Broadcast Zones

Broadcast zones A broadcast zone behaves similarly to a VLAN that is created using a protocol suchas the AppleTalk VLAN
discussed previously. Since Fibre Channel can carry bothSCSI and IP traffic, you can create a zone that consists only of those HBAs that sup-port (or wish to carry) IP traffic. However, unlike protocol-based VLANs that canautomatically add a server to a VLAN if its using a particular protocol, a broadcastzone is merely a functional classification. Current zoning technology doesnt sup-port automatically adding a member to a zone based on its protocol. A broadcastzone is merely a soft zone that contains the HBAs that communicate with a particu -lar protocol. Naming your zones Just as creating aliases for the ports on your switches and arrays helps you identifyt h e m, u si n g an ap p ro p ri at e n a mi n g co n v en t i o n fo r y o u r zo n e s can h el p t o o . Yo u should pick a name that reflects how the zones are being used. Two common nam-ing conventions are called
server-centric
and
Storage-centric If youve got one storage cabinet attached to many
storage-centric
.
Server-centric
If youve got a SAN that consists of many storage arrays connected to one server,the zone should be named after the server. This is referred to as a server-centriczone-naming convention.
Storage-centric
If youve got one storage cabinet attached to many servers, name the zone aftert h e st o rag e cab i n et . Th i s i s re fe r red t o as a st o rag e cen t ri c zo n e -n ami n g co n - vention.
LUN Masking
Although logical unit number (LUN) masking isnt technically a type of zoning, itdoes perform a similar function. It keeps different servers from seeing or using eachothers storage on the SAN. However, before explaining how LUN masking and zon-ing are different, we must define LUN masking. And before we do that, we must firstdefine a LUN.A LUN is a logical representation of a physical unit of storage and may represent anyof the following: Physical disk Physical tape drive
Robotic control device Logical disk consisting of many physical disks striped together Logical disk consisting of two mirrored stripes
This is the Title of the Book, eMatter EditionCopyright 2011 OReilly & Associates, Inc. All rights reserved.
52|C h a p t e r 3 : M a n a g i n g a S A N
Each Fibre Channel storage array or tape library may have multiple ports that can beconnected to the SAN, each with its own WWN. The array will also be configured torepresent its storage as LUNs attached to these WWNs. Therefore, each array willa p p e a r t o t h e h o s t s o n t h e S A N a s o n e o r m o r e L U N s a t t a c h e d t o o n e o r m o r e WWNs.LUN masking hides, or
masks
, L UN s so t h at each s erv e r se es o n l y t h e LU N s y o u want it to see. LUN masking is actually performed at a level just above zoning. Azone grants or restricts access only to a given
port
on a storage array, but LUN mask-i n g can t ak e t h at p o rt an d g ran t o n e se rv e r acce ss t o so me o f i t s L U Ns an d g r an t another server access to the rest of its LUNs.S u p p o se y o u h av e a si n g l e -p o r t ed s t o rag e a r ray w i t h a n u mb e r o f d i sk s , so me o f which you want to use on one host and some you want to use on a second host. Inorder for this to work, you need to create a zone that gives both servers
access to thest o rag e a rr ay . Ho w ev er , n o t h i n g p rev en t s t h e fi rst s erv e r f ro m u si n g t h e seco n d servers disks, which is what LUN masking is for. LUN masking allows you to selec-tively present half the LUNs to the first server and half to the second server.Depending on which vendors you use, LUN masking can be performed on one of three levels:
Storage array
A storage array can be configured to present certain LUNs to certain hosts. Oneway this is done is through offsets. Suppose a storage array has a total of 100LUNs. Connected to that storage array via a switch are five hosts, and you wanteach host to see 20 of the 100 LUNs. You configure the array so that LUNs 1through 20 are displayed to the first server, LUNs 21 through 40 are displayed tothe second server, and so on. The first server then sees LUNs 1 through 20 anddoesnt see LUNs 21 through 100; they have been masked from its view.
Intelligent bridges and routers

If you use a storage array that doesnt support LUN masking, another way toaccomplish it is to place an intelligent bridge or router between the servers andthe storage. Then follow steps similar to the ones just described.
HBA drivers
LUN masking performed on the HBA level places the responsibility for maskingthe undesirable LUNs on the HBA driver itself. Although the HBA can see all theL U Ns av a i l ab l e o n t h e SA N , y o u co n fi g u re t h e d ri v e r t o mask t h e L U Ns y o u dont want it to see. Once this has been done, the driver presents to the operat-ing system only the LUNs you want it to see.
Designing Your SAN for Availability

One issue with traditional parallel SCSI that can be solved by SANs is that of havinga single point of failure. Everyone knows that the failure of a single SCSI card, cable,
Access to Storage Resources|53
or terminator can render your parallel-based SCSI devices useless. With SANs, youcan use multiple paths to ensure that no single device can do this. However, manypeople design their SANs just as they design their parallel based SCSI systemsonepath to each
device. Consider the SAN depicted inFigure 3-3.In the figure, each server has only one path to each storage array and tape library.Each path has at least 11 single points of failure, as shown by the numbered arrows:
1.
The servers HBA

