Important Update: Cohesity Products Documentation

All Cohesity product documentation are now managed via the Cohesity Docs Portal: https://docs.cohesity.com/HomePage/Content/home.htm. Some documentation available here may not reflect the latest information or may no longer be accessible.

NetBackup™ Web UI Cloud Administrator's Guide

Last Published:
Product(s): NetBackup (11.1)
  1. Managing and protecting cloud assets
    1.  
      About protecting cloud assets
    2.  
      Limitations and considerations
    3.  
      AWS and Azure government cloud support
    4. Configure Snapshot Manager in NetBackup
      1.  
        Add a Snapshot Manager
      2. Add a cloud provider for a Snapshot Manager
        1.  
          Adding a new region
        2.  
          IAM Role for AWS Configuration
        3.  
          IAM policy for OCI configuration
      3.  
        Associate media servers with a Snapshot Manager
      4.  
        Discover assets on Snapshot Manager
      5.  
        Enable or disable a Snapshot Manager
      6.  
        (Optional) Add the Snapshot Manager extension
    5. Managing intelligent groups for cloud assets
      1.  
        Considerations for cloud intelligent groups
      2.  
        Create an intelligent group for cloud assets
      3.  
        Delete an intelligent group for cloud assets
    6. Protecting cloud assets or intelligent groups for cloud assets
      1.  
        Customize or edit protection for cloud assets or intelligent groups
      2.  
        Remove protection from cloud assets or intelligent groups
    7. About storage lifecycle policies
      1.  
        Adding an SLP
      2.  
        SLP configurations for PaaS and IaaS policies
    8. Managing policies for cloud assets
      1.  
        Limitations and considerations
      2.  
        Planning for policies
      3.  
        Creating policies for cloud assets
      4.  
        Setting up attributes for PaaS assets
      5.  
        Setting up attributes for IaaS assets
      6.  
        Creating schedules
      7.  
        About backup frequency
      8.  
        About assigning retention periods
      9. Configuring the Start window
        1.  
          Example of schedule duration
      10.  
        Configuring the include dates
      11.  
        Configuring the exclude dates
      12.  
        Configuring the cloud assets for PaaS
      13.  
        Configuring the cloud assets for IaaS
      14.  
        Configuring backup options for IaaS
      15. Managing cloud policies
        1.  
          Copy a policy
        2.  
          Deactivating or deleting a policy
        3.  
          Manually backup assets
    9. Scan for malware
      1.  
        Scanning backup images
      2.  
        Assets by workload type
    10. Protecting Microsoft Azure resources using resource groups
      1.  
        Before you begin
      2.  
        Limitations and considerations
      3. About resource group configurations and outcome
        1.  
          Examples of resource group configurations
      4.  
        Troubleshoot resource group permissions
    11. NetBackup Accelerator for cloud workloads
      1.  
        How the NetBackup Accelerator works with virtual machines
      2.  
        Accelerator forced rescan for virtual machines (schedule attribute)
      3.  
        Accelerator backups and the NetBackup catalog
      4.  
        Accelerator messages in the backup job details log
    12.  
      Configuring backup schedules for cloud workloads using protection plan
    13.  
      Backup options for cloud workloads
    14. AWS Snapshot replication
      1.  
        Configure AWS snapshot replication
      2.  
        Using AWS snapshot replication
      3.  
        Support matrix for account replication
    15.  
      Protect applications in-cloud with application-consistent snapshots
    16.  
      Protecting AWS or Azure VMs for recovering to VMware
    17.  
      Cloud asset cleanup
    18.  
      Cloud asset filtering
  2. Protecting PaaS assets
    1.  
      Protecting PaaS assets
    2. Steps to protect PaaS assets
      1.  
        Protecting PaaS assets in AWS
      2.  
        Protecting PaaS assets in Azure
      3.  
        Protecting PaaS assets in GCP
    3.  
      Prerequisites for protecting PaaS assets
    4.  
      Enabling binary logging for MySQL and MariaDB databases
    5.  
      Enabling backup and restore in Kubernetes
    6.  
      Prerequisites for protecting Amazon RDS SQL Server database assets
    7. Protecting RDS Custom instances
      1.  
        Protecting RDS Custom for SQL Server assets
      2.  
        Consideration for protecting RDS Custom for SQL Server assets
      3.  
        Protecting RDS Custom for Oracle assets
      4.  
        Consideration for protecting RDS Custom for Oracle assets
    8. Protecting Azure Managed Instance databases
      1.  
        Prerequisites for protecting Azure Managed Instance databases
      2.  
        Permissions required for protecting Azure Managed Instance databases
    9.  
      Prerequisites for database level discovery
    10. Limitation and considerations
      1.  
        For all databases
      2.  
        For PostgreSQL
      3.  
        For incremental backups for Azure PostgreSQL
      4.  
        For Amazon RDS PostgreSQL and Amazon Aurora PostgreSQL
