In order to create a SoftNAS Cloud® SoftNAS® and Veeam Backup solution customized to your organization's individual needs, there is a fair bit of information you will need to gather, and a number of decisions that will need to be made. This primer is intended to help you identify the information needed to make informed decisions for your SoftNAS Cloud deployment with Veeam backups to the cloud. To guide you towards the solution that is right for you, the checklist below will help you record the key data required when you start your actual deployment of SoftNAS Cloud in AWS as a repository for Veeam backup data.
This checklist can be copied and pasted into MS Word or the text editor of your choice in order to gather and record the information for easy reference when you start your SoftNAS Cloud deployment. Alternatively, this confluence page can be exported either as a word document or PDF, by selecting the menu icon in the top right corner.
...
For each section of the checklist, additional information is provided in a linked section below. These informative articles can be used to help you make deployment decisions or create prerequisite resources that will be needed for your deployment.
Deployment Checklist:
The following document serves as a checklist, and as such is designed so that our users can copy and paste to a separate document (or export), and mark up as necessary. We recommend that the checklist be used to record all data to be used in your deployment for easy reference during both planning and your actual deployment.
- Deployment: Determine your deployment type. SoftNAS supports two different deployment types. Select one of the below:
- Premise to AWS Cloud
- AWS Cloud to AWS Cloud
- AWS Account: Record your AWS account credentials (how to create an AWS account listed below)
- Account ID or Alias:_____________________
- IAM User Name:_______________________
- Password:____________________________
- AWS Identity and Access Management: Ensure you have set up your AWS Identity and Access Management (IAM) configuration to use with SoftNAS Cloud and record the IAM Role you will use below:
- IAM Policy and Role created:____________________________
- IAM Role Name:______________________________________
- SoftNAS Cloud Offering: Determine what SoftNAS Cloud offering you use for your deployment. Select one of the below SoftNAS Cloud Offerings:
- SoftNAS Cloud® SoftNAS® Essentials 1TB
- SoftNAS Cloud® SoftNAS® Essentials 10TB
- SoftNAS Cloud® SoftNAS® Essentials 20TB
- SoftNAS Cloud® SoftNAS® Essentials 50TB
- SoftNAS Cloud® SoftNAS® Essentials 1TB+MMS Consumption
- SoftNAS Cloud® SoftNAS® Essentials BYOL
- Other non-Essentials:___________________________
- Networking: Understand the premise data center firewall or other network changes required to access SoftNAS Cloud in AWS as your Veeam repository:
- Data center networking and firewall changes requested and complete
- Data center networking and firewall changes requested and complete
- AWS Instance Size: Select the AWS instance size for your deployment.
Select one of the below:- i3.xlarge
- i3.2xlarge
- i3.4xlarge
- i3.8xlarge
- Other:________________________
- AWS Storage Selection: Select the type of AWS storage to use for your backup data in AWS.
Select one of the below:- AWS S3 Standard (Recommended for Veeam and SoftNAS Cloud Essentials)
- Other:________________________
- Add a self-signed certification to your SoftNAS Cloud and Veeam deployment:
- Add the certification:
- Add the certification:
- AWS VPC: Record the name of the VPC that you will use for your SoftNAS Cloud deployment
- VPC Name:____________________
- Data Transfer Protocol and AWS Instance Security Group: You can select to use NFS or CIFs/SMB as the protocol to allow Veeam to transfer backup data to the SoftNAS Cloud repository.
Select one of the below:- NFS
- CIFs/SMB
- AWS Key Pair: You may need your AWS Key Pair .pem file to launch SoftNAS in AWS and will need to know where to get it if needed.
- Key Pair .pem file location:_____________________
- AWS Access Key: You will need your Access key ID and Secret access key the first time you allocate storage in SoftNAS Cloud StorageCenter admin console, record your Access key ID and Secret access key below (you should keep this information secure)
- Access key ID:____________________________________
- Secret access key:_________________________________
- Deploy Your SoftNAS Cloud AWS instance via WAN:
- Connect Veeam to SoftNAS in AWS via WAN:
Anchor AWSVeeamDeployment AWSVeeamDeployment
Deployment
AWSVeeamDeployment | |
AWSVeeamDeployment |
There are two supported deployments of Veeam and SoftNAS Cloud to back up your data to the cloud.
