Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
2 Documentation Updates
Technical support
For technical assistance, visit http://entsupport.symantec.com and select phone or email support. Use the Knowledge Base search feature to access resources such as TechNotes, product alerts, software downloads, hardware compatibility lists, and our customer email notification service.
Contents
Chapter 1 Chapter 2
Best practices ....................................................................................................... 51 More information ........................................................................................ 52 VMware support matrices .................................................................................. 53 Supported VMware components ............................................................... 53 Supported operating systems for VMware backup proxy server ......... 53 Supported disk arrays ................................................................................. 53 VMware guest operating systems tested ................................................. 53 Supported file systems ................................................................................ 54 Snapshot Client support matrix ........................................................ 55 VMware logging ................................................................................................... 55 Troubleshooting ................................................................................................... 56 VMware environmentimportant! ........................................................... 56 Changing the browsing time-out for virtual machine discovery ......... 56 Notes and tips ............................................................................................... 56 Backup and restore problems .................................................................... 57 Credentials for VMware server are not valid .................................. 57 NetBackup cannot obtain the volume ID of a drive ........................ 57 The backup fails with status 156 ....................................................... 58 Terminology ......................................................................................................... 59
Chapter 3
Case 2: Existing NOM server is NOM 6.5/6.5.1 ................................78 Creating a VCS cluster .................................................................................80 Installing NetBackup client software .......................................................80 Installing Symantec Product Authentication Service on the other nodes ......................................................................................................80 Installing NOM 6.5.2 on the other nodes .................................................81 Pre-configuration checklist for a NOM cluster .......................................81 Pre-configuration checklist for Windows ........................................82 Pre-configuration checklist for Solaris ............................................82 Configuring NetBackup Operations Manager cluster ............................83 Using NOM after the cluster is configured ..............................................85 Configuring the NetBackup master servers .............................................85 Adding a new node to an existing NOM cluster ..............................................86 Removing NetBackup Operations Manager from a cluster ...........................87 Uninstalling NOM 6.5.2 and rolling back to the previous standalone NOM version on Windows and Solaris .........................87 Removing NOM completely from the cluster ..........................................90 Administering a NOM cluster ............................................................................93 Limitations of a NOM cluster .............................................................................94 Troubleshooting a NetBackup Operations Manager cluster .........................94
Chapter 4
Determine if persistent bindings are needed in HBA file (Solaris only) ....................................................................................... 111 Determining if devices are using world-wide names ................... 112 Identifying your HBA driver ............................................................ 112 Update sd.conf for import of TimeImages (Solaris only) .................... 113 Which sd.conf file to update (Solaris only) .................................... 113 Configuration tasks: overview ................................................................. 114 Configuring a NetBackup policy ..............................................................114 Performing a backup ................................................................................. 117 Performing a restore ................................................................................. 117 NetBackup RealTime logging ................................................................... 117 Troubleshooting ......................................................................................... 118 Logging ................................................................................................ 118 Policy validation fails ........................................................................ 118 Backups fail with status code 156 ................................................... 118 Cannot browse backups to restore .................................................. 119 New disk array snapshot methods in 6.5.2 ....................................................120 About the new disk array methods in 6.5.2 ........................................... 120 The disk array methods at a glance ................................................ 120 Snapshot Client support matrix ..............................................................121 Note on Instant Recovery (point-in-time) rollback .............................. 121 Array preconfiguration tasks .................................................................. 121 OS-specific configuration ......................................................................... 122 Dynamic multipathing ...................................................................... 122 HBA configuration ............................................................................. 122 Solaris sd.conf file (Hitachi arrays only) ........................................ 122 Verify NetBackup client access to array devices .......................... 123 IBM DS6000 and DS8000 arrays ..................................................................... 124 IBM DS6000 and 8000 software requirements ..................................... 124 Preconfiguration for IBM arrays ............................................................. 124 Configuring NetBackup to access the array ..........................................124 Array access for NetBackup hosts not named in a policy ........... 124 Configure the IBM array for NetBackup ................................................ 125 Obtain unique IBM identifiers ................................................................. 125 Configuring a NetBackup policy for IBM_DiskStorage_FlashCopy ... 128 For further reference ................................................................................ 129 Hitachi SMS/WMS/AMS, USP/NSC, USP-V/VM .......................................... 129 Hitachi array software requirements ..................................................... 129 Checking the RAID Manager version .............................................. 130 Preconfiguration for Hitachi ................................................................... 130 Pair status must be PSUS (SMS/WMS/AMS arrays only) ........... 130 Configure command devices on NetBackup client and alternate client ........................................................................... 130
Configuring NetBackup to access the array ...........................................130 Configure the Hitachi array for NetBackup ...........................................131 Obtain unique Hitachi identifiers ............................................................131 Configure a NetBackup policy for Hitachi_ShadowImage or Hitachi_CopyOnWrite .......................................................................132 Troubleshooting .................................................................................................133 Troubleshooting: IBM DS6000 and 8000 arrays ...................................133 Snapshot error encountered (NetBackup status code 156) .........134 Troubleshooting: Hitachi arrays .............................................................135 NetBackup policy validation fails ....................................................136 Backup or restore or image expiration fails ...................................138 New options for vxvm snapshots ....................................................................140 New vxvm backup options ........................................................................140 New vxvm restore options for Instant Recovery rollback ...................142
Chapter 5
10
Key Management Service (KMS) ..................................................... 149 Key record (KR) .................................................................................. 149 KMS database ..................................................................................... 149 Key Protection Key (KPK) ................................................................. 149 Key file (key database) ....................................................................... 149 Key group ............................................................................................ 150 Key record ........................................................................................... 150 Key record states ................................................................................ 150 Key store .............................................................................................. 150 Passphrase .......................................................................................... 150 Quiesce ................................................................................................ 151 Tag ........................................................................................................ 151 Installing KMS .................................................................................................... 151 Using KMS with NBAC .............................................................................. 153 KMS with HA clustering ........................................................................... 154 Enabling cluster use with the KMS service .................................... 154 Enabling monitoring of the KMS service ....................................... 155 Disabling monitoring of the KMS service ...................................... 155 Removing the KMS service from monitored list ........................... 155 KMS configuration ............................................................................................ 156 Creating the key database ........................................................................ 156 Creating key groups and key records ..................................................... 157 Creating key groups ........................................................................... 158 About key records .............................................................................. 158 Key record states ....................................................................................... 159 Key record state considerations ...................................................... 160 Prelive state ........................................................................................ 161 Active state ......................................................................................... 161 Inactive state ...................................................................................... 161 Deprecated state ................................................................................ 161 Terminated state ................................................................................ 162 KMS best practices .................................................................................... 162 Backing up the KMS database files ................................................. 162 Recovering KMS by restoring all data files .................................... 163 Recovering KMS by restoring only the KMS data file .................. 163 Recovering KMS by regenerating the data encryption key ......... 163 Problems backing up the KMS data files ........................................ 165 Solutions for backing up the KMS data files ................................. 165 Creating a key record ........................................................................ 166 Listing keys ......................................................................................... 166 Configuring NetBackup to work with KMS ............................................ 166 How does NetBackup get key records from KMS .......................... 166 Setting up Netbackup to use encryption ........................................ 167
11
Using KMS ...........................................................................................................169 Run an encrypted tape backup ................................................................169 Verify an encryption backup ....................................................................170 KMS DB constituents .................................................................................171 Create an empty KMS DB ..........................................................................171 Importance of the KPK ID and HMK ID ..................................................172 Periodically updating the HMK and KPK ...............................................172 Backing up the KMS key store and admin keys .....................................172 CLI commands ....................................................................................................173 CLI usage help .............................................................................................173 Create a new key group .............................................................................174 Create a new key .........................................................................................174 Modify key group attributes .....................................................................175 Modify key attributes ................................................................................175 Get details of key groups ..........................................................................175 Get details of keys ......................................................................................176 Delete a key group ......................................................................................176 Delete a key .................................................................................................177 Recover a key ..............................................................................................177 Modify host master key (HMK) ................................................................178 Get HMK ID .................................................................................................178 Modify key protection key (KPK) .............................................................178 Get KPK ID ...................................................................................................178 Get key store statistics ..............................................................................178 Quiesce KMS DB .........................................................................................179 Unquiesce KMS DB ....................................................................................179 Key creation options ..................................................................................179 Troubleshooting KMS .......................................................................................180 Solution for backups are not encrypting ................................................181 Solution for restores are not decrypting ................................................181 Troubleshooting example - backup with no active key record ...........181 Troubleshooting example - restore with an improper key record state ......................................................................................................184 KMS error messages ..................................................................................186
Chapter 6
12
Adjust Memory Settings option ....................................................... 193 Transaction Log Management option .................................................... 194 Truncate the Transaction Log option ............................................. 195 Toggle Transaction Log Mode option ............................................. 195 Change Temporary Directory for Truncation option .................. 195 Database Validation Check and Rebuild option .................................... 195 Standard Validation option ..............................................................196 Full Validation option ....................................................................... 196 Database Rebuild option ................................................................... 196 Move Database option ............................................................................... 197 Move Data option ............................................................................... 197 Move Index option ............................................................................. 197 Move Transaction Log option .......................................................... 198 Move/Create Mirrored Log option .................................................. 198 Stop Using Mirrored Transaction Log option ............................... 198 Unload Database option ........................................................................... 198 Schema Only option .......................................................................... 198 Data and Schema option ................................................................... 198 Change Directory option ................................................................... 198 Backup and Restore Database option ..................................................... 199 Online Backup Option ....................................................................... 199 Offline Backup option ....................................................................... 199 Restore Backup option ...................................................................... 199 Change Directory option ................................................................... 200 Running the Database Administration Tool on Windows .......................... 201 General tab .................................................................................................. 202 Data Details button ............................................................................ 202 Add Data Space button ...................................................................... 202 Add Index Space button .................................................................... 203 Refresh button .................................................................................... 203 Reorganize All button ....................................................................... 203 Validate button ................................................................................... 203 Rebuild button .................................................................................... 203 Tools tab ...................................................................................................... 204 Change button to change the password ......................................... 204 Move button ........................................................................................ 205 Export button ..................................................................................... 205 Copy button ........................................................................................ 205 Restore button .................................................................................... 205 Set button ............................................................................................ 206 Modify button ..................................................................................... 206 Truncate button ................................................................................. 206 Validation checks during a hot catalog backup ............................................ 207
13
Chapter 7
Chapter 8
14
(CCR) environment ............................................................................ 227 Troubleshooting LCR or CCR recovery ................................................... 227 Requirements for redirected restores of Exchange 2003 or 2007 legacy (non VSS) backups to an RSG ................................................................... 228 Requirements for redirected restores of Exchange 2003 VSS backup images .......................................................................................................... 228 About redirecting restores of Exchange 2007 VSS backup images ........... 228 Redirecting the restore of a VSS backup to the Exchange 2007 recovery storage group (RSG) .......................................................... 230 Instant recovery for Exchange on Windows VSS ......................................... 231 Policy recommendations .......................................................................... 231 Configuration requirements for Exchange ............................................ 231 Limitations .................................................................................................. 232 Operational notes ...................................................................................... 232 Copy-back instant recovery restore method ......................................... 232 Troubleshooting ......................................................................................... 233 Off-host backups ................................................................................................ 233 Other operational notes .................................................................................... 234
Chapter 9
Chapter 10
Chapter 11
15
Configuring AdvancedDisk ..............................................................................249 Configuring AdvancedDisk storage servers ..........................................249 Configuring an AdvancedDisk disk pool ................................................252 Creating a storage unit ..............................................................................254 Storage unit properties .....................................................................254 Disk pool ..............................................................................................254 Storage unit usage recommendations ............................................256 Creating a backup policy ...........................................................................257 Restores .......................................................................................................258 Managing AdvancedDisk ..................................................................................258 Managing disk pools ..................................................................................258 Changing disk pool properties .........................................................258 Adding volumes to an AdvancedDisk disk pool ............................260 Removing a volume from a disk pool ..............................................260 Changing disk pool or volume state ................................................261 Merging disk pools .............................................................................262 Deleting a disk pool ............................................................................262 Obtaining disk pool and volume status ..........................................263 Managing storage servers .........................................................................264 Viewing storage servers ....................................................................264 Viewing storage server attributes ...................................................265 Removing storage server attributes ................................................265 Removing a storage server from disk pool access ........................266 Deleting a storage server ..................................................................267 Obtaining storage server status .......................................................267 Monitoring storage capacity and usage .................................................268 Viewing disk reports ..................................................................................268 Viewing NetBackup logs ...........................................................................269 Troubleshooting AdvancedDisk ......................................................................270 Unable to access storage ...........................................................................271 Multiple storage servers on Windows ....................................................271 Volume state changes to DOWN when volume is unmounted ...........272 Disk failure ..................................................................................................272 Restore or duplication operations ...........................................................273
Chapter 12
16
Zoning the SAN .................................................................................. 278 Installing array software on media servers ........................................... 279 Which software and version to install ............................................ 279 Configuring the disk array ....................................................................... 280 Add array host entries ...................................................................... 280 Allocate LUNs for NetBackup .......................................................... 281 Unmask the LUNs .............................................................................. 282 Configuring device paths .......................................................................... 282 Adding LUN entries to the sd.conf file ................................................... 282 Configuring SharedDisk ................................................................................... 282 Specifying the mount point directory .................................................... 283 Configuring exclusive LUN access in NetBackup ................................. 284 Configuring LUN masking ................................................................ 284 Configuring SCSI persistent reserve ............................................... 284 Switching exclusive LUN access methods ..................................... 285 New command options ...................................................................... 288 Creating a storage server in NetBackup ................................................. 289 Adding disk array logon credentials ....................................................... 292 Formatting the LUNs in a disk array ...................................................... 294 Configuring Storage Foundation dynamic multipathing .................... 297 Creating a SharedDisk disk pool ............................................................. 297 Enclosure method of SharedDisk disk pool creation ................... 299 Volumes method of SharedDisk disk pool creation ..................... 299 Creating a storage unit ............................................................................. 301 Storage unit properties ..................................................................... 301 Storage unit usage recommendations ............................................ 304 Creating a backup policy .......................................................................... 306 Restores ....................................................................................................... 306 Managing SharedDisk ....................................................................................... 306 Managing disk pools .................................................................................. 307 Changing disk pool properties ......................................................... 307 Adding volumes to a SharedDisk disk pool .................................... 309 Changing disk pool or volume state ................................................ 312 Merging disk pools ............................................................................. 313 Deleting a disk pool ........................................................................... 314 Obtaining disk pool and volume status ..........................................315 Managing disk array logon credentials .................................................. 315 Managing storage servers ........................................................................316 Viewing storage servers .................................................................... 317 Obtaining storage server status ...................................................... 317 Viewing storage server attributes ................................................... 318 Adding a SharedDisk storage server ............................................... 318 Removing storage server attributes ............................................... 319
17
Removing a storage server from disk pool access ........................320 Deleting a storage server ..................................................................320 Monitoring storage capacity and usage .................................................321 Viewing disk reports ..................................................................................321 Viewing NetBackup logs ...........................................................................322 Troubleshooting SharedDisk ...................................................................323 SharedDisk troubleshooting checklist ............................................324 Determining masked LUNs ..............................................................332 Checking out a SharedDisk disk volume ........................................333 Disk failure ..........................................................................................334 Restore or duplication operations ...................................................334
Chapter 13
Chapter 14
Chapter 15
Chapter 16
Chapter 17
18
Default Job Priorities host properties ............................................................ 359 JOB_PRIORITY bp.conf entry .................................................................. 360 Example of JOB_PRIORITY change ................................................. 361 Activity Monitor Job Priority setting ..............................................................362 Changing the Job Priority dynamically .................................................. 362 Job Priority setting for Tape Contents report ............................................... 363 Job Priority setting for Verify, Duplicate, and Import actions ................... 365 Job Priority setting for offline catalog backups ............................................ 366 Job Priority setting for restores ....................................................................... 368 Setting the Job Priority using the command line ......................................... 369 Changes to bpdbjobs .................................................................................. 370 set_priority ......................................................................................... 370 change_priority_by ............................................................................ 370 bp and bpadm menu interface changes .................................................. 371 bpadm management interface ......................................................... 371 bp client interface .............................................................................. 371 Database agent changes ................................................................................... 372 DataStore/XBSA ......................................................................................... 372 NetBackup for DB2 .................................................................................... 372 DB2 restores ....................................................................................... 373 NetBackup for Exchange .......................................................................... 373 NetBackup for Informix ............................................................................ 373 Lotus ............................................................................................................ 373 NetBackup for Oracle ................................................................................ 374 Oracle RMAN restores ....................................................................... 374 Oracle XML import restores ............................................................. 374 Oracle restores ................................................................................... 374 NetBackup for SAP .................................................................................... 375 NetBackup for SharePoint ........................................................................ 375 NetBackup for SQL Server ........................................................................375 NetBackup for Sybase ............................................................................... 375
Chapter 18
Chapter 19
19
Configuring the Key Management Service (KMS) for monitoring .............381 Clustered media servers on Windows 2008 ...................................................382 Changes to the bpclusterutil command ..........................................................383 bpclusterutil (Windows) ............................................................................383 bpclusterutil (UNIX/Linux) .......................................................................387
Chapter 20
NOM updates
NOM alert enhancements .................................................................................389 Removing the dependency on NOM Alert Manager and alerts database ...............................................................................................389 Improved alert policy configuration .......................................................390 Examples .............................................................................................390 Creating email and SNMP trap recipient groups ..................................391 Duplicate names between email and SNMP recipients/recipient groups ..........................................................................................391 Configuring the SNMP trap community name for NOM .....................392 Job detail and job priority enhancements ......................................................393 State Details and Priority columns added in the Job details view ......393 Changing the priority of NetBackup jobs from NOM ...........................394 Performance enhancements for the NOM server .........................................394 Moving a NOM 6.5 or 6.5.1 database to the original default location .......394
Chapter 21
20
nbdelete ....................................................................................................... 401 nbdevconfig ................................................................................................ 402 nbkmsutil .................................................................................................... 404 Operation descriptions ..................................................................... 404 Option descriptions ........................................................................... 405 nbpemreq .................................................................................................... 407 Operation descriptions ..................................................................... 408 Option descriptions ........................................................................... 408 nbstl ............................................................................................................. 409 New value for -uf option ................................................................... 409 New __NA__ value for many options .............................................. 410 New State field listed for -L and -l ................................................... 410 nbstlutil ....................................................................................................... 412 tpclean ......................................................................................................... 412 tpformat ...................................................................................................... 412 tpreq ............................................................................................................. 412 vmphyinv .................................................................................................... 413
Index
415
Chapter
Introduction
This guide describes changes to documentation in the NetBackup 6.5.2 release. For installation instructions, refer to the 652_README.txt file. This guide describes following features and changes:
How to configure and use NetBackup for VMware on page 23 Clustering NetBackup Operations Manager on page 61 Snapshot client updates on page 97 New data at rest key management on page 143 New database Administration tool for NetBackup relational databases on page 187 NetBackup for SharePoint Portal Server updates on page 209 NetBackup for Exchange support on page 221 NetBackup for Microsoft SQL Server updates on page 235 Synthetic Backup updates: Multiple copy backups on page 345 AdvancedDisk storage option updates on page 245 SharedDisk storage option updates on page 275 SAN Client and Fibre Transport updates on page 337 Remote NDMP and disk devices updates on page 341 Reverse host name lookup updates on page 377 New Activity Monitor displays job state details on page 351 New Job Priority defaults and overrides on page 357 Command line interface updates on page 397 NetBackup High Availability updates on page 381 NOM updates on page 375
22 Introduction
Chapter
NetBackup for VMware: introduction on page 23 NetBackup for VMware environment on page 24 Configuration tasks: overview on page 29 Configure NetBackup on page 31 Backing up VMware files on page 42 Restoring VMware files on page 43 Best practices on page 51 VMware support matrices on page 53 VMware logging on page 55 Troubleshooting on page 56 Terminology on page 59
For a list of all supported combinations of platforms and snapshot methods, see the NetBackup 6.x Snapshot Client Compatibility document:
http://seer.entsupport.symantec.com/docs/279042.htm
24 How to configure and use NetBackup for VMware NetBackup for VMware environment
process is off-loaded from the ESX server to a separate host that is called the VMware backup proxy server.
Reduces the backup processing load on the VMware ESX server. Automatically creates quiesced snapshots using the VMware sync driver (Windows only). Uses snapshot technology to keep virtual machines 100% available to users. Backs up and restores individual files or the full virtual machine. Restores the individual files from a full virtual machine backup, by means of the NetBackup FlashBackup-Windows policy type. Backs up virtual machines even when they are powered off (requires a VirtualCenter server).
Virtual machine
Virtual machines provide complete guest operating systems on virtualized hardware. In a NetBackup policy, a virtual machine is configured as a NetBackup client, even though NetBackup client software is not installed on the virtual machine. Alternative configurations are possible. See Best practices on page 51.
How to configure and use NetBackup for VMware NetBackup for VMware environment
25
ESX server
The VMware ESX server presents a virtualized hardware environment to multiple virtual machines; each virtual machine runs an independent operating system. Users can run applications in the virtualized OS as if the OS was installed in its own physical machine.
VirtualCenter server
The VMware VirtualCenter server coordinates multiple ESX servers and work loads by migrating virtual machines from one ESX server to another. The VirtualCenter server is optional in the NetBackup for VMware environment. It provides additional functionality such as the ability to back up powered down virtual machines.
Converter server
The VMware Converter server assists in full virtual machine restores to the ESX server. The Converter must be installed on the same host as the VMware backup proxy server.
26 How to configure and use NetBackup for VMware NetBackup for VMware environment
Environment diagram
The hardware components for NetBackup for VMware are shown in Figure 2-1. Figure 2-1
NetBackup master server 1 2 5 NetBackup storage unit (disk or tape) SAN VMware virtual disk files (datastore) must be available on SAN, iSCSI, or local network to both VMware backup proxy server and VMware ESX server. VMware ESX server runs virtual machines LAN / WAN 3
4 VMware backup proxy server acting as both NetBackup media server and Snapshot Client off-host client
Note: With VCB version 1.1 and ESX server 3.5, a SAN connection between the backup proxy server and the datastore is optional if you use the NBD or NBDSSL transfer type. See Configuring a VMware policy on page 32.
For full virtual machine backup: copies the disk files from the VMware virtual disk datastore. For file-level backup: mounts individual disk volumes from the VMware virtual disk datastore.
The NetBackup media server reads the data from the VMware snapshot on the proxy server and writes the data to the NetBackup storage unit.
How to configure and use NetBackup for VMware NetBackup for VMware environment
27
The NetBackup for VMware environment may have a VMware VirtualCenter that manages multiple ESX servers. Figure 2-2
NetBackup master server LAN / WAN VMware VirtualCenter
SAN
File-level: backs up ordinary files and folders on the virtual machine.The backed up files and folders can be individually restored. Does not support restore of the guest OS or of the virtual machine. Note: a file-level backup cannot back up the following:
The VMware virtual disk files that define the virtual machine. Windows system protected files (System State). Windows system directories such as the following:
C:\WINDOWS\system C:\WINDOWS\system32
Windows system database files (such as RSM Database and Terminal Services Database).
Full virtual machine: backs up an entire virtual machine as a set of virtual disk files. The backup includes all files and folders as well as operating system files and VMware virtual disk files. Supports restore of the guest OS and of the entire virtual machine. Also supports individual file restore for a Windows guest OS if the backup was made with the 2-Mapped FullVM or 3-FullVM and file for incremental option.
28 How to configure and use NetBackup for VMware NetBackup for VMware environment
NetBackup for VMware does not work with the VMware NetBackup Integration Module (VNIM). Conflicts can occur between NetBackup 6.5.x for VMware policies and any older script-based policies that use VNIM. See under Notes and tips on page 56. NetBackup master and media servers and the VMware backup proxy server must run NetBackup 6.5.2 or later. The VMware backup proxy server must run Windows 2003. The supported hardware types are the same as for any NetBackup Windows client. Further information is available on supported guest operating systems and VMware components and versions. See VMware support matrices on page 53. NetBackup for VMware does not support a USB drive as the snapshot mount point on the backup proxy server. This support will be added in a future release. For Windows virtual machines, the snapshot mount point on the backup proxy server must be a local drive, not network mounted. Do not set compression or encryption on the mount point. NetBackup for VMware does not support the NetBackup Instant Recovery feature. For UNIX and Linux virtual machines, NetBackup for VMware supports full virtual machine backup and full virtual machine restore only. VMware does not support VCB snapshots of virtual machines if a drive is assigned to the virtual machine in raw device mapping (RDM) mode. To restore individual NTFS encrypted files, you must install a NetBackup client on the virtual machine. See Best practices on page 51.
License requirements
NetBackup for VMware requires the NetBackup Snapshot Client license, which is included in the NetBackup Enterprise Client license.
How to configure and use NetBackup for VMware Configuration tasks: overview
29
Note: With VCB version 1.1 and ESX server 3.5, a SAN connection between the backup proxy server and the datastore is optional if you use the NBD or NBDSSL transfer type. 2 3 4 Install the VMware ESX server and virtual machines. Install VMware Tools on the virtual machines that you plan to back up. Optional: install a VirtualCenter server. The VirtualCenter server must not be installed on the same host as the VMware backup proxy server. 5 Install the VMware Converter server on the VMware backup proxy server. Note: the proxy server must be installed on Windows 2003. 6 Install a supported version of VMware Consolidated Backup (VCB) on the VMware backup proxy server. See VMware support matrices on page 53. Symantec recommends that the NetBackup media server and the VMware backup proxy server be installed on the same host.
Notes:
Ensure that the hardware and the SAN are configured properly. The VMware datastore where the target virtual machine files exist must be accessible to both the ESX server and the VMware backup proxy. Note that With VCB version 1.1 and ESX server 3.5, a SAN connection between the backup proxy server and the datastore is optional if you use the NBD or NBDSSL transfer type.
30 How to configure and use NetBackup for VMware Configuration tasks: overview
VMware has specific hardware and configuration requirements. VMware SAN requirements can be found in the VMware SAN Configuration guide. See http://www.vmware.com/pdf/vi3_san_guide.pdf
NetBackup tasks
Table 2-2 lists the NetBackup configuration tasks that are described later in this chapter and in other NetBackup documentation, as indicated. Table 2-2 NetBackup tasks
31
Configure NetBackup
This section describes the NetBackup configuration procedures.
2 3
VMware VirtualCenter server: for a VirtualCenter that manages multiple VMware ESX servers. Note: if you have a VirtualCenter, do not enter logon credentials for individual ESX servers. NetBackup uses credentials for the VirtualCenter only.
VMware ESX server: for ESX servers where there is no VirtualCenter. Use this dialog box to enter credentials for each ESX server. User name Enter the user name for the virtual machine server. Password Enter the password (and confirm it) for the virtual machine server. Connect using port number Unless the port number was changed on the VMware server, no port specification is required. If the Connect using port number box is checked, deselect it. VMware Consolidated Backup software determines the port.
5 6
Click OK. If your site has multiple ESX servers but no VMware VirtualCenter, use the Virtual Machine Server dialog box to enter credentials for each ESX server.
2 3
33
Click Perform snapshot backups and Perform off-host backup. Click Use virtual machine proxy and select the VMware proxy.
Select one of the following policy types: MS-Windows-NT For backup of individual drives or individual folders and files (Windows only). Cannot back up the entire virtual machine. For a backup of the entire virtual machine, choose FlashBackup-Windows. FlashBackup-Windows For backup of individual drives (Windows), or backup of the entire virtual machine (any supported virtual machine). For UNIX and Linux virtual machines, FlashBackup-Windows is the only supported policy type. The FlashBackup-Windows policy type has the following advantages:
Increases the backup speed as compared to standard file-order backup methods, if the virtual machine is heavily populated with small files.
Can create a backup from which you can restore either individual files or the full virtual machine.
Select a policy storage unit or storage unit group. Storage unit groups are described in the NetBackup Administrators Guide, Volume I. Select Perform snapshot backups. If Bare Metal Restore is installed, you must deselect Collect disaster recovery information for Bare Metal Restore to select Perform snapshot backups. The FlashBackup-Windows policy type automatically selects Perform snapshot backups. Select Perform off-host backup and Use virtual machine proxy. In the Virtual Machine Proxy Server field (Off-host backup machine on Windows): select the name of the VMware backup proxy server from the pull-down list. If the proxy server does not appear in the pull-down, make sure it was added to the Host Properties setting. See Adding the proxy server to NetBackup configuration on page 32. You may have to close and reopen the policy for the added proxy server to appear in the list. Click Snapshot Options.
6 7
35
Automatically selected when you choose Use virtual machine proxy on Attributes tab. Specify these options
Specify these values for the VMware snapshot method: Snapshot mount point A folder on the VMware backup proxy server. An example mount point is:
G:\mnt
If the folder does not exist on the VMware backup proxy, NetBackup creates it. This folder is used in one of two ways, depending on the Virtual Machine Backup parameter value you choose:
For file-level backups (0-File), the VMware backup proxy server mounts snapshots of individual virtual disk volumes in this folder. These snapshots are links to the virtual datastore. No virtual machine data is copied to this folder. For full virtual machine backups (1-FullVM or 2-Mapped FullVM), the VMware backup proxy server creates a snapshot of the entire virtual machine in this folder. This snapshot contains copies of all virtual disk files on the virtual datastore that constitute a point-in-time image of the entire virtual machine. Enough space must be available in this folder to contain the snapshot.
NOTE: For Windows virtual machines, the mount point must be a local drive, not network mounted. Also, do not set compression or encryption on the mount point. See The backup fails with status 156 on page 58. Virtual Machine Backup options 0-File: Backs up either of the following:
Individual folders and files, individual drives, or all local drives, with the MS-Windows-NT policy type.
Individual drives or all local drives, with the FlashBackup-Windows policy type. The 0-File option cannot be used to back up Windows system files or VMware virtual disk files. See Backup type: file-level and full virtual machine on page 27. 1-FullVM: Backs up the entire virtual machine. This option works with the FlashBackup-Windows policy type only. Individual files cannot be restored from this backup. 2-Mapped FullVM: Backs up the entire virtual machine. This option works with the FlashBackup-Windows policy type only. Two kinds of restore are possible: restore of the entire virtual machine or of individual folders and files. A tabular presentation of these parameters is available. See VMware backup options compared on page 41. 3-FullVM and file for incremental: A combination of options 2 and 0. Backs up the entire virtual machine for full backups, and backs up individual files, folders, or drives for incrementals. This option works with the FlashBackup-Windows policy type only. For incremental backups, this option saves time when transferring data to the backup proxy. Transfer type These options require VCB 1.1 and ESX server 3.5 or later. The transfer types determine how the snapshot data is sent from the VMware datastore to the VMware backup proxy. The appropriate option depends in part on the type of network that connects the VMware datastore to the VMware backup proxy.
0-SAN
For unencrypted transfer over Fibre Channel (SAN) or iSCSI. This value is the default. For unencrypted transfer over a local network that is using the Network Block Device (NBD) driver protocol. This type of transfer is usually slower than over Fibre Channel.
1-NBD
37
2-NBDSSL
For encrypted transfer (SSL) over a local network that is using the Network Block Device (NBD) driver protocol. This type of transfer is usually slower than over Fibre Channel. Provides transfer redundancy if the VMware datastore is available on both a SAN and a local network. With option 3, NetBackup attempts an unencrypted transfer over Fibre Channel (SAN) or iSCSI. If that fails, it transfers the snapshot data using the Network Block Device (NBD) driver protocol over the local network. Provides transfer redundancy if the VMware datastore is available on both a SAN and a local network. NetBackup attempts an unencrypted transfer over Fibre Channel (SAN) or iSCSI. If that fails, it transfers the snapshot data with SSL encryption using the Network Block Device (NBD) driver protocol over the local network.
VMDK type This option requires VCB 1.1 and ESX server 3.5 or later. It determines whether the virtual disk files are optimized for transmission to the backup proxy.
0-Optimized The virtual disk (vmdk) files are optimized so that only the necessary blocks are transferred. If a virtual machine has a 200 GB disk but only 10 GB are used, the vmdk file sent to the proxy is 10 GB plus the grain tables that describe the optimized vmdk files. 0-optimized is the default. If the policy storage unit is not PureDisk, accept the default. The virtual disk (vmdk) files are not optimized. The full vmdk file is sent. This option is needed only if the policy specifies a PureDisk storage unit. If the snapshot data is optimized, PureDisk cannot employ deduplication on it.
1-Full
10 Use the Schedules tab to define a schedule. 11 On the Clients tab, click New to specify virtual machines to back up.
Select a VirtualCenter or ESX server, or select individual virtual machines. To discover virtual servers on the network, click the Browse Virtual Machines box. Use the Find field to locate a virtual machine in the list. To enter the name of a virtual machine manually, uncheck the Browse Virtual Machines box. The format of the virtual machine name depends on your system. It may be the fully qualified name or another name, depending on your network configuration and how the name is defined in the guest OS. If NetBackup cannot find the name you enter, policy validation fails. The machine names that are listed may be derived from a cache file. Using the cache file is faster than rediscovering the machines on the network if your site has a large number of virtual machines. To update the cache file and re-display virtual machines, click the refresh option to the right of the Last Update field. This field shows the date and time of the most recent cache file that contains the names of virtual machines. For NetBackup to access the virtual machines, the following are required:
39
The VMware VCB must be installed on the VMware backup proxy server. The NetBackup master server must have credentials for the VMware VirtualCenter or ESX server(s). See Adding NetBackup credentials for VMware on page 31.
The browsing time-out value must not be set too low. See Changing the browsing time-out for virtual machine discovery on page 56. The virtual machines you selected are listed in the Clients tab.
12 Use the Backup Selections tab to specify the virtual machine files to back up. Click New. You can make entries manually, or click on the pull-down (UNIX) or hand icon (Windows) to select from available directives. Note: for VMware snapshot backup, the System_State directive (Windows 2000) and the ShadowCopy Components directive (Windows 2003) are not supported.
Enter any of the following and then click Add (on UNIX) or press Enter (Windows):
Individual Windows folders and files, if the policy type is MS-Windows-NT. Individual drive letters. The drive letter format depends on the policy type: MS-Windows-NT policy type Enter the drive letter as follows (for example): E:\ The drive letter must not be a network (shared) drive: it must specify a drive on the virtual machine. For MS-Windows-NT policies, you cannot back up the following: Windows System State, Windows ShadowCopy Components, Windows system files (such as on the C: drive), or VMware virtual disk files. To back up these files, use the ALL_LOCAL_DRIVES directive in a FlashBackup-Windows policy. FlashBackup-Windows policy type Enter the drive letter as follows (for example): \\.\E: The drive must be designated exactly as shown (E:\ is not correct). The ALL_LOCAL_DRIVES directive backs up all local drives on the virtual machines that are selected on the Clients tab. This entry is the only one supported for UNIX and Linux virtual machines. IMPORTANT: the kinds of files that are included in an ALL_LOCAL_DRIVES backup depend on the policy type and the VMware snapshot options, as follows.
MS-Windows-NT policy: the ALL_LOCAL_DRIVES directive backs up all data files on the virtual machines that are selected on the Clients tab. This directive does not back up the following: Windows System State, Windows system files (such as on C:), or VMware virtual disk files. FlashBackup-Windows policy: the ALL_LOCAL_DRIVES directive backs up all data files on the virtual machines. The ALL_LOCAL_DRIVES directive also backs up the following, if the snapshot option is 1-FullVM, 2-Mapped FullVM, or 3-FullVM and file for incremental: Windows System State files, Windows OS partitions that contain the Windows system files (usually C:), and VMware virtual disk files. See VMware backup options compared on page 41 for more details. For FlashBackup-Windows: if you chose value 1 or 2 for the Virtual Machine Backup parameter, ALL_LOCAL_DRIVES is the only entry allowed under Backup Selections.
41
13 On the policy Attributes tab: if you click Apply or OK, a validation process checks the policy and reports any errors. If you click Close, no validation is performed.
0-File
0-File
All data files and folders on all Individual folders and files local virtual machine drives, excluding Windows system files
Table 2-4 describes the backup options for FlashBackup-Windows policies. Table 2-4 VMware backup options for FlashBackup-Windows policies Virtual Machine What is backed up Backup parameter
0-File Individual drives as raw devices.
ALL_LOCAL_DRIVES directive
0-File
ALL_LOCAL_DRIVES directive
1-FullVM
VMware virtual disk files. Backup Entire virtual machine only is raw partition type.
42 How to configure and use NetBackup for VMware Backing up VMware files
Table 2-4
VMware backup options for FlashBackup-Windows policies Virtual Machine What is backed up Backup parameter
2-Mapped FullVM
VMware virtual disk files. Backup Entire virtual machine or is raw partition type. individual folders and files
Note that backup type 3-FullVM and file for incremental is a combination of types 2 and 0.
How to configure and use NetBackup for VMware Restoring VMware files
43
See the NetBackup Backup, Archive, and Restore Getting Started Guide for further instructions.
One-stage process: restore individual files to the virtual machine by restoring to the backup proxy. The VMware virtual machine drives to which restores are to be directed must be configured in one of two ways:
The virtual machine drives must be shared through the guest operating system on the virtual machine.
NetBackup client software must be installed on the VMware virtual machine. See Setting up NetBackup Client Service for restore to a shared virtual machine drive on page 44.
Two-stage process: 1, Restore individual files from the VMware backup proxy server to a NetBackup Windows client (not to the virtual machine). See the NetBackup Backup, Archive, and Restore Getting Started Guide on how to restore to different locations. 2, Manually copy the restored files to the Windows virtual machine. (NetBackup does not perform this step.)
Let NetBackup issue a VMware-provided script to restore the virtual machine to a designated virtual machine server. The virtual machine files are then removed from the staging machine. Use the VMware Converter application on your own to restore the virtual machine from the staging machine to the virtual machine server.
44 How to configure and use NetBackup for VMware Restoring VMware files
Setting up NetBackup Client Service for restore to a shared virtual machine drive
To restore individual files to a Windows virtual machine which has a shared drive, note: the NetBackup Client Service must be logged on as the Administrator account (not as the Local System account). The Administrator account lets NetBackup write to the directories on the virtual machine to which the data is restored. If you try to restore files while the NetBackup Client Service is logged on as the Local System account, the restore fails. To log on the NetBackup Client Service as Administrator 1 2 3 4 5 In Windows Services on the VMware backup proxy server, double-click the NetBackup Client Service. Check the Log On tab: if the service is not logged in as Administrator, stop the service. Change the logon to the Administrator account in the domain in which both the virtual machine and the proxy server reside. Restart the service. Retry the restore.
Restore notes
Note the following.
Unless a NetBackup client is installed on the virtual machine, NetBackup for VMware backups do not support user-directed restore. Only server-directed restores performed by the administrator are allowed. In the NetBackup Backup, Archive, and Restore interface, restore types labeled proxy restore do not apply to VMware backups. An example of such a restore type is from Normal Backup as a Proxy. These restore types do not refer to the VMware backup proxy server. Use the restore procedures that are described in this chapter. For VMware files that were encrypted on the virtual machine using Windows NTFS encryption, you must install a NetBackup client on the virtual machine.
How to configure and use NetBackup for VMware Restoring VMware files
45
An MS-Windows-NT policy. A FlashBackup-Windows policy with a Virtual Machine Backup parameter set to 0-File, 2-Mapped FullVM, or 3-FullVM and file for incremental.
To restore individual folders or files 1 Start the NetBackup Backup, Archive, and Restore interface. On UNIX servers, you can start the interface from the NetBackup Administration Console. On Windows, you must start the Backup, Archive, and Restore interface separately. Specify the source client and destination client and type of policy: UNIX: on the Restore Files tab, click Windows: click Files > Specify NetBackup Machines and Policy Type. Specify the following:
Server to use for backup and restores: the NetBackup master server that directed the backup. Source client for restores: the VMware virtual machine that was backed up. Destination client for restores: specify one of the following:
The VMware virtual machine that was originally backed up, if NetBackup client software has been installed on the virtual machine. The VMware backup proxy server. Note that NetBackup Client Service must be logged on as Administrator. See Setting up NetBackup Client Service for restore to a shared virtual machine drive on page 44.
Policy type for restores: the type of policy that made the backup (MS-Windows-NT or FlashBackup-Windows).
Select the type of restore: UNIX: on the Restore Files tab, select Normal Backups. Windows: click Files > Select Files and Folders to Restore > from Normal Backup UNIX: enter the Browse directory that contains the folders or files to restore.
46 How to configure and use NetBackup for VMware Restoring VMware files
6 7
Click the files you want to restore. Start the restore: UNIX: click Restore. Windows: click Actions > Restore... Windows: if NetBackup client software is not installed on the virtual machine, select one of the following:
Restore individual folders and files to different locations Destinations must be entered as UNC path names that refer to shared drives on the virtual machine. For example, to restore the file E:\folder1\file1 on virtual machine vm1, enter the following destination:
\\vm1\e$\folder1\file1
A FlashBackup-Windows policy. The Virtual Machine Backup parameter was set to any of the following:
1-FullVM 2-Mapped FullVM 3-FullVM and file for incremental, and the policy schedule was a full backup type.
To restore the full virtual machine 1 2 Start the NetBackup Backup, Archive, and Restore interface as described under Restoring individual folders and files on page 45. Specify the source client and destination client and type of policy: UNIX: On the Restore Files tab, click Windows: click Files > Specify NetBackup Machines and Policy Type. Specify the following:
Server to use for backup and restores: the NetBackup master server that directed the backup. Source client for restores: the VMware virtual machine that was backed up. Destination client for restores: the VMware backup proxy server. Policy type for restores: FlashBackup-Windows.
How to configure and use NetBackup for VMware Restoring VMware files
47
Select the type of restore: UNIX: on the Restore Files tab, select Restore type > Virtual Machine Backups. Windows: click the down arrow on the option to select Restore from Virtual Machine Backup. A restore window displays the backups available for restore. Select the virtual machine backup to restore. UNIX:
On the Restore Files tab, specify the Start date and End date within which to search for the backup. Click either of these options: Specify root (/) in the Browse directory field and press Enter. Click on the root folder that is displayed under Directory Structure.
48 How to configure and use NetBackup for VMware Restoring VMware files
Windows: In the NetBackup History pane, click on the VMware backup, then click on the item that is displayed under All Folders. You cannot select individual files. You must select the entire virtual machine.
Select restore options. UNIX: click Restore. Windows: click Actions > Restore.
How to configure and use NetBackup for VMware Restoring VMware files
49
Select from the following options on the Restore Marked Files dialog box:
Restore Options
Restore all virtual machine files to a virtual machine server automatically using VMware Converter Restores all virtual machine files to the staging machine that is specified on this dialog box. NetBackup then issues a VMware-provided script to restore the virtual machine to the virtual machine server you specify. After the restore is complete, the restored virtual machine is powered off. The virtual machine files are then removed from the staging machine. Note: If the virtual machine display name already exists on the Virtual machine server, the restore fails.
50 How to configure and use NetBackup for VMware Restoring VMware files
Perform identity restore to Select this option if you want to retain the restore UUID (Universal Unique UUID of the original virtual machine (note that Identifier) the UUID is a globally unique identifier). The virtual machine is restored with the same UUID that it had before the restore. This option requires that the previous virtual machine (the one that was backed up) has been deleted, so that the UUID is free. Note: if the UUID exists, the restore fails. The default (do not perform identify restore) checks to make sure that the display name of the new virtual machine (the one created by the restore) does not already exist. The virtual machine created by the restore is given a new UUID. Strip network information from Select this option to make sure that the virtual the virtual machine that has machine created for the restore does not have been restored the same IP address as the virtual machine that was backed up. The network information is deleted at the time of the restore. The default is to retain the IP information. Use the default if you have already deleted the virtual machine that was backed up and you want the virtual machine created by the restore to keep the same IP information as the original machine. Remove backing information for Select this option if you do not want to restore devices like DVD/CD-ROM hardware backing information from the drives, serial or parallel ports original image. Default settings will be substituted.
