Discussion Paper_ contract services for smallholders_Lund Nov2015 Word version
SNIA White Paper_ Storage Multi-Tenancy for Cloud Computing
Transcript of SNIA White Paper_ Storage Multi-Tenancy for Cloud Computing
-
7/31/2019 SNIA White Paper_ Storage Multi-Tenancy for Cloud Computing
1/14
Storage Multi-Tenancy for Cloud Com puting
Paul Feresten, NetApp
SNIA Cloud Storage Initia tive Membe
March, 2010
-
7/31/2019 SNIA White Paper_ Storage Multi-Tenancy for Cloud Computing
2/14
Storage Multi-Tenancy for Cloud Computing
ii
2010 STORAG E NETWORKING INDUSTRY ASSOCIATION
Table of Contents
Introduc tion...............................................................................................................................1
What is Multi-Tenanc y?............................................................................................................2
Sto rage Multi-Tena nc y .........................................................................................................2
Enabling Cloud-Based Data Management CDMI............................................................3
Virtual Storage Containers.......................................................................................................5
Security....................................................................................................................................6
Performa nc e and Qua lity of Service .................................................................................7
Da ta Protec tion and Ava ilab ility ........................................................................................9Mana geability .....................................................................................................................10
End-to-End Multi- tenanc y .....................................................................................................11
Conc lusion ..............................................................................................................................12
About the CSI & CDMI............................................................................................................12
About the SNIA .......................................................................................................................12
List o f FiguresFigure 1: Sha red infrastruc ture ....................................................................................................1
Figure 2: Cloud Da ta Mana gement Inte rface (CDMI)...........................................................4
Figure 3: Att ributes of a virtua l sto rag e conta iner...................................................................6
Figure 4: End -to -end multi-tena nc y ..........................................................................................11
-
7/31/2019 SNIA White Paper_ Storage Multi-Tenancy for Cloud Computing
3/14
Storage Multi-Tenancy for Cloud Com puting
1
2010 STORAG E NETWORKING INDUSTRY ASSOCIATION
IntroductionOrga niza tions of a ll types a re strugg ling to c ontrol c osts while fa c ing inc rea sing
demands c rea ted by explosive d a ta growth and ever-chang ing regulations. To
address these cha llenges, storage industry professiona ls are turning to c loud
c om puting and c loud storag e solutions.
Cloud com puting is not in itself a new tec hnology; it is a new business mo del wrapped
around a set of tec hnolog iessuch a s server virtua liza tiontha t reduce the c ost o f
using informa tion tec hnology resources. Cloud computing takes ad vanta ge of Web
based mec hanisms tha t a llow sca lab le, virtua lized IT resources to b e p rov ided as a
service over a ne twork. The advantage s of c loud storag e and o ther cloud services
inc lude pay a s you go, the p ercep tion o f infinite c apa c ity (elastic ity), and the
simp lic ity o f use/ ma nag ement.
When virtua lized storag e is ava ilab le on dem and ove r a netw ork, an organization isfreed from the need to purchaseor often even to provisionstorage cap ac ity
befo re storing d ata . Significant c ost-savings result bec ause o rganizations typ ica lly only
pay for storage ac tually consumed .
Desp ite the pote ntial advantages, how eve r, ma ny organiza tions hesita te to expose
potentially sensitive d ata to c loud c omputing o r commit such da ta to c loud storage
bec ause o f conc erns about sec urity in c loud environments where infrastruc ture
elementsservers, networks and storag ema y be shared amo ng ma ny d ifferent
orga nizations (Figure 1 below). The high utiliza tion tha t results from sha ring, however, is
in la rge pa rt wha t ma kes the ec onom ics of c loud computing compe lling.
