Syncplicity Support

Follow

Deploying Storage Connector in Azure or AWS

About Syncplicity StorageVaults

Please read About Syncplicity StorageVaults before reading this article. The information in this article pertains to installing the Storage Connector in a Cloud environment. If installing the Storage Connector within your on-premise environment, see the on-premise Prerequisites article. 

To configure Syncplicity StorageVault(s), you need at minimum two Storage Connector instances. Additional Storage Connectors can be deployed for Scalability and High Availability purposes.

Before installing Storage Connector, make sure your cloud environment meets the following prerequisites:

  • Cloud Storage Requirements
  • Virtual Machine Requirements
  • Operating System Requirements
  • Network Configuration

Cloud Storage Requirements

Storage Connector supports the following storage types for the Cloud deployment:

  • Amazon S3 storage
  • Microsoft Azure blob storage

Virtual Machine Requirements

The Storage Connector is supplied as an RPM installation package file and installed on a separate virtual machine (VM). Each VM, which will be exclusively used to run the Storage Connector application, must meet the following requirements:

  • 8GB of RAM
  • 8 virtual cores (equivalent of Intel Xeon E5 Family processors, 2.20 GHz )
  • A minimum of a 50GB local disk space

Operating System Requirements

Storage connector is supported on the CentOS 7.X 64bit (x64) operating system. For security reasons we recommend all latest security patches to be installed. In this deployment customers are responsible for provisioning the underlying virtual machine image which serves as the base for the Syncplicity software deployed as an rpm package. As a result, the underlying server OS does not receive system level patches. Therefore we encourage you to apply your own patching and hardening regimen following the standard operating procedures for your enterprise. 

Network configuration

The Storage Connector supports Cloud deployment with the following requirements:

  • In the VPC network, you must deploy an externally-addressable SSL-offloading load balancer in front of all virtual machines, configured with a Certificate Authority (CA) signed (NOT self-signed) SSL certificate.
  • The Storage Connector instances should be inside the private subnet.
  • Proper firewall rules (security groups) must be created to allow access to the Load balancer and to the Storage Connectors.

The following diagram shows a typical example.

 

 

The Storage Connector requires specific inbound and outbound ports to be open, as specified in the following tables.  

Inbound port requirements

In order for the Syncplicity clients to connect to the Storage Connector application from the Internet, the following inbound ports must be open. 

Connection

Port #

Protocol

From the Internet to the Load balancer.

443

HTTPS

From the Load Balancer to the Storage Connector virtual machines.

9000

HTTP

From trusted hosts used to manage the Storage Connector to the Storage Connector virtual machines.

22

TCP

  

Known Limitations:

Best practice for inbound traffic from all endpoints to the Storage Connectors is to terminate SSL traffic at a front-end load balancer. This serves to optimize the performance of the Storage Connector by transferring the workload of SSL termination to the load balancer. When using the Azure Application Gateway to perform Load Balancing, a limitation was identified where the Application Gateway is only able to process file downloads no larger than 30MB per file. Third-party Load Balancers are available in Azure and can be used as an alternative.  

 

Outbound Port Requirements

In general, traffic outbound to external hosts on port 443 should be allowed. If for some reason this is not so, at least the following should be allowed.

Connection

Port #

Protocol

From the Storage Connector virtual machines to xml.syncplicity.com, xml.eu.syncplicity.com, api.syncplicity.com, api.eu.syncplicity.com, health.syncplicity.com and health.eu.syncplicity.com

443

HTTPS

From the Syncplicity Storage Connector virtual machines to centos.org.

Note: Only required during the OS update procedure to allow for RPM dependency.

80

HTTP

 

Amazon S3 storage network requirements

To enable the Storage Connector application to connect to Amazon S3 storage, the following outbound ports must be open:

Connection

Port #

Protocol

From the Storage Connector virtual machines to Amazon API endpoints in the chosen AWS Region

443

HTTPS

 

Known Limitations:

Some AWS regions do not support Signature Version 2 regardless of the AWS service being used. The current version of Syncplicity Storage Connector cannot be deployed in these regions as it requires Signature Version 2. For a list of AWS regions that do not support Signature Version 2, refer to http://docs.aws.amazon.com/general/latest/gr/signature-version-2.html.

 

Microsoft Azure blob storage network requirements

To enable the Storage Connector application to connect to Microsoft Azure blob storage, the following outbound ports must be open:

Connection

Port #

Protocol

From the Storage Connector virtual machines to Microsoft Azure blob storage endpoints

443

HTTPS

 

Installing Storage Connector

The following steps should be done on each VM where you want to run the Storage Connector.

  1. Using an SSH client, log into each Storage Connector server. Make sure you are logged in as the root user.

  2. Navigate to the destination directory where you want the RPM file to be downloaded. Type:

    cd directory_path_name

  3. Download the RPM file by typing the following command:

    wget https://download.syncplicity.com/storage-connector/syncp-storage.noarch.rpm

  4. Execute the following command to install the software:

    yum install syncp-storage.noarch.rpm

NOTE:  

  • Port 80 must be open from each Storage Connector server to centos.org to allow for RPM dependency checks. Accept all dependencies.

Configuring Storage Connector

To complete the installation, you need to edit syncp-storage.conf and start the service as described in Configuring the Storage Connector.

Powered by Zendesk