Restore all virtual machine files to the staging machine Restores all virtual machine files to the staging machine. NetBackup does not restore the files to the virtual machine server. You can use the VMware Converter application to restore the entire virtual machine from the staging machine to the Virtual machine server. See your VMware documentation. Restore Destination Choices
51
Select or enter the virtual machine server to which to restore the files. The list includes only the machines for which NetBackup has credentials. The default server is the one stored in the backup image information.
Staging machine for restoration: Select or enter the VMware backup proxy server to which the VMware files are temporarily restored. If you chose Restore the entire virtual machine, the files are then restored to the Virtual machine server and deleted from this staging server. The default is the VMware backup proxy server that was used for the backup. The name of that proxy server is stored in the backup image information. On this dialog box, the pull-down list for staging machines includes the VMware backup proxy servers that are defined in existing NetBackup policies. Restore staging location: Enter a Windows file path on the staging machine to which the virtual machine files are temporarily restored. The default is the VMware backup proxy server mount point that was stored in the backup image information.
Best practices
For an in-depth treatment on best practices, see the following: For a more efficient backup, the NetBackup media server and the VMware backup proxy server should be installed on the same host. VMware recommends that you run no more than four simultaneous backups of virtual machines that reside on the same datastore. On the VMware backup proxy server, the file system that contains the snapshot mount point undergoes extensive I/O during full virtual machine backup. For this reason, the file system should reside on a high performance device. On the VMware backup proxy server, the file system that contains the snapshot mount point should be reserved for snapshots only. It should also be on a dedicated SCSI or Fibre Channel bus. The file system that contains the snapshot mount point should be routinely defragmented. A heavily fragmented file system can adversely affect the performance of a FlashBackup-based backup.
http://www.symantec.com/business/products/whitepapers.jsp?pcid=2244&pvid=2_1
To increase backup throughput on the VMware backup proxy, define multiple snapshot mount points. Each mount point should be created on a disk that is connected on its own disk bus (such as SCSI or IDE). Thus, I/O activity that one policy creates can be isolated from I/O activity that other policies create. Successful VMware snapshots depend on the following:
The amount of I/O that occurs on the virtual machine datastore. Backups should be scheduled when relatively little I/O activity is expected. Reducing the number of simultaneous backups can also help. (Use the Limit jobs per policy attribute in the NetBackup policy.) The design of the I/O substructure that is associated with each virtual machine datastore. For correct I/O design and implementation, consult your VMware documentation.
Include in a single NetBackup policy those virtual machines that use the same datastore. This practice lets you control the amount of backup-related I/O that occurs per datastore and thus limit the backup impact on the target virtual machines. NetBackup supports multiple VMware backup proxy servers. When a single backup proxy is saturated with a backup process, another proxy can be added to increase backup throughput. Upgrade to the latest version of VMware Virtual Infrastructure, which includes the latest version of ESX server, VirtualCenter Server, and VCB.
More information
More information about VMware and NetBackup for VMware can be found in the following:
VMware Inc. provides an extensive set of manuals on VMware products. See the VMware ESX Server and VirtualCenter documentation at:
http://www.vmware.com/support/pubs/
For an in-depth treatment on best practices, see the following: Veritas NetBackup 6.5 for VMware 3.x Best Practices Guide (Symantec white paper). Veritas NetBackup 6.5 for VMware 3.x Implementation Guide (Symantec white paper).
http://www.symantec.com/business/products/whitepapers.jsp?pcid=2244&pvid=2_1
How to configure and use NetBackup for VMware VMware support matrices
53
VMware component
ESX server (including VMware Tools) VMware Consolidated Backup (VCB)
VMware guest OS
Windows Vista Windows XP 32bit/64bit
Windows 2008 32bit/64bit Windows 2003 32bit/64bit Windows 2000 32bit Windows NT 4.0
54 How to configure and use NetBackup for VMware VMware support matrices
Table 2-6
VMware guest OS
RHEL 2.1 RHEL 3.0 RHEL 4 32bit/64bit RHEL 5 32bit/64bit SLES 9 32bit/64bit SLES 10 32bit/64bit Solaris 10 64bit
File system
FlashBackup-Windows
1-FullVM
Notes
0-File
0-File
0-File
1-FullVM
55
0-File: For backup of individual files. Cannot back up Windows system files or VMware virtual disk files. 1-FullVM: For backup of the entire virtual machine only. 2-Mapped FullVM: For backup of the entire virtual machine. Allows restore of the entire virtual machine or of individual files. 3-FullVM and file for incremental (not included in Table 2-7): A combination of options 2 and 0. Backs up the entire virtual machine for full backups, and backs up individual files, folders, or drives for incrementals.
More information is available on these backup types. See Virtual Machine Backup options on page 36.
VMware logging
For log messages about VMware backup or restore, see the following NetBackup log folders. Table 2-8 Log folder The NetBackup logs that contain VMware messages Contains Resides on
install_path\NetBackup\logs\bpfis Messages on snapshot creation VMware backup proxy server and backup install_path\NetBackup\logs\bpcd Messages on snapshot creation VMware backup proxy server and backup Messages on restore NetBackup master server
install_path\NetBackup\logs\bprd
Note: These log folders must already exist in order for logging to occur. If these folders do not exist, create them. More detail is available on snapshot logs, logging levels, and the required folders. See the NetBackup 6.5 Snapshot Client Administrators Guide. A broader discussion of NetBackup logging is available. See the NetBackup Troubleshooting Guide.
Troubleshooting
This section covers a variety of troubleshooting topics.
VMware environmentimportant!
Unsupported equipment can cause many problems. Ensure that your VMware environment (including ESX servers, SAN devices, and backup proxy) conforms to all requirements and recommendations that are spelled out by VMware. For instance, if VMware does not support your HBAs, device drivers, or guest operating systems, NetBackup cannot work. For support details, see VMware documentation at the VMware support site (for example, the VMware compatibility guides).
Make sure you have the latest version of the VMware Consolidated Backup (VCB) on the VMware backup proxy server. NetBackup for VMware does not work with the VMware NetBackup Integration Module (VNIM). Note the following:
If VNIM is installed, do not configure a NetBackup for VMware policy (with the VMware snapshot method) to call any scripts that use VNIM. Such a policy results in a backup that fails. Do not run any NetBackup for VMware policy at the same time as a script-based policy that calls VNIM. If the two policies require access to the same virtual machine, a conflict may result and the backup may fail.
For incremental backups, make sure the VMware backup proxy server is correctly configured. Otherwise, NetBackup performs only full backups.
57
You cannot restore Windows operating system files from a file-level backup of a virtual machine. You can restore standard data files only. A restore of the operating system requires a full virtual machine backup. Make sure the VMware Tools are installed on each virtual machine. Otherwise, communication problems and other problems can result. You cannot restore VMware files onto the virtual machine itself, except under certain conditions. See VMware restore procedures: overview on page 43. Backups using the 1-FullVM, 2-Mapped FullVM, or 3-FullVM and file for incremental option are not supported if the snapshot staging area in VMware backup proxy has compression or encryption enabled. See under The backup fails with status 156 on page 58.
An incorrect virtual machine server name. Make sure that the server name is entered correctly. An invalid user name or password. Make sure that a valid user name and password were entered correctly. An incorrect port number. Make sure that the port number is correct, or you can uncheck the Connect using port number box. In most cases, no port specification is required. VMware Consolidated Backup software determines the port.
Use the ALL_LOCAL_DRIVES directive in the Backup Selections list, instead of listing individual drives. A drive letter that is specified in the policys Backup Selections list may be incorrect, or the drive may be down. Update the clients include list (Exceptions to exclude list), and fix or remove the drive entry in the Backup Selections list.
You cannot run more than one backup per virtual machine at a time. If you start a second backup of the same virtual machine while the first backup is active, the second job fails with a status 156. If the VMware backup proxy server has insufficient space in which to mount a snapshot of the virtual machine, the backup fails with status 156. The bpfis log on the VMware backup proxy server may contain a message such as the following:
13:35:37.859 [5536.1276] <2> onlfi_vfms_logf: [2007-09-21 13:35:34.578 'vcbMounter' 2204 error] Error: Failed to export the disk: There is not enough space on the disk
Free up additional space on the proxy server and rerun the backup.
If the VMware backup proxy server does not have access to the VMware datastore (VMware virtual disk files), the backup fails with status 156. The bpfis log on the VMware backup proxy server may contain messages such as the following:
12:23:29.998 [3892.3332] <2> onlfi_vfms_logf: [2008-05-07 12:23:26.279 'App' 3668 trivia] Attempting to open LVID:46a9ed36-ca235c12-1236-00001a1a24e4/46a9ed35-aa804fd4-6b99 -00001a1a24e4/1. 12:23:29.998 [3892.3332] <2> onlfi_vfms_logf: [2008-05-07 12:23:26.279 'App' 3668 error] No path to device LVID:46a9ed36-ca235c12-1236-00001a1a24e4/46a9ed35-aa804fd4-6b99 -00001a1a24e4/1 found. 12:23:29.998 [3892.3332] <2> onlfi_vfms_logf: 12:23:26.279 'BlockList' 3668 error] [2008-05-07
12:23:29.998 [3892.3332] <2> onlfi_vfms_logf: [2008-05-07 12:23:26.279 'SOAP' 3668 trivia] Sending soap request to [TCP:namur:443]: release 12:23:29.998 [3892.3332] <2> onlfi_vfms_logf: [2008-05-07 12:23:26.560 'BlockList' 3668 info] Closing connection namur:443:root
59
12:23:29.998 [3892.3332] <2> onlfi_vfms_logf: [2008-05-07 12:23:26.560 'SOAP' 3668 trivia] Sending soap request to [TCP:namur:443]: logout 12:23:29.998 [3892.3332] <2> onlfi_vfms_logf: [2008-05-07 12:23:26.638 'vcbMounter' 3668 error] Error: Failed to open the disk: Cannot access a SAN/iSCSI LUN backing this virtual disk. (Hint: Option "-m ndb" swtiches vcbMounter to network base disk access if this is what you want.) 12:23:29.998 [3892.3332] <2> onlfi_vfms_logf: [2008-05-07 12:23:26.638 'vcbMounter' 3668 error] An error occurred, cleaning up...
A disk was mounted on a virtual machine but the disk is assigned to the virtual machine in raw mode. As a result, the attempt to create a snapshot of the virtual machine fails. The bpfis log on the VMware backup proxy server may contain a message such as the following:
12:46:27.175 [2636.5628] <2> onlfi_vfms_logf: [2007-10-17 12:46:27.019 'App' 1976 verbose] Fault Msg: "Virtual machine is configured to use a device that prevents the snapshot operation: Device '' is a raw disk, which is not supported."
Backups that use the 1-FullVM, 2-Mapped FullVM, or 3-FullVM and file for incremental option are not supported if the snapshot mount point on the VMware backup proxy server has compression or encryption enabled. For the backup, the VMware backup proxy server copies the space-optimized VMware virtual machine images to its snapshot mount point. The Windows NTFS file system allocated for the snapshot mount point should not have the Compression or Encryption attribute set. If either attribute is set, backups succeed but single file restores cannot be performed from the backups.
Terminology
For further explanations of VMware terminology, refer to your VMware documentation.
datastore
In NetBackup for VMware, the datastore is a disk that contains the virtual machines files. The datastore must be available to both the VMware backup proxy server and the ESX server.
guest OS
An operating system that runs on a virtual machine.
hypervisor
A software virtualization layer that lets different operating systems run simultaneously on the same physical machine.
sync driver
Flushes OS buffers (Windows only) before VMware snapshots are initiated. The sync driver is installed by means of VMware Tools.
VCB
See VMware Consolidated Backup.
virtual machine
An execution environment that is created by the computer hardware and the hypervisor. The resulting virtualized environment allows different operating systems to run simultaneously on the same physical machine.
vmdk file
In a VMware ESX server, one or more vmdk files make up the disk image or virtual drive in a virtual machine. The .vmdk files contain the operating system, applications, and data in the virtual machine.
VMware Tools
Installed inside each VMware virtual machine. Enhances the virtual machine performance and adds backup-related functionality.
Chapter
About a NetBackup Operations Manager cluster Supported cluster solutions Installing/Upgrading to NOM 6.5.2 in a clustered mode Adding a new node to an existing NOM cluster Removing NetBackup Operations Manager from a cluster Administering a NOM cluster Limitations of a NOM cluster Troubleshooting a NetBackup Operations Manager cluster
You can cluster all the components of NetBackup Operations Manager. Installing NOM in a clustered environment makes NOM a highly available application.
About the NOM agent for Veritas Cluster Server on Windows and Solaris
A NOM cluster may comprise of two or more nodes. The active node (where the NOM application runs) is monitored with active checks to ensure that the system is operating correctly. The NOM agent for Veritas Cluster Server (VCS) monitors and controls specific hardware and software resources for NOM. The agent determines the status of these resources and starts or stops NOM according to external events. The NOM agent for VCS is installed when you install NOM 6.5.2. When the agent detects an application failure, the NOM resource group is failed over to another system in the cluster. Specific agent functions include the following:
Online Offline Monitor Clean Starts the NOM services. Stops the NOM services. Verifies the status of the NOM services. Stops all NOM services/daemons after detecting an unexpected offline operation or an ineffective online operation.
63
Sequence of steps for installing NOM 6.5.2 in a clustered mode See this Topic
Description
Perform preinstallation checks. See Installation Prerequisites on page 64. Install NetBackup client See Installing NetBackup client software on software on all the nodes of the page 65. cluster. Install Symantec Product Authentication Service on all the nodes of the cluster. Install NetBackup Operations Manager 6.5.2 on all the nodes of the cluster. Enter details for the pre-configuration checklist. Configure the NOM cluster See Installing Symantec Product Authentication Service on page 65.
See Pre-configuration checklist for a Solaris cluster on page 70. See Configuring NetBackup Operations Manager cluster on page 71. See Using NOM after the cluster is configured on page 85.
64 Clustering NetBackup Operations Manager Installing NOM 6.5.2 in a clustered mode on Windows and Solaris
Sequence of steps for installing NOM 6.5.2 in a clustered mode See this Topic
Description
Configure the Netbackup See Configuring the NetBackup master master servers so that they can servers on page 85. be monitored by NOM.
Note: These instructions assume that you want to install NOM 6.5.2 on all the nodes of a cluster. In case you want to install NOM only on some nodes, use these steps to install and configure NOM on the specific nodes.
Installation Prerequisites
This section contains information about the requirements that must be met before you install and configure NOM in a clustered mode.
Ensure that your hardware and software is supported by VCS and NOM 6.5.2. To know the list of platforms supported by NOM, see the NetBackup version compatibility matrix posted on the Support Web site (http://entsupport.symantec.com). To know if your hardware or software is supported by VCS, consult the VCS documentation. Set up a VCS cluster. Ensure that VCS is correctly installed and configured (VCS 4.1 and later versions and VCS 5.0 are supported with NOM 6.5.2). NOM 6.5.2 can be installed on as many nodes as VCS supports. Symantec recommends that the virtual name of the NOM cluster should not contain an underscore ( _ ) character. For example, a virtual name like nom_cluster is not recommended. For a Windows cluster, you must install a patch after you have setup a VCS cluster. You should install this patch before installing NetBackup Operations Manager. The patch along with the instructions is available at the following location: http://seer.entsupport.symantec.com/docs/278307.htm For a Windows cluster, verify that the cluster disk group(s) and dynamic volume(s) for NOM have been created on the shared storage. Refer to the Veritas Storage Foundation Administrators Guide for details on how to create these. For a Solaris cluster, make sure that each node in the cluster, on which you want to install NOM, is rsh equivalent. ssh must also be enabled on each node so that the NOMCAdmin utility can work properly. See Administering a NOM cluster on page 93.
Clustering NetBackup Operations Manager Installing NOM 6.5.2 in a clustered mode on Windows and Solaris
65
For a Solaris cluster, ensure that the shared disk is not mounted on any node in the cluster. If applicable, unmount the NOM shared mount point. Stop the volume the mount point is on and stop the disk group for that volume on all nodes. Ensure that you have an IP address and host name (virtual name) to be assigned to the NOM cluster. You must have administrator rights to the VCS cluster. The shared disk must be configured and accessible to all cluster nodes on which you want to install NOM. Ensure that you are installing a supported configuration of authentication service. See Installing Symantec Product Authentication Service on page 65.
66 Clustering NetBackup Operations Manager Installing NOM 6.5.2 in a clustered mode on Windows and Solaris
Note: Installing the authentication service locally on the NOM cluster is not supported on Windows. Symantec Product Authentication Service can be installed remotely in the following ways on Windows:
Remote authentication service in a non-clustered mode Authentication service is installed on a remote host in Root+AB mode. Installing the authentication service remotely means that you install the client APIs locally on the NOM server and install the authentication server component in Root + AB mode on a remote computer. The procedure to install authentication service remotely has been explained in the installation chapter in the Veritas NetBackup Operations Manager 6.5 Guide. Remote authentication service in a clustered mode Authentication service is installed as a clustered service on a remote host in Root+AB mode. This means that you install the client APIs locally on the NOM server and install the authentication server component as a clustered service (in Root + AB mode) on a remote server. Consult the Symantec Product Authentication Service Installation Guide to know the procedure to install authentication service remotely in a clustered mode. Figure 3-1 shows the supported configuration of authentication service on Windows.
Clustering NetBackup Operations Manager Installing NOM 6.5.2 in a clustered mode on Windows and Solaris
67
Figure 3-1
Local authentication service in a clustered mode Authentication service is installed as a clustered service locally on the NOM server on each node in the cluster. Consult the Symantec Product Authentication Service Installation Guide to know the procedure.
68 Clustering NetBackup Operations Manager Installing NOM 6.5.2 in a clustered mode on Windows and Solaris
Remote authentication service in a clustered mode Authentication service is installed as a clustered service on a remote host in Root+AB mode. This means that you install the client APIs locally on the NOM server and install the authentication server component as a clustered service (in Root + AB mode) on a remote server. Consult the Symantec Product Authentication Service Installation Guide to know the procedure to install authentication service remotely in a clustered mode. Remote authentication service in a non-clustered mode Authentication service is installed on a remote host in Root+AB mode. Installing the authentication service remotely means that you install the client APIs locally on the NOM server and install the authentication server component in Root + AB mode on a remote computer. The procedure to install authentication service remotely has been explained in the installation chapter in the Veritas NetBackup Operations Manager 6.5 Guide. Figure 3-2 shows the supported remote configurations for authentication service in a Solaris cluster. Supported remote configurations for Symantec Product Authentication Service
Figure 3-2
Clustering NetBackup Operations Manager Installing NOM 6.5.2 in a clustered mode on Windows and Solaris
69
After you complete the installation, ensure that Symantec Product Authentication Service is functional and works as expected.
The Authentication Service Host Name must be the same for all the nodes in a cluster. You need to enter a value for the Authentication Service Host Name while installing NOM on the Veritas Netbackup Operations Manager Security Options screen. In case you have installed authentication service as a clustered service, the Authentication Service Host Name must be the virtual name of the authentication service cluster for all the nodes of a cluster. If the authentication service has been installed remotely, the Authentication Service Host Name must be the name of the remote host for all the nodes of the cluster. Custom password must be the same for all the nodes of a NOM cluster. The NOM database must be installed at the default location for all the nodes in a cluster. The default location for the NOM database on Windows is INSTALL_PATH\NetBackup Operations Manager\db\data and on Solaris is /opt/VRTSnom/db/data.
Install the NOM 6.5.2 release update on all the nodes. Use the instructions in the NOM 6.5.2 ReadMe for your platform to upgrade from NOM 6.5 to NOM 6.5.2.
Pre-configuration checklist
The configuration script requests certain details during installation. Fill the checklist for your platform before configuring the NOM cluster. Note: Ensure that virtual name of the NOM cluster does not contain an underscore ( _ ) character.
70 Clustering NetBackup Operations Manager Installing NOM 6.5.2 in a clustered mode on Windows and Solaris
Shared drive letter __________________________ N: Shared drive path ___________________________ \nom_cluster Virtual name of the NOM cluster______________ nomvcswin Virtual IP address___________________________ 10.209.14.132 Subnet mask________________________________ 255.255.252.0 Network connection name___________________ LAN Node names on which NOM is installed________ SIGWINVCS1 SIGWINVCS2
Note: Symantec recommends that you do not use L: as a shared drive letter. L: is used by the NOMCAdmin command for administering a NOM cluster.
Clustering NetBackup Operations Manager Installing NOM 6.5.2 in a clustered mode on Windows and Solaris
71
Mount resource
Mount point________________________________ /opt/VRTSnomclus (default) Block device________________________________ /dev/vx/dsk/nom_group1/vol File system type_____________________________ ufs fsck options________________________________ (if you add other options, -y is also required)
Mount point________________________________ /opt/VRTSnomclus (default) Block device________________________________ /dev/dsk/c3t2d1s6 File system type_____________________________ ufs
Configure NetBackup Operations Manager cluster by running the following command from the active node:
INSTALL_PATH/NetBackup Operations Manager/bin/nomclusterconfig.exe
72 Clustering NetBackup Operations Manager Upgrading from a standalone NOM server to NOM 6.5.2 in clustered mode
3 4
Answer the questions based on the information gathered in the pre-configuration checklist for Windows. Read the following topic to know the changes after the NOM cluster has been configured. See Using NOM after the cluster is configured on page 85. Note: You must configure your managed NetBackup master servers to allow server access and data collection by NOM. See Configuring the NetBackup master servers on page 85.
To configure the NOM cluster on Solaris Note: Before starting this procedure, ensure that the shared disk is not mounted on any node in the cluster. If applicable, unmount the NOM shared mount point. Stop the volume the mount point is on and stop the disk group for that volume on all nodes. 1 2 Stop the NOM services on all the nodes. Run the following command:
/opt/VRTSnom/bin/NOMAdmin -stop_service
Configure NetBackup Operations Manager cluster by running the following command from any node where NOM 6.5.2 is installed:
/opt/VRTSnom/bin/cluster/cluster_config -s nom
The configuration utility mounts the NOM database on the shared disk. 3 4 Answer the questions based on the information gathered in the pre-configuration checklist for Solaris. Read the following topic to know the changes after the NOM cluster has been configured. See Using NOM after the cluster is configured on page 85. Note: You must configure your managed NetBackup master servers to allow server access and data collection by NOM. See Configuring the NetBackup master servers on page 85.
Clustering NetBackup Operations Manager Upgrading from a standalone NOM server to NOM 6.5.2 in clustered mode
73
Table 3-2 lists the steps to upgrade to NOM 6.5.2 on a Windows or Solaris cluster. Table 3-2 Step
1
Sequence of steps to upgrade to NOM 6.5.2 in a clustered mode See this Topic
See Prerequisites on page 74.
Description
Perform checks prior to upgrade. Upgrade your existing NOM installation to NOM 6.5.2. Create a VCS cluster. Install the NetBackup client software on all nodes of the cluster except the existing NOM server. Install Symantec Product Authentication Service on all nodes of a cluster except the existing NOM server. Install NetBackup Operations Manager 6.5.2 on the other nodes except the existing NOM server. Enter details for the pre-configuration checklist. Configure the NOM cluster.
See Upgrading your existing NOM installation to NOM 6.5.2 on page 75. See Creating a VCS cluster on page 80. See Installing NetBackup client software on page 80.
3 4
See Installing Symantec Product Authentication Service on the other nodes on page 80.
7.
See Pre-configuration checklist for a NOM cluster on page 81. See Configuring NetBackup Operations Manager cluster on page 83. See Using NOM after the cluster is configured on page 85.
10
Configure the Netbackup See Configuring the NetBackup master master servers so that they can servers on page 85. be monitored by NOM.
Note: These instructions assume that you want to install NOM 6.5.2 on all the nodes of a cluster. In case you want to install NOM 6.5.2 only on some nodes, use these steps to install and configure NOM on the specific nodes.
74 Clustering NetBackup Operations Manager Upgrading from a standalone NOM server to NOM 6.5.2 in clustered mode
Prerequisites
This section contains information about the requirements that must be met before you install and configure NOM in a clustered mode.
Before upgrading to NOM 6.5.2, ensure that the NOM database is installed at the default location on the existing NOM server. The default location for the NOM database on Windows is INSTALL_PATH\NetBackup Operations Manager\db\data and on Solaris is /opt/VRTSnom/db/data. Instructions for moving the NOM database from a custom location to the default location are available. See Moving a NOM 6.5 or 6.5.1 database to the original default location on page 394. Ensure that your hardware and software is supported by VCS and NOM 6.5.2. To know the list of platforms supported by NOM, see the NetBackup version compatibility matrix posted on the Support Web site (http://www.symantec.com/business/support/index.jsp). To know if your hardware or software is supported by VCS, consult the VCS documentation. Ensure that VCS is correctly installed and configured (VCS 4.x and 5.0 are supported with NOM 6.5.2). NOM 6.5.2 can be installed on as many nodes as VCS supports. Symantec recommends that the virtual name of the NOM cluster should not contain an underscore ( _ ) character. For example, a virtual name like nom_cluster is not recommended. For a Windows cluster, you must install a patch after you have setup a VCS cluster. You should install this patch before installing NetBackup Operations Manager. The patch is available at the following location: http://seer.entsupport.symantec.com/docs/278307.htm For a Windows cluster, verify that the cluster disk group(s) and dynamic volume(s) for NOM have been created on the shared storage. Refer to the Veritas Storage Foundation Administrators Guide for details on how to create these. For a Solaris cluster, make sure that each node in the cluster, on which you want to install NOM, is rsh equivalent. ssh must also be enabled on these nodes so that the NOMCAdmin utility can work properly. See Administering a NOM cluster on page 93. For a Solaris cluster, ensure that the shared disk is not mounted on any node in the cluster.
Clustering NetBackup Operations Manager Upgrading from a standalone NOM server to NOM 6.5.2 in clustered mode
75
If applicable, unmount the NOM shared mount point. Stop the volume the mount point is on and stop the disk group for that volume on all nodes of the cluster.
Ensure that you have an IP address and host name (virtual name) to be assigned to the NOM cluster. You must have administrator rights to the VCS cluster. Ensure that the other nodes use the same Authentication Service Host Name that is used by the existing NOM server. All the nodes in a cluster must use the same Authentication Service Host Name. Ensure that you are installing a supported configuration of authentication service. In a remote configuration of Symantec Product Authentication Service, all cluster nodes must use the same remote host. See Installing Symantec Product Authentication Service on page 65.
Case 1: Existing NOM server is NOM 6.0 (including its maintenance packs)
If you have an earlier NOM version installed on the existing NOM server like NOM 6.0 (including the maintenance packs), first upgrade to NOM 6.5. When you upgrade to NOM 6.5, you must install Symantec Product Authentication Service in a supported configurations.
76 Clustering NetBackup Operations Manager Upgrading from a standalone NOM server to NOM 6.5.2 in clustered mode
Authentication service is installed on a remote host in Root+AB mode. Installing the authentication service remotely means that you install the client APIs locally on the NOM server and install the authentication server component in Root + AB mode on a remote computer. The procedure to install authentication service remotely has been explained in the installation chapter in the Veritas NetBackup Operations Manager 6.5 Guide.
Remote authentication service in a clustered mode Authentication service is installed as a clustered service on a remote host in Root+AB mode. This means that you install the client APIs locally on the NOM server and install the authentication server component as a clustered service (in Root + AB mode) on a remote server. Consult the Symantec Product Authentication Service Installation Guide to know the procedure to install authentication service remotely in a clustered mode. After completing the installation, ensure that Symantec Product Authentication Service is functional and works as expected. Figure 3-3 explains how authentication service works in a remote configuration. Supported remote installation types for authentication service
Figure 3-3
Clustering NetBackup Operations Manager Upgrading from a standalone NOM server to NOM 6.5.2 in clustered mode
77
Local authentication service in a clustered mode Authentication service is installed as a clustered service locally on the NOM server on each node in the cluster. Consult the Symantec Product Authentication Service Installation Guide to know the procedure. Remote authentication service in a clustered mode Authentication service is installed as a clustered service on a remote host in Root+AB mode. This means that you install the client APIs locally on the NOM server and install the authentication server component as a clustered service (in Root + AB mode) on a remote server. Consult the Symantec Product Authentication Service Installation Guide to know the procedure to install authentication service remotely in a clustered mode. Remote authentication service in a non-clustered mode Authentication service is installed on a remote host in Root+AB mode. Installing the authentication service remotely means that you install the client APIs locally on the NOM server and install the authentication server component in Root + AB mode on a remote computer. The procedure to install authentication service remotely has been explained in the installation chapter in the Veritas NetBackup Operations Manager 6.5 Guide. Figure 3-4 explains how authentication service works in a remote configuration.
78 Clustering NetBackup Operations Manager Upgrading from a standalone NOM server to NOM 6.5.2 in clustered mode
Figure 3-4
See the following links for upgrading to NOM 6.5 on Windows and Solaris respectively: http://seer.entsupport.symantec.com/docs/295109.htm http://seer.entsupport.symantec.com/docs/295110.htm Use the NOM 6.5.2 ReadMe of your platform for installing NOM 6.5.2. After installing NOM 6.5.2, ensure that NOM is functional and is working as expected.
Clustering NetBackup Operations Manager Upgrading from a standalone NOM server to NOM 6.5.2 in clustered mode
79
For installing NOM 6.5.2 on a Solaris cluster, you should install Symantec Product Authentication Service on a remote host or locally on the NOM cluster nodes. If you are installing authentication service locally on the NOM server, you must install authentication service in a clustered mode. If you are installing authentication service remotely, you can install authentication service in clustered or non-clustered modes. See Installing Symantec Product Authentication Service on page 65. If your NOM server already uses a supported configuration on Windows and Solaris, see the following topic. See Creating a VCS cluster on page 80. If your NOM server does not use a supported configuration, review the following text. If you want to use clustered authentication service (local or remote), cluster the existing Symantec Product Authentication Service. Consult the Symantec Product Authentication Service documentation for the procedure. After this, configure the authentication service parameters using the following procedure. See To configure Symantec Product Authentication Service after installing NOM 6.5.2 on page 79. If you want to use remote configuration in a non-clustered mode (supported for both Windows and Solaris), configure the authentication server parameters by using the following procedure. See To configure Symantec Product Authentication Service after installing NOM 6.5.2 on page 79. Use the following procedure to configure Symantec Product Authentication Service in the supported configuration. To configure Symantec Product Authentication Service after installing NOM 6.5.2 1 Enter the following command:
NOMAdmin -change_NOM_AT_parameters
The authentication server parameters appear one by one. The current values of the parameters are specified in brackets. 2 Enter the new values next to the respective parameter. If you do not enter a new value for a parameter, the value of the parameter will not change. In case you want a remote configuration, enter the FQDN of the remote host as Authentication Service Host Name. In case you want to install authentication service as a clustered service, enter the virtual name of the authentication service cluster as the Authentication Service Host Name. You must restart the NOM services for these changes to be effective. Answer y to restart the NOM services.
80 Clustering NetBackup Operations Manager Upgrading from a standalone NOM server to NOM 6.5.2 in clustered mode
After following this procedure, ensure that NOM is functional and is working as expected.
Clustering NetBackup Operations Manager Upgrading from a standalone NOM server to NOM 6.5.2 in clustered mode
81
After you complete the installation, ensure that Symantec Product Authentication Service is functional and works as expected.
The Authentication Service Host Name must be the same for all the nodes in a cluster. You need to enter a value for the Authentication Service Host Name while installing NOM on the Veritas Netbackup Operations Manager Security Options screen. In case you have installed authentication service as a clustered service, the Authentication Service Host Name is the virtual name of the AT (Symantec Product Authentication Service) cluster. If the authentication service has been installed remotely (supported for both Windows and Solaris), the Authentication Service Host Name is the name of the remote host for all the nodes of the cluster. Custom password must be the same for all the nodes of a NOM cluster. The NOM database must be installed at the default location for all the nodes in a cluster. The default location for the NOM database on Windows is INSTALL_PATH\NetBackup Operations Manager\db\data and on Solaris is /opt/VRTSnom/db/data. See Moving a NOM 6.5 or 6.5.1 database to the original default location on page 394.
Install the NOM 6.5.2 release update on the other nodes in the cluster. Use the instructions in the NOM 6.5.2 ReadMe for Windows and Solaris to upgrade from NOM 6.5 to NOM 6.5.2. After the installation is complete, verify to see if NOM is working properly.
82 Clustering NetBackup Operations Manager Upgrading from a standalone NOM server to NOM 6.5.2 in clustered mode
Note: Ensure that virtual name of the NOM cluster does not contain an underscore ( _ ) character.
Shared drive letter__________________________ N: Shared drive path___________________________ \nom_cluster Virtual name of the NOM cluster______________ nomvcswin Virtual IP address___________________________ 10.209.14.132 Subnet mask_______________________________ 255.255.252.0 Network connection name___________________ LAN Node names on which NOM is installed________ SIGVCS1 SIGVCS2
Note: Symantec recommends that you do not use L: as a shared drive letter. L: is used by the NOMCAdmin command for administering a NOM cluster.
Clustering NetBackup Operations Manager Upgrading from a standalone NOM server to NOM 6.5.2 in clustered mode
83
Scenario 1 - Configuring a disk group (using VxVM) Disk group resource Example
Mount resource
Mount point________________________________ /opt/VRTSnomclus (default) Block device________________________________ /dev/vx/dsk/nom_group1/vol File system type_____________________________ ufs fsck options________________________________ (if you add other options, -y is also required)
Mount point________________________________ /opt/VRTSnomclus (default) Block device________________________________ /dev/vx/dsk/nom_group1/vol File system type_____________________________ ufs Mount option_______________________________ (optional) fsck options________________________________ (if you add other options, -y is also required)
84 Clustering NetBackup Operations Manager Upgrading from a standalone NOM server to NOM 6.5.2 in clustered mode
Configure NetBackup Operations Manager cluster by running the following command from the active node:
INSTALL_PATH\NetBackup Operations Manager\bin\nomclusterconfig.exe
3 4
Answer the questions based on the information gathered in the pre-configuration checklist. Read the following topic to know the changes after the NOM cluster has been configured. See Using NOM after the cluster is configured on page 85. Note: You must configure your managed NetBackup master servers to allow server access and data collection by NOM. See Configuring the NetBackup master servers on page 85.
To configure the NOM cluster on Solaris Note: Before starting this procedure, ensure that the shared disk is not mounted on any node in the cluster. If applicable, unmount the NOM shared mount point. Stop the volume the mount point is on and stop the disk group for that volume on all nodes. 1 2 Stop the NOM services on all the nodes. Run the following command:
/opt/VRTSnom/bin/NOMAdmin -stop_service
Configure NetBackup Operations Manager cluster by running the following command from the node which has the existing NOM server (with the database):
/opt/VRTSnom/bin/cluster/cluster_config -s nom
The configuration utility mounts the NOM database on the shared disk. 3 4 Answer the questions based on the information gathered in the pre-configuration checklist. Read the following topic to know the changes after the NOM cluster has been configured. See Using NOM after the cluster is configured on page 85. Note: You must configure your managed NetBackup master servers to allow server access and data collection by NOM. See Configuring the NetBackup master servers on page 85.
Clustering NetBackup Operations Manager Upgrading from a standalone NOM server to NOM 6.5.2 in clustered mode
85
NOM database files are moved to the shared disk. The Connected To pane in the NOM UI shows the virtual name of the NOM cluster instead of the local hostname of the machine on which NOM is installed. NOMCAdmin must be used for administering a NOM cluster instead of NOMAdmin. Running NOMAdmin in a clustered environment gives an error. See Administering a NOM cluster on page 93.
86 Clustering NetBackup Operations Manager Adding a new node to an existing NOM cluster
To add a new node to an existing NOM cluster on Solaris 1 2 Add the new node to the VCS cluster. Consult the VCS documentation for more details. Install the NetBackup client software shipped with NOM 6.5 on the new node. You can install the software from the Client CD/DVD. See the appropriate client sections of the NetBackup Installation Guide for instructions.
Clustering NetBackup Operations Manager Removing NetBackup Operations Manager from a cluster
87
Install Symantec Product Authentication Service on the new node. The installation type/configuration for the authentication service for the new node must be the same as the existing NOM cluster. For example, if authentication service has been installed remotely on the existing NOM cluster, then install authentication service in a remote configuration on the new node. This means that you install the authentication client on the new node and use the same remote host that is used by the NOM cluster. See Installing Symantec Product Authentication Service on page 65. Install NetBackup Operations Manager 6.5 software and then upgrade to NOM 6.5.2. See Installing NOM 6.5.2 in a clustered mode on Windows and Solaris on page 63. Note: The Authentication Service Host Name for the additional node must be the same as the other nodes in a cluster. If a custom password has been configured for the clustered nodes, the same custom password must be configured for the new node.
From an existing clustered node (where NOM is installed), run the following command:
/opt/VRTSnom/bin/cluster/cluster_config s nom o add_node n <new_node_name>
Uninstalling NOM 6.5.2 and rolling back to the previous standalone NOM version on Windows and Solaris
Use the following instructions to uninstall NOM 6.5.2 and rollback to your previous version (unclustered) which may be 6.5 or 6.5.1.
88 Clustering NetBackup Operations Manager Removing NetBackup Operations Manager from a cluster
To uninstall NOM 6.5.2 and rollback to your previous version on Windows 1 Bring the NOM resource group online on the node which you want to use as the standalone NOM server.
hagrp -switch <NOM_Resource_Group_Name> -to <system name>
2 3 4 5
Stop the NOM resource group and take its resources offline.
hagrp -offline <NOM_Resource_Group_Name> -any
Move the data folder from the shared disk to INSTALL_PATH\NetBackup Operations Manager\db directory. Offline all the NOM resources that are online.
hares -offline <Resource Name>
where <Resource Name> is the Mount resource name if a physical disk is configured. If a shared disk is configured using VxVM, the <Resource Name> includes mount, volume, and disk-group resource names. 6 7 8 9 Set the VCS configuration file to read/write mode.
haconf -makerw
The option -makero sets the configuration to read-only. 11 Use the following commands to configure the local hostname:
INSTALL_PATH\NetBackup Operations Manager\bin\admincmd\NOMCAdmin -changeDBS <hostname of the system> INSTALL_PATH\NetBackup Operations Manager\bin\admincmd\NOMCAdmin -changeHostName <hostname of the system>
where <hostname of the system> is the local hostname. 12 Open the Registry Editor. Open HKEY_LOCAL_MACHINE\SOFTWARE\Veritas\NetBackup Operations Manager\CurrentVersion\Config. Change the value of VXDBMS_NOM_DATA to INSTALL_PATH\NetBackup Operations Manager\db\data.
Clustering NetBackup Operations Manager Removing NetBackup Operations Manager from a cluster
89
13 In the Registry Editor, open HKEY_LOCAL_MACHINE\SOFTWARE\Veritas\NetBackup Operations Manager\CurrentVersion. Change the value of DB Data to INSTALL_PATH\NetBackup Operations Manager\db\data. 14 In the Registry Editor, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Veritas\NetBackup Operations Manager\CurrentVersion\Cluster. Right click on the Cluster key and click Delete. 15 Navigate to INSTALL_PATH\NetBackup Operations Manager\db\conf directory. Open the databases.conf file. Change the content of the databases.conf file to reflect the path of the NOM database. For example, if the content is "Z:\nom_cluster\db\data\vxpmdb.db", then change it to INSTALL_PATH\NetBackup Operations Manager\db\data\vxpmdb.db 16 Restart all the NOM services.
INSTALL_PATH\NetBackup Operations Manager\bin\admincmd\NOMAdmin -start_service
17 Uninstall NOM 6.5.2. See the uninstall instructions in the NOM 6.5.2 ReadMe for Solaris. You can also uninstall NOM 6.5.2 from the remaining nodes. To uninstall NOM 6.5.2 and rollback to previous version on Solaris 1 Bring the NOM resource group online on the node which you want to use as the standalone NOM server.
hagrp -switch <NOM_Resource_Group_Name> -to <system name>
2 3
Stop the NOM resource group and take its resources offline.
hagrp -offline <NOM_Resource_Group_Name> -any
Unlink the data directory located in /opt/VRTSnom/db. Enter the following command:
unlink /opt/VRTSnom/db/data
4 5 6
Browse to the NOM database on the shared drive (default location is /opt/VRTSnomclus/db) and move the data folder to /opt/VRTSnom/db. Offline all the NOM resources that are online.
hares -offline <Resource Name>
where <Resource Name> is the Mount resource name if a physical disk is configured. If a shared disk is configured using VxVM, the <Resource Name> includes mount, volume, and disk-group resource names.
90 Clustering NetBackup Operations Manager Removing NetBackup Operations Manager from a cluster
7 8 9
The option -makero sets the configuration to read-only. 12 Run the following commands to configure the local hostname:
/opt/VRTSnom/bin/NOMCAdmin -changeDBS <hostname of the system> /opt/VRTSnom/bin/NOMCAdmin -changeHostName <hostname of the system>
where <hostname of the system> is the local hostname. 13 Browse to /opt/VRTSnom/bin/cluster directory and delete the NBU_RSP file. This is done so that the NOMAdmin command can work. 14 Restart all the NOM services.
NOMAdmin -start_service
15 Uninstall NOM 6.5.2. See the uninstall instructions in the NOM 6.5.2 ReadMe for Solaris. You can also uninstall NOM 6.5.2 from the remaining nodes.
where <NOM_Resource_Group> is the name of the NOM resource group. 2 3 Bring the mount resource online.
hares -online <Mount_Resource_Name>
Browse to the NOM database on the shared disk and delete the db folder from INSTALL_PATH\NetBackup Operations Manager that contains the NOM database. Offline all the NOM resources that are online.
Clustering NetBackup Operations Manager Removing NetBackup Operations Manager from a cluster
91
where <Resource Name> is the Mount resource name if a physical disk is configured. If a shared disk is configured using VxVM, the <Resource Name> includes mount, volume, and disk-group resource names. 5 6 7 8 9 Set the VCS configuration file to read/write mode.
haconf -makerw
The option -makero sets the configuration to read-only. 10 Remove NetBackup Operations Manager 6.5.2. In the Add/Remove programs dialog box, select the Release Update to be uninstalled and click Remove. Click Yes to uninstall this Release Update. 11 Remove NetBackup Operations Manager 6.5. In the Add/Remove dialog box, select Veritas NetBackup Operations Manager and click Remove. Click Yes to remove NOM 6.5. 12 Remove Symantec Product Authentication Service. In the Add/Remove dialog box, select Symantec Product Authentication Service and click Remove. Click Yes to remove Symantec Product Authentication Service. Note: Symantec Product Authentication Service may be shared between other Symantec products. In case you have not installed any other Symantec products, you can remove Symantec Product Authentication Service. 13 Remove the NetBackup client. In the Add/Remove dialog box, select Veritas NetBackup Client and click Remove. Click Yes to remove NetBackup client. 14 Repeat step 10 through step 13 on all the remaining nodes to remove NOM completely.
92 Clustering NetBackup Operations Manager Removing NetBackup Operations Manager from a cluster
To remove NOM completely from Solaris 1 Stop the NOM resource group and take its resources offline.
hagrp -offline -force <NOM_Resource_Group> -any
where <NOM_Resource_Group> is the name of the NOM resource group. 2 3 Bring the mount resource online.
hares -online <Mount_Resource_Name>
Browse to the mount point on the shared disk and delete the db folder from /opt/VRTSnomclus (default mount point). The db folder contains files and data associated with the NOM database. Offline all the NOM resources that are online.
hares -offline <Resource Name>
where <Resource Name> is the Mount resource name if a physical disk is configured. If a shared disk is configured using VxVM, the <Resource Name> includes mount, volume, and disk-group resource names. 5 6 7 8 9 Set the VCS configuration file to read/write mode.
haconf -makerw
The option -makero sets the configuration to read-only. 10 Remove NOM 6.5.2. Change directory to the Release Update save directory (/usr/openv/pack/${PACK}/save where ${PACK} is the Release Update name) and run the un-install script:
./NB_update.uninstall
Enter y if you want to remove the shared components like VRTSweb and VRTSjre packages. You can remove the shared components if you do not have any other Symantec products installed. Enter y to remove NOM. 12 Remove Symantec Infrastructure Core Services Common (VRTSicsco), Symantec Private Branch Exchange and Symantec Product Authentication Service by running the following commands:
pkgrm VRTSicsco
93
13 Remove the NetBackup client. To remove the NetBackup client on Solaris, use the uninstall procedure listed in the clients section of NetBackup Installation Guide for Unix. 14 Repeat step 10 through step 13 on all the remaining nodes to remove NOM completely.