Figure 1: Shared infrastructure
-
7/31/2019 SNIA White Paper_ Storage Multi-Tenancy for Cloud Computing
4/14
Storage Multi-Tenancy for Cloud Com puting
2
2010 STORAG E NETWORKING INDUSTRY ASSOCIATION
This paper de fines a set o f req uirem ents for storage in suc h multi-tena nt c loud
environm ents in four key area s of c onc ern for cloud adop ters: sec urity; qua lity of
servic e; da ta protec tion a nd a vailab ility; and ma nag ea bility. Where a ppropria te,
these req uirements are d efined in terms of the Cloud Data Ma nag ement Interfac e
(CDMI).
What is Multi-Tenancy?The te rms multi-tenant and multi-tenancy are not new; both ha ve b een used to
desc ribe a pp lica tion architec tures designe d to support multip le users or tena nts for
ma ny yea rs. With the advent o f cloud com puting, this terminolog y has simp ly been
extended to inc lude any c loud architectureor infrastruc ture element within tha t
a rchitec ture (ap p lica tion, server, netw ork, storag e)that supports multip le tena nts.
Tena nts could b e sep ara te c om panies, or dep artments within a c om pany, or even just
d ifferent app lica tions.
To p rovide sec ure multi-tenancy and address the c onc erns of c loud skept ic s, a
me chanism to enforce sep aration a t one o r more layers within the infrastruc ture is
required:
App lication layer. A spec ially written, multi-tena nt app lica tion o r multip le,sep arate instances of the sam e a pplication c an p rovide m ulti-tenancy at this
level.
Server layer. Server virtua liza tion and op erating systems provide a mea ns ofsep arating tenants and app lic a tion instances on servers and controllingutiliza tion of and access to server resources.
Network Layer. Various mec hanisms, inc luding zoning a nd VLANs, can be usedto enfo rc e ne twork sep aration. IP sec urity (IPsec ) a lso p rovides network
enc rypt ion a t the IP layer (ap p lica tion indep end ent) for add itiona l sec urity.
Storage Layer. Mechanisms suc h a s LUN masking and SAN zoning can b e usedto c ontrol storage a c cess. Physica l storage p artitions seg reg ate a nd assign
resources (CPU, memory, disks, interfaces, etc.) into fixed containers.
Ac hieving sec ure multi-tena ncy ma y req uire the use o f one o r mo re mec hanisms a t
each infrastructure layer.
Storage Multi-Tenancy
While m ec hanisms to support multi-tenancy and enforce sep ara tion exist a t every
infrastructure layer, this paper is primarily concerned with storage and the
-
7/31/2019 SNIA White Paper_ Storage Multi-Tenancy for Cloud Computing
5/14
Storage Multi-Tenancy for Cloud Com puting
3
2010 STORAG E NETWORKING INDUSTRY ASSOCIATION
req uirements for sec ure and e ffec tive storag e multi-tena ncy in a c loud environm ent.
To understa nd the full set of storage req uirem ents, it is necessary to consider cloud
storage from both the pe rspec tive o f the tenant (user) and the p rovider of c loud
services.
Cloud computing services can be b roken down into a variety of types, ranging fromSoftware a s a Servic e (SaaS)in which the p rov ider de livers spec ific app lica tion
services to ea ch tenantto Data storage a s a Service (Da aS) which is virtua lized
storag e on de ma nd ove r a netw ork. Reg ard less of the type o f c loud service, from a
tena nt perspec tive there will be spec ific req uirements tha t app ly direc tly or ind irec tly
to d ata storag e.
Tena nt req uirem ents are typ ica lly defined in terms of service level agreements (SLAs),
which cove r a va riety of capab ilities inc lud ing:
Sec urity
Performance Data protec tion a nd ava ilab ility Data manag ement
From the provide r s perspec tive, multi-tena nt storag e should provide convenient
mec hanisms for sa tisfying these and other tenant SLAs as well as supporting a dd itiona l
c apab ilities such as:
Accounting. The a b ility to m onitor usage b y ea ch tena nt for billing or otherpurposes.
