I would like to know if anyone have deployed netbackup enviornment for cloud VMs like in Amazon, Azure, Openstack
basically i would like to backup machines created inside cloud using backup software
One soution i can think of - master, media both to be deployed in cloud and using cloud storage. In this case if i have multiple virtual private cloud, i need to dploy master and media in each VPC.
So i would like to have a solution where i can -
Deploy master server outside cloud enviornment
Media server inside cloud.
Storage devices like tape library or disk appliance outside cloud.. below is one sample diagram i have attached.
kindly assist me on designing solution.
I can allow clients to talk to master and vice versa however i need to do it vai media server.
Master-client connection should go thorugh only media server.
so what setting i need to perform in Netbackup for this.
Netbackup does not work like Commvault - so out of the box working method master and client needs network communication.
You can disallow client traffic to master server, but then client won't be able to restore from the BAR GUI. All restores need to be performed from the master server.
Why do you need to do it via the media server, what's the reason ?
There is no such thing as Master-client connection going thorugh only media server.
Master <-> client comms needs port 1556 open in both directions between master and client as well as forward and reverse name lookup.
Master <-> client comms is required for any policy that has ALL_LOCAL_DRIVES in Backup Selection as well as for any user/client initiated backup or restore, including database backups and restores.
If you will be performing VMware backups ONLY, it may be possible to only have media server (backup host) <-> client comms.
NetBackup Logging Reference Guide (for process flow diagrams)
Thank you Nicolai and Marianne.
Commvault offer one method where i can use media server as proxy for comminucate between clients and master via it.
I would like to deploy backup infrastructure for cloud VM. If i am allowed to deploye all the components inside cloud, i am good however i have been asked to deploy master and storage device out of the cloud, so that i can use same master server for multiple VPC.
Also i have a query.
Is capacity based license is charged per master server
or I can have multiple master server with single capacity based license.
Capacity license let you install as many master server you want.
Be aware that IP traffic out of the cloud has a charge - you need to do some math before deciding on a solution. I would advice to have a master server in the cloud, and then using AIR replicate data to a master server on premises.
you have to use your license key for all masterserver. There is no way to specify how much of the 100TB is used by a specific NBU domain.
In case of a license audit the sum of all NBU domain must not ecxeed 100 TB.
In your case I would suggest to use OPS Center analytics.
Tunix2K said it ...
Veritas will ask you to use nbdeployutil to messaure the protected FETB usage.
About using nbdeployutil for capacity licensing
About this "Master <-> client comms is required for any policy that has ALL_LOCAL_DRIVES in Backup Selection as well as for any user/client initiated backup or restore, including database backups and restores."
I have clients in a DMZ across a WAN where the only bridge between the master and the clients is the media server. The backup policy uses ALL_LOCAL_DRIVES. What's happening for me is that the master kicks off the policy, opens connections to the media server for job control and cataloging file meta-data; but the media server is the only host that communicates with the client and sends the data off to the storage server.
It is true that in this case, the client cannot perform any operations and we only perform flat file OS backups. Everything is controlled from the master. This has worked from NBU 5.0 up to 184.108.40.206. I think we're even using this at a site with 7.7.1, but I couldn't find a specific client to validate against since I'm not the prime for that master.
You could use a simliar strategy treating each VPC as its own DMZ. One master server in the primary VPC or on-prem, and one media server with MSDP storage (or whatever storage you choose) in each of the VPCs to back up the hosts in its VPC.