Synology SA3200D review: dual controller NAS with virtualization and Docker

Has not dried up the ink in our review dual-controller iSCSI storage Synology UC3200, and we have tested logical continuation double-head series storage system from the same manufacturer: a full-fledged NAS, made by fault-tolerant design Active-Passive dual controllers, dual power supplies, and 12 drive bays 3.5-inch format.

In general, Synology did something strange with the xx3200 series, and I’ll explain why. Throughout its history, this manufacturer has deliberately tried to add as many features as possible to its NAS-s, so that the end user can get rid of different types of print servers, video recorders, individual devices for backup… Years later, any NAS from Synology is an all-In-one harvester, which in its unchanged concept moved from the consumer sector to the business segment.

Synology UC3200 Synology SA3200D
Type of device IP-SAN NAS
Storage Protocol iSCSI iSCSI, SMB/CIFS, NFS, AFP
Redundand scheme 2 controllers Active-Active 2 controllers Active-Passive
Single controller configuration
CPU Intel Xeon-D 1521 4C, 8T, 2.4 - 2.7 GHz, 6 Mb L3
Memory 8Gb DDR4 ECC RDIMM, up to 64 Gb
Expansion slots 1 x PCI Express 16x FH FL
Physical Dimensions
Number of bays in head 12 x (3.5"/2.5") SAS-12
Max. number of drives with disk shelves 36 x (3.5" / 2.5") SAS-12

But starting with two-controller devices, Synology had a split: the company decided to release two modifications of actually the same hardware, but with different firmware, and the result was UC3200, which is an IP-SAN storage that can only be an iSCSI target for servers, and SA3200D, which can do everything the same as a normal NAS. Why did you need to do this, did the hated marketing take over the engineering idea? Not at all! Let’s figure it out.

What caused the Synology to use the Active-Passive scheme?

Sometimes it seems that two-controller storage systems appeared in the stone age, and the main difficulty since the first such machine is to develop a mechanism for synchronizing the" heads " of the device. The thinner the software add-on over hardware, the faster controllers can switch when they break down or restart, but Synology’s entire technology base is built on its own DSM operating system, and the large layer of software over hardware makes it impossible to switch between controllers instantly.

In order for the NFS and CIFS/SMB file protocols to work in Active-Active mode, you need a third controller that performs the role of proxying requests, so this scheme can be assembled in a cluster of 3 or more NASS, but in one device - please, no way. And this is the main reason why no competitor has dual-controller NASS for small businesses. No, to be precise, they certainly exist in nature, the ones that work in Active-Active mode, but their price is an order of magnitude higher than Synology SA3200D. Of course, in this scenario, Synology decided that the Active-Active scheme can only be done by following the path of Michelangelo: taking your operating system and cutting off everything superfluous from it. As a result, only the iSCSI Protocol and RAID interface remained for the UC3200, giving the Active-Active scheme.


But from the point of view of small storage, the difference between Active-Active and Active-Passive is only in the possibility of doubling the IOPS when two controllers work simultaneously, but again-today this is only relevant for huge storage with dozens of disk shelves and SSD arrays. The performance of the Xeon-D 1521 processors that the xx3200 series is built on, in principle, is enough for any operations with HDD, and it is impossible to overload it with disk operations so that there is not enough power for a single controller.

Some engineers still believe that the Active-Passive scheme is when one controller is running, and the other is in a disabled state, and when it breaks, it loads from scratch and starts. No, here everything is the same as in Active-Active: two controllers are turned on simultaneously, the OS is loaded, but there is no constant memory synchronization. Therefore, the state of caches and running applications is lost in the place where the last write to disk was, and the purpose of this review is to show how your infrastructure survives the crash of one of the controllers of the new NAS.

Which services are available in SA3200D?

So, once again the most important thing: all those services that made Synology its name are available on SA3200D and will work in fault-tolerant mode, I will list only the most important:

  • Video surveillance system for offices with branches
  • Backup servers and work computers
  • Backup Google G Suite or Office 365 services
  • Snapshots and replication
  • Built-in virtualization
  • Built-in Docker container virtualization
  • Mail Plus mail server

I would divide these services into two groups: those that work in continuous mode, such as video surveillance and virtualization, and those that work in short-term mode, such as backup, and I’m very interested in how they will behave when the controller is disabled, but first let’s run our standard test of switching time between controllers.

Test bench configuration:

OS:

  • VMWare ESXi 6.7U3
  • Windows Server 2016
  • Connection iSCSI
  • File system LUN - NTFS, 4kb

First of all, let’s look at the switching time, which we will measure with constant access over iSCSI.this will show us how much time the storage takes to transfer the main services to an additional controller.

It takes exactly 20 seconds for the NAS to return to normal mode, and note that even disabling the passive controller causes a short-term failure in the services. These are as good results as Synology UC3200, which is not surprising, because the hardware platform is the same.

If the virtual machines are located on an NFS volume attached to A VMware ESXi hypervisor, the delay in disk operations is from 12 to 30 seconds, and the loss of the passive controller even more affects the downtime.

Well, we can see that the simple Active-Passive scheme does not differ from Active-Active in terms of time: Synology has excellent results in both cases, so let’s see how the built-in services handle the crash.

Test: how embedded VMs work

When switching the active controller normally, the DSM first turns off all running virtual machines, then turns off the active controller, starts all services on the second one, and then starts the VMs again. In general, I think that this process could be done through hibernate, at least it would save the state of VM with the regular controller, but apparently it’s not really necessary, because it is difficult to imagine a standard situation where you need to change the roles of the active and passive controllers.

