Veritas NetBackup™ Commands Reference Guide
- Introduction
- Appendix A. NetBackup Commands
Name
nbinstallcmd — used to create deployment jobs
SYNOPSIS
-policy policy_name -schedule schedule [-master_server hostname] [{-hosts hostname1,hostname2,... | -host_filelist path}]
-operation_type {precheck | stage | install} -package package_name [-master_server hostname] [-media_server hostname] {-hosts hostname1,hostname2,... | -host_filelist path} [-limit_jobs max_concurrent_jobs] -use_existing_certs [-components javagui_jre=(include|exclude|match)]
-operation_type {precheck | stage | install} -package package_name [-master_server hostname] [-media_server hostname] {-hosts hostname1,hostname2,... | -host_filelist path} [-limit_jobs max_concurrent_jobs] -unix_eca_cert_path path -unix_eca_crl_check_level {use_cdp | use_path | disabled} -unix_eca_trust_store_path path -unix_eca_private_key_path path [-unix_eca_key_passphrasefile path] [-unix_eca_crl_path path] [-components javagui_jre=(include|exclude|match)]
-operation_type {precheck | stage | install} -package package_name [-master_server hostname] [-media_server hostname] {-hosts hostname1,hostname2,... | -host_filelist path} [-limit_jobs max_concurrent_jobs] -win_eca_cert_store path -win_eca_crl_check_level {use_cdp | use_path | disabled} [-win_eca_crl_path path] [-components javagui_jre=(include|exclude|match)]
-operation_type {precheck | stage | install} -package package_name [-master_server hostname] [-media_server hostname] {-hosts hostname1,hostname2,... | -host_filelist path} [-limit_jobs max_concurrent_jobs] -win_eca_cert_path path -win_eca_crl_check_level {use_cdp | use_path | disabled} -win_eca_trust_store_path path -win_eca_private_key_path path [-win_eca_crl_path path] [-win_eca_key_passphrasefile path] [-components javagui_jre=(include|exclude|match)]
On UNIX systems, the directory path to this command is /usr/openv/netbackup/bin
On Windows systems, the directory path to this command is install_path\NetBackup\bin
DESCRIPTION
Use the nbinstallcmd command to create VxUpdate jobs. VxUpdate supports updates for clients and media servers. If you launch the job from a master server, it may target any client or any media server the master server knows. If you launch the job from a client or a media server, only that client or media server is targeted.
Use the -policy and -schedule options to base a job off an existing deployment policy. If the -hosts or -host_filelist switches are used with -policy, the job is limited to a subset of the target hosts configured in the deployment policy. If -hosts and -host_filelist are not used, the job is executed against all target hosts configured in the deployment policy.
Use the -operation_type and -package options to launch a job without a deployment policy. This form of the command requires you to provide information regarding security configuration. The command requires you specify how VxUpdate handles security:
Configure external security certificates for UNIX and Linux hosts during the upgrade using a file-based certificate.
Configure external security certificates for Windows hosts during the upgrade using a certificate from a certificate store.
Configure external security certificates for Windows hosts during the upgrade using a file-based certificate.
Do not modify the security, as it is configured correctly.
See the NetBackup Installation Guide and the NetBackup Security and Encryption Guide for more details on these security options.
Logs for the nbinstallcmd command are located in the legacy logging directory. For UNIX and Linux, the logs are found in /usr/openv/netbackup/logs
. On Windows, the logs are in install_path\NetBackup\logs
.
Note:
Please use shell-specific annotations if any of the file paths in the arguments contain spaces or special characters that must be escaped.
OPTIONS
- -components javagui_jre=(include | exclude | match)
Use this option to specify if the Java GUI and JRE should be present on the target systems after the deployment job runs.
A value of include indicates that you want these components to be installed or upgraded on the target systems.
A value of exclude indicates that you do not want the components on the target systems. Any preexisting Java GUI and JRE components are removed.
A value of match indicates that you want to preserve the current state of the Java GUI and JRE components. The components are upgraded if they are present on the pre-upgraded system. The components are not installed if they are not present on the pre-upgraded system.
- -hosts [host1,host2,...]
A comma-separated list of host names with no spaces between the entries. You cannot use this option with -host_filelist. If -policy is specified, the hosts that are listed must be included in the policy. If -policy is not specified and the command is executed on the master server, hosts specified must be known to the master server. If -policy is not specified and the command is executed on the target host, this value must match the name of the target host. You cannot specify a mixture of clients and media servers in a single job. All hosts that are listed in a job must either be all clients or all media servers.
