Veritas CloudPoint Administrator's Guide

Last Published:
Product(s): CloudPoint (2.2.2)
Platform: Linux
  1. Getting started with CloudPoint
    1.  
      About CloudPoint
    2.  
      What kinds of assets can you protect?
    3.  
      Understanding your CloudPoint license
  2. Section I. Installing and configuring CloudPoint
    1. Preparing for installation
      1.  
        About the deployment approach
      2.  
        Deciding where to run CloudPoint
      3.  
        Meeting system requirements
      4.  
        CloudPoint host sizing recommendations
      5.  
        Creating an instance or preparing the physical host to install CloudPoint
      6.  
        Installing Docker
      7.  
        Creating and mounting a volume to store CloudPoint data
      8.  
        Verifying that specific ports are open on the instance or physical host
    2. Deploying CloudPoint
      1.  
        About deploying CloudPoint in a non-interactive mode
      2.  
        Installing CloudPoint
      3.  
        Configuring CloudPoint from your browser and signing in
      4.  
        Verifying that CloudPoint installed successfully
      5.  
        Configuring AWS KMS in CloudPoint
    3. Deploying CloudPoint in the AWS cloud
      1.  
        About CloudPoint deployment in the AWS cloud
      2.  
        About CloudPoint integration with AWS KMS
      3. About CloudPoint support for AWS IAM roles
        1.  
          About source account and cross-account configurations
        2.  
          How to configure CloudPoint to use IAM roles
        3.  
          CloudPoint IAM role configuration limitations
      4. About the CloudPoint AWS CloudFormation template
        1.  
          Resources created by the CloudPoint template
        2.  
          CloudPoint EC2 instance configuration details
        3.  
          Instance failures and Auto Scaling Group behavior
      5.  
        Prerequisites for using the CloudPoint template
      6.  
        Launching a CloudPoint CloudFormation stack
    4. Using plug-ins to discover assets
      1.  
        About plug-ins
      2.  
        Determining the types of plug-ins and agents to install
    5. Configuring off-host plug-ins
      1. AWS plug-in configuration notes
        1.  
          Prerequisites for configuring the AWS plug-in
        2.  
          Configuring AWS permissions for CloudPoint
        3.  
          AWS permissions required by CloudPoint
        4.  
          Before you create a cross account configuration
      2. Google Cloud Platform plug-in configuration notes
        1.  
          Google Cloud Platform permissions required by CloudPoint
        2.  
          Configuring a GCP service account for CloudPoint
        3.  
          Preparing the GCP service account for plug-in configuration
      3. Microsoft Azure plug-in configuration notes
        1.  
          Configuring permissions on Microsoft Azure
      4.  
        Dell EMC Unity array plug-in configuration notes
      5.  
        Pure Storage FlashArray plug-in configuration notes
      6. HPE RMC plug-in configuration notes
        1.  
          RMC plug-in configuration parameters
        2.  
          Supported HPE storage systems
        3.  
          Supported CloudPoint operations on HPE storage arrays
      7. NetApp plug-in configuration notes
        1.  
          NetApp plug-in configuration parameters
        2.  
          Supported NetApp arrays
        3.  
          Supported CloudPoint operations on NetApp storage
      8. Hitachi plug-in configuration notes
        1.  
          Hitachi plug-in configuration parameters
        2.  
          Supported Hitachi storage arrays
        3.  
          Supported CloudPoint operations on Hitachi arrays
      9. InfiniBox plug-in configuration notes
        1.  
          InifiniBox plug-in configuration parameters
        2.  
          Supported CloudPoint operations on InfiniBox arrays
      10.  
        Configuring an off-host plug-in
      11. About CloudPoint plug-ins and assets discovery
        1.  
          Plug-in discovery interval requirements and limitations
        2.  
          Viewing the assets discovery interval setting
    6. Configuring the on-host agents and plug-ins
      1.  
        About agents
      2. Oracle plug-in configuration notes
