Veritas CloudPoint Administrator's Guide

Last Published:
Product(s): CloudPoint (2.2.2)
Platform: Linux
  1. Getting started with CloudPoint
    1.  
      About CloudPoint
    2.  
      What kinds of assets can you protect?
    3.  
      Understanding your CloudPoint license
  2. Section I. Installing and configuring CloudPoint
    1. Preparing for installation
      1.  
        About the deployment approach
      2.  
        Deciding where to run CloudPoint
      3.  
        Meeting system requirements
      4.  
        CloudPoint host sizing recommendations
      5.  
        Creating an instance or preparing the physical host to install CloudPoint
      6.  
        Installing Docker
      7.  
        Creating and mounting a volume to store CloudPoint data
      8.  
        Verifying that specific ports are open on the instance or physical host
    2. Deploying CloudPoint
      1.  
        About deploying CloudPoint in a non-interactive mode
      2.  
        Installing CloudPoint
      3.  
        Configuring CloudPoint from your browser and signing in
      4.  
        Verifying that CloudPoint installed successfully
      5.  
        Configuring AWS KMS in CloudPoint
    3. Deploying CloudPoint in the AWS cloud
      1.  
        About CloudPoint deployment in the AWS cloud
      2.  
        About CloudPoint integration with AWS KMS
      3. About CloudPoint support for AWS IAM roles
        1.  
          About source account and cross-account configurations
        2.  
          How to configure CloudPoint to use IAM roles
        3.  
          CloudPoint IAM role configuration limitations
      4. About the CloudPoint AWS CloudFormation template
        1.  
          Resources created by the CloudPoint template
        2.  
          CloudPoint EC2 instance configuration details
        3.  
          Instance failures and Auto Scaling Group behavior
      5.  
        Prerequisites for using the CloudPoint template
      6.  
        Launching a CloudPoint CloudFormation stack
    4. Using plug-ins to discover assets
      1.  
        About plug-ins
      2.  
        Determining the types of plug-ins and agents to install
    5. Configuring off-host plug-ins
      1. AWS plug-in configuration notes
        1.  
          Prerequisites for configuring the AWS plug-in
        2.  
          Configuring AWS permissions for CloudPoint
        3.  
          AWS permissions required by CloudPoint
        4.  
          Before you create a cross account configuration
      2. Google Cloud Platform plug-in configuration notes
        1.  
          Google Cloud Platform permissions required by CloudPoint
        2.  
          Configuring a GCP service account for CloudPoint
        3.  
          Preparing the GCP service account for plug-in configuration
      3. Microsoft Azure plug-in configuration notes
        1.  
          Configuring permissions on Microsoft Azure
      4.  
        Dell EMC Unity array plug-in configuration notes
      5.  
        Pure Storage FlashArray plug-in configuration notes
      6. HPE RMC plug-in configuration notes
        1.  
          RMC plug-in configuration parameters
        2.  
          Supported HPE storage systems
        3.  
          Supported CloudPoint operations on HPE storage arrays
      7. NetApp plug-in configuration notes
        1.  
          NetApp plug-in configuration parameters
        2.  
          Supported NetApp arrays
        3.  
          Supported CloudPoint operations on NetApp storage
      8. Hitachi plug-in configuration notes
        1.  
          Hitachi plug-in configuration parameters
        2.  
          Supported Hitachi storage arrays
        3.  
          Supported CloudPoint operations on Hitachi arrays
      9. InfiniBox plug-in configuration notes
        1.  
          InifiniBox plug-in configuration parameters
        2.  
          Supported CloudPoint operations on InfiniBox arrays
      10.  
        Configuring an off-host plug-in
      11. About CloudPoint plug-ins and assets discovery
        1.  
          Plug-in discovery interval requirements and limitations
        2.  
          Viewing the assets discovery interval setting
    6. Configuring the on-host agents and plug-ins
      1.  
        About agents
      2. Oracle plug-in configuration notes
