Acronis Storage 2.
Copyright Statement Acronis International GmbH, 2002-2016. All rights reserved. ”Acronis” and ”Acronis Secure Zone” are registered trademarks of Acronis International GmbH. ”Acronis Compute with Confidence”, ”Acronis Startup Recovery Manager”, ”Acronis Active Restore”, ”Acronis Instant Restore” and the Acronis logo are trademarks of Acronis International GmbH. Linux is a registered trademark of Linus Torvalds. VMware and VMware Ready are trademarks and/or registered trademarks of VMware, Inc.
Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1.1 1 About Acronis Storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 2. Managing Acronis Storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 2.1 2.2 Configuring Node Network Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 2.1.
2.12.1 Installing License Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 2.12.2 Installing SPLA Licenses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 2.13 Connecting Remote iSCSI Devices to Storage Cluster Nodes . . . . . . . . . . . . . . . . . . . . . . 40 2.13.1 Assigning Disk Roles To Remote iSCSI Devices . . . . . . . . . . . . . . . . . . . . . . . . . 41 3. Monitoring the Storage Cluster . . . . . . . . . . . . . . . . . . . .
6.1.2 Listing, Stopping, and Deleting iSCSI Targets . . . . . . . . . . . . . . . . . . . . . . . . . . 69 6.1.3 Configuring iSCSI Targets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69 6.1.4 6.2 6.1.3.1 Listing LUNs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71 6.1.3.2 Adding LUNs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71 6.1.3.3 Configuring LUNs . . . . . . . . . . . . . . . . . . . . . . . . . .
.3.2 Creating NFS Shares . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .100 6.3.3 Creating NFS Exports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .101 6.3.4 6.4 iv 6.3.3.1 Creating the Root Export . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .101 6.3.3.2 Creating User Exports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .102 Setting Up User Authentication and Authorization . . . . . . . . . . . .
CHAPTER 1 Introduction To support the growing demand for both high performance and high data availability, modern data centers need a fast, flexible storage solution. Existing solutions, however, are often difficult to manage and maintain, or not flexible enough (e.g., local RAID arrays), or too expensive (e.g., storage area networks). Acronis Storage is designed to solve these issues. It can run on commodity hardware, so no significant infrastructure investments are needed.
CHAPTER 2 Managing Acronis Storage To start managing Acronis Storage, log in to the management panel as admin (or superadmin) and make sure that storage nodes are shown on the NODES screen. The first step to perform, before you can create the cluster, is to create the internal and public networks required by Acronis Storage. You can do that by configuring the network interfaces of all nodes. Having created the networks, you can proceed to creating storage clusters. 2.
2.1. Configuring Node Network Interfaces 2. On the node overview screen, click NETWORK.
Chapter 2. Managing Acronis Storage 3. Select a network interface and click Configure. 4. On the Configure screen, do one of the following: • To obtain the IP address, DNS, and routing settings from the DHCP server, select Automatically (DHCP). • To obtain just the IP address from the DHCP server, select Automatically (DHCP address only). • To specify the IP address manually, select Manual and add the IP address.
2.1. Configuring Node Network Interfaces 5. If necessary, set up a gateway and a DNS server. 6. If you have set a custom maximum transmission unit (MTU) on the network hardware, set the same value in the corresponding field. Warning: Setting a custom MTU in management panel prior to configuring it on the network hardware will result in network failure on the node and require manual resetting.
Chapter 2. Managing Acronis Storage Installation Guide). 9. If you need to open specific ports on a network interface with public roles, do the following: 9.1. Click Configure.
2.1. Configuring Node Network Interfaces 9.2. On the Configure custom role panel, create custom roles: click Add and specify role names and ports. Custom roles can later be assigned to any network interface in a cluster. To remove a custom role, make sure it is not assigned to any interface, select it, and click Remove. 9.3. Click Done to return to the Choose roles panel. 10. Select the required roles and click Done to assign them. 2.1.
Chapter 2. Managing Acronis Storage Gbps. To create a bond, do the following: 1. On the NODES screen, click the node to bond the network interfaces on. 2. On the node overview screen, click NETWORK. 3. In the NETWORK list, check network interfaces to bond, and click Create bonding in the menu to the right. 4. On the Configure Bonding panel, select the bonding type from the drop-down list. The balance-xor type is selected by default and recommended for both fault tolerance and good performance.
2.1. Configuring Node Network Interfaces 5. Set up network parameters as described in step 4 in Configuring Node Network Interfaces on page 2 and click PROCEED. 6. On the Choose roles panel, select roles to assign to the bonding network interface (for details, see the Installation Guide).
Chapter 2. Managing Acronis Storage 7. Click Done. 2.1.2 Setting Up VLAN Interfaces To set up a VLAN network interface, do the following: 1. On the NODES screen, click the node on which to configure VLAN. 2. On the node overview screen, click NETWORK. 3. Select a network interface and click Create VLAN. 4.
2.2. Creating the Storage Cluster gateway and a DNS server. 5. Click Proceed to create a VLAN interface. 2.2 Creating the Storage Cluster To create a storage cluster, you need to create a basic storage cluster on one (first) node, then populate it with more nodes.
Chapter 2. Managing Acronis Storage Important: To be able to create the storage cluster, you will need to assign the storage role to a node’s network interface. If you have remote iSCSI devices you wish to connect to cluster nodes, you can configure them prior to cluster creation as described in Connecting Remote iSCSI Devices to Storage Cluster Nodes on page 40. 2.2.1 Creating the Storage Cluster on the First Node 1. Open the NODES screen and click a node in the UNASSIGNED list. 2.
2.2. Creating the Storage Cluster 4. Make sure a network interface with the role Storage is selected from the Storage interface drop-down list. Note: If necessary, click the cogwheel icon and assign the required role(s) to network interfaces on the Network Configuration screen. 5. If required, enable data encryption. To do this, check the Encryption box (see Managing Tier Encryption on page 21) and proceed to create the cluster. Encryption will be enabled for all tiers by default.
