This article is intended for administrators wishing to understand a quick consumable description of terms utilized when working with StorMagic software
Note: All images are clickable for enlarging, or can be opened in a new tab
Resolution/Information
StorMagic
Hyperconverged/HCI
Hyperconverged infrastructure (HCI) is a combination of servers and storage into a distributed infrastructure platform with intelligent software to create flexible building blocks that replace legacy infrastructure consisting of separate servers, storage networks, and storage arrays.
Software Defined
Software-defined is a hardware or service component that's improved or completely managed by software. With software-defined technology, activities traditionally done by hardware are carried out by software. The software operates independently from the hardware and can be updated by the provider.
SvSAN
Serial Number
Each system is allocated a unique serial number, which is used, together with the license key, when licensing SvSAN features.
Should a VSA be cloned, or a motherboard replaced in the host for example, the VSA will require a new license.
License key
SvSAN and SvKMS are licensable products, each requiring a license key to operate. These are detailed out below:
https://support.stormagic.com/hc/en-gb/articles/5355376684445-SvSAN-Licensing-model
https://support.stormagic.com/hc/en-gb/articles/6397884188829-SvSAN-Online-and-Offline-Licensing
https://support.stormagic.com/hc/en-gb/articles/5840322849949-SvKMS-Licensing
License Type (Perpetual vs Subscription)
StorMagic offers both perpetual and subscription licenses. With a perpetual model is typically higher capex, up-front cost, and the product/key continues to operate, having maintenance associated with it.
A subscription model is a time-based license with an overtime cost associated with it, and an opex cost model.
Version
Software typically has a version associated with it. This is a cut of software build. Being infrastructure software StorMagic customers don't typically upgrade in a model like an app on a phone.
Upgrades are non-disruptive and typically related to:
1. hardware, such as hardware refresh
2. firmware versioning of that hardware and associated drivers in the StorMagic software
3. version of the hypervisor or associated products that a release version has been tested/certified against
Dual boot
Some StorMagic software products operate in a dual boot model, such that it is possible to select a prior version, if looking to back out an upgrade. This is extremely rare and usually not necessary.
Firmware
Firmware is programming that's written to a hardware device's non-volatile memory. Non-volatile memory is a form of static random-access memory where the content is saved when a hardware device is turned off or loses its external power source.
StorMagic software (StorMagic OS) is run in either a Guest VM as a storage controller virtual machine on a hypervisor, or on hardware, as a RAM disk with a persistent scratch partition for logging.
This results in a .img firmware file that can be pushed to the StorMagic appliance/node, into the dual boot partition for non-disruptive upgrades.
Maintenance Mode
StorMagic software has a maintenance mode, such that certain services are stopped, while node is still manageable.
Discovery
SvSAN uses StorMagic Discovery Protocol ('discovery'), which enables systems (StorMagic appliances, VSAs, witnesses, and other hosts) to discover each other, and for management applications to be able to discover VSAs, on an IP network. Each system is assigned a unique discovery ID. When a system discovers a remote system, it receives a message containing basic information about that remote system, such as hostname, system type, discovery ID, interface IP addresses and system status.
Discovery runs on Windows and Linux systems, and on VSAs and witnesses. By default, it operates using the IP multicast protocol, which allows a system to send a message using User Datagram Protocol (UDP) to all systems that are listening on the appropriate address and port. StorMagic uses the multicast address 239.255.23.23 and port 4174, which is registered to StorMagic with IANA.
Systems maintain a local discovery database, which contains an entry for each system from which it has received a discovery message, plus any manually added entries (see below). Each system sends out a message every five minutes and whenever there is a change in its status or configuration. Each system listens for messages from other systems. When a system receives a message from a remote system it updates its local database. If a system has not been heard from for more than five days its entry is purged from the database (except static entries, which are never removed).
In some networking environments multicast may be blocked, such as when a gateway between the networks does not forward multicast traffic. To handle this, discovery also supports adding manual entries to discovery databases. When a system announces itself via multicast, it also sends a UDP message directly to any manual entries, requesting a reply.
Discovery also supports adding static entries to discovery databases. This can be used where a remote system may not be able to reply back to systems that announce themselves, or where its IP addresses may be local addresses behind a NAT router. This is typically used when a witness is hosted on a remote network such as when hosted in a cloud.
If a remote system cannot be found, discovery falls back to using DNS to try to discover a network address.
In large deployments there may be a very large number of discovered systems. In that case they can be grouped by giving them SAN names; only systems with matching SAN names can be discovered by each other.
Information about discovered systems is displayed on the Discovery page of the web GUI.
https://stormagic.com/doc/svsan/6-3-U1/en/Content/discovery.htm?Highlight=discovery
Automatic/Static/manual discovery entries
Discovery entries can be automatically picked up, using multicast, within an IP subnet.
If multicast is blocked in switches, or if devices such as a witness, exist in a different IP subnet, it is possible to add static entries pointing to a device, even behind NAT.