        1.  
          Optimizing your Oracle database data and metadata files
      3.  
        MongoDB plug-in configuration notes
      4.  
        Microsoft SQL plug-in configuration notes
      5.  
        About the installation and configuration process
      6.  
        Preparing to install the Linux-based on-host agent
      7.  
        Preparing to install the Windows-based on-host agent
      8.  
        Downloading and installing the on-host agent
      9.  
        Configuring the Linux-based on-host agent
      10.  
        Configuring the Windows-based on-host agent
      11.  
        Configuring the on-host plug-in
      12.  
        Configuring VSS to store shadow copies on the originating drive
    7. Protecting assets with CloudPoint's agentless feature
      1.  
        About the agentless feature
      2. Prerequisites for the agentless configuration
        1.  
          Granting password-less sudo access to host user account
      3.  
        Configuring the agentless feature
  3. Section II. Configuring users
    1. Setting up email and adding users
      1.  
        Configuring the CloudPoint sender email address
      2.  
        About adding users to CloudPoint
      3.  
        Adding AD users to CloudPoint using LDAP
      4.  
        Adding users to CloudPoint manually
      5.  
        Deleting a user from CloudPoint
    2. Assigning roles to users for greater efficiency
      1.  
        About role-based access control
      2.  
        Displaying role information
      3.  
        Creating a role
      4.  
        Editing a role
      5.  
        Deleting a role
  4. Section III. Protecting and managing data
    1. User interface basics
      1.  
        Signing in to CloudPoint
      2.  
        Focusing on an asset type
      3.  
        Navigating to your assets
      4.  
        Using the action icons
    2. Indexing and classifying your assets
      1.  
        About indexing and classifying snapshots
      2.  
        Configuring classification settings using VIC
      3.  
        Indexing and classifying snapshots
      4.  
        Indexing and classification statuses
    3. Protecting your assets with policies
      1.  
        About policies
      2.  
        How a CloudPoint protection policy works
      3.  
        Creating a policy
      4.  
        Assigning a policy to an asset
      5.  
        Listing policies and displaying policy details
      6.  
        Editing a policy
      7.  
        Deleting a policy
    4. Tag-based asset protection
      1.  
        About tag-based asset protection
      2.  
        How to use tag-based asset protection feature
      3.  
        Tag-based asset protection support
      4.  
        Tag-based asset protection considerations and limitations
    5. Replicating snapshots for added protection
      1.  
        About snapshot replication
      2.  
        About cross-account snapshot replication in the AWS cloud
      3.  
        Requirements for replicating snapshots
      4.  
        Cross-account snapshot replication support matrix
      5.  
        Cross-account snapshot replication limitations
      6.  
        Configuring replication rules
      7.  
        Editing a replication rule
      8.  
        Deleting a replication rule
    6. Managing your assets
      1.  
        Creating a snapshot manually
      2.  
        Displaying asset snapshots
      3.  
        Replicating a snapshot manually
      4. About snapshot restore
        1.  
          Restore requirements and limitations for Microsoft SQL Server
        2.  
          Restore requirements and limitations for Oracle
        3.  
          Restore requirements and limitations for MongoDB
      5.  
        About single file restore (granular restore)
      6. Single file restore requirements and limitations
        1.  
          Single file restore support on Linux
        2.  
          Single file restore limitations on Linux
        3.  
          Single file restore support on Windows
        4.  
          Single file restore limitations on Windows
      7.  
        Restoring a snapshot
      8.  
        Additional steps required after restoring disk-level snapshots
      9. Additional steps required after a SQL Server snapshot restore
        1.  
