Page Comparison

Swarm S3 backups to Wasabi targets have been verified. To implement an S3 backup feed, complete Complete a one-time set up of the destination to implement an S3 backup feed: set up an account with Wasabi and then create an S3 bucket dedicated to backing up this cluster only.

Setting up the S3 Bucket

These instructions are for Wasabi cloud storage, but any Internet-based S3 service has similar functionality:

1. Service — If needed, sign Sign up for Wasabi if needed.

   1. Go to wasabi.com and choose Start your free trialWasabi's Sign Up page, fill out all fields and select Start Your Free Trial.

   2. Follow the on-screen instructions.

   3. Once setup is finished, log Log in to the Wasabi console once setup is finished.

2. Bucket — Create a bucket dedicated to backing up your the Swarm cluster.

   1. Sign in to the Wasabi console: console.wasabisys.com.

   2. Choose Create bucket.

   3. For Make entries for Name and region, make your entries:

      1. For Bucket name, enter Enter a DNS compliant name for your the new bucket for Bucket name. Buckets cannot be renamed, so choose wisely:

         1. The name must be unique across all existing bucket names in Wasabi S3.

         2. The name must be a valid DNS name, containing only lowercase letters and numbers (and internal periods, hyphens, underscores), between 3 and 64 characters.
            (See S3 documentation: Rules for Bucket Naming.)
            Tip: For easier identification, incorporate  Incorporate the name of the Swarm cluster this bucket is dedicated to backing up for easier identification.

      2. For Region, choose the one that is Choose a Region appropriate for your business needs.
         

         

   4. For Take the defaults for Configure options, take the defaults.
      Best practice: Do not enable versioning or logging unless it is required for your the organization.
      

      

   5. Choose Create, and record the fully qualified bucket name (such as "arn:aws:s3:::remote-bucket") for use later, in policies.

   6. Record these values for configuring your the S3 Backup feed in Swarm:

      • Bucket Name

      • Region

3. User — Create a programmatic (non-human/console) user that dedicated to Swarm access.

   1. On the Wasabi console, select Select the service IAM (Identity and Access Management) , and click Userson the Wasabi console.
      
      

   2. Add a dedicated user, such as caringo_backup, to provide Programmatic access for Swarm.
      

   3. The Wasabi console generates an access key (an access key ID + secret access key), which you must record be recorded immediately.
      
      

      • This is the only time that you can view or download the The secret access key is not retrievable or viewable after this, so save it in a secure place.

   4. Record the fully qualified user (such as "arn:aws:iam::123456789012:user/caringo_backup") for use later, in policies.

   5. Record these values for configuring your the S3 Backup feed in Swarm:

      • Access Key ID

      • Secret Access Key

4. Policies — Create policies on both the user and the bucket so that the programmatic user has exclusive rights to your the S3 bucket. You may use Use the policy generators provided or enter edited versions of the examples below.

   1. Create an IAM policy for this user, allowing it all S3 actions on the backup bucket, which you need needs to specify be specified as a fully qualified Resource  Resource (which you recorded above), starting with arn:aws:s3:::

      IAM policy

      Code Block
      language xml
      { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "s3:*", "Resource": "arn:aws:s3:::example.cluster1.backup" } ] }

      
      

   2. Create a matching bucket policy to grant access to the dedicated backup user, which needs to be specified as a fully qualified Principal, which is the User ARN (recorded above) starting with arn:aws:iam::.
      Using the Policy Generator, allow all S3 actions for a bucket, using the full ARN name:
      
      

      Bucket policy

      Code Block
      language xml
      { "Id": "Policy1560809845679", "Version": "2012-10-17", "Statement": [ { "Sid": "Stmt1560809828003", "Action": "s3:*", "Effect": "Allow", "Resource": "arn:aws:s3:::example.cluster1.backup", "Principal": { "AWS": [ "arn:aws:iam::123456789012:user/caringo_backup" ] } } ] }

      
      

Configuring the S3 Backup Feed

On the Swarm side, create Create a new S3 backup feed with Wasabi as its the target on the Swarm side.

1. In Open the Feeds page in the Swarm UI, open the Feeds page.
   

2. Click + Add at the top right.
   

3. Choose the feed type S3 Backup.
   

4. Provide the following values. For details on these fields, see S3 Backup Feeds.

   • Name - For description only, such as "Replication to Wasabi"

   • Endpoint - Include the complete endpoint, without the bucket: s3.us-west-1.wasabisys.com

   • Region - This example uses the us-west-1 storage region. For any other region, use Use the appropriate Wasabi service URL for any other region.

   • Bucket - Enter your the newly created bucket dedicated to backing up your the Swarm cluster.

   • Credentials - Paste in both the Access key name and Secret Key

   • Use SSL - Yes

     

5. Confirm that your the new S3 backup appears in your the list of Swarm feeds: