Amazon Driver
Important
The S3 Driver is now deprecated. If you are still using it, move from the S3 driver to the Amazon driver with the same directives and parameters as they are most of them compatible. Both drivers come with the plugin Cloud S3 or the package bacula-enterprise-cloud-storage-s3.
Note
Starting with Bacula Enterprise 16.0.6, the BlobEndpoint directive needs to be set when Amazon driver is utilized with a non AWS cloud storage.
Default East USA Amazon Region (us-east-1):
Cloud {
Name = MyCloud
Driver = "Amazon"
HostName = "s3.amazonaws.com"
BucketName = "BaculaVolumes"
AccessKey = "BZIXAIS39DP9YNER5DFZ"
SecretKey = "beesheeg7iTe0Gaexee7aedie4aWohfuewohGaa0"
Protocol = HTTPS
UriStyle = VirtualHost
Truncate Cache = AfterUpload
Upload = EachPart
Region = "us-east-1"
MaximumUploadBandwidth = 5MB/s
}
Amazon Central Europe Region (eu-central-1):
Cloud {
Name = MyCloud
Driver = "Amazon"
HostName = "s3-eu-central-1.amazonaws.com"
BucketName = "BaculaVolumes"
AccessKey = "BZIXAIS39DP9YNER5DFZ"
SecretKey = "beesheeg7iTe0Gaexee7aedie4aWohfuewohGaa0"
Protocol = HTTPS
UriStyle = VirtualHost
Truncate Cache = AfterUpload
Upload = EachPart
Region = "eu-central-1"
MaximumUploadBandwidth = 4MB/s
}
For Amazon Simple Storage Service (Amazon S3) Regions, refer to http://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region to get a complete list of regions and corresponding endpoints and use them respectively as Region and HostName directives.
Amazon Cloud Storage Plugin Authentication Additions
Use of Amazon /opt/bacula/working/.aws/credentials to specify the SecretKey and the AccessKey:
Cloud {
Name = MyCloud
Driver = "Amazon"
HostName = "s3-eu-central-1.amazonaws.com"
BucketName = "BaculaVolumes"
AccessKey = "" # Should be set to empty string
SecretKey = "" # Should be set to empty string
Protocol = HTTPS
UriStyle = VirtualHost
Truncate Cache = AfterUpload
Upload = EachPart
Region = "eu-central-1"
MaximumUploadBandwidth = 4MB/s
}
Note that the credentials file needs to be placed within the home directory of the user
under which the Bacula Storage Daemon operates. By default, the user is bacula and
the home directory is /opt/bacula/working. If that is not the case, the credentials
file needs to be placed accordingly.
This configuration method is applicable when there is a need to specify the AWS access key ID
and secret key outside the Bacula configuration (e.g., the values need to be periodically
modified without the restart of the Storage Daemon) or AWS session tokens (temporary security
credentials) need to be utilized. In such instances, the actual values for the AWS
access key ID, secret key, and the current AWS session token can be set (and periodically
reset, using an external program) in the configuration file .aws/credentials, and
formatted as shown below.
[root@bacula-102 .aws]# cat /opt/bacula/working/.aws/credentials
[default]
aws_access_key_id = <snip>
aws_secret_access_key = <snip>
aws_session_token = <snip>
Additionally, the same configuration file can be utilized to specify other options related to the AWS CLI, if required.
S3 Object Storages using CEPH Interface
For CEPH interface, use UriStyle = Path and set the BlobEndpoint:
Cloud {
Name = CEPH_S3
Driver = "Amazon"
HostName = ceph.mydomain.lan
BucketName = "CEPHBucket"
AccessKey = "xxxXXXxxxx"
SecretKey = "xxheeg7iTe0Gaexee7aedie4aWohfuewohxx0"
Protocol = HTTPS
Upload = EachPart
UriStyle = Path # Must be set for CEPH
BlobEndpoint = "https://ceph.mydomain.lan"
}
Go back to: None.