          Steps required after a SQL Server host-level restore
        2.  
          Steps required after a SQL Server disk-level snapshot restore to new location
      10.  
        Additional steps required after an Oracle snapshot restore
      11.  
        Additional steps required after a MongoDB snapshot restore
      12.  
        Additional steps required after restoring an AWS RDS database instance
      13.  
        Restoring individual files within a snapshot
      14.  
        Deleting a snapshot
    7. Monitoring activities with notifications and the job log
      1.  
        About CloudPoint notifications
      2.  
        Viewing notifications in the CloudPoint UI
      3.  
        CloudPoint notification methods
      4.  
        CloudPoint notification limitations
      5.  
        Configuring email-based CloudPoint notifications
      6.  
        Configuring AWS SNS-based CloudPoint notifications
      7.  
        Using the Job Log
    8. Protection and disaster recovery
      1.  
        About protection and disaster recovery
      2.  
        Backing up CloudPoint
      3.  
        Restoring CloudPoint
  5. Section IV. Maintaining CloudPoint
    1. CloudPoint logging
      1.  
        About CloudPoint logging mechanism
      2. How fluentd-based CloudPoint logging works
        1.  
          About the CloudPoint fluentd configuration file
        2.  
          Modifying the fluentd configuration file
        3.  
          Fluentd-based logging requirements and considerations
      3.  
        Viewing CloudPoint logs
    2. Troubleshooting CloudPoint
      1.  
        Restarting CloudPoint
      2.  
        Docker may fail to start due to a lack of space
      3.  
        CloudPoint installation fails if rootfs is not mounted in a shared mode
      4.  
        Some CloudPoint features do not appear in the user interface
      5.  
        Off-host plug-in deletion does not automatically remove file system and application assets
      6.  
        Disk-level snapshot restore fails if the original disk is detached from the instance
      7.  
        Snapshot restore for encrypted AWS assets may fail
      8.  
        Error while adding users to CloudPoint
      9.  
        CloudPoint fails to revert restored snapshots if indexing, classification, or restore operations fail
      10.  
        SQL snapshot or restore and SFR operations fail if the Windows instance loses connectivity with the CloudPoint host
      11.  
        Troubleshooting CloudPoint logging
      12.  
        Swagger UI-based authorization for CloudPoint REST API calls may fail
      13.  
        Policy retention count is not honored for file system and application assets if there is an issue with the CloudPoint plug-in
    3. Working with your CloudPoint license
      1.  
        Displaying CloudPoint license and protection information
      2.  
        Upgrading your CloudPoint license
    4. Managing CloudPoint agents and plug-ins
      1.  
        Unconfiguring CloudPoint plug-ins
      2.  
        Unconfiguring the CloudPoint agent
      3.  
        Uninstalling CloudPoint on-host agents
    5. Upgrading CloudPoint
      1. About CloudPoint upgrades
        1.  
          Supported upgrade path
      2. Preparing to upgrade CloudPoint
        1.  
          Removing CloudPoint plug-in configuration
      3.  
        Upgrading CloudPoint
      4.  
        Upgrading a CloudPoint CloudFormation stack
    6. Uninstalling CloudPoint
      1.  
        Preparing to uninstall CloudPoint
      2.  
        Removing the CloudPoint on-host agents
      3.  
        Removing CloudPoint from a standalone Docker host environment
  6. Section V. Reference
    1. Storage array support
      1. Dell EMC Unity arrays
        1.  
          Dell EMC Unity array plug-in configuration parameters
        2.  
          Supported Dell EMC Unity arrays
        3.  
          Supported CloudPoint operations on Dell EMC Unity arrays
      2. Pure Storage FlashArray
        1.  
          Pure Storage FlashArray plug-in configuration parameters
        2.  
          Supported Pure Storage FlashArray models
        3.  
          Supported CloudPoint operations on Pure Storage FlashArray models
    2. Working with CloudPoint using APIs
      1.  
        Accessing the Swagger-based API documentation