Self service. The a bility to a llow a tenant to perform a defined set o fma nag ement ta sks on the ir data and the storage they use, thereb y offloa ding
these functions from the provide r.
Non-d isruptive upg rad es and repairs. Downtime in multi-tenant environm entsma y be d ifficult o r imp ossible to sched ule, so m aintena nc e a c tivities must b e
possib le w ithout incurring do wnt ime from the p oint of view of the tenant.
Performance m anag ement. The a bility to b a lanc e c ost and performa nce a s thelifecycle req uirements of d a ta changes over time .
Enab ling Cloud-Based Data Manag ement CDMIDesigne d to ena b le multi-tenant storag e offerings, the SNIA s Cloud Data
Management Interfac e (CDMI) for c loud storag e a nd d ata ma nagement integrates
and is interoperable with various types of client applications. CDMI offers a standard
-
7/31/2019 SNIA White Paper_ Storage Multi-Tenancy for Cloud Computing
6/14
Storage Multi-Tenancy for Cloud Com puting
4
2010 STORAG E NETWORKING INDUSTRY ASSOCIATION
app roa ch to data po rtability, c omplianc e a nd sec urity, as we ll as the a bility to
c onnect one c loud provide r to a nother, enabling c omp atibility betw een c loud
vendors.
Using this approa ch, a c lient will be a b le to d iscove r the capab ilities of c loud storag e
and use this interfac e to manag e data conta iners and the d ata elements that a rep laced in them . CDMI ma kes extensive use of m eta da ta to simp lify ap plication a c cess
and ena b le m ultip le levels of service a s req uired by a d iverse set of users. The m od el
behind the C loud Data Ma nag ement Interfac e is shown in Figure 2 below.
Figure 2: Cloud Data M ana geme nt Interfac e (CDMI)
In the storag e layer, the CDMI interfac e c an simplify ma nagement since d a ta system
metad ata can be a pp lied to c onta iner hiera rchies. For the functional data pa th
interfac e fo r data storag e, CDMI assigns ea c h da ta ob jec t a sep ara te URI (Uniform
Resourc e Identifier). Since ob jec ts can be fe tc hed using the standard HTTP protoc olemploying RESTful (REpresenta tiona l Sta te Transfer) opera tions, ea ch da ta element
c an be m anage d as a sep arate resource . In this wa y, it is possible to sep arate and
c lassify da ta elem ents and conta iners for sec ure access as well as servic e levels. The
result is a leve l of isolation suitab le to tena nt based , on-dem and da ta access.
-
7/31/2019 SNIA White Paper_ Storage Multi-Tenancy for Cloud Computing
7/14
Storage Multi-Tenancy for Cloud Com puting
5
2010 STORAG E NETWORKING INDUSTRY ASSOCIATION
Virtual Storage ContainersThe t rad itional mec hanisms for enforcing storag e sep ara tion mentioned aboveLUN
ma sking, SAN zoning a nd physica l storag e partitioningdo not adeq uately ad dress a ll
the req uirements of m ulti-tenant storag e in a c loud environm ent. These me thod s a re
too rig id to deliver the flexib ility and high utiliza tion req uired .
Severa l storag e vendors have independ ently arrived a t the idea o f a virtua l storag e
c onta iner a s a w ay of de livering storag e multi-tena nc y. Naturally, ea ch vend or uses
its ow n d esc riptive language , so the term virtua l storag e conta iner in this context is
used as a generic term to allow disc ussion o f the c onc ep t in a g eneral way a nd
should not b e ta ken to imp ly any vendor s pa rticular imp lementa tion.
A virtual storage conta iner is a conta ined ma nag ement d oma in that grants the
tena nt som e or a ll of the ma nage ment capab ilities of the ove rlying storag e system .
(Restric ted to the storag e a va ilab le to the tena nt, of c ourse) In effec t, virtua l storag e
c onta iners p rovide ea c h tena nt one or more virtua l storag e a rrays . From the
perspec tive of the storag e p rovide r, a virtua l storag e c onta iner is a d isc rete entity.
