What should be in your storage design?

Storage plays a very important role in any infrastructure which is based on virtualisation, either desktop or server virtualization. Performance, cost, capacity, security and availability are very important aspects for selection of storage and design of it.

This posting will give some tips  on what kind of information should or could be in the design document which describes the storage layer. The information is based on a Dell EqualLogic storage array but could be used for any storage solution used for server and/or desktop virtualization.

Architecture and limitations
Storage has configuration limits. Know these. When using just Dell EqualLogic PS4xxx series nodes, a group cannot have more than two members. Know the limits when ordering and designing the storage or ask the vendor.
iSCSI storage arrays are often limited in the number of iSCSI connections. When creating lots of volumes with many hosts and paths connecting to the volumes you can easily run out of available connections. Read this article for more information.
Make sure the latest firmware is installed for the maximum number of available connections and functionality.

Capacity
When brand and type of storage to be purchased are decided, also the total disk capacity needs to be decided. Think about the following when doing the calculations:
-do an inventory of the current disk usage if a replacement is done. This can be done by hand or tooling like VMware Capacity Planner, Novell PlateSpin Recon or other inventory tool
-think about the increase in data consumption. Most organization will not delete data, so each year more capacity is needed. 
-think about thin provisioning. For VMware thin provisioning does not have an effect on performance but does reduce space a lot and thus costs.
-think about the nett capacity. 30 TB of raw data will result in much less useable (nett) capacity. First of all because of the RAID configuration. When network RAID is used (HP P4000 Lefthand) even less nett capacity is available. When snapshots at the storage layer are done this will reduce the nett storage available for virtual machines. Also when replication is performed less effective storage will be available. Think about backup to disk space consumption.  

 Performance
Almost all performance issues in a server virtualization or desktop virtualization infrastructure are related to storage. VDI has a lot of demand on storage. Before ordering the storage solution, make sure enough IOPS are available. Do you calculations properly to prevent issues during the implementation phase.
Think about a mix of high and medium performance disks. Lots of storage solutions are able to automatically load balance blocks of data over differerent types of disks (auto tiering).

Availability
Application data can be protected at several ways. By the application itself by having a replica. Active Directory and Exchange Server 2010 Database Availability Groups are examples. Determine if DAG’s are protected as well by for instance snapshots at storage layer and backup to disk, replication etc. Have a clear DR/BC plan so that data is not protected twice resulting in higher storage costs. Speak with mail, database admins about the protection of data.

Be sure to understand the business needs for availabilty of applications. Know the RTO and RPO and design the proper solution for it. This can be VMware HA, clustering, Veeam SureBackup, network raid, a-synchronous replication etc.

Security
Security of the data is often forgotten. Data can be protected in several ways. Roughly there is data at rest (DAR) and data in flight (DIF). DAR data is data located on the harddisks. This can be protected using encryption for high sensitive data. if phyiscal access to the storage array is restricted and monitored most of the times there is no need for tight security.
Data in Flight is data which is copied from one location to another. This can be data going to another datacenter for replication reasons for example. Consider using a VPN and IPsec to protect data.

Always try to have a separate, physical network for iSCSI storage such that performance and security are not at risk like when a shared network is used. Also make sure the management interfaces of the storage and switches are in a VLAN or other logical LAN which has restricted access to administrators only. You do not want someone unauthorized having access to the management interface from a regular workstation and using network sniffers to steal the admin passwords.

Consider using authentication for access of iSCSI initiators (hosts, virtual machines) to iSCSI targets (volumes). Challenge Handshake Authentication Protocol (CHAP) is often used and sufficient for most situations.

Using authorization allowed actions on volumes can be defined, like no access/read only or read/write access. This is very commonly used. For example you want to allow hosts for production to access certain volumes while hosts for test/dev do not have access to these volumes. The IP-address of the iSCSI initiator, Fibre Channel WWN  or the iSCSI Qualified Name (IQN) is often used for authorization.

Configuration
– ip configuration: for iSCSI storage make an overview in your design document listing the IP-addresses of iSCSI interfaces, Group IP interfaces, management interfaces etc. Also describe configuration of iSCSI switches like jumbo frames and flow control.
-naming convention: describe the naming convention for nodes, groups, and volumes. Make sure the volume name at the storage layer is the same as the datastore name of VMFS volumes. This makes management much easier. Components used in a naming convention are:

  • type of environment (production, test)
  • array identification
  • unique sequence number
  • volume replication states
  • type of disk used in volume or service level (gold/silver,SAS/SATA)
  • volume type (VMFS, RDM, iSCSI guest)

-RAID configuration: describe in your design which RAID configuration is selected and why.

virtual machine placement: describe which server role will be placed on which volume/type of hard disk. Domain controller mostly do not need fast SAS drives.  

-type of volume: virtual disks cannot be larger than 2 TB. If more data needs to be stored there are several options, like presenting the disk using iSCSI in the guest operating system. Make sure you know the storage needs and how to protect this. None VMDK files cannot be protected with tools like Veeam Backup & Replication.

Management
Describe in your design how management of the storage array is done. Using a webbrower, dedicated physical server etc. Describe the tooling which is used to make snapshots which are application consistent. For Dell EqualLogic Host Integration Tools virtual appliance is used for instance.

Advertisements

About Marcel van den Berg
I am a technical consultant with a strong focus on server virtualization, desktop virtualization, cloud computing and business continuity/disaster recovery.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: