The term ?IP Storage? has become associated with block-level storage networking protocols used for building IP-based Storage Area Networks (IP or iSCSI SANs) and for interconnecting existing Fibre Channel SANs over IP (via iFCP and FCIP). This restricted definition of IP Storage ignores the file-level IP storage networking protocols, such as NFS and CIFS, used in Network Attached Storage (NAS) solutions. As such, it falls short of capturing the true potential of IP Storage.
A new generation ?Converged IP Storage? gateway products, currently provided by storage networking companies such as Reldata and Network Appliance, are now delivering NAS and SAN capacity-on-demand to servers and workstations across an existing enterprise IP/Ethernet infrastructure. These products use in-built storage virtualisation to consolidate existing heterogeneous storage resources and extend Fibre-Channel SANs to the many LAN islands typically existing in larger organisations. Such a flexible Converged IP Storage infrastructure offers enterprises the optimal centralised storage management platform, capable of dramatically reducing the costs of storage equipment and administration, optimising storage capacity expenditures, and capitalising on existing storage investments. In addition, the technology helps to meet the exacting new demands being placed on storage administrators by increased regulatory compliance.
NAS Heads - Escaping the Island Mentality
NAS was initially viewed as a simple solution to the growing challenge of the online file storage. NAS offers what is perhaps the simplest form of networked IP Storage, with stand-alone devices providing an easy-to-install shared storage at a fraction of cost of a file server running on multipurpose hardware. At its most basic level, stand-alone NAS provides a more cost-effective, more centralised online file storage for small businesses and workgroups. It delivers a more advanced alternative to desktop file storage, facilitating online file sharing and simplifying systems administration and backups.
For larger organisations, however, stand-alone NAS devices are far from ideal, since they create inefficient and disparate islands of storage. At this level, the adoption of standalone NAS devices at the departmental and sub-departmental level leads to disjointed file storage, making implementation of a coherent, enterprise-wide storage policy virtually impossible. Efficient disk utilisation and reliable backup become complex and costly. Files are typically duplicated across multiple devices, which not only increases the required disk space, but also complicates the backup process even further.
With increasingly tight regulation in many industries demanding greater accountability for data storage and backup, this has resulted in a growing demand for centralised NAS within the data centre. Since many large organisations have already invested heavily in a centralised Fibre Channel SAN, it seems logical for them to use the available storage for centralised NAS. These organisations are becoming the early stage adopters of a ?vertical? NAS/SAN consolidation by connecting (IP) NAS heads to their existing FC SAN switches and providing centralised file-level storage.
Horizontal IP SAN/NAS Storage Consolidation
These new consolidated storage networks offer larger organisations a far more efficient, reliable, and easily managed file storage solution. Disk utilisation is more efficient on two separate levels: first, there is only one single image of each file (aside from backup and data replication); second, with a single storage pool, capacity can be rationalised across the enterprise resulting in a better overall disk utilisation. With all data centralised in a single storage pool, regulatory compliance is easier to achieve, backup and replication are simplified, and there are substantial cost savings through lower administrative overhead.
While there are compelling advantages to this type of vertical consolidated system, using NAS heads to consolidate all enterprise Ethernet/IP storage onto a Fibre Channel SAN is neither the most cost efficient, nor the most versatile and useful form of consolidated NAS/SAN architecture. Since NAS-only heads do not provide IP/Ethernet access to the existing block storage on the FC SAN, new or additional LAN-based servers and workstations that require access to block-level storage must be equipped with expensive FC HBAs and connected to the Fibre Channel network. Because of the distance limitations of Fibre Channel, iFCP bridging or FCIP tunnelling technology may have to be deployed to close gaps via Ethernet. All this requires additional hardware, software or both, which must be installed and maintained on both the host and target side by storage networking engineers with expertise in Fibre Channel and other relatively obscure technologies.
In contrast, by realizing ?horizontal? NAS/SAN consolidation by providing NAS and iSCSI SAN capacity within a single IP Storage network using NAS and iSCSI heads or gateways, FC SAN storage capacity can be made available on file- and block-level to all machines on the Ethernet network, avoiding the need for extensive, costly and yet still limited Fibre Channel network.
The ability to provide both block- and file-level storage over Ethernet also facilitates creation of diskless workstations and servers, with machines booting over the IP network (see: Riding on a Single Disk, SNS Magazine, September 2004). As network speeds continue to increase and 10GbE is rolled out, this is the next logical step in storage consolidation for both cost and data security reasons.
Why then, are so many enterprises placing their storage bets with pure FC SAN - their most complex, costly and isolated storage platform?
