September 23, 2014

Key Storage Features in Mac OS X 10.7 “Lion”

Mac OS X Lion Series

Mac OS X 10.7 "Lion" is coming, and it's bringing a few storage features to the table

Apple’s not an enterprise company or a storage company. In fact, they’re rapidly jettisoning both – consider the sad fate of the Xserve RAID. But Apple does have enterprise features and storage features in their operating systems. And Mac OS X 10.7 “Lion” is a great case in point. From Versions to Time Machine Local Snapshots to AirDrop, Lion brings some storage love, and iCloud’s Storage API could be game-changing. Let’s look at what’s new and key in terms of storage in the latest version of Mac OS X.

New and Updated Storage Features in Lion

Lion is strong on consumer-oriented features, of course. And Apple is leading the industry in pushing user-friendly storage features for data protection and sharing. OS features like Core Data incremental storage enable Auto Save and Versions, Time Machine gets local snapshots, and FileVault is updated into a whole-disk encryption (WDE) tool.

Update: Probably the most important storage feature, CoreStorage, went un-covered! Read more at Mac OS X Lion Adds CoreStorage, a Volume Manager (Finally!)

Auto Save, Versions, and Resume

AutoSave and Versions leverage advances in HFS+ and a new Core API

Like iOS, Lion enhances the “back where you were” nature of computing with Auto Save, Versions, and system Resume. These completely change the end-user computing experience: Applications don’t have temporal “use once” interfaces but have lasting, historical state. And the ability to move through time (à la Time Machine)

Of course, lots of applications have had auto-save in the past. But Lion adds OS-level interfaces and APIs to enable applications to save data in a standard way. And these will be integrated with Resume (see below) for a very iOS-like experience.

Lion enables all this by enhancing the old, familiar HFS+ filesystem with Core Data incremental storage, a snapshot-like interface to save and recover multiple point-in-time instances of a single document. This is a delta differencing system, probably on a block level, in the filesystem.

Versions are accessed through the title bar document name, as well as a Time Machine-like interface in some applications. Applications can open up multiple versions of the same document at once, and you can cut and paste between them.

Resume is very cool. Applications using the new Lion APIs can save their state, even through reboots! This is what computers should have always done, but no one ever implemented it. Why should a reboot wipe out where you were last? Although not really a storage feature, resume relies on Auto Save and new APIs to store application state.

Time Machine Local Snapshots

Time Machine in Mac OS X "Lion" includes local snapshots as well as storage of backups on external disks

See also Local Snapshots in Mac OS X Lion Time Machine: Is It A Good Idea?

And speaking of Time Machine, it’s been enhanced with Local Snapshots, a mechanism for storing data on the local drive in addition to an external Time Machine drive. The Time Machine interface combines local snapshots and the backup drive or Time Capsule into a single timeline when browsing.

This appears to use Core Data incremental storage as well, though it’s not definite. And it’s unclear how local snapshots will interact with Versions.

AirDrop

See also Snooping on AirDrop in Apple’s Mac OS X 10.7 “Lion”

AirDrop is a new wireless file sharing protocol. Although it smacks of Wi-Fi Direct or Bluetooth, it’s neither. Instead, AirDrop is a newly-developed proprietary mechanism of sharing data between two Macs over a Wi-Fi link. It’ll be speedy and simple but incompatible with the vast majority of systems out there.

FileVault 2

Face it, FileVault was little-used and unfriendly. That’s all changed with FileVault 2 in Lion. It’s encryption done right and might just push average Apple users to protect their data. Kind of like what Time Machine did for backup. That’s a good thing.

What’s new in FileVault 2?

  • Full-disk encryption, rather than an image-based hack.
  • Encrypt in place, in the background, while you work. No more waiting and losing your computer for hours or days while encryption is installed. And the encryption process will resume even after a reboot (or two)!
  • Encrypt external drives, too. Very sweet, especially for Time Machine backups!
  • Remote wipe service, probably through iCloud
  • XTS-AES 128 support

FileVault 2 is full-disk only, but supports multiple users (each with their own encrypted home area) by storing the full-disk key in each user’s keychain. They access it by using their login password, just like they always did. Apple will offer an option to store the encryption key in iCloud, but this does not appear to be the default condition.

Of course, users with poor passwords, or those vulnerable to social engineering, will still be vulnerable. But some encryption beats no encryption any day! Lion uses the login window for sleep and screen savers, so FileVault 2 protects in those states as well.