2.
The Fibre Channel conductor from the server to the first switch
3.
The incoming GBIC on the first switch

4.
The first switch

5.
The outgoing GBIC on the first switch

6.
The Fibre Channel conductor from the first switch to the second switch
7.
The second switch

8.
The incoming GBIC on the second switch

9.
The outgoing GBIC on the second switch

10.
The Fibre Channel conductor from the second switch to the storage array
11.
The controller on the storage array

Fi g u r e 3 -3 . S in g le p o in t s o f fa il u re in a s in g le fa b r ic This is the Title of the Book, eMatter EditionCopyright 2011 OReilly & Associates, Inc. All rights reserved.
1234568791011
Besides having 11 single points of failure, there are several pieces of equipment thatneed preventative maintenance at various times, such as firmware upgrades, driverupdates, and hardware replacement. The only way to do any of these things is totake down at least one systems storage. If the piece of equipment that needs maintenance is one of the switches, then several systems will be without storage during theupgrade.Yo u can cr eat e a S A N t h at h as n o s i n g l e p o i n t s o f f ai l u re an d c an b e ma i n t ai n ed without a service interruption by designing a SAN that looks more like the one inFigure 3-4. You can see that every server has two completely separate paths to eachstorage resource, as depicted by Path A and Path B for the server on the left side of the drawing. If any piece of equipment along Path A fails or needs preventative main-tenance, Path B will take over immediately until that piece of equipment is returnedto full functionality.
Multipathing
Once youve designed a SAN with multiple paths, you need some type of softwarethat understands you have multiple paths and knows how to use them. The reasonf o r t h i s i s t h at d eep i n s i d e ev ery S A N i s t h e SC SI p ro t o co l , an d SC S I wa s n ev er designed with multiple paths in mind. This means you need a piece of software to sitbetween the SAN and the operating system and present only one path to the operat-ing system at any one time. This is the job of multipathing software, and there are
Figure3-4.A multipath SAN
PathAPtB a h
Access to Storage Resources|55
dozens of such products now on the market. Here are a few examples in alphabeti-cal vendor order: Compaqs Secure Path EMCs Power Path Solaris 8 has native multipathing support Veritas Volume Manager has multipathing support Vicoms Storage Virtualization EngineMultipathing software actually performs two functions: automatic failover and loadbalancing. Automatic failover Perhaps the most important job for multipathing software is to automatically redis-tribute I/O to another channel in the case of fabric failure. This should be done insuch a way that the operating
system never realizes there was an interruption in ser-vice. This, of course, needs to be done within the limits of a SCSI timeout. Load balancing The second important job multipathing software performs is dynamic load balanc-ing. Many administrators perform this task manually using
static
load balancing.That is, they take an inventory of the various paths a particular server has to its SAN-a t t ach ed d i sk s an d t h en u se t h e d i ff eren t n a mes o f t h e d i sk s t o b al an c e t h e l o ad between the various paths. Dynamic load balancing, however, can be done only withmultipathing software, because such software sends a given stream of data down theleast-used path. This allows you to fully utilize all paths when the SAN is completelyfunctional. Then, of course, if a given path becomes nonfunctional, there is simplyone less path for the load balancing software to use. Preventing thrashing What happens when a given path goes up and down multiple times? Without sometype of antithrashing setup, multipathing software might just go a little crazy. Thereare a few different ways to keep the system from
thrashing in this manner. The first ist o co n fi g u re t h e so ft w a re t o r een ab l e a p r ev i o u sl y fai l ed l i n k o n l y a ft e r a ce rt ai n amount of time. If the link goes back down while the software is waiting to reenableit, the clock starts over again. Another common method is to set up the SAN in sucha way that a failed link must be reenabled by an administrator after she is convincedthat link is healthy again.
Persistent Binding
O n ce zo n es an d L U N ma sk i n g h av e b een set u p , each s erv e r sh o u l d see i t s s t o r - ageand only its storage. Once this has been done, one initial setup task remains.I t s al read y b een men t i o n ed t h at o n e o f t h e i s su e s wi t h SA N s i s t h at s erv e r s can sometimes change the SCSI address of a particular unit of SAN-based storage. Thisis particularly true if the configuration of the SAN changes between reboots. Again,this is caused by the assumptions the SCSI drivers make about targets they see.The upper levels of all device drivers used in a SAN environment are designed forSCSI. The SCSI I/O model assumes a small number of targets on a single bus and
asmall number of LUNs on each target. In order for SCSI addresses to remain perma-nent, they need to be bound to an address that doesnt change.As discussed inChapter 2, when a device logs into a fabric, its also assigned a sourceI D ( S_ I D) b y t h e fab ri c s wi t ch . Wh en a d ev i ce co n n ect s t o an ar b i t rat ed l o o p , i t selects an arbitrated loop physical address (AL_PA) during the initialization process.The S_ID and AL_PA are similar to IP addresses in a DHCP environment. They aredynamic, and so therefore shouldnt be used to generate SCSI addresses.The unchanging target address of a SAN-based storage device is the 64-bit WWN.Similar to the MAC address with Ethernet devices, the WWN is a permanent num-b e r a ss i g n ed t o each p o rt o n a st o rag e ar ray o r an HB A o n a s erv e r . Ho wev e r , a s mentioned previously, a SAN-connected RAID array may have hundreds of disksthat need to be individually addressed by servers. Therefore, the RAID controller cre-ates LUNs for each device. Each LUN has a corresponding WWN assigned, which isa subset of the master WWN assigned to the RAID controller. These LUNs are used b y t h e o p e rat i n g sy st e m as a SC S I ad d res s an d ma sk t h e u n d e rl y i n g u s e o f R AI D technology.Binding is the process of associating the operating systems controller, target, andLUN value to the WWN of
the LUN created on the RAID array controller. Bindingtakes place on the device driver level; the unique WWN value is
bound
to an operat-ing-system controller-target value. When this bind is persistent from boot to bootand across hardware changes and failures in the SAN, its called a
p er sist entb ind

. Toestablish a persistent bind, the driver must save this association in nonvolatile mem-ory or a configuration file.
Ongoing Maintenance
Once the SAN is installed, configured, and doing what you designed it to do, thingsget much better. Even so, theres still plenty of work to be
done. The rest of the workinvolves managing, monitoring, and maintaining the storage.
Ongoing Maintenance|57
Managing (Storage Resource Management)

Few SANs live on using their initial design. Even the one shown inFigure 34can beoutgrown with time. At some point, someone will want to change the SAN in order to:
Increase or decrease the number of servers

If a SAN is successful, it becomes popular. Everybody wants to put their storageon the SAN. This results in more HBAs, more ports, and more switches. Anothercommon occurrence in SANs is no different than parallel based SCSI: somebodygets the bright idea of consolidating servers. This, of course, changes the designof the SAN.
Increase or decrease the number of storage arrays

