Tech ONTAP Blogs

BlueXP Backup and Recovery: Full 3-2-1 Backup Spectrum - Panoramic Protection

jacoba
NetApp
2,002 Views

BlueXP Backup and Recovery: Full 3-2-1 Backup Spectrum - Panoramic Protection

 

[For detailed explanations about the operation and functionality of the Full 3-2-1 Backup Spectrum Panoramic Protection Feature, please navigate to the bottom of this blog where you will find the comprehensive user guide.]

 

Introduction


The 3-2-1 backup strategy is a widely recommended approach for data backup and recovery. It provides a reliable framework to protect your important data from loss or disaster. By following the 3-2-1 backup strategy, you increase the chances of recovering your data in case of data loss, hardware failures, or other unexpected events. It provides redundancy, and protection against various failure scenarios, and safeguards your data against both physical and logical issues.

 

Introducing BlueXP Backup and Recovery 3-2-1 Backup: Single control plane for the full backup spectrum including the industry standard 3-2-1


BlueXP Backup & Recovery service now implements the 3-2-1 backup strategy. It oversees the entire backup procedure comprehensively, from a single centralized location and handles various aspects such as managing local backups, facilitating primary to secondary backup replication, and conducting backups to Object storage. By emphasizing end-to-end management, the service aims to streamline and simplify the backup process, ensuring the seamless transfer and protection of data.

 

jacoba_0-1688534620124.png

 

What is the 3-2-1 Backup Strategy?


The 3-2-1 backup strategy emphasizes having multiple copies of data in different locations, ensuring redundancy, and mitigating the risk of data loss. The 3-2-1 backup strategy entails keeping at least three copies of data: two copies on separate storage devices, and one copy stored offsite.

 

jacoba_2-1688534892061.png


Here's how it works:
1. 3 Copies of Data: Create three copies of your data. This means you should have the original data plus two additional copies. The goal is to have multiple versions of your data available in case one copy becomes corrupted or unavailable.
2. 2 Different Storage Media: Store your data on at least two different types of storage media. For example, you could have one copy on your computer's hard drive and another on an external hard drive, network-attached storage (NAS), or cloud storage. This helps guard against failures or issues that could affect a specific type of storage.
3. 1 Off-Site Backup: Keep at least one copy of your data off-site, preferably in a separate physical location from your primary storage. This protects against events like theft, fire, floods, or other disasters that could affect your primary storage location. Cloud storage is a common choice for off-site backups because it provides remote storage accessible from anywhere.

 

How Does BlueXP Backup and Recovery 3-2-1 Backup Work?


BlueXP Backup & Recovery service implements 3-2-1 backup by allowing users to set up replication between ONTAP clusters and backup to the cloud or StorageGrid object store in different topologies. It oversees the entire backup procedure comprehensively, from a single centralized location. This involves handling various aspects such as managing local backups, facilitating primary to secondary backup replication, and conducting backups to Object storage. By emphasizing end-to-end management, the service aims to streamline and simplify the backup process, ensuring the seamless transfer and protection of data.

 

jacoba_3-1688535152901.png

 

 

Local Snapshot features:
BlueXP Backup and Recovery 3-2-1 full backup spectrum feature enables users to
1. Modify Snapshot policies on production source volumes to configure the appropriate Snapshot creation schedule, snapshot retention count, and snapmirror-label to identify which snapshots need to be replicated by the SnapMirror engine.


Replication features:

1. Replicate data between ONTAP storage systems to support backup and disaster recovery.
2. Ensure the reliability of your DR environment with high availability.
3. Native ONTAP in-flight encryption is set up via Pre-Shared Key (PSK) between the two systems.
4. Copied data is immutable until you make it writable and ready to use.
5. Replication is self-healing in the event of a transfer failure.
6. When compared to the BlueXP replication service, the replication in BlueXP backup and recovery includes the following features:
a) Replicate multiple FlexVol volumes at a time to a secondary system.
b) Restore a replicated volume to the source system or to a different system using the UI.

 

Backup to object features:
1. Back up independent copies of your data volumes to low-cost object storage.
2. Apply a single backup policy to all volumes in a cluster, or assign different backup policies to volumes that have unique recovery point objectives.
3. Create a backup policy to be applied to all future volumes created in the cluster.
4. Make immutable backup files so they are locked and protected for the retention period.
5. Scan backup files for possible ransomware attacks - and remove/replace infected backups automatically.
6. Tier older backup files to archival storage to save costs.
7. Delete the backup relationship so you can archive unneeded source volumes while retaining volume backups.
8. Back up from cloud to cloud, and from on-premises systems to public or private cloud.
9. Backup data is secured with AES-256-bit encryption at rest and TLS 1.2 HTTPS connections in flight.
10. Use your own customer-managed keys for data encryption instead of using the default encryption keys from your cloud provider.