Chapter 2. Managing Acronis Storage Note: You can later disable encryption for new chunk services (CS) on the SETTINGS > Advanced settings panel. 6. Click New cluster to have Acronis Storage assign the roles to disks automatically. Alternatively, click Advanced configuration to assign the roles to each drive manually and tweak other settings. You can monitor cluster creation progress in the HEALTHY list of the INFRASTRUCTURE > Nodes screen.
2.2. Creating the Storage Cluster 2. On the node overview screen, click Join cluster. 3. Make sure a configured network interface with a storage role is selected from the Storage interface drop-down list. Note: If the network was not previously configured, click the cogwheel icon and, on the Network Configuration screen, configure a storage role for a network interface.
Chapter 2. Managing Acronis Storage 4. Click Join cluster to have Acronis Storage assign the roles to disks automatically and add the node to the current cluster. Alternatively, click Advanced configuration to assign the roles to each drive manually (see Assigning Disk Roles Manually on page 16). 2.2.
2.2. Creating the Storage Cluster Data checksumming generates checksums each time some data in the cluster is modified. When this data is then read, a new checksum is computed and compared with the old checksum. If the two are not identical, a read operation is performed again, thus providing better data reliability and integrity. If a node has an SSD, it will be automatically configured to keep checksums when you add a node to a cluster. This is the recommended setup.
Chapter 2. Managing Acronis Storage be additionally assigned the Metadata or Storage role. In this case, a physical server can have at least 2 disks. 2. It is recommended to assign the System+Metadata role to an SSD. Assigning both these roles to an HDD will result in mediocre performance suitable only for cold data (e.g., archiving). 3. The System role cannot be combined with the Cache and Metadata+Cache roles.
2.3. Releasing Nodes from the Storage Cluster 6. Click PROCEED. You can monitor disk configuration progress in the HEALTHY list of the NODES screen. 2.3 Releasing Nodes from the Storage Cluster To release a node means to remove it from the cluster (e.g., for maintenance). As the node may be running services needed by the cluster, do the following prior to releasing it to avoid cluster degradation: 1. If the node runs one of the five required metadata services, add a metadata role to another node.
Chapter 2. Managing Acronis Storage 2. If the node has any access points, make sure that the same access points are configured on other nodes in the cluster as well. 3. If the node has iSCSI targets, move them to a different node. 4. If the node has an S3 gateway or ABGW, reconfigure DNS for S3 and ABGW access points to remove the node from DNS records. Next, release the node from S3 and ABGW in the corresponded sections of the SERVICES screen. 5.
2.5. Managing Tier Encryption • By reinstalling Acronis Storage on the node from scratch. 2.5 Managing Tier Encryption Acronis Storage can encrypt data stored on disks with the AES-256 standard, so if a disk gets lost or stolen the data will be safe. Acronis Storage stores disk encryption keys in cluster’s metadata (MDS). Encryption can be enabled or disabled only for the newly created chunk services (CS).
Chapter 2. Managing Acronis Storage 2.6 Managing Users During the management panel installation on the first node, Acronis Storage creates the default unique administrator account, superadmin. The user name for this account is admin and the password is specified during installation. This account cannot be deleted and its privileges cannot be changed. Other than that, superadmin does not differ from a user account assigned the Administrator role (i.e. an admin).
2.6. Managing Users 4. Check the roles to assign to the account and click Done. 2.6.2 Managing User Accounts Any user can change their account password by clicking the user icon in the top right corner of the management panel and then clicking Change password. An admin can create/delete other users’ accounts, add/remove roles from them, change their descriptions and passwords (although superadmin’s password can only be changed by superadmin), as well as enable/disable user accounts (i.e.
Chapter 2. Managing Acronis Storage open the Settings -> Users screen, select a user from the list, and click Configure or Delete depending on what you need to do. 2.6.3 Adding LDAP or Active Directory Users You can add users and user groups to Acronis Storage from an external LDAP-compliant database or Microsoft Active Directory. These users will be able to log in using their respective user names and passwords.
2.6. Managing Users To add an LDAP (or AD) user or group to Acronis Storage, do the following: 1. On the SETTINGS > Advanced settings screen, open the LDAP/AD tab. 2. Select LDAP or Microsoft Active Directory from the Type drop-down list. 3.
Chapter 2. Managing Acronis Storage 5. On the SETTINGS > Users screen, click ADD LDAP USER. 6. On the Add LDAP users panel, select users or user groups to add to Acronis Storage and click Add. 7. On the Roles panel, select the roles to assign to selected users or user groups. Note: 26 If a role is assigned to a group, every user in it is granted the corresponding privileges.
2.6. Managing Users 8. Click Add to add users to Acronis Storage.
Chapter 2. Managing Acronis Storage 2.7 Managing Updates You can update your Acronis Storage infrastructure using the management panel. Important: To check for and download updates, the cluster must be healthy and each node in the infrastructure must be able to open outgoing Internet connections. To update Acronis Storage, do the following: 1. Open the SETTINGS > Updates screen and click CHECK FOR UPDATES. The script will run yum update on each node.
2.7. Managing Updates 2.7.1 Upgrading to Acronis Software-Defined Infrastructure 2.5 You can upgrade your Acronis Storage installation to Acronis Software-Defined Infrastructure 2.5 in-place from the management panel. The procedure is similar to updating. The following conditions must be met in order to upgrade: • All nodes in the storage cluster are updated to the latest version, which is Acronis Storage 2.4 Update 2. • All cluster nodes have unique hostnames.
Chapter 2. Managing Acronis Storage • No tasks are running. Make sure there are no running tasks like adding or removing cluster nodes, reconfiguring network adapters, or similar. If the storage cluster does not meet any of these requirements, you will see corresponding alerts when attempting to upgrade. Nodes will be upgraded one at a time. Each node will reboot to finalize the procedure, so you may expect some downtime. Highly available storage services, however, should continue working.
2.9. Backing Up and Restoring Management Database To delete the key after root access is no longer required, select the key and click Delete. 2.9 Backing Up and Restoring Management Database Acronis Storage stores node information, statistics, and configuration in a database on the node with the management panel. Database backups are created automatically every day. Warning: Do not rename the backup file! Otherwise you will not be able to restore the management database from it.