Supported: Veeam Backup of On Premise Data to SoftNAS in the Cloud
If the data you want to backup is located on premise and you want to leverage SoftNAS Cloud on AWS to store backup data on AWS cloud storage, the deployment below is recommended and supported.
- Veeam and the data you want to backup will be located in you premise data center.
- You will need a VPN or other secure network connection to AWS to secure the NFS or CIFs/SMB traffic to the cloud
- SoftNAS Cloud will be running in the AWS cloud and connected to AWS S3 storage for your backup files
Supported: Veeam Backup of Cloud Data to SoftNAS in the Cloud
If the data you want to backup is located in the AWS cloud and you want to leverage SoftNAS Cloud on AWS to store backup data on AWS cloud storage, the deployment below is recommended and supported.
- Veeam and the data you want to backup will be located in the AWS cloud.
- Veeam will use NFS or CIFs/SMB to transfer data from Veeam to SoftNAS Cloud over the AWS cloud network
- SoftNAS Cloud will be running in the AWS cloud and connected to AWS S3 storage for your backup files
...
If the data you want to backup is located in the AWS cloud and you want to leverage SoftNAS Cloud on AWS to store backup data on AWS cloud storage, the deployment below is recommended and supported.
Anchor AWSVeeamAccount AWSVeeamAccount
AWS Account
AWSVeeamAccount | |
AWSVeeamAccount |
If you plan on saving you backups to SoftNAS Cloud on AWS, you/your company will need an AWS account. If you/your company does not have and AWS Account, you can create one here.
Once you have your AWS credentials (Account ID or alias, IAM username, Password), you will be able to log into the AWS Marketplace and select a SoftNAS Cloud Essentials offering here.
Anchor AWSVeeamIAM AWSVeeamIAM
AWS Identity and Access Management
AWSVeeamIAM | |
AWSVeeamIAM |
SoftNAS highly recommends the use of AWS Identity and Access Management with your SoftNAS instances. To use IAM with SoftNAS instances you will need to create an IAM Policy and IAM Role before you launch your SoftNAS instance in AWS. The process is simply and you can follow the instructions here to create the IAM Policy and Role to use with your SoftNAS Cloud deployment.
Anchor AWSVeeamSoftNASCloudOffering AWSVeeamSoftNASCloudOffering
SoftNAS
AWSVeeamSoftNASCloudOffering | |
AWSVeeamSoftNASCloudOffering |
...
Offering
SoftNAS recommends use of SoftNAS Cloud Essentials and AWS S3 Object storage for use with Veeam for backups. SoftNAS Cloud Essentials is our base offering which only supports Object storage. Object storage is less expensive than Block storage and is a good option for use as storage for Veeam backups.
SoftNAS offers 6 options for SoftNAS Cloud Essentials in the AWS Marketplace, depending on the capacity of storage you will need:
Fixed capacity AWS Marketplace offerings allow you to select a fixed storage capacity of 1TB, 10TB, 20TB or 50TB of total storage capacity for your SoftNAS Cloud Essentials deployment. The selected capacity will be the maximum capacity you will have to save all of your Veeam backup files.
- SoftNAS Cloud® SoftNAS® Essentials 1TB: Up to 1TB of storage for Veeam Backup files
- SoftNAS Cloud® SoftNAS® Essentials 10TB: Up to 10TB of storage for Veeam Backup files
- SoftNAS Cloud® SoftNAS® Essentials 20TB: Up to 20TB of storage for Veeam Backup files
- SoftNAS Cloud® SoftNAS® Essentials 50TB: Up to 50TB of storage for Veeam Backup files
Greater than 50TB fixed capacity can be obtained by using the BYOL (Bring Your Own License) option by contacting our SoftNAS Sales team.
