As data growth in enterprises continues to skyrocket, striking balance between cost and scalability becomes a challenge. Businesses face key decision on how to deploy their cloud service, whether on premises, in hybrid cloud or in multicloud deployments. So, what are enterprise IT organizations supposed to do, given that 'run anything anywhere' is becoming more important than ever? 

Find out on June 11, 2020, when the SNIA Cloud Storage Technologies Initiative will host a live webcast, “Storage Scalability in Hybrid Cloud and Multicloud Environments.” This webcast will help architects and consumers of hybrid cloud and multicloud storage solutions better understand:

• Trends and benefits of hybrid cloud storage and multicloud deployments
  • The range of technologies and capabilities which will help enterprise, hyperscalers and cloud service providers (CSPs) serve their customers
  • How scalability differs in block vs. file workloads
  • What are key factors to keep in mind when considering a 'run anything anywhere' objective?

We hope to see you on June 11th. Our expert presenters will all be on-hand to answer your questions. Register today

As data growth in enterprises continues to skyrocket, striking balance between cost and scalability becomes a challenge. Businesses face key decision on how to deploy their cloud service, whether on premises, in hybrid cloud or in multicloud deployments. So, what are enterprise IT organizations supposed to do, given that ‘run anything anywhere’ is becoming more important than ever?  Find out on June 11, 2020, when the SNIA Cloud Storage Technologies Initiative will host a live webcast, “Storage Scalability in Hybrid Cloud and Multicloud Environments.” This webcast will help architects and consumers of hybrid cloud and multicloud storage solutions better understand:

• Trends and benefits of hybrid cloud storage and multicloud deployments
  • The range of technologies and capabilities which will help enterprise, hyperscalers and cloud service providers (CSPs) serve their customers
  • How scalability differs in block vs. file workloads
  • What are key factors to keep in mind when considering a ‘run anything anywhere’ objective?

We hope to see you on June 11th. Our expert presenters will all be on-hand to answer your questions. Register today

At the 2018 KubeCon keynote, Monzo Bank explained the potential risk of running a single massive Kubernetes cluster. A minor conflict between etcd and Java led to an outage during one of their busiest business days, prompting questions, like “If a cluster goes down can our business keep functioning?”  Understanding the business continuity implications of multiple Kubernetes clusters is an important topic and key area of debate.

It’s an opportunity for the SNIA Cloud Storage Technologies Initiative (CSTI) to host “A Multi-tenant Multi-cluster Kubernetes "Datapocalypse" is Coming” - a live webcast on June 23, 2020 where Kubernetes expert, Paul Burt, will dive into:

• The history of multi-cluster Kubernetes
• How multi-cluster setups could affect data heavy workloads (such as multiple microservices backed by independent data stores)
• Managing multiple clusters
• Keeping the business functioning if a cluster goes down
• How to prepare for the coming “datapocalypse”

Multi-cluster Kubernetes that provides robustness and resiliency is rapidly moving from “best practice” to a “must have”. Register today to save your spot on June 23^rd to learn more and have your questions answered.

Need a refresher on Kubernetes? Check out the CSTI’s 3-part Kubernetes in the Cloud series to get up-to-speed.

At the 2018 KubeCon keynote, Monzo Bank explained the potential risk of running a single massive Kubernetes cluster. A minor conflict between etcd and Java led to an outage during one of their busiest business days, prompting questions, like “If a cluster goes down can our business keep functioning?”  Understanding the business continuity implications of multiple Kubernetes clusters is an important topic and key area of debate. It’s an opportunity for the SNIA Cloud Storage Technologies Initiative (CSTI) to host “A Multi-tenant Multi-cluster Kubernetes “Datapocalypse” is Coming” – a live webcast on June 23, 2020 where Kubernetes expert, Paul Burt, will dive into:

• The history of multi-cluster Kubernetes
• How multi-cluster setups could affect data heavy workloads (such as multiple microservices backed by independent data stores)
• Managing multiple clusters
• Keeping the business functioning if a cluster goes down
• How to prepare for the coming “datapocalypse”

Multi-cluster Kubernetes that provides robustness and resiliency is rapidly moving from “best practice” to a “must have”. Register today to save your spot on June 23^rd to learn more and have your questions answered. Need a refresher on Kubernetes? Check out the CSTI’s 3-part Kubernetes in the Cloud series to get up-to-speed.

Data generated from the Internet of Things (IoT) is increasing exponentially. More and more we are seeing compute and inference move to the edge. This is driven by the growth in capability to not only generate data from sensors, devices, and by people operating in the field, but also by the interaction between those devices.

