Transcription
SOLUTION GUIDERiverbed Whitewater Cloud Storage ApplianceSolution Guide for Bacula Version 3.1November 2013
RIVERBED WHITEWATER SOLUTION GUIDE 2013 Riverbed Technology. All rights reserved.Riverbed , Cloud Steelhead , Granite , Interceptor , RiOS , Steelhead , Think Fast , Virtual Steelhead , Whitewater , Mazu , Cascade , Shark , AirPcap , BlockStream ,SkipWare , TurboCap , WinPcap , Wireshark , TrafficScript , FlyScript , WWOS , and Stingray are trademarks or registered trademarks of Riverbed Technology, Inc. in theUnited States and other countries. Riverbed and any Riverbed product or service name or logo used herein are trademarks of Ri verbed Technology. All other trademarks used hereinbelong to their respective owners. The trademarks and logos displayed herein cannot be used without the prior written consent of Riverbed Technology or their respective owners.Akamai and the Akamai wave logo are registered trademarks of Akamai Technologies, Inc. SureRoute is a service mark of Akamai. Apple and Mac are registered trademarks of Apple,Incorporated in the United States and in other countries. Cisco is a registered trademark of Cisco Systems, Inc. and its affi liates in the United States and in other countries. EMC,Symmetrix, and SRDF are registered trademarks of EMC Corporation and its affiliates in the United States and in other countries. IBM, iSeries, and AS/400 are registered trademarks ofIBM Corporation and its affiliates in the United States and in other countries. Linux is a trademark of Linus Torvalds in the United States and in other countries. Microsoft, Windows, Vista,Outlook, and Internet Explorer are trademarks or registered trademarks of Microsoft Corporation in the United Sta tes and in other countries. Oracle and JInitiator are trademarks orregistered trademarks of Oracle Corporation in the United States and in other countries. UNIX is a registered trademark in the United States and in other countries, exclusively licensedthrough X/Open Company, Ltd. VMware, ESX, ESXi are trademarks or registered trademarks of VMware, Incorporated in the United States and in other countries.This product includes software developed by the University of California, Berkeley (and its contributo rs), EMC, and Comtech AHA Corporation. This product is derived from the RSA DataSecurity, Inc. MD5 Message-Digest Algorithm.NetApp Manageability Software Development Kit (NM SDK), including any third-party software available for review with such SDK which can be found athttp://communities.netapp.com/docs/DOC-1152, and are included in a NOTICES file included within the downloaded files.For a list of open source software (including libraries) used in the development of this software along with associated copyright and license agreements, see the Riverbed Support site athttps//support.riverbed.com.This documentation is furnished “AS IS” and is subject to change without notice and should not be construed as a commitment b y Riverbed Technology. This documentation may not becopied, modified or distributed without the express authorization of Riverbed Technology and may be used only in connection with Riverbed products and services. Use, duplication,reproduction, release, modification, disclosure or transfer of this documentation is restricted in accordance with the Federal Acquisition Regulations as applied to civilian agencies and theDefense Federal Acquisition Regulation Supplement as applied to military agencies. This documentation qualifies as “commercial computer software documentation” and any use by thegovernment shall be governed solely by these terms. All other use is prohibited. Riverbed Technology assumes no responsibility or liability for any errors or inaccuracies that may appearin this documentation. 2013 Riverbed Technology. All rights reserved.1
RIVERBED WHITEWATER SOLUTION GUIDETABLE OF CONTENTSExecutive Summary .3Bacula Architecture Overview .3Whitewater Appliance Overview .4Deploying Whitewater appliances with Bacula .4Bacula, Whitewater Appliance, and Cloud Storage Configuration Example .4Pre-deployment Checklist .5Cloud Storage Provider Required Tasks .5Amazon S3 and Glacier .5AT&T Synaptic Storage as a Service.5Google Cloud .5HP Cloud Services .6Microsoft Windows Azure .6Rackspace Cloud Files .6OpenStack Object Storage (Swift).6Configuring the Whitewater Appliance .7Configuring the Whitewater Management Interface.7Connecting to the Whitewater Management Console GUI .8Configuring Whitewater appliance Licenses .8Configuring Whitewater Data Interfaces .9Configuring Cloud Settings .10Configuring NFS .12Configuring Bacula .13Bacula Management Console Overview.13Adding a Whitewater Appliance to Bacula Tasks .13Create a Storage Device .14Create an Autochanger Device (Optional).16Create a Storage Resource.17Associate a Bacula Job to the Newly Created Storage Resource .19Testing Bacula with a Whitewater Appliance .21Backup to a Whitewater Appliance Using Bacula .21Monitoring a Job.21Restore from Bacula using a Whitewater Appliance .22Appendix A. Whitewater Appliance Best Practices for Bacula .23Appendix B. Whitewater Best Practices for Solaris Operating Systems .25Appendix C. Whitewater Best Practices for Windows 2008 Operating Systems.25Conclusion .26About Riverbed .26 2013 Riverbed Technology. All rights reserved.2
