The document summarizes recommendations, best practices and some
tips for deployment and administration of InSync server. Please feel
free to comment or contribute.
Hardware and OS Recommendation
|
Users
|
CPU
|
Memory
|
OS
|
Disk Space
|
|
< 100
|
1.6 GHz Dual Core
|
2 GB
|
Windows 2003
Ubuntu Linux 8+
|
OS/App – 30GB,
Data/DB – 250GB
|
|
101-250
|
1.6 GHz Dual Core
|
3 GB
|
Windows 2003
Ubuntu Linux 8+
|
OS/App – 30GB,
Data – 500 GB,
DB – 120GB
|
|
251-500
|
1.6 GHz Quad Core
|
4 GB
|
Windows 2003
Ubuntu Linux 8+
|
OS/App – 30GB,
PG WLogs – 20 GB
Data – 1 TB,
DB – 250 GB
|
|
501-1000
|
1.8 GHz Quad Core
|
8 GB
|
Windows 2003
Ubuntu Linux 8+
|
OS/App – 30GB,
Page File – 20 GB
PG WLogs – 20 GB
Data – 2 TB,
DB – 500 GB
|
Data – refers to the backup data space created under the “Data” configuration of the SIS storage
DB – Refers to the Postgres table space created under the “DB” configuration of the SIS storage
PG WLogs – Refer to the PostgreSQL Write Logs created by default under the PosgreSQL installation directory.
Exact disk space requirement for
"Data" and "DB" depends upon the amount of data, captured from each
user. Please refer to the general disk related guidelines below.
Please Note: If the backups are configured for BMR (Bare Metal Restore), it is highly recommended to use separate disks for data and db.
General Disk Related Recommendations
- InSync server supports DAS, SAN and NAS. Please choose disks with 300 MBps (SATA II) or better read/write throughput.
- NAS
is supported but not recommended because of possible latencies and
throughput restrictions imposed by the network, which may cause
performance issues.
- Creating Volume
- Windows - Create dynamic disk volumes with NTFS file-system
- Linux - Use LVM volumes with XFS or EXT3 file-system
- For
deployments with more than 250 users, please use an additional
dedicated volume for PostgreSQL write-ahead logs (described later).
- For exact disk space requirements to capture backup data, please refer to the ROI Calculator on the website.
- The size of database table space ("db" folder), varies between 20-25% of the backed up data i.e "Data" folder.
Installation and Postgres Setup
InSync server installation is quite straight forward and doesn’t
have much configurables. By default the PostgreSQL database is
installed on the primary boot device (C drive for windows). For better
performance (especially for larger deployments > 250 users), it is
advised to choose an additional dedicated volume for PostgreSQL write
ahead logs. This can be done by –
- Installing PostgreSQL from binaries provided by PostgreSQL
official website (www.postgresql.org) and choosing an alternate volume
for write ahead logs OR
- Changing the location of write ahead logs after standard installation, as described by the knowledge base article – Fine Tuning PostgreSQL Database
InSync Server Configuration
SMTP Settings
The SMTP/Email settings are used by the inSync server to deliver
important notifications, alerts and reports. Hence, Its very important
to setup it up correctly.
If you are serving a wider group, its recommended to choose an email
alias (e.g. insync@your-corp.com) as administrator's email address.
Provisioning Storage
It’s highly recommended to use "Fast SIS" store for backup needs.
This store uses advance data deduplication, compression and encryption
to make backup faster and safer. While creating a SIS (Single Instance
Store) it’s recommended to choose different disk volumes for "data" and
"db" folders. This helps the InSync server parallelize the writes and
improve backup throughput.
The InSync server stores the PostgreSQL tablespace under the “db”
folder which is usually between 10-15% of the “data” folder in size.
Profiling Users
An InSync user profile is one of the most critical parts of the
configuration. The following are some recommendations for setting up
the profile -
- Backup Schedule
- Synchronization Interval – This should be chosen as per your backup need. It is recommended to choose 2 hours as an interval
- User control – Unless the users are technically , its recommended to disallow them to change the schedule or pause the backups
- Backup
Interval – It is highly recommended to choose different backup interval
for different user profiles. It distributes the server load and helps
in resource management.
For example,
if you may like to allow the local users to synchronize first in the
morning and then let the remote users synchronize later in the
afternoon. Data deduplication ensures that remote users have lesser
data to synchronize, as most of it would have already been synchronized
by the local users. This helps you distribute the server load and save
on backup time and bandwidth.