Whether youre adding more servers to the SAN or not, the need for additionalstorage capacity will inevitably drive you to purchase more
storage. Will you buyad d i t i o n al st o rag e a rr ay s o f t h e s i ze y o u a re u s i n g , o r wi l l y o u l o o k at l a rg e r , more centralized storage arrays? Even if you dont grow your storage dramati-c a l l y , wh at ab o u t cen t ral i z i n g al l y o u r st o r ag e i n t o o n e o r mo re l ar g e s t o rag e arrays anyway? What affect will these changes have on the number of ports andswitches required for your SAN?
Increase or decrease the number of switches, hubs, or routers

Th i s ch an g e, o f co u rse , i s d ri v en b y t h e p rev i o u s t wo ch an g e s. Wh et h er y o u increase or decrease the number of servers or storage arrays, it will change thenumber of ports that you need. Will you buy additional switches and use inter-switch links, or ISLs? As you gain experience with your SAN, you will probablyalso want to increase its level of availability. What about purchasing a directorclass switch? What does the SAN look like now that youve changed it?You will find yourself asking such questions as you spend more time with your SAN.The process of asking and answering these questions is now referred to as
storageresourcemanagement
(SRM), and there are a number of SRM products now on thema rk et . D u e t o t h e v o l at i l i t y o f t h i s ma rk et , I d o n t l i st t h e v en d o r s h e re , b u t an updated list of SRM products is available at
http://www.storagemountain.com
. How-ever, heres a list of features that are beginning to be typical with SRM products:
Automatic discovery
Instead of having to enter the hundreds of devices that reside on your SAN, theseproducts can automatically query what devices exist on your SAN. This is anincredible time saver!
Graphical and command line interfaces

Although being able to view the SAN graphically is one of the best features of SRM products, its also helpful to be able to administer things via the commandline. Many of the products allow you to use all their features via a command lineor graphical interface.
Status reporting
As will be mentioned in the next section, your SAN must be monitored. MostSRM products incorporate in-band monitoring into their
products, allowing youto monitor the status of the devices on your SAN as well as configure them.
SAN visualization
Once the SRM product has discovered all the devices on your SAN and checkedtheir status, it can show you a network map of all the devices, with each devicetype having an icon of a different color and shape. These drawings resemble thenetwork diagrams network administrators have grown used to in LAN-basedproducts.
Storage allocation
M an y o f t h e se p ro d u ct s can c reat e an d mo d i fy zo n e s an d c reat e an d mo d i fy LUN masking properties, allowing you to administer these attributes from a sin-gle source. Often they allow you to do this even on heterogeneous hardware.
Storage array configuration (virtualization)

Some products have worked with the various storage array vendors, and they areable to create RAID volumes of various levels on the storage arrays in the SANfrom a central point.Relatively speaking, the storage resource management industry is in its infancy. Asmentioned previously, there are a lot of vendors vying for this open market.
How-ever, SANs will have fully arrived only when these products are mature.
Monitoring
Including redundant paths and using multiple levels of RAID keeps a single compo-nent failure from causing you any severe grief, but if you dont monitor your SAN,youll never know the component failed and wont be able to replace it before thenext component fails.This attribute of ongoing maintenance has already been mentioned in the previousse ct i o n , an d t h e easi e st way t o mo n i t o r a S A N i s t o p u rch ase an d i n st al l an SR M product. What if you dont have the budget yet? The easiest answer is to build yourown out-of-band management system using SNMP.Almost all switches and storage arrays include an Ethernet port you can plug intoyour LAN or into a dedicated LAN for reporting purposes. You can then monitorthem passively or actively. A passive monitoring system waits for the switch or arrayto notify you of a failure via an SNMP trap. An active monitoring system involvescreating your own monitoring application that issues SNMP queries against yourswitches and
arrays.LAN administrators and enterprise management applications can come in handyh e re . Th ey are u s ed t o t h i s k i n d o f mo n i t o ri n g an d can a ssi st y o u i n en t e ri n g t h e SNMP world, especially if you arent that familiar with it.
You're Reading a Free Preview Pages 75 to 164 are not shown in this preview.
Configuring a Filer|149
Some implementations let you configure NIS cache behavior, if applicable.
passwd
and
group
NIS tables are used quite often for UID/GID-to-username matching andfi l e -acc es s au t h en t i ca t i o n . C ach i n g t h e mo s t acce ss ed k ey s i s t h e re fo re a way t o improve NFS/CIFS file-attribute operations response time. Microsoft Microsoft has supported the sharing of computer resources over the network for along time, starting with peer-to-peer networking, followed by the concept of a work-group, then domain, and finally, complete
directory services. Here are some of thei s su es y o u wi l l face wh en u s i n g M i c ro so ft s v a ri o u s au t h en t i cat i o n an d d i rect o ry schemes:
Workgroup mode
Small sites may not need the functionality of domains and ACLs and can config-ure CIFS for workgroup membership. Shares can be accessed using share pass-w o r d s a n d / o r u s e r a u t h e n t i c a t i o n , b u t A C L s c a n t b e s e t o n f i l e s . S o m e implementations allow only plaintext password authentication in workgroupmode. Implementations based on Samba can also be configured to use encryptedpasswords in workgroup mode using the
smbpasswd
file.
NT4 domain mode

Configuring NAS into an NT4 domain requires a working domain with at leastone live primary domain controller (PDC). If the NAS box and PDC arent onthe same subnet, the Windows Internet Naming Service (WINS) is needed tohelp the filer find the domain controller. Usually, the filer serves as a memberserver in the domain. Domain emulators such as Samba and HP-UX AdvancedServer/9000 might have different configuration
requirements. (One notable dif-ference is the ability of the filer itself to serve as a domain controller).
Windows 2000 Active Directory (AD)