        1.  
          Optimizing your Oracle database data and metadata files
      3.  
        MongoDB plug-in configuration notes
      4.  
        Microsoft SQL plug-in configuration notes
      5.  
        About the installation and configuration process
      6.  
        Preparing to install the Linux-based on-host agent
      7.  
        Preparing to install the Windows-based on-host agent
      8.  
        Downloading and installing the on-host agent
      9.  
        Configuring the Linux-based on-host agent
      10.  
        Configuring the Windows-based on-host agent
      11.  
        Configuring the on-host plug-in
      12.  
        Configuring VSS to store shadow copies on the originating drive
    7. Protecting assets with CloudPoint's agentless feature
      1.  
        About the agentless feature
      2. Prerequisites for the agentless configuration
        1.  
          Granting password-less sudo access to host user account
      3.  
        Configuring the agentless feature
  3. Section II. Configuring users
    1. Setting up email and adding users
      1.  
        Configuring the CloudPoint sender email address
      2.  
        About adding users to CloudPoint
      3.  
        Adding AD users to CloudPoint using LDAP
      4.  
        Adding users to CloudPoint manually
      5.  
        Deleting a user from CloudPoint
    2. Assigning roles to users for greater efficiency
      1.  
        About role-based access control
      2.  
        Displaying role information
      3.  
        Creating a role
      4.  
        Editing a role
      5.  
        Deleting a role
  4. Section III. Protecting and managing data
    1. User interface basics
      1.  
        Signing in to CloudPoint
      2.  
        Focusing on an asset type
      3.  
        Navigating to your assets
      4.  
        Using the action icons
    2. Indexing and classifying your assets
      1.  
        About indexing and classifying snapshots
      2.  
        Configuring classification settings using VIC
      3.  
        Indexing and classifying snapshots
      4.  
        Indexing and classification statuses
    3. Protecting your assets with policies
      1.  
        About policies
      2.  
        How a CloudPoint protection policy works
      3.  
        Creating a policy
      4.  
        Assigning a policy to an asset
      5.  
        Listing policies and displaying policy details
      6.  
        Editing a policy
      7.  
        Deleting a policy
    4. Tag-based asset protection
      1.  
        About tag-based asset protection
      2.  
        How to use tag-based asset protection feature
      3.  
        Tag-based asset protection support
      4.  
        Tag-based asset protection considerations and limitations
    5. Replicating snapshots for added protection
      1.  
        About snapshot replication
      2.  
        About cross-account snapshot replication in the AWS cloud
      3.  
        Requirements for replicating snapshots
      4.  
        Cross-account snapshot replication support matrix
      5.  
        Cross-account snapshot replication limitations
      6.  
        Configuring replication rules
      7.  
        Editing a replication rule
      8.  
        Deleting a replication rule
    6. Managing your assets
      1.  
        Creating a snapshot manually
      2.  
        Displaying asset snapshots
      3.  
        Replicating a snapshot manually
      4. About snapshot restore
        1.  
          Restore requirements and limitations for Microsoft SQL Server
        2.  
          Restore requirements and limitations for Oracle
        3.  
          Restore requirements and limitations for MongoDB
      5.  
        About single file restore (granular restore)
      6. Single file restore requirements and limitations
        1.  
          Single file restore support on Linux
        2.  
          Single file restore limitations on Linux
        3.  
          Single file restore support on Windows
        4.  
          Single file restore limitations on Windows
      7.  
        Restoring a snapshot
      8.  
        Additional steps required after restoring disk-level snapshots
      9. Additional steps required after a SQL Server snapshot restore
        1.  
