Public clouds use certicates that are signed by well-known certicate authorities. Private cloud service
providers can use either self-signed certicate or a certicate that is signed by a trusted certicate
authority. These credentials are dened on the cloud service provider and passed to the system through
the administrators of the cloud service provider. A cloud account denes whether the system can
successfully communicate and authenticate with the cloud service provider by using the account
credentials. If the system is authenticated, it can then access cloud storage to either copy data to the
cloud storage or restore data that is copied to cloud storage back to the system. The system supports one
cloud account to a single cloud service provider. Migration between providers is not supported.
Client-side encryption for transparent cloud tiering ensures that data is encrypted before it is transferred
to cloud storage. The data remains encrypted in cloud storage and is decrypted after it is transferred back
to the storage system. You can use client-side encryption for transparent cloud tiering to download and
decrypt data on any DS8000 storage system that uses the same set of key servers as the system that rst
encrypted the data.
Notes:
• Client-side encryption for transparent cloud tiering requires IBM Security Key Lifecycle Manager
v3.0.0.2 or higher. For more information, see the IBM Security Key Lifecycle Manager online product
documentation (www.ibm.com/support/knowledgecenter/SSWPVP/).
• Transparent cloud tiering supports the Key Management Interoperability Protocol (KMIP) only.
Cloud object storage is inherently multi-tenant, which allows multiple users to store data on the device,
segregated from the other users. Each cloud service provider divides cloud storage into segments for
each client that uses the cloud storage. These objects store only data specic to that client. Within the
segment that is controlled by the user’s name, DFSMShsm and its inventory system controls the creation
and segregation of containers that it uses to store the client data objects.
The storage system supports the OpenStack Swift and Amazon S3 APIs. The storage system also
supports the IBM TS7700 as an object storage target and the following cloud service providers:
• Amazon S3
• IBM Cloud
™
Object Storage
• OpenStack Swift Based Private Cloud
Dynamic volume expansion
Dynamic volume expansion is the capability to increase provisioned capacity up to a maximum size while
volumes are online to a host and not in a Copy Services relationship.
Dynamic volume expansion increases the capacity of open systems, IBM i, and IBM Z volumes, while the
volume remains connected to a host system. This capability simplies data growth by providing volume
expansion without taking volumes offline.
Some operating systems do not support a change in volume size. Therefore, a host action is required to
detect the change after the provisioned capacity is increased.
The following volume sizes are the maximum that are supported for each storage type.
• Open systems FB volumes: 16 TB
• IBM i variable size volumes
• IBM Z CKD volume types 3390 model 9 and custom: 65520 cylinders
• IBM Z CKD volume type 3390 model 3: 3339 cylinders
• IBM Z CKD volume types 3390 model A: 1,182,006 cylinders
Note: Volumes cannot be in Copy Services relationships (point-in-time copy, FlashCopy SE, Metro Mirror,
Global Mirror, Metro/Global Mirror, and z/OS Global Mirror) during expansion.
36
IBM DS8900F: DS8900F Introduction and Planning Guide
To Next Page
Loading...
Need help?
General