White Paper
EMC MULTI-TENANT FILE STORAGE SOLUTION
Multi-Tenant File Storage with EMC VNX and
Virtual Data Movers
Provide file storage services to multiple tenants from a single array
Monetize investments in existing VNX storage capacity
Realize ROI sooner and reduce storage TCO
Global Solutions Sales
Abstract
This white paper explains how Virtual Data Movers (VDMs) on EMC®
VNX® systems can be configured and leveraged to provide multiple CIFS
and NFS endpoints. This allows service providers to offer multiple file
system containers to multiple tenants on a single or multiple physical
EMC VNX storage arrays.
June 2013
Copyright © 2013 EMC Corporation. All Rights Reserved.
EMC believes the information in this publication is accurate as of its
publication date. The information is subject to change without notice.
The information in this publication is provided “as is.” EMC Corporation makes
no representations or warranties of any kind with respect to the information in
this publication, and specifically disclaims implied warranties of
merchantability or fitness for a particular purpose.
Use, copying, and distribution of any EMC software described in this
publication requires an applicable software license.
For the most up-to-date listing of EMC product names, see EMC Corporation
Trademarks on EMC.com.
All trademarks used herein are the property of their respective owners.
Part Number H12051
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
2
Table of contents
Executive summary............................................................................................................................... 5
Business case .................................................................................................................................. 5
Solution overview ............................................................................................................................ 5
Key results and recommendations ................................................................................................... 5
Introduction.......................................................................................................................................... 6
Purpose ........................................................................................................................................... 6
Scope .............................................................................................................................................. 6
Audience ......................................................................................................................................... 6
Terminology ..................................................................................................................................... 6
Technology overview ............................................................................................................................ 8
EMC VNX series ................................................................................................................................ 8
Virtual Data Movers ..................................................................................................................... 8
Physical Data Movers .................................................................................................................. 8
EMC Unisphere ............................................................................................................................ 8
Solution architecture and design........................................................................................................ 10
Architecture overview ..................................................................................................................... 10
Hardware components ................................................................................................................... 11
Software components .................................................................................................................... 11
Network architecture ...................................................................................................................... 11
EMC VNX57XX network elements ............................................................................................... 13
Design considerations ................................................................................................................... 13
Solution validation ............................................................................................................................. 15
Objective ....................................................................................................................................... 15
Test scenario.................................................................................................................................. 15
Server and storage configuration ................................................................................................... 15
VDM configuration ......................................................................................................................... 17
Storage pool configuration ........................................................................................................ 17
Create a VDM ................................................................................................................................. 18
Create a user file system ........................................................................................................... 18
Create a mount point ................................................................................................................. 19
Check VDM status ..................................................................................................................... 20
Create the VDM network interface.............................................................................................. 20
Attach a VDM interface to the VDM ............................................................................................ 21
File system configuration ............................................................................................................... 21
Mount the file system to a VDM ................................................................................................. 21
Export the file system to server hosts ........................................................................................ 21
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
3
VDM configuration summary .......................................................................................................... 22
Scripted deployment ...................................................................................................................... 22
Cloud platform-attached file systems ............................................................................................. 24
VMware ESXi 5.1 NFS data stores .............................................................................................. 24
Test procedures ............................................................................................................................. 25
Use IOzone to generate I/O ....................................................................................................... 25
Test results .................................................................................................................................... 26
Physical Data Mover high availability ........................................................................................ 27
VNX Data Mover load ................................................................................................................. 27
Conclusion ......................................................................................................................................... 29
Summary ....................................................................................................................................... 29
References.......................................................................................................................................... 30
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
4
Executive summary
Business case
Multi-tenancy within private and public clouds includes any cloud architecture or
infrastructure element within the cloud that supports multiple tenants. Tenants can
be separate companies or business units within a company.
To provide secure multi-tenancy and address the concerns of cloud computing,
mechanisms are required to enforce isolation of user and business data at one or
more layers within the infrastructure. These layers include:
Application layer: A specially written multi-tenant application, or multiple,
separate instances of the same application can provide multi-tenancy at this
layer.
