Veritas NetBackup™ Plug-in for VMware vSphere Client (HTML5) Guide

Last Published:
Product(s): NetBackup (9.0.0.1, 9.0)
  1. Introduction and notes
    1.  
      About the NetBackup plug-in for VMware vSphere Client (HTML5)
    2.  
      Notes on the NetBackup plug-in for vSphere Client (HTML5)
    3.  
      How to access the features of the NetBackup plug-in for vSphere Client (HTML5)
    4.  
      Updates to this guide for NetBackup 9.0
  2. Installing the NetBackup plug-in for vSphere Client (HTML5)
    1.  
      Requirements for the NetBackup plug-in for vSphere Client (HTML5)
    2.  
      Using consistent vCenter naming with the NetBackup plug-in for vSphere Client (HTML5)
    3.  
      vCenter privileges for managing NetBackup plug-in installation
    4.  
      Notes on using the vSphere Client (HTML5) plug-in in a VMware Platform Services Controller (PSC) environment
    5. Installing the NetBackup plug-in for vSphere Client (HTML5)
      1.  
        VIRTUALIZATION_HOSTS_SECURE_CONNECT_ENABLED for servers and clients
    6.  
      Upgrading the NetBackup plug-in for vSphere Client (HTML5)
    7.  
      Uninstalling the NetBackup plug-in for vSphere Client (HTML5)
    8. Configuration overview for the NetBackup Recovery and Instant Recovery Wizards
      1.  
        Configuring ports for the NetBackup Web Services
      2.  
        Port usage for the NetBackup vSphere Client (HTML5) plug-in
      3.  
        Creating an authentication token for the NetBackup plug-in for vSphere Client (HTML5)
      4.  
        Authorizing the NetBackup vSphere Client (HTML5) plug-in to restore virtual machines
      5.  
        Configuring the plug-in for an external certificate
      6.  
        Reconfiguring the plug-in for a NetBackup CA-signed certificate
      7.  
        Setting vCenter privileges for recovering virtual machines
      8.  
        Adding or deleting an additional host name or IP address for an authentication token
      9.  
        Revoking an authorization token
      10.  
        Renewing an authorization token
      11.  
        Listing all current authentication tokens
      12.  
        Permissions on the NetBackup plug-in authentication token file may need to be changed
  3. Excluding virtual disks from the backup
    1.  
      About excluding virtual disks from the backup
    2.  
      Setting the exclude disks Custom Attribute
  4. Monitoring backup status
    1.  
      vCenter privileges for backup monitoring
    2.  
      Backup monitoring displays in the NetBackup plug-in for vSphere Client (HTML5)
    3.  
      Summary display
    4.  
      Virtual Machines display
    5.  
      Events display
    6.  
      Using the Veritas NetBackup plug-in for backup reporting
    7.  
      How to respond to backup status
  5. Restoring virtual machines
    1.  
      Configuring settings for virtual machine recovery
    2.  
      Notes on the NetBackup recovery wizards
    3.  
      How to access the NetBackup Recovery Wizards
    4. NetBackup Recovery Wizard screens
      1.  
        Virtual Machine Selection screen
      2.  
        Image Selection screen
      3.  
        Destination Selection screen
      4.  
        Transport Selection screen
      5.  
        Disk Provision screen
      6.  
        Virtual Machine Options screen
      7.  
        Network Selection screen
      8.  
        Pre-Recovery Check screen
    5. NetBackup Instant Recovery Wizard screens
      1.  
        Instant Recovery: Virtual Machine Selection screen
      2.  
        Instant Recovery: Image Selection screen
      3.  
        Instant Recovery: Destination Selection
      4.  
        Instant Recovery: Virtual Machine Options screen
      5.  
        Instant Recovery: Review Selection
    6.  
      Instant Recovery: Cleaning the recovery environment and releasing the NetBackup resources
  6. Troubleshooting
    1.  
      The message NoPermission appears during plug-in installation
    2.  
      Reducing the load time for the NetBackup plug-in for vSphere Client (HTML5)
    3.  
      A NetBackup master server is not available in the master server list of the Instant Recovery Wizard
    4.  
      The NetBackup plug-in for vSphere Client (HTML5) does not find any backup images in the listed events
    5.  
      The NetBackup Recovery wizard for vSphere Client (HTML5) does not find a particular backup image
    6.  
      Mismatch in vCenter server name (uppercase vs. lowercase letters) causes the VMware connectivity test to fail
    7.  
      Instant recovery operation is not complete due to NFS mount limit exceed
    8.  
      Instant recovery-ready backup images are not available for selection
    9.  
      The vCenter server and NetBackup master server names are not available for search
    10.  
      Preferred Instant recovery destination options are not saved
    11.  
      Virtual machine display name conflicts are not shown before the pre-recovery check
    12.  
      Reasons for failure of pre-recovery checks
    13.  
      Too much time taken to populate the list of NetBackup master servers
    14.  
      The NetBackup plug-in is not shown in the vSphere Client (HTML5) interface even after registration
    15.  
      The correct NetBackup master server does not show up for selection for a given vCenter server on the Instant recovery wizard
    16.  
      Troubleshooting master server communication failures in the plug-in's Recovery Portal
    17.  
      The NetBackup plug-in is not shown in the vSphere Client (HTML5) interface after vCenter upgrade from older versions to vCenter 7.0 or later
  7. Appendix A. Instant recovery events and best practices
    1.  
      Instant recovery events for non-available virtual machines
    2.  
      Best practices for instant recovery operations
  8. Appendix B. Installing the vSphere Client (HTML5) plug-in from a NetBackup media server and plug-in package host
    1.  
      Installing the vSphere Client (HTML5) plug-in from a NetBackup media server and plug-in package host (web server)