While many vendors claim to have full compatibility with Windows 2000 andActive Directory (AD), some can serve only as NT4 member servers, and thus
Plaintext Passwords
Windo ws clients can send their passwords in either plaintext or encrypted format. With the introduction of Windows NT4 Service Pack 3, Microsoft changed the defaultbehavior of all its client operating systems to disable the use of plaintext passwords. If your CIFS implementation requires you to use plaintext passwords (usually requiredfor workgroup mode), you can merge Sambas PlainPassword registry files into yourPCs registry. PlainPassword files can be found in the Samba source tree, in the docs directory .
150|C h a p t e r 6 : M a n a g i n g N A S
AD cant be changed from mixed-mode to native-mode. AD offers many newfeatures that are beyond the scope of this chapter, but for first-time configura-tions, the most obvious change is the use of DNS as a service locator instead of WINS. This requires entering correct
DNS entries for the domain controllers andthe filer prior to the NAS installation. User mapping Filers configured to support multiprotocol users need some mechanism to translatebetween the different security architectures of CIFS and NFS. NFS inherited the Unixpermission scheme, with its UID/GID and permissions octets for owner, group, andworld. CIFS behaves much differently, with access control entries (ACE) granting ordenying specific permissions to specific users or groups, each described by a securityidentifier (SID). Thus a mechanism is needed to translate the Unix UID/GID to anappropriate CIFS SID and vice versa.The common method for achieving this involves using the only common field theusername. A mechanism that runs on the filer itself (for example, a daemon or script)can map between the different usernames and their underlying UID/GID and SIDs.An organization that has a consistent naming convention for usernames across allplatforms will enjoy a smoother and simpler operation.
Applications
The following section describes some applications your new NAS server would workwell with.
Home Directories
Home directory configurations depend on the number of users needed. You can havemultiple volumes and multiple exports and shares for users. Your aim is to give usersa simple way to access their home directories from everywhere in the network. NASfilers have a way of simplifying this for both NFS and CIFS.
NFS automounter
NFS automounter can be used to map an export path on the filer to somethingother than the actual mount path. For example, a directory on the filer called
nas:/home/curtis
can be mapped in automounter maps to
/u/curtis
or
/users/cur-tis
. Even if in the future the account called
curtis
is moved to directory called
nas: /home2/curtis2
, the change needs only to be done in the automounter map. Thechange is transparent and doesnt affect the users scripts or any other referenceto his home directory;
/u/curtis
is still accessible.
Data Migration|151
CIFS special sharing features

Some filers have special features for this need. The system can automatically for-ward your mapping to
\\server\username
to any parent directory that contains adirectory named
username
. When the user tries to map a drive to his home direc-tory, he is automatically routed to the correct place. An enhancement to this fea-t u re p ro v i d es t h e ab i l i t y t o co mb i n e i t w i t h u se r map p i n g , so t h at i t ro u t es correctly even if the username isnt the same between Unix and Windows.
Email
Some vendors supply configuration documents describing how to configure theirdevices so they can store data from specific applications, such as email. If you wishto do this, consider the following factors:
Average file size

Some email applications, such as Netscape Mail, keep each mail message in aseparate file. Some, such as
sendmail
, keep all of a single users messages in a sin-gle file. Still others, such as Microsoft Exchange, keep all mail in one databasefile. How your email application stores email affects the average file size. This, inturn, affects performance, filesystem configuration, and the backup strategy.
Heavy read environment

Most email applications create a lot of read activity because data is read mostlyfrom the server. Most filesystems record the access time (called, in Unix,
atime
)of files. Doing that in a heavy read system can be costly, as the update of accesstime requires a write. This can affect performance tuning efforts, because somefilesystems give you the option not to update access time.
Caching issues
A s d e scr i b ed p rev i o u sl y , t h e re are man y i mp l e men t at i o n s o f e mai l so ft wa re.C ach i n g o f mai l f i l e s, e sp eci al l y cl i en t - si d e cach i n g , mi g h t b e a g o o d p e r fo r -mance practiceor a data corruption disaster. Consult with your vendor whenconfiguring your NAS caching with email software.
Databases
Configuring NAS for a database requires delicate planning and a closer look at smalldetails. Care must be taken with the location of database files
and transaction logs,as well as the setup and testing of your backup and recovery system. You must alsoensure that your database vendor supports NAS-based datafiles.
Data Migration
Now that your filer is configured, youre ready to start copying data into it. If yourdata is currently stored elsewhere, you need to migrate it to the filer.
Migration from Distributed Local Storage to NAS
Consolidation of local disks distributed on different hosts and, optionally, on differ-ent platforms (and thus different filesystemsUFS, VxFS, JFS, and NTFS, to name af e w ) i s a c o m m o n g o a l f o r N A S i m p l e m e n t e r s . T h e r e a r e a n u m b e r o f w a y s t o migrate data to filers, and a few caveats to keep in mind while migrating the data,such as permissions and soft links. Migration methods and tools Here are some tools and techniques that can help with migrating from local storageto NAS:
Using a local tape

You can back up the data using a local tape drive and a backup application thati s av ai l ab l e o n b o t h t h e so u rce an d t h e fi l er . Th e b i g g e st p ro b l e m wi t h t h i s method is finding a common backup and recovery application.
Migration to remote tape device

Using the remote tape
(rmt)
facility Unix-based NAS vendors provide, you canactually use a remote tape for the migration. Since theres extra work that needsto be done to encode the data stream and send it to the remote host handling
rmt
, this process is usually slower than using a local tape device.
rmt
also doesntsupport Windows clients.
Copying data using the network

Since a large data set migration can cause network overload and interrupt regu-lar network traffic, you might prefer do the migration during offline hours or ona different network, assigned only for the migration.
Piped dump and restore