          Steps required after a SQL Server host-level restore
        2.  
          Steps required after a SQL Server disk-level snapshot restore to new location
      10.  
        Additional steps required after an Oracle snapshot restore
      11.  
        Additional steps required after a MongoDB snapshot restore
      12.  
        Additional steps required after restoring an AWS RDS database instance
      13.  
        Restoring individual files within a snapshot
      14.  
        Deleting a snapshot
    7. Monitoring activities with notifications and the job log
      1.  
        About CloudPoint notifications
      2.  
        Viewing notifications in the CloudPoint UI
      3.  
        CloudPoint notification methods
      4.  
        CloudPoint notification limitations
      5.  
        Configuring email-based CloudPoint notifications
      6.  
        Configuring AWS SNS-based CloudPoint notifications
      7.  
        Using the Job Log
    8. Protection and disaster recovery
      1.  
        About protection and disaster recovery
      2.  
        Backing up CloudPoint
      3.  
        Restoring CloudPoint
  5. Section IV. Maintaining CloudPoint
    1. CloudPoint logging
      1.  
        About CloudPoint logging mechanism
      2. How fluentd-based CloudPoint logging works
        1.  
          About the CloudPoint fluentd configuration file
        2.  
          Modifying the fluentd configuration file
        3.  
          Fluentd-based logging requirements and considerations
      3.  
        Viewing CloudPoint logs
    2. Troubleshooting CloudPoint
      1.  
        Restarting CloudPoint
      2.  
        Docker may fail to start due to a lack of space
      3.  
        CloudPoint installation fails if rootfs is not mounted in a shared mode
      4.  
        Some CloudPoint features do not appear in the user interface
      5.  
        Off-host plug-in deletion does not automatically remove file system and application assets
      6.  
        Disk-level snapshot restore fails if the original disk is detached from the instance
      7.  
        Snapshot restore for encrypted AWS assets may fail
      8.  
        Error while adding users to CloudPoint
      9.  
        CloudPoint fails to revert restored snapshots if indexing, classification, or restore operations fail
      10.  
        SQL snapshot or restore and SFR operations fail if the Windows instance loses connectivity with the CloudPoint host
      11.  
        Troubleshooting CloudPoint logging
      12.  
        Swagger UI-based authorization for CloudPoint REST API calls may fail
      13.  
        Policy retention count is not honored for file system and application assets if there is an issue with the CloudPoint plug-in
    3. Working with your CloudPoint license
      1.  
        Displaying CloudPoint license and protection information
      2.  
        Upgrading your CloudPoint license
    4. Managing CloudPoint agents and plug-ins
      1.  
        Unconfiguring CloudPoint plug-ins
      2.  
        Unconfiguring the CloudPoint agent
      3.  
        Uninstalling CloudPoint on-host agents
    5. Upgrading CloudPoint
      1. About CloudPoint upgrades
        1.  
          Supported upgrade path
      2. Preparing to upgrade CloudPoint
        1.  
          Removing CloudPoint plug-in configuration
      3.  
        Upgrading CloudPoint
      4.  
        Upgrading a CloudPoint CloudFormation stack
    6. Uninstalling CloudPoint
      1.  
        Preparing to uninstall CloudPoint
      2.  
        Removing the CloudPoint on-host agents
      3.  
        Removing CloudPoint from a standalone Docker host environment
  6. Section V. Reference
    1. Storage array support
      1. Dell EMC Unity arrays
        1.  
          Dell EMC Unity array plug-in configuration parameters
        2.  
          Supported Dell EMC Unity arrays
        3.  
          Supported CloudPoint operations on Dell EMC Unity arrays
      2. Pure Storage FlashArray
        1.  
          Pure Storage FlashArray plug-in configuration parameters
        2.  
          Supported Pure Storage FlashArray models
        3.  
          Supported CloudPoint operations on Pure Storage FlashArray models
    2. Working with CloudPoint using APIs
      1.  
        Accessing the Swagger-based API documentation