Configuring the plug-in for an external certificate

The plug-in communicates with the NetBackup master server securely by means of certificate-based authentication. By default, the master server uses NetBackup CA-signed certificates. As an alternative, the master server can be configured to use an externally issued certificate. In that case, use the following procedure to configure the plug-in for the external certificate.

Configure the plug-in for an external certificate

  1. Enter the following command on the master server:

    Windows

    install_path\NetBackup\wmc\bin\install\configureCertsForPlugins.bat
    -registerExternalCert -certPath "path_to_external_certificate_file"
    -privateKeyPath "path_to_certificate_key_file"
    -trustStorePath "path_to_ca_certificate_file"

    UNIX, Linux

    /usr/openv/wmc/bin/install/configureCertsForPlugins
    -registerExternalCert -certPath "path_to_external_certificate_file"
    -privateKeyPath "path_to_certificate_key_file"
    -trustStorePath "path_to_ca_certificate_file"

    For example:

    configureCertsForPlugins.bat -registerExternalCert -certPath "c:\server.pem" -privateKeyPath "c:\key.pem" -trustStorePath "c:\intermediateOrRootCA.pem"

    This command configures the plug-in to use the external certificate by importing the certificate into the keystore on the master server. The command options are as follows:

    • -certPath: Specifies the path to the certificate for the web server. This file should have a single certificate in PEM format.

    • -privateKeyPath: Specifies the path to the private key for the web server certificate.

    • -trustStorePath: Specifies the path to the certificate of the intermediate or root certification authority that has issued the web server certificate. This file should have a single certificate in PEM format. The subject of this certificate should match the issuer of the web server certificate.

      For further information on external certificates, see the NetBackup Security and Encryption Guide.

  2. Restart the NetBackup Web Management Console service on the master server.

    In the Activity Monitor of the NetBackup Administration Console: Click the Daemons tab, right-click the service, and click Stop Daemon. When the service has stopped, click Start Daemon.

  3. Renew the authentication token on the master server:

    See Renewing an authorization token.

    Note:

    Perform this step for each plug-in that needs to communicate with the master server.

  4. On the plug-in, remove the existing master server and then add the master server that now has the renewed token:

    See Authorizing the NetBackup vSphere Client (HTML5) plug-in to restore virtual machines.

Adding a new vCenter server with the VMware vSphere plug-in

If you use external-CA signed certificates and want to add a new vCenter server along with the VMware vSphere plug-in, use the manageClientCerts -create option on the master server to generate a new certificate for the client. You can then use the newly generated certificate when you add the NetBackup master server to the VMware vSphere plug-in.