Back on October 1st, 2021, Gartner has published their annual Magic Quadrant for Distributed File Systems and Object Storage, and as you can see below, Dell Technologies with our PowerScale […]
Back on October 1st, 2021, Gartner has published their annual Magic Quadrant for Distributed File Systems and Object Storage, and as you can see below, Dell Technologies with our PowerScale and ECS platforms, have been selected as THE leaders in these spaces.
Now, let’s take a completely different look at the numbers, is PowerScale (the new name for Isilon) is being used only in traditional environments?
Absolutely not! If you take a look at the docker hub statistics, you will find millions of downloads for the PowerScale CSI (Container Native Storage) interface for it, so customers are FULLY embracing it for next-gen apps as well. these customers are embracing PowerScale because we don’t just provide a CSI (Container storage Interface) for kubernetes but rather, complement it with enterprise related features we call ‘CSM’ (Container Storage Modules) which, you can read all about here https://volumes.blog/2021/10/14/introducing-dell-container-storage-modules-csm-part2-the-what/
Needless to say, we don’t sit on our laurels and with each OneFS release, we are adding more and more features that our customers want, for example, the latest OneFS 9.3 release added tons of new features:
Support for NFSv4.1 and NFSv4.
OneFS 9.3.0 implements the session model which allows NFSv4.1 and NFSv4.2 clients to leverage trunking. Trunking is the use of multiple connections between a client and server in order to widen the I/O path.
- Session trunking is the association of multiple TCP connections to the same session. Most Linux supports session trunking by using nconnect option which is included in the Linux kernel version higher than 5.3.
- Client ID trunking is the association of multiple sessions to the same client ID. Currently, not observed any open-source Linux clients support client ID trunking.
NFSv4.2 is a superset of NFSv4.1, with all of the new features being optional. Therefore, OneFS still allows clients to mount NFS export of OneFS with NFSv4.2 and access OneFS data even OneFS does not implement any NFSv4.2 features.
Writable snapshots –
OneFS 220.127.116.11 supports creating and managing modifiable copies of snapshots. Writable snapshots enable you to test data recovery scenarios without having to create a copy of an entire dataset. You can create writable snapshots from a source snapshot, then run tests against the writable snapshot to verify the data. You manage writable snapshots using the command-line interface (CLI) or API endpoints.
- Snapshot (snap_prod_1) is taken of the /ifs/prod directory.
- Read-only ‘snap_prod_1’ snapshot used as the backing for /ifs/wsnap writable snapshot.
- Writable snapshot contains the same directory and file structure as the original ‘prod’ directory, without the added data capacity footprint.
- New internal protection group data structure, ‘PG_WSNAP’.
- Provides an overlay.
- Allows unmodified file data to be read directly from the source snapshot.
Stores only the changes in the writable snapshot tree.
Additions to S3 protocol support
OneFS S3 support improvements include:
● Amazon Web Services chunked encoding for streaming data upload.
The AWS S3 DeleteObjects API enables you to delete multiple objects from a bucket using a single HTTP request.
If you know the object keys that you want to delete, then this API provides a suitable alternative to sending individual delete requests, reducing per-request overhead.
● Non-slash delimiter support for Get Bucket.
● Improvements to the create and delete bucket functionality.
Support for APEX File Storage Services self-service administration:
PowerScale OneFS 18.104.22.168 adds support for Dell Technologies APEX file storage services (File Services). Storage administrators and application owners can use File Services to perform self-service cluster data management tasks. Service providers manage the infrastructure, availability, and performance of PowerScale clusters.
Storage administrators and application owners can perform self-service cluster data management tasks, including:
● Managing folders and the file hierarchy structure
● Monitoring SMB shares, NFS exports, and HDFS access
● Managing storage pools policies
● Monitoring quotas
● Monitoring snapshots
● Viewing reports
● Managing users
Upgrade: transparent SMB disconnection and reconnection on node reboots:
OneFS supports transparent SMB node reboots during the upgrade process.
- Long filename support:
OneFS 22.214.171.124 increases the maximum supported filename length to 1024 bytes. The maximum path length is increased to 4096 bytes.
