NetBackup

Components:

- Global Device Database Host
- Master Servers
- Volume Datbase Hosts
- Media Servers

SW packages:
ICS = Infrastructure Common Service
	VxSS = security
		VxAT	= Authentication
		VxAZ	= Authorization
	PBX 	= Private Branch Exchange, wrapper to use a single TCP port for many threads
VxIF	= ?? Interface??

NB 6.0 Simple Install

Server side install:
1. Use ICU CD, run ./installics
	Install all components, even if not licensed.
	These would include PBX, VxSS (Authentication and Authorization), 
	Service Framework, etc.

2.  Use NetBackup Server CD, run ./install
	Install the server, enter license keys, 
	allow it to start all services (eg bprd).

	To manually start service: /etc/init.d/netbackup start


3.  Start program as /usr/openv/netbackup/jnbSA &

4.  Install clients using client cd and install script.
	For Linux machines, always use RH 2.4, even if it is other flavor and 
	different kernel level.  The other tends to mess up lib links.

This setup will work:
- no media server
- no use of VxSS Security Services, which is not necessary for shops with few admins.
- Server should have static IP, all client need to connect to it using its hostname.
 

bp.conf 
	Main config file, in /usr/openv/netbackup
	for both client and server.


Ports client side:
	
bpcd	13782
bprd	13720
vnetd	13724
vopied	13783

Info from NB 6.0 Install Guide

Catalog can be large, can specify dir, and link it from /usr/openv.
NFS install not recommended, need file locking, which is not reliable in NFS.

For access-controlled environments:
- You must install the VERITAS Security Software (VxSS) either before or after you 
install or upgrade NetBackup on your server. The order does not matter, 
however it is important that you install this software before you use NetBackup, 
to benefit from an access controlled environment.
- The Authorization broker must reside on the master server.
- For initial install, add VxSS AFTER NB server install.
- VxSS resids on ICS CD
  (Probably need this on all machine with NB software, including client)


NetBackup Enterprise only: If you are not adding any NetBackup media servers, ignore all references to them.

NetBackup 6.0 contains features that are dependent on a new Infrastructure Core
Services (ICS) product called VERITAS Private Branch Exchange (PBX).
PBX helps limit the number of TCP/IP ports used by many new features in
NetBackup. In addition, it allows all socket communication to take place while
connecting through a single port. The PBX port number is 1556.


NetBackup includes wizards that make installing and configuring the software easy.
Installing and configuring NetBackup involves the following steps:
1. Mounting the Software CD
2. Installing NetBackup Server Software
3. Installing Alternative Administration Interfaces
4. Installing NetBackup Agents and Options (eg, Oracle agents, etc)


Alternate Admin Interfaces:
Windows 	NetBackup Remote Administration Console or
		NetBackup-Java Administration Console for Windows
UNIX 		NetBackup-Java Administration Console
		Multiple versions of the NetBackup-Java Administration Console



Initial config:

The installation process copies the appropriate startup/shutdown script from the
/usr/openv/netbackup/bin/goodies directory to the init.d directory and creates
links to it from the appropriate rc directory.
S77netbackup and K01netbackup

Start:
/usr/openv/netbackup/bin/jnbSA

ICS Install Guide

VERITAS Private Branch Exchange (VxPBX) 	Single-port access through a firewall
VERITAS Service Management Framework (VxSMF) 	Service management
VERITAS Authentication Service (VxAT) 		Security authentication
VERITAS Authorization Service (VxAZ) 		Security authorization
==> Not all of them is needed by NetBackup.

Start/Stop (p61):
VERITAS Private Branch Exchange 	/opt/VRTSpbx/bin/vxpbx_exchanged start
VERITAS Service Management Framework 	/opt/VRTSsmf/bin/vxsmfd start
VERITAS Authentication Service 		/etc/rc.d/rc2.d/S70vxatd start
VERITAS Authorization Service 		/opt/VRTSaz/bin/vrtsaz

Security Service Install Guide

Basic Tasks Involved in Setting Up Authentication:

In setting up VERITAS Authentication, you must install at least one Root Broker, one
Authentication Broker, and one Client. 

p15 of pdf for details.

Root + AB: Installs the Root Broker and the Authentication Broker on the same
machine. (There may or may not be a Client on this machine.) This is a single
process listening on a single port.

