Veritas CloudPoint Administrator's Guide

Last Published:
Product(s): CloudPoint (2.2.2)
Platform: Linux
  1. Getting started with CloudPoint
    1.  
      About CloudPoint
    2.  
      What kinds of assets can you protect?
    3.  
      Understanding your CloudPoint license
  2. Section I. Installing and configuring CloudPoint
    1. Preparing for installation
      1.  
        About the deployment approach
      2.  
        Deciding where to run CloudPoint
      3.  
        Meeting system requirements
      4.  
        CloudPoint host sizing recommendations
      5.  
        Creating an instance or preparing the physical host to install CloudPoint
      6.  
        Installing Docker
      7.  
        Creating and mounting a volume to store CloudPoint data
      8.  
        Verifying that specific ports are open on the instance or physical host
    2. Deploying CloudPoint
      1.  
        About deploying CloudPoint in a non-interactive mode
      2.  
        Installing CloudPoint
      3.  
        Configuring CloudPoint from your browser and signing in
      4.  
        Verifying that CloudPoint installed successfully
      5.  
        Configuring AWS KMS in CloudPoint
    3. Deploying CloudPoint in the AWS cloud
      1.  
        About CloudPoint deployment in the AWS cloud
      2.  
        About CloudPoint integration with AWS KMS
      3. About CloudPoint support for AWS IAM roles
        1.  
          About source account and cross-account configurations
        2.  
          How to configure CloudPoint to use IAM roles
        3.  
          CloudPoint IAM role configuration limitations
      4. About the CloudPoint AWS CloudFormation template
        1.  
          Resources created by the CloudPoint template
        2.  
          CloudPoint EC2 instance configuration details
        3.  
          Instance failures and Auto Scaling Group behavior
      5.  
        Prerequisites for using the CloudPoint template
      6.  
        Launching a CloudPoint CloudFormation stack
    4. Using plug-ins to discover assets
      1.  
        About plug-ins
      2.  
        Determining the types of plug-ins and agents to install
    5. Configuring off-host plug-ins
      1. AWS plug-in configuration notes
        1.  
          Prerequisites for configuring the AWS plug-in
        2.  
          Configuring AWS permissions for CloudPoint
        3.  
          AWS permissions required by CloudPoint
        4.  
          Before you create a cross account configuration
      2. Google Cloud Platform plug-in configuration notes
        1.  
          Google Cloud Platform permissions required by CloudPoint
        2.  
          Configuring a GCP service account for CloudPoint
        3.  
          Preparing the GCP service account for plug-in configuration
      3. Microsoft Azure plug-in configuration notes
        1.  
          Configuring permissions on Microsoft Azure
      4.  
        Dell EMC Unity array plug-in configuration notes
      5.  
        Pure Storage FlashArray plug-in configuration notes
      6. HPE RMC plug-in configuration notes
        1.  
          RMC plug-in configuration parameters
        2.  
          Supported HPE storage systems
        3.  
          Supported CloudPoint operations on HPE storage arrays
      7. NetApp plug-in configuration notes
        1.  
          NetApp plug-in configuration parameters
        2.  
          Supported NetApp arrays
        3.  
          Supported CloudPoint operations on NetApp storage
      8. Hitachi plug-in configuration notes
        1.  
          Hitachi plug-in configuration parameters
        2.  
          Supported Hitachi storage arrays
        3.  
          Supported CloudPoint operations on Hitachi arrays
      9. InfiniBox plug-in configuration notes
        1.  
          InifiniBox plug-in configuration parameters
        2.  
          Supported CloudPoint operations on InfiniBox arrays
      10.  
        Configuring an off-host plug-in
      11. About CloudPoint plug-ins and assets discovery
        1.  
          Plug-in discovery interval requirements and limitations
        2.  
          Viewing the assets discovery interval setting
    6. Configuring the on-host agents and plug-ins
      1.  
        About agents
      2. Oracle plug-in configuration notes