NFSv4

Lion adds support for NFS version 4, which is a welcome update. But it doesn’t appear to support version 4.1, or parallel NFS.

SMB with DFS

DFS is a technology in Microsoft Windows that virtualizes file server shares, improving flexibility. Lion’s SMB client supports DFS when connecting to Windows file servers.

Xsan Built In

Mac OS X Server will now be an optional extra to add to the standard Lion install, rather than a separate SKU. Part of this shift is the integration of Xsan, Apple’s OEM version of Quantum’s StorNext SAN file system. Xsan has been quite popular in the media space on client machines, and it appears that it does not require a Server license.

Xsan also gets case-insensitive volumes, which brings it more in line with the expectations of users used to HFS+. Finally, Lion gets ALUA-compatible multipathing, supporting a wide variety of storage arrays.

Probable: TRIM Support for SSDs

Apple enabled TRIM in certain versions of 10.6 “Snow Leopard”, but it only supported their OEM SSDs. Lion probably gets a fully-supported TRIM implementation that works with any SSD with TRIM, though this was not mentioned at WWDC or online. This is a welcome update, and one too-long in coming!

Stephen’s Stance

Mac OS X “Lion” doesn’t give storage folks much, but it could be a harbinger of massive changes. Although not part of Lion per se, the iCloud Storage API will likely see much use by application developers. But even Lion’s smaller storage feature list is welcome. Simple full-disk encryption in FileVault and Core Data incremental storage are promising. Let’s just hope TRIM comes along for the ride!

On the enterprise side of things, Lion is improving as a storage client with NFSv4, DFS, and Xsan built in. But there’s no mention of an iSCSI client, suggesting that project is dead. Thank goodness for Studio Network Solutions! And we’re still stuck with HFS+, suggesting the ZFS transition is off the table, too. Too bad – Versions and FileVault would have been much easier to implement on ZFS!

  • http://tedwise.com Ted Wise

    “applications using the new Lion APIs can save their state, even through reboots! This is what computers should have always done, but no one ever implemented it.” KDE on Linux has done this for a very long time. I’m no longer Linux proficient enough to know whether Gnome does as well. I always disabled it on Linux because, at the time, it took forever to startup the desktop then all of the applications that were active when I last shut down. With OS/X and SSD drives it’ll probably be fairly painless.

  • http://tedwise.com Ted Wise

    “applications using the new Lion APIs can save their state, even through reboots! This is what computers should have always done, but no one ever implemented it.” KDE on Linux has done this for a very long time. I’m no longer Linux proficient enough to know whether Gnome does as well. I always disabled it on Linux because, at the time, it took forever to startup the desktop then all of the applications that were active when I last shut down. With OS/X and SSD drives it’ll probably be fairly painless.

  • http://blog.fosketts.net sfoskett

    Interesting! I didn’t know KDE saved application state. Does it have some kind of API for this? Or how does it work?

  • http://tedwise.com Ted Wise

    It’s KDE sessions. It basically tracked applications that were started through KDE. There’s a tiny bit of extra information here – http://docs.kde.org/stable/en/kdebase-workspace/kcontrol/kcmsmserver/index.html

    I don’t know whether applications could integrate with the session saving mechanism to restore at a set point or not.

  • http://twitter.com/billplein Bill Plein

    I’m  disappointed in the lack of native iSCSI capability. The solution from Studio Network Solutions is ill-supported for iSCSI targets other than their own. I’ve opened up tickets with them (they do offer to look at other systems) that are just ignored. Also, it’s a “workstation” iSCSI client in that it does NOT stay connected to the target when you log out, or when the system is rebooted. So this makes it useless as a client for daemons like MySQL or Apache running on your Mac. 

    I’ve looked at ways to hack the SNS client launch to see if it could attach to my iSCSI target on boot, but it’s unclear if it’s possible, and their support for the free client is abysmal.

  • http://blog.fosketts.net sfoskett

    I don’t expect Studio Network Solutions (@SNStweets) to support the free iSCSI initiator, but they seemed like a great bunch of folks when I met them at NAB.

    I suggested then that they offer a paid enterprise support option for the globalSAN iSCSI initiator. Would you be willing to pay some reasonable amount (perhaps $200/client/year?) for support? I bet that would help them improve the software!

  • http://twitter.com/billplein Bill Plein

    Not sure I would pay that much to SNS. I’d rather see Apple join the rest of the operating systems by including a native iSCSI client as part of the base OS.  But I figure it goes against their ease-of-use mantra.