NetBackup™ Deployment Guide for Kubernetes Clusters

Last Published:
Product(s): NetBackup (10.3.0.1, 10.3)
  1. Introduction
    1.  
      About NetBackup deployment on Kubernetes clusters
    2.  
      Required terminology
    3.  
      User roles and permissions
    4. About MSDP Scaleout
      1.  
        MSDP Scaleout components
      2.  
        Limitations in MSDP Scaleout
    5.  
      About NetBackup Snapshot Manager
  2. Section I. Deployment
    1. Prerequisites for Kubernetes cluster configuration
      1. Config-Checker utility
        1.  
          How does the Config-Checker utility work
        2.  
          Config-Checker execution and status details
      2. Data-Migration for AKS
        1.  
          How Data-Migration works
        2.  
          Data-Migration execution and status details
      3. Webhooks validation for EKS
        1.  
          How does the webhook validation works
        2.  
          Webhooks validation execution details
    2. Deployment with environment operators
      1. About deployment with the environment operator
        1.  
          Prerequisites
        2.  
          Contents of the TAR file
        3.  
          Known limitations
      2. Manual deployment
        1.  
          Deploying the operators
        2.  
          Deploying NetBackup and MSDP Scaleout
        3.  
          Deploying NetBackup and Snapshot Manager
      3.  
        Configuring the environment.yaml file
      4.  
        Uninstalling NetBackup environment and the operators
      5.  
        Applying security patches
    3. Deploying NetBackup
      1.  
        Preparing the environment for NetBackup installation on Kubernetes cluster
      2.  
        Recommendations of NetBackup deployment on Kubernetes cluster
      3.  
        Limitations of NetBackup deployment on Kubernetes cluster
      4. Primary and media server CR
        1. About primary server CR and media server CR
          1.  
            After installing primary server CR
          2.  
            After Installing the media server CR
        2.  
          Elastic media server
        3.  
          Monitoring the status of the CRs
        4.  
          Updating the CRs
        5.  
          Deleting the CRs
      5.  
        Configuring NetBackup IT Analytics for NetBackup deployment
      6.  
        Managing NetBackup deployment using VxUpdate
      7.  
        Migrating the cloud node for primary or media servers
    4. Deploying NetBackup using Helm charts
      1.  
        Overview
      2.  
        Installing NetBackup using Helm charts
      3.  
        Uninstalling NetBackup using Helm charts
    5. Deploying MSDP Scaleout
      1.  
        Deploying MSDP Scaleout
      2.  
        Prerequisites for AKS
      3.  
        Prerequisites for EKS
      4.  
        Installing the docker images and binaries
      5.  
        Initializing the MSDP operator
      6.  
        Configuring MSDP Scaleout
      7.  
        Using MSDP Scaleout as a single storage pool in NetBackup
      8.  
        Configuring the MSDP cloud in MSDP Scaleout
      9.  
        Using S3 service in MSDP Scaleout for AKS
      10.  
        Enabling MSDP S3 service after MSDP Scaleout is deployed for AKS
    6. Deploying Snapshot Manager
      1.  
        Prerequisites
      2.  
        Installing the docker images
    7. Verifying Cloud Scale deployment
      1.  
        Verifying Cloud Scale deployment
  3. Section II. Monitoring and Management
    1. Monitoring NetBackup
      1.  
        Monitoring the application health
      2.  
        Telemetry reporting
      3.  
        About NetBackup operator logs
      4.  
        Expanding storage volumes
      5. Allocating static PV for Primary and Media pods
        1.  
          (AKS-specific) Allocating static PV for Primary and Media pods
        2.  
          (EKS-specific) Allocating static PV for Primary and Media pods
    2. Monitoring MSDP Scaleout
      1.  
        About MSDP Scaleout status and events
      2.  
        Monitoring with Amazon CloudWatch
      3.  
        Monitoring with Azure Container insights
      4.  
        The Kubernetes resources for MSDP Scaleout and MSDP operator
    3. Monitoring Snapshot Manager
      1.  
        Overview
      2.  
        Logs of Snapshot Manager
      3.  
        Configuration parameters
    4. Managing the Load Balancer service
      1.  
        About the Load Balancer service
      2.  
        Notes for Load Balancer service
      3.  
        Opening the ports from the Load Balancer service
    5. Managing MSDP Scaleout
      1.  
        Adding MSDP engines
      2.  
        Adding data volumes
      3. Expanding existing data or catalog volumes
        1.  
          Recommendation for media server volume expansion
        2.  
          Manual storage expansion
      4.  
        MSDP Scaleout scaling recommendations
      5. MSDP Cloud backup and disaster recovery
        1.  
          About the reserved storage space
        2. Cloud LSU disaster recovery
          1.  
            Recovering AKS MSDP S3 IAM configurations from cloud LSU
      6.  
        MSDP multi-domain support
      7.  
        Configuring Auto Image Replication
      8. About MSDP Scaleout logging and troubleshooting
        1.  
          Collecting the logs and the inspection information
    6. Managing PostrgreSQL DBaaS
      1.  
        Changing database server password in DBaaS
      2.  
        Updating database certificate in DBaaS
      3.  
        Disabling non-SSL access to remote DBaaS on Azure
    7. Performing catalog backup and recovery
      1.  
        Backing up a catalog
      2. Restoring a catalog