- SoftNAS Cloud® SoftNAS® Essentials BYOL: If you require greater than 50TB of storage capacity for your Veeam backups, you can contact SoftNAS Sales for a BYOL license for the capacity of storage that meets your needs up to 16PB.
Consumption, pay for what you use, 1TB up to 16PB
- SoftNAS Cloud® SoftNAS® Essentials 1TB+MMS Consumption: SoftNAS also offers SoftNAS Cloud Essentials using the AWS MMS pricing option and can scale to a capacity of 16PB.
You can also use SoftNAS Cloud Enterprise or SoftNAS Cloud Platinum offerings for Veeam backups is you have a need for an enterprise storage solution beyond just the features/functionality offered in our SoftNAS Essentials offering.
Anchor AWSVeeamNetworking AWSVeeamNetworking
Networking
AWSVeeamNetworking | |
AWSVeeamNetworking |
If you are deploying Veeam and SoftNAS Cloud to back up data from your premise data center to the cloud, you will likely need to make some network security changes to your data center’s network/firewall to allow Veeam running in the datacenter to be able to connect to the SoftNAS Cloud in AWS. The information below is provided to help you make or request changes to your network team to ensure the network changes are ready when you are read to deploy SoftNAS.
NFS
If you will be using the NFS protocol to transmit data from Veeam on premise to SoftNAS Cloud in AWS, you will need to allow the following ports to traverse from your datacenter to the SoftNAS Cloud instance in AWS. Firewall changes may be required.
Type | Protocol | Port Range | Source | Source Value | Notes |
---|---|---|---|---|---|
SSH | TCP | 22 | Custom | x.x.x.x/32 | (ssh) SSH Access to SoftNAS |
Custom TCP Rule | TCP | 443 | Custom | x.x.x.x/32 | (https) HTTPS Access to SoftNAS |
Custom TCP Rule | TCP | 2500-5000 | Custom | x.x.x.x/32 | Default range of ports used for Veeam data transmission job channels |
Custom TCP Rule | TCP, UDP | 2049 | Custom | x.x.x.x/32 | (nfs) Standard NFS port |
Custom TCP Rule | TCP, UDP | 111 | Custom | x.x.x.x/32 | (sunrpc) Standard NFS ports. Port 111 is used by the port mapper service. |
...
CIFs/SMB
If you will be using CIFs/SMB to transmit data from Veeam on premise to SoftNAS Cloud in AWS, you will need to allow the following ports to traverse from your datacenter to the SoftNAS Cloud instance in AWS. Firewall changes may be required.
Type | Protocol | Port | Source | Source Value | Notes |
---|---|---|---|---|---|
SSH | TCP | 22 | Custom | x.x.x.x/32 | (ssh) SSH Access to SoftNAS |
Custom TCP Rule | TCP | 443 | Custom | x.x.x.x/32 | (https) HTTPS Access to SoftNAS |
Custom TCP Rule | TCP | 135 | Custom | x.x.x.x/32 | (dcom-scm) CIFs/SMB data transmission channel |
Custom TCP Rule | TCP | 137 | Custom | x.x.x.x/32 | (netbios-ns) CIFs/SMB data transmission channel |
Custom TCP Rule | TCP | 138 | Custom | x.x.x.x/32 | (netbios-dgm) CIFs/SMB data transmission channel |
Custom TCP Rule | TCP | 139 | Custom | x.x.x.x/32 | (netbios:ssn) CIFs/SMB data transmission channel |
Custom UDP Rule | UDP | 445 | Custom | x.x.x.x/32 | (microsoft-ds) CIFs/SMB data transmission channel from a gateway server to SoftNAS |
Custom TCP Rule | TCP | 2500-5000 | Custom | x.x.x.x/32 | Default range of ports used for Veeam data transmission job channels |
Custom TCP Rule | TCP | 389 | Custom | x.x.x.x/32 | (ldap) if connecting to Actice Directory |
Anchor | ||||
---|---|---|---|---|
|
A list of SoftNAS Cloud Essentials recommended instance sized for use with Veeam can be found here. You can learn more about how the resources of an AWS instance can impact performance below.