SAN Name
https://stormagic.com/doc/svsan/6-3-U1/en/Content/san-name-for-cluster.htm?Highlight=san%20name
https://support.stormagic.com/hc/en-gb/articles/6979437362461-SvSAN-and-SAN-Names
iSCSI
iSCSI is a protocol for transporting SCSI commands and data over TCP/IP Ethernet connections. The iSCSI protocol is an open standard, which was developed under the auspices of the Internet Engineering Task Force (IETF), the body responsible for most internet and networking standards. The standard was ratified in 2003 and is documented in a number of standards documents, the prime one being RFC3720. In fact, iSCSI embraces a family of protocols; it uses Ethernet and TCP/IP as its underlying transport mechanism, it makes use of standard authentication protocols such as CHAP and uses other protocols such as iSNS for discovery.
Target
SvSAN provides storage in the form of virtual disks which present to hosts as SCSI target devices made available over the iSCSI protocol. In fact, from the point of view of the SCSI protocol, the virtual disk is actually a logical unit of the SCSI target, with a logical unit number (LUN) of 0. This is similar to the model used by disk drives.
The SCSI logical unit associated with the target has properties, including:
- logical unit number, which is always zero
- globally unique 64-bit SCSI identifier, called an EUI-64, displayed as a hexadecimal string
- capacity or size
When connecting to a target over iSCSI, the initiator uses its IQN and performs an iSCSI login. However, other software on the initiator system, for example multipathing software, may operate at the SCSI level and so use the EUI-64.
It is convenient to simply refer to iSCSI targets and their LUN as targets, and this convention is used throughout the user interface.
Plex
One of the two sides of a mirrored target.
Isolation policy
If mirror plexes go offline or if the network connection between them fails, a mirror isolation policy is applied in order to prevent data corruption. A mirror isolation policy enables the software to know the states of the plexes to determine which plexes (if any) can come back online, and which plex has the most up-to-date data. If one plex has become unsynchronized, it must not return out-of-date data back to the initiator. For this to work, each plex needs to know at all times its state and the state of the other plex. Unfortunately, this is not always possible due to physical factors in the form of network isolations, or environmental power failures. It may not be possible to know whether two plexes have become disconnected or if just one plex has gone down. If a mirror is online and one plex (B) goes down while the other plex (A) continues, B becomes unsynchronized, although the last thing it knew was that is was synchronized. If A is then shut down and B is restarted, B must not come online. But B has no way of knowing the correct mirror state, since it was offline while A continued. To handle this, SvSAN supports two types of mirror isolation policy: Majority and Up.
- Majority - The Majority isolation policy relies on a third party quorum system. A software service – the Witness Service – runs on a different physical system to the two plexes, and maintains mirror state. This third party system is called a witness. The service can run as a witness appliance VM, on a standard Windows server, on another VSA, or a Linux host. It can be installed as part of the StorMagic vCenter Integration Services package.
- Up - The Up isolation policy (sometimes called the 'stay up' policy) can be used if there are just two physical servers, and no possibility of a point of contact to host the witness service. The Up policy is designed to handle common failures, but there may be some situations it cannot handle correctly, in which case a mirror may be taken offline and require user intervention.
Caching
Cache is a high-speed data storage layer which stores a subset of data, typically transient in nature, so that future requests for that data are served up faster than is possible by accessing the data’s primary storage location. Caching allows you to efficiently reuse previously retrieved or computed data.
Resync priority
Local path/mtulipath
A local path is simply a way to locate a file on your system, whereas multipath is designed to enhance fault tolerance and load balancing by distributing traffic across various paths, typically to improve reliability and performance by allowing data transfer to occur through different routes if one fails; essentially, it's a redundancy strategy using multiple connections to a single destination.
Portal groups
Event
The Events log lists the significant events which have occurred on the system. By default, the most recent events are displayed at the top.
There are three types of events:
- Error – A fault has occurred that must be rectified. For example, a disk or hardware component failed. This is the most severe type of event.
- Warning – An unexpected event has occurred that should be checked. For example, an initiator tried to log into a target but it failed to supply the correct authentication credentials. Warning events are less severe than Error events.
- Informational – An operation has been carried out under normal running circumstances. For example, the appliance was started, shut down, or a target was created or deleted.
Status
Interface
The place at which independent and often unrelated systems meet and act on or communicate with each other. A connection between two pieces of electronic equipment, or between a person and a computer.
Initiators
An initiator is a device or program that starts a task or sends data to a storage array. Initiators can be used for iSCSI, Fibre Channel, or SCSI sessions. An initiator performs several functions to ensure that multiple jobs run at the same time, without conflicts. To run multiple jobs asynchronously, the system must perform a number of functions: Select jobs from the input queues.
Types of initiators
- iSCSI initiator: A piece of software or hardware that sends data to and from an iSCSI-based storage array
- SCSI initiator: A device that sends a SCSI command to start a SCSI session
- Fibre Channel initiator: A device that originates Fibre Channel sessions
IQN
In an iSCSI network, each iSCSI element that uses the network has a unique iSCSI name and is assigned an address for access. Each iSCSI element, whether an initiator or target, is identified by a unique iSCSI Qualified Name (IQN). The IQN is a logical name that is not linked to an IP address.