        1.  
          Optimizing your Oracle database data and metadata files
      3.  
        MongoDB plug-in configuration notes
      4.  
        Microsoft SQL plug-in configuration notes
      5.  
        About the installation and configuration process
      6.  
        Preparing to install the Linux-based on-host agent
      7.  
        Preparing to install the Windows-based on-host agent
      8.  
        Downloading and installing the on-host agent
      9.  
        Configuring the Linux-based on-host agent
      10.  
        Configuring the Windows-based on-host agent
      11.  
        Configuring the on-host plug-in
      12.  
        Configuring VSS to store shadow copies on the originating drive
    7. Protecting assets with CloudPoint's agentless feature
      1.  
        About the agentless feature
      2. Prerequisites for the agentless configuration
        1.  
          Granting password-less sudo access to host user account
      3.  
        Configuring the agentless feature
  3. Section II. Configuring users
    1. Setting up email and adding users
      1.  
        Configuring the CloudPoint sender email address
      2.  
        About adding users to CloudPoint
      3.  
        Adding AD users to CloudPoint using LDAP
      4.  
        Adding users to CloudPoint manually
      5.  
        Deleting a user from CloudPoint
    2. Assigning roles to users for greater efficiency
      1.  
        About role-based access control
      2.  
        Displaying role information
      3.  
        Creating a role
      4.  
        Editing a role
      5.  
        Deleting a role
  4. Section III. Protecting and managing data
    1. User interface basics
      1.  
        Signing in to CloudPoint
      2.  
        Focusing on an asset type
      3.  
        Navigating to your assets
      4.  
        Using the action icons
    2. Indexing and classifying your assets
      1.  
        About indexing and classifying snapshots
      2.  
        Configuring classification settings using VIC
      3.  
        Indexing and classifying snapshots
      4.  
        Indexing and classification statuses
    3. Protecting your assets with policies
      1.  
        About policies
      2.  
        How a CloudPoint protection policy works
      3.  
        Creating a policy
      4.  
        Assigning a policy to an asset
      5.  
        Listing policies and displaying policy details
      6.  
        Editing a policy
      7.  
        Deleting a policy
    4. Tag-based asset protection
      1.  
        About tag-based asset protection
      2.  
        How to use tag-based asset protection feature
      3.  
        Tag-based asset protection support
      4.  
        Tag-based asset protection considerations and limitations
    5. Replicating snapshots for added protection
      1.  
        About snapshot replication
      2.  
        About cross-account snapshot replication in the AWS cloud
      3.  
        Requirements for replicating snapshots
      4.  
        Cross-account snapshot replication support matrix
      5.  
        Cross-account snapshot replication limitations
      6.  
        Configuring replication rules
      7.  
        Editing a replication rule
      8.  
        Deleting a replication rule
    6. Managing your assets
      1.  
        Creating a snapshot manually
      2.  
        Displaying asset snapshots
      3.  
        Replicating a snapshot manually
      4. About snapshot restore
        1.  
          Restore requirements and limitations for Microsoft SQL Server
        2.  
          Restore requirements and limitations for Oracle
        3.  
          Restore requirements and limitations for MongoDB
      5.  
        About single file restore (granular restore)
      6. Single file restore requirements and limitations
        1.  
          Single file restore support on Linux
        2.  
          Single file restore limitations on Linux
        3.  
          Single file restore support on Windows
        4.  
          Single file restore limitations on Windows
      7.  
        Restoring a snapshot
      8.  
        Additional steps required after restoring disk-level snapshots
      9. Additional steps required after a SQL Server snapshot restore
        1.  
