Veritas NetBackup™ Flex Scale Administrator's Guide

Last Published:
Product(s): Appliances (1.3)
Platform: NetBackup Flex Scale OS
  1. Product overview
    1.  
      About Veritas NetBackup™ Flex Scale
  2. Viewing information about the NetBackup Flex Scale cluster environment
    1.  
      About the NetBackup Flex Scale management console
    2.  
      About the Dashboard view
    3.  
      Accessing the NetBackup web user interface on the appliance
    4.  
      Working with NetBackup Flex Scale APIs
  3. NetBackup Flex Scale infrastructure management
    1. User management
      1.  
        Considerations for managing NetBackup Flex Scale users
      2.  
        Adding users
      3.  
        Removing users
    2.  
      Directory services and certificate management
    3.  
      Region settings management
    4.  
      About NetBackup Flex Scale storage
    5. Node and disk management
      1.  
        NetBackup Flex Scale network cabling
      2. Adding a node to the cluster using the NetBackup Flex Scale web interface
        1.  
          Considerations for adding a node when disaster recovery is configured
      3.  
        Adding a node using the REST APIs
      4.  
        Replacing a node in a cluster
      5.  
        Starting and stopping nodes
      6.  
        Replacing a disk
      7.  
        Viewing disk details
      8.  
        Viewing node details
    6. License management
      1.  
        Adding or removing storage licenses
      2.  
        Adding NetBackup licenses
  4. NetBackup Flex Scale network management
    1.  
      About network management
    2.  
      Modifying DNS settings
    3.  
      About bonding Ethernet interfaces
    4. Bonding operations
      1.  
        Creating a bond
      2.  
        Modifying a bond
      3.  
        Removing a bond
    5. Data network configurations
      1. Network configuration on plain device (eth5)
        1.  
          Adding a data network
        2.  
          Modifying a data network
        3.  
          Deleting a data network
      2.  
        Network configuration on VLAN (eth5)
      3. Network configuration on bonded interfaces (bond0 on eth5 and eth7)
        1.  
          Adding a data network
      4.  
        VLAN on bond of eth5 and eth7 (bond0)
      5.  
        Support for multiple VLAN when disaster recovery is configured
  5. NetBackup Flex Scale infrastructure monitoring
    1. About alert management
      1.  
        Viewing information about alerts
      2.  
        Managing alerts
    2. About event notification
      1.  
        Purging events
    3. About AutoSupport and Call Home
      1.  
        Setting up email alerts
      2.  
        Setting up SNMP alerts
      3.  
        Configuring Call Home settings
    4.  
      Monitoring hardware components
  6. Resiliency in NetBackup Flex Scale
    1.  
      Erasure coding in NetBackup Flex Scale
    2.  
      High availability of the NetBackup master service
    3.  
      NetBackup catalog protection
    4.  
      NetBackup master service catalog protection using checkpoints
  7. Site-based disaster recovery in NetBackup Flex Scale
    1.  
      About site-based disaster recovery in NetBackup Flex Scale
    2.  
      Establishing trust and setting up authentication
    3.  
      Configuring disaster recovery
    4.  
      Managing disaster recovery
    5.  
      Clearing the host cache
    6.  
      NetBackup optimized duplication using Storage Lifecycle Policies
  8. NetBackup Flex Scale security
    1.  
      STIG overview for NetBackup Flex Scale
    2.  
      STIG-compliant password policy rules
    3.  
      Enabling STIG for NetBackup Flex Scale
    4.  
      Viewing the NetBackup Flex Scale STIG status
    5.  
      FIPS overview for NetBackup Flex Scale
    6.  
      Viewing the NetBackup Flex Scale FIPS status
  9. Troubleshooting
    1.  
      Services management
    2. Collecting logs for cluster nodes
      1.  
        Uploading logs to Veritas Support
      2.  
        Downloading logs
    3. Troubleshooting NetBackup Flex Scale issues
      1.  
        If cluster configuration fails (for example because an IP address that was already in use is specified) and you try to reconfigure the cluster, the UI displays an error but the configuration process continues to run
    4.  
      Validation error while adding VMware credentials to NetBackup
    5.  
      NetBackup Web UI incorrectly displays some NetBackup Flex Scale processes as failed
  10. Appendix A. Configuring NetBackup optimized duplication
    1. Configuring a Storage Lifecycle Policy for optimized duplication
      1.  
        Creating a Storage Lifecycle Policy for optimized duplication
      2.  
        Configuring a policy to use an SLP
      3.  
        Updating the policy to reverse the replication direction
  11. Appendix B. Disaster recovery terminologies
    1.  
      VVR technology in disaster recovery
    2.  
      About response fields in the GET disaster recovery API

Establishing trust and setting up authentication

In NetBackup Flex Scale Appliance, the Appliance web server creates a self-signed CA certificate and an Appliance web server certificate (signed by that CA) for every cluster. As the CA certificates are different, you have to ensure that both the clusters trust the CA of the other. This is done by adding one cluster's gateway CA certificate to the trusted certificate store of the other. Each cluster should be able to trust the secondary cluster and perform the required operations to configure and manage disaster recovery. Appliance web server certificates are exchanged between both the clusters to enable authentication.

You can use the following REST APIs to setup trust and authentication. The secondary cluster can be added as a disaster recovery cluster to the primary cluster anytime after the primary cluster is up and running. The secondary cluster has to be a freshly installed and configured NetBackup Flex Scale cluster.

The REST API calls must be made in the following order on the API gateway of the clusters. The API calls do not use SSH between the clusters.

You can get the list of available certificates on the cluster using the API:

GET /api/appliance/v1.0/certificates

This API returns the URI of certificateName as Appliance web services certificate, Appliance web services CA certificate and the root certificate. The certificateName should be passed as input to the GET specific certificate API. The certificate is in base64 encoded format.

To set up trust between both the clusters

  1. Get the appliance web services certificate on the primary cluster by providing the certificate name (appliance-webservice) as input in the GET specific certificate API. 
    GET /api/appliance/v1.0/certificates/{certificateName}
  2. Get the appliance web services CA certificate on the primary cluster by providing the certificate name (appliance-webservice-ca) as input in the GET specific certificate API. .
    GET /api/appliance/v1.0/certificates/{certificateName}
  3. Establish trust by passing the certificates obtained from the primary cluster to the secondary cluster. Execute the following API on the secondary cluster:
    POST /api/appliance/v1.0/certificates

    The API imports the certificates of one cluster and exports the certificates on the other cluster to establish trust and enable certificate authentication.

    Set type as appliance-webservice and purpose as remote-cluster-trust-auth. Use the API gateway FQDN of the remote cluster for gateway.

  4. Get the appliance web services certificate on the secondary cluster by providing the certificate name (appliance-webservice) as input in the GET specific certificate API.
    GET /api/appliance/v1.0/certificates//{certificateName}
  5. Get the appliance web services CA certificate on the secondary cluster.
    GET /api/appliance/v1.0/certificates/appliance-webservice-ca
  6. Establish trust by passing the certificates obtained from the secondary cluster to the primary cluster. Execute the following API on the primary cluster:
    POST /api/appliance/v1.0/certificates

    The API imports the certificates of one cluster and exports the certificates on the other cluster to establish trust and enable certificate authentication.

    Set type as appliance-webservice and purpose as remote-cluster-trust-auth. Use the API gateway FQDN of the remote cluster for gateway.

For more information, see the Veritas NetBackup Flex Scale APIs on SORT.