Cohesity DataProtect With Wasabi
- 29 Jan 2025
- 7 Minutes to read
- Print
- PDF
Cohesity DataProtect With Wasabi
- Updated on 29 Jan 2025
- 7 Minutes to read
- Print
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
How do I use Cohesity DataProtect with Wasabi?
Cohesity DataProtect is a high-performance, secure backup and recovery solution. Wasabi is validated to be used as an External Target for Cohesity DataProtect. The procedures in this article detail the steps to add a Wasabi bucket as an External Target. To learn more about the Cohesity + Wasabi solution, please refer to our solution brief.
Prerequisites
Active Wasabi Cloud Storage Account
Wasabi Bucket - See Working With Buckets and Objects
Cohesity DataProtect installed and licensed
A VMware vCenter or another hypervisor is added as a source. A source is an object in your organization that you want to protect, such as a VM, physical server, Pure Storage volume, MS SQL Server and NAS. Refer to Register a Hypervisor Source page on Cohesity documentation for details on how to add a source or an asset for data protection. This article provides an example to protect a virtual machine on VMware vCenter which is added as a source.
Please Note: The data restoration process is handled by your specific backup software application. As there are many potential variables that will affect your unique environment, it is strongly recommended that you seek the guidance of your backup software's technical support team in the event that you encounter difficulty, or have application-specific inquiries.
Architecture Diagram
Create a Wasabi Bucket and Keys
Follow the steps in this section to create a standard Wasabi bucket. We will later use this bucket to create an External Target on Cohesity to write backups to Wasabi.
Log in to the Wasabi Console
Click on “Buckets” in the left hand pane and then click on “Create Bucket”.
In the “Create Bucket” window enter a unique bucket name.
Select the appropriate region and click "Create Bucket”.
Review the following Wasabi KB to create a sub-user with access keys to access the Wasabi bucket created above.
The following user permissions are required to use the Cohesity cloud services as outlined in the Cohesity Cloud Permissions section.
AbortMultipartUpload
DeleteObject
DeleteObjectVersion
GetBucketLocation
GetBucketObjectLockConfiguration
GetBucketVersioning
GetLifecycleConfiguration
GetObject
GetObjectVersion
ListBucket
ListBucketMultipartUploads
ListMultipartUploadParts
PutObject
PutObjectRetention
RestoreObject
ListBucketVersions
Adding Wasabi as an External Target
Wasabi can be added as an External Target to be used for Archival or Tiering.
Log in to your Cohesity System.
Select "Infrastructure" and then "External Targets". Click "Add External Target" on the top right.
Check the "Archival" checkbox and select "S3 Compatible" from the dropdown menu.
This example uses Archival type for External Target. Cohesity has two external Target types-
Cloud Archival- Archive's benefits include long term data retention on low cost storage to meet compliance and retention requirements. Cohesity archive automatically copies an existing Snapshot created by Protection Groups located in a Cohesity cluster and stores it on a registered External Target.
Cloud Tier- Cohesity Cloud Tier enables an additional storage tier where cold data can be stored. You can enable Cloud Tier to move rarely used and inactive data to the cloud when HDD used capacity exceeds a set threshold.
Enter the following details-
Bucket Name- Name of the Wasabi bucket created in section 3
Access Key ID- Access key for the Wasabi user
Secret Access Key- Secret key for the Wasabi user
Endpoint- This will very depending on your buckets chosen region
Port- 443
Region- Region for your Wasabi bucket
External Target Name- Name for the external target that is being added.
Archival Format- Use the default format "Incremental with Periodic Full". "Incremental Forever" format is not supported by Wasabi.
Once the above details are added, click "Register" to add the External target.
Important: This example uses Wasabi's 'us-east-1' storage region. To use other Wasabi storage regions, please use the appropriate Wasabi service URL as described in this article.
The newly created External target can be viewed by clicking on "Infrastructure" and then "External Targets".
Create a Protection Policy
A protection policy is a collection of reusable settings that define how and when sources are protected and archived. Follow the steps below to create a protection policy to archive backups to Wasabi.
Click on "Data Protection" and "Policies". Then click on "Create Policy".
Input the "Policy Name" and configure the number of days/weeks to run backups and the retention period as per requirements. Click on "More Options".
