Veritas CloudPoint Administrator's Guide

Last Published:
Product(s): CloudPoint (2.2)
Platform: Linux
  1. Getting started with CloudPoint
    1.  
      About CloudPoint
    2.  
      What kinds of assets can you protect?
    3.  
      Understanding your CloudPoint license
  2. Section I. Installing and configuring CloudPoint
    1. Preparing for installation
      1.  
        About the deployment approach
      2.  
        Deciding where to run CloudPoint
      3.  
        Meeting system requirements
      4.  
        CloudPoint host sizing recommendations
      5.  
        Creating an instance or preparing the physical host to install CloudPoint
      6.  
        Installing Docker
      7.  
        Creating and mounting a volume to store CloudPoint data
      8.  
        Verifying that specific ports are open on the instance or physical host
    2. Deploying CloudPoint
      1.  
        About deploying CloudPoint in a non-interactive mode
      2.  
        Installing CloudPoint
      3.  
        Configuring CloudPoint from your browser and signing in
      4.  
        Verifying that CloudPoint installed successfully
      5.  
        Configuring AWS KMS in CloudPoint
    3. Deploying CloudPoint in the AWS cloud
      1.  
        About CloudPoint deployment in the AWS cloud
      2.  
        About CloudPoint integration with AWS KMS
      3. About CloudPoint support for AWS IAM roles
        1.  
          About source account and cross-account configurations
        2.  
          How to configure CloudPoint to use IAM roles
        3.  
          CloudPoint IAM role configuration limitations
      4. About the CloudPoint AWS CloudFormation template
        1.  
          Resources created by the CloudPoint template
        2.  
          CloudPoint EC2 instance configuration details
        3.  
          Instance failures and Auto Scaling Group behavior
      5.  
        Prerequisites for using the CloudPoint template
      6.  
        Launching a CloudPoint CloudFormation stack
    4. Using plug-ins to discover assets
      1.  
        About plug-ins
      2.  
        Determining the types of plug-ins and agents to install
    5. Configuring off-host plug-ins
      1. AWS plug-in configuration notes
        1.  
          Prerequisites for configuring the AWS plug-in
        2.  
          Configuring AWS permissions for CloudPoint
        3.  
          AWS permissions required by CloudPoint
        4.  
          Before you create a cross account configuration
      2. Google Cloud Platform plug-in configuration notes
        1.  
          Google Cloud Platform permissions required by CloudPoint
        2.  
          Configuring a GCP service account for CloudPoint
        3.  
          Preparing the GCP service account for plug-in configuration
      3. Microsoft Azure plug-in configuration notes
        1.  
          Configuring permissions on Microsoft Azure
      4.  
        Dell EMC Unity array plug-in configuration notes
      5.  
        Pure Storage FlashArray plug-in configuration notes
      6. HPE RMC plug-in configuration notes
        1.  
          RMC plug-in configuration parameters
        2.  
          Supported HPE storage systems
        3.  
          Supported CloudPoint operations on HPE storage arrays
      7. NetApp plug-in configuration notes
        1.  
          NetApp plug-in configuration parameters
        2.  
          Supported NetApp arrays
        3.  
          Supported CloudPoint operations on NetApp storage
      8.  
        Configuring an off-host plug-in
      9. About CloudPoint plug-ins and assets discovery
        1.  
          Plug-in discovery interval requirements and limitations
        2.  
          Viewing the assets discovery interval setting
    6. Configuring the on-host agents and plug-ins
      1.  
        About agents
      2. Oracle plug-in configuration notes
        1.  
          Optimizing your Oracle database data and metadata files
      3.  
        MongoDB plug-in configuration notes
      4.  
        Microsoft SQL plug-in configuration notes
      5.  
        About the installation and configuration process
      6.  
        Preparing to install the Linux-based on-host agent
      7.  
        Preparing to install the Windows-based on-host agent
      8.  
        Downloading and installing the on-host agent
      9.  
        Configuring the Linux-based on-host agent
      10.  
        Configuring the Windows-based on-host agent
      11.  
        Configuring the on-host plug-in
      12.  
        Configuring VSS to store shadow copies on the originating drive
    7. Protecting assets with CloudPoint's agentless feature
      1.  
        About the agentless feature
      2. Prerequisites for the agentless configuration
        1.  
          Granting password-less sudo access to host user account
      3.  
        Configuring the agentless feature
  3. Section II. Configuring users
    1. Setting up email and adding users
      1.  
        Configuring the CloudPoint sender email address
      2.  
        About adding users to CloudPoint
      3.  
        Adding AD users to CloudPoint using LDAP
      4.  
        Adding users to CloudPoint manually
      5.  
        Deleting a user from CloudPoint
    2. Assigning roles to users for greater efficiency
      1.  
        About role-based access control
      2.  
        Displaying role information
      3.  
        Creating a role
      4.  
        Editing a role
      5.  
        Deleting a role
  4. Section III. Protecting and managing data
    1. User interface basics
      1.  
        Signing in to CloudPoint
      2.  
        Focusing on an asset type
      3.  
        Navigating to your assets
      4.  
        Using the action icons
    2. Indexing and classifying your assets
      1.  
        About indexing and classifying snapshots
      2.  
        Configuring classification settings using VIC
      3.  
        Indexing and classifying snapshots
