Adding Intelligence to SANs

Adding Intelligence to SANs

"Intelligent" SANs help solve storage-related problems in the enterprise.

By Aloke Guha

Over the past year, storage area network (SAN) technology has made significant headway. While the primary impetus behind SAN technology has been increased connectivity and bandwidth from servers to storage devices, new options in the form of adding intelligence to SANs to solve enterprise-wide storage management problems are becoming possible. This article introduces the notion of "intelligent" SANs, specifically what forms of intelligence can be embedded in SANs and how this technology may solve storage-related problems in the enterprise.

The Basics

As the computing model shifted from dedicated to distributed (especially with the adoption of the client/server model), users started demanding access to shared storage and data. As they did, access to the storage behind the servers increased, as did the volume of storage. Traditional approaches (e.g., server-attached storage via SCSI buses), which severely limit connectivity and bandwidth through the connection paths between servers and storage devices, could not keep pace.

Following a lesson from the internetworking world, a distinct storage networking infrastructure has been developed that provides connectivity between storage devices and applications. In essence, SANs are analogous to internetworking, transporting storage instead of data on a typical data LAN.

In addition to addressing connectivity, access, and bandwidth issues, SANs have some interesting implications. Because the nodes of the SAN are not peer devices but rather storage users or clients, resources can be aggregated across the network. Therefore, SANs can be used to build scalable storage repositories. Also, not unlike a shared server in the internetworking domain, SANs can be used to enhance storage sharing and management.

Despite the similarities between storage networking and internetworking, there are some fundamental differences, specifically in terms of reliability, data transfer rates, and efficiency in moving large data files.

- Reliability. Storage networks are typically designed to transfer enterprise or mission-critical data. One simple application is backing up data over the network. Unlike most internetworking applications, backup operations have realtime deadlines. SANs must reliably deliver data. In contrast, data networks based on TCP/IP retransmit data when the network becomes congested or when the network media fails; they cannot provide hard deadline guarantees.

- Data transfer rates. SANs frequently transfer large blocks of data. Therefore, to be effective, SANs must efficiently move large volumes of data as the capacity of storage devices increases. This implies not only a high bandwidth link, but also efficient data link level protocols. Clearly, SAN data transfer rates have to keep pace with storage density because storage applications have to be completed within a constant time window. SANs also need to provide low access latency to storage and data just as traditional data networks do.

SAN versus NAS

Although network-attached storage (NAS) refers to storage rather than to the network to which storage is attached, NAS networks are typically different from SANs. NAS usually refers to storage that is directly attached to the data network, typically a LAN rather than a SAN. The data network is usually based on internetworking protocols such as TCP and IP and is frequently built on Ethernet. Therefore, NAS devices are usually specialized file servers that are connected to the data network--unlike storage devices connected to the SAN.

NAS is therefore limited to the connectivity and access density of the server. NAS devices are usually central resources that typically serve storage in the form of files; SAN storage is usually distributed across the SAN. Because NAS represents a shared resource on a LAN, the NAS network is characterized by the properties of the data network in terms of its reliability, bandwidth, and efficiency in moving data of moderate granularity.

SAN Protocols

IBM introduced the first storage network--ESCON--in 1991. A fiber-based point-to-point or switched network connecting tape or disks to MVS hosts, ESCON is usually implemented with a switch or director. The typical ESCON link is limited to 117Mbps. The storage channel commands carried on the ESCON physical link are IBM`s channel control words (CCWs).

The de facto SAN standard is based on the ANSI Fibre Channel protocol. An open standard, Fibre Channel has an 800Mbps bandwidth. Fibre Channel also offers multiple topologies. Unlike ESCON, which carries only CCW commands, Fibre Channel uses a number of I/O commands, including SCSI, HIPPI, and IPI (see table).

