Source:Backup to Azure Storage/de: Difference between revisions

From SEPsesam
Line 52: Line 52:
# [[5_0_0:Backup_to_Azure_Storage#key|Anzeigen und Kopieren des Zugriffsschlüssel für den Azure Storage Account]]
# [[5_0_0:Backup_to_Azure_Storage#key|Anzeigen und Kopieren des Zugriffsschlüssel für den Azure Storage Account]]
# [[5_0_0:Backup_to_Azure_Storage#user|Erstellen eines neuen Sicherungsbenutzers auf dem SEP sesam Server]]
# [[5_0_0:Backup_to_Azure_Storage#user|Erstellen eines neuen Sicherungsbenutzers auf dem SEP sesam Server]]
# [[5_0_0:Backup_to_Azure_Storage#Si3-NG|Configure Si3 NG deduplication store]]  
# [[5_0_0:Backup_to_Azure_Storage#Si3-NG|Konfigurieren eines Si3 NG Deduplication Store]]  
# [[5_0_0:Backup_to_Azure_Storage#media_pool|Configure media pools]]  
# [[5_0_0:Backup_to_Azure_Storage#media_pool|Configure media pools]]  
# [[5_0_0:Backup_to_Azure_Storage#bck|Configure backups]]
# [[5_0_0:Backup_to_Azure_Storage#bck|Configure backups]]

Revision as of 12:11, 10 August 2022

Other languages:

Copyright © SEP AG 1999-2024. Alle Rechte vorbehalten.

Jede Form der Reproduktion der Inhalte dieses Benutzerhandbuches, ganz oder in Teilen, ist nur mit der ausdrücklichen schriftlichen Erlaubnis der SEP AG gestattet. Bei der Erstellung dieses Benutzerhandbuches wurde mit größtmöglicher Sorgfalt gearbeitet, um korrekte und fehlerfreie Informationen bereit stellen zu können. Trotzdem kann die SEP AG keine Gewähr für die Richtigkeit der Inhalte dieses Benutzerhandbuches übernehmen.

Draft.png WORK IN PROGRESS
This article is in the initial stage and may be updated, replaced or deleted at any time. It is inappropriate to use this document as reference material as it is a work in progress and should be treated as such.


Docs latest icon.png Willkommen in der aktuellsten Version der SEP sesam Dokumentation 5.0.0 Jaglion. Frühere Versionen der Dokumentation finden Sie hier: Dokumentation Archiv.


Überblick

SEP sesam V. 5.0.0 Jaglion hat eine neue Generation Si3 Datenspeicher eingeführt: Si3 NG. Er ermöglicht es Ihnen, Ihre Daten direkt auf Azure Blob Storage zu sichern und die gewünschten Elemente direkt von dort rückzusichern. Nach einer anfänglichen Vollsicherung Ihrer virtuellen und physischen Umgebung können Sie jede Sicherungsmethode (einschließlich differenzieller und inkrementeller Sicherungen) verwenden, um nur neue Daten im Blob Storage zu sichern.

Leistungsstarke Rücksicherung

Der neue Si3 NG kann doppelte Datenfragmente erkennen, um den Rücksicherungsprozess zu optimieren. Verwenden Sie den Web Rücksicherungsassistenten oder den GUI Rücksicherungsdialog, um Ihre Daten aus Sicherungen sofort rückzusichern. Die Rücksicherung einer einzelnen Datei ist einfach, da Sie die Suchfunktion nutzen können, um die gewünschte Sicherung zu finden und den Rücksicherungsprozess aufs Original oder an einem anderen Ort zu starten.

Si3 NG nutzt Azure Blob Storage auf die gleiche Weise wie lokalen Speicher, so dass Sie Ihren Azure Blob Storage nutzen können, um Ihre Geschäftsdaten jederzeit und überall sicher zu speichern und abzurufen.

