NetBackup™ Web UI Nutanix AHV Administrator's Guide

Last Published:
Product(s): NetBackup (10.3.0.1, 10.3)
  1. Overview
    1.  
      Overview of configuring and protecting AHV assets in the NetBackup web UI
  2. Managing AHV clusters
    1.  
      Quick configuration checklist to protect AHV virtual machines
    2.  
      Configure secure communication between the AHV cluster and NetBackup host and Nutanix Prism Central and NetBackup host
    3.  
      Enable the iSCSI initiator service on windows backup host
    4.  
      Install the iSCSI initiator package on Linux backup host
    5.  
      Migrate Java GUI/CLI added clusters into WebUI
    6.  
      Prerequisites to configure Nutanix AHV cluster
    7.  
      About support for Nutanix segmented iSCSI network
    8.  
      Configure CHAP settings for iSCSI secure communication with AHV clusters
    9.  
      About the ports that NetBackup uses to communicate with AHV
    10.  
      Add or browse an AHV cluster
    11.  
      Remove AHV Clusters
    12.  
      Add a new Nutanix Prism Central
    13.  
      Add new Prism Central server credentials
    14.  
      Remove Nutanix Prism Central
    15.  
      Create an intelligent VM group
    16.  
      Assign permissions to the intelligent VM group
    17.  
      Update the intelligent VM group
    18.  
      Remove the intelligent VM group
    19.  
      Set CHAP for iSCSI
    20.  
      Add an AHV access host
    21.  
      Remove an AHV access host
    22.  
      Change resource limits for AHV resource types
    23.  
      Change the autodiscovery frequency of AHV assets
  3. Managing credentials
    1. Managing AHV cluster credentials
      1.  
        Add new cluster credentials
      2.  
        Update and validate AHV cluster credentials
    2. Managing Nutanix Prism Central credentials
      1.  
        Add new Nutanix Prism Central credentials
      2.  
        Update and validate Nutanix Prism Central credentials
    3.  
      View the credential name that is applied to an asset
    4.  
      Edit or delete a named credential
  4. Protecting AHV virtual machines
    1.  
      Things to know before you protect AHV virtual machines
    2.  
      Protect AHV VMs or intelligent VM groups
    3.  
      Protect AHV VMs within VPC
    4.  
      Customize protection settings for an AHV asset
    5.  
      Schedules and retention
    6.  
      Backup options
    7.  
      Prerequisite to Enable virtual machine quiescing
    8.  
      Remove protection from VMs or intelligent VM groups
    9.  
      View the protection status of VMs or intelligent VM groups
  5. Recovering AHV virtual machines
    1.  
      Things to consider before you recover the AHV virtual machines
    2.  
      About the pre-recovery check
    3.  
      Recover an AHV virtual machine
    4.  
      Recover an AHV VM within VPC
    5.  
      About Nutanix AHV agentless files and folders restore
    6.  
      Prerequisites for agentless files and folder recovery
    7.  
      SSH key fingerprint
    8.  
      Recover files and folders with Nutanix AHV agentless restore
    9.  
      Recovery target options
    10.  
      Pre-recovery checks for Nutanix AHV
    11.  
      About Nutanix-AHV agent-based files and folders restore
    12.  
      Prerequisites for agent-based files and folder recovery
    13.  
      Recover files and folders with Nutanix AHV agent based restore
    14.  
      Limitations
  6. Troubleshooting AHV operations
    1.  
      Troubleshooting tips for NetBackup for AHV
    2.  
      Error during AHV credential addition
    3.  
      Error during the AHV virtual machines discovery phase
    4.  
      Errors for the Status for a newly discovered VM
    5.  
      Error run into while backing up AHV virtual machines
    6.  
      Error while restoring AHV virtual machines
  7. API and command line options for AHV
    1.  
      Using APIs and command line options to manage, protect, or recover AHV virtual machines
    2.  
      Additional NetBackup options for AHV configuration
    3.  
      Additional information about the rename file

Configure secure communication between the AHV cluster and NetBackup host and Nutanix Prism Central and NetBackup host

NetBackup can now validate AHV cluster and Prism Central server certificates using their root or intermediate certificate authority (CA) certificates.

Only PEM certificate format is supported for virtualization servers.

The following procedure is applicable for the NetBackup media servers acting as backup hosts and all AHV access hosts.

To configure secure communication between AHV cluster and AHV access host and AHV Prism Central Server and AHV access host:

  1. Use the openssl s_client -connect Nutanix Cluster FQDN:9440 -showcerts < /dev/null command from a Linux system to obtain the Nutanix certificates.

    For Nutanix Prism Central use the openssl s_client -connect Nutanix Prism Central FQDN:9440 -showcerts < /dev/null

  2. Scroll to the end of the results and copy the last certificate which starts from:
    -----BEGIN CERTIFICATE----- 
<Certificate> 
-----END CERTIFICATE-----

    Note:

    Ensure to copy the five dashes before and after the BEGIN and END CERTIFICATE.

  3. Paste the information to a text file and then rename it as certificate file name.pem and copy it to a path to your backup host. Recommended path is:

    • For Linux: /usr/openv/netbackup.

    • For Windows: Install drive\Program Files\Veritas\Netbackup.

    • For Linux: Enter the PEM file path ECA_TRUST_STORE_PATH=/usr/openv/netbackup/certificate file name.pem in the bp.conf on the backup host.

    • For Windows: Run the command Install drive\Program Files\Veritas\Netbackup\bin\nbsetconfig.

  5. Use the nbsetconfig command to configure the following NetBackup configuration options on the access host:

    For more information on the configuration options, refer to the NetBackup Administrator's Guide, Volume I.

    For more information on external CA support, refer to the NetBackup Security and Encryption Guide.

Table:

ECA_TRUST_STORE_PATH

Specifies the file path to the certificate file that contains all trusted root CA certificates.

This option is specific to file-based certificates. You should not configure this option if Windows certificate store is used.

If you have already configured this external CA option, append the Nutanix AHV CA certificates to the existing external certificate trust store.

If you have not configured the option, add all the required Nutanix AHV server CA certificates to the trust store and set the option.

ECA_CRL_PATH

Specifies the path to the directory where the certificate revocation lists (CRL) of the external CA are located.

If you have already configured this external CA option, append the AHV CRLs to the CRL cache.

If you have not configured the option, first add all the required CRLs to the CRL cache. Then set the option.

VIRTUALIZATION_HOSTS_SECURE_CONNECT_ENABLED

This option affects AHV, RHV, and VMware secure communication. Without this option, the secure or insurce communication with workload is decided by each workload and plug-in separately.

For Nutanix AHV, secure communication is enabled by default.

This option lets you skip the security certificate validation.

Disabling this option lets you skip the security certificate validation.

Veritas recommends that you enable secure communication using the ECA_TRUST_STORE_PATH option.

VIRTUALIZATION_CRL_CHECK

Lets you validate the revocation status of the virtualization server certificate against the CRLs.

By default, the option is enabled.