3 traditional problems of storage operation and non-traditional solution

If you are managing storage operations team, you probably have met already with 3 following issues:

  • not possible to limit admin access rights for less skilled team members

  • typos in the naming convention causing non-functional reports

  • the non-unified configuration of disk arrays

Nobody is solving these problems in most of the companies as there is no time, willingness to do it and often there is a belief that the solution is extremely expensive.

But the solution is relatively simple and surprisingly cheap.

3 tradičné problémy storage operations a ich netradičné riešenie

Storage workflow sample

Ak šéfuješ ľuďom, čo majú na starosti diskové polia, určite si sa stretol s týmito tromi nasledovnými problémami.

  • Nemožnosť prideliť obmedzený admin prístup menej skúseným členom tímu

  • Neodhalené preklepy v názvosloví spôsobujú nefunkčnosť reportov

  • Nejednotná konfigurácia diskových polí

Vo väčšine firiem tieto problémy nikto nerieši. Nie je na to čas, chuť a často presvedčenie, že riešenie je extrémne drahé a tým pádom nie sú ani peniaze.

Riešenie je však relatívne jednoduché a prekvapivo lacné.

Dovoliť konfiguráciu storage adminovi bez skúsenosti?

Súčasný spôsob slabej alebo žiadnej granularity admin práv ti zvyšuje náklady na budovanie storage tímu. [Tweetni to]


“Nemôžem mu povoliť prístup na diskové pole. Nemá všetky školenia a ešte sa nezapracoval. Čo keď nejakému zákazníkovi utrhne živé disky?”
 

Poznáš ten stav. Šéfuješ storage oddeleniu. Máš tam pár nových ľudí. Tí starší a skúsenejší sa venujú riešeniu problémov, dizajnu, plánovaniu. Tých mladších by si rád použil na bežné úkony typu “zákazník potrebuje okamžite 100GB diskov”. A potrebuje ich hneď, často v noci alebo cez víkend.

Vendori diskových polí kašlú na granularitu práv.

V čom je problém? Diskové polia a FC prepínače bežne umožňujú definovať užívateľov s rôznymi úrovňami prístupových práv. Ich granularita je však mizerná. Jedna úroveň má read-only práva, ďalšia hneď plný admin prístup.

Sú platformy, kde je možné definovať užívateľské “role” a explicitne vymenovať príkazy, ktoré pre danú “rolu” sú povolené. Problém je však v syntaxi príkazov.

3 reasons I don't like Storage Lifecycle Policies (in NetBackup)

At the beginning I have to admit that Storage Lifecycle Policy (SLP) is a great idea.

During ancient times of NBU we had NBU Vault available. Nifty tool allowing us to select backup images by various filters and create new copies on tapes prepared to eject from tape library and transport to offsite location. And by reading documentation for 7.6 version it supports duplication from any Storage Unit (STU) to any STU. (Do I remember properly some limitations in older versions?) But as I remember it requires explicit license - not cheap for non-capacity based NBU customers. The configuration allows you to duplicate anything but you have to do it properly to really get all images you need. My personal opinion is that simple script creating proper list of images (the though part) and then to run bpduplicate command can do the same. NBU Vault offers you nice GUI for configuration and some few more nifty features.

Since NBU version 7 the SLP was born. Put in basic installation, no special license required. Easy to use, easy to configure. Using the same bpduplicate command as backend. But there are big differences. The main one is that SLP is considered as logical backup destination unit and all backups using it will just follow some rules to get desired amount of backup copies on the right places. Other big difference is possibility to chain duplications and select which copy will be used by which duplication. Pretty nice if you need (e.g.) disk copy of backup in company remote branch, another short retention disk copy in headquarter, long retention tape copy and and offsite tape copy due to legal demand.The biggest difference visible to user/admin is simplicity! There is almost nothing to configure (and of course screw up).

As I mention already - great idea.

And now comes the list of reasons why it's not great implementation. It seems like it's designed by different bunch of people they never seen NBU Vault. Is the rumor about buying of some other SW product by Symantec right? Great idea but with stupid implementation.

Read my 3 reasons by opening a full article.

Tags: 

How I wanted to donate and how I didn't

"Money in hand" by Tax Credits @ Flickr; CC BY 2.0

That was very weird situation. I have heard about one amazing project. Imagine idea to create tablet application to teach children that have no possibility to visit school. Or if the school system is not good enough. Or for any child that wants to learn more than in school.

Did you read The Diamond Age from Neil Stephenson? Great novel. The main idea is about interactive book. By telling story is able to teach small girl. During few years from basic - reading/counting - to programming, self defense,...
Of course. This application will not be such complex but can be some starting point to alternative teaching. I decided to donate.
Great, just do it.

NBU Java console authentication and authorization - integration with Active Directory

In many enterprise environments the ActiveDirectory authentication is used even on Unix/Linux servers. It's much smarter way how to manage a lot of users and groups. But - by default - NBU requires local Unix user. What is you want to used AD auth for NBU Java console too? I was inspired by discussion forum on Symantec web. Solution is easy. But how to handle authorization configured in /usr/openv/java/auth.conf ?
Here is my solution.

Tags: 

SAP/MaxDB backup of transaction logs - status code 6 resolution

If you are backing up transaction logs of SAP/MaxDB you probably have often failed backups with status code 6. But nothing wrong happened. Just no transactions was available for backup. It's a behavior of dbmcli - anything except successful backup returns exit code 1. But parent wrapper script provided by Symantec is not able to distinguish real errors from situation where there are just no transactions to backup. (Read TECH129715). By Symantec we have to wait until SAP will provide dbmcli with more granular exit codes. Seems that we cannot do anything.

Or can?

Tags: 

Pages