Logical Device
Logical devices enable you to plan your network fabric before selecting underlying hardware. By abstracting specific vendors and models you can design based on a common set of form factors like ports, speeds and roles. Some applications of logical devices include:
- Specifying speed and roles for specific ports (For example, the 48th port is always a leaf, or the speed of the 10th port is always 1 Gbps).
- Preparing for port speed transformations (For example, transforming one - 40 GbE port into four - 10 GbE ports).
- Using non-standard port speeds (For example, for a 1 GbE SFP in a 10 GbE port, the underlying hardware is automatically configured correctly.)
- Solving for automatic cable map generation that takes into account failure domains on modular systems (for example, a line card).
Pool
Storage based around a collection of devices. The devices are grouped together to form a single, logical storage pool. A pool can only be created from devices that are connected to the same physical storage hardware.
Disk
A disk in a computer is a flat, round plate that stores data. Disks are made of rigid materials like plastic or metal and have a thin coating on the surface. A hard disk drive (HDD) is an internal or external computer component that stores data, such as the operating system, applications, and user files. HDDs are “non-volatile” storage devices, meaning they retain stored data even when power isn't being supplied.
Software RAID/JBOD
Software RAID is a RAID configuration managed by the operating system instead of a dedicated hardware controller. JBOD stands for "Just a Bunch Of Disks" and is a method of storing data on individual hard drives. RAID is a method of storing data across multiple hard drives. JBOD is simpler and less expensive, while RAID offers better performance and data protection.
JBOD
- Simplicity: JBOD is easy to manage and expand.
- Cost: JBOD is less expensive than RAID.
- Data redundancy: JBOD doesn't offer data redundancy, so if a drive fails, all data on that drive is lost.
- Use cases: JBOD is good for non-critical data storage, like large data archiving.
RAID
- Performance: RAID offers better performance than JBOD.
- Data protection: RAID offers data protection against disk failure.
- Configuration: RAID requires uniform drive capacities and proactive maintenance.
When choosing between JBOD and RAID, you can consider your storage needs, budget, and data redundancy requirements.
Pool license capacity
This is the maximum total combined amount of storage capacity that you can allocate (license) across all the pools on the VSA (except SSD cache pools, which are exempt from licensing). This figure (or can be unlimited) is set by the VSA license. This capacity may be distributed across multiple pools.
Storage journal
A journaling file system is a type of file system that keeps track of the changes made to the data on a disk by recording them in a separate log or journal. If there is a system failure or crash, a journal file system means you can restore the data as it was pre-failure. It also recovers unsaved data and stores it in the original intended destination before the crash.
Rescan
Rescanning storage means to scan a storage system or pool again to update its information. This can be done to ensure that the storage system is up to date and ready for backup, replication, and restore processes.
When to rescan storage
- When you create or delete snapshots manually
- When you make changes to the physical disks or disk groups associated with the storage pool
- When you want to discover new paths or re-acquire lost paths
- When you want to search for new tape libraries or stand-alone tape drives
What rescanning storage does
- Updates the storage system hierarchy in the backup console
- Ensures the management software has the most up-to-date information about the storage pool
- Keeps the management software in sync with the physical storage infrastructure
- Causes virtual disk paths to appear or disappear
- Discovers new paths or re-acquires lost paths.
State
State is the current configuration or condition of a system, program, or device at a given time. The system's state includes all the relevant data and variables defining its condition, such as the input parameters, the hardware components, and memory and storage.
Online
When a device is "online," it is powered on and connected to a network, other devices, or the internet. The term applies to various electronics, including computers, smartphones, smart TVs, gaming consoles, and IoT devices.
Today, "online" most commonly describes a device that is connected to the internet. For two systems to communicate over the internet, both must be online. If you cannot access websites or check your email from your laptop, it may be offline. If you cannot access a specific website but others load correctly, the server that hosts the website may be offline.
Synchronized
In computer science, synchronization is the process of coordinating multiple processes to work together at a specific point. It can also refer to making sure that multiple copies of a file or set of data are consistent and up to date.
Why is synchronization important?
- Data integrity: Synchronization ensures that multiple copies of data are consistent and up to date.
- Collaboration: Synchronization allows users to access the most recent version of a file from any device, regardless of location.
- Backups: Synchronization can be used to create backup copies of files.
Unsynchronized
In computing, unsynchronized means not happening at the same time or in the same way. For example, unsynchronized data is data that has not been saved or copied to another location.
Explanation
Synchronization
- In computing, synchronization means having the same data in multiple locations. For example, you can sync two computers by copying data from one to the other or setting them to the same time.
Unsynchronized data
- Unsynced data is data that has not been saved or copied to another location. For example, an app may save data in the unsynced data section if the signal is weak or cell coverage is unreliable.
Reducing synchronization
- Computer scientists have been working for decades to reduce synchronization because it takes more time than computation.
Synonyms of unsynchronized Mistimed, Inopportune, Badly timed, Inconvenient, and Asynchronous.