      5.  
        For Amazon DynamoDB
      6.  
        For Amazon DocumentDB
      7.  
        For Amazon Neptune
      8.  
        For Amazon RDS SQL
      9.  
        For Azure, Amazon RDS, and Aurora MySQL
      10.  
        For cumulative incremental backups using Amazon RDS SQL
      11.  
        For incremental backups using Amazon DynamoDB
      12.  
        For incremental backups using Azure MySQL server
      13.  
        For incremental backups using the GCP SQL Server
      14.  
        For Incremental backups using GCP PostgreSQL
      15.  
        For Incremental backups with Amazon RDS PostgreSQL and Amazon Aurora PostgreSQL
      16.  
        For Azure SQL and SQL Managed Instance
      17.  
        For Azure SQL Server and SQL Managed Instance incremental backup
      18.  
        For Azure Cosmos DB for MongoDB
      19.  
        For Azure Cosmos DB for NoSQL
      20.  
        For Amazon RDS for Oracle
      21.  
        For Amazon Redshift databases
      22.  
        For Amazon Redshift clusters
      23.  
        For GCP SQL Server
      24.  
        For GCP BigQuery
    11. Installing the native client utilities
      1.  
        Installing the MySQL client utility
      2.  
        Installing the SqlPackage client utility
      3.  
        Installing PostgreSQL client utility
      4.  
        Installing MongoDB client utility
    12. Configuring storage for different deployments
      1.  
        For MSDP cloud deployments
      2.  
        For Kubernetes deployments
      3.  
        For VM-based BYO deployments
    13.  
      Configuring the storage server for instant access
    14.  
      About incremental backup for PaaS workloads
    15.  
      Configuring incremental backups for Azure MySQL server
    16.  
      About archive redo log backup for PaaS workloads
    17.  
      About Auto Image Replication for PaaS workloads
    18.  
      Discovering PaaS assets
    19.  
      Viewing PaaS assets
    20. Managing PaaS credentials
      1.  
        View the credential name that is applied to a database
      2.  
        Add credentials to a database
      3.  
        Creating an IAM database username
      4.  
        Creating a system or user-managed identity username
      5.  
        Configuring permissions for the database user
    21. Add protection to PaaS assets
      1.  
        Perform backup now
  3. Recovering cloud assets
    1. Recovering cloud assets
      1.  
        About the pre-recovery check for VMs
      2.  
        Supported parameters for restoring cloud assets
      3.  
        Recovering virtual machines
      4.  
        Recovering applications and volumes to their original location
      5.  
        Recovering applications and volumes to an alternate location
      6.  
        Recovery scenarios for GCP VMs with read-only volumes
      7.  
        (GCP only) Restoring virtual machines and volumes using the autoDelete disk support
    2.  
      Perform rollback recovery of cloud assets
    3. Restore to a different cloud provider
      1.  
        Prepare the VMs for back up
      2.  
        Post-restore configurations
    4. Recovering AWS or Azure VMs to VMware
      1.  
        Post-recovery considerations for cloud VMs recovered to VMware
      2. Steps to recover images from cloud VMs to VMware
        1.  
          Recovering images from AWS to VMware
        2.  
          Recovering images from Azure to VMware
    5. Recovering PaaS assets
      1.  
        Recovering non-RDS PaaS assets
      2.  
        Recovering Redshift clusters
      3.  
        Recovering AWS DocumentDB and Neptune assets
      4.  
        Recovering RDS-based PaaS asset
      5.  
        Recovering Azure-protected assets
      6.  
        Recovering duplicate images from AdvancedDisk
  4. Performing granular restore
    1.  
      About granular restore
    2.  
      Supported environment list
    3.  
      List of supported file systems
    4.  
      Before you begin
    5.  
      Limitations and considerations
    6.  
      Restoring files and folders from cloud virtual machines
    7.  
      Restoring volumes on cloud virtual machines
    8.  
      Performing steps after volume restore containing LVM
    9.  
      Troubleshooting
  5. Troubleshooting protection and recovery of cloud assets
    1.  
      Troubleshoot cloud workload protection issues
    2.  
      Error Code 9855: Error occurred while exporting snapshot for the asset: <asset_name>
    3.  
      VMs and other OCI assets with CMK-encrypted disks are marked as deleted in NetBackup UI.
    4.  
      Backup from snapshot jobs take longer time than expected
    5.  
      Backup from snapshot job fails due to connectivity issues when Snapshot Manager is deployed on an Ubuntu host
    6.  
      Error disambiguation in NetBackup UI
    7.  
      Status Code 150: Termination requested by administrator
    8. Troubleshoot PaaS workload protection and recovery issues
      1.  
        Troubleshooting Amazon Redshift issues
      2.  
        Troubleshooting Azure Postgres issues
      3.  
        Troubleshooting Amazon RDS Custom for SQL issues

For Azure SQL and SQL Managed Instance

These limitations and considerations apply to Azure SQL database and Azure Managed Instance backups.

