CONFIGURING YOUR AWS WANROCKIT NODE TO PRESENT THE AWS STORAGE GATEWAY ON-PREMISE

WANrockIT: Connecting to an AWS Storage Gateway

PREFACE

Traditionally the AWS Storage Gateway will be used in the following configuration:

aws_basic_storage_gateway_without_us

 

Where the AWS Storage Gateway is run from an ESXi or Hyper-V image on-prem, large storage volumes will be attached. This is where the data is written and uploaded to S3 at the AWS Storage Gateway’s pace. This results in backed up data being on-prem for extended periods of time.

With Bridgeworks WANrockIT solution the data can be moved much faster into the cloud using the topology below:

aws_storage_gateway_with_us

Within a few seconds of your server registering that the data has be written, the data will be on EBS volumes in AWS being transferred to S3.

INTRODUCTION

The following guide will teach you how to log onto your AWS Storage Gateway from your AWS WANrockIT Node, in order to present the gateway’s devices to your on-prem Node. This allows the devices to be used by on-prem hosts with WANrockIT acceleration. The AWS Storage Gateway and AWS WANrockIT Node should be deployed in the same VPC.

SETUP OF STORAGE GATEWAY

For a complete guide on configuring your AWS Storage Gateway please visit aws.amazon.com/storagegateway.

Hardware Requirements

It is recommended that you should have large hard drives attached to the AWS Storage Gateway, in order to keep your performance high and to prevent having to wait for data being transmitted. As a guide it is recommended to have both a buffer drive and cache drive large enough to accommodate an entire backup cycle. E.g. if your company backed up 100GB of data per back up cycle, then the AWS Storage Gateway should have two 100GB hard drives attached as per the image below.

aws_sgw_attaching_disks

CONNECTING TO THE AWS DISK LIBRARY

Configuring CHAP

Challenge-Handshaking Authentication Protocol (CHAP) will provide protection to your iSCSI target by verifying the identity of the iSCSI initiator which is accessing the target. It is not necessary for iSCSI connections, but is recommended. For a full description on setting up CHAP please visit:

http://docs.aws.amazon.com/storagegateway/latest/userguide/ConfiguringiSCSIClientInitiatorCHAP.html

Please note that the AWS Storage Gateway supports Mutual CHAP, whilst the WANrockIT Node has support for one-way CHAP.

aws_sgw_chap_info

One of the parameters to set up the access is the IQN of the iSCSI host that will connect in, called the “Initiator Name” on the AWS setup page. This parameter is located within the Bridgeworks GUI on the System Information page.

aws_gui_icon_system_information

From the home screen click on the “System Information” button and you will be presented with the following screen, which contains the IQN.

aws_node_iqn

Copy this IQN into the “Initiator Name” field and set up the passwords as you require. Particularly the “Secret Used to Authenticate Initiator” password, which will be required for One-Way CHAP. As shown in the image below:

aws_sgw_chap_configuration

Logging onto the AWS Storage Gateway

aws_gui_icon_iscsi_initiator

From the home screen click on the “iSCSI Initiator” icon, under the heading “Discovery Target Portals” click on the “Add” button. The page below will be displayed.

aws_sgw_disk_discovery

Enter the IP address of the AWS Storage Gateway, change the port if that has been altered and select the “Source Interface”. “CHAP Login” is not required at the discovery level for the AWS Storage Gateway.

Once your Discovery completes you will be presented with the screen below.

aws_sgw_disk_portal_and_target

The storage gateway’s disk is now being presented as a target in the “Targets” list. The status of the device is inactive. Select the target from the “Targets” List and click the “Log On” button. You will be presented with the page below.

aws_sgw_disk_login

Select the “Source Interface” and the “Target Portal” to represent your network configuration. Enable the “CHAP Login” checkbox if required. The username field is filled in automatically for you; in the password field, enter the password you set for the AWS Storage Gateway “Secret Used to Authenticate Initiator” field. Click the “OK” button, and the AWS Storage Gateway’s disk should be successfully logged onto. This can be confirmed if you see the status of the target has changed to “connected” as shown below.

aws_sgw_disk_target_and_persistent

You will also notice that the disk is added to the “Persistent Targets” list. This will automatically log onto the medium changer again if the WANrockIT Node is rebooted.

Congratulations, you have successfully logged onto your AWS Storage Gateway. For help with setting up your WAN link click here, or for help with setting up your on-prem WANrockIT Node’s iSCSI target click here.

Next: AWS Virtual Tape Library

Bridgeworks have looked at the problem of data movement and come at it from an entirely new perspective. In mastering the rules of data movement over distance, Bridgeworks have now broken them to provide you with the ability to move significant volumes of business critical data in real time removing unacceptable time lags, that risk failure, delay or presents major costs to your business.