Backup and Recovery
Backup and Recovery 7.1
Backup and Recovery 7.1
  • Storware Backup & Recovery documentation
    • Table of Contents
  • Changelog
  • Overview
    • Main Features
    • Storware Backup and Recovery concepts
      • Support Matrix
      • Architecture
      • Components
      • Backup types
      • Typical Scenarios
    • Licensing
    • Product Life Cycle
  • Deployment
    • Component requirements
    • Supported platforms requirements
    • Sizing Guide
      • Small
      • Medium
      • Large
    • Installation
      • ISO-based installation
      • Quick Installation using all-in-one script
      • Installation using Ansible playbook
      • Installation with RPMs
      • Deployment in Microsoft Azure
      • Virtual Appliance
        • RHV/oVirt/OLVM Virtual Appliance
        • Citrix Hypervisor | XCP-ng Virtual Appliance
        • VMware Virtual Appliance
        • Nutanix Acropolis Hypervisor (AHV)
    • Initial Configuration
    • Backup Destinations
      • File System
        • Synthetic File System
          • XFS
          • DD Boost
        • isoLayer (Synthetic)
        • File system
          • Virtual Data Optimizer (VDO)
        • Catalogic Software vStor
      • Deduplication Appliances
        • Dell EMC Data Domain
        • Huawei OceanProtect
        • HPE StoreOnce
        • Exagrid
        • Neverfail HybriStor
      • Object Storage
        • Alibaba Cloud OSS
        • AWS S3 or S3-compatible
        • Ceph Rados Gateway
        • Cloudian S3
        • Wasabi
        • Google Cloud Storage
        • IBM Cloud Object Storage
        • Microsoft Azure Blob Storage
        • Nutanix Objects
        • OpenStack SWIFT
        • Oracle Cloud Infrastructure Object Storage
        • Scality RING
      • Enterprise Backup Providers
        • Dell EMC Avamar
        • Dell EMC Networker
        • IBM Spectrum Protect
        • Micro Focus Data Protector
        • Veritas NetBackup
        • Rubrik Managed Volumes
      • Tape Pools
    • High Availability
      • 2 Node Cluster
      • 3 Node Cluster
    • Common tasks
      • Staging space configuration
      • Enabling HTTPS connectivity for nodes
      • LVM setup on Storware Backup & Recovery Node for disk attachment backup mode
      • Full versions of libvirt/qemu packages installation
      • SSH public key authentication
      • Enabling HTTP(S) Proxy for Storware Backup & Recovery
  • Protecting Virtual Environments
    • Virtual Machines
      • VMware vSphere/ESXi
      • Microsoft Hyper-V
      • Azure Stack HCI
      • Nutanix Acropolis Hypervisor (AHV)
      • Red Hat Openshift Virtualization
      • Red Hat Virtualization
      • oVirt
      • Oracle Linux Virtualization Manager
      • Oracle VM
      • Proxmox VE
      • KVM/Xen
      • OpenStack
      • OpenNebula
      • Virtuozzo
      • Verge
      • Citrix Hypervisor (XenServer)
      • XCP-ng
      • Huawei FusionCompute
      • HPE SimpliVity
      • SC//Platform
    • Cloud
      • Amazon EC2
      • GCP GCE
      • Azure Cloud
    • Containers
      • Kubernetes
      • Red Hat OpenShift
      • Proxmox VE
    • Backup & Restore
    • v2v migration
  • Protecting Microsoft 365
    • Microsoft 365 organization management
      • Configure Microsoft 365 access
      • Add Microsoft 365 organization manually
      • Add Microsoft 365 organization using the Setup Assistant
      • Account auto-synchronization
    • Backup & Restore
    • Suppoted Sharepoint templates, and limitations
  • File Level Backup and Restore - OS Agent
  • Protecting Applications
    • Applications
      • MSSQL
      • MySQL/MariaDB
      • PostgreSQL
      • DB2
      • Oracle
      • Relax and Recover - ReaR
      • Git
      • oVirt/RHV/OLVM
      • Kubernetes/OpenShift etcd
    • Backup & Restore
  • Protecting Storage Providers
    • Storage Providers
      • Ceph RBD
      • Nutanix Files
      • Nutanix Volume Groups
    • Backup & Restore
  • Administration
    • Dashboard
    • Virtual Environments
      • Instances
        • Backup on-demand
        • Restore on-demand
        • Snapshot Management
      • Virtualization Providers
      • Backup SLAs
        • Policies
        • Schedules
      • Snapshot SLAs
        • Policies
        • Schedules
      • Recovery Plans
        • Policies
        • Schedules
      • Mounted Backups (File-level Restore)
    • Storage
      • Instances
        • Backup on-demand
        • Restore on-demand
      • Infrastructure
      • Backup SLAs
        • Policies
        • Schedules
      • Snapshot SLAs
        • Policies
        • Schedules
      • Mounted Backups (File-level Restore)
    • Cloud
      • Instances
      • Service Providers
      • Backup SLAs
        • Policies
        • Schedules
      • Download
    • Applications
      • Instances
      • Execution Configurations
      • Backup SLAs
    • Endpoints
      • Environment
      • Administrators
      • Endpoints Server Management
        • Dashboard
        • Packages
        • Organizations
      • Endpoints Administrator
        • Dashboard
        • Users
          • Local users
          • LDAP users
        • Devices
          • Devices list view
          • Device status
        • Backup SLA
          • Create a Backup SLA
            • GENERAL
            • WINDOWS
            • MAC OS (technical preview)
            • EMAIL CLIENTS
          • Backup SLA management
          • Backup SLA removal
        • Restore Jobs
        • Client Deployments
    • Reporting
      • Virtual Environments
      • Storage
      • Microsoft 365
      • Applications
      • Notifications
      • Audit Log
    • Nodes
      • Instances
      • Node Configurations
    • Access Management
      • Users
      • Groups
      • Roles
      • OS Credentials
    • Settings
      • Global Settings
      • Internal DB Backup
      • Notification Rules
      • Mailing Lists
      • Endpoints Global Settings
    • Upgrade
    • CLI Reference
    • CLI v2 Reference
  • Integration
  • Integration Plugins
    • Red Hat Virtualization UI Plugin
    • oVirt UI Plugin
    • Oracle Linux Virtualization Manager UI Plugin
    • OpenStack UI Plugin
  • Troubleshooting
    • Enable DEBUG mode in Storware Backup and Recovery
    • Collecting logs
    • External log targets
    • Disaster Recovery
  • Known software issues and limitations
  • Glossary
Powered by GitBook
On this page
  • Overview
  • Permissions
  • Bucket replication
  • Glacier/Deep Archive support
  • Costs
  • Example
  1. Deployment
  2. Backup Destinations
  3. Object Storage

