Acronis Cyber Infrastructure 4.
Table of contents 1 Introduction 4 2 Planning the infrastructure 5 2.1 Hardware requirements 5 2.2 Understanding storage policies 6 3 Managing the storage cluster 9 3.1 Installing Acronis Cyber Infrastructure 9 3.2 Configuring networks 10 3.3 Creating the storage cluster 11 4 Managing the compute cluster 13 4.1 Creating the compute cluster 13 4.2 Allocating resources 14 4.2.1 Creating domains, projects, and users 14 4.2.2 Creating storage policies 16 4.2.
8.2 High availability for the services 29 8.
1 Introduction Acronis Cyber Infrastructure represents a new generation of hyper-converged infrastructures targeted at both service providers and end customers. It is a scale-out, cost-efficient, and multipurpose cyber protection solution that combines universal storage and high-performance virtualization. Acronis Cyber Infrastructure works seamlessly with the Acronis Cyber Cloud suite of products, Acronis Cyber Backup.
2 Planning the infrastructure 2.1 Hardware requirements There are many hardware configurations supported and described in "Plan hardware configuration" in the Administrator Guide. However, for the evaluation purposes, we recommend deploying three nodes. This is to ensure that the cluster can survive the failure of one node without data loss. The following table lists the minimum hardware requirements for each of the three nodes.
The DNS names are used by backup agents to send backups to and retrieve them from cloud storage. If your client machines and Acronis Cyber Infrastructure nodes are located in different datacenters, we strongly recommend configuring the DNS name in one of your preferred DNS services: Azure DNS for Azure, Amazon Route 53 for Amazon, or Google Cloud DNS for Google. If it is not possible for some reason, you have to manually add the DNS name to the /etc/hosts file on each node.
Redundancy means that the data is stored across different storage nodes and stays highly available even if some nodes fail. If a storage node is inaccessible, the data copies on it are replaced by new ones that are distributed among healthy storage nodes. When the storage node goes up after the downtime, out-of-date data on it is updated. With replication, Acronis Cyber Infrastructure breaks a volume into fixed-size pieces (data chunks).
different storage nodes, just one copy per node. If a node fails, the data is still accessible from the healthy nodes. A disk can also be a failure domain, though it is only relevant for one-node clusters. As you have three nodes in this scenario, we recommend choosing the host failure domain. l The third parameter, redundancy, should be configured to fit the available disks and tiers. In our evaluation example, you have three nodes: all of them have SSDs on tier 2.
3 Managing the storage cluster This chapter outlines the steps to install Acronis Cyber Infrastructure and configure its initial settings for further deployment. First, you need to create a basic infrastructure on the management node, and then add secondary nodes to it in a similar manner. We recommend adding two secondary nodes for evaluation. Then, configure the networks and create a storage cluster on your nodes. 3.
The node may appear on the Infrastructure > Nodes screen with the Unassigned status as soon as the token is validated. However, you will be able to join it to the storage cluster only after the installation is complete. 9. On step 5, choose a disk for the operating system. This disk will have the supplementary role System, although you will still be able to set it up for data storage in the admin panel. You can also create software RAID1 for the system disk, to ensure its high performance and availability.
The figure below shows the sample network infrastructure we are going to build for our evaluation scenario: Note If you only have one network, do not connect one node to it via two interfaces. In case of one network, work with one public interface of the node. 3.3 Creating the storage cluster Now that you have created the management and secondary nodes and configured networking, you can proceed to create the storage cluster. 1. Open the Infrastructure > Nodes screen, and then click Create storage cluster.
To add a secondary node, do the following: a. On the Infrastructure > Nodes screen, click an unassigned node. b. On the node right pane, click Join to cluster. c. Click Join to assign the roles to disks automatically and add the node to the default location. Alternatively, click the cogwheel icon to configure the disk roles or node location. 1. For the evaluation scenario, you need to assign a node’s storage disks to various tiers (refer to "Understanding storage policies" (p. 6)).
4 Managing the compute cluster Acronis Cyber Infrastructure offers high-performance virtualization, and its fundamental component is a compute cluster. It allows admins to create multiple tenants, virtual machines, and softwaredefined networks, as well as easily deploy container orchestration solutions like Kubernetes. In this section, we will have a look at two common scenarios for the compute cluster: l A service provider (SP) offers virtualization services to end customers.
and network load balancers. Otherwise, you can leave IP address management disabled. Select an infrastructure network to connect the physical network to and its type: select VLAN and specify a VLAN ID to create a VLAN-based network, or select Untagged to create a flat physical network. 3. In the Add-on services section, you can install additional services if you want to evaluate them as well. Or you can do it later, as described in the Administrator Guide. 4.
l System administrators have full control over Acronis Cyber Infrastructure and can access the admin panel. This is the role you get by default when installing Acronis Cyber Infrastructure. These are usually infrastructure administrators of an MSP or the main IT department of an enterprise, depending on your business case. l Domain administrators are in charge of their domains. A domain is a collection of virtualization projects (tenants) and users (end customers).
1. Create a domain. To do this, log in to the admin panel and open the Settings > Projects and users screen. Click Create domain in the upper-right corner. Specify a name and a description for the new domain. Click Create. 2. Create an admin account for the new domain. To do this, select the newly created domain and click Create user. Specify a login and a password, and then select the Domain administrator role.