Chapter 2. Managing Acronis Storage Once backup is completed, the Last backup date will be refreshed. 2.9.1 Restoring Management Database from Backup You can restore a management node database from backup on the following nodes: • the same management node or any node assigned to a cluster, • a new node outside the cluster. In this case, Acronis Storage will restore the database and install only the management panel component on the node.
2.10. Enabling Management Panel High Availability public and internal roles. They will be assigned the WebCP and Management roles, respectively. Note: You can specify the same network interface in both parameters. To restore the database to a new node, do the following: 1. Copy the backup file /mnt/vstorage/webcp/backup/backup-.tar from the initial management node to the same directory on the target node. 2.
Chapter 2. Managing Acronis Storage 3. Select at least 3 nodes to host management panel instances and click Create HA. 4. Make sure a configured network interface with an internal management role is selected from the Management private interface drop-down list of each node.
2.10. Enabling Management Panel High Availability 5. On the Configure network screen, set a static IP address dedicated for the HA management panel. It must be different from the IP addresses of any node in the cluster and accessible from the public network. Click DONE.
Chapter 2. Managing Acronis Storage Once the management panel high availability is enabled, you can log in to the panel only at https://:8888. To remove management panel instances from the nodes, select them from the HA list on the MANAGEMENT NODE HA tab and click Release nodes. 2.
2.12. Managing Licenses accept it in your browser. 2.12 Managing Licenses Acronis Storage comes with a trial license that allows you to evaluate its features. The trial license has no expiration date but limits the storage capacity to 1TB. To start using Acronis Storage in a production environment, it is recommended to install a commercial license. The following licensing models are supported: • License key.
Chapter 2. Managing Acronis Storage 2. On the LICENSES screen, click Upgrade and Register key. 3. Paste the license key, click REGISTER, and choose one of the following: • Upgrade, to add storage capacity. • Prolong, to prolong the license. 4. Click Activate. The expiration date or storage capacity will change according to what the key grants.
2.12. Managing Licenses 2.12.2 Installing SPLA Licenses To install a SPLA license, do the following: 1. On the LICENSES screen, click Upgrade and Use SPLA. 2. In the Use SPLA window, select a region from the drop-down list and click Activate. You will be redirected to a log in page of Acronis Data Cloud. 3. Log in to Acronis Data Cloud. 4. In the Register cluster window, accept the license agreement. 5. In the registration confirmation window, click Done.
Chapter 2. Managing Acronis Storage 2.13 Connecting Remote iSCSI Devices to Storage Cluster Nodes Acronis Storage allows you to connect remote iSCSI devices to nodes and perceives their LUNs as storage disks. You can connect iSCSI devices to nodes at any time. To connect a remote iSCSI device to a node, do the following: 1. On the NODES screen, select a node, open its DISKS tab, and click iSCSI target.
2.13. Connecting Remote iSCSI Devices to Storage Cluster Nodes 2. In the Remote iSCSI Target window, do the following: 2.1. Specify the IQN of the target. 2.2. In the Portal and Port fields, specify the target’s IP address and port (optional) and click the corresponding check icon. 2.3. (Optional) If the target has multiple paths, click Add portal and configure it as in the previous step. 2.4. (Optional) If necessary, check CHAP authentication and specify the credentials. 2.5. Click Connect.
CHAPTER 3 Monitoring the Storage Cluster You can monitor the performance of the storage cluster as a whole and its parts. 3.1 Monitoring Storage Cluster Status The overall cluster statistics are available on the cluster OVERVIEW screen. Pay attention to the cluster status that can be one of the following: • HEALTHY. All cluster components are active and operate normally. • UNKNOWN. Not enough information about the cluster state (e.g., because the cluster is inaccessible). • DEGRADED.
3.2. Monitoring Storage Cluster Space The two charts that provide information on how storage space is used are PHYSICAL SPACE and LOGICAL SPACE. They are described in the following sections in more detail. 3.2.1 Physical Space Chart The PHYSICAL SPACE chart shows the combined space of all disks available to the cluster. The following statistics are available: • Used space. The space occupied by all data chunks and their replicas plus the space occupied by any other data stored on cluster nodes’ disks.
Chapter 3. Monitoring the Storage Cluster not taken into account. • Free space. The difference between the two above. 3.2.2.1 Understanding Logical Space When monitoring disk space information in the cluster, keep in mind that logical space is the amount of free disk space that can be used for storing user data in the form of data chunks and all their replicas. Once this space runs out, no data can be written to the cluster.
3.2. Monitoring Storage Cluster Space State Description blocked Percentage of chunks which have fewer active replicas than the set minimal amount. Write requests to a blocked chunk are frozen until it has at least the set minimum amount of replicas. Read requests to blocked chunks are allowed, however, as they still have some active replicas left. Blocked chunks have higher replication priority than degraded chunks.
Chapter 3. Monitoring the Storage Cluster If some of the services were not in the healthy state for some time, these time periods will be highlighted in red on the charts. 3.2.5 Monitoring Storage Cluster I/O Activity You can monitor the history of the cluster I/O activity on the READ and WRITE charts on the cluster OVERVIEW screen.
3.3. Monitoring Storage Cluster Objects via SNMP The current cluster I/O activity averaged for the last 10 seconds is shown as: • the speed of read and write I/O operations, in megabytes per second (MB/s). • the number of read and write I/O operations per second (IOPS). 3.3 Monitoring Storage Cluster Objects via SNMP You can monitor cluster objects via the Simple Network Management Protocol (SNMP).
Chapter 3. Monitoring the Storage Cluster 3.3.1 Enabling SNMP Access To monitor cluster objects, enable the SNMP access on the node. Do the following in the management panel: 1. On the SETTINGS > Advanced settings > SNMP tab, check Enable SNMP on management node. Doing so lets your network management system (SNMP monitor) access the cluster via the SNMP protocol on the management node’s port 161. 2. Click the corresponding link to download the MIB file and set it up in your SNMP monitor. 3.