- Support for HDFS ACL: OneFS 126.96.36.199 adds support for HDFS ACL. Ranger ACL continues to be supported.
HDFS ACL is Apache’s implementation of POSIX ACL.
- It provides more flexible access control than the traditional POSIX mode bit permission model.
Starting from OneFS 9.3.0, OneFS supports HDFS ACL to improve the compatibility with HDFS.
Allow HDFS clients to manipulate files ACL with the following HDFS commands
- hdfs dfs –setfacl and hdfs dfs –getfacl
- It provides more flexible access control than the traditional POSIX mode bit permission model.
- PowerScale Performance Accelerator 1U node support:
The PowerScale Performance Accelerator (PSPA) node provides added performance to clusters that consist of nodes that are CPU-bound.
PowerScale Backup Accelerator 1U node support:
The PowerScale Backup Accelerator (PSBA) node provides two-way NDMP backup and recovery from a OneFS cluster. Offloading NDMP workloads from the primary storage nodes provide a seamless way to accelerate tape backups. PSBA is supported for Generation 5 and Generation 6 and later clusters.
- Support for UEFI secure boot:
OneFS adds support for UEFI Secure Boot for the A2000, securing the platform during the platform boot and OneFS loading phases. Storage administrators can opt-in to enable the feature in the A2000 BIOS.
- Default permissions changes for /ifs and /ifs/data:
OneFS 188.8.131.52 enhances file system security by setting the default access permissions for /ifs and /ifs/data to 755.
- Performance improvements for inline read/write operations:
OneFS offers improved read/write performance for inline data operations.
- 184.108.40.206 NDMP backup compatibility:
NDMP backups that are created with 220.127.116.11 work only with 18.104.22.168 and later releases.
At the same time, we have also added new hardware models, why more hardware options? Since NO single product fits every use case.
We can support any on-premises and a variety of public cloud workloads
- New PowerScale H and A series with faster CPU and more memory
- A300 A300L and A3000 up to 2x faster than comparable A200/A2000
- One is comparable to H400
- New 100Gb back-end option on H700/H7000, 25Gb on A300/A3000
- InfiniBand and SED options; scales from 15x 2TB to 20x 16TB per node
- Inline data reduction across the PowerScale family
- Node compatibility for all hybrid and archive nodes (except H600)
Data Reduction? You got it!
Customers also get more value through our inline data reduction and smart dedupe features available on the F900, F600, and F200. Customers can benefit from these data reduction features especially for active-archive workloads such as AI/ML.
PowerScale OneFS and its many software features deliver enterprise-grade data protection and security including data snapshots; LAN and WAN data replication; intelligent client-failover; and Write-Once, Read-Many (WORM) data immutability. PowerScale OneFS also provides you with powerful data management and efficiency tools to help you optimize your storage resources.
Here are the specific Isilon software offerings that are available to you:
The PowerScale family is powered by PowerScale OneFS – an enterprise scale-out file system with enterprise data management and governance capabilities and eliminates data silos. This consolidation allows you to centralize enterprise storage processes including data management, performance management, data protection, and data security. This consolidation also increases the economics of data storage, lowers ownership costs, reduces risk, and makes it simple to manage as your data.
Now let’s understand a little more about the PowerScale OneFS Software.
- SmartConnect – Automated balancing of inbound client connections across the entire cluster
- SmartPools – Automated policy-based tiering between different node types or to the Cloud as part of the data lifecycle
- SyncIQ – Asynchronous data replication for Disaster Recovery planning.
- Snapshots – Granular Point in time immutable copy of data that can be retained for quick recovery as needed including from cyber attacks
Cyber security threats are on the rise (MORE Alarming Cybersecurity Stats For 2021 ! (forbes.com)) and so, we have put a lot of effort, ensuring PowerScale is well protected, here are some of the design elements of it:
Real-time AI-based detection triggers automated actions or you can Quarantine certain users, one that is tied to NIST framework
Our partnership with Superna has delivered great value to customers at a very inexpensive cost for the benefits received. Superna Eyeglass Suite is OneFS specific and does not work on other storage products. Over the years Superna has become more closely integrated with OneFS giving customers additional features like the following:
DR Automation Module – Superna Eyeglass extends the witness concept further by not only monitoring the clusters data replication but also synchronizing and detecting changes in the configuration data outside the cluster to coordinate share, export, quotas, and replication policies between arrays that are acting in hot cold or hot hot configurations.