Virtua l storag e c onta iners can use CDMI to e nsure tha t meta da ta is c orrec tly ap p lied
in the data hierarchy thus providing a simp le a nd p red ic tab le interfac e fo r
app lications and individua l tenants. CDMIs use of m eta da ta can extends do wn into
ind ividua l da ta elements or can app ly to the entire virtua l storag e c onta iner. Thus, any
data plac ed into a conta iner essentially inherits the meta data of the conta iner intowhich it was plac ed . The extension o f me tad ata to m ana ging virtual storage
c onta iners enables a red uction in the numb er of pa rad igm s for ma nag ing the
c om ponents of storag ea significant c ost savings. Providing m eta da ta in a c loud
storage interfac e stand ard and presc ribing how the storage and da ta system
metad ata are interp reted to meet the requirements of the data , de livers the simp lic ity
req uired by the c loud storag e parad igm , while still addressing the req uirements of
enterprise ap plica tions and da ta .
A service p rovider should be ab le to pe rform a variety of m ana gement ac tions on a
virtua l storag e c onta iner as a w hole inc lud ing the ab ility to c rea te a nd d estroy
c onta iners or app ly spec ific polic ies on b eha lf of the tenant.
A virtua l storag e conta iner is in many ways ana log ous to the virtua l mac hines of server
virtua liza tion, in tha t resources can be dynam ica lly shifted betw een virtua l storag e
c onta iners. This paper is mo re conc erned with the capab ilities tha t multi-tena nt
-
7/31/2019 SNIA White Paper_ Storage Multi-Tenancy for Cloud Computing
8/14
Storage Multi-Tenancy for Cloud Com puting
6
2010 STORAG E NETWORKING INDUSTRY ASSOCIATION
storag e a nd virtua l storag e c onta iners should d eliverfor both tena nt and provide r
than it is with imp lem enta tion spec ific s.
Virtua l storag e conta iners are a ligned with individua l tenants throug h unique identifiers
(ob jec t ident ifiers) and are required to a lso enc apsula te sec urity attributes tha t
p revent unautho rized access. Figure 3 illustrate s these b asic a ttributes.
Security
As we saw in the introduc tion, the first requirem ent for multi-tenant storage is to ensure
the sec urity of tena nt data . A virtual storage conta iner must p rotec t the tenant data itc onta ins from multip le c lasses of threats, inc luding:
Snooping. One tenant should not b e a ble to ga in unauthorized ac cess toanothe r tena nt s da ta . A tenant must be restricted to the ir ow n virtua l storag e
conta iners suc h tha t symb olic links or othe r possible mec hanisms for connec ting
to storage outside the tenant s domain a re sec ured .
Unauthorized Discovery. Virtua l storage conta iners should b e invisible toeve ryone excep t their ow ners. Only autho rized tena nts should b e a wa re o f the
existence of their associated virtual storage containers.
Spoofing. Authentica tion m ec hanisms must ensure tha t no o ne c an assume atenants ide ntity to g ain da ta access.
Deletion. (Acc identa l or ma lic ious.) No ac tion externa l to the virtua l storag econta iner should c ause tena nt da ta w ithin the container to be deleted o r
corrupted.
Figure 3: Attributes of a virtual storage container
-
7/31/2019 SNIA White Paper_ Storage Multi-Tenancy for Cloud Computing
9/14
Storage Multi-Tenancy for Cloud Com puting
7
2010 STORAG E NETWORKING INDUSTRY ASSOCIATION
Denial of service. Tena nt da ta access must not be disrupted by d irec t d enial ofservice a tta cks aga inst the virtua l storag e conta iner, the norma l ac tivities of
othe r tena nts, or ab norma l tena nt ac tivities such as an app lica tion error that
c rea tes an I/ O storm in ano ther tenant s virtua l storage c onta iner. (This is
d iscussed further in the fo llow ing sec tion on Performa nce and Qua lity o f
Service.)