Mehrere Medienpools

Mit Si3 NG können Sie mehrere Medienpools erstellen, um Skalierbarkeit und Granularität der Sicherungsaufträge zu gewährleisten. Sie können separate Medienpools erstellen, z.B. für tägliche differenzielle und inkrementelle und wöchentliche Vollsicherungsaufträge oder für Migration und Replikation, und Sie können für jeden Medienpool eine andere Aufbewahrungszeit festlegen.

Konfiguration eines Si3 NG Azure Blob Speichers

SEP sesam ermöglicht es Ihnen, Ihre Daten direkt auf Azure zu sichern, indem Sie den Si3 NG Deduplication Store verwenden. Das hier beschriebene Verfahren enthält nur die grundlegenden Schritte. Details zu Azure Blob Storage, dem Konto und der Konfiguration finden Sie im Microsoft Artikel Storage account overview.

  1. Erstellen eines Microsoft Azure Storage Accounts
  2. Erstellen eines Container
  3. Anzeigen und Kopieren des Zugriffsschlüssel für den Azure Storage Account
  4. Erstellen eines neuen Sicherungsbenutzers auf dem SEP sesam Server
  5. Konfigurieren eines Si3 NG Deduplication Store
  6. Configure media pools
  7. Configure backups

Create a Microsoft Azure storage account

You will need an active Microsoft Azure account for the following procedure. Log in to your account in the Azure portal.

  1. Search for and click the Storage accounts option.
  2. Select Create to add an account.
    • Select the subscription for this account.
    • Create or select an existing Resource Group where you want to create this storage account. The resource group is used to organize and manage all your resources.
    • Enter a unique name for your new storage account.
    • Select a location for the storage account. This is the location for your server based on your geographical location.
    • Leave the Performance type default option Standard selected.
    • For Account kind select StorageV2 (general-purpose v2) or BlobStorage, depending on your needs.
    • Select the replication level. The default Locally Redundant Storage (LRS) is more affordable than Geo-redundant storage (GRS), which is appropriate for storing business-critical data that has to be accessible at all times. This choice can significantly increase the overall cost of your account.
    • Select the Access tier for SEP sesam backup. It is recommended to leave the default setting Hot.
  3. Use the Advanced tab to configure or modify additional options for your account, the Networking tab to configure network connectivity and routing settings, and the Data protection tab to configure data protection options for blob data in your storage account. Also available are the Encryption and Tags tab. Most of these options can be configured later once the storage account has been created.
  4. Now navigate to the Review + Create tab to review the settings. When satisfied, click Create.

For a more detailed overview of each step, see the Microsoft article Create a storage account.

Create a container

In the Azure portal, create or associate a container with your storage account. For details, see the Microsoft article Create a container.

  • Follow the naming convention and choose a meaningful name for the container.
  • Choose the level of public access to the container. It is recommended to leave the default level Private (no anonymous access).
  • Create containers to be used exclusively with SEP sesam. It is not recommended to use one container for multiple cloud storage devices.

View and copy Azure storage account access keys

Azure automatically generates two storage account access keys (primary and secondary) for the account you create. These keys are used to authorize access to data. These login account details are required for creating an Si3 NG data store for Azure.

  1. In the Azure portal, navigate to the Access keys item under Settings.
  2. Copy the Storage account name and one of the two access keys. You will need these along with the container name in the next step.

Create a new backup user on the SEP sesam Server

  1. Create the user with the Azure storage account name and credentials on the backup server.
  2. Log in as an administrator with the user type superuser and add the newly created user to the Administrators group. For details, see Configuring Database-Based Authentication.
Information sign.png Anmerkung
The Azure credentials are stored encrypted in the ini file.

