Veritas NetBackup™ Cloud Administrator's Guide
- About NetBackup cloud storage
- About the cloud storage- About the cloud storage vendors for NetBackup
- About the Amazon S3 cloud storage API type- Amazon S3 cloud storage vendors certified for NetBackup
- Amazon S3 storage type requirements
- Permissions required for Amazon S3 cloud provider user
- Amazon S3 cloud storage provider options
- Amazon S3 cloud storage options
- Amazon S3 advanced server configuration options
- Amazon S3 credentials broker details
- About private clouds from Amazon S3-compatible cloud providers
- About Amazon S3 storage classes
- Amazon virtual private cloud support with NetBackup
- About protecting data in Amazon for long-term retention
- Protecting data using Amazon's cloud tiering
- About using Amazon IAM roles with NetBackup
- About NetBackup character restrictions for Amazon S3 cloud connector
- Protecting data with Amazon Snowball and Amazon Snowball Edge- Configuring NetBackup for Amazon Snowball with Amazon Snowball client
- Configuring NetBackup for Amazon Snowball with Amazon S3 API interface
- Using multiple Amazon S3 adapters
- Configuring NetBackup with Amazon Snowball Edge with file interface
- Configuring NetBackup for Amazon Snowball Edge with S3 API interface
- Configuring NetBackup for Amazon Snowball and Amazon Snowball Edge for NetBackup CloudCatalyst Appliance
- Configuring SSL for Amazon Snowball and Amazon Snowball Edge
- Post backup procedures if you have used S3 API interface
 
 
- About Microsoft Azure cloud storage API type
- About OpenStack Swift cloud storage API type
 
- Configuring cloud storage in NetBackup- Before you begin to configure cloud storage in NetBackup
- Configuring cloud storage in NetBackup
- Cloud installation requirements
- Scalable Storage properties
- Cloud Storage properties
- About the NetBackup CloudStore Service Container
- Deploying host name-based certificates
- Deploying host ID-based certificates
- About data compression for cloud backups
- About data encryption for cloud storage
- About NetBackup KMS for encryption of NetBackup cloud storage
- About external KMS for encryption of NetBackup cloud storage
- About cloud storage servers
- About object size for cloud storage
- About the NetBackup media servers for cloud storage
- Configuring a storage server for cloud storage
- Changing cloud storage server properties
- NetBackup cloud storage server properties
- About cloud storage disk pools
- Configuring a disk pool for cloud storage
- Saving a record of the KMS key names for NetBackup cloud storage encryption
- Adding backup media servers to your cloud environment
- Configuring a storage unit for cloud storage
- About NetBackup Accelerator and NetBackup Optimized Synthetic backups
- Enabling NetBackup Accelerator with cloud storage
- Enabling optimized synthetic backups with cloud storage
- Creating a backup policy
- Changing cloud storage disk pool properties
- Certificate validation against Certificate Revocation List (CRL)
- Managing Certification Authorities (CA) for NetBackup Cloud
 
- Monitoring and Reporting
- Operational notes- NetBackup bpstsinfo command operational notes
- Unable to configure additional media servers
- Cloud configuration may fail if NetBackup Access Control is enabled
- Deleting cloud storage server artifacts
- Using csconfig reinitialize to load updated cloud configuration settings
- Enabling or disabling communication between master server and legacy cloud storage media servers
 
- Troubleshooting- About unified logging
- About legacy logging
- NetBackup cloud storage log files
- Enable libcurl logging
- NetBackup Administration Console fails to open
- Troubleshooting cloud storage configuration issues- NetBackup Scalable Storage host properties unavailable
- Connection to the NetBackup CloudStore Service Container fails
- Cannot create a cloud storage disk pool
- Cannot create a cloud storage
- Data transfer to cloud storage server fails in the SSL mode
- Amazon GovCloud cloud storage configuration fails in non-SSL mode
- Data restore from the Google Nearline storage class may fail
- Backups may fail for cloud storage configurations with Frankfurt region
- Backups may fail for cloud storage configurations with the cloud compression option
- Fetching storage regions fails with authentication version V2
 
- Troubleshooting cloud storage operational issues- Cloud storage backups fail
- Stopping and starting the NetBackup CloudStore Service Container
- A restart of the nbcssc (on legacy media servers), nbwmc, and nbsl processes reverts all cloudstore.conf settings
- NetBackup CloudStore Service Container startup and shutdown troubleshooting
- bptm process takes time to terminate after cancelling GLACIER restore job
- Handling image cleanup failures for Amazon Glacier vault
- Cleaning up orphaned archives manually
- Restoring from Amazon Glacier vault spans more than 24 hours for single fragment
- Restoring from GLACIER_VAULT takes more than 24 hours for Oracle databases
- Troubleshooting failures due to missing Amazon IAM permissions
- Restore job fails if the restore job start time overlaps with the backup job end time
- Post processing fails for restore from Azure archive
 
- Troubleshooting Amazon Snowball and Amazon Snowball Edge issues
 
- Index
Amazon virtual private cloud support with NetBackup
Using NetBackup you can add a new cloud storage in an Amazon virtual private cloud (VPC) environment.
The following diagram illustrates how NetBackup integrates with VPC.
The diagram illustrates the following points:
- You must deploy the media servers within the VPC environment. 
- You can deploy the master server locally or in the VPC environment. Ensure that the master server is able to communicate with the media servers. 
- In the public subnet, PC1 uses both private and elastic IP and has access to the Internet. The media server 1, also has access to the Internet. In a public subnet, you can authenticate and access the storage bucket over Internet or using the VPC endpoint. 
- In the private subnet, PC2 uses only private IP and has no access to the Internet. The media server 2, also has no access to the Internet. In a private subnet, you can authenticate and access the storage bucket using the VPC endpoint. 
- A VPC is restricted to a specific region. 
- You need to add a new cloud storage server for the specific region. 
- Do not configure multiple regions for one service host. 
- When you configure a region for a service host, it must be same as the VPC region; you cannot configure a different region. For example, if you want to add a cloud storage for Singapore region VPC environment, you must configure the service host region to Singapore. 
- For VPC in the default (US East (N. Virginia)) AWS region, use s3-external-1.amazonaws.com as the service host and us-east-1 as the location identifier. 
- Configure the NetBackup policy to use the media server within the VPC environment.