Impossible Cloud offers High-performance S3 object storage with full API compatibility and enterprise durability. It is optimized for fast data backup and retrieval, and can be integrated with a number of applications, including cloud-based file services such as Nasuni.
Configuration
Note: Nasuni supports Impossible Cloud by using the Nasuni Amazon S3 connector.
Note: Existing buckets cannot be used. Nasuni creates the bucket after the initial snapshot. A volume is associated with a single bucket or container.
Note: Port 443 (HTTPS) must be open between the Nasuni Edge Appliance and the Internet.
Prerequisites
The following are prerequisites for configuring Nasuni with Impossible Cloud:
An Impossible Cloud Subscription.
Port 443 (HTTPS).
V4 Authentication.
Access/Secret credentials with auto-provisioning permissions.
Virtual-Hosted-Style URL.
Configuring an Impossible Cloud permission policy for Nasuni
Nasuni requires the following permissions for Impossible Cloud S3 Buckets and Objects:
PutObject
GetObject
DeleteObject
CreateBucket
ListBucket
GetBucketLocation
DeleteBucket
The following is an example of the Nasuni recommended minimum S3 permission policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "NasuniBucketAndObjectAccess",
"Effect": "Allow",
"Action": [
"s3:CreateBucket",
"s3:DeleteBucket",
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:GetObject",
"s3:PutObject",
"s3:DeleteObject"
],
"Resource": "arn:aws:s3:::nasuni*"
}
]
}To attach this policy to an IAM user in Impossible Cloud, follow these steps:
Create the policy by going to IAM → Policies → Add Policy.
Modify the policy document JSON to include at least the permissions listed above, then provide an appropriate policy name and description.
Click Create Policy.
Select Groups. Add a name to the group, then add the desired IAM user and the policy to the group by checking the box next to both.
Click Add Group.
Click Users. Ensure that the IAM user is a member of the group you created. You might need to refresh the page to see this populate.
Adding Credentials
To configure Nasuni for Impossible Cloud, follow these steps:
Ensure that port 443 (HTTPS) is open between the Nasuni Edge Appliance and the object storage solution.
Navigate to the NMC UI and click Account.
From the left-side menu, select Cloud Credentials.
Click Add New Credentials, then select Amazon S3 from the drop-down menu.
Enter the following information from the Impossible Cloud:
Name: A name for this set of credentials, which is used for display purposes, such as ImpossibleCloudCred.Access Key ID: The Access Key of the User with the appropriate permissions
Secret Access Key: The Secret access key to go with the above access key
Hostname: Find an Impossible Cloud regional endpoint here. It should be in the form of ‘https://<region>.storage.impossibleapi.net’. This regional endpoint determines which Impossible Cloud region while store Nasuni Volumes using this credential.
Verify SSL Certificates: Leave this box checked.
Filers (on NMC only): Edge Appliances that can use this credential to create volumes.
Click Save Credentials.
At this point, you can begin adding volumes to Nasuni Edge Appliances with Impossible Cloud.
Adding Volumes
To add volumes with Impossible Cloud, follow these steps:
Click Volumes, then click Add New Volume. The Add New Volume page appears.
Enter the following information for the new volume:
Name: Enter a human-readable name for the volume.Cloud Provider: Select Amazon S3.
Credentials: Select the Cloud Credentials that you defined in step 5 for this volume.
Region: Use the default setting: Other (S3 Compatible).
For the remaining options, select what is appropriate for this volume.
For details, see the “Create volume” section in the Nasuni Management Console (NMC) Guide.Click Save.
This creates a new volume with Impossible Cloud.