Degraded
"Storage degraded" in technology means that a storage system, like a hard drive array, is currently functioning but with reduced performance due to a failure of one or more components within it, usually a failed disk, while still allowing access to data, but with potential performance issues and a need to replace the faulty component to fully restore functionality; often seen in RAID configurations where a degraded state occurs when a disk fails but the system can still operate using the remaining disks.
Key points about "storage degraded":
Data is still accessible:
- Even though the storage is degraded, the data stored on it can still be accessed, although it may take longer to retrieve due to performance issues.
Reduced performance:
- The primary impact of a degraded storage system is a noticeable decrease in read and write speeds.
Requires action:
- When a storage system is in a degraded state, it is crucial to identify the faulty component and replace it to restore full functionality and performance.
Storage Failed
Storage failure means that a storage device is no longer able to function properly. This can be due to physical damage, logical errors, or a server-side issue
Signs of storage failure
- Performance changes: A sudden change in performance, such as a computer running more slowly, can be a sign of storage failure.
- Read/write errors: A high number of read/write errors can indicate a logical failure.
- Computer crashes: If the drive is the primary boot drive, the computer may crash regularly.
- Drive unresponsiveness: A drive may be unresponsive due to a temporary error.
SvKMS/Encryption
Encryption
-
Inflight - Encryption in flight protects your data as it moves through the network. encryption in flight is the encryption of data moving over a network. This is especially important for those using the open internet for transporting data, which is part of most public cloud implementations. There are two steps to encryption in flight, encryption of the data to be moved over the network and decryption on the authorized receiver side. Each side uses a unique encryption key and is leveraged to authorize who can see the data.
-
at rest - Encryption at rest refers to the practice of protecting data that is stored on a device, such as a hard drive or a smartphone, by encoding it using encryption algorithms. The encrypted data can only be decrypted with the appropriate key, and this helps ensure that sensitive information remains confidential even if the device is lost or stolen.
Certificate
An encryption certificate is a digital file that contains a public key used to encrypt data. This data can include files, documents, emails, and data transmissions.
Encryption certificates are used to:
Establish session keys
- Encryption certificates are used to create keys that are used to encrypt and decrypt data
Confirm secure communication
- Encryption certificates can confirm that only the intended recipient can decrypt an encrypted email
Validate a website
- Encryption certificates, such as SSL/TLS certificates, can validate a website and establish a secure connection
Types of encryption certificates
- SSL/TLS certificates: A common type of encryption certificate that validates a website and establishes a secure connection
- S/MIME certificates: An encryption certificate used to sign and encrypt emails
- Wildcard SSL certificates: A type of SSL certificate that can secure a base domain and all of its sub-domain
p6r
P6R encryption refers to the encryption solutions offered by Project 6 Research (P6R), a software company that specializes in security products. P6R's encryption solutions include the ChaCha20Poly1305 cipher suite and the KMIP Server Gateway (KSG).
ChaCha20Poly1305
- A cipher suite that offers encryption and message authentication
- Recommended by the Internet Engineering Task Force (IETF) for Transport Layer Security (TLS)
- Efficient on a variety of hardware, including mobile devices and embedded systems
- Can encrypt or authenticate multiple messages simultaneously
- Resistant to nonce misuse
KMIP Server Gateway (KSG)
- A product that can be used to manage crypto key storage
- Can be bundled with the Marvell LiquidSecurity Network Hardware Security Module (HSM)
- Can be used to integrate multiple applications that require the OASIS KMIP protocol
P6R is a privately held company that provides multi-platform solutions to businesses. They offer security products and professional services to help businesses with key management and encryption integration
Cryptsoft
Cryptsoft encryption is a technology that securely stores and distributes encryption keys to protect data. Cryptsoft's products are used to enhance or build products that require data security.
How encryption works
- Encryption is a data security method that scrambles information using mathematical models.
- The scrambled information is called ciphertext.
- Only authorized people with the key can unscramble the ciphertext to access the original data.
What Cryptsoft does
- Cryptsoft's technology helps customers simplify their data management infrastructure.
- Cryptsoft's products help customers securely store and distribute encryption keys.
- Cryptsoft's products help customers lower risk and reduce development costs.
Encryption keys
Encryption keys are strings of numbers or characters that scramble and unscramble data. They are used to encrypt plaintext into ciphertext, and then decrypt the ciphertext back into plaintext.
How do encryption keys work?
- Generation
Encryption keys are created using algorithms that generate unique, unpredictable strings of bits. - Encryption
The key is used with an encryption algorithm to scramble the plaintext into ciphertext. - Decryption
The correct key is used with a decryption algorithm to unscramble the ciphertext back into plaintext.
Virtualization
Virtualization
Virtualization is technology can be used to create virtual representations of servers, storage, networks, and other physical machines. Virtual software mimics the functions of physical hardware to run multiple virtual machines simultaneously on a single physical machine.
Hypervisor
Is software that you can use to run multiple virtual machines on a single physical machine. Every virtual machine has its own operating system and applications. The hypervisor allocates the underlying physical computing resources such as CPU and memory to individual virtual machines as required.