3.3. Monitoring Storage Cluster Objects via SNMP 3.2. Specify the IP of the system, and, if required, change the default Port and Community. 3.3. If required, click SEND TEST TRAP to test the service. 4. Click SAVE to apply changes. 3.3.2 Accessing Storage Cluster Information Objects via SNMP You can access storage cluster information objects with SNMP tools of your choice, e.g., the free Net-SNMP suite for Linux.
Chapter 3. Monitoring the Storage Cluster authCommunity log,execute,net public 2. Start the daemon and specify the MIB file: # snmptrapd -M /usr/share/snmp/mibs -m VSTORAGE-MIB -n -f -Lf /tmp/traps.log 3. Send a test trap from the SETTINGS > Advanced settings > SNMP tab in the management panel. 4. View the log file: # tail -f /tmp/traps.log 2017-04-23 02:48:18 UDP: [127.0.0.1]:58266->[127.0.0.1]:162 [UDP: \ [127.0.0.1]:58266->[127.0.0.1]:162]: SNMPv2-SMI::mib-2.1.3.0 = Timeticks: (1687405) 4:41:14.05 \ SNMPv2
3.3. Monitoring Storage Cluster Objects via SNMP 3. Navigate to the template, select it, and click Import. 4. Click Configuration > Hosts > Create host.
Chapter 3. Monitoring the Storage Cluster 5. On the Host tab, do the following: 5.1. Specify the Host name of the management node and its Visible name in Zabbix. 5.2. Specify vstorage in the New group field. 5.3. Remove the Agent Interfaces section. 5.4. Add an SNMP interfaces section and specify the IP of the management node in the corresponding field. 6. On the Templates tab, click Select next to the Link new templates field.
3.3. Monitoring Storage Cluster Objects via SNMP 7. In the Zabbix Server: Templates window, check the Template VStorageSNMP template and click Select. 8. Back on the Templates tab, click the Add link in the Link new templates section. The VStorageSNMP template will appear in the Linked templates group. 9. Having configured the host and added its template, click the Add button.
Chapter 3. Monitoring the Storage Cluster In a few minutes, the cluster’s SNMP label in the Availability column on the Configuration > Hosts screen will turn green. To monitor cluster’s parameters, open the Monitoring > Latest data screen, set the filter’s Host groups to vstorage and click Apply. You can create performance charts on the Configuration > Hosts > > Graphs tab and a workplace for them on the Monitoring > Screens tab. 3.3.
3.3. Monitoring Storage Cluster Objects via SNMP Object Description VSTORAGE- License expiration status. MIB::licenseExpirationStatus VSTORAGE-MIB::ioReadOpS Current read speed in operations per second. VSTORAGE-MIB::ioWriteOpS Current write speed in operations per second. VSTORAGE-MIB::ioReads Current read speed in bytes per second. VSTORAGE-MIB::ioWrites Current read write in bytes per second. VSTORAGE-MIB::csActive The number of active chunk servers.
Chapter 3. Monitoring the Storage Cluster Object Description VSTORAGE-MIB::mdsMemUsage The amount of memory used by a metadata server. VSTORAGE-MIB::mdsCpuUsage The percentage of the CPU’s capacity used by a metadata server. VSTORAGE-MIB::mdsUpTime Time since the startup of a metadata server. The table below describes SNMP traps triggered by the specified alerts: Trap Alert licenseExpired The license has expired. tooFewClusterFreeLogicalSpace Too few free space is left.
CHAPTER 4 Monitoring Storage Cluster Nodes Nodes added to the Acronis Storage infrastructure are listed on the NODES screen, grouped by status. If the storage cluster has not been created yet, you will only see nodes in the UNASSIGNED list. If the storage cluster exists, its nodes will be listed on the screen. 4.1 Storage Cluster Node Statuses A storage cluster node can have one of the following statuses: • HEALTHY. All the storage services on the node are running. • OFFLINE.
Chapter 4. Monitoring Storage Cluster Nodes 4.2 Monitoring Storage Cluster Node Performance To monitor the performance of a storage cluster node, open the NODES screen and click a node. On the node overview screen, you will see performance statistics described below. The overall statistics include: • the number of CPUs and the amount of RAM, • CPU usage, in percent over time, • RAM usage, in percent over time.
4.2. Monitoring Storage Cluster Node Performance • the amount of transmitted (TX) and received (RX) traffic over time. The following sections provide more information on disk and network usage. 4.2.1 Monitoring Storage Cluster Node Disks To monitor the usage and status of node disks, click the DISKS link on the node overview screen. You will see a list of all disks on the node and their status icons. A disk status icon shows the combined status of S.M.A.R.T. and the service corresponding to the disk role.
Chapter 4. Monitoring Storage Cluster Nodes 4.2.1.1 Monitoring the S.M.A.R.T. Status of Node Disks The S.M.A.R.T. status of all disks is monitored by a tool installed along with Acronis Storage. Run every 10 minutes, the tool polls all disks attached to nodes, including journaling SSDs and system disks, and reports the results to the management node. Note: For the tool to work, make sure the S.M.A.R.T. functionality is enabled in node’s BIOS. If a S.M.A.R.T.
CHAPTER 5 Viewing Alerts and Audit Log and Sending E-mail Notifications This chapter describes Acronis Storage alerts, audit log, and e-mail notifications settings. 5.1 Viewing Alerts The ALERTS tab lists all the alerts logged by Acronis Storage.
Chapter 5. Viewing Alerts and Audit Log and Sending E-mail Notifications To view an alert details, select an alert on the ALERTS tab and click Details. Alerts can be ignored (deleted from the alerts list) or postponed for several hours. Postponed alerts reappear in the list after some time. To ignore or postpone an alert, select it and click the corresponding button. 5.2 Viewing Audit Log The AUDIT LOG tab lists all management operations performed by users and their activity events.
5.3. Sending E-mail Notifications To view detailed information on a log entry, select it and click Show extended details. 5.3 Sending E-mail Notifications Acronis Storage can send automatic e-mail notifications about errors, warnings, and alerts. To set up e-mail notifications, do the following: 1.