Upgrading CloudPoint

In the following upgrade steps, you replace the container that runs your current version of CloudPoint with a new container.

To upgrade CloudPoint

  1. Make sure that the CloudPoint host (physical host, virtual machine or a cloud instance) meets the requirements of the new CloudPoint version.

    See Meeting system requirements.

  2. Open the Veritas CloudPoint trial page.

    In your browser's address bar, type the following URL:

    https://www.veritas.com/form/trialware/cloudpoint-download

  3. On the trial page, provide the requested details and then click Submit to register.
  4. On the CloudPoint download page, click Download Now to download the CloudPoint installer.

    The CloudPoint software components are available in the form of Docker images and these images are packaged in a compressed file. The file name has the following format:

    Veritas_CloudPoint_2.x.x_IE.img.gz

    The numerical sequence in the file name represents the CloudPoint product version.

    Note:

    The actual compressed image file name may vary depending on the product release version.

  5. Copy the downloaded compressed image file to the computer on which you want to deploy CloudPoint.
  6. Load the image file using the following command:
    # docker load -i <imagefilename>

    For example, if the CloudPoint version is 2.1.2, the command syntax is as follows:

    # docker load -i Veritas_CloudPoint_2.1.2_IE.img.gz

    Messages similar to the following appear on the command line:

    644879075e24: Loading layer [===============>] 117.9MB/117.9MB
d7ff1dc646ba: Loading layer [===============>] 15.87MB/15.87MB
d73dd9qwer58: Loading layer [===============>] 1.812GB/1.812GB
3167ba895aec: Loading layer [===============>] 352.9MB/352.9MB
fd22ad285778: Loading layer [===============>] 41.98kB/41.98kB
Loaded image: veritas/flexsnap-cloudpoint:2.1.2.7542

    Make a note of the loaded image name and version that appears on the last line. This represents the new CloudPoint version that you wish to upgrade to. You will need this information in the subsequent steps.

    Note:

    The version displayed here is used for representation only. The actual version will vary depending on the product release you are installing.

  7. Make a note of the current CloudPoint version that is installed. You will use the version number in the next step.

    Log on to the CloudPoint user interface (UI) and from the top right corner, click Settings and then click About.

    The Current Version field in the About dialog box displays the installed version.

  8. From the Job Log page, verify that there are no protection policy snapshots or other operations in progress and then stop CloudPoint by running the following command:
    # sudo docker run --rm -it -v /cloudpoint:/cloudpoint 
-v /var/run/docker.sock:/var/run/docker.sock 
veritas/flexsnap-cloudpoint:current_version stop

    Here, current_version represents the currently installed CloudPoint version. Use the version number you noted in step 7 earlier.

    For example, if the installed CloudPoint version is 2.0.2.4722, the command will be as follows:

    # sudo docker run --rm -it -v /cloudpoint:/cloudpoint 
-v /var/run/docker.sock:/var/run/docker.sock 
veritas/flexsnap-cloudpoint:2.0.2.4722 stop

    Note:

    This is a single command. Ensure that you enter the command without any line breaks.

    The CloudPoint containers are stopped one by one. Messages similar to the following appear on the command line:

    Stopping the services
Stopping container: flexsnap-agent.e425d969dd4 ...done
Stopping container: flexsnap-agent.4704fd318322 ...done
Stopping container: flexsnap-fluentd ...done
Stopping container: flexsnap-mongodb ...done
Stopping container: flexsnap-rabbitmq ...done
Stopping container: flexsnap-authorization-service ...done
Stopping container: flexsnap-auth ...done
Stopping container: flexsnap-api-gateway ...done
Stopping container: flexsnap-api ...done
Stopping container: flexsnap-coordinator ...done
Stopping container: flexsnap-agent ...done
Stopping container: flexsnap-scheduler ...done
Stopping container: flexsnap-vic ...done
Stopping container: flexsnap-indexingsupervisor ...done
Stopping container: flexsnap-telemetry ...done
Stopping container: flexsnap-licensing ...done
Stopping container: flexsnap-policy ...done
Stopping container: flexsnap-cloudpointconsole ...done
Stopping container: flexsnap-notification ...done
Stopping container: flexsnap-identity-manager-service ...done
Stopping container: flexsnap-email-service ...done
Stopping container: flexsnap-onhostagent ...done

    Wait for all the CloudPoint containers to be stopped and then proceed to the next step.

  9. Upgrade CloudPoint by running the following command:
    # sudo docker run --rm -it -v /cloudpoint:/cloudpoint 
-v /var/run/docker.sock:/var/run/docker.sock
veritas/flexsnap-cloudpoint:new_version install

    For an unattended installation, use the following command:

    # sudo docker run --rm -it -v /cloudpoint:/cloudpoint 
-v /var/run/docker.sock:/var/run/docker.sock
veritas/flexsnap-cloudpoint:new_version install -y

    Here, new_version represents the CloudPoint version you are upgrading to.

    The -y option passes an approval for all the subsequent installation prompts and allows the installer to proceed in a non-interactive mode.