95
Installing the authentication service as a clustered service is supported on Solaris. Both local and remote AT clusters are supported. See Installing Symantec Product Authentication Service on page 65 for information on supported configurations. Master servers are added in clustered NOM but they are showing as offline? All node names of the NOM cluster as well as virtual name of the NOM cluster should be added in the additional server list of NetBackup. See Configuring the NetBackup master servers on page 85. After installing a cluster, I am unable to log into NOM. Why? Ensure that the NOM server service/process is up and running.
Chapter
Storage lifecycle policies with Instant Recovery snapshots on page 97 NetBackup RealTime Protection on page 102 New disk array snapshot methods in 6.5.2 on page 120 New options for vxvm snapshots on page 140
98 Snapshot client updates Storage lifecycle policies with Instant Recovery snapshots
NetBackup client
Tape library
RealTime server
RealTime storage
Disk array
Destination 1: NetBackup creates a consistent point-in-time state in RealTime storage. Point-in-time data is retained in the RealTime storage for 2 weeks, available for Instant Recovery.
Destination 2: The NetBackup media server creates a backup image from a RealTime snapshot and copies the image to the disk array on the SAN. For data that is more than 2 weeks old, recovery can be made from the array.
Destination 3: The NetBackup media server duplicates the disk image and sends the duplication to tape. For data that is more than 6 months old, recovery can be made from tape.
Snapshot client updates Storage lifecycle policies with Instant Recovery snapshots
99
To create a lifecycle policy for Instant Recovery snapshot-based backups 1 Create a lifecycle policy with two or more storage destinations. Use the Storage > Storage Lifecycle Policies node of the NetBackup Administration Console. Click Actions > New > Storage Lifecycle Policies. Click Add. Here are suggestions for a lifecycle policy for RealTime Protection and multiple storage destinations:
For snapshots, select Snapshot on the New Storage Destination dialog. You can specify a retention period appropriate for snapshots (such as two weeks). Click OK. Note that storage units are not used for snapshots. Storage units are used only for backup (and duplication) images. For backup copies to disk, select Backup on the New Storage Destination dialog. Specify a disk storage unit and a longer retention period (such as six months). Click OK. For backup copies to tape, select Duplication on the New Storage Destination dialog. Specify a tape storage unit and a longer retention period (such as five years). Click OK and finish creating the lifecycle policy.
Create a policy for snapshots. (Use the Policies node of the Administration Console.) On the policy Attributes tab:
Do not specify the lifecycle policy in the Policy storage unit / lifecycle policy field. The lifecycle policy should be specified in the schedule, as explained later in this procedure. Select Perform snapshot backups. For RealTime Protection with lifecycles, Symantec recommends selecting Retain snapshots for Instant Recovery. This option is required if you want NetBackup to keep the snapshot after the backup occurs. Click Snapshot Client Options. To use RealTime Protection, select the CDP snapshot method for Solaris or VSS for Windows. (Other methods can be used if you are not backing up a client that uses NetBackup RealTime Protection.) See NetBackup RealTime Protection on page 102. On the Snapshot Options dialog box, the Maximum Snapshots (Instant Recovery only) parameter sets the maximum number of snapshots to be retained at one time. When the maximum is reached and another snapshot is created, the oldest snapshot is deleted. Note: if you also set a snapshot retention period in the lifecycle policy of less than infinity
100 Snapshot client updates Storage lifecycle policies with Instant Recovery snapshots
(step 1), the snapshot is expired when either of these settings takes effect (whichever happens first). For example, if the Maximum Snapshots value is exceeded before the snapshot retention period specified in the lifecycle policy, the snapshot is deleted. The same is true for the Snapshot Resources pane on the Snapshot Options dialog box. If the snapshot method requires snapshot resources, the maximum number of snapshots is determined by the number of devices specified in the Snapshot Device(s) field. For example, if two devices are specified, only two snapshots can be retained at a time. Note: if you also set a snapshot retention period in the lifecycle policy of less than infinity (step 1), the snapshot is expired when either of these settings takes effect. In other words, either the Snapshot Device(s) field or the snapshot retention period in the lifecycle policy can determine the retention period. 3 Create a schedule for the policy. As shown in Figure 4-1 on page 98, a lifecycle configuration with three storage destinations is an intelligent means of managing CDP snapshot-based backups. You can create a single schedule for backups and let the lifecycle policy govern their destinations and retention periods.
Under Destination: If you selected Retain snapshots for Instant Recovery on the policy Attributes tab, make sure that Snapshots and copy snapshots to a storage unit is selected on the schedule (not Snapshots only). Important: if you select Snapshots only on the schedule, a lifecycle policy cannot be used. In the Override policy storage selection field, select the lifecycle policy that you created at step 1.
Under Schedule type: set an appropriate frequency, such as 1 day. When the Snapshot Client policy executes this schedule, the lifecycle policy named in the Override policy storage selection field creates images on the destinations named in the lifecycle policy. The lifecycle policy also sets the retention periods for the images it creates. In this example, the retention is six months for backups to disk and five years for tape.
To make full use of RealTime Protection with Instant Recovery, create another schedule to make CDP snapshots more frequently. This schedule will not be managed by lifecycle policies.
Under Schedule type: compared to the schedule created at step 3, specify a higher frequency (such as 1 hour). Under Destination: select Snapshots only. Do not specify a lifecycle policy for this schedule. Likewise, do not specify a lifecycle policy under the Policy storage unit / lifecycle policy
Snapshot client updates Storage lifecycle policies with Instant Recovery snapshots
101
field of the policy Attributes tab. Lifecycle policies do not manage snapshots without backups. For Retention: specify the same period that you set for the Snapshot destination on the New Storage Destination dialog (under step 1). In this example, two weeks. With this configuration, the snapshot-only schedule creates a CDP snapshot every hour. The other schedule (which specifies the lifecycle policy under the Override policy storage selection field) creates a snapshot and backup to disk and tape once per day. This configuration provides an inexpensive means of continuous data protection. More detailed information on using NetBackup RealTime Protection is available. See NetBackup RealTime Protection on page 102.
Troubleshooting
If you configure a snapshot method for a policy, and the schedule specifies a lifecycle policy, the life cycle policy must include a snapshot destination. Otherwise, an error such as the following appears in the NetBackup Problems report:
snapshot backup: tashina11_1204305543 cannot be used with a lifecycle policy NoSnapshot that does not include a snapshot destination.
Veritas NetBackup RealTime Protection Installation Guide Veritas NetBackup RealTime Protection Administrator's Guide
By means of Snapshot Client and database agents, NetBackup can quiesce client activity and create transactionally consistent snapshots. NetBackup provides a simple interface for data restore. NetBackup lets you browse backup images for particular files and folders, and automates the task of copying the data to the designated restore host. NetBackups implementation of snapshot-only backups with RealTime is highly efficient, consuming virtually no RealTime server resources until you select items to restore.
Types of backup
NetBackup RealTime provides the following types of backup:
Snapshot-only backup (no backup to a storage unit). The snapshot relies on NetBackups Instant Recovery feature. Snapshot-based backup to a storage unit. The data from the snapshot is copied to the storage device attached to the NetBackup media server. The snapshot is deleted when the backup operation is complete. Snapshot-based backup to a storage unit. The snapshot is retained for Instant Recovery.
103
annotation
A special time stamp that allows access to the data that was captured at that point in time in RealTime storage. The NetBackup client and its data that are protected by RealTime. You define an application using Recovery Manager. See the Veritas NetBackup RealTime Protection Installation Guide.
application
application host
A NetBackup client that contains RealTime components, such as the Recovery Manager and the host splitter. See the Veritas NetBackup RealTime Protection Installation Guide.
assets
The client data defined by a RealTime application. The assets comprise a set of volumes or devices that RealTime protects. A server that maintains, for a limited time, a continual history of all write operations taking place on the application assets on the client. By means of this history, the RealTime server can reassemble the client data as it existed at any point in time, thus providing continuous data protection. See TimeImage. A pool of disk storage used by the RealTime server for creating a full copy of client data when RealTime protection is applied, and for tracking time ordered writes on the protected data. Web-based management console for RealTime Protection. An exact reproduction of the protected client data (assets) at a particular time. In NetBackup, a TimeImage is created in one of the following circumstances:
RealTime server
RealTime storage
When you select items to restore When a backup job creates a snapshot from which to copy data to a storage unit.
timeline
The window of time within which the Real Time server maintains protection for client data (assets). The timeline is maintained by the RealTime server as a result of the RealTime data capture process. The timeline may slide forward in time, depending on how much space is allocated in the RealTime storage and how many changes occur in the application assets.
105
Table 4-1
Snapshot-based backups and resulting annotations and TimeImages Resulting RealTime action
Snapshot-based backup to a storage unit, The RealTime server creates an annotation and the snapshot is retained for Instant and a TimeImage. The TimeImage data is Recovery written to the storage unit. The annotation and TimeImage are retained.
A NetBackup policy directs a backup job to write the point-in-time data to a storage unit. To do so, NetBackup directs the RealTime server to create an annotation and to create a TimeImage based on the annotation. NetBackup copies the data from the TimeImage to the designated storage unit. A restore is requested. When you browse files and folders to restore, the RealTime server finds the appropriate annotation. If a TimeImage does not already exist for the annotation, the RealTime server creates one. The data is restored from the TimeImage.
LAN / WAN NetBackup master server NetBackup client (application host) NetBackup media server and/or alternate client
NetBackup storage unit (tape or disk)
RealTime Server
RealTime Storage
For a snapshot-only backup (no image copied to a storage unit), the client directs the RealTime server to place an annotation in the RealTime timeline. No TimeImage is created unless you select items to restore. For a snapshot-based backup to a storage unit, the client directs the RealTime server to place an annotation in the RealTime timeline and to create a TimeImage in RealTime storage. For a snapshot-based backup with a retained snapshot, the client directs the RealTime server to place an annotation in the RealTime timeline and to create a TimeImage in RealTime storage. The TimeImage is retained as called for in the NetBackup policy.
For a snapshot-based backup to a storage unit (with or without a retained snapshot), the following occurs:
The NetBackup client sends the TimeImage data to the NetBackup media server.
107
The media server writes the data to the storage unit that is designated in the policy.
For a snapshot-based backup to a storage unit without a retained snapshot, the client directs the RealTime server to delete the TimeImage when the backup to storage is complete. For all types of backup (including snapshot only), the master server updates the NetBackup catalog. When the backup image expires, all relevant annotations in the RealTime timeline are deleted as well as any existing TimeImages.
5 6
If a TimeImage of the requested data does not already exist, the client directs the RealTime server to create a TimeImage in RealTime storage. If the asset is a file system, the client directs the RealTime server to mount the TimeImage on a path that the client can access. For a file system, the client copies the data directly from the mounted file system. For a raw device, the client does a block-by-block copy from the raw device.
The client copies the data from the TimeImage to the requested location.
If the restore is from a storage unit, the media server restores the data from the storage unit.
later access to the data that is captured in RealTime storage. For instance, when NetBackup needs to start a restore, it directs the RealTime server to use the appropriate annotation to create a TimeImage of the protected assets. Thus, the timeline represents two things:
A period of time during which the RealTime server protects the application assets by capturing all changes. A repository from which the RealTime server can recreate a point-in-time image of the application assets.
RealTime protection is first applied at 8:00. As of 12:00, protection has been running for 4 hours, capturing in RealTime storage all changes occurring in the application. 8:00 9:00 10:00 11:00 12:00 13:00 14:00 15:00
Shortly after 12:00, the change rate on the application increases rapidly. At 12:30, to preserve space in RealTime storage, the timelines start point moves forward 30 minutes. The application changes that were captured between 8:00 and 8:30 are discarded, to save space in RealTime storage. 8:00 9:00 10:00 11:00 12:00 13:00 14:00 15:00
109
Obsolete annotations
When the timeline moves forward to save space in RealTime storage, any backup annotations that NetBackup placed in the timeline prior to the new start time become obsolete. That is, the captured data to which the annotations refer is removed. Removing older data is a normal part of RealTime operation. If the backup data was written to a storage unit, the data can be recovered from the storage unit. But a TimeImage cannot be recovered and the annotation is of no further use. When NetBackup runs the next backup for the policy, the obsolete annotations and any associated TimeImages are removed. Figure 4-4 Example of RealTime timeline in motion, with annotations
Indicates an annotation.
RealTime protection is first applied at 8:00. NetBackup snapshot-only backups occur each hour, each backup placing an annotation in the timeline. 8:00 9:00 10:00 11:00 12:00 13:00 14:00 15:00
Shortly after 12:00, the change rate on the application increases rapidly. At 12:30, to preserve space in RealTime storage, the timelines start point moves forward 30 minutes. The application changes that were captured between 8:00 and 8:30 are discarded, to save space in RealTime storage. 8:00 9:00 10:00 11:00 12:00 13:00 14:00 15:00
The first annotation created at 8:00 is now obsolete. The data to which it refers is removed. The annotation is removed when the next backup for the policy is run.
It is important to allocate a lot of space in RealTime storage if you are protecting assets with a high data change rate. To determine whether any annotations are obsolete, see Cannot browse backups to restore on page 119.
Logical volumes
VxVM None
License requirements
NetBackup RealTime Protection requires NetBackup licensing, including a Snapshot Client license key.
NetBackup RealTime does not support Instant Recovery rollback restore or block level incremental backup. NetBackup RealTime supports FlashBackup policies, but not FlashBackup-Windows policies. See Configuring a NetBackup policy on page 114. For database agents, NetBackup RealTime currently supports Oracle (Solaris only). When a RealTime application is updated by either adding or removing assets (such as by adding or removing a mount point), reapplying RealTime protection to the application restarts any existing timeline. Note that any NetBackup snapshots created before the timeline was restarted become obsolete. See Obsolete annotations on page 109.
111
NetBackup automatically removes these snapshots the next time a backup is run for the NetBackup policy. Note that backups to a storage unit are not removed. Only the snapshot is removed.
To configure a RealTime application to be used with off-host alternate client backup, see the following tech note: http://entsupport.symantec.com/docs/303966 NetBackup does not support backing up a federated application, even though the RealTime Protection server supports federated applications. A federated application is one with protected assets that span multiple clients. Snapshot-only backups should not be set for long retention periods. See Obsolete annotations on page 109. HBA persistent target bindings may be required for the application hosts HBAs. On application hosts that require persistent target bindings, the binding ensures that the TimeImages appear at the same device location when the application host reboots. Refer to your HBA vendor documentation for help configuring persistent bindings. Note: On Solaris, persistent target bindings are not needed if you use Suns Leadville stack (StorageTek SAN Foundation) or the Sun branded QLogic driver or Sun branded Emulex HBA driver. See Determine if persistent bindings are needed in HBA file (Solaris only) on page 111.
If HBA persistent target bindings are required, Symantec recommends that you configure 1024 LUNs in the Solaris sd.conf file. See Update sd.conf for import of TimeImages (Solaris only) on page 113.
Use the first procedure below to determine whether your SAN attached disks already have world-wide names as the target component of the device name. If the disk paths are using world-wide names as the target, no persistent bindings are needed in the HBA configuration file. See Determining if devices are using world-wide names on page 112. If the devices are not visible to the application host, use the second procedure to determine what HBA driver the application host is using. If the host uses Suns Leadville stack (StorageTek SAN Foundation) or the Sun branded QLogic driver or Sun branded Emulex HBA driver, no persistent bindings are needed in the HBA configuration file.
Example output:
DevicePath Vendor Product ID EnclosureId DeviceId [Ctl,Bus,Tgt,Lun] ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------/dev/rdsk/c3t50001FE150070028d2s6 HP HSV200 5000-1FE1-5007-0020 6005-08B4-0010-5F49-0000-5000-7ED1-0000 [00,00,00,00] /dev/rdsk/c3t5006048ACCD21C80d0s6 EMC SYMMETRIX 000187910258 0000 [00,00,00,00]
The example lists device paths for an HP disk and an EMC disk. In both cases, the target component of the device name is a world-wide name, rather than a SCSI target number. The target designation of the HP disk is t50001FE150070028 and for the EMC disk it is t5006048ACCD21C80. Since these target numbers are world-wide names, no configuration for persistent binding is needed for these disks in the HBA configuration file.
Example output:
38 29 12c6e47 12058c1 50212 153 83803 272 1 qlc (SunFC Qlogic FCA v20040825-1.40) 1 qla2300 (QLogic FC Driver v4.18)
The QLogic HBA driver listed in the first line is Sun branded, as indicated by SunFC in SunFC Qlogic FCA v20040825-1.40. The QLogic driver listed in the second line is not Sun branded. 2 To find the Emulex HBA driver, enter the following:
113
modinfo | grep -i lp
Example output:
43 132b560 512e0 263 1 lpfc (Emulex LightPulse FC SCSI/IP)
Install the RealTime application host packages on all NetBackup clients and any alternate clients. Define the RealTime application and apply protection. Install NetBackup client software and the Snapshot Client license. Configure a NetBackup policy Start a backup and do a restore
See the Veritas NetBackup RealTime Protection Administrators Guide. See the NetBackup Installation Guide and the NetBackup Snapshot Client Administrators Guide. See Configuring a NetBackup policy on page 114. See Performing a backup on page 117. See Performing a restore on page 117.
2 3
115
Policy type
Perform snapshot backups Select this option. Retain snapshots for Instant Recovery Perform off-host backup Use alternate client Select this option for a snapshot-only backup, or to keep the snapshot after the backup completes. You can use an alternate client to reduce backup I/O processing on the primary client. The alternate client performs the backup on behalf of the primary client.
Click the Snapshot Client Options button to display the Snapshot Options dialog box. Specify the following:
Snapshot method for this policy Configuration Parameters: Maximum Snapshots (Instant Recovery only)
Enter the maximum number of snapshots to be retained at one time. This option applies only to backups with the Instant Recovery feature. This parameter applies to Windows only. Select 3-hardware.
Provider Type
Snapshot Attribute
This parameter applies to Windows only. Accept the default (0-unspecified), which lets NetBackup select the correct attribute.
cdpr_server
This parameter applies to Solaris only. Enter the fully qualified host name of the RealTime server.
All types are supported. NetBackup creates a snapshot and copies it to the storage unit specified on the Attributes tab.
Snapshots only
NetBackup creates an annotation in the timeline. The snapshot is created when you select items to restore. This option is highly space efficient but not recommended for long term storage. To use a storage lifecycle policy to manage backups, enter the name of the lifecycle policy. Important: if you select Snapshots only, a lifecycle policy cannot be used. See Storage lifecycle policies with Instant Recovery snapshots on page 97.
6 7
In the Clients tab, enter the fully qualified name of one or more NetBackup clients that are defined as RealTime application hosts. In the Backup Selections tab, specify the RealTime assets to be backed up. The following types of entries are allowed:
Important:
The items in this list must represent all the assets in the RealTime application(s) you are backing up with this policy. If a RealTime applications assets, for example, have been defined as three file systems, all three file systems must be entered here. If you enter only one or two of the file systems for the application, the policy fails to validate when you click OK. The items in this list can span multiple applications, but cannot list partial assets in any application (as noted in the previous bullet). When backing up a VxVM volume, all of the protected LUNs for a given application must exist in the same VxVM disk group. That is, an applications protected LUNs cannot span multiple VxVM disk groups. NetBackup does not support backing up a federated application. A federated application is one with RealTime protected LUNs that span multiple clients.
117
Performing a backup
See Table 4-3 for a list of NetBackup Realtime prerequisites. The procedure for backing up RealTime assets is the same as for backing up data on any NetBackup client. See the NetBackup Backup, Archive, and Restore Getting Started Guide.
Performing a restore
You can use NetBackup to restore data to the original client, to an alternate location on the original client, or to a different client. Note the following:
Each time you restore from a snapshot-only backup, if the snapshot does not already exist, NetBackup creates it. Creating the snapshot consumes some disk space in RealTime storage. Note that prior to selecting items to restore, a snapshot-only backup consists of annotations only, which require virtually no disk space. RealTime is VxVM disk-group centric, not volume centric. If you restore a volume that shares a disk group with other volumes, all volumes in that disk group are restored. This could have unexpected results. Point-in-time rollback restore is not supported.
Resides on
NetBackup client
NetBackup client
Note: These log folders must already exist in order for logging to occur. If the folders do not exist, create them. More detail is available on snapshot logs, logging levels, and the required folders.
See the NetBackup 6.5 Snapshot Client Administrators Guide. A broader discussion of NetBackup logging is available. See the NetBackup Troubleshooting Guide.
Troubleshooting
The following information may be helpful.
Logging
The NetBackup bpfis log is a good source of troubleshooting information. See NetBackup RealTime logging on page 117.
RealTime protection has not been applied to the items listed in the policy Backup Selections list. See the Veritas NetBackup RealTime Protection Installation Guide. One or more of the items in the policy Backup Selections list were entered incorrectly. The policy Backup Selections do not list all the assets defined for a RealTime application. The Backup Selections items must represent all the assets in the RealTime application(s) you are backing up with this policy. If, for example, the Backup Selections include only one of several file systems that were defined for a RealTime application, the policy fails to validate.
119
14:38:59.003 [16772] <32> onlfi_fim_split: error was reported 14:38:59.003 [16772] <32> onlfi_fim_split: vfm_freeze_commit: method: CDP, type: FIM, function: CDP_freeze_commit 14:38:59.003 [16772] <32> onlfi_fim_split: error 6; see follow ing message: 14:38:59.003 [16772] <32> onlfi_fim_split: CDP_freeze_commit: create timei mage failed with status 48
FTL -
For more details on this problem, see the following NetBackup tech note: http://entsupport.symantec.com/docs/303966
In the case of NetBackup RealTime, the annotation for the backup you want to browse may have become obsolete. Rendering older annotations obsolete is a normal function of RealTime protection, to save space in RealTime storage. Note that you can always restore your NetBackup data as long as the policy created a storage unit backup that has not expired. If the backup created a retained snapshot, the snapshot depends upon a valid annotation in the RealTime timeline. The attempt to browse fails if the annotation is no longer in the current RealTime protection timeline. A message similar to the following may appear in the /usr/openv/netbackup/logs/bppfi log. The location of the log depends on the type of backup. For an off-host alternate client backup, the bppfi log is on the alternate client. For a local host backup (not alternate client), the bppfi log is on the primary client.
15:13:15.802 [17768] <4> Error: createTimeImage failed with retcode 6 (RC_ERROR) 15:13:15.802 [17768] <4> [USER][ERROR][minneapolis:312] Cannot create timeImage: Imagetime before timeline start
If the backup was a snapshot only backup, the backup succeeds but the attempt to restore fails. The contents of the folder that you are trying to browse do not appear. A message similar to the following may appear in the NetBackup bppfi log on the client or alternate client.
120 Snapshot client updates New disk array snapshot methods in 6.5.2
14:32:40.089 [18728] <4> create_timeimage: host [s1.snappy.com] not found on appliance 14:32:40.089 [18728] <4> mount_frag: create timeimage failed with status 48
For more details on this problem, see the following NetBackup tech note: http://entsupport.symantec.com/docs/303966
Snapshot method
Hitachi_CopyOnWrite
Hitachi_ShadowImage
IBM_DiskStorage_FlashCopy
121
Install supported HBAs on the NetBackup primary client and alternate clients.
Zone the client HBAs through the Fibre See your Fibre Channel documentation. Channel switch, so the array is visible to the primary client and any alternate clients. Install NetBackup and array vendor See the appropriate installation snapshot management software on the documentation. NetBackup primary client and any alternate clients. Configure source and snapshot devices on the array (such as LUNs). See your array documentation.
122 Snapshot client updates New disk array snapshot methods in 6.5.2
OS-specific configuration
This topic describes the configuration tasks that are related to the operating system on the NetBackup client.
Dynamic multipathing
In a SAN fabric, it is advantageous for multiple pathways to exist from a host computer to a device on a disk array. The purpose of dynamic multipathing software is the following:
Manage the pathways so that only one is in use at a time Switch to another pathway if the one in use fails
HBA configuration
The supported HBAs are Emulex and QLogic. For certain HBAs, the arrays target number cannot be guaranteed on the host without persistent bindings. A persistent device target number ensures that snapshots appear at the same device location if a NetBackup client host reboots. Refer to your HBA vendor documentation for help configuring persistent bindings. Note: Persistent target bindings are not needed if you use Suns Leadville stack (StorageTek SAN Foundation) or the Sun branded QLogic HBA driver or Sun branded Emulex HBA driver. See Determine if persistent bindings are needed in HBA file (Solaris only) on page 111.
123
This command queries the hosts SCSI bus for all the SCSI (or Fibre) attached devices that are visible. Example output from an AIX host, for Hitachi and IBM arrays, followed by a description:
DevicePath Vendor Product ID EnclosureId DeviceId [Ctl,Bus,Tgt,Lun] --------------------------------------------------------------------------------/dev/hdisk8 HITACHI OPEN-V-CM 10266 241 [00,00,144640,00] /dev/hdisk9 HITACHI OPEN-V 10266 840 [00,00,144640,01] /dev/hdisk36 IBM 1814 FAStT IBM.1814-SN72500637 60:0A:0B:80:00:29:7B:00:00:00:11:5A:47:D2:29:6C [00,00,660992,08] /dev/hdisk39 IBM 1814 FAStT IBM.1814-SN72500637 60:0A:0B:80:00:29:7B:00:00:00:11:77:47:D4:AC:9A [00,00,660992,09] /dev/hdisk34 IBM 1750500 IBM.1750-13ADDTA 1723 [00,00,662016,1075265571] /dev/rdsk/c2t6d11s6HITACHI DF600F6484 48 [00,00,00,00] /dev/rdsk/c2t6d10s6HITACHI DF600F6484 46 [00,00,00,00] /dev/rdsk/c2t10d3s6HITACHI OPEN-V-SUN 45027 18 [00,00,00,00] /dev/rdsk/c2t10d0s6HITACHI OPEN-V-CM 45027 0 [00,00,00,00]
DevicePath
Represents the actual access point for the device as it exists on the client host. Unique for each physical disk array. Unique for a physical or virtual disk in an enclosure. The Enclosure ID/Device ID pair constitutes a host-independent designation of a particular physical or virtual disk within a disk array. Controller, bus, target, and LUN numbers are the elements that designate a particular physical or virtual disk from the perspective of the client host computer.
EnclosureId DeviceId
Ctl,Bus,Tgt,Lun
Software that is required for IBM 6000 and 8000 Where to install
Default location
Version
5.2.2.224 or higher
2 3 4 5 6
125
that is used for off-host backup processing but is not included in any policys Clients list. To allow the host to access credentials 1 In the NetBackup Administration Console, click Host Properties > Master servers > double click name of master server > Properties > Credential Access. Click Add to enter the name of the client. Then click OK.
The nickname (on the IBM 6000/8000) must be the same as the NetBackup client name. In the IBM 6000/8000 Storage Manager interface, the host type for AIX may not be obvious: select IBM pSeries. As part of the host definition, select the WWPN of the NetBackup client. Your NetBackup client must be properly zoned on the SAN to allow communication between it and the array.
2 3
Repeat step 1 for each NetBackup client or alternate client that uses the array. Create a volume group and associate the volume group with the NetBackup host you have defined on the array. For details, refer to your IBM documentation. Create logical volumes (or logical drives) for the volume group. This step makes the volumes or drives visible to the NetBackup client. For details, refer to your IBM documentation.
The LUN ID of the primary and snapshot (clone) logical volume can be found from the array by means of DSCLI commands or the IBM Storage Manager interface. To use DSCLI commands to obtain the device identifiers 1 Find the host connection and its corresponding volume group by entering the following:
lshostconnect -dev enclosure_ID
Sample output:
dscli> lshostconnect -dev IBM.1750-6866123 Date/Time: December 17, 2007 4:18:02 PM IST IBM DSCLI Version: 5.2.2.224 DS: IBM.1750-6866123 Name ID WWPN HostType Profile portgrp volgrpID ESSIOport ==================================================================================== ============ oigtsol05 0000 10000000C956A9B4 Sun SUN - Solaris 0 V11 all oigtaix03 0022 10000000C969F60E pSeries IBM pSeries - AIX 0 V46 all oigtaix02 0023 10000000C94AA677 pSeries IBM pSeries - AIX 0 V47 all
Find the volumes presented to this volume group and to the host:
showvolgrp -dev enclosure_ID volume_group
dscli> showvolgrp -dev IBM.1750-6866123 V47 Date/Time: December 17, 2007 4:21:01 PM IST IBM DSCLI Version: 5.2.2.224 DS: IBM.1750-6866123 Name oigtaix02 ID V47 Type SCSI Mask Vols 0002 0003 0004 0005 0006 0007 0008 0009 0031
The values listed for Vols are the LUN ids. 3 Find out which device on the host corresponds to a given logical volume. Enter the following:
/usr/openv/netbackup/bin/nbfirescan
To use the IBM Storage Manager web interface to obtain the device identifiers 1 In the Storage Manager, click Real-time manager > Manage hardware > Host systems.
127
2 3
Click on the host for which you need to find the volumes presented. The volume groups that are associated with the host are displayed. Click on the volume group to get the list of the logical volumes that are configured in this volume group. The Number column indicates the LUN ID.
6 7
129
Enter the unique IDs for the clone LUNs in the Snapshot Device(s) field. To enter multiple IDs, place a semicolon between them. Note the following:
The clone LUNs must be unmasked to the client (or alternate client) before you start a backup. For Instant Recovery backups, the Snapshot Device(s) entries determine where and in what order the snapshots are retained.
The IBM System Storage DS6000 Series: Copy Services http://www.redbooks.ibm.com/redpieces/abstracts/sg246782.html http://www.redbooks.ibm.com/abstracts/sg246783.html The IBM System Storage DS8000 Series: Copy Services http://www.redbooks.ibm.com/abstracts/sg246787.html http://www.redbooks.ibm.com/abstracts/sg246788.html
Example output:
Model :RAID-Manager/LIB/Solaris Ver&Rev:01-12-03/04
where dg_name and device_name are the names specified in the CCI configuration file for the primary device.
131
Example output:
nbfirescan v4.4.2 - Copyright (c) 2005-2007 Symantec Corp. Rescanning devices..............................................Complete. Device count: 37 DevicePath Vendor Product ID EnclosureId DeviceId [Ctl,Bus,Tgt,Lun]
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------/dev/rdsk/c3t50060E801029F700d22s6 HITACHI DF600F 10816 /dev/rdsk/c3t50060E801029F700d1s6 HITACHI DF600F-CM 10816 0201 0003 [00,00,00,00] [00,00,00,00]
The last line of the above example shows a command device (DF600F-CM).
The name of the host group must match the host name or fully qualified domain name of the client as specified in the NetBackup policy. The name should not be more that 16 characters in length. For host entries in the host groups, specify the WWNN/WWPN of each host.
Example output:
DevicePath
Vendor
Product ID
EnclosureId
DeviceId
[Ctl,Bus,Tgt,Lun]
----------------------------------------------------------------------------------------------------------------------------------------------------------------------/dev/rdsk/c2t6d15s6 /dev/rdsk/c2t6d14s6 HITACHI HITACHI DF600F DF600F 6484 6484 53 52 [00,00,00,00] [00,00,00,00]
The Enclosure ID is the serial number and the Device ID is the arrays device ID.
5 6
133
The ID must be entered without leading zeroes. For example, if the LUN ID is 0110, enter 110 in the Source Device field. 7 Enter the unique IDs for the clone LUNs (for Hitachi_ShadowImage method) or the snapshot LUNs (for Hitachi_CopyOnWrite) in the Snapshot Device(s) field. To enter multiple IDs, place a semicolon between them. The ID must be without leading zeroes. For example, if the LUN ID is 0111, enter 111 in the Snapshot Device(s) field. Note the following:
The LUNs must be unmasked to the client (or alternate client) before you start a backup. For Instant Recovery backups, the Snapshot Device(s) entries determine where and in what order the snapshots are retained.
Troubleshooting
This topic provides troubleshooting assistance.
Before you start a backup, the snapshot device (clone) must be visible (unmasked) to the NetBackup client or alternate client. For backup and Instant Recovery rollback restore: you must supply login credentials that allow the NetBackup client to access the IBM array. For NetBackup hosts not named in a policy (such as alternate clients), you must also configure NetBackup so that the host can access the credentials. Backups may appear to succeed, but the bprd log on the server contains messages similar to the following:
09:02:17.999 [4292.3092] <2> is_disk_client_configured: db_cred_allowed(host1.enterprise.com, 1) failed: 227 09:02:17.999 [4292.3092] <2> read_text_file: is_disk_client_configured(host1.enterprise.com) failed: 227 09:02:17.999 [4292.3092] <2> process_request: read_text_file failed - status = client is not validated to use the server (131)
Until credential access is enabled, a backup or a point-in-time rollback fails with NetBackup status 5. See Configuring NetBackup to access the array on page 124. See Array access for NetBackup hosts not named in a policy on page 124.
The snapshot device (clone) is not visible (unmasked) to the NetBackup client or alternate client. Recommended action: Make the clone device visible to the NetBackup client or alternate client before you retry the backup. Contact IBM technical support or refer to your IBM array documentation. The snapshot device (clone) is also a source device in another device pair. The following message may appear in the /usr/openv/netbackup/logs/bpfis/ibmtsfi.log.date log:
CMUN03041E mkflash: Copy Services operation failure: already a FlashCopy source
Recommended action: Reconfigure source and clone devices so that the clone required for this backup is not a source device for another clone. Contact IBM technical support or refer to your IBM array documentation.
The snapshot device (clone) and source device are not of equal size. The following message may appear in the /usr/openv/netbackup/logs/bpfis/ibmtsfi.log.date log:
CMUN03049E mkflash: Copy Services operation failure: incompatible volumes
Recommended action: Reconfigure source and clone devices to be identical in size. Contact IBM technical support or refer to your IBM array documentation.
The source device is already recording enabled for FlashCopy. The following message may appear in the /usr/openv/netbackup/logs/bpfis/ibmtsfi.log.date log:
CMUN03027E mkflash: FlashCopy operation failure: action prohibited by current FlashCopy state. Contact IBM technical support for assistance.
Recommended action: verify whether the source device has a FlashCopy relationship with some device other than the snapshot device (clone) specified in the policy. If a FlashCopy relationship exists with some other device, delete the relationship and start the backup again.
The IBM FlashCopy license is not installed. The following message may appear in the /usr/openv/netbackup/logs/bpfis/ibmtsfi.log.date log:
CMUN03035E mkflash: Copy Services operation failure: feature not installed.
Recommended action: Install the FlashCopy license on the storage subsystem. Contact IBM technical support or refer to your IBM array documentation.
135
The FlashCopy relationship is not recording enabled. The following message may appear in the /usr/openv/netbackup/logs/bpfis/ibmtsfi.log.date log:
CMUN03027E resyncflash: FlashCopy operation failure: action prohibited by current FlashCopy state. Contact IBM technical support for assistance
Recommended action:
Make sure a FlashCopy relationship exists for the device pair. If the FlashCopy relationship is not recording enabled, remove the FlashCopy relationship and then re-run the backup.
A FlashCopy relationship does not exist. The following message may appear in the /usr/openv/netbackup/logs/bpfis/ibmtsfi.log.date log:
CMUN03027E resyncflash: FlashCopy operation failure: action prohibited by current FlashCopy state. Contact IBM technical support for assistance.
A resynchronize operation was attempted on a FlashCopy pair that does not exist. Recommended action: Verify that a FlashCopy pair does not exist, and then re-execute the backup.
Incremental Copy is in progress. The following message may appear in the /usr/openv/netbackup/logs/bpfis/ibmtsfi.log.date log:
CMUN02498E resyncflash: The storage unit is busy.
A background copy is in progress for the given pair of devices on the array.
Some maintenance activity is currently in progress on the array. Recommended action: Allow the background copy or maintenance activity to complete. Then re-run the backup.
RAID Manager version 01-12-03/04 or later is required. See Checking the RAID Manager version on page 130. Before you start a backup, the snapshot device (clone LUN or snapshot LUN) must be visible (unmasked) to the NetBackup client or alternate client.
For the NetBackup policy Snapshot Resource configuration, specify device IDs in decimal and without leading zeros. For example, if your source device ID is 0100 and the snapshot device ID is 0101, enter 100 and 101 in the Snapshot Resources dialog box. See Configure a NetBackup policy for Hitachi_ShadowImage or Hitachi_CopyOnWrite on page 132.
The Hitachi command device is not unmasked. See the sample log messages in the next bullet. Recommended action: Refer to Hitachi documentation for creating and unmasking command devices. The Hitachi command device is unmasked but is not visible to client, or the enclosure ID specified in the policys Snapshot Resources is invalid. The /usr/openv/netbackup/logs/bpfis/hitachi.log.<date> log may contain messages similar to the following:
Fri Mar 21 2008 16:26:46.431046 <Pid - 9477 / Thread id - 1> Entering Function delayedInit [110, providers/hitachi/hitachi_plugin.cpp] Fri Mar 21 2008 16:26:49.173893 <Pid - 9477 / Thread id - 1> <Device name="/dev/rdsk/c4t50060E801029F700d2s6" udid="UDID##HITACHI##HDS##75040816##3" bus=" 0" target="0" lun="0" vendor="HITACHI" product="DF600F-CM" /> Fri Mar 21 2008 16:26:49.174493 <Pid - 9477 / Thread id - 1> Exiting Function delayedInit [110, providers/hitachi/hitachi_plugin.cpp] If the delayedInit message does not include at least one entry for the
enclosure ID that was entered in the policys Snapshot Resources, the command device is not unmasked or is not visible to NetBackup client (host). Recommended action: Make sure the command device is recognized by the operating system and that the enclosure ID is entered correctly in the policy's Snapshot Resources. To determine if the command device is recognized by the operating system, try device discovery commands such as the following:
devfsadm cfgadm -al
A log message for the enclosure ID would include an entry such as the following:
c3t50060E801029F700d28 <HITACHI-DF600F-CM-0000 cyl 52 alt 2 hd 50 sec 768>
137
A mismatch exists between the policys snapshot method and the type of LUNs specified for the Snapshot Devices. For example, if you select the Hitachi_ShadowImage method but specify snapshot LUNs instead of clone LUNs for the Snapshot Devices, an error occurs. See the sample log messages in the next bullet. Recommended action: Specify the correct snapshot method or snapshot devices. A disk pair was not created for the source and snapshot devices specified in the NetBackup policys Snapshot Resources. The /usr/openv/netbackup/logs/bpfis/hitachi.log.<date> log may contain messages similar to the following. If the snapshot method is Hitachi_CopyOnWrite:
Fri Mar 21 2008 16:26:49.173893 <Pid - 9477 / Thread id - 1> HITACHI_FIM_SNAPSHOT not supported for 10
Recommended action: Set up a disk pair (primary and secondary) for the source and snapshot devices that are specified in the policys Snapshot Resources. Refer to the Hitachi documentation.
In the policys Snapshot Resources, the device identifier for the source or snapshot device is invalid. The /usr/openv/netbackup/logs/bpfis/hitachi.log.<date> log may contain messages similar to the following:
Fri Mar 21 2008 16:26:49.173893 <Pid - 9477 / Thread id - 1> getrminfo failed. Fri Mar 21 2008 16:26:49.173893 <Pid - 9477 / Thread id - 1> operation failed with error number <> with message <msg>'.
The above message may indicate that a device ID in the policys Snapshot Resources is incorrect or does not exist. For example, if the specified snapshot device ID does not exist:
Mon May 12 2008 21:32:32.088876 <Pid - 8040 / Thread id - 1> getrminfo is called for '9999'. Mon May 12 2008 21:32:32.089736 <Pid - 8040 / Thread id - 1> getrminfo failed. Mon May 12 2008 21:32:32.090003 <Pid - 8040 / Thread id - 1> operation failed with error number '-1' with message '[EL_CMDRJE] An order of the control command rejected.'.
Recommended action: Make sure the identifiers are correctly entered in the policys Snapshot Resources. Specify source and snapshot IDs without leading zeros. See Configure a NetBackup policy for Hitachi_ShadowImage or Hitachi_CopyOnWrite on page 132.
The RAID Manager library libsvrrm.so software is not installed in the /usr/lib/ directory. Recommended action: Install the RAID Manager package in /usr/lib/. See the Hitachi documentation. The installed version of RAID Manager library libsvrrm.so is not supported. Recommended action: Look for the Library RMLIB version message in the /usr/openv/netbackup/logs/bpfis/hitachi.log.<date> log. See Checking the RAID Manager version on page 130.
A problem occurred involving the Hitachi instance number. For example, the Hitachi snapshot provider did not receive the instance number for the command device. The instance number is needed to connect to the array. The /usr/openv/netbackup/logs/bpfis/hitachi.log.<date> log contains the following message:
Couldn't get instance no failed with message ....
The attachcmddev message should list the Hitachi command device (for the enclosure ID that was specified in the policy) and the instance number. If the Hitachi command device is not included in the message, then the instance number was not received. A limited number of instance numbers are allowed per command device. If the maximum number of processes are using the same command device, no more instance numbers are available. This situation may indicate a problem with the instance number management logic of the Hitachi provider. Note also the following potential messages:
Fri Mar 21 2008 16:26:49.818233 <Pid - 9477 / Thread id - 1> Entering Function attachCmd [156, providers/hitachi/hitachi_rmlibintf.cpp] Fri Mar 21 2008 16:26:49.173893 <Pid - 9477 / Thread id - 1> Couldn't get instance no failed with message '%s'.
139
Fri Mar 21 2008 16:26:49.818308 <Pid - 9477 / Thread id - 1> Exiting Function attachCmd [156, providers/hitachi/hitachi_rmlibintf.cpp]
These messages indicate that the instance number is not available. A problem may exist with the instance number management logic. Recommended action:
where enclosure id is the array's serial number specified in the policys Snapshot Resources.
Gather the appropriate Hitachi logs and contact Symantec customer support for NetBackup.
The default array controller of the source device is not the same as the controller of the snapshot device. Use the Storage Navigator interface to verify. Recommended action: Make sure that the clone (or snapshot) device has the same default controller as the source device. See the Hitachi documentation.
141
Specifies the size in MB of each I/O request that is used when synchronizing the regions of a volume. Specifying a larger size causes synchronization to complete sooner, but with greater impact on the performance of other processes that are accessing the volume. The default size of 1 MB is the minimum suggested value for high-performance array and controller hardware. The specified value is rounded to a multiple of the volume's region size. This option is the same as the iosize=size parameter on the VxVM vxsnap command. For more details on the iosize=size parameter, see the Veritas Volume Manager Administrators Guide.
Specifies the delay in milliseconds between synchronizing successive sets of regions as specified by the value of the previous parameter (Sync region size in MB). This option can be used to change the impact of synchronization on system performance. The default is 0 milliseconds (no delay). Increasing this value slows down synchronization, and reduces the competition for I/O bandwidth with other processes that may be accessing the volume. This option is the same as the slow=iodelay parameter on the VxVM vxsnap command. For more details on the slow=iodelay parameter, see the Veritas Volume Manager Administrators Guide.
Maximum number of volumes to resynchronize concurrently Sync region size in MB (UNIX only) Sync I/O delay in milliseconds (UNIX only)
Note: Instant Recovery rollback uses the same defaults for these vxvm parameters as are listed in Table 4-9. To modify the vxvm parameters for point in time rollback 1 2 Create the following file:
/usr/openv/netbackup/SYMC_PARAMS
In the file, enter the numeric values for the parameters, in one line. The numbers apply to the parameters listed in the bulleted list above, in that order. For example:
6 3 1000
Maximum number of volumes to resynchronize concurrently = 6 Sync region size in MB (UNIX only) = 3 Sync I/O delay in milliseconds (UNIX only) = 1000
Chapter
KMS considerations
The following considerations relate to the functionality and use of KMS.