Advantages of BlueXP Backup and Recovery 3-2-1 Backup

 

jacoba_4-1688535914177.png

 

 

BlueXP Backup and Recovery's 3-2-1 panoramic protection offers a comprehensive set of features for backup and recovery. These features include:
1. 3-2-1 Backup Activation: Enables the activation of the 3-2-1 backup strategy, which involves creating three copies of data, storing them on two different media types, and keeping one copy offsite.
2. 3-2-1 Volume Details Dashboard: Provides a centralized view of volume-related information, allowing users to monitor and manage their backup activities effectively.
3. 3-2-1 Volume Backup Details Page: Offers a dedicated page to view detailed information about volume backups, including backup history and status.
4. Volume Level 321 Backup Modification: Allows users to modify backup settings at the volume level, ensuring flexibility and customization in the backup process.
5. Replication Setup: Facilitates the setup of data replication between primary and secondary systems, ensuring data redundancy and disaster recovery capabilities.
6. Backup to Cloud Object Store Setup: Enables the configuration of backup processes to cloud-based object stores, providing an additional layer of data protection and offsite storage.
7. Snapshot, Replication, and Backup to Cloud Policies Creation and Modification: Provides the ability to modify Snapshot, Replication, and Backup to object-store policies at the primary or local level, allowing for granular control over data retention and protection.
8. Volume, File, and Folder Restores from 3-2-1 Backups: Enables the restoration of volumes, files, and folders from the 3-2-1 backup copies, providing quick recovery options for various data levels.
9. Indexed Catalog from 3-2-1 Backup: Generates an indexed catalog that includes backup details from primary ONTAP, secondary ONTAP, and cloud backups, simplifying the process of locating and accessing specific backups.
10. DataLock and Ransomware Protection on Backups on Object Store: Incorporates DataLock and ransomware protection mechanisms into cloud backups, ensuring the integrity and security of backed-up data.
11. Archiving to Cloud Object Store: Allows users to archive data to a cloud object store for long-term retention, optimizing storage utilization and providing scalable archival options.
12. Enhanced Monitoring, Alerting, and Reporting: Provides advanced monitoring capabilities, proactive alerting, and comprehensive reporting functionalities, facilitating efficient management and oversight of backup operations.
13. ONTAP Protection Feature Support: Offers support for ONTAP features such as SVM-DR (Storage Virtual Machine Disaster Recovery), MCC (MetroCluster), and FlexGroup, allowing users to leverage these features in their backup and recovery workflows.


Overall, BlueXP Backup and Recovery's 3-2-1 panoramic protection delivers a robust set of features and capabilities to ensure reliable and comprehensive backup and recovery solutions for data management needs.

 

Supported Features and Deployments in BlueXP Backup and Recovery 3-2-1 Backup

 

jacoba_5-1688536172514.png

 

 

BlueXP Backup and Recovery Panoramic Protection offer versatile deployment options, efficient restores at different data levels, archival support, an indexed catalog for easy backup management, robust data protection against ransomware, and API support for seamless integration and automation. These features combine to provide a comprehensive and reliable backup and recovery solution.

 

Choosing the Topology:

 

There 4 different ways in which you configure your backup:-


Cascading Topology:- In this topology, the Snapshot copies of the volumes in the primary ONTAP cluster are taken and replicated to a secondary cluster. The replicated backups from the secondary ONTAP cluster will be then moved to an offsite location to Cloud or StorageGRID object store.

 

jacoba_0-1688537318026.png

 


Fan-Out Topology:- In the Fan-Out topology, the Snapshot copies of the volumes in the primary ONTAP cluster are taken and replicated to a secondary cluster and will also be moved to an offsite location to Cloud or StorageGRID object-store.

 

jacoba_1-1688537367634.png

 


Replication:- Replicate the Snapshot copies of the volumes in the primary ONTAP to a secondary cluster.

 

jacoba_2-1688537492899.png

 

Backup to Object store:- Backup the Snapshot copies of the volumes in the primary ONTAP to a Cloud or StorageGRID object-store.

