Cheap IOPS, Expensive Gigabytes…

Recently we implemented a fast storage solution to meet the needs of a growing (and horribly non-relational and un-normalised) database.  While actually a very simple solution from an architectural standpoint it was one of those products that performs exactly as advertised and has impressed us immensely with it’s performance, so I wanted to briefly write about it should anyone reading this need a fast server based storage solution.

The products in question are from a company called Fusion-IO, and are called ioDrives, the same drives are also available through HP who re-brand them as Accelerator IO cards.

The title of this post was actually taken from a conversation with one of the guys from Fusion-IO when we were evaluating the performance of their cards.  He highlighted that what they effectively do is ‘make IOPS cheap and Gigabytes expensive’.

IOPS = Input Output operations Per Second – basically how many times the device (hard disk / SSD / Array) can read or write to itself per second.

Reading the performance statistics for the cards provided some very impressive statistics, but obviously we wanted to prove these for ourselves, in our environment with our hardware and simulation of our typical workload (the mix of reads and writes we typically see from the application).

The cards used in our testing and subsequently our production environment are the 640GB MLC cards, details of which can be found here;

We tested the performance in an HO DL580 G7 with 4 * 8 core Xeon CPUs @ 2.26GHz and 128GB RAM, using the SQLIO Disk Subsystem Benchmark Tool from Microsoft.

The results certainly met our expectations, we saw >90,000 IOPs from a mixed read / write configuration via the SQLIO tool in our real world scenario.  This is particularly impressive given the use of very ‘normal’ off the shelf hardware components.

We were comfortable enough with the results that we recommended the use of these cards for a critical production system in a mirrored (RAID 1 across 2 cards) configuration, and as mentioned have since implemented this solution with great success.

It is worth noting that the cards do have a considerable amount of built in resilience and redundancy so not all implementations would require mirrored cards, in fact according to the vendor most implementations are not RAID 1 and they rarely if ever see any issues.

Before signing off this post I should mention my college Ben Cox who is our local DBA extraordinaire as he actually ran the tests and documented the outputs.


Security as a Service – Category and Threat Definitions

We are currently in phase one of producing the Security as a Service guidance documentation;

–          Agreeing and documenting categories of service and their definitions

–          Agreeing and documenting categories of threats and their definitions

So far the top five categories of service are;

    1. IAM
    2. DLP
    3. Secure Web Gateway
    4. Vulnerability Assessments
    5. Pen Testing
    6. Intrusion Detection
    7. Encryption
    8. Log Management

With several further categories in the mix.  We will be looking to consolidate the above categories and the others identified into sensible easy to understand groupings.   For example it is likely that ‘vulnerability assessment’ and ‘pen testing’ will be a single category.

The top categories of threat identified are currently;

    1. Data Loss Leakage
    2. Traffic Hijacking
    3. Unauthorized Access
    4. Denial of Service
    5. Application Vulnerabilities

With about forty further ideas being assessed in the same way as for categories of service.

Should you have any ideas please do let me know either by posting a comment on this blog or by mailing me on LinkedIn, any assistance is greatly welcomed!