AWS Storage Blog

Data Protection for Your Cloud Journey with NetBackup 8.2 and AWS

This blog is co-authored by Ralph Wynn, Global Technical Account Manager at Veritas, and Henry Axelrod, Partner Solutions Architect at AWS.

In this post we are going to explore some of the benefits you can get for your data protection needs with NetBackup 8.2 and AWS. As more and more organizations face market pressures to meet revenue goals or stay ahead of the competition, they are looking to take advantage of the scalability, elasticity, and cost economics of the AWS Cloud. As customers embark on their cloud journey, selecting the right partner to help you get to the cloud and protect your data on the cloud is an important consideration. Veritas has been helping make it easy for customers to move to, and manage data on AWS for the past six years. Now, with the release of NetBackup 8.2, the journey to the cloud has become even easier.

Long-term retention to the cloud

In October 2013, Veritas released NetBackup 7.6, which was our first step to supporting the cloud journey. With the first group of cloud connectors, Veritas provided customers with the ability to send backup data to multiple content sources, including Amazon Simple Storage Service (Amazon S3).

As you might expect, a lot has changed about the cloud in the last six years. AWS has expanded its cloud services through new features and services, and continues to improve existing ones. In the last two years alone, AWS has released several new Amazon S3 storage classes such as Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA), Amazon S3 Intelligent-Tiering, and most recently Amazon S3 Glacier Deep Archive. These new storage classes are optimized to provide you with flexible storage options for your workload demands. Amazon S3 Glacier Deep Archive, offers Amazon S3’s lowest-cost storage class at prices lower than storing and maintaining data in on-premises magnetic tape libraries or archiving data offsite. All objects stored in S3 Glacier Deep Archive are replicated and stored across at least three geographically dispersed Availability Zones, protected by 99.999999999% of durability, and can be restored within 12 hours.

Veritas also has been busy improving the data management journey for you as well. With the release of Veritas NetBackup 8.2, Veritas has added support for AWS Identity and Access Management (AWS IAM) roles for the CloudCatalyst deduplication server. This enables backup operations to use the right level of security access and permissions when running on the AWS Cloud. AWS IAM role support with NetBackup 8.2 enables customers to deploy NetBackup on AWS while following security best practices and being able to manage access the way you do across the rest of their workloads.

In addition to security, cost optimization is an important factor for long-term data retention solution. One of the key ways data protection and management solutions help you with cost optimization is by supporting the latest AWS storage classes. NetBackup supported Amazon S3 Glacier Deep Archive at launch in March of this year. Veritas extended support in NetBackup 8.2 for the Amazon S3 Glacier Deep Archive storage class into CloudCatalyst to further extend the cost economics of storing data in the cloud. This enables deduplication to Amazon S3 Glacier Deep Archive, which reduces the data that must be written to and stored on the cloud by up to 95%. Additionally, by implementing the AWS software development kit for GO, NetBackup improved deduplication performance by using the Amazon S3 client that has been optimized by AWS. With these improvements, you now can use NetBackup when moving data to or for existing cloud workloads in a way that rivals both the cost and performance of tape, whether online or offsite.

Amazon S3 Storage classes available in NetBackup 8.2

Figure 1: Amazon S3 Storage classes available in NetBackup 8.2

Another important enhancement to NetBackup 8.2 is the support for the AWS Snowball and AWS Snowball Edge devices for backing up to AWS. Supporting this transfer method helps customers with large existing datasets use these devices to initially move their data without having to send it over the wire. This enables shorter data transfer times and reduces high network costs by enabling customers to provision sufficient networking capacity to handle incremental changes. When using Snowball and Snowball Edge, you don’t have to account for having a larger pipe just to get the initial backup onto AWS. This helps you with large datasets, whether you’re looking to eliminate tape libraries or entire data centers within a tight timeframe and when the current network setup would not support the transfer without additional investment in network infrastructure.

Snapshot management

AWS offers snapshot functionality to help protect compute workloads running on the cloud. By using NetBackup 8.2 along with its snapshot manager Veritas CloudPoint, you can protect both on-premises and AWS Cloud platforms, such as Amazon Relational Database Service (Amazon RDS), Apache Cassandra, and others, from a single console. With the addition of tagging support, you can automatically add a protection policy based on its age to AWS workloads, allowing for automatic protection once the resource is created. With these features, you can benefit by using AWS native snapshot capabilities with enhanced management capabilities provided by Veritas and a single pane of glass for visibility through NetBackup across your hybrid environment.

