update new S3 backup/restore method #154
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
added 15 commits
January 5, 2016 14:05
|
Hey @carol-hsu, thanks. My apologies for the late reply. Please give us a couple of days, currently looking into this. |
|
Hi @rubiojr |
|
@carol-hsu the experimental S3 support was removed recently because it was broken and causing trouble. We haven't been able to work on replacing it with a better implementation but it's definitely something I'd like to have at some point. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hi guys,
I would like to add this feature about saving data on AWS S3, following items are newly added:
I think it is not secure enough to put credential on AWS or in the data transfer stream. So users have to put the credential in backup host and provide full path in backup.config
Backup data in tree structure of directory would not show directly in AWS web console. And we can have multiple snapshots in the same bucket.
To encrypt the GHE tarball on S3: the encrypted file can only be accessed through API(or AWS CLI) with accurate key.
Key is based on AES-256, users can generate it by command openssl:
copy the value of "iv" as a key file
To achieve SSE-C, I remove all s3cmd to aws s3/s3api. It will also be more convenient to run backup-utils on an AWS instance: no need to install "s3cmd".
I think this pull request could be an independent branch.
Any suggestion is welcome!
Thanks
Ref: AWS S3's server side encryption with customer key