Backing up on-premises ONTAP data to StorageGRID

Contributors netapp-tonacki Download PDF of this page

Complete a few steps to get started backing up data from your on-premises ONTAP systems to object storage in your NetApp StorageGRID systems.

Quick start

Get started quickly by following these steps, or scroll down to the remaining sections for full details.

Number 1 Verify support for your configuration

  • You have discovered the on-premises cluster and added it to a working environment in Cloud Manager. See Discovering ONTAP clusters for details.

    • The cluster is running ONTAP 9.7P5 or later.

    • The cluster has a SnapMirror license — it is included as part of the Premium Bundle or Data Protection Bundle.

    • The cluster must have the required network connections to StorageGRID and to the Connector.

  • You have a Connector installed on your premises.

    • Networking for the Connector enables an outbound HTTPS connection to the ONTAP cluster and to StorageGRID.

  • You have purchased and activated a Cloud Backup BYOL license from NetApp.

  • Your StorageGRID has version 10.3 or later with access keys that have S3 permissions.

Number 2 Enable Cloud Backup on the system

Select the working environment and click Enable next to the Backup & Compliance service in the right-panel, and then follow the setup wizard.

A screenshot that shows the Backup & Compliance Enable button which is available after you select an on-prem working environment.

Number 3 Enter the StorageGRID details

Select StorageGRID as the provider, and then enter the StorageGRID details. You also need to specify the IPspace in the ONTAP cluster where the volumes reside.

A screenshot that shows the cloud provider details when backing up volumes from an ONTAP cluster to StorageGRID.

Number 4 Define the backup policy

The default policy backs up volumes every day and retains the most recent 30 backup copies of each volume. Change to hourly, daily, weekly, or monthly backups, or select one of the system-defined policies that provide more options.

A screenshot that shows the Cloud Backup settings where you can choose the backup schedule and retention period.

Number 5 Select the volumes that you want to back up

Identify which volumes you want to back up from the cluster.

Number 6 Restore your data, as needed

If necessary, choose the backup file to restore an entire backup to a new volume on an on-premises ONTAP system.

Requirements

Read the following requirements to make sure you have a supported configuration before you start backing up on-premises volumes to StorageGRID.

The following image shows each component when backing up an on-prem ONTAP system to StorageGRID and the connections that you need to prepare between them:

A diagram showing how Cloud Backup communicates with the volumes on the source systems and the destination storage where the backup files are located.

Note that the Cloud Restore instance is not shown in this diagram because single-file restore is not currently supported when using StorageGRID.

Preparing your ONTAP clusters

You need to discover your on-premises ONTAP clusters in Cloud Manager before you can start backing up volume data.

ONTAP requirements
  • ONTAP 9.7P5 and later.

  • A SnapMirror license (included as part of the Premium Bundle or Data Protection Bundle).

    Note: The "Hybrid Cloud Bundle" is not required when using the Cloud Backup service.

  • Time and time zone are set correctly.

Cluster networking requirements
  • The ONTAP cluster initiates an HTTPS connection over a user-specified port from the intercluster LIF to StorageGRID for backup and restore operations. The port is configurable during backup setup.

    ONTAP reads and writes data to and from object storage. The object storage never initiates, it just responds.

  • ONTAP requires an inbound connection from the Connector to the cluster management LIF. The Connector must reside on your premises.

  • An intercluster LIF is required on each ONTAP node that hosts the volumes you want to back up. The LIF must be associated with the IPspace that ONTAP should use to connect to object storage. Learn more about IPspaces.

    When you set up Cloud Backup, you are prompted for the IPspace to use. You should choose the IPspace that each LIF is associated with. That might be the "Default" IPspace or a custom IPspace that you created.

  • The nodes' intercluster LIFs are able to access the internet.

  • DNS servers have been configured for the storage VM where the volumes are located. See how to configure DNS services for the SVM.

  • Note that if you use are using a different IPspace than the Default, then you might need to create a static route to get access to the object storage.

  • Update firewall rules, if necessary, to allow Cloud Backup service connections from ONTAP to object storage through the port you specified (typically port 443) and name resolution traffic from the storage VM to the DNS server over port 53 (TCP/UDP).

Preparing StorageGRID

StorageGRID must meet the following requirements. See the StorageGRID documentation for more information.

Supported StorageGRID versions

StorageGRID 10.3 and later is supported.

S3 credentials

When you set up backup to StorageGRID, the backup wizard prompts you for an S3 access key and secret key for a service account. A service account enables Cloud Backup to authenticate and access the StorageGRID buckets used to store backups. The keys are required so that StorageGRID knows who is making the request.

These access keys must be associated with a user who has the following permissions:

"s3:ListAllMyBuckets",
"s3:ListBucket",
"s3:GetObject",
"s3:PutObject",
"s3:DeleteObject",
"s3:CreateBucket"
Object versioning

You must not enable StorageGRID object versioning on the object store bucket.

Creating or switching Connectors

When backing up data to StorageGRID, a Connector must be available on your premises. You’ll either need to install a new Connector or make sure that the currently selected Connector resides on-prem.

Preparing networking for the Connector

Ensure that the Connector has the required networking connections.

Steps
  1. Ensure that the network where the Connector is installed enables the following connections:

    • An outbound internet connection to the Cloud Backup service over port 443 (HTTPS)

    • An HTTPS connection over port 443 to StorageGRID

    • An HTTPS connection over port 443 to your ONTAP clusters

License requirements

Before your 30-day free trial of the Cloud Backup service expires, you need to purchase and activate a Cloud Backup BYOL license from NetApp. This license is for the account and can be used across multiple systems.

You’ll need the serial number from NetApp that enables you to use the service for the duration and capacity of the license. Learn how to manage your BYOL licenses.

TIP

PAYGO licensing is not currently supported when backing up files to StorageGRID.

A SnapMirror license is required on the cluster. Note that the "Hybrid Cloud Bundle" is not required when using Cloud Backup.

Enabling Cloud Backup to StorageGRID

Enable Cloud Backup at any time directly from the on-premises working environment.

Steps
  1. From the Canvas, select the on-premises working environment and click Enable next to the Backup & Compliance service in the right-panel.

    A screenshot that shows the Backup & Compliance Enable button which is available after you select an on-prem working environment.

  2. Select StorageGRID as the provider, click Next, and then enter the provider details:

    1. The FQDN of the StorageGRID server and the port that ONTAP should use for HTTPS communication with StorageGRID; for example: s3.eng.company.com:8082

    2. The Access Key and the Secret Key used to access the bucket to store backups.

    3. The IPspace in the ONTAP cluster where the volumes you want to back up reside. The intercluster LIFs for this IPspace must have outbound internet access.

      Selecting the correct IPspace ensures that Cloud Backup can set up a connection from ONTAP to your StorageGRID object storage.

      A screenshot that shows the cloud provider details when backing up volumes from an on-premises cluster to StorageGRID storage.

      Note that you cannot change this information after the service has started.

  3. In the Define Policy page, select the backup schedule and retention value and click Next.

    A screenshot that shows the Cloud Backup settings where you can choose your backup schedule and retention period.

  4. Select the volumes that you want to back up.

    • To back up all volumes, check the box in the title row (button backup all volumes).

    • To back up individual volumes, check the box for each volume (button backup 1 volume).

      A screenshot of selecting the volumes that will be backed up.

  5. Click Activate Backup and Cloud Backup starts taking the initial backups of each selected volume and the Backup Dashboard is displayed so you can monitor the state of the backups.

Result

Cloud Backup backs up your volumes from the on-premises ONTAP system.