If you migrate data from Unix, you can eliminate the tape drive during datamigration by directing the output of
dump
to
restore
, as shown here:
rsh
source
"dump 0f - /vol/vol0" | rsh

destination
"restore rf -"
tartar
(for tape archive) is a common copying tool. Since the native
tar
utilitythat comes with modern Unix versions often doesnt handle soft links, useGNU
tar
(
gtar
) instead. GNU
tar
is also available for Windows platforms.A typical migration command line with
tar
is:
tar cf - . | ( cd /target; tar xf - )
cp and xcopy
Some of the easiest methods to use are Unixs
cp
or Windows
xcopy
. Sincethe NAS filer appears as a network drive, you can simply copy the data overto it. Remember to do this at an appropriate time.
Data Migration|153
When using the
cp command, make sure you issue the d option alongwith the r option. The d option tells cp not to follow symbolic linkswhen copying. The r option causes a recursive copy.
Migration issues When migrating data to NAS, you must make sure to preserve permissions and softlinks and take full advantage of the filers performance, (that is, as much as you canwithin the limits of your network).
Migrating permissions
Care must be taken when migrating permissions; not all tools can transfer thiskind of information (also called
metadata
, o r d at a t h at d esc ri b e s d at a) . M ak e sure the method you use to transfer the data preserves permissions, includingany access control lists.
Migrating soft links (symbolic links)
Soft links also arent trivial to migrate. CIFS doesnt translate symbolic links, soco p y i n g Un i x d at a t h at co n t ai n s sy mb o l i c l i n k s t o a C IF S v o l u me cau se s t h e symbolic links to be copied as regular text files. Some Unix tools follow sym-bolic links, and thus copy the target of the links instead of the links themselves.Some backup applications have options for following symbolic links or backingthem up as soft links. Soft links also raise another issue. What if a users homedirectory contains a soft link to a file that is now migrated to NAS? It might bethat the path to the new location is different than it was, and this soft link willbecome stale after the migration. In any case, you should verify that the migrateddata is accessible as expected, just like the source.
Performance
Since migration consists of copying data, it would probably help to migrate datai n p a ral l el an d u se i n c re men t al co p i e s. Pa ral l el i s m rai s es t h e t o t al mi g rat i o n throughput, and copying incrementally saves down time.
Migration Between Filers

In the current environment of acquisitions and reorganizations, redistribution of datab et ween d i r ect o ri es , v o l u me s an d p h y si cal d ev i ce s i s a co mmo n req u i reme n t fo r many companies. In addition to the tools mentioned earlier, there are additional,proprietary tools just for doing migration of data between filers:
*
NDMPcopy
NDMPcopy is an extension of the NDMP specification. NDMPcopy uses theN DM P p ro t o co l fo r t ran s fe r ri n g d at a b et ween t wo N DM P d at a s erv e rs . Th e
* This list of tools is far from comprehensive, and it isnt meant as an endorsement of Network Appliance orEMC.
servers can be on the same physical host as well as on separate hosts. The advan-tage of this approach is that the data flows between the two servers using a dedi-cated network connection. Apart from full copies, this also supports incrementalcopies up to level 2. The smallest unit of transfer
is a directory. NDMPcopy issupported on Network Appliance filers for local and interfiler copying and onAuspex filers (called TurboCopy), for internode copying only.Figure 6-1shows NDMPcopys data flow.
Network Appliance SnapMirror

SnapMirror is a mirroring technology that can also be used for data migrationbetween filers. Recent versions make it possible to migrate the NFS filehandlesthat are used on the source export to the target and thus maintain the transpar-e n cy o f t h e mi g r at i o n . R ecen t v e rsi o n s al so o ffe r b et t e r g ran u l ar i t y , al l o wi n g migration of toplevel directories in addition to volumes.
EMC Celerra data movers: unmount/mount volumes

Moving volumes between data movers that sit on the same Celerra box can bed o n e si mp l y b y u n mo u n t i n g t h e m o n o n e d at a mo v e r , t h en mo u n t i n g t h e mag a i n o n an o t h er . If p re -s et u p wa s d o n e so t h at ev er y v o l u me h as i t s o wn I P address, migration can occur transparently for the NFS user.
EMC Celerra TimeFinder/FS