But with a contingency cluster of one two-headed storage behaves better than 3 oncontrolling machines: because of an accident on the controller disk space remains intact, the dev is loaded with all the data stored on disk by the time of the accident.

Test: how Docker works

Since the entire file structure does not change when changing controllers, the paths to Docker containers remain unchanged, and in case of an emergency, your applications start immediately after loading the DSM.

The downloaded images are left untouched.

Test: backing up virtual machines using Active Backup for Business

Virtual machine redundancy is one of the scenarios for using SA3200D, and since the copying process is initiated by the NAS itself, it is important for me to save the backup progress when the controller crashes. Roughly speaking, if at the time of backup of 10 virtual machines, there is an accident, how will the system behave when restoring work on the backup controller?

There is good news and bad news here, and I will start with the first. The good news is that the backup process of VMs is not lost when the controller crashes, and if, for example, you managed to save 5 VMs during the task, but there was an emergency on the 6th, then when you load the second controller and start the backup task, you will start with the 6th VM, but from the very beginning. The bad news is that the backup process that was interrupted in this way does not automatically resume, and you either need to start it manually or wait for the next scheduled start.

Test: firmware update

It should be understood that the Active-Passive scheme used in Synology SA3200D does not imply updating the firmware of heads without stopping services, as it is done in two-headed SAN systems, even at the entry level, and here I want to go back to the comparison with UC3200 once again. Both machines are based on very good Intel Xeon D-1521 processors, which constantly require updating security patches, which every serious developer immediately closes. And so UC3200, which can’t do anything except iSCSI, is basically output to a separate software fork of the DSM, which updates can go out less often, because they are not required there. Well, there is no script with built-in virtualization in the use of UC3200, so restrictions on speculative execution of commands are not required here.

But the scenario of using SA3200D already involves virtualization, containers, and multi-user access to services such as mail and chat, so Synology is forced to keep this storage in the main software update stream, along with other NASS, and apply all the same security updates as in other Intel-based devices. And here, two-headedness does not offer any advantages in terms of reducing downtime when updating the system.

Expansion capabilities

The existing 12 compartments for 3.5 and 2.5-inch HDD will be sufficient for the needs of a small modern company. If necessary, you can connect two RXD1219SAS disk shelves to the SA3200D, each of which also has a dozen 3.5-inch compartments. In total, the total capacity of a two-head NAS can be 576 Terabytes.

By default, each node has 2 regular 1-Gigabit ports and one 10-Gigabit 10GBASE-T port, so the issue of expanding the number of network connections can be particularly acute if you use optics. Today, Synology offers three proprietary 10-Gigabit network cards as expansion options:

  • E10G17-F2 (2x SFP+),
  • E10G18-T1 (1x 10GBase-T),
  • E10G18-T2 (2x 10GBase-T).

Intel, Marvell, and Mellanox 25-GB network cards are also supported. Please note that Synology is not made in the compatibility list widespread 10-Gigabit network card, Intel X520-DA2 Intel X550-T2, and indeed compared to oncontrolling models 2017-2018, the list of compatible add-in interfaces is much thinner, but the rumors soon there will be a FC interface, but let’s not rush things.

The device supports only SAS drives, and almost all modern Enterprise-class hard drives, ranging from 400-Gigabyte 2.5-inch to 16-terabyte Seagate Exos X16. The maximum volume of installed SSDS is 3.84 TB (model Samsung PM1643 or WD Ultrastar DC SS530).

In General, there is not enough support for NVME drives for caching read/write, because of course you can use regular SAS SSDS in HDD bays and assign them to caching, but you do not always want to sacrifice one of the 12 bays.

The price of the issue and recommendations when ordering

The cost of Synology SA3200D at retail is approximately 9000 USD, only 10% more than the price of Synology uc3200 IP-SAN, but the functionality is completely different: all the developments of Synology over its long history are available in a fault-tolerant version.

Although Synology has no complaints about the reliability of hardware or the speed of repair, and recently the company began to provide an extended warranty with the terms of NBD (Next Business Day), no one wants to stay without a NAS while searching for some suddenly crashed motherboard. Consider the SA3200D as such a “cold” reserve with a very fast recovery when the active controller is broken.

For the tasks of reserving servers and working PCs of your enterprise, for video surveillance and running some lightweight services on the NAS, the SA3200D can be a good alternative to installing two 1-controller NASes of the RS3617xs+ type in fault-tolerant mode. Especially if you are dealing with large amounts of data and are planning to use the extension shelves: the hardware savings will be significant here.

I think it is ideal to use Synology SA3200D in medium and large installations of government and commercial customers, as an auxiliary device, where the NAS is assigned the functions of data center backup and security video surveillance tasks. And the further away from the head office this NAS is installed, the better its fault-tolerant functions will be displayed. And if you use it in the concept of peripheral computing, then even one such NAS can cover most of the tasks that IT personnel will have to solve at remote sites.

I’m curious, why there is a downtime in active-active mode? I’m looking for some cost-effective solution for my three ESXi hosts. I guess most VMs will not survive up to 1 minute storage downtime.

Because controllers need to reassign IP addresses and restart file Protocol services. In expensive NAS-Ah Dell/EMC, HP and Huawei there is no downtime, but as practice shows, 30-40 seconds for virtual machines is not fatal: they do not hang.