Automates failover with One-button failover for NFS and SMB
Ransomware Defender – is a highly scalable real-time event processing solution, it provides User Behavior Analytics to detect and halt a Ransomware attack on business critical data stored on OneFS
– Stops Ransomware real-time across all managed clusters
Golden Copy – copies data to an offline device and copy speed is the #1 factor to consider. The longer the AirGap is open the longer the data is exposed on the network. Isilon SyncIQ replication copies block level changes within files, Golden Copy can only copy entire files. This means SyncIQ will handle a higher quantity of data replication in a shorter period of time and will minimize the time an AirGap needs to be open.
Easy Auditor – audits data giving customer HIPAA compliance, top user, stale data access, and excessive permissions reports.
– Scalability support for Billions of Audit records with inline compressed HDFS storage on Isilon. Can scale to any size cluster with scale-out auditing.
– Powered by Isilon HDFS, allows the Isilon cluster to accelerate queries and perform analytics on audit data
– Removes the requirement for SQL, Oracle, MySQL relational databases
Cluster Storage Monitor
– is an add-on to Superna Eyeglass® that automates the management of storage reporting, and quota administration. The add-on manages multiple clusters and offers chargeback reporting, searching and reporting of all quota types.
– Storage management tasks can be delegated to non technical Isilon administrators for quota.
– Get reports on share and export usage with automatic quota creation on any new share or export
Search and Recover
– Customers have a huge repository of data stored on Isilon clusters but cannot maximize the value of this data if they cannot find it. Eyeglass Search & Recover targets this problem with a full content index solution that maintains a current index of the content and any changes to the data. Security matters and the solution will only return results to data the end-user is entitled to see.
- Indexing Isilon snapshots provides users with version history and file recovery with full content searching. This provides a self-service file location service and simplifies management of the snapshot and replicate data protection strategy.
Dynamic NAS Protection automates and optimizes the protection of your NAS infrastructure, delivering a simple, modern way to protect your NAS systems.
Protect and recover any NAS that supports NFS or CIFS, including Dell EMC PowerStore, PowerScale, and Unity. NAS assets are automatically discovered through communication with the NAS array.
Dynamic NAS Protection efficiently runs backups in parallel multi-streams by automatically and dynamically slicing NAS assets with load balancing for movement to protection storage. The slicer can be used to partition a NAS share, a filesystem, or a volume with multiple files and folders. Slicing is tunable from the Data Manager UI and the Data Manager REST API with support for both full and incremental backups.
The Slicer partitions NAS assets dynamically, with slices being reassessed before each backup, with slices added, removed, or rebalanced based on backup history and on changes in the content of the NAS asset being partitioned. Periodically, unbalanced trees are automatically managed as content changes over time. No manual reconfiguration is required.
Dynamic NAS Protection intelligently and automatically scales to optimize performance. Multiple proxy hosts are deployed with Dynamic NAS Protection and as load requires, proxies can be spun up and torn down efficiently. Because proxies are virtual, reconfiguration happens without the need for manual intervention.
The virtual proxies are bundled within a proxy host so that all services needed for backup are provided at deployment. Further, agents are containerized on the proxy host, and the setup and teardown of proxies happen dynamically, spinning up and tearing down NAS containers as needed. This in turn minimizes backup job queues, while keeping backup resources productive and eliminating the need for separate agents to accommodate different share types.
By providing up to 3x faster backups and up to 2x faster restores, Dynamic NAS helps you achieve improved SLAs through simple, efficient management of NAS backup and recovery.
SmartLock – Policy-based compliance and WORM data protection
- Provides immutable storage for data.
- Based on a write once, read many (WORM) locking capabilities.
- Ensures tamper-proof archiving of critical data sets for disaster recovery and regulatory compliance purposes.