Chapter 5. Viewing Alerts and Audit Log and Sending E-mail Notifications 1.1. In the From and Sender name fields, the notification sender’s e-mail and name. 1.2. In the To field, one or more notification recipient e-mails, one per line. 1.3. In the User account fields, the credentials of the notification sender registered on the SMTP server. 1.4. In the Outgoing SMTP server field, the DNS name of the SMTP server, either public (e.g., smtp.gmail.com) or the one in your organization.
5.3. Sending E-mail Notifications 2. Tick the checkboxes for alerts you want to get notified about. 3. Click SAVE. To send a test e-mail, specify your e-mail registered on the SMTP server in both the From and To fields and click TEST.
CHAPTER 6 Exporting Storage Cluster Data Acronis Storage allows you to export storage space as: • Block storage via iSCSI for virtualization, databases and other needs. • Object storage for storing unlimited number of files via an Amazon S3 compatible protocol. You can store data like media files, backups, Open Xchange files and access the storage using Dropbox-like applications. You can build your own Amazon S3 compatible object storage services as a part of your cloud offering or for internal needs.
6.1. Exporting Data via iSCSI In this example, two Acronis Storage nodes host one iSCSI target each, while the third hosts two iSCSI targets. Each node connects to two networks: internal for storage cluster communication and external (in relation to the storage cluster) for iSCSI exporting. Each iSCSI target has a unique static IP address from a dedicated subnet of the datacenter network. 6.1.1 Creating iSCSI Targets Note: 1.
Chapter 6. Exporting Storage Cluster Data 2. On the Add target panel, type a name for the new target in the Name field. 3. In the node drop-down list, select a node on which the target will be located. The node should have an iSCSI role assigned to one of its network interfaces to appear in the list. 4. If necessary, check the Enable CHAP box and select an iSCSI user in the corresponding drop-down list (For more information on CHAP users, see Managing iSCSI Users on page 73).
6.1. Exporting Data via iSCSI 5. Click Add to specify one or more IP addresses for the target. 6. If necessary, enable and specify IOPS and bandwidth limits for the target. If both limits are set, the first one that is hit is applied. Setting a limit value to zero disables the limit. 7. Click Done to create the target. The ISCSI target will be automatically started after creation and the initiators will be able to access the target via the specified IP address. 6.1.1.
Chapter 6. Exporting Storage Cluster Data 3. Click Done.
6.1. Exporting Data via iSCSI 6.1.3.1 Listing LUNs Each iSCSI target can have multiple LUNs (virtual disks or volumes). You can list the LUNs of a target and iSCSI initiators that are currently connected. To list the LUNs, open the SERVICES > iSCSI > Targets screen, select a target and click a link in the LUNs column. To list the initiators that are currently connected to iSCSI targets, open the INITIATORS tab on the same screen. 6.1.3.2 Adding LUNs To add a LUN to an iSCSI target, do the following: 1.
Chapter 6. Exporting Storage Cluster Data 3. On the Add LUN screen, select the LUN’s number from the drop-down list. 4. In the LUN Size field, specify the size of the LUN in GB; select a tier from the drop-down list to the right. For more information on tiers, see the Installation Guide. 5. From the Failure domain drop-down list, choose a placement policy for replicas. For more details, see the Installation Guide.
6.1. Exporting Data via iSCSI 6. Choose a data redundancy mode. For more details, see the Installation Guide. 7. Click Done. 6.1.3.3 Configuring LUNs To configure a LUN of an iSCSI target, do the following: 1. On the SERVICES > iSCSI > Targets screen, stop the target to which the LUN belongs. 2. Click a link in the target’s LUNs column. 3. On the Configure LUN screen, specify the LUN size in the corresponding field. 4. Click Done. 6.1.3.4 Deleting LUNs To delete a LUN, do the following: 1.
Chapter 6. Exporting Storage Cluster Data 2. Specify login, password, and, if necessary, a description for the account. The password should be 12 to 16 characters long for Windows clients to be able to establish connections. 3. Click Done. The newly created CHAP user account will be listed on the iSCSI Users screen. 6.1.4.2 Creating iSCSI Targets Bound to CHAP Accounts To create an iSCSI target bound to a CHAP account, do the following: 1.
6.1. Exporting Data via iSCSI 3. Click Done. 6.1.4.3 Changing CHAP Account Passwords To change the password of a CHAP account, do the following: 1. On the SERVICES > iSCSI Users screen, select a user and click Configure. 2. In the Password section on the Configure user screen, click change.
Chapter 6. Exporting Storage Cluster Data 3. Type a new password in the corresponding field and click Done. The password should be 12 to 16 characters long for Windows clients to be able to establish connection. The new password will become active after target reboot. 6.2 Exporting Data via S3 Acronis Storage allows you to export cluster disk space to customers in the form of an S3-like object-based storage.
6.2. Exporting Data via S3 that describes it as well as a unique identifier that allows finding the object in the storage. Object storage is optimized for storing billions of objects, in particular for application storage, static web content hosting, online storage services, big data, and backups. All of these uses are enabled by object storage thanks to a combination of very high scalability and data availability and consistency.
Chapter 6. Exporting Storage Cluster Data • An object server stores actual object data received from S3 gateway. The data is packed into special containers to achieve high performance. The containers are redundant, you can specify the redundancy mode while configuring object storage. An object server also stores its own data in block storage with built-in high availability. • A name server stores object metadata received from S3 gateway.
6.2. Exporting Data via S3 6.2.2 Planning the S3 Cluster Before creating an S3 cluster, do the following: 1. Define which nodes of the Acronis Storage cluster will run the S3 storage access point services. It is recommended to have all nodes available in Acronis Storage run these services. 2. Configure the network so that the following is achieved: • All components of the S3 cluster communicate with each other via the S3 private network. All nodes of an S3 cluster must be connected to the S3 private network.
Chapter 6.
6.2. Exporting Data via S3 6.2.4 Creating the S3 Cluster To set up object storage services on a cluster node, do the following: 1. Make sure that S3 private network is configured on each node that will run object storage services. 2. On the SERVICES > Nodes screen, check the box of each cluster node where object storage services will run. 3. Click Create S3 cluster. 4. Make sure a network interface with an Objest Storage private role is selected in the drop-down list.