NetBackup GUI and CLI changes to report the encryption key tag addition to the NetBackup image information The bpimmedia and bpimagelist were modified. An emphasis on recoverability and ease of use for this NetBackup 6.5.2 release The recommended option is that all encryption keys are generated with passphrases. You type in a passphrase and the key management system creates a reproducible encryption key from that passphrase.
You can make the decision to choose KMS random generated keys or passphrase generated keys. You can decide to include NBAC deployment or not.
KMS security
There is no burden on existing NetBackup services with additional security concerns.
Cipher types
The following cipher types are supported in KMS:
KMS recoverability
There is a method of using the KMS where all of the encryption keys are generated from passphrases. You can record these passphrases and then use them at a later time to recreate the entire KMS for NetBackup.
145
KMS files
The KMS has three files associated with it where information on the keys is kept.
Key file or key database Contains the data encryption keys. The key file is located at /opt/openv/kms/db/KMS_DATA.dat. Host master key Contains the encryption key that encrypts and protects the KMS_DATA.dat key file using AES 256. The host master key is located at /opt/openv/kms/key/KMS_HMKF.dat Key protection key Encryption key that encrypts and protects individual records in the KMS_DATA.dat key file using AES 256. The key protection key is located at /opt/openv/kms/key/KMS_KPKF.dat. Currently the same key protection key is used to encrypt all of the records.
Key records
Key records contain many fields but the primary records are the encryption key, the encryption key tag, and the record state. Key records also contain some metadata.
Encryption Key This is the key that will be given to the tape drive. Encryption Key Tag This tag is the identifier for the encryption key. Record state Each of the key records has a state. The states are prelive, active, inactive, deprecated, and terminated. Metadata Metadata includes logical name, creation date, modification date, and description.
Key groups
A logical name and grouping of key records. All key records created must belong to a group. A key group can only have one active state key record at any time.
LTO4 drives can read LTO2, LT03, and LT04 media LTO4 drives can write LTO3 and LT04 media LTO4 drives can only encrypt LTO4 media LTO4 encrypted and decrypted media only works in LTO4 drives
KMS logging
The service uses the new unified logging and has been assigned OID 286. The nbkmsutil CLI uses traditional logging and its logs can be found in the file /usr/openv/netbackup/logs/admin/*.log
147
NBU Catalog
BPTM
KMS terminology
The terms associated with KMS are listed below:
CLI
Command line interface. You can operate the KMS feature from the provided command line using the nbkmsutil command. You can use the CLI to create a new key group, create a new key, modify key group attributes, modify key attributes, get details of key groups, get details of keys, delete a key group, delete a key, recover a key, modify the host master key, get host master key ID, modify key protection key, get key protection key ID, get key store statistics, quiesce the KMS database, unquiesce the KMS database.
149
Key
Encryption key that is used to encrypt and decrypt data.
KMS database
Contains the data encryption keys.
Key group
A logical name and grouping of key records. A key group can only have one active state key record at any time.
Key record
Contains the encryption key, encryption key tag, and the record state. Other useful metadata such as logical name, creation date, modification date, and description are also included. The key records have states listed below.
Prelive The key record has been created, but has never been used. Active The key record can be used for encryption and decryption in both backup and restore. Inactive Key record cannot be used for encryption, but can be used for decryption only during restore. Deprecated The key record can not be used for encryption or decryption. Terminated The key record is not available for use but it can be deleted.
Key store
The file that keeps the data encryption keys.
Passphrase
User specified random string. Seed to create encryption keys. You have a choice of creating the HMK, the KPK, and the encryption key with or without a passphrase. Using a passphrase would provide the following benefits:
Better passphrases result in keys with better security strength. If lost, keys can be recovered (re-generated) by providing the same passphrase (which was used to create the original key).
Note: It is important to keep track of all passphrases by recording them and storing them in a safe place for future use.
151
Quiesce
Sets the KMS DB to read-only administrator mode. Quiescing is required to make a backup of consistent copy of the KMS DB files.
Tag
Unique identifier (UUID) used to identify a key or key group in a key store.
Installing KMS
The service is called nbkms. The service does not run until the data file has been setup and in this way minimizes the impact on environments not using KMS. To configure it run the nbkms -createemptydb option. This will prompt you for a passphrase for the host master key HMK and the key protection key KPK. You will be asked for an ID. In this particular case the numbers 34 and 10 were entered. These IDs can be anything descriptive that you want to use to identify the HMK and KPK. Then you start up the KMS service.
fel (root) [4]: nbkms -createemptydb Enter the Host Master Key (HMK) passphrase (or hit ENTER to use a randomly generated HMK). The passphrase will not be displayed on the screen. Enter passphrase : Re-enter passphrase : An ID will be associated with the Host Master Key (HMK) just created. The ID will assist you in determining the HMK associated with any key store. Enter HMK ID : 34 Enter the Key Protection Key (KPK) passphrase (or hit ENTER to use a randomly generated KPK). The passphrase will not be displayed on the screen. Enter passphrase : Re-enter passphrase : An ID will be associated with the Key Protection Key (KPK) just created. The ID will assist you in determining the KPK associated with any key store. Enter KPK ID : 10 fel (root) [5]: nbkms fel (root) [6]: ps -ef | grep nbkms root 11917 11873 0 13:08:09 pts/18 0:00 grep nbkms root 11915 1 0 13:08:02 ? 0:00 nbkms
The next step is to create the key group. This operation is done by using the KMS utility with the options create key group with a key group name specified. For this to work with NetBackup 6.5.2 the key group name must be an identical match to the volume pool name. All key group names must have a prefix ENCR_.
This is how BPTM when it gets a volume pool request with ENCR_ hands that volume pool name to KMS. KMS identifies it as an exact match of the volume pool and then picks the active key record for backups out of that group.
fel (root) [3]: nbkmsutil -createkg -kgname ENCR_pool1 New Key Group creation is successful
The next step is to create a key record. nbkmsutil -createkey -kgname ENCR_pool1 -keyname Q1_2008_key -activate -desc "Key for Jan, Feb, & March" The option is createkey. You need to specify the key group name that this record will be part of. You can give it a key name. In this example it is called Q1_2008_key. You specify the activate option which skips the prelive state and creates this key as active. You can provide an optional description of what that key is. In this case the description is Key for Jan, Feb, & March. Below shows the output of the command. In this case the default is to enter the passphrases for the keys.
fel (root) [312]: nbkmsutil -createkey -kgname ENCR_pool1 -keyname Q1_2008_key activate -desc "Key for Jan, Feb, & March" Enter a passphrase: Re-enter the passphrase: New Key creation is successful fel (root) [313]: nbkmsutil -listkeys -kgname ENCR_pool1 Key Group Name : ENCR_pool1 Supported Cipher : AES_256 Number of Keys : 1 Has Active Key : Yes Creation Time : Sat Mar 15 10:45:55 2008 Last Modification Time: Sat Mar 15 10:45:55 2008 Description : Key Tag : d5a2a3df1a32eb61aff9e269ec777b5b9092839c6a75fa17bc2565f725aafe90 Key Name : Q1_2008_key Current State : Active Creation Time : Sat Mar 15 10:46:51 2008 Last Modification Time: Sat Mar 15 10:46:51 2008 Description : Key for Jan, Feb, & March Number of Keys: 1
You can create another key record. nbkmsutil -createkey -kgname ENCR_pool1 -keyname Q2_2008_key -activate -desc "key for Apr, May, & Jun" This one could be called Q2_2008_key.
153
fel (root) [326]: nbkmsutil -createkey -kgname ENCR_pool1 -keyname Q2_2008_key activate -desc "key for Apr, May, & Jun" Enter a passphrase: Re-enter the passphrase: New Key creation is successful fel (root) [327]:
Then you can run the list keys option to list all of the keys that belong to the ENCR_pool1 keygroup name. Notice that the Q1_2008_key is inactive and the Q2_2008 key is the active key. List Key Records part of the named Key Group. nbkmsutil -listkeys -kgname ENCR_pool1
fel (root) [331]: nbkmsutil -listkeys -kgname ENCR_pool1 Key Group Name : ENCR_pool1 Supported Cipher : AES_256 Number of Keys : 2 Has Active Key : Yes Creation Time : Sat Mar 15 10:45:55 2008 Last Modification Time: Sat Mar 15 10:45:55 2008 Description : Key Tag : cf7ac430d8795a9b39e703821371ed10be6ec80eab72d89aef6f8a791fc2460d Key Name : Q2_2008_key Current State : Active Creation Time : Sat Mar 15 11:02:46 2008 Last Modification Time: Sat Mar 15 11:02:46 2008 Description : key for Apr, May, & Jun Key Tag : d5a2a3df1a32eb61aff9e269ec777b5b9092839c6a75fa17bc2565f725aafe90 Key Name : Q1_2008_key Current State : Inactive Creation Time : Sat Mar 15 10:46:51 2008 Last Modification Time: Sat Mar 15 10:46:51 2008 Description : Key for Jan, Feb, & March Number of Keys: 2
The permissions a user has on the KMS object determines the KMS related tasks you are allowed to perform. Table 5-1 shows the default KMS permissions for each of the NetBackup user groups. Table 5-1 Set Default KMS permissions for NetBackup user groups Activity NBU_ User
-----------
NBU_ Operator
-----------
NBU_ Admin
X X -------
Vault_ Operator
-----------
Besides the KMS permissions listed above, the NBU_KMS admin group also has the following permissions on other authorization objects:
BUAndRest - Browse, Read, Backup, Restore, List HostProperties - Browse, Read License - Browse, Read
155
2 3
Change the directory to the <NetBackup install path>\NetBackup\bin (Windows) and /usr/openv/netbackup/bin (UNIX). Run the following command. On Windows: bpclusterutil -addSvc "NetBackup Key Management Service." On UNIX: bpclusterutil -addSvc nbkms Follow the optional product specific steps to enable the product. For NetBackup Key Management Service run the command to create the database, and start the service.
2 3 4 5
Follow the optional product specific steps to remove the product Open the command prompt on the active node of the cluster Change the directory to the <NetBackup install path>\NetBackup\bin (Windows) and /usr/openv/netbackup/bin (UNIX) Run the following command On Windows: bpclusterutil -deleteSvc "NetBackup Key Management Service" On UNIX: bpclusterutil -deleteSvc nbkms
KMS configuration
Configuration of KMS is done by creating the key database, key groups, and key records. Then NetBackup is configured to work with KMS. Use the following steps to configure and initialize KMS. 1 2 3 Create the key database, the host master key (HMK), and the key protection key (KPK). Create a key group that matches the volume pool. Create an active key record.
You are prompted to provide a logical ID to be associated with each key. At the end of this operation, the key database and protection keys are established. On a windows system they can be found at: \Program Files\Veritas\kms\db\KMS_DATA.dat \Program Files\Veritas\kms\key\KMS_HMKF.dat \Program Files\Veritas\kms\key\KMS_HKPKF.dat On a UNIX system they can be found at:
157
/opt/openv/kms/db/KMS_DATA.dat /opt/openv/kms/key/KMS_HMKF.dat /opt/openv/kms/key/KMS_HKPKF.dat Note: On Windows the following nbkms command is run from the C:\Program Files\Veritas\NetBackkup\bin directory. 1 Enter nbkms -createemptydb. felix (root) [4]: nbkms -createemptydb Enter the Host Master Key (HMK) passphrase (or hit ENTER to use a randomly generated HMK). The passphrase will not be displayed on the screen. Enter passphrase. Re-enter passphrase. An ID will be associated with the Host Master Key (HMK) just created. The ID will assist you in determining the HMK associated with any key store. Enter HMK ID: 34. Enter the Key Protection Key (KPK) passphrase (or hit ENTER to use a randomly generated KPK). The passphrase will not be displayed on the screen. Enter passphrase. Re-enter passphrase. An ID will be associated with the Key Protection Key (KPK) just created. The ID will assist you in determining the KPK associated with any key store. Enter KPK ID: 10.
2 3
5 6
Name Given to a key group. Should be unique within the key store. Renaming of the key group is supported if the new name is unique within the key store. Tag Unique key group identifier (not mutable). Cipher
Supported cipher. All keys belonging to this key group are created with this cipher in mind (not mutable).
Description Any description (mutable). Creation Time Time of creation of this key group (not mutable). Last Modification Time Time of last modification to any of the mutable attributes (not mutable).
Note: For this 6.5.2 version of KMS, it is important that the group name you create (i.e., mygroup), is prefixed with ENCR_.
Name Name given to a Key, should be unique within a KG. Renaming of Key is supported if the new name is unique with in the KG. Key Tag Unique Key identifier (not mutable). Key Group Tag Unique KG identifier, to which this Key belongs (not mutable). State Key's current state (mutable). Encryption Key Key, used to encrypt/decrypt the backup/restore data (not mutable). Description
159
Creation Time Time of creation of this Key (not mutable). Last Modification Time Time of last modification to any of the mutable attributes (not mutable). Prelive - Record has been created, but has not been used Active - Record and key can be used for encryption and decryption Inactive - Record and key cannot be used for encryption, but can be used for decryption Deprecated - Record can not be used for encryption or decryption Terminated - Record can be deleted
PRELIVE
ACTIVE
TERMINATED
INACTIVE
DEPRECATED
Key record state transitions are well defined and you must go through the whole path of states to delete a key record. Setting a key record to active bumps any existing active key record to the inactive state for that group. There can only be one active record in a group. The deprecated state is useful for saving a key while restricting its use. If as an administrator you think that a key has been compromised and you want to manually put a hold on anyone using that key without that key being deleted from the system. You would set the key record to the deprecated state and someone attempting to do a backup or restore with this deprecated key would get an error. The key record deletion involves two steps helping to reduce the possibility of accidentally deleting a key. You must first set deprecated keys to terminated and then you can delete the key record. Only terminated key records can be deleted (other than the keys which are in the prelive state). You can use the prelive state to create a key record before use.
161
Prelive state
A key record created in the prelive state can be made active or deleted. The prelive state could be used in the following way:
The KMS administrator wants to test the creation of a key record without impacting the system. If created correctly the record can then be activated. If not created correctly the record can be deleted. The KMS admin wants to create a key record, but then only activate it at some time in the future. The reasons for this may include delay setting the record active until the KMS key store has been backed up (or the passphrase has been recorded). Or delay setting the record active until some future time. Key records in the prelive state can be made active or deleted from the system.
Active state
Active key records could be used to encrypt and decrypt data. If necessary, the active key record could be made inactive. The active state is one of the three most important data management states. The inactive and deprecated states are the other two important data management states. Key records can be created directly in the active state bypassing the prelive state. Key records in the active state can either stay active or be made inactive. Active records cannot go back to the prelive state.
Inactive state
Inactive key records could be used to decrypt data. If necessary, the inactive key record could be made active again or moved to the deprecated state. The inactive state is one of the three most important data management states. The active and deprecated states are the other two important data management states. Key records in the inactive state can either stay inactive, be made active, or be made deprecated.
Deprecated state
Deprecated key records cannot be used to encrypt or decrypt data. If necessary, key records in the deprecated state could be made inactive or terminated. The deprecated state is one of the three most important data management states. The active and inactive states are the other two important data management states.The deprecated state could be used in the following ways:
The use of a key needs to be tracked or regulated. Any attempt to use a deprecated key will fail, until its state is changed to the appropriate state.
A key should not be needed any longer, but just to be safe is not set to the terminated state. Key records in the deprecated state can either stay deprecated, be made inactive, or terminated.
Terminated state
The terminated state adds a second step or safety step for deleting a deprecated state key record. A terminated key record could be moved to the deprecated state and ultimately made active again as needed. A terminated key record can also be deleted from the KMS. Caution: Before deleting a key, make sure that no valid image exists which was encrypted with this key Key records in the terminated state can either stay terminated, be made deprecated, or physically deleted.
163
You can then unquiesce the KMS database files using the KMS utility option for unquiesce. You run the nbkmsutil -unquiescedb. Once the outstanding quiesce calls count goes to zero, the KMS is now capable of running commands that could modify the KMS_DATA.dat, KMS_HMKF.dat, and KMS_KPKF.dat files. Write access is once again returned to these files.
felix (root) [341]: nbkmsutil -unquiescedb Key Store unquiesce is successful Outstanding quiesce calls: 0 felix (root) [342]:
You can recover the KMS by regenerating the data encryption key as follows: 1 Create an empty KMS database using the command nbkms -createemptydb. In this particular case you do not have to use the same host master key HMK and key protection key KPK. You could choose new keys.
fel (root) [4]: nbkms -createemptydb Enter the Host Master Key (HMK) passphrase (or hit ENTER to use a randomly generated HMK). The passphrase will not be displayed on the screen. Enter passphrase : Re-enter passphrase : An ID will be associated with the Host Master Key (HMK) just created. The ID will assist you in determining the HMK associated with any key store. Enter HMK ID : 34 Enter the Key Protection Key (KPK) passphrase (or hit ENTER to use a randomly generated KPK). The passphrase will not be displayed on the screen. Enter passphrase : Re-enter passphrase : An ID will be associated with the Key Protection Key (KPK) just created. The ID will assist you in determining the KPK associated with any key store. Enter KPK ID : 10 fel (root) [5]: nbkms fel (root) [6]: ps -ef | grep nbkms root 11917 11873 0 13:08:09 pts/18 0:00 grep nbkms root 11915 1 0 13:08:02 ? 0:00 nbkms
Use the recover key option and specify the key name, key group, and tag. In this case the key name is Q1_2008_key. The group is ENCR_mygoup and the tag is that long string of digits. It is highly suggested that you keep an electronic copy of all the key groups by running the list keys option. If needed you can cut and paste the tag names as needed. Otherwise you will have to enter the tag information manually. Enter the passphrase that is an exact match with the original passphrase you previously wrote down and saved.
fel (root) [368]: nbkmsutil -recoverkey -keyname Q1_2008_key -kgname ENCR_mygroup -tag d5a2a3df1a32eb61aff9e269ec777b5b9092839c6a75fa17bc2565f725aafe90 Enter a passphrase: Re-enter the passphrase: Key recovery is successful fel (root) [369]:
Note: If the tag you enter already exists in the KMS database, then you will not be able to recreate the key.
165
The recovery key option places the key record in the inactive state. When you run the recover key option, the key record is brought into the KMS database in the inactive state. If this is the key that you want to use for backups, then use the command nbkmsutil modifykey to set the required state to active. If this is a key record that is to be deprecated then use the command nbkmsutil modifykey to move the key record to the deprecated state.
Listing keys
Use this procedure to list the keys that you created in a particular key group. 1 To list the keys in a key group enter the command nbkmsutil -listkeys -kgname ENCR_mygroup. The nbkmsutil outputs the list in the verbose format by default. Following is a non-verbose listing output. KGR ENCR_mygroup AES_256 1 Yes 134220503860000000 134220503860000000 KR my_latest_key Active 134220507320000000 134220507320000000 key for Jan, Feb, March data Number of keys: 1
NetBackup getting key records from KMS Setting up NetBackup to use encryption
167
Note: The 6.5.2 Key Management feature requires the key group name and NetBackup volume pool name match identically and both be prefixed with ENCR_. This method of configuration enabled encryption support to be made available in 6.5.2 without requiring major changes to the NetBackup system management infrastructure.
The following figure shows a NetBackup Policy configured to use the Volume and KEY GROUP named ENCR_testpool.
If configured and operating correctly backups should proceed as normal. If a NetBackup image has been encrypted the key tag will be recorded and associated with the image. This information can seen through the GUI Reports, or can be seen in the output of the bpimmedia and bpimagelist commands. The following figure shows images on Tape report showing the linking between encryption and a backup images being encrypted.
169
Using KMS
You can use KMS to run an encrypted tape backup, verify an encrypted tape backups, and manage keys. The following sections provide examples for each of these scenarios.
171
KMS DB constituents
The KMS DB consists of three files:
The key store file (KMS_DATA.dat) contains all the key group and key records along with some metadata. The KPK file (KMS_KPKF.dat) contains the KPK that is used to encrypt the ciphertext portions of the key records that are stored in the key store file. The HMK file (KMS_HMKF.dat) contains the HMK that is used to encrypt the entire contents of the key store file (exception - the key store file header contains some metadata like the KPK ID and HMK ID that is not encrypted).
HMK passphrase - leave empty for a random HMK HMK ID KPK passphrase - leave empty for a random KPK KPK ID
The KMS DB backup and disaster recovery procedures will vary for random and passphrase generated KPK and HMK as described below.
Use this disaster recovery procedure when the HMK and KPK were generated randomly as follows: 1 2 Restore the key store file from a backup. Execute the command nbkms -info to find out the KPK ID and HMK ID of the KPK and HMK needed to decrypt this key store file. The output should also inform you that the HMK and KPK for this key store file were generated randomly. Restore the HMK file corresponding to the HMK ID from a secure backup. Restore the KPK file corresponding to the KPK ID from a secure backup.
3 4
173
CLI commands
CLI usage help Create new key group Create new key Modify key group attributes Modify key attributes Get details of key groups Get details of keys Delete a key group Delete a key Recover a key Modify host master key (HMK) Get host master key (HMK) ID Modify key protection key (KPK) Get KPK ID Get key store statistics Quiesce KMS DB Unquiesce KMS DB
175
-cipher <type> | -emptykgs | -noactive ] [ -noverbose ] Note: By default all the key groups would be listed. If no option is specified, details of all the key groups are returned. -kgname: Name of a key group, whose details we want to see -cipher: Gets the details of all the key groups which supports specific cipher type -emptykgs: Gets the details of all the key groups with zero keys in it -noactive: Gets the details of all the key groups in which there is no active key -noverbose: Prints the details in formatted form (non-readable) format. The default is verbose. The output is displayed in a human readable form.
177
-kgname: Name of the key group to be deleted. Only empty key groups can be deleted.
Delete a key
To delete a key use the NetBackup key management service utility command with the included arguments. #nbkmsutil -help -deletekey nbkmsutil -deletekey -keyname <key_name> -kgname <key_group_name> Note: Keys, which are in prelive, or terminated state can be deleted. -keyname: Name of the key to be deleted (to delete, key state has to be in one of prelive, or terminated) -kgname: Name of the key group to which this key belongs
Recover a key
To recover a key use the NetBackup key management service utility command with the included arguments. #nbkmsutil -help -recoverkey nbkmsutil -recoverkey -keyname <key_name> -kgname <key_group_name> -tag <key_tag> [ -desc <description> ] Note: The key state would be set to inactive. Restore could fail if a key used in encrypting the backup data is lost (and no copy of it is available). Such keys can be recovered (re-created) with the knowledge of the original key's attributes (tag, and passphrase) -keyname: Name of the key to be recovered (re-created) -kgname: Name of the key group to which this key should belong -tag: Tag identifying the original key (we need to use the same tag) Note: The user is prompted to enter the correct passphrase to get the right key (the system does not verify the validity of entered passphrases).
Get HMK ID
To get the HMK ID use the NetBackup key management service utility command with the included arguments. The HMK ID is then returned. #nbkmsutil -help -gethmkid nbkmsutil -gethmkid
Get KPK ID
To get the KPK ID use the NetBackup key management service utility command with the included arguments. The command returns the current KPK ID #nbkmsutil -help -getkpkid nbkmsutil -getkpkid
179
Total number of key groups Total number of keys Outstanding quiesce calls
Quiesce KMS DB
To quiesce the KMS database use the NetBackup key management service utility command with the included arguments. This command sends the quiesce request to KMS. If the command succeeds, the current outstanding quiesce count is returned as multiple backup jobs might quiesce the KMS database. #nbkmsutil -help -quiescedb nbkmsutil -quiescedb
Unquiesce KMS DB
To unquiesce the KMS database use the NetBackup key management service utility command with the included arguments. This command sends an unquiesce request to KMS. If the command succeeds, the current outstanding quiesce count is returned. A count of zero (0) means that the KMS database is completely unquiesced. #nbkmsutil -help -unquiescedb #nbkmsutil -unquiescedb
Note: The recommended approach for creating keys with this 6.5.2 version of KMS is to always create keys from passphases. This includes both the protection keys (Host Master Key and Key Protection Key), and the data encryption keys associated with the key records). It is recommend the passphrases used to create the keys are recorded and stored for recovery purposes. While allowing the KMS system to randomly generate the encryption keys provides a stronger solution, this usage cannot recover from the loss or corruption of all copies of the key store and protection keys, and therefore is not encouraged.
Troubleshooting KMS
You can troubleshoot KMS as follows: 1 2 Determine what error code and description are encountered. It is recommended that you capture this information. Check to determine if KMS is running and that the KMS data files exist. kms/db/KMS_DATA.dat kms/key/KMS_HMKF.dat kms/key/KMS_KPKF.dat If the files do not exist, then KMS has not been configured, or the configuration has been removed. Find out what happened to the files if they do not exist. If KMS has not been configured, the nbkms service will not be running. If KMS is not running or is not configured, it will not impact NetBackup operation. If you have previously used the ENCR_ prefix for a volume pool name, this must be changed as ENCR_ now has special meaning to NetBackup. Get the KMS configuration information: Get a key group listing by running the command nbkmsutil listkgs. Get a listing of all keys for a key group by running the command nbkmsutil listkeys kgname <key_group_name>. Get operational log information such as KMS logs by way of VxUL OID 286 and BPTM logs. Evaluate the log information. The KMS errors (Table 5-2) are handed back to BPTM. Evaluate the KMS errors recorded in the KMS log
4 5 6
181
Verify that a backup is not being encrypted by checking that the encryption key tag field is not set in the image record. Verify that the key group and volume pool names are an exact match. Verify that there is a key record in the key group with an active state. Verify that everything related to traditional media management is configured properly. Is the NetBackukp policy drawing a tape from the correct volume pool. Does the encryption capable tape drive have encryption capable media available. For example is LTO4 media installed in the LTO4 tape drive?
Verify that the original backup image was encrypted to begin with by viewing the encryption key tag field in the image record. Verify that the key record with the same encryption key tag field is in a record state that supports restores (that is active or inactive states). If the key record is not in the correct state change the key back to the inactive state. Verify that the drive and media actually support encryption. Is the encrypted media being read in an encryption capable tape drive?
fel (root) [385]: nbkmsutil -listkeys -kgname ENCR_mygroup Key Group Name : ENCR_mygroup Supported Cipher : AES_256 Number of Keys : 3 Has Active Key : Yes Creation Time : Sat Mar 15 10:45:55 2008 Last Modification Time: Sat Mar 15 10:45:55 2008 Description : Key Tag : cf7ac430d8795a9b39e703821371ed10be6ec80eab72d89aef6f8a791fc2460d Key Name : Q2_2008_key Current State : Active Creation Time : Sat Mar 15 11:02:46 2008 Last Modification Time: Sat Mar 15 11:02:46 2008 Description : key for Apr, May, & Jun Key Tag : d5a2a3df1a32eb61aff9e269ec777b5b9092839c6a75fa17bc2565f725aafe90 Key Name : Q1_2008_key Current State : Inactive Creation Time : Sat Mar 15 10:46:51 2008 Last Modification Time: Sat Mar 15 10:46:51 2008 Description : Key for Jan, Feb, & March Key Tag : d5a2a3df1a32eb61aff9e269ec777b5b9092839c6a75fa17bc2565f725aafe91 Key Name : test Current State : Inactive Creation Time : Sat Mar 15 13:12:25 2008 Last Modification Time: Sat Mar 15 13:12:25 2008 Description : Number of Keys: 3 fel (root) [383]: nbkmsutil -modifykey -keyname Q2_2008_key -kgname ENCR_mygroup -state Inactive Key details are updated successfully
When the listing is produced again you can see that the Q2_2008_key state is now listed as inactive.
fel (root) [384]: nbkmsutil -listkeys -kgname ENCR_mygroup Key Group Name : ENCR_mygroup Supported Cipher : AES_256 Number of Keys : 3 Has Active Key : No Creation Time : Sat Mar 15 10:45:55 2008 Last Modification Time: Sat Mar 15 10:45:55 2008 Description : Key Tag : d5a2a3df1a32eb61aff9e269ec777b5b9092839c6a75fa17bc2565f725aafe90 Key Name : Q1_2008_key Current State : Inactive Creation Time : Sat Mar 15 10:46:51 2008 Last Modification Time: Sat Mar 15 10:46:51 2008 Description : Key for Jan, Feb, & March Key Tag : d5a2a3df1a32eb61aff9e269ec777b5b9092839c6a75fa17bc2565f725aafe91 Key Name : test Current State : Inactive Creation Time : Sat Mar 15 13:12:25 2008 Last Modification Time: Sat Mar 15 13:12:25 2008 Description : Key Tag : cf7ac430d8795a9b39e703821371ed10be6ec80eab72d89aef6f8a791fc2460d Key Name : Q2_2008_key Current State : Inactive Creation Time : Sat Mar 15 11:02:46 2008 Last Modification Time: Mon Mar 17 13:53:33 2008 Description : key for Apr, May, & Jun Number of Keys: 3
With no active key, what happens to the backup? Here is the BPTM log output. It is actually going to log the message within the 1227 error code in the BPTM log.
183
14:29:16.381 [19978] <2> manage_drive_attributes: MediaPool [ENCR_mygroup], MediaLabel [MEDIA=JRO111;] 14:29:16.384 [19978] <2> manage_drive_attributes: encryption status: nexus scope 0, key scope 0 14:29:16.384 [19978] <2> manage_drive_attributes: encryp mode 0x0, decryp mode 0x0, algorithm index 0, key instance 0 14:29:16.384 [19978] <2> KMSCLIB::kmsGetKeyAndKad: Entering function....(KMSClib.cpp:583) 14:29:16.384 [19978] <2> KMSCLIB::GetQueryableFacetInstance: Entering function....(KMSClib.cpp:207) 14:29:16.384 [19978] <2> KMSCLIB::InitOrb: Entering function....(KMSClib.cpp:158) 14:29:16.385 [19978] <2> Orb::init: Created anon service name: NB_19978_1536015948517350(Orb.cpp:600) 14:29:16.385 [19978] <2> Orb::init: endpointvalue is : pbxiop://1556:NB_19978_1536015948517350(Orb.cpp:618) 14:29:16.385 [19978] <2> Orb::init: initializing ORB kmslib with: kmslib -ORBSvcConfDirective "ORBDottedDecimalAddresses 0" -ORBSvcConfDirective "static PBXIOP_Factory ''" -ORBSvcConfDirective "static EndpointSelectorFactory ''" -ORBSvcConfDirective "static Resource_Factory '-ORBProtocolFactory PBXIOP_Factory'" ORBSvcConfDirective "static Resource_Factory '-ORBProtocolFactory IIOP_Factory'" -ORBSvcConfDirective "static PBXIOP_Evaluator_Factory '-orb kmslib'" -ORBSvcConfDirective "static Resource_Factory '-ORBConnectionCacheMax 1024 '" -ORBEndpoint pbxiop://1556:NB_19978_1536015948517350 -ORBSvcConf /dev/null -ORBSvcConfDirective "static Server_Strategy_Factory '-ORBMaxRecvGIOPPayloadSize 268435456'"(Orb.cpp:725) 14:29:16.406 [19978] <2> vnet_cached_gethostbyname: vnet_hosts.c.307: found host in cache: felix.min.veritas.com 14:29:16.406 [19978] <2> vnet_cached_gethostbyaddr_rnl: vnet_hosts.c.506: found IP in cache: 127.0.0.1 14:29:16.460 [19978] <2> db_error_add_to_file: dberrorq.c:midnite = 1205730000 14:29:16.461 [19978] <16> get_encryption_key: NBKMS failed with error status: Key group does not have an active key (1227) 14:29:16.462 [19978] <2> send_MDS_msg: MEDIADB 1 42 JRO111 4000007 *NULL* 6 1205781805 1205782033 1206991633 0 64 2 2 1 4 0 8193 1024 0 8 0
What does this error look like in the activity monitor? There is a status code 83 media open error message returned.
In the detailed status you will get the message stating that NBKMS failed with error status key group does not have and active key (1227). With the
information in the previous screens it should be easy to diagnose what it the particular problem or to identify what a given problem is related to.
fel (root) [426]: !385 nbkmsutil -listkeys -kgname ENCR_mygroup Key Group Name : ENCR_mygroup Supported Cipher : AES_256 Number of Keys : 3 Has Active Key : No Creation Time : Sat Mar 15 10:45:55 2008 Last Modification Time: Sat Mar 15 10:45:55 2008 Description : Key Tag : d5a2a3df1a32eb61aff9e269ec777b5b9092839c6a75fa17bc2565f725aafe90 Key Name : Q1_2008_key Current State : Inactive Creation Time : Sat Mar 15 10:46:51 2008 Last Modification Time: Sat Mar 15 10:46:51 2008 Description : Key for Jan, Feb, & March Key Tag : d5a2a3df1a32eb61aff9e269ec777b5b9092839c6a75fa17bc2565f725aafe91 Key Name : test Current State : Inactive Creation Time : Sat Mar 15 13:12:25 2008 Last Modification Time: Sat Mar 15 13:12:25 2008 Description : Key Tag : cf7ac430d8795a9b39e703821371ed10be6ec80eab72d89aef6f8a791fc2460d Key Name : Q2_2008_key Current State : Deprecated Creation Time : Sat Mar 15 11:02:46 2008 Last Modification Time: Mon Mar 17 14:52:59 2008 Description : key for Apr, May, & Jun Number of Keys: 3
185
The following BPTM log output shows the 1242 error returned.
14:53:48.782 [21109] <2> io_read_back_header: drive index 0, reading backup header 14:53:48.791 [21109] <2> io_position_for_read: successfully positioned JRO111 to file number 3 14:53:48.796 [21109] <2> io_position_for_read: next block encryption status: LON 0x0000000000000009, algorithm index 1, encryption status 0x6 14:53:48.796 [21109] <2> io_position_for_read: Kad type 0x0, kad length 32 Kad [cf7ac430d8795a9b39e703821371ed10be6ec80eab72d89aef6f8a791fc2460d] 14:53:48.796 [21109] <2> KMSCLIB::kmsGetKeyAndKadByKeyTag: Entering function....(KMSClib.cpp:655) 14:53:48.796 [21109] <2> KMSCLIB::GetQueryableFacetInstance: Entering function....(KMSClib.cpp:207) 14:53:48.796 [21109] <2> KMSCLIB::InitOrb: Entering function....(KMSClib.cpp:158) 14:53:48.797 [21109] <2> Orb::init: Created anon service name: NB_21109_1537488329610200(Orb.cpp:600) 14:53:48.798 [21109] <2> Orb::init: endpointvalue is : pbxiop://1556:NB_21109_1537488329610200(Orb.cpp:618) 14:53:48.798 [21109] <2> Orb::init: initializing ORB kmslib with: kmslib -ORBSvcConfDirective "ORBDottedDecimalAddresses 0" -ORBSvcConfDirective "static PBXIOP_Factory ''" -ORBSvcConfDirective "static EndpointSelectorFactory ''" -ORBSvcConfDirective "static Resource_Factory '-ORBProtocolFactory PBXIOP_Factory'" ORBSvcConfDirective "static Resource_Factory '-ORBProtocolFactory IIOP_Factory'" -ORBSvcConfDirective "static PBXIOP_Evaluator_Factory '-orb kmslib'" -ORBSvcConfDirective "static Resource_Factory '-ORBConnectionCacheMax 1024 '" -ORBEndpoint pbxiop://1556:NB_21109_1537488329610200 -ORBSvcConf /dev/null -ORBSvcConfDirective "static Server_Strategy_Factory '-ORBMaxRecvGIOPPayloadSize 268435456'"(Orb.cpp:725) 14:53:48.818 [21109] <2> vnet_cached_gethostbyname: vnet_hosts.c.307: found host in cache: felix.min.veritas.com 14:53:48.818 [21109] <2> vnet_cached_gethostbyaddr_rnl: vnet_hosts.c.506: found IP in cache: 127.0.0.1 14:53:48.842 [21109] <2> db_error_add_to_file: dberrorq.c:midnite = 1205730000 14:53:48.844 [21109] <16> get_encryption_key: NBKMS failed with error status: Operation not allowed for key record in this state (1242)
The following activity monitor shows a status code 5 - restore failed to recover the requested files.
EC_KS_keygrp_notfound - 1229 - Key During a backup a key group with a matching Group was not found Volume Pool name was not found. EC_KS_no_active_key - 1227 - Key group does not have an active key EC_KS_keystate_disallow_op - 1242 Operation not allowed for key record in this state EC_KS_kad_notfound - 1261 - KAD did not match any key records During a backup an ACTIVE key record for the specified Key group does not exist. A Restore operation has requested access to a key that is not in the ACTIVE or INACTIVE state.
A record operation was looking for a Key Record with a specific Tag / KAD, and the record could not be found. Generally this is due to the Key Record having been deleted. BPTM and the tape drive have requested a Tag / KAD length combination that is not supported.
Chapter
On UNIX, the tool has a menu-user interface, similar to the bpadm tool. On Windows, the tool has a graphical user interface. The tool is based on existing command lines.
The tool on both UNIX and Windows provides a way for the administrator to perform the following actions:
Select, start, and stop the NetBackup relational database (NBDB) or the Bare Metal Restore database (BMRDB) Report on the status, consistency, and high-level space utilization Report on database space in full and table level reports
Full and table level defragmentation Index compression Add free space to the database Adjust the database server memory cache size Truncate the transaction log Toggle the transaction log mode between full and minimum
Check for database consistency using standard and full database validation Rebuild the database Move the database
Unload the database Back up and restore the database Change the password Report on and change the database server settings
New database Administration tool for NetBackup relational databases Running the Database Administration tool on UNIX
189
Space Utilization
The Space Utilization is a measure of the amount of used space as a percentage of the file system space that is allocated for the database. When the NBDB or the BMRDB databases are initially created, extra space is allocated so that contiguous space is available as needed. As a result, a low Space Utilization is a positive indication unless the database is very large and disk space is in short supply.
190 New database Administration tool for NetBackup relational databases Running the Database Administration tool on UNIX
Online Help is available from all screens by selecting the h option from the main menu. Option 2 from the Help Facility menu displays an index of all help available. Each of the help files shown in the index are also available from the associated menus. The Database Administration menu selections are described in the following sections.
Use options 1 and 2 to select NBDB or BMRDB. Then view or modify the selected database using the other dbadm menu options. Use options 3 and 4 to start and stop the selected database. Use option 5 to change the password for the databases. The password is changed for both NBDB and BMRDB, if applicable. Restart the database for the password change to take effect.
New database Administration tool for NetBackup relational databases Running the Database Administration tool on UNIX
191
To report on database space utilization To reorganize fragmented database objects To add free space to the database files To adjust the database server's memory cache settings
These actions are performed from the Database Space and Memory Management menu, as follows:
Database Space and Memory Management -----------------------------------1) Report on Database Space 2) Database Reorganize 3) Add Free Space 4) Adjust Memory Settings h) Help q) Quit
Defragment All
192 New database Administration tool for NetBackup relational databases Running the Database Administration tool on UNIX
Option 1 automatically determines the database tables and indexes that are fragmented. It then uses the Sybase ASA REORGANIZE command to defragment the tables and compress the indexes. The equivalent command is nbdb_admin -reorganize.
Table Level Defragmentation Option 2 generates a fragmentation report for each database table. For each table, the report includes the TABLE_NAME, number of ROWS, number of ROW_SEGMENTS, and SEGS_PER_ROW. In addition, a * displays in the ! column for an individual table if it would be automatically selected for reorganization by the Defragment All option. A row segment is all or part of one row that is contained on one page. A row may have one or more row segments. The ROW_SEGMENTS value indicates total number of row segments for the table. The SEGS_PER_ROW value shows the average number of segments per row, and indicates whether or not a table is fragmented. A SEGS_PER_ROW value of 1 is ideal, and any value more than 1 indicates a high degree of fragmentation. For example, a value of 1.5 means that half of the rows are partitioned. Index Compression Option 3 generates a fragmentation report for each database index and lets the administrator select individual indexes to be compressed. For each index the report includes the TABLE_NAME, INDEX_NAME, TYPE of index, LEVEL, and DENSITY. The index TYPE is one of the following values: PKEY (primary key), FKEY (foreign key), UI (unique index), UC (unique constraint), NUI (non-unique index). In addition, a * displays in the ! column for an individual index if it would be automatically selected for reorganization by the Defragment All option. The LEVEL and DENSITY indicate whether or not an index should be reorganized. The number of levels in the index tree determines the number of I/O operations that are needed to access a row using the index. Indexes with fewer levels are more efficient than indexes with greater numbers of levels. The density is a fraction between 0 and 1 providing an indication of how full each index page is on average. A LEVEL value of 1 is ideal. An index with a LEVEL value of 4 or more or with a level value of 2 or 3 with a density greater than 0.5 is a good candidate for reorganization.
New database Administration tool for NetBackup relational databases Running the Database Administration tool on UNIX
193
reduce future fragmentation of the database objects that are stored in the database. When the relational database is initially created or rebuilt, 25MB of free space is automatically added to the data and the index dbspaces. A Rebuild eliminates all free space and then adds back what was initially added when the database was created. If the user accidentally adds too much free space, a Rebuild can be used to eliminate the space.
Initial (-c option in server.conf) Sets the initial memory that is reserved for caching database pages and other server information. Minimum (-cl option in server.conf) Sets the minimum cache size as a lower limit to automatic cache resizing. Maximum (-ch option in server.conf)
194 New database Administration tool for NetBackup relational databases Running the Database Administration tool on UNIX
Sets the maximum cache size as an upper limit to automatic cache growth.
The databases transaction log is used for database recovery. The transaction log for NBDB is NBDB.log. For BMRDB it is BMRDB.log. During a full hot catalog backup, all of the database files are included in the backup. For example, for NBDB, NBDB.db, EMM_DATA.db, EMM_INDEX.db, and NBDB.log are included. After these files are backed up, the transaction log is truncated. For a differential hot catalog backup, only the transaction log (NBDB.log), is included in the backup. To recover from a full and an incremental, all of the database files are restored and the transaction logs are applied one at a time in order. If the transaction log is truncated outside of the hot catalog backup process, the next catalog backup must be a full hot catalog backup. Otherwise, a gap would exist in the transaction logs due to the truncation and an error during catalog recovery would occur. If the transaction log is truncated using this menu, a full hot catalog backup is forced the next time any schedule of the catalog backup policy is due. The transaction log mode controls when the transaction log is automatically truncated outside of the catalog backup process. A transaction log mode of PARTIAL forces a deletion of the transaction log whenever a database checkpoint occurs. The default transaction log mode is FULL. In FULL mode, the transaction log is only truncated automatically after a successful online (hot) or offline (cold) catalog backup.
New database Administration tool for NetBackup relational databases Running the Database Administration tool on UNIX
195
With PARTIAL mode, the hot catalog backup must always be a full backup and all incremental schedules are automatically converted to full schedules by NetBackup. The cold catalog backup is always a full backup.
196 New database Administration tool for NetBackup relational databases Running the Database Administration tool on UNIX
However, the validation checks may report any transient errors that are a result of transactions that are in progress. If any validation errors are reported, shut down the NetBackup daemons and services and start only the Sybase ASA database server. Then repeat the validation check using this tool or the nbdb_admin command line utility. If validation errors continue, contact Symantec customer support. The administrator may be asked to rebuild the database using the Database Rebuild option or the nbdb_unload command line utility.
Database Validation Check and Rebuild ------------------------------------1) Standard Validation 2) Full Validation 3) *Database Rebuild h) Help q) Quit WARNING: Starred options will temporarily suspend NetBackup operations. Do not perform backups during any of these actions.
New database Administration tool for NetBackup relational databases Running the Database Administration tool on UNIX
197
If option 3 is selected, a message appears which recommends that you exit and create a backup using the Backup Database option before you rebuild the database. You then have the choice of whether to continue or not. For more information, see Backup and Restore Database option on page 199.
In addition, the Move Database menu lets the administrator create a mirrored transaction log. The transaction logs (NBDB.log and BMRDB.log) are critical files used to recover the relational databases. For extra protection, a mirrored transaction log can be used. Create the mirrored log in a different directory from the original log.
198 New database Administration tool for NetBackup relational databases Running the Database Administration tool on UNIX
A SQL command file is created that can be used to rebuild the database. If the data is also included in the unload, a set of data files in comma-delimited format is created.