Fibre Channel is not the only gigabit networking protocol. Gigabit Ethernet and ATM, among others, are established standards of data networks, while HIPPI was developed in the supercomputing arena. To determine which protocol to use, consider (see table):

- Frame size

- Burst size

- Flow control methods

- Mechanisms for guaranteed delivery

Fibre Channel is more efficient for moving large blocks of data with higher frame and burst sizes. Further, protocols like Fibre Channel, which do not use collision-based CSMA/CD media access, guarantee more reliable data access. And lastly, by not relying on transport protocols such as TCP, the realtime guarantee of data delivery is improved.

Enterprise Computing Needs and SANs

How do SANs tie into enterprise systems? Enterprise-scale information systems are typically scalable and heterogeneous. Owners of today`s enterprise systems are concerned about consolidating resources in the enterprise and centralizing the management of all resources--that is, the control of processing, networking, storage, and applications are brought together in one enterprise management system.

- Scalability. SANs must be able to support large volumes of storage and provide large pipes for transferring large volumes of data between servers and storage clients and between servers and clients. Clearly, SANs, with their ability to aggregate storage devices across the network and their ability to provide multiple data paths, are scalable.

- Heterogeneity. Enterprises typically use multiple types of servers. However, storage consolidation, like server consolidation, is gaining popularity, driven by the desire to simplify the management of distributed storage. Accelerating the trend toward storage consolidation is the multitude of different storage attachments, different media management, and different platforms required to capture storage behind each platform.

- Resource consolidation and centralized management. The concurrent use of legacy systems, open systems, and NT and UNIX hosts exacerbates the problem of consolidating resources at the enterprise. When data is consolidated, storage management can be centralized, which allows enterprises to exploit the economies of shared storage. Centralized storage promotes better and more cost-effective administrative management.

Beyond Bandwidth and Connectivity

SANs provide value beyond bandwidth and connectivity, including:

- Shared access to storage repositories from heterogeneous platforms. SANs can provide data and storage routing between servers and storage repositories. Depending on performance requirements, SANs can be based on arbitrated loop or switched topologies.

- Centralized management. In a distributed environment, where servers and storage devices are dispersed throughout the enterprise, the cost of managing storage can account for more than half of an enterprise`s storage budget. Centralized storage within a SAN architecture reduces these costs.

- Virtual storage. Virtual storage facilitates management, in terms of efficiency, management, performance, and cost. Since a SAN can be used to isolate physical storage devices from the presentations offered to clients, it offers the potential for creating scalable virtual storage systems.

- Enabled data sharing. With large data stores, the ability to share data becomes increasingly important, as does security--possibly, in the form of fine-grained access control to storage devices or storage partitions (or objects, in general). This trend is analogous to that of routers in the internetworking world. Data access security functions are being embedded in routers.

Embedding Intelligence

The needs of the enterprise, or "intelligence," can be implemented in functions located in processing, storage, or networking resources--or even in the applications that use or control these resources.

Server-Embedded Intelligence

When intelligence is embedded in the server, storage is accessed through the server--this is the NAS model. In this situation, storage is captive to the server. While access density is limited by the bandwidth of the available data paths from the storage clients to the server, a central access point means that storage can be managed whether the server is providing block I/O services or file systems services such as NFS or CIFS. Also, retrofitting is unnecessary, except when hosting the storage management functions on the server.

The emergence of the NAS model as thin servers that provide storage or file services is already familiar to those in the IS business and does not require a paradigm shift in the storage service model. However, because data movement from the server is usually through the operating system, the latency overhead for accessing storage is higher in this situation than it is when storage is accessed directly via a network. Fortunately, I2O and the recently proposed VI architecture should address some of these dependencies.

Thus, the NAS model that embodies server-embedded intelligence facilitates sharing of storage, albeit limited by the data bandwidth and the access density of the server.

Storage-Embedded Intelligence

What about embedding the intelligence in the storage device itself? Over the past two years, the Network Attached Storage Devices (NASD) consortium (StorageTek, IBM, HP, Quantum, Seagate and Carnegie-Mellon University) have been researching this topic. In this approach, the processing power of individual storage devices is augmented to include some simple storage-content management capabilities. Examples of such management functions are those that are usually performed by the server such as selectively encrypting storage on the storage device and directly serving storage in the form of files.

