handling I/Os to a “migrated” area of the LUN, writes are mirrored. If I/Os are to a “in process” area, writes are queued temporarily until the region has been migrated. For I/Os to “unmigrated” areas are simply sent directly to the source LUN.

In a dual-fabric configuration, each fabric requires its own DMM. Each DMM can handle multiple VSANs.

DMM can also run in an asynchronous mode. In this mode, DMM uses Modified Region Logs (MRLs) to track changes to the source LUN. Any “dirty region” in the MRL is copied across to the target. There is no write penalty as there is with synchronous mode described earlier.

A question was raised about what happens when the data migration is complete. At that point, you’ll halt the I/O on the server, complete the job in DMM, and then rezone the fabric to point your host(s) to the new storage target.

You can use the DMM asynchronous mode to migrate data between data centers as well. To prevent having to span a VSAN to the remote site (generally not recommended), you can add another VSAN (a replication VSAN) and a third MSM (a module in the FC switch that runs DMM) to handle the inter-site traffic.

The 120 day evaluation licenses within NX-OS will enable DMM with full functionality for 120 days.

The presentation next shifts to Storage Media Encryption (SME). SME encrypts media for SAN-attached tapes, VTLs, and disk arrays. It uses AES-256 encryption and it is FIPS 140-2 certified. The solution can use a Cisco key management solution or RSA Key Manager. SME is a licensed feature and is only supported on certain platforms (requires certain modules, i.e., the MSM-18/4 or the SSN16).

SME uses FC redirects to transparently insert itself into the data stream to perform encryption.

Cisco’s key management solution, Key Management Center, is part of Cisco Fabric Manager. It handles archiving, replicating, recovering, and purging media keys.

Encrypting disks using SME will be available in NX-OS 5.2(1).

The next topic up is SANTap, which as many readers already know is leveraged by EMC RecoverPoint for heterogeneous storage replication. SANTap is a licensed feature but does not use FC redirects. Instead, SANTap uses a host VSAN and a target VSAN. In the host VSAN, SANTap creates a DVT (Data Virtual Target), which uses the WWPN of the real target port. In the target VSAN, SANTap creates a VI (Virtual Initiator), which uses the WWPN of the real host port. SANTAp issues I/Os (or splits I/Os) from the host to the DVT and passes a copy to an additional fabric-based appliance (i.e., a RecoverPoint appliance).

Mike did not have any information on SANTap support for the SCSI commands used by VMware for the VAAI/VAAIv2 offloads in vSphere 4 and vSphere 5. (Bummer!)

The last section of the presentation was on Fibre Channel over Ethernet (FCoE). The information contained in this section was review and stuff that I’ve already covered elsewhere.

Tags: , , , , ,

Using VAAI to Maintain Control?

Thursday, June 16, 2011 in Storage, Virtualization by slowe | 15 comments

Chris M Evans (@chrismevans) aka The Storage Architect recently posted an article on his site titled “VAAI – Offloading or Maintaining Control?” The article was a follow-up to a discussion with Nigel Poulton (@nigelpoulton) at HP Discover 2011.

The basic premise of the article as I understand it was a discussion of whether the introduction of VAAI (vStorage APIs for Array Integration), while it does bring benefits to the storage layer, also gives VMware more control. Quoting from the article:

In comparison to NFS, it seems that by implementing VAAI features, VMware are looking to retain even more control over the storage layer than before.

At first glance, it would seem that this conclusion is logical: VMware is using its popularity and large market share to force storage vendors to write to their proprietary “array integration APIs”, thus giving them another layer of control over the storage layer. VMware is the one pushing these integrations, so it seems like a reasonable conclusion, right?

The problem with this conclusion is that it overlooks one simple fact: the vStorage APIs for Array Integration aren’t APIs at all; in fact, they are nothing more than standard SCSI commands. That’s right: VAAI is composed of standard SCSI commands that have been defined and approved by the INCITS T10 committee. (If you’re interested, you can get details on the commands in the SBC-3 standard available from the T10 website.) Any hypervisor or OS running any file system on any array could leverage these commands and their functionality. There’s absolutely nothing specific to VMware or VMFS, VMware’s proprietary clustered file system, that would grant VMware any level of control. Microsoft could add support for these T10 commands and Hyper-V would reap the same benefits as VMware. The open source community could add support for these commands to Xen or KVM, if they so desired, and they would receive the same benefits that vSphere receives.