    For example, using the version number specified in step 6 earlier, the command will be as follows:

    # sudo docker run --rm -it -v /cloudpoint:/cloudpoint 
-v /var/run/docker.sock:/var/run/docker.sock
veritas/flexsnap-cloudpoint:2.1.2.7542 install -y
    Note: 
    This is a single command. Ensure that you enter the command without any line breaks.
  10. The new CloudPoint installer detects the existing CloudPoint containers that are running and asks for a confirmation for removing them. 
    Press Y to confirm the removal of the old CloudPoint containers.
    Note: 
    No inputs are required if the installer is run in a non-interactive mode.
    The installer first loads the individual service images and then launches them in their respective containers.
    Wait for the installer to display messages similar to the following and then proceed to the next step:
    Installing the services
Configuration started at time: Thu Jul 11 09:58:02 UTC 2019
Do you wish to continue CloudPoint installation with older 
docker version. ? (y/n): y
This is an upgrade to CloudPoint 2.1.2.7542
Previous CloudPoint version: 2.0.2.4722
Checking if a 1.0 release container exists ...
Removing exited container flexsnap-agent.e425d969d ...done
Removing exited container flexsnap-agent.47033896e ...done
Removing exited container flexsnap-cloudpointconsole ...done
Removing exited container flexsnap-authorization-service ...done
Removing exited container flexsnap-email-service ...done
Removing exited container flexsnap-identity-manager-service ...done
Removing exited container flexsnap-licensing ...done
Removing exited container flexsnap-vic ...done
Removing exited container flexsnap-telemetry ...done
Removing exited container flexsnap-notification ...done
Removing exited container flexsnap-indexingsupervisor ...done
Removing exited container flexsnap-policy ...done
Removing exited container flexsnap-scheduler ...done
Removing exited container flexsnap-onhostagent ...done
Removing exited container flexsnap-agent ...done
Removing exited container flexsnap-coordinator ...done
Removing exited container flexsnap-api ...done
Removing exited container flexsnap-api-gateway ...done
Removing exited container flexsnap-auth ...done
Removing exited container flexsnap-rabbitmq ...done
Removing exited container flexsnap-mongodb ...done
Removing exited container flexsnap-fluentd ...done
Deleting network : flexsnap-network ...done
Loading images for the CloudPoint services ...done
Creating network: flexsnap-network ...done
Generating certificates for MongoDB server ...done
Starting docker container: flexsnap-fluentd ...done
Starting docker container: flexsnap-mongodb ...done
Starting docker container: flexsnap-rabbitmq ...done
Generating certificates for API-gateway container ...done
Generating certificates for few other service container ...done
Generating certificates for OnhostAgent container ...done
Adding MongoDB certificate to the trust store ...done
Starting docker container: flexsnap-auth ...done
Starting docker container: flexsnap-api-gateway ...done
Starting docker container: flexsnap-api ...done
Starting docker container: flexsnap-coordinator ...done
Starting docker container: flexsnap-agent ...done
Starting docker container: flexsnap-onhostagent ...done
Starting docker container: flexsnap-scheduler ...done
Starting docker container: flexsnap-policy ...done
Starting docker container: flexsnap-indexingsupervisor ...done
Starting docker container: flexsnap-notification ...done
Starting docker container: flexsnap-telemetry ...done
Starting docker container: flexsnap-vic ...done
Starting docker container: flexsnap-licensing ...done
Starting docker container: flexsnap-identity-manager-service ...done
Starting docker container: flexsnap-email-service ...done
Starting docker container: flexsnap-authorization-service ...done
Starting docker container: flexsnap-cloudpointconsole ...done
  11.  Refresh your web browser and log in to the CloudPoint user interface.
  12. Verify the CloudPoint version.
    From the UI, click on Settings from the top right corner and select About. 
    The Current Version field in the About dialog box should now indicate the new version you just installed.
  13. This concludes the upgrade process on the host. Verify that your  CloudPoint configuration settings and data are preserved as is.
  14. After upgrading CloudPoint containers on the CloudPoint host, the next step is to upgrade the on-host agents on the Linux and Windows hosts.
    Perform the following steps to upgrade the agent on Linux hosts:
