News
3/26/2010
04:57 PM
George Crump
George Crump
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Which Storage Protocol Is Best For VMware?

In a recent entry in his blog, StorageTexan asks "why someone would choose to go NFS instead of doing block based connectivity for things like VSPhere?" http://storagetexan.com/2010/03/25/the-debate-why-nfs-vs-block-access-for-osapplications/ and while I gave a brief opinion as a comment on his site, I thought I would take a little deeper dive here. Which storage protocol is best for VMware?

In a recent entry in his blog, StorageTexan asks "why someone would choose to go NFS instead of doing block based connectivity for things like VSPhere?" http://storagetexan.com/2010/03/25/the-debate-why-nfs-vs-block-access-for-osapplications/ and while I gave a brief opinion as a comment on his site, I thought I would take a little deeper dive here. Which storage protocol is best for VMware?I have to give the storage community credit, for the most part there is not a knee-jerking response to that question anymore. In part this is due to the fact that most vendors can offer at least two different storage protocols today and in part I think its do to the fact that large majorities of people working at vendors really do have the best interest of the customer in mind when it comes to protocol selection. The first fact makes the second fact easier.

While there are some interesting alternatives on the horizon, the choice, for now, comes down to basically three protocols: iSCSI, Fibre or NFS/NAS. The reality is that in many cases the initial protocol selection comes down to what you, the customer, are most comfortable with. While fibre is the performance leader, the IP based protocols can typically be tweaked in such a way as to provide most of the benefits of the others. Although as you begin to extend the IP based protocols you run into much of the same complexity that you do with fibre because you are essentially designing a storage network that just so happens to be on an IP infrastructure.

If you are not forced to have to use specialized iSCSI HBAs or higher end Ethernet cards there should be a cost advantage for IP vs. fiber. However in server virtualization we should be greatly reducing the amount of physical servers that have to be used in the first place so that cost advantage is not as great as it may have been in non-virtualized environments. If you are virtualizing 100 servers across 10 servers that may be as few as 20 HBAs to purchase. Additionally as I wrote about in my last entry FCoE can consolidate the IP and Fibre HBAs even further.

NFS does bring some uniqueness to the equation. First virtual machines are essentially a bunch of files. NAS/NFS does thin provisioning of VMs natively and setting shared access from multiple physical hosts seems more natural with NFS. An area of concern is the ability for that single NAS head to handle the random I/O requests from potentially hundreds if not thousands of virtual machines. There is concern that this might bog down that NAS head more rapidly than a block based array would. The result could lead to NAS head sprawl as you try to deal with virtual machine sprawl.

I no longer buy into the simplicity advantage the NAS has. NAS has not become more difficult, but iSCSI and Fibre have become easier to use. iSCSI storage systems from vendors focused on the SMB market in particular have made significant ease of use improvements in setting up a shared environment. As I stated earlier as any environments leveraging any of the three protocols grows the environment becomes more complex. These are storage networks regardless of what type of cable they run on. As they scale you are going to need capabilities like VM aware QoS to be able to maintain service levels to the right applications.

While each protocol has some advantages, its what the storage suppliers are doing with their systems that seem to be the key factor for IT professionals. If they can help you with tasks like VMware storage management via integration, provisioning, data placement and data protection then these are going to be the key factors. The protocol, while important, may be the second decision point and will largely be driven by what storage system you select. It is an interesting thought at what point would you switch protocols, something we will dive into deeper in our next entry.

Track us on Twitter: http://twitter.com/storageswiss

Subscribe to our RSS feed.

George Crump is lead analyst of Storage Switzerland, an IT analyst firm focused on the storage and virtualization segments. Find Storage Switzerland's disclosure statement here.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3409
Published: 2014-10-25
The Ethernet Connectivity Fault Management (CFM) handling feature in Cisco IOS 12.2(33)SRE9a and earlier and IOS XE 3.13S and earlier allows remote attackers to cause a denial of service (device reload) via malformed CFM packets, aka Bug ID CSCuq93406.

CVE-2014-4620
Published: 2014-10-25
The EMC NetWorker Module for MEDITECH (aka NMMEDI) 3.0 build 87 through 90, when EMC RecoverPoint and Plink are used, stores cleartext RecoverPoint Appliance credentials in nsrmedisv.raw log files, which allows local users to obtain sensitive information by reading these files.

CVE-2014-4623
Published: 2014-10-25
EMC Avamar 6.0.x, 6.1.x, and 7.0.x in Avamar Data Store (ADS) GEN4(S) and Avamar Virtual Edition (AVE), when Password Hardening before 2.0.0.4 is enabled, uses UNIX DES crypt for password hashing, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force a...

CVE-2014-4624
Published: 2014-10-25
EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and 7.0.x through 7.0.2-43 do not require authentication for Java API calls, which allows remote attackers to discover grid MCUser and GSAN passwords via a crafted call.

CVE-2014-6151
Published: 2014-10-25
CRLF injection vulnerability in IBM Tivoli Integrated Portal (TIP) 2.2.x allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.