New database Administration tool for NetBackup relational databases Running the Database Administration tool on UNIX
199
200 New database Administration tool for NetBackup relational databases Running the Database Administration tool on UNIX
New database Administration tool for NetBackup relational databases Running the Database Administration Tool on Windows
201
The database (displays NBDB information by default). The status of the database. The results from a validation check. Information on space utilization. See Table 6-1 for more information. Drive Space button Shows the amount of free space and used space on a drive. If the database files are on multiple drives, this view is useful to see which drive has more free space available. Close button Closes the Database Administration tool. Help button Provides additional assistance in the console.
202 New database Administration tool for NetBackup relational databases Running the Database Administration Tool on Windows
General tab
When the user logs in, the General tab of the Database Administration console displays, as shown in Figure 6-1. Figure 6-1 General tab of the Database Administration Tool
The following topics describe the options available on the General tab.
New database Administration tool for NetBackup relational databases Running the Database Administration Tool on Windows
203
Refresh button
Click the Refresh button to make sure that the most current information is displayed.
Validate button
Click the Validate button on the General tab to perform either a standard or a full database validation. See Database Validation Check and Rebuild option on page 195 for more information.
Rebuild button
Click the Rebuild button on the General tab to rebuild the database. Clicking the Rebuild button eliminates all free space and then adds back what was initially added when the database was created. If the user accidentally adds too much free space, a Rebuild can be used to eliminate the space. See Database Validation Check and Rebuild option on page 195 for more information.
204 New database Administration tool for NetBackup relational databases Running the Database Administration Tool on Windows
Tools tab
The following topics describe the options available on the Tools tab. Figure 6-2 Tools tab of the Database Administration Tool
New database Administration tool for NetBackup relational databases Running the Database Administration Tool on Windows
205
Move button
Click the Move button in the Move Database section on the Tools tab to change the location of the database files or to split the database files into multiple directories. Note: Due to performance issues, NetBackup supports database files only on locally attached drives. For more information, see Move Database option on page 197.
Export button
Click the Export button in the Unload section on the Tools tab to unload either the schema or the schema and data from the relational database. Select one of the following options:
Schema Unload only the database schema. The schema is unloaded as a file that is named reload.sql in the named directory. Schema and data Unload both the database schema and the data. The data is unloaded as a set of files in comma-delimited format. One file is created for each database table.
Copy button
Click the Copy button in the Backup section on the Tools tab to back up the relational database to the specified directory. Either an online or offline backup can be selected. An offline backup causes NetBackup activity to be suspended so do not perform an offline backup when backups or restores run. Note: Using the Database Administration Tool to back up and restore the NetBackup database can potentially break the consistency between the NetBackup catalog and the database. This loss of consistency can lead to loss of data. Use the tool to back up and restore the NetBackup catalog only as a precautionary measure.
Restore button
Click the Restore button on the Tools tab to restore a copy of the database that was previously made using either an online or offline backup.
206 New database Administration tool for NetBackup relational databases Running the Database Administration Tool on Windows
Set button
Click the Set button in the Cache section on the Tools tab to view and change the Sybase ASA memory cache settings. Changes to these settings affect all of the relational databases that the database server manages. The changes do not take effect until the database server is restarted. For more information about memory cache settings, see Adjust Memory Settings option on page 193.
Modify button
Click the Modify button in the Transaction Log section on the Tools tab to change the transaction log mode of the database. For more information, see Toggle Transaction Log Mode option on page 195.
Truncate button
Click the Truncate button in the Transaction Log section on the Tools tab to truncate the transaction log of the database. For more information, see Truncate the Transaction Log option on page 195.
New database Administration tool for NetBackup relational databases Validation checks during a hot catalog backup
207
The validation check encountered errors. The catalog backup occurred while a database transaction was taking place.
The following procedure can determine whether the hot catalog backup failed due to database errors or normal backup activity. To determine whether a hot catalog backup failure is due to database errors 1 Examine the bpdbm log. If the failure is due to database validation errors, the following message appears:
validate_database: Database validation failed for database NBDB
If the log indicates validation failure, use the Database Administration tool or the command line option to run a full validation. The resulting database validation report indicates whether or not the database has errors. For UNIX (dbadm), see Full Validation option on page 196. For Windows (NbDbAdmin.exe), see Validate button on page 203. To use the command line, run: nbdb_admin -validate -full If the report shows validation errors, perform the following steps:
Shut down the NetBackup daemons and services: For UNIX: /usr/openv/netbackup/bin/bp.kill_all For Windows: Install_path\VERITAS\NetBackup\bin\bpdown Start only the ASA database server: For UNIX: /usr/openv/netbackup/bin/nbdbms_start_stop start For Windows: Install_path\VERITAS\NetBackup\bin\bpup -e ASANYs_VERITAS_NB Rerun the validation as described in step 2.
208 New database Administration tool for NetBackup relational databases Validation checks during a hot catalog backup
Create a backup copy of the database using either the Database Administration tool or the command line option: For UNIX (dbadm), see Backup and Restore Database option on page 199. For Windows (NbDbAdmin.exe), see Copy button on page 205. To use the command line, run: nbdb_backup -online directory Run a full validation. From the command line, run: nbdb_admin -validate -full Run a rebuild as described in step 4.
If the database has errors, rebuild the database using either the Database Administration tool or the command line option: For UNIX (dbadm), see Database Rebuild option on page 196. For Windows (NbDbAdmin.exe), see Rebuild button on page 203. To use the command line, run: nbdb_unload -rebuild Run the hot catalog backup again.
Chapter
Binaries
The following new binaries are installed on the SharePoint servers (Windows front-end servers and SQL database servers).
Limitations
The following limitations exist for the NetBackup for SharePoint version 6.5.2 agent.
SharePoint 2007 documents cannot be restored individually (document-level restore) from a backup image made with NetBackup 6.5.1 or earlier. Document restores cannot be redirected to a different location. Restores of the following objects cannot be redirected to a different location:
A site in another farm (but to another site within the original farm is supported) Farm configuration database and single-sign-on database Portal index database A document
You cannot restore a Windows Microsoft SQL Server 2000 Desktop Engine (WMSDE) database to an alternate location because of a WMSDE limitation. Version 6.5 of the NetBackup for Microsoft SharePoint Portal Server 2003 Administrators Guide indicates that for document-level restores you can automatically duplicate images from tape to disk. This functionality is not available at this time. If you want to perform a document-level restore, you must manually copy the backup image from tape to disk.
Installation requirements
Verify that the following requirements are met before you use the NetBackup for SharePoint agent.
For document-level backups, the top-level folder of a site must contain at least one document. Otherwise, documents are not enumerated correctly for restore. This will be resolved in a release update. When using SharePoint load balancing, all load-balanced Web sites must be uniformly identified in IIS using either host headers or IP addresses, but not both. Environments which mix host headers and IP addresses across load-balanced servers are not supported. To prevent restore failures, the IIS Default Application Pool identity must be a valid SharePoint user ID. Client settings on the SharePoint hosts:
The SharePoint user should be an administrator user account. The SharePoint user settings must be set on all SharePoint farm hosts.
Database agent
Verify that the following requirements are met for the database agent. If you want to be able to restore individual documents, install the software that is
211
indicated in Table 7-1. This software must be installed on the clients in the SharePoint farm which have the content database and NetBackup Media Server. Table 7-1 Windows
Windows 2008, 32-bit or 64-bit
SQL Server
SQL 2005 (32-bit or 64-bit) or SQL Express
Document-level restores
Software Development Kit (SDK) for SUA is installed. See Installing the Utilities and SDK for Subsystem for UNIX-Based Applications on page 211. Software Development Kit (SDK) for SUA is installed. See Installing the Utilities and SDK for Subsystem for UNIX-Based Applications on page 211. For 32-bit systems, Microsoft Services for NFS is installed. See Installing Microsoft Services for NFS on page 212. Windows Services for UNIX (SFU) 3.5 or higher is installed. See Installing Windows Services for UNIX on page 212.
Windows 2003 R1
Installing the Utilities and SDK for Subsystem for UNIX-Based Applications
If you have Windows Server 2003 R2, 64-bit, you need to install Software Development Kit (SDK) for SUA. This is available from Microsoft. To install Microsoft Services for NFS 1 2 Ensure that your computer meets the system requirements for SFU. See the documentation Microsoft provides. Download the SFU package.
Go to the Microsoft Download Center, www.microsoft.com/downloads In the Search box, enter sua and click Go. Click on the link Utilities and Software Development Kit (SDK) for Subsystem for UNIX-based Applications. Click Download the files below.
Go to the Microsoft Download Center, http://www.microsoft.com/downloads. In the Search box, enter windows services for unix and click Go. Click on the link Windows Services for UNIX. Click Download.
3 4 5 6 7
Log on as administrator on the local computer. Start the installation. During installation, choose to install both Server for NFS and Client for NFS. After the installation is complete, ensure that Client for NFS is running. To configure a different port, refer to Configuring a different network port in the NetBackup for Microsoft SharePoint Portal Server System Administrator's Guide.
NetBackup for SharePoint Portal Server updates Configuring the SharePoint agent
213
When the installation is complete, open the Services control panel and ensure that Server for NFS is stopped and disabled. Repeat this step for each client.
The NetBackup Client Service log on Configuring the NetBackup Client Service log on account account The account that logs on to the SharePoint Application Server Consistency checks Enable restores on multiple SharePoint hosts Specifying the account that logs on to the SharePoint Application Server
Performing consistency checks Configuring restores for multiple SharePoint hosts Use the SharePoint Hosts dialog box to set the association of the SQL back-end servers and the SharePoint front-end servers. Backup images are cataloged under the SharePoint front-end server name. This setting allows you to perform restores and redirected restores of federated farms.
The Directive set name has been changed from MS_SharePoint_Portal_Server_2003 to MS_SharePoint_Portal_Server. Use this directive for MOSS and WSS configurations with SharePoint 2007 and SPPS and WSS configurations in SharePoint 2003. As in earlier releases, directives in the Backup Selections list can be made specific to different SharePoint and WSS objects. The farm databases (Configuration, Single Sign-on, Index) cannot be backed up with a policy that is enabled for document-level backups. For comprehensive farm disaster recovery, back up those databases with a separate policy where document-level backups are disabled.
214 NetBackup for SharePoint Portal Server updates Backup schedule types for SharePoint 2007
No significant changes have been made to the files list directives. To protect the farm with a scheduled backup, you still add the Microsoft SharePoint Resources:\* directive to the Backup Selections list. Refer to version 6.5 of the NetBackup for Microsoft SharePoint Portal Server 2003 Administrators Guide for recommended policies you should configure.
SharePoint/WSS Objects
Configuration v3 DB Global Settings Single Sign-on Web App/Content DB/ (including document restores) WSS Help Search/Index Files WSS Help Search/Search DB WSS Administration/Web App/Content DB Shared Services/Services DB Shared Services/Shared Search Index/Index Files Shared Services/Shared Search Index/ Search DB Shared Services/Web App/Content DB
NetBackup for SharePoint Portal Server updates Restoring SharePoint farm components
215
SharePoint and WSS objects appear as follows in the NetBackup, Backup, Archive, and Restore interface.
Configuration database All SQL databases Bring the web application or portal online Wait for SharePoint to initialize storage for the Search Index Search Index
216 NetBackup for SharePoint Portal Server updates Restoring SharePoint farm components
(SharePoint 2003) When the SharePoint Search Index service is updating databases, it sometimes contends with NetBackup for access to the portal index database. This situation can cause failed backup or restore operation of that database. If this occurs, repeat the backup or restore operation until successful. To restore the Search Index, you must do the following:
Restore all SQL databases. Bring the web application or portal online. Wait for SharePoint to initialize storage for the Search Index. This may take a few minutes to occur, after newly recovered web application or portal is started. Restore the Search Index alone and after all other objects in the farm.
To restore the farm or multiple web applications or portals, perform an individual restore of each web application or portal. When you restore web applications or portals, ensure that you perform restores from the SharePoint front-end server(s). This server is the client name that you specified in the MS-SharePoint backup policy.
2 3 4 5
Services database Shared Search Index database (do not select the Index files for restore)
NetBackup for SharePoint Portal Server updates Restoring SharePoint farm components
217
6 7 8 9
Choose Actions > Restore. In the Restore Marked Files dialog box, select the Microsoft SharePoint tab. Uncheck Bring restored databases online and reconnect previous database links. Click Start Restore.
10 Restore any incremental backups. Do not select Bring restored databases online and reconnect previous database links. 11 Use the SQL Server administrative tools to recover the SSP databases. 12 In SharePoint Administration interface, use the Shared Services Administration page to reconnect the restored SSP.
You can redirect the restore of a web application or portal within the same farm when the SQL database host and the SharePoint host are the same. A redirected restore is not supported if the SQL databases exist across multiple SQL hosts. You must restore all SQL databases in one operation at the same time. Before you redirect the restore of a web application or portal, remove the source web application or portal. If you attempt the redirected restore without removing the source, the restore completes successfully, but the databases are not properly connected to the virtual server. To redirect MOSS 7.0 and WSS 3.0 web applications, specify the destination web application name (or the URL of the destination site). To redirect SharePoint 2003 portals and team sites, specify the URL to the destination site in the Restore Marked Files dialog.
218 NetBackup for SharePoint Portal Server updates Restoring Windows SharePoint Services (WSS) 3.0
The administrator has configured NetBackup to allow document-level restores. This option is configured on the Attributes tab for the backup policy. The user has chosen to restore from a full backup image. You can only restore when the backup image resides on a disk storage unit. Use the bpduplicate command to copy the image to disk storage. The NetBackup-Java client user interface does not yet support browsing of SharePoint documents for restore. Instead, use the Windows client to restore documents.
219
When you restore a document, it is safe to ignore certain bprd errors in the Activity Monitor similar to the following:
7/12/2007 11:01:39 AM - Error bpdm (pid=2928) did not receive EXIT STATUS from bprd, all blocks may not have been restored
Instead, rely upon the final status reported in the Activity Monitor to determine the true success or failure of the restore operation. To restore individual documents 1 2 3 4 5 6 7 8 9 Enable the SharePoint front-end Web server to restore to the SQL hosts in the farm. Log on as Administrator. Open the Backup, Archive, and Restore interface. Choose File > Select Files and Folders to Restore > from Normal Backup. In the Restore window, select the SharePoint policy type (choose File > Specify NetBackup Machines and Policy Type). Click OK. NetBackup browses for SharePoint Portal Server backup images. From the NetBackup History pane, select the full backup image that contains the documents you want to restore. In the All Folders pane, expand Microsoft SharePoint Resources. Expand the Team database.
10 Select the document(s) to restore. 11 Choose Actions > Restore. 12 In the Restore Marked Files dialog box, select the Microsoft SharePoint tab. 13 Choose the restore options you want. Choose whether or not to have documents overwritten if they already exist. 14 Click Start Restore.
Disaster Recovery
You can now restore the SharePoint Configuration database from the Backup, Archive, and Restore interface. You do not need to use the command line (SPSRecoveryAsst).
Chapter
Installing and configuring the NetBackup for Exchange Server agent with Exchange 2007 on page 222 Cluster support on page 224 Exchange LCR/CCR support on page 224 Requirements for redirected restores of Exchange 2003 or 2007 legacy (non VSS) backups to an RSG on page 228 Requirements for redirected restores of Exchange 2003 VSS backup images on page 228 About redirecting restores of Exchange 2007 VSS backup images on page 228 Instant recovery for Exchange on Windows VSS on page 231 Off-host backups on page 233 Other operational notes on page 234
222 NetBackup for Exchange support Installing and configuring the NetBackup for Exchange Server agent with Exchange 2007
Installing and configuring the NetBackup for Exchange Server agent with Exchange 2007
In addition to the other requirements that are included in the NetBackup for Microsoft Exchange Administrators Guide, note the following.
Do not install Outlook on the same server on which Exchange is installed. To take advantage of the Exchange 2007 consistency checks with the Microsoft API with a VSS off-host backup, the Exchange Management Console must be installed on the off-host client.
To perform backups and restores of mailboxes and public folders with Exchange 2007, additional configuration is required.
For mailbox-level backups with Windows 2003 and Exchange 2007, download and install the Microsoft Exchange Server MAPI Client and Collaboration Data Objects package. Version 6.05.7888 or higher is required. You can find this package at: http://www.microsoft.com/downloads/ NetBackup 6.5.2 does not support mailbox-level backups and restores on Windows 2008. At the time of this release, Microsoft has yet to provide a MAPI Client and Collaboration Data Objects package that is compatible with Windows 2008. You must also create a user account for the NetBackup Client Service. The process is different for Exchange 2007 than for earlier versions of Exchange. See Creating an Exchange 2007 user account for the NetBackup Client Service on page 222.
Creating an Exchange 2007 user account for the NetBackup Client Service
In Exchange 2003, the following security roles were available through the Delegation Wizard in Exchange System Manager:
Exchange 2007 has these predefined groups that manage Exchange configuration data:
NetBackup for Exchange support Installing and configuring the NetBackup for Exchange Server agent with Exchange 2007
223
Prerequisites
Make sure that the NetBackup Client is installed on the Exchange server, if the Exchange server is not locally installed on the NetBackup server. Ensure that the NetBackup service account has Domain Admin and Local Administrative rights. Verify that the NetBackup service account mailbox is not hidden.
3 4 5 6 7 8 9
10 Select the servers to which you want to delegate control and click OK. 11 Click Add. 12 On the Completion page, verify that the delegation was successful and click Finish.
13 Continue with the instructions for Configuring the NetBackup Client Service log on account in the NetBackup for Microsoft Exchange Server Administrators Guide. 14 Continue with the instructions for Configuring NetBackup to use the mailbox that is associated with the NetBackup Client Service account See the NetBackup for Microsoft Exchange Server Administrators Guide.
Cluster support
Note following if you want to use NetBackup for Exchange in a cluster environment:
The NetBackup for Exchange agent supports Microsoft Cluster Server (MSCS), and Veritas Cluster Server (VCS). Refer to the Veritas NetBackup Enterprise Server 6.x / NetBackup Server 6.x Cluster Compatibility list. This list contains information on the versions of Exchange Server that are supported with cluster environments. A patch is required if you want to use Exchange 2007 in a VCS 5.0 environment. See the following TechNote for more information: http://entsupport.symantec.com/docs/288625.htm The NetBackup for Exchange agent also supports Clustered Continuous Replication (CCR) and Single Copy Cluster (SCC). In the NetBackup for Microsoft Exchange Server manual version 6.5, any installation or configuration requirements noted for clusters also apply to CCR and SCC configurations. Restoring Exchange in a cluster When you restore data in an Exchange cluster environment, you must set the destination client to be the virtual server name. If you perform the with a NetBackup client-only installation on a cluster, you may not be able to change the destination client value to the virtual server name. In that case, use the NetBackup Backup, Archive, and Restore interface on a NetBackup server.
225
the replicated data and leaves the active (or live) Exchange service alone. This is especially beneficial for a backup of a CCR node because the active node is completely left out of the backup.
Requirements
To back up a clustered Exchange Server (including CCR and SCC) with Exchange 2007 SP1 or later, you must add or set the following registry key: HKLM\System\CCS\Services\MSExchangeIS\ParametersSystem\ Enable Remote Streaming Backup For more information see the Backup and Restore Reference for Exchange Server 2007 SP1 on the MSDN web site: http://msdn2.microsoft.com/en-us/library/aa580485(EXCHG.80).aspx
Backup the passive copy and if This option backs up the passive copy of the VSS not available backup the active writer. If the passive copy is not available and copy healthy, NetBackup backs up the active copy. This option is the default. Backup the passive copy This option backs up the passive copy of the VSS writer. If the passive copy is not available and healthy, the backup fails.
7 8
Click OK. Create a snapshot backup policy for the storage groups you want to back up. See the instructions in the Using NetBackup for Exchange Server with Snapshot Client chapter of the NetBackup for Microsoft Exchange Administrators Guide. Note: Instant recovery and off-host backups cannot be used with a replication backup.
Issue the powershell command Suspend-StorageGroupCopy for a storage group before you restore that storage group. Perform a database restore, as described in the NetBackup for Microsoft Exchange Administrators Guide. You may need to re-seed the copy before you resume the copy. Do the following:
Remove the database files, all log files and checkpoint files from the copy location. (If you use the Exchange Management Console, you will be prompted to perform this step.)
Issue the powershell command Update-StorageGroupCopy. See How to Seed a Local Continuous Replication Copy for more information: http://technet.microsoft.com/en-us/library/aa995973.aspx
227
The NetBackup Client Service must be run as a domain administrator or equivalent user on each node. Otherwise, NetBackup is not properly authorized to perform dismounts or restores. Note: A restore can only be directed to the active node.
Issue the powershell command Suspend-StorageGroupCopy for a storage group before you restore that storage group. Perform a database restore, as described in the NetBackup for Microsoft Exchange Administrators Guide. You may need to re-seed the cluster copy before you resume the copy. Do the following:
Remove the database files, all log files and checkpoint files from the passive node. (If you use the Exchange Management Console, you will be prompted to perform this step.)
From the passive node, issue the powershell command Update-StorageGroupCopy. See How to Seed a Cluster Continuous Replication Copy for more information: http://technet.microsoft.com/en-us/library/bb124706.aspx
Issue the powershell command Resume-StorageGroupCopy to properly resume the cluster copy.
228 NetBackup for Exchange support Requirements for redirected restores of Exchange 2003 or 2007 legacy (non VSS) backups to an RSG
Requirements for redirected restores of Exchange 2003 or 2007 legacy (non VSS) backups to an RSG
The following requirements exist to redirect restores of Exchange 2003 or 2007 legacy (non VSS) backups to an RSG:
The RSG must exist (and be dismounted) on an Exchange server. If the RSG exists on the local server, leave the destination client the same as the source client. If the RSG exists on a different server, change the destination client to the Exchange server that holds the RSG. The destination path does not need to be changed even though the RSG is a different name than the original storage group. The ESE engine automatically redirects the restore to the proper location. However, you can change the destination path to the RSG name if wanted. You can restore individual databases or the entire storage group to the RSG.
You cannot restore to an RSG in this Exchange release. You cannot redirect to a different storage group in this Exchange release. If you want to redirect to a storage group on another server, the storage group and database must be identical. The path(s) of the storage group also must be identical to the original storage group.
NetBackup for Exchange support About redirecting restores of Exchange 2007 VSS backup images
229
If you want to restore to an RSG, the RSG must already exist (and be dismounted) on an Exchange server. If you want to restore to another storage group, that storage group must contain databases and those databases must have the same names as the those in the original storage group. If you want to restore to a storage group or an RSG on the local server, leave the destination client the same as the source client. If you want to restore to a storage group or an RSG on a different server, change the destination client to the Exchange server that holds that storage group or RSG. If you want to restore to an RSG, select the new restore option Redirect restore to Recovery Storage Group. This option automatically determines the RSGs name on the target system. See Redirecting the restore of a VSS backup to the Exchange 2007 recovery storage group (RSG) on page 230. You can also change the destination path to the RSG name if desired. Unlike legacy restores, the ESE engine does not automatically redirect a storage group restore to its RSG, if it exists. If a storage group contains more than one database, you must restore one database at a time. Select one database for each restore request (and the logs object) and redirect the restore to the target storage group. If you want to restore individual databases, you must restore any additional incremental backup images after the full image. To restore an incremental backup, select the entire storage group from the incremental image(s). NetBackup supports a redirected restore from any type of VSS backup. This includes: local VSS snapshot backups, off-host VSS backups, and Instant Recovery backups (using the copy-back mechanism). If you attempt to restore a VSS backup from a multiplexed tape and you selected a single database from a storage group that contains multiple databases, the restore may fail. In this case, restore the entire storage group instead. This issue will be fixed in a future release. If you want to restore a storage group from an Exchange 2007 VSS image, the restore may fail if an Exxrestore.env file exists in the storage group path. This temporary Exchange file can be left from a previously failed restore. Remove this file manually before you attempt another restore.
230 NetBackup for Exchange support About redirecting restores of Exchange 2007 VSS backup images
Redirecting the restore of a VSS backup to the Exchange 2007 recovery storage group (RSG)
This procedure describes how to restore a VSS backup of a storage group to the Exchange 2007 recovery storage group (RSG). Review the requirements for this type of back before you attempt this type of backup. See Redirecting the restore of a VSS backup to the Exchange 2007 recovery storage group (RSG) on page 230. Note: A restore of Exchange Server files always overwrites any existing files. For example, if Pub.edb already exists on the target machine, it is replaced with the copy from the backup. To redirect the restore of a VSS backup to the Exchange 2007 recovery storage group (RSG) 1 2 3 4 5 6 Log on as Administrator. Create the Recovery Storage Group on an Exchange server and do not mount it. Open the Backup, Archive, and Restore interface. Choose File > Select Files and Folders to Restore > from Normal Backup. Select the Exchange policy type (choose File > Specify NetBackup Machines and Policy Type). From the NetBackup History pane, select the image(s) containing the objects you want to restore.
the last full backup, or the last full backup and all subsequent differential backups, or
the last full backup and the last cumulative backup Additional requirements exist for a restore of individual databases. See About redirecting restores of Exchange 2007 VSS backup images on page 228. 7 8 In the All Folders pane, select the storage group you want to restore. Expand the Microsoft Information Store node and select the storage group to restore. A full backup of an Exchange database includes the database transaction log files. When you restore a database, you must also restore the transaction log files. Select Actions > Restore.
NetBackup for Exchange support Instant recovery for Exchange on Windows VSS
231
10 Select Redirect to Recovery Storage Group (RSG). 11 Choose your other restore options. 12 If you want to restore the backups individually, you must select the Commit after last backup set is restored and Mount database after restore options when you restore the LAST incremental backup set. 13 Click Start Restore. 14 If you chose to restore storage groups and you did not select Mount database after restore (after the restore), be sure to mount the storage group databases that were restored.
Policy recommendations
Create the following policies when you use instant recovery:
In the Snapshot Client Options, set Maximum Snapshots to a small number. For fast temporary backups, create a Full Backup schedule and select the Instant Recovery option Snapshots only.
Do not rely on a snapshot-only backup for Disaster Recovery. If you create a snapshots-only schedule, also do one of the following:
Create other schedules that perform snapshot backups to a storage unit. (Use the instant recovery option Snapshots and copy snapshots to a storage unit.) Create a snapshot policy with the instant recovery enabled and with the option Snapshots and copy snapshots to a storage unit selected. Create a snapshot policy, without instant recovery enabled.
232 NetBackup for Exchange support Instant recovery for Exchange on Windows VSS
NetBackup deletes the other snapshots. In this case you lose the IR capability of the backup for the other volumes that you did not roll back. If you use instant recovery with the Microsoft System Provider and you select a set of storage groups that spans multiple volumes, NetBackup creates a backup set with one snapshot for each volume. On a subsequent backup, if any of the snapshots are rolled back, then all of the snapshots in that set are deleted. (With SFW or the hardware system provider, the rolled back snapshots are re-snapped so that the snapshot set remains complete.) This is a normal operating situation that typically occurs when you do a roll-forward restore of a storage group whose database and log folders are on separate volumes. The database volume normally is rolled back but the log volume is copied back. This action preserves the logs that were created since the backup. NetBackup then deletes the log snapshot and removes the IR copy of the backup image from the catalog. The storage unit copy of the backup, if one exists, remains.
Limitations
The following limitations exist for instant recovery operations:
NetBackup can only restore instant recovery backups performed with NetBackup 6.5.2 or later. Instant recovery does not support off-host backups.
Operational notes
Review the following notes before you perform instant recovery operations:
When using SFW to make your Exchange IR snapshots, use Veritas Enterprise Administrator (VEA) rather than vshadow or vssadmin to view and manage your snapshots. SFW resnaps a volume after a rollback restore, but the Microsoft utilities are not aware of the new snapshot. They falsely report that the snapshot does not exist. When you restore an instant recovery backup in a cluster environment, the same node must be active as when the backup was created.
If the system provider is used and the snapshot selected for restore is not the most recent snapshot. If there are other files on the volume that would be lost.
233
If all the files on the snapshot are not selected for restore. If you select Roll-Forward Recovery (in the Restore Marked Files dialog box). A Roll-Forward recovery needs the log files that were created since the backup. A rollback can not be performed since it removes those log files.
Troubleshooting
An additional log exists that you can use to troubleshoot backups and restores. install_path\NetBackup\logs\beds You can create this directory manually or run install_path\NetBackup\logs\mklogdir.bat.
Off-host backups
Note the following requirements and operational notes for off-host backups:
VxVm 5.0 or later is required for Exchange 2007 off-host backups using SFW. To successfully perform backups using the VSS Provider for VxVM 5.0, you must apply two hotfixes.
For Exchange 2003 and Exchange 2007, you must apply the following hotfix on all systems where a Snapshot Client backup occurs. The hotfix can be obtained by calling Symantec Support. This hotfix will also be included in the SFW/SFW-HA 5.0 MP1 release. See the following TechNote for more information. http://entsupport.symantec.com/docs/295112 Note: This information has changed since NetBackup 6.5.1.
If you have Exchange 2007 and use the VSS off-host method, you must also apply the following hotfix. http://entsupport.symantec.com/docs/292544
Off-host backups with SFW require that you backup only one VxVM disk group at a time. Initiating an off-host snapshot backup from the NetBackup Client GUI or the bpbackup command When you use the NetBackup Client GUI or the bpbackup command to initiate an Exchange off-host alternate client backup or a backup of the passive node of a CCR cluster, the backup will fail. Instead, use the NetBackup Administration Console to initiate a manual backup for that Exchange policy. See the Testing Configurations Settings section in the
NetBackup for Exchange System Administrators Guide for instructions regarding a manual backup operation. This functionality will be supported in a future release.
Concurrent restore of multiple storage groups When you use multiple backup streams, for example, one stream for each storage group, only the last storage group restored from the last restore job is properly mounted. Recovery of the remaining storage groups is not complete. Take one of these corrective actions:
If you are restoring from a snapshot backup, simply mount the unmounted storage groups. If you are restoring from a legacy (non-snapshot) backup, restore the logs from the last backup set for each storage group individually. To avoid these steps, you can also restore the storage groups individually in separate restore operations.
Chapter
The backup object must contain at least two files. The recovery model of the database cannot be simple. If the IR snapshot backup method is selected and you select the resume option Save work and restart at point of failure, the resume option is ignored.
236 NetBackup for Microsoft SQL Server updates SQL Server file-based checkpoint/restart
The batch file that you use for a file checkpoint backup can specify only one database or filegroup. You cannot use the 'backup database $ALL option.
When you use file checkpointing for backing up a full database, NetBackup for SQL Server automatically splits the database into file set components. Recovering the database from components requires a restore of the transaction log. NetBackup for SQL Server automatically includes a backup log directive in the generated batch file when you choose file checkpointing from the backup dialog box.
MAXRESTARTSETS 32 means that up to 32 pieces are backed up independently. The next two keywords are synonymous with the following:
RETRYWAITSECONDS 60 NUMRETRIES 1
These keywords indicates two things: first, that an automatic retry is launched after 60 seconds for all of the pieces that failed to get backed up on the first time. Second, the restart is attempted only one time. You can manually change either of these parameters. In addition, you can choose to not have the retry script automatically launched. Replace the NUMRETRIES command with RETRYTYPE MANUAL.
NUMRETRIES 1 with RETRYTYPE MANUAL
When manual retry is enabled, the generated batch file for the components that were unsuccessfully backed up is written to the following folder:
NB_INSTALL\dbext\mssql\retry
NetBackup for Microsoft SQL Server updates SQL Server file-based checkpoint/restart
237
Resume options
The option Retry failed backups has been replaced with Resume options for this selection. The values for this option are as follows:
Do not resume unsuccessful backups Retry from the beginning Restart failed backups after waiting 60 seconds. Save work and restart at point of failure Divide the backup into multiple streams and back up separately. Any streams that fail are restarted after 60 seconds. This option is available when the following conditions have been met:
Exactly one object has been selected, The object that is selected for backup is a database or filegroup and the backup type is full, The SQL Server object uses the full or bulk-logged recovery method.
Several keywords have been renamed. The old keyword names can also be used in batchfiles.
NUMRETRIES has been renamed NUMRESTARTS. RETRYTYPE has been renamed RESTARTTYPE. RETRYWAITSECONDS has been renamed RESTARTWAITSECONDS.
There is a new batchfile keyword: MAXRESTARTSETS Value: integer Required: No Default: none Use MAXRESTARTSETS to enable file checkpointing. The valid range is 2 to 32. This parameter specifies the number of separate streams into which the backup request is sub-divided.
238 NetBackup for Microsoft SQL Server updates SQL Server file-based checkpoint/restart
Chapter
10
The new Snapshot destination type is available when the Snapshot Client option is installed. For more information, see Configuring a lifecycle policy for snapshots on page 98. The Alternate read server selection is available for duplication destinations only. For more information, see Alternate Read Server option enabled only for duplication destinations on page 240. The Preserve multiplexing option is available to preserve multiplexing for tape-to-tape duplication within a storage lifecycle. For more information, see Duplicating multiplexed backups with the Preserve multiplexing option on page 241.
240 Storage Lifecycle Policy destination configuration changes Alternate Read Server option enabled only for duplication destinations
Figure 10-1
Expire after duplication now available for Duplication destination type Alternate read server selection available to duplication destinations only Preserve multiplexing available for multiplexed source images
Storage Lifecycle Policy destination configuration changes Duplicating multiplexed backups with the Preserve multiplexing option
241
Setting the storage lifecycle policy to inactive does not stop duplications that are already in progress. Setting the storage lifecycle policy to inactive does not prevent backups from using lifecycle. The inactive setting only prevents duplication of the original backups from occurring. A nbstlutil status change is persistent. Issue the corresponding command to clear a particular status setting.
242 Storage Lifecycle Policy destination configuration changes nbstl command changes
This command example indicates the following changes for storage lifecycle policy testcycle:
Destination 1 in the lifecycle policy is a backup destination. __NA__ indicates that an alternate read server is not applicable for the destination. Destination 2 is a duplication destination and uses server2 as the alternate read server. Destination 3 is a duplication destination and uses server3 as the alternate read server.
243
Destination 4 in the lifecycle policy is either a backup or a snapshot destination. __NA__ indicates that an alternate read server is not applicable for the destination.
244 Storage Lifecycle Policy destination configuration changes nbstl command changes
Chapter
11
NetBackup Administrators Guide for UNIX and Linux NetBackup Administrators Guide for Windows New in NetBackup 6.5.2 on page 245 Introduction on page 246 File system requirements on page 247 Installing AdvancedDisk on page 247 Configuring AdvancedDisk on page 249 Managing AdvancedDisk on page 258 Troubleshooting AdvancedDisk on page 270
Storage access by more than one media server. Previously, only one media server accessed the storage. Specification of preferred or required media servers for restore and duplication operations. For AdvancedDisk, this new capability replaces the FORCE_RESTORE_MEDIA_SERVER option. This capability provides the following benefits:
Offloads the workload of restores from the servers that perform the backups. Directs the duplication traffic to specific storage servers.
Introduction
The NetBackup AdvancedDisk storage option lets you use the disk storage that is attached to a NetBackup media server. (Attached means a file system mount on the storage.) NetBackup aggregates the disks into pools of storage you can use for backups. NetBackup manages the storage as logical entities (disk pools). Figure 11-1 shows media servers and network mounted disks. Figure 11-1 AdvancedDisk media servers and disks
Disk volumes
The option is easy to deploy and use. NetBackup discovers the storage and uses familiar NetBackup storage units and backup policies to use the storage. Allows multiple file systems to be used in a single storage unit. Storage unit capacity can be increased by adding disks. Only add what you need when you need it. After you add disks, update the NetBackup disk pools. Logical units of storage span physical boundaries, so you do not have to create new NetBackup storage units or change the backup policies. Reduces the amount of administrator attention. Policies distribute job load and manage capacity so that jobs do not fail when disk space is unavailable.
247
You must use manual mount points. Automatic mount and unmount can change mount points, which may cause disk resources to be unavailable. The NFS server that exports the mount points must be configured to allow root access to the file systems.
If you specify more than one storage server, the following must apply for the file systems of the disk volumes:
Each media server must mount the file systems of all the disk volumes within a disk pool. The mount points must be the same on each media server. NetBackup does not validate mount points, so you must ensure that the mount points are the same for each media server. You also must ensure that the mount points are valid.
Installing AdvancedDisk
No special installation is required for the NetBackup components of AdvancedDisk. However, You must activate the feature by entering the Flexible Disk Option license key on the NetBackup master server. To enable access by more than one media server, do the following:
Upgrade the NetBackup master server and the NetBackup EMM server to NetBackup 6.5.2. (Normally, the master server and the EMM server are on the same computer.) To enable NetBackup Administration Console support on media servers, upgrade the media servers that are used for AdvancedDisk operations to NetBackup 6.5.2. You do not have to upgrade the media servers. You can configure and manage multiple storage servers as follows:
Run the Administration Console and the Disk Pool configuration wizard on the master server. GUI support for multiple AdvancedDisk storage servers is included with the 6.5.2 software on the master server. Also, you can start the Administration Console on the master server and then change servers to a media server. Upgrade a media server if you want to start the Administration Console on that media server. You can use that instance of the Administration Console to configure and manage that media server. Use NetBackup commands to configure and manage multiple AdvancedDisk media servers. NetBackup 6.5 and later commands support multiple AdvancedDisk media servers.
Upgrade the NetBackup master server and the NetBackup EMM server to NetBackup 6.5.2. (Normally, the master server and the EMM server are on the same computer.) To enable command line support on media servers, upgrade the media servers that are used for AdvancedDisk operations to NetBackup 6.5.2. However, you do not have to upgrade the media servers. Instead, you can configure and manage the restore and duplication storage servers by invoking the commands on the master server.
In NetBackup 6.5.2, you must use NetBackup commands to configure and manage storage server attributes. You may have one license key that activates NetBackup and all of your add-on products. Alternatively, you may have a separate license key for NetBackup and for each add-on product such as AdvancedDisk. If you remove the Flexible Disk Option license key or if it expires, the following restrictions apply:
You cannot create the disk pools or the storage units that reference AdvancedDisk disk pools.
249
The NetBackup jobs that try to use the disk pools or the storage units that are based on disk pools fail. The error message indicates that the feature is not licensed.
NetBackup does not delete the disk pools or the storage units that reference the disk pools. You can use them again if you enter a valid license key.
Configuring AdvancedDisk
To configure AdvancedDisk, do the following in order:
Configuring AdvancedDisk storage servers on page 249 Configuring an AdvancedDisk disk pool on page 252 Creating a storage unit on page 254 Creating a backup policy on page 257 Restores on page 258
After you configure a storage unit, you can create the NetBackup policies that you use the storage unit as the destination for backups.
To obtain a consolidated list of disk volumes, NetBackup queries every storage server. For large sets of storage servers, queries may affect performance. Disk volume status is monitored on a single media server. Which server monitors the status can change. Therefore, a change in disk volume availability on one media server may not be reflected in the disk volume status NetBackup ports.
For restores and duplications, you can specify the following storage server attributes:
For AdvancedDisk, you can use these storage server attributes rather than the FORCE_RESTORE_MEDIA_SERVER option. For information about the FORCE_RESTORE_MEDIA_SERVER option, see the NetBackup Administrators Guide, Volume I. If you do not specify these attributes, NetBackup uses normal criteria to select a media server for restore or duplication. (That is, if you configure more than one storage server.) Storage servers are associated with a disk pool when you create a disk pool. To determine if a media server is configured as a storage server already
The following is the path to the command: UNIX and Linux: /usr/openv/netbackup/bin/admincmd Windows: install_path\Program Files\VERITAS\NetBackup\bin\admincmd The command lists all storage servers already configured. By default, NetBackup configures all media servers as BasicDisk storage servers. Therefore, all media servers in your environment appear as BasicDisk servers, as in the following example:
nbdevquery -liststs V6.5 tree.symantecs.org BasicDisk 5 V6.5 flower.symantecs.org BasicDisk 5 V6.5 water.symantecs.org BasicDisk 5
If the media server does not appear in the command output as an AdvancedDisk storage server, configure the media server as a storage server. To configure an AdvancedDisk storage server in NetBackup
Run the following command on the NetBackup master server or the media server:
nbdevconfig -creatests -storage_server storage_server -stype AdvancedDisk [-st storage_type] -media_server media_server [-setattribute attribute]
The following is the path to the command: UNIX and Linux: /usr/openv/netbackup/bin/admincmd Windows: install_path\Program Files\VERITAS\NetBackup\bin\admincmd
251
-storage_server storage_server is the name of the NetBackup media server that has a file system mount on the storage. -stype AdvancedDisk value specifies the storage server type. -st storage_type is a numeric value that specifies the server properties. For AdvancedDisk, the default is 5 (direct attached, formatted disk). Required only if you want to use a value other than the default. The value is obtained by adding together the numeric values of the following properties: 1 - formatted disk. The disk is formatted as part of the vendor-specific preparation; NetBackup does not format the disk. 2 - raw disk. The disk is not formatted; NetBackup formats the disk. 4 - direct attached. Direct attached means that the storage server and media server are the same NetBackup host. 8 - network attached. Network attached means that the storage server is physically distinct from the NetBackup media server. It does not imply LAN data movement; it precludes Fibre Channel as the transport for data movement. Whether the disk is formatted and how it is attached are mutually exclusive and complementary. -media_server media_server is the name of the NetBackup media server that performs the operation. Use the same name as the storage server name. -setattribute attribute is an attribute to apply to the storage server for the read side of restore or duplication operations. These attributes can help you manage the restore and duplication traffic. You can specify more than one -setattribute attribute pair on the command line. The following are the attributes:
PrefRestore. The storage server is preferred for the read side of restore operations. More than one storage server can have the PrefRestore attribute. Storage servers that are marked as PrefRestore are considered for use first. If none are available, any unmarked storage server is considered for use. Normal NetBackup load balancing occurs among all storage servers marked PrefRestore. ReqRestore. The storage server is required for the read side of restore operations. More than one storage server can have the ReqRestore attribute.
If a ReqRestore server is not available, NetBackup considers PrefRestore servers for use. If none are available, jobs queue until a ReqRestore or PrefRestore is available. If you configure ReqRestore servers but not PrefRestore servers, unmarked storage servers are never considered for restore jobs. Jobs queue until a ReqRestore storage server is available to execute the job. Normal NetBackup rules for job retry apply. Normal NetBackup load balancing occurs for all storage servers marked ReqRestore. Load balancing does not occur between the ReqRestore and PrefRestore storage servers.
ReqDuplicate. The storage server is required for the read side of duplication operations. More than one storage server can have the ReqDuplicate attribute. If any storage server is marked as ReqDuplicate, only storage servers that are marked as ReqDuplicate are considered for use. If a ReqDuplicate server is unavailable, jobs queue until a ReqDuplicate server is available to execute the job. Normal NetBackup rules for job retry apply. ReqDuplicate also applies to storage server allocation for synthetic backup operations.
Note: Only the media servers that are configured in the storage unit are considered for jobs. Therefore, if you select a subset of the disk pool storage servers in a storage unit, it may affect the servers that NetBackup can select. You can remove the attributes you place on a storage server. See Removing storage server attributes on page 265. Storage unit usage recommendations to manage traffic are available. See Managing backup, restore, and duplication traffic on page 256.
253
Figure 11-2 shows a disk pool configuration. Figure 11-2 AdvancedDisk disk pools
AdvDiskPool _Gold
vol1
Disk volumes AdvDiskPool _Silver
vol2 vol3
AdvDiskPool _Bronze
A disk pool is the storage destination of a NetBackup storage unit. NetBackup assumes exclusive ownership of the disk resources that comprise the disk pool. If you share those resources with other users, NetBackup cannot manage disk pool capacity or storage lifecycle policies correctly. When you create a disk pool, you specify the following:
The storage servers. When you specify the storage servers, you associate them with the disk pool. Only those storage servers can access the disk pool. The disk volumes to include in the pool. The disk pool properties. Properties include the name, the high water mark, the low water mark, and a comment that describes the disk pool. Symantec recommends that disk pool names be unique across your enterprise. See Disk pool properties on page 259.