 

jacoba_3-1688537546430.png

 

Choosing Your Setup:-

 

jacoba_4-1688537594321.png

 


1. Make sure that the Supported Version of ONTAP is being used. ( Minimum of ONTAP 9.7P5; ONTAP 9.8P13 and later is recommended.)
2. Appropriate Licensing requirements are met.
3. A connector, equipped with the necessary permissions and port connections, is successfully deployed.
4. Primary Working Environment:
• In the primary working environment, identify the source volumes that require protection.
• Create the necessary Snapshot policies with the desired snapshot schedule and snapmirror label.
• You have the option to choose from Cloud Volumes ONTAP, ONTAP, or ONTAP Select as your primary working environment.
• Make sure all the networking requirements are met
5. Secondary Working Environment:
• Select the secondary working environment where you want to replicate the chosen volumes.
• Determine the Storage VM to which the volumes will be replicated.
• Additionally, create a replication or Snapmirror Policy that specifies the type, schedule, and frequency of the replication, along with the appropriate snapmirror label.
• Your options for the secondary working environment include Cloud Volumes ONTAP, ONTAP, or ONTAP Select.
• Make sure all the networking requirements are met.
6. S3 Object Store on Cloud or StorageGRID:
• Finally, choose the S3 object store on Cloud or StorageGRID where you would like to transfer the data for an offsite copy.
• You can choose from AWS S3, Azure Blob, or GCP Object store as your preferred storage option in the Cloud.
• You can also choose  StorageGRID as your On-Premise Object store .

 

BlueXP Backup and Recovery 3-2-1 Backup Activation

 

Select Volumes for Backup

 

1) Prior to initiating the 3-2-1 Backup Activation process, it is crucial to carefully select the suitable volumes that require backup from the primary cluster. Additionally, it is important to verify whether any snapshot policies have been assigned to these volumes and to ascertain whether any replication relationships already exist for them. Taking these steps will ensure a smooth and effective backup process.


There are a few things to keep in mind while selecting the volumes for 3-2-1 Backup Activation:-
a) DO NOT select a mix of FlexGroup Volumes and FlexVolumes.
b) ONLY ONE FlexGroup can be chosen to backup at a time. Currently selecting multiple FlexGroup Volumes for backup.
c) DO NOT select a mix of SnapLock volumes and Non-SnapLock volumes.

 

jacoba_0-1688617029017.png

Create Policies

 

2) Now create snapshot policies, replication policies, and Backup to Object Store policies that need to be applied to the volumes on ClusterA and ClusterB that are planned to be backed up.

 

Refer to the documentation attached on how to create the different type of policies(Snapshot policies, Replication policies, Backup to object store policies)

Please Note:-
For the phase 1 release of the BlueXP Backup and recovery 3-2-1 Backup, policies would need to be created beforehand. Policy creation while activating backup is currently unavailable and will be made available in the upcoming release. You would need to create Snapshot policies, Replication policies, and Backup To Cloud policies in the appropriate cluster before you initiate BlueXP backup and recovery 3-2-1 Backup Activation


For Cascading Topology:- Make sure to create the Snapshot policies in Primary (ClusterA) and both the Replication policies and Backup To Cloud policies should be created in Secondary (ClusterB).


For Fan-Out Topology:- Make sure to create the Snapshot policies, and the Backup To Cloud policies on Primary (ClusterA), and the Replication policies should be created in Secondary (ClusterB)


Activating the 3-2-1 Backup

 

3) Now from the 3-2-1 User Interface, let's go ahead and activate the 3-2-1 Backup
• Click on the Primary Cluster/ClusterA
• On the right Navigation panel, click on the “Enable Backup”

 

jacoba_1-1688617701420.png


4) Now you will be welcomed by the 3-2-1 backup introduction screen "Define your backup strategy", encouraging users to define the backup strategy that they would like to deploy. Click on “Next”.

 

jacoba_2-1688617747988.png

 

 

Volume Page

 

5) Clicking Next will take you to the “Volume” page. The volume page lists the volume in the Primary ONTAP ClusterA that you would like to protect.

 

jacoba_4-1688617941200.png

 

jacoba_3-1688617912316.png

Choose the Volumes that you would like to protect. Select the volumes by clicking on the checkbox. Now a warning message will pop - up indicating that the volumes that have been selected have existing snapshot and replication policies, and if we define new ones they are going to be overwritten.

 

jacoba_5-1688617977908.png

The “Existing Protection” column will show users if any protection is enabled on the specific volume. This helps users to make an informed decision and plan effectively the protection topology that they would need to use.

