A file server is a computer that provides file service relating to the organization of information on writeable persistent storage devices, such memories, tapes or disks. The file server or filer may be embodied as a storage system including a storage operating system that implements a file system to logically organize the information as a hierarchical structure of directories and files on, e.g., the disks. Each “on-disk” file may be implemented as set of data structures, e.g., disk blocks, configured to store information, such as the actual data for the file. A directory, on the other hand, may be implemented as a specially formatted file in which information about other files and directories are stored.
A storage system may be further configured to operate according to a client/server model of information delivery to thereby allow many clients to access an application service executed by a server, such as a file server. In this model, the client may comprise an application executing on a computer that “connects” to the file server over a computer network, such as a point-to-point link, shared local area network, wide area network or virtual private network implemented over a public network, such as the Internet. Each client may request the services of the file system on the file server by issuing file system protocol messages (in the form of packets) to the server over the network. It should be noted, however, that the file server may alternatively be configured to operate as an assembly of storage devices that is directly-attached to a (e.g., client or “host”) computer. Here, a user may request the services of the file system to access (i.e., read and/or write) data from/to the storage devices.
One type of file system is a write-anywhere file system that does not overwrite data on disks. If a data block on disk is retrieved (read) from disk into memory and “dirtied” with new data, the data block is stored (written) to a new location on disk to thereby optimize write performance. A write-anywhere file system may initially assume an optimal layout such that the data is substantially contiguously arranged on disks. The optimal disk layout results in efficient access operations, particularly for sequential read operations, directed to the disks. An example of a write-anywhere file system that is configured to operate on a storage system, such as a filer, is the Write Anywhere File Layout (WAFL™) file system available from Network Appliance, Inc., Sunnyvale, Calif. The WAFL file system is implemented as a microkernel within an overall protocol stack of the filer and associated disk storage.
The disk storage is typically implemented as one or more storage “volumes” that comprise a cluster of physical storage devices (disks), defining an overall logical arrangement of disk space. Each volume is generally associated with its own file system. A filer typically includes a large amount of storage (e.g., 6 terabytes) with the ability to support many (thousands) of users. This type of storage system is generally too large and expensive for many applications or “purposes”. Even a typical minimum storage size of a volume (or file system) is approximately 150 gigabytes (GB), which is still generally too large for most purposes.
Rather than utilizing a single filer, a user may purchase a plurality of smaller servers, wherein each server is directed to accommodating a particular purpose of the user. However, the acquisition of many smaller servers may be more costly than the purchase of a single filer. Furthermore, the cost of maintenance and administration of many smaller servers is typically substantially more than the cost of maintaining and administering a single filer. Therefore, it is often desirable to consolidate many servers within a single filer platform in a manner that logically embodies those servers. Server consolidation is thus defined as the ability to provide many logical or virtual servers within a single physical server platform. Some prior server consolidation solutions are configured to run multiple instances of a process, such as an application service. Other server consolidation solutions provide many independent servers that are essentially “racked together” within a single platform. Examples of virtual servers embodied within a single platform are web servers, database servers, mail servers and name servers.
Server consolidation is particularly useful in the case of a storage server provider (SSP). An SSP serves (“hosts”) data storage applications for multiple users or clients within a single, physical platform (i.e., a filer); several filers can then be managed in a single “data center”. The data center is centrally maintained by the SSP to provide safe, reliable storage service to the clients. In a typical configuration, the data center may be coupled to a plurality of different client environments, each having an independent private internal network. Each internal network may be associated with a different client or division of a client and, thus, the data traffic must be separately maintained within the physical platform.
There are many tasks involved in managing or “administering” a data center configured to host data storage applications for different clients. Some of those tasks include manipulating physical hardware or other common “system” aspects of the server platform, including configuration of operating system software and networks. Other tasks involve managing and allocating logical or “application-specific” aspects of the server, such as storage resources for the clients. For a server having a plurality of virtual servers, there is a need for one manager to administer the common system aspects of the platform. An alternative approach is to have a client manager on each private internal network coupled to a virtual server, wherein each manager has a portion of the responsibility for administering those common platform aspects. That approach, however, is burdensome and, in some cases, impractical.
Prior server consolidation solutions that implement virtual servers often provide “total” virtualized administrative capabilities to each server and its manager. Yet, many clients only want the ability to access to their data in a reliable manner without having the responsibility of managing the system administrative aspects of the server, such as performing backup operations. If the client were to “off load” those system administrative responsibilities onto a third party, the client would still want to maintain the privacy of its internal network environment and ensure that the third party does not have access to the client's data. This may be difficult to ensure in the case of a totally virtualized administrative server implementation. A typical SSP implementation, however, may provide a system manager that is responsible for managing those administrative functions that a client would rather not manage. The SSP solution must be configured to enable client managers of the application-specific aspects of the data center platform to access (“communicate with”) the platform.
To that end, the SSP solution may provide an “administrative proxy” embodied as a general-purpose server, such as a web server, that is coupled to the data center platform over a private network of the SSP. A client manager communicates with the administrative proxy, which performs a filtered or “virtualized administration” function that allows the client to manage its storage on the data center. However, this approach is vulnerable to security attacks and reliability problems, such as virus attacks, because of the general-purpose nature of the operating system and networking functions of the proxy server. Furthermore, this method also requires the SSP to frequently make changes to the administrative proxy as functionality enhancements and other evolutionary changes are made to the actual administrative interface on the storage servers by the storage server vendor(s) when the storage server software is upgraded.
Therefore, it is desirable to provide a system that separates common, physical administrative tasks from logical administrative tasks of a server. In addition, it is desirable to provide a system that enables a client manager with privileges to administer its own storage, but that also prevents that client from accessing/managing the common aspects of the server. It is also desirable to provide a system that enables a client manager to manage its storage on a SSP data center in a secure and reliable manner. Moreover, it is desirable to provide a system in which mapping and filtering of a virtualized administration function can be transparent, yet can be controlled independently and changed dynamically, for each virtual server.