iSCSI for Better
or WorseSTEVEN AIELLO
“Love me or hate me, both are in my favor…
If you love me, I'll always be in your heart…If you hate me, I'll always be in your mind.”
~ William Shakespeare
Who Am I?
Steven Aiello
CISSP, CISA, VCP 5, CCNA (long ago)&
some other crappy ones…
MSP Online Tech
ADP Sorry if you work there = (
Focus One Data
What’s My Background?
Focus One: Primarily focused on health care data.
HIPAA was new (2002-2004)…
ADP: Large scale data center deployments
Online Tech: Lead VMware Eng.
Almost 40 ESXi hosts
Veeam (360 VMs)
VMware SDK C#
Datacenter migration avg. 3.5 min of down time
per server
Block vs. File
Sorry Internet police I stole this image = (
FC, iSCSI, & NFS Fibre Channel provided the highest throughput and the lowest processor
utilization of all the storage protocols.
Software iSCSI provided only slightly lower throughput than FibreChannel (not more than 9% or 10% less than Fibre Channel depending upon the specific tests being run). However, software iSCSI consistently showed the highest CPU utilization on the ESX hosts.
NFS showed throughput on the same levels as software iSCSI (again, not more than about 9% or 10% less than Fibre Channel depending upon the tests being run) and had higher CPU utilization than Fibre Channel. However, the CPU utilization was lower than with software iSCSI.
Source: NetApp
FC, iSCSI, & NFS
Why?
What is iSCSI
1. Block level storage
2. SCSI Commands
3. Encapsulate into an IP packet
4. Send it over Ethernet
5. Picked up by the controller
6. Reverses the encapsulation process
7. iSCSI Bi-Directional
iSCSI ~ RFC 3720
I would recommend you read this…
iSCSI consists of
Initiator (the client)
Target (the server)
IQN: A date code, in yyyy-mm format. This date MUST be a date during which
the naming authority owned the domain name used in this format, and
SHOULD be the first month in which the domain name was owned by this
naming authority
IQN Format
iSCSI Considerations
Dedicated network
Network Design (“Don’t let your network guys screw with your storage network…”)
MTU (1500 MTU or 9000 MTU?)
Switch buffer sizes
iSCSI Gossip
Intel NICs
DELL partner
Expressed discontent with Broadcom drivers
Expressed discontent with DELL switches
Cisco seemed to be the preferred brand
Why Use iSCSI?
Raw Device Mappings
Windows Server Clustering(may not be needed in the future)
SAN management Software
Easier multi-pathing
iSCSI connections from your hosts
Why Use NFS?
You don’t wont to screw with iSCSI…
Larger datastores without extents
You have the resources to install 10Gb Ethernet
More flexible storage system, expand the size of your data stores
You don’t have a need for:
RDMs
Direct SAN access for your applications
Switch Port Security… (fail)
Look for cut off iSCSI messages in the vmkernel log…
LUN Security & Access
iSCSI Access Controls
CHAP (UN & PW)
IP Address or Subnet Block (Not my fav.)
IQN (Think of MAC address filtering)
iSCSI Multi-Pathing
Most Recently Used
Round Robin (make sure your storage device
supports this)
Fixed
iSCSI Multi-Pathing = (
FML…
iSCSI Multi-Pathing = (
iSCSI Multi-Pathing = (
MS KB: 2522766
20 Years of banking data
Random and excessive NTFS errors
A week of sleepless nights…
Third Party Integration
Kudos to Equallogic on their HIT kit
MEM
Better multi-pathing
SAN based snapshots using VSS
Wrap Up – Why Use It?
Raw Device Mappings
Windows Server Clustering(may not be needed in the future)
SAN management Software
Easier multi-pathing
iSCSI connections from your hosts
Wrap Up – Why Use NFS?
You don’t wont to screw with iSCSI…
Larger data stores without extents
You have the resources to install 10Gb Ethernet
More flexible storage system, expand the size of your data stores
You don’t have a need for:
RDMs
Direct SAN access for your applications
Questions?
Steven Aiello