Please enter search query.
Search <book_title>...
Cohesity Cloud Scale Technology Manual Deployment Guide for Kubernetes Clusters
Last Published:
2026-02-23
Product(s):
NetBackup (11.1.0.2)
- Introduction
- Section I. Configurations
- Prerequisites
- Preparing the environment for NetBackup installation on Kubernetes cluster
- Prerequisites for Snapshot Manager (AKS/EKS)
- Prerequisites for Kubernetes cluster configuration
- Prerequisites for Cloud Scale configuration
- Prerequisites for deploying environment operators
- Prerequisites for using private registry
- Recommendations and Limitations
- Configurations
- Configuration of key parameters in Cloud Scale deployments
- Tuning touch files
- Setting maximum jobs per client
- Setting maximum jobs per media server
- Enabling intelligent catalog archiving
- Enabling security settings
- Configuring email server
- Reducing catalog storage management
- Configuring zone redundancy
- Enabling client-side deduplication capabilities
- Parameters for logging (fluentbit)
- Managing media server configurations in Web UI
- Prerequisites
- Section II. Deployment
- Section III. Monitoring and Management
- Monitoring NetBackup
- Monitoring Snapshot Manager
- Monitoring fluentbit
- Monitoring MSDP Scaleout
- Managing NetBackup
- Managing the Load Balancer service
- Managing PostrgreSQL DBaaS
- Managing logging
- Performing catalog backup and recovery
- Section IV. Maintenance
- PostgreSQL DBaaS Maintenance
- Patching mechanism for primary, media servers, fluentbit pods, and postgres pods
- Upgrading
- Cloud Scale Disaster Recovery
- Uninstalling
- Troubleshooting
- Troubleshooting AKS and EKS issues
- View the list of operator resources
- View the list of product resources
- View operator logs
- View primary logs
- Socket connection failure
- Resolving an issue where external IP address is not assigned to a NetBackup server's load balancer services
- Resolving the issue where the NetBackup server pod is not scheduled for long time
- Resolving an issue where the Storage class does not exist
- Resolving an issue where the primary server or media server deployment does not proceed
- Resolving an issue of failed probes
- Resolving issues when media server PVs are deleted
- Resolving an issue related to insufficient storage
- Resolving an issue related to invalid nodepool
- Resolve an issue related to KMS database
- Resolve an issue related to pulling an image from the container registry
- Resolving an issue related to recovery of data
- Check primary server status
- Pod status field shows as pending
- Ensure that the container is running the patched image
- Getting EEB information from an image, a running container, or persistent data
- Resolving the certificate error issue in NetBackup operator pod logs
- Pod restart failure due to liveness probe time-out
- NetBackup messaging queue broker take more time to start
- Host mapping conflict in NetBackup
- Issue with capacity licensing reporting which takes longer time
- Local connection is getting treated as insecure connection
- Backing up data from Primary server's /mnt/nbdata/ directory fails with primary server as a client
- Storage server not supporting Instant Access capability on Web UI after upgrading NetBackup
- Taint, Toleration, and Node affinity related issues in cpServer
- Operations performed on cpServer in cloudscale-values.yaml file are not reflected
- Elastic media server related issues
- Failed to register Snapshot Manager with NetBackup
- Post Kubernetes cluster restart, flexsnap-listener pod went into CrashLoopBackoff state or pods were unable to connect to flexsnap-rabbitmq
- Post Kubernetes cluster restart, issues observed in case of containerized Postgres deployment
- Request router logs
- Issues with NBPEM/NBJM
- Issues with logging feature for Cloud Scale
- The flexsnap-listener pod is unable to communicate with RabbitMQ
- Job remains in queue for long time
- Extracting logs if the nbwsapp or log-viewer pods are down
- Helm installation failed with bundle error
- Deployment fails with private container registry and Postgres fails to pull the images
- Troubleshooting AKS-specific issues
- Troubleshooting EKS-specific issues
- Resolving the primary server connection issue
- NetBackup Snapshot Manager deployment on EKS fails
- Wrong EFS ID is provided in cloudscale-values.yaml file
- Primary pod is in ContainerCreating state
- Webhook displays an error for PV not found
- Cluster Autoscaler initialization issue
- Catalog backup job fails with an error (Status 9202)
- Troubleshooting issue for bootstrapper pod
- Troubleshooting issues for kubectl plugin
- Troubleshooting AKS and EKS issues
- Appendix A. CR template
- Appendix B. MSDP Scaleout
- About MSDP Scaleout
- Prerequisites for MSDP Scaleout (AKS\EKS)
- Limitations in MSDP Scaleout
- MSDP Scaleout configuration
- Installing the docker images and binaries for MSDP Scaleout (without environment operators or Helm charts)
- Deploying MSDP Scaleout
- Managing MSDP Scaleout
- MSDP Scaleout maintenance
Installing Cloud Scale environment
To install NetBackup using Helm charts on Kubernetes cluster, perform the following:
- Download the NetBackup TAR package from Cohesity Download Center which contains the container images and the Helm chart for NetBackup Kubernetes application.