          Steps required after a SQL Server host-level restore
        2.  
          Steps required after a SQL Server disk-level snapshot restore to new location
      10.  
        Additional steps required after an Oracle snapshot restore
      11.  
        Additional steps required after a MongoDB snapshot restore
      12.  
        Additional steps required after restoring an AWS RDS database instance
      13.  
        Restoring individual files within a snapshot
      14.  
        Deleting a snapshot
    7. Monitoring activities with notifications and the job log
      1.  
        About CloudPoint notifications
      2.  
        Viewing notifications in the CloudPoint UI
      3.  
        CloudPoint notification methods
      4.  
        CloudPoint notification limitations
      5.  
        Configuring email-based CloudPoint notifications
      6.  
        Configuring AWS SNS-based CloudPoint notifications
      7.  
        Using the Job Log
    8. Protection and disaster recovery
      1.  
        About protection and disaster recovery
      2.  
        Backing up CloudPoint
      3.  
        Restoring CloudPoint
  5. Section IV. Maintaining CloudPoint
    1. CloudPoint logging
      1.  
        About CloudPoint logging mechanism
      2. How fluentd-based CloudPoint logging works
        1.  
          About the CloudPoint fluentd configuration file
        2.  
          Modifying the fluentd configuration file
        3.  
          Fluentd-based logging requirements and considerations
      3.  
        Viewing CloudPoint logs
    2. Troubleshooting CloudPoint
      1.  
        Restarting CloudPoint
      2.  
        Docker may fail to start due to a lack of space
      3.  
        CloudPoint installation fails if rootfs is not mounted in a shared mode
      4.  
        Some CloudPoint features do not appear in the user interface
      5.  
        Off-host plug-in deletion does not automatically remove file system and application assets
      6.  
        Disk-level snapshot restore fails if the original disk is detached from the instance
      7.  
        Snapshot restore for encrypted AWS assets may fail
      8.  
        Error while adding users to CloudPoint
      9.  
        CloudPoint fails to revert restored snapshots if indexing, classification, or restore operations fail
      10.  
        SQL snapshot or restore and SFR operations fail if the Windows instance loses connectivity with the CloudPoint host
      11.  
        Troubleshooting CloudPoint logging
      12.  
        Swagger UI-based authorization for CloudPoint REST API calls may fail
      13.  
        Policy retention count is not honored for file system and application assets if there is an issue with the CloudPoint plug-in
    3. Working with your CloudPoint license
      1.  
        Displaying CloudPoint license and protection information
      2.  
        Upgrading your CloudPoint license
    4. Managing CloudPoint agents and plug-ins
      1.  
        Unconfiguring CloudPoint plug-ins
      2.  
        Unconfiguring the CloudPoint agent
      3.  
        Uninstalling CloudPoint on-host agents
    5. Upgrading CloudPoint
      1. About CloudPoint upgrades
        1.  
          Supported upgrade path
      2. Preparing to upgrade CloudPoint
        1.  
          Removing CloudPoint plug-in configuration
      3.  
        Upgrading CloudPoint
      4.  
        Upgrading a CloudPoint CloudFormation stack
    6. Uninstalling CloudPoint
      1.  
        Preparing to uninstall CloudPoint
      2.  
        Removing the CloudPoint on-host agents
      3.  
        Removing CloudPoint from a standalone Docker host environment
  6. Section V. Reference
    1. Storage array support
      1. Dell EMC Unity arrays
        1.  
          Dell EMC Unity array plug-in configuration parameters
        2.  
          Supported Dell EMC Unity arrays
        3.  
          Supported CloudPoint operations on Dell EMC Unity arrays
      2. Pure Storage FlashArray
        1.  
          Pure Storage FlashArray plug-in configuration parameters
        2.  
          Supported Pure Storage FlashArray models
        3.  
          Supported CloudPoint operations on Pure Storage FlashArray models
    2. Working with CloudPoint using APIs
      1.  
        Accessing the Swagger-based API documentation

