Server virtualization: The case for iSCSI

Posted on July 01, 2007


By Dave Simpson

In the context of server virtualization and storage, end users and vendors agree: Separate the storage from the server. Maximizing the benefits of server virtualization (such as resource consolidation) requires shared storage, which means SANs.

According to International Data Corp., about 80% of virtual servers are connected to SANs. And, today, virtually all of them are Fibre Channel SANs. However, iSCSI-based IP SANs may have inherent advantages in the context of server virtualization environments.

According to Matt Baker, product manager, storage marketing, at Dell, the benefits of iSCSI in a virtual server environment fall into three categories:

  • Reducing the complexity and costs associated with shared storage;
  • Facilitating virtual machine (VM) mobility, which is one of the key value propositions of server virtualization; and
  • Improving data protection, such as backups and disaster recovery.

“In many cases, iSCSI provides a superior fabric for server virtualization compared to Fibre Channel, not just a cheaper one,” says Baker.

Praveen Asthana, Dell’s marketing director, takes it one step further: “Server virtualization is a ‘killer app’ for iSCSI.”

Reduced complexity

iSCSI’s ability to reduce the complexity and costs associated with SANs is not an advantage that’s specific to virtual server environments. But reduced complexity is particularly important in virtual server environments because it feeds into the value proposition of consolidation and simplified management. In addition, many small and medium-sized companies embarking on server virtualization do not have Fibre Channel expertise, nor do they have installed Fibre Channel SANs.

In addition to reduced complexity, iSCSI lowers the entry costs for shared storage in virtualized environments because it’s based on Ethernet, and companies can leverage less-expensive (compared to Fibre Channel) equipment and existing skills.

VM mobility

With a shared-storage SAN on the back-end of a virtual server environment, if one server goes down, the guest operating system (OS) and applications will transfer to another physical server automatically, usually without any disruption noticeable to users. This mobility of virtual machines and their applications is a key benefit of server virtualization, and SANs are required for mobility.

VM mobility also provides the ability to move workloads around to dynamically level out (load-balance) resources, providing applications with more horsepower on-demand.

With direct-attached storage (DAS), in contrast, if a VM fails or becomes overloaded, administrators have to manually migrate virtual machines and applications. SANs facilitate mobility, and iSCSI may provide some mobility advantages compared to Fibre Channel that are, again, related to complexity.

“Fibre Channel is a very physically oriented protocol,” explains Dell’s Baker. “WWNs are like MAC addresses: They’re burned into the hardware [e.g., host bus adapters]. There is no logical equivalent of WWNs that you can give to a virtual machine, which means you have to create relationships upon relationships between storage and virtual platforms, and then you have to again allocate storage from the hypervisor up to the VMs.”

As such, using Fibre Channel in a virtual server environment increases the number of “touch points” (manual configuration steps) required to manage your storage, and transferring from a virtual environment to a physical machine over Fibre Channel can require extensive migration planning and reconfiguration, according to Baker.

Also, to facilitate VM mobility, fabric zoning and masking must be opened up, so that each virtual server has access to storage. To the guest operating systems, the provisioned storage looks as if it is directly connected, but the guest OS does not have a direct relationship to the storage.

Initiatives such as N_Port ID Virtualization (NPIV), which allows multiple Fibre Channel initiators to share a single physical port with multiple WWNs, may help simplify the configuration and management of Fibre Channel SANs in virtualized environments. However, NPIV can add fabric complexity and cost.

In contrast, Baker argues, iSCSI is very logically (as opposed to physically) oriented (see figure, p. 19). It runs on top of Ethernet, IP, and TCP, which gives users the ability to abstract away from the hardware and deal with the storage configuration in a more logical way. For example, users can create a logical one-to-one relationship among VMs, applications, and storage; this is in contrast to the multiple “touch points” that you have to deal with in the case of Fibre Channel. And iSCSI initiators are “agnostic” to lower-level (physical) layers, allowing a direct relationship between a guest operation system’s software initiator and the storage resources. As such, provisioning storage through the VM hypervisor layer (e.g., via ESX) is no longer necessary.

“The IQN [iSCSI Qualified Name, or identifier] is tied directly to the VM, which simplifies things by reducing the complexity of the relationship among a VM, its applications, and storage,” says Baker. “iSCSI makes it easier to configure the virtual environment.”

Dell refers to the ability to access storage directly from a VM without interference from the underlying VM as “Storage Direct” (see figure, above).

Baker rounds out the case for iSCSI with comments on potential benefits of data protection:

  • With iSCSI, you can perform direct backups to tape or disk from a guest OS (virtual machine). With Fibre Channel, in contrast, backups have to be managed and arbitrated in the VM hypervisor (e.g., via ESX in the case of VMware).
  • With iSCSI, backups (and other storage management applications) are directly managed in the guest OS, with direct access to storage and full application functionality. With Fibre Channel, backups are managed by the guest OS and hypervisor, which arbitrate access to storage and control the relationship with the external disk array. This approach can also limit the functionality of the applications. In an iSCSI implementation, integration with VSS/VDS can be ported over directly from existing backup methodologies. This is not possible with the indirect relationship required with Fibre Channel, according to Baker. “Utilization of existing backup scripts and methodologies is money in the bank for IT administrators,” he says. “Moreover, you can achieve much finer grained backup capabilities.”
  • With iSCSI, images and applications developed on guest operating systems can be migrated to a non-virtualized (physical) server seamlessly. Migrating from virtual to physical machines via Fibre Channel can require significant reconfiguration by administrators and comes with the risk that administrator errors will cause application-level problems. The same holds true with physical-to-virtual and virtual-to-virtual migrations.

Nevertheless, Fibre Channel still has two advantages: It’s more mature and, in almost all cases (or at least until 10Gbps iSCSI takes off), Fibre Channel provides better performance. However, in the majority of virtual server applications, iSCSI SANs may provide sufficient performance.

Chris Poelker, vice president of enterprise solutions at FalconStor Software, cites many of the same benefits of iSCSI in virtual server environments as does Dell’s Baker, most notably in the areas of lower cost, simplicity, disaster recovery, and direct storage connections to virtual machines. But Poelker adds that “performance is actually another place where iSCSI can shine,” citing not only the advent of 10Gbps Ethernet, but also InfiniBand.

“In larger organizations we see a migration toward leveraging iSCSI as a protocol over InfiniBand, which runs at 20Gbps, to provide RDMA access to disk,” says Poelker.

“So in a virtualized, large-scale grid environment using a single InfiniBand connection, you can run Fibre Channel, Ethernet, and iSCSI RDMA, which allows you to transfer to disk at 20Gbps. Although iSCSI was originally pushed to the back burner for performance reasons, it’s now being used for higher-performance applications,” adds Poelker.

