Tech ONTAP Blogs

StorageGRID: storing and managing the on-premises backup and replication data


So, we’ve already established that NetApp® StorageGRID® object storage and ONTAP FabricPool are an ideal match, as I explored in my previous blog post. In this post, I talk about the benefits of using StorageGRID as a repository for data copies, whether they’re the result of a traditional backup or some other method of data protection. Because of the synergies between NetApp ONTAP® software, StorageGRID, and the management tools that I discuss, in this post, I focus on enterprises whose primary storage infrastructure is ONTAP based. Those synergies are both technical and financial, and I indicate where one or both exist.

We can certainly extend the conversation to other on-premises storage platforms. Your primary storage system doesn’t have to start with “O” and end with “NTAP” and your object store can certainly be on premises, in the cloud, or both.


The benefits of air-gapped infrastructure

Let me start by stating the following QED: Storing data copies on a separate, air-gapped infrastructure has certain advantages, especially at scale.

The air-gapped part of the infrastructure provides security. For details, read this great TR about how to secure your data by using StorageGRID S3 object lock and versioning. As an example, let’s take a scenario in which the primary storage has been compromised, either by a bad actor or by a software or hardware defect. If you have a copy of the data on different hardware and software platforms, with separate authentication mechanisms, it could mean the difference between a major catastrophe and just a close call.

Air gaps are a common safety measure. More than 20 years ago, the Space Shuttle had five navigation computers. According to a United Space Alliance report, “Four of the GPCs [General Purpose Computers] run what is known as the Primary Flight Software SubSystem (PASS) software. The fifth runs Backup Flight Software (BFS). PASS and BFS software was coded by different contractors.” None of the computers ran (Microsoft) Windows, but that’s a different story.

The point of this vignette is simple: Physical redundancy and having no single point of failure are important.

Where scale enters infrastructure

Scale enters the infrastructure picture when it comes to cost-efficiency. Notwithstanding the above point about the security benefits of air-gapped infrastructure, having a NetApp ONTAP to ONTAP SnapMirror® and SnapVault® replication relationship can cover both disaster recovery (DR) and backup scenarios. And you gain the advantage of not having to invest in and manage a separate infrastructure.

This single-infrastructure advantage holds true up to a certain point. And that point is where the cost of storing the data copies on flash starts to surpass the operational and capital cost savings of a separate backup infrastructure. As a matter of fact, I’m working with a customer who is undergoing this very reevaluation right now. Up to this point, it made sense for the customer to have a single infrastructure for all their data (primary, DR, and backup). But the increasing volume of the customer’s backup data seems to indicate that they should set up a new, separate, and cost-efficient infrastructure.

Why object storage is optimal

I will posit as an axiom that object storage is a valid and even preferable method of storing data copies. It’s vastly scalable, has a reasonable price point and performance-wise is significantly better than tape. In defense of this idea, I refer you to a recent blog post about object storage.

Many independent software vendors (ISVs) can provide backup-to-cloud functionality. And many of them support both public cloud and on-premises object storage. Some ISVs offer object lock support, and their offerings are tested for interoperability with StorageGRID. Now there’s a new entry on the list, which I discuss in more detail in the rest of this blog post: our own NetApp Cloud Backup.

Some terms to know

Before we dive in, I want to define the nomenclature and abbreviations. You will encounter these terms in various discussions with your NetApp account team. A lot of times people conflate these terms because they are adjacent and therefore can be used interchangeably - at least most of the time.

So, let’s be unambiguous here. You can use this information as a cheat sheet in the future:

  • NetApp Cloud Manager (abbreviation CM) is a cloud-based management tool for your NetApp enterprise. Although it’s called Cloud Manager, it can manage both cloud-based and on-premises NetApp infrastructure. Cloud Manager itself does not require a license, but specific functionality inside it does (similar to in-app purchases).
  • NetApp Cloud Manager Dark Site is the same as Cloud Manager, except it’s installed on premises as a Docker container. Cloud Manager Dark Site is meant to manage on-premises NetApp infrastructure with zero external network access.
  • NetApp Cloud Backup (CB) is a Cloud Manager functionality that offers backup and restore services for ONTAP instances. Cloud Backup requires a license.
  •  SnapMirror Cloud (SM-C) is a SnapMirror based replication technology that copies NetApp ONTAP Snapshot™ blocks to an object store.