While such devices would off-load server responsibilities, there are some drawbacks. Besides the concern for retrofitted specialized storage devices, data movement from the storage device, disk, or tape is limited by the bandwidth of the I/O link from the server (or even the direct-attached client) to the device. In many cases, bandwidth is further limited by the bandwidth of the cache between the storage client and the physical device. Depending on how clients are connected, the host OS may be relied on to execute the data movement between the storage client and the device.

Network Intelligence

In this model, intelligence is embedded in the network, resulting in a specialized storage network device. Through the network, any server can share any storage device attached to the network. A storage device has multiple paths available from clients, especially when a switched SAN is used. So, device sharing is facilitated. Because more data paths are available, data movement is inherently more scalable.

In this case, intelligence is embedded in the data path such as in the port cards of the network hub or switch. For example, a controller embedded in the network device could initiate data movement between different devices to enable server-less third-party backup or replication as shown by the data lines in figure 1.

Intelligent SANs

If the intelligence is embedded in the SAN, the SAN device can provide more storage management functions. The motive is to reduce the cost of managing network-wide storage management functions in the enterprise.

Resource Sharing

Consider, for instance, the issue of device sharing. As mentioned earlier, if storage is consolidated using SAN, a number of storage devices may be available to all servers connected to the network. If this is the case, storage devices can be partitioned on a per-need basis. Instead of each server managing a required piece of storage, the server is absolved of this responsibility; the built-in controller in the SAN allocates disk partitions and tape volumes without dedicating disk or tapes to each server. Because of the provision for multiple data paths (and possibly, control paths), multiple servers can simultaneously access common storage. The "intelligent SAN" then enables or provides the centralized management platform without limiting data path bandwidth.

The primary difference between an intelligent SAN and a server with an attached SAN is the relative thickness of the controller functions. We expect very thin controllers to be embedded in intelligent SANs.

Figure 2 shows how a RAID array or an automated tape library can be partitioned using SAN-embedded controllers or storage managers for two servers on a per-need basis. The advantage: An intelligent SAN acts as an insulator between the physical devices and the logically dedicated devices presented to the servers.

SANs can also be used for "virtual" storage or as informational devices to the servers (see figure 3). By using the same partitioning or aggregating functions, the servers are presented with logical or virtual devices of different types or capacities across the SAN. In the figure, the servers see the blue storage devices although the yellow physical devices have different capacities or characteristics. This is an extrapolation of the virtual storage manager (VSM) concept. In VSM, a tape library with a very large number of virtual cartridges is presented to the host through emulation using a front-end disk subsystem and a back-end tape library; intelligence is embedded in the control path between the host and the physical library.

The advantages of SAN-based virtualization are the same as those of dedicated server-based virtualization, including improved use of storage resources, better access performance, and more appropriate device presentations as needed by the application. These features facilitate overall storage management.

Secure Access

Following the example being set by routers in the internetworking domain, intelligent SANs can provide secure access on a path from a specified server to a specified physical or logical storage device. Specific aspects of such secure access may include encrypting the data path and managing the access policy through the controller embedded in the SAN. The significance of embedding such secure access features will become more important as the level of data sharing increases in the SAN.

Click here to enlarge image

Figure 1. Embedding intelligence in the SAN enables third-party backup or replication.

Click here to enlarge image

Figure 2. A RAID array or an automated tape library can be partitioned using SAN_embedded controllers or storage managers for two servers on a per-need basis.

Click here to enlarge image

Click here to enlarge image

Figure 3. SANs can be used for virtual storage or as informational devices to the servers.

Click here to enlarge image

Aloke Guha is vice president, corporate architechture, at Storage Technology Corp. in Louisville, CO.

This article was originally published on August 01, 1998