Multi-tena nt sec urity is achieved by isolating one tena nt s virtua l storag e conta iners
from anothe r tena nt s. This can be achieved in part by providing sep ara te IP
add resses for eac h storage c onta iner and binding a tenants data conta iners to
VLANs to ensure sep aration o f netw ork tra ffic . Careful tenant a uthentica tion is
necessary to ensure sec urity aga inst p ossible ma licious a tta cks. Enc ryption of da ta as it
is stored o n the und erlying media ma y also be provided as an op tion to meet the
sec urity concerns of the most sensitive tenants.
In ea c h of the a bove ca tegories, the CDMI interfac e is ab le to provide a standa rdand interoperab le suite o f protec tive mea sures (e.g. user authentica tion, ac cess
c ontrol, data retention, enc ryption) that c an b e imp lemented as op tiona l
components of the overall security solution. In this case, the mandatory transport
mec hanism will be HTTP (TLS) a nd ea c h CDMI implem enta tion w ill function as the
authentication vehic le.
In add ition, CDMI supports the use o f sec ure storag e p roto cols to be used in a c loud -
c om puting infrastructure. If using a n iSCSI protoc ol, for instanc e, CHAP and IPsec can
be used to sec ure the storage c onnec tions from the server. For Fibre Cha nnel
p rotoc ols, DH-CHAP, FC-SP, LUN masking and sec ure fabric zoning can a ccom plish
simila r security fea tures. For file p rotocols suc h a s NFS, Kerberos can b e used to securethe storag e ne twork. CDMI thus a llow s sec ure a ccess to storag e no ma tter the d a ta
path used to a cc ess that storage .
Performance and Quality of Service
The sec ond b iggest c onc ern with c loud storag e a fter sec urity is qua lity o f service.
Concerns abo ut performa nce a nd performa nce c onsistenc y in multi-tenant
environm ents ma y cause m any po tent ia l purc hasers of c loud services to hesita te.
From a storag e p erspec tive, a c loud service p rovide r must be a b le to ensure tha tstorage I/ O doesnt b ec ome a bo ttlenec k, preventing the p rovider from meeting
tenant SLAs. To do this, a service provider must b e ab le to offe r different c lasses of
service a nd be a b le to e nsure tha t the storag e infrastruc ture supports delivery of ea c h
-
7/31/2019 SNIA White Paper_ Storage Multi-Tenancy for Cloud Computing
10/14
Storage Multi-Tenancy for Cloud Com puting
8
2010 STORAG E NETWORKING INDUSTRY ASSOCIATION
c lass of service; lower c lasses of servic e must no t interfere w ith delivery of higher
c lasses of service.
For exam ple, a c loud storage service p rov ider might o ffer four classes of service:
Pla tinum: highest storag e performa nce Gold: high storage performa nce Silver: intermed ia te storag e performa nc e Bronze: low -performa nce, high-ca pac ity storag e for archiva l
To a c com plish this, the p rovide r would ha ve to ensure tha t a Pla tinum tena nt rec eived
a Pla tinum virtua l storag e c onta iner ca pab le o f delivering the highest storag e
performance. This p rob ab ly imp lies a virtua l storag e conta iner on a fast c ontroller,
utilizing high performa nce d isks (inc l. solid -sta te storag e) a nd an a deq uate numb er of
spindles.
Mo re important , the servic e p rovide r needs a me chanism to ensure tha t I/ O traffic to
and from Go ld, Silver, and Bronze virtua l storage c onta iners does not interfere with
Pla tinum-level traffic . This might be a ccom p lished in two ways:
Assign mo re resources (memo ry, c ache, CPU and interfac e b andwid th) tohigher-priority v irtua l storage conta iners.
Provide a mechanism to set the p riority of the I/ O transac tions of eachind ividua l virtua l storag e conta iner.