- RAM: SoftNAS Cloud automatically creates a Level 1 Read Cache using 50% of the available RAM on the AWS running instance. This Read Cache is used to provide better Read I/O response and is especially useful to aid in performance of Veeam operations like Synthetic Full Backups. Increasing the amount of RAM on you selected AWS instance can greatly increase your performance. SoftNAS recommended instances for Veeam backups with SoftNAS Cloud Essentials recommends 30GB or more RAM for smaller backup jobs and 60GB or RAM or more for larger backup jobs.
- Instance Storage: To further increase the Read performance of operations like Veeam Synthetic Full Backups, SoftNAS recommends that you configure a Level 2 Read Cache using the AWS instance’s Instance Storage (such as NVME SSD) that is locally attached to the instance. If you are using SoftNAS Cloud Essentials for your solution, you will not be able to allocate high performance EBS Block storage to your instance, so selecting an AWS instance with local Instance Storage will be required. How to create a Level 2 Read Cache is explained later in the getting started guide. AWS i3 series instances are recommended for use with Veeam because they have a good mix of RAM and a lot of Instance Storage that can be used as a Read Cache. SoftNAS recommends that you select an instance with Instance Storage of at least 10% the size of your standard backup job (i3 series instances likely have much more than the 10% minimum). Note: AWS Instance Storage should only be used for Read Cache and you should not store any backup or other data on Instance Storage. All of your backup data should be stored on S3 Object (EBS Block storage is also supported in the other editions of SoftNAS cloud, but likely not needed for Veeam backup data).
- Network: SoftNAS does not recommend running any workload on an AWS instance with a network speed of less than 1Gb. All of the SoftNAS recommended instances for a Veeam deployment have a network bandwidth of Up to 10Gb to help ensure the data you are transferring across the network from Veeam to SoftNAS Cloud has the necessary network speed. If you determine that you have very large amounts of data being transferred for your backup jobs from Veeam across the network to SoftNAS Cloud , you may want to consider a network connection of 10Gb. If you are driving a lot of network traffic to AWS for other reasons as well as performing Veeam backups to SoftNAS Cloud in AWS, you may want to consider use of AWS Direct Connect as an option to get the required network performance.
- CPU: For operations like Veaam Backups, the AWS SoftNAS instance usually does not require a lot of CPU resources. SoftNAS recommended instances for Veeam backups with SoftNAS Cloud Essentials recommends 4 vCPUs for smaller backup jobs and 8 vCPUs for larger backup jobs.
If you are new to SoftNAS and AWS, you may want to start your deployment with one of the SoftNAS recommended instances here and use AWS CloudWatch or a similar tool to monitor you resource utilization and adjust accordingly. It is easy to change the size of your instance later if you determine that your current instance is too small or large in the EC2 Console and SoftNAS Support can help if needed.
Note: For Customers Using i3 Instances and leveraging an NVMe Disk as a Read Cache - A tested work-around is available in order to resolve a known issue with pools not importing properly after a reboot or shutdown. If you encounter this issue your data is NOT lost or damaged. Please contact SoftNAS Support for assistance in importing your pool.
Anchor AWSVeeamStorageSelection AWSVeeamStorageSelection
AWS Storage Selection
AWSVeeamStorageSelection | |
AWSVeeamStorageSelection |
SoftNAS recommends and supports use of AWS S3 Standard storage for Veeam backups with SoftNAS Cloud Essentials (SoftNAS Cloud Essentials only supports AWS S3 Object storage and does not support AWS EBS Block storage). AWS S3 Standard storage is recommended due to its durability and resiliency across multiple AWS Availability Zones providing you with multiple copies of your data in different AWS Availability Zones for protection against a full AWS Availability Zone failure.
...