Share storage types - Block vs File vs Object
-
Block - is when the data is split into fixed blocks of data and then stored separately with unique identifiers. The blocks can be stored in different environments, such as one block in Windows and the rest in Linux. When a user retrieves a block, the storage system reassembles the blocks into a single unit. Block storage is the default storage for both hard disk drive and frequently updated data. You can store blocks on Storage Area Networks (SANs) or in cloud storage environments.
-
File Storage - is when all the data is saved together in a single file with a file extension type that’s determined by the application used to create the file or file type, such as .jpg, .docx or .txt. For example, when you save a document on a corporate network or your computer’s hard drive, you are using file storage. Files may also be stored on a network-attached storage (NAS) device. These devices are specific to file storage, making it a faster option than general network servers. Other examples of file storage devices include cloud-based file storage systems, network drives, computer hard drives and flash drives.
-
Object Storage - is a system that divides data into separate, self-contained units that are re-stored in a flat environment, with all objects at the same level. There are no folders or sub-directories like those used with file storage. Additionally, object storage does not store all data together in a single file. Objects also contain metadata, which is information about the file that helps with processing and usability. Users can set the value for fixed-key metadata with object storage, or they can create both the key and value for custom metadata associated with an object.
CPU
The Central Processing Unit (CPU) is the primary component of a computer that acts as its “control center.” The CPU, also referred to as the “central” or “main” processor, is a complex set of electronic circuitry that runs the machine's operating system and apps.
Memory
Computer memory stores information, such as data and programs, for immediate use in the computer. The term memory is often synonymous with the terms RAM, main memory, or primary storage. Archaic synonyms for main memory include core (for magnetic core memory) and store.
Main memory operates at a high speed compared to mass storage which is slower but less expensive per bit and higher in capacity. Besides storing opened programs and data being actively processed, computer memory serves as a mass storage cache and write buffer to improve both reading and writing performance. Operating systems borrow RAM capacity for caching so long as it is not needed by running software. If needed, contents of the computer memory can be transferred to storage; a common way of doing this is through a memory management technique called virtual memory.
NTP/Time
The Network Time Protocol (NTP) is a networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks. In operation since before 1985, NTP is one of the oldest Internet protocols in current use.
- A protocol that synchronizes the clocks of computers on a network
- Uses a client-server model to exchange time signals between computers
- Uses a hierarchical system of time sources, called "stratum" levels
- Ensures that computers are synchronized to a precise time source, usually within milliseconds
- Developed by David Mills in 1981
- Used in systems that require precise timekeeping, like logging events and securing communications
DNS
DNS stands for Domain Name System, which is a service that translates domain names into IP addresses. DNS enables users to access websites by typing in domain names, such as www.stormagic.com, instead of having to remember the IP address for each website
Default Gateway
A gateway is a network node that serves as an access point to another network, often involving not only a change of addressing, but also a different networking technology. More narrowly defined, a router merely forwards packets between networks with different network prefixes. The networking software stack of each computer contains a routing table that specifies which interface is used for transmission and which router on the network is responsible for forwarding to a specific set of addresses. If none of these forwarding rules is appropriate for a given destination address, the default gateway is chosen as the router of last resort. The default gateway can be specified by the route command to configure the node's routing table and default route.
Static Routes
A static route is a manually configured path that routers use to send traffic to specific networks. Static routes are used when there is no dynamic route to a destination, or when a network administrator wants to override a dynamic route.
TCP/IP v4
TCP/IP IPv4 is a combination of the Transmission Control Protocol (TCP) and the Internet Protocol Version 4 (IPv4). TCP/IP IPv4 addresses are 32-bit numbers written in dotted decimal notation.
- IPv4
A connectionless protocol that defines how to identify and find network hosts. IPv4 addresses are made up of four octets, each containing eight bits. - TCP
An upper layer transport protocol that addresses aspects like data integrity, sequencing, and duplicate delivery.
TCP/IP v6
Internet Protocol version 6 (IPv6) is a set of specifications that provides IP addresses and security for devices to connect to the internet. IPv6 is the latest version of the Internet Protocol (IP) and is designed to support the growing number of internet-connected devices.
- IPv6 addresses are 128 bits long, which is much longer than the 32-bit addresses used in IPv4.
-
IPv6 addresses are represented as eight groups of four hexadecimal digits separated by colons.
-
Devices use IPv6 addresses as source and destination IP addresses to pass packets over a network.
- IPv6 uses multi-packet routing to break data into smaller blocks to send across the internet.
- TCP or UDP at the Transport Layer in the OSI model reassembles packets in the correct order on the receiving device
MTU and frame sizes
MTU stands for "Maximum Transmission Unit" and refers to the largest amount of data (in bytes) that can be transmitted in a single packet on a network, while a frame size is the total size of a data packet including the header information, with the MTU representing the maximum data payload within that frame; for standard Ethernet, the MTU is typically 1500 bytes, meaning the maximum data within a frame can be 1500 bytes before fragmentation occurs.
Key points about MTU and frame sizes:
- Standard MTU:
The default MTU for most Ethernet networks is 1500 bytes. - Jumbo Frames:
Larger frame sizes, often referred to as "jumbo frames", can be configured on some networks, allowing for larger data payloads per frame (e.g., up to 9000 bytes). - Frame size vs. MTU:
While the frame size includes the header information, the MTU only refers to the maximum data payload within that frame. - Importance of MTU:
When sending data larger than the MTU, the data is fragmented into smaller packets to fit within the network's MTU, which can impact network performance due to the additional processing required for fragmentation and reassembly.
