11:20 AM
George Crump
George Crump

vStorage API Spreads Its Wings

The goal for VMware is to virtualize as much of the data center as possible. This goal can only be reached by increasing virtual machine (VM) density per physical server. The roadblock to high VM density per host is storage performance and data protection. Much of the focus of VMworld was addressing those issues through more vendors adopting the use of the vStorage API set.

The goal for VMware is to virtualize as much of the data center as possible. This goal can only be reached by increasing virtual machine (VM) density per physical server. The roadblock to high VM density per host is storage performance and data protection. Much of the focus of VMworld was addressing those issues through more vendors adopting the use of the vStorage API set.VMware's vStorage API set now has three basic integration points; backup integration, array integration and replication integration. We will cover the first two in this entry and deal with replication and disaster recovery later. From a backup perspective the API allows a backup application to get block level access to VMDK files, meaning that incremental, image level backups of VMs can happen in minutes. This can be done with a single application now, not an application talking to another application as was the case with VMware's VCB. The result is a greatly simplified backup scenario.

The vStorage API provides the ability to revolutionize backups in the data center. The entire model of backups can now change from one of dealing with millions upon millions of files to dealing with a few hundred server images, all being backed up at a changed block level. The various software applications will vary and compete in how they store and manage those blocks of data, but the days of dealing with millions of individual files per server may be over. Several vendors have gone so far as to add components to their software that allows converts of physical machines to VMs just for the purpose of backing them up.

There is also the updated vStorage API support that is focused on array integration. As we discussed in our recent article "A Case For Block Storage in Virtual Environments" block based storage is still the dominant storage type in VMware environments. And the vStorage API allows those arrays to enhance the environment even further. Arrays that support the vStorage API that was updated with the 4.1 version of vSphere can take the load off of the hypervisor and allow the array to do more through the array hardware. The key components of array integration are Block Zero, Full Copy and Hardware Assisted Locking.

Block Zero is the ability to pre-zero out block level write operations to the storage hardware. This is typically what happens when thick VM images are created. This will improve the speed at which VMs are created. Full Copy provides the ability for the storage hardware to handle large data moves or copies of VM images. Instead of reading the entire VMDK up to the host and then writing through the host to another volume, the array can now handle that and offload all that work from the hypervisor.

Finally Hardware Assisted Locking reduces the chances of a VM gone wild and locking out the VMFS LUN from all the other VM's dependent on that LUN by better controlling SCSI reservation contention. Larger environments have run into situations where an operation that locked a VMFS LUN did not complete and all the I/O for all the VMs using that LUN froze. Not good. What the array integration component of the vStorage API does is provide the ability to lock or reserve data areas but to do so on a much finer grain instead of the entire LUN. As a result if there is a frozen operation, a smaller portion of the environment is impacted.

As is the case with any API set, to see the data protection or array integration benefits vendors have to decide to support these capabilities within their products. This support can be at different levels so it will require more than just saying they support it. You will also need to understand how the support is being enabled and what the impact of that support is. For example shifting workloads off of the storage array is great as long as the array has the horsepower to handle that workload.

Track us on Twitter:

Subscribe to our RSS feed.

George Crump is lead analyst of Storage Switzerland, an IT analyst firm focused on the storage and virtualization segments. Find Storage Switzerland's disclosure statement here.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
Dark Reading Live EVENTS
INsecurity - For the Defenders of Enterprise Security
A Dark Reading Conference
While red team conferences focus primarily on new vulnerabilities and security researchers, INsecurity puts security execution, protection, and operations center stage. The primary speakers will be CISOs and leaders in security defense; the blue team will be the focus.
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
[Strategic Security Report] Assessing Cybersecurity Risk
[Strategic Security Report] Assessing Cybersecurity Risk
As cyber attackers become more sophisticated and enterprise defenses become more complex, many enterprises are faced with a complicated question: what is the risk of an IT security breach? This report delivers insight on how today's enterprises evaluate the risks they face. This report also offers a look at security professionals' concerns about a wide variety of threats, including cloud security, mobile security, and the Internet of Things.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.