Add Dell ECS backup location
Portworx Backup allows you to add Dell EMC ECS (Elastic Cloud Storage) S3 compatible object locked bucket as a backup location.
Before you add:
-
Create an S3 object locked bucket with versioning enabled in AWS CLI
-
Add AWS cloud account credentials in Portworx Backup web console.
Following topics guide you to achieve this task:
Create an S3 object lock bucket in Dell EMC ECS
-
Install AWS CLI installed on client machine and then export key/secret with the following commands:
export AWS_ACCESS_KEY_ID="<access-key-id>"
export AWS_SECRET_ACCESS_KEY="<secret-access-key>"
You need this data to add AWS cloud account later in Portworx Backup web console.
-
Create an S3 bucket:
aws s3api create-bucket --bucket <bucket-name> --create-bucket-configuration LocationConstraint=region --object-lock-enabled-for-bucket --endpoint-url <url>
-
Verify versioning status of the bucket:
aws s3api get-bucket-versioning --bucket <bucket-name> --endpoint-url <url>
-
Update object lock configuration, make sure you update the retention period (
Days
) in the following command as per your requirement:aws s3api put-object-lock-configuration --bucket <bucket-name> --object-lock-configuration '{ObjectLockEnabled=Enabled,Rule={DefaultRetention={Mode=COMPLIANCE,Days=30}}}' --endpoint-url <url>
-
Verify versioning and object lock configuration:
aws s3api get-bucket-versioning --bucket <bucket-name> --endpoint-url <url> aws s3api get-object-lock-configuration --bucket <bucket-name> --endpoint-url <url>
-
Validate the output with list version command:
aws s3api list-object-versions --bucket <bucket-name> --endpoint-url <endpoint>
-
Disable the following option:
-
file-system-access-enabled
You may see the following error message otherwise:
Error: error in obtaining object-lock info for the bucket portworx-backup: AccessDenied: Only IAM users are supported with object lock enabled buckets. status code: 403, request id: 0a22c4cd:17ec09dfb18:4e051:23, host id:
-
Add S3 compatible object store cloud account in Portworx Backup
Refer to Add an AWS/S3 cloud account topic for more information on how to add an AWS/S3 compatible object store cloud account in Portworx Backup.
Add the backup location
Perform the following steps to add Dell EMC ECS S3 bucket as backup location:
-
From the home page, select Settings, Cloud Settings to open the cloud settings page:
-
In the Backup Locations section, select Add:
-
Populate the following fields:
-
Name: specify the name for the backup location, Portworx Backup displays this name as backup location name in the web console
-
Cloud Account: choose the S3 compatible cloud account (you created in Step 1) this backup location will use to create backups
-
Path / Bucket: specify the path of the bucket or the name of the bucket that this backup location will place backups into
-
Encryption key (Optional): enter the optional encryption key to encrypt your backups in-transit. For more information on encryption support, refer Encryption matrix
-
Server-side encryption (SSE-S3): ignore this option, as SSE is not supported for Dell ECS backup location
-
Endpoint: with the URL of your cloud storage server or provider
-
Disable SSL: select this option if your on-premises S3-compliant object store does not support SSL/TLS
-
Storage class: choose the S3 storage class your cloud backups will use
-
-
Click Add.
Now you can use this backup location based on Dell EMC ECS to create and restore your application data.
For more information on Dell ECS IAM and File system enabled feature, refer the following topics: