Chapter 1: The Nasuni Management Console

Nasuni

Nasuni® enables organizations to store, protect, synchronize, and collaborate on unstructured file data across all locations. Built for the cloud and powered by UniFS, the world’s only global file system, the Nasuni File Data Platform couples the performance of local file servers with the infinite scale of the cloud to provide a global file-sharing platform at half the cost of traditional file infrastructures.

With Nasuni, you can consolidate Network Attached Storage (NAS), distributed file servers, backup, disaster recovery, file archiving, multi-site file synchronization, and global file locking in one simple, scalable solution.

Nasuni stores all files and metadata in private (on-premises) or public cloud object storage to provide unlimited primary or archive file storage capacity, then intelligently caches just the active data on lightweight Nasuni Edge Appliances to provide local, high-performance file access in any location.

Nasuni supports the leading third-party object storage services:

• Public cloud (aka BYOC) storage services Alibaba Cloud Object Storage Service (OSS), Amazon Simple Storage Service (Amazon S3), Google Cloud Storage, IBM Cloud Object Storage, Microsoft Azure Cloud Storage, and Virtustream Storage Cloud.

• Private cloud (on-premises) storage services Cloudian HyperStore, Dell EMC Elastic Cloud Storage (ECS), Hitachi Content Platform (HCP), IBM Cloud Object Storage, NetApp StorageGRID, Nutanix Objects, Pure Storage FlashBlade, Scality RING, and Quantum ActiveScale.

Support for each of these cloud object storage services is included with each Nasuni subscription. Multiple cloud object storage services can be used within a single Nasuni implementation, and a single Nasuni Edge Appliance can connect to volumes in different cloud object storage services. However, each volume can exist only in a single cloud object storage service.

Nasuni consists of several product components.

UniFS®

The UniFS® global file system is cloud-resident and serves as the foundation of the Nasuni File Data Platform. UniFS is the first file system designed for private on-premises or public cloud object storage. Unlike device-constrained file systems that cannot scale beyond their single “box” or cluster, the unique ability for UniFS to live and scale within object storage means that Nasuni has no limits on total capacity, file versions, file size, volume size, or number of locations.

Another unique quality of UniFS is the ability to extend on-premises and to cache only the actively used files and metadata anywhere that high-performance file access is needed on Nasuni Edge Appliances. It is this ability, combined with the ability to rapidly synchronize changes to files made on any Edge Appliances with the authoritative copies stored in cloud object storage, that enables Microsoft Azure storage, Amazon Simple Storage Service (Amazon S3), Dell EMC ECS, IBM Cloud Object, and other public and private cloud object storage solutions to be used for high-performance file storage.

Nasuni Edge Appliances

Note: Nasuni Edge Appliances are sometimes referred to by the shorter name “Filers”.

Each Nasuni Edge Appliance performs two main tasks:

• Securely transmits files to cloud object storage where the authoritative copies of all files are stored.

• Caches actively used files locally to provide high-performance file access, and to minimize cloud egress charges in deployments where Nasuni is backed by public cloud object storage.

A Nasuni Edge Appliance can be a virtual machine that runs on hypervisors, including Amazon EC2, Microsoft Azure, Microsoft Hyper-V, Nutanix AHV, Scale HyperCore, and VMware ESXi. Also, a Nasuni Edge Appliance can be a Nasuni hardware appliance.

Just like traditional NAS controllers or file servers, Nasuni Edge Appliances support NFS, SMB (CIFS), FTP/SFTP, and HTTP/ REST protocols. They are also fully integrated with Active Directory, LDAP, Distributed File System (DFS), and Windows Previous Versions. However, the reach and capacity of Nasuni Edge Appliances far exceed traditional NAS controllers, because the appliances store only active files, and have the entire back-end capacity of cloud object storage at their disposal. All data is compressed and encrypted by the appliances before being transmitted to object storage.

Each Nasuni Edge Appliance includes Nasuni Continuous File Versioning™ for data protection. This advanced snapshot technology captures file changes as they occur, and transmits only those changes to your third-party cloud object storage system, so that the third-party cloud object storage system always contains the latest version of every file. It also provides highly granular file-level data protection that offers improved recovery points and recovery times compared to traditional file backup, eliminating the need for traditional backup hardware, software, media servers, and tape and disk media.