- Resources
- CPU
Priority - If set between 50-90% prioritizes inSync client backup lower
compared to other active applications. If the CPU priority is set below
50%, the backup is slowed down to reduce CPU and disk pressure. It is
recommended to set priority at 40% for incremental backups.
- Bandwidth
– It is highly recommended to limit the bandwidth usage for each
profile. Administrator can set percentage or absolute value based limit
on each incoming connection. Please check the ROI calculator for
estimated incremental backup times for different bandwidth settings – www.druva.com/insync/roi-calculator
- Retention
Policy –The retention policy may vary as per the organization data
protection needs, but “30 days” is most commonly used as the retention
policy for laptop users.
Higher retention policy demands more storage. Please refer to the ROI calculator to compute the exact storage requirements as per your retention policy.
- Folders
- Quick
Configuration – The “Quick Configuration” options allows you to choose
the most commonly backed up folders with a single click. When you
choose “Email”, “Desktop” or “My Documents”, inSync client agent
automatically searches the location of stored emails or folders and
backs them up.
- File Exclusion List – It’s highly recommended to exclude non desired file-types e.g. images, videos, etc. from the backup.
- Bare
Metal Restore (BMR) – This is a new feature introduces in v3.0 and it
is recommended to used only when the users are connected using a LAN
network. The BMR features faces some performance challenges for the
first backup and are being worked upon for the v3.1 release.
- Notifications
– The administrator can choose to be notified for backup errors and
missed scheduled. It is highly recommended to choose the “notify if
user doesn’t backup for X days“ option as per your organizational
needs. The most commonly used value for this option is “3 days”.
Backing Up Users Securely Over WAN/VPN
The following features makes inSync super secure and ready for deployment for your WAN and VPN users –
- Client triggered backup architecture
- 256-bit SSL network encryption
- 256-bit AES storage encryption
The client trigger architecture ensures that backup and restore
requests are always initiated by the InSync clients. The InSync server
(just like the email and HTTP servers) never ever initiates an outbound
request. This facilitates its secure deployment in your DMZ with just
one-way inward (ALL to 6061) port forwarding in your firewall.
For a better understanding on WAN/VPN based backups, please read the knowledge base article here –
Backup Remote users over WAN/VPN
A good read for network troubleshooting specially over WAN link using Microsoft PortQuery tool is listed here - Troubleshooting Network Configuration for Druva inSync v2
Mass Deployment of InSync clients
The inSync deployment has two parts –
- Deploying the inSync client agent
- Loading the inSync “authentication key” to import all the settings
For larger deployments, the inSync client (agent) installation can
be automated using Microsoft Active Directory Group Policy or any other
3
rd party automation products like LANDesk. The Knowledge Base article –
How to Silently Deploy inSync Clients describes the Active Directory GPO interface for automation.
The “authentication key” is automatically emailed to the users
once they are imported to inSync server management console. If the
administrator can further automate the process by scripting the key
loading process using the steps described in the Knowledge Base article
–
Using Command Line to Load Authentication Keys .
Alerts and Reports
Complete listing of alert types, notifications and reports is
described in details in the document – “Druva inSync – Reports”
available as download from the website (
here) or the Knowledge Base. It’s advised to take a detailed look into it.
Following is the recommendation for setting up periodic alerts and reports –
- User missed backed alert – 3 days
- Active alerts report – every day
- History of alerts – once every 7 days
- Failed backup report – every day
- Last backup report – once every 7 days
- Storage report – once every 7 days
- Complete report – once every month
Maintenance of PostgreSQL
Although most of the maintenance tasks for PostgreSQL database are
automated by the inSync server. It is still advised, to run the
maintenance tasks once every month as described the knowledge base
article –
PostgreSQL database maintenance.
Server Archival
It is best advised to archive the inSync server installation
(configuration and data) on a separate disk or tape media. Disk
archival is recommended because of data consistency and restore
guarantees.
It is advised to create an archival of the InSync server at least
once every week. The detailed process of archival and restoration is
described in knowledge base articles below –
- Microsoft Windows - Archival and Restore of InSync Server Using Microsoft NTBackup
- Linux - Archival and Restore of inSync v2 Server on Linux
Suggested Reading
We suggest you to use knowledge base extensively and go through the following documents published on the website (
here) -
- Druva inSync - Overview and Advantage
- Druva inSync - Security Overview
- Druva inSync - Reporting Options