        1.  
          Primary server corrupted
        2.  
          MSDP-X corrupted
        3.  
          MSDP-X and Primary server corrupted
    8. Setting key parameters in Cloud Scale deployments
      1.  
        Tuning touch files
      2.  
        Setting maximum jobs
      3.  
        Enabling intelligent catalog archiving
      4.  
        Enabling security settings
      5.  
        Configuring email server
      6.  
        Reducing catalog storage management
      7.  
        Configuring zone redundancy
      8.  
        Enabling client-side deduplication capabilities
  4. Section III. Maintenance
    1. MSDP Scaleout Maintenance
      1.  
        Pausing the MSDP Scaleout operator for maintenance
      2.  
        Logging in to the pods
      3.  
        Reinstalling MSDP Scaleout operator
      4.  
        Migrating the MSDP Scaleout to another node pool
    2. PostgreSQL DBaaS Maintenance
      1.  
        Configuring maintenance window for PostgreSQL database in AWS
      2.  
        Setting up alarms for PostgreSQL DBaaS instance
    3. Upgrading
      1. Upgrading NetBackup
        1.  
          Preparing for NetBackup upgrade
        2.  
          Upgrading NetBackup operator
        3.  
          Upgrading NetBackup application
        4.  
          Upgrade NetBackup from previous versions
        5.  
          Upgrading NetBackup using Helm charts
        6.  
          Procedure to rollback when upgrade of NetBackup fails
      2.  
        Upgrading MSDP Scaleout
      3. Upgrading Snapshot Manager
        1.  
          Upgrading Snapshot Manager operator
        2. Upgrading Snapshot Manager
          1.  
            Procedure to rollback when upgrade of Snapshot Manager fails
        3.  
          Post-migration tasks
    4. Uninstalling
      1. Uninstalling MSDP Scalout from Kubernetes cluster
        1.  
          Cleaning up MSDP Scaleout
        2.  
          Cleaning up the MSDP Scaleout operator
      2.  
        Uninstalling Snapshot Manager from Kubernetes cluster
    5. Troubleshooting
      1. Troubleshooting AKS and EKS issues
        1.  
          View the list of operator resources
        2.  
          View the list of product resources
        3.  
          View operator logs
        4.  
          View primary logs
        5.  
          Socket connection failure
        6.  
          Resolving an issue where external IP address is not assigned to a NetBackup server's load balancer services
        7.  
          Resolving the issue where the NetBackup server pod is not scheduled for long time
        8.  
          Resolving an issue where the Storage class does not exist
        9.  
          Resolving an issue where the primary server or media server deployment does not proceed
        10.  
          Resolving an issue of failed probes
        11.  
          Resolving token issues
        12.  
          Resolving an issue related to insufficient storage
        13.  
          Resolving an issue related to invalid nodepool
        14.  
          Resolving a token expiry issue
        15.  
          Resolve an issue related to KMS database
        16.  
          Resolve an issue related to pulling an image from the container registry
        17.  
          Resolving an issue related to recovery of data
        18.  
          Check primary server status
        19.  
          Pod status field shows as pending
        20.  
          Ensure that the container is running the patched image
        21.  
          Getting EEB information from an image, a running container, or persistent data
        22.  
          Resolving the certificate error issue in NetBackup operator pod logs
        23.  
          Pod restart failure due to liveness probe time-out
        24.  
          NetBackup messaging queue broker take more time to start
        25.  
          Host mapping conflict in NetBackup
        26.  
          Issue with capacity licensing reporting which takes longer time
        27.  
          Local connection is getting treated as insecure connection
        28.  
          Primary pod is in pending state for a long duration
        29.  
          Backing up data from Primary server's /mnt/nbdata/ directory fails with primary server as a client
        30.  
          Storage server not supporting Instant Access capability on Web UI after upgrading NetBackup
        31.  
          Taint, Toleration, and Node affinity related issues in cpServer
        32.  
          Operations performed on cpServer in environment.yaml file are not reflected
        33.  
          Elastic media server related issues
        34.  
          Failed to register Snapshot Manager with NetBackup
        35.  
          Pods unable to connect to flexsnap-rabbitmq post Kubernetes cluster restart
      2. Troubleshooting AKS-specific issues
        1.  
          Data migration unsuccessful even after changing the storage class through the storage yaml file
        2.  
          Host validation failed on the target host
        3.  
          Primary pod goes in non-ready state
      3. Troubleshooting EKS-specific issues
        1.  
          Resolving the primary server connection issue
        2.  
          NetBackup Snapshot Manager deployment on EKS fails
        3.  
          Wrong EFS ID is provided in environment.yaml file
        4.  
          Primary pod is in ContainerCreating state
        5.  
          Webhook displays an error for PV not found
  5. Appendix A. CR template
    1.  
      Secret
    2. MSDP Scaleout CR
      1.  
        MSDP Scaleout CR template for AKS
      2.  
        MSDP Scaleout CR template for EKS