RIVERBED WHITEWATER SOLUTION GUIDEExecutive SummaryThis paper outlines the ease of use and deployment of a Riverbed Whitewater cloud storage appliance (Whitewater Appliance)with Bacula Enterprise Edition. Whitewater appliances provides a simple, efficient way to offsite data to cloud storage providerspowered by Amazon S3 and Glacier, AT&T Synaptic Storage as a Service, HP Cloud Services, Google Cloud, Microsoft Windows Azure cloud storage, Rackspace Cloud Files, and general instances of EMC Atmos and OpenStack (Swift) ObjectStorage. Whitewater appliances simply act as a storage device within a backup infrastructure managed by Bacula, enablingorganizations to eliminate their reliance on tape infrastructure and all of its associated capital and operational costs, whileimproving backup windows and disaster recovery capabilities.It is simple to set up the Whitewater appliance and start moving data to the cloud in a few hours, compared to setting up tape orother disk replication infrastructures which can take days. Leveraging Riverbed’s industry leading deduplication, compression andWAN optimization technologies, Whitewater appliances shrink data set sizes by 10 to 30x substantially reducing cloud storagecosts, accelerating data transfers and storing more data within the local cache, speeding recovery.Security is provided by encrypting data on-site, in-flight, as well as in the cloud using 256-bit AES encryption and SSL v3.Whitewater appliance provides a dual layer of encryption that ensures that any data moved into the cloud is not compromised,and it creates a complete end-to-end security solution for cloud storage.Since a Whitewater appliance is an asymmetric, stateless appliance, no hardware is needed in the cloud and you can recover thelast known good state of a broken or destroyed Whitewater appliance to a new Whitewater appliance. Whitewater appliancesprovide flexibility to scale cloud storage as the business requirements change. All capital expenditure planning required with tapeand disk replication based solutions is avoided, saving organizations 30-50%.Bacula Architecture OverviewBacula is an open source, certified enterprise-class scalable network backup solution that serves as a realistic alternative toproprietary offerings. Utilizing a similar client/server relationship model to other backup software, Bacula can serve as an effectivefree alternative to much costlier backup solutions, providing rich features, centralized management, and deep content policycapabilities for protecting distributed systems. Developed around the Linux operating system, Bacula is comprised of the Director,File, Storage, and Console services that configure, protect, store, and manage data protected in a Bacula environment.Diagram 1 Typical Bacula Services View 2013 Riverbed Technology. All rights reserved.3
RIVERBED WHITEWATER SOLUTION GUIDEWhitewater Appliance OverviewFigure 1 Whitewater ApplianceWhitewater appliances are optimized and purpose built for data protection. Whitewater appliances easily integrate into yourexisting backup infrastructure and favorite cloud storage provider. Set up and installation are easy because backup applicationsallow you to add a Whitewater appliance as a common target within its existing infrastructure. The backup server connects to theWhitewater appliance using standard CIFS or NFS protocols. When you backup to a Whitewater device, it performs inline,variable segment length deduplication of the backup data to minimize storage consumption and transmission times. Whitewaterappliances also use their local disk cache for fast recovery of recent backups, providing LAN performance for the most likelyrestores. The Whitewater appliance then writes the deduplicated backup data to cloud storage, and also accelerates restores fromthe cloud by moving only needed segments of deduplicated data over the WAN. An easy to use graphical management consoleenables you to manage one or more Whitewater appliances through a web browser interface.Deploying Whitewater appliances with BaculaBacula with Whitewater appliances provides you with a flexible, easy-to-configure and use solution that can be deployed withmajor cloud storage providers. The sections below provide example configurations and setup steps needed to begin usingWhitewater appliances. For further information about performance tuning backup applications with Whitewater appliances, referto the Whitewater Best Practices Guide for Backup Applications.Bacula, Whitewater Appliance, and Cloud Storage Configuration ExampleDiagram 2 Logical Architecture View 2013 Riverbed Technology. All rights reserved.4
