立即与支持人员聊天
与支持团队交流

QoreStor 7.4.0 - User Guide

Introducing QoreStor Accessing QoreStor Configuring QoreStor settings
Licensing QoreStor Configuring SAML Configuring an SSL Certificate for your QoreStor System Configuring Active Directory settings Securing QoreStor server root logins Understanding system operation scheduling Configuring Secure Connect Enabling MultiConnect Configuring and using Rapid NFS and Rapid CIFS Configuring and using VTL Configuring and Using Encryption at Rest Configuring and using the Recycle Bin Configuring Cloud Reader Configuring RDA immutability
Managing containers Managing local storage Managing cloud storage Managing replications Managing users Monitoring the QoreStor system Managing QoreStor remotely Support, maintenance, and troubleshooting Security recommendations guide About us

Adding Scality-Artesca-S3 cloud tier

Adding a Scality-Artesca-S3 cloud tier

To add a Scality-Artesca-S3 cloud storage group, complete the following steps:

  1. In the navigation menu, click Cloud Storage to expand the menu, then click Cloud Tier.
  2. Click Configure.
  3. In the Cloud Provider drop-down, select Scality-Artesca-S3.
  4. Provide a container name. This is the name of your existing Azure container.
  5. Enter your Connection String using one of the two methods below:
    Default - this option will compile your connection string into the correct format using the inputs below.
    • Access key - The access key is typically 20 upper-case English characters.
    • Secret key - Thesecret keyis generated automatically by the cloud provider. It is typically 40 characters, including mixed upper and lower-case and special symbols.
    • Region - The region specifies the region in which you want to deploy your backup solution. To obtain the region code refer vendor documentation.
    • Endpoint- If you are using VPC endpoints, enter the correct endpoint information.
    Custom - this option allows you to enter your connection string with additional parameters.
    • Your connection string uses the following syntax:
      "accesskey=<ABDCEWERS>;secretkey=< >; loglevel=warn; region=<cloud-provider- region>;endpoint=<S3 cloud storage endpoint url>"

      Please note the following:

      1. The access key is typically 20 upper-case English characters
      2. The secret key is generated automatically by the cloud provider. It is typically 40 characters, including mixed upper and lower-case and special symbols.
      3. The region specifies the region in which you want to deploy your backup solution. Refer vendor documentation for more details.

      An example of a connection string with syntax is as follows. Logically, each connection string is unique.

      accesskey=AKIARERFUCFODHFJUCWK;secretkey=p+8/T+o5WeZkX11QbuPazHX1Id WbwgFplxuVlO8J;loglevel=warn;region=us-east-1;
  6. Enable Cloud Locking : Select this option to achieve immutability of data tiered to the cloud.

    NOTE:Cloud Locking works with RDA and Object containers only. Data that is set as immutable on the local storage is also set as immutable when tiered to the cloud.

    Enabling locking at the Cloud Tier is required so the containers that are tiering data to this Cloud Tier can choose to enable locking as part of their cloud tiering policy.

  7. To apply encryption, in the Cloud Tier Encryption section enter the following:
    • Passphrase — the passphrase is user-defined and is used to generate a passphrase key that encrypts the file in which the content encryption keys are kept. The passphrase is a human readable key, which can be up to 255 bytes in length. It is mandatory to define a passphrase to enable encryption.

      IMPORTANT: It is mandatory to define a passphrase to enable encryption. If the passphrase is compromised or lost, the administrator should change it immediately so that the content encryption keys do not become vulnerable. If this passphrase is lost or forgotten, data in the cloud will be unrecoverable.

    • Confirm Passphrase — re-enter the passphrase used above.
  8. Click Configure. A Cloud Storage Group will be created.
  9. To enable replication to the cloud, you must link a local container to the cloud using the procedures in Adding a cloud tiering policy.

Adding an S3 Compatible cloud tier

To add a cloud storage group, complete the following steps

  1. In the navigation menu, click Cloud Storage to expand the menu, then click Cloud Tier.
  2. In the Cloud pane, click Configure to add a cloud tier.
  3. In the Cloud Provider drop-down, select S3 Compatible.
  4. Provide a container name. This is the existing name of your container in your cloud platform.
  5. Enter your Connection String using one of the two methods below:
    • Default - this option will compile your connection string into the correct format using the inputs below.
      • Access key - The access key is typically 20 upper-case English characters
      • Secret key - The secret key is generated automatically by the cloud provider. It is typically 40 characters, including mixed upper and lower-case and special symbols.
      • Region - The region specifies the provider-specific region in which you want to deploy your backup solution. To obtain your region code, see the documentation for your vendor.
      • Endpoint - If you are using VPC endpoints, enter the correct endpoint information.
    • Custom - this option allows you to enter your connection string with additional parameters.
      • Your connection string uses the following syntax:

        "accesskey=<ABDCEWERS>;secretkey=< >; loglevel=warn; region=<cloud-provider-region>;endpoint=<S3 cloud storage endpoint url>"

        Please note the following:

        1. The access key is typically 20 upper-case English characters
        2. The secret key is generated automatically by the cloud provider. It is typically 40 characters, including mixed upper and lower-case and special symbols.
        3. The region specifies the provider-specific region in which you want to deploy your backup solution. To obtain your region code, see the documentation for your vendor.