In many cases the true answer lies in the scale of prior investments in FC SAN. IT decision makers are fearful of appearing to ?drop? or sideline this technology, and feel that by adding IP-based NAS on top of existing FC SANs, they are further justifying the initial high cost of the SAN. However, with the efficiencies of Converged IP Storage, FC investment can be protected and further recapitalised-on, at the same time as providing the organisation with a new freedom to make cost effective choices for future storage investment.
iSCSI ? More than a plain vanilla IP SAN
Given the amount of coverage, SNS readers will be more than familiar with iSCSI, and would probably agree that the technology is typically sold as a low-cost IP SAN solution rather than an enabling or consoldiation technology. iSCSI based SANs are typically around one tenth of the cost of a comparable FC architecture. They do not require as much expert training for administrators, and increasingly they can match the performance of lower-end FC devices. However, the more astute commentators are now drawing a distinction between ?plain vanilla? IP SAN products and iSCSI as part of a broader consolidated IP SAN/NAS Storage solution.
All iSCSI products extend the benefits of storage area networking to the enterprise Ethernet network. By choosing the right products, iSCSI can not only provide a lower cost IP SAN solution, but can also facilitate broader utilisation and more cost effective backup of existing FC SANs. iSCSI gateways, heads or intelligent bridges can be used to provide an Ethernet front-end to an existing FC SAN. iSCSI can also be used in place of iFCP to bridge access to remote FC SANs.
This broader access to the existing FC SAN via IP adds to the benefits of prior investments in the FC infrastructure. It makes the data stored on the existing FC SAN available to more machines, and conversely, ensures that more machines benefit from the greater security and simplified administration by using a centralised storage pool. This bears massive hardware and administrative savings, particularly for linking workgroup offices and disparate servers into the main storage pool. It also opens the possibility (in terms of cost) of connecting second-tier servers and workstations to the main SAN.
While many iSCSI equipment vendors are now selling their technology as complementary to the existing FC installations, not all of them practice what they preach. Most IP SAN equipment vendors are lagging in what they offer to the customer, and attempt to create additional revenue out of selling add-on interfaces for connecting to FC SANs. Leading IP SAN equipment companies have realised that such connectivity is an essential part of a complete IP Storage solution. For example, Reldata includes a dual-port 2Gb FC HBA (QLA 2342L by QLogic) as a standard feature in their flagship product, the Reldata IP Storage Gateway 9200.
Sending block-level data across the Ethernet presents a new security challenge. The existing encryption hardware typically deployed on both sides of a WAN link has been designed to encrypt VPN traffic, and is unlikely to perform well at the block level. In fact, the iSCSI standard requires that compliant products incorporate IPsec, thus facilitating a completely secure block level storage network. Therefore organisations considering the use of iSCSI to link FC SANs across an Ethernet gap should ensure their products conform to the IPsec standard. Without this, the additional dedicated encryption hardware may push up cost on a par with iFCP and FCIP technology.
Although iSCSI is a vital element of a consolidated IP SAN/NAS network, it remains only one piece of the puzzle. If organisations are looking to implement separate NAS, IP SAN and even FC SAN, it may be possible to consolidate all these systems via IP at the front-end and connect this storage over the Ethernet to virtually any host or backup system. At the back-end, however, the organisation is still left with the costs and complexities of managing at least two (NAS head and the FC SAN), but more commonly three or more separate subsystems.
Converging IP SAN and NAS Storage
To capture the full benefits of consolidated IP SAN/NAS Storage, organisations must go beyond merely providing consolidated block and file storage services available over a single IP network. It is also necessary to allocate NAS and IP SAN volumes on the same converged storage virtualisation and management system or server, which consolidates all block- and file-level storage into a single underlying storage pool. This way, organisations can enjoy lower infrastructure and administration costs. And with a single converged system storing all data in one place, there are also considerable savings stemming from centralised management and administration, simplified backups, mirroring and remote replication.
By converging block- and file-level IP storage onto the same system and taking advantage of a multi-level virtualisation, storage and redundant disk space can be rationalised significantly. This further reduces the amount of overall wasted capacity in comparison to IP SAN and NAS storage consolidation using separated storage network controllers. With the proper virtualisation policies in place, the administrator?s job is also simplified: individual LUNs can be allowed to grow organically across multiple shared disks and arrays, with the administrators only having to ensure that the overall aggregated storage capacity is sufficient.
Interestingly, the most common approach to creating a converged IP NAS/SAN service running on a single platform involves upgrading a NAS head or server and building an iSCSI layer on top of the internal file system and virtualisation used to serve up NFS and/or CIFS. While this so-called ?iSCSI Spigot? approach offers the benefits of a converged platform described above, overall performance is impaired by the presence of a completely unnecessary internal file system layer. This also leads to unfair favouring of one file-level service over block-level storage, where typically the expectation is the opposite.
