Storage as a Service

Overview

The CloudCenter platform decouples shared storage from CloudCenter and allows you to attach your own external Artifact Repository to store and access files. To this effect, the CloudCenter platform provides a  File System service to build and own storage. This feature, also referred to as storage as a service or storage service, provides read-write storage access across users and deployments.

Benefits

The benefits of using storage as a service include:

  • The ability to mount storage with multiple disks and encryption.
  • The ability to control the cost of storage by providing the storage service at the application level (rather than at the system level).
  • The flexibility to use the storage service as part of one application or as part of the deployment service for multiple applications.

Job-based applications (not N-tier applications) that require persistent storage can use the Storage as a Service application.

Using Storage Service Applications

You can model and deploy N-tier applications for a single tier the following storage service options:

The storage repository is automatically mounted when you reboot a running storage service application. The NFS or CephFS storage service is mounted in the /shared path and files can be accessed or written to/from /shared path.

Web-Based Storage Browser

CloudCenter launches the elFinder web-based storage browser using your SSO credentials (see SSO AD or SAML SSO or Use Case: Shibboleth SSO for additional details) so you can drag and drop files when using storage services. You do not need to explicitly login to the storage browser.

Storage Service Permissions

All users within the tenant can read (view) this storage service by default.

To allow specific user groups to have full access (read and write) to this storage service, add the group name to the User Groups (Write Permission) field.

By default, the follow conditions apply to this storage service:

  • Users from different tenants cannot access this service and associated storage browser.

  • Storage space owners have read/write access.

  • Users in any user group that was included in the User Groups (Write Permission) field have read/write access.

  • Other users within this tenant have read only access.

Configuring Storage Services

To use this feature, you must verify the following requirements:

  1. Allow the storage browser UI to be accessed by the he CloudCenter UI user. All users in a tenant can view this service by default. 
  2. Specify user groups that can have full access (read and write) to this storage service and click Save App.


End-to-End Storage Configuration Use Case

To configure NFS storage using the storage mounting feature, follow this process.