      4.  
        Indexing and classification statuses
    3. Protecting your assets with policies
      1.  
        About policies
      2.  
        How a CloudPoint protection policy works
      3.  
        Creating a policy
      4.  
        Assigning a policy to an asset
      5.  
        Listing policies and displaying policy details
      6.  
        Editing a policy
      7.  
        Deleting a policy
    4. Tag-based asset protection
      1.  
        About tag-based asset protection
      2.  
        How to use tag-based asset protection feature
      3.  
        Tag-based asset protection support
      4.  
        Tag-based asset protection considerations and limitations
    5. Replicating snapshots for added protection
      1.  
        About snapshot replication
      2.  
        About cross-account snapshot replication in the AWS cloud
      3.  
        Requirements for replicating snapshots
      4.  
        Cross-account snapshot replication support matrix
      5.  
        Cross-account snapshot replication limitations
      6.  
        Configuring replication rules
      7.  
        Editing a replication rule
      8.  
        Deleting a replication rule
    6. Managing your assets
      1.  
        Creating a snapshot manually
      2.  
        Displaying asset snapshots
      3.  
        Replicating a snapshot manually
      4. About snapshot restore
        1.  
          Restore requirements and limitations for Microsoft SQL Server
        2.  
          Restore requirements and limitations for Oracle
        3.  
          Restore requirements and limitations for MongoDB
      5.  
        About single file restore (granular restore)
      6. Single file restore requirements and limitations
        1.  
          Single file restore support on Linux
        2.  
          Single file restore limitations on Linux
        3.  
          Single file restore support on Windows
        4.  
          Single file restore limitations on Windows
      7.  
        Restoring a snapshot
      8. Additional steps required after a SQL Server snapshot restore
        1.  
          Steps required after a SQL Server host-level restore
        2.  
          Steps required after a SQL Server disk-level snapshot restore to new location
      9.  
        Additional steps required after an Oracle snapshot restore
      10.  
        Additional steps required after a MongoDB snapshot restore
      11.  
        Additional steps required after restoring an AWS RDS database instance
      12.  
        Restoring individual files within a snapshot
      13.  
        Deleting a snapshot
    7. Monitoring activities with notifications and the job log
      1.  
        About CloudPoint notifications
      2.  
        Viewing notifications in the CloudPoint UI
      3.  
        CloudPoint notification methods
      4.  
        CloudPoint notification limitations
      5.  
        Configuring email-based CloudPoint notifications
      6.  
        Configuring AWS SNS-based CloudPoint notifications
      7.  
        Using the Job Log
    8. Protection and disaster recovery
      1.  
        About protection and disaster recovery
      2.  
        Backing up CloudPoint
      3.  
        Restoring CloudPoint
  5. Section IV. Maintaining CloudPoint
    1. CloudPoint logging
      1.  
        About CloudPoint logging mechanism
      2. How fluentd-based CloudPoint logging works
        1.  
          About the CloudPoint fluentd configuration file
        2.  
          Modifying the fluentd configuration file
        3.  
          Fluentd-based logging requirements and considerations
      3.  
        Viewing CloudPoint logs
    2. Troubleshooting CloudPoint
      1.  
        Restarting CloudPoint
      2.  
        Docker may fail to start due to a lack of space
      3.  
        CloudPoint installation fails if rootfs is not mounted in a shared mode
      4.  
        Some CloudPoint features do not appear in the user interface
      5.  
        Off-host plug-in deletion does not automatically remove file system and application assets
      6.  
        Disk-level snapshot restore fails if the original disk is detached from the instance
      7.  
        Snapshot restore for encrypted AWS assets may fail
      8.  
        Error while adding users to CloudPoint
      9.  
        CloudPoint fails to revert restored snapshots if indexing, classification, or restore operations fail
      10.  
        SQL snapshot or restore and SFR operations fail if the Windows instance loses connectivity with the CloudPoint host
      11.  
        Troubleshooting CloudPoint logging
    3. Working with your CloudPoint license
      1.  
        Displaying CloudPoint license and protection information
      2.  
        Upgrading your CloudPoint license
    4. Upgrading CloudPoint
      1. About CloudPoint upgrades
        1.  
          Supported upgrade path
      2. Preparing to upgrade CloudPoint
        1.  
          Removing CloudPoint plug-in configuration
      3.  
        Upgrading CloudPoint
    5. Uninstalling CloudPoint
      1.  
        Preparing to uninstall CloudPoint
      2.  
        Removing the CloudPoint on-host agents
      3.  
        Removing CloudPoint from a standalone Docker host environment
  6. Section V. Reference
    1. Storage array support
      1. Dell EMC Unity arrays
        1.  
          Dell EMC Unity array plug-in configuration parameters
        2.  
          Supported Dell EMC Unity arrays
        3.  
          Supported CloudPoint operations on Dell EMC Unity arrays
      2. Pure Storage FlashArray
        1.  
          Pure Storage FlashArray plug-in configuration parameters
        2.  
          Supported Pure Storage FlashArray models
        3.  
          Supported CloudPoint operations on Pure Storage FlashArray models
    2. Working with CloudPoint using APIs
      1.  
        Accessing the Swagger-based API documentation