TimeFinder, EMCs mirroring product, was extended for NAS usage with thename of TimeFinder/FS. TimeFinder/FS migrates complete volumes from oneS y mmet ri x st o rag e sy st e m t o an o t h e r . C el er ra
v o l u me s can b e mi r ro red t o a remote Symmetrix storage system; the mirror can then be split, and the secondvolume mounted and shared using the remote Celerra system.
Maintenance
This section describes some tasks and issues a filer administrator faces in the day-to-day management of a filer. They include the following:
Fi g u r e 6 -1 . N D M Pc o p y d a ta flo w
Primary network Sue orfilerNDMPcommand andcontrol hostDestinationfiler c Cmadgd history Cmadgd history o mdl afile nion a o mdl afile nion a Dedicated network d p s r u r t e m e o
Maintenance|155
System failures Performance monitoring and analysis Network and storage management Performance tuning User support
Hardware Failure
All hardware is prone to failure. Be prepared with a plan of action for each specificpart, whether its a disk, fan, power supply, CPU, or motherboard. Most vendorssupply field replaceable units (FRUs) for
parts that are likely to break in the field.Here are parts most prone to failure:
Disk
Whether your system is configured to use RAID 1, 1+0, 4, 5 or any other specialcombination, single-disk failures are usually repaired by regenerating the con-tent of the failed disk onto a hot spare disk. This can take a few hours, so makesure to include hot spares in your system and replace any failed disks within areasonable amount of time.
Power supply
Some systems have different power supplies for the filer head and the storageshelves. If redundant power cabling is in use, a power supply failure wont causethe whole system to go down.
Fan
There are many different kinds of fans in a filer: CPU fans, system head fans,s t o rag e sh el f fan s , an d ch a ssi s fan s . No t al l fan f ai l u res a re c ri t i cal , b u t so me might be. Check with your vendor as to how fan failures are handled by the sys-tem.
Memory
Whether its main (RAM), cache (also called L2 cache) or NV RAM, memoryco n s i st s o f me mo ry mo d u l e s , su ch as S IM M s o r
D IM M s t h at ar e s mal l i n t e -g rat ed ci rcu i t b o ard s w i t h m e mo ry ch i p s o n t h e m. In so me d e si g n s , me mo ry comes on proprietary boards.
Motherboard/chassis
These parts are mentioned together because few systems are designed to allowyou to replace one without the other. This can be critical, as replacing a chassismight take a long time. Also, in some designs, a chassis failure may cause a com-plete system malfunction.
CPU
If your system doesnt offer more than one CPU, a CPU failure results in a sys-tem failure. Care must be taken with CPU replacements and, in general, its best
to let an experienced hardware technician do this. If your system supports morethan one CPU, consult your vendor as to how to handle the failure of a singleCPU.
Cards
SCSI cards, Fibre Channel HBAs, and NICs all fall under this category. Somedesigns allow for card redundancy, such as using EtherChannel to avoid havinga single NIC failure take down a network
link, and using multiple channels fromadapters to storage systems to protect against a single link failure. Other cardscant be redundant by nature, e.g., parallel SCSI cards.
Hardware Upgrades
S o me sy st e ms al l o w y o u t o u p g rad e si n g l e co mp o n en t s, su ch a s d i sk d ri v e s an d CPUs, while others require you to upgrade the entire machine at once. Check withyour vendor about which parts are upgradeable and which arent. (Disk shelves forexample, can usually hold newer drives but only up to a certain size).
Onsite Spares
Some vendors sell you lower-priced parts to use as quick onsite spares. Some of themore common parts for this purpose are spare disks, which are usually kept insidethe system itself as hot spares. Companies with strict mean time to recovery (MTTR)requirements require complete spare systems onsite (which are sometimes also used a s p a rt o f a t e st en v i ro n men t a s wel l ) . Su ch sp a re sy s t e ms
sh o u l d b e t h o ro u g h l y tested so that they can be put into production quickly when required.
Software Failure
There are a few different reasons your software may fail. Here are the most common:
System bugs
NAS is designed and programmed by humans, which means its prone to bugs.A bug can cause unexpected results for operations, generic unexpected behav-iors (or under certain conditions or loads), and feature malfunction. Fixes mightbe supplied by software upgrades as well as
patches
, which are small pieces of software that need to be applied to the original software.
System panics
If the NAS operating system code encounters an illegal condition (e.g., a C func-tion for reading a disk block is called with an illegal disk block
number), it delib-erately causes itself to crash and reboot. In most systems this step also dumps allmemory contents into a file, often called a
core
file, which can then be sent to thevendors support center for further analysis.
You're Reading a Free Preview Pages 173 to 197 are not shown in this preview.
182|C h a p t e r 7 : N A S B a c k u p a n d R e c o v e r y
configure the new NDMP tape servers into your backup application software, andyou are ready to back up.New tape drives can be used in NDMP libraries irrespective of whether servers back-ing up to it have local tape device driver support. This occurs because NDMP back ups write to a trusted network end point that happens to be the NDMP tape server.However, to work correctly, the NDMP tape server needs to have local tape devicedriver support for all its devices. In fact servers with absolutely no tape device driversupport can use NDMP tape libraries.In general, the performance of these libraries is equivalent per data stream to thatobserved on Fibre Channel SANs. That is, backups are often limited by tape band-width, not network bandwidth. However, the CPU usage per MB transferred is cur-rently higher than equivalent SAN deployments.Th e fi n al i ssu e wi t h su ch l i b ra ri es i s t h e rea so n t h e y a re i n cl u d ed i n t h i s sect i o n . Since NDMP implementations vary in quality, you cant simply purchase
an NDMPagent and automatically assume that you can back up and recover to and from anyNDMP-capable device. Backup software vendors therefore certify whether or not aparticular NDMP implementation is supported or not. If an NDMP library soundslike it might fit your needs, make sure your backup software supports it. Filer to server support N o t ev ery o n e wan t s t o b ack u p t h ei r fi l er s v i a a fi l e r o r N DM P -co mp at i b l e t ap e library. Some would like to simplify matters by simply backing up all their filers totheir Unix or NT backup server. This would be known as a filer to server backup.Unfortunately, some backup software products dont support such backups. Direct access restore support If you have large filers, you may find this feature important. In order to understandwhat direct access restore is, you must first understand how NDMP restores workwithout it. Have you ever recovered a single file from a
tar
archive via the commandline? You do so with the following command:
$ tar xvf
device-name filename-to-be-recovered
What happens if the file is at the end of the
tar
archive?
tar
reads blindly through thearchive, looking for
filename-to-be-recovered
. What you see is a long pause, followedby the display of the filename. What happens if the file is at the beginning of the
tar
archive?
tar
again reads blindly through the archive, looking for the file. It displaysthe filename as soon as it finds it, but it continues looking through the archive until itreaches the end. You see the filename displayed, followed by a long pause. Only afterthe long pause is your command-line prompt returned. Although youve probablynever noticed, unless you hit Ctrl-C after you see the filename displayed, the recov-ery time is unaffected by the position of the file within the archive. Whether its at
What About LAN-Free, Client-Free, and Server-Free Backup?|183
the beginning or the end of the file,
tar
always reads through the entire archive look-ing for the pattern you selected.NDMP without direct access support works the same way. If you have a terabyte-sized volume, and you need one file from that volume, your backup software blindlyreads through the entire terabyte of data for every single restore. Direct access restoremitigates this problem by allowing the DMA to load only the tape the file is on andto move directly to the location of the file on that tape. The difference this makeswith large restores cant be overstated. If you have large backups and need to selec-tively recover individual files, you will definitely want a DMA that supports directaccess restore. However, keep in mind that additional backup information referredto as file history must be passed from the data server to the DMA to enable DAR.Enabling file history results in additional DMA processing and network traffic.
What About LAN-Free, Client-Free,and Server-Free Backup?
Earlier in this book, we discussed three kinds of backup that can be performed withSANS: L AN - f ree Client-free Server-freeWhether or not NAS systems can perform the above types of backups depends onwhether or not you look at the NAS system as storage or as additional clients of thebackup and recovery system.One way to think of NAS filers is to consider them no different than an enterprisearray sharing disk to its clients. Filers provide storage to their clients, and the onlydifference between a filer and a disk array is the protocol the filer uses to share itsstorage with its clients. Another way to think of NAS filers is to acknowledge thatthey are actually serversmerely specialized servers. They arent just disk arrays;they are clients of the backup and recovery system.LAN-free backup occurs when multiple backup clients share a tape library and arebacking up their data locally via Fibre Channel. If you think of the NAS systems asstorage, LAN-free backup doesnt really apply, because they are merely disk drives. If you think of them as backup system clients, however, LAN-free backups do apply, asdiscussed previously in this chapter and illustrated inFigure 7-10.Client-free backups occur when the data is viewed via another source and then trans-ferred to tape using that source, instead of sending the data through the backup cli-ent.
Therefore, client-free backup can occur with NAS only if you consider them asstorage. First, you create a snapshot, if its possible to do so. Then you back up that
data to tape without ever going through the client that is using the data. You do thisby creating an NFS or CIFS mount to the backup server and backing that up. This isthe equivalent of mounting a split mirror on a SAN.If you think of the NAS as clients of the backup and recovery system, then clientfreebackups are rare. In order for this to happen, the NAS vendor needs to allow you toaccess the disks behind their filer (often referred to as a
filerhead
). You then estab-lish and split an additional mirror of the disks behind the filer head, and mount thismirror to a backup server via the SAN. Usually the only NAS vendors to allow thisare those that started as SAN vendors and have put a NAS head in front of their stor-age array. Since the storage array can create additional mirrors, they can perform cli-ent-free backups. Also, by employing server-to-server mirroring of a targeted volume(or snapshot) as shown back inFigure 7-2, you can move the backup-to-tape burdenfrom the source filer and perform a LAN-free backup
on the destination filer, overallproviding the same benefits as client-free backups on a SAN.Server-free backups occur when the data moves directly from online storage (disk) tooffline storage (tape) without going through any servers CPU. In order for this tohappen with NAS, you can consider them only as storage. Then, when you are per-forming NDMP backups that move the data directly from their storage to tape without going through anyone elses CPU, its like theyr e p e r f o r m i n g s e r v e r - f r e e backups.However, if you consider a NAS filer as just another client of the backup and recov-ery system, server-free backups are even more rare than client-free backups. Again,the backup and recovery system needs access to their SAN attached disks and usesthe extended copy command to move data directly from their disks to tape withoutgoing through any CPU. As with client-free backups, usually the only NAS vendorsthat allow this are those that started as SAN vendors and have put a NAS head infront of their storage array. Since the storage array can use extended copy, it can per-form client-free backups.Therefore, LAN-free, client-free, and server-free backups of filers are all in the eye of the beholder.
Database Backup and Recovery