- AWS S3 Standard-Infrequent Access
- AWS S3 One Zone-Infrequent Access
- AWS Glacier
Anchor AWSVeeamVPC AWSVeeamVPC
AWS VPC
AWSVeeamVPC | |
AWSVeeamVPC |
Your SoftNAS Cloud instance will need to run in a Virtual Private Cloud (VPC) in AWS. Creating a VPC is simple and you can create your VPC in advance or in step 3 “Configure Instance” when creating your SoftNAS Cloud instance. You can get more input on creating your VPC for use with SoftNAS Cloud with Veeam here. (link to be added) /wiki/spaces/SD/pages/92995922 For more information about AWS VPCs, click here.
Anchor AWSVeeamDTPandSecGroup AWSVeeamDTPandSecGroup
Data Transfer Protocol and AWS Instance Security Group
AWSVeeamDTPandSecGroup | |
AWSVeeamDTPandSecGroup |
An AWS Security Group is a set of firewall rules on the AWS network side that controls the network traffic for your instance. You can create new Security Group in the AWS EC2 console in advance or in Step 6 of the instance launch process.
SoftNAS Cloud supports use of either NFS or CIFs/SMB to transfer your data with Veeam to SoftNAS in the cloud. Depending on the protocol you are using, you will need to configure your firewall (see the Networking section above) as well as your AWS Instance Security Group for the protocol you select. The below provides example AWS Instance Security Group information for what SoftNAS recommends for use of Veeam with NFS and CIFs/SMB. You will need this information when you launch your SoftNAS AWS Instance.
NFS
(You will need to change Source value of “<Inbound IP>/CIDR” to the IP address and CIDR or IP Address Range and CIDR for your configuration. You can read more information on how to set the “Source” values here.)
CIFs/SMB
(You will need to change Source value of “<Inbound IP>/CIDR” to the IP address and CIDR or IP Address Range and CIDR for your configuration. You can read more information on how to set the “Source” values here.)
Anchor AWSVeeamKeyPair AWSVeeamKeyPair
AWS Key Pair
AWSVeeamKeyPair | |
AWSVeeamKeyPair |
AWS requires an AWS “Key Pair” to be selected as the last step to launch your new SoftNAS AWS instance. An AWS “Key Pair” consists of a public key that AWS stores, and a private key file that you store. Together, they allow you to connect to your instance securely. For SoftNAS Cloud AMIs, the private key file allows you to securely SSH into your instance. If you do not have or have lost your AWS “key pair”, you can learn how to create a new AWS “Key Pair” here.
Anchor AWSVeeamAccessKey AWSVeeamAccessKey
AWS Access Key
AWSVeeamAccessKey | |
AWSVeeamAccessKey |
Once your SoftNAS Cloud instance is launched, the first time you allocate AWS cloud storage to be used with your instance you will need to know your AWS Access Key. If you don’t already have this information available, you can create a new “Access key ID” and “Secret access key” using the instructions here (need a docs section that describes how to create a new set of AWS Access Keys, send you an email to create a new “AWS Access Key” section in our docs).
Anchor AWSVeeamDeploySolution AWSVeeamDeploySolution
Deploy Your Solution
AWSVeeamDeploySolution | |
AWSVeeamDeploySolution |
Once you have made your deployment decision listed above and satisfied prerequisites such as firewall configuration, you are ready to start your SoftNAS Cloud deployment with Veeam. SoftNAS recommends following the below steps to deploy your solution:
Step 1: Create Your SoftNAS Cloud Instance in AWS
Step 2: /wiki/spaces/SD/pages/92995922
Step 3: Configure your SoftNAS Cloud Instance
Step 34: Add AWS Cloud Storage to your SoftNAS Cloud Instance
Step 45: Configure your Read Cache
Step 56: Connect Veeam to your SoftNAS Cloud instance via WAN
Step 67: (Optional) Add/Change Root Certificates
Step 8: Monitor your SoftNAS Cloud instance using AWS CloudWatch