This new source of IoT data and information brings with it unique challenges to the way we store and transmit data as well as the way we need to curate it. It’s the topic the SNIA Cloud Storage Technologies Initiative will tackle at our live webcast on May 14, 2020, The influence of IoT on Data Strategy. In this webcast we will look at:

• New patterns generated by the explosion of the Internet of Things
• How IoT is impacting storage and data strategies
• Security and privacy issues and considerations
• How to think about the lifecycle of our information in this new environment

The SNIA experts presenting are sure to offer new insights into the challenges IoT presents. And since this will be live, they’ll be on-hand to answer your questions on the spot. Register today. We hope you’ll join us.

Data generated from the Internet of Things (IoT) is increasing exponentially. More and more we are seeing compute and inference move to the edge. This is driven by the growth in capability to not only generate data from sensors, devices, and by people operating in the field, but also by the interaction between those devices. This new source of IoT data and information brings with it unique challenges to the way we store and transmit data as well as the way we need to curate it. It’s the topic the SNIA Cloud Storage Technologies Initiative will tackle at our live webcast on May 14, 2020, The influence of IoT on Data Strategy. In this webcast we will look at:

• New patterns generated by the explosion of the Internet of Things
• How IoT is impacting storage and data strategies
• Security and privacy issues and considerations
• How to think about the lifecycle of our information in this new environment

The SNIA experts presenting are sure to offer new insights into the challenges IoT presents. And since this will be live, they’ll be on-hand to answer your questions on the spot. Register today. We hope you’ll join us.

In a recent SNIA webinar, Cloud Standards: What They Are, Why You Should Care, the SNIA Cloud Storage Technologies Initiative (CSTI) highlighted some of the key cloud computing standards being developed and published by the ISO/IEC JTC 1/SC 38 (Cloud Computing and Distributed Platforms) and SC 27 (Information security, cybersecurity and privacy protection) standards committees. While ISO and IEC are not the only organizations producing cloud computing standards and specifications (e.g., ITU-T, OASIS, NIST, ENISA, SNIA, etc.), their standards, sometime developed jointly with ITU-T, can play a role in addressing WTO Agreement on Technical Barriers to Trade (TBT) issues. More importantly, they provide a baseline of cloud terminology, concepts, guidance/requirements, and expectations that are recognized internationally. Cloud Terminology As highlighted in the SNIA CSTI webinar, establishing a common cloud vocabulary was an early concern because several software providers invoked a bit of cloud washing, which injected confusion into the market space. ISO/IEC 17788 | ITU-T Y.3500 (Cloud computing – Overview and vocabulary), which drew heavily on NIST Special Publication 800-145 (The NIST Definition of Cloud Computing), and ISO/IEC 17789 | ITU-T Y.3502 (Cloud computing – Reference architecture) clarified many aspects of cloud computing (e.g., key characteristics, deployment models, roles and activities, service categories, frameworks, etc.). Since their publication, however, there have been many developments and clarifications within cloud, so SC 38 is working to capture these details in a new multi-part standard, ISO/IEC 22123, with Part 1 focused on cloud terminology and Part 2 expanding the cloud concepts; look for Part 1 later in 2020. Both ISO/IEC 17788 and ISO/IEC 17789 are available at no cost from the ISO web site (see https://standards.iso.org/ittf/PubliclyAvailableStandards/) as well as the ITU-T SG13 web site (see https://www.itu.int/en/ITU-T/studygroups/2017-2020/13/Pages/default.aspx). Cloud Computing – SLA Framework Another cloud standard highlighted in the SNIA CSTI webinar was the multi-part, ISO/IEC 19086 (Cloud computing – Service level agreement (SLA) framework). This service and vendor-neutral standard offers a unified set of considerations for organizations to help them make decisions about cloud adoption, as well as create a common ground for comparing cloud service offerings. Part 1 establishes a set of common cloud SLA building blocks (concepts, terms, definitions, contexts) that can be used to create cloud SLAs. Part 2 defines a model for specifying metrics for cloud SLAs. Part 3 specifies the core conformance requirements for SLAs for cloud services based on Part 1 and guidance on the core conformance requirements. Part 4 specifies conformance requirements for SLAs that address security and protection of PII components. Both parts ISO/IEC 19086-1 and ISO/IEC 19086-2 are available at no cost from the ISO web site (see https://standards.iso.org/ittf/PubliclyAvailableStandards/). Security Techniques for Supplier Relationships The next standard highlighted in the webinar was the ISO/IEC 27036 (Security techniques – Information security for supplier relationships). As the title implies, this multi-part standard offers guidance on the evaluation and treatment of information risks involved in the acquisition of goods and services from suppliers (i.e., supply chain security).