All NFS and CIFS file storage is ultimately stored as block storage on the disk. With the Spigot approach, iSCSI data is first converted from block to file and then back to block storage. This makes such devices relatively slow as compared to native iSCSI storage. For the same reason, these devices cannot be used to provide a high-performing iSCSI front-end for an exiting FC SAN.
For any Converged IP Storage device to be practical in a larger centralised installation, they also need to be clustered. This is rarely the case with iSCSI Spigot type devices, and even where it is, having enterprise block storage running through a clustered file system is far from optimal.
Gateway to the Future
The full functional and financial benefits of consolidated IP SAN/NAS Storage can only be achieved through an integrated virtualisation gateway approach. Such Converged IP Storage Gateways represent a true managed storage convergence point. On the one side they offer an IP ?gateway? to flexible, vendor-independent storage resource consolidation and scalable IP SAN/NAS capacity-on-demand provisioning. And on the other side, they provide a ?gateway? to secure converged file and block data replication over IP from existing, and even very heterogeneous storage pools and FC SANs.
Converged IP Storage Gateways, such as the RELDATA IP Storage Gateway 9200, allow the connection of any back-end storage media including SCSI, FC and ATA/SATA arrays, as well as tape media. These are then virtualised into a single storage pool allowing the arbitrary creation of mixed iSCSI targets, CIFS clients and NFS mounting points across all attached storage. All existing storage investments can be consolidated and administered from a single point of control, cutting costs and simplifying backup. New investments in storage arrays can then be made freely on the basis of unimpeded marginal cost/benefit analysis rather vendor or system tie-in.
In contrast to the iSCSI Spigot approach, gateway-based storage virtualisation offers iSCSI targets and initiators as well as CIFS/NFS based file systems running natively with the logical volume manager. This not only allows the devices to run faster, but also means that new and existing Fibre Channel storage can be attached to the gateways and ?served up? to hosts over Ethernet as either iSCSI-block or as a NAS storage.
Converged IP Storage Gateways consolidate various storage virtualisation levels on one storage network appliance, enabling greater functionality and resilience. Typically they integrate a file system, logical volume management, various virtualisation services and various software RAID levels, removing the need for disk array-based virtualisation and allowing the use of less expensive disk arrays without in-build RAID controllers. Additionally they support synchronous and asynchronous data replication, both block- and file-level, accelerated with incremental snapshot technologies and secured with IPsec encryption. An additional NDMP interface also enables a server-free disk-to-tape backup.
Finally, by physically separating the storage management and virtualisation from the subsystems, this simplifies the clustering of gateways, providing better performance and even greater resilience. This allows for failover and multi-pathing of gateways and eliminates any single point of failure.
Consolidated IP SAN/NAS Storage has to include IP-based SAN and NAS capacity provisioning and support for extending existing FC SANs. Individual NAS and iSCSI gateways each offer only part of the picture. Even when these technologies are used in conjunction, Converged IP Storage gateways offer many additional benefits. Any organisation considering a purchase of NAS heads, IP SAN or iFCP technology should look at the minimal additional cost of a Converged IP Storage gateway, against the significant additional benefits of this more logical, holistic approach.
iSCSI is highly complementary to FC SAN, but this is not true for all iSCSI products. Many IP SAN products do not fully support the necessary IPsec security standard and require expensive upgrades to connect with FC SANs. iSCSI spigot based products can be particularly awkward to integrate with FC SAN.
Open storage consolidation should also incorporate consolidation of heterogeneous back-end storage resources in a single virtualised storage pool besides FC SAN extension capabilities. This simplifies administration and backup, reduces redundant disk space, protects and recapitalises on existing investments, and frees future storage purchasing decisions from the confines of vendor and system tie-in.
RELDATA Inc. is a leading provider of TCP/IP network-centric, unified SAN/NAS storage gateway appliances. Its products enable cost-effective set-up of converged block-level IP SAN and file-level IP NAS capacity-on-demand as well as data replication solutions for storage consolidation, remote backup and disaster recovery requirements. The Linux-based storage virtualization and management gateway supports consolidation of arbitrary disk arrays and tape libraries, and can be used as a flexible IP SAN/NAS extension of established FC SANs. RELDATA is represented in the European market by RELDATA Europe GmbH, with its products sold indirectly through distributors and resellers. RELDATA Europe is a member of the European Storage Networking Industry Association (SNIA).