UF Hosting
File Server Hosting allows your UF organization to lease fully managed file server resources (accessible via SMB or NFS) from UFIT's infrastructure. UFIT manages all the elements of purchasing and maintaining hardware resources and overall administration of servers. Your file server will live in UF's private file server cloud which may include NAS appliance failover across multiple physical locations to prevent downtime due to hardware failure or maintenance.
UFIT provides all compute and network hardware and infrastructure for the file server appliance. UFIT provisions your file space and works with your IT staff to assign administrative privileges and permit access via network ACLs and file share permissions.
You will assign one or more of your IT team to fulfill the role of file share administrator. This role will manage snapshot restores, file-system security privileges, drive mappings, and other client-side configurations for users.
| Features | Basic Tier | Capacity Tier | Performance Tier |
|---|---|---|---|
| Min/Max Size (above 10TB may require review and approval) | 1TB/100TB | 1TB/100TB | 250GB/100TB |
| RAID Protection | Yes | Yes | Yes |
| Mirroring | No | No | No |
| High Availability | Single Site | Single Site | Single Site |
| Snapshots (more info) | Yes | Yes | Yes |
| Snapshot Schedule | Limited | Multiple | Multiple |
| Nested Shares | No | No | No |
| Nested Quotas | No | No | No |
| Access Protocol | File (SMB, NFS) | File (SMB, NFS) | File (SMB, NFS) |
| Encryption at Rest | Yes | Yes | Yes |
| Encryption in Transit for Client Access | Available for SMB | Yes | Yes |
| Maximum IOPS 1 | 128 IOPS/TB | 15,000 IOPS/share | 30,000 IOPS/share |
| Maximum Throughput 1 | 4MB/sec/TB | 460MB/sec | 940MB/sec |
| Replication Available (to a second local datacenter) | Yes | Yes | Yes |
| Service failover (site disaster) | Yes (Replicated Shares Only) | Yes | Yes |
| Encryption in Transit for Replication | Yes | Yes | Yes |
| Backup Service Available | No | Yes | Yes |
| Archive Service Available | No | Yes | Yes |
For more information about the terms used see Used Terms Definitions below.
Note: Actual performance may be limited by your client and network configuration.
| Term | Definition and Use Cases |
|---|---|
| Performance Tier | Business/department critical shared files. High throughput and performance for frequently accessed files. |
| Capacity Tier | Default storage tier. Front office files hares, large datasets, infrequent or occasionally accessed files. |
| Basic Tier | Lowest cost durable storage. Limited performance, for files that are rarely accessed but need to be available online. |
| Size | Currently defined in multiples of 250GB for Performance Tier and 1TB/1000GB for Basic and Capacity Tiers. Larger file share capacities may be available by request and require approval. |
| RAID Protection | Provides industry standard Redundant Array of Independent Disks (RAID) protection via Parity and other redundancy mechanisms. |
| Mirroring | Provides real-time near 0 RPO synchronous mirroring of data to other site (SSRB <--> UFDC), not user configurable. |
| High Availability | Dual site provides controller-level redundancy and data availability cross-site in case of localized site disasters/outages; single site provides controller-level redundancy only. |
| Snapshot | Point in time copy of a storage offering, saved for some time for potential resotration of the storage to the time the snapshot was taken. Snapshots exist on the primary storage system, so failures destroying primary data may affect snapshots too. Contrast with 'backup'. |
| Snapshot Schedules | See "Snapshot Schedule Options" table. |
| Nested Shares | Ability for a folder/directory within a share to also be shared via another name, usually with different connection permissions. |
| Nested Quotas | Ability to assign a quota to a specific subdirectory within an existing larger quota. |
| Access Protocols | File (SMB, NFS). |
| Encryption at Rest | Industry-standard cryptographic ciphers encrypt your data before writing it to persistent storage. If a storage drive is lost or stolen, the data stored on it cannot be read. Required by many regulatory standards. |
| Encryption in Transit for Client Access | Provides the ability to encrypt data between file server and client. Windows shares require the client to support SMB3 with encryption. Linux/Unix clients require Kerberos (krb5p) security for NFS exports. Additional client configuration may be required to enforce this setting. This feature may prevent unsupported clients from connecting to the share. Create a Service Request (SR) for assistance in disabling this feature. |
| Average IOPS Per TB | A measure of file system performance. Average Input/Output Operations per Second per TB. |
| Cost | Cost per unit per Month. Unit may be either 250G or 1000G (1TB), depending upon tier. |
| Replication | Copying a share/export from the primary site to a secondary site in the same local region. Available sites are UFDC and SSRB. |
| Limited Service failover (site disaster) for Basic Tier | In the event of a disaster of the primary site, UFIT Storage Team will execute a service failover to the standby site. Only those file shares and exports configured for replication will be available. Non-replicated file shares and exports will remain unavailable. The following conditions and Service Level Expectations (SLEs) apply:
|
| Service failover (site disaster) for Performance and Capacity Tier | In the event of a disaster of the primary site, UFIT Storage Team will execute a service failover to the standby site. All file shares and exports will be available. The following conditions and Service Level Expectations (SLEs) apply:
|
| Encryption in transit for Replication | This refers to the availability and use of industry standard encryption in the replication of data from the primary site to a secondary site for shares configured for replication. |
| Backup | A data copy stored in a physically independent system. Catastrophic failure of the primary system does not affect the "backup" copy. This is a "cold data copy", which takes time to be restored to production system in event of disaster or outage. Due to performance constraints, we cannot offer this service on the Basic Tier. |
| Archive | Data which is intended to be stored for "a long time" in the view of the customer, seldom read, seldom re-written. Also referred to as a "vaulted" or "cold" copy. Takes longer than a backup to recover, reconstitute and recover to production systems. Due to performance constraints, we cannot offer this service on the Basic Tier. |
| SSRB | UF Equipment Site, containing NAS clusters. |
| UFDC | UF Equipment Site, containing NAS clusters. |
| Snapshot Schedule Options | |
|---|---|
| Limited (Basic Tier) | Once daily, retained for 7 days. |
| Multiple (Capacity and Performance Tiers) | You can choose any of these schedules: |
| uf-1week | Four times per day (once every 6 hours), retained for 5 days. Once daily, retained for 7 days. |
| Default: uf-2week | Includes "uf-1week" above, plus: Once weekly, retained for 2 weeks. |
| uf-2month | Includes "uf-2week" above, plus: Once weekly, retained for 8 weeks. Once monthly, retained for 2 months. |
| uf-6month | Includes "uf-2month" above, plus: Once monthly, retained for 6 months. |
The daily/weekly/monthly snapshots are taken between midnight and 2AM.
The 6-hourly snapshots are taken at roughly 12:15AM, 6:15AM, 12:15PM, and 6:15PM.
Snapshots allow your users to perform file-level restores using the Windows "Previous Versions" (VSS) functionality, or via accessing the hidden ".snapshot" directory.
Should you require longer-term data protection or independent data backups, UFIT staff can assist you in configuring and maintaining a NSAM (TSM) backup service.
To minimize client disruption during migrations, you may ask the UFIT Microsoft Core Team to create a DFS namespace for the SMB share. Then, you may add the UNC paths in DFS and access their share in this manner, providing a consistent naming structure for your users. Linux/Unix users may configure the Linux automount client for NFS exports.
Linux clients may access encrypted SMB3 shares beginning with kernel version 4.8.0-54.57. RedHat Enterprise Linux (RHEL) 7.5 back-ported support via kernel-3.10.0-862.el7.
Linux clients accessing encrypted NFS exports must use Kerberos AD.UFL.EDU security tokens.