Each Nasuni Edge Appliance offers a Web-based interface that enables you to manage volumes and performance. To manage many Edge Appliances, you use the Nasuni Management Console (NMC).

Nasuni Management Console (NMC)

The Nasuni Management Console (NMC) enables you to monitor and manage many Nasuni Edge Appliances from one central Web-based interface. Using the Nasuni Management Console, you can view the status of all your Nasuni Edge Appliances, as well as configure their settings. Using the Nasuni Management Console, you can also ensure consistent settings by applying changes to all appliances with one operation.

Nasuni Orchestration Center (NOC)

The Nasuni Orchestration Center (NOC) is the set of cloud-based services that serves as the control path for Nasuni, and is separate from the data path that writes data to and reads data from private or public cloud object storage. The NOC orchestrates internal authentication, software updates, Nasuni Global Volume Manager™, Nasuni Global File Lock™, credential management, support services, and the dashboard for monitoring and reporting.

The NOC also ensures that organizations benefit by having a simple, safe, and secure way to share data across any number of sites. Nasuni’s multi-site access capabilities include:

• Secure data distribution to remote office/branch office (ROBO).

• Forwarding data from remote offices to a central point.

• Two-way synchronized read-write.

Nasuni’s multi-site access also eliminates costly and cumbersome replication schemes and slow WAN optimizers.

Note: You can view the Health Status of the Nasuni Orchestration Center (NOC), Global File Acceleration (GFA), and Global File Lock (GFL) at account.nasuni.com.

Nasuni Global Volume Manager™

Nasuni Global Volume Manager ensures that changes from every location are synchronized with cloud object storage, then propagated from cloud object storage to all other Edge Appliances that are caching the same files, so that users are always working on the latest versions. Nasuni Global Volume Manager aligns the changes from each Nasuni Edge Appliance based on date/time stamps, creating an infinite version history of every file.

Nasuni Global File Lock™

Nasuni is designed to enable multiple appliances to connect to a single volume, so that users in different locations can collaborate on the same shared files. Nasuni Global File Lock is software that works with third-party cloud object storage to ensure that only one user can write data at a time, minimizing the possibility of version conflicts. Nasuni Global File Lock ensures that only one user in the world can make file changes at any time, by controlling the transmission of data by multiple users to your third-party cloud object storage system to prevent overlap.

Analytics Connector

The Nasuni Analytics Connector enables you to turn unstructured data into big data. A consolidated cloud-based file system enables you to export a temporary second copy of your file data, in native object format, to a separate cloud object storage account. You can then use this data with analytics software, AI, machine learning, and other data recognition tools.

Using Analytics Connector, you can use any analytics service from AWS or Azure, regardless of which cloud currently stores your Nasuni volume. Since file data has already been centralized in cloud object storage, the process is fast, capable of exporting 14–16 TBs of data per hour. You can specify file types, specific paths, and more to refine the selection of data for analysis. Nasuni provides a cost estimator tool to help organizations project the cloud costs of storing the selected data sets in native object format in a separate cloud object storage account. The Analytics Connector runs entirely in the chosen cloud object storage account, using securely stored customer keys.

Global File Acceleration

Combined with Nasuni’s global file system, the Nasuni Global File Acceleration (GFA) service accelerates file synchronization to improve collaboration and optimize productivity across locations.

Global File Acceleration delivers more intelligent multi-site file synchronization that is based on real- time user activity to prioritize when data gets propagated to Nasuni Edge Appliances at other sites, so that users gain faster access to their shared data. The GFA service is available to customers who have the Multisite Collaboration license add-on.

Individual Edge Appliances continuously send file system audit events (such as reads, writes, deletes, and renames) to the cloud-based Global File Acceleration Cloud Controller. Individual Edge Appliances also request recommendations from the GFA Cloud Controller on when to perform syncs and snapshots (respectively known as “pull” and “push”) for the GFA-enabled volume, based on near-real- time analysis of file system audit events.

Note: You can view the Health Status of the Nasuni Orchestration Center (NOC), Global File Acceleration (GFA), and Global File Lock (GFL) at account.nasuni.com.

