Veritas NetBackup for Acropolis Hypervisor (AHV) Administrator's Guide

Last Published:
Product(s): NetBackup (8.1)
  1. Introduction to NetBackup for Acropolis Hypervisor (AHV)
    1.  
      Protect AHV using NetBackup
    2.  
      NetBackup terminology related to the AHV backup
    3.  
      NetBackup for AHV environment
    4.  
      Tasks to protect the AHV
  2. Prerequisites, notes, and restrictions
    1.  
      Prerequisites
    2. Notes and restrictions
      1.  
        NetBackup character restrictions for virtual machine names
  3. Download and install the Nutanix plug-in
    1.  
      Plan the installation for Nutanix AHV
    2.  
      Verify the operating system and platform compatibility
    3.  
      NetBackup server and client requirements
    4.  
      License requirements for the Nutanix AHV
    5.  
      Download the Nutanix AHV plug-in binaries
    6.  
      Install the Nutanix AHV plug-in
  4. Configure NetBackup communication with AHV
    1.  
      Establish communication between components
    2. Add a backup host to the NetBackup master server
      1.  
        Add a backup host to the NetBackup master access list
      2.  
        Configure a NetBackup Appliance as a backup host
    3.  
      Add a backup host to the Acropolis Cluster access list
    4.  
      Add the Nutanix Acropolis Cluster credentials for NetBackup
    5. Manage SSL certificates
      1.  
        Manage SSL certificates on NetBackup Appliance
    6.  
      About the nb_nutanix-ahv configuration file
  5. Configure NetBackup policies for AHV
    1.  
      About the BigData policy type
    2.  
      Create a BigData policy using the NetBackup Policies utility
    3.  
      Create a BigData policy using the Backup Policy Configuration Wizard
    4.  
      Create a BigData policy using the NetBackup Command Line Interface
  6. Backup and restore
    1. Back up the Nutanix AHV virtual machines
      1.  
        Basic phases in a NetBackup backup of an AHV
    2.  
      Restore the Nutanix AHV virtual machines
  7. Troubleshoot issues
    1.  
      Troubleshoot issues related to AHV backup
    2.  
      NetBackup logs
    3.  
      Error during policy creation and validation
    4.  
      NetBackup status codes
  8. Appendix A. NetBackup commands to backup and restore Nutanix AHV virtual machines
    1.  
      NetBackup commands for protecting the AHV

Manage SSL certificates

This section describes the various ways to manage SSL certificates with NetBackup for AHV.

The Nutanix Acropolis cluster comes with its default certificate. For detailed information about Nutanix certificates, refer to the Nutanix documentation.

You may use the default Nutanix certificate or you may choose to install one of the following certificates on the Nutanix Acropolis cluster:

  • Self-signed certificates in the Nutanix Cluster.

  • Certificates that are signed from a known Certificate Authority (CA)

When the backup host connects to the Nutanix Acropolis cluster, NetBackup validates the SSL certificates that are installed on your system.

As part of SSL validations, NetBackup conducts peer and host validations. NetBackup tries to locate the public certificates that may be placed in the certificate bundle of the operating system. It is likely that the certificate bundle of the operating system is not updated or that the certificates signed from a CA might have expired. To address such issues, you can download the latest certificate bundle for your operating system.

You may also create a certificate bundle for your self-signed certificate.

You may disable the SSL validations depending upon the type of certificate that you have installed. You can disable SSL validations using the nb_nutanix-ahv.conf file. This configuration file is bundled with the Nutanix AHV plug-in and it is located in the usr/openv/netbackup directory on the backup host.

To let NetBackup access the latest SSL certificates, specify the path to the certificate file in the nb_nutanix-ahv.conf file using the cert_authority_file parameter.

The following topics discuss the implications of using various forms of SSL certificate with NetBackup.

SSL certificate from Nutanix

If you use the default certificates from Nutanix, NetBackup may fail SSL validations and not let you backup AHV virtual machines. To disable SSL validations, edit the nb_nutanix-ahv.conf file and set the enable_ssl_validations to false.

Self-signed certificate

If you use self-signed certificates, ensure that the following is met:

  • When you create a BigData policy, the value that you provide in the Application_Server parameter matches the Acropolis cluster name that is present in the SSL certificate.

  • Self-signed public certificates are present in the backup host. Use the cert_authority_file parameter in the nb_nutanix-ahv.conf to specify the path to the local certificate bundle.

Certificate signed from a known certificate authority

If you use certificates signed from a known certificate authority, ensure that the following is met:

  • When you create a BigData policy, the value that you provide in the Application_Server parameter matches the Acropolis cluster name present in the SSL certificate.

  • The SSL root certificates along with intermediate Certificate Authority (if any) are present on the backup host. The Nutanix AHV plug-in uses these certificates to validate the SSL connection with the Nutanix Acropolis cluster.

  • It might happen that the certificate bundle on your operating system has expired. This might also fail backups. Therefore, update the default certificate paths on your operating system with the latest certificate bundles.

    You may have chosen to download and install certificate bundles from different sources. In such case, you can use the cert_authority_file parameter in the nb_nutanix-ahv.conf to specify the file name (along with the path) to your certificate bundle.

See About the nb_nutanix-ahv configuration file.

See Manage SSL certificates on NetBackup Appliance.