NetBackup™ Web UI Kubernetes Administrator's Guide

Last Published:
Product(s): NetBackup (10.0)
  1. Introducing the NetBackup web user interface
    1.  
      About the NetBackup web UI
    2.  
      Terminology
    3.  
      Sign in to the NetBackup web UI
    4.  
      Sign out of the NetBackup web UI
  2. Monitoring NetBackup
    1.  
      The NetBackup dashboard
    2.  
      Job monitoring
    3.  
      Jobs: cancel, suspend, restart, resume, delete
    4.  
      Search for or filter jobs in the jobs list
  3. Overview of NetBackup for Kubernetes
    1.  
      Overview
    2.  
      Features of NetBackup support for Kubernetes
  4. Deploying and configuring the NetBackup Kubernetes operator
    1.  
      Deploy service package on NetBackup Kubernetes operator
    2.  
      Port requirements for Kubernetes operator deployment
    3.  
      Upgrade the NetBackup Kubernetes operator
    4.  
      Delete the NetBackup Kubernetes operator
    5.  
      Configure NetBackup Kubernetes datamover
    6.  
      Configure settings for NetBackup snapshot operation
    7.  
      Troubleshooting NetBackup servers with short names
    8. Managing image groups
      1.  
        About image expiration
      2.  
        About image copy
  5. Deploying certificates on NetBackup Kubernetes operator
    1.  
      Deploy certificates on the Kubernetes operator
    2.  
      Perform Host-ID-based certificate operations
    3.  
      Perform ECA certificate operations
    4.  
      Identify certificate types
  6. Managing Kubernetes assets
    1.  
      Add a Kubernetes cluster
    2.  
      Configure settings
    3.  
      Add protection to the assets
  7. Managing Kubernetes intelligent groups
    1.  
      About intelligent group
    2.  
      Create an intelligent group
    3.  
      Delete an intelligent group
    4.  
      Edit an intelligent group
  8. Protecting Kubernetes assets
    1.  
      Protect an intelligent group
    2.  
      Remove protection from an intelligent group
    3.  
      Configure backup schedule
    4.  
      Configure backup options
    5.  
      Configure backups
    6.  
      Configure storage units
  9. Recovering Kubernetes assets
    1.  
      Explore and validate recovery points
    2.  
      Restore from snapshot
    3.  
      Restore from backup copy
  10. Troubleshooting Kubernetes issues
    1.  
      Error during certificate deployment on the Kubernetes operator
    2.  
      Error during the primary server upgrade: NBCheck fails
    3.  
      Error during an old image restore: Operation fails
    4.  
      Error during persistent volume recovery API
    5.  
      Error during restore: Final job status shows partial failure
    6.  
      Error during restore on the same namespace
    7.  
      Datamover pods exceed the Kubernetes resource limit
    8.  
      Error during restore: Job fails on the highly loaded cluster
    9.  
      Custom Kubernetes role created for specific clusters cannot view the jobs

Deploy certificates on the Kubernetes operator

You need to deploy certificates for secure communication between the datamover and the NetBackup media servers.

Note:

You must deploy the certificates before you can perform Backup from Snapshot and Restore from Backup operations.

Certificates supported for datamover communication

Datamover facilitates data movement within the NetBackup environment, it communicates with the media servers over Transport Layer Security (TLS). For more details, refer to the About secure communication in NetBackup section in NetBackup™ Security and Encryption Guide. Datamover needs a host-id-based certificate, or an ECA-signed certificate issued by NetBackup primary server for communication. A new custom resource definition BackupServerCert is introduced to enable certificate deployment operation in NBCA (NetBackup Certificate Authority) or ECA (External Certificate Authority) mode.

Note:

In NetBackup 10.0 release, datamover supports only automatic mode for DTE client.

For more details, See Configure settings for NetBackup snapshot operation.

Note:

The certificateType and certificateOperation are case sensitive. For more details, refer https://www.veritas.com/content/support

Custom resource specification looks like this:

apiVersion: netbackup.veritas.com/v1
kind: BackupServerCert
metadata:
  name: backupservercert-sample-nbca
  namespace: kops-ns
spec:
  clusterName: cluster.sample.com
  backupServer: primary.server.sample.com
  certificateOperation: Create | Update | Remove
  certificateType: NBCA | ECA
  nbcaAttributes:
    nbcaCreateOptions:
      secretName: "Secret name consists of token and fingerprint"
    nbcaUpdateOptions:
      secretName: "Secret name consists of token and fingerprint"
      force: true | false
    nbcaRemoveOptions:
      hostID: "hostId of the nbca certificate. You can view on Netbackup UI"
  ecaAttributes:
    ecaCreateOptions:
      ecaSecretName: "Secret name consists of cert, key, passphrase, cacert"
      copyCertsFromSecret: true | false
      isKeyEncrypted: true | false
    ecaUpdateOptions:
      ecaCrlCheck: DISABLE | LEAF | CHAIN  
      ecaCrlRefreshHours: [0,4380]