When NetBackup sends backup data to a disk pool, NetBackup uses available capacity and predicted backup size to select the disk volumes. NetBackup tries to write backup data to a single volume. If necessary, backup images span disk volumes in a disk pool. Backup images do not span across multiple disk pools. You must first configure the media servers as storage servers. See Configuring AdvancedDisk storage servers on page 249. To create an AdvancedDisk disk pool 1 2 In the NetBackup Administration Console tree, select Media and Device Management. From the list of wizards in the Details pane, click Configure Disk Pool and follow the wizard instructions.
NetBackup does not filter out common file system mount points, such as / and /usr. Therefore, carefully choose the volumes to include in a disk pool. For help, see the wizard help.
Disk type
Select AdvancedDisk.
Disk pool
Select the disk pool that contains the storage for this storage unit. All disk pools of the specified Disk type appear in the Disk pool list. If no disk pools are configured, no disk pools appear in the list.
255
Media server
The Media server setting specifies the NetBackup media servers to use for the storage unit. Only the NetBackup media servers that are associated with the disk pool appear in the media server list. Specify the media server or servers as follows:
To allow any server in the media server list to access the storage server (default), select Use any available media server. To restrict the media servers that can function as data movers for this storage unit, select Only use the following media servers. Then, select the media servers to allow.
NetBackup selects the media server to use when the policy runs.
Warning: A Maximum concurrent jobs setting of 0 disables the storage unit. For information about how NetBackup balances storage unit and media server load, see Maximum concurrent jobs in:
NetBackup Administrators Guide for UNIX and Linux, Volume I NetBackup Administrators Guide for Windows, Volume I
One storage unit and one policy for backups. When you configure the storage unit, select only the storage servers that you want to use for backups. When you configure the policy, select the backup storage unit. One storage unit and one policy for restores. When you configure the storage unit, select only the storage servers that are marked as PrefRestore and ReqRestore. When you configure the policy, select the restore storage units. If you configure both preferred and required storage servers, NetBackup never selects an unmarked storage server for a restore job. One storage unit and one policy for duplications. In the duplications storage unit, select only the storage servers that are marked as ReqDuplicate. When you configure the policy, select the duplication storage unit.
You do not have to partition the storage; all storage units use the same pool of storage. For information about how NetBackup balances storage unit and media server load, see Maximum concurrent jobs in:
257
NetBackup Administrators Guide for UNIX and Linux, Volume I NetBackup Administrators Guide for Windows, Volume I
Define a storage unit (such as STU-CRITICAL). Select the disk pool. Select Only use the following media servers. Select one (or a subset) of the media servers. Create a backup policy for the critical clients and select the STU-CRITICAL storage unit. Define another storage unit (such as STU-NORMAL). Select the same disk pool. Select Only use the following media servers. Select a different subset of the media servers. Create a backup policy for the regular clients and select the STU-NORMAL storage unit.
If the media server cannot start or complete the job, NetBackup retries the job after the job retry period elapses. (Configure the job retry interval by using the master server Global Attributes Job retry delay host property.) If you select more than one media server in the storage unit Media server field, NetBackup may retry the job with a different media server.
Restores
Use normal NetBackup processes to restore data from backups. To perform the restore, NetBackup chooses one of the media servers that can move data to and from the disk pool.
Managing AdvancedDisk
This section contains the following topics:
Managing disk pools on page 258 Managing storage servers on page 264 Monitoring storage capacity and usage on page 268 Viewing disk reports on page 268 Viewing NetBackup logs on page 269
Changing disk pool properties on page 258 Adding volumes to an AdvancedDisk disk pool on page 260 Changing disk pool or volume state on page 261 Merging disk pools on page 262 Deleting a disk pool on page 262 Obtaining disk pool and volume status on page 263
259
To change disk pool properties 1 2 3 4 In the NetBackup Administration Console tree, select Media and Device Management > Devices > Disk Pools. Select the disk pool you want to change in the details pane. Click Edit > Change. In the Change Disk Pool dialog box, change properties.
The disk pool name. The storage server name. For AdvancedDisk, the storage server is the same as the NetBackup media server to which the storage is attached. The disk volumes that comprise the disk pool. The total amount of space available in the disk pool. The total raw, unformatted size of the storage in the disk pool. A comment that is associated with the disk pool. The high water mark for the disk pool. (The default is 98%.) The high water mark is a threshold that indicates the storage is full. It applies to both the individual disk volumes in the pool and the disk pool, as follows:
Individual volumes. When a disk volume reaches the high water mark, NetBackup writes the data to another disk volume in the pool. Disk pool. When all volumes are at the high water mark, the disk pool is full. When a disk pool approaches the high water mark, NetBackup reduces the number of jobs that are allowed to write to the pool. NetBackup does not assign new jobs to a storage unit in which the disk pool is full.
The low water mark for the disk pool. (The default is 80%.) When the capacity of the disk pool returns to the low water mark, NetBackup again assigns jobs to the storage unit. Capacity is regained as backup images expire. The low water mark setting cannot be greater than or equal to the high water mark setting.
The following is the path to the command: UNIX and Linux: /usr/openv/netbackup/bin/admincmd Windows: install_path\Program Files\VERITAS\NetBackup\bin\admincmd If backup jobs are assigned to a disk pool, the state change fails. Cancel the backup jobs or wait until the jobs complete. 3 Merge the disk pools. The following is the command syntax. The primary disk pool is the one you want to retain; nbdevconfig deletes the secondary disk pool after the merge.
nbdevconfig mergedps -stype AdvancedDisk -primarydp disk_pool_name -secondarydp disk_pool_name
Change the state of the primary disk pool to UP. The following is the command syntax:
nbdevconfig\nbdevconfig -changestate -stype AdvancedDisk -dp disk_pool_name -state UP
NetBackup image fragments cannot exist on the disk volume. NetBackup jobs cannot be active on the disk volume.
By default, NetBackup automatically decreases disk pool capacity if you remove a disk volume.
261
To remove a volume from a disk pool 1 2 3 Change the disk volume state to DOWN. See Changing disk pool or volume state on page 261. Change the disk pool state to DOWN. See Changing disk pool or volume state on page 261. Remove the volume by using the nbdevconfig command. The following is the command syntax:
nbdevconfig -deletedv -stype AdvancedDisk -dp disk_pool_name dv vol_name
Change the disk pool state to UP. See Changing disk pool or volume state on page 261.
To change the disk volume state 1 Determine the name of the disk volume. The following command lists all volumes in the specified disk pool:
nbdevquery -listdv -stype AdvancedDisk -dp disk_pool_name
The following is the path to the command: UNIX and Linux: /usr/openv/netbackup/bin/admincmd Windows: install_path\Program Files\VERITAS\NetBackup\bin\admincmd 2 Change the disk volume state; the following is the command syntax:
nbdevconfig -changestate -stype AdvancedDisk -dp disk_pool_name dv vol_name -state state
NetBackup jobs still read from and write to a disk pool that has a downed volume, but the downed volume is unavailable.
The volumes in the two disk pools must have unique names. If storage units reference the secondary disk pool, you must delete those storage units.
To merge disk pools 1 Change the state of each disk pool to DOWN; the following is the command syntax:
nbdevconfig -changestate -stype AdvancedDisk -dp disk_pool_name -state DOWN
The following is the path to the command: UNIX and Linux: /usr/openv/netbackup/bin/admincmd Windows: install_path\Program Files\VERITAS\NetBackup\bin\admincmd If backup jobs are assigned to a disk pool, the state change fails. Cancel the backup jobs or wait until the jobs complete. 2 Merge the disk pools. The following is the command syntax. The primary disk pool is the one you want to retain; nbdevconfig deletes the secondary disk pool after the merge.
nbdevconfig mergedps stype AdvancedDisk -primarydp disk_pool_name -secondarydp disk_pool_name
Change the state of the primary disk pool to UP. The following is the command syntax:
nbdevconfig -changestate -stype AdvancedDisk -dp disk_pool_name -state UP
263
Warning: Do not delete a disk pool that contains unexpired NetBackup images; if you do, data loss may occur. To delete a disk pool 1 2 3 4 In the NetBackup Administration Console tree, select Media and Device Management > Devices > Disk Pools. Select a disk pool Click Edit > Delete. In the Delete Disk Pool dialog box, verify that the disk pool is the one you want to delete and then click OK.
-l
-listdp
-listdv
Shows a summary of all disk volumes. To show the properties of a specific disk volume, also use the -dv disk_volume option.
-stype AdvancedDisk Use this option with the following two options:
With -listdp, shows all disk pools of the specified storage type. With -listdv, shows all disk pools of the specified storage type and their disk volumes.
Viewing storage servers on page 264 Viewing storage server attributes on page 265 Removing storage server attributes on page 265 Removing a storage server from disk pool access on page 266 Deleting a storage server on page 267 Obtaining storage server status on page 267
The following is the path to the command: UNIX and Linux: /usr/openv/netbackup/bin/admincmd Windows: install_path\Program Files\VERITAS\NetBackup\bin\admincmd The command lists all storage servers already configured. By default, NetBackup configures all media servers as BasicDisk storage servers. Therefore, all media servers in your environment appear as BasicDisk servers, as in the following example:
nbdevquery -liststs V6.5 tree.symantecs.org BasicDisk 5 V6.5 flower.symantecs.org BasicDisk 5 V6.5 water.symantecs.org BasicDisk 5
265
If the media server does not appear in the command output as an AdvancedDisk storage server, configure the media server as a storage server.
Run the following command on the NetBackup master server or a storage server:
nbdevquery -liststs -storage_server storage_server -stype AdvancedDisk U
The following is the path to the command: UNIX and Linux: /usr/openv/netbackup/bin/admincmd Windows: install_path\Program Files\VERITAS\NetBackup\bin\admincmd The following is an example:
% nbdevquery -liststs AdvancedDisk U Storage Server : Storage Server Type : Storage Type : State : Flag : Flag : Flag : -storage_server advdsk_server -stype advdsk_server.symantecs.com AdvancedDisk Formatted Disk, Direct Attached UP OpenStorage FT-Transfer PrefRestore
This example output is shortened; more flags may appear in actual output.
Run the following command on the NetBackup master server or the storage server:
nbdevconfig -changests -storage_server storage_server -stype AdvancedDisk -clearattribute attribute
The following is the path to the command: UNIX and Linux: /usr/openv/netbackup/bin/admincmd
Windows: install_path\Program Files\VERITAS\NetBackup\bin\admincmd The following are the options and arguments:
-storage_server storage_server is the name of the storage server. -stype AdvancedDisk specifies the storage server type. -clearattribute attribute is an attribute to remove from the storage server for restore or duplication operations. You can specify more than one -clearattribute attribute pair on the command line. The following are the attributes:
PrefRestore. The storage server is preferred for the read side of restore operations. ReqRestore. The storage server is required for the read side of restore operations. ReqDuplicate. The storage server is required for the read side of duplication operations.
267
The following is the path to the command: UNIX and Linux: /usr/openv/netbackup/bin/admincmd Windows: install_path\Program Files\VERITAS\NetBackup\bin\admincmd
With -liststs, shows all storage servers of the specified storage type. With -storage_server, shows all storage servers that are at the specified host.
To view and manage VxUL log files, you must use NetBackup log commands. For information about how to use and manage logs on NetBackup servers, see the NetBackup Troubleshooting Guide.
The NetBackup Disk Pool status report. The disk pools window. Display the window by selecting Media and Device Management > Devices > Disk Pools. The NetBackup License Keys dialog box. Open the dialog box by selecting Help > License Keys in the NetBackup Administration Console. Display the summary by clicking Summary of active capacity-based license features. The summary displays the storage capacity for which you are licensed and the capacity used. It does not display the amount of physical storage space.
The NetBackup Operations Manager also provides information about storage capacity and usage. For more information, see the NetBackup Operations Manager Guide.
269
Disk Logs
The Disk Logs report displays the media errors or the informational messages that are recorded in the NetBackup error catalog. The report is a subset of the Media Logs report; it shows only disk-specific columns. The Disk Storage Unit Status report displays the state of disk storage units in the current NetBackup configuration. For disk pool capacity, see Media and Device Management > Devices > Disk Pools. Multiple storage units can point to the same disk pool. When the report query is by storage unit, the report counts the capacity of disk pool storage multiple times.
The Disk Pool Status report displays the state of disk pool storage units. This report displays only when an Enterprise Disk Option license is installed.
Messages that begin with an sts_ prefix relate to the interaction with the storage vendor software plug-in. Most interaction occurs on the NetBackup media servers. Table 11-4 Activity
Backups and restores
bpbrm backup and restore manger bpdbm database manager bpdm disk manager bptm for I/O operations
117
111
178
The Disk Service Manager process that runs in the Enterprise Media Manager (EMM) process. The Storage Server Interface process that runs in the Remote Manager and Monitor Service. RMMS runs on media servers. If the Storage Server Interface logs indicate problems with the Veritas Frozen Image (VxFI) service, examine the VxFI log files for detailed trace information:
202
Device configuration
230
The Remote Disk Service Manager interface (RDSM) that runs in the Remote Manager and Monitor Service. RMMS runs on media servers.
To view and manage VxUL log files, you must use NetBackup log commands. For information about how to use and manage logs on NetBackup servers, see the NetBackup Troubleshooting Guide.
Troubleshooting AdvancedDisk
The following may help you troubleshoot AdvancedDisk:
271
Multiple storage servers on Windows on page 271 Volume state changes to DOWN when volume is unmounted on page 272 Disk failure on page 272 Restore or duplication operations on page 273
Invoke the following command on the master server or the media server that functions as the storage server:
nbdevquery -liststs -stype AdvancedDisk -U
The following is the path to the command: UNIX and Linux: /usr/openv/netbackup/bin/admincmd Windows: install_path\Program Files\VERITAS\NetBackup\bin\admincmd The following output shows an incorrect value for AdvancedDisk:
Storage Server : halo Storage Server Type : AdvancedDisk Storage Type : Formatted Disk, Network Attached
To resolve an incorrect storage type problem 1 2 3 4 5 Delete all disk pools that use the storage server. Delete the storage server. Reconfigure the storage server. Recreate the disk pools. If necessary, specify the new disk pools in the storage units. If you recreated the disk pools with the same names as the ones you deleted, this step is not necessary.
Invoke the following command on the master server or the media server that functions as the storage server:
nbdevquery -liststs -listdv -stype AdvancedDisk -U
The following is the path to the command: UNIX and Linux: /usr/openv/netbackup/bin/admincmd Windows: install_path\Program Files\VERITAS\NetBackup\bin\admincmd The following output shows that a volume named /mnt/nbu is DOWN:
Disk Pool Name Disk Type Disk Volume Name Status Flag : : : : : AdvDiskPool_Bronze AdvancedDisk /mnt/nbu DOWN AdminUp
Mount the file system After a brief period of time, the volume state changes to UP. No further action is required.
Disk failure
If recovery mechanisms do not protect a disk that fails, the backup images on that disk are lost. Operating system read and write errors may occur for the volume that represents the disk. NetBackup cannot use that volume because of the errors, and NetBackup jobs may fail. To prevent NetBackup from trying to read from or write to the disk, you must change the volume state to DOWN in NetBackup. If the volume represents other disks that still function, those disks are not available because the volume state is DOWN. You may be able to read from the volume by mounting it manually. If so, you may be able to recover image fragments from any disks that did not fail. If you replace a failed disk, you can use the same mount point for the replacement disk. Change the volume state to UP, and NetBackup uses that volume again. Any valid backup images on that volume are available for restores.
273
A restore operation uses a storage server that does not have a PrefRestore or ReqRestore attribute. Reasons may be as follows:
The destination disk pool does not include a storage server with a restore or duplication attribute. A preferred or required storage server cannot be used because it is unavailable (NetBackup considers it DOWN).
A restore or duplication operation is queued. The reason may be that a preferred or required storage server cannot be used because it is unavailable (NetBackup considers it DOWN).
Chapter
12
Overview on page 275 New in NetBackup 6.5.2 on page 276 NetBackup Release Notes on page 277 Installing SharedDisk on page 277 Preparing the SAN and the array on page 278 Configuring SharedDisk on page 282 Managing SharedDisk on page 306
Overview
NetBackup SharedDisk allows multiple NetBackup media servers to share disk array storage. NetBackup aggregates the disk into pools of storage you can use for backups. NetBackup manages the storage as a logical entity (a disk pool). NetBackup SharedDisk provides the following benefits:
Deploy and use easily. NetBackup discovers the storage and uses familiar NetBackup storage units and backup policies to use the storage. Increase storage unit capacity by adding disks. Only add what you need, when you need it, and then update the NetBackup disk pools. Logical units of storage span physical boundaries, so you do not have to create new NetBackup storage units or change the backup policies.
Balance load and performance. NetBackup balances backup jobs and storage usage among the media servers and disk pools. For each backup job, NetBackup chooses the least full disk volume and least used media server. nstJob failover. Media server failures do not prevent backup or restore operations. If a media server fails, backup and restore activity is routed through another media server. Data mover: An entity that moves data between the primary storage (the NetBackup client) and the storage server. In SharedDisk, NetBackup media servers function as data movers. Storage server: An entity that writes data to and reads data from disk storage. A storage server is the entity that has a mount on the file system on the storage. In SharedDisk, NetBackup media servers function as both storage servers and data movers. Disk volume: A logical unit of disk storage. Disk pool: A collection of disk volumes that are administered as an entity. Enclosure: A disk array. You can create a NetBackup disk pool from all of the storage in an enclosure or only some of the storage.
Specify preferred or required media servers for restore and duplication operations. This new capability replaces the FORCE_RESTORE_MEDIA_SERVER option. This capability provides the following benefits:
Offloads the workload of restores from the servers that perform the backups.
Directs the duplication traffic to specific storage servers. See Creating a storage server in NetBackup on page 289.
Use either LUN masking or SCSI persistent reserve for exclusive volume access on the storage arrays. See Configuring exclusive LUN access in NetBackup on page 284. Use either GUID Partition Table (GPT) or Master Boot Record (MBR) to format LUNs on Windows systems that support GPT. See Formatting the LUNs in a disk array on page 294.
277
Installing SharedDisk
No special installation is required for the SharedDisk storage option. However, you must activate the feature by entering the Flexible Disk Option license key on the NetBackup master server. To use preferred or required servers for restore or duplication, do the following:
Upgrade the NetBackup master server and the NetBackup EMM server to NetBackup 6.5.2. (Normally, the master server and the EMM server are on the same computer.) To enable command line support on media servers, upgrade the media servers that are used for SharedDisk operations to NetBackup 6.5.2. However, you do not have to upgrade the media servers. Instead, you can configure and manage the restore and duplication storage servers by invoking the commands on the master server.
In NetBackup 6.5.2, you must use NetBackup commands to configure and manage storage server attributes. You may have one license key that activates NetBackup and all of your add-on products. Alternatively, you may have a separate license key for NetBackup and for each add-on product such as SharedDisk. When you choose the systems to use for the NetBackup master and media servers, be aware of the following:
All NetBackup media servers that connect to the disk array must be the same system type (such as all Solaris). Do not include the master server or EMM server in the list of media servers that use the array. Data transfer consumes system resources and severely degrades EMM performance. (Normally, the EMM server runs on the master server, but it can run on any NetBackup media server.) You cannot create the disk pools or the storage units that use the disk pools. The NetBackup jobs that try to use the disk pools or the storage units that are based on the disk pools fail. The error message indicates that the feature is not licensed.
278 SharedDisk storage option updates Preparing the SAN and the array
NetBackup does not delete the disk pools or the storage units that are based on the disk pools. You can use them if you enter a valid license key.
Preparing the SAN on page 278 Installing array software on media servers on page 279 Configuring the disk array on page 280 Configuring device paths on page 282 Adding LUN entries to the sd.conf file on page 282
Install Fibre Channel HBAs on the NetBackup media servers. Zone the SAN.
Install the HBA in each media server that connects to the array. Install the HBA vendors Fibre Channel drivers for the HBA. Install the HBA vendors Fibre Channel utilities for the HBA if required.
If you use the NetBackup Fibre Transport option with SharedDisk storage, the Fibre Transport HBA requirements may affect your HBA configuration. See the NetBackup Shared Storage Guide.
SharedDisk storage option updates Preparing the SAN and the array
279
that traffic from using the bandwidth that may be required for other SAN activity. The following are the major steps to zone the SAN:
Connect one or more Fibre Channel HBA ports on each NetBackup media server to one or more Fibre Channel switch ports. Connect the disk array to a Fibre Channel switch port. Define the zones on the SAN so that the media server HBA ports and the disk array are in the same zone. The HBA ports on the media servers must be hard or soft zoned to the array. You should configure SAN zones before you bind HBA ports. It prevents possible corruption of data that may occur if multiple HBAs gain access to the same storage device. Bind the media server HBA ports to the disk array volumes or LUNs. Use persistent bindings when you bind the ports to the LUNs. When you bind the media server HBA ports to disk array volumes or LUNs, you must use persistent bindings. If you do not, NetBackup access to the array may fail, backups may not occur, and data may be lost. Exception: Persistent bindings are not required for Leadville drivers.
Configure the arrays Mask and unmask the LUNs when a media server accesses the storage.
All media servers that are connected to the array must be the same operating system type and use the same file system.
The Tech Note also contains information about how to create host entries and how to allocate LUNs for each supported disk array.
280 SharedDisk storage option updates Preparing the SAN and the array
The Tech Note lets us update disk array information when support for new disk arrays is added. It also lets us update supported array software versions if they change between NetBackup releases.
Add array host entries on page 280 Allocate LUNs for NetBackup on page 281 Unmask the LUNs on page 282
Use the vendor-specific tools to configure the array. Instructions for how to configure the array are beyond the scope of the NetBackup documentation. For guidance, see the following subsections.
The name of the host (that is, the name of the NetBackup media server host). The host name must be a valid IP host name. To be more specific, the name or friendly name of the host entry on the array must match the DNS name of the host. (A friendly name is a more human-readable name than a string used to identify a device or a host.) The World Wide Port Name (WWPN) of the HBA port on the media server. The WWPN identifies the port through which you want the media server to access the array. The type of host operating system (such as Solaris).
You must create an entry for each NetBackup media server that shares the array. If you cluster the NetBackup media servers, the host entries must be configured with the host names of the nodes (not the virtual names). NetBackup uses gethostname to identify the row in the array masking table to enable exclusive access to a LUN.
SharedDisk storage option updates Preparing the SAN and the array
281
LUN prefix:
nbusd_
Use a meaningful suffix to complete each LUN name. For example, use the name of the NetBackup disk pool and perhaps a number to make the name unique. Note: LUN names within an array must be unique; if they are not, you cannot create a NetBackup disk pool from the storage on the array. Symantec recommends that you use a unique name for each LUN that you allocate to NetBackup, even if the LUNs are on different arrays. If you merge disk pools later, each LUN name must be unique. Some arrays do not allow specific name prefixes. By default, NetBackup uses all of the LUNs for storage on those arrays. You can use only some of the LUNs for NetBackup storage. However, to format those LUNs and to create a disk pool from them is more difficult than for LUNs with the nbusd_ prefix.
Do not include small volumes and large volumes in the same disk pool. Do not include slow volumes and fast volumes in the same disk pool.
Configuring SharedDisk
The following are the tasks to configure NetBackup to use SharedDisk:
283
Configuring exclusive LUN access in NetBackup on page 284 Creating a storage server in NetBackup on page 289 Adding disk array logon credentials on page 292 Formatting the LUNs in a disk array on page 294 Configuring Storage Foundation dynamic multipathing on page 297 Creating a SharedDisk disk pool on page 297 Creating a storage unit on page 301 Creating a backup policy on page 306 Restores on page 306
If problems occur when you configure the SharedDisk storage option, see Troubleshooting SharedDisk on page 323.
285
commands to control the volume. Unlike LUN masking, the SAN topology does not change when a reservation is granted or released. SPR provides faster mount times than LUN masking. A consequence of SPR is longer start times for the NetBackup media servers. To use SPR, the devices must conform to the SCSI Primary Commands - 3 (SPC-3) standard. The SCSI persistent reserve method is not supported or not supported correctly by all device vendors. Incorrect support may mean no access protection. Therefore, you should thoroughly analyze your environment to ensure that all of your hardware supports SCSI persistent reserve correctly. To configure SCSI persistent reserve for SharedDisk 1 2 3 4 5 6 In the NetBackup Administration Console, expand NetBackup Management > Host Properties. Select Master Server in the tree pane. In the Details pane, double-click on the name of the master server. In the Master Server Properties dialog box, click SharedDisk in the tree pane. Select SCSI persistent reserve. Click OK.
If backup jobs are assigned to a disk pool, the state change fails. Cancel the backup jobs or wait until the jobs complete. 3 Enable SPR by running the following NetBackup command:
/usr/openv/netbackup/bin/admincmd/nbdevconfig -setSharedDiskSPR 1
For each SharedDisk disk pool, do the following one disk pool at a time:
Use the disk array software to unmask the disk pool LUNs so that all of the storage servers for the disk pool detect the LUNs. (NetBackup media servers function as storage servers.) For example, for a disk pool that contains three LUNs and has three storage servers, unmask each LUN on each storage server. Determine the unique enclosure identifier (UEID) for the array or arrays. The following is the command syntax; run the command on one of the storage servers:
/usr/openv/netbackup/bin/admincmd/nbshareddisk list
Write the unique device identifiers (UDIDs) of the disk pool LUNs to a text file. The following is the command syntax; run the command on the same storage server as the previous command:
/usr/openv/netbackup/bin/admincmd/nbshareddisk list ueid unique_enclosure_id > udid_filename
The command writes only the UDIDs of the LUNs that have the nbusd_ prefix. If the array does not let you specify the nbusd_ LUN prefix, all UDIDs on the array appear in the output file. If the disk pool contains LUNs from more than one array, repeat the command for each additional array. However, use the append operator (>>) rather than the redirection operator to append the output to the end of the file.
Edit the text file and delete the LUNs that are not in the disk pool. Verify that the storage server detects all of the LUNs. The following is the command syntax; run the command on the same storage server as the previous command:
/usr/openv/netbackup/bin/admincmd/nbshareddisk verify -udid_file udid_filename
Change the state of all disk pools to UP; the following is the command syntax to change a disk pool:
/usr/openv/netbackup/bin/admincmd/nbdevconfig -changestate -stype SharedDisk -dp disk_pool_name -state UP
287
If you formatted or plan to format the disk LUNs with the Veritas File System, run the following command on all of the SharedDisk storage servers:
/usr/sbin/vxdisk scandisks
If backup jobs are assigned to a disk pool, the state change fails. Cancel the backup jobs or wait until the jobs complete. 2 For each SharedDisk disk pool, do the following one disk pool at a time:
Determine the unique enclosure identifier (UEID) for the array or arrays. The following is the command syntax. Run the command on one of the storage servers for the disk pool. (NetBackup media servers function as storage servers.)
/usr/openv/netbackup/bin/admincmd/nbshareddisk list
Write the unique device identifiers (UDIDs) of the LUNs on an array to a text file. The following is the command syntax; run the command on the same storage server as the previous command:
/usr/openv/netbackup/bin/admincmd/nbshareddisk list ueid unique_enclosure_id > udid_filename
The command writes only the UDIDs of the LUNs that have the nbusd_ prefix. If the array does not let you specify the nbusd_ LUN prefix, all UDIDs on the array appear in the output file. To add UDIDs from more than one array to the output file, repeat the command for each additional array. However, use the append operator (>>) rather than the redirection operator to append the output to the end of the file.
Edit the text file and delete the LUNs that are not in the disk pool.
Reserve the LUNs. The following is the command syntax; run the command on the same storage server:
/usr/openv/netbackup/bin/admincmd/nbshareddisk reserve -preempt -udid_file udid_filename
Use the disk array software to mask the disk pool LUNs so that only the storage server that owns the reservation detects the LUNs. Release the reservation that the storage server has on the LUNs. The following is the command syntax; run the command on the same storage server:
/usr/openv/netbackup/bin/admincmd/nbshareddisk release -udid_file udid_filename
Use the disk array software to mask the disk pool LUNs so that none of the storage servers for the disk pool detects the LUNs. Repeat the preceding steps for each SharedDisk disk pool.
Change the state of all disk pools to UP; the following is the command syntax to change a disk pool:
/usr/openv/netbackup/bin/admincmd/nbdevconfig -changestate -stype SharedDisk -dp disk_pool_name -state UP
The setSharedDiskSPR option lets you configure SPR or LUN masking. Zero (0) enables LUN masking; 1 enables SPR.
The listglobals option outputs NetBackup Disk Service Manager global disk attributes. If SPR is enabled, the SCSI persistent reserve setting is as follows:
SCSI Persistent Reservation: 1
If LUN masking is enabled, the output shows zero (0) rather than 1.
289
The reserve option lets you place a SCSI persistent reservation on one or many LUNs on the media server from which it is invoked. The unique device identifier represents a LUN. Use the -udid_file option to reserve more than one LUN. If you also use the preempt option, NetBackup preempts other NetBackup reservations on the LUNs.
release -udid UDID##nn#nn##nn | -udid_file udid_filename
The release option lets you release a SCSI persistent reservation on one or many LUNs on the media server from which it is invoked. The unique device identifier identifies LUNs. Use the -udid_file option to release more than one LUN.
verify -udid UDID##nn#nn##nn | -udid_file udid_filename
The verify option lets you determine if NetBackup can access a LUN or LUNs from a specific host. The unique device identifier represents a LUN. Use this option to determine of connectivity problems or operating system problems exist.
For SharedDisk, you can use these storage server attributes rather than the FORCE_RESTORE_MEDIA_SERVER option. For information about the FORCE_RESTORE_MEDIA_SERVER option, see the NetBackup Administrators Guide, Volume I. If you do not specify these attributes, NetBackup uses normal criteria to select a media server for restore or duplication. (That is, if you configure more than one storage server.) Note: Before you configure a SharedDisk storage server in NetBackup, you must install the disk array vendors software on the media server. You also must add the disk array logon credentials Figure 12-1 SharedDisk storage servers
NetBackup media servers are both storage servers and data movers. Disk array CLIs are installed.
Disk array
The following is the path to the command: UNIX and Linux: /usr/openv/netbackup/bin/admincmd Windows: install_path\Program Files\VERITAS\NetBackup\bin\admincmd The command lists all storage servers already configured. By default, NetBackup configures all media servers as BasicDisk storage servers. Therefore, all media servers in your environment appear as BasicDisk servers, as in the following example:
nbdevquery -liststs V6.5 tree.symantecs.org BasicDisk 5 V6.5 flower.symantecs.org BasicDisk 5 V6.5 water.symantecs.org BasicDisk 5
If the media server does not appear in the command output as a SharedDisk storage server, configure the media server as a storage server.
291
Run the following nbdevconfig command on the master server or on one of the media servers:
nbdevconfig -creatests -storage_server storage_server -stype SharedDisk [-st storage_type] -media_server media_server [-setattribute attribute]
-storage_server storage_server is the name of a NetBackup media server that connects to the storage. The media server must have the array vendors command line interfaces installed. -stype SharedDisk specifies the storage server type. -st storage_type is a numeric value that specifies the server properties. For SharedDisk, the default is 6 (direct attached, raw disk). Required only if you want to use a value other than the default. The value is obtained by adding together the numeric values of the following properties. Whether the disk is formatted and how it is attached are mutually exclusive and complementary.
1 - formatted disk. The disk is formatted as part of the vendor-specific preparation; NetBackup does not format the disk. 2 - raw disk. The disk is not formatted; NetBackup formats the disk. 4 - direct attached. Direct attached means that the storage server and the media server are the same NetBackup host. 8 - network attached. Network attached means that the storage server is physically distinct from the NetBackup media server. It does not imply LAN data movement nor does it preclude Fibre Channel as the transport for data movement.
-media_server media_server specifies the NetBackup media server that performs the operation. Use the same name as the storage server name. -setattribute attribute is an attribute to apply to the storage server for the read side of restore or duplication operations. These attributes can help you manage the restore and duplication traffic. You can specify more than one -setattribute attribute pair on the command line. The following are the attributes:
PrefRestore. The storage server is preferred for the read side of restore operations. More than one storage server can have the PrefRestore attribute. Storage servers that are marked as PrefRestore are considered for use first. If none are available, any unmarked storage server is considered for use.
Normal NetBackup load balancing occurs among all storage servers marked PrefRestore.
ReqRestore. The storage server is required for the read side of restore operations. More than one storage server can have the ReqRestore attribute. If a ReqRestore server is not available, NetBackup considers PrefRestore servers for use. If none are available, jobs queue until a ReqRestore or PrefRestore is available. If you configure ReqRestore servers but not PrefRestore servers, unmarked storage servers are never considered for restore jobs. Jobs queue until a ReqRestore storage server is available to execute the job. Normal NetBackup rules for job retry apply. Normal NetBackup load balancing occurs for all storage servers marked ReqRestore. Load balancing does not occur between the ReqRestore and PrefRestore storage servers. ReqDuplicate. The storage server is required for the read side of duplication operations. More than one storage server can have the ReqDuplicate attribute. If any storage server is marked as ReqDuplicate, only storage servers that are marked as ReqDuplicate are considered for use. If a ReqDuplicate server is unavailable, jobs queue until a ReqDuplicate server is available to execute the job. Normal NetBackup rules for job retry apply. ReqDuplicate also applies to storage server allocation for synthetic backup operations.
Note: Only the media servers that are configured in the storage unit are considered for jobs. Therefore, if you select a subset of the disk pool storage servers in a storage unit, it may affect the servers that NetBackup can select. You can remove the attributes you place on a storage server. See Removing storage server attributes on page 319. Storage unit usage recommendations to manage traffic are available. See Managing backup, restore, and duplication traffic on page 304.
293
The disk array must be installed and prepared before you add array logon credentials. Note: For EMC CLARiiON, by default NetBackup creates global scope administrative user credentials. To create local scope credentials, you must use the Navisphere security file (created by using the EMC naviseccli command). If the security file exists, NetBackup uses it; the security file can contain a global or local administrative user. If you use the security file, you still must add logon credentials in NetBackup. NetBackup uses the disk array host name you add because the array host name is not stored in the security file. To add disk array logon credentials 1 2 3 4 In the NetBackup Administration Console, expand Media and Device Management > Credentials. Select Disk Array Hosts. Click Actions > New > Disk Array Host. Enter the host name in the dialog box.
In the Add Disk Array Host dialog box, add the credentials:
Username. Enter the user name that NetBackup uses to log into the array. Password. Enter the password that NetBackup uses to log into the array. Confirm password. To confirm the password, re-enter the password that NetBackup uses to log into the array. (Windows systems.) Port number. For the port number, select (or enter) the port number over which to communicate with the array. If no specific port is required, select or enter 0. (UNIX systems.) Connect using port number. To use a specific port number to connect, select this option, then enter the port number over which to communicate with the array. If no specific port is required, select or enter 0.
After you add credentials, stop and then start the NetBackup services on: the NetBackup master server and on each NetBackup media server that accesses the disk array. You can use the NetBackup Administration Console Activity Monitor to stop and start the services. Alternatively, you can use the following commands in sequence:
295
Note: NetBackup 6.5.1 and earlier cannot read or write disks that use GPT. Therefore, if you use both 6.5.1 and earlier and 6.5.2 and later for disk pool access, all disks must be formatted with MBR. MBR disks are limited to 2 TB maximum size. For the arrays that do not let you specify the nbusd_ LUN prefix for disk volumes, nbshareddisk discovers all of the LUNS on an array. To use only some of the LUNs on the array, format only those LUNs. To format LUNs on page 295 explains how to format all LUNs or only some of the LUNs. If you format only some of the LUNs, you must use the volumes method when you create a disk pool. With the volumes method, you select disk volumes rather than the entire array. For more information, Creating a SharedDisk disk pool on page 297. Caution: This procedure displays all LUNs on an array that are allocated to NetBackup, even LUNs already in use by NetBackup. Do not format LUNs that are already in use by NetBackup; if you do, data loss may occur. The nbshareddisk command resides in the following directory: UNIX: /usr/openv/netbackup/bin/admincmd Windows: install_path\Program Files\VERITAS\NetBackup\bin\admincmd To format LUNs Invoke the nbshareddisk command on one of the storage servers that is connected to the array. 1 Use the nbshareddisk command with the list option to determine the arrays for which NetBackup has logon credentials. The output includes the unique enclosure identifier (UEID), which identifies arrays. The UEID of the array is used in step 2.
nbshareddisk list Enclosure list: Vendor Array Name Enclosure ID ------------------------------------------------------------------NETAPP ndmpfiler1 UEID##NETAPP##LUN##0a505b7c HP HPEVA4000 UEID##HP##HSV##5000-1FE1-5007-0020 EMC 000182601092 UEID##EMC##SYMMETRIX##000182601092 EMC APM00044701641 UEID##EMC##CLARIION##APM00044701641
If the array does not appear in the list, see 6. Verify LAN connectivity to the disk array on page 327.
Use the nbshareddisk list command to write the unique device identifiers (UDIDs) of the LUNs to a text file. The following is the command syntax: The command writes only LUNs that have the nbusd_ prefix to the file. If the array does not let you specify the nbusd_ LUN prefix, all LUNs appear in the output file. The UDIDs are used when you format the LUNs in step 5. For example, the following command writes the UDID of the LUNs in the specified enclosure to file formatlist.txt:
To add UDIDs from more than one array to the output file, repeat step 2 for each additional array. However, use the append operator (>>) rather than the redirection operator to append the output to the end of the file. Examine the text file to verify that the LUNs in the file are the ones you want to format. If you do not see all of the UDIDs you expected to, ensure that the LUNs on the array use the nbusd_ prefix. For the arrays that do not allow the nbusd_ LUN prefix, delete the UDIDs that you do not want to format. Only delete lines from the file, do not add lines to the file. Caution: Do not format LUNs that are in use by NetBackup already; if you do, data loss may occur.
Use the nbshareddisk format command to format the LUNs on the array. The following is the command syntax:
nbshareddisk format udid_file filename
-gpt. Format the LUNs by using GPT on Windows systems that support GPT. -fstype native | vxfs. Format the LUNs with the file system native to the media server operating system or with the Veritas File System. The default is native. -noPrompt. Suppresses the format prompt. If you format more than one UDID, the nbshareddisk command prompts you to format each one. Because the format process may be time-consuming, you can use the -noPrompt option to suppress the prompt. Then, you do not have to monitor the formatting process. However, use the -noPrompt option with caution.
297
For example, the following command reads the UDIDs from the formatlist.txt file. It then formats the disk volumes with GPT.
nbshareddisk format -gpt udid_file formatlist.txt
If you formatted the LUNs with the Veritas File System, run the following command on all of the SharedDisk storage servers:
/usr/sbin/vxdisk scandisks
After you format the LUNs, you can create disk pools.
Obtain a list of the DMP node names for each enclosure on which you create disk pools by using the following command:
vxdmpadm getdmpnode enclosure=enclosure-name
For each DMP node, run the following Storage Foundation command:
blockdev --rereadpt /dev/vx/dmp/DMP_node_name
Note: You may receive errors similar to Device or resource busy. You can ignore such errors. 4 After you run the blockdev command for each node, run the following Storage Foundation command:
vxdisk scandisk
Figure 12-2
LUNs
Silver_SharedDisk_Pool
A disk pool is the storage destination of a NetBackup storage unit. Two methods exist to create SharedDisk disk pools:
The enclosure method creates one disk pool from all of the storage that is allocated to NetBackup on one array. This method is the easiest to accomplish. It also is easier to add volumes to the disk pool later. See Enclosure method of SharedDisk disk pool creation on page 299. The volumes method lets you create a disk pool by selecting specific disk volumes. The disk volumes can be in one enclosure or in multiple enclosures. However, to add volumes later is more difficult than for the disk pools created by the enclosure method. See Volumes method of SharedDisk disk pool creation on page 299. Note: If the array does net let you specify the nbusd_ LUN prefix for disk volumes, NetBackup discovers all of the storage on the array. To use only some of the storage on the array, you must use the volumes method to create a disk pool.
Which process you use affects how you add volumes to that disk pool in the future. Therefore, you should note which method you use for each disk pool you create. When you create a disk pool, you specify:
The NetBackup media servers that share the storage. The media servers must be configured as storage servers. They also function as data movers. The disk array that contains the storage (enclosure method) or the disk volumes on the array(s) to include in the disk pool (volumes method) The disk pool properties. Properties include the name, the high water mark, the low water mark, and a comment that describes the disk pool. See Disk pool properties on page 308.
299
Symantec recommends that disk volume names and disk pool names be unique across your enterprise. Before you create a SharedDisk disk pool, LUNs on the disk array must be allocated for use by NetBackup. The LUNs must be formatted. When NetBackup sends backup data to a disk pool, NetBackup selects the disk volumes that are based on available capacity and predicted size of the backup. NetBackup tries to write backup data to a single volume. If necessary, backup images span disk volumes in a disk pool. Backup images do not span across multiple disk pools.
More than one disk pool from an enclosure. A disk pool that spans enclosures.
Also, you can specify a name for the disk pool (unlike the enclosure disk pool creation method). However, disk pool expansion is more difficult than with the enclosure method. If you cannot use the nbusd_ prefix to name LUNs, the volumes method lets you specify only some of the storage on a disk array.
The nbdevconfig command resides in the following directory: UNIX: /usr/openv/netbackup/bin/admincmd Windows: install_path\Program Files\VERITAS\NetBackup\bin\admincmd To use the volumes method to create a disk pool 1 On a SharedDisk storage server, preview the volumes that the storage server detects and write the output to a file. The output file includes both formatted volumes and unformatted volumes for all arrays that connect to the storage server. The file is used as input when you create the disk pool. The following is the command syntax:
nbdevconfig previewdv storage_server storage_server stype SharedDisk -media_server media_server > filename
-storage_server storage_server specifies the storage server name. -stype SharedDisk specifies the storage server type.
-media_server media_server specifies the media server that performs the operation. Use the same name as the storage server. For example, the following command creates a file of volumes named Gold_Volumes.txt from the volumes that storage server A detects:
Edit the file of volume names; remove the volumes that you do not want in the disk pool. Ensure that the volumes you want to use are formatted. To create multiple disk pools, make a copy of the file for each disk pool you want to create. Name each file so that it identifies each disk pool. Edit the files so each one contains only those volumes you want in each disk pool. Use those files as the inputs in step 3. Create a disk pool from the volumes that are listed in the file. The following is the command syntax:
nbdevconfig createdp dp disk_pool_name storage_servers storage_server [storage_server ...] stype SharedDisk dvlist filename
-dp disk_pool_name specifies the disk pool. -storage_servers storage_server specifies the storage servers. Specify all of the servers that share the disk pool. -stype SharedDisk specifies the storage server type.
-dvlist filename specifies the file of volume names. For example, the following command creates a Gold_SharedDisk_Pool disk pool. Servers A, B, and C are the storage servers for the disk pool. The file that contains the list of disk volumes is Gold_Volumes.txt.
301
-comment, a comment that describes the disk pool. -hwm, the high water mark (the default is 98%) -lwm, the low water mark (the default is 80%) -M, the master server (the default is the current master server) -media_server server_name, the storage server that performs the operation
To create multiple disk pools, repeat step 3 for each disk pool you want to create. Each disk pool must have a separate input file. The disk pool volumes must be unique; that is, a volume cannot appear in more than one input file.
The following are the configuration options for a disk pool storage unit.
Disk type
Select SharedDisk.
Disk pool
Select the disk pool that contains the storage for this storage unit. All disk pools of the specified Disk type appear in the Disk pool list. If no disk pools are configured, no disk pools appear in the list. To specify or change the properties of the disk pool, click Properties and then do the following:
Select or enter the high water mark for the disk pool. (The default is 98%.) The high water mark is a threshold that indicates the storage is full. It applies to both the individual disk volumes in the pool and the disk pool, as follows:
Individual volumes. When a disk volume reaches the high water mark, NetBackup writes the data to another disk volume in the pool. Disk pool. When all volumes are at the high water mark, the disk pool is full. When a disk pool approaches the high water mark, NetBackup reduces the number of jobs that are allowed to write to the pool. NetBackup does not assign new jobs to a storage unit in which the disk pool is full.