Upgrading NetBackup using Helm charts

Prerequisites

Ensure that your machine has the required access and is able to push the image to the container registry:

  • ACR for Azure: az acr login -n <container_registry_name>

    For example, az acr login -n cpautomation

  • ECR for AWS: aws ecr get-login-password --region region | docker login --username AWS --password-stdin aws_account_id.dkr.ecr.region.amazonaws.com

    For example, aws ecr get-login-password --region us-east-2 | docker login --username AWS --password-stdin 165323042987.dkr.ecr.us-east-2.amazonaws.com

EEB installation

  1. Download the EEB package to access the host.
  2. Extract and load the docker images from the installation tar file on the access host using the following command:

    tar -xvf <build_tar_file>

    flexsnap_preinstall.sh

  3. Create image tags to map the source image with the target image, so that the images can be pushed to the AWS/Azure container registry.

    To tag the images, run the following command for each image depending on the container platform running on your host:

    • For Docker: # docker tag source_image_name:tag container_registry_name/target_image_name:tag

    • For Podman: # podman tag source_image_name:tag container_registry_name/target_image_name:tag

    For example, 

    source_image_name = veritas/flexsnap-deploy
source_image_tag = 10.3.0.0.1041  (SnapshotManager_EEB_version)
target_image_name = veritas/flexsnap-deploy
target_image_tag = 10.3.0.0.1041  (SnapshotManager_EEB_version)
container_registry_name = cpautomation.azurecr.io

    docker tag veritas/flexsnap-deploy:10.3.0.0.1041 cpautomation.azurecr.io/veritas/flexsnap-deploy:10.3.0.0.1041

    Images for 10.3 are: 

    veritas/flexsnap-core
veritas/flexsnap-deploy
veritas/flexsnap-nginx
veritas/flexsnap-fluentd
veritas/flexsnap-rabbitmq
veritas/flexsnap-postgresql
veritas/flexsnap-datamover

    Note:

    Tag all the required images.