• Part 1 (Overview and concepts) provides general background information and introduces the key terms and concepts in relation to information security in supplier relationships, including information risks commonly arising from or relating to business relationships between acquirers and suppliers.
• Part 2 (Requirements) specifies fundamental information security requirements pertaining to business relationships between suppliers and acquirers of various products (goods and services); although Part 2 contains requirements, the document explicitly states that it is not intended for certification purposes.
• Part 3 (Guidelines for ICT supply chain security) guides both suppliers and acquirers of ICT goods and services on information risk management relating to the widely dispersed and complex supply chain (e.g., malware, counterfeit products, organizational risks); Part 3 does not address business continuity management.
• Part 4 (Guidelines for security of cloud services) guides cloud providers and customers on gaining visibility into the information security risks associated with the use of cloud services and managing those risks effectively, and responding to risks specific to the acquisition or provision of cloud services that can have an information security impact on organizations using these services. SC 27 has initiated efforts to revise ISO/IEC 27036, but new versions are unlikely to be available before 2023. ISO/IEC 27036-1 is available at no cost from the ISO web site (see https://standards.iso.org/ittf/PubliclyAvailableStandards/).

Cloud Security & Privacy The last group of cloud standards covered webinar were a few from SC 27 that are related to cloud security and privacy. ISO/IEC 27017 | ITU-T X.1631 (Security techniques – Code of practice for information security controls based on ISO/IEC 27002 for cloud services) provides both cloud customers and providers with additional information security controls and implementation advice beyond that provided in ISO/IEC 27002, in the cloud computing context; this document was not intended to certify the security of cloud service providers specifically because they can be certified compliant with ISO/IEC 27001, like any other organization. ISO/IEC 27018 (Security techniques – Code of practice for protection of Personally Identifiable Information (PII) in public clouds acting as PII processors) expands upon ISO/IEC 27002 and provides guidance aimed at ensuring that cloud service providers (public cloud) offer suitable information security controls to protect the privacy of their customers’ clients by securing PII entrusted to them. ISO/IEC 27040 (Security techniques – Storage security) provide guidance on securing most forms of storage technology, which cloud is often dependent on, as well as specifically addressing cloud storage. SC 27 has initiated efforts to revise ISO/IEC 27040, but new a version is unlikely to be available before 2023. While not specific to cloud, the webinar also covered ISO/IEC 27701 (Security techniques — Extension to ISO/IEC 27001 and to ISO/IEC 27002 for privacy information management — Requirements and guidelines) because its recent publication is likely to have an impact on ISO/IEC 27018, especially since certified compliance with this standard is under discussion within SC 27. But Wait, There’s More There are several other published cloud standards, technical reports (TR), and technical specifications (TS) that were not addressed in the webinar including:

• ISO/IEC 17826:2012, Information technology — Cloud Data Management Interface (CDMI)
• ISO/IEC 19941:2017, Information technology — Cloud computing — Interoperability and portability
• ISO/IEC 19944:2017, Information technology — Cloud computing — Cloud services and devices: data flow, data categories and data use
• ISO/IEC 22624:2020, Information Technology — Cloud Computing — Taxonomy based data handling for cloud services
• ISO/IEC TR 22678:2019, Information Technology — Cloud Computing — Guidance for policy development
• ISO/IEC TS 23167:2018, Information Technology — Cloud Computing — Common technologies and techniques

• ISO/IEC TR 23186:2018, Information Technology — Cloud Computing — Framework of trust for processing of multi-sourced data
• ISO/IEC TR 23188:2020, Information Technology — Cloud Computing — Edge computing landscape

Additionally, there are several other cloud projects in various stages of development, including:

• ISO/IEC AWI TR 3445, Information technology — Cloud computing — Guidance and best practices for cloud audits
• ISO/IEC TR 23187, Information Technology — Cloud Computing — Interacting with cloud service partners (CSNs)
• ISO/IEC 23613, Information Technology — Cloud Computing — Cloud service metering elements and billing modes
• ISO/IEC 23751, Information Technology — Cloud Computing and distributed platforms — Data sharing agreement (DSA) framework
• ISO/IEC 23951, Information Technology — Cloud Computing — Guidance for using the cloud SLA metric model

Cloud standardization continues to be an active area of work for ISO and there are likely to be many more standards to come.

What’s going on in the world of cloud standards? Since the initial publication of the National Institute of Standards and Technology (NIST) definition of cloud computing in NIST SP 800-145 in 2011, international standards development organizations (SDOs) have sought to refine and expand the cloud computing landscape. On February 13, 2020 at our next live SNIA Cloud Storage Technologies Initiative webcast “Cloud Standards: What They Are, Why You Should Care” we will dive into the cloud standards worth noting as Eric Hibbard, standards expert and ISO editor, will discuss:

• Key published and draft cloud standards
• Interdependencies of cloud standards and their importance
• Potential future work
• Related technologies: virtualization, federation and fog/edge computing

Lastly, the relevance of the standards will be explored to help organizations understand ways these documents can be exploited.