    • Download the newer version of the agent installation package by logging in to the CloudPoint UI.
    • Stop the flexsnap agent service on the host where you want to upgrade the agent.
      # sudo systemctl stop flexsnap-agent.service
    • Upgrade the agent on the Linux host.
      # sudo rpm -Uvh cloudpoint_agent_rpm_name
      Here, cloudpoint_agent_rpm_name is the name of the on-host agent rpm package you downloaded earlier.
    • Start the flexsnap agent service on the host.
      # sudo systemctl start flexsnap-agent.service
    • Reload the daemon, if prompted.
      # sudo systemctl daemon-reload
    • Repeat these steps on all the Linux hosts where you wish to upgrade the Linux-based on-host agent.
    Perform the following steps to upgrade the agent on Windows hosts:
    • Download the newer version of the agent installation package by logging in to the CloudPoint UI.
    • Upgrade the agent on the Windows host.
      Run the agent package file and follow the installation wizard workflow to upgrade the on-host agent on the Windows host. The installer detects the existing installation and upgrades the package to the new version automatically.
    • Repeat these steps on all the Windows hosts where you wish to upgrade the Windows-based on-host agent.
    For details on how to download the agent installation package from the CloudPoint UI, refer to the following:
    See Downloading and installing the on-host agent.
  15. If you have deployed  CloudPoint on an EC2 instance in the AWS cloud, you now have the option to configure CloudPoint to use AWS KMS service for encrypting and decrypting CloudPoint configuration.
    This is an optional step and is applicable only if your CloudPoint deployment is using the default encryption mechanism and AWS KMS is not already configured in that environment.
    See About CloudPoint integration with AWS KMS.
    See Configuring AWS KMS in CloudPoint.
  16. If CloudPoint is deployed in the AWS cloud and is integrated into a Veritas NetBackup environment, the next step is to update the NetBackup configuration so that the upgraded CloudPoint configuration details are available with NetBackup.
    Performing this step ensures that the AWS IAM configuration settings in CloudPoint are updated in the NetBackup configuration.
    A NetBackup configuration update (this step) is not required if CloudPoint is not deployed in the AWS cloud.
    Run the following command on the NetBackup Master server:
    # ./tpconfig -update -cloudpoint_server <cloudpoint_server_name> -cloudpoint_server_user_id <user_ID> [-requiredport <IP_port_number>]
    Here,
    • <cloudpoint_server_name> is the fully qualified domain name (FQDN) of the CloudPoint host.
    • <cloudpoint_server_user> is the CloudPoint administrator user account that is configured on the CloudPoint server.
    • <IP_port_number> represents the port number used by the CloudPoint server. The default port number is 443. This parameter is required only if CloudPoint host is using a different port.
    For example, if the CloudPoint host name is mycphost.mydomain.dom and the configured CloudPoint admin user is mycpuser@mycp.com, then the command syntax is as follows:
    # ./tpconfig -update -cloudpoint_server mycphost.mydomain.com -cloudpoint_server_user_id mycpuser@mycp.com
    When prompted, enter the password for the CloudPoint user that you specified in the command earlier, and then enter the password again to confirm.
    Once the NetBackup configuration is updated, you can start using CloudPoint with NetBackup immediately. All the existing CloudPoint configuration settings such as plug-ins, assets, snapshots, restore, and replication jobs are retained and continue to work as is. New assets discovery is performed as per the discovery schedule. If you add a new AWS region, AWS IAM is used to discover and perform operations on the assets in that region.
    For more details about the tpconfig command and its options, refer to the Veritas NetBackup Commands Reference Guide. For more information about CloudPoint and Veritas NetBackup integration, refer to the Veritas  NetBackup Web UI Cloud Administrator's Guide.
    https://www.veritas.com/support/en_US/article.100040135
Note: 
If you have upgraded CloudPoint without removing deprecated plug-in configurations such as HPE 3PAR, then you may not be able to sign in to the CloudPoint UI after the upgrade. Contact Veritas Technical Support to help you clean the deprecated plug-in entries from the CloudPoint database and get your CloudPoint deployment up and running.