Ubiquiti: Enterprise NAS, Built on ZFS
blog.ui.com390 points by ksec a day ago
390 points by ksec a day ago
I'm glad to see UBNT in this space.
I've always used ZFS because it's vastly superior to other options. When I see storage companies building without fault tolerance, or without a merkle tree (so that you can backup deltas efficiently without having to recompute them) it's a sign their marketing team has more influence over the company than their engineers.
Sadly, the few ZFS COTS options have been somewhat underpowered. QNAP supports ZFS filesystems, but their backup configuration won't let you arrange for a nas to pull from the source (instead of the source doing a push.) You can still pull it off by scheduling your own cron job, but this somewhat defeats the purpose of paying extra for a vendor solution.
UBNT is still supporting my 15 year old edgerouters with security updates, and their interface is clean and usable for anyone with basic network experience. And their video surveillance solutions are unusual in that they allow you to keep your footage entirely onsite and offline, an uncommon level of privacy. If they can bring the same polish to their storage solutions, I'll be using these new products for a long time.
QNAP unforgivably uses a proprietary version of ZFS with their own extensions that are not compatible with mainline OpenZFS. It can only zfs send/receive to other QNAP devices. While your data is protected like any other ZFS system, it is _NOT_ interoperable. You can not take a zpool out of a QNAP system and access it on another system with ZFS. I discovered this painfully the hard way, and won't buy from them again, unless I plan to wipe the software and run something open.
I think the ZFS changes were due to needing a way to allow qnap systems to expand zfs pools. The raidz expansion features in openzfs probably took too long for qnap to wait.
OpenZFS released the zpool expansion as stable last year. Hopefully QNAP is charting a path to allow their users to migrate from their fork to OpenZFS, though of course these kinds of things take time to develop. I would be really worried if they are diverging further from OpenZFS rather than converging.
Last I looked at their releases of code, they had branched from ZFS before it became OpenZFS, and had a lot of proprietary extensions beyond just the reshaping (from memory, they implemented encryption differently, as one example, and I think they had one or two checksums that I assume were because something they shipped had hardware support for it?) so I wouldn't hold out hope that their goal is to rebase on OpenZFS unless they announce something to that effect.
Ah so the fork is permanent. How unfortunate, guess I need to avoid QNAP software entirely.
Nah, I doubt they're going to rebase to openzfs. There's too much divergence and I don't see them putting the time to write something that converts their zfs format to openzfs without an extremely good reason.-
> Hopefully QNAP is charting a path to allow their users to migrate from their fork to OpenZFS
This kind of migration is the stuff of nightmares. The main job of a NAS is to keep the data safe. A file system migration that works in every one of those corner cases present in the wild is statistically unlikely. The kind of bad publicity this can bring is what can sink a company. The only way I'd ever do this is by starting fresh on different storage and replicating the data.
I'll be snide and say it: "OpenZFS" and "stable" rarely belong in the same sentence (even though they seem to have a true 2.2 LTS these days).
There’s literally thousands of petabytes running on it in the wild, and it has continually proven to be one of, if not the most reliable filesystem, on the planet.
Joe blow running a beta release on his raspberry pi complaining about ram usage isn’t indicative of reality.
The same is true for our AI processing on the cameras. This is entirely local and private. You can even air gap the UniFi Protect system from the Internet and it'll operate fine.
> This is entirely local and private. You can even air gap the UniFi Protect system from the Internet and it'll operate fine.
One week ago 3 guys broke into my shop while I was traveling. They had sense enough to power down the starlink that was providing internet which would have taken out all of the remote camera options.
They did not realize that almost everything they were doing was being recorded via the unifi system. In the end about the only thing of value left in the building was the hard drive with all of their pictures on it.
The police have used the footage to identify all of them and it will be pretty open and shut when they see a court room. Offline and air gapped the whole time they were there but did exactly what it was installed to do.
How did you hide it so that the thieves didn't find it?
A 7U cabinet in an overhead space that is difficult to access. Installation and configuration were a bit of a headache but ended up being worth it. There was a NAS in the office and they stripped 7 drives, sleds and all, out of it.
I'm guessing with such an obvious endpoint for the camera storage it never occurred to anyone there was a second box. I had something like this in mind when I wired the building. It seemed like a good idea to make onsite security footage much harder to find given the cameras were obvious and anyone breaking in would probably look to damage or destroy the system.
I really thought the cameras themselves were the deterrent, but these guys gave it a shot anyway. Cutting the cable to the starlink and walking off with the NAS drives seemed to be the plan.
In the future I'm going to add a local battery backed alarm connected to external siren and strobe that is immediate on opening the office door to draw attention. I was driving down to WWDC when the starlink went offline and saw the notice on my phone but wrote it off to equipment failure which gave them enough time to clean the place out pretty well.
The hole in my strategy was thinking nothing could happen without notification, but being in a car in the middle of Norther CA with spotty cell coverage and lots of distractions blew that up pretty hard. I'm also thinking one of ubiquiti's cellular backups is in my future. Starlink offline is annoying but not the attention grabber that a still of a guy walking in the door would have been. Cellular backup would have gotten me that.
I've read through your story and I think you're on the right track with what you're doing.
But, re: alarms, I'd like to add a suggestion: Indoor sirens. They can be intolerably, painfully loud for not very much money (because piezos are cheap and square waves are easy). Using a small, random mixture of them can let them beat at different frequencies and periods, which can make them very unpleasant to behold even with hearing protection.
If you feel like being clever, you can even run them with a local battery that activates when they're disconnected. If you feel like being extra-clever, you can make them activate when they don't have the correct termination resistance at the far end of the line, or exactly the correct voltage: This way, whether the wire goes open or short, the sirens activate.
Super-extra bonus points for using a combination of methods. Any time that a thief spends figuring this out is time they aren't carrying stuff out.
And if that still seems incomplete, then: Fill the shop with smoke. They can't function when they can't even see their hand in front of their face. https://www.youtube.com/watch?v=RPgcysyFUiI
This seems like a good set of ideas if you can guarantee that you'll never have false alarms. I've had too many birds in warehouses and employees forgetting their codes to feel comfortable going full-hell-interior on alarm.
Birds? Yeah, perhaps. We didn't have any trouble with false alarms that I recall at one shop I worked at with a (relatively small, alarmed) warehouse space where the overhead door was usually open during warm days. I can see it happening, but the false alarms would happen regardless of the intensity of interior alarms.
And the system should not be armed when desirable people are inside, so that problem seems like it is for the birds.
When employees forget their codes and trip the alarm when they're the first ones into the shop at whatever time, they can just go outside to escape the hellish indoor torment. Not perfect, but not so bad either when the goal is to keep people out. :)
Perhaps the smoke should have a harder trigger than the noise, though, if for no other reason than it's a consumable that eventually needs to be fed more money every time it is activated.
Cutting Starlink and stripping drives from a NAS? This seems like a pretty sophisticated operation, much more so than the usual copper thieves and the like. Do you have reason to believe your shop was specifically targeted?
I have found that the fog generating alarm systems are the ones that will stop burglars in their tracks.
If they can't see, they're not going to hang about and if they've tooled up with NV then that's a whole different threat model.
You need to add the dobermans - the old fog&dog gets 'em every time.
A wooden battering ram from the ceiling does wonders.
The fog&dog&log never fails.
That would legitimately be horrifying - you break in somewhere, suddenly all is dark and fog spreads everywhere, then the growling begins and then you're Ewok'd from behind by a tree.