How a CloudPoint protection policy works

After you create a CloudPoint protection policy with the desired parameters, you have to assign the policy to one or more assets. CloudPoint then triggers the policy runs as per the defined policy schedule. During each policy cycle, CloudPoint scans the assigned assets and performs the following actions:

  • Creates snapshots of the assets to which the policy is assigned

  • Replicates the snapshots if the replication option is enabled

  • Deletes the asset snapshots, beginning with the oldest snapshot copy first, if the policy-triggered snapshot count is more than the defined retention value

During a policy run, when CloudPoint takes asset snapshots, it holds them together in a virtual object called as a snapshot group. A snapshot group represents a unique set of snapshots taken at a particular point in time, where each snapshot belongs to a particular asset that is included in the policy. A snapshot group contains only one snapshot per asset, it never includes two snapshots that belong to the same asset. CloudPoint creates a new and unique snapshot group in each policy run.

CloudPoint uses a snapshot group as the unit of reference for running policy-driven snapshot deletion operations. If the snapshot count exceeds the retention value defined in a policy, CloudPoint deletes the oldest policy-triggered snapshot copy during the policy run. CloudPoint uses the age (time when a snapshot was taken) and number (snapshot group count) of the snapshot group to determine which snapshots are to be deleted. CloudPoint does not use the age or the number of the individual asset snapshots within a group.

For example, consider a policy P1 that is assigned to assets A1, A2, and A3 and is scheduled to run on the Monday, Tuesday, and Wednesday of a week. The retention count is set to 1, which means CloudPoint should maintain only one copy of the snapshots at any given time.

Table: CloudPoint policy behavior example

Policy name

Policy schedule

Retention value

Assigned to assets

P1

Run once a day on Mondays, Tuesdays, and Wednesdays

1

A1, A2, A3

Now let us look at the CloudPoint policy behavior, depending on different scenarios:

  • During the first policy run on a Monday, CloudPoint creates three snapshots, A1-Snap-Mon, A2-Snap-Mon, A3-Snap-Mon, and puts them in a snapshot group called G1. The three snapshots represent one for each asset that is included in the policy.

  • In the Tuesday policy run, consider a case where the snapshot creation for asset A3 fails. CloudPoint creates two snapshots, A1-Snap-Tue and A2-Snap-Tues, and puts them in a new snapshot group called G2.

    With G1 and the newly created snapshot group G2, the snapshot group count exceeds the policy retention value of 1. CloudPoint immediately triggers a snapshot delete operation and deletes all the snapshots included in group G1, as G1 is the older of the two snapshot groups.

    As G1 is deleted, there is only one snapshot group (G2) that remains at the end of the Tuesday policy run. G2 includes only two snapshots, one each for assets A1 and A2. Asset A3 does not have any snapshot as snapshot creation had failed in the Tuesday policy run and CloudPoint has already deleted snapshot group G1 that included an older snapshot of asset A3.

  • Now consider a case where asset A2 is removed from the policy. Policy P1 is no longer associated with the asset A2. In the Wednesday policy run, CloudPoint creates two snapshots A1-Snap-Wed and A3-Snap-Wed and puts them in snapshot group G3. Snapshot for asset A2 is not created as A2 is no longer included in the policy.

    With G2 and the newly created snapshot group G3, the snapshot count exceeds the policy retention value. CloudPoint triggers a snapshot delete operation once again. G2 is the older between G2 and G3, so CloudPoint deletes the snapshots in group G2.

    As G2 is deleted, there is only one snapshot group (G3) that remains at the end of the Wednesday policy run. G3 includes two snapshots, one each for asset A1 and asset A3. Asset A2 does not have any snapshots.

Note the following:

  • CloudPoint does not consider the individual asset snapshot count when performing the delete operation. Also, if the snapshot creation fails in a subsequent policy run, CloudPoint does not retain the asset snapshot that was created during the earlier policy cycle.

    In this case, asset A3 had only one snapshot in group G1, as the snapshot operation had failed in the Tuesday policy run. But with creation of G2, the snapshot group count exceeded the policy retention value and G1 was deleted. As a result, asset A3 does not have any snapshots remaining at the end of the Tuesday policy run, even if the policy retention value is 1.

  • CloudPoint does not retain policy-created snapshots if an asset is removed from a policy. CloudPoint does not consider that an asset is no longer associated with the policy and proceeds with delete operation. An asset snapshot is deleted even if the policy is no longer associated with the asset.

    In this case, during the Wednesday policy run, CloudPoint does not create a new snapshot for asset A2 as it was excluded from the policy. However, with the creation of G3, the snapshot group count exceeded the policy retention value and G2 was deleted. G2 included a snapshot of asset A2, and even though A2 is no longer associated with the policy, deletion of G2 resulted in the deletion of the snapshot that belonged to A2.