Server layer: Server virtualization and operating systems provide a means of
separating tenants and application instances on servers, and controlling
utilization of and access to server resources.
Network Layer: Various mechanisms, including zoning and VLANs, can be used
to enforce network separation.
Storage Layer: Mechanisms such as LUN masking and SAN zoning can be used
to control storage access. Physical storage partitions segregate and assign
resources into fixed containers.
Achieving secure multi-tenancy may require the use of one or more mechanisms at
each infrastructure layer
Solution overview
This white paper focuses on how to enforce separation at the network and storage
layers to allow cloud providers and enterprises to deploy multi-tenant file storage on
EMC® VNX® storage arrays. The deployment of multi-tenant file storage within the
EMC VNX storage platform can act as an enabler for cloud providers and enterprise
businesses to offer File System-as-a-Service to their customers or business units.
The solution described in this white paper uses EMC VNX unified storage and Virtual
Data Mover (VDM) technology, which enables logical partitioning of the physical
resources of the VNX into many “containerized” logical instances to serve multiple
NAS tenants.
Key results and
recommendations
This solution enables private and public cloud providers that are either selling or
supporting (ITaaS) cloud storage services to host multiple NAS file storage
environments on one or more physical EMC VNX storage platforms.
Cloud storage providers who want to offer a choice of multi-tenant NAS file storage
services from multiple storage vendors can now offer EMC VNX file storage to multiple
tenants.
Investments in existing VNX storage capacity can be monetized further through
hosting multiple tenants on a single storage platform helping accelerate the return on
investment and reducing the storage total cost of ownership (TCO).
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
5
Introduction
Purpose
The purpose of this white paper is to provide the necessary level of detail for the
design and deployment of secure multiple file systems within the Data Mover and
VDM constructs of the EMC VNX storage platform, enabling public and private cloud
providers to standardize multi-tenant file storage.
Scope
Throughout this white paper we1 assume that you have hands on experience with the
EMC VNX storage platform including the CLI, and familiarity with EMC Unisphere®.
You should also have a good understanding of networking fundamentals and a good
overall grasp of the concepts related to virtualization technologies, and their use in
cloud and data center infrastructures. Detailed configuration and operational
procedures are outlined along with links to other white papers and documents.
Audience
This white paper is intended for EMC employees, partners, and customers including IT
planners, system architects and administrators, and any others involved who are
interested in deploying file storage to multiple tenants on new or existing EMC VNX
storage platforms.
Terminology
Table 1 shows terminology that is used in this white paper.
Table 1.
1
Terminology
Term
Definition
802.1Q Trunk
A trunk port is a network switch port that passes traffic
tagged with an 802.1Q VLAN IDs. Trunk ports are used
to maintain the VLAN isolation between physical
switches or compatible network devices such as the
network ports on a storage array. An LACP port group
can also be configured as a trunk port to pass tagged
VLAN traffic.
Common Internet File
System (CIFS)
File-sharing protocol based on the Microsoft Server
Message Block (SMB) protocol that enables users to
access shared file storage over a network.
Data Mover
Within the VNX platform offering file storage, the Data
Mover is a hardware component that provides the NAS
presence and protocol support to enable clients to
access data on the VNX using NAS protocols such as
NFS and CIFS. Data Movers are also referred to as XBlades.
In this white paper, "we" refers to the EMC engineering team that validated the solution.
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
6
Term
Definition
Domain
Logical grouping of Microsoft Windows servers and
other computers that share common security and user
account information. All resources such as computers
and users are domain members and have an account
in the domain that uniquely identifies them. The
domain administrator creates one user account for
each user in the domain, and the users log in to the
domain once. Users do not log in to each server.
LACP
High-availability feature based on the IEEE 802.3ad
Link Aggregation Control Protocol (LACP) standard
which allows Ethernet ports with similar
characteristics on the same switch to combine into a
single logical port, or link with a single MAC address
and potentially multiple IP addresses. This feature is
used to group ports that appear to be logically larger
links with aggregated bandwidth.