Chapter 6. Exporting Storage Cluster Data 7. In Failure domain, choose a placement policy for replicas. For more details, see the Installation Guide. 8. In Data redundancy, select the redundancy mode that the object storage will use. For more details, see the Installation Guide. Note: You can later change the redundancy mode on the S3 > Settings panel. 9. Click Proceed. 10.
6.2. Exporting Data via S3 users to access the object storage. For example, mys3storage.example.com. Click Proceed. Important: Configure your DNS server according to the example suggested in the management panel. 11. From the drop-down list, select an S3 endpoint protocol: HTTP, HTTPS or both. Note: It is recommended to use only HTTPS for production deployments.
Chapter 6. Exporting Storage Cluster Data Note: 1. S3 geo-replication requires a certificate from a trusted authority. It does not work with self-signed certificates. 2. To access the data in the S3 cluster via a browser, add the self-signed certificate to browser’s exceptions. • Acquire a key and a trusted wildcard SSL certificate for endpoint’s bottom-level domain. For example, the endpoint s3.storage.example.com would need a wildcard certificate for *.s3.storage.example.
6.2. Exporting Data via S3 To check if the S3 cluster is successfully deployed and can be accessed by users, visit https:// or http:// in your browser. You should receive the following XML response: AccessDenied To start using the S3 storage, you will also need to create at least one S3 user. 6.2.
Chapter 6. Exporting Storage Cluster Data owner assigned to every object and bucket at creation. The entity owner has extra rights compared to other users. For example, the bucket owner is the only one who can delete that bucket. User model and access policies implemented in Acronis Storage comply with the Amazon S3 user model and access policies.
6.2. Exporting Data via S3 6.2.5.2 Managing S3 Access Key Pairs Each S3 user has one or two key pairs (access key and secret key) for accessing the S3 cloud. You can think of the access key as login and the secret key as password. (For more information about S3 key pairs, refer to the Amazon documentation.) The access keys are generated and stored locally in the Acronis Storage cluster on S3 name servers. Each user can have up to two key pairs.
Chapter 6. Exporting Storage Cluster Data 2. The existing keys will be shown on the Keys panel. • To revoke a key, click Revoke. • To add a new key, click Generate access key. To access a bucket, a user will need the following information: • management panel IP address, • DNS name of the S3 cluster specified during configuration, • S3 access key ID, • S3 secret access key, • SSL certificate if the HTTPS protocol was chosen during configuration.
6.2. Exporting Data via S3 Note: To Browse using an SSL certificate, make sure it is valid or, in case of a self-signed one, add it to browser’s exceptions. 6.2.6 Managing S3 Buckets All objects in Amazon S3-like storage are stored in containers called “buckets”. Buckets are addressed by names that are unique in the given object storage, so an S3 user of that object storage cannot create a bucket that has the same name as a different bucket in the same object storage.
Chapter 6. Exporting Storage Cluster Data 6.2.6.2 Managing Acronis Notary in S3 Buckets Acronis Storage offers integration with the Acronis Notary service to leverage blockchain notarization and ensure the immutability of data saved in object storage clusters. To use Acronis Notary in user buckets, you need to set it up in the S3 cluster and enable it for said buckets. Setting Up Acronis Notary To set up Acronis Notary, do the following: 1.
6.2. Exporting Data via S3 Enabling and Disabling Acronis Notary To enable or disable blockchain notarization for a bucket, select a bucket on the SERVICES > S3 > Buckets screen and click Enable Notary or Disable Notary, respectively. Notarization is disabled for new buckets by default. Note: Once you enable notarization for a bucket, certificates are created automatically only for the newly uploaded files. The previously uploaded files are left unnotarized.
Chapter 6. Exporting Storage Cluster Data • can be a series of valid name parts (described previously) separated by periods. An object key can be a string of any UTF-8 encoded characters up to 1024 bytes long. 6.2.7.2 Improving Performance of PUT Operations Object storage supports uploading objects as large as 5 GB per single PUT request (5 TB via multipart upload).
6.2. Exporting Data via S3 2. In the section of the home S3 cluster, click TOKEN and, on the Get token panel, copy the token. 3. In the management panel of the local datacenter, open the SERVICES > S3 > GEO-REPLICATION screen and click ADD DATACENTER.
Chapter 6. Exporting Storage Cluster Data 4. Enter the copied token and click Done. 5. Configure the remote Acronis Storage S3 cluster the same way. 6.2.9 Monitoring S3 Access Points The S3 monitoring screen enables you to inspect the availability of each S3 component as well as the performance of NS and OS services (which are highly available).
6.2. Exporting Data via S3 Warning: When the last node in the S3 cluster is removed, the cluster is destroyed, and all the data is deleted. To release a node from an S3 cluster, do the following: 1. On the SERVICES > S3 Nodes screen, check the box of the node to release. 2. Click Release. 6.2.11 Supported Amazon S3 Features This section lists Amazon S3 operations, headers, and authentication schemes supported by the Acronis Storage implementation of the Amazon S3 protocol. 6.2.11.
Chapter 6.
6.2. Exporting Data via S3 6.2.11.
Chapter 6. Exporting Storage Cluster Data • ETag • x-amz-delete-marker • x-amz-request-id • x-amz-version-id The following Amazon S3 REST response headers are not used: • Server • x-amz-id-2 Note: For more information on Amazon S3 REST response headers, see the Amazon S3 REST API documentation. 6.2.11.
6.3. Exporting Data via NFS 6.2.11.5 Supported Authentication Scheme and Methods The following authentication scheme is supported by the Acronis Storage implementation of the Amazon S3 protocol: • Signature Version 2. • Signature Version 4. The following authentication methods is supported by the Acronis Storage implementation of the Amazon S3 protocol: • HTTP Authorization header. • Query string parameters. 6.
