Best practices of using the Synology DiskStation to host iSCSI Storage

From wiki
Jump to navigation Jump to search
File:ISCSI.png


Overview[edit]

This article will cover advanced aspects of using the Synology DiskStation for dedicated iSCSI Storage deployment. It's best to read this article in it's entirety and enable which options which is best suited for the network. Please be sure to have an iSCSI Target created on the DiskStation before proceeding. Refer to the How to use the iSCSI Target Service on the Synology DiskStation for further information. This article is aimed for experienced network administrators.



Basic Environment Settings for the DiskStation[edit]

  • Enable Email notification
    • This will set the DiskStation where it will send an email out for any maintenance error or report to the administrator of the DiskStation
  • Use a 1Gbps Network or higher speed network
    • Using a 1Gbps Network, which includes 1Gbps NICs, Ethernet cables, and network switches will ensure that the iSCSI performance will operate at it's best potential. Using a lower grade speed interface will result in not the best performance of accessing the iSCSI Target.
  • Restrict Initiator NICs to iSCSI Storage duties only
    • On the Initiator NICs, it's recommended to disable all other protocols and services except for protocols for the iSCSI Service (mainly IPv4). This will reduce interference from the other protocols, and optimize the NIC for performance for accessing iSCSI Storage.
  • Assigned Fixed IP Addresses for both the DiskStation and all servers.
    • This will ensure that IP Address for all of these devices will remain consistent after a network/power interruption.


Block or File-level iSCSI Targets?[edit]

File:Iscsi-layer.png


  • With the Synology DiskStation, there are two "levels" of iSCSI:
    • Block-level: Operates at the level closest to the RAID level, offers greater performance. Using a Block-level iSCSI will create a target whose capacity will be equivalent to the size of the RAID Volume.
    • File-level: Operates at the File-system level and offers greater flexibility, where the RAID Volume storage can be shared between regular file sharing duties, and virtual storage space.
    • Please look here for information on how to create a target using Block-level or File-level iSCSI Targets.
    • Be sure to select a redundant RAID Volume, such as RAID-1, RAID-5, or RAID-6 when creating either type of iSCSI Target, to ensure at least 1-disk redundancy against disk failure.
  • When to use Block-level iSCSI Targets
    • If the intention of the DiskStation will be strictly that Virtual Storage purposes only
      • Please ensure that that the File System of the Initiator is capable of addressing a large hard drive (some file systems cannot recognize targets which are greater than 2TiB, for example)
  • When to use File-level iSCSI Targets
    • When the DiskStation will be used for shared storage duties, for file sharing, and hosting virtual storage.
    • When the File System of the Initiator cannot recognize a large hard drive.
      • For example, a DS1010+ with 5x2TB drives in RAID-5 would provide 7.28TiB of Redundant Storage, to use this for iSCSI Storage, if the Initiator File System cannot recognize greater than 2TiB, then, 3x2TiB File-level iSCSI Targets will have to be created. And the remaining 1.28TiB can be used for another iSCSI Target or for regular file-sharing duties.


Thin Provisioning and Over-allocation[edit]

File:Iscsi-thinProvisioningOverAllocate.png


  • Note: Thin Provisioning and Over-allocation is available for file-level iSCSI Targets only
  • Thin Provisioning allows for storage to grow on demand, where if there's a 100GB target, 100GB of space on the physical volume will be allocated for the use of the iSCSI Target. However, the physical storage will not be committed towards the iSCSI Target until it is utilized by the virtual space.
    • A larger benefit of using Thin Provisioning is where the iSCSI Target storage can be adjusted on the fly, allowing targets space to grow instantaneously from 100GB to 200GB with a single click.
  • Over-allocation allows for an iSCSI Target to virtually have greater space than what is physically available. This is mainly beneficial for those environments where it's not known how much space is required - so it's easier to create a large storage pool immediately, and be concerned about the physical storage needs at a later point.
    • However, the physical storage will have to be updated eventually, if the virtual storage requirements exceeds what is physically available, then no more data can be written within the virtual space, which may result in lost or damaged data. It is the administrator's responsibility to ensure that there is plenty of physical space to accommodate the virtual storage needs.


Using CHAP[edit]

File:Iscsi-chap.png


  • Setting CHAP will basically require a username and password to be used before an iSCSI Initiator will have access to an iSCSI Target. Using CHAP is recommended to ensure that only specific users will access the iSCSI Target.
  • Using Mutual CHAP is even a higher level of security, where both the iSCSI Initiator and Target will authenticate each other before access of the Target can be used.
  • Please be sure to use strong passwords (letters, numbers) to help aid in the prevention of unauthorized users accessing the Target.


Using Target Masking[edit]

File:Iscsi-InitiatorMasking.png


  • Target Masking is where specific Initiators will have different capabilities to the iSCSI Target. Initiators can be denied access, have read only access, or have read/write access.
  • For securing iSCSI Targets against unauthorized access/discovery by random users on the LAN, it's best to set the default actions to deny all users, and select specific Initiators to have read/write or read only access.


High-availability Computer Clustering[edit]

File:Iscsi-clustering.png


  • High-availability Computer Clustering is a service where multiple computers are communicating to the same iSCSI Target, and both computers are aware of the changes being to the iSCSI Target. Computer Clustering environments is used in a specific environments, and is recommended for experienced network administrators only. Using the DiskStation to host storage for a Computer Clustering environment requires the following
    • Proceed to the iSCSI Target Advanced Options of the Synology DiskStation and enable Allow multiple sessions from one or more iSCSI Initiators
    • Use a Cluster-capable file system; failure to use the correct file system can and will result in data loss and corruption.
      • A visual example would be to take a USB Hard drive and connect it to two different computers for dual concurrent usage. Under normal conditions, neither computer would be aware of the other computer's changes, thus if they both access the same area of space on the hard drive to read/write data, data loss will occur.
    • Known cluster-capable file systems are
      • Microsoft NTFS
        • Requires iSCSI SPC-3 Persistent Reservation, available in Windows 2008 Server or Windows 2003 Clustering Services
        • Synology DSM 3.0 or higher is required on the DiskStation.
        • It's not recommended to enable compression abilities on the NTFS Volume
      • Oracle OCFS
      • VMware VMFS


Further Reading[edit]

Retrieved from ‘https://wiki.jochen.hayek.name/w/index.php?title=Best_practices_of_using_the_Synology_DiskStation_to_host_iSCSI_Storage&oldid=1015