Managing the Storage InfrastructureManaging the Storage Infrastructure

Section 4 : Storage Security and Management

Storage Infrastructure Management

o Managing storage infrastructure is a key to ensure continuity of business

o Establishing management processes and implementing appropriate tools is essential to meeting service levels proactively

o Management activities include availability, capacity, performance, and security management

o Monitoring is the most important aspects that forms the basis for storage management

o Continuous monitoring enables availability and scalability by taking proactive measures

Lesson: Monitoring the Storage Infrastructure

Upon completion of this lesson, you will be able to:

o Discuss the major storage infrastructure components that should be monitored

o Describe what is to be monitored for the various storage infrastructure components

o Discuss alerting of events

Monitoring Storage Infrastructure

Accessibility

Capacity

Performance

Security

Network

HBA

Port

HBA

Cluster

Kee

p A

live

Client

Port

Storage Arrays

Hosts/Servers with Applications

SANIP

Parameters Monitored – Accessibility

o Accessibility refers to the availability of a component to perform a desired operation

o Why monitor accessibility of different components?o Failure of any hardware/software component can lead to outage of a

number of different componentso Example: HBA (Host Bus Adapter) failure could cause degraded access to a

number of devices in multi-path environment or loss of data access in single path environment

o Monitoring accessibility involveso Checking availability status of the hardware or software components

through predefined alerts

Parameters Monitored – Capacity

o Capacity refers to the amount of storage infrastructure resources available

o Why monitor capacity?o Capacity monitoring prevents outages before they can occur

o Inadequate capacity may lead to degraded performance or affect application/service availability

o More preventive and predictive in natureo Report indicates 90% of all the ports have been utilized in SAN, a new switch

must be added if more arrays/servers are to be added

Parameters Monitored – Performance

o Performance monitoring evaluates how efficiently different components are performing

o Why monitor Performance metrics?o Want all data center components to work efficiently/optimallyo Helps to identify performance bottleneckso Measures and analyzes the ability to perform at a certain predefined level

o Exampleso Number of I/Os to diskso Application response timeo Network utilization o Server CPU utilization

Parameters Monitored – Security

o Monitoring security helps to track and prevent unauthorized access

o Why monitor security?o Need to be protected for confidentiality (Confidentiality prevents sensitive

information from reaching the wrong people, while making sure that the right people can in fact get it), integrity (Integrity involves maintaining the consistency, accuracy, and trustworthiness of data over its entire life cycle. Data must not be changed in transit) and availability(Availability is best ensured by rigorously maintaining all hardware, performing hardware repairs immediately when needed).

o To meet regulatory compliance

o Exampleso Tracking and reporting changes made to zoning configurationso Physical security through badge readers, scanners and cameras

Monitoring Environmental parameters– Temperature, humidity, airflow, hazards (water, smoke, etc.)– Voltage – power supply

Monitoring Hostso Accessibility

o Hardware components: HBA, NIC, graphic card, internal disko Status of various processes/applications

o Capacityo File system utilizationo Database: Table space/log space utilizationo User quota

o Performanceo CPU and memory utilizationo Transaction response times

o Securityo Login and authorization o Physical security (Data center access) Host

HBA

HBA

o What is SAN?

A SAN (Storage Area Network) is a network designed to transfer data from servers to targets, and it is alternative to a directly attached target architecture, where the storage is connected to the servers on general purpose networks.

Monitoring the SANo Accessibility

o Device statuso Processor cards, fans, power supplies

o Capacityo ISL (inter-switch link) and port utilization

o Performanceo Connectivity ports

o Link failures, loss of signal, link utilizationo Connectivity devices

o Port statistics

o Securityo Administrative tasks and physical security

o Authorized access, strict passwords SAN

Monitoring Storage Arrayso Accessibility

o All Hardware componentso Array Operating Environment

o RAID processeso Environmental sensorso Replication processes

o Capacityo Configured/un-configured capacityo Allocated/unallocated storage

o Performanceo FE (front-end) and BE (back-end) utilization/throughputo I/O profile, response time, cache metrics

o Securityo Physical and administrative security

Storage Array

HBA

HBA

HBA

HBA

Accessibility Monitoring Example: Array Port Failure

HBA

HBA

SW2

SW1

H3

H2

H1

Hosts/Servers with Applications

Port

Storage Arrays

Port

Degraded

Degraded

Degraded

HBA

HBA

Accessibility Monitoring Example: HBA Failure

SW2

SW1

H3

Degraded

H2

H1

Hosts/Servers with Applications

HBA

HBA

HBA

HBA

Port

Storage Arrays

Port

Accessibility Monitoring Example: Switch Failure

Storage ArraysSW2

Hosts/Servers with Applications

SW1

Port

PortAll Hosts

Degraded

Capacity Monitoring Example: Storage Array

SW1

New Server

Can the Array provide the required storage to the new server?