Select or enter the low water mark for the disk pool. (The default is 80%.) When the capacity of the disk pool returns to the low water mark, NetBackup again assigns jobs to the storage unit. Capacity is regained as backup images expire. The low water mark setting cannot be greater than or equal to the high water mark setting. Enter a comment that is associated with the disk pool.
Media server
The Media server setting specifies the NetBackup media servers that can move data to and from the disk pool for this storage unit. Only the media servers that are configured as storage servers appear in the media servers list. The NetBackup media servers on which the disk array vendors software are installed function as both storage servers and data movers. If a server does not appear in the list, verify that the logon credentials are created. Specify the media server or servers as follows:
303
To allow any server in the media server list to access the disk storage (default), select Use any available media server. To restrict the media servers that can access the disk storage, select Only use the following media servers. Then, select the media servers to allow. The selection list includes only the media servers that are configured as storage servers for the disk pool.
NetBackup selects the media server to use when the policy runs.
NetBackup Administrators Guide for UNIX and Linux, Volume I NetBackup Administrators Guide for Windows, Volume I
case, fragments before and including the last checkpoint are retained; the fragments after the last checkpoint are discarded.)
One storage unit and one policy for backups. When you configure the storage unit, select only the storage servers that you want to use for backups. When you configure the policy, select the backup storage unit. One storage unit and one policy for restores. When you configure the storage unit, select only the storage servers that are marked as PrefRestore and ReqRestore. When you configure the policy, select the restore storage units. If you configure both preferred and required storage servers, NetBackup never selects an unmarked storage server for a restore job. One storage unit and one policy for duplications. In the duplications storage unit, select only the storage servers that are marked as ReqDuplicate. When you configure the policy, select the duplication storage unit.
You do not have to partition the storage; all storage units use the same pool of storage. For information about how NetBackup balances storage unit and media server load, see Maximum concurrent jobs in:
NetBackup Administrators Guide for UNIX and Linux, Volume I NetBackup Administrators Guide for Windows, Volume I
305
Define a storage unit (such as STU-FT). Select the disk pool. Select Only use the following media servers. Select the FT media servers that connect to the SAN clients. Create a backup policy for the SAN clients and select the STU-FT storage unit. Define another storage unit (such as STU-LAN). Select the same disk pool. Select Only use the following media servers. Select the media servers with LAN connectivity to the regular clients. Create a backup policy for the regular clients and select the STU-LAN storage unit.
This scenario assumes that the SAN clients are a small subset of your client base. It also assumes that the media servers with LAN connectivity to the regular clients also have SAN connectivity to the storage.
Define a storage unit (such as STU-CRITICAL). Select the disk pool. Select Only use the following media servers. Select one (or a subset) of the media servers. Create a backup policy for the critical clients and select the STU-CRITICAL storage unit. Define another storage unit (such as STU-NORMAL). Select the same disk pool. Select Only use the following media servers. Select a different subset of the media servers. Create a backup policy for the regular clients and select the STU-NORMAL storage unit.
setting than the other. More client backups occur for the storage unit with the higher concurrent job setting.
Restores
Use normal NetBackup processes to restore data from backups. To perform the restore, NetBackup chooses one of the media servers that can move data to and from the disk pool.
Managing SharedDisk
The following are tasks to manage the SharedDisk storage option:
Managing disk pools on page 307 Managing disk array logon credentials on page 315 Managing storage servers on page 316 Monitoring storage capacity and usage on page 321 Viewing disk reports on page 321 Viewing NetBackup logs on page 322 Troubleshooting SharedDisk on page 323
307
Changing disk pool properties on page 307 Adding volumes to a SharedDisk disk pool on page 309 Changing disk pool or volume state on page 312 Merging disk pools on page 313 Deleting a disk pool on page 314 Obtaining disk pool and volume status on page 315
The disk pool name. The media servers that connect to the disk array. All media servers must be the same system type (such as all Solaris). The total amount of space available in the disk pool. The total raw, unformatted size of the storage in the disk pool. The number of volumes in the disk pool. A comment that is associated with the disk pool. The high water mark for the disk pool. (The default is 98%.) The high water mark is a threshold that indicates the storage is full. It applies to both the individual disk volumes in the pool and the disk pool, as follows:
309
Individual volumes. When a disk volume reaches the high water mark, NetBackup writes the data to another disk volume in the pool. Disk pool. When all volumes are at the high water mark, the disk pool is full. When a disk pool approaches the high water mark, NetBackup reduces the number of jobs that are allowed to write to the pool. NetBackup does not assign new jobs to a storage unit in which the disk pool is full.
The low water mark for the disk pool. (The default is 80%.) When the capacity of the disk pool returns to the low water mark, NetBackup again assigns jobs to the storage unit. Capacity is regained as backup images expire. The low water mark setting cannot be greater than or equal to the high water mark setting.
If you used the enclosure method to create the disk pool, see Adding volumes to a SharedDisk disk pool: enclosure method on page 309. If you used the volumes method to create the disk pool, see Adding volumes to a SharedDisk disk pool: volumes method on page 311.
Note: The volumes must be allocated for NetBackup and they must be formatted. NetBackup does not allow volumes to be formatted after you add them to a disk pool. Also, NetBackup does not let you delete volumes after you add them to a disk pool. Therefore, if the volumes were not formatted, you cannot use them and cannot delete them from the disk pool. You must then delete the entire disk pool.
Queries the disk array for volume information. Displays the LUNs with the nbusd_ prefix in the Inventory Disk Pool dialog box. If the array does not allow specific LUN prefixes, the inventory discovers all LUNS on the array.
You can update the configuration (that is, import the new disk volumes). Alternatively, you can decline the update if it does not correctly show the actual configuration. To add SharedDisk volumes by using Inventory Disk Pool 1 2 In the NetBackup Administration Console tree, select Media and Device Management > Devices > Disk Pools. Click Actions > inventory Disk Pool.
In the Inventory Disk Pool dialog box, select the disk pool and then click Start Inventory. The default selection is the disk pool that was selected in the Administration Console.
311
To update the disk pool configuration with the new information, click Update Configuration. Update Configuration is enabled only after the inventory has completed. If the results do not correctly show the actual configuration, do not update the configuration. Do the following:
Verify that the new LUNs use the nbusd_ prefix. Verify that the new LUNs are the size allocated by the storage administrator. Use the nbshareddisk command to determine on which array the new LUNs reside.
Both disk pools must use the same set of NetBackup media servers to share the storage. The volumes in the temporary disk pool must have different names than the volumes in the original disk pool. All of the disk volumes must have the same file system. The new disk volumes must be formatted.
The nbdevconfig command resides in the following directory: UNIX: /usr/openv/netbackup/bin/admincmd Windows: install_path\Program Files\VERITAS\NetBackup\bin\admincmd To add SharedDisk volumes by using nbdevconfig 1 On a SharedDisk storage server, preview the volumes in an array and write the output to a file. The output file includes both formatted volumes and unformatted volumes. The file is used as input when you create the disk pool. The following is the command syntax:
nbdevconfig previewdv storage_server storage_server stype SharedDisk -media_server media_server > filename
-storage_server storage_server specifies the storage server. -stype SharedDisk specifies the storage server type. -media_server media_server specifies the media server that performs the operation. Use the same name as the storage server.
2 3
Edit the file that was created in the previous step and remove all but the new volumes. The file is used as the input when you create the disk pool. Create a disk pool from the volumes that are listed in the file. The following is the command syntax:
nbdevconfig createdp dp disk_pool_name storage_servers storage_server [storage_server ...] stype SharedDisk dvlist filename
-dp disk_pool_name specifies the disk pool. -storage_servers storage_server specifies the storage servers. Specify all of the servers that share the disk pool. -stype SharedDisk specifies the storage server type. -dvlist filename specifies the file of volume names.
Change the state of each disk pool to DOWN; the following is the command syntax:
nbdevconfig -changestate -stype SharedDisk -dp disk_pool_name -state DOWN
If backup jobs are assigned to a disk pool, the state change fails. Cancel the backup jobs or wait until the jobs complete. 5 Merge the disk pools. The following is the command syntax. The primary disk pool is the one you want to retain; nbdevconfig deletes the secondary disk pool after the merge.
nbdevconfig mergedps stype SharedDisk -primarydp disk_pool_name -secondarydp disk_pool_name
Change the state of the primary disk pool to UP. The following is the command syntax:
nbdevconfig -changestate -stype SharedDisk -dp disk_pool_name -state UP
313
To change the disk pool state by using the Device Monitor 1 2 3 4 In the NetBackup Administration Console, select Media and Device Management > Device Monitor. Select the Disk Pools tab. Select the disk pool. Select either Actions > Up or Actions > Down.
The nbdevconfig command resides in the following directory: UNIX: /usr/openv/netbackup/bin/admincmd Windows: install_path\Program Files\VERITAS\NetBackup\bin\admincmd To change the disk pool state by using the nbdevconfig command
state is either UP or DOWN. To change the disk volume state 1 Determine the name of the disk volume. The following command lists all volumes in the specified disk pool:
nbdevquery -listdv -stype SharedDisk -dp disk_pool_name
Change the disk volume state; the following is the command syntax:
nbdevconfig -changestate -stype SharedDisk -dp disk_pool_name dv vol_name -state state
state is UP or DOWN. NetBackup jobs still read from and write to a disk pool that has a downed volume, but the downed volume is unavailable.
The volumes in the two disk pools must have unique names.
Both disk pools must use the same set of NetBackup media servers to share the storage. If storage units reference the secondary disk pool, you must delete those storage units.
The nbdevconfig command resides in the following directory: UNIX: /usr/openv/netbackup/bin/admincmd Windows: install_path\Program Files\VERITAS\NetBackup\bin\admincmd To merge disk pools 1 Change the state of each disk pool to DOWN; the following is the command syntax:
nbdevconfig -changestate -stype SharedDisk -dp disk_pool_name -state DOWN
If backup jobs are assigned to a disk pool, the state change fails. Cancel the backup jobs or wait until the jobs complete. 2 Merge the disk pools. The following is the command syntax. The primary disk pool is the one you want to retain; nbdevconfig deletes the secondary disk pool after the merge.
nbdevconfig mergedps stype SharedDisk -primarydp disk_pool_name -secondarydp disk_pool_name
Change the state of the primary disk pool to UP. The following is the command syntax:
nbdevconfig -changestate -stype SharedDisk -dp disk_pool_name -state UP
315
In the Delete Disk Pool dialog box, verify that the disk pool is the one you want to delete and then click OK.
-l
-listdp
-listdv
Shows a summary of all disk volumes. To show the properties of a specific disk volume, also use the -dv disk_volume option.
-stype SharedDisk
With -listdp, shows all disk pools of the specified storage type. With -listdv, shows all disk pools of the specified storage type and their disk volumes.
-U -D
Produces an output format that is more human-readable. Produces an output format that provides more information than the -U option but is not formatted as much as the -U option.
To add array logon credentials 1 2 3 4 5 In the NetBackup Administration Console, expand Media and Device Management > Credentials. Select Disk Array Hosts. Click Actions > New > Disk Array Host. Enter the host name in the dialog box. In the New Disk Array Host dialog box, enter the credentials.
To change array logon credentials 1 2 3 4 In the NetBackup Administration Console, expand Media and Device Management > Credentials > Disk Array Host. Select a disk array host. Click Edit > Change. In the Change Disk Array Host dialog box, change the credentials.
To delete array logon credentials 1 2 3 In the NetBackup Administration Console, expand Media and Device Management > Credentials > Disk Array Host. Select a disk array host. Click Edit > Delete. The disk array host is deleted; no confirmation dialog appears.
Viewing storage servers on page 317 Viewing storage server attributes on page 318 Obtaining storage server status on page 317 Adding a SharedDisk storage server on page 318 Removing storage server attributes on page 319 Removing a storage server from disk pool access on page 320 Deleting a storage server on page 320
317
To list only SharedDisk storage servers, use the -stype SharedDisk option and argument. The -U option provides more detailed information. The following is the path to the command: UNIX and Linux: /usr/openv/netbackup/bin/admincmd Windows: install_path\Program Files\VERITAS\NetBackup\bin\admincmd The command lists all storage servers already configured. By default, NetBackup configures all media servers as BasicDisk storage servers. Therefore, all media servers in your environment appear as BasicDisk servers, as in the following example:
nbdevquery -liststs V6.5 tree.symantecs.org BasicDisk 5 V6.5 flower.symantecs.org BasicDisk 5 V6.5 water.symantecs.org BasicDisk 5
If the media server does not appear in the command output as a SharedDisk storage server, configure the media server as a storage server.
With -liststs, shows all storage servers of the specified storage type. With -storage_server, shows all storage servers that are at the specified host.
For more information about the nbdevquery command, see the NetBackup Commands for UNIX and Linux or NetBackup Commands for Windows manual.
Run the following command on the NetBackup master server or a storage server:
nbdevquery -liststs -storage_server storage_server -stype SharedDisk U
The following is the path to the command: UNIX and Linux: /usr/openv/netbackup/bin/admincmd Windows: install_path\Program Files\VERITAS\NetBackup\bin\admincmd The following is an example:
% nbdevquery -liststs AdvancedDisk U Storage Server : Storage Server Type : Storage Type : State : Flag : Flag : Flag : -storage_server advdsk_server -stype shareddisk_server.symantecs.com SharedDisk Formatted Disk, Direct Attached UP OpenStorage FT-Transfer PrefRestore
This example output is shortened; more flags may appear in actual output.
2 3
319
For procedures, see Add array host entries on page 280. 5 If no other storage servers were configured, you must change the state of all disk pools on the storage to UP. The following is the command syntax:
nbdevconfig -changestate -stype SharedDisk -dp disk_pool_name -state UP
Verify that the new media server appears in every storage unit that points to a disk pool on that disk array. The storage unit dialog box includes a media servers list. For every SharedDisk storage unit that specifies Use one of the following media servers, update the storage unit so it uses the correct media servers. This step is not required if the storage unit is configured to use any available media server.
Run the following command on the NetBackup master server or the storage server:
nbdevconfig -changests -storage_server storage_server -stype SharedDisk -clearattribute attribute
The following is the path to the command: UNIX and Linux: /usr/openv/netbackup/bin/admincmd Windows: install_path\Program Files\VERITAS\NetBackup\bin\admincmd The following are the options and arguments:
-storage_server storage_server is the name of the storage server. -stype SharedDisk specifies the storage server type. -clearattribute attribute is an attribute to remove from the storage server for restore or duplication operations. You can specify more than one -clearattribute attribute pair on the command line. The following are the attributes:
PrefRestore. The storage server is preferred for the read side of restore operations. ReqRestore. The storage server is required for the read side of restore operations.
ReqDuplicate. The storage server is required for the read side of duplication operations.
321
The NetBackup Disk Pool status report. For more information, see Viewing disk reports on page 321. Media and Device Management > Devices > Disk Pools. The NetBackup License Keys dialog box. Open the dialog box by selecting Help > License Keys in the NetBackup Administration Console. Display the summary by clicking Summary of active capacity-based license features. The summary displays the storage capacity for which you are licensed and the capacity used. It does not display the amount of physical storage space.
The NetBackup Operations Manager also provides information about storage capacity and usage. For more information, see the NetBackup Operations Manager Guide.
Disk Logs
The Disk Logs report displays the media errors or the informational messages that are recorded in the NetBackup error catalog. The report is a subset of the Media Logs report; it shows only disk-specific columns. The Disk Storage Unit Status report displays the state of disk storage units in the current NetBackup configuration. For disk pool capacity, see Media and Device Management > Devices > Disk Pools. Multiple storage units can point to the same disk pool. When the report query is by storage unit, the report counts the capacity of disk pool storage multiple times.
The Disk Pool Status report displays the state of disk pool storage units. This report displays only when an Enterprise Disk Option license is installed.
323
Messages that begin with an sts_ prefix relate to the interaction with the storage vendor software plug-in. Most interaction occurs on the NetBackup media servers. Table 12-4 Activity
Backups and restores
bpbrm backup and restore manger bpdbm database manager bpdm disk manager bptm for I/O operations
117
111
178
The Disk Service Manager process that runs in the Enterprise Media Manager (EMM) process. The Storage Server Interface process that runs in the Remote Manager and Monitor Service. RMMS runs on media servers. If the Storage Server Interface logs indicate problems with the Veritas Frozen Image (VxFI) service, examine the VxFI log files for detailed trace information:
202
Device configuration
230
The Remote Disk Service Manager interface (RDSM) that runs in the Remote Manager and Monitor Service. RMMS runs on media servers.
To view and manage VxUL log files, you must use NetBackup log commands. For information about how to use and manage logs on NetBackup servers, see the NetBackup Troubleshooting Guide.
Troubleshooting SharedDisk
To help with troubleshooting, see the following:
Determining masked LUNs on page 332 Checking out a SharedDisk disk volume on page 333 Disk failure on page 334 Restore or duplication operations on page 334
The NetBackup servers are at the correct release levels The license key is installed on the NetBackup master server.
325
software must be installed on each NetBackup media server that accesses the storage. If you have configuration or storage access problems, verify that the disk array vendors command line interfaces are installed. For more information, see Installing array software on media servers on page 279. Also, verify that a supported version of the disk array vendors command line interface is installed on each media server. To determine supported versions, check the NetBackup hardware compatibility list (HCL). You can find the HCL at the NetBackup support site:
http://entsupport.symantec.com
Each media server should appear in the output. The following is example output:
The following hosts were found: master masterserver.symantecs.org server masterserver.symantecs.org disk_array oven3a disk_array orach disk_array cx5002 media mediaserver.symantecs.org Command completed successfully.
The command output shows which servers are registered with the NetBackup EMM server. The master server and the EMM server are installed on the same host, so the server appears twice. If a media server does not appear, add it by using the nbemmcmd command. The following is the syntax:
nbemmcmd -addhost -machinename hostname -machinetype media
Other options let you specify more detailed information. The nbemmcmd command resides in the following directories:
For command usage, see NetBackup Commands for UNIX and Linux or NetBackup Commands for Windows.
tpconfig ddiskarrays
If a disk array host does not appear, add the credentials. For procedures, see Managing disk array logon credentials on page 315. (Alternatively, you can use the tpconfig command.) Note: This command verifies only that credentials are configured; it does not verify that the credentials are correct. The tpconfig command resides in the following directories:
For command usage, see NetBackup Commands for UNIX and Linux or NetBackup Commands for Windows.
UNIX:
/usr/openv/netbackup/bin/bp.kill_all /usr/openv/netbackup/bin/bp.start_all
Windows:
install_path\VERITAS\Netbackup\bin\bpdown.exe install_path\VERITAS\Netbackup\bin\bpup.exe
327
Verify that each disk array (enclosure) appears in the command output. If all of the disk arrays appear in the output, LAN connectivity to the disk arrays exists. The following is example output:
Enclosure list: Vendor Array Name Enclosure ID ------------------------------------------------------------------------NETAPP oven3a UEID##NETAPP##LUN##1042386 HP HPEVA4000 UEID##HP##HSV##5000-1FE1-5007-0020 HP VRTS.EVA UEID##HP##HSV##5000-1FE1-5004-5660 EMC 000187910258 UEID##EMC##SYMMETRIX##000187910258 EMC APM00044701641-cx500 UEID##EMC##CLARIION##APM00044701641
Verify that the disk array logon credentials exist. For procedures, see 4. Verify that the disk array credentials are configured on page 325. Verify that the disk array vendors command line interfaces are installed on each media server. (Not required for NetApp.) Also, verify that the supported versions of the disk array vendors command line interfaces are installed on each media server. For more information, see 2. Verify the array vendor software installation on page 324. Examine nbshareddisk command logs for messages about failures. The following are the log file pathnames: Windows: install_path\VERITAS\NetBackup\logs\admin UNIX: /usr/openv/netbackup/logs/admin To obtain useful information, you may have to increase the NetBackup logging levels. UNIX: /usr/openv/netbackup/bin/admincmd Windows: install_path\VERITAS\Netbackup\bin\admincmd
For command usage, see NetBackup Commands for UNIX and Linux or NetBackup Commands for Windows.
7. Verify that the array host list includes the NetBackup servers
To verify that the disk array host list includes each NetBackup server that accesses the array, use the following command:
nbshareddisk list -hosts
Each NetBackup media server that accesses the array must in the host list. Host names must be valid IP host names. For all array vendors, the host entries must match the DNS hostname of the media server. The host list also is known as a WWN map. The following is example output:
Enclosure ID Host Name HBA WWPN ----------------------------------------------------------------1042386 MediaServerA 10000000c943c971 1042386 MediaServerB 10000000c9439ef7 5000-1FE1-5007-0020 MediaServerA 10000000c943c971 5000-1FE1-5007-0020 MediaServerB 10000000c9439ef7 000187910258 MediaServerA 10000000c943c971 000187910258 MediaServerB 10000000c9439ef7 APM00044701641 MediaServerA 10000000C943C971 APM00044701641 MediaServerB 10000000C9439EF7
Depending on how your environment is configured, additional hostnames may be in the list also. If a media server is not in the list, do the following:
Verify that the SAN zone includes the HBA and array port WWPNs. The array ports must be hard or soft zoned to the NetBackup media server and NetBackup client HBA ports. For more information, see Zoning the SAN on page 278. Add the host entries. For more information, see Add array host entries on page 280. Examine the array disk plug-in logs for messages about failures. The following are the log file pathnames: Windows: install_path\VERITAS\NetBackup\logs\adsts.log UNIX: /usr/openv/netbackup/logs/adsts.log To obtain useful information, you may have to increase the NetBackup logging levels. UNIX: /usr/openv/netbackup/bin/admincmd Windows: install_path\VERITAS\Netbackup\bin\admincmd
For command usage, see NetBackup Commands for UNIX and Linux or NetBackup Commands for Windows.
329
If the array does not support LUN prefix names, all LUNs on the array should appear in the command output. If the correct UDIDs do not appear in the output, verify the array configuration as follows:
Verify that the LUNs were allocated to NetBackup by using the nbusd_ prefix. For more information, see Allocate LUNs for NetBackup on page 281. Examine the array disk plug-in logs for messages about failures. The following are the log file pathnames: Windows: install_path\VERITAS\NetBackup\logs\adsts.log UNIX: /usr/openv/netbackup/logs/adsts.log To obtain useful information, you may have to increase the NetBackup logging levels. UNIX: /usr/openv/netbackup/bin/admincmd Windows: install_path\VERITAS\Netbackup\bin\admincmd
For command usage, see NetBackup Commands for UNIX and Linux or NetBackup Commands for Windows.
If you can format a LUN and mount and unmount a LUN, SAN connectivity to the disk array is verified. I/O operation also is verified.
Format a LUN If possible, format a small LUN on the array. The format operation can be a time-consuming process. Caution: If you format a LUN on which data exists, the format operation erases that data. For example, the following command formats two LUNs. The LUNs are listed in the arrayudidlist.txt file:
nbshareddisk format -udid_file arrayudidlist.txt Preparing to process LUNs/UDIDs: UDID##DGC##CLARIION##APM00044701641##60:06:01:60:2C:96:12:00:E2:CD: C0:49:7D:4E:DB:11 UDID##DGC##CLARIION##APM00044701641##60:06:01:60:2C:96:12:00:E0:CD: C0:49:7D:4E:DB:11 Imported resource [UDID##DGC##CLARIION##APM00044701641##60:06:01:60:2C:96:12:00:E2:CD :C0:49:7D:4E:DB:11] at local device path [/dev/rdsk/c3t4d0]. Device [/dev/rdsk/c3t4d0] formatted successfully with file-system type [ufs] and VM type []. Unmounted formatted resource [/dev/dsk/c3t4d0s2], [UDID##DGC##CLARIION##APM00044701641##60:06:01:60:2C:96:12:00:E2:CD :C0:49:7D:4E:DB:11]. Deported resource [UDID##DGC##CLARIION##APM00044701641##60:06:01:60:2C:96:12:00:E2:CD :C0:49:7D:4E:DB:11]. Imported resource [UDID##DGC##CLARIION##APM00044701641##60:06:01:60:2C:96:12:00:E0:CD :C0:49:7D:4E:DB:11] at local device path [/dev/rdsk/c3t4d0]. Device [/dev/rdsk/c3t4d0] formatted successfully with file-system type [ufs] and VM type []. Unmounted formatted resource [/dev/dsk/c3t4d0s2], [UDID##DGC##CLARIION##APM00044701641##60:06:01:60:2C:96:12:00:E0:CD :C0:49:7D:4E:DB:11]. Deported resource [UDID##DGC##CLARIION##APM00044701641##60:06:01:60:2C:96:12:00:E0:CD :C0:49:7D:4E:DB:11].
(Solaris only.) Verify that the appropriate LUN entries were added to the sd.conf file. The LUN entries allow NetBackup to import LUNs to the host. For more information, see Adding LUN entries to the sd.conf file on page 282. Examine the array disk plug-in logs for messages about failures. The following are the log file pathnames:
331
Windows: install_path\VERITAS\NetBackup\logs\adsts.log UNIX: /usr/openv/netbackup/logs/adsts.log To obtain useful information, you may have to increase the NetBackup logging levels. Mount and unmount the LUNs To mount a LUN, it must be formatted and offline. To unmount a LUN, it must be formatted and online. The command to mount a LUN also performs other operations that help verify connectivity. To mount and then unmount a specific LUN 1 Mount the LUN by using the nbshareddisk command. The following is the command syntax:
nbshareddisk online udid UDID##nn#nn##nn
Unmount the LUN by using the nbshareddisk command. The following is the command syntax (the command produces no output):
UNIX: nbshareddisk offline -device mount_point Windows: nbshareddisk offline -device C:\nbussod\mnt_point\
Ensure that you use the trailing back slash on the Windows command line. The following is an example:
nbshareddisk offline -device /nbusd_b8fd784dd4df57e6
For command usage, see NetBackup Commands for UNIX and Linux or NetBackup Commands for Windows.
10. Verify that the media servers are configured as storage server(s)
Verify that each NetBackup that connects to the array is configured as a storage server. To do so, use the following command
nbdevquery -liststs -stype SharedDisk V6.5 tree.symantecs.org SharedDisk 6 V6.5 flower.symantecs.org SharedDisk 6
The command output shows which media servers are configured as SharedDisk storage servers. If a storage server does not appear, create the storage server. To do so, see Creating a storage server in NetBackup on page 289. The nbdevquery command resides in the following directory: UNIX: /usr/openv/netbackup/bin/admincmd Windows: install_path\Program Files\VERITAS\NetBackup\bin\admincmd
The Tech Note contents are updated when new information is available. The Tech Note may contain more current information than this guide.
For more information about the nbfirescan command, see the NetBackup Commands for UNIX and Linux or NetBackup Commands for Windows manual.
333
Change the disk volume state to DOWN so that NetBackup does not assign jobs to it. The following is the command syntax:
nbdevconfig -changestate stype SharedDisk -dp disk_pool_name dv vol_name -state DOWN
This command does not stop currently active jobs; they complete their I/O. 3 4 Wait for all active jobs that use that volume to complete. Use the NetBackup Administration Console Activity Monitor to monitor the jobs. Determine the UDID of the disk volume. The following is the command syntax to display all of the disk volumes in an enclosure:
nbshareddisk list -ueid unique_enclosure_id
Expose (mask) the LUN to a media server and then mount it. The following is the command syntax:
nbshareddisk online -udid UDID##nn#nn##nn
6 7
Browse the file system. Unmount the LUN. The following is the command syntax:
UNIX: nbshareddisk offline -device mount_point Windows: nbshareddisk offline -device C:\nbussod\mnt_point\
Ensure that you use the trailing back slash on the Windows command line. 8 Unmask the LUN from the media server. The following is the command syntax:
nbshareddisk mask -udid UDID##nn#nn##nn
Change the disk volume to UP so that NetBackup can use it. The following is the command syntax:
nbdevconfig -changestate stype SharedDisk -dp disk_pool_name dv vol_name -state UP
Disk failure
A disk failure in an array that is configured to provide redundancy should not affect NetBackup disk pool operation. If recovery mechanisms do not protect a disk that fails, the backup images on that disk are lost. Operating system read and write errors may occur for the volume that represents the disk. NetBackup cannot use that volume because of the errors, and NetBackup jobs may fail. To prevent NetBackup from trying to read from or write to the disk, you must change the volume state to DOWN in NetBackup. If the volume represents other disks that still function, those disks are not available because the volume state is DOWN. You may be able to read from the volume by mounting it manually. If so, you may be able to recover image fragments from any disks that did not fail. If you replace the failed disk, you can allocate that new disk to NetBackup, as follows:
In NetBackup, expire backup images on the downed volume so the image records are removed from the NetBackup catalog. Use the array software utilities to delete the volume from the array. Allocate the new disk and any other disks that were in the volume to NetBackup. You must use a different name for the LUN than was used for the original volume. Add that LUN to an existing disk pool or create a new disk pool from that LUN.
Because NetBackup does not let you delete volumes from a disk pool, the downed volume remains in the disk pool. The downed volume does not affect disk pool functionality.
A restore operation uses a storage server that does not have a PrefRestore or ReqRestore attribute. Reasons may be as follows:
The destination disk pool does not include a storage server with a restore or duplication attribute. A preferred or required storage server cannot be used because it is unavailable (NetBackup considers it DOWN). A storage server is preferred for restore but the SharedDisk disk volume is mounted on a different storage server.
335
A preferred or required storage server cannot be used because it is unavailable (NetBackup considers it DOWN). A preferred or required storage server is not used because the SharedDisk disk volume is mounted on a different storage server.
Chapter
13
Tape as a storage destination on page 337 HBA port detection on Solaris on page 339 New HBAs supported on page 339
Benefits on page 338 Buffer size and concurrent pipe usage on page 338 Configuring multiplexing on page 338 Configuring multistreaming on page 338
338 SAN Client and Fibre Transport updates Tape as a storage destination
Benefits
Using tape as a destination, you can multistream and multiplex backups of a SAN client to an FT media server, which provides the following benefits:
Ability to send nonmultiplexed and multiplexed backups of multiple streams to the tape media over the SAN. The data streams can be sent over one or more FT channels to the FT media server. The media server multiplexes them together onto one or more tape drives. Multiplexing enables parallel backup of multiple slower client data streams
Multiplexing reduces or eliminates idle time while the tape drive waits for data to become available. It better uses the transfer rate of fast tape drives. With this feature, you can replace SAN Media servers with SAN Clients and continue to back up to tape. A SAN Client uses fewer system resources, both disk space and processor, than a SAN Media server.
Symantec recommends that the number of buffers times the number of pipes be 161 or fewer. For the number of buffers per pipe, the default value is 16 for disk and 12 for tape.
Configuring multiplexing
To configure multiplexing, see the NetBackup Administrators Guide for UNIX and Linux, Volume I.
Configuring multistreaming
To configure multistreaming, see the NetBackup Administrators Guide for UNIX and Linux, Volume I.
SAN Client and Fibre Transport updates HBA port detection on Solaris
339
Limitations
The following limitations exist for tape as a storage destination:
Only FT backups from the same client are multiplexed in a particular MPX group FT backups from different clients are not multiplexed together in the same MPX group. You cannot multiplex different SAN clients to the same tape. Different clients can still be backed up to the same FT media server, but they are written to different tape drives in different MPX groups). FT and LAN backups (from the same client or different clients) are not multiplexed together in the same MPX group.
The first choice is the bus with the most 2312 target mode ports. If there are no 2312 target mode ports, the bus with the most 24xx target mode ports is used. Target mode ports on other busses are not used.
Symantec recommends that you do not use 24xx 4 GB/s HBAs in 33 MHz or 66 MHz PCI slots.
340 SAN Client and Fibre Transport updates New HBAs supported
Chapter
14
About remote NDMP and disk devices on page 341 Configuring remote NDMP on page 342
342 Remote NDMP and disk devices updates Configuring remote NDMP
Figure 14-1
NetBackup drives in disk storage units or Media Manager storage units (tape).
NDMP hosts (NAS filers). . . Backup data travels from NDMP hosts to a disk or tape drive attached to a NetBackup media server or on a SAN. NOTE: The NetBackup drive(s) need not be dedicated to NDMP backups: they can be used for non-NDMP backups as well.
Under Media and Device Management > Credentials, click on NDMP Hosts. Under Actions, choose New > NDMP Host to display the NDMP Host dialog box. Enter the name of the NDMP server (NAS filer) to back up. This NDMP host name is case sensitive. Repeat the above for each NDMP host that the NetBackup server backs up.
Use the NetBackup Device Configuration wizard to configure devices for remote NDM (disks, or tape drives and robots, on the media server). Note the following:
Do not use the device configuration procedure in the Configuring NDMP backup to NDMP-attached devices section of the NetBackup for
343
NDMP Guide. Rather, configure the disk, or robots and drives, in the same way as ordinary NetBackup devices. See the NetBackup Administrators Guide, Volume I.
Tape drives can be shared using the Shared Storage Option (SSO) of NetBackup. The drives can be shared as both NDMP drives and non NDMP drives. See Using the Shared Storage Option (SSO) chapter of the NetBackup for NDMP Guide.
Create a disk or Media Manager storage unit for the drive(s). The storage unit type must be Disk or Media Manager, not NDMP. For details on storage units, refer to the NetBackup Administrators Guide, Volume I. Create an NDMP-type policy. On the New/Change Policy display, be sure to specify the storage unit that was created at step 3. See Creating an NDMP policy in the NetBackup for NDMP Guide.
344 Remote NDMP and disk devices updates Configuring remote NDMP
Chapter
15
This feature eliminates the bandwidth cost of copying synthetic full backups to another site. Instead of duplicating a local synthetic full backup to a remote site to produce a second copy, it is more efficient to produce the second copy by using data movements only at the remote site. This feature provides an efficient method to establish a dual-copy disaster recovery scheme for NetBackup backup images.
3 4 5
Step 3 remains the same. Step 4 remains the same. Step 5 remains the same.
6 7
Step 6 remains the same. A full synthetic backup is produced at Site B from images at Site B. The full synthetic backup at the remote site is a second copy of the synthetic backup at the local site. Step 8 remains the same.
Figure 15-1 shows that using this feature, the images copied to the remote site are used as source images to be synthesized for the synthetic full backup at the remote site. No extra bandwidth is used to copy the synthetic full backup from Site A to Site B.
347
Figure 15-1
Incremental (Copy 1)
Incremental (Copy 1)
Incremental (Copy 1)
Incremental (Copy 1)
Backups are duplicated to the remote site Site B (Remote) Full backup (Copy 2) Incremental (Copy 2) Incremental (Copy 2) Synthetic full backup (Copy 2) Incremental (Copy 2) Incremental (Copy 2)
Configuration variables
The file format uses a traditional name-pair scheme for setting configuration preferences. Each preference uses a key name separated from the preference value by an equal sign with each name-value pair residing on a single line. For example: NAME=VALUE Enter all values as integers.
Table 15-1 describes the configuration entries that can be included in the configuration file. Table 15-1 Entry
SRC_COPY
Configuration entries
Purpose
Specifies the copy number of each source component for the second synthetic backup. Every source backup must have a copy by this number unless SRC_COPY_FALLBACK is specified. The default is 2. Specifies the copy number for the second synthetic backup produced. This must be different from the copy number of the first synthetic backup (which is 1). Default is 2. COPY is an alternate specification for SRC_COPY and TARGET_COPY. If COPY is specified and either SRC_COPY and TARGET_COPY is not specified, the value for COPY is used.
TARGET_COPY
COPY
TARGET_STU
Specifies the storage unit name or storage unit group name where the second copy synthetic backup is to be written. Use the special identifier __ANY__ to indicate that Any Available storage unit can be used that is not configured to be on demand only. Note that there are two underscores before and after ANY: TARGET_STU=__ANY__
FAIL_MODE
The second synthetic backup is produced immediately following the first copy synthetic backup if no errors occur during production of the first copy. If an error occurs during the second copy, the FAIL_MODE value specifies the fate of the first copy job and image. Specify one of the following:
FAIL_MODE=ALL ALL means that if the second copy fails, the first copy and its job also fail. (Default.) FAIL_MODE=ONE ONE means that if the second copy fails, the failure does not affect the first copy job.
ENABLED
Specifies whether production of the second copy is enabled or disabled. This entry turns the feature on or off. Specify one of the following:
ENABLED=YES Production of the second copy is enabled. (Default.) ENABLED=NO Production of the second copy is disabled.
349
Configuration entries
Purpose
Specifies that if a copy by the number given in SRC_COPY or COPY does not exist, the synthetic backup should use the primary backup. The only valid value is the following: SRC_COPY_FALLBACK=PRIMARY
VOLUME_POOL
Specifies the volume pool for tape media, if one is used. If no volume pool is specified, NetBackup uses the volume pool specified in the policy. If a volume pool is entered for disk, the entry is ignored.
Chapter
16
Figure 16-1
There may be a delay between when the job appears as Queued and when the queue reason is displayed. When a job is initiated, it enters a queue to be awarded a resource. An analogous situation is the check-in line at the airport: the traveler may wait a while to reach the front of the line and be given a boarding pass. Similarly, a job enters a queue behind other jobs that wait to be assigned to media servers, robots, drives, and media. When the job reaches the front of the queue, the necessary resources may be busy. At that point, the job is not in a queue for resource selection, but in a queue for specific resources. When the specific resources are identified, the State Details column can convey the information.
New Activity Monitor displays job state details State Details column messages
353
A pending action is associated with the resource request. User intervention may be required. Disk pool is unavailable (disk_pool) Disk volume is currently unavailable Drive on pre-6.0 media server is oversubscribed (storage_unit) Drives are in use in storage unit (storage_unit) Eligible cleaning media is unavailable Lack of connectivity detected between media server and master server (media_server) Limit has been reached for requested resource (resource) Local drives are down Maximum job count has been reached for the storage unit (storage_unit_name) Maximum number of concurrent disk volume readers has been reached Maximum partially full tape volumes has been reached Mount file for tape already exists (mount_file_name) Physical drives are not available for use Required disk volume is in use (disk_volume, disk_pool) Required disk volume is unmounting (disk_volume, disk_pool) Required drives are in use Required media is in a drive that is in use by NetBackup (media_id) Required media is in use (media_id) Required media server is not active in cluster (media_server, server_name) Required media server is offline for disk (media_server) Required media server is offline for tape (media_server) Required robotic library is down on media server (robot_name, media_server) Shared drive scan host is offline Storage unit concurrent jobs throttled by capacity management (storage_unit)
354 New Activity Monitor displays job state details State Details for duplication and synthetic jobs
Waiting for fibre transport for client (client_name) Waiting for media request delay to expire Waiting for mount of disk volume (disk_volume, disk_pool) Waiting for shared tape drive scan to stop
The read activity is waiting to mount a disk volume. The Resource Broker provides the queued reason to the Job Manager and the Job Manager displays the reason in the Activity Monitor (Waiting for mount of disk volume). The write activity is waiting for a drive scan to stop. The Resource Broker provides the queued reason to the Job Manager and the Job Manager overwrites the former reason. It then displays the new reason in the Activity Monitor (Waiting for drive scan to stop).
Even if the second condition is resolved (the job is no long waiting for a shared disk mount), the Activity Monitor continues to display Waiting for drive scan to stop.
New Activity Monitor displays job state details Addition to bpdbjobs -report -all_columns output
355
In the following example output, the state details field contains the information: Required media is in use (AA0045)
415,Backup,Done,96,jvlcc,vlcdiff,mule,buffalo,0885942000,0000000014 ,0885942014,8mm,3,,,,,,11602,root,1,0,1,10,,buffalo,2,1,0,0,0,3,/ho me/vlc/jadm_JAVA/usr/openv/java,/home/vlc/directory with spaces,/home/vlc/test,3,11544,8mm,buffalo,885941970,13,885941983,96 ,unable to allocate new media for backup\, storage unit has none available,2,01/27/98 16:59:30 - connecting,01/27/98 16:59:30 connected; connect time: 000:00:00,0,0,11573,8mm,buffalo,885941986,11,885941997,96,unable to allocate new media for backup\, storage unit has none available,2,01/27/98 16:59:40 - connecting,01/27/98 16:59:40 connected; connect time: 000:00:00,0,0,11602,8mm,buffalo,885942000,14,885942014,96,unable to allocate new media for backup\, storage unit has none available,2,01/27/98 17:00:00 - connecting,01/27/98 17:00:00 connected; connect time: 000:00:00,0,0, Required media is in use (AA0045)
356 New Activity Monitor displays job state details Addition to bpdbjobs -report -all_columns output
Chapter
17
The ability to configure default job priorities for different job types in the new Default Job Priorities master server host properties. (See Default Job Priorities host properties on page 359.) The ability to dynamically change the job priority of a queued or an active job that waits for resources in the Activity Monitor. (See Activity Monitor Job Priority setting on page 362.) The ability to set the priority for a media content job in the Reports utility. (See Job Priority setting for Tape Contents report on page 363.) The ability to set the job priority for import, verify, and duplicate jobs in the Catalog utility.
358 New Job Priority defaults and overrides Understanding the Job Priority setting
(See Job Priority setting for Verify, Duplicate, and Import actions on page 365.)
The ability to specify the job priority for restore jobs in the Backup, Archive, and Restore client interface. (See Job Priority setting for restores on page 368.) The ability to change job priorities in the bpadm and the bp interfaces. (See bp and bpadm menu interface changes on page 371.) The ability to specify the job priority from the command line. (See Setting the Job Priority using the command line on page 369.)
The request's first priority. The requests second priority. The birth time (when the Resource Broker receives the request).
The first priority is weighted more heavily than the second priority, and the second priority is weighted more heavily than the birth time. Because a request with a higher priority is listed in the queue before a request with a lower priority, the request with a higher priority is evaluated first. Even though the chances are greater that the higher priority request receives resources first, this is not always definite. The following scenarios present situations in which a request with a lower priority may receive resources before a request with a higher priority:
A higher priority job needs to unload the media in a drive because the retention level (or the media pool) of the loaded media is not what the job requires. A lower priority job can use the media that is already loaded in the drive. To maximize drive utilization, the Resource Broker gives the loaded media and drive pair to the job with the lower priority. A higher priority job is not eligible to join an existing multiplexing group but a lower priority job is eligible to join the multiplexing group. To continue spinning the drive at the maximum rate, the lower priority job joins the multiplexing group and runs.
New Job Priority defaults and overrides Default Job Priorities host properties
359
The Resource Broker receives resource requests for jobs and places the requests in a queue before processing. New resource requests are sorted and evaluated every 5 minutes. Some external events (a new resource request or a resource release, for example) can also trigger an evaluation. If the Resource Broker receives a request of any priority while it processes requests in an evaluation cycle, the request is not evaluated until the next evaluation cycle starts.
360 New Job Priority defaults and overrides Default Job Priorities host properties
Variables P1, P2, P3 and so on indicate the priority for each backup type. The actual default values for the entry appear as follows:
JOB_PRIORITY = 0 0 90000 90000 90000 90000 85000 85000 80000 80000 80000 80000 75000 75000 70000 70000 50000 50000 0 0 0 0 0 0
Default
0 0
P3 P4 P5 P6
85000 85000 80000 80000 80000 80000 75000 75000 70000 70000 50000
New Job Priority defaults and overrides Default Job Priorities host properties
361
Default
50000 0 0 0 0 0 0
362 New Job Priority defaults and overrides Activity Monitor Job Priority setting
Not all jobs request resources from the Resource Broker. If a job does not request resources, the priority is not set and the priority column is empty for that job. Examples include image cleanup job for tapes and multiplexed restores.
New Job Priority defaults and overrides Job Priority setting for Tape Contents report
363
In the Change job priority dialog box (Figure 17-3), select one of the following methods to change the priority:
Set Job Priority to Increment the Job Priority by Decrement the Job Priority by
Enter the specific job priority for the selected jobs. Raise the priority of the job by the selected internal. Lower the priority of the job by the selected internal.
Figure 17-3
This changes the priority for the selected job only, and not all other jobs of that type. To change the job priority defaults, see Default Job Priorities host properties on page 359.