CHAP
CHAP (Challenge-Handshake Authentication Protocol) is a challenge and response authentication method that Point-to-Point Protocol (PPP) servers use to verify the identity of a remote user. CHAP authentication begins after the remote user initiates a PPP link.
CHAP enables remote users to identify themselves to an authenticating system, without exposing their password. With CHAP, authenticating systems use a shared secret -- the password -- to create a cryptographic hash using the MD5 message digest algorithm.
CHAP uses a three-way handshake to verify and authenticate the identity of the user, whereas the Password Authentication Protocol (PAP) uses a two-way handshake for authentication between the remote user and PPP server.
Designed to be used with PPP for authenticating remote users, CHAP is applied periodically during a remote session to reauthenticate the user. PAP and CHAP are primarily intended for remote connections over dial-up lines or switched circuits, as well as for dedicated links.
Unmap
Unmap is a computing term that means to remove a mapping, such as for a device or network drive. It can also refer to a SCSI command, a method for unmapping a GPU buffer.
Containers
Containerization is a software deployment process that bundles an application’s code with all the files and libraries it needs to run on any infrastructure. Traditionally, to run any application on your computer, you had to install the version that matched your machine’s operating system. For example, you needed to install the Windows version of a software package on a Windows machine. However, with containerization, you can create a single software package, or container that runs on all types of devices and operating systems.
What is a Container vs a VM
Containers and virtual machines are very similar resource virtualization technologies. Virtualization is the process in which a system singular resource like RAM, CPU, Disk, or Networking can be ‘virtualized’ and represented as multiple resources. The key differentiator between containers and virtual machines is that virtual machines virtualize an entire machine down to the hardware layers and containers only virtualize software layers above the operating system level.
What is a CSI
The Container Storage Interface (CSI) is an open standard for Kubernetes that enables dynamic storage allocation for a cluster using a third-party storage device, in this case SvSAN defined SAN, without the need to modify the core Kubernetes code.
StorMagic has built upon this standard and created a driver that can make use of the Kubernetes storage framework and allow SvSAN VSAs to provision persistent storage in a cluster. In this way, any data held in a persistent storage volume is retained in the event a container is shut down or restarted on another worker node.
Container cluster options
Container cluster options include container runtimes, node types, scaling, and networking.
Container runtimes
- Default container runtime: A cluster can be configured to use a default container runtime for a pod.
- RuntimeClass: A pod's RuntimeClass can be specified to ensure that Kubernetes uses a specific container runtime.
Node types
- Master node: A node that runs a container pod and manages the cluster
- Worker nodes: Nodes that perform work in the cluster
- Storage nodes: Nodes that store data in the cluster
Scaling
- Auto-scaling policies: Policies that automatically adjust the number of nodes in the cluster
- Node count: The number of nodes in the cluster
Networking
- IP ranges: The range of IP addresses used in the cluster
- Subnets: The subnets used in the cluster
- Firewalls: The firewalls used in the cluster
Other options
- API server: Authenticates and authorizes developers, and allows interaction between developers and the cluster
- Kubelet: Manages the pods and containers running on a machine
- Kubeproxy: Redirects network traffic to the appropriate pods inside the node
Container Repos
A container repository is a collection of related container images that provide different versions of an application. A container typically consists of a container image, which is a file that has everything a piece of software may need to run, such as multiple layers of code, resources and tools.
Container orchestration
Container orchestration is the process of automating the management of containerized applications and software. It involves analyzing, organizing, and integrating applications and services at the operating system level.
What does container orchestration do?
- Provisioning and deployment: Automates the process of creating and deploying containers
- Scaling: Automates the process of increasing or decreasing the number of containers
- Load balancing: Automates the process of distributing the load among containers
- Resource allocation: Automates the process of assigning resources to containers
- Monitoring: Automates the process of monitoring containers and replacing failed ones
Performance
SSD/HDD
Because it uses integrated circuit technology, flash storage is a solid-state technology, meaning it has no moving parts. When flash technology is used for enterprise storage, the term flash drive or flash array is often used interchangeably with solid-state drive (SSD).
SSD technology contrasts with hard disk drive (HDD) technology—the other major type of computer storage, which has been in place since the 1950s. In contrast to SSDs, HDD storage relies on spinning disks, motors, and read/write heads, using magnetism to store data on a rotating platter.
Bandwidth
Network bandwidth is the amount of data that can be transferred over a network in a given amount of time. It's a key measurement of network quality and speed.
How is network bandwidth measured?
Network bandwidth is usually measured in bits per second (bps) or megabits per second (Mbps)
How does network bandwidth affect network performance?
High bandwidth
- More data can pass through the connection at once, which can make the network feel faster. This can help prevent slowdowns and congestion, especially during peak times.
Low bandwidth
- Data transfer becomes slower, which can lead to delays, buffering, and poor performance.