Upgrading a CloudPoint CloudFormation stack

The following upgrade steps are applicable if you have deployed CloudPoint using the CloudFormation Template (CFT) in the AWS cloud. The upgrade process is similar to when you are deploying a new instance using the CloudPoint CFT. The difference is in some of the parameters where you are required to specify the values used in the existing CloudPoint deployment.

For more details about the CloudPoint CFT and the deployment process, refer to the following:

See About CloudPoint deployment in the AWS cloud.

Prerequisites for the upgrade

Perform the following steps before you proceed with the upgrade:

  • Gather the following details about the existing CloudPoint instance; these are required later during the actual upgrade:

    • CloudPoint metadata volume ID.

      Perform the following steps to get the volume ID:

      • In the AWS Console, from the menu on the left, click Services, and then from under Management & Governance, click CloudFormation.

      • From the list of stacks, click on the CloudPoint stack and then click the Resources tab.

      • From the list of resources displayed, locate a volume of type of AWS::EC2::Volume and Logical ID as NewVolume.

        This is the volume that contains the CloudPoint metadata.

      • Copy the entry that appears in the Physical ID column.

        The entry is of the format vol-123456abc789 and it represents the volume ID.

    • CloudPoint metadata disk snapshot ID.

      Using the CloudPoint metadata volume ID that you noted earlier, perform the following steps to find out the metadata disk's snapshot ID:

      • In the AWS Console, from the menu on the left, click Services, and then from under Compute, click EC2.

      • From the EC2 Dashboard navigation menu on the left, under Elastic Block Store, click Snapshots.

      • Search for the snapshot ID using the CloudPoint metadata volume ID as the search parameter.

      • Copy the snapshot ID listed under the Snapshot ID column.

    • AWS IAM role that is attached to the CloudPoint configuration.

    • AWS Elastic IP that is associated with the CloudPoint instance.

    • CloudPoint administrator user name and password.

    • AWS SNS Topic ARN that is created for the existing CloudPoint stack.

      If required, you can also use another SNS topic ARN altogether.

  • Sign in to CloudPoint user interface (UI) and from the Job Log page, verify that there are no protection policy snapshot or other operations in progress.

  • Stop CloudPoint gracefully.

    Log on to the CloudPoint instance and then run the following command:

    # sudo docker run --rm -it -v /cloudpoint:/cloudpoint -v /var/run/docker.sock:/var/run/docker.sock veritas/flexsnap-cloudpoint:current_version stop

    Here, current_version represents the currently installed CloudPoint version.

    For example, if the installed CloudPoint version is 2.0.2.4722, the command will be as follows:

    # sudo docker run --rm -it -v /cloudpoint:/cloudpoint -v /var/run/docker.sock:/var/run/docker.sock veritas/flexsnap-cloudpoint:2.0.2.4722 stop

    The CloudPoint containers are stopped one by one. Messages similar to the following appear on the command line:

    Stopping the services
Stopping container: flexsnap-agent.e425d969dd4 ...done
Stopping container: flexsnap-agent.4704fd318322 ...done
Stopping container: flexsnap-fluentd ...done
Stopping container: flexsnap-mongodb ...done
Stopping container: flexsnap-rabbitmq ...done

    Wait for all the CloudPoint containers to be stopped.

  • Unmount the CloudPoint file system on the instance and then detach the CloudPoint metadata volume mounted at /cloudpoint.

    Type the following command on the instance:

    # umount /cloudpoint

  • Disassociate the AWS Elastic IP that is assigned to the existing CloudPoint instance.

    From the AWS console, click on the EC2 Service and then from under Network and Security, select Elastic IPs. Select the Elastic IP address assigned to the instance and then click Actions > Disassociate address and then confirm the action.

    You will associate the same IP with the newer instance later during the upgrade.

  • Shut down the existing CloudPoint instance.

Perform the following steps to upgrade a CloudPoint deployment using a new AWS CloudFormation stack.

To upgrade the CloudPoint CloudFormation stack

  1. From the AWS Marketplace online store, download the CloudPoint CloudFormation template of the CloudPoint version that you wish to upgrade to, to a temporary location.

    Alternatively, you can also make a note of the template download URL.

