2 PCTY2010 TSM 6.2 Family Update

8/3/2019 2 PCTY2010 TSM 6.2 Family Update

1/39

IBM Software

TSM 6.2 Family UpdateJim Smith Tivoli Storage Manager Architect

2010 IBM Corporation

Optimizing the Worlds Infrastructure26 May 2010 Stockholm


2/39

1

Disclaimer This presentation describes potential future enhancements to the IBM Tivoli

Storage Manager family of products All statements regarding IBM's future direction and intent are subject to

change or withdrawal without notice, and represent goals and objectives only Information in this presentation does not constitute a commitment to deliverthe described enhancements or to do so in a particular timeframe

IBM reserves the right to change product plans, features, and deliveryschedules according to business needs and requirements

This presentation uses the following designations regarding availability ofpotential product enhancements Future Candidate: Candidate for delivery in a future release (2011 or beyond)

The information on the new product is intended to outline our general product direction and it should notbe relied on in making a purchasing decision. The information on the new product is for informationalpurposes only and may not be incorporated into any contract. The information on the new product isnot a commitment, promise, or legal obligation to deliver any material, code or functionality. Thedevelopment, release, and timing of any features or functionality described for our products remainsat our sole discretion.


3/39


4/39

3

Agenda Data Deduplication Security and Compliance Storage Hierarchy and Database VTL Integration Software Deployment

Backup Environments

Note: VMware and Hyper-V will be covered in a separatepresentation at this conference and therefore is notincluded in this presentation


5/39

4

DATA DEDUPLICATION


6/39

Server-Side Data DeduplicationDeduplication-Enabled DiskStorage Pool

File 1

File 2

File 3

A

A

B

B

A

C

C

C

D

E

File 1

File 2

File 3

1. Data sent from clients to serverand stored in primary storage pool

2. Identify Duplicates processcreates chunks and pointers tohash index (deduplication index)in server database to relate filesto chunks

3. Backup Stgpool operation copies data tonon-deduplicated copystorage pool

4. Duplicate data chunksremoved from primarystorage pool duringReclaim operation

Copy Storage Pool(non-deduplicated)

HashIndex

File 3

TSM 6.1 Client

TSM 5.5 Client

Exchange Server

TSM 6.1 Server

Currently Available


7/39

Copy Storage Pool(non-deduplicated)

Client-Side Data Deduplication

File 1A B C

D

E

File 1

File 2

File 3

File 4B EF

F

File 4

1. Client creates chunks

2. Client and server identify whichchunks need to be sent

3. Client sends chunks andhashes so server canrepresent object in database

4. Entire file is reconstructedduring Backup Stgpool operation to non-deduplicatedstorage pool

HashIndex

File 4

Deduplication-Enabled DiskStorage Pool

TSM 6.2

Reduced space requirement in storage poolsReduced consumption of network bandwidth

Reduced space requirement in storage pools

Reduced consumption of network bandwidth

FastBack Serverwith TSM 6.x API

TSM 6.x Client

Exchange Serverwith TSM 6.x API

TSM 6.x Server

Chunks within pool areshared by client-side andserver-side deduplicationoperations


8/39

7

Design Points for Client-Side DeduplicationDesign point Comments

Source-side (client-side)

Reduces network traffic by deduplication of data before transfer tothe serverEffective for all data sent from 6.x Backup-Archive or API client to

6.x serverIn-band No post processing required after data is stored in deduplication-enabled disk storage pool

Data compatibility with server-side data deduplication

Both client-side and server-side require deduplication-enabled poolClient-side and server-side deduplication share data chunks in poolusing a unified chunk index in the TSM databaseClient-side and server-side use the same algorithms/parameters forfingerprinting and chunk identification (using hashing)

Compatibility with clientcompression

Client optionally compresses data after it has been chunkedServer expands (decompresses) data when it needs to bereconstructed, such as for backup to a tape copy storage pool or for

restore to a legacy client

Server and client controls overdeduplication used

Server enables each client node for client-side deduplicationClient controls whether it actually uses client-side deduplicationClient include/exclude options allow control of client-sidededuplication at the file level


9/39

8

Design Points for Client-Side Deduplication (2)

Design point Comments

OptimizationMinimize network chat and database lookups due to chunk-index(deduplication-index) queries to the TSM server

Maintain a local cache of hash values for each client

Avoidance of false matchesSHA-1 digest for each chunkComparison of chunk sizeMD5 digest for entire data object checked by client after restore