- Deploy the operators. For more information on deploying the operators, refer to the following section:
- Perform the following steps to deploy the
cloudscale-values.yamlfile:Use the following command to save the environment chart values to a file:
helm show values cloudscale-<version>.tgz > cloudscale-values.yaml
Edit the chart values to fit the required environment:
vi cloudscale-values.yaml
Use the following command to apply the
cloudscale-values.yamlfile:helm upgrade --install cloudscale cloudscale-<version>.tgz -f cloudscale-values.yaml --namespace netbackup
For example,
helm show values cloudscale-11.1.x.x.xxxx.tgz > cloudscale-values.yaml $ $ vi cloudscale-values.yaml $
The output for the above example would be as follows:
environment: corePattern: '''/corefiles/core.%e.%p.%t''' cpServer: name: cpserver-1 networkLoadBalancer: fqdn: nbux-xx-xxx-xx-xx.vxindia.veritas.com ipAddr: xx.xxx.xx.xx nodeSelector: controlPlane: labelKey: pool labelValue: primary dataPlane: labelKey: pool labelValue: cp proxySettings: null storage: data: capacity: 30Gi storageClassName: nb-disk-standardssd log: capacity: 5Gi storageClassName: nb-file-premium tag: 11.1.0.0-1035-11.1-0045 createServiceAccount: false drInfoSecretName: null emailServerConfigmapName: null enabled: true loadBalancerAnnotations: service.beta.kubernetes.io/azure-load-balancer-internal-subnet: LB-RESERVED mediaServers: - name: media1 nodeSelector: labelKey: pool labelValue: media replicas: 1 storage: data: capacity: 50Gi storageClassName: nb-disk-standardssd log: capacity: 5Gi storageClassName: nb-disk-standardssd msdpScaleouts: annotations: msdp.veritas.com/baas: "false" credential: secretName: msdp-secret1 ipList: - fqdn: nbux-xx-xxx-xx-xx.vxindia.veritas.com ipAddr: xx.xxx.xx.xx kms: keyGroup: example-key-group keySecret: example-key-secret loadBalancerAnnotations: null name: dedupe1 nodeSelector: labelKey: pool labelValue: msdp replicas: 1 secret: credential: password: Y123abCdEf username: devuser kms: passphrase: Y123abC@dEf12345 username: devuser storage: dataVolumes: - capacity: 5Gi storageClassName: nb-disk-premium log: capacity: 5Gi storageClassName: nb-disk-premium tag: 21.1-0033-11.1-0045 name: nbu primary: credSecretName: primary-credential-secret kmsDBSecret: kms-secret networkLoadBalancer: ipList: - fqdn: nbux-xx-xxx-xx-xx.vxindia.veritas.com ipAddr: xx.xxx.xx.xx nodeSelector: labelKey: pool labelValue: primary secret: credential: password: Gyp.s8m123 username: devuser kms: HMKID: hmkid123 HMKpassphrase: HMK@passphrase123 KPKID: kpkid123 KPKpassphrase: KPK@passphrase123 storage: catalog: autoVolumeExpansion: false capacity: 100Gi storageClassName: nb-file-premium data: capacity: 30Gi storageClassName: nb-disk-standardssd log: capacity: 10Gi storageClassName: nb-disk-standardssd tag: 11.1-0045-11.1-0045 fluentbit: cleanup: highWatermark: 90 image: name: netbackup/fluentbit-log-cleanup tag: 11.1-0045-11.1-0045 lowWatermark: 60 retentionCleanupTime: "04:00" retentionDays: 7 utilizationCleanupFrequency: 60 collectorNodeSelector: node_selector_key: pool node_selector_value: primary enabled: true image: name: netbackup/fluentbit pullPolicy: IfNotPresent tag: 11.1-0024-DR2 metricsPort: 2020 namespaces: - netback - netbackup-operator-system tolerations: - key: pool value: primary - key: pool value: msdp - key: pool value: cp - key: pool value: media volume: pvcStorage: 100Gi storageClassName: nb-disk-premium global: containerRegistry: nbuk8sreg.azurecr.io dbSecretName: dbsecret environmentNamespace: netbackup timezone: null postgresql: clientSecretName: postgresql-client-crt createCerts: true dataDir: /netbackup/postgresqldb dbAdminName: postgres dbPort: 13785 defaultPostgresqlHostName: nb-postgresql enabled: true image: name: netbackup/postgresql pullPolicy: Always tag: 16.10.2.0-0001-11.1-0045 initialDbAdminPassword: postgres logDestination: file nodeSelector: key: pool value: primary pgbouncerPort: 13787 postgresqlUpgrade: env: dataDir: /netbackup/postgresqldb image: name: netbackup/postgresql-upgrade pullPolicy: Always tag: 16.10.2.0-0001-11.1-0045 replicas: 1 securityContext: runAsUser: 0 volume: mountPathData: /netbackup/postgresqldb timezone: null volumeClaimName: nb-psql-pvc replicas: 1 securityContext: runAsUser: 0 serverSecretName: postgresql-server-crt service: serviceName: nb-postgresql tolerations: - key: pool value: primary volume: mountPathData: /netbackup/postgresqldb pvcStorage: 30Gi secretMountPath: /netbackup/postgresql/keys/server storageClassName: nb-disk-premium volumeClaimName: nb-psql-pvc volumeDefaultMode: 416
Note:
By default, Helm stores the input values in a Kubernetes secret. Hence to avoid the values being discovered by anyone, customers must reset the database password after Cloud Scale deployment.