Veritas NetBackup™ Cloud Administrator's Guide

Last Published:
Product(s): NetBackup (8.0)
  1. About NetBackup cloud storage
    1.  
      New cloud features in NetBackup 8.0
    2.  
      About cloud storage features and functionality
    3.  
      About the catalog backup of cloud configuration files
    4.  
      About support limitations for NetBackup cloud storage
  2. About the cloud storage
    1.  
      About the cloud storage vendors for NetBackup
    2. About the Amazon S3 cloud storage API type
      1.  
        Amazon S3 cloud storage vendors certified for NetBackup
      2.  
        Amazon S3 storage type requirements
      3.  
        Amazon S3 cloud storage provider options
      4.  
        Amazon S3 cloud storage options
      5.  
        Amazon S3 advanced server configuration options
      6.  
        Amazon S3 credentials broker details
      7.  
        About private clouds from Amazon S3-compatible cloud providers
      8.  
        About Amazon S3 storage classes
    3. About EMC Atmos cloud storage API type
      1.  
        EMC Atmos cloud storage vendors certified for NetBackup
      2.  
        EMC Atmos storage type requirements
      3.  
        EMC Atmos cloud storage provider options
      4.  
        EMC Atmos advanced server configuration options
      5.  
        About private clouds from AT&T
    4. About Microsoft Azure cloud storage API type
      1.  
        Microsoft Azure cloud storage vendors certified for NetBackup
      2.  
        Microsoft Azure storage type requirements
      3.  
        Microsoft Azure cloud storage provider options
      4.  
        Microsoft Azure advanced server configuration options
    5. About OpenStack Swift cloud storage API type
      1.  
        OpenStack Swift cloud storage vendors certified for NetBackup
      2.  
        OpenStack Swift storage type requirements
      3.  
        OpenStack Swift cloud storage provider options
      4.  
        OpenStack Swift storage region options
      5.  
        OpenStack Swift add cloud storage configuration options
      6.  
        OpenStack Swift proxy settings
      7.  
        About Rackspace Cloud Files storage requirements
      8.  
        Rackspace storage server configuration options
      9.  
        About private clouds from Rackspace
  3. Configuring cloud storage in NetBackup
    1.  
      Before you begin to configure cloud storage in NetBackup
    2.  
      Configuring cloud storage in NetBackup
    3.  
      Cloud installation requirements
    4. Scalable Storage properties
      1.  
        Configuring advanced bandwidth throttling settings
      2.  
        Advanced bandwidth throttling settings
    5. Cloud Storage properties
      1.  
        Adding a cloud storage instance
      2.  
        Changing cloud storage host properties
      3.  
        Deleting a cloud storage host instance
    6. About the NetBackup CloudStore Service Container
      1.  
        NetBackup CloudStore Service Container security certificates
      2.  
        NetBackup CloudStore Service Container security modes
      3.  
        NetBackup cloudstore.conf configuration file
    7.  
      Deploying host name-based certificates
    8.  
      Deploying host ID-based certificates
    9.  
      About data compression for cloud backups
    10.  
      About data encryption for cloud storage
    11.  
      About key management for encryption of NetBackup cloud storage
    12.  
      About cloud storage servers
    13.  
      About the NetBackup media servers for cloud storage
    14. Configuring a storage server for cloud storage
      1.  
        KMS database encryption settings
      2.  
        Assigning a storage class to Amazon cloud storage
    15.  
      Changing cloud storage server properties
    16. NetBackup cloud storage server properties
      1.  
        NetBackup storage server cloud connection properties
      2.  
        NetBackup cloud storage server bandwidth throttling properties
      3.  
        NetBackup cloud storage server encryption properties
    17.  
      About cloud storage disk pools
    18.  
      Configuring a disk pool for cloud storage
    19.  
      Saving a record of the KMS key names for NetBackup cloud storage encryption
    20.  
      Adding backup media servers to your cloud environment
    21. Configuring a storage unit for cloud storage
      1.  
        Cloud storage unit properties
      2.  
        Configure a favorable client-to-server ratio
      3.  
        Control backup traffic to the media servers
    22.  
      About NetBackup Accelerator and NetBackup Optimized Synthetic backups
    23.  
      Enabling NetBackup Accelerator with cloud storage
    24.  
      Enabling optimized synthetic backups with cloud storage
    25.  
      Creating a backup policy
    26. Changing cloud storage disk pool properties
      1.  
        Cloud storage disk pool properties
  4. Monitoring and Reporting
    1.  
      About monitoring and reporting for cloud backups
    2.  
      Viewing cloud storage job details
    3.  
      Viewing the compression ratio
    4.  
      Viewing NetBackup cloud storage disk reports
    5.  
      Displaying KMS key information for cloud storage encryption
  5. Operational notes
    1.  
      NetBackup bpstsinfo command operational notes
    2.  
      Unable to configure additional media servers
    3.  
      Cloud configuration may fail if NetBackup Access Control is enabled
    4.  
      Deleting cloud storage server artifacts
  6. Troubleshooting
    1. About unified logging
      1.  
        About using the vxlogview command to view unified logs
      2.  
        Examples of using vxlogview to view unified logs
    2. About legacy logging
      1.  
        Creating NetBackup log file directories for cloud storage
    3.  
      NetBackup cloud storage log files
    4.  
      Enable libcurl logging
    5.  
      NetBackup Administration Console fails to open
    6. Troubleshooting cloud storage configuration issues
      1.  
        NetBackup Scalable Storage host properties unavailable
      2.  
        Connection to the NetBackup CloudStore Service Container fails
      3.  
        Cannot create a cloud storage disk pool
      4.  
        Cannot create a cloud storage
      5.  
        Data transfer to cloud storage server fails in the SSL mode
      6.  
        Amazon GovCloud cloud storage configuration fails in non-SSL mode
      7.  
        Data restore from the Google Nearline storage class may fail
      8.  
        Backups may fail for cloud storage configurations with Frankfurt region
      9.  
        Backups may fail for cloud storage configurations with the cloud compression option
      10.  
        Fetching storage regions fails with authentication version V2
    7. Troubleshooting cloud storage operational issues
      1.  
        Cloud storage backups fail
      2.  
        Stopping and starting the NetBackup CloudStore Service Container
      3.  
        A restart of the nbcssc process reverts all cloudstore.conf settings
      4.  
        NetBackup CloudStore Service Container startup and shutdown troubleshooting