AWS S3 or S3-compatible

Overview

Storware Backup & Recovery can store backups in AWS S3 or S3-compatible backup providers. In most cases, you just need to prepare a bucket (with versioning enabled if possible) and generate an access/secret key for Storware Backup & Recovery. Storware Backup & Recovery can be installed in AWS (if EC2 backup is used), but in most cases, S3 is used just as a cloud backup provider for on-prem environments.

Typical use cases are:

  • When AWS is used - choose a single bucket with versioning enabled - all backup objects will have names in /container_name/path/to/backup format, where container_name typically is the VM name with an identifier.

  • When a 3rd party is used - you need to verify:

    • Which strategy is supported by the vendor - i.e. Scality requires a single bucket without versioning.

    • When timestamp recording of the object should occur - i.e. Scality does it after data is stored (unlike AWS).

Storware Backup & Recovery also support encryption. It uses server-side encryption with customer-provided encryption keys (SSE-C). Once enabled, new data is stored as encrypted with keys generated and kept by Storware Backup & Recovery. For performance improvements, we also recommend using AWS Direct Connect to access S3. Otherwise, backups would be sent over the Internet, which could result in poor performance.

Note: S3 has a limit of 5TB per object. This means that depending on the virtualization platform and backup format used by export/import mode you may have a limit of 5TB per VM (if it is Proxmox VMA or Citrix XVA image-based backup) or per VM disk (in most cases). Bigger files are currently not supported.

Permissions

Depending on the selected mode, you may have different permission sets. For a single bucket, you need to use the access keys of a user that has the ability to control objects within the bucket over the specific bucket - here is an example of IAM policy:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Stmt1568968204280",
      "Action": [
        "s3:DeleteObject",
        "s3:DeleteObjectTagging",
        "s3:DeleteObjectVersion",
        "s3:DeleteObjectVersionTagging",
        "s3:GetBucketTagging",
        "s3:GetBucketVersioning",
        "s3:GetObject",
        "s3:GetObjectRetention",
        "s3:GetObjectTagging",
        "s3:GetObjectVersion",
        "s3:GetObjectVersionTagging",
        "s3:ListBucket",
        "s3:ListBucketVersions",
        "s3:PutObject",
        "s3:PutObjectTagging",
        "s3:PutObjectVersionTagging",
        "s3:RestoreObject"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::BACKUP_DESTINATION_BUCKET/*"
    }
  ]
}

Bucket replication

Glacier/Deep Archive support

Starting from version 3.9 of vProtect now Storware Backup & Recovery is able to move older backups to a Glacier/Deep Archive storage tier. In the S3 backup provider settings, you need to enable the Move old versions to other storage class toggle and provide extended retention settings.

Keep in mind that Storware Backup & Recovery will try to restore it to S3 with an expiration set to 2 days. You'll notice that although the task is running, no progress is taking place as it is waiting for the object to be restored from Glacier to S3. This may take several hours as Glacier doesn't provide instant access to archival data. Once this part is completed, Storware Backup & Recovery will proceed with regular restore from a temporary S3 object.

Costs

When storing backups in S3, additional charges will occur for stored backups. Retention setting in Storware Backup & Recovery can limit the storage costs of stored backups.

Example

Now we will show you how to quickly create S3 storage and integrate it with Storware Backup & Recovery as a backup destination. After logging in, expand the services tab a choose S3 under the Storage section:

Now create a new bucket for your backups:

In "Configure options" activate versioning: (In all other tabs, you can leave the default settings)

After creating a bucket, we need to create a new user with appropriate permissions:

Remember to choose the "Programmatic access" account type:

From the predefined roles, you can choose "AmazonS3FullAccess" or you can create a new one as described in the Permissions section:

Remember to download the .csv or copy the key credentials manually:

Now go to the Backup destination tab on the Storware Backup & Recovery dashboard and change the sub-tab to object storage. Provide the bucket name and key credentials, and then configure the remaining options according to your requirements:

PreviousAlibaba Cloud OSSNextCeph Rados Gateway

You can also use a predefined role and create a user from the AWS console:

Note: It is recommended to periodically rotate your access/secret keys. More information can be found here: . After changing the key in AWS, remember to update it in Storware Backup & Recovery as well.

Even though S3 is a highly available service, you may want to be prepared in case of a region failure. We recommend following this guide to set up bucket replication so that your data is replicated to another region in a worst-case scenario. Remember to point Storware Backup & Recovery to the replicated bucket in case of a disaster.

Please visit to check current AWS S3 pricing.

https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html#Using_CreateAccessKey
https://aws.amazon.com/blogs/security/how-to-rotate-access-keys-for-iam-users/
https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html
https://aws.amazon.com/s3/pricing/