Chapter 6. Exporting Storage Cluster Data 6.3.1 Setting Up an NFS Cluster Since NFS is based on object storage, creating an NFS cluster is similar to creating an S3 one. Do the following: 1. Assign the internal Objest Storage private role and the public NFS role to a network interface on each node that will be in the NFS cluster. You can do so on the NODES > node > NETWORK screen. 2. On the SERVICES > NFS screen, select the desired available nodes to add to the NFS cluster. 3. Click Create NFS cluster. 4.
6.3. Exporting Data via NFS 6.3.3 Creating NFS Exports The process of creating NFS exports includes the following steps: 1. Creating a root export that will contain user exports. 2. Mounting the root export. 3. Creating user exports in the mounted root export. 6.3.3.1 Creating the Root Export To create a root NFS export, do the following: 1. On the SERVICES > NFS > SHARES screen, click the number in the Exports column in the row of the desired share. This will open the share screen. 2.
Chapter 6. Exporting Storage Cluster Data This will create a directory with a default path, e.g., /0200000000000002. The path designates export location inside the share and is used (alongside share’s IP address) to mount the export. Important: Do not give the users access to the root export. The root export will be shown in the export list. After creating the root export, mount it as described in the User’s Guide. Warning: Do not mount NFS shares on cluster nodes. It may lead to node freeze. 6.3.3.
6.3. Exporting Data via NFS 3. Click Done. The user export will appear in the export list. 6.3.4 Setting Up User Authentication and Authorization Acronis Storage allows you to authenticate users for access to specific NFS shares via Kerberos and authorize them to access specific NFS exports inside these shares via LDAP.
Chapter 6. Exporting Storage Cluster Data 6.3.4.1 Authenticating NFS Share Users with Kerberos To enable user authentication in an NFS share, do the following: 1. Assign a forward and reverse resolvable FQDN (fully qualified domain name) to share’s IP address. 2. On the SETTINGS > Security > KERBEROS tab, specify the following Kerberos information: 2.1. In Realm, your DNS name in uppercase letters. 2.2.
6.4. Connecting Acronis Backup Software to Storage Backends via Acronis Backup Gateway 6.3.4.2 Authorizing NFS Export Users with LDAP By configuring access to a user directory via LDAP, you can control which users can access which NFS exports. You will need a directory of user accounts with desired NFS access parameters. To configure access to an LDAP server, do the following: 1.
Chapter 6. Exporting Storage Cluster Data Note: 1. When configuring Acronis Backup Gateway, you will need to provide the credentials of your administrator account in the Acronis backup software. 2. In cases when not local but external storage (e.g., NFS) is used with Acronis Backup Gateway, redundancy has to be provided by said external storage. Acronis Backup Gateway does not provide data redundancy or perform data deduplication itself. 6.4.
6.4. Connecting Acronis Backup Software to Storage Backends via Acronis Backup Gateway 6.4.2 Connecting to the Local Storage Cluster via Acronis Backup Gateway Before you proceed, make sure that the destination storage has enough space for backups. To set up Acronis Backup Gateway, do the following: 1. In the left menu, click SERVICES > Acronis Backup Gateway. 2. Select node(s) to run the gateway services on and click Create gateway in the right menu. 3.
Chapter 6. Exporting Storage Cluster Data 4. Make sure a network interface with the ABGW private role is selected in the drop-down list. The corresponding interfaces with the ABGW public role will be selected automatically. Click NEXT. Note: If necessary, click the cogwheel icon and assign the required role(s) to network interfaces on the Network Configuration screen.
6.4. Connecting Acronis Backup Software to Storage Backends via Acronis Backup Gateway 5. On the Volume Parameters tab, select the desired tier, failure domain, and data redundancy mode.
Chapter 6. Exporting Storage Cluster Data Note: 1. Redundancy by replication is not supported for Acronis Backup Gateway. 2. You can later change the erasure coding mode on the Acronis Backup Gateway > Parameters panel. 6. On the DNS Configuration tab, specify the external DNS name for this gateway, e.g, backupgateway.example.com.
6.4. Connecting Acronis Backup Software to Storage Backends via Acronis Backup Gateway outgoing Internet connections and incoming connections from your Acronis backup software. Backup agents will use this address and port to upload the backup data. Important: 1. Configure your DNS server according to the example suggested in the management panel.
Chapter 6. Exporting Storage Cluster Data 2. Each time you changes nodes in the Acronis Backup Gateway cluster, adjust the DNS settings accordingly. Click NEXT. 7. On the Registration pane, specify the following information for your Acronis product: • In Account Server Name, specify the address of the Acronis Backup Cloud management portal (e.g., https://cloud.acronis.com/) or the hostname/IP address and port of the Acronis Backup Advanced management server (e.g., http://192.168.1.2:9877).
6.4. Connecting Acronis Backup Software to Storage Backends via Acronis Backup Gateway 2. Select node(s) to run the gateway services on and click Create gateway in the right menu. 3. Select Network File System as storage type. 4. Make sure a network interface with the ABGW private role is selected in the drop-down list. The corresponding interfaces with the ABGW public role will be selected automatically. Click NEXT.
Chapter 6. Exporting Storage Cluster Data Note: If necessary, click the cogwheel icon and assign the required role(s) to network interfaces on the Network Configuration screen. 5. On the Volume Parameters tab, specify the hostname or IP address of the NFS share as well as the export name. Click NEXT.
6.4. Connecting Acronis Backup Software to Storage Backends via Acronis Backup Gateway 6. On the DNS Configuration tab, specify the external DNS name for this gateway, e.g, backupgateway.example.com. Make sure that each node running the gateway service has a port open for outgoing Internet connections and incoming connections from your Acronis backup software. Backup agents will use this address and port to upload the backup data.
Chapter 6. Exporting Storage Cluster Data Important: 1. Configure your DNS server according to the example suggested in the management panel. 2. Each time you changes nodes in the Acronis Backup Gateway cluster, adjust the DNS settings accordingly. Click NEXT. 7. On the Registration pane, specify the following information for your Acronis product: 8. Finally, click DONE. 6.4.
6.4. Connecting Acronis Backup Software to Storage Backends via Acronis Backup Gateway ensure the persistence and redundancy of local storage. You can deploy Acronis Backup Gateway on multiple cluster nodes and select a good redundancy mode. If Acronis Storage with the gateway is deployed on a single physical node, you can make the local storage redundant by replicating it among local disks.
