Veritas NetBackup™ for Nutanix Acropolis Hypervisor (AHV) Administrator's Guide
- Introduction to NetBackup for Acropolis Hypervisor (AHV)
- Prerequisites and things to consider before using the plug-in
- Downloading and installing the Nutanix plug-in
- Configuring NetBackup communication with AHV
- Configuring secure communication between the Nutanix Acropolis Hypervisor server and NetBackup host
- Managing SSL certificates through ECA framework
- Adding a backup host to the NetBackup master server
- Configuring NetBackup policies for AHV
- Backup and recovery
- Back up the Nutanix AHV virtual machines
- Overview of the Nutanix AHV virtual machines recovery process
- Recovering a Nutanix AHV VM using the command line for Hypervisor policy
- Troubleshooting issues
- Appendix A. NetBackup commands to backup and restore Nutanix AHV virtual machines
- Appendix B. Protect Nutanix AHV virtual machines with BigData policy
Managing SSL certificates through ECA framework
NetBackup can now validate Nutanix Acropolis Hypervisor (AHV) server certificates using their root or intermediate certificate authority (CA) certificates.
For NetBackup 8.2, only
PEM certificate format is supported for virtualization servers.
For more information, See VIRTUALIZATION_HOSTS_SECURE_CONNECT_ENABLED for servers and clients.
The following procedure is applicable for the NetBackup master server and all virtualization access hosts.
To configure secure communication between the Nutanix AHV server and virtualization access host
- Configure a external certificate authority trust store on the virtualization access host.
- Add CA certificates of the required Nutanix AHV server in the trust store on the access host.
- Use the nbsetconfig command to configure the following NetBackup configuration options on the access host:
For more information on the configuration options, refer to the NetBackup Administrator's Guide.
Specifies the file path to the certificate bundle file that contains all trusted root CA certificates.
This option is specific to file-based certificates. You should not configure this option if Windows certificate store is used.
If you have already configured this external CA option, append the Nutanix AHV CA certificates to the existing external certificate trust store.
If you have not configured the option, add all the required Nutanix AHV server CA certificates to the trust store and set the option.
Specifies the path to the directory where the certificate revocation lists (CRL) of the external CA are located.
If you have already configured this external CA option, append the Nutanix AHV server CRLs to the CRL cache.
If you have not configured the option, add all the required CRLs to the CRL cache and then set the option.
This option affects Nutanix AHV, RHV, and VMware secure communication. Without this option, the secure or insecure communication with workload is decided by each workload and plug-in separately.
For Nutanix AHV, secure communication is enabled by default.
This option lets you skip the security certificate validation.
See VIRTUALIZATION_HOSTS_SECURE_CONNECT_ENABLED for servers and clients.
Lets you validate the revocation status of the virtualization server certificate against the CRLs.
By default, the option is disabled.
See VIRTUALIZATION_CRL_CHECK for NetBackup servers and clients.
For more information on external CA support, refer to the NetBackup Security and Encryption Guide.