Register today to join us on February 13, 2020 10:00 am PST for what is sure to be an insightful discussion on the state of cloud standards.

What’s going on in the world of cloud standards? Since the initial publication of the National Institute of Standards and Technology (NIST) definition of cloud computing in NIST SP 800-145 in 2011, international standards development organizations (SDOs) have sought to refine and expand the cloud computing landscape. On February 13, 2020 at our next live SNIA Cloud Storage Technologies Initiative webcast “Cloud Standards: What They Are, Why You Should Care” we will dive into the cloud standards worth noting as Eric Hibbard, standards expert and ISO editor, will discuss:

• Key published and draft cloud standards
• Interdependencies of cloud standards and their importance
• Potential future work
• Related technologies: virtualization, federation and fog/edge computing

Lastly, the relevance of the standards will be explored to help organizations understand ways these documents can be exploited. Register today to join us on February 13, 2020 10:00 am PST for what is sure to be an insightful discussion on the state of cloud standards.

Our recent webcast on how Hyperscalers, Facebook and Microsoft are working together to merge their SSD drive requirements generated a lot of interesting questions. If you missed “How Facebook & Microsoft Leverage NVMe Cloud Storage” you can watch it on-demand. As promised at our live event. Here are answers to the questions we received. Q. How does Facebook or Microsoft see Zoned Name Spaces being used? A. Zoned Name Spaces are how we will consume QLC NAND broadly. The ability to write to the NAND sequentially in large increments that lay out nicely on the media allows for very little write amplification in the device. Q. How high a priority is firmware malware? Are there automated & remote management methods for detection and fixing at scale? A. Security in the data center is one of the highest priorities. There are tools to monitor and manage the fleet including firmware checking and updating. Q. If I understood correctly, the need for NVMe rooted from the need of communicating at faster speeds with different components in the network. Currently, at which speed is NVMe going to see no more benefit with higher speed because of the latencies in individual components? Which component is most gating/concerning at this point? A. In today’s SSDs, the NAND latency dominates. This can be mitigated by adding backend channels to the controller and optimization of data placement across the media. There are applications that are direct connect to the CPU where performance scales very well with PCIe lane speeds and do not have to deal with network latencies. Q. Where does zipline fit? Does Microsoft expect Azure to default to zipline at both ends of the Azure network? A. Microsoft has donated the RTL for the Zipline compression ASIC to Open Compute so that multiple endpoints can take advantage of “bump in the wire” inline compression. Q. What other protocols exist that are competing with NVMe? What are the pros and cons for these to be successful? A. SATA and SAS are the legacy protocols that NVMe was designed to replace. These protocols still have their place in HDD deployments. Q. Where do you see U.2 form factor for NVMe? A. Many enterprise solutions use U.2 in their 2U offerings. Hyperscale servers are mostly focused on 1U server form factors were the compact heights of E1.S and E1.L allow for vertical placement on the front of the server. Q. Is E1.L form factor too big (32 drives) for failure domain in a single node as a storage target? A. E1.L allows for very high density storage. The storage application must take into account the possibility of device failure via redundancy (mirroring, erasure coding, etc.) and rapid rebuild. In the future, the ability for the SSD to slowly lose capacity over time will be required. Q. What has been the biggest pain points in using NVMe SSD – since inception/adoption, especially, since Microsoft and Facebook started using this. A. As discussed in the live Q&A, in the early days of NVMe the lack of standard drives for both Windows and Linux hampered adoption. This has since been resolved with standard in box drive offerings. Q. Has FB or Microsoft considered allowing drives to lose data if they lose power on an edge server? if the server is rebuilt on a power down this can reduce SSD costs. A. There are certainly interesting use cases where Power Loss Protection is not needed. Q. Do zoned namespaces makes Denali spec obsolete or dropped by Microsoft? How does it impact/compete open channel initiatives by Facebook? A. Zoned Name Spaces incorporates probably 75% of the Denali functionality in an NVMe standardized way. Q. How stable is NVMe PCIe hot plug devices (unmanaged hot plug)? A. Quite stable. Q. How do you see Ethernet SSDs impacting cloud storage adoption?

A. Not clear yet if Ethernet is the right connection mechanism for storage disaggregation. CXL is becoming interesting.

Q. Thoughts on E3? What problems are being solved with E3? A. E3 is meant more for 2U servers. Q. ZNS has a lot of QoS implications as we load up so many dies on E1.L FF. Given the challenge how does ZNS address the performance requirements from regular cloud requirements? A. With QLC, the end to end systems need to be designed to meet the application’s requirements. This is not limited to the ZNS device itself, but needs to take into account the entire system. If you’re looking for more resources on any of the topics addressed in this blog, check out the SNIA Educational Library where you’ll find over 2,000 vendor-neutral presentations, white papers, videos, technical specifications, webcasts and more.