Hosts/Servers with Applications

SW2

HBA

HBA

Capacity Monitoring Example: File System Space

File SystemFile System

Warning: FS is 66% Full

Critical: FS is 80% Full

Extend FS

No Monitoring FS Monitoring

Performance Monitoring Example: Array Port Utilization

Storage Arrays

SW2

Hosts/Servers with Applications

SW1

H3

H2

H1

New Server

H4

HBA

HBA

HBA

HBA

HBA

HBA

HBA

HBA

100%

Po

rt U

til. %

H1 + H2 + H3

In data storage, an array is a method for storing information on multiple devices

Performance Monitoring Example: Servers CPU Utilization

Critical: CPU Usage above 90% for the last 90 minutes

Security Monitoring Example: Storage Array

Storage Array

SW2

Workgroup 1 (WG1)

SW1

Workgroup 2 (WG2) WG2

Warning: Attempted replication of WG2 devices by WG1 user – Access denied

Replication Command

WG1

Alerting of Events

o Alerting is an integral part of monitoring

o Monitoring tools enables administrators to assign different severity levels for different events

o Level of alerts based on severityo Information alert: Provide useful information and may not require

administrator interventiono Creation of zone

o Warning alerts: Require administrative attentiono File systems becoming full/Soft media errors

o Fatal alert: Require immediate administrative attentiono Power failures/Disk failures/Memory failures/Switch failures

Lesson Summary

Key concepts covered in this module are:

o Storage infrastructure components that should be monitored

o Parameters of monitoring:o Accessibilityo Capacityo Performanceo Security

o Monitoring examples

Additional Task

Research on key requirements of a data center

Storage Management Activities

o All the management tasks in a storage infrastructure can be broadly categorized into:o Availability managemento Capacity managemento Performance managemento Security managemento Reporting

Availability Managemento Establishing a proper guideline for all configurations to ensure

availability based on service levels.

o Example: When a server is deployed to support a critical business function, the highest availability standard is required. This involved deploying the following components:o Two or more HBAso Multipathing softwareo Server clusteringo Two independent fibre channel switches (Fibre Channel, or FC, is a high-

speed network technology (commonly running at 2-, 4-, 8- and 16-gigabit per second rates) used to connect computer data storage)

o RAID protectiono Backupo Local and remove replication

Capacity Managemento Ensure adequate availability of resources for all services based

on their service level requirements

o Capacity management provides:o Capacity analysis – compare allocated storage to forecasted storage on a

regular basiso Trend analysis – actual utilization of allocated storage and rate of

consumption

o Example 1: Storage provisioningo Device configurationo Zoning configuration on SAN and HBA components (Zoning is a procedure

that takes place on the SAN fabric and ensures devices can only communicate with those that they need to.)

o Example 2: Estimating future needs of resourceso Gather and analyze related information to come up with estimates

Performance Managemento Ensures the optimal operational efficiencies of all components

o Performance analysis is performed on existing storage infrastructure componentso Provides information whether a component is meeting expected

performance levels

o When a new application or server is to be deployed, every components involved must be validated for adequate performance capabilities as defined by the service levels.o Server: volume configuration, database design, application layout on

multiple HBAs, multipathing softwareo SAN: designing sufficient ISLs (Inter Switch Link) in a multi-switch fabric

with adequate bandwidtho Storage arrays: selecting appropriate RAID type zoning, front-end and

back-end ports

Security Management

o Prevents unauthorized access and configuration of storage infrastructure components

o Example: When deploying a new application or servero Managing user accounts and access policieso Zoning configuration in the SAN

Reporting

o Keeping track and gathering information from various components / processes

o This information is compiled to generate reports for:o Trend analysis and capacity planning – current and historic information

about utilization of storage, file system, database tablespace, portso Configuration or asset management – device allocation, local and remote

replicas, fabric configuration, list of equipment with details such as their value, purchase date, lease status and maintenance record

o Chargeback – allocation and utilization of storage infrastructure components by various departments / user groups.

o Performance – performance of various storage infrastructure components

Storage Infrastructure Management Challenges

o Large number and variety of storage arrays, networks, servers, databases and applications

o Variety of storage devices varying in capacity, performance and protection methodologies

o Deployment of both SAN and IP networks for storage devices

o Servers with different operating systems: UNIX, LINUX, Windows, mainframe

o Interoperability issues between devices from multiple vendors

o Multiple vendor-specific tools to monitor devices from different vendors