RIVERBED WHITEWATER SOLUTION GUIDEPre-deployment Checklist1. You will need at least one server that can act as the Bacula server. This server requires an installation of MySQL, PostgreSQL,or SQLite. Please refer to Bacula documentation for further specifics regarding prerequisites.2. Obtain server systems and related Linux operating software media supported by Bacula and Whitewater appliance.3. A physical Whitewater appliance or Riverbed Whitewater cloud storage appliance Virtual Edition (Virtual Whitewater) needs tobe online and connected to the physical network infrastructure.4. You must procure and setup all necessary software licenses from each vendor, including Riverbed, using vendor-specificguidelines.5. Physical stacking and racking of equipment at each site. All cabling and power must be operational.6. Verify that all LAN and WAN connections are functioning to and from Internet and cloud storage provider(s).Cloud Storage Provider Required TasksAmazon S3 and GlacierTo sign up for Amazon S3 and Glacier:1. Go to http://aws.amazon.com/ and click the link Sign Up.2. Follow the on-screen instructions.3. AWS will notify you by e-mail when your account is active and available for you to use.4. Login and get authentication information by selecting your account name from the top menu, and selecting the link SecurityCredentials.5. Make sure that you record the following information: Access Key - Specify the access key (similar to the user name) for your Amazon S3 (AWS) account. Secret Key - Specify the secret key (password) for your Amazon S3 provider account.AT&T Synaptic Storage as a ServiceTo sign up for AT&T Synaptic Storage as a Service:1. Go to the following website and click the link Order oductdetail/Storage as a Service.htm2. Follow the on-screen instructions.3. Receive the confirmation email and login to the AT&T Synaptic Storage as a Service website.4. Record the following information: Tenant ID - Specify the tenant ID that AT&T Synaptic Storage as a Service uses to authenticate each request. UID - Specify the application ID (also known as UID) used to authenticate each request. Shared Secret - Specify the shared secret that AT&T Synaptic Storage as a Service uses to authenticate each request.Google CloudTo sign up for Google Cloud:1. Go to https://cloud.google.com/ and click the link Try It Now.2. Follow the on-screen instructions.3. Perform account confirmation via phone or text message and login.4. Create a new Project using the Create Project link. Provide a Project Name and Project ID.5. Select Cloud Storage, and click the Enable button to activate cloud storage services.6. Under API Access generate a client ID using the Create a Client ID link.7. Record the following information from the created project to enter into the Whitewater GUI: Project ID – Provide the numeric value of the project created in Google Cloud. Client ID – Provide the cloud storage client ID for the user that is associated with the project ID above. Private Key – Provide the private key associated with the above client ID. 2013 Riverbed Technology. All rights reserved.5
RIVERBED WHITEWATER SOLUTION GUIDEHP Cloud ServicesTo sign up for HP Cloud Services:1. Go to https://console.hpcloud.com/signup2. Follow the on-screen instructions.3. HP Cloud Services will notify you by e-mail when your account is active and available for you to use.4. Login to HP Cloud Services and activate an availability zone.5. Create an object container. From the HP Cloud Services console select the ‘Browse Containers’ button from the ManagementConsole and on the next screen, enter a ‘New Container Name’ in the field provided and select the ‘Create’ button.6. Make sure that you record the following information: Tenant ID – Specify the endpoint account to use with HP Cloud Services Access Key - Specify the access key for your HP Cloud Services account. Secret Key - Specify the secret key for your HP Cloud Services account. Container Name – Specify the target storage folder name for backup objectsMicrosoft Windows AzureTo sign up for Microsoft Windows Azure:1. Go to http://www.microsoft.com/windowsazure/free-trial/ and click the link Free Trial.2. Follow the on-screen instructions.3. Perform account confirmation via phone or text message.4. Login to the Azure portal https://windows.azure.com/Default.aspx and create a new Storage Account under Hosted Services,Storage Accounts & CDN.5. Record the following information from the created storage account to enter into the Whitewater GUI: Storage Account – Provide the name of the storage account created in Azure. Primary/Secondary Key – Provide either the primary or secondary access