OKTECH-Info Kft.
Hungary, H-2600 Vác, Zichy H. 12.
info@oktech.hu
OKTECH
About us
Education
Consulting
Products
Research
Blog

Contributors

Powered by Blogger

Subscribe to
Posts [Atom]

2009-07-09

Amazon EC2 + OpenSolaris + ZFS + EBS + encryption

The company made a good decision in the recent weeks: the target is the sky, but at least the cloud. Amazon AWS offerings are hard to beat, so we have started with that one, played around with different configurations a bit, and finally decided that first we shall migrate the company Subversion repository to the cloud, with ZFS mirrors and encryption.

I'm a long-time fan of the ZFS filesystem and the Sun's OpenSolaris offering around it, basically because this is the best, easily accessible filesystem that provides drive mirroring with checksums, enabling automatic recovery from the underlying storage's failures. So it became a natural plan to run OpenSolaris on EC2, ZFS with EBS volumes mirrored. Although the EBS is meant to be very robust, there are always failures in every system, and we have checked a few blog entries where the EBS actually did fail, so better be prepared...

We know that we cannot achieve absolute secrecy only if we unplug the server, dump it a big hole in a deserted location and forget about it, but it seemed to be reasonable to have some encryption. The plan was that at the time the instance starts, we log in, attach the the encrypted ZFS pool with typing the password. Okay, the running instance may be monitored and the content might be extracted if the infrastructure allows such move, but we hope this is a much harder and more classified job to do, than sniffing around a volume snapshot.

I've mailed to the Sun OpenSolaris EC2 team, and they were very kind giving the initial pointers to look for the stuff. I can recommend the following sites in this topic:
Basically the last one pretty much describes most of the important part, but there are a few differences on EC2. First, the Web Console doesn't allow you to mount the EBS volumes directly, because it will provide the /dev/sdf-like mount points for you, but this is not what you are looking for, as the OpenSolaris AMI requires the device number rather. So go to the command line or use ElasticFox, to attach these drives properly. In our test drive, I've attached two 1GB volume as the 2nd and 3rd drive to the EC2 instance, they became the c7d2 and c7d3 respectively.

To cut a long story short, I've used the sun-opensolaris-2009-06/opensolaris_2009.06_32_6.0.img.manifest.xml AMI, and here are the commands that were required to complete the process:
# zpool create rawstorage mirror c7d2 c7d3
# zpool status
# zfs create rawstorage/block
# dd if=/dev/zero of=/rawstorage/block/subversion bs=1024 count=0 seek=$[1024*512]
# ls -lh /rawstorage/block/subversion
# lofiadm -a /rawstorage/block/subversion -c aes-256-cbc
# zpool create subversion /dev/lofi/1
# zpool status
# pkg install SUNWsvn
# svnadmin create /subversion/research/
So what does it give for me?
  • I have a mirrored storage over the EBS (rawstorage pool)
  • I have a ZFS filesystem (/rawstorage/block) on that pool, so I can turn on the compression if I'd like, create snapshots, extend it or anything like that
  • I've created a block file (/rawstorage/block/subversion) on this storage with reasonable starting size. Okay, I haven't checked the size of our ivy repository, this might be not enough for real use. Is there anything more robust (or at least extendable) solution for this?
  • I've attached it as an encrypted loopback device (the /dev/lofi/1 appeared) and set the password
  • Created a new zpool above this device (subversion pool)
  • Installed SVN and used it...
This works from this point on, but what happens if I shut down the instance and start a new one? Well, let's attach the EBS volumes again, and follow these commands:
# zpool import
# zpool import rawstorage
# lofiadm -a /rawstorage/block/subversion -c aes-256-cbc
# zpool import -d /dev/lofi
# zpool import -d /dev/lofi subversion
# ls -lh /subversion/research/
Cool, it works again! You just need to import the rawstorage pool first, attach the lofi driver (get the proper password here), import the second pool, and use it as you like.

But what happens if the password is wrong? First of all, the lofi driver is unable to decide. That seems to be bad at first, but actually it doesn't matter, as we are not going to write any data if we are not able to import the subversion pool. So the worst scenario is that you type a bad password, and the zpool import won't import the subversion pool, and that is it. In such case, you shall detach the lofi drive and retype the password until it gets the pool.

Simple? Seems to be, but before you put all your crucial data on top of it, you might want to play around a bit with OpenSolaris and EC2 first. Many thanks to the Sun and Amazon teams to enable such marvelous technology combination.

Labels: , , , , , ,

posted by István at 5:40:00 PM

3 Comments:

Blogger István said...

Frédéric kindly mailed me that commenting is not easy with the hard captchas, so here comes his comment:

I knew it was a good choice and Smugmug seems to think so too. Great for the post and thank you for the links.
I'm wondering if using opensolaris is advised or if there are people using ZFS on EBS with EC2 instances based on Linux.

And my answer to that:

I wouldn't use ZFS with Linux, I don't think it is mature enough, and although I respect the effort and developers, they are not in the same [development / resource / marketing] position as OpenSolaris and Sun (and here I really hope that Oracle will continue the OpenSolaris).
And OpenSolaris on EC2 is a joint effort of Amazon and Sun, so I don't think you will risk anything using that.

Jul 10, 2009 11:56:00 AM  
Blogger fapestniegd said...

With the IOPS you get out of an EC2 lun or EBS, isn't putting ZFS on it just optimizing the idle loop? Also, can you remove disks from a pool yet in ZFS? if not then Adding an EBS to the pool is a perpetual commitment to pay for the space, since you can't release it without creating a whole new pool and copying the data to it...

Aug 4, 2009 6:38:00 PM  
Blogger István said...

fapestniegd: I'd like to emphasize the three main reasons behind choosing ZFS:
- checksums
- dynamic growth
- compression

You are right, we haven't really examined the shrinking scenario (*), however so far ZFS seems to be the best offering available for such requirements. If you know any better (e.g. Linux or Windows-based) solution, please let us know.

(*) We actually had, but not on the filesystem level: we are working towards a data-grid solution that is able to dynamically re-distribute the data. So you just add a new instance with less disk space and destroy the larger one.

Aug 4, 2009 7:28:00 PM  

Post a Comment

Links to this post:

Create a Link

<< Home

Previous Posts