About tag-based asset protection

Note:

Tag-based asset protection is introduced in CloudPoint 2.2 release and is offered only as a Technical Preview feature. It is included in this release to introduce you to the concept and the functionality. The feature should not be used in production environments. Veritas is under no obligation to develop, modify, improve, maintain, or market Technical Preview features or release production builds or general availability (GA) versions of the software.

The process of deploying a workload in the cloud is getting easier than in the past. Whether it is a development environment, a simple application instance, or a complex production deployment, virtual instances can be up and running within a few clicks. This ease of provisioning has led to a proliferation in the kinds of workloads and also the number of instances that are getting deployed in the cloud. The challenge is limited not only to the management of such a diverse environment, but also in the implementation of data protection policies in an ever expanding cloud footprint.

CloudPoint makes it easier by automatically discovering all the assets in your cloud environment. The periodic discovery ensures that any addition or deletion of workloads does not go unnoticed and all asset changes remain accounted for. You can easily configure a CloudPoint protection policy and assign it to the desired workloads.

The responsibility of data protection is entirely on the backup and data protection administrators. They need to monitor the number of workloads, determine the kind of data protection that is needed, and ensure that the required workloads are protected by assigning the correct protection policy. Also, if any of the protected workloads no longer exist or are no longer required to be protected, the task of removing that asset from the assigned protection policies also remains with the administrators.

With release 2.2, CloudPoint introduces a feature called as Tag-based asset protection that is designed to automate the data protection policy assignment process. Tag-based asset protection provides an intelligent and automated mechanism to protect assets based on user-defined tags. Tagging is a method where you can use descriptive text labels and assign them to the assets, either during the asset creation or at any time during the active life of the asset. When CloudPoint discovers the assets, it also scans the tags associated with those assets and then automatically assigns a matching pre-defined protection policy to the asset.

During each discovery cycle, CloudPoint checks the asset tags and automatically assigns a matching protection policy to the asset. Similarly, if a tag is removed from an asset, and if that asset is associated with a matching policy, then CloudPoint removes that asset from the policy. Then, the asset is no longer protected by that policy. Tag-based asset protection allows you to assign or unassign protection policies to a large number of assets simultaneously. This eliminates the manual task of navigating through the CloudPoint UI and choosing a protection policy for an asset individually.

How tag-based asset protection works

CloudPoint stores all the information about configured policies, discovered assets and their associated tags in a MongoDB database. The CloudPoint coordinator service and the policy engine service together make use of this information to control and manage data protection using the tag-based asset protection.

The CloudPoint coordinator keeps a track of all the changes to the assets and their tags. During the CloudPoint discovery cycle, the CloudPoint plug-in sends all the asset data to the coordinator. The coordinator compares this information with the records in the MongoDB database and identifies all the assets and asset tags that are added, modified, or removed since the last discovery and then sends that information to the policy engine. The policy engine uses this information and determines whether to assign a policy to an asset or to remove an existing policy from an asset.

The CloudPoint policy engine keeps a track of all the changes that are made to CloudPoint policies. Whenever a new policy is created, the policy engine requests the coordinator for a list of tagged assets. The coordinator polls the MongoDB database and sends that information to the policy engine. If any of the asset tag matches the new policy name, the policy engine requests the coordinator to attach that policy to the asset.

Depending on the change, CloudPoint performs the following actions during each discovery cycle:

  • If a new tagged asset is added, CloudPoint associates a matching policy to that asset.

  • If a tagged asset is deleted, CloudPoint disassociates the asset from the policy.

  • If an existing tag value is modified such that an existing policy name is replaced by a new one, CloudPoint disassociates the existing policy and associates a new matching policy to that asset.

  • If a new policy name is appended to the existing asset tag, CloudPoint associates that new policy to the asset. The same asset is now protected by the existing as well as the new protection policy.

  • If an existing tag is removed from an asset or if the tag does not include a policy name, CloudPoint disassociates the policy from that asset. The asset is then no longer being protected and is excluded from future policy runs.

  • If an asset tag contains a policy name that does not exist, CloudPoint generates a notification alert. As and when a matching policy is created, CloudPoint automatically assigns it to that asset.