Lightweight Directory
Access Protocol (LDAP)
Industry-standard information access protocol. It is the
primary access protocol for Active Directory and LDAPbased directory servers. LDAP version 3 is defined in
Internet Engineering Task Force (IETF) RFC 2251
Network file system (NFS)
A network file system protocol that allows a user on a
client computer to access shared file storage over a
network.
Network Information
Service (NIS)
Distributed data lookup service that shares user and
system information across a network, including
usernames, passwords, home directories, groups,
hostnames, IP addresses, and netgroup definitions.
Storage pool
Groups of available disk volumes organized by
Automatic Volume Management (AVM) that are used to
allocate available storage to file systems. They can be
created automatically by AVM or manually by the user.
Virtual Data Mover
An EMC VNX software feature that enables the
grouping of file systems, NFS endpoints, and CIFS
servers into virtual containers. These run as logical
components on top of a physical Data Mover.
VLAN
Logical networks that function independently of the
physical network configuration and are a means of
segregating traffic across a physical network or switch.
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
7
Technology overview
EMC VNX series
The VNX family of storage arrays is designed to deliver maximum performance and
scalability, enabling private and public cloud providers to grow, share, and costeffectively manage multiprotocol file and block systems. EMC VNX series storage is
powered by Intel processors for intelligent storage that automatically and efficiently
scales in performance, while ensuring data integrity and security.
Virtual Data Movers
A VDM is an EMC VNX software feature that enables the grouping of file systems, CIFS
servers and NFS endpoints into virtual containers. Each VDM contains all the data
necessary to support one or more CIFS servers and NFS endpoints associated with
their file systems. The servers in a VDM store their dynamic configuration information
(such as local users, local groups, shares, security credentials, audit logs, NS Domain
configuration files and so on) in a configuration file system. A VDM can then be
loaded (active state) and unloaded (mounted but inactive state), moved from Data
Mover to Data Mover, or replicated to a remote Data Mover as an autonomous unit.
The servers, their file systems, and configuration data are available in one virtual
container.
VDMs enable system administrators to group file systems and NFS server mount
points. Each VDM contains the necessary information to support one or more NFS
servers. Each VDM has access only to the file systems mounted to that VDM. This
provides a logical isolation between the VDM and NFS mount points.
Physical Data Movers
A physical Data Mover is a component within the VNX platform that retrieves data
from the associated disk storage and makes it available to a network client; the Data
Mover can use the CIFS and NFS protocols.
EMC Unisphere
EMC Unisphere is the central management platform for the EMC VNX series,
providing a single combined view of file and block systems, with all features and
functions available through a common interface. Figure 1 is an example of how the
properties of a Data Mover, named server_2, are presented through the Unisphere
interface on a VNX5700 system.
®
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
8
Figure 1.
The server_2 Data Mover on the Unisphere interface on VNX5700
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
9
Solution architecture and design
Architecture
overview
To validate the functionality and performance of VDMs on the EMC VNX series
storage, we implemented multiple VDMs to simulate a multi-tenant environment.
Each VDM was used as a container that included the file systems exported by the NFS
endpoint. The NFS exports of the VDM are visible through a subset of the Data Mover
network interfaces assigned to the VDM, as shown in Figure 2. The clients can then
access the Data Mover network via different VLANs for network isolation and secure
access to the data.
Figure 2.
Architecture diagram
Within the EMC VNX57xx series used in this solution, the Data Movers and VDMs
have the following features:
A single physical Data Mover supports the NFS services for different tenants
each with their own LDAP, NIS, and DNS configurations by separating the
services for each tenant in their own VDM.
The file systems exported by each VDM are not accessible by users of different
VDMs.
Each tenant is served by a different VDM addressed through a subset of logical
network interfaces configured on the Data Mover.
The file systems exported by a VDM can be accessed by CIFS and NFSv3 or
NFSv4 over TCP protocols. The VDM solution compartmentalizes the file system
resources. Consequently, only file systems mounted on a VDM can be exported
by the VDM.
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
10
Hardware
components
Table 2 lists the hardware components used in solution validation.