Configure the Si3 NG deduplication store

  1. In the Main selection -> Components, click Data Stores to display the data store contents frame.
  2. From the Data Stores menu, select New Data Store. A New Data Store dialog appears.
  3. Under Data store properties, enter a meaningful name for the Si3 NG deduplication store in the Name field, e.g., Si3-NG_Azure. Entering the name also creates the name of the drive group for your Si3 deduplication store in the Create new drive group field.
  4. From the Store type drop-down list, select SEP Si3 NG Deduplication Store.
  5. Under Drive parameter, leave the options Create drive and Create second drive checked. The predefined value for the drive is automatically entered in the Drive number field.
  6. By using the additional dedicated drive for restore, you can perform a backup on the first drive and restore your data from the second drive simultaneously. You can also add a third drive for migration. (For details, see Drive access mode.)
  7. The name in Create new drive group is already created. You can change it by simply entering a new name.
  8. The predefined number of channels is already available in the Max. channels drop-down list. The number of available channels depends on your SEP sesam Server package. For details on licensing, see Licensing.
  9. From the Device server drop-down list, select the device server for your data store.
  10. In the Path field, enter the location or use the Browse button to select a directory on the local disk (as for local storage). This directory is only used to store metadata and temporary files for intermediate storage until the data is uploaded to Azure Blob storage. Ensure that there is sufficient disk-space available for this local storage, e.g., for 50 TiB in Azure or more, make sure it has 20 GiB free space. Click OK.
    If you use the Browse button, the New Data Store information window appears with predefined recommended values for the size of your Si3 NG deduplication store, based on the size of the previously selected local disk (Path).
    Important: Change these values manually under the Size properties, depending on how much storage space you want to use on Azure.
    • Capacity: Set the size (in GiB) of storage for backups. The minimum accepted capacity is 5 GiB.
    • High watermark: The HWM defines the upper value for the used storage space. When this value is reached, the status of a datastore changes from OK to Warning, but backups are still performed. Make sure that you provide enough storage space for your backed up data.

    Click OK. You can also change the size of your Si3 NG deduplication store later under Size properties (see Size properties).

    SEP Warning.png Achtung
    Since Azure Blob storage offers unlimited scalability and there is no official limit on the amount of data and number of objects you can store, you should set the capacity of Si3 NG on Azure according to your needs. Knowing how much capacity you need will help you optimize the cost of your cloud services.
  11. Si3-ng-azure-new-DS.jpg
  12. Switch to the Storage Backend tab and select Storage type: Microsoft Azure Storage or compatible. Then click New to create a new credential set for Azure. You will need to enter your previously configured credentials, see section View and copy Azure storage account access keys above.
    • Storage domain: enter the name of your Blob storage for your storage account; the default endpoint is https://<mystorageaccount>.blob.core.windows.net. If you have mapped a custom domain to the blob endpoint, enter your custom domain.
      • If you check the Use HTTP checkbox, HTTP will be allowed to be used. This can be useful if there are problems with the SSL/TLS certificate and HTTPS does not work. However, it is not recommended to use this option if you are working with confidential data.
    • Credential set: give your credential set a name.
    • In the Account name field, type the Microsoft Azure storage account name.
    • In the Access key field, type the Microsoft Azure storage account access key. You can enter either the primary or secondary access key.
    • In the Verify access key field, type the Microsoft Azure storage account access key again.
    • In the Blob container field, enter the name of your blob container.
    Si3-ng-azure storage backend-DS.jpg
  13. If you want to create a media pool for your Si3 deduplication store immediately, click Create Media Pool. Otherwise, click OK to configure your Si3 deduplication store.

Configuring media pools for Si3 NG

  1. From Main Selection -> Media Pools, click New Media Pool. The New Media Pool window is displayed.
  2. In the Media Pool window, specify the required fields:
  3. File:Si3-NG-media pool-Azure.jpg.jpg
    • Name: Enter a name for a media pool.
    • Description: Optionally, add a description of the pool.
    • Drive group: From the drop-down list of all available drive groups, select the relevant drive group to which a media pool will be attached. For details on drive groups, see Drives.
    • Retention time [days]: Specify the retention time for the media pool. The retention period begins with the date a saveset is written to the media (at the end time of the first backup) and thus defines the expiry date of the saveset - EOL. When the protection (EOL) expires, SEP sesam can use the media for backups again. For details, see What is retention time and EOL.