- -host_filelist [path]
Path to a file with the host names specified on individual lines. You cannot use this option with -hosts. If -policy is specified, the hosts that are specified must be included in the policy. If -policy is not specified and the command is executed on the master server, the hosts that are specified must be known to the master server. If -policy is not specified and the command is executed on the target host, this value must match the name of the target host. You cannot specify a mixture of clients and media servers in a single job. All hosts that are listed in the file must either be all clients or all media servers.
- -limit_jobs [max_concurrent_jobs]
The maximum number of concurrent jobs allowed. This option applies only when -policy is not specified. If unspecified, the default value is unlimited.
- -master_server hostname
The host name of the master server where the VxUpdate repository exists. This option is not required.
- -media_server hostname
The host name of the staging server with which the client communicates. This server must be a media server. This option applies only when -policy is not specified. If unspecified, the master server acts as the staging server. When a media server is used for staging, the packages are cached to it so that it can serve these packages in VxUpdate operations. This option helps optimize the efficiency of the NetBackup master server.
- -operation_type {precheck | stage | install}
The type of deployment operation to launch. Required if -policy is not specified. Valid options are:
precheck: Performs the various precheck operations, including confirming there is sufficient space on the host for the update.
stage: Moves the update package to the host, but does not install it. Also performs the precheck operation.
install: Installs the specified package. Also performs the precheck and the stage operations. If you already performed the stage operation, the install command does not move the package again.
- -package item
The name of the package you want installed. Required if -policy is not specified. The package must be present in the repository. Use the nbrepo command to view and manage packages.
- -policy policy_name
The name of an existing deployment policy. This option is required if -operation_type isn't specified.
- -schedule schedule_name
The deployment policy's schedule to execute. Required if -policy is specified.
- -unix_eca_cert_path path
Use this option to specify the path to the certificate file for UNIX and Linux hosts. This option applies when:
-policy and -use_existing_certs are not specified.
The master server supports external security certificates.
The target hosts do not yet have external security certificates configured.
You want the configuration to occur during the upgrade.
- -unix_eca_crl_check_level {use_cdp | use_path | disabled}
Specifies how you want to handle the Certificate Revocation List on UNIX and Linux hosts. Specify use_cdp to use the CRL defined in the certificate. Specify use_path to specify the path to the CRL. Specify disabled to not use a CRL. Applies when:
-policy and -use_existing_certs are not specified.
The master server supports external security certificates.
Your target hosts do not yet have external security certificates configured.
You want that configuration to occur during the upgrade.
- -unix_eca_crl_path path
Use this option to specify the path to the external certificate authority file for UNIX and Linux hosts. This option is required if you use -unix_eca_crl_check_level use_path. If you attempt to use this option without -unix_eca_crl_check_level use_path, the job fails.
-policy and -use_existing_certs are not specified.
The master server supports external security certificates.
Your target hosts do not yet have external security certificates configured.
You want that configuration to occur during the upgrade.
- -unix_eca_key_passphrasefile path
Use this option to provide the path to the passphrase file on UNIX and Linux hosts. This option is not required. This option applies when:
-policy and -use_existing_certs are not specified
The master server supports external security certificates
Your target hosts do not yet have external security certificates configured.
You want that configuration to occur during the upgrade.
- -unix_eca_private_key_path path
Use this option to specify the path to the private key file and the private key file name on UNIX and Linux hosts. This option applies when:
-policy and -use_existing_certs are not specified
The master server supports external security certificates.
Your target hosts do not yet have external security certificates configured.
You want that configuration to occur during the upgrade.
- -unix_eca_trust_store_path path
Use this option to specify the path to the trust store file on UNIX and Linux hosts. This option applies when:
-policy and -use_existing_certs are not specified
The master server supports external security certificates.
Your target hosts do not yet have external security certificates configured.
You want that configuration to occur during the upgrade.
- -use_existing_certs
Specify this option when you want the job to use the existing security certificates. This option only applies when -policy is not specified. You cannot use this option with any *eca* option. Specify this option if:
The target hosts have existing external certificates.
The target hosts have existing NetBackup security certificates you want to continue to use.
- -win_eca_cert_path path
Use this option to specify the path to the certificate file for Windows hosts. You cannot use this option with -win_eca_cert_store_path. This option applies when:
-policy and -use_existing_certs are not specified
The master server supports external security certificates.
Your target hosts do not yet have external security certificates configured.