Table 2.
Hardware components
Item
Units
Description
EMC VNX5700
1
File version: 7.1.56.5
Block version: 05.32.000.5.15
Software
components
Cisco MDS 9509
2
Version 5.2.1
Cisco UCS B200 M2 Blade
Server
4
Intel Xeon X5680, six-core processors, 3.333 GHz,
96 GB RAM
Table 3 lists the software components used in solution validation.
Table 3.
Software components
Item
Version
Description
EMC Unisphere
1.2.2
Management tool for EMC VNX5700
VMware vCenter Server
5.1
2 vCPU, Intel Xeon X7450, 2.66 GHz, 4 GB
RAM
Windows 2008 Enterprise Edition R2 (x64)
Network
architecture
VMware vSphere
5.1
Build 799733
CentOS
6.3
2 vCPU Intel Xeon X5680, 2 GB RAM
Cisco UCS Manager
2.0(4b)
Cisco UCS server management tool
Plink
Release
0.62
Scripting tool
IOzone
4.1.4
I/O generation tool
A key component of the solution is the aggregation and mapping of network ports
onto VDMs. This makes use of industry standard features of the EMC VNX Data Mover
network ports which can tag and identify traffic to a specific logical network or VLAN.
The tagged traffic is then effectively isolated between different tenants and
maintained across the network.
If multiple logical network connections are configured between the clients and the
VNX, the network traffic can be distributed and aggregated across the multiple
connections to provide increased network bandwidth and resilience. SMB3 clients,
such as Windows 8 and Windows Server 2012, detect and take advantage of multiple
network connections to the VNX natively. Similar benefit can be provided to NFS
clients by logically grouping interfaces with the LACP protocol.
When using LACP, traffic is distributed across the individual links based on the
chosen algorithm that is determined by configuration on the EMC VNX and network
switch. The most suitable traffic distribution algorithm should be selected based on
how hosts are accessing and communicating with the storage. When configuring
LACP, the choice of IP, MAC or TCP port-based traffic distribution should be selected
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
11
based on the relationship of host to server, this involves examining how
conversations would occur in the specific environment and if any changes to default
policy are required. The default policy is by IP address-based traffic distribution.
Individual network interfaces and LACP port groups can also be configured as an
802.1Q trunk to pass 802.1Q tagged traffic. An 802.1Q tag is used to identify that a
packet belongs to a specific logical network or VLAN. By assigning multiple logical
interfaces to a trunk port, a different VLAN can be associated to each interface. When
each logical interface is configured for a different VLAN, a packet is accepted only if
its destination IP address is the same as the IP address of the interface, and the
packet's VLAN tag is the same as the interface's VLAN ID.
The Layer 2 network switch ports for servers, including VNX, are configured to include
802.1Q VLAN tags on packets sent to the VNX. The server is responsible for
interpreting the VLAN tags and processing the packets appropriately. This enables
the server to connect to multiple VLANs and their corresponding subnets through a
single physical connection.
The example in Figure 3 shows how a physical Data Mover is configured to support a
tenant user domain in a VDM.
Figure 3.
VDM configuration within the physical Data Mover
In this example, we configured a VDM called VDM-Saturn, which represents a tenant
user. The logical VDM network interface for VDM-Saturn is then called Saturn-if. On
the physical Data Mover we configured an LACP trunk interface, TRK-1; this is
configured to use two 10 Gb Ethernet ports, fxg-1-0 and fxg-2-0.
The trunk port TRK-1 was associated to VLAN A for accessing its defined host network
to enforce tenant and domain isolation. VLAN A was associated VLAN ID on the
network switch to allow communication between clients and the file system.
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
12
EMC VNX57XX network elements
Within the EMC VNX57XX series, file system access is made via the network ports on
the physical Data Mover. The EMC VNX can support between two and eight Data
Movers, depending on the model. These are configured as either active or standby. A
Data Mover can be configured using a combination of quad-port
1 Gb or a dual-port 10 Gb network interface cards. Each network interface port
supports the LACP and 802.1Q industry standard features to allow either VLAN trunks
or host mode. Network interfaces can also be combined using LACP to form logical
links.
