Chatta subito con l'assistenza
Chat con il supporto

QoreStor 6.1.0 - User Guide

Introducing the QoreStor documentation Introducing QoreStor Setting up your QoreStor system Configuring QoreStor settings Managing containers Managing storage groups Managing replications Managing Users Managing QoreStor Remotely Monitoring the QoreStor system Support, maintenance, and troubleshooting

Adding a Wasabi S3 cloud tier

To add a cloud storage group, complete the following steps:

  1. In the navigation menu, click Cloud Tier.
  2. In the Cloud pane, click Configure to add a cloud tier.
  3. In the Cloud Provider drop-down, select Wasabi S3.
  4. Provide a container name. This is the existing name of your container in your cloud platform.
  5. Enter your Connection String using one of the two methods below:
    • Default - this option will compile your connection string into the correct format using the inputs below.
      • Access key - The access key is typically 20 upper-case English characters
      • Secret key - The secret key is generated automatically by AWS. It is typically 40 characters, including mixed upper and lower-case and special symbols.
      • Region - The region specifies the Amazon-specific region in which you want to deploy your backup solution. Your region name can be obtained from https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region
      • Endpoint - If you are using VPC endpoints, enter the correct endpoint information.
    • Custom - this option allows you to enter your connection string with additional parameters.
      • Your connection string uses the following syntax:
        "accesskey=<ABDCEWERS>;secretkey=< >; loglevel=warn; region=<aws-region>;"

        Please note the following:

        1. The access key is typically 20 upper-case English characters
        2. The secret key is generated automatically by AWS. It is typically 40 characters, including mixed upper and lower-case and special symbols.
        3. The region specifies the Amazon-specific region in which you want to deploy your backup solution. Your region name can be obtained from https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region

        An example of a connection string with this syntax follows. Logically, each connection string is unique.

        accesskey=AKIARERFUCFODHFJUCWK;secretkey=p+8/T+o5WeZkX11QbuPazHX1IdWbwgFplxuVlO8J;loglevel=warn;region=eu-central-1;
  6. To apply encryption, select Encryption and enter the following:
    • Passphrase — the passphrase is user-defined and is used to generate a passphrase key that encrypts the file in which the content encryption keys are kept. The passphrase is a human readable key, which can be up to 255 bytes in length. It is mandatory to define a passphrase to enable encryption.

      IMPORTANT: It is mandatory to define a passphrase to enable encryption. If the passphrase is compromised or lost, the administrator should change it immediately so that the content encryption keys do not become vulnerable. If this passphrase is lost or forgotten, data in the cloud will be unrecoverable.

    • Confirm Passphrase — re-enter the passphrase used above.
  7. Click Configure. A Cloud Storage Group will be created.
  8. To enable replication to the cloud, you must link a local container to the cloud using the procedures in Adding a Cloud Tiering policy.

Adding an S3 Compatible cloud tier

To add a cloud storage group, complete the following steps:

  1. In the navigation menu, click Cloud Tier.
  2. In the Cloud pane, click Configure to add a cloud tier.
  3. In the Cloud Provider drop-down, select S3 Compatible.
  4. Provide a container name. This is the existing name of your container in your cloud platform.
  5. Enter your Connection String using one of the two methods below:
    • Default - this option will compile your connection string into the correct format using the inputs below.
      • Access key - The access key is typically 20 upper-case English characters
      • Secret key - The secret key is generated automatically by AWS. It is typically 40 characters, including mixed upper and lower-case and special symbols.
      • Region - The region specifies the Amazon-specific region in which you want to deploy your backup solution. Your region name can be obtained from https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region
      • Endpoint - If you are using VPC endpoints, enter the correct endpoint information.
    • Custom - this option allows you to enter your connection string with additional parameters.
      • Your connection string uses the following syntax:
        "accesskey=<ABDCEWERS>;secretkey=< >; loglevel=warn; region=<aws-region>;"

        Please note the following:

        1. The access key is typically 20 upper-case English characters
        2. The secret key is generated automatically by AWS. It is typically 40 characters, including mixed upper and lower-case and special symbols.
        3. The region specifies the Amazon-specific region in which you want to deploy your backup solution. Your region name can be obtained from https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region

        An example of a connection string with this syntax follows. Logically, each connection string is unique.

        accesskey=AKIARERFUCFODHFJUCWK;secretkey=p+8/T+o5WeZkX11QbuPazHX1IdWbwgFplxuVlO8J;loglevel=warn;region=eu-central-1;
  6. To apply encryption, select Encryption and enter the following:
    • Passphrase — the passphrase is user-defined and is used to generate a passphrase key that encrypts the file in which the content encryption keys are kept. The passphrase is a human readable key, which can be up to 255 bytes in length. It is mandatory to define a passphrase to enable encryption.

      IMPORTANT: It is mandatory to define a passphrase to enable encryption. If the passphrase is compromised or lost, the administrator should change it immediately so that the content encryption keys do not become vulnerable. If this passphrase is lost or forgotten, data in the cloud will be unrecoverable.

    • Confirm Passphrase — re-enter the passphrase used above.
  7. Click Configure. A Cloud Storage Group will be created.
  8. To enable replication to the cloud, you must link a local container to the cloud using the procedures in Adding a Cloud Tiering policy.

Adding a cloud tier through the command line

To add a cloud tier, complete the following steps.

  1. Access the QoreStor CLI. Refer to Using the QoreStor command line for more information.
  2. Add a new cloud tier using the command
    cloud_tier --add --cloud_container <name> --cloud_provider <AWS-S3|AZURE|Wasabi-S3|S3-Compatible>

    NOTE: You will be prompted to enter your Azure connection string or AWS access string after executing the command.

    Refer to the QoreStor Command LIne Reference Guide for more information on the cloud_tier command and available options.

Performing a recovery from the cloud

To recover your QoreStor configuration and cloud-replicated data from the cloud, perform the steps below. Before peforming these steps, make sure you have the following:

To perform a disaster recovery

  1. On your QoreStor server, execute the recovery command
    maintenance --disaster_recovery --cloud_string <name> --container_name <name> --cloud_provider_type <name> --passphrase <name> [--logfile <name>]

    where

    --cloud_string          cloud connecion string.
    --container_name        cloud cotainer name.
    --cloud_provider_type   cloud provider type.
    --passphrase            passphrase.
    --logfile               log file path.

    This will regenerate configuration data, initialize the QoreStor dictionary, and configure container namespace and blockmaps. When completed, you will see the message

    Processing Datastores: Done	
  2. After the data recovery process is complete, perform a filesystem repair with the command
    maintenance --filesystem --repair_now

    When the file system repair is finished, the process is complete.

Next steps

Depending on your configuration, there may be several steps required after recovering your QoreStor server. Some actions to consider are:

  • If you are using QoreStor with NetVault Backup, you will need to add the new QoreStor as target device and add the container.
  • Depnding on your DMA, you may need to reconfigure DMA or client connections to reference the new QoreStor server.
  • Once a disaster recovery completes, the recovered source containers will be unencrypted. Before ingesting new data into the recovered containers, you must enabled encryption on the recovered storage groups.

    NOTE:The recovered containers contain only stub files. The data remains encrypted in the cloud tier.

 

 

Related Documents

The document was helpful.

Seleziona valutazione

I easily found the information I needed.

Seleziona valutazione