Veritas NetBackup™ Flex Scale Administrator's Guide

Last Published:
Product(s): Appliances (3.1)
Platform: NetBackup Flex Scale OS
  1. Product overview
    1.  
      About Veritas NetBackup™ Flex Scale
  2. Viewing information about the NetBackup Flex Scale cluster environment
    1.  
      Accessing NetBackup Flex Scale and NetBackup
    2.  
      Accessing the NetBackup web user interface on the appliance
    3.  
      About the NetBackup Flex Scale web UI
    4.  
      About the NetBackup Flex Scale infrastructure management UI
    5. About the Dashboard view
      1.  
        Viewing all the activities
    6.  
      Working with NetBackup Flex Scale APIs
  3. NetBackup Flex Scale infrastructure management
    1. User management
      1.  
        Considerations for managing NetBackup Flex Scale users
      2.  
        Adding users
      3.  
        Changing user password
      4.  
        Removing users
      5.  
        Modifying user roles
      6.  
        Considerations for configuring AD/LDAP
      7.  
        Configuring AD server for Universal shares and Instant Access
      8.  
        Configuring AD/LDAP servers for NetBackup services
      9.  
        Configuring additional AD/LDAP servers for managing NetBackup services/Universal Shares/Instant Access
      10.  
        Configuring AD/LDAP servers on clusters deployed with only media servers
      11.  
        Directory services and certificate management
    2.  
      Region settings management
    3.  
      About NetBackup Flex Scale storage
    4. About Universal Shares
      1.  
        Creating a Protection Point for a Universal Share
    5.  
      Cloud bucket support for NetBackup Flex Scale
    6. Node and disk management
      1.  
        NetBackup Flex Scale network cabling
      2. Adding a node to the cluster using the NetBackup Flex Scale web interface
        1.  
          Considerations for adding a node when disaster recovery is configured
      3.  
        Adding a node using the REST APIs
      4.  
        Replacing a node in a cluster
      5.  
        Starting and stopping nodes
      6.  
        Rebooting a node
      7.  
        Adding an excluded node to the cluster
      8.  
        Replacing a disk
      9.  
        Adding an excluded disk to the cluster
      10.  
        Viewing the disk sync status
      11.  
        Viewing disk details
      12.  
        Viewing node details
      13.  
        Switching management console to another cluster node
    7. License management
      1.  
        Adding or removing storage licenses
      2.  
        Adding NetBackup licenses
    8.  
      Stopping NetBackup service containers
    9.  
      Starting NetBackup service containers
    10. Managing hardware vendor packages
      1.  
        Upgrading vendor packages
      2.  
        Uninstalling vendor packages
  4. NetBackup Flex Scale network management
    1.  
      About network management
    2.  
      Modifying DNS settings
    3.  
      About bonding Ethernet interfaces
    4. Bonding operations
      1. Bonding operations on data network
        1.  
          Creating a bond
        2.  
          Modifying a bond
        3.  
          Removing a bond
    5.  
      Configuring NetBackup Flex Scale in a non-DNS environment
    6. Data network configurations
      1.  
        Choosing the correct input method for data network configuration
      2. Network configuration on plain device (eth5)
        1.  
          Adding a data network
        2.  
          Modifying a data network
        3.  
          Deleting a data network
      3.  
        Network configuration on VLAN (eth5)
      4. Network configuration on bonded interfaces (bond0 on eth5 and eth7)
        1.  
          Adding a data network
      5.  
        VLAN on bond of eth5 and eth7 (bond0)
      6.  
        Network configuration on management interface (eth1)
      7.  
        Network configurations for adding a partial data network
      8.  
        Support for multiple VLAN when disaster recovery is configured
    7.  
      Configuring static routes on a NetBackup Flex Scale cluster
  5. NetBackup Flex Scale infrastructure monitoring
    1. About alert management
      1.  
        Viewing information about alerts
      2.  
        Managing alerts
    2. About event notification
      1.  
        Purging events
    3. About AutoSupport and Call Home
      1.  
        Setting up email alerts
      2.  
        Setting up SNMP alerts
      3.  
        Configuring Call Home settings
    4. Monitoring hardware components
      1.  
        Monitoring deviations in firmware, driver, and utilities
    5.  
      Performing health check for the cluster
    6.  
      Locating the disks
    7.  
      Monitoring usage and licensed capacity using Veritas NetInsights Console
  6. Resiliency in NetBackup Flex Scale
    1.  
      Erasure coding in NetBackup Flex Scale
    2.  
      Handling split-brain scenario in NetBackup Flex Scale
    3.  
      High availability of the NetBackup primary service
    4.  
      High availability of NetBackup services
    5.  
      NetBackup catalog protection
    6. NetBackup primary service catalog protection using checkpoints
      1.  
        Performing a recovery of the catalog file system using GUI
      2.  
        Performing a recovery of the catalog file system using REST APIs
  7. EMS server configuration
    1.  
      Configuring an external BYOS media server
    2.  
      Configuring an external NBA media server
  8. Site-based disaster recovery in NetBackup Flex Scale
    1.  
      About site-based disaster recovery in NetBackup Flex Scale
    2.  
      Configuring disaster recovery using GUI
    3.  
      Clearing the host cache
    4.  
      Automated NetBackup SLP management
    5.  
      DNS key management
    6.  
      Managing disaster recovery using GUI
    7. Performing disaster recovery using RESTful APIs
      1.  
        Establishing trust and setting up authentication
      2.  
        Configuring disaster recovery
      3.  
        Managing disaster recovery
    8.  
      Active-Active disaster recovery configuration
    9.  
      NetBackup optimized duplication using Storage Lifecycle Policies
  9. NetBackup Flex Scale security
    1. STIG overview for NetBackup Flex Scale
      1.  
        STIG-compliant password policy rules
      2.  
        Enabling STIG for NetBackup Flex Scale
      3.  
        Viewing the NetBackup Flex Scale STIG status
    2. FIPS overview for NetBackup Flex Scale
      1.  
        Viewing the NetBackup Flex Scale FIPS status
    3.  
      Managing the login banner
    4.  
      Changing the password policy
    5. Support for immutability in NetBackup Flex Scale
      1.  
        About lockdown modes
      2.  
        Selecting or changing the lockdown mode
      3.  
        Restricted access to Remote Management Platform (HPe iLO)
      4.  
        Configuring immutability using GUI
    6.  
      Authenticating users using digital certificates or smart cards
    7.  
      About system certificates on NetBackup Flex Scale
    8. Deploying external certificates on NetBackup Flex Scale
      1.  
        Deploying ECA using the GUI
      2.  
        Log locations
      3.  
        Considerations for performing other operations when ECA is deployed
  10. Troubleshooting
    1.  
      Services management
    2.  
      Audit logs
    3. Collecting logs for cluster nodes
      1.  
        Uploading logs to Veritas Support
      2.  
        Downloading logs
    4. Troubleshooting NetBackup Flex Scale issues
      1.  
        If cluster configuration fails (for example because an IP address that was already in use is specified) and you try to reconfigure the cluster, the UI displays an error but the configuration process continues to run
      2.  
        Validation error while adding VMware credentials to NetBackup
      3.  
        NetBackup Web UI incorrectly displays some NetBackup Flex Scale processes as failed
      4.  
        Unable to create BMR Shared Resource Tree (SRT) on NetBackup Flex Scale Appliance
      5.  
        NetBackup configuration files are not persistent across operations that require restarting the system
  11. Appendix A. Maintenance procedures for HPE servers
    1.  
      Replacement procedure for a chassis fan
    2.  
      Replacement procedure for power supply
    3.  
      Replacement procedure for a single OS disk
    4.  
      Replacement procedure for both OS disks on the management console node
    5.  
      Replacement procedure for both OS disks on a non- management console node
    6.  
      Replacement procedure for NVMe disks (SSDs)
    7.  
      Replacement procedure for RAID controller
    8.  
      Replacement procedure for an Integrated Lights-Out (iLO) port
    9.  
      Replacement procedure for quad-port NIC
    10.  
      Procedure for memory expansion (DIMMs)
    11.  
      Replacement procedure for memory (DIMMs)
    12.  
      Replacement procedure for Mellanox port
  12. Appendix B. Configuring NetBackup optimized duplication
    1. Configuring a Storage Lifecycle Policy for optimized duplication
      1.  
        Creating a Storage Lifecycle Policy for optimized duplication
      2.  
        Configuring a policy to use an SLP
      3.  
        Updating the policy to reverse the replication direction
  13. Appendix C. Disaster recovery terminologies
    1.  
      VVR technology in disaster recovery
    2.  
      About response fields in the GET disaster recovery API
  14. Appendix D. Configuring Auto Image Replication
    1.  
      Auto Image Replication configuration