- Configured at the directory level.
- Simple to manage secure data containers that remain locked for a configurable duration or indefinitely.
- Satisfies the regulatory compliance demands of stringent data retention policies, including SEC 17a-4.
Data encryption at rest (DARE)
- Uses nodes containing self-encrypting drives (SEDs), in combination with an encryption key management system embedded within OneFS.
- Data is encrypted using the AES-256 cipher, and each SED has a unique data encryption key (DEK).
- OneFS automatically generates an authentication key (AK) that wraps and secures the DEK, meaning data on any SED removed from its source node cannot be unlocked and read, guarding against drive theft.
- Enables SED drives to be securely wiped before being re-purposed or retired, via cryptographic erasure.
- Satisfies some compliance requirements, including U.S. Federal FIPS 104-2 Level 2 and PCI-DSS v2.0 section 3.4.
- Detect potential sources of data loss, fraud, inappropriate entitlements, access attempts that should not occur, plus other indicators of risk.
- Provides ‘chain of custody’ auditing by logging specific activity on the cluster.
- Includes OneFS configuration changes plus NFS, SMB, and HDFS client activity
- Required for HIPAA, SOX, FISMA, MPAA, etc.
- Uses EMC’s Common Event Enabler (CEE) to communicate with audit applications like Varonis DatAdvantage.
- Audit events are written across up to five CEE servers per node in a parallel, load-balanced configuration.
- OneFS provides a hardened security profile
Can be enabled for sites that are looking for:
- Additional security
- Need to comply with the US Department of Defense’s Security Technical Implementation Guide (STIG)
- Profile can be enabled or disabled on a cluster as required
- Requires a zero-cost license to activate
- OneFS file filtering can be used across NFS and SMB clients to allow or disallow writes to an export, share, or access zone.
- Prevents certain types of file extensions to be blocked.
- Helps avoid security problems, productivity disruptions, throughput issues, or storage clutter.
Filtering configuration can be either via:
- Exclusion list – blocks file extensions.
- Inclusion list – allows certain file types.
What’s new in DataIQ 2.2?
- With the UI and backend enhancements, customers with large scale environments can see their cluster information load faster
- Minor enhancements to more than eight dashboard screens and reports make it easy to navigate with better visual guidance
- New atime/mtime binning report for volumes is available to analyze volumes by time stamps.
Our smart dataset and storage management software, DataIQ, empowers organizations to discover, understand and act on unstructured data—file and object—across heterogeneous storage systems and the cloud.
Using DataIQ, your IT teams can:
- Locate data across all unstructured systems and monitor the health of PowerScale storage via a single unified tool.
- Gain deep insights into data characteristics, classify it with customizable tags, and perform advanced system analysis.
- And make more informed decisions, forecast future needs, and move data to the optimal storage platform on-demand.
We have completed the refresh of the PowerScale portfolio:
- All-flash nodes with NVIDIA GPUDirect are designed to provide the extreme performance needed by modern workloads such as AI, ML, analytics, genomic sequencing, and EDA workloads.
- Hybrid nodes are ideal for the best price/performance results needed by workloads, such as media and entertainment, healthcare, life sciences, analytics, automotive, etc.
- Archive nodes are well suited for active archive and safety and security workloads.
- Cloud storage solutions for unstructured data offer multi-cloud and hybrid cloud deployments for demanding HPC data-driven workloads where, without a need to do any application re-platforming, they can be combined with the native services of cloud providers such as Azure, AWS, and Google Cloud.
All these nodes seamlessly operate in the same OneFS powered cluster with the enterprise-grade features of performance management, data management, security, and data protection – all of which can be delivered at the edge, core, and cloud.
This is the PowerScale Family of scale-out storage – All tied together with the PowerScale OneFS operating system.
Any combination of node types can be leveraged as part of a Multi-Tier architecture to deliver a complete data lifecycle.
To conclude, PowerScale Redefining NAS for the Data Era with efficiency, management, protection & security innovations designed to eliminate silos of data and help companies innovate with confidence
Our latest features add up to a powerful set of existing capabilities to deliver the world’s most flexible Scale-out NAS solution!