Backups are different. Today I will tell about Acronis Backup Cloud (BaaS)
In this article, I will step by step describe the work of the Acronis Backup Cloud backup service (previously known as “Acronis Backup as a Service”) developed by Acronis engineers. I’ll tell you what “backups as a service” is from the inside, and how it all works. I turn directly to the description of the service itself.
The service consists of a server and client side. “Agent-based” and “Agentless” technologies are used, depending on the infrastructure. An agent is installed on the client computer or the virtualization host server, the task of which is to connect the client computer / host with the Acronis Backup Cloud server and perform backup and recovery tasks.
Here are the Agents (Clients) developed:
')
Let's take a look at how the server part works. The server part of the service consists of two components - system management and backup storage.
The control component is accessible via the Internet and allows you to manage backup copies of remote machines and already created backups using a web browser; Create, edit, and delete backup and retention policies configure encryption of created backups using AES or GOST standard, and if necessary, save individual backups locally; monitor the status of remote machines; restore individual files / folders, disks / partitions, or the entire machine from the cloud directly to bare metal. One of the most distinctive and useful features is the creation of a hierarchy of subordinate administrative and user accounts, within which access to data and remote machines is distributed. Administrators can monitor the status of subordinate accounts and, if necessary, provide assistance.
The storage component allows you to deploy a scalable, cheap and yet reliable data storage. Backup storage consists of a group of servers on which client data is written. To ensure a sufficient level of reliability of all stored user data, each incoming file is divided into “K” blocks and then “NK” (where N is a certain number greater than K) of redundancy blocks are added using the Reed-Solomon error correction algorithm. All blocks are stored independently of each other, and the safety of any “K” blocks from the recorded “N” ensures the recovery of stored user data.
Acronis storage system is built on physical servers. But at the same time, server roles are assigned directly to the disks.
There are three server roles: Metadata Server (Metadata Server (MDS)), Storage Server (Storage Server (STS)) and Front-end Server (FES).
The Metadata Server is responsible for storing information about the fragments into which the file is divided, and the location of these fragments on the servers. This is the most critical component of the system.
To ensure high availability and fault tolerance of storage, it is recommended to have several servers with the MDS role. One of the servers becomes the main one, and the metadata is periodically replicated with the other servers with the MDS role.
In addition, the System Management Component (MGMT) is also installed on each server that has the MDS role. If the primary MDS server stops working, the system management component is automatically enabled on another server with the MDS role, thus, the web-based storage management console is always available.
Storage Server (STS) is designed to store data fragments.
The front-end server allows Acronis Backup Cloud clients to access the vault and transfer data between the user side and Acronis datastore.
And now we will consider how it works in practice. Administrators of the IT-Lite company (service provider) and end-user companies are given access to service management via the web console. The diagram below shows the standard backup service architecture. Blue arrows indicate interaction between software components. The black arrows show how administrators and end users access the backup service.
IT Lite administrators have access to manage groups and user accounts.
The administrators of the end-user companies have rights that allow you to manage users who are only in their group! And end users, in turn, gain access to the console, in which you can add computers and create an automatic backup schedule. The service is integrated with the site of the service provider, which allows users to complete automatic registration immediately upon filling out the form on this page.
For the end user, working with the system is simple and intuitive. After creating a user account and logging into your Personal Account, you must specify the computer for which the backup task will be configured. To do this, click on the "+" and select the OS on which the agent will be installed. The next step is to configure the task for backup.
In the user management console, all Tasks that were previously performed for a specific computer are displayed, in addition, there is a function “Create a new Task” and “Recover data from the cloud”. In addition, you can view the current backup status for a given computer.
The user data of the BaaS service is stored on servers that are located in a certified data center of the TIER-3 class.
Thanks to the architecture used, protection is provided against failures at the level of individual servers and individual disks, which, we note, is impossible when using RAID arrays, which are used to create fault-tolerant storages. The system also uses a complete data integrity check. The redundancy level is configured in the storage management console. The self-healing design used in the development of storage allows us to avoid typical losses in system performance for RAID arrays.
In case of failure of one of the disks or even the whole server, the system will automatically rebalance, thus avoiding the immediate replacement of the failed components.
I forgot to mention the peculiarity of using backups as a service - in case of an emergency, you need to restore the computer (virtual machine) entirely. Yes, indeed, if we compare the speed of server recovery, then local backup, of course, is done faster. But in this case, you have to make a choice - either in favor of speed, but without a guarantee from the jambs, or in favor of a reliable solution, but you have to sacrifice a bit of speed.
To summarize, I came to the conclusion that the question of the reliability / simplicity of local backups and the use of BaaS is rather a matter of value. The one to whom the information is really valuable, will rather choose the service, and the rest - the first option. But this is my personal opinion, not directly relevant.
Summarizing all the above, I would like to add that, as they say, it’s better to see once than to hear a hundred times. Therefore, it is better to work with the service yourself and draw your own conclusions, since there is a free test .
How the service works
The service consists of a server and client side. “Agent-based” and “Agentless” technologies are used, depending on the infrastructure. An agent is installed on the client computer or the virtualization host server, the task of which is to connect the client computer / host with the Acronis Backup Cloud server and perform backup and recovery tasks.
