A common experience to every computer user is that of the broken or outdated storage medium. Even if it hasn’t happened to us, we’ve at least heard the stories of previous data being lost, corrupted or unusable on broken hard drives, flash disks and other physical media. You might recall a horror story happened in one of the world’s busiest airports where the failure of a hard disk on a server responsible for luggage management caused the paralysis of tourist’s luggage operations for 36 hours in 2010. We often find that in the modern world, data is part of a larger network of operations such that its failure impacts far beyond the loss of the data alone. Information like family health records, general office information, accounting and billing data, national taxation databases and R&D results are all examples of information where proper preservation is essential. To support the need to have accessible and secure data, the NCHC is developing a new cloud storage service to support local academic and industrial endeavors.
Developing a Cloud Storage Service
Many academic research institutions in Taiwan generate an enormous amount of research data and achievements – these are considered extremely important assets of the country and that must be stored safely and securely. To this end, the National Center for High-Performance Computing (NCHC), Taiwan's primary provider of high-performance computing (HPC) services, has been actively developing methods to provide perfect, safe, secure, and easily accessible data storage services to Taiwan's governmental, academic, and industrial institutions. Due to the current trend in cloud computing technologies development, the NCHC has extended its research focus to cloud storage. The NCHC is also actively developing and introducing new kinds of cloud-related technologies in order to be able to offer additional cloud services to its users.
As part of its devotion to developing new data storage technologies, the NCHC began deploying low-cost, high capacity data storage devices in 2009. Initially, the NCHC designed distributed data storage platforms with built-in load balancing and fail-over mechanisms. In 2010, functions such as out-of-band and encryption were integrated into the platforms. In 2011, storage virtualization was implemented. Finally, a storage platform able to integrate storage facilities from different vendors such as IBM, Oracle, and EMC, was successfully developed and resulted in the NCHC being able to offer cloud services. As illustrated in Fig. 1 below, this new storage platform is perfect for storing enormous amounts of non-structural data. It offers data archiving and data migration functionality, allowing reduction in hardware costs. In the near future, this new platform will also be able to accommodate storage equipment produced by domestic manufacturers.
Fig. 1: Distributed Cloud Storage Architecture
Data Storage Technologies
The storage technologies related to the NCHC cloud storage platform are described below:
1. Distributed Data Storage
The three existing storage sites, located in Hsinchu, Taichung, and Tainan, are connected to the Taiwan Advanced Research & Education Network (TWAREN). This forms the Virtual Private LAN Service Network (VPLS), creating a cloud storage platform across the three sites. Within the distributed data storage environment, we have designed several failure groups and quorum nodes to avoid the single point of failure (SPOF) issue as well as to increase its overall service performance. Additionally, with the real-time data replication function, a minimum of two copies of the data are stored at the three sites at any given time. The file system also periodically creates snapshots of the data to prevent it from being deleted abnormally or by natural disasters (e.g. earthquake, flood, etc.). These protection measures are adopted for the purpose of increasing the reliability and integrity of the stored data.
In order to add the location-aware function to the cloud storage services, we integrated the Taiwan Academic Network's (TANET) IP database with the sub-domain name "st.nchc.tw." This allowed us to build a location-based DNS. Based on the location of the domestic users, the nearest cloud storage services unit (e.g. North, Central, or South Taiwan) will respond so that the user can access the closest data, demonstrating the region balancing feature of the cloud storage service.
3. Dynamic Load Balancing
Generally, load balancing mechanisms are applied to webpage browsing or database transactions. In these cases, only system stability or hardware redundancy for fault tolerance is considered while Internet transmission bottle-neck issues are often ignored. In response, we designed a new load balancing mechanism based on the data transmission services. In order to reach the goal of load balancing, Internet transmission flows are considered for dynamic service allocation in addition to considering the system loadings of the server move.
4. Open System Standards
The standard protocols adopted for the cloud services are Web-based Distributed Authoring and Versioning (WebDav) and Secure Sockets Layer (SSL). Through Hypertext Transfer Protocol Secure and browsers, users can easily access the cloud storage services. This significantly lowers the technical threshold needed to access the service. WebDav has been adopted by many international commercial companies such as Apple MobileMe iDisk, Memopal, DriveHQ, Box.net, TeamDrive, and ADrive. Files from different cloud services can be managed with software that is WebDav compatible. In order to avoid data lock-in issues, the format used for data storage is the standard UNIX file system format. Regarding data sharing, different individuals and group permission settings can be used for management purposes.
5. Information Security Management
Regarding security control, in that cloud storage service users can be located anywhere, their real IP addresses are often difficult to obtain after having gone through load balancers and SSL encryptions. In order to avoid unfriendly Internet attacks or abnormal behaviors, we customized the design of the web log analysis. Now users’ IP addresses as well as the entire connection process can be dynamically traced in real-time. We also filter IP’s through the Taiwan IP database. If necessary, we can block or monitor users from certain IP’s. In addition, adopting distributed computing methods, we can obtain near-real-time statistics, including the number of files and directories accessed, the average file size, the total occupied capacity, etc. These statistics can be used to analyze user behaviors and to prevent abnormal usage.
Applications of Cloud Storage
The standard protocol we adopted for the cloud storage is WebDav. Many open-sourced applications also support this protocol, including Syncacny- used for data synchronization and data sharing, Duplicati- used for data encryption and back-up, BitKinex- used for data dispatching, the Cadaver command-line, and the CyberDuck- used for cloud storage management.
In order to serve NCHC's HPC users with higher priority, we also integrated the cloud storage service into "Windrider," the NCHC's newest and most advanced supercomputer. Through gateways, the 10G Ethernet and the 40G InfiniBand can be connected. This way, the data transfer performance of the cloud storage and the Windrider supercomputer are enhanced so that users can manage files in the cloud storage environment and Windrider simultaneously using browsers or command-lines. Previously, users could only copy or move files using the sftp or scp commands. Now, using the webpage interface, users can easily browse and copy files in the cloud storage environment and save them in Windrider, thus, significantly reducing data transfer time.
Beginning December 16th, 2011, all Windrider users with ALPS system accounts were offered a free cloud storage service with storage space of up to 6TB.
Cloud-based storage is the primary trend of data storage of the future. The open standard-based cloud storage platform we developed will continue to meet the storage needs of Taiwan's research and academic circles. It is hoped that, in time, the goal of “Storage as a Service” will be realized.
The NCHC has begun making improvements to the next-generation cloud storage service. To lower the complexity of the system and simplify the user interface, we are in the process of designing a storage platform that conforms to the Information life cycle management. We will also adopt an open-sourced search engine that will properly categorize, preserve, and retrieve the securely-stored data at the NCHC so that it can managed intelligently and accessed even faster. With regards to data transfer, the NCHC is investigating using existing email management tools to synchronize data and simplify data management and the transmission interface.