基于bluearc ®的high-performance nas platform业务连续性概述
Post on 23-Dec-2014
714 Views
Preview:
DESCRIPTION
TRANSCRIPT
© 2007 Hitachi Data Systems
High-performance NAS Platform, powered by BlueArc® Business Continuity Overview
2
Agenda
• The Hitachi Approach To Business Continuity
• Challenges in File-based Data Protection
• Why Hitachi High-performance NAS Platform for Business Continuity?
– High Availability
– Data Protection
– Security
– Disaster Recovery
3
The Hitachi Data System Approach to Business Continuity
• Hitachi Data Systems provides innovative technology solutions to enable continuous business operations for all organizations
• Business Continuity means partnering with our customers:– to understand key business problems and requirements in order to better
design our products, partnerships and solutions – customer focus
– to provide robust application-focused storage solutions that enhance operational efficiency and resilience
– to provide technology that reduces operational risk for the organization
– to improve management of the data protection infrastructure
– to provide the most resilient and scalable data protection solutions
4
Hardware Faults Software Failures Network Problems Corrupted Data File corruption Operator Errors Viruses Hackers Glitches Bugs
Interdependence ThreatsInterdependence ThreatsSystem EventsSystem Events Internal EventsInternal Events
External Acts of NatureExternal Acts of NatureExternal EventsExternal Events
Supply Outages Partner Failures Strikes
Fire Plumbing Leaks Electrical Spike Construction Defects
Wind Storms Floods Hurricane Tornados Earthquakes
Utility Interruptions Sabotage/Terrorism Hacking Low-tech Attacks Accidents
Have We Identified the Most Damaging Risks?
5
Recovery Time vs. Cost -Evaluate each application separately
Co
st
Recovery Time Objective
Acceptable Acceptable Cost/Time Cost/Time
WindowWindow
Cost of Solution and time-to-recover
Minutes Hours Days
Online
Mission-
critical
Applications
Back office,BatchApplications
Cost of outage over time
Cost of outage over time
6
Data Protection Continuum
• Different types of data require different levels of protection
Completely duplicated/Interconnected recovery site
Remote disk mirroring
Local disk mirroring
Electronic vaulting
Tape on-site
Tape backupoff-site
More
LessDelayed
Immediate
More
LessAmountof Data
RecoveryTime
Importance ofData
Disk-to-disk backup and recovery
Remote PiT mediated copy
Out-of-region and multiple data center strategies
Cost
7
Agenda
• The Hitachi Approach To Business Continuity
• Challenges in File-based Data Protection
• Why Hitachi High-performance NAS Platform for Business Continuity?
– High Availability
– Data Protection
– Security
– Disaster Recovery
8
Explosive Growth of Unstructured Data
• Unstructured content (files such as word and power point) growing faster than traditional information or structured content (Database or transactional data)
• 75% to 90% of data is unstructured
– SNIA estimates 80%– Sun estimates 75% – OpenText estimates 90%– Day Software estimates 85%
• Ensure business continuity for unstructured data is increasingly difficult
9
Customers Challenges
Challenges in data protection and disaster recovering of unstructured data:
• Unplanned downtime• Unreliable data mirroring across geographies• Unprotected data• Managing multiple vendors and multiple devices• Management complexity• Difficulties in planning future capacity requirement• Virus threats
10
Agenda
• The Hitachi Approach To Business Continuity
• Challenges in File-based Data Protection
• Why Hitachi High-performance NAS Platform for Business Continuity?
– High Availability
– Data Protection
– Security
– Disaster Recovery
11
Why Hitachi High-performance NAS?
• Ensure high availability
• Protect data with robust capabilities
• Accelerate data recovery
• Support continuous operations
12
High Availability
• Redundant hardware (hot swap disk, power supplies, raid controllers).
• Provide continuous application processing in the event of planned or unplanned outages
• Active-active clustering up to 8 nodes• Cluster stretching up to 100km for real-time failover and recovery • Supports RAID 5, 1 and 6 (double parity to protect against parity
disk failure during RAID set rebuilding)• Complete protection against all layers of failure – application, server,
networking and storage
13
Agenda
• The Hitachi Approach To Business Continuity
• Challenges in File-based Data Protection
• Why Hitachi High-performance NAS Platform for Business Continuity?