Ac com modating Tenants That Require Multiple Classes of Service. Som e tenants will
req uire m ultip le c lasses of storage service to mee t d ifferent need s. For insta nc e, atenant might need high p erforma nce storag e for produc tion app lications and high-
c ap ac ity storage for archiving. This could also b e a ccommodate d in one of two w ays:
A tenant s single virtua l sto rage c onta iner provides multip le c lasses of service. A tenant receives multip le virtua l storag e c onta iners, each delivering one c lass
of service. In this case, a mec hanism may be need ed to fed erate multip le virtua l
storag e conta iners into a single management view.
CDMI is ab le to simplify the provisioning o f servic e c lass based on its ab ility to extend
me tadata to virtua l storag e c onta iners as we ll as ind ividua l data elements. Onc eme tadata sett ings are estab lished for a spec ific c onta iner, for examp le, service-leve l
parameters a re a utoma tica lly extended to any file, LUN, or objec t p lac ed in the
c onta iner, thus ensuring consistent tena nt-leve l pe rformance. CDMI allow s the c loud
storag e provide r to advertise d ifferent types of c onta iners with c orrespond ing
-
7/31/2019 SNIA White Paper_ Storage Multi-Tenancy for Cloud Computing
11/14
Storage Multi-Tenancy for Cloud Com puting
9
2010 STORAG E NETWORKING INDUSTRY ASSOCIATION
metad ata values in an interop erable ma nner. A client c an compare the offerings of
Pla tinum conta iners betw een d ifferent c loud provide rs.
Scaling Performance. For some tena nts, pe rforma nce and c ap ac ity may need to
scale rap id ly. Acc ommodating the need s of such tena nts suggests two ad ditiona l
req uirem ents for virtua l storage c onta iners:
Non-d isruptive mig ration. Virtual storage conta iners ma y need to b e m ovedfrom o ne storage system to ano ther to accommodate a tenant s growing need
for pe rforma nce , capa c ity or bo th.
Scale out. The a b ility to sprea d the a c cess to a sing le d ata ob jec t ac rossmultip le p hysica l storag e system s would ma ke it simp ler to m ee t p erforma nce
needs, loa d ba lanc ing acc ess ac ross the system s, even geographica lly.
Data Protection and AvailabilityData p rotec tion and ava ilab ility a re a lso na tura lly a conc ern for anyone c onsideringc loud service a dop tion. Well-pub licized outa ge s for pub lic c loud services, such as
Goo gles Gma il, have heightened c onc erns ab out service ava ilability.
In c loud environments, mechanisms to p rote c t data , ensure d ata ava ilab ility, and
provide d isaster rec ove ry must be c losely integ ra ted with storag e, such tha t data is
never overloo ked and left unprotec ted . The p rov isioning p roc ess for virtua l storage
c onta iners should ensure tha t som e d efa ult leve l of da ta p rotec tion is app lied to a ll
data within the container.
A virtua l storag e c onta iner should p rovide convenient m ec hanisms for either the
tenant or the provide r (or both) to exercise a dditiona l control over da ta protec tion
and ava ilab ility func tions. For instanc e, in our previous example of c lasses of service,
ea c h c lass would inc lude a spec ified level of a vailab ility and a spec ified level of d a ta
p rotec tion via the d ata system metad ata on ea ch. Pla tinum service m ight include
hourly ba ckups p lus offsite rep lica tion fo r disaster rec overy, while lower c lasses offe r
just b ackup a t some spec ified schedule. Tena nts may w ish to ove rride the defa ults in
c ertain situations to increase the ba c kup frequenc y or add add itiona l rep lication a fter
a c ritical event.
Cloud storag e provide rs can use CDMIs capab ility tree to define the ir various leve ls ofdata protec tion and a vailability in a standa rd a nd interop erable ma nner.
