Backing up data from an on-premises ONTAP system to the cloud

Contributors netapp-tonacki Download PDF of this page

Complete a few steps to get started backing up data from your on-premises ONTAP system to low-cost object storage in the cloud.

Quick start

Get started quickly by following these steps or scroll down to the remaining sections for full details.

Number 1 Verify support for your configuration

  • You have discovered the on-premises cluster and added it to a working environment in Cloud Manager. See Discovering ONTAP clusters for details.

    • The cluster is running ONTAP 9.7P5 or later.

    • The cluster has a SnapMirror license — which is included as part of the PREM or Data Protection bundle.

  • You have subscribed to the Azure NetApp Cloud Manager Marketplace offering, the AWS Cloud Manager Marketplace offering, or you have purchased and activated a Backup to Cloud BYOL license from NetApp.

  • You have a valid cloud provider subscription for the storage space where your backups will be located.

  • For AWS, you need to have an account that has an access key and the required permissions so the ONTAP cluster can back up data to S3.

Number 2 Enable Backup to Cloud on the system

Select the working environment and click Activate next to the Backup to Cloud service in the right-panel, and then follow the setup wizard.

A screenshot that shows the Backup to Cloud Activate button which is available after you select a working environment.

Number 3 Select the cloud provider and enter provider details

Select the provider and then enter the provider details. You also need to specify the IPspace in the ONTAP cluster where the volumes reside.

Number 4 Define the backup policy

The default policy backs up volumes every day and retains the most recent 30 backup copies of each volume. Change to weekly or monthly backups, or select one of the system-defined policies that provide more options.

A screenshot that shows the Backup to Cloud settings where you can choose the backup schedule and retention period.

Number 5 Select the volumes that you want to back up

Identify which volumes you want to back up from the cluster.

Requirements

Read the following requirements to make sure you have a supported configuration before you start backing up on-prem volumes to object storage.

ONTAP requirements

ONTAP 9.7P5 and later.

A SnapMirror license (included as part of the PREM or Data Protection bundle).

Cluster networking requirements

An intercluster LIF is required on each ONTAP node that hosts the volumes you want to back up. The LIF must be associated with the IPspace that ONTAP should use to connect to object storage. Learn more about IPspaces.

When you set up backup to cloud, you are prompted for the IPspace to use. You should choose the IPspace that each LIF is associated with. That might be the "Default" IPspace or a custom IPspace that you created.

Supported regions

Backups from on-prem systems are supported in all regions where Cloud Volumes ONTAP is supported.

  • For Azure, you specify the region where the backups will be stored when you set up the service.

  • For AWS, backups are stored in the region where Cloud Manager is installed.

License requirements

For Backup to Cloud PAYGO licensing, a subscription to the Azure Marketplace Cloud Manager Backup offering or AWS Marketplace Cloud Manager Backup offering is required before you enable Backup to Cloud. Billing for Backup to Cloud is done through this subscription.

For Backup to Cloud BYOL licensing, you need the serial number from NetApp that enables you to use the service for the duration and capacity of the license. See Adding and updating your Backup BYOL license.

And you need to have a Microsoft Azure or Amazon AWS subscription for the storage space where your backups will be located.

Preparing Amazon S3

When using Amazon S3, you must configure permissions for Cloud Manager to access the S3 bucket, and you must configure permissions so the on-prem ONTAP cluster can access the S3 bucket.

Steps
  1. Provide the following S3 permissions (from the latest Cloud Manager policy) to the IAM role that provides Cloud Manager with permissions:

    {
                "Sid": "backupPolicy",
                "Effect": "Allow",
                "Action": [
                    "s3:DeleteBucket",
                    "s3:GetLifecycleConfiguration",
                    "s3:PutLifecycleConfiguration",
                    "s3:PutBucketTagging",
                    "s3:ListBucketVersions",
                    "s3:GetObject",
                    "s3:ListBucket",
                    "s3:ListAllMyBuckets",
                    "s3:GetBucketTagging",
                    "s3:GetBucketLocation",
                    "s3:GetBucketPolicyStatus",
                    "s3:GetBucketPublicAccessBlock",
                    "s3:GetBucketAcl",
                    "s3:GetBucketPolicy",
                    "s3:PutBucketPublicAccessBlock"
                ],
                "Resource": [
                    "arn:aws:s3:::netapp-backup-*"
                ]
            },
  2. Provide the following permissions to the IAM user so that the ONTAP cluster can back up data to S3.

    "s3:ListAllMyBuckets",
    "s3:ListBucket",
    "s3:GetBucketLocation",
    "s3:GetObject",
    "s3:PutObject",
    "s3:DeleteObject"
  3. Create or locate an access key.

    Backup to Cloud passes the access key on to the ONTAP cluster. The credentials are not stored in the Backup to Cloud service.

Enabling Backup to Cloud

Enable Backup to Cloud at any time directly from the working environment.

Steps
  1. Select the working environment and click Activate next to the Backup to Cloud service in the right-panel.

    A screenshot that shows the Backup to Cloud Activate button which is available after you select a working environment.

  2. Select the provider, and then enter the provider details:

    • For Azure, enter:

      1. The Azure subscription used for backups and the Azure region where the backups will be stored.

      2. The resource group - you can create a new resource group or select and existing resource group.

      3. The IPspace in the ONTAP cluster where the volumes you want to back up reside.

        A screenshot that shows the cloud provider details when backing up volumes from an on-premises cluster to an Azure Blob tier

    • For AWS, enter:

      1. The AWS Access Key and Secret Key used to store the backups.

      2. The IPspace in the ONTAP cluster where the volumes you want to back up reside.

        A screenshot that shows the cloud provider details when backing up volumes from an on-premises cluster to an AWS S3 tier

        Note that you cannot change this information after the service has started.

  3. Then click Continue.

  4. In the Define Policy page, select the backup schedule and retention value and click Continue.

    A screenshot that shows the Backup to Cloud settings where you can choose your backup schedule and retention period.

  5. Select the volumes that you want to back up and click Save.

    A screenshot of selecting the volumes that will be backed up.

    • To back up all volumes, check the box in the title row (button backup all volumes).

    • To back up individual volumes, check the box for each volume (button backup 1 volume).

Result

Backup to Cloud starts taking the initial backups of each selected volume.