For more details on the networking aspects of the VNX platform, refer to Configuring
and Managing Networking on VNX.
Design
considerations
The current VDM implementation and functionality has the following characteristics:
The VDM supports CIFS, NFSv3, and NFSv4 protocols over TCP. All other
protocols such as FTP, SFTP, FTPS, and iSCSI are not supported.
The NFSv3 clients must support NFSv3 over TCP to connect a NFS endpoint.
There are a number of contributing factors for how many file systems can exist on a
Data Mover these are, the number of mount points, storage pools, and other internal
file systems. The total number of VDMs, file systems, and checkpoints cannot exceed
2048 per Data Mover.
The maximum number of VDMs per VNX array corresponds to the maximum number
of file systems per Data Mover. A VDM has a root file system which reduces one
number from the total count. Any file systems created on those VDMs will also
continue to decrease the total number. The common practice is to create and
populate the VDM so that it has at least two file systems per VDM. This reduces the
maximum number of VDMs per VNX as follows:
2048/2 = 1024 – 1 (root file system) = 1023
Although this 1023 limit exists, EMC currently supports a maximum of 128 VDMs
configured on a physical Data Mover.
Each physical Data Mover (including all the VDMs it hosts) does not support
overlapping IP addresses spaces. It is therefore not possible to host two different
tenants that use the same IP addresses or subnet ranges on the same Data Mover.
Such tenants must be moved onto separate physical Data Movers.
In provisioning terms, when determining which physical Data Mover on to which to
provision a new tenant, and hence VDM, the provisioning logic must determine if
there is an IP space conflict between the new tenant to be provisioned and the
existing tenants on a physical Data Mover. If there is no clash, the new tenant can be
provisioned to the Data Mover. If there is a clash, the new tenant must be provisioned
to a different Data Mover.
If a physical Data Mover crashes, all of its file systems, VDMs, IP interfaces, and other
configuration are loaded by the standby Data Mover and it takes over the failed Data
Mover’s identity. The result is that everything comes back online as if it were the
original Data Mover.
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
13
A manual planning exercise is required to accurately balance workloads between
each physical Data Mover as, in the current implementation, there is no automated
load balancing of VDMs on a physical Data Mover.
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
14
Solution validation
Objective
To validate this solution, the objective was to test the configuration of multiple VDMs
for NFS and how they performed under I/O load. Specifically, the network file-based
NFS data stores were configured on NFS file shares. We deployed several open source
based CentOS 6.3 virtual machines to generate I/O activities against these data
stores. The physical Data Mover performance was monitored to ensure CPU and
memory utilization was in line with the design specifications, while multiple VDMs
were used for file access.
Test scenario
To simulate multi-tenant file systems, we configured multiple VDMs on a physical
Data Mover and exported the NFS file systems associated with a VDM to VMware ESXi
5.1 hosts. These hosts are assigned to different tenants who have access to file
storage from different networks and LDAP domains.
There were four VMware ESXi 5.1 hosts in the data center. Each host has data stores
from different NFS shares exported by its designated VDMs. For each tenant, it can
only have access to its designated file system and NFS data stores. Other tenants are
not permitted to have any access to the file systems and NFS data stores in the same
data center.
Server and storage The server and storage configuration for this solution validation test consists of two
VDMs configured on a physical Data Mover for two different tenants, Tenant A and
configuration
Tenant B, as shown in Figure 4.
Figure 4.
Server and storage topology for Tenant A and Tenant B
Each tenant had file access provided by their own VDM. These were named VDMSaturn and VDM-Mercury and attached to different network interfaces configured
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
15
within each VDM. By implementing LDAP and VLANs, each tenant can limit the file
access and maintain distributed directory information over the network.
You can configure single or multiple resolver domain names for a VDM. You must
specify the respective domain name and the resolver value. The VDM domain
configuration includes the NIS, LDAP, DNS, and NFSv4 domains specifications.
