iSCSI for Better

or WorseSTEVEN AIELLO

“Love me or hate me, both are in my favor…

If you love me, I'll always be in your heart…If you hate me, I'll always be in your mind.”

~ William Shakespeare

Who Am I?

Steven Aiello

CISSP, CISA, VCP 5, CCNA (long ago)&

some other crappy ones…

MSP Online Tech

ADP Sorry if you work there = (

Focus One Data

What’s My Background?

Focus One: Primarily focused on health care data.

HIPAA was new (2002-2004)…

ADP: Large scale data center deployments

Online Tech: Lead VMware Eng.

Almost 40 ESXi hosts

Veeam (360 VMs)

VMware SDK C#

Datacenter migration avg. 3.5 min of down time

per server

Block vs. File

Sorry Internet police I stole this image = (

FC, iSCSI, & NFS Fibre Channel provided the highest throughput and the lowest processor

utilization of all the storage protocols.

Software iSCSI provided only slightly lower throughput than FibreChannel (not more than 9% or 10% less than Fibre Channel depending upon the specific tests being run). However, software iSCSI consistently showed the highest CPU utilization on the ESX hosts.

NFS showed throughput on the same levels as software iSCSI (again, not more than about 9% or 10% less than Fibre Channel depending upon the tests being run) and had higher CPU utilization than Fibre Channel. However, the CPU utilization was lower than with software iSCSI.

Source: NetApp

FC, iSCSI, & NFS

Why?

What is iSCSI

1. Block level storage

2. SCSI Commands

3. Encapsulate into an IP packet

4. Send it over Ethernet

5. Picked up by the controller

6. Reverses the encapsulation process

7. iSCSI Bi-Directional

iSCSI ~ RFC 3720

I would recommend you read this…

iSCSI consists of

Initiator (the client)

Target (the server)

IQN: A date code, in yyyy-mm format. This date MUST be a date during which

the naming authority owned the domain name used in this format, and

SHOULD be the first month in which the domain name was owned by this

naming authority

IQN Format

iSCSI Considerations

Dedicated network

Network Design (“Don’t let your network guys screw with your storage network…”)

MTU (1500 MTU or 9000 MTU?)

Switch buffer sizes

iSCSI Gossip

Intel NICs

DELL partner

Expressed discontent with Broadcom drivers

Expressed discontent with DELL switches

Cisco seemed to be the preferred brand

Why Use iSCSI?

Raw Device Mappings

Windows Server Clustering(may not be needed in the future)

SAN management Software

Easier multi-pathing

iSCSI connections from your hosts

Why Use NFS?

You don’t wont to screw with iSCSI…

Larger datastores without extents

You have the resources to install 10Gb Ethernet

More flexible storage system, expand the size of your data stores

You don’t have a need for:

RDMs

Direct SAN access for your applications

Switch Port Security… (fail)

Look for cut off iSCSI messages in the vmkernel log…

LUN Security & Access

iSCSI Access Controls

CHAP (UN & PW)

IP Address or Subnet Block (Not my fav.)

IQN (Think of MAC address filtering)

iSCSI Multi-Pathing

Most Recently Used

Round Robin (make sure your storage device

supports this)

Fixed

iSCSI Multi-Pathing = (

FML…

iSCSI Multi-Pathing = (

iSCSI Multi-Pathing = (

MS KB: 2522766

20 Years of banking data

Random and excessive NTFS errors

A week of sleepless nights…

Third Party Integration

Kudos to Equallogic on their HIT kit

MEM

Better multi-pathing

SAN based snapshots using VSS

Wrap Up – Why Use It?

Raw Device Mappings

Windows Server Clustering(may not be needed in the future)

SAN management Software

Easier multi-pathing

iSCSI connections from your hosts

Wrap Up – Why Use NFS?

You don’t wont to screw with iSCSI…

Larger data stores without extents

You have the resources to install 10Gb Ethernet

More flexible storage system, expand the size of your data stores

You don’t have a need for:

RDMs

Direct SAN access for your applications

Questions?

Steven Aiello

saiello@onlinetech.com

steven@overworkedadmin.com