Security

Enhanced client-server protocol to detect malicious activity

Limit ability to use commands which display raw hash and indexdataSSL communication allows encryption of deduplicated data

Reporting Provide additional statistics with Backup-Archive client and API toindicate deduplication and data reduction savings


10/39

9

Comparison of TSM Data Reduction MethodsClient

compressionIncremental

foreverSubfilebackup

Server-sidededuplication

Client-sidededuplication

How data reduction isachieved

Clientcompresses files

Client only sendschanged files

Client only sendschanged subfiles

Servereliminates

redundant datachunks

Client andserver eliminateredundant data

chunks

Conserves networkbandwidth? Yes Yes Yes No Yes

Data supported Backup, archive,HSM, API BackupBackup

(Windows only)Backup, archive,

HSM, APIBackup, archive,

API

Scope of data reductionRedundant datawithin same fileon client node

Files that do notchange between

backups

Subfiles that donot change

between backups

Redundant datafrom any files in

storage pool

Redundant datafrom any files in

storage pool

Avoids storing identicalfiles renamed, copied, orrelocated on client node?

No No No Yes Yes

Removes redundantdata for files fromdifferent client nodes?

No No No Yes Yes

All of these data reduction methods conserve storage pool space

Available prior to V5 Available 6.1 Available 6.2


11/39


12/39

11

SECURITY AND COMPLIANCE


13/39

12

Deduplication and EncryptionDatasource 1

txpt tnatroemI

te tarpIxtntom

Datasource 2

Datasource 3

Important text

Important text

Important text

Data

deduplication

Noencryption

Encryptionkey 1

Important text

Encryptionkey 2

2. After encryption,text files do notmatch

1. Three datasources havethe same text file

3. Deduplicationprocessing does notdetect redundancy

Important text

Data

store

4. Text files arestored withoutdata reduction

Data encryption prior todeduplication processing cansubvert data reduction

Data encryption prior todeduplication processing cansubvert data reduction

txpt tnatroemI

te tarpIxtntom


14/39

13

Introduction to Secure Socket Layer (SSL)

Exploits asymmetric encryption (public/private keys) during client/server authentication Servers public key is widely distributed and used by the client to encrypt messages that only the

server can decrypt Servers private key is known only to the server and is used to decrypt messages that have been

encrypted by the client Servers public key is distributed in a digital certificate Certificate validation ensures that the certificate really came from the server

Client can validate digital certificate using a trusted third party called a certificate authority (CA) Certificate can be self-signed by the server and delivered to each client using secure mechanism

After initial authentication, random symmetric key is negotiated for encrypting theremainder of the session

SSL allows the entireclient/server session to bewrapped in an encrypted tunnelClient Server


15/39

1414

Enhanced TSM Support for SSL Extended platform support

Windows (available in TSM 5.5) AIX (available in TSM 5.5) Linux Solaris HP-UX

Alternatives for validation of TSM server certificates Manual, secure distribution of self-signed certificates (available in TSM 5.5) Acquire certificates signed by well-known certificate authority such as Thawte or

Verisign Use certificate signed by customers own certificate authority

TSM 6.2

256-bit AES encryption for in-flight dataCompatible with TSM server- or client-side deduplicationSimplified deployment and validation of TSM server certificates

256-bit AES encryption for in-flight dataCompatible with TSM server- or client-side deduplicationSimplified deployment and validation of TSM server certificates


16/39

15

Client-Server Communication Using SSL

TSM Server 1

TSM Server 2

TSM Client 2(B-A, HSM, or API)

Web browser

AIXWindowsHP-UXLinuxSolaris

AIXWindowsHP-UXLinuxSolaris

Admin Client1

1

2

4

5 6

Admin Center

3

StorageAgent 7

TSM Client 1(B-A, HSM, or API)

Communication Types1. Client-to-server (backup/recovery, file selection, data movement)2. Admin command-line client (administrative commands)3. Administration center4. Web client (file selection for backup/restore)5. Client-to-client (coordination for HSM, Copy Services)6. Server-to-server (management tasks)7. Storage-agent-to-server (LAN-free)

SSL pathsNon-SSL paths

4


17/39

16

ConfigurationCertificate request is signed by CACertificate is installed on TSM serverCA's root certificate is installed on the client

RuntimeClient accepts any certificate signed by CAClient rejects all other certificatesClient verifies server's identity

Validation Using Certificate Authority

TSM Server TSM Client 2TSM Client 1

Certificate Authority

Signed servercertificate(public/private)