  1. Login as the tenant admin and create a shared deployment environment, called StorageNFS.
    1. Log into the CCM UI as a the tenant administrator.
    2. Click Deployment > Deployment Environments > Add New Deployment Environment.
    3. Assign the following values (see Deployment Environment for additional context):
      1. Name = StorageNFS
      2. Select the required Cloud Region and Account
      3. Identify the Default Cloud Region, if applicable.
      4. Select the Default Instance Type
      5. Click Save. The Deployment Environments page refreshes to display the new deployment environment StorageNFS.
    4. Share StorageNFS with users (see Permission Control for additional context).
      1. Click the Share Action icon for the StorageNFS deployment environment.
      2. In the Share popup, verify that you are in the Users tab (default) and select Share with all users.
      3. Leave the Access permissions as View (default).
      4. Change the User's Deployment permissions to Access.
      5. Change the Others' Deployment permissions to Access.
      6. Click Save.
  2. Model an application using NFS storage service and grant read/write access to the user called group GroupNFS.
    1. In the CCM UI, click Applications > Model > N-Tier Execution.
    2. In the Topology Modeler
      1. Click the Basic Information tab and assign the following values (see Model an Application for additional context).
        1. Web App Name = NFS Demo
        2. Version = 1.0
      2. Click the Topology Modeler tab.
        1. Click File System in the Services pane.
        2. Drag and drop the NFS service into the Graphical Workflow pane.
        3. Click the dropped NFS service box to access the corresponding properties in the Properties pane.
        4. In the General Settings section, assign the following values:
          1. Basic Image = Ubuntu 12.04
          2. Default Volume Size = 10
          3. Volumes = 1
          4. Allowed User Groups = GroupNFS (GroupNFS should have been created – see Groups for additional context).
        5. In the Hardware Specification section, assign the following value:
          1. Memory = 256 MB
    3. Click Save as App. StorageNFS now displays in the Applications page along with other applications.
  3. Launch a new job from the modeled NFS Storage application into StorageNFS.
    1. The page refreshes to display the deployed job details.
  4. Access the NFS storage using the administrator account and upload data.
    1. In the CCM UI, access the Deployment page for the NFS-Demo1 deployment and click the Access NFS-Demo1 button.
    2. CloudCenter launches the web browser and displays the Your connection is not private... screen.
    3. Like Proceed to <URL> (unsafe), if you wish to proceed.
    4. The storage browser displays.
    5. Right-click and select New folder from the available options.
    6. Name this folder Test1.
    7. Create a second new folder and name it Test2.
    8. Select and drill into Test1.
    9. Right-click and select Upload files.
    10. In the Upload files popup, click Select files to upload.
    11. Select the required file(s) from the Browser file selection window. For example, Sample.png and Sample.dll.
  5. Log out of the storage browser and login again.
    1. Click Logout in the storage browser.
    2. Access the CCM UI and click the Access NFS-Demo-1 button to login again. 
      The following image provides an example of the Access NFS button:
    3. Verify that your files and folders are displaying as configured.
  6. Log out of the administrator account.
    1. Click Logout in the storage browser.
    2. Try accessing the storage browser URL and verify that the permissions are secure.
  7. From another browser, log in as a standard user (User1).
    1. In the CCM UI click Deployments.
    2. Expand the + icon for NFS-Demo1 and click the NFS-Demo1_run_1 link. The "NFS-Demo1_run_1" Deployment Details page displays.
    3. Click the Access NFS-Demo1 button. You should see the There is a problem with this website's security certificate... screen.
    4. If you want to proceed, click Continue to this webpage (not recommended).
    5. Verify that your files and folders are displaying as configured and that this user has view access to the storage browser and the files and folders.
  8. Add User1 to GroupNFS.
    1. Access the CCM UI as the tenant administrator.
    2. Click Admin > Groups
    3. Locate GroupNFS in the list and click the Edit link for GroupNFS.
    4. In the Edit User Group page, locate the Associated Users section.
    5. In the Add user to this group field within this section, select User1 from the list of users that display when you start typing us...(be aware that only users within this tenant can be added to this group).
    6. Click Save.
  9. User1 can now access the NFS storage in read/write mode.
    1. Login to the CCM UI as User1.
    2. Click Deployments.
    3. Expand the + icon for NFS-Demo1 and click the NFS-Demo1_run_1 link. The "NFS-Demo1_run_1" Deployment Details page displays.
    4. Click the Access NFS-Demo1 button.
    5. Verify that your files and folders are displaying as configured and that this user has READ/WRITE access to the storage browser and the files and folders.

Storage Service Scenarios

Enterprises can use the storage service in multiple scenarios:

  • To write application logs and other output files to a persistent storage.
  • To write output files when benchmarking applications or to run job-based applications.
  • Other scenarios identified in this section.

Scenario 1: Unique Storage Service Per Deployment

In this scenario, the storage service is unique for each deployment. The storage settings are fine tuned based on the application dependencies and requirements. The application only needs a simple node initialization script to mount the storage and the Storage IP address can be passed as an environment variable through the NFS service.

Scenario 2: Storage Service Shared across Deployments

In this scenario, the storage service is shared across permitted deployments in your enterprise. The storage settings are fine tuned based on the application dependencies and requirements. Your enterprise can have multiple storage services available and you can set the instance at deployment time. The application only needs a simple node initialization script to mount the storage and the Storage IP address can be passed as an environment variable through the he CloudCenter platform.

Scenario 3: Storage Service Shared with Users

In this scenario, the storage service is shared with all users. The storage settings are fine tuned based on the application dependencies and requirements. Your enterprise can have multiple storage services available and then you can set the NFS service IP address or DNS at deployment time. The application only needs a simple node initialization script to mount the storage and the Storage IP address can be passed as a custom parameter.

  • No labels