storageredhatcephveeamradosgw

Unable to Use Backup Immutability in Veeam with S3 Bucket: Default Retention Not Supported


I’m encountering an issue with configuring backup immutability in Veeam when adding an S3 bucket as a repository. Here’s a summary of the problem:

Issue: After enabling retention lock in compliance mode for an S3 bucket, I am still able to delete files from the bucket. Additionally, I’m seeing an error message related to default retention settings not being supported.

Steps Taken:

Added an S3 bucket as a repository in Veeam. Enabled retention lock in compliance mode for the bucket. Attempted to use backup immutability. Error Message:

“Unable to use backup immutability: The default retention is not supported.” Observations:

Despite enabling retention lock, I am able to delete files from the bucket. The default retention setting appears to be causing issues. Configuration Details:

Backup Software: Veeam S3 Storage: ceph Retention Mode: Compliance mode Error Message: The default retention is not supported Questions:

Has anyone faced a similar issue with Veeam and S3 bucket immutability? What steps can I take to ensure that the retention lock is properly enforced and that files cannot be deleted? Are there any specific configuration settings or requirements for S3 buckets to support backup immutability in Veeam? I appreciate any help or insights you can provide!

Thanks in advance!

Added an S3 bucket as a repository in Veeam. Enabled retention lock in compliance mode for the bucket. Attempted to use backup immutability. Error Message:

“Unable to use backup immutability: The default retention is not supported.” Observations:

Despite enabling retention lock, I am able to delete files from the bucket. The default retention setting appears to be causing issues. Configuration Details:

Backup Software: Veeam S3 Storage: ceph Retention Mode: Compliance mode Error Message: The default retention is not supported


Solution

  • You will have to create the S3 buckets via CLI. Then recreate in Veeam. The below commands set the bucket with object lock but without retention as you will see its greyed out in your GUI. Then create the Veeam repo.

    aws s3api create-bucket --bucket bucketname --object-lock-enabled-for-bucket --endpoint-url=https://radosgw

    aws s3api get-object-lock-configuration --bucket bucketname --endpoint-url=https://radosgw