Contain yourself – StorageOS is coming

Automated enterprise-class storage provisioning and services for containers

DockerCon StorageOS is a UK-based startup offering simple and automated block storage to stateless containers, giving them state and the means to run databases and other applications that need enterprise-class storage functionality without the concomitant complexity, rigidity and cost.

It runs as a container in a Linux system and provides plug-ins for other containers to use that give them easy, programmatic access to stateful storage services.

The company was founded by CEO Chris Brandon, CTO Alex Chircop, product management VP Simon Croome, and engineering VP James Spurin. It is Brandon's fifth startup, others he has worked with being GreenBytes and Xsigo – both bought by Oracle – where he led the technical teams.

Chircop has been global head of storage platform engineering at Goldman Sachs and head of infrastructure platform engineering at Nomura International; about as strong a traditional enterprise IT background as you could wish for.

Croome led global engineering teams at Fidelity and Nomura, and web development at UBS in London. Spurin was previously the block storage product manager for Goldman Sachs and the technical lead for storage engineering at Nomura. We see lots of experience in enterprise IT and storage here.

These four got together and after a year's discussion of product technology needs, architecture and design, set up StorageOS in 2015, with private investor support.

What's it about?

What they want to provide is an enterprise-class storage platform that is simpler, faster, easier, and lower-cost to use than legacy IT storage, which they characterise as needing storage admins, slow, complex, costly and rigid. They want to provide automated storage provisioning to containers which can be instantiated and torn down many thousands of times a day.

Brandon says the company is deliberately not located in Silicon Valley, which venture capitalists expect, because Silicon Valley has an insular environment. There is lots of innovation in London, England, where several other container-focussed startups exist.

The founder's thesis is that manually provided and managed storage is obviously not practical for containerised and DevOps-type environments. So, Brandon said, "We built a toolset for people to store data in containers."

It is agnostic about the underlying platform: bare metal, containerised, virtualised server or the cloud. The company says StorageOS, the product, "is an ultra-low entry point, full enterprise functionality storage array that is integrated with VMware, Docker, AWS, and Google Cloud."

StorageOS is focussed on containers for now because that is where the largest initial opportunity is located. It has four focus areas in the container arena:

  1. Stateful containers for database and fast database recovery.
  2. Secure cloud mobility and cost-reduction.
  3. Performance acceleration and volume management.
  4. Continuous application integration and delivery.

StorageOS diagram

How it works

The product works like this: it installs as a container under Linux or a containerised OS such as CoreOS. It locates the storage accessible by its host node: direct-attached, network-attached and cloud-attached, and connected nodes. This is aggregated into a virtual, multi-node pool of block storage. Volumes are then carved out for accessing containers, (thinly) provisioned, mounted, and a database can be loaded and started. This is done in single-digit seconds, typically 2 or 3.

Accessing containers use a StorageOS plug-in from Docker or Kubernetes to "see" the StorageOS container, and have their storage provisioning automated, accelerated and simplified.

The back-end storage itself is not accessed unless data needs to be read or written.

On top of this basic provisioning there are bells and whistles adding enterprise storage-class functionality:

  • Rules engine – policies specifying data placement, protection, etc, which can be modified.
  • Data placement – use different types of media for different kinds of data for optimum (speed, cost) placement.
  • Encryption – safeguard data at rest and in flight.
  • Caching – accelerate data access with DRAM and flash caching.
  • Replication – protect data by moving blocks to remote site.
  • High availability – failover to second node of host node fails.
  • Deduplication and compression.
  • Quality of service (QoS).
  • Migration.
  • Clustering.

Brandon says: "There is a lot of power in the rules engine – far beyond what a traditional storage array would provide."

StorageOS encourages performance by running storage for databases that runs on the same node as the app and provides local caching.

The QoS comes in two forms. Basic QoS is about not exceeding thresholds for IOPS and throughput while enterprise QoS is more sophisticated, using a fair use scheduler to balance out QoS across different services and remedy the noisy neighbour problem. With the QoS features, Brandon says, admins don't have to hand-tweak containers.