– High Availability
– Data Protection
– Security
– Disaster Recovery
14
Data Protection Features
• Highly granular snapshots• NDMP compatible backup to tape/disk and VTL• Highly secure architecture (hardware based – difficult to hack)• NVRAM Mirroring (battery-backed NVRAM cache – data is never
lost, even in the event of a site failure).• Checkpoint file system (protects against file system corruption and
associated downtime – object based file system).• File system roll back (easily recover a file system to a previous
state).• Third-party Anti-Virus support (multiple external scanning engines)
15
Pointer-based Snapshots
What it is:• Administrators can create a cumulative history of data without
duplication. • Once the initial reference point is set then snapshots efficiently copy just
the changes or differences that occurred between selected intervals.
Benefits:• Increased data copy infrastructure performance: only updates are
captured• Improved data protection: allows for fast point in time recoveries• Simplified management• Lower cost of ownership than full cloning
16
Snapshots Overview
Features:• Stores block level changes to data
– Hardware implementation for low overhead
• Policy based snapshot management– Automated scheduler (one time or recurring)
• Up 1,024 snapshots per file system• Frequency can go down to 1
snapshot per second• File system, directory and file
permissions are maintained• File system can be backed up from
snapshots automaticallyLive File System
Delta View
Delta View
Delta View
Cumulative History
17
NDMP Backup
• Common themes of problems emerge as storage grows – The difficulty of scaling backup to meet capacity growth of storage
– The need to shrink, not expand, the backup window
– Escalating costs and complexity
• Hitachi High-performance NAS Platform has standards-based disk-to-tape copy utility built into hardware
• Separate State-Machine provides NDMP backup using FPGA (Field Programmable Gate Array) chips
• High-performance while providing concurrent file-serving activity (continuous background process)
18
NDMP Control Data
• An uncomplicated, scalable data protection and data management solution
• Zero Load on file serving function
Data movement in
HW
Backuo Data
NDMP State Machine
19
Supported Backup Solutions
The solution supports various backup applications providers for scalable and high performance backup solutions:
20
LAN
File system(P-Vol)
Master Server Media Server
NDMP over LAN
Data ManagementApplication
Tape Server Agent
SAN
NDMP Data Server ND
MP
NDMP
Actual Implementation might vary depending on backup software solution vendor
21
LAN
File system(P-Vol)
Master Server Media Server
NDMP over SAN
Data ManagementApplication
Tape Server Agent
SAN
NDMP Data ServerNDMP
Actual Implementation might vary depending on backup software solution vendor
22
LAN
File system(P-Vol)
Master Server Media Server
NDMP direct to Tape
Data ManagementApplication
Tape Server Agent
SAN
NDMP Data ServerNDMP
Actual Implementation might vary depending on backup software solution vendor
23
Agenda
• The Hitachi Approach To Business Continuity
• Challenges in File-based Data Protection
• Why Hitachi High-performance NAS Platform for Business Continuity?
– High Availability
– Data Protection
– Security
– Disaster Recovery
24
Virtual Servers
• Features:– 64 virtual servers per entity (single, dual, 3, 4 or up to 8
nodes cluster is one entity)– Separate IP addresses and policies– Migration of virtual servers with their policies between local
or remote NAS nodes– Clustering support with failover and recovery – Optional license for enhanced security by independent EVS
settings
• Benefits:– Reduces downtime– Simplifies management– Lowers cost of ownership
Allows administrators to create up to 64 logical servers within a single physical system. Each virtual server can have a separate address and policy and independent security settings.
EVS 1
•IP Address•Policy
EVS 2
•IP Address•Policy
EVS 3
•IP Address•Policy
. . . .
25
High-performance NAS Platform Security Posture
• No Shared Buses or Data Paths– Two uni-directional data paths across multiple FPGAs– No traditional shared buses or cross over points for data
redirection
• Proprietary OS and Components– Firmware barriers to prevent injection of malicious code– Attacker would have to know how to manipulate IP Stack,
BOS OS, and Memory Locations
• OS Software and Design Specs are Confidential– BOS OS and Design specs are not licensed outside of
BlueArc and Hitachi Data Systems– All reasonable measures are taken to protect
confidentiality
26
High-performance NAS Platform Security Posture (2)
• High-performance NAS Platform Architecture Helps Prevent Tampering
– Modification or injection of malicious code would be difficult
– Attacker would have to inject malware into firmware
– The BOS OS is loaded into flash at boot time
– No way to load exploit code without complete system image or causing a noticeable outage
27
Secure Management for High-performance NAS Platform
• Separation of management and data access• Role-based access control (RBAC) with
predefined roles– CLI – Supervisor Role and Read Only Role
– SMU/GUI – Global Admin, Storage Admin, Server Admin
• Encrypted communications– CLI -- SSH
– SMU/GUI -- SSL
28
Anti-Virus Support
• Files scanned on read (open) and on file close
• Scanning configurable on a per share basis
• NAS node interfaces to external virus scanners who scan files for viruses on read
– External scanners not provided by Hitachi Data Systems
• Management and Configuration:– Inclusion and exclusion lists
supported– File scanned statistics provided– Standard configuration on AV
scanners
Supported AV solutions:•Symantec Anti-Virus Scan Engine (SAVSE) v4•McAfee VirusScan (with RPC support)•Trend Micro ServerProtect (with RPC support)•CA Antivirus (with RPC support)
File Access Request
“deny” if file is not scanned
File
Scan
AV Scanners
“allow” when file scanned
Scan
request
29
Agenda
• The Hitachi Approach To Business Continuity
• Challenges in File-based Data Protection
• Why Hitachi High-performance NAS Platform for Business Continuity?