Along with compute networks, you can create floating IPs. A floating IP is a public IP address that you can manually assign to a private IP address of a virtual machine. It will let you access the virtual machine from the public network, even though it only has a private IP address. To create a floating IP, you will first need to link a physical and a virtual network with a virtual router. For more details, refer to "Manage floating IP addresses" in the Administrator Guide. 4.
Note You can also migrate virtual machines from VMware vCenter by using the virt-v2v tool, as described in "Migrating virtual machines from VMware vCenter" in the Administrator Command Line Guide. Once your virtual machine is ready, you can perform a wide range of operations on it: stop and start, suspend and resume, reboot, migrate, and more. For more details, refer to "Manage virtual machines" in the Administrator Guide.
5 Exporting storage space Acronis Cyber Infrastructure allows you to export storage space: l As block storage via iSCSI for virtualization, databases, and other needs. You can export cluster disk space to external physical or virtual hosts, in the form of LUN block devices over iSCSI and in a SAN-like manner. l As object storage for storing an unlimited number of files via an S3-compatible protocol.
The newly created target group will appear on the Target groups tab. Its targets will start automatically. Click the group name to view its details. On the Target tab, you can add more nodes for new targets. You can also view or add LUNs on the LUNS tab. 5.1.2 Creating volumes 1. Open Storage services > Block storage > Volumes and click Create volume. A wizard will open. 2. For Name and size, enter a volume name and specify its size. Note that volumes can be extended later, but not shrunk. 3.
3. Click Save configuration. 4. Proceed to the Devices tab and click Refresh. The newly added disk will appear in the list of devices. 5. Select the disk and click New datastore. In the wizard that appears, enter a name for the datastore and select partitioning options. Click Finish to partition the disk. Warning! Partitioning the disk will erase all data from it. 6. The ready-to-use disk will appear in the list of datastores.
1. In the left menu, click Storage services > S3. Select three nodes for our evaluation scenario, and click Create S3 cluster in the right menu. 2. Next, select a storage policy. 3. Specify the external (publicly resolvable) DNS name for the S3 endpoint that will be used by the end users to access the object storage. For example, s3.example.com. Click Proceed. 4. From the drop-down list, select an S3 endpoint protocol: HTTP or HTTPS, or both.
4. Once the connection is established, you can see the existing buckets and create new ones. Click File > New Folder to create a bucket. Specify a name for the new bucket, and then click Create. Use bucket names that comply with DNS naming conventions. To manage files in buckets, you have to log in to the S3 portal as a user. For more information, refer to "Accessing S3 buckets" in the Storage User Guide. 5.
recommend selecting three nodes. 3. Click Create. After the NFS cluster has been created, you can proceed to create NFS shares. 5.3.2 Creating NFS shares 1. On the Storage services > NFS > Shares screen, click Add NFS share. 2. On the Add NFS Share panel, specify a name (for example, share1) and a unique resolvable static IP address from the public network. 3. In Share size, specify the size. For users accessing exports, this value will be the filesystem size. 4.
6 Connecting Acronis Cyber Backup Cloud software to storage backends via Backup Gateway Backup storage uses Backup Gateway is a storage access point. It is intended for service providers who use Acronis Cyber Backup and/or Acronis Cyber Backup Cloud and want to store their clients’ backed-up data in the local cluster, in the cloud (like Google Cloud, Microsoft Azure, and AWS S3), or on NAS (via the NFS protocol).
4. Specify a DNS name that will be associated with the selected cluster and used to register that cluster within Acronis Cyber Backup Cloud (like backup.example.com). The new DNS name is associated with each node’s IP address in the selected cluster. A specific node for backup operations is selected automatically by the backup agent. It depends on a number of factors, such as node availability and load. Click Next. 5. Specify the URL of your Acronis Cyber Backup Cloud instance.
about the registered gateways and their performance. Note If the current storage does not have a public IP address and a DNS name, the Web Restore tool for Acronis Cyber Cloud cannot work properly. 6.2 Configuring Acronis Cyber Backup Cloud 1. Log in to the Acronis Cyber Cloud management console. Then, navigate to Settings > Locations. Make sure that the system created a new backup destination with the corresponding name derived from the DNS name.
7 Monitoring the storage cluster Acronis Cyber Infrastructure provides built-in monitoring tools, including a pre-integrated Prometheus engine and pre-configured Grafana dashboards, which show service state, availability, and performance, as well as network bandwidth, migration/replication backlog, memory, and CPU usage. Integration with third-party systems is possible via 100%-compatible OpenStack APIs.
8 Enabling high availability High availability keeps Acronis Cyber Infrastructure services operational even if the node they are located on fails. In such cases, services from a failed node are relocated to healthy nodes. You have previously built a cluster of three nodes, and can now make it more resilient and redundant. To do that, enable high availability for the management node, the admin panel, and services. 8.
rerouted via targets located on healthy nodes. Volumes exported via iSCSI remain accessible as long as there is at least one path to them. l S3 service. If an S3 node fails or becomes unreachable over the network, the name server and object server components hosted on it are automatically balanced and migrated between other S3 nodes. S3 gateways are not automatically migrated; their high availability is based on DNS records. You need to maintain the DNS records manually when adding or removing S3 gateways.
You have just run a demonstration where a node was forcibly powered off, causing the services and the data to be evacuated to healthy nodes and remain available without downtime.