P r i o r t o t h e ad v en t o f N AS o r S AN , al l en t e rp ri s e - cl a ss d at ab a se s, an d ev en mo st workgroup-class databases were backed up the same way. The database vendor cre-ated a backup and recovery API (e.g., Oracles RMAN), and any backup and recov-ery software vendors that wanted to back up their database simply wrote to that API.When the backup and recovery software wanted to back up a database, it called the
Database Backup and Recovery|185
API, the database sent it one or more streams of data, and these streams were writ-ten to tape. This method is illustrated in the following eight steps are also shown inFigure 7-12
*
1.
Backup software (e.g., NetWorker, NetBackup) asks its backup agent to back upa database
2.
Backup softwares agent (e.g., NetWorker Module for Oracle, NetBackup forOracle) tells database backup API it needs to back up database.
3.
Database backup agent (e.g., Oracles RMAN) tells the database its going to bebacked up.
4.
Database (Oracle) requests data to be backed up from storage.

5.
Storage passes data to be backed up to database.

6.
Database passes data to be backed up to API.

7.
API passes data to be backed up to backup agent.

8.
Backup agent passes data to be backed up to backup software, which backs it upto tape or disk.The only problem with this method is that it uses a completely different data paththan most backup and recovery options discussed in this chapter. The data paths of the various options discussed in this chapter are shown inFigure 7-13.Unfortunately, almost all database backup APIs assume that the data will be passedthrough the database, which retrieves it from storage just as it does du ring normaloperations. As you can see fromFigure 7-13, t h e o n l y d at a p at h t h at i n v o l v e s t h e database server in any way is the NFS/CIFS option. This means that, in most cases,you will be forced to use NFS or CIFS as your backup method, because its the onlyway to pass the data through the database. This is true even if the filer uses a generalp u rp o se o p e rat i n g sy st e m an d st an d a rd p u sh - ag en t so ft wa re . A s y o u can see i n Figure 7-13, the path for push-agent software doesnt go through the database server,
* This section uses Legato NetWorker and Veritas NetBackup. There are dozens of other products that per-form similar backups of databases. NetWorker and NetBackup were chosen only because many people arefamiliar with them. This isnt an endorsement of these products.
Fi g u r e 7 -1 2 . S ta n d a rd d a ta b a s e b a c k up me t h o d
Netbackup ornetworker Backup server
1
Networker ornetbackup forOracle Database server R M A N O r a c l e
234
Filer
5678
NFS/CIFSmount
and the database server is where the database and database backup API softwareresides. Therefore, a filer based on a general -purpose operating system will be of nohelp in this situation.If you want to back up your filer via snapshots, native backup utilities, NDMP, oranything other than the NFS/CIFS method, you cant (in most cases) use standarddatabase backup API software. In some cases, such as Oracle, this means you need towrite your own script to shut down the database or put it in backup mode prior toperforming your NAS backup. In other cases, such as SQL Server, you cant performpoint-in-time recovery of your database if you dont use the database backup API. Ina few cases, such as Network Appliances backup agent for Exchange, you can usethe database backup API but will need to buy a customized backup solution fromyour NAS vendor.I dont want to seem like Im being hard on NAS. The issues discussed here are nod i f fer en t t h an t h o s e d i scu s sed i n Chapter 4with client- and server-free backups.Because backups that use NDMP, a filer-based push agent, or snapshots behave likethe client- and server-free backups discussed inChapter 4, your database must sup-port third-party backup in order for you to back up filer-based data files using thesemethods. And, if you want
to perform client- or server-free backups of these datafiles on your filers, youre probably going to need a custom solution, and theres agood chance youll need to write it yourself.
Benets Summary
Table 7-1summarizes the benefits of the various backup and recovery options forNAS filers.
Fi g u r e 7 -1 3 . N A S b a c k u p o p t io n d a t a p a t hs
Backupsoftware Backup serverNFS/CIFS backup FilerDatabase Database server Other filerTplrr aea b iy NDMP filer to serverN f i a g l a e e t n r i v t t e N o u D M f t i i P l l i t e r filer to self NFS/CIFS mount P i e u s s N h D M P
Benefits Summary|187
Ta b le 7 - 1 . N A S b a c k u p a nd re c o ve r y o p t io n s s u mma r y
Nativeu t i l i t i e s N F S / C I F S ClientsoftwareNDMP:filerto self NDMP:filerto filerNDMP:filerTo NDMPlibraryNDMP:filertobackupserverI m p a c t o n l e serving

