ObjectScale is the next evolution of object storage from Dell Technologies. It is a software-defined, scale-out, object storage platform. With ObjectScale, any organization can deliver cloud-scale storage services with the […]
ObjectScale is the next evolution of object storage from Dell Technologies. It is a software-defined, scale-out, object storage platform. With ObjectScale, any organization can deliver cloud-scale storage services with the reliability and control of a privatae-cloud infrastructure.
ObjectScale features a Kubernetes-native, containerized architecture built on the principles of microservices to promote efficiency, resiliency and flexibility. Each service is completely abstracted and independently scalable with high availability and no single point of failure. ObjectScale is built on proven Dell ECS’s codebase and has been re-platformed to utilize the native orchestration capabilities of Kubernetes—scheduling, auto-scaling, load-balancing, self-healing, and more.
ObjectScale is an enterprise-grade object storage with these features and functionality:
● Simple, S3-compatible enterprise-grade object storage
● Kubernetes-based, customer-deployable on both VMware vSphere with Tanzu and Red Hat OpenShift
● Scaled-out, software-defined architecture
Also, other major changes that are introduced with ObjectScale include:
● Improved data protection with new erasure coding schemas, such as 3+3 in three node deployments
● New replication model with eventual consistency for greater availability during hardware failure
● Integrated Pravega to manage bucket or object events enabling bucket notifications, ObjectScale replication, and metering
● A complete multi-tenant IAM service with IAM accounts and other IAM entities, like Users, Groups, Roles, Policies, and Service Providers
Building ObjectScale for Kubernetes allowed Dell EMC to deliver a simplified product where Kubernetes handles the OS- and hardware-level layers leaving ObjectScale to handle the storage and storage management. With this underlying Kubernetes architecture, ObjectScale gives you segmented control of the storage, compute, and network services and allows for dynamic provisioning of resources. You can control when new services are started on an as needed basis. These new resources are tied to the underlying resources upon creation.
Here are some of the benefits Kubernetes provides for ObjectScale:
● Predictable application deployment using a declarative method
● Dynamic scaling of application resources
● Deployment using only required resources
● Highly portable across deployment models
● Self-healing: Auto placement, auto restart, and auto replication
In Kubernetes, each resource can be affinitized to run on one host. Affinization of resources to hosts allows ObjectScale to behave as its own fault domain.
Kubernetes is responsible for operating system and hardware interaction. The customer is responsible for TOR switching and network infrastructure. Networking inside Kubernetes is provided by a Container Networking Interface (CNI) which for VMware is implemented using NSX-T. In OpenShift network services are provided by MetalLB or other customer-provided Kubernetes compatible load-balancing application.
Flexible deployment environments are central to ObjectScale as it provides increased flexibility for customer-built and maintained object storage platform. ObjectScale performance and maintenance are aided by the collocation of the compute and storage infrastructure.
ObjectScale supports two deployment models, on top of VMware vSphere with Tanzu or on top of Red Hat OpenShift.
This post will be focusing on ObjectScale on VMware vSphere with Tanzu deployment and configuration.
VMware vSphere is virtualization platform of VMware, which transforms data centers into aggregated computing infrastructures that include CPU, storage, and networking resources. vSphere manages these infrastructures as a unified operating environment and provides you with the tools to administer the data centers that participate in that environment.
You can use vSphere with Kubernetes to transform vSphere to a platform for running Kubernetes workloads natively on the hypervisor layer. When enabled on a vSphere cluster, vSphere with Kubernetes provides the capability to run Kubernetes workloads directly on ESXi hosts and to create upstream Kubernetes clusters within dedicated resource pools.
VMware has also refactored vSphere beginning in version 7.0 to leverage Kubernetes in their control plane. The integration of Kubernetes within vSphere is a result of a VMware internal project that introduced Workload Management (cluster) and Workload Control Plane (WCP). These terms generally are used to describe Kubernetes functionality within the vSphere product.
Download the ObjectScale YAML
The first step is to download the ObjectScale service YAML. This is found in the https://vmwaresaas.jfrog.io/ repository. Simply navigate to the appropriate partner folder located under Artifacts > vDPP-Partner-YAML and download the associated YAML manifest.
Below is the JFrog repository when the services are stored. I have navigated to the ObjectScale service, clicked on the URL to file, and downloaded it.
Add a new vSphere Service to the Supervisor Cluster
Navigate to the Workload Management view in the vSphere client. Click on ADD in the Add New Service box, click on the UPLOAD button, and select the ObjectScale YAML which was previously downloaded. Once uploaded, details about the manifest that was just provided are displayed. Once the ObjectScale service has been registered, you should observe a new service box under the Workload Management > Services view.