  2. Log on to the AWS Management Console and from the top right corner select the region in which you want to run the CloudPoint instance.

  3. From the Services menu, under Management & Governance, select CloudFormation.

  4. To begin creating a new stack, click Create Stack.

    Note:

    AWS provides different options to create a stack depending on whether you have an existing stack running. Refer to the following for the exact steps:

    https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-console-create-stack.html

  5. On the Select Template page, in the Choose a template section, specify the CloudPoint template using any of the following methods:

    • Click Upload a template to Amazon S3 and then click Browse and select the CloudPoint template file that you downloaded earlier.

    • Alternatively, click Specify an Amazon S3 template URL and then enter the CloudPoint template download URL.

  6. After specifying the template file, click Next.

  7. On the Specify Details page, in the Stack name field, type a name for the new stack.

    Use a descriptive name that helps you identify this stack from a list of stacks later.

  8. On the Specify Details page, in the Parameters section, specify the parameter values.

    These parameters allow you to customize the stack at creation time.

    • CloudPoint System Configuration

      Parameter

      Description

      EC2 Instance Type

      From the drop-down list, select the instance type that you want to use for the CloudPoint instance.

      The instance type can be the same as the existing CloudPoint instance or higher.

      Specify t3.large or a higher configuration.

      Volume Size

      Specify a size for the EBS volume that is attached to the new instance. This volume is used for storing CloudPoint metadata.

      Enter a value of 60 GB or more.

      EBS Volume ID

      Specify the ID of the EBS volume that contains the CloudPoint metadata of the existing CloudPoint deployment.

      The specified volume is attached to the newer CloudPoint instance.

      This parameter is required for the upgrade.

      Note:

      Ensure that you specify only one of the parameters, EBS Volume ID or Volume Snapshot ID, for the upgrade. Do not specify both the parameters.

      Volume Snapshot ID

      Specify the snapshot ID of the disk that contains the CloudPoint metadata of the existing CloudPoint deployment.

      A new EBS volume is created from the specified snapshot and is attached to the new instance.

      This parameter is required for the upgrade.

      Note:

      Ensure that you specify only one of the parameters, EBS Volume ID or Volume Snapshot ID, for the upgrade. Do not specify both the parameters.

      IAM Role

      Specify the IAM role that you want to attach to the upgraded CloudPoint instance. This should be the same IAM role that is attached with the existing CloudPoint deployment. This is the same role with which the CloudPoint plug-in for AWS was configured on the existing instance.

      Ensure that the IAM role is assigned with the permissions that CloudPoint requires.

      See Configuring AWS permissions for CloudPoint.

      If you do not specify any value, the CFT creates a new IAM role with requisite permissions and attaches that role to the CloudPoint instance.

    • Network Configuration

      Parameter

      Description

      CloudPoint Network Interface

      Select the network interface to assign to the CloudPoint server. CloudPoint uses this interface for public access.

      If you specify a private network, ensure that you enable public access for the CloudPoint instance either via a NAT gateway or by configuring a Virtual Private Cloud (VPC) endpoint for the AWS CloudFormation service.

      CloudPoint VPC

      Specify the ID of the Virtual Private Cloud (VPC) where you want to deploy the CloudPoint instance.

      CloudPoint Subnet

      From the drop-down list, select the subnet ID of an existing subnet in the VPC where you want to deploy the CloudPoint instance.

      The drop-down list displays all the existing subnet IDs in the region where you are deploying CloudPoint.

      Availability Zone

      From the drop-down list, select the availability zone where you want to deploy the CloudPoint instance.

      Inbound Access CIDR

      Specify the CIDR to allow inbound access to the CloudPoint instance.

      This is used to create a security group for CloudPoint.

      Elastic IP

      (optional)

      If a public network interface was selected for the CloudPoint instance earlier, then specify the Elastic IP to assign to the CloudPoint instance.

      The IP should be the same IP that was assigned to the existing CloudPoint instance earlier.