364 New Job Priority defaults and overrides Job Priority setting for Tape Contents report
Figure 17-4
New Job Priority defaults and overrides Job Priority setting for Verify, Duplicate, and Import actions
365
366 New Job Priority defaults and overrides Job Priority setting for offline catalog backups
The ability to set the job priority for online, hot catalog backups has existed in previous releases. Online catalog backups are configured similarly to the way regular backup policies are configured: in the Policies utility. The Attributes tab of the policy configuration contains the Job Priority setting (Figure 17-7).
New Job Priority defaults and overrides Job Priority setting for offline catalog backups
367
Figure 17-7
368 New Job Priority defaults and overrides Job Priority setting for restores
New Job Priority defaults and overrides Setting the Job Priority using the command line
369
bpdbjobs
bpduplicate
bpimport
bplabel
bpmedialist
bpplinfo
bppolicynew
bprecover
bprestore
bpschedule
bpschedulerep
bpverify
nbdelete
370 New Job Priority defaults and overrides Setting the Job Priority using the command line
tpclean
Use the -priority option to specify a new priority for the tape clean job that overrides the default job priority Use the -priority option to specify a new priority for the tape mount job that overrides the default job priority Use the -priority option to specify a new priority for the optical tape format job that overrides the default job priority. Use the -priority option to specify a new priority for the physical inventory job that overrides the default job priorit.y
tpreq
tpformat
vmphyinv
Changes to bpdbjobs
The bpdbjobs command is used to interact with the NetBackup jobs database. Now the command lets administrators set and change the priority for queued and active jobs by using the following two new options:
-set_priority -change_priority_by
set_priority
Use the -set_priority option to specify a specific value as the new job priority. The command uses the following syntax: bpdbjobs -set_priority -priority number -jobid job1, job2, , jobn For example, to set the job priority for job_A to 80, enter the following:
bpdbjobs -change_priority_by -priority 80 -jobid job_A
change_priority_by
Use the -change_priority_by option to specify an increase or decrease to the current job priority. The command uses the following syntax: bpdbjobs -change_priority_by -priority number -jobid job1, job2, , jobn For example, the current job priority for job_B is 100. Use the following command to change it to 50:
bpdbjobs -change_priority_by -priority -50 -jobid job_B
To change the job priority of job_B from 100 to 200, use the following command:
bpdbjobs -change_priority_by -priority 100 -jobid job_B
New Job Priority defaults and overrides Setting the Job Priority using the command line
371
Job priority for a Tape Contents report job You are prompted to enter a job priority when running a tape contents report using bpadm. In the main NetBackup Administration menu, select r) Reports. In the Report menu, select m) Media. Specify a media ID. In the Media Reports menu, select m) Media Contents. Enter a job priority, then run the Media Contents job. Job priority for an offline catalog backup You are prompted to enter a job priority when configuring an offline catalog backup using bpadm. In the main NetBackup Administration menu, select x) Special Actions. In the Special Actions menu, select b) Offline Catalog Backup. The Offline Catalog Backup menu appears. To change the priority of an offline catalog backup configuration, select: m) Modify Offline Catalog Backup Settings... The second question prompts you to enter a job priority.
bp client interface
The capability to assign a priority to restore jobs has been added to the bp utility: In the main bp menu, select r) Restore. To change the priority for the restore job, select: j) Change Job Priority Enter a value from 0 to 99999. This priority applies to the next restore job that is run during this bp session.
372 New Job Priority defaults and overrides Database agent changes
DataStore/XBSA
The XBSA interface now provides the new NBBSA_RESTORE_PRIORITY environment variable to set the priority of a restore job. Set the priority for a value between 0 and 99999. If no priority (or an invalid priority) is specified, the interface uses the default priority that is configured on the master server. A value of -1 is used to indicate that the default priority for restores that is configured on the master server is used. NBBSA_RESTORE_PRIORITY can only be set before an XBSA transaction is started. The environment variable can be set in the XBSA environment block during initialization (BSAInit). Or, it can be set through a call to NBBSASetEnv as long as the call takes place before BSABeginTxn is called.
DB2 log restores use the default priority for restores that is set on the master server. The DB2 OPTIONS command line parameter is supported only for DB2 versions 8.1 Fixpack 7 or higher. Earlier versions of DB2 do not support this parameter and cannot use the DB2_RESTORE_PRIORITY options string parameter.
373
DB2 restores
The DB2 restore interface uses the default priority that is configured in the Backup, Archive, and Restore client interface. To save the current restore in a template, the restore priority is included as a template parameter. The user then loads the template at a later time and runs it using the included restore priority. The restore priority of a loaded template overrides the restore priority that is set in the Backup, Archive, and Restore client interface. Users can convert templates with priority values to shell scripts.
Lotus
The NetBackup for Lotus agent now includes an option to set the default priority for restores. Users can select a restore priority in the Backup, Archive, and Restore client interface when performing a restore operation. Lotus users can also use the bprestore priority option when performing restores from the command line.
374 New Job Priority defaults and overrides Database agent changes
Oracle restores
The Oracle restore interface uses the default priority for restores that is configured in the Backup, Archive, and Restore client interface. To save the current restore in a template, the restore priority is included as a template parameter. The user then loads the template at a later time and runs it using the included restore priority. The restore priority of a loaded template overrides the priority that is set in the Backup, Archive, and Restore client interface. Users can convert templates with priority values to shell scripts.
375
376 New Job Priority defaults and overrides Database agent changes
Chapter
18
Allows reverse host name lookup (Allowed) Restricts reverse host name lookup (Restricted) Prohibits reverse host name lookup (Prohibited)
378 Reverse host name lookup updates Reverse Host Name Lookup host property
Figure 18-1
Allowed setting
The Allowed setting indicates that the host requires reverse host name lookup to be working in order to determine that the connection comes from a recognizable server. This is the default behavior of NetBackup 6.5.2 and reflects how NetBackup has operated in previous releases. By default, the host resolves the IP address of the connecting server to a host name by performing a reverse lookup. If the conversion of the IP address to host name fails, the connection fails. Otherwise it compares the host name to the list of known server host names. If the comparison fails, the host rejects the server and the connection fails.
Restricted setting
The Restricted setting indicates that the NetBackup host first attempts to perform reverse host name lookup. If the NetBackup host successfully resolves the IP address of the connecting server to a host name (reverse lookup is successful), it compares the host name to the list of known server host names. If the resolution of the IP address to a host name fails (reverse lookup fails), based on the Restricted setting, the host converts the host names of the known server list to IP addresses (using a forward lookup). The host compares the IP address of the connecting server to the list of known server IP addresses. If the comparison fails, the host rejects the connection from server and the connection fails.
Prohibited setting
The Prohibited setting indicates that the NetBackup host does not try reverse host name lookup at all. The host resolves the host names of the known server list to IP addresses using forward lookups.
Reverse host name lookup updates Changing host properties outside of the Administration Console
379
The NetBackup host then compares the IP address of the connecting server to the list of known server IP addresses. If the comparison fails, the NetBackup host rejects the connection from the server and the connection fails.
REVERSE_NAME_LOOKUP entry
The REVERSE_NAME_LOOKUP entry is new in NetBackup 6.5.2 and uses the following format: REVERSE_NAME_LOOKUP = ALLOWED | RESTRICTED | PROHIBITED For example: REVERSE_NAME_LOOKUP = PROHIBITED The values of ALLOWED, RESTRICTED, and PROHIBITED represent the same meaning as the values in the Network Settings host properties. (See Reverse Host Name Lookup host property on page 377.)
380 Reverse host name lookup updates Changing host properties outside of the Administration Console
Use the bpsetconfig command to add the entry. The bpsetconfig command is described in the 6.5 NetBackup UNIX and Linux Commands Guide.
3 4 5 6
Figure 18-2
Chapter
19
To disable monitoring of the KMS service 1 Open a command prompt on the active node of the cluster.
382 NetBackup High Availability updates Clustered media servers on Windows 2008
Change to the appropriate directory based on your platform. Windows: install_path\NetBackup\bin UNIX/Linux: /usr/openv/netbackup/bin Run the command appropriate for your platform. Windows: bpclusterutil -disableSvc "NetBackup Key Management Service" UNIX/Linux: bpclusterutil -disableSvc nbkms
383
In the Maximum restarts in specified period box, select a value of 2 for the number of restarts you want to attempt for the resource.
bpclusterutil (Windows)
In an MSCS or a VCS for Windows cluster, cluster configuration is one of the final steps in the installation NetBackup in a cluster. If this step is not done or does not complete successfully, the bpclusterutil command may be used to perform this step. The bpclusterutil -c command runs the same cluster configuration step that the installation program performs. This command can be run multiple times. Only run this command from the active node.
NAME
bpclusterutil - Modify and configure NetBackup in a Windows cluster.
SYNOPSIS
install_path\NetBackup\bin\bpclusterutil [-a Service Name] [-addnode NodeName] [-addSvc ServiceName] [-c] [-ci] [-delete] [-deleteSvc ServiceName] [-depend ServiceName DependServiceName] [-disableSvc ServiceName] [-display] [-enableSvc ServiceName] [-isactive] [-iscluster] [-offline] [-online] [-np] [-startagent] [-stopagent] install_path\NetBackup\bin\bpclusterutil [-r CLUSTEREDSERVICES servicename -r CLUSTERGROUPNAME -r CLUSTERNAME clustername -r CLUSTERTYPE MSCS|VCS -r GLOBDBHOST nodename -r MONITOREDSERVICES servicename
-r NETBACKUPINSTALLPATH path -r NETBACKUPSHAREDDRIVE drive: -r NETBACKUPTYPE MASTER|MEDIA -r NETWORKSELECTION network name -r NODENAMES nodename -r VIRTUALIPADDRESS ip address -r VIRTUALSERVERNAME virtual name -r VIRTUALSUBNETMASK subnet mask ] install_path\NetBackup\bin\bpclusterutil [-rm CLUSTEREDSERVICES servicename -rm MONITOREDSERVICES servicename]
DESCRIPTION
This command is available on NetBackup master and media servers. The options described here are applicable to clusters in a Windows environment. It allows the user to set up the registry entries that are used for cluster configuration and then to configure the cluster. This command only modifies registry entries on the local node.
OPTIONS
-a Service Name
Adds a node name to the possible owners list of all the resources in the NetBackup group.
-addSvc Service Name
Configures NetBackup in a cluster as based on the values that you specified in the registry and brings the NetBackup group online.
-ci
Configures NetBackup in a cluster as based on the values that you specified in the registry and does not bring the NetBackup group online.
-delete
Deletes the registry entries that are used to configure NetBackup in a cluster.
385
Sets the cluster resource for Service Name to have a dependency on DependServiceName.
-deleteSvc Service Name
Delete an existing NetBackup service from the NetBackup cluster group. Ensure that the ServiceName is provided within double quotes. E.g. NetBackup Key Management Service for the Key management service
-disableSvc Service Name
Displays the registry entries that are used for clustering configuration.
-enableSvc Service Name
Enable the cluster to monitor a NetBackup service you added to the NetBackup cluster group.
-isactive
This option displays the state of the NetBackup cluster group on the node. A return code of 1indicates the node is the active node. A return code of 0 indicates the node is an inactive node.
-iscluster
This option issues the offline command to the NetBackup group in the cluster.
-online
This option issues the online command to the NetBackup group in the cluster.
-r
Sets the corresponding NetBackup cluster configuration registry entry to the specified value.
CLUSTEREDSERVICES servicename
This option adds servicename to the CLUSTEREDSERVICES registry entry. Only one service name can be entered at a time; run the command multiple times to add service names. The service name should match the service name property of the service.
This option adds servicename to the MONITOREDSERVICES registry entry. Only one service name can be entered at a time; run the command multiple times to add service names. The service name should match the service name property of the service.
NETBACKUPINSTALLPATH path NETBACKUPSHAREDDRIVE drive: NETBACKUPTYPE MASTER|MEDIA NETWORKSELECTION network name NODENAMES nodename
If NODENAMES is specified, only one node name can be entered. Run the command multiple times to add node names.
VIRTUALIPADDRESS ip address VIRTUALSERVERNAME virtual name VIRTUALSUBNETMASK subnet mask -rm
Removes a value from the corresponding NetBackup cluster configuration registry entry.
CLUSTEREDSERVICES servicename
This option removes servicename from the CLUSTEREDSERVICES registry entry. Only one service name can be entered at a time; run the command multiple times to remove service names. The service name should match the service name property of the service.
MONITOREDSERVICES servicename
This option removes servicename from the MONITOREDSERVICES registry entry. Only one service name can be entered at a time; run the command multiple times to remove service names. The service name should match the service name property of the service.
-startagent
387
bpclusterutil (UNIX/Linux)
In a UNIX or Linux cluster, you can use the bpclusterutil command to administer the NetBackup cluster group.
NAME
bpclusterutil - Modify and configure NetBackup in a UNIX cluster.
SYNOPSIS
/usr/openv/netbackup/bin/bpclusterutil [-np] [-online] [-offline] [-isactive] [-iscluster] [-startagent] [-stopagent] [-freeze] [-unfreeze] [-vname] [-addSvc <ServiceName>] [-deleteSvc <ServiceName>] [-enableSvc <ServiceName>] [-disableSvc <ServiceName>]
DESCRIPTION
This command is available on NetBackup master and media servers. The options described here are applicable to clusters in a UNIX environment.
OPTIONS
-addSvc <ServiceName>
Enable the cluster to monitor a NetBackup service you added to the NetBackup cluster group.
-freeze
This option displays the state of the NetBackup cluster group on the node. A return code of 1indicates the node is the active node. A return code of 0 indicates the node is an inactive node.
-iscluster
-np
This option issues the offline command to the NetBackup group in the cluster.
-online
This option issues the online command to the NetBackup group in the cluster.
-startagent
Chapter
20
NOM updates
In addition to adding cluster support, the NetBackup Operations Manager (NOM) has the following major updates in release 6.5.2:
NOM alert enhancements on page 389 Job detail and job priority enhancements on page 393 Performance enhancements for the NOM server on page 394
This section also contains the following information on upgrading 6.5 or 6.5.1 servers to 6.5.2 if you moved the NOM databases default location:
Moving a NOM 6.5 or 6.5.1 database to the original default location on page 394
Removing the dependency on NOM Alert Manager and alerts database Improved alert policy configuration Creating email and SNMP trap recipient groups Configuring the SNMP trap community name for NOM
You will see the following changes after installing NOM 6.5.2:
The NOM Alert Manager service/process is of no significance and does not affect NOM 6.5.2. The NOM Alert Manager process is not displayed on Solaris. Though NOM Alert Manager service is still displayed in the Services panel on Windows servers (with startup type as Manual), this service does not affect NOM. In NOM 6.5.2, the export and import options available with NOMAdmin command apply to the NOM primary database only. The export and import options are used to export and import the NOM database. Defragmentation also applies to the NOM primary database only in NOM 6.5.2. This is because NOM 6.5.2 does not use the alerts database. See the Veritas NetBackup Operations Manager 6.5 Guide to know the specific procedures for exporting, importing, and defragmenting the NOM database. Though the NOM alerts database is not used by NOM, you will still find vxam.db and/or vxam.log files in NOM 6.5.2. These files are needed if you uninstall NOM 6.5.2 and rollback to NOM 6.5/6.5.1 which use the alert database. Note: You must not delete the alert database files. These files are required if you uninstall NOM 6.5.2 and rollback to NOM 6.5/6.5.1.
Examples
While creating a policy using Job Finalized alert condition in NOM 6.5.2, you can select multiple values for the Job Type parameter. While creating a policy using the Job Policy Change alert condition in NOM 6.5.2, you can select multiple policies. Figure 20-1 shows how you can select multiple policies while creating a policy using the Job Policy Change alert condition in NOM 6.5.2.
391
Figure 20-1
Note: Duplicate names for email recipients or SNMP trap recipients are not allowed. For example, you cannot have two email recipients (or two SNMP trap recipients) named user.
Note: The recipient names are case-sensitive. This means that user and USER are two separate names. If you want to uninstall NOM 6.5.2, ensure that email and SNMP recipients/recipient groups do not have the same name. This is because the earlier NOM versions (NOM 6.5/6.5.1) do not support duplicate names between email and SNMP recipients/recipient groups. Before uninstalling NOM 6.5.2, remove duplicate names between email and SNMP recipients/recipient groups. Note: After you uninstall 6.5.2 and rollback to NOM 6.5/6.5.1, you will not see the new features introduced with NOM 6.5.2.
Navigate to INSTALL_PATH\NetBackup Operations Manager\config directory and open the trap.properties file. The file shows the following contents under trap configuration: nm.trap.community=NOM nm.trap.agent.port=161 You can configure the value of nm.trap.community.name from NOM to some other name. Save the trap.properties file after making the changes. Restart all NOM services.
3 4
393
To configure the SNMP trap community name for NOM traps on Solaris 1 2 Stop all the NOM services.
/opt/VRTSnom/bin/NOMAdmin -stop_service
Navigate to opt/VRTSnom/config directory and open the trap.properties file. The file shows the following contents under trap configuration: nm.trap.community=NOM nm.trap.agent.port=161 You can configure the value of nm.trap.community.name from NOM to some other name. Save the trap.properties file after making the changes. Restart all NOM services.
/opt/VRTSnom/bin/NOMAdmin -start_service
3 4
State Details and Priority columns added in the Job details view
In NetBackup Operations Manager 6.5.2, two new column called State Details and Priority have been added in the Job Details view. You can access the Job Details view by selecting Monitoring > Jobs> Details. The State Details column indicates specific reasons why a job is queued or is not progressing. It also lists the backup resource or condition for which the job is waiting. This information can be used to troubleshoot NetBackup issues involving queued jobs. The State Details column is displayed by default in the Job Details view. The Priority column lists the job priority of a NetBackup job. The Job Priority indicates the current relative priority of a job to obtain backup resources. The Priority column is not displayed by default and can be added by clicking the Table Settings icon at the top of the table. Note: The State Details and Priority field is also displayed while viewing the details for a single NetBackup job. The details for a single NetBackup job can be viewed from Monitoring > Jobs > Details when a job id is selected.
Priority can be changed only for jobs that are in Active or Queued state. Priority can be changed only for jobs from master servers that are running NetBackup 6.5.2 or higher versions.
To change the job priority 1 Select Monitoring > Jobs > Details. Select an active or queued job. You can also change the job priority when you select a job id of an active or queued job from this view. Click Change Priority from the Tasks pane.
In the Change Priority dialog box, set the job priority to a particular value. You can also increment or decrement the job priority.
NOM server consumes a large amount of memory and threads and becomes non-responsive gradually. This happens when the number of managed master servers is high. NOM server needs to be restarted frequently. NOM gets slower gradually and the NOM server service/process uses more memory and threads.
NOM updates Moving a NOM 6.5 or 6.5.1 database to the original default location
395
To move NOM database to the default location on Windows 1 Stop all NOM services. Enter the following command:
INSTALL_PATH\NetBackup Operations Manager\bin\admincmd\NOMAdmin -stop_service
Open the databases.conf file from INSTALL_PATH\NetBackup Operations Manager\db\conf directory with a text editor like Notepad. The file lists the location of the NOM primary and alerts database. To move the database to the default location, replace the contents of the file with the following: "<INSTALL_PATH>\NetBackup Operations Manager\db\data\vxpmdb.db" "<INSTALL_PATH>\NetBackup Operations Manager\db\data\vxam.db" Make sure that you specify the path in double quotes. Save the databases.conf file. Copy the database files to the default location. Copy vxpmdb.db and vxam.db from the non-default location to INSTALL_PATH\NetBackup Operations Manager\db\data. Restart all NOM services. To restart all NOM services, enter the following command:
INSTALL_PATH\NetBackup Operations Manager\bin\admincmd\NOMAdmin -start_service
You should run and monitor NOM for a certain period after moving the database. If NOM works as expected, you can delete vxpmdb.db and vxam.db from the non-default location. To move NOM database to the default location on Solaris 1 2 Stop all NOM services. Enter the following command:
/opt/VRTSnom/bin/NOMAdmin -stop_service
Unlink the data directory located in /opt/VRTSnom/db. Enter the following command:
unlink /opt/VRTSnom/db/data
The default location of the NOM database in Solaris is /opt/VRTSnom/db/data. To copy the database from a custom location like /home/mydata to the default location,enter the following command:
cp -R /home/mydata /opt/VRTSnom/db
396 NOM updates Moving a NOM 6.5 or 6.5.1 database to the original default location
You should run and monitor NOM for a certain period after moving the database. If NOM works as expected, you can delete vxpmdb.db and vxam.db from /home/mydata.
Related Topics
Prerequisites Upgrading from a standalone NOM server to NOM 6.5.2 in clustered mode
Chapter
21
bpbackupdb
Use bpbackupdb to perform an offline, cold catalog backup. The -priority option was added so that the administrator can specify a new priority for the catalog backup that overrides the default job priority.
bpdbjobs
Use bpdbjobs to interact with NetBackup jobs database. Now the command lets administrators set and change the priority of a job using two new options: -change_priority_by and -set_priority. For more information, see Changes to bpdbjobs on page 370.
bpduplicate
Use bpduplicate to create a copy of a backup. The -priority option was added so that the administrator can specify a new priority for the duplication job that overrides the default job priority.
bpimport
Use bpimport to import NetBackup and Backup Exec backups that are expired or to import backups from another server. The -priority option was added so that the administrator can specify a new priority for the import job that overrides the default job priority.
bplabel
Use bplabel to write NetBackup label on tape media. The -priority option was added so that the administrator can specify a new priority for the label job that overrides the default job priority.
bpmedia
Use bpmedia to freeze, unfreeze, suspend, or unsuspend NetBackup tape media, or to move ownership of tape media to a different media server. The ability to move ownership of tape media is new in this release and applies to moving to or from media servers that are version 6.0 or later. The bpmedia option changes all media database and image records that reference one server name (oldservername) to reference another server name (newservername). The syntax for the new option is as follows. All options are necessary to run the command.
bpmedia -movedb -allvolumes -newserver newservername -oldserver oldservername
First, the option moves all media assigned to one media server (oldservername) to another media server (newservername). This operation occurs on the EMM database, changing the lastwritehost of the media to newservername. For NetBackup 6.5 or later, the following is true in the case of media that belongs to a sharegroup: If the lastwritehost was set to the oldservername, then the newservername must belong to the sharegroup, and lastwritehost is changed to newservername. If the first step succeeds, then the option changes the media server name for all fragments in the image database that were originally the oldservername to the newhostname. This may take a long time, since the command must traverse the entire image database.
bpmedialist
Use bpmedialist to display the status of NetBackup tape media. The -priority option was added so that the administrator can specify a new priority for the media contents job (for a Media Contents report) that overrides the default job priority.
399
bppldelete
Use bppldelete to delete policies from the NetBackup database. The -generation [1-n] option was added to ensure that the command acts on a specific generation or version of a policy. The generation value increments each time a policy is saved. Use bpplinfo or bppllist to list the current generation value. If no generation is indicated, the command acts on the current version.
bpplinclude
Use bpplinclude to maintain a list of files automatically backed up by a NetBackup policy. The -generation [1-n] option was added to ensure that the command acts on a specific generation or version of a policy. The generation value increments each time a policy is saved. Use bpplinfo or bppllist to list the current generation value. If no generation is indicated, the command acts on the current version.
bpplinfo
Use bpplinfo to manage or display policy attributes. The attributes list now includes the generation or version of a policy. The -priority option was added so that the administrator can specify a new priority for the backup job that overrides the default job priority.
bppllist
Use bpplist to list policy information. The verbose list now includes the generation or version of a policy.
bpplsched
Use bpplsched to add, delete, or list NetBackup schedules. The -generation [1-n] option was added to ensure that the command acts on a specific generation or version of a policy. The generation value increments each time a policy is saved. Use bpplinfo or bppllist to list the current generation value. If no generation is indicated, the command acts on the current version.
bpplschedrep
Use bpplschedrep to modify NetBackup schedule attributes. The -generation [1-n] option was added to ensure that the command acts on a specific generation or version of a policy. The generation value increments each time a policy is saved. Use bpplinfo or bppllist to list the current generation value. If no generation is indicated, the command acts on the current version.
bppolicynew
Use bppolicynew to create, copy, or rename a NetBackup policy. The -priority option was added so that the administrator can specify a new priority for the backup job that overrides the default job priority.
bprecover
Use bprecover to recover NetBackup related catalogs. The -priority option was added so that the administrator can specify a new priority for the recovery job that overrides the default job priority.
bprestore
Use bprestore to restore files from a NetBackup server. The -priority option was added so that the administrator can specify a new priority for the restore job that overrides the default job priority.
bpschedule
Use bpschedule to add, delete, or list schedules for disk staging storage units. The -priority option was added so that the administrator can specify a new priority for the schedule that overrides the default job priority.
bpschedulerep
Use bpchedulerep to modify schedule attributes for disk staging storage units. The -priority option was added so that the administrator can specify a new priority for the schedule that overrides the default job priority.
401
bpverify
Use bpverify to verify NetBackup backups. The -priority option was added so that the administrator can specify a new priority for the verification job that overrides the default job priority.
nbdelete
Use nbdelete to remove deleted fragments from disk volumes. The -priority option was added so that the administrator can specify a new priority for the job that overrides the default job priority.
nbdevconfig
Use nbdevconfig to preview, import, create, or inventory disk pools. -setattribute attribute is an attribute to apply to the storage server for the read side of restore or duplication operations. These attributes can help you manage the restore and duplication traffic. You can specify more than one -setattribute attribute pair on the command line. The following are the attributes:
PrefRestore. The storage server is preferred for the read side of restore operations. More than one storage server can have the PrefRestore attribute. Storage servers that are marked as PrefRestore are considered for use first. If none are available, any unmarked storage server is considered for use. Normal NetBackup load balancing occurs among all storage servers marked PrefRestore. ReqRestore. The storage server is required for the read side of restore operations. More than one storage server can have the ReqRestore attribute. If a ReqRestore server is not available, NetBackup considers PrefRestore servers for use. If none are available, jobs queue until a ReqRestore or PrefRestore is available. If you configure ReqRestore servers but not PrefRestore servers, unmarked storage servers are never considered for restore jobs. Jobs queue until a ReqRestore storage server is available to execute the job. Normal NetBackup rules for job retry apply. Normal NetBackup load balancing occurs for all storage servers marked ReqRestore. Load balancing does not occur between the ReqRestore and PrefRestore storage servers. ReqDuplicate. The storage server is required for the read side of duplication operations. More than one storage server can have the ReqDuplicate attribute. If any storage server is marked as ReqDuplicate, only storage servers that are marked as ReqDuplicate are considered for use. If a ReqDuplicate server is unavailable, jobs queue until a ReqDuplicate server is available to execute the job. Normal NetBackup rules for job retry apply. ReqDuplicate also applies to storage server allocation for synthetic backup operations.
-clearattribute attribute is an attribute to remove from the storage server for restore or duplication operations. You can specify more than one -clearattribute attribute pair on the command line. The following are the attributes:
PrefRestore. The storage server is preferred for the read side of restore operations.
403
ReqRestore. The storage server is required for the read side of restore operations. ReqDuplicate. The storage server is required for the read side of duplication operations.
-deletedv deletes the volume from the disk pool. Requires the -stype, -dp, and -dv options. No backup image fragments can exist on the volume. No backup jobs can be active on the volume. The disk volume and disk pool must be DOWN.
nbkmsutil
nbkmsutil is a new command that runs the NetBackup key management service (KMS) utility. The following is the complete description of nbkmsutil as it would appear in the NBU Commands document or in the UNIX man page. The nbkmsutil command contains the following operations and options:
<admin_dir_path>nbkmsutil [-createkg] [-createkey] [-modifykg] [-modifykey] [-listkgs ] [-listkeys] [-modifyhmk] [-modifykpk] [-gethmkid] [-getkpkid] [-deletekg] [-deletekey] [-quiescedb] [-unquiescedb] [-recoverkey] [-ksstats] <admin_dir_path>nbkmsutil -createkg -kgname key_group_name [-cipher type] [-desc description] <admin_dir_path>nbkmsutil -createkey [-nopphrase] -kgname key_group_name -keyname key_name [-activate] [-desc description] <admin_dir_path>nbkmsutil -modifykg -kgname key_group_name [-name new_name] [-desc new_description] <admin_dir_path>nbkmsutil -modifykey -keyname key_name -kgname key_group_name [-state new_state | -activate] [-name new_name] [-desc new_description] <admin_dir_path>nbkmsutil -listkgs [-kgname key_group_name | -cipher type | -emptykgs | -noactive] [-noverbose] <admin_dir_path>nbkmsutil -listkeys key_group_name [-keyname key_name | -activekey] [-noverbose] <admin_dir_path>nbkmsutil -modifyhmk [-nopphrase] <admin_dir_path>nbkmsutil -modifykpk [-nopphrase] <admin_dir_path>nbkmsutil -gethmkid <admin_dir_path>nbkmsutil -getkpkid <admin_dir_path>nbkmsutil -deletekg -kgname key_group_name <admin_dir_path>nbkmsutil -deletekey -keyname key_name -kgname key_group_name <admin_dir_path>nbkmsutil -recoverkey -keyname key_name -kgname key_group_name -tag key_tag [-desc description] <admin_dir_path>nbkmsutil -ksstats [-noverbose] <admin_dir_path>nbkmsutil -quiescedb <admin_dir_path>nbkmsutil -unquiescedb
UNIX and Linux systems: <admin_dir_path> is /usr/openv/netbackup/bin/admincmd/ Windows systems: <admin_dir_path> is <install_path>\NetBackup\bin\admincmd\
Operation descriptions
The nbkmsutil command performs the following operations:
-createkg -createkey Create a new key group. The default cipher of the new key group is AES_256. Create a new key. The default state of the new key is Prelive.
405
Modify key group attributes. Modify key attributes. Get the details of the key groups. If no option is specified, retrieve the details of all the key groups. Get the details of keys. Delete a key group. Only empty key groups can be deleted. Delete a key. Only keys in Prelive and Terminated states can be deleted. Restore could fail if a key used in encrypting the backup data is lost. Such Keys can be recovered (re-created) with the knowledge of the original Key's attributes (tag and passphrase). Modify the host master key (HMK). HMK is used to encrypt the key store. To modify the HMK, provide an optional seed (passphrase) and an HMK ID which can remind the user of the specified passphrase. The passphrase and the HMK ID are both read interactively. Return the current HMK ID. Modify the key protection key (KPK). KPK is used to encrypt KMS keys. KPK is per key store. To modify the KPK, provide an optional seed (passphrase) and a KPK ID which can remind the user of the specified passphrase. The passphrase and the KPK ID are both read interactively. Returns the current KPK ID. Returns the key store statistics. The statistics consist of the number of key groups, the total number of keys, and the outstanding quiesce calls. Sends a quiesce request to KMS. If the command succeeds, the current outstanding quiesce count is returned (as multiple backup jobs might quiesce the KMS DB to back it up) Sends an unquiesce request to KMS. If the command succeeds, the current outstanding quiesce count is returned. A count of zero (0) means the KMS database is completely unquiesced.
-modifyhmk
-gethmkid -modifykpk
-getkpkid -ksstats
-quiescedb
-unquiescedb
Option descriptions
The nbkmsutil command uses the following options:
-activate -activekey -cipher Set the state of the specified key to active. The default state is prelive. Retrieves the details of a specific key group's active key. Type of cipher supported by the key group. All keys belonging to a key group supports the same cipher type. Supported cipher types are BLOW, AES_128, AES_192, and AES_256 (default cipher).
-emptykgs -keyname
Retrieves the details of all the key groups with zero keys in it. The name of a key. This name should be unique within a key group. The key group name and key name uniquely identifies a key in the key store. The name of a key group. Within a key store, a key group is uniquely identified by its name. New name of the key group when used with -modifykg or the new name of the key when used with -modifykey. The new key group name must not conflict with other names in the key store. Retrieves the details of all the key groups in which there are no active keys. Disable the utility function that prompts you for a pass phrase. Instead, the utility creates the key. The default condition is the use of the pass phrase to create a key with a seed. A lengthy and strong seed results in a strong key. Disable verbosity. The default condition is verbosity, which prints the details in readable format. New state of the Key. Possible states are Prelive, Active, Inactive, Deprecated, and Terminated. Key states can be changed only in the following ways:
-kgname
-name new_name
-noactive -nopphrase
-noverbose
-state newstate
Prelive to Active Transition between Active and Inactive Transition between Inactive and Deprecated Transition between Deprecated and Terminated
407
nbpemreq
Use the NetBackup Policy Execution Manager Requisition (nbpemreq) to determine which jobs are due in the near future. This command can also instruct nbpem to process policy updates immediately. Note that in 6.5.2, nbpem has been refactored for enhanced scalability, performance, and stability. Before running nbpemreq, note the following items:
The nbpemreq -tables option is no longer supported in 6.5.2. Whenever the nbpemreq command is run, nbpem is affected, slowing down policy processing. Note that the output from nbpemreq may change from release to release. Because of this, Symantec does not recommend using nbpemreq in scripts.
Operation descriptions
The nbpemreq command performs the following operations:
-due The -due option provides information about the clients or policies that are due to run by the time specified. Two formats are available to indicate the time. The -help option provides online help for the command. The -jobs option provides information about current jobs and jobs that ran in the previous 30 minutes. The -persisted option provides information about the contents of the nbpem persistence database file. The file contains information about running jobs, so if nbpem is interrupted, NetBackup knows which jobs to run when nbpem restarts. The -policies option provides information internal to nbpem about specified policies. The information presented differs from that presented using the -subsystem option. The -predict option can help determine when a policy is to run. The information displayed is based on the current time and a future date, specified using one of the two available time formats. The option can also be used to help determine why a policy has not run. The difference between the options is the output format and the amount of data presented. The -predict option shows backups that are eligible to run, but it is not an indication of which jobs will run at a specific time. This option checks if there is an open window for the backup, but does not reflect any exclude dates that might be set for the schedule. -subsystems The -subsystems option provides information about the subsystems introduced in 6.5.2. The amount of information presented for each subsystem depends on the depth indicated. Each subsystem contains varying layers of information. The -updatepolicies option instructs nbpem to reread the existing policy configuration. Normally, nbpem checks for changes based on the Policy Update Interval, located in the Global Attributes host properties. The default is 10 minutes. After running this command, the prompt is simply returned.
-help -jobs
-persisted
-policies
-predict -predict_all
-updatepolicies
Option descriptions
The nbpemreq command uses the following options:
depth value [all|job_id...] -client_filter client Where value is 0-n. The value limits how much the command generates as output. Lists all jobs or the job specified by the job ID. Filters on the name of a specific client or clients.
409
Displays all 36 subsystems introduced in 6.5.2, or specified subsystems. Example: 3 8 12 (Separate subsystems with spaces, not commas.)
Writes the output onto the screen and to stdout. The output is placed in the log file. The number of seconds elapsed since midnight Coordinated Universal Time (UTC) of January 1, 1970, not counting leap seconds.
nbstl
The NetBackup storage lifecycle utility command (nbstl) gives administrators the ability to create, modify and delete storage lifecycle policies. The nbstl command contains the following operations and options in 6.5.2:
nbstl [storage_lifecycle_name] [-v] [-M master_server] -L | -l nbstl storage_lifecycle_name [-v] [-M master_server] -delete nbstl storage_lifecycle_name [-add | -modify] [-v] [-M master_server] [-dc data_classification] [-dp duplication_priority] [-uf used_for1[,used_for2,..used_forn]] [-residence storage_unit1 | __NA__[,storage_unit2 | __NA__...storage_unitn | __NA__]] [-pool volume_pool1 | __NA__[,volume_pool2 | __NA__...volume_pooln | __NA__]] [-server_group host1 | __NA__[,host2 | __NA__..hostn | __NA__]] [-managed m1[,m2,..mn]] [-rl retention_level1 [,retention_level2,..retention_leveln] [-as alt_read_server1 | __NA__ [,alt_read_server2 | __NA__ ,..alt_read_servern | __NA__]] [-mpx preserve_mpx1 | __NA__[,preserve_mpx2 | __NA__ ,..preserve_mpxn | __NA__]]
The -managed option must be set to 0 (capacity management disabled). The -rl (retention level) option must be an integer between 0 and 24.
The following is an example of how the new State field appears in the output for nbstl -L (long output). In this example:
The lifecycle named lifecycle1 is active. The storage unit named adv_dsu1 is inactive.
lifecycle1 Gold 0 active backup adv_dsu1 NetBackup *NONE* Fixed 0
Name: Data Classification: Duplication job priority: State: Destination 1 Use for: Storage Unit: Volume Pool: Server Group: Retention Type: Retention Period:
411
The following is an example of how the new State field appears in the output for nbstl -l (condensed readout). In this example:
The second 0 in the first line indicates that the lifecycle named lifecycle1 is active. The 1 in the second line indicates that the storage unit named adv_dsu1 is inactive.
nbstlutil
In previous releases, the nbstlutil list -l and the nbstlutil list -U output did not list fields that had no values to display. In 6.5.2, the blank fields are displayed with the following values:
nbstlutil list -l (condensed readout) output displays *NULL* for blank fields. nbstlutil list -U (user readable) output displays (none specified) for blank fields. It also lists meaningful names for the fields instead of variable names. For example:
: : : : : : : : : : : master1 master1_1204160816 master1 1204160816 (Wed Feb 27 19:06:56 2008) SLPTestPol1 0 0 SLPTest1 3 (COMPLETE) 1204160905 (Wed Feb 27 19:08:25 2008) (none specified)
Image: Master Server Backup ID Client Backup Time Policy Client Type Schedule Type Storage Lifecycle Policy Storage Lifecycle State Time In Process Data Classification ID
tpclean
Use tpclean to manage the cleaning of the tape drive. The -priority option was added so that the administrator can specify a new priority for the job that overrides the default job priority.
tpformat
Use tpformat to format optical disks for use by Media Manager. The -priority option was added so that the administrator can specify a new priority for the job that overrides the default job priority.
tpreq
Use tpreq to request a tape volume for mounting and assign a file name to the drive. The -priority option was added so that the administrator can specify a new priority for the job that overrides the default job priority.
413
vmphyinv
Use vmphyinv to inventory media contents of a robotic library or stand-alone drive and update the volume database. The -priority option was added so that the administrator can specify a new priority for the inventory job that overrides the default job priority.
Index
A
Activity Monitor State Details column 351 adding Media Manager storage unit 343 Advanced Disk license key for 247 Alternate read server option 239, 240
B
backup off-host configuration 34 Backup and Restore Database option 199 Backup Selections list 39 Bare Metal Restore 34 Bare Metal Restore database (BMRDB) 187 bp client interface 371 bpadm management interface 371 bpbackupdb 369 bpbackupdb command -priority option 397 bpchedulerep command -priority option 400 bpclusterutil command 383, 387 bpdbjobs 369 bpdbjobs command 397 -report -all_columns output 355 bpduplicate 369 bpduplicate command -priority option 397 bpimport 369 bpimport command -priority option 397 bplabel 369 bplabel command -priority option 398 bpmedia command 398 bpmedialist 369 bpmedialist command -priority option 398 bppldelete command -generation option 399 bpplinclude command -generation option 399 bpplinfo 369 bpplinfo command -priority option 399 bppllist command 399 bpplsched command -generation option 399
bpplschedrep command -generation option 400 bppolicynew 369 bppolicynew command -priority option 400 bprecover 369 bprecover command -priority option 400 bprestore 369 bprestore command -priority option 400 bpschedule 369 bpschedule command -priority option 400 bpschedulerep 369 bpverify 369 bpverify command -priority option 401
C
cache object 140 configuration add Media Manager storage unit 343 procedure 32 Converter, VMware 25 credentials, VMware 31
D
Database Administration tool for NetBackup databases UNIX 189 Windows 201 database password, changing 190 Database Rebuild option 196 database validation check 207 Database Validation Check and Rebuild 195 DataStore/XBSA 372 DB2, NetBackup for 372 Disk type storage unit setting 254, 302 document-level restores how to perform 219 requirements 218 Dynamic LUN masking property (SharedDisk) 284
416
E
encryption of snapshot data transfer 36 ESX server 25, 31 Exchange, NetBackup for 373
mount point VMware 35 Move Database option 197 Multiple Copy Synthetic Backups feature 345
F
files list (see Backup Selections list)
N
NAS snapshot 342 nbd 36 nbdelete 369 nbdelete command -priority option 401 nbdevconfig command 402 nbdssl 37 nbfirescan 123 nbkmsutil command 404 nbstl (NetBackup storage lifecycle utility) command 242 nbstl command 409 __NA__ option 410 new -L and -l output fields 410 -uf (used for) option 409 nbstlutil command new -L and -l output fields 412 NDMP to media server how to configure 342 NDMP to disk 341 NDMP to media server (disk or tape) 341 NearStore storage units logging information 269, 322 NetBackup for DB2 372 NetBackup for Exchange 373 NetBackup for Informix 373 NetBackup for Oracle 374 NetBackup for SAP 375 NetBackup for SharePoint 375 NetBackup for SQL Server 375 NetBackup for Sybase 375 NetBackup relational database (NBDB) 187 NetBackup Resource Broker (NBRB) 358 Network Block Device (NBD) transfer 36 Network Block Device (NBD) transfer with SSL 36 Network Settings host properties 377 NOM 6.5.2 alert changes 389 changing the job priority 394 configuring SNMP trap community name 392 Creating email and recipient groups 391 duplicate names between email and SNMP recipients 391
G
Global Attributes host properties 359
H
host properties for VMware 32 hot catalog backup 194, 195, 207
I
Informix, NetBackup for 373 instant snapshots 140
J
jnbSA 31, 32
L
license key for AdvancedDisk 247 lifecycle destination type 239 logging VMware 55, 117 Lotus 373 LUN masking for SharedDisk 284
M
media host properties Enable SCSI reserve/release 284 Media server storage unit setting 255, 302 method selecting off-host backup 34 Microsoft Cluster Server (MSCS) bpclusterutil command 383 Microsoft Services for NFS, installing 211, 212 mirror VxVM snapshot 140
417
Multi-select option 390 NOM cluster about the NOM cluster 61 adding a node 86 configuring a cluster 83 configuring NetBackup servers 85 installing NOM 6.5.2 cluster 63 limitations 94 NOM agent for VCS 62 removing cluster completely 90 supported cluster solutions 62 troubleshooting 94 uninstall NOM 6.5.2 87 upgrading to NOM 6.5.2 cluster 72 using NOMCAdmin 93
SQL Server, NetBackup for 375 SSL encryption of snapshot data 36 Sybase Adaptive Server Anywhere (ASA) 187 Sybase, NetBackup for 375
T
tpclean 360, 370 tpclean command -priority option 412 tpformat 360, 370 tpformat command -priority option 412 tpreq 370 tpreq command -priority option 412 Transaction Log Management 194 Truncate the Transaction Log option 195
O
off-host backup 34 Oracle XML 374 Oracle, NetBackup for 374
U
Unload Database option 198
V
Vault duplication jobs 360 Veritas Cluster Server (VCS) for Windows 2000/ 2003 bpclusterutil command 383, 387 Virtual Center 25 vmdk type 37 vmphyinv 361, 370 vmphyinv command -priority option 413 VMware and Linux 33 backup environment 25, 26 backups 42 configuration overview 29 Converter 25 credentials 31 ESX server 25, 31 host properties 32 introduction 23 logging 55, 117 main features 24 policy configuration 32 policy types 33 proxy 24 restores 43 snapshot mount point 35 troubleshooting 55 Virtual Center 25 VxVM
P
policy how to select type of 33 Policy dialog 32, 114 Preserve multiplexing option 239, 241
R
remote NDMP 341 restores document-level 218 Reverse Host Name Lookup property 377 REVERSE_NAME_LOOKUP bp.conf entry 379
S
SAP, NetBackup for 375 SCSI LUN masking for SharedDisk 284 persistent reserve for SharedDisk 284 SCSI presistent reserve property (SharedDisk) 284 SharePoint, NetBackup for 375 snapshot mirror (VxVM) 140 Snapshot Client 239 space-optimized snapshots 140
418
W
Windows Services for UNIX (SFU), installing 212