NetBackup CloudStore Service Container security certificates

The NetBackup CloudStore Service Container requires a digital security certificate so that it starts and runs. How the security certificate is provisioned depends on the release level of NetBackup, as follows:

NetBackup 8.0 and later

The NetBackup hosts that run the CloudStore Service Container require both a host ID-based certificate and a host name-based certificate. You may have to install the certificates on those hosts.

See Deploying host name-based certificates.

See Deploying host ID-based certificates.

If the NetBackup master server is clustered, you must ensure that the active node and the passive nodes have both host named-based and host-ID based certificates. See the NetBackup Security and Encryption Guide for NetBackup 8.0 or later:

http://www.veritas.com/docs/DOC5332

NetBackup 7.7 and 7.7.x

The NetBackup hosts that run the CloudStore Service Container require a host name-based certificate. You must use a command to install it on a media server.

See Deploying host name-based certificates.

Note:

You do not need to generate a security certificate, if you have already generated it before configuring the cloud storage.

The host name-based security certificates expire after one year. NetBackup automatically replaces existing certificates with new ones as needed.

Note:

The security certificates that are provisioned for other NetBackup features or purposes satisfy the certificate requirement for the NetBackup CloudStore Service Container. The NetBackup Access Control feature uses security certificates, and the NetBackup Administration Console requires security certificates for interhost communication.

If the NetBackup master server is clustered, you must ensure that the active node and the passive node have host named-based certificates. See the 7.7.x version of the NetBackup Security and Encryption Guide:

http://www.veritas.com/docs/DOC5332

NetBackup releases earlier than 7.7

The NetBackup CloudStore Service Container generates a self-signed certificate for authentication. The certificate expires after 365 days. The NetBackup CloudStore Service Container automatically replaces existing certificates with new ones as needed.

The NetBackup CloudStore Service Container in NetBackup releases earlier than 7.7 does not recognize the certificates that a NetBackup 7.7 or later master server generates. If your security policy prohibits self-signed certificates, you must run NetBackup 7.7 or later on the media servers that you use for cloud storage.

Where the media server security certificates reside depend on the release level of NetBackup, as follows:

NetBackup 7.7 and later

The certificate name is the host name that you used when you configured the NetBackup media server software on the host. The path for the certificate is as follows, depending on operating system:

  • UNIX/Linux: /usr/openv/var/vxss/credentials

  • Windows: install_dir\Veritas\NetBackup\var\VxSS\credentials

NetBackup releases earlier than 7.7

The following are the pathnames to the certificate, depending on operating system:

  • UNIX/Linux: /usr/openv/lib/ost-plugins/cssc.crt

  • Windows: install_path\Veritas\NetBackup\bin\ost-plugins\cssc.crt

If the certificate becomes corrupt or expires, delete the old certificate and restart the service to regenerate a new certificate.

See About the NetBackup CloudStore Service Container.