The flip side is true, too: there’s nothing in any of these SCSI commands that grants a storage vendor a level of control, either. NetApp, EMC, HP, HDS, Dell/Compellent/EqualLogic—anyone of these vendors could (and many did) implement the commands and would support them regardless of the software running on the host.

In my mind, the fact that these commands are completely hypervisor- and OS–agnostic (meaning that any hypervisor or OS could implement them) completely deflates the theory that VAAI gives VMware another form of control at the storage layer.

What do you think? Speak up in the comments.

Tags: , , , ,

Distance vMotion = Stretched Cluster?

Monday, May 16, 2011 in Networking, Storage, Virtualization by slowe | 17 comments

Apparently, some people within the virtualization and storage community took umbrage with one of my statements from my article on stretched clusters and distance vMotion. Specifically, this statement:

Long-distance vMotion and stretched clusters are not the same thing.

I’ll be the first to admit that I don’t know everything, and I try (not always successfully) to be open to admitting where I’m wrong. So feel free to (constructively) tell me where I’m mistaken here. How can long-distance vMotion and stretched clusters be considered the same?

Yes, both of them require Layer 2 adjacency for VMs. Yes, both of them need an appropriately configured storage layer underneath them (the architecture of which is an entirely separate discussion, in my opinion—or is it?) so that storage is accessible from both sites. But the fact that they share common requirements doesn’t make them the same. Related? Yes. The same? No.

We know that a cluster is not a vMotion boundary. In other words, you can use vMotion to move VMs between clusters. That means I can have two clusters—one in each site—and I can use distance vMotion to move VMs between them. Ergo, distance vMotion but not a stretched cluster.

Similarly, I could have a stretched cluster (a cluster of ESX/ESXi hosts with some hosts in one site and some hosts in another site) and not use distance vMotion, since a cluster does not automatically mean vMotion. (Thnik about a cluster with DRS disabled.) Ergo, a stretched cluster but not distance vMotion.

So what am I missing? Or am I just being too technical with the definitions? Constructive comments and feedback are welcome.

Tags: , , , ,

Stretched Clusters, Distance vMotion and L2 Adjacency

Thursday, May 12, 2011 in Networking, Storage, Virtualization by slowe | 11 comments

Beth Pariseau recently published an article discussing the practical value of long-distance vMotion, partially in response to EMC’s announcement of VPLEX Geo at EMC World 2011. In that article, Beth quotes some text from a tweet I posted as well as some text from Chad Sakac’s recent post on VPLEX Geo. However, there are a couple inaccuracies from Beth’s article that I really feel need to be cleared up:

  1. Long-distance vMotion and stretched clusters are not the same thing.
  2. L2 adjacency for virtual machines is not the same as L2 adjacency for the vMotion interfaces.

Regarding point #1, in her article, Beth implies that Chad’s statement “Stretched vSphere clusters over [long] distances are, as of right now, still not supported” is a statement that long-distance vMotion is not supported. Long-distance vMotion, over distances with latencies of less than 5 ms round trip time (RTT), is fully supported. What’s not supported is a stretched cluster, which is not a prerequisite for long-distance vMotion (as I pointed out in the stretched clusters presentation Beth also referenced). If you want to do long-distance vMotion, you don’t need to set up a stretched cluster, so statements of support for stretched clusters cannot be applied as statements of support for long-distance vMotion. Let’s not confuse the two, as they are separate and distinct.

Regarding point #2, the L2 adjacency for virtual machines (VMs) is absolutely necessary for distance vMotion. As I explained here, it is possible to use a Layer 3 protocol to handle the actual VMkernel (vMotion) traffic, but the VMs themselves still require Layer 2 adjacency. If you don’t maintain a single Layer 2 domain for the VMs, then VMs would have to change their IP addresses on a live migration. That’s REALLY BAD and it completely breaks live migration. Once again, there is a very separate and distinct behavior that you’re trying to modify with large L2 domains.

Am I off? Speak your mind in the comments below.

Tags: , , , , ,

Stretched Clustering Presentation

Tuesday, May 10, 2011 in Networking, Storage, Virtualization by slowe | 5 comments

On May 5, I had the privilege of speaking in Charlotte, NC, at the Carolina VMware User’s Summit. I had been asked to deliver a presentation on the pros and cons of stretched clusters in VMware vSphere. Since I know that not everyone could make it to Charlotte, here’s a copy of the presentation I gave. It’s hosted via Sliderocket. Enjoy, and feel free to post any questions or suggestions in the comments to this post. Thanks!

Tags: , , , ,

« Older entries § Newer entries »