Nasuni Access Anywhere (NAA)

When combined with Nasuni’s core platform capabilities, Nasuni Access Anywhere delivers high- performance file access for remote and hybrid (distributed) users, along with productivity tools that let them manage files from anywhere on any device. Additionally, integration with collaborative tools provides a seamless workflow across Microsoft Office 365, Microsoft Teams, Slack, and corporate file shares to ensure easy and secure access to critical corporate data.

Nasuni File IQ (NFIQ)

The Nasuni File IQ Appliance (NFIQ Appliance) is an appliance in the Nasuni system that co-exists with installations of the NEA and NMC. It gives business-critical insights into how, when, and by whom the data on the volumes controlled by the NEAs is used. The system is made up of several key elements:

• The File System Metadata Service (FSMS) efficiently scans the associated NEAs’ volumes, and compiles data on their contents.

• The File System Event Processing Service (FSEP) listens to all the events generated by users creating, viewing, editing, moving, deleting, or manipulating files and directories on those volumes in any way.

• The File System Aggregation Service (FSAGG) combines the raw data of these audit events into coherent business knowledge, and stores it in a dedicated database.

• Grafana Dashboards are provided to allow ease of navigation and understanding of this knowledge.

In short, the NFIQ Appliance is an intelligent window into your Nasuni Volumes. For further information, see Nasuni File IQ Best Practices.

Nasuni Edge Appliance and Nasuni Management Console

Using the Nasuni Management Console, you can manage Nasuni Edges even if they are not presently connected. Any changes made propagate to the Nasuni Edge when it becomes connected.

Note: Notifications and changes on Nasuni Edges can take up to 10 minutes to appear in the Nasuni Management Console.

Tip: Certain functions can also be performed using the NMC API. For details, see NMC API.

Certain actions remain unique to each Nasuni Edge and are not available for control using the Nasuni Management Console, including:

• Network-specific configuration.

• Active Directory or LDAP configuration.

Placing Nasuni Edge Appliance under control of Nasuni Management Console

Caution: When a Nasuni Edge Appliance goes under the control of the Nasuni Management Console, the following processing occurs:

• Any existing local users and groups on the Nasuni Edge Appliance are replaced by the users and groups of the NMC.

• If any volumes have Safe Delete enabled, then any pending approvals of volume deletion, and any pending volume deletions, are canceled. The number of “Approvals Required” is also reset to 1. However, each volume’s Safe Delete setting remains enabled.

• When a Nasuni Edge Appliance is disconnected from the Nasuni Management Console, the Nasuni Edge Appliance retains those users and groups that pertain to the Nasuni Edge Appliance.

Important: If NMC SSO (Single Sign-On) is enabled, and an Edge Appliance enables NMC Management, the Edge Appliance cannot disable NMC Management.

If necessary, it is possible to disable NMC Management by any of these means:

• Running the delete_sso_configuration command from the service menu of the NMC deletes all of the NMC SSO configuration from the NMC.

• Running the nmc_leave command from the service menu of the Edge Appliance enables the Edge Appliance to stop being managed by an NMC that has NMC SSO enabled.

• Performing a recovery operation on the NMC ends NMC SSO configuration. For details of the procedure, see the NMC Recovery Guide.

• Requesting Nasuni Support to configure this in the NOC dashboard.

Note: If a Nasuni Edge is under the control of the Nasuni Management Console, you can return that Nasuni Edge to self-management mode at any time. In particular, if a Nasuni Edge loses Internet connectivity with the Nasuni Management Console, you can return that Nasuni Edge to self-management mode.

Note: If a Nasuni Edge Appliance is managed by the NMC, and the NMC is unable to contact or manage the Nasuni Edge Appliance, and that Nasuni Edge Appliance is included in a group's “Filer Access Permissions” list, when the Nasuni Edge Appliance becomes managed by the NMC again, the Nasuni Edge Appliance receives an updated list of users and groups. If any active Safe Delete requests were associated with any the users whose permissions were discontinued, those requests and any associated approvals are canceled.

To enable management by the Nasuni Management Console, follow these steps:

1. On the Edge Appliance user interface, click Services, then select Nasuni Management Console from the list. The Nasuni Management Console page appears.