For more details on how to manage the domain configuration for a VDM, refer to
Configuring Virtual Data Movers on VNX 7.1.
In the following example, as shown in Figure 5, the VDM VDM-Saturn is configured to
provide file access to Tenant A and it is attached to Network A. The file system
Saturn_File_System is mounted in VDM-Saturn. In the same way, the NFS clients of
Tenant B have access to Mercury_File_System by mounting the NFS export to the IP
address associated with Network B.
Figure 5.
Network interface to NFS endpoint mapping
To configure an NFS server to exclusively serve tenants for a particular naming
domain, the service provider and storage administrator must complete the following
tasks:
Create a new VDM that houses the file system to export for the considered
domain.
Create the network interface(s) for the VDM.
Assign the interface to the VDM.
Configure the domain for the VDM.
Configure the lookup name service strategy for the VDM (optional – if not
configured at the VDM, the services configured on the physical Data Mover will
be used).
Mount the file system(s) on the VDM.
Export the file system(s) for the NFS protocol.
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
16
The interfaces mapped between a Data Mover and a VDM are reserved for the CIFS
servers and the NFS server of the physical Data Mover.
The VDM feature allows separation of several file system resources on one physical
Data Mover. The solution described in this document implements an NFS server per
VDM named NFSendpoint. The VDM is used as a container that includes the file
systems exported by the NFS endpoint and/or the CIFS server. The file systems of the
VDM are visible through a subset of the Data Mover network interfaces attached to
the VDM.
The same network interface can be shared by both CIFS and NFS protocols on that
VDM. The NFS endpoint and CIFS server are addressed through the network interfaces
attached to that VDM.
VDM configuration
The command line interface (CLI) must be used to create the VDMs, using nasadmin
or root privileges to access the VNX management console.
The following steps show how to create a VDM on a physical Data Mover for Tenant A
in a multi-tenant environment. To support multiple tenants, multiple VDMs are
required to provide file access. The procedure to create a VDM can be repeated for
additional tenant VDM creation as required.
Storage pool configuration
Before a VDM can be created on a Data Mover, a storage pool must be configured on
the VNX to store the user file systems. In this example, we configured a storage pool
named FSaaS-Storage-Pool. Its properties are shown in Figure 6.
Figure 6.
Configuring a storage pool named FSaaS-Storage-Pool in Unisphere
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
17
For more information on file systems, refer to Managing Volumes and File Systems
with VNX Automatic Volume.
Create a VDM
The VNX CLI command, in Figure 7, shows how to create VDM-Saturn which is used for
Tenant A file access on Data Mover server_2.
Figure 7.
Creating the VDM named VDM-Saturn
When using default values, the VDM is created in a loaded state.
Note
The system assigns default names for the VDM and its root file system.
You can use the same command to create VDM-Mercury for Tenant B, as shown in
Figure 8.
Figure 8.
Creating the VDM named VDM-Mercury
Create a user file system
The CLI command, in Figure 9, shows how to create a file system named
Saturn_File_System, with 200 GB storage capacity, from the storage pool FSaaSStorage-Pool.
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
18
Figure 9.
Creating the Saturn file system
Create a mount point
The CLI command, in Figure 10, shows how to create the mount point for
/SaturnFileSystem for the Saturn_File_System on VDM-Saturn.
Figure 10.
Mount point setup for VDM-Saturn
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
19
Check VDM status
To validate the VDM-Saturn properties that you configured, you can run the command
as shown in Figure 11.
Figure 11.
Validating the VDM-Saturn setup
Create the VDM network interface
The network interface for Saturn-if is created for device trunk1 with the following
parameters, as shown in Figure 12:
IP address: 10.110.46.74
Network mask: 255.255.255.0
IP broadcast address: 10.110.46.255
Figure 12.
VDM network interface setup
To achieve the maximum security and domain/tenant separation, each VDM must
have its own dedicated VDM network interface. The same network interfaces cannot
be shared between different VDMs.
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
20
Attach a VDM interface to the VDM
The CLI command, in Figure 13, shows how to attach the network interface Saturn-if
to VDM-Saturn.
