• Please help support our sponsors by considering their products and services.
    Our sponsors enable us to serve you with this high-speed Internet connection and fast webservers you are currently using at ADSM.ORG.
    They support this free flow of information and knowledge exchange service at no cost to you.

    Please welcome our latest sponsor Tectrade . We can show our appreciation by learning more about Tectrade Solutions
  • Community Tip: Please Give Thanks to Those Sharing Their Knowledge.

    If you receive helpful answer on this forum, please show thanks to the poster by clicking "LIKE" link for the answer that you found helpful.

  • Community Tip: Forum Rules (PLEASE CLICK HERE TO READ BEFORE POSTING)

    Click the link above to access ADSM.ORG Acceptable Use Policy and forum rules which should be observed when using this website. Violators may be banned from this website. This notice will disappear after you have made at least 3 posts.

AWS S3 Glacier as target for Cloud Container Pool

Mita201

ADSM.ORG Senior Member
Joined
Apr 20, 2006
Messages
579
Reaction score
22
Points
0
Location
Beograd, Serbia
Hi,

Is it supported to use AWS S3 Glacier as a target for ISP Cloud Container Pool, that will be used for protecting on-site container pool?

Any experience with such configuration?
 

RecoveryOne

ADSM.ORG Senior Member
Joined
Mar 15, 2017
Messages
323
Reaction score
74
Points
0
I have no experience with shuffling data to the cloud, but I did find this blurb on IBM's site:
But that doesn't really go into Glacier. Most things for Glacier seem to be in lines of using it as a VTL with a tape gateway device. So, I guess if you looked at it from that aspect of a VTL, then it would be fine. Heck, with the newer versions of Spectrum Protect, could send the data in native format, and not in the container compressed format. So, you wouldn't have to restore your primary container pool before you could service client restores.

The issue with glacier, from my understanding, is the access speed. Those restores might sit in a 'waiting' state' for some time.

I would be interested what IBM would say if you open a point. Heck, even interested in some ballpark costs of using AWS for storage if you are able to share that. If not, I totally understand.
 

dietmar

ADSM.ORG Member
Joined
Mar 12, 2019
Messages
20
Reaction score
2
Points
0
... i always find it interesting promoting S3 as a Backup Storage for Disaster Recovery. From my point it is mostly a "no, no and no", even if i have not seen it working.

BUT what i have seen multible Times is a Ransomware attack. And if you are in such a Situation, i am sure you will have no Internet Access, as this is the first which is "plugged out" ....

but hey, the local Datacenters MUST have the same limited tech which is used in the Internet . ( i mean an S3 could never ever match a SAS/SAN Storage / Tapes in Speed and costs ) ....

Everthing which has admin rights could be hacked and deleted,factory reseted ( HW Servers, OS , Storage ) , but NOT Tape . This could "only" be erased in sequence ( very slow ) or physical destroyed , both much much better.

S3 for legal long term Archive ( no need to get it back in DR ) is fine , but i would never go for a S3 replacing Tape.

Having a local S3 is risky as having local Storage , with admin rights the system is gone within minutes . All the immune stuff does not help if the Storage behind gets wipped out .

just my 2 cents on this :)

Dietmar
 

dietmar

ADSM.ORG Member
Joined
Mar 12, 2019
Messages
20
Reaction score
2
Points
0
.. if you get hit by a big/real Randsomware attack, they will try to destroy your Backup Infrastructure as well. So they delete all Storage Snapshots, and factory reset your Backup Storages . Always keep in mind that the hackers could catch ALL passwords.
 

RecoveryOne

ADSM.ORG Senior Member
Joined
Mar 15, 2017
Messages
323
Reaction score
74
Points
0
dietmar,
I hear what you are saying. Why I keep saying year after year that tape is king. It is proven, can be high performance, large capacity for cheap, and most important to me is physically isolated. That said, the push for the cloud will never go away.

As to ransomware, why I love my AIX boxes. I have them locked down that my infosec team keeps asking me to undo some things so they can 'properly scan them for vulns' externally. My next goal is enabling Trusted AIX. :D
 

dietmar

ADSM.ORG Member
Joined
Mar 12, 2019
Messages
20
Reaction score
2
Points
0
The used Backup OS was not the point ( at least for the Data ) , because the Backup Storage got factory resetted,rebuild and formated . Problem is if u unplug the admin interface of the Storage u have no Hardware Monitoring ... :/ . I don't know if there is a feature on Storage Systems which has some sort of hardware protection . ( eg. only with an phy inserted usb tongle an update of the storage Pools/Disks is possible ... )

Would be a great feature, just provision all Space and there is no need to configure a lot anymore ....

But i agree AIX is a very good choice . Much harder to hack/handle ...
 

marclant

ADSM.ORG Moderator
Joined
Jun 16, 2006
Messages
3,735
Reaction score
618
Points
0
Location
Canada
Website
www.ibm.com
Is it supported to use AWS S3 Glacier as a target for ISP Cloud Container Pool, that will be used for protecting on-site container pool?
I don't see S3 Glacier in the list of supported clouds just yet:
Probably should check back after each new version either on this page, or in the "Updates in thie release" section of the documentation for newer versions. Here's what was in 8.1.12:
https://www.ibm.com/docs/en/spectrum-protect/8.1.12?topic=updates-in-this-release The same will be available with newer versions as they are released.
 

gernthefish

ADSM.ORG Member
Joined
Mar 3, 2005
Messages
138
Reaction score
0
Points
0
We've tested cloudtype=s3 and set up the bucket in AWS to transition data to Standard IA after x days. Not quite as cheap as Glacier, but performed ok for us on restores.
 

Advertise at ADSM.ORG

If you are reading this, so are your potential customer. Advertise at ADSM.ORG right now.

DigitalOcean $100 Credit

Support ADSM.ORG and get DigitalOcean FREE credit. DigitalOcean currently offer a $100, 60-day Free Credit for new accounts. Sign-up here:

DigitalOcean Referral Badge

The Spectrum Protect TLA (Three-Letter Acronym): ISP or something else?

  • Every product needs a TLA, Let's call it ISP (IBM Spectrum Protect).

    Votes: 20 18.7%
  • Keep using TSM for Spectrum Protect.

    Votes: 65 60.7%
  • Let's be formal and just say Spectrum Protect

    Votes: 13 12.1%
  • Other (please comement)

    Votes: 9 8.4%

Forum statistics

Threads
31,871
Messages
135,906
Members
21,786
Latest member
london
Top