Click on "Add Archive" to add the external target pointing to Wasabi as an archive.
Select the Archive target that was created in Section 4 from the pull down list under "Archive to". Configure the retention period. Remove DataLock for Archive by clicking the "-" sign beside the lock period. Then click "Create" to create the protection policy.
Create a Backup
Click on "Data Protection", then "Protection" to open the Protection page. Click on "Protect" and then "Virtual Machines".
Note: In this example we are protecting Virtual Machines, please refer to Cohesity documentation for protecting other sources.
Click "Add Objects" to add the Virtual Machines for protection.
Select the Registered Source from the pull down list and add the VMs to be protected by selecting the checkbox next to them.
Note: In this example the source VMs are already discovered on Cohesity. Refer to Register a Hypervisor Source page on Cohesity documentation.
Input the name of the Protection Group if you want to create one. Then click on "Policy".
Select the protection policy created in Section 5 from the pulldown list. Then click "Protect".
The Protection will now be added and can be viewed on the Protection page. You can run it manually by clicking on the three dots beside the protection name and clicking "Run Now".
Recovering a VM from a Backup
This example details steps to recover a VM from a backup. For recovering
Click on "Data Protection" and then "Recoveries" to open the Recoveries page. To start recovery of VMs, click on "Recover", then click "Virtual Machines" and "VMs". To learn about other recovery types please refer to Cohesity documentation.
On the Virtual Machines window, search the virtual machine if you know the name or type "*" to list all all VMs that are backed up. Then, select the VM you want to recover by checking the checkbox next to the VM.
Click "Next: Recover Options" to go to the next window.
Select the Recover to location, recovery method and Existing VM Handling option based on your requirement. Click "Recover" to start the recovery.
Recover to the Original Location—Recover the VM files (such as the VMDK files) to their original datastores and create new instances of the VMs in the original Resource Pool available in the original Source.
Recover to a New Location—Recover the VM files (such as the VMDK files) to an alternate datastore and create new instances of the VMs in an alternate Resource Pool of a registered Source.
Progress of the recovery can be monitored from the Recoveries page.
Configure Immutability (Object Lock)
You can now use object lock enabled buckets with Cohesity 7.2.1.
Note: By default when creating an Archive Object Lock enabled External Target the default mode will be set to “Governance”
If you want to use Compliance mode you will need to contact Cohesity Support and open a case. They will make Cluster Config modifications to enable Compliance mode on the External Target you create.
Log into your Wasabi Console and create an Object Lock enabled bucket as specified in the Object Locking KB article.
In the bucket settings be sure to not turn on Default Object Retention as the OL settings will be configured in Cohesity Protection Policy.
On the Cohesity web portal click on “Infrastructure” and then click on “External Targets”.
Click on “Add External Target”.
Select “Archival and then from the Storage Type drop down menu select “S3 Compatible”.
Choose “Regular” from the Storage Class drop down.
Fill in the following information:
Bucket Name - Your OL enabled Bucket
Access Key ID - Your Wasabi Access Key
Secret Key ID - Your Wasabi Secret Key
Endpoint - The Wasabi Service URL where you created your OL bucket
Port - Port 443
Region - The matching region with your endpoint
Note: This config example discusses the use of Wasabi's us-east-2 storage region. To use other Wasabi storage regions, please use the appropriate Wasabi service URL as described in this article.
Next you can now slide the selector on for “Archive Object Lock”.
Click on “Register”.
Next click on “Data Protection” in the left hand pane.
Click on “Policies” and then click on “Create Policy”.
Give the Policy a unique name.
Turn off Data Lock as the Archive Target will automatically have OL settings applied.
Specify how often you want the backup to run.
Specify how long you want to keep then primary copy Locally.
Click on “Add Archive”.
Click on the Archive To Drop down and select your OL enabled Wasabi target.
You will now see the prompt about the External Target being Archive OL enabled. The data will be locked for as long as you specify the retention period to be and cannot be deleted until then.
Once the backup job has run and protected the entity you can go into the protection job and view that details. You can now see the Object Lock expiry details on when the backups will be deleted.
If you Log into your Wasabi Console and go the the data in the bucket you will see either Governance or Compliance mode now on the data versions.
