You need Adobe Reader 7.0 or later in order to read PDF files on this site.
If Adobe Reader is not installed on your computer, click the button below and go to the download site.

Special Feature: Approaches to Storage-centric Terminal Environment

STRAGEX Storage Management Technology to Support Central Management of PC Terminals

Junichi Oka, Shinichi Yoshida, Mitsukazu Washisaka^†,
and Kazuo Ninokata

Abstract

This article introduces storage management technology for booting a computer operating system (OS) in a shared partition and changing an OS in a partition used for centralized management of personal computer (PC) terminals. STRAGEX provides a safe environment and reduces the total cost of operation through centralized management of PC terminals.

†	NTT Information Sharing Platform Laboratories Musashino-shi, 180-8585 Japan

1. Current status of PC management

In recent years, the leaking of information from personal computers (PCs) has grown into a major social problem. In enterprises, security measures for PCs require the system administrator and users to install and set up security software on every machine and periodically update it. Such PC management work places a large burden on the system administrator and users, and management is often entrusted to the users, so it may not be performed thoroughly. When an information leak occurs in a business, it may cause great social or monetary loss. For that reason, the thin client system has been attracting attention as a means of implementing centralized PC security.

2. STRAGEX architecture

The STRAGEX system [1], [2] is a type of thin client system developed to facilitate centralized PC management (Fig. 1). A STRAGEX terminal is simply an ordinary PC whose internal hard disk drive has been removed. Instead, data is stored externally on a large-capacity, centrally managed storage system. Many conventional thin client products use a dedicated server to execute the processing that was originally done by the PC, leaving the PC with only the functions of screen display and keyboard input. If there are a large number of PCs, however, that approach concentrates the processing load on the server, so it leads to degraded performance. Another problem is that keyboard or mouse operations and graphics processing are performed over the network, so the response is slow. For these reasons, the full thin-client approach is not suitable for tasks that require high processing performance, such as computer-aided design (CAD) and video. The STRAGEX system has a management server for managing terminals and partition information for storage, but there is no dedicated server that does the actual processing as in many conventional thin client products. Furthermore, as the STRAGEX terminal is just an ordinary PC whose hard disk drive has been removed; the processing itself is executed locally at the STRAGEX terminal and performance is the same as with an ordinary PC.

Fig. 1. Overview of STRAGEX system.

3. Dynamic partition mounting

An ordinary IP (Internet protocol) network is used to connect the STRAGEX terminal and the large-capacity storage. The iSCSI (Internet small computer system interface) [3] protocol is used for access. The large-capacity storage has an operating system (OS) partition for storing the OS and application programs and a user partition for each user to store individual user data. The STRAGEX terminal operates as described below.

–	When the power is turned on, only the OS partition is mounted according to the OS partition information sent by the management server, and the OS is then booted.
–	When a user logs on to the terminal, the user partition for that user is mounted according to the user partition information sent by the management server.
–	When the user logs off, that user's user partition is unmounted, returning the terminal to the state in which only the OS partition remains mounted.
–	When the terminal is shut down, the OS partition is also unmounted.

This dynamic mounting of only the required partitions means that no important information is left on the terminal. Furthermore, the use of the iSCSI protocol to mount the partitions allows dynamic changes in the correspondence between a STRAGEX terminal and each partition, so users can use any STRAGEX terminal as their own terminal. Another major feature of the STRAGEX system is that the same OS partition can be mounted by multiple terminals. Centralized management achieved through sharing an OS partition by multiple terminals is explained in the next section.

4. Shared mode functions

The STRAGEX system provides two ways to use the large-capacity storage: a shared mode, in which multiple STRAGEX terminals use a shared OS partition, and a private mode, in which each STRAGEX terminal uses its own OS partition (Fig. 2). In the shared mode, the system administrator executes security countermeasures for all of the terminals that have mounted the shared OS partition by simply executing the countermeasures for the shared OS partition. Furthermore, because application programs are installed and managed only on the shared OS partition, centralization can greatly reduce the cost of terminal management.

Fig. 2. Shared and private modes.

5. Avoiding OS partition write contention

In the shared mode, the OS partition is shared by multiple STRAGEX terminals, but the OS invoked by each terminal manages the file system information on a terminal-by-terminal basis. Thus, when an operation tries to write to the OS partition that is shared by multiple terminals, there will be data inconsistency between the state of the storage managed by the OS and the actual storage state. In the worst case, the data in the storage could become unavailable.

