지금 지원 담당자와 채팅
지원 담당자와 채팅

QoreStor 7.5.0 - Azure Deployment Guide

Enabling Support for Veeam EDM

Support for Veeam EDM is not enabled by default, however, it can be enabled post-deployment by running the following command:

sudo /home/qsuser/qs_inst_7.5.0.215.bin -- --enable-edm

Note: this command will temporarily stop QoreStor services while running, and resume them once EDM support is enabled.

 

Port usage

QoreStor uses certain ports for the services mentioned in the following table. The table also mentions the recommended network group settings (NSG) in Azure for each of the ports. Please refer to the next section for instructions on how to change the default/recommended NSG settings.

Table 4: Port functions and settings

Component / Function

Ports used

Protocol

Details

Default Network Security Group setting in Azure

SSH

22

TCP

SSH uses port 22. We recommend keeping this port open to enable secure connections within and from outside QoreStor.

22: ENABLE

UI

5233

TCP

QoreStor uses 5233 for HTTPS connections (and not 443). Since this connection is secure, the port remains open in default NSG settings for all incoming traffic.

5233: ENABLE

Object (S3)
 
9001-9005
 
TCP

Object container uses port range 9001-9005 for data transfer. By default, NSG disables these ports. However, to use the Object container, enable the ports in NSG.

9001-9005: DISABLE
Secure Connect
9443
ANY

Port used by secure connect. Secure connect is enabled by default and we recommend keeping this port open in NSG settings.
9443: ENABLE
Veeam EDM
 
6160, 6162
 
TCP

Ports are used by Veeam Deployment service and Veeam Transport service. We do not recommend opening these ports in the NSG unless Veeam EDM support is desired.
6160, 6162: DISABLE

Configuring Azure Network Security Group settings

The settings for enabling or disabling the Network Security Group (NSG) settings are available in Azure using the following instructions.

To configure Azure Network Security Group settings
1
In the Azure console, find “Services” and click Network Security Groups.
2
Click the NSG name you want to modify. This is the same NSG that is deployed with the Azure Marketplace image of QoreStor.
*
NOTE: Any modification to this NSG will change the default settings recommended by QoreStor.
3
After you click the NSG name, a settings page like the one in the following image shows where you can modify the network settings.
Figure 3: Overview of network settings in Azure
A screenshot of a computer Description automatically generated with low confidence
4
When opening an additional port, to add inbound rules for that specific port, click Inbound security rules on the left side, and then click the Add tab on the top side of the page.
The following dialog opens.
Figure 4: Inbound security rules table and dialog in Azure
5
On this dialog, you can add rules that open other ports. For example, if an Object container is enabled, then the corresponding ports as per the table in the earlier section – need to be open. In that case, complete the following options:
Table 5: Add inbound security rule options
Option
Description

Source

Select an IP or an Azure NSG. If the port can be used from any external interface, select Any.

Source port ranges

Select a port range on the specified source. To select any range, select *.

Destination

Leave as the default selection, Any.

Service

Leave as the default selection, Custom.

Destination port ranges

(Required) Enter 9001-9005 for this port.

Protocol

Select TCP.

Action

Select Allow.

Priority

Select an appropriate priority.

The rules are executed by priority, with the lowest number representing the highest priority. When selecting priorities, leave spaces between the numbers so that you can insert new priorities later.

Name

Enter an appropriate name for this rule; for example, ObjectServer_9001, which highlights the port number and the functionality.

Add a description as needed.

6
Click Add.
You can add rules as needed for corresponding functionality. For enabling multiple ports, NSG allows port ranges and comma-separated lists of ports so that multiple ports can be enabled as part of one rule. However, the Marketplace offer configuration does not allow for ranges or comma-separated ports, so a Marketplace image’s NSG template might mention each port number as a separate rule in such cases.
 
 
 
관련 문서

The document was helpful.

평가 결과 선택

I easily found the information I needed.

평가 결과 선택