Determine your vSphere storage needs – Part 3: Availability, Security and Connectivity
This is the last part about the mini series: Determine your vSphere storage needs.
In this part, we’re going to cover 3 subjects:
- Availability
- Security
- Connectivity
Although important, these aren’t the parts where you have many options.
Availability
When we talk availability in storage solution, where actually talking about high availability. Most (enterprise) storage solutions are in basis high available. Almost all components are redundant. Meaning that in case of a component failure, a second component takes over instantly. So this type of availability we don’t have to design. The part we may have to determine is when you storage solution is part of a Disaster Recovery (DR) solution. In this case we first have to determine the RPO and RTO for our environment. This is something you have to ask you business. How long may your storage (including all data) be unavailable (RTO), and when it’s unavailable, how many data may be lost in terms of second, minutes, hours of day’s (RPO)?
Let’s assume that our storage is located in 2 datacenters.
When you have a RPO of 0, you know you must have a storage solution that supports synchronous replication. Meaning, that if you write in one datacenter, this write is instantly done on the second datacenter. The writer (VMware vSphere) get’s a acknowledge back, when both storage solutions can confirm that write is finished.
This option is the most expensive option. This connection between the 2 datacenters has to be low latency and high capacity (depending on your change rate).
In most case synchronic replication also provides a low RTO. If and how the data becomes available in case of a DR depends on your storage solution. Active-Active you probably won’t have to do much. In case of a DR, data is instantly available. In case of active-passive, you have to pull the trikker to make the data available on the passive side. This can be done manually (through a management interface), or automatically by a script or VMware SRM.
When you have a RPO greater than 0, you have to option to go for asynchronous replication. In this case the write on the second datacenter can be acknowledge later than the first one. You also can replicate data once a hour, day, week, etc. The choice is yours.
If and how that becomes available in case of a DR, is the same as in the active-passive option in the pervious section (RPO=0).
Security
Most of the time, securing your storage solution is determine how you can access storage solution management interface and which servers can access your data. Most of the time, the storage network is a dedicated, non-routed network which cannot be accessed from external.
Normally, I advice a storage management server where the management software runs. If you make sure that this server is only accessible from your management workstations, your storage management is secure enough for most implementations.
To secure which servers can access your storage, depends on the protocol you’re using. To sum it up:
- FC -> Based on WWN
- iSCSI -> Based on IQN
- NFS -> Based on IP address.
The choice of your protocol also determines the way you can secure your storage. Talk to your storage vendor about best practices how to secure your storage network.
Connectivity
And that brings us to the last part, connectivity.
As noted in the security part, with VMware vSphere we have 3 connectivity options:
- Fiber Channel (FC)
- iSCSI
- NFS
So, what’s the best protocol? As always in IT, the answer to this question is: It depends.
It depends on your storage solution. Every storage solution is created with some principles. This makes this storage solution unique. These principles determine the best storage protocol for the storage solution. Of course, almost every storage solution supports 2 or more protocols, but only one performance best. You probably know that FC is the fasted protocol, in theory. But what if you storage solution implemented NFS the most efficient? You probably going to choose NFS.
So ask your vendor. Especially if you made them responsible for the performance part, as discussed in part 1 of this series.
This ends this series of to determine your storage needs. Although you can design and determine a lot more, these series will give you a head start.
About Michael
Michael Wilmsen is a experienced VMware Architect with more than 20 years in the IT industry. Main focus is VMware vSphere, Horizon View and Hyper Converged with a deep interest into performance and architecture.
Michael is VCDX 210 certified, has been rewarded with the vExpert title from 2011, Nutanix Tech Champion and a Nutanix Platform Professional.