key from the storage account created.Rackspace Cloud FilesTo sign up for Rackspace Cloud Files:1. Go to https://signup.rackspacecloud.com/signup and sign up for a cloud account.2. Once account registration is complete, login to the Rackspace portal:US: K: jsp3. Access Your Account API Access, and record the following information to enter into the Whitewater GUI: Access Key – Provide the API key used to access the cloud account. Username – Provide the user name associated with the account.OpenStack Object Storage (Swift)Please refer to OpenStack documentation (http://docs.openstack.org/) for information about deploying an OpenStack ObjectStorage cluster for use with Whitewater appliances. You should have the following information ready to enter into the WhitewaterGUI: Host Name – Hostname or IP address of the OpenStack Object Storage Proxy server Port – Port on which the OpenStack Object Storage Proxy server listens to Username – Specify the username that is used to authenticate each request. Password – Specify the password that is used to authenticate each request. 2013 Riverbed Technology. All rights reserved.6
RIVERBED WHITEWATER SOLUTION GUIDEConfiguring the Whitewater ApplianceThe following procedures are basic configurations. The Whitewater Installation Guide and Whitewater User’s Guide providefull details for requirements and installation of the Whitewater appliance. The configuration is broken down into the followingactivities: Configuring the Whitewater Management Interface Connecting to the Whitewater Management Console Configuring Whitewater appliance Licenses Configuring Whitewater Data Interfaces Configuring Cloud Settings Configuring a CIFS ShareConfiguring the Whitewater Management InterfaceAfter you install and start the Whitewater appliance, connect to the Whitewater CLI to configure the management interface:1. If you are using a Virtual Whitewater, connect directly to the console session using the VMware vSphere client and skip to step3. If you are using a physical Whitewater appliance, plug the serial cable into the console port and a terminal.2. Start your terminal emulation program, such as Tera Term Pro. The terminal device must have the following settings:Baud rate: 9600 bpsData bits: 8Parity: noneStop bits: 1vt100 emulationNo flow controlNote: If you are using Whitewater with a terminal server, the terminal server must use hardware flow control for the port connectedto Whitewater.3. Log in as an administrator user (admin) and enter the default password (password):login as: adminpassword: password4. The configuration wizard automatically starts after you have entered the login and default password. Enter yes at the systemprompt to begin the configuration wizard. For example:Do you want to use the configuration wizard for initial configuration? yes5. Complete the configuration wizard steps on the client side and server side:WizardPromptDescription ExampleStep 1: Host name?Enter the host name for Whitewater.Step 1: Hostname? AmnesiacStep 2: Use DHCP on theprimary interface?You are given the option to enable the DHCP to automatically assign an IP address tothe primary interface for Whitewater. Riverbed recommends that you do not set DHCP.The default value is no.Step 2: Use DHCP? noStep 3: Primary IP address?Enter the IP address for Whitewater.Step 3: Primary IP address? 10.10.10.6Step 4: Netmask?Enter the netmask address.Step 4: Netmask? 255.255.0.0Step 5: Default gateway?Enter the default gateway for Whitewater.Step 5: Default gateway? 10.0.0.1Step 6: Primary DNS server?Enter the primary DNS server IP address. You must specify the primary DNS serverfor cloud provider name resolution. If you do not specify a valid DNS server, thesystem will not start.Step 6: Primary DNS server? 10.0.0.2Step 7: Domain name?Enter the domain name for the network where Whitewater is to reside. If you set adomain name, you can enter host names in the system without the domain name.Step 7: Domain name? example.comStep 8: Admin password?Riverbed strongly recommends that you change the default administrator password(password) at this time. The new password must be a minimum of 6 characters.Step 8: Admin password? xxxyyy6. To log out of the system, enter the following command at the system prompt:amnesiac exit 2013 Riverbed Technology. All rights reserved.7
