Veritas NetBackup™ CloudPoint Install and Upgrade Guide

Last Published:
Product(s): NetBackup (8.3.0.1, 8.3)
Platform: Linux,UNIX,Windows
  1. Section I. CloudPoint installation and configuration
    1. Preparing for CloudPoint installation
      1.  
        About the deployment approach
      2.  
        Deciding where to run CloudPoint
      3.  
        About deploying CloudPoint in the cloud
      4.  
        Meeting system requirements
      5.  
        CloudPoint host sizing recommendations
      6.  
        Creating an instance or preparing the physical host to install CloudPoint
      7.  
        Installing Docker
      8.  
        Creating and mounting a volume to store CloudPoint data
      9.  
        Verifying that specific ports are open on the instance or physical host
    2. Deploying CloudPoint using the Docker image
      1.  
        Installing CloudPoint
      2.  
        Verifying that CloudPoint installed successfully
      3.  
        Configuring AWS KMS in CloudPoint
    3. CloudPoint cloud plug-ins
      1. AWS plug-in configuration notes
        1.  
          Prerequisites for configuring the AWS plug-in
        2.  
          Configuring AWS permissions for CloudPoint
        3.  
          AWS permissions required by CloudPoint
        4.  
          Before you create a cross account configuration
      2. Google Cloud Platform plug-in configuration notes
        1.  
          Google Cloud Platform permissions required by CloudPoint
        2.  
          Configuring a GCP service account for CloudPoint
        3.  
          Preparing the GCP service account for plug-in configuration
      3. Microsoft Azure plug-in configuration notes
        1.  
          Configuring permissions on Microsoft Azure
      4.  
        How to configure the CloudPoint cloud plug-ins?
    4. CloudPoint storage array plug-ins
      1. NetApp plug-in configuration notes
        1.  
          NetApp plug-in configuration parameters
        2.  
          Configuring a dedicated LIF for NetBackup access
        3.  
          Supported CloudPoint operations on NetApp storage
      2. Nutanix Files plug-in configuration notes
        1.  
          Nutanix Files plug-in configuration prerequisites
        2.  
          Nutanix Files plug-in considerations and limitations
        3.  
          Supported CloudPoint operations on Nutanix Files File Server
        4. Troubleshooting NetBackup issues for Nutanix Files
          1.  
            Backup jobs for Nutanix Files fail due to snapshot import and export operations failures
          2.  
            Plug-in configuration may fail if the Nutanix Files version is unsupported
      3. Dell EMC Unity array plug-in configuration parameters
        1.  
          Supported Dell EMC Unity arrays
        2.  
          Supported CloudPoint operations on Dell EMC Unity arrays
      4. Pure Storage FlashArray plug-in configuration notes
        1.  
          Supported Pure Storage FlashArray models
        2.  
          Supported CloudPoint operations on Pure Storage FlashArray models
      5. HPE RMC plug-in configuration notes
        1.  
          RMC plug-in configuration parameters
        2.  
          Supported HPE storage systems
        3.  
          Supported CloudPoint operations on HPE storage arrays
      6. Hitachi plug-in configuration notes
        1.  
          Hitachi plug-in configuration parameters
        2.  
          Supported Hitachi storage arrays
        3.  
          Supported CloudPoint operations on Hitachi arrays
      7. InfiniBox plug-in configuration notes
        1.  
          InifiniBox plug-in configuration parameters
        2.  
          Supported CloudPoint operations on InfiniBox arrays
      8.  
        How to configure the CloudPoint storage array plug-ins?
    5. CloudPoint application agents and plug-ins
      1.  
        Microsoft SQL plug-in configuration notes
      2. Oracle plug-in configuration notes
        1.  
          Optimizing your Oracle database data and metadata files
      3.  
        MongoDB plug-in configuration notes
      4.  
        About the installation and configuration process
      5.  
        Preparing to install the Linux-based agent
      6.  
        Preparing to install the Windows-based agent
      7.  
        Downloading and installing the CloudPoint agent
      8.  
        Registering the Linux-based agent
      9.  
        Registering the Windows-based agent
      10.  
        Configuring the CloudPoint application plug-in
      11.  
        Configuring VSS to store shadow copies on the originating drive
      12.  
        Creating a NetBackup protection plan for cloud assets
      13.  
        Subscribing cloud assets to a NetBackup protection plan
      14. About snapshot restore
        1.  
          Process for restoring SQL AG databases
      15.  
        Restore requirements and limitations for Microsoft SQL Server
      16.  
        Restore requirements and limitations for Oracle
      17.  
        Restore requirements and limitations for MongoDB
      18.  
        Steps required before restoring SQL AG databases
      19.  
        Recovering a SQL database to the same location
      20.  
        Recovering a SQL database to an alternate location
      21. Additional steps required after a SQL Server snapshot restore
        1.  
          Steps required after a SQL Server disk-level snapshot restore to new location
      22.  
        Additional steps required after restoring SQL AG databases
      23.  
        SQL snapshot or restore and granular restore operations fail if the Windows instance loses connectivity with the CloudPoint host
      24.  
        Disk-level snapshot restore fails if the original disk is detached from the instance
      25.  
        Additional steps required after a MongoDB snapshot restore
      26.  
        Additional steps required after an Oracle snapshot restore
      27.  
        Additional steps required after restoring an AWS RDS database instance
    6. Protecting assets with CloudPoint's agentless feature
      1.  
        About the agentless feature
      2.  
        Prerequisites for the agentless configuration
      3.  
        Granting password-less sudo access to host user account
      4.  
        Configuring the agentless feature
  2. Section II. CloudPoint maintenance
    1. CloudPoint logging
      1.  
        About CloudPoint logging mechanism
      2. How Fluentd-based CloudPoint logging works
        1.  
          About the CloudPoint fluentd configuration file
        2.  
          Modifying the fluentd configuration file
      3.  
        CloudPoint logs
    2. Troubleshooting CloudPoint
      1.  
        Restarting CloudPoint
      2.  
        Troubleshooting CloudPoint logging
      3.  
        CloudPoint agent fails to connect to the CloudPoint server if the agent host is restarted abruptly
      4.  
        CloudPoint agent registration on Windows hosts may time out or fail
      5.  
        Disaster recovery when DR package is lost or passphrase is lost
    3. Upgrading CloudPoint
      1.  
        About CloudPoint upgrades
      2.  
        Supported upgrade path
      3.  
        Upgrade scenarios
      4.  
        Preparing to upgrade CloudPoint
      5.  
        Upgrading CloudPoint
    4. Uninstalling CloudPoint
      1.  
        Preparing to uninstall CloudPoint
      2.  
        Backing up CloudPoint
      3.  
        Unconfiguring CloudPoint plug-ins
      4.  
        Unconfiguring CloudPoint agents
      5.  
        Removing the CloudPoint agents
      6.  
        Removing CloudPoint from a standalone Docker host environment
      7.  
        Restoring CloudPoint