To avoid these problems, the STRAGEX system uses the storage functions to disable writing to the shared OS partition and implements a function for buffering the write data at the terminal and not writing to the large-capacity storage. When there is a request to write to the storage, this function writes the data to the write buffer (Fig. 3). When there is a request to read from storage, the function first checks the write buffer to see if the requested data is stored there. If it is, the data is read from there; if not, it is read from storage. This write buffering is implemented in the storage driver, so the OS and application programs can run without being aware that the storage is being shared and without any changes being made in the higher-level software. The destination for the buffering can be set to either the terminal's main memory or the dedicated buffering partition of the storage.

Fig. 3. Write buffer operation.

6. Three OS partitions in shared mode

While OS partitions used in the shared mode have the advantage of centralized management, data might be destroyed if the management terminal executes a write operation while the terminal is being used, as mentioned above. To allow changes within the OS partition when the system administrator executes OS security countermeasures, application program installation, and other such management tasks even when a user is operating a terminal, the STRAGEX system provides three OS partitions for the shared mode. These are listed below and overviewed in Fig. 4.

Fig. 4. Three OS partitions in shared mode.

–	Active partition: An OS partition used in common by user terminals
–	Standby partition: An OS partition used from the management terminal by the system administrator for management
–	Backup partition: An OS partition for backing up an OS partition

Switching among these three partitions to perform OS partition management is another feature of the STRAGEX system. OS partition management is explained in the next section.

7. System switching

The system administrator uses the management terminal to manage the shared OS partitions. Unlike a user terminal, when a management terminal is started up, it communicates with the management server and gets the standby partition information and mounts the standby partition. The standby partition is then dedicated for use by the management terminal. When the system administrator uses the management terminal to update the OS or an application program, it is the OS or application program stored in the standby partition that is updated. To make the updated standby partition into the active partition that is shared by the user terminals, an operation called system switching is performed. When system switching is performed, the standby partition is copied to the active partition. Before this copying is executed, the management server assigns the current active partition as the backup partition to avoid affecting the terminals that are running. Conversely, if there is a problem with the currently active OS or an active application program, the system can be rolled back to the previous version (switching back operation). In a switch back, the backup partition is copied to the active partition and the backup partition is moved to the standby partition. At that time, the management server also assigns the currently active partition as the backup partition to avoid affecting terminals that are running. The operations of system switching and switching back are illustrated in Fig. 5. The management server actually manages the three partitions by using a database and simply changes the values in the database, making no physical changes at all to the terminals. When a terminal is newly started up after a system switching or switching back operation has been executed, it receives the updated active partition information from the management server and can then use the updated active partition.

Fig. 5. Movement of partition by system switching and switching back.

8. Concluding remarks

In this article, we described a scheme for centralized management that uses the shared OS partition feature of the STRAGEX system. In future, we plan to use the STRAGEX system as a base for achieving even higher performance and more advanced functionality in the daily operations of an actual company.

References

[1]	K. Noguchi, M. Washisaka, T. Miei, and J. Oka, “Storage Centric Network System V1,” NTT Technical Review, Vol. 3, No. 7, pp. 42–47, 2005.
[2]	T. Miei, M. Washisaka, N. Shigematsu, K. Kobayashi, and S. Yoshida, “Storage Centric Network Architecture,” NTT Technical Review, Vol. 2, No. 7, pp. 57–60, 2004.
[3]	http://www.ietf.org/rfc/rfc3720.txt

	Junichi Oka Research Engineer, NTT Information Sharing Platform Laboratories. He received the B.E. and M.E. degrees in mechanical engineering from Waseda University, Tokyo, in 1996 and 1998, respectively. He joined NTT Network Service Systems Laboratories in 1998. He moved to NTT Information Sharing Platform Laboratories in 2000. He has been engaged in R&D of IP networks and storage area networks based on them.
	Shinichi Yoshida Research Engineer, NTT Information Sharing Platform Laboratories. He received the B.S. and M.S. degrees in applied quantum physics and nuclear engineering from Kyushu University, Fukuoka, in 1995 and 1997, respectively. In 1997, he joined the Saga Branch of NTT West. In 2000, he moved to NTT Information Sharing Platform Laboratories, where he has been working on applications of the storage-centric network.
	Mitsukazu Washisaka Senior Research Engineer, NTT Information Sharing Platform Laboratories. He received the B.S. and M.S. degrees in information and computer science engineering from Osaka University, Osaka, in 1985 and 1987, respectively. He joined NTT in 1987. He has been engaged in R&D of wide area IP networks and their applications.
	Kazuo Ninokata Research Engineer, Research and Development Center, Network Business Headquarters, NTT East. He received the B.E. degree in mechanical engineering from Osaka University, Osaka, and the M.E. degree in information science from Nara Institute of Science and Technology, Nara, in 2001 and 2003, respectively. He joined NTT Information Sharing Platform Laboratories in 2003. He moved to NTT East in 2007. He has been engaged in R&D of next-generation networks.

↑ TOP