Figure 13.
File system
configuration
Attaching the VDM interface
You can use the CLI for file system configuration by mounting the file system to a VDM
and exporting it to server hosts.
Mount the file system to a VDM
You can mount the Saturn_File_System on /SaturnFileSystem on the VNX NFS server,
as shown in Figure 14.
Figure 14.
Mounting the file system to the VDM
Export the file system to server hosts
In the example in Figure 15, we exported the Saturn_File_System, using the NFS
protocol, to a VMware ESXi 5.1 host with the IP address 10.110.46.73.
Figure 15.
Note
Exporting the Saturn file system to an ESXi host
A state change of a VDM from loaded to mounted, temp-unloaded, or permunloaded shuts down the NFS endpoints in the VDM, making the file systems
inaccessible to the clients through the VDM.
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
21
VDM configuration
summary
Table 4 summarizes the process of VDM creation and exporting the file systems to
vSphere ESXi 5.1 hosts.
Table 4.
VDM tenant configuration
Parameter
Tenant A
Tenant B
VDM name
VDM-Saturn
VDM-Mercury
Storage pool
FSaaS-Storage-Pool
FSaaS-Storage-Pool
User file system
Saturn_File_System
Mercury_File_System
Mount point on
VNX NFS server
/SaturnFileSystem
/MercuryFileSystem
VDM interface
Saturn-if with IP address:
10.110.46.74
Mercury-if with IP
address: 10.110.47.74
VDM network
VLAN-A
VLAN-B
File export host
Host A with IP address:
10.110.46.73
Host B with IP address:
10.110.47.73
By accessing different VLANs and networks, both Tenant A and Tenant B have their
own VDM interfaces and host networks. The user file systems for Tenant-A and
Tenant-B can be created from either the same storage pool or different storage pools,
depending on tenant service requirements.
Scripted
deployment
For large-scale deployments, you should consider using scripting tools to speed up
the process of VDM creation and its associated file system mount and export
procedures.
You can use Plink to access the VNX Control Station via SSH. Plink can be
downloaded
from:http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
Figure 16 shows an example of running Plink from a Windows 7 command console to
create VDM-Mars from a script.
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
22
Figure 16.
Running Plink
A sample script file to create VDM-Mars for Tenant M and export its associated user
file system is shown in Figure 17.
Tenant-M has the same profile attributes as Tenant-A and Tenant-B, as listed in Table
4.
Figure 17.
Example Plink script
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
23
Cloud platformattached file
systems
VMware ESXi 5.1 NFS data stores
On VMware ESXi hosts, you can create data stores using an NFS file exported from
VNX, as shown in Figure 18.
Figure 18.NFS data store on ESXi hosts
You must specify the NFS server which is running on the specific VDM and the shared
folder, as shown in Figure 19.
Figure 19.
Selecting the server, folder, and data store
As shown in Figure 20, NFS-Datastore-Saturn is created from NFS server
10.110.46.74, the shared folder is /SaturnFileSystem.
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
24
Figure 20.
Test procedures
NFS data store details
The tests documented in this white paper are as follows:
1.
Creating the data stores on the NFS file systems exported by the VDMs.
2.
Installing and configuring eight CentOS 6.3 virtual machines on the NFS data
stores.
3.
Running I/O workloads on all eight CentOS virtual machines with 128 threads
to simulate 128 VDMs against NFS data stores using IOzone.
4.
Failing over the active physical Data Mover with VDMs configured to the
standby Data Mover.
5.
Verifying the benchmarking tests with no disruption during physical Data
Mover failover.
6.
Monitoring the physical Data Mover CPU and memory utilization during the
I/O workload using VNX Performance Monitor.
Use IOzone to generate I/O
The CentOS 6.3 virtual machines generated I/O using open source IOzone. IOzone is
a file system workload generation tool. The workload generates and measures a
variety of file operations. IOzone is useful for performing broad file system analysis of
a vendor’s computer platform. The workload tests file I/O for the following
operations:
Read, write, re-read, re-write, read backwards, read strided, fread, fwrite, random
read, pread, mmap, aio_read, aio_write
IOzone is designed to create temporary test files, from 64 KB to 512 MB in size, for
testing in automatic mode. However, the file size and I/O operation can be specified
depending on the test. In our test, we used the following I/O parameters:
Read – Reading a file that already exists in the file system.
