NetBackup™ for Cloud Object Store Administrator's Guide

Last Published:
Product(s): NetBackup & Alta Data Protection (11.0)
  1. Introduction
    1.  
      Overview of NetBackup protection for Cloud object store
    2.  
      Features of NetBackup Cloud object store workload support
  2. Managing Cloud object store assets
    1.  
      Planning NetBackup protection for Cloud object store assets
    2.  
      Enhanced backup performance in 11.0 or later
    3.  
      Prerequisites for adding Cloud object store accounts
    4.  
      Configuring buffer size for backups
    5.  
      Configure a temporary staging location
    6.  
      Configuring advanced parameters for Cloud object store
    7.  
      Permissions required for Amazon S3 cloud provider user
    8.  
      Permissions required for Azure blob storage
    9.  
      Permissions required for GCP
    10.  
      Limitations and considerations
    11. Adding Cloud object store accounts
      1.  
        Creating cross-account access in AWS
      2.  
        Check certificate for revocation
      3.  
        Managing Certification Authorities (CA) for NetBackup Cloud
      4.  
        Adding a new region
    12.  
      Manage Cloud object store accounts
    13. Scan for malware
      1.  
        Backup images
      2.  
        Assets by policy type
  3. Protecting Cloud object store assets
    1. About accelerator support
      1.  
        How NetBackup accelerator works with Cloud object store
      2.  
        Accelerator notes and requirements
      3.  
        Accelerator force rescan for Cloud object store (schedule attribute)
      4.  
        Accelerator backup and NetBackup catalog
      5.  
        Calculate the NetBackup accelerator track log size
    2.  
      About incremental backup
    3.  
      About dynamic multi-streaming
    4. About storage lifecycle policies
      1.  
        Adding an SLP
    5.  
      About policies for Cloud object store assets
    6.  
      Planning for policies
    7.  
      Prerequisites for Cloud object store policies
    8.  
      Creating a backup policy
    9.  
      Policy attributes
    10.  
      Creating schedule attributes for policies
    11. Configuring the Start window
      1.  
        Adding, changing, or deleting a time window in a policy schedule
      2.  
        Example of schedule duration
    12.  
      Configuring the exclude dates
    13.  
      Configuring the include dates
    14.  
      Configuring the Cloud objects tab
    15.  
      Adding conditions
    16.  
      Adding tag conditions
    17.  
      Examples of conditions and tag conditions
    18. Managing Cloud object store policies
      1.  
        Copy a policy
      2.  
        Deactivating or deleting a policy
      3.  
        Manually backup assets
  4. Recovering Cloud object store assets
    1.  
      Prerequisites for recovering Cloud object store objects
    2.  
      Configuring Cloud object retention properties
    3.  
      Recovering Cloud object store assets
  5. Troubleshooting
    1.  
      Error 5541: Cannot take backup, the specified staging location does not have enough space
    2.  
      Error 5537: Backup failed: Incorrect read/write permissions are specified for the download staging path.
    3.  
      Error 5538: Cannot perform backup. Incorrect ownership is specified for the download staging path.
    4.  
      Reduced acceleration during the first full backup, after upgrade to versions 10.5 and 11.
    5.  
      After backup, some files in the shm folder and shared memory are not cleaned up.
    6.  
      After an upgrade to NetBackup version 10.5, copying, activating, and deactivating policies may fail for older policies
    7.  
      Backup fails with default number of streams with the error: Failed to start NetBackup COSP process.
    8.  
      Backup fails, after you select a scale out server or Snapshot Manager as a backup host
    9.  
      Backup fails or becomes partially successful on GCP storage for objects with content encoded as GZIP.
    10.  
      Recovery for the original bucket recovery option starts, but the job fails with error 3601
    11.  
      Recovery Job does not start
    12.  
      Restore fails: "Error bpbrm (PID=3899) client restore EXIT STATUS 40: network connection broken"
    13.  
      Access tier property not restored after overwriting the existing object in the original location
    14.  
      Reduced accelerator optimization in Azure for OR query with multiple tags
    15.  
      Backup failed and shows a certificate error with Amazon S3 bucket names containing dots (.)
    16.  
      Azure backup jobs fail when space is provided in a tag query for either tag key name or value.
    17.  
      The Cloud object store account has encountered an error
    18.  
      The bucket is list empty during policy selection
    19.  
      Creating a second account on Cloudian fails by selecting an existing region
    20.  
      Restore failed with 2825 incomplete restore operation
    21.  
      Bucket listing of a cloud provider fails when adding a bucket in the Cloud objects tab
    22.  
      AIR import image restore fails on the target domain if the Cloud store account is not added to the target domain
    23.  
      Backup for Azure Data Lake fails when a back-level media server is used with backup host or storage server version 10.3
    24.  
      Backup fails partially in Azure Data Lake: "Error nbpem (pid=16018) backup of client
    25.  
      Recovery for Azure Data Lake fails: "This operation is not permitted as the path is too deep"
    26.  
      Empty directories are not backed up in Azure Data Lake
    27.  
      Recovery error: "Invalid alternate directory location. You must specify a string with length less than 1025 valid characters"
    28.  
      Recovery error: "Invalid parameter specified"
    29.  
      Restore fails: "Cannot perform the COSP operation, skipping the object: [/testdata/FxtZMidEdTK]"
    30.  
      Cloud store account creation fails with incorrect credentials
    31.  
      Discovery failures due to improper permissions
    32.  
      Restore failures due to object lock

Policy attributes

The following procedure describes how to select the attributes for the backup policy.