You can repeat the procedure and create more media pools for Si3 NG according to your needs.

Configure backup

After configuring an Si3 NG Azure deduplication store and one or more media pools, proceed as follows:

  1. Create a backup task to back up to Azure.
  2. Configure a schedule as described in Creating a Schedule.

Once you have configured a task and schedule, create a backup event as follows.

Create a backup event

By creating a backup event, you select the backup level, set the event priority, and specify where to back up your data. You can create an event for a specific task or for a task group. The latter enables you to trigger all tasks in the task group with a single event.

  1. From Main Selection -> Scheduling -> Schedules, right-click the schedule you created earlier and click New Backup Event.
  2. Under the Sequence control, set the Priority of your backup event. SEPuler always executes the schedules with the highest priority first. The default priority level is 1, which is the lowest priority (the highest priority is 99). The only exception are schedules with priority 0, which override all other priorities and are always executed. For details, see Setting Event Priorities. You can also enable the Blocking date. This option should be used together with the high priority for special events. When this option is enabled, events of the same type but with lower priority are blocked, so the backup is executed even if other backups are scheduled for the same time.
  3. Under Object, select the task (or task group) you configured earlier and with which you want to link this event.
  4. Under Parameter, specify the Backup level.
  5. From the Media pool drop-down list, select the media pool you created for the Si3 NG deduplication store. The data is backed up to this pool. You can also activate the option SEP Si3 source-side deduplication, as described in Si3 source deduplication.
    • Optionally, specify the drive number of the drive to be used to write the data. Typically, you use this option if you have configured additional drives and want to assign a specific drive exclusively for backup.
  6. In the Follow up field, you can configure events (e.g., migration) that are triggered on the SEP sesam Server as soon as the first event (e.g., backup) is completed. For details, see Follow-up events.
  7. SEP Tip.png Hinweis
    You can set a follow-up migration task by selecting the previously configured migration task from the Migration task drop-down list.

Monitoring backups

You can view the status of your backup jobs in the GUI (Monitoring -> Last Backup State or Job State -> Backups) or SEP sesam Web UI. The backup status overview provides detailed information about the last run of backup jobs, including the task name, start and stop time of the last backup, backup level, data size, throughput, assigned media pool, etc.

Purging data on Azure storage

Data purging is the process of permanently deleting obsolete (EOL-free) savesets from data stores. It works in the same way in the Azure cloud. Purge is automatically triggered and performed until all EOL-free savesets are deleted.

Automatically purging data

Strategies for data purging are based on the nature of your business, as well as regulatory, legal and other requirements, and implemented with a defined data retention period. This is the period of time for which backup data is protected after it is written to the media, so that savesets are preserved and available for restore. It is based on the media pool retention time you set when you created a media pool. SEP sesam provides automatic EOL (retention) management to ensure recoverability of the entire backup chain and protect against data loss, based on backup chain dependencies. For more details, see What are backup chain dependencies.

When protection (EOL) expires, purging is done automatically and SEP sesam can use the media for backups again. For more details, see What happens when retention expires.

Events that trigger the data store purge are:

  • NEWDAY
  • Manual start of the purge in the GUI
Manually purging data
  • You can manually adjust the EOL of your data or expire a saveset or backup. For details, see Changing Retention (EOL).
  • You can start the data store purge process in the GUI: Main Selection window -> Components -> Data Stores content pane -> option Purge. Running the purge manually deletes the obsolete (EOL-free) savesets.
  • Another way to free up storage space is to remove orphaned savesets from the data stores by using the Clean up option: Main Selection window -> Components -> Data Stores content pane -> option Clean up. This is useful if a data store seems to be inaccessible, its space is occupied, or SEP sesam space check shows non-sesam data.