...
...
Table of Contents |
---|
This section provides a high-level overview of setting up a storage cluster in your a network.
Table of Contents |
---|
Sample Networks
The following illustration shows a network where the storage cluster nodes and clients are located in the same subnet using a 1000 Mbps switch. This network is easy to set up and requires basic hardware components, but does not offer any traffic separation between the Swarm nodes and the remaining network.
...
The next illustration shows a network where the storage cluster nodes and clients are located on separate subnets using a router.
...
Layer 3 Switching and Routing
A router or an Open Systems Interconnection (OSI) layer 3 switch routes network packets between subnets. A router segregates network traffic by filtering packets based on the targeted subnets. Separating the subnets provides the Swarm nodes with a stable network bandwidth so the multicast and unicast traffic between each node in your a storage network does not interfere with the systems and devices in your the corporate network.
Switching Hardware
If your client workstations are configured with 100 Mbps network interface controllers (NICs) or cannot effectively use more than 100 Mbps of bandwidth, connecting these systems to 1000 Mbps Ethernet switches may not be cost-effective. In this case, consider connecting these workstations to a separate Ethernet switch that supports the slower bandwidth speed.
When selecting Ethernet switching hardware, remember that many Many client workstations are configured with 100 Mbps NICs , and it may not be cost-effective to connect these workstations to 1000 Mbps ports. Additionally, the The operating systems and applications running on these workstations might may be unable to use more than 100 Mbps of bandwidth effectively.
The following network architecture has the client workstations, application servers, and Swarm storage nodes isolated on switches that support their the maximum bandwidth speeds.
...
Using advanced switches that support supporting multiple routing capabilities, you can isolate your network segments can be isolated as Virtual LANs (or VLANs) on the same device.
To provide high availability when a switch fails, design your Design the Swarm storage network subnet to incorporate redundant switches . When Swarm nodes are connected to multiple network switches, a to provide high availability when a switch fails. A redundant path provides uninterrupted data communications between the nodes if a switch fails for any reason when Swarm nodes are connected to multiple network switches. Deploying Swarm in a multiple-switch environment (or switched fabric) requires planning and an understanding of your the corporate IT structure.
To provide effective data communications between each switch port, make sure that the The bandwidth in your the switched fabric exceeds needs to exceed the port speed on each switch to provide effective data communications between each switch port. For Contact the switch provider for information about proprietary software or implementing link aggregation in your the Swarm network, contact your switch provider.
Internet Deployments
When deploying any service on the Internet or within an extensive enterprise-wide area network (WAN), network security is a top priority. In these situations, install a firewall or filtering router in front of the storage cluster nodes to control the types of traffic and requests that access your the cluster nodes.
The following illustration shows a firewall that allows requests on TCP port 80, the default Simple Content Storage Protocol (SCSP) port. If the SCSP port value set in the storage cluster node or cluster configuration file is not port 80, reset the firewall TCP port to match the value in the configuration file.
If Additional configuration is required to allow the supported SCSP methods if the firewall can examine HTTP request content or traffic on OSI layer 7 (the Application layer), additional configuration is required to only allow your supported SCSP methods.
To present a cluster as a read-only device to external clients, block the POST and DELETE requests to prevent updates to the cluster.
To prevent client access to the Node Status window in the Swarm Admin Console, configure the firewall to deny "GET /" requests to the cluster nodes.
To prevent unauthorized access to the Swarm Admin Console, block Internet access to the Swarm Admin Console port (default TCP port 90) and the SNMP port (UDP port 161). Wide area networks (WANs) may require additional restrictions to prevent access to specific administrative networks or workstations.
To minimize the client impact of hardware failures, deploy devices in redundant pairs when adding security devices such as firewalls into the network architecture.