Shared File Service

1. Shared File Service VM Forum January, 2012

2. SFS Topics • Targeted Usage • Security • Accessing CIFS Shares • Availability & Protection • Monitoring • Pricing

3. Targeted Usage • Departmental File Servers • Shared volumes between groups of servers • Protocols: CIFS or NFS Not intended for: • Large, transactional databases • Storage target for backups • Incremental syncing is ok • Virtual Machine disk files (e.g., vmdk, vhd files) • Encrypted volume container files • Data with a high rate-of-change (>20% of share capacity per day)

4. Security • CIFS • A Cornell AD account is required to access a share • NTFS ACL permissions use Cornell AD users and groups • NFS • Shared exported to explicit server(s) • Servers sharing share should have common UID/GIDs • NFS v3 (for now) • Restricted to on-campus IP addresses (including VPN) • Encryption • None built into service • Can use file-level encryption tools (e.g., PGP Net Drive)

5. Accessing CIFS Shares • CIFS Shares will be accessible through the Campus DFS Service \\files.cornell.edu\ORG\software • Additionally a custom CNAME is created for each Share to support older CIFS/SMB Clients \\org-software.files.cornell.edu\org-software • Recommend that departments utilize DFS to reference CIFS shares • Will not be able to use DNS names & share names of existing departmental fileservers

6. Availability & Protection • RAID6 to protect against spindle failures • Dual controllers to protect against controller failure & to facilitate maintenance activities • Optional snapshots to protect against user / application failures • Optional 2-site Asynchronous Replication to protect against building failure • Off-site Data Copy to protect against campus site failure

7. Optional Snapshots • Users can restore older copies of their files from these snapshots • No additional fee for snapshots, but share capacity is utilized for snapshots (reducing usable storage, typically by ~ 20%)

8. Optional Replication • Available for additional cost (2x) • Data replicated asynchronously between primary and secondary data centers • Requires snapshots • Secondary copy promoted to read-write status upon request, or if primary building outage • RPO* is 4 hours • RTO* measured in minutes; Once failover is invoked, it actually takes seconds to complete *RPO = Recovery Point Objective – how far back in time to recover from *RTO = Restore Time Objective – how long it will take to perform the recovery

9. Off-site Data Copy • Off-site data copy is maintained • Protection against campus site failure • RPO: 1 day • RTO: likely measured in days • No additional cost

10. Monitoring • Periodic utilization check • Notifications sent via e-mail • Notification when Warning threshold crossed(default at 80% utilization) • Daily notifications whenever Critical threshold is exceeded(default at 95% utilization) • May not be in place day 1, but shortly thereafter

11. Sizes & Monthly Rates • A $100 “configuration fee” (fee currently waived) may be assessed on configuration, or alteration of your share(s). • If optional snapshots are selected, some of the requested disk capacity is utilized for snapshot overhead (typically ~20%). Snapshots are the only way an end-user can restore a file from a “backup”. • If optional replication is desired, your data will be asynchronously replicated to 2 different buildings on the Ithaca Campus. Replication requires Snapshots. • Shares > 5TB may take longer to provision. • Departments will be able to trade in departmental fileservers for the Cash for Clunkers program. Up to 1TB per fileserver.

12. Questions ?