      If an IP is not specified here, an IP address from the AWS pool is automatically assigned to the CloudPoint instance.

    • CloudPoint Configuration

      Parameter

      Description

      CloudPoint User Name

      Specify a valid email address that will be used to configure as an administrator user account on the new CloudPoint instance.

      The user account must be the same admin account that was configured on the existing CloudPoint instance.

      CloudPoint Password

      Specify the password for the administrator user account.

      The password must be the same as that of the admin user account configured on the existing CloudPoint instance.

      Confirm CloudPoint Password

      Re-enter the password for the administrator user account.

      Hostnames

      (optional)

      In case of upgrades, leave this field blank.

      License Type

      Select the CloudPoint trial license that you wish to activate on the CloudPoint instance.

      Pick from one of the following options:

      • Freemium

        A Freemium license is a permanent license that does not expire and allows you to try out a subset of the CloudPoint features. This license lets you protect up to 10 TB of front-end terabyte (FETB) data.

      • Evaluation

        An Evaluation license is a 60-day time-bound license that allows you to try out all of the CloudPoint features. This license lets you protect up to 1000 TB of FETB data.

      See Understanding your CloudPoint license.

      Enable Telemetry

      (optional)

      Specify whether you want to enable or disable the telemetry service. When enabled, your CloudPoint usage information is shared with Veritas anonymously.

    • CloudPoint ASG Notification Configuration

      Parameter

      Description

      SNS Topic ARN

      (optional)

      Specify the ARN of the SNS topic that you created for the existing CloudPoint stack. If required, you can also specify a new SNS topic ARN.

      The SNS topic allows you to receive notifications whenever there is a change to the Auto Scaling Group (ASG).

      Veritas recommends that you configure an SNS Topic for the CloudPoint instance. The change notifications help you keep a track of the health of the CloudPoint instance.

      See Instance failures and Auto Scaling Group behavior.

    • CloudPoint KMS Configuration

      Parameter

      Description

      CMK ID

      (optional)

      Specify the ID of the AWS KMS customer master key (CMK) that you want to use to configure AWS KMS with CloudPoint.

      If KMS was configured in the existing CloudPoint deployment, then specify the CMK that was used earlier.

      This parameter is not required if you do not want to use KMS with CloudPoint. If you do not specify this parameter, CloudPoint uses the default 256-bit AES specification to encrypt and decrypt all the configuration information.

      See About CloudPoint integration with AWS KMS.

      CMK Region

      (optional)

      Specify the region of the CMK whose ID is specified in the CMK ID field earlier.

      This parameter is not required if the CMK region is the same as where CloudPoint is being deployed.

    • Security Configuration

      Parameter

      Description

      Key Pair Name

      From the drop-down list, select the EC2 Key Pair that you want to use to enable SSH access to the CloudPoint instance.

      The drop-down list displays all the Key Pair names in the region where you want to deploy CloudPoint.

  9. Verify the parameter values and then click Next.

  10. On the Options page, set any additional options (such as Tags, Permissions, Rollback Triggers) for the stack and then click Next.

  11. On the Review page, review all the details that you have provided for the stack.

    Under the Capabilities section, you may see an information box that displays a message informing you that this template may create additional IAM resources.

    Select I acknowledge that AWS CloudFormation might create IAM resources. to acknowledge and confirm.

  12. Verify all the details and then click Create to launch the stack.

    Your stack now appears in the list of AWS CloudFormation stacks and the status appears as CREATE_IN_PROGRESS.

    Select the stack and then click the Events tab to see the sequence of events that occur during the creation of the stack.

    Click the Resources tab to see all the resources that are created for the stack.

  13. After the stack is created successfully, the status of the stack changes to CREATE_COMPLETE.

    This completes the process of setting up a CloudPoint stack using the CloudFormation template.

    You can now connect to the CloudPoint instance, install required licenses, and then configure CloudPoint agents and plug-ins.

    See Understanding your CloudPoint license.

    See About plug-ins.