Throughput
Throughput is the amount of data that a computer system can process in a given amount of time. It's also known as data transfer rate. Throughput measures the volume of data that passes through a network in a given period. Throughput impacts how much data you can transmit in a period of time.
What it measures
- Network performance: How well a network is performing
- System efficiency: How efficient a system is at processing data
- System capacity: How much data a system can process at once
How it's measured bits per second (bit/s or bps), data packets per second (p/s or pps), and accesses per hour.
What it's used for Assessing network performance, Troubleshooting network issues, and Improving network performance.
Factors that affect throughput
- Latency: How long it takes for a data packet to travel from its source to its destination
- Packet loss: How many data packets are lost during transmission
- Jitter: How much the data transmission rate fluctuates
- Software design: How well the software is designed and optimized
IOps
IOPS stands for input/output operations per second. It's a metric used to measure how quickly a storage device can read and write data. IOPS is an important factor in how responsive a computer is when opening files, running programs, or accessing applications.
What does IOPS measure?
- Read and write operations: The number of read and write operations a storage device can perform in one second
- Storage device efficiency: How well a storage device can retrieve or store data
- Storage device responsiveness: How quickly a storage device can access data
What factors affect IOPS?
Storage technology:
- The type of storage device, such as a hard disk drive (HDD) or solid-state drive (SSD)
- Disk speed: How fast the disk can read and write data
- Block size: The size of the data blocks being read or written
- Workload characteristics: Whether the workload is read-heavy or write-heavy
- Queue depth: The number of requests waiting to be processed
- Access patterns: Whether the data access is sequential or random
Block size
Block size is the amount of data that can be stored in a block, or the maximum size of a read or write request. It can refer to the size of a block in data storage, a block cipher, or a city block.
Data storage
- The amount of data that can be stored in a block of a file system
- A key factor in storage performance and benchmarking
- The size of a physical record or data storage block, which is a sequence of bits or bytes
Block ciphers
- The number of bits in an input or output block of a block cipher
- The fixed length of the input or output bit strings for a given block cipher and key
Megabye/Mibibyte
A megabyte is a unit of data capacity that is equal to 1,000,000 bytes in decimal notation (base 10) or 1,048,576 bytes in binary notation (base 2). The base-10 amount is also represented as 106 or 10002 bytes, and the base-2 amount is represented as 220 or 10242 bytes.
Explanation
- The word "megabyte" is a combination of the words "mega-" and "byte".
- A megabyte is larger than a kilobyte (KB) but smaller than a gigabyte (GB).
- One megabyte is equal to 1,000 kilobytes (decimal) or 1,024 kilobytes (binary).
- One gigabyte is equal to 1,000 megabytes.
Megabit/Mibibit
A megabit (\(Mbit\)) is a unit of digital information that measures the speed of data transfer or the size of digital storage. A mebibyte (\(MiB\)) is a unit of digital information that measures the amount of data stored.
Megabit A megabit is equal to one million bits (\(10^{6}\)). It's used to measure the speed of data transfer, such as the speed of an internet connection. For example, an internet connection with a bandwidth of 8 megabits per second (\(Mbps\)) can transfer up to 1 megabyte (\(MB\)) of data per second.
Random vs Sequential
"Random" means happening or chosen without any particular order or pattern, while "sequential" means following a specific order or sequence, with each element coming after the previous one; essentially, random is haphazard, while sequential is orderly.
Key points to remember:
- Random: Accessing data in any order, without a set pattern.
- Sequential: Accessing data in a linear order, one piece after the other.
Example:
- Random: Picking names from a hat to choose a raffle winner.
- Sequential: Reading the pages of a book from beginning to end.
In computing:
- Random access memory (RAM): Allows data to be accessed quickly in any order.
- Sequential access storage (like a tape): Data must be accessed in the order it is stored, one piece after another.
CPU cycles
A CPU cycle is the basic unit of time for a computer's central processing unit (CPU). It's the time it takes for the CPU to complete a single operation, such as fetching, decoding, executing, or storing data.
How are CPU cycles measured?
- Clock speed: The number of cycles a CPU executes per second, measured in gigahertz (GHz). For example, a CPU with a clock speed of 3.2 GHz executes 3.2 billion cycles per second.
- Clock cycle time: The time between two pulses of an oscillator.
How do CPU cycles affect a computer's performance?
- A faster clock speed means the CPU can process information more quickly.
- The number of instructions a CPU can execute per clock cycle depends on the type of processor.
- Newer CPUs with more efficient architectures may outperform older CPUs with higher clock speeds.
Megahertz/Gigaheartz
Megahertz (MHz) and gigahertz (GHz) are units of frequency that measure how many cycles happen per second. They are often used to describe the speed of a computer's central processing unit (CPU). The base unit of frequency is the hertz, which is equal to one cycle per second. Other common units are kHz, MHz, and GHz, which are multiples of Hz following standard SI prefix conventions. A kilohertz is a thousand hertz, a megahertz is a million hertz, and a gigahertz is a billion hertz.