Before you create a cross account configuration

For CloudPoint cross account configuration, you need to perform the following additional tasks before you can create the configuration:

  • Create a new IAM role in the other AWS account (target account)

  • Create a new policy for the IAM role and ensure that it has required permissions to access the assets in that target AWS account

  • Establish a trust relationship between the source and the target AWS accounts

  • In the source AWS account, create a policy that allows the IAM role in the source AWS account to assume the IAM role in the target AWS account

  • In the target AWS account, set the maximum CLI/API session duration to 1 hour, at a minimum

Perform the following steps:

  1. Using the AWS Management Console, create an IAM role in the additional AWS account (the target account) whose assets you want to protect using CloudPoint.

    While creating the IAM role, select the role type as Another AWS account.

  2. Define a policy for the IAM role that you created in the earlier step.

    Ensure that the policy has the required permissions that allow the IAM role to access all the assets (EC2, RDS, and so on) in the target AWS account.

  3. Set up a trust relationship between the source and target AWS accounts.

    In the target AWS account, edit the trust relationship and specify source account number and source account role.

    This action allows only the CloudPoint instance hosted in source AWS account to assume the target role using the credentials associated with source account's IAM role. No other entities can assume this role.

  4. Grant the source AWS account access to the target role.

    In the source AWS account, from the account Summary page, create an inline policy and allow the source AWS account to assume the target role ("sts:AssumeRole").

  5. From the target account's Summary page, edit the Maximum CLI/API session duration field and set the duration to 1 hour, at a minimum.

    This setting determines the amount of time for which the temporary security credentials that the source account IAM role gets when it assumes target account IAM role remain valid.