From test/dev to recovery on the cloud

You were vocal about a desire to use data stored in Amazon S3 to recover directly onto an Amazon Elastic Compute Cloud (Amazon EC2) instance. Consequently, NetBackup now supports recovering VMware and Linux/Unix-based workloads stored in Amazon S3 to Amazon EC2 instances. This enables you to restore data on AWS and enables you to spin up workloads without having to manage a conversion or rebuilding process. You can spin up copies of VMs for creating development/testing environments, a production workload to mitigate on-premises failure, or to support a migration initiative.

One of the improvements to help enable this is with NetBackup Media Server Deduplication Pool (MSDP) to separate the deduplicated data from the metadata. This allows NetBackup 8.2 to store all the data and metadata needed to recover instances in Amazon S3 without requiring access to the original on-premises master. This lets you share that image with another NetBackup server running on AWS. We call this new feature Image Sharing. This allows customers to use the data stored in Amazon S3 from on-premises with a NetBackup instance running on AWS as pictured below. Because the data is self-describing, you can choose to either have the NBU Master online all the time or bring it up on demand for just in time recovery.

NetBackup Image sharing Architecture Feature – For Sharing Image between NetBackup in Data Center and on AWS

Figure 2: NetBackup Image sharing Architecture Feature – For Sharing Image between NetBackup in Data Center and on AWS

Using the Veritas VMware agentless technology and image sharing, you can quickly import the backups from a NetBackup environment on-premises and, in the matter of a few seconds, import that data into a NetBackup instance running on AWS. After running a command on newly deployed NetBackup instance on AWS, recovery of the VMware virtual machine can be run at any time.

Example of NetBackup import process

Figure 3: Example of NetBackup import process

During the restore, NetBackup calls the AWS API to read from the Amazon S3 bucket, validates permissions, and then starts the vmimport process.

Fig 4 Starting the Amazon EC2 import

Figure 4: Starting the Amazon EC2 import

Once all the checks have passed, the restore job converts the Virtual Machine Disk (VMDK) into Amazon EC2 format, which, depending on the size of the image, may take some time. A quick peak into the job details shows a status of the conversion process.

Running the Amazon EC2 import and progress of conversion process

Figure 5: Running the Amazon EC2 import and progress of conversion process

When this process has completed, you have an Amazon Machine Images (AMI) available on the account specified for the restore.

Summary

Veritas has been managing data and workloads for some of the world’s largest companies for over 30 years and have taken that knowledge and experience and applied it to the cloud, specifically AWS. The Veritas NetBackup features now available in version 8.2 helps you meet your business needs by:

  • Cost effectively storing your long-term retention data using Amazon S3 Glacier and Amazon S3 Glacier Deep Archive with deduplication and improved performance, to help reduce or eliminate tape.
  • Supporting data transfers with AWS Snowball and AWS Snowball Edge devices to reduce high network costs and long transfer times for accelerating backup of data to or in AWS
  • Expanding protection beyond the data center and being able to efficiently protect and report on your ever-growing AWS workloads with snapshot management.
  • Seamlessly share backups between locations using Amazon S3 and restore on-premises virtual machine backups to Amazon EC2 instances for test/dev, restore, disaster recovery, or migration purposes.

Veritas NetBackup 8.2 with its enhanced AWS features is ready to support your entire cloud journey – whether it is moving, migrating, or protecting data on the cloud.

To learn more, please visit  www.veritas.com/aws. If you’re ready to get started, contact AWS.cloud@veritas.com

Ralph Wynn

Ralph Wynn

For the last 19 years, Ralph has been using his extensive background in sales, technical marketing, and product management to help companies of all shapes and sizes utilize hardware, virtualization, and cloud to transform their business or to maintain a high level of competitive edge. As the Global Technical Account Manager for Veritas, Ralph manages the technical relationship for AWS to make sure customers’ cloud journey with Veritas and AWS exceeds their expectations.

The content and opinions in this post are those of the third-party author and AWS is not responsible for the content or accuracy of this post.