 

jacoba_6-1688618015281.png

-Shows all the snapshot policies enabled on the volume

jacoba_7-1688618040967.png 

-Shows all the replication relationships enabled on the volume

jacoba_8-1688618070120.png

-Shows all the Backup to Cloud relationships enabled on the volume


Define Backup Strategy

 

6) In the “Define Backup Window”, choose the protection option that you would like to use for the working environment. In this example we will be setting up Cascading backup topology, hence choose “Local Snapshots”, “Replication” and “Backup”.
Now we have to choose the topology. We have the option to choose “Cascading” or “Fan-Out”.

 

Please note that the backup activation screen for Fan-Out topology will be similar to that of Cascading. The only difference is that for Fan-Out topology, the snapshot policies and backup to object store policies will be displayed on the “Define Backup Strategy” screen will be from the Primary Cluster and the replication policies shown will be from the Secondary Cluster.

 

Whereas for Cascading topology, the replication policies and backup to object store policies will be displayed on the “Define Backup Strategy” screen will be from the Secondary Cluster and the snapshot policies shown will be from the Primary Cluster.

 

jacoba_9-1688618324825.png

 

• If you are choosing, Fan-Out Backup Topology, make sure to choose “Local Snapshots”, “Replication” and “Backup”.

 

jacoba_10-1688618365378.png


• If you are choosing, Cascading Backup Topology, make sure to choose “Local Snapshots”, “Replication” and “Backup”.

 

jacoba_11-1688618390508.png


• If you would like to do a replication relationship, choose “Local Snapshots” and “Replication”.

 

jacoba_12-1688618429878.png


• If you would like to do a backup to the object-store relationship, choose “Local Snapshots” and “Backup ”.

 

jacoba_13-1688618459491.png

 


• Depending on the options that you have chosen, the respective widgets to configure the backup activation will be available. If they are not selected, the respective widgets will not be available.

 

7) For the Local snapshot, let's go ahead and choose a policy.

 

jacoba_0-1688619188705.png

 

 

😎 Now for Replication,
• Let’s configure the “Replication Target”.

Select the replication target accordingly so that the data will be transferred according to the policy you will be selecting. Now select the Replication Target. Choose the appropriate “Destination Working Environment” and Select “Destination SVM”. Click on “Advanced Setting” to select the destination Aggregate and customize the name for the data protection volume that will be created.

 

jacoba_1-1688619294943.png

 

 

• Now we will go ahead and enable the replication policy. Expand the Replication Policy accordion. Choose the appropriate replication policy.

 

jacoba_2-1688619335853.png

 

 

9) Now configure Backup to Cloud
• First, let's go ahead and configure the “Provider Settings”. You can define the provider settings to configure the object store for modes.
1. “Create a New Bucket
2. ”Bring Your Own Bucket”.
• Choosing “Create a New Bucket”, requires you to give the ”Account” and “Region” detail. Choose the appropriate Account and region from the drop-down. This action will create a bucket in the mentioned account and region.
• Choosing “Bring Your Own Bucket ”, requires you to choose the appropriate ”Account” from the drop-down list and all the buckets under the particular account will be listed. Make sure that you choose the appropriate bucket from the drop-down list to backup the data.

 

jacoba_3-1688619542449.png

 

Refer to the documentation attached on how to create and prepare your custom buckets

 

10) Configuring the encryption. Choose the required mode of the Encryption key. You can choose “AWS Managed Encryption Keys” or “Customer Managed Encryption Keys”. Before you choose “Customer Managed Encryption Keys” make sure to create the appropriate keys in the KeyVault.

 

jacoba_4-1688619584557.png

 

11) Choose the Backup to Cloud Policy. All the Backup To Cloud policies (which are mainly vault policies) pertaining to ClusterB will be listed in the “Backup Policy” section of the Backup widget. Choose the appropriate Backup to Cloud policy. . Click on “Next”

 

jacoba_5-1688619621519.png

 

 

Review Page

12) Next you will be taken to the “Review” page, which shows the 3-2-1 Backup Topology that has been selected by the user. It will show the details of the Primary Cluster, Secondary cluster, and the backup object store chosen by the user. It will also show you the details of the Snapshot policy associated with the primary source volumes, the replication policies for the SnapMirror relationship, and Backup To Cloud policies and the respective labels.

 

jacoba_6-1688619711666.png

 

Activate Backup


13)Click on “Activate Backup”, which will initiate the backup activation process in the desired topology.

 

jacoba_7-1688619783235.png

 

Public