        An example of a connection string with this syntax follows. Logically, each connection string is unique.

        accesskey=AKIARERFUCFODHFJUCWK;secretkey=p+8/T+o5WeZkX11QbuPazHX1IdWbwgFplxuVlO8J;loglevel=warn;region=eu-central-1;
  6. Enable Cloud Locking: Select this option to achieve immutability of data tiered to the cloud.

    NOTE:Cloud Locking works with RDA and Object containers only. Data that is set as immutable on the local storage is also set as immutable when tiered to the cloud.

    Enabling locking at the Cloud Tier is required so the containers that are tiering data to this Cloud Tier can choose to enable locking as part of their cloud tiering policy.

  7. To apply encryption, select Encryption and enter the following:
    • Passphrase — the passphrase is user-defined and is used to generate a passphrase key that encrypts the file in which the content encryption keys are kept. The passphrase is a human readable key, which can be up to 255 bytes in length. It is mandatory to define a passphrase to enable encryption.

      IMPORTANT: It is mandatory to define a passphrase to enable encryption. If the passphrase is compromised or lost, the administrator should change it immediately so that the content encryption keys do not become vulnerable. If this passphrase is lost or forgotten, data in the cloud will be unrecoverable.

    • Confirm Passphrase — re-enter the passphrase used above.
  8. Click Configure. A Cloud Storage Group will be created.
  9. To enable replication to the cloud, you must link a local container to the cloud using the procedures in Adding a cloud tiering policy.

Adding a Backblaze S3 cloud tier

To add a cloud storage group, complete the following steps

  1. In the navigation menu, click Cloud Storage to expand the menu, then click Cloud Tier.
  2. In the Cloud pane, click Configure to add a cloud tier.
  3. In the Cloud Provider drop-down, select Backblaze S3 .
  4. Provide the S3 Bucket name in your cloud platform to which cloud replicated data to be written.
  5. Enter your Connection String using one of the two methods below:
    • Default - This option will compile your connection string into the correct format using the inputs below.
      • Access key - Enter the "Application Key ID" created in the Backblaze Console. The access key is typically 20 upper-case English characters.

        NOTE: Please refer to the Backblaze Cloud provider documentation for creating Application Key ID and Application Key for your account at https://help.backblaze.com/hc/en-us/articles/360047425453-Getting-Started-with-the-S3-Compatible-API.

      • Secret key - Enter the 'Application Key' which is Backblaze Cloud provider equivalent of the Secret Key. It is typically 40 characters, including mixed upper and lower-case and special symbols.
      • Endpoint -. Provide the S3 endpoint URL for the region for which the S3 bucket is to be created.
    • Custom - This option allows you to enter your connection string with additional parameters.
      • The BackBlaze connection string uses the following syntax:
        "accesskey=<ABDCEWERS>;secretkey=< >; loglevel=warn;endpoint= https://s3.<region>.backblazeb2.com;"

        Please note the following:

        1. The access key: Enter the "Application Key ID" created in the Backblaze Console. The access key is typically 20 upper-case English characters
        2. The secret key: Enter the 'Application Key' which is Backblaze Cloud provider equivalent of the Secret Key. The secret key is generated automatically by the cloud provider. It is typically 40 characters, including mixed upper and lower-case and special symbols.
        3. The Endpoint - Provide the S3 endpoint URLfor the region for which the S3 bucket is to be created.

      An example of a connection string with this syntax follows. Logically, each connection string is unique.

      accesskey=AKIASAMPLEJUCWK;secretkey=p+SAMPLE1QbuPazHX1IdWbwgFplxuVlO8J;loglevel=warn;endpoint=https://s3.us-west-004.backblazeb2.com

  6. Enable Cloud Locking: Select this option to achieve immutability of data tiered to the cloud.

    NOTE:Cloud Locking works with RDA and Object containers only. Data that is set as immutable on the local storage is also set as immutable when tiered to the cloud.

    Enabling locking at the Cloud Tier is required so the containers that are tiering data to this Cloud Tier can choose to enable locking as part of their cloud tiering policy.

  7. To apply encryption, select Encryption and enter the following:
    • Passphrase — The passphrase is user-defined and is used to generate a passphrase key that encrypts the file in which the content encryption keys are kept. The passphrase is a human readable key, which can be up to 255 bytes in length.

      IMPORTANT: It is mandatory to define a passphrase to enable encryption. If the passphrase is compromised or lost, the administrator should change it immediately so that the content encryption keys do not become vulnerable. If this passphrase is lost or forgotten, data in the cloud will be unrecoverable.

    • Confirm Passphrase — Re-enter the passphrase used above.
  8. Click Configure. A Cloud Storage Group will be created.
  9. To enable replication to the cloud, you must link a local container to the cloud using the procedures in Adding a cloud tiering policy.

Adding a cloud tier through the command line

To add a cloud tier, complete the following steps.

  1. Access the QoreStor CLI. Refer to Accessing the CLI commands for more information.
  2. Add a new cloud tier using the command

    cloud_tier --add --cloud_container <bucket name> --cloud_provider <AWS-S3|AZURE|Wasabi-S3|Backblaze-S3|Scality-Artesca-S3|Google-S3|IBM-S3|S3-Compatible> --name <cloud tier name>

    NOTE: You will be prompted to enter your Azure connection string or cloud provider access string after executing the command.

    Refer to the QoreStor Command LIne Reference Guide for more information on the cloud_tier command and available options.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级