M u M e m e d i u d L m i o M e d i u w u m C m H r i e g a h t M e e s d i mediuml o a d o n t w o filers
Load onbackup server

V l l l e o o o r w w w y H V M i e e g r d h y i M l u m e o d w i u V m e V r y e r y
Speed of restore
No directaccessQuick; nodifferentthan astandardrestore,except forNFS/CIFSloadon LAN andfilerQuick; nodifferentthan astandardrestoreQuick(withDAR)Q u i c k ( w i t h DAR)Quick(withDAR)Quick(withDAR)
Cost
Timerequired tocreatescriptsNoadditionalcostAdditionalinstance of clientversion of backupsoftwareMustpurchaseNDMPagentMustpurchaseNDMPagentMustpurchaseNDMPagentandlibraryMustpurchaseNDMPagent
Availability
M o s t f i l e r s A n y f i l e andDMAmustsupportNDMPFiler andDMAmustsupportNDMPFiler andDMAmustsupportNDMPFiler andDMAmustsupportNDMP r F i l e r m u s t use fulloperatingsystemFiler
Portability of backups
Portable toany clientthat canread nativeutilityPortable toany client of backup andrecoverysystemPortable toany clientof backupandrecoverysystemL i m i t e d L i m i m i t e d t e d L i m i t e d L i
Can usedatabasebackup APIs

N o y o Y e s N R a r e l (somecustomsolutionsavailable)Rarely(somecustomsolutionsavailable)Rarely(somecustomsolutionsavailable)Rarely(somecustomsolutionsavailable)

Broadcast Zones

Caricato da

Informazioni sul documento

Descrizione originale:

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Broadcast Zones

Caricato da

Copyright:

Formati disponibili

Broadcast zones A broadcast zone behaves similarly to a VLAN that is created using a protocol suchas the AppleTalk VLAN

Storage-centric If youve got one storage cabinet attached to many

Storage-centric If youve got one storage cabinet attached to many

Storage-centric If youve got one storage cabinet attached to many

Intelligent bridges and routers

Storage-centric If youve got one storage cabinet attached to many

Designing Your SAN for Availability

Access to Storage Resources|53

Storage-centric If youve got one storage cabinet attached to many

The servers HBA

The incoming GBIC on the first switch

The first switch

The outgoing GBIC on the first switch

The second switch

The incoming GBIC on the second switch

The outgoing GBIC on the second switch

Storage-centric If youve got one storage cabinet attached to many

The controller on the storage array

Storage-centric If youve got one storage cabinet attached to many

Access to Storage Resources|55

Storage-centric If youve got one storage cabinet attached to many

Storage-centric If youve got one storage cabinet attached to many

Storage-centric If youve got one storage cabinet attached to many

Storage-centric If youve got one storage cabinet attached to many

p er sist entb ind

Storage-centric If youve got one storage cabinet attached to many

Managing (Storage Resource Management)

Increase or decrease the number of servers

Increase or decrease the number of storage arrays

Storage-centric If youve got one storage cabinet attached to many

Increase or decrease the number of switches, hubs, or routers

Storage-centric If youve got one storage cabinet attached to many

Graphical and command line interfaces

Storage-centric If youve got one storage cabinet attached to many

Storage array configuration (virtualization)

Storage-centric If youve got one storage cabinet attached to many

Storage-centric If youve got one storage cabinet attached to many

Some implementations let you configure NIS cache behavior, if applicable.

Storage-centric If youve got one storage cabinet attached to many

NT4 domain mode

Storage-centric If youve got one storage cabinet attached to many

Windows 2000 Active Directory (AD)

Storage-centric If youve got one storage cabinet attached to many

Storage-centric If youve got one storage cabinet attached to many

Storage-centric If youve got one storage cabinet attached to many

CIFS special sharing features

Storage-centric If youve got one storage cabinet attached to many

Average file size

Storage-centric If youve got one storage cabinet attached to many

Heavy read environment

Storage-centric If youve got one storage cabinet attached to many

Migration from Distributed Local Storage to NAS

Storage-centric If youve got one storage cabinet attached to many

Using a local tape

Migration to remote tape device

Storage-centric If youve got one storage cabinet attached to many

Copying data using the network

Piped dump and restore

"dump 0f - /vol/vol0" | rsh

Storage-centric If youve got one storage cabinet attached to many

Storage-centric If youve got one storage cabinet attached to many

Migrating soft links (symbolic links)

Storage-centric If youve got one storage cabinet attached to many