SkySync Installation Best Practices and Recommendations
This document outlines information about how SkySync interacts with your IT infrastructure and recommendations on how SkySync can be configured for various scenarios. Portal Architects Support recommends you contact us directly for assistance with questions regarding your specific scenarios.
SkySync comes in different editions to solve unique business challenges. SkySync is a Windowstm Server based application designed for administrators to define connections to storage systems and define integrations between them via jobs. SkySync editions generally vary by amount of jobs allowed, transfer limits on total data size, and storage platform connectors provided. SkySync offers various options for reducing maintenance or enabling mapping, conventions, and other enterprise-based features.
SkySync Lite is a Windows tray-style application that enables end users to synchronize their desktop content to supported storage platforms. Lite can be configured remotely via a configuration console in SkySync Enterprise. This allows administrators to centrally define connection templates and profiles to control many Lite instances regarding what connectors are exposed, what connections are allowed, and what end users can manipulate in the Lite user interface.
While Server and Lite differ in architectural details and targeted uses, SkySync concepts apply to all SkySync Editions and Versions.
• Use SkySync Pro/Business/Enterprise for centralized management of high-volume content transfers.
• Use SkySync Lite for decentralized, peer-to-host, or user centric content transfers. (Diagram At Right)
SkySync is a Windows service on a Windows server or PC/VM/Workstation of your choosing. SkySync uses local Windows resources along with information provided in the connection creation process to access content. At activation time or to access cloud storage, SkySync will need to be able to connect to the storage platform via HTTPS. Communication to network resources are generally within your corporate firewall and under your complete control. Depending on your corporate firewall policies and configuration, you may need to open various ports for SkySync to tunnel out to cloud providers or the SkySync licensing infrastructure at https://api.portalarchitects.com during product activation.
SkySync uses a local SQL CE database out of the box to store configuration and tracking information. For larger content transfers, SkySync supports using full SQL Server instances for better performance, maintenance, and enterprise tools. Once SkySync is configured to use a full SQL Server, it can also be configured in more advanced scenarios such as clustering, basic load balancing, and failover.
• Determine up front as part of your implementation design how SkySync will be configured based on how much content you will be moving and how quickly.
• Consider full SQL Server instances for enhanced robustness of the content transfers.
• Consider multiple SkySync nodes for robustness and efficiency of additional parallel transfers.
SkySync Performance Sizing
SkySync performance depends on many variables.
• Quality, specs, and other resource usage on the SkySync server(s)
• Network considerations at the client (bandwidth, switching, load, etc.)
• Network considerations in the cloud (B2B, cloud storage vendor, etc.)
• Cloud storage quotas, rate limits, etc.
Here are a series of general recommendations for a healthy SkySync installation
- SkySync is typically more “bandwidth” limited than CPU/RAM limited.
- The number nodes is determined by the number of jobs that need to be run concurrently with a recommended range between 250 and 1000 jobs per node. As you scale up the number of jobs that you are running you might need to increase your infrastructure.
- A larger number of smaller sized files are more taxing to the transfer engine than a smaller number of larger sized files.
- Extremely large numbers of files in one single directory can vastly increase memory usage of SkySync which in turn adversely affects performance. One example is a folder containing hundreds of thousands of machine generated files.
As a result we recommend that no single container in any of your jobs have more than 10,000 items. Contact SkySync support for help with this use case.
SkySync Database Recommendations
SkySync is generally limited more by how many entities (total files and folders) are tracked by the integration jobs than anything else. Base on the number of the data objects to be moved we recommend different levels of SQL that are listed below.
• For integration scenarios up to three million entities, the default SQL CE database should be sufficient.
• For integration scenarios larger than three million entities, a full SQL Server database is highly recommended.
• For integration scenarios more than ten million entities, or having many integration jobs (ex. user mapping jobs) a full SQL Server and multiple SkySync nodes are highly recommended for additional capability and performance.
Contact SkySync Support for more detail or recommendations on your specific scenarios.
SkySync Performance Scenarios
The SkySync lab test data within this document is for comparison and ballpark analysis only, and was performed on the Test Configurations outlined below. It can be considered “best case scenario” as this is likely the performance ceiling for the connectivity infrastructure. It DOES NOT account for the client network performance, internet latency, cloud provider rate limiting, and several other factors that will impact throughput and performance.
The test configurations use varying sets of hardware so the numbers are not always directly comparable, but are instead provided as baselines to help size your implementation.
Test Setup – High end workstation or VM Baseline configuration
Specs: i7-2600K Quad Core @ 3.4 GHz, 16.0 GB RAM, Windows 8 64 bit, local SQL CE DB
Usage: The out-of-the-box configuration.
Applicable to demo environments, testing/trials, small integration setups, and other light-duty tasks. SQL Ce has an overall max file size of 4GB, with a 256MB max default (via connection string).
Test Setup – Midrange server or VM configuration
Specs: Dual Xenon 1.6 GHz processors, 32.0 GB RAM, Windows 2008 R2 64 bit, local SQL Server 2012
Usage: Base configuration extended with full SQL Server.
Applicable to mid-range implementations and integrations.
SkySync Connections and Security
SkySync stores connection information (ex. user name, password, url, unc, etc.) for some platforms encrypted in its database. This makes it important to secure the server running SkySync’s local file system to add additional protection to this information.
Future versions of SkySync may use additional strategies to encrypt and protect connection information like the DPAPI (data protection API) or DPAPI-NG (next generation), along with customer controlled encryption with an encryption key provided by the user at install time. When migrating SkySync to another server it may be necessary to copy encryption key files manually to ensure shared databases can correctly decrypt this sensitive data.
Cloud platforms, use other authentication mechanisms like OAuth2 and only present an access token to SkySync instead of allowing visibility into credentials.
In general, SkySync does not control, edit, move, modify, or otherwise interact with security directly. SkySync acts as an external user to storage systems, interacting with them via their public API’s.
For more information on SkySync and security please see the SkySync Security document.
• Determine up front as part of your security design how SkySync will access the content you will ask it to transfer. Consider SkySync another “power user” in your organization manipulating content.
• Integrated Authentication scenarios can be tricky to configure due to Windows Service Identity and other (ultimately) permissions based issues.
• Avoid creating lots of connections by correctly defining security permissions, groups, and proxy users. SkySync works best with platforms that have rich API support for concepts such as On Behalf Of, setting time stamps, and methods of ownership preservation.