Write – Writing a new file to the file system.
Re-read – After reading a file, the file is read again.
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
25
Re-write – Writing to an existing file.
We installed the latest IOzone build on the virtual machines and ran the following
commands from the server console:
#wget http://www.iozone.org/src/current/iozone3_414.tar
#tar xvf iozone3_414.tar
#cd iozone3_414/src/current
#make
#make linux
Figure 21 shows a test run where all I/O read and writes were set with a file size of
1024 KB.
Figure 21.
Note
Test results
Test run for 1024 KB file size
In this test, IO-zone was used for running read and write I/Os on the CentOS
6.3 virtual machines to validate the VDM functionality. We did not undertake
a full scale performance test to evaluate how a physical Data Mover performs
with multiple file systems and 128 VDMs configured, while running intensive
I/Os.
The VDM functionality validation test results are summarized in Table 5.
Table 5.
VDM functionality validation results
Action
Validation results
Create NFS data stores
Yes
Install virtual machines on NFS data
stores
Yes
Power up/shut down virtual machines
successfully
Yes
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
26
Action
Validation results
Run I/Os from virtual machines against
NFS data stores
Yes
Physical Data Mover high availability
By running all eight CentOS 6.3 virtual machines with 128 threads of read, write, reread and re-write I/O operations, we were able to produce the approximate
equivalent overhead to that of a physical Data Mover with 128 VDMs configured with
I/O running on each VDM.
We executed the following command on a VNX control station to make active Data
Mover failover to the standby Data Mover:
# server_standby server_2 -a mover
The failover process completed in less than 30 seconds and all I/O operations were
restored without any disruption. For most applications running on NFS-based storage
and data stores, the IOzone throughputs observed for write, re-write, read, and reread were well within acceptable performance levels.
VNX Data Mover load
While running 128 threads of I/O workload, the VNX Data Mover load is monitored. As
shown in Figure 22, the Data Mover CPU utilization is approximately 55 percent while
the Free Memory is approximately 50 percent. This is well within the system design
specification range.
Figure 22.
VNX Data Mover Performance Monitor
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
27
Based on the test results, the clients should not expect any significant performance
impact since VDMs perform in the same way as the physical Data Mover and a user’s
ability to access data from a VDM is no different from accessing data residing on the
physical Data Mover, as long as the maximum number of supported VDMs are not
exceeded on a physical Data Mover.
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
28
Conclusion
Summary
EMC VNX VDMs provide a feasible way to support file system services for multiple
tenants on one or more physical EMC VNX storage systems for private and public
cloud environments.
VDMs can be configured via the VNX CLI and can be managed within the VNX
Unisphere GUI. Also, by adopting best practice for security and network planning, the
implementation of VNX VDMs can enhance the file system functionality and lay the
foundations for multi-tenant File System-as-a-Service offerings.
This solution enables service providers that are offering cloud storage services to
host up to 128 VDMs on one physical EMC VNX storage platform while maintaining
the required separation between tenants.
Cloud storage providers who want to offer a choice of multi-tenant NAS file system
services from multiple storage vendors can now offer EMC VNX file systems to
multiple tenants. This allows investments in existing VNX storage capacity to be
monetized further, helping to accelerate their return on investment and reduce their
storage TCO.
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
29
References
For specific information related to the features and functionality described in this
document refer to:
VNX Glossary
EMC VNX Command Line Interface Reference for File
Managing Volumes and File Systems on VNX Manually
Managing Volumes and File Systems with VNX Automatic Volume Management
Problem Resolution Roadmap for VNXVNX for File Man Pages
EMC Unisphere online help
EMC VNX documentation can be found on EMC Online Support.
EMC Multi-Tenant File Storage
Multi-Tenant File Storage with EMC VNX
30
