Moving Beyond an Era of Compromise with Built-In Multi-Tenancy
Shared IT infrastructure models do a lot to improve operational efficiency. Mainframe computers, storage area networks (SAN) and virtual machines all represent powerful shared resource models that continue to evolve. Like most IT models, shared resources have their challenges. These challenges can be resolved, but they require compromises that continue to frustrate IT organizations to this day. If you want scalability, you’re likely going to have to tolerate performance limitations. If you want enhanced security, you’ll have to sacrifice performance. And even if you achieve your desired aggregate bandwidth and IO, you still might struggle to allocate performance proportionally across logical partitions, VMs or tenants that are sharing compute, storage or network resources.
From a storage perspective, the general motivation behind a multitenant deployment is its ability to consolidate multiple namespaces (which correspond to tenants or applications) within a single file system. In addition to better capacity utilization and lower hardware costs the secondary goals include faster deployment and provisioning, and easier administration. Organizations today are also looking for ways to expand multi-tenant storage usage to maximize both internal data sharing and external collaboration.
However multi-tenancy isn’t very practical unless tenants are securely isolated from one another so that users or applications from any given tenant (and unauthorized users from beyond corporate firewalls) cannot access or even see data residing in any of the other tenants. Ideally, tenants should not even be aware that they are sharing common file system resources. Secure isolation is therefore necessary for true multi-tenancy.
In an effort to deliver both performance and security many organizations have implemented scheduling tools to avoid resource conflicts, along with extremely complex security architectures to protect against possible cyberattacks. Unfortunately this inelegant approach frequently compromises both the performance and resilience of critical storage systems. In addition, many of today’s storage architectures attempt to implement multi-tenant data isolation by applying performance ceilings to coarsely separated hardware resources. This approach is also inefficient because it does not scale well, nor does it facilitate resource sharing.
DDN Infinia includes built-in native multi-tenancy that delivers a much more efficient solution than hardware-based tenant isolation. The Infinia data management solution gives you software-based multi-tenancy that securely isolates and protects user data without compromising on performance or scalability for your data-intensive applications. Infinia’s secure multi-tenancy approach applies efficient quality of service algorithms across all your tenants and subtenants entirely within software. It also ensures your tenant data is protected in-flight, at rest and when shared between organizations. You can realize a competitive edge with superior resource utilization, security for all your data and guaranteed performance with automated service level management.
Guaranteed Quality of Service
AUTOMATICALLY BALANCE PERFORMANCE AND CAPACITY FOR ALL WORKLOADS
Multi-tenant storage is a shared infrastructure model that increases resource utilization and reduces infrastructure costs. However shared infrastructures have always required IT to compromise – usually by sacrificing performance and agility at the expense of capacity or vice-versa.
Even if you reach your desired performance and scale, multitenancy is not complete unless data for each tenant is securely isolated within the shared environment. Furthermore, you need to protect against external security breaches devised to steal valuable information, compromise operations or extort money. Secure isolation with scalable performance is therefore key to enterprise-grade multi-tenancy.
DDN’s Infinia data management solution is a software-defined storage platform built on the industry’s strongest security foundation. It delivers breakthrough performance, agility and guaranteed quality of service (QoS) for any multi-tenant workload. Infinia’s native multi-tenancy dynamically and automatically manages your consolidated workloads. It securely isolates and protects user data without requiring you to make trade-offs between performance and capacity.
Innovations That Remove Obstacles to Efficiency, Performance and Security
Infinia is the simplest, most intelligent data management solution for distributed enterprise data – especially mid-to-large-scale unstructured data. It’s an innovative software-defined storage platform, built on the industry’s strongest security foundation that delivers breakthrough performance and quality of service (QoS) for any multi-tenant object, file or block workloads. With Infinia’s policy-driven multi-tenancy you can eliminate distributed or unstructured data silos, reduce unnecessary storage administration, and facilitate multi-site collaboration.
How does Infinia deliver multi-tenant consolidation WITH the performance you need – not just lab-perfected “hero” numbers, but scalable IO and throughput for day-to-day applications that run your business? Here’s how Infinia delivers unique advantages with native multi-tenancy.