   

2. From the NMC Management is drop-down list, select either enabled or disabled.

   Important: If NMC SSO (Single Sign-On) is enabled, and an Edge Appliance enables NMC Management, the Edge Appliance cannot disable NMC Management.

   If necessary, it is possible to disable NMC Management by any of these means:

   • Running the delete_sso_configuration command from the service menu of the NMC deletes all of the NMC SSO configuration from the NMC.

   • Running the nmc_leave command from the service menu of the Edge Appliance enables the Edge Appliance to stop being managed by an NMC that has NMC SSO enabled.

   • Performing a recovery operation on the NMC ends NMC SSO configuration. For details of the procedure, see the NMC Recovery Guide.

   • Requesting Nasuni Support to configure this in the NOC dashboard.

   Important: If a customer removes from NMC management an Edge Appliance that owns a volume that Global File Acceleration (GFA) is active on, the following processing occurs:

   • The Global File Acceleration configuration for any volume owned by that Edge Appliance is deleted from the NMC.

   • When the Edge Appliances check in with the NMC, as they do on a periodic basis, they sync to the NMC’s GFA configuration, of which there is now nothing (GFA disabled) for that volume.

   • The volume owned by that Edge Appliance reverts to the snapshot schedule and sync schedule that have been set for that volume on all Edge Appliances.

   • If the Edge Appliance that owns the volume is once again placed under the management of the NMC, Global File Acceleration must be reconfigured for the volume owned by that Edge Appliance.

3. Click Save. A confirmation message appears. A message also appears at the top of the screen.

   Note: It can take up to ten minutes for the Nasuni Edge Appliance to appear on the Nasuni Management Console user interface.

Key Terms

The following terms are helpful in understanding the Nasuni Edge Appliance:

• Nasuni Edge Appliance (“Filer”): The virtual or physical appliance in your data center that integrates with your infrastructure via CIFS (SMB), NFS, FTP/SFTP, or HTTPS/REST protocols. The Nasuni Edge Appliance can be mapped as a network drive.

• Nasuni Edge Appliance user interface: The Web-based graphical user interface with which you configure and manage the Nasuni Edge Appliance. The Nasuni Edge Appliance user interface is accessible through supported Web browsers, including Mozilla Firefox, Microsoft Edge, Safari, and Google Chrome.

• Nasuni Management Console (NMC): The Web-accessible appliance with which you can configure and manage multiple Nasuni Edge Appliances. The Nasuni Management Console is accessible through supported Web browsers, including Mozilla Firefox, Microsoft Edge, Apple Safari, and Google Chrome.

• Cloud storage: Internet-based, highly protected, unlimited storage.

• Volume: A set of files and directories (CIFS (SMB), NFS, and FTP/SFTP).

• Share/export: An access point to a folder on a volume that can be shared or exported on your network. Access to a CIFS (SMB) share can be customized on a user-level or group-level basis. You can create many shares or exports on a volume, for different purposes or audiences.

• Cache: The local storage of the Nasuni Edge Appliance. All data and metadata that are accessed regularly are kept locally in the cache. If requested data is not locally resident, it is staged into the cache and provided for the request.

• Snapshot: A snapshot is a complete picture of your volume at a specific point in time. Snapshots offer data protection by enabling you to recover data deleted in error or to restore an entire file system. After a snapshot has been taken and has been sent to cloud object storage, it is not possible to modify that snapshot.

Terminology

The following terminology is useful in understanding Nasuni technology:

Alerts and messages: See “Notifications”, including “Notifications” on page 564.

Backup: See “Snapshots”, including “Snapshot Schedule” on page 252 and “Snapshot Retention” on page 243.

Bandwidth: See “Quality of Service (QoS)”, including “Quality of Service (Bandwidth) Settings” on page 346.

Local data: See “Cache”, including “Cache Settings” on page 316.

Maximum capacity: See “Quota”, including “Quota” on page 226.

Other Nasuni Edge Appliances: See “Remote Access”, including “Remote Access” on page 235.

Sets of data: See “Volumes”, including “Volumes page” on page 81. Also, see “Glossary” on page 620.