Explanation
- Hertz: The base unit of frequency, equal to one cycle per second
- Kilohertz (kHz): A thousand hertz
- Megahertz (MHz): One million hertz
- Gigahertz (GHz): One billion hertz
Usage
Computer speed
- A computer with a higher GHz has a faster processor that can complete more cycles per second. This allows the computer to perform more tasks simultaneously and handle complex operations.
Bandwidth
- Hertz is used to measure the bandwidth of digital data, video signals, and spread spectrum signals.
Sockets vs Cores
A "socket" refers to the physical connection point on a motherboard where a CPU (central processing unit) is inserted, while a "core" is an individual processing unit within that CPU, meaning a single CPU can contain multiple cores, each capable of performing calculations independently; essentially, a socket is the slot, and a core is the working unit within the CPU that does the processing.
Key points to remember:
Socket:
- A single physical connection point on the motherboard where a CPU is placed.
Core:
- An individual processing unit within a CPU, allowing for parallel processing.
Example: A computer might have a single socket that holds a CPU with 8 cores, meaning that one CPU can perform calculations across 8 separate processing units simultaneously.
Eventing
In computing, an event is a detectable occurrence or change in the system's state, such as user input, hardware interrupts, system notifications, or changes in data or conditions, that the system is designed to monitor. Events trigger responses or actions and are fundamental to event-driven systems. These events can be handled synchronously, where the execution thread is blocked until the event handler completes its processing, or asynchronously, where the event is processed independently, often through an event loop. Even when synchronous handling appears to block execution, the underlying mechanism in many systems is still asynchronous, managed by the event loop.
SNMP
SNMP stands for Simple Network Management Protocol. It's a network protocol that allows network administrators to monitor and manage devices on a network.
- SNMP uses a set of messages and commands to query and update the status of devices.
- SNMP agents are software components installed on devices that are being monitored.
- SNMP managers gather data from SNMP agents.
- Network administrators use this data to monitor device health, network traffic, and more.
SMTP
SMTP stands for Simple Mail Transfer Protocol, which is a set of rules that allows computers to send and receive emails over the internet. It's a technical standard that allows email clients and mail servers to communicate with each other.
How does SMTP work?
- SMTP tells a server where to send an email, what's in the email, and what attachments are included
- SMTP is similar to putting an address and subject on an envelope to help deliver a letter
- SMTP uses TCP/IP to send and receive emails over a network
What email clients use SMTP? Gmail, Microsoft Outlook, Apple Mail, and Yahoo Mail.
Syslog
"Syslog" in computing stands for "System Logging Protocol," which is a standard protocol used to send system log messages from various devices and applications to a central server, allowing administrators to monitor and manage logs from different parts of a system in a standardized format; essentially, it's a way to collect and centralize log data from across a network for analysis and troubleshooting purposes.
Key points about Syslog:
Function:
- It enables devices to send log messages containing information about events, errors, and system status to a designated "Syslog server" for storage and analysis.
Standard format:
- Syslog messages follow a standardized format, making it easier to parse and interpret logs from different sources.
Benefits:
- Centralized logging with Syslog simplifies network monitoring, troubleshooting, and security auditing by providing a single point to access log data
StorMagic-Specific Terms:
- SvSAN: StorMagic Virtual SAN. Our product!
- VSA: Virtual Storage Appliance, referring to the virtual machine running SvSAN, another industry term is CVM or storage Controller Virtual Machine
- Target: A provisioned ISCSI volume of storage, taken from a storage pool, it can be a simple target, or a mirrored target. Presented to the network over ISCSI and controlled via an access controlled list of initiators
- Simple Target: A provisioned ISCSI volume comprising of only one plex, otherwise operates the same as other targets, but with no underlying resilience
- Mirrored Target: A provisioned ISCSI volume with two constituent parts, one on each of two VSAs. This is often protected by a Witness. The two plexes that make up the target provide resilience at a hardware level by being presented on two separate physical servers or hosts.
- Witness: The "third node" in a mirrored target. Two plexes on their own form the resilient storage of a mirrored target, and the witness becomes a tie breaker in the event of interruption and potential split brain when the two plexes are not synchronously mirrored.
- Plex: One constituent part of a mirrored target.
- Synchronous Mirroring: The process of keeping both plexes available to receive IO via any available path at any time. SvSAN transfers all IO received to both sides of the mirror in real time, and both underlying storage pools are required to return as completed before the IO is deemed complete. This process stops failure scenarios influencing either plex in the mirror from bringing the storage down overall. By contrast, asynchronous mirroring implies one side is "live" and the other side remains available asynchronously to be used in the event that data becomes unavailable from the primary location. Most hyperconverged systems will employ some form of synchronous mirroring, whereas most backup technologies tend to be asynchronous in nature, and deemed disaster recovery.
- Split Brain: common term in multi-node storage applications such as SvSAN. When two synchronously mirrored plexes are working together, they do so in real time. That is, both sides write identical IO down to disk at the same time. When one side make changes that the other side does not, this is called split brain. It is an undesired occurance that is avoided in SvSAN by using a common witness to define only one plex capable of receiving IO when the other becomes unavailable.
See Also
Comments
0 comments
Article is closed for comments.