You want that configuration to occur during the upgrade.
- -win_eca_cert_store path
Use this option to specify the path to the Windows certificate store. You cannot use this option with -win_eca_cert_path, -win_eca_key_passphrasepath, -win_eca_private_key_path, and -win_eca_trust_store_path. You must enter the certificate location as Certificate_Store_Name\Issuer_Distinguished_Name\Subject_Distinguished_Name. This option applies when:
-policy and -use_existing_certs are not specified
The master server supports external security certificates.
Your target hosts do not yet have external security certificates configured.
You want that configuration to occur during the upgrade.
- -win_eca_crl_check_level {use_cdp | use_path | disabled}
Specifies how you want to handle the Certificate Revocation List on Windows hosts. Specify use_cdp to use the CRL defined in the certificate. Specify use_path to specify the path to the CRL. Specify disabled to not use a CRL. This option applies when:
-policy and -use_existing_certs are not specified
The master server supports external security certificates.
Your target hosts do not yet have external security certificates configured.
You want that configuration to occur during the upgrade.
- -win_eca_crl_path path
Use this option to specify the path to the external certificate authority file for Windows hosts. This option is required if you use -windows_eca_crl_check_level use_path. If you attempt to use this option without -windows_eca_crl_check_level use_path, the job fails.
- -win_eca_key_passphrasefile path
Use this option to provide the path to the passphrase file on Windows hosts. This option is not required. You cannot use this option with -win_eca_cert_store. This option applies when:
-policy and -use_existing_certs are not specified
The master server supports external security certificates.
Your target hosts do not yet have external security certificates configured.
You want that configuration to occur during the upgrade.
- -win_eca_private_key_path path
Use this option to specify the path to the private key file and the private key file name on Windows hosts. You cannot use this option with -win_eca_cert_store. This option applies when:
-policy and -use_existing_certs are not specified
The master server supports external security certificates.
Your target hosts do not yet have external security certificates configured.
You want that configuration to occur during the upgrade.
- -win_eca_trust_store_path path
This option lets you specify the path to the trust store and the trust store file name on Windows hosts. You cannot use this option with -win_eca_cert_store. This option applies when:
-policy and -use_existing_certs are not specified
The master server supports external security certificates.
Your target hosts do not yet have external security certificates configured.
You want that configuration to occur during the upgrade.
EXAMPLES
Example 1: Initiate a precheck operation for all hosts that are configured in the specified policy.
nbinstallcmd -policy policy-deployment20 -schedule sched-precheck -master_server master.domain.com
Example 2: From the master server, initiate a staging job that is not based on a deployment policy. The job should: stage the NetBackup 8.2 client, target several hosts, use a separate media server as the staging server, and not include any security certificate configuration.
nbinstallcmd -operation_type stage -package nbclient_8.2 -master_server master.domain.com -media_server media_staging.domain.com -hosts client01.domain.com,client02.domain.com -use_existing_certs
Example 3: From the target host, initiate an install operation that is not based on a deployment policy. The operation upgrades the host to NetBackup 8.3 with instructions to configure external security certificates as part of the upgrade.
nbinstallcmd -operation_type install -package nbserver_8.3 -master_server master.domain.com -hosts media01.domain.com -unix_eca_cert_path /usr/home/cert.pem -unix_eca_trust_store_path /usr/home/cacert.pem -unix_eca_private_key_path /usr/home/private_key.pem -unix_eca_key_passphrasefile /usr/home/passphrase_file -unix_eca_crl_check_level use_path -unix_eca_crl_path /usr/home/crl_dir
Example 4: From the target host, initiate an install operation not based on a deployment policy. The operation upgrades the host to NetBackup 8.3 using a separate media server as the staging server. It also includes instructions to configure external security certificates originating from a certificate store.
nbinstallcmd -operation_type install -package nbclient_8.3 -master_server master.domain.com -media_server media_staging.domain.com -hosts client01.domain.com -win_eca_cert_store MyCertStore\MyIssuer\MyClient -win_eca_crl_check_level use_cdp
Example 5: From the master server, initiate an install operation not based on a deployment policy. The operation applies a NetBackup 8.2 Windows EEB and targets several hosts. The job uses the master server as the staging server and does not include any security certificate configuration.
nbinstallcmd -operation_type install -package nbeeb_1234567.1_8.2 -master_server master.domain.com -host_filelist path_to_file.txt -use_existing_certs
SEE ALSO
See nbrepo.