Deploy ObjectScale vSphere Service on the Supervisor cluster
Now that the ObjectScale service is registered, it can be installed on the Supervisor. Navigate to Cluster > Configure > vSphere Services > Overview in the client. Under the Available tab, ObjectScale should be listed. Select it and click on INSTALL.
During the process You need choose the version and provide the image registry address, username, and password
The Installation of the ObjectScale service onto vCenter will take approximately 15-20 minutes to complete.
Once the relevant components of the service are installed in the Supervisor cluster, new menu options are also added to the vSphere client, so you can review the system performance, system data and capacity utilization directly from the vSphere client, in addition you can create and manage user account as well as provision objectScale S3 Object Stores to tenants in different vSphere Namespaces.
Create an IAM User
The next step is creating an IAM user in ObjectScale. we Select an account from the account list and then select the Users tab. Then we click on new user and fill all the required fields in the New User window, we can add permissions to the new user in one of the following ways:
● Permission boundary and copy permission from an existing user to the current account.
● Add existing group of current account and permission boundary.
● Add existing policies of current account and permission boundary.
The Secret Key consists of and username the Access Key ID, and the Access Secret keys.
Please note that this is the only time that you will be able to download this .csv for this user
Create an Object Store
After setting up the initial account and user with the necessary policy for S3, we can create our first object store. We Navigate to the ObjectScale object stores and click on new Object Store, we specify a name and click verify and click verify and then select the version, we can continue with a quick or an advanced mode, for additional information about the different options and configurations, please check the ObjectScale installation guide.
ObjectScale introduces the new logical construct that is called the object store. Object stores are a discrete storage system with an individualized life cycle and are Kubernetes (k8s) applications that are deployed by ObjectScale. One ObjectScale instance can contain multiple object stores.
Object stores are created, updated, and deleted independently from all other object stores managed by ObjectScale. As you manage the object store though its life cycle, ObjectScale interacts with the underlying Kubernetes infrastructure as needed. Allowing Kubernetes to handle the necessary changes to the cluster resources, such as storage, CPU, and other resources. You must associate an IAM account with an object store in order to allow users within the IAM account to manage aspects of the object store.
When an IAM account is added to an object store, that account becomes a tenant within that object store. A tenant is a logical construct resulting from the binding of an IAM account to an object store. After associating the IAM account with the object store:
● IAM accounts associated with the object store can create new buckets in the object store.
● these buckets are owned by the account creating the bucket. This is similar to AWS S3.
● the tenants can be used to specify quota restrictions for that account in that object store.
● you can set specific compliance settings.
● you can set specific retention policies.
The size of the persistent volumes (PVs) which are bound to the storage server (SS) pods in an object store represent the persistent storage capacity allocated for raw user data. An object store with three 200GB SS pods provides 600GB raw disk space. ObjectScale joins the persistent volumes and pods to hosts to protect data using erasure coding. Each object store has a maximum of one SS pod per k8s worker node
Create a Bucket
Now let’s create a new bucket, buckets are object containers that are used to control access to objects. In S3, object containers are called buckets and this term has been adopted as a general term in ObjectScale. In ObjectScale, buckets are limited to S3 only. A bucket is associated to only ObjectScale instances, the object store and account or tenant. An IAM user can create buckets only in the namespace to which the IAM user is assigned. we navigate to the buckets tab under the ObjectStore view and click on new bucket, we type a name for the new bucket. Select the object store from the ObjectStore dropdown menu, Select the bucket owner account from the Bucket Owner Account dropdown menu.
For each bucket, we can enable the following features:
- Versioning – Enable versioning to maintain multiple versions of the same object within the bucket.
- Object Lock – Enable object lock which allows objects to be locked or protected from deletion or overwrite, for a fixed amount of time or indefinitely, depending on the configuration.
- Quotas – Enable quotas for the bucket. When enabled, you can set the storage level or object count level in ObjectScale which will Block writes at Quota, a hard quota, and Notification at Quota, a oft quota.
- And Encryption – Enable encryption to save the bucket data in an encrypted format. If Encryption was enabled at the account level when add to object store, you cannot disable encryption in the bucket.
Verify S3 Access
In order to verify S3 access we can Use the freely available S3 Browser or similar application to verify connectivity to the object store owned by the initial-IAM user setup during deployment.
In S3 browser, we create an account with the details of the object store bucket.
- Use the S3 values you recorded before to complete this step.
- Type a Name for the account.
- Select S3 Compatible Storage from the Account Type dropdown
- Enter the EXTERNAL_ENDPOINT value into the REST Endpoint field.
- Enter the ACCESS KEY value into the Access Key ID field.
- Enter the SECRET_KEY value into the Secret Access Key field.
To test it, we can upload files to this bucket directly using S3 Browser.
For more information:
Learning about ObjectScale
Below, you can see a demo, how to deploy it
you can also, download ObjectScale, community edition from here
A post by Tomer Eitan