-
7/31/2019 SNIA White Paper_ Storage Multi-Tenancy for Cloud Computing
12/14
Storage Multi-Tenancy for Cloud Com puting
10
2010 STORAG E NETWORKING INDUSTRY ASSOCIATION
Manageability
Ma nagea bility is the fina l, but certainly not the lea st, of the considerations for multi-
tena nt storag e. The fea r of losing c ontrol ove r data ma nage ment is certainly among
the reasons for hesitancy about cloud services.
Flexible management options. Ce rta in c lasses of tenant w ill desire a c loud service
where they c an ma nag e a nd monitor da ta mo re o r less as they would in their ow n
data cente rs, while o thers will p refer an environm ent where da ta is ma nage d to
spec ified SLAs with little o r no tenant involvement .
From the perspec tive of c loud providers, virtua l storage c onta iners should be flexib le
enough to a llow for d ifferent levels of management c ontrol by tenants. With som e
c loud services, tenants will want or need no d irec t c ontrol or very limited control while
othe rs will want or need full control within the c onfines c rea ted by the virtua l
container.
Self servic e. Allow ing tenants to perform self-service o f ad hoc ta sks suc h as
provisioning, da ta protec tion a nd rep licat ion, ca n significantly red uce m ana gement
ove rhea d for a c loud p rovide r. If the provide r s environm ent is built from multiple
vend ors eq uipment, SMI-S can be utilized under the c loud layer to rem ove the need
to dep loy m ultiple adapters for this self-service m anage ment.
Storage efficienc y. The ab ility to ut ilize storage e ffic ienc y techno logies suc h as thin
provisioning and deduplication can significantly increase storage utilization. From the
provide r s perspec tive, a mo re e ffic ient service is chea per to p rovide and , therefore,
mo re c om petitive. From the tenant s perspec tive, these tec hnolog ies red uce theamo unt of storag e they consume and thus ma y low er their ove ra ll storag e b ill.
Storage protoc ol selec tion. For som e c loud services, particularly those offe ring
infrastructure as a servic e (Iaa S), there is a nee d to offe r tenants d ifferent storage
protoc ol op tions includ ing both file-ba sed op tions (NFS and CIFS) and b lock-based
op tions (iSCSI or FC SAN). (This is a lso related to the ability to provide multiple c lasses of
service a s d isc ussed above in the sec tion, Performa nc e a nd Qua lity of Service.) This
c ould be accommoda ted either in a single virtual storag e c onta iner or via multiple
virtual storage containers of different types.
CDMI supports a ll standard b loc k, file a nd ob jec t storag e p roto cols for use as theFunc tiona l interfac e (Data Path). CDMI a lso w orks with Cloud Comp uting to m ake
c onta iners ava ilab le fo r use b y the virtua l machines in tha t environm ent.
-
7/31/2019 SNIA White Paper_ Storage Multi-Tenancy for Cloud Computing
13/14
Storage Multi-Tenancy for Cloud Com puting
11
2010 STORAG E NETWORKING INDUSTRY ASSOCIATION
Figure 4: End- to-end m ulti-tenanc y
Upg rades and ma intenance . From the perspec tive o f a c loud provide r, upgrades and
ma intena nc e in a m ulti-tena nt environment bec om e d ifficult or impossible to
accom p lish using trad itional me ans bec ause sched uling d ow ntime is imp ossib le in an
environm ent with multiple tena nts sprea d ac ross multip le ge og raphies, and a ll with
d ifferent o perating sc hed ules. Therefo re, it must be possible to p erform a ll upgrade,
rep a ir, and ma intena nce ac tivities in a non-disrupt ive fashion. It m ay be nec essary tobe a b le to non-d isrup tively migra te a ll virtua l storag e c onta iners off o f a pa rticular
storag e system , so such work can be p erforme d.