CA's rootcertificate

CA's rootcertificate

Server publiccertificate

Server publiccertificate

TSM 6.2


18/39

17

PVU Estimation Reporting Estimated Processor Value Units

(PVU) reporting for Backup-Archiveclient and API applications TSM clients will scan system and

send processor data to TSM Server TSM server will store processor

data and calculate PVU value Ability to report on client-device

and server-device at a node level Allow TSM administrator to change

classification on a per-node basis PVU summary report (example at

left) Full-Capacity licensing only

Virtualization Capacity (Sub-Capacity)customers are still required to use theIBM License Metric Tool (ILMT) tocreate, verify, adjust, sign and savereports

Future Candidate


19/39

18

Historical Audit Trail: Data Objects

A

DB2

Information regarding initial store of objectWhen object was storedWho initiated store operationHow store was initiated (schedule, GUI)Initial storage pool / volumesTransport mechanism for store (LAN-free)Encryption strengthClient compressionInitial management classObject sizeClient-side deduplication

Information regarding later operations on objectClient restore/retrieve/recall attemptsOutcome of client access operationsDeletion (who/what initiated)Move/copy operationsManagement class rebindingServer-side deduplicationStorage Hierarchy

TSM Server

Future CandidateImproved tracking of historical information on data objectsImproved tracking of historical information on data objects

Historical information for each stored object is tracked in databaseObject information can be queried for audit compliance or problem diagnosis


20/39

19

Historical Audit Trail: Server Configuration

DB2

Server configuration history

New/changed constructs- Policy definitions- Schedules- Storage pools/device classes- Nodes

Set commandsChanges to server optionsChanges to server level

TSM Server

Improved tracking of historical information on server configurationImproved tracking of historical information on server configuration

Historical information relating to server configuration is tracked in databaseServer-configuration information can be queried for audit compliance or problemdiagnosis

Future Candidate


21/39

20

STORAGE HIERARCHY ANDDATABASE


22/39

21

TSM Database Backup with Multiple StreamsTSM Server

DB2

TSM Database

Backup/restorestreams

Parallel streams for backup/restore processing give improved throughput

Reduced time for database backup/restore

Increased scalability of TSM server without expanding database backup window

Reduced database backup windowImproved recovery timeIncreased scalability of TSM server

Reduced database backup windowImproved recovery timeIncreased scalability of TSM server Future Candidate

Database backup performance will enable sustained scalability improvement


23/39

22

Server-to-Server Metadata Export/Import

Metadata transferred between servers using export/import Storage pool volumes physically moved (or replicated) to the target server Especially attractive when used with shared libraries Could be used for

Splitting/balancing servers Consolidating servers, such as after upgrade to DB2

Source Server Target Server

Storage Hierarchy Storage HierarchyTransfer storage pool volumes

Server-server export of metadata

Reduced time and bandwidth consumption for export/import of object dataAbility to transfer data for individual nodes

Reduced time and bandwidth consumption for export/import of object dataAbility to transfer data for individual nodes

DB2 DB2

Future Candidate


24/39

23

23

Remote Copy Storage Pool with Deduplication

Storage Hierarchy

DB2

TSM Server

Database

Site A

No special hardware/software required Deduplication gives storage/bandwidth

savings All data in primary hierarchy could be

replicated, after initially being stored indeduplicated primary pool

DB2

Deduplicated Copy Pool(iSCSI/CIFS/NFS)

Site BNear-realtime replication of database (HADR)

Database

Storage pool backup

Deduplicated storage pool, optionallywith client-side deduplication

Near-term document solution combining existingtechnologies: TSM deduplication, probably client-side Copy pool with network-attached storage DB2 HADR


25/39

24

Node Replication with Deduplication

TSM server would replicate all data and metadata for specified nodes to another server, ensuringnode completeness and consistency of data/metadata

Incremental client data transfer with deduplication to minimize bandwidth consumption Remote TSM server could be hot standby for primary server, for improved RTO Native TSM solution with no dependency on specific storage device Many-to-1 transfer to target server (recovery manageability) Supports dissimilar hardware, configuration and retention at primary and remote sites

Storage Hierarchy

Metadata and deduplicated data

DB2

Site A

TSM Server A

Site B

TSM Server B

Remote vaulting without manual tape transferEfficient use of bandwidth through deduplicated replicationAllows hot standby at remote site

Remote vaulting without manual tape transferEfficient use of bandwidth through deduplicated replicationAllows hot standby at remote site Future Candidate

