立即与支持人员聊天
与支持团队交流

QoreStor 7.4.1 - User Guide

Introducing QoreStor Accessing QoreStor Configuring QoreStor settings
Licensing QoreStor Configuring SAML Configuring an SSL Certificate for your QoreStor System Configuring Active Directory settings Securing QoreStor server root logins Understanding system operation scheduling Configuring Secure Connect Enabling MultiConnect Configuring and using Rapid NFS and Rapid CIFS Configuring and using VTL Configuring and Using Encryption at Rest Configuring and using the Recycle Bin Configuring Cloud Reader Configuring RDA immutability
Managing containers Managing local storage Managing cloud storage Managing replications Managing users Monitoring the QoreStor system Managing QoreStor remotely Support, maintenance, and troubleshooting Security recommendations guide About us

Editing a performance tier

To modify a performance tier via the user interface, complete the following steps

  1. In the navigation menu, click Local Storage to expand the menu, then click Performance Tier
  2. Click Edit Performance Tier.
  3. On the Edit Performance Tier page, select or modify the options below, as appropriate:
    • Unlimited Quota— This option is selected by default. To set a quota, de-select this option and enter a numeric value (greater than 100) in the Quota field. Select the value format (either GiB or TiB). Refer to Quotas for more information. Once a quota is set, it can be reset to the default value of unlimited.
    • Encryption— Select this option to enable encryption on the performance tier.
    • Old Passphrase—Enter the current passphrase you want to change.
    • New Passphrase—Enter the new passphrase to be used to encrypt content encryption keys. (The passphrase string can take up to 255 characters. And, alphanumeric and special characters can be entered as part of the passphrase string.)
    • Confirm Passphrase—Re-enter the encryption passphrase.
    • Encryption Mode— Select the mode of key lifecycle management from one of the following options:
      • Static— A global, fixed key is used to encrypt all data.
      • Internal— Content encryption keys are generated and rotated on a specified period of days.
    • Key Rotation— Displays the number of key rotation interval days as N/A, or the number that was set for Internal Encryption Mode. If you selected Internal as the mode of key management, select the number of days for key rotation when a new key is to be generated. This option is available only for Internal encryption mode.

      NOTE: After encryption is enabled, all of the data that is backed up is encrypted and is kept encrypted until it is expired and cleaned by the system cleaner. Encryption is an irreversible process.

  4. Click Update.

To modify a performance tier via the CLI, complete the following steps

  1. Access the QoreStor CLI. Refer to Accessing the CLI commands for more information.
  2. Modify your performance tier using the command below. Refer to the QoreStor Command Line Reference Guide for more information.
    performance_tier --update  [--compression_mode <fast|best>] [--quota <Quota value in GiB or TiB>]
    performance_tier --encryption [--set <ON | OFF>] [--mode < static | internal >] [--interval <7 days to 70 years>]

Configuring Object Container

QoreStor's Object container provides an object storage interface which enables customers to write Object data(S3 format) directly to QoreStor. This allows solutions that leverage an S3-based connection to send data directly to a QoreStor instance instead of Amazon S3 with the added benefits of deduplication, encryption, replication and network optimized data transfer.

Object storage is configured by adding a container with the Object (S3 Compatible) protocol.

Creating an Object Container

Adding an object container can be accomplished through the QoreStor UI or via the object_container command in the QoreStor CLI. Refer to the QoreStor Command Line Reference Guide for more information on the object_container command.

NOTE: QoreStor object container does not support object lifecycle management, which means transitioning storage classes or server side expiration of objects is not supported. User policies are limited to predefined readwrite, writeonly, and readonly.

To create an object container

  1. In the navigation menu, click Containers.
  2. On the Containers pane, click Add Container. The Add Container dialog will be displayed.
  3. In the Protocol field, select Object (S3 Compatible).
  4. In the Storage Group drop-down, select the required storage group for this container.
  5. Click Next.
  6. Optionally, select Use HTTP instead of HTTPS. To use an HTTP connection, you must also follow the steps below:
    1. On the QoreStor server, copy the aws.conf file to a new location:

    NOTE: The QoreStor implementation of object storage uses a self-signed certificate. If your data management application requires third party certificates, you must use HTTP to connect to the object container.

  7. Click Next.
  8. Review the summary and click Finish.

When the process is completed the object container is added to the QoreStor. For Object container created prior to QoreStor release 7.2.1 you will see the storage group ObjectContainer and the container ObjectStorageGroup added to the Storage Groups and Container pages, respectively.  See the topics below for information on working with object storage.

Adding an object container through the command line

To add an object container, complete the following steps.

  1. Access the QoreStor CLI. Refer to Accessing the CLI commands for more information.
  2. Add a Object container:

    object_container --add --name <container name> [--group <storage group name>]

    Refer to the QoreStor Command LIne Reference Guide for more information.

  3. Get end-point details of it:

    object_container --show --name <container name>

  4. Create user for this container. This user name is used as Access key and user’s password is used as Secret key while accessing Object container from the client systems (backup clients):

    object_container --user-add --name <name> --user-name <user name>

    IMPORTANT:The User’s name is used as Access Key and the user’s password is used as Secret Key while connecting to QoreStor from the S3 clients.

    To see the S3 endpoint, use the command object_container --show --endpoint --name <name of container>

    The endpoint is displayed in the format https://<QoreStor IP address>:<port>

    Make sure the port is allowed for access through the firewall.

  5. Set access policy for the user. Use <Policy name> as “readwrite” to allow the user to backup and restore data.
    object_container --policy-set --name <name> --policy-name <Policy name>  --user-name <user name>
  6. Create bucket for use in the backup application. Optionally add locking support:
    object_container --bkt-add --name <name> --bkt-name <bucket name>  [--enable-object-lock]  [--enable-object-versioning]
  7. Configure the backup application with the endpoint, access key, secret key, and bucket name.

Creating a bucket

In S3 compatible storage, buckets are organizational containers that store objects. When creating a bucket, you have the option to enable or disable object locking, and select one of the available Object Locking modes. Object locking settings apply to all objects in the bucket.

  • Governance mode - prevents users without the appropriate permissions from overwriting or deleting an object version or altering its lock settings. With governance mode, you protect objects against being deleted by most users, but you can still grant some users permission to alter the retention settings or delete the object if necessary. You can also use governance mode to test retention-period settings before creating a compliance-mode retention period.
  • Compliance mode - prevents objects from being overwritten or deleted by any user during the specified lock period. When an object is locked in compliance mode, its retention mode can't be changed, and its retention period can't be shortened. Compliance mode ensures that an object version can't be overwritten or deleted for the duration of the retention period.
  • None - no restrictions are applied.

NOTE: QoreStor supports a maximum of 1000 buckets. The bucket default-bucket is created automatically when the object container is created.

To create a bucket

  1. In the navigation menu, click Containers.
  2. On the Containers pane, find the object storage container that you want to edit. Click the ellipses icon, and click Edit.
  3. Click Create bucket.
  4. Enter a Name for your bucket.
  5. Optionally, select Object Locking and configure
    • Locking Mode - select between Compliance and Governance.
    • Locking Duration - select the number and format (days or years) to specify the time that the object lock will be active.

    IMPORTANT: The Object Locking status of a bucket cannot be changed once the bucket is created. To ensure flexibility in the future, you may set the object locking status to enabled, but the locking mode to None. If the locking mode is set to disabled, you will not be able to edit the bucket settings in the future

  6. Click Save.
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级