Selecting or changing the lockdown mode

The user can select the lockdown mode during initial configuration. After cluster configuration, user has the option to see/change the lockdown mode using both GUI and REST APIs. The lockdown modes can be switched only if the engines are healthy. The user can switch between the following modes without any restriction:

  • From normal to enterprise mode

  • From normal to compliance mode

  • From enterprise to compliance mode

The user can set minimum and maximum retention time for backup images for enterprise and compliance mode only. Creation of images with retention time less than the minimum retention time or greater than the maximum retention time is not allowed. This minimum and maximum retention time should be set by the appliance administrator as per the retention requirement of their use case.

  • Once the lockdown mode is set, only Appliance administrators can change the lockdown mode.

  • The lockdown mode is maintained during upgrade.

  • Only the Appliance administrator can remove the retention locks if the lockdown mode is enterprise.

  • Only the users with appliance administrator role can disable retention or remove the retention lock using the MSDP Restricted Shell.

  • The user cannot change the mode if any existing operation is in progress.

Restrictions in different modes

  • If the mode is set to compliance mode, the administrator cannot change the mode to enterprise or normal mode.

  • If lockdown mode is set to compliance or enterprise for any node, it is not available for factory reset.

  • During add and replace node operations, the new node is automatically placed in the existing lockdown mode of the cluster. The lockdown mode of the node that got replaced is set to normal and the node is available for factory reset.

  • Cluster maintenance shell is enabled with two-factor authentication (2FA).

To access the root shell when lockdown mode is configured

  1. Log on to the node-level CLI on any node in the cluster.
  2. Run the support generate-otp to get the OTP (valid for 2 hours) for the entire cluster.
  3. Open a ticket with Veritas Support to generate a security key. Set a Support password which is later used to elevate to root.
  4. Log on to the NetBackup Flex Scale shell on any node in the cluster.
  5. Run the support unlock command. You are prompted to enter a security key. Enter the security key that you got in step 3. Press Enter to unlock the root shell access to the current node (all other nodes remain locked).
  6. Run the support elevate command. You are prompted to enter a Support password. Enter the Support password set in step 3. Press Enter. Type the maintenance password to get into the root shell.
  7. Repeat steps 4 to 6 to get into the root shell of all other nodes.
  8. Run the support lock command on a specific node to lock that node. If no manual lock is issued, the node is locked automatically after 12 hours. All the current users are removed from the root shell in a single node.