Select the policy attributes

  1. On the left, click Protection > Policies.
  2. Enter a name for the policy in the Policy name field.
  3. Select the Cloud-Object-Store option from the Policy type dropdown.
  4. In the Destination section, configure the following data storage parameters:

    • The Data classification attribute specifies the classification of the storage lifecycle policy that stores the backup. For example, a backup with a gold classification must go to a storage unit with a gold data classification. By default, NetBackup provides four data classifications: platinum, gold, silver, and bronze.

      This attribute is optional and applies only when the backup is to be written to a storage lifecycle policy. If the list displays No data classification, the policy uses the storage selection that is displayed in the Policy storage list. If a data classification is selected, all the images that the policy creates are tagged with the classification ID.

    • The Policy storage attribute specifies the storage destination for the policy's data. You can override these selections from the Schedule tab.

      • Any available-If you select this option, NetBackup tries to store data on locally-attached storage units first. Select NetBackup or DataStore from the Policy volume pool dropdown. The Policy volume pool attribute specifies the default volume pool where the backups for the policy are stored. A volume pool is a set of media that is grouped for use by a single application. The volume pool is protected from access by other applications and users.

  5. Take checkpoints every-Specify the frequency for taking checkpoints during a backup. By taking checkpoints during a backup, you can save time if the backup fails. By taking checkpoints periodically during the backup, NetBackup can retry a failed backup from the beginning of the last checkpoint. A retry is often quicker than restarting the entire job.

    The checkpoint frequency indicates how often NetBackup takes a checkpoint during a backup. The default is 15 minutes. The administrator determines checkpoint frequency on a policy-by-policy basis. When you select the checkpoint frequency, balance the loss of performance due to frequent checkpoints with the possible time lost when failed backups restart. If the frequency of checkpoints affects performance, increase the time between checkpoints.

    Checkpoints are saved at object boundaries and point to the next object in the list to be backed up. Checkpoints cannot occur in the middle of an object backup. After the object is backed up, the checkpoint is saved.

  6. The Limit jobs per policy attribute limits the number of jobs that NetBackup performs concurrently when the policy is run. By default the box is cleared and NetBackup performs an unlimited number of backup jobs concurrently. Other resource settings can limit the number of jobs.

    A configuration can contain enough devices so that the number of concurrent backups affects performance. To specify a lower limit, select Limit jobs per policy and specify a value from 1 to 999.

  7. In the Job priority field, enter a value from 0 to 99999. This number specifies the priority that a policy has as it competes with other policies for resources. The higher the number, the greater the priority of the job. NetBackup assigns the first available resource to the policy with the highest priority.
  8. The Media owner field is available when the Policy storage attribute is set to Any Available. The Media owner attribute specifies which media server or server group should own the media that backup images for this policy are written to.

    • Any(default)-Allows NetBackup to select the media owner. NetBackup selects a media server or a server group (if one is configured).

    • None-Specifies that the media server that writes the image to the media owns the media. No media server is specified explicitly, but you want a media server to own the media.

  9. To activate the policy, select the option Go into effect at, and set the date and time of activation. The policy must be active for NetBackup to use it. Make sure that the date and time are set to the time that you want to resume backups.

    To deactivate a policy, clear the option. Inactive policies are available in the Policies list.

  10. The Allow multiple data stream option is selected by default and is read-only. This option allows NetBackup to divide automatic backups for each query into multiple jobs. Because the jobs are in separate data streams, they can occur concurrently.

    Multi-stream jobs consist of a parent job to perform stream discovery and child jobs for each stream. Each child job displays its job ID in the Job ID column in the Activity monitor. The job ID of the parent job appears in the Parent Job ID column, which is not displayed by default. Parent jobs display a dash (-) in the Schedule column.

  11. Select the Use Accelerator option to enable accelerator for the policy.

    NetBackup Accelerator optimizes backups to perform better both in terms of data movement and backup time. Accelerator identifies changed content, move only unique data to backup target. Subsequently, it creates a synthetic backup image by combining current changed data and unchanged data from the previous backup image. The backup host sends the changed data to the media server in a more efficient backup stream. The media server combines the changed data with the rest of the backup data that is stored in previous backups.

    Typically, any data change for an object results in an update of its modification time (mtime). Certain Cloud object store vendors may not update the mtime for an object's tag or user attribute change. NetBackup's Cloud object store component considers object's modification time (mtime) to identify the objects that have changed since the last backup. Additionally, it must check if tags or user attributes has changed as well to account for the cloud vendor's inability to update mtime for tags change.

    Optionally, select the Quick object change scan option to skip the checks for object tags. If you have an application environment, where the object tags are not modified after the initial create time, you can use this option to skip these checks and significantly increase the backup speed.

    Enabling this option speeds up object change identification for Accelerator, as it skips the comparison of object tags since last backup. However, with this option you may not backup objects that have no data change but only tag change since the last backup.

    This feature works only with Dynamic multi-streaming. You need to configure a temporary storage space for backups before using this option. See Configure a temporary staging location.

  12. Select the Disable for all clients option from the Client-side deduplication options. NetBackup Cloud object store protection uses the backup host as the client.
  13. The Keyword phrase attribute is a phrase that NetBackup associates with all backups or archives based on the policy. Only the Windows and UNIX client interfaces support keyword phrases.

    Clients can use the same keyword phrase for more than one policy. The same phrase for multiple policies makes it possible to link backups from related policies. For example, use the keyword phrase "legal department documents" for backups of multiple clients that require separate policies, but contain similar types of data.

    The phrase can be a maximum of 128 characters in length. All printable characters are permitted, including spaces and periods. By default, the keyword phrase is blank.