Pro client part
Here are the Agents (Clients) developed:
')
- Backup clients for Windows, Linux and Mac are responsible for backing up data on machines running Windows / Linux / Mac.
- Backup client for VMware - backs up virtual machines on VMware vSphere (ESX / ESXi) without installing the corresponding clients in the guest systems. This client is installed on Windows-based machines with access to the vCenter Server and storage, which stores backup copies of virtual machines.
- Backup client for Hyper-V - backs up virtual machines on MS Hyper-V platform without installing the corresponding clients in the guest systems. This client is installed on a Hyper-V host.
- Backup Client for MS Exchange Server - supported versions of Microsoft Exchange Server 2003, 2007/10, 20013.
- Backup Client for MS SQL Server - Microsoft SQL Server 2005, 2008, 2008 R2, 2012, 2014 versions are supported.
Pro server part
Let's take a look at how the server part works. The server part of the service consists of two components - system management and backup storage.
The control component is accessible via the Internet and allows you to manage backup copies of remote machines and already created backups using a web browser; Create, edit, and delete backup and retention policies configure encryption of created backups using AES or GOST standard, and if necessary, save individual backups locally; monitor the status of remote machines; restore individual files / folders, disks / partitions, or the entire machine from the cloud directly to bare metal. One of the most distinctive and useful features is the creation of a hierarchy of subordinate administrative and user accounts, within which access to data and remote machines is distributed. Administrators can monitor the status of subordinate accounts and, if necessary, provide assistance.
The storage component allows you to deploy a scalable, cheap and yet reliable data storage. Backup storage consists of a group of servers on which client data is written. To ensure a sufficient level of reliability of all stored user data, each incoming file is divided into “K” blocks and then “NK” (where N is a certain number greater than K) of redundancy blocks are added using the Reed-Solomon error correction algorithm. All blocks are stored independently of each other, and the safety of any “K” blocks from the recorded “N” ensures the recovery of stored user data.
Server roles
Acronis storage system is built on physical servers. But at the same time, server roles are assigned directly to the disks.
There are three server roles: Metadata Server (Metadata Server (MDS)), Storage Server (Storage Server (STS)) and Front-end Server (FES).
The Metadata Server is responsible for storing information about the fragments into which the file is divided, and the location of these fragments on the servers. This is the most critical component of the system.
To ensure high availability and fault tolerance of storage, it is recommended to have several servers with the MDS role. One of the servers becomes the main one, and the metadata is periodically replicated with the other servers with the MDS role.
In addition, the System Management Component (MGMT) is also installed on each server that has the MDS role. If the primary MDS server stops working, the system management component is automatically enabled on another server with the MDS role, thus, the web-based storage management console is always available.
Storage Server (STS) is designed to store data fragments.
The front-end server allows Acronis Backup Cloud clients to access the vault and transfer data between the user side and Acronis datastore.
Work with the service
And now we will consider how it works in practice. Administrators of the IT-Lite company (service provider) and end-user companies are given access to service management via the web console. The diagram below shows the standard backup service architecture. Blue arrows indicate interaction between software components. The black arrows show how administrators and end users access the backup service.
Read the rights, please!
IT Lite administrators have access to manage groups and user accounts.
The administrators of the end-user companies have rights that allow you to manage users who are only in their group! And end users, in turn, gain access to the console, in which you can add computers and create an automatic backup schedule. The service is integrated with the site of the service provider, which allows users to complete automatic registration immediately upon filling out the form on this page.
Acronis Backup Cloud as a user's eyes
For the end user, working with the system is simple and intuitive. After creating a user account and logging into your Personal Account, you must specify the computer for which the backup task will be configured. To do this, click on the "+" and select the OS on which the agent will be installed. The next step is to configure the task for backup.
In the user management console, all Tasks that were previously performed for a specific computer are displayed, in addition, there is a function “Create a new Task” and “Recover data from the cloud”. In addition, you can view the current backup status for a given computer.
Comparison with local backups
The user data of the BaaS service is stored on servers that are located in a certified data center of the TIER-3 class.
Thanks to the architecture used, protection is provided against failures at the level of individual servers and individual disks, which, we note, is impossible when using RAID arrays, which are used to create fault-tolerant storages. The system also uses a complete data integrity check. The redundancy level is configured in the storage management console. The self-healing design used in the development of storage allows us to avoid typical losses in system performance for RAID arrays.
In case of failure of one of the disks or even the whole server, the system will automatically rebalance, thus avoiding the immediate replacement of the failed components.
Back up locally - yes, faster, but less reliable
I forgot to mention the peculiarity of using backups as a service - in case of an emergency, you need to restore the computer (virtual machine) entirely. Yes, indeed, if we compare the speed of server recovery, then local backup, of course, is done faster. But in this case, you have to make a choice - either in favor of speed, but without a guarantee from the jambs, or in favor of a reliable solution, but you have to sacrifice a bit of speed.
To summarize, I came to the conclusion that the question of the reliability / simplicity of local backups and the use of BaaS is rather a matter of value. The one to whom the information is really valuable, will rather choose the service, and the rest - the first option. But this is my personal opinion, not directly relevant.
Summary
Summarizing all the above, I would like to add that, as they say, it’s better to see once than to hear a hundred times. Therefore, it is better to work with the service yourself and draw your own conclusions, since there is a free test .
Source: https://habr.com/ru/post/271047/
All Articles