– High Availability
– Data Protection
– Security
– Disaster Recovery
30
Disaster Recovery Features
• Array-based replication with TrueCopy™– Industry-proven synchronous block based replication
• IP-based replication with IDR and IBR– Easy to configure and policy-based asynchronous replication
• MetroCluster to ensure protection during site failure– Active/Active stretched Geo-Cluster up to 100km distance
• Nearline solution– Replication target, Tape replacement, Disaster Recovery site
31
Leveraging Replication Technology
• IP Replication (asynchronous only)– Incremental Data Replication (IDR)
– Incremental Block Replication (IBR)
• IDR replicates (whole) changed files over NDMP• IBR replicates block changes only over any network port• Leveraging array-based synchronous replication for high availability and
disaster recovery– Most likely in a remote cluster scenario
– Uses FC link
• All replication options may be used simultaneously, if required
32
Replication Overview
IDR Whole File
IBR Changed Blocks Only
NDMP
IP Any Port
TrueCopy™ FC Only
Asynch
Synch S i
m u
l t
a n
e o
u s
33
IP Replication Overview
• Asynchronous data replication utilizing hardware accelerated snapshot technology
• IDR—incremental data replication (file level)
• IBR—incremental block-level (sparse) replication
• Full or incremental copies• Automated scheduler (One time or
recurring)• Preserves NFS and CIFS
permissions, and ViVol/user/group quota information
• File system and replication rollback
TCP/IP
34
IP-based replication – IDR….1/2
Incremental Data Replication (IDR):• Supports policy-based asynchronous full and incremental file system-
based data replication. • Administrators can schedule replication policies such as continuous
incremental, periodic incremental and individual single full complete data replications.
Use Cases:• IDR is ideal in environments where there are many small files to
replicate.
35
IP-based replication – IDR….2/2
Strengths:• Pricing: Included in firmware of High-performance NAS; most competitors charge
for it• Ease of Use: Strong policy-based features for automating replication tasks. • Coverage: Asynchronous operation is possible over long distances. • Flexibility: Does not require NAS nodes to be clustered; Does not require NAS
nodes to be identical at each end.
Weaknesses:• Not suitable for HA cluster failover—asynchronous operation guarantees there
might be data loss in an HA cluster failover. Use TrueCopy with MetroCluster instead.
• Performance can be an issue for large, active file systems. The more files change between replications, the longer a replication will take. Highly active, large systems can exceed the available time and/or bandwidth.
• Changed object list can actually degrade performance on highly active file systems with many changes between replications.
36
IP-based replication – IBR
Incremental Block Replication (IBR):• IBR leverages the advantages of file-level replication on a block-level• When data is modified, the modified blocks are replicated instead of the whole
file. • Optional license Use Cases:• File systems with large files. • Large database applications. • High-performance NAS deployed with iSCSI LUNs (which are seen as large files
by the file system).Strengths:• Efficient bandwidth utilization. Weaknesses:• More resource intensive than IDR.
37
Leveraging array-based synchronous replication: MetroCluster
Features: • Combination of clustering and replication
technologies over metropolitan distances• Synchronous data replication utilizing very
sophisticated TrueCopy replication technology
• MetroCluster — Active/Active Cluster geographically dispersed up to 100km (62miles)
Benefits:• Survive site specific disasters with minimal
interruption to mission critical applications and no loss of a single transaction
• Improved operational resilience
Cluster Interconnects
Bi-directionalTrueCopy
Synchronous
SAN SAN
WAN
Thank You
38
top related