CDMIs provides a rich and flexib le c onta iner model tha t cove rs com mo n
ma nagement aspe c ts such as a lloc ation and m onitoring o f storag e. This ena b les
Cloud storag e p rovide rs to a dvertise the ir adherence to standard leve ls of e ffic ienc y
and m anage ability, while supporting c ustom vend or extensions tha t can be used for
differentiation or specialization.
End-to-End Multi-tenanc yIt should be c lear tha t provisions made a t any infrastructure layer for sec urity, qua lity of
service, ava ilability, or ma nagea bility ca nnot ensure those a ttributes in othe r layers. For
exam ple, to p rovide c om plete sec urity in a c loud p roviding infrastruc ture a s a service
(Iaa S), da ta must not only be protec ted from inap propria te a ccess of storage as
desc ribed above , but m ust a lso be p rote c ted as it traverses storag e ne tworks to
servers, as it resides in server memory, and as it traverses the network to the tenant. A
sec ure end-to-end lane from user to data that offers sec ure m ulti-tenancy at each
laye r is needed. This is illustrated in Figure 4. Simila rly, appropria te measures are
need ed a t ea ch layer to ensure quality of servic e, ava ilability, and ma nag ea bility.While the se m ea sures are b eyond the scop e o f this paper, it may be necessary or
desirab le for eac h layer to c ommunica te with every other layer to ensure ap propriate
levels of servic e, particularly with reg ard to sec urity and qua lity of service.
-
7/31/2019 SNIA White Paper_ Storage Multi-Tenancy for Cloud Computing
14/14
Storage Multi-Tenancy for Cloud Com puting
12
2010 STORAG E NETWORKING INDUSTRY ASSOCIATION
ConclusionThe c loud c rea tes unique requirements for da ta in terms of sec urity, performance,
data protec tion, ava ilability, and ma nag ea bility. To d ispe l the c onc erns of m any
potential cloud adop ters, these requirem ents must be a ddressed in a system atic w ay,
and the c onc ep t of a virtua l storag e c onta iner provides a useful construc t for thinkingabo ut how to m eet these requirements.
CDMI now p rovides an ap prove d storag e industry standard to richly de fine the
prop erties and c apabilities of such a virtua l storag e c onta iner. CDMI also d efines
ma nag ement interfac es to effic iently op erate it a c ross one or more Cloud storage
providers.
By addressing the req uirements, a storag e vend or or cloud provide r will be a b le to
create a multi-tenant storage infrastructure that is secure, flexible, highly functional
and interoperable.
Ab out the CSI & CDMIThe SNIA Cloud Storage Initiative (CSI) was c rea ted to foster the grow th a nd suc cess of
the market for c loud storag e. Memb ers of the SNIA CSI work tog ethe r to educate the
vendor and user comm unities abo ut c loud storage , perform ma rket outrea ch that
highlights the virtues of c loud storage, collaborate w ith othe r industry assoc iations on
c loud storag e tec hnic a l work, and coo rd inate with SNIA Reg ional Affilia tes to ensure
tha t the results of CSI ac tivities are felt w orldwide . The CSI, a long with 140 individua ls
from mo re tha n 30 orga nizations, promote s the a dop tion of standard iza tion throug h
the Cloud Data Ma nag ement Interfac e (CDMI) standa rd spec ification. For moreinformation or to get invo lved, visit the SNIA CSI web site a t www.snia.org/ c loud .
Ab out the SNIAThe Sto rage Ne tw orking Industry Assoc iat ion (SNIA) is a not-for-p rofit globa l
orga niza tion, ma de up of som e 400 mem ber com panies spanning v irtua lly the entire
storage industry. SNIA s mission is to lead the storage industry wo rldwide in develop ing
and promo ting stand ards, technolog ies, and ed ucationa l services to e mp ower
organiza tions in the m anagem ent o f information. To this end, the SNIA is unique lyc om mitted to d elivering standards, ed uca tion, and servic es tha t will p rop el op en
storage networking solutions into the broa der ma rket. For ad d itiona l information, visit
the SNIA web site a t www.snia.org.