Database Storage Hierarchy

DB2

Database

Node ANode BNode C

Node YNode X


26/39

25

Simultaneous Write for Client Store Operations

Copy pool 2

Copy pool 1

Client

Active-data pool

Server

Primary Storage Pools

1. Data sent

Data flow

2. Simultaneous writeto multiple targets

3. Migration

Data written synchronously to primary pool and one or more copy-pool or active-data-pool destinations

Avoids need for subsequent copy operations to active-data pool or copy poolRequires that sufficient tape devices be available during client backup

Tape delays may extend client backup window

Not compatible with client-side deduplication Currently Available


27/39


28/39

27

VIRTUAL TAPE LIBRARY (VTL)INTEGRATION


29/39


30/39

29

Considerations for VTL Use with TSM Today TSM treats VTL as tape TSM sequential-access disk offers many capabilities of VTL Possible advantages of VTL in the TSM storage hierarchy

Simplified setup and management of storage as compared toconfiguring native disk volumes

Facilitates sharing of disk storage among TSM servers Offloading work from the TSM server to a VTL may improve scalability

Simplified configuration for LAN-free operations as compared to LAN-free to sequential-access disk Ability to exploit integrated VTL capabilities such as compression, data

deduplication and replication


31/39

30

TSM Enhancements to Increase VTL Awareness Support classification/prioritization of sequential-access storage devices to

distinguish VTL from physical tape Enable concurrent access to VTL volumes Enhance mount-point processing to better handle large numbers of virtual

drives For retrieval operations, enhance volume selection to differentiate VTL

volumes from physical tape

More effective use of VTL in TSM storage hierarchyMore effective use of VTL in TSM storage hierarchy Future Candidate

Backupstorage pool

RestoreNode 1

RestoreNode 2 BackupNode 3

Concurrent access for VTLvolumes (multiple read

operations, one write operation)

VTLVolume


32/39

31

SOFTWARE DEPLOYMENT


33/39

32

Client Deployment for Upgrade Deployment of client software to upgrade existing clients Windows Backup-Archive client Client scheduler must be running Used for deployment of new version, release, modification (fix pack), interim fix Deployment across policy domains and for multiple TSM servers

TSM server and admin center must be at release 6.x or higher Supported client releases

Current client is 5.4 or higher Target client level is 6.x or higher

Client control via new option Autodeploy=Yes|No|NOREboot Yes Automatically deploy the client even if computer restart is

required NOREboot Automatically deploy the client unless a computer restart is required

No Do not automatically deploy the client

TSM 6.2Simplified deployment of client softwareSimplified deployment of client software


34/39

3333

Client Deployment Flow

TSM ClientProcesses

Start the deployment manager process

Acquire client packages from the FTP site

2

3

4

Make archive client packages available in storage pool

Define / update policy and schedule

Define the nodes to which package should be deployed

5

6

Retrieve client package and deployment manager from server

Unpack package and parse instructions

10

Report update status to the server

Administrator views results

TSM AdminCenter

TSM Server1

TSM Client

Machines

ClientScheduler

7

8 Run install script9

DeploymentManager


35/39

34

Additional Software Deployment Function Deployment of non-Windows clients Deployment of other components

HSM client

Storage agents Data protection agents

Automatic downgrading (regression) of client software Initial client distribution and installation Distribution without client scheduler running

Future CandidateExpanded software deployment functionExpanded software deployment function


36/39

35

BACKUP ENVIRONMENTS


37/39

36

Windows System Writer Incremental Backup Windows System Writer is often the largest

component of the System State data, andincludes

Installed file system and application binaries Windows Side-by-Side directory contents PnP files and drivers User mode services and drivers

This component has grown over recentWindows releases, and comprises 50,000+files (>7 GB) in Windows 2008

TSM currently backs up all System Writer filesif only one file has changed

TSM 6.2 uses progressive incrementalbackup for System Writer files on Windows2003 and above

TSM 6.2


38/39

37

Other Client Enhancements TSM will continue enhancements for backup in specific

environments

Examples in TSM 6.2 include Backup/archive of GPFS data on Windows Online backup of Hyper-V guests from host using VSS Segmentation of extremely large SAP databases for efficient

handling by TSM for ERP Examples in future releases may include

Journal-based backup for Linux Data reduction through metadata separation

Simplified configuration of backup-archive clients in a cluster Automated System Recovery (ASR) for Windows 2008, Vista, andWindows 7

TSM 6.2

Future Candidate


39/39

38

QUESTIONS ?

Documents

2 PCTY2010 TSM 6.2 Family Update