Chapter 6. Exporting Storage Cluster Data 3. Select Public Cloud as storage type. 4. Make sure a network interface with the ABGW private role is selected in the drop-down list. The corresponding interfaces with the ABGW public role will be selected automatically. Click NEXT. Note: If necessary, click the cogwheel icon and assign the required role(s) to network interfaces on the Network Configuration screen.
6.4. Connecting Acronis Backup Software to Storage Backends via Acronis Backup Gateway 5. On the Public cloud parameters pane, do the following: 5.1. Select a public cloud provider. If your provider is S3-compatible but not in the list, try AuthV2 compatible. 5.2. Depending on the provider, specify Region, Authentication (keystone) URL, or Endpoint URL. 5.3. In case of Swift object storage, specify the authentication protocol version and attributes required by it. 5.4. Specify user credentials.
Chapter 6. Exporting Storage Cluster Data 6.4.5 Migrating Backups from Older Acronis Solutions By means of Acronis Backup Gateway, you can migrate backups from Acronis Storage 1.5 and Acronis Storage Gateway 1.6 and 1.7 to a storage backend of your choice: local storage cluster, external NFS, or public cloud. Important: 1. Before you proceed, make sure that the destination storage backend has enough space for both existing and new backups. 2.
6.4. Connecting Acronis Backup Software to Storage Backends via Acronis Backup Gateway Alternatively, if you do not want to use a DNS name, you need to wait for the migration to complete, shut down both the source and destination machines, and reconfigure your network so that the public interface of the destination machine gets the IP address of the source machine. The concrete steps that you need to perform in the management panel to initiate backup migration are described in the next subsections. 6.4.5.
Chapter 6. Exporting Storage Cluster Data 8. Choose a destination storage type to create a gateway to: • local Acronis Storage cluster, • external NFS, or • public cloud. 9. Make sure a network interface with the ABGW private role is selected in the drop-down list. The corresponding interfaces with the ABGW public role will be selected automatically. Click NEXT. Note: If necessary, click the cogwheel icon and assign the required role(s) to network interfaces on the Network Configuration screen.
6.4. Connecting Acronis Backup Software to Storage Backends via Acronis Backup Gateway 10. Configure the destination storage backend: • For a storage cluster, select the desired tier, failure domain, and redundancy mode. • For NFS, specify a hostname or IP address, an export name and path, and choose the NFS version.
Chapter 6. Exporting Storage Cluster Data (bucket, container). Important: You must update Acronis Backup Agents to version 12.0.4492 (Windows/Mac) or 12.0.4470 (Linux). Otherwise agents’ attempts to place backups in the new storage backend will result in “Backup failed” errors. Click NEXT. 11. Review the source and destination storages and click PROCEED. 12. On the next panel, follow the instructions to point the source storage DNS name to the IP addresses of your new Acronis Storage cluster.
6.4. Connecting Acronis Backup Software to Storage Backends via Acronis Backup Gateway Depending on data size, migration may take as long as several days. 6.4.5.2 Migrating Backups from Acronis Storage Gateway 1.6 and 1.7 (NFS) 1. Disable the firewall or explicitly open TCP port 44446 on the source Acronis Storage Gateway. • To disable the firewall, run # systemctl stop firewalld • To open TCP port 44446 in the firewall, do the following: 1.1.
Chapter 6. Exporting Storage Cluster Data # firewall-cmd --list-all-zones | grep active mix_eth0 (active) 1.2. Add the required port to the same zone: # firewall-cmd --zone=mix_eth0 --permanent --add-port=44446/tcp # firewall-cmd --reload 2. In the management panel of the ABGW node, proceed to SERVICES > Acronis Backup Gateway > Nodes, select node(s) to run the gateway services on, and click Migrate. 3. Select the source storage version and click NEXT. 4.
6.4. Connecting Acronis Backup Software to Storage Backends via Acronis Backup Gateway 2. Each time you change nodes in the Acronis Backup Gateway, adjust the DNS settings accordingly. 7. Choose a destination storage type to create a gateway to: • local Acronis Storage cluster, • external NFS, or • public cloud. 8. Make sure a network interface with the ABGW private role is selected in the drop-down list. The corresponding interfaces with the ABGW public role will be selected automatically. Click NEXT.
Chapter 6. Exporting Storage Cluster Data • For public cloud, select a public cloud provider, specify credentials, and the name of the folder (bucket, container). Important: You must update Acronis Backup Agents to version 12.0.4492 (Windows/Mac) or 12.0.4470 (Linux). Otherwise agents’ attempts to place backups in the new storage backend will result in “Backup failed” errors.
6.4. Connecting Acronis Backup Software to Storage Backends via Acronis Backup Gateway Click NEXT. 10. Review the source and destination storages and click START MIGRATION. Depending on data size, migration may take as long as several days. 6.4.6 Monitoring Acronis Backup Gateway After you create an Acronis Backup Gateway, you can monitor it on the SERVICES > Acronis Backup Gateway > OVERVIEW screen.
Chapter 6. Exporting Storage Cluster Data • how many files are left in migration queue. If you migrate backups from Acronis Storage 1.5 or 1.7, migration backlog will be larger than the amount of data on the source storage. The reason is that Acronis Storage versions prior to 2.x use the old backup (FES) protocol that sends more data over network. The difference between source data size and backlog also very much depends on the retention policy utilized by the backup solution.
6.4. Connecting Acronis Backup Software to Storage Backends via Acronis Backup Gateway 6.4.7 Releasing Nodes from Acronis Backup Gateway Acronis Backup Gateway is meant to provide access to one specific storage backend. If you need to switch the backend, e.g., from a public cloud to a local Acronis Storage cluster or one public cloud bucket to another, you need to delete the Acronis Backup Gateway by releasing all its nodes and create a new one.
Chapter 6. Exporting Storage Cluster Data 3. Specify the credentials of your administrator account in your Acronis backup software and click NEXT. In case the release is forced, simply click NEXT.