  4. Use the following command to push all the tagged images:

    docker push container_registry_name/target_image_name:tag

    For example, docker push cpautomation.azurecr.io/veritas/flexsnap-deploy:10.3.0.0.1041

  5. Edit the operator/kustomization.yaml file to reflect the new tag for flexsnap-operator pod.

    Update the newTag field under the cloudpointoperator.

  6. Use the following command to apply the operator related change:

    kubectl apply -k operator -n <namespace>

  7. Validate if the operator is updated or no:

    • Use the following command to obtain the pod name of flexsnap-operator:

      kubectl get pods -n <netbackup-operator-system>

    • To validate if the operator is updated or not:

      • Run the following command to obtain the pod name of flexsnap-operator:

        kubectl get pods -n <netbackup-operator-system>

      • Run one of the following to validate if the operator is updated or not:

        Describe the pod and check the events: kubectl describe pod <flexnsap_operator_pod_name> -n <netbackup-operator-system>

        Or

        To view the updated tag in the description: kubectl describe pod <flexnsap_operator_pod_name> -n <netbackup-operator-system> | grep -Image

  8. Edit the environment.yaml file to reflect the new tag:

    tag: <SnapshotManager_EEB_version>

  9. Update the NetBackup Snapshot Manager with the new tag:

    kubectl apply -f environment.yaml -n <environment_namespace>

  10. To validate the upgrade of NetBackup Snapshot Manager:

    • Use the following commands to check the CRO status:

      kubectl get cpservers -n <environment_namespace>

      kubectl describe cpservers <cpserver_cro_name> -n <environment_namespace>

      For example, kubectl describe cpservers cpserver-1-224245 -n nbux

    • Use the following command to view the logs for successful upgrade and the upgraded version:

      kubectl logs -f <flexnsap_operator_pod_name> -n <netbackup-operator-system>

Post installation upgrade procedure using HELM charts

  1. Perform steps 1 to 4 of 'EEB installation' procedure above.
  2. Use the following command to update the new tag in flexsnap-operator:

    kubectl edit deployment flexsnap-operator -n <operator_namespace>

  3. Validate if the operator is updated or no:

    • Use the following command to obtain the pod name of flexsnap-operator:

      kubectl get pods -n <netbackup-operator-system>

    • To validate if the operator is updated or not:

      • Run the following command to obtain the pod name of flexsnap-operator:

        kubectl get pods -n <netbackup-operator-system>

      • Run one of the following to validate if the operator is updated or not:

        Describe the pod and check the events: kubectl describe pod <flexnsap_operator_pod_name> -n <netbackup-operator-system>

        Or

        To view the updated tag in the description: kubectl describe pod <flexnsap_operator_pod_name> -n <netbackup-operator-system> | grep -Image

  4. Use the following command to edit the new tag in cpServer section of environment custom resource:

    • Obtain the environment custom resource name: kubectl get environment -n <environment_namespace>

    • Edit the tag: kubectl edit environment <environment_CRname> -n <environment_namespace>

  5. To validate the upgrade of NetBackup Snapshot Manager:

    • Use the following commands to check the CRO status:

      kubectl get cpservers -n <environment_namespace>

      kubectl describe cpservers <cpserver_cro_name> -n <environment_namespace>

      For example, kubectl describe cpservers cpserver-1-224245 -n nbux

    • Use the following command to view the logs for successful upgrade and the upgraded version:

      kubectl logs -f <flexnsap_operator_pod_name> -n <netbackup-operator-system>