  • Configure the backup method - you can create and configure the dbpaas_config.json file for each policy to specify a backup method to fit your requirements. Note that you must give the CDC consent through NetBackup UI.

    • Create the dbpaas_config.json file at:

      /openv/netbackup/db/>dbpaas_config.json

      Follow an equivalent path for Windows OS.

    • Here is a sample dbpaas_config.json file:

      {
  "Configurations": [
    {
      "PolicyName": "policy_name",
      "BackupMethod": "OFFLOAD_TO_BACKUP_HOST",
      "BatchCount": 1024
    }
  ]
}

    • Explanation of the parameters:

      • PolicyName - the name of the policy to which you want to apply the JSON.

      • For BackupMethod use any of the following values:

        • OFFLOAD_TO_SERVER - this performs all the CDC processing at the SQL/MI server side. This is the default behavior.

        • OFFLOAD_TO_BACKUP_HOST - in this method, the CDC data is fetched to the backup host from the server. The fetched data is processed at the backup host.

      • BatchCount - determines how many transactions of records are processed at a time.

  • For Azure SQL database and Azure SQL Managed Instance workloads, NetBackup protection plans do not include some backup configuration options such as BackupMethod and BatchCount. To use these options:

    • Use a NetBackup policy instead of a protection plan.

    • Reference the configured policy in your DBPaaS configuration file.

    When using a protection plan, any changes to these options in the DBPaaS configuration file are ignored.

  • If an Azure VM is used as a media server, it must be in the same Vnet as that of the Azure Managed instance. Alternatively, if the media server and SQL Managed instance are in different Vnet, then both the Vnets must peer to access the database instance.

  • NetBackup requires user consent to enable SQL Server's Change Data Capture (CDC) for backup operations. This CDC option is enabled by default in the protection plans.

    • If the CDC option is enabled, NetBackup uses SQL Server's CDC mechanism.

    • If the CDC option is disabled, backups fail - except for Azure SQL Managed Instances using Customer-Managed Keys (CMK) and full backup schedules.

  • After deleting a database, you must stop CDC capture, disable cleanup jobs, and perform manual cleanup.

  • For smooth CDC performance, do the following:

    • Do not use DDL triggers that block schema changes. Like, CREATE/DROP TABLE, CREATE/DROP FUNCTION.

    • Ensure that the SQL Server Agent service is running.

    • Use an account with db_owner or sysadmin privileges for CDC setup.

    • To avoid capture_instance conflicts, check if the table is already CDC-enabled.

  • Backup fails when Readlock is placed on the database or resource group.

  • If the databases contain any of these types of tables, the backup fail due to CDC limitations.

    • Graph tables

    • Temporal tables

    • Ledger tables (Updatable ledger)

    • Memory optimized table (business critical tier only)

      For Azure Managed instance databases, if the backup taken using the native backup database workflow, using TDE enabled by Customer-managed Keys or TDE disabled, these types of tables are supported.

  • Database diagrams not restored.

  • NetBackup can back up and restore databases to new environments, but the identity columns may not retain their original seed values. This can cause new records to receive unexpected identity numbers, especially if rows were deleted before the backup. However, this issue does not affect TDE-enabled Azure SQL Managed Instance databases configured with a CMK and backed up either with the native BAK format or through a policy without CDC consent.

  • NetBackup supports column-level encryption only for Azure SQL Managed database instances where TDE is configured with CMK. Backups must be full backups, taken either with the native BAK format or through a policy without CDC consent.

  • To restore a database on an Azure SQL server or Azure Managed Instance, you must assign AAD admin privilege on the target server. Before the restore, assign the rights to any of these:

    • The system or the user-managed identity of the media servers.

    • The vm-scale-set in which the NetBackup media is deployed; in case of AKS or EKS deployment.

  • Consider the following for the SqlPackage utility.

    • SqlPackage may fail to export the following SQL Server objects: Logins, Jobs (SQL Agent Jobs), Linked Servers, Server-level permissions, Server roles, Credentials, Database Mail configuration, Replication settings, SSIS packages, Service Broker objects, CLR assemblies, Data in FILESTREAM/FILETABLE, Encrypted objects (if keys/certs are not exported), Cross-database dependencies, Extended stored procedures, and certain system objects.

    • SqlPackage primarily exports database-level objects and data, but not server-level or agent-level configurations. For a complete migration, use additional tools or scripts to handle these objects.