SnapMirror Cloud: Enabling ONTAP backup to object storage

SnapMirror Cloud is the foundational technology that enables the copying and storing of ONTAP Snapshot copies as objects in the cloud. If you’re familiar with FabricPool, SnapMirror Cloud is an expansion of that technology with a new business purpose.

From the NetApp stable of management products, two can manage SnapMirror Cloud: (1) Cloud Manager and its Cloud Backup service and (2) ONTAP System Manager. Alert: Here is an example of the incorrect use of two terms as meaning the same thing. People tend to use “Cloud Manager” and “Cloud Backup” interchangeably, but of course Cloud Manager can do much, much more than just manage backups. 

You can manage SnapMirror Cloud through a set of SnapMirror APIs, which means that any ISV can add support for this functionality as well. At the time of this writing, Cleondris and ProLion had shipping versions of their respective backup applications that support SnapMirror Cloud. Several other companies have plans to ship compatible versions later in calendar year 2022.  

A firsthand review of Cloud Manager

I have been using Cloud Manager recently, and I like it a lot. I like the ability to visualize and to manage my entire enterprise on the Cloud Manager canvas. The canvas brings together the cloud and the on-premises parts of the environment, and surfaces important functionality (tiering, replication, and backup) in neat wizards. Cloud Manager Dark Site brings the same beautiful visualization and functionality to secure sites.

In my previous blog post, I wrote about the benefits of using Cloud Manager to tier data from your on-premises ONTAP systems to StorageGRID. Let’s add Cloud Backup service to that statement too. If you’re using Cloud Manager Dark Site, then the only object store backup target that’s supported by Cloud Backup Dark Site is StorageGRID. If you’re using the cloud-based Cloud Manager, then Cloud Backup service can back up ONTAP Snapshot copies either to on-premises StorageGRID or to the major public clouds. For your on-premises ONTAP systems, backup to on-premises StorageGRID makes a lot of sense.

An example of Cloud Manager in action

Let’s imagine that my enterprise has the usual branch-to-core-to-bunker setup. ONTAP Select is installed in the branch, ONTAP on NetApp AFF all-flash storage is installed in the core data center, and StorageGRID is deployed in the core and in the bunker, with a unified namespace. I manage my data lifecycle by using Cloud Manager.

Because not all data has the same protection needs, I can replicate my data and/or back it up to different platforms depending on its value. Some ONTAP Select volumes are replicated to ONTAP on AFF for DR purposes. The ONTAP Select DR volumes and all the production volumes on AFF can then be backed up to StorageGRID at the bunker site, straight from the core infrastructure. Other, less critical, ONTAP Select volumes are backed up directly to StorageGRID without a DR intermediary.

All the AFF production volumes are configured with tiering to my core datacenter StorageGRID site. The ONTAP Select DR volumes (residing on the AFF system) use the “All” tiering policy, and AFF production volumes use “Snapshot only” tiering policies.

StorageGRID information lifecycle management (ILM) policies and traffic classifiers can be used to separate tiered and backup data. Tiered data resides in the StorageGRID core site for fastest access, and backup data resides in the StorageGRID bunker site for optimized cost. Tiering data to StorageGRID requires no ONTAP license, which means that it is free regardless of how much data is tiered off. Cloud Backup does require a capacity license, but when backing up data to StorageGRID, it offers significant financial advantages in terms of $/TB.

Start reaping greater benefits from StorageGRID

Cloud Backup service is a highly efficient, Snapshot block based, incremental-forever backup and restore functionality for ONTAP based instances. Cloud Backup and FabricPool (tiering) store ONTAP blocks in S3 objects, taking advantage of the highly scalable and durable properties of object stores. For on-premises ONTAP systems, StorageGRID is the ideal target for both tiering and backup.

Whether you choose cloud or on-premises backup and tiering, Cloud Manager and Cloud Backup make it easy. See for yourself by taking a test-drive today.