This set of features is variably distributed across a free edition of the software and two paid-for editions:

  • Freemium – download at no cost and run on, for example, a laptop, and experiment with product.
  • Professional Version adds clustering, high-availability and caching in DRAM and flash (acceleration), deduplication, compression.
  • Enterprise Edition Professional Feature provides replication, encryption, migration and QoS.

Volume-based pricing will also be available.

StorageOS provides cost-reduction for public cloud users. For example, with replication in Amazon you have a compute instance running in the source environment and a second running in the target environment. With StorageOS, data is replicated to the target with no need for any compute instance there, until a fail-over occurs. This saves money.

StorageOS is not limited to use by containers – it being a general and software-defined storage provisioning platform for virtualised servers and the cloud. It will have iSCSI and Fibre Channel support added, being a general software-defined storage product if customers want to treat it that way. The beta product is being released now and here is what it broadly looks like:


StorageOS beta product

Support for free software version customers will involve a forum and email, while paid-for customers can buy next-day and 24x7 4-hour support services.


StorageOS has joined the Linux Foundation and is a board member of the Cloud Native Computing Foundation (CNCF), where it is involved in setting up a Storage SIG and has a Kubernetes plug-in. It has also been accepted as a Docker Alliance Partner.

A future release will add iSCSI and Fibre Channel support.

Chircop thinks: "The container market is on the verge of being enterprise-ready," there being a vast ecosystem of developers and products pumping huge momentum into the area. OpenStack supports containers. So too does VMware, with Photon. NetApp has a container plug-in and its SolidFire unit is involved with DockerCon, as will IBM.

In the fast-moving container compute environment, traditional storage is too slow, too awkward, too complex and over-expensive. It has to have lower cost and automated provisioning yet, for enterprise container use, it must also have enterprise-class data services. That balance of features is what StorageOS intends to provide.

StorageOS is available now – The Professional Version costs less than $30/month. The beta test is this month and full product GA is scheduled for the Autumn. Check out the product at DockerCon in Seattle, June 19-21, stand number E12. ®

Narrower topics

Other stories you might like

  • 381,000-plus Kubernetes API servers 'exposed to internet'
    Firewall isn't a made-up word from the Hackers movie, people

    A large number of servers running the Kubernetes API have been left exposed to the internet, which is not great: they're potentially vulnerable to abuse.

    Nonprofit security organization The Shadowserver Foundation recently scanned 454,729 systems hosting the popular open-source platform for managing and orchestrating containers, finding that more than 381,645 – or about 84 percent – are accessible via the internet to varying degrees thus providing a cracked door into a corporate network.

    "While this does not mean that these instances are fully open or vulnerable to an attack, it is likely that this level of access was not intended and these instances are an unnecessarily exposed attack surface," Shadowserver's team stressed in a write-up. "They also allow for information leakage on version and build."

    Continue reading
  • Distrobox 1.3.0: Run (pretty much) any Linux distro under almost any other
    Latest version of simplified container tool for penguins is out

    Developer Luca di Maio has released version 1.3.0 of DistroBox, a tool to simplify running different versions of Linux in containers.

    Distrobox is likely to be one of those tools that sounds either great or totally mystifying, depending on the sort of Linux user you are. If you routinely have to work with multiple different distros, you may be in the former group, and DistroBox could save you a fair amount of time and effort.

    The tool is intended to simplify the creation and use of Linux system containers, making it easy to run one distro on top of another without the overhead of virtual machines. If you actively want virtual machines, or you're more used to them, you might know Vagrant.

    Continue reading
  • That critical vulnerability might not be the first you should patch
    Startup Rezilion suggests enterprises should change prioritization strategies

    Enterprise security teams being overrun by the rising numbers of vulnerabilities uncovered each day could vastly reduce their patching workload by changing how they prioritize the flaws, according to recent research from vulnerability startup Rezilion.

    Most enterprises look to the ratings given to flaws in the Common Vulnerability Scoring System (CVSS) framework, which range from 0 to 10 (with 10 being the highest) and are ranked as low and medium to high and critical, depending on the characteristics of the vulnerability.

    Companies will start their remediation efforts with the vulnerabilities deemed "critical" and work their way down, said Yotam Perkal, director of vulnerability research with Rezilion.

    Continue reading

Biting the hand that feeds IT © 1998–2022