RIVERBED WHITEWATER SOLUTION GUIDEConnecting to the Whitewater Management Console GUIAfter you configure Whitewater, you can verify and modify your configuration settings and view performance reports and systemlogs in the Whitewater Management Console. You can connect to the Whitewater Management Console through any supportedWeb browser. To connect to the Whitewater Management Console you must know the host, domain, and administrator passwordthat you assigned in the configuration wizard. Note: Cookies and JavaScript must be enabled in your Web browser.To connect to the Whitewater Management Console:1. Enter the URL for the Whitewater Management Console in the location box of your web browser:protocol://host.domain– protocol is either http or https. https uses the SSL protocol to ensure a secure environment. If you use https to connect, thesystem prompts you to inspect and verify the SSL key.– host is the host name you assigned to Whitewater appliance during initial configuration. If your DNS server maps that IP addressto a name, you can specify the DNS name.– domain is the full domain name for the Whitewater appliance.Note: You can specify the IP address instead of the host and domain.2. The Whitewater Management Console appears, displaying the login page as shown in Figure 2.Figure 2 Riverbed Whitewater Management Console-In the Username text box, type the user login: admin or monitor. The default login is admin. Users with administrator (admin)privileges can configure and administer Whitewater. Users with monitor (monitor) privileges can view connected Whitewaters,reports, and system logs.-In the Password text box, type the password that you assigned in the configuration wizard. By default the password is password.-Click Log In to display the Home page. The Home page summarizes the current status of your system.Configuring Whitewater appliance LicensesYou can add or remove a license in the Configure Maintenance Licenses page. You install a license on a Whitewaterappliance after receiving it from Riverbed Technical Support or Sales. To add or remove a license:1. Choose Configure Maintenance Licenses to display the Licenses page, as shown in Figure 3. 2013 Riverbed Technology. All rights reserved.8
RIVERBED WHITEWATER SOLUTION GUIDEFigure 3 Whitewater appliance Licenses Page2. Complete the configuration as described in the following table.ControlDescriptionAdd a New LicenseDisplays the controls (licenses text box) to add a new license.Remove SelectedDisplays the controls to remove a license. Select the license you wish to delete and click Remove Selected to delete it.Licenses Text BoxCopy and paste the license key provided by Riverbed Technical Support orSales into the text box. Tip: Separate multiple license keys with a space, Tab, or Enter.AddAdds the license.3. Click Save to save your settings permanently.Configuring Whitewater Data InterfacesYou can view and modify settings for the data interfaces in the Configure Networking Data Interfaces page. To display andmodify the configuration for data interfaces:1. Choose Configure Networking Data Interfaces to display the Data Interfaces page, as shown in Figure 4.Figure 4 Whitewater Data Interface Page2. Under Data Network Interfaces, complete the configuration as described in the following table.ControlDescriptionNetwork InterfaceDisplays the controls to add a network interface. Click the magnifying glass icon next to an interface to display the controls to configure theinterface. Riverbed recommends that you use the network interfaces for backup and LAN traffic.IP ConfigurationDisplays the IP address of the network interface. 2013 Riverbed Technology. All rights reserved.9
RIVERBED WHITEWATER SOLUTION GUIDEEnable Data InterfaceCheck this check box to enable the data interface and specify the following settings: IPv4 Address - Specify an IP address. IPv4 Subnet Mask - Specify a subnet mask. Data Gateway IP - Specify the data gateway IP address. The data gateway must be in the same network as the data interface. MTU - Specify the MTU value. The MTU is the largest physical packet size, measured in bytes, that a network can send. The defaultvalue is 1500.3. Under Routing Table for network interface (for example, Routing Table for eth0 0), configure static routing in the routingtable if your device management network requires static routes. You can add or remove routes as described in following table.Click Apply to apply your changes to the running configuration, and click Save to save your changes permanently.ControlDescriptionAdd a New RouteDisplays the controls for adding a new route.DestinationSpecify the destination IP address for the gateway.Subnet MaskSpecify the subnet mask.GatewaySpecify the IP address for the gateway. The gateway must be in the same network as the network interface you are configuring.AddAdds the route to the table list.Remove SelectedCheck the check box next to the name and click Remove Selected.Configuring Cloud SettingsYou can specify cloud settings, replication scheduling, and bandwidth limit settings in the Configure Stor
Whitewater appliance provides a dual layer of encryption that ensures that any data moved into the cloud is not compromised, and it creates a complete end-to-end security solution for cloud storage. Since a Whitewater appliance is an asymmetric, stateless appliance, no hardware is needed in the cloud and you can recover the
