• EN
Question

AWS Hybrid Recommendation

W

I am kind of new to veeam and have been asked to come up with a high level plan to save money over our current configuration…. If someone could look this over and let me know if I am on the right track:

Hybrid Backup Strategy with Veeam 12 and AWS S3

This document outlines a backup strategy using Veeam 12, a software that specializes in backup and recovery, a local Network Attached Storage (NAS) device, and AWS S3, Amazon's scalable cloud storage service. The goal of this strategy is to minimize costs, ensure easy access to data, maintain quick performance, and utilize immutable storage capabilities for certain important data.

Backup Schedule and High-Level Design

The backup strategy involves five jobs, which are tasks that backup specific data according to a set schedule:

  • Daily incremental backups for all servers. These backups save any changes made since the last backup and are kept for 14 days on a local NAS device. This allows for quick recovery of recent data.

  • Weekly full backups for all servers. Full backups save all data regardless of when it was last modified, and these are kept for 2 months in AWS S3 One Zone-IA, a low-cost storage option within AWS S3 that is ideal for storing data that is accessed less frequently.

  • Monthly full backups for all servers. These are kept for 2 years and are initially stored on AWS S3 Intelligent-Tiering, a storage option that automatically moves data between two access tiers (frequent and infrequent) based on how often that data is accessed. After 30 days, these backups are moved to AWS Glacier Flexible Retrieval, a cost-effective storage option for archiving data.

  • Quarterly full backups for all servers. These are kept for 7 years and are also initially stored on AWS S3 Intelligent-Tiering. After 180 days, these backups are moved to AWS Glacier Deep Archive, the most cost-effective storage option in AWS, designed for long-term data archiving where data retrieval times of up to 12 hours are acceptable. The AWS feature "Object Lock" is enabled in compliance mode for these backups, making them immutable, or unable to be altered or deleted for a specified period.

  • Daily incremental backups for email servers. These are kept for 6 months and stored on the local NAS device for immediate accessibility.

Veeam Configuration and Storage Strategy

Veeam operates using three tiers of backup: the performance tier, the capacity tier, and the archive tier.

  • Performance Tier: This is usually a high-speed local storage system that Veeam uses for quick backup and recovery. In this strategy, daily and weekly backups are stored on the local NAS device, which acts as our performance tier. This allows for fast recovery of data and saves space on the NAS device.

  • Capacity Tier: This is typically off-site storage that Veeam uses for storing longer-term backups. In this strategy, AWS S3 One Zone-IA acts as our capacity tier for weekly backups, while AWS S3 Intelligent-Tiering is used for monthly and quarterly backups.

  • Archive Tier: This is used for long-term archival of backups. In this strategy, AWS Glacier Flexible Retrieval is used for monthly backups after 30 days, while AWS Glacier Deep Archive is used for quarterly backups after 180 days.

Veeam's Scale-out Backup Repository (SOBR) feature manages the transition between these tiers. SOBR is a repository system within Veeam that groups multiple backup repositories, or storage locations, into one entity. This allows for efficient use of storage resources and simplifies backup management.

Immutable Option and Data Security

The "Object Lock" feature in AWS S3 will be enabled for the quarterly backups stored in Glacier Deep Archive. This feature makes the selected data immutable, meaning it can't be altered or deleted until a specified period has passed. This provides an added layer of data security against potential threats, such as ransomware, or accidental deletion. Additionally, it optimizes costs, as the fees associated with enabling Object Lock are only applied to the backups stored in the Archive Tier.

In conclusion, this strategy offers a robust, flexible, and cost-effective solution for backing up and recovering your data. By applying immutable storage only to the Archive Tier, this strategy ensures long-term data security and keeps storage costs to a minimum.

2 comments

drews
Userlevel 3
Badge

Why focus only on AWS? Why not consider other S3 storage service providers, like Wasabi?!

While tiering “feels” like a good idea, there are severe consequences when restoring from a backup that has been tiered, typically in the form of excessive egress fees, which often cost more than a year of storing the backup [copy].

I would suggest you have a look at the single tier solution that Wasabi provides and consider the economic benefits of NOT paying API request fees, egress fees, etc., especially when it comes to the best practice of periodically testing your data for integrity and completeness…

[full transparency, I work for Wasabi and believe our solution, combined with Veeam’s platform, is superior to any other cloud storage service provider]

dloseke
Userlevel 7
Badge +6

I have to agree with Drew on this.  You can save money by dumping your capacity tier to Wasabi over S3 for sure.  Technically, archive on glacier is a small amount cheaper than Wasabi last I checked if you wanted to have an Archive tier, but I honestly am not sure that it’s needed.  I personally use Wasabi for Capacity and don’t use an archive tier.

Also, Wasabi has a simple little cost calculator that you may want to check out.  I can’t imagine that it covers all use cases, but looking at it, it’s astonishing how much difference there is in the cost of storing data between the hyperscalers and folks like Wasabi.

https://wasabi.com/cloud-storage-pricing/#cost-estimates

If for some reason you don’t like Wasabi (but what’s not to like), Backblaze B2 may be another good option.  Both are going to be cheaper than using S3 but a long shot, but Wasabi is my pick for sure.

(Full Disclosure:  I don’t work for Wasabi, but I am a Wasabi Partner and love the simplicity and the pricing structure.)

Derek M. Loseke, Senior Systems Engineer | Veeam Legend 2022-2023 | VMSP/VMTSP | VCP6-DCV | VSP/VTSP | CCNA | https://technotesanddadjokes.com | @dloseke

Comment


Terms & Conditions