Here’s a quick rundown of the advantages of file-level virtualization, and some tips on how to choose the best solution for your requirements.
Even though NAS virtualization is still in the early adopter phase, it provides the same benefits of SAN virtualization, and more. This article focuses on some of the reasons why IT organizations should consider implementing a virtualization engine for their file shares.
It used to be that NAS virtualization was the forte of start-ups such as Acopia, BlueArc, NeoPath, and others. However, the big players in the industry, namely EMC and Network Appliance, have scooped up smaller players to add virtualization features to their own NAS systems.
A common myth is that NAS virtualization is a cure-all for all the problems in typical file serving environments. It is not. On the contrary, it may exacerbate some issues by introducing a layer of abstraction between where your files actually reside and the medium through which they are extracted. The virtues of virtualization are of little consequence when the pager goes off because someone has lost data. Then the issue is not how the consolidation helped, but how it will help recover.
I am not taking a contrarian view, but am simply cautioning against the pitfalls of adopting NAS virtualization for the wrong reasons. Most NAS access is done using network file protocols such as NFS and CIFS. These protocols, among other things, serve an important function by providing a layer of abstraction between where the data physically resides and the medium through which it is accessed: the network. In doing so, you have already provided an abstraction medium. Virtualization adds yet-another layer of abstraction.
Consolidating NAS Islands
Every large IT organization suffers from the presence of NAS islands, with too many physical resources that are often dissimilar and from different vendors. Although consolidation does not necessarily involve management or provisioning consolidation, it does offer an opportunity to provide seamless data access under a single namespace. End users benefit from not having to map multiple shares from different resources, because they are masked behind a single presentation layer-the virtualization appliance. No longer do IT administrators have to worry about mapping or mounting a long list of network drives from different filers.
This is a key benefit for users, but data consolidation does not automatically solve all the problems in such environments. Just because you put a layer of abstraction between where the data resides and how it is accessed, it does not mean that the underlying management problems for those environments have disappeared. You still have to monitor and manage NAS resources as islands, even if you have a centralized monitoring and management infrastructure.
NAS vendors are beginning to realize this limitation with their appliances, and vendors such as NuView (which was acquired by Brocade) provide monitoring and management tools for NAS resources.
Data Mobility And Tiered Storage
The key benefit of virtualization appliances is data mobility. Presenting multiple shares from multiple NAS resources presents a challenge when any one of the resources gets maxed out or needs to be replaced. Migrating data from one filer to another can pose several challenges, chief among them being the human element. If you make a mistake while migrating, however small it may be, it can have a ripple effect on the entire migration effort. With virtualization appliances it is possible to seamlessly move data between physically separate resources without user downtime or reconfiguration (e.g., the need to unmount and remount drive letters for every user in the environment).
A side benefit of data mobility is the ability to create storage pools and tiers in your NAS environment and to use data classification policies to migrate data from one tier to another. Policies can be based on access date, file type, and archive attributes. It is similar to having a content-addressed storage (CAS) solution for your NAS environment.
Data mobility can also be viewed as the ability to replicate data to or from a remote location. Although all NAS vendors provide their own replication mechanisms, these mechanisms often work between individual arrays; hence, if you have multiple arrays in your environment, you have to set up replication streams for each set of physical resources. This increases the complexity and overhead required to maintain two copies of data. In a virtualized environment, regardless of the number of physical resources, all replication occurs within the appliance.
As such, in a sense the two copies of data are maintained using a single console. This is a huge advantage in large environments where maintaining a replicated environment could be a legal requirement.
NAS islands today suffer from the “weakest-link” phenomenon; that is, the least secure resource in the environment can be a gateway to a security nightmare in the environment. In a virtualized NAS environment, a single security policy can be applied to the entire environment, because all access is controlled via the virtualization appliance.
This is not to say that backdoors don’t exist or individual physical resources cannot be broken into: This largely depends on how the appliance is introduced in the environment and also depends on your diligence in addressing all the security issues.
Global namespace is a term that’s often associated with NAS virtualization. A global namespace essentially provides a single unified view of NAS resources. In user terms, it’s the creation of a virtual but unified directory structure where all resources are under a single parent directory, eliminating the need to have separate mount points for individual resources.
In technical terms, most vendors tout the use of a “virtual file system” that forms the foundation of the entire virtualized NAS environment. It is the virtual file system that allows objects from physically disparate resources to be merged and appear as one to clients or users.
Multi-Protocol NAS Virtualization
One aspect of NAS virtualization that is fairly new is the ability to abstract iSCSI resources, as well as NAS resources. Many NAS vendors offer iSCSI with their NAS appliances, with the iSCSI LUNs residing on the file system as special files. For example, a 100GB iSCSI LUN resides on the file system in the form of a 100GB file with special attributes. Imagine a situation where the virtualization appliance simply treats this LUN as a special file and presents it via its own network ports as an iSCSI LUN. At that point all of the features of virtualization (e.g., data mobility, migration, and security) can be “mapped” in the same fashion as file virtualization.
Ashish Nadkarni is principal consultant with GlassHouse Technologies (www.glasshouse.com).
Evaluating NAS Virtualization
Here are a few tips to help evaluate NAS virtualization solutions:
Does your NAS appliance vendor offer virtualization?
Most major NAS vendors have some form of virtualization available in their product portfolio. While they may or may not be comparable to the stand-alone virtualization appliances, there are benefits to having a virtualization solution from the same vendor as your NAS filers, especially when it comes to integration, support, and manageability.
What Features Do You Need The Most?
Your purchase should be based on evaluation of features that matter most to you, not the frills that you may never need. After all, the virtualization appliance is going to be in the center of your environment, so if the appliance fails your entire NAS environment is down. “Un-virtualizing” is painful, and you do not want to do it often. So if your goal is to consolidate multi-vendor, multi-platform NAS islands into a single unified space, your evaluation should be based on the vendor’s interoperability matrix and not, say, a single vendor solution.
Another important consideration is scalability. How many physical resources, total amount of data, and number of files can the appliance support? Keep in mind that file-sharing environments tend to serve lots of small files-sometimes millions. Find out if the appliances you are evaluating have limits.
What About Backup And Recovery?
Integrating the virtualization solution with your existing backup environment is critical. The virtualization appliance may have its own data-protection features; however, you don’t want to create a whole new backup environment just to support those features. Integration with your existing backup environment is particularly important if your NAS shares are used to store data that needs to be protected for legal and compliance reasons.
The other critical question to consider is how to recover from a failure of the appliance. For example, how is the appliance metadata and virtual file system backed up?
If you have a single authentication infrastructure across your environment, whether it is LDAP or Active Directory, you need to ensure the virtualization appliance not only supports, but fits in with, this authentication mechanism. You’ll need to be able to migrate to your virtualized NAS environment with user profiles and permissions intact.
Encryption may be another requirement. If security is paramount, check to see if the virtualization appliance supports encryption of data at the source and in flight, and verify that the appliance addresses your security requirements.
When implemented for the right reasons, NAS virtualization will prove to be a valuable asset in your environment.