Guaranteed Quality of Service (QoS): At the heart of the Infinia system is the Adaptive IO Engine that can deliver guaranteed performance at the tenant level. If your environment requires more granular service management, you can allocate a tenant’s resources to one or more subtenants. You can map your SLAs and KPIs directly to Infinia QoS policies and choose to either adjust QoS levels manually or allow them to be automatically assigned by the Infinia QoS engine based on preset parameters. Infinia QoS allocates resources in real time for incoming IO using a fair share policy to deliver the maximum performance available for each tenant according to policy. You can thereby ensure service levels are met at the tenant and subtenant level regardless of how much capacity has been allocated to each. You will also avoid the shortcomings of other QoS implementations that cause multiple users and applications to compete for “unassigned” resources, leading to unpredictable service levels and user dissatisfaction.
Simplified Service Provisioning: All tenants and subtenants are assigned a share of the resource performance as well as thinly provisioned capacity upon creation. Once deployed, this setup enables dynamic, automatic performance and capacity management. However, you can choose to manually dial in performance shares and capacity boundaries at deployment time or in realtime. Furthermore, Infinia’s software-based logical partitioning and provisioning at subtenant levels enables specific departments within your organization to manage their own allocation of resources. This unique, multi-level approach to tenant resource management is more flexible and efficient than hardware-based data isolation and storage provisioning, which doesn’t include the concept of subtenants.
Optimized Performance for Various Tenant Workloads: Infinia supports divergent capacity and performance requirements. Some of your tenants, for example, may require high capacity and moderate performance while others require the opposite. Still others may simultaneously require low latency and high throughput. Infinia’s software-based multi-tenancy leverages an Adaptive IO Engine that automatically optimizes data placement and manages erasure coding algorithms based on both incoming IO pattern and size. This dynamic intelligent process minimizes your administrative burden by ensuring predictable performance for all tenants and users, across various structured and unstructured data types in real-time – without requiring specialized hardware or tedious tuning.
The Strongest Security Foundation: As enterprise data becomes increasingly distributed – across different storage systems and across partitions or tenants within a given system – your risk of security and data breaches also increases. Infinia provides a full set of security features that are specifically designed to support multi-tenancy by protecting your data and isolating services at multiple levels of granularity. To protect against unauthorized access, each tenant and subtenant has its own secured view of its data and subsystem, and security administration privileges can be delegated for individual tenant and subtenant roles. To protect against unplanned outages, your administrators can choose to apply fault domains to insulate tenants from hardware failures. Unlike other storage solutions, Infinia’s advanced security measures won’t force you to compromise on infrastructure efficiency. Each tenant and subtenant benefits from software-based logical capacity allocation that dynamically leverages all infrastructure, not just a portion of it.
Realize Flexible Cloud-Like Capabilities for Tenants, Subtenants and Data Services
Using Infinia multi-tenancy, you can allocate physical cluster resources to one or more tenants. Each tenant represents a slice of an Infinia cluster, or an abstraction. This design enables multiple teams, applications (or distinct customers, in the case of service providers) to securely and efficiently share a single Infinia storage system’s resources horizontally across multiple tenants – and vertically within a tenant, in hierarchical fashion.
For example, if your environment requires more granular service management, you can allocate a tenant’s resources to one or more subtenants. And subtenant resources can in turn be allocated to one or more datasets, which are available for consumption by various data services.
All Infinia data objects are tagged with a tenant ID, which is used throughout the platform to implement tenant isolation and manage performance levels.
Infinia’s credit-based flow control model automatically separates your IOPs-intensive mission-critical workloads from other potentially disruptive or “noisy” applications. Essentially you can run Infinia as your own simplified cloud data environment. When a new group or department needs resources, just dial in the required performance and capacity and Infinia does the rest, allocating resources for your new tenant and subtenants, and provisioning individualized space for storing user projects and data. As with public clouds, users can only access their stored information, and each tenant’s data is inaccessible to all other tenants.