Alt: Root and AB in separate machines.  
Allows windows, NIS etc to be broker for auth, more flexibility, harder to setup.


Init script:  /opt/VRTSat/bin/vxatd

VxAZ ...

Veritas NetBackup Basic Commands

Administrator Utilities

(p 503 of admin guide vol 1)
bpadm 			Starts character-based, menu-driven admin interface on the server.
jnbSA			Starts Java-based, NetBackup admin interface on the server.

Client-User Interfaces

bp			Starts character-based, menu-driven client-user interface.
jnbSA 			Starts Java-based, main admin interface.
jbpSA			java gui for backup/restore portion only.

NOTE on restore:
Use java gui for restoring Unix clients
Use Windows Admin Console to restore windows file to windows machines
This provides better settings for environment specific attributes.

Daemon Control

initbprd 			Starts bprd (request daemon).
bprdreq -terminate		Stops bprd (request daemon)
initbpdbm 			Starts bpdbm (database manager).
bpadm 				Has option for starting and stopping bprd.
jnbSA (Activity Monitor) 	Has option for starting and stopping bprd.

Monitor Processes

bpps 				Lists active NetBackup processes.
jnbSA (Activity Monitor) 	Lists active NetBackup processes.


/usr/openv/java/auth.conf 	Authorization options.
/usr/openv/netbackup/bp.conf 	Configuration options (server and client).
/usr/openv/java/nbj.conf 	Configuration options for the NetBackup-Java Console
$HOME/bp.conf 			Configuration options for user (on client).

Veritas NetBackup "Basic++" Commands

bplist		Lists backed up and archived files on the NetBackup server.
bplist -t 35 -R / | grep NBDB
		see type 35 (catalog backup)

Client Commands

bpcd		NB Client Daemon.  started by xinetd, so may not be running.
		Listen on port 13782; telnet in to see if server is responding.
		-debug	# print debug messages
		NOTE: client can be at lower MP level than server (but not vice versa)

bpclntcmd 	Tests the functionality of a NetBackup system
		-gethostname
		-bn		# see server assigned hostname, should match above

Server Commands

/usr/openv/netbackup/bin/admincmd/bpminlicense
				# manage nb license file
		-nb_features	# list active NB feature ID
		-sm_features	# list active Storage Migrator feature ID
		-verbose
		-debug
		-add_keys ...	# add keys.

Commands from Training Class

ch1


Ch2
bpgetconfig
bpsetconfig
bpps -a
bpps -x

/usr/openv/netbackup/db		catalog db
/usr/openv/db			sybase db storing EMM DB

bpbackup $HOME			client side, backup the dir indicated
bparchive $HOME			client side, archive the dir indicated 
				(archive erase files when done, but dir/tree structure is left intact)
bprestore $HOME			restore files of indicated dir
				CLI def = overwrite !!
				GUI def = NO overwrite 

bpminlicense -verbose		display license keys and descriptions
bplicense			display low level license info

bpup -f -v			start netbackup server
bpdown


ch 3

bpdbjobs [-M masterSvr]		activity monitor
bptestbpcd -client ClientName	test connectivity to server
vmoprcmd			list tape drive(s)

robtest				script to test library robot
				exclusive use of robot while running!!
tldtest				tape drive test
	subcommands ::
	t			transport, use robot arm
	d			drive
	m s1 d1			move (tape) from slot1 to drive1
	unload d1		unload tape from drive
	m d1 s1
	q			quit

vmchange -m mt -newMt


ch 4

bpimmedia -u
bpimagelist
bpstulist -U
bperror -S 219 -r		show msg for given err code, -r = fix Recommendation 


ch 5

nbemmcmd			change volume pool ...
vmadm				volume management admin
vmpool

vmupdate
vmcheckxxx
vmphinv				physical inventory, read tape header, not just bar code, so take some time
vmquery -a -b			list all media known to EMM
vmrule -listall			tape bar code rule
vmadd
vmchange

bpexpdate -m MediaID -d 0	expire dates on tape
vmdelete
bplabel				label tape, erasing it

volmgr/vm.conf			volume (tape) manager config

tape drive path in solaris is def even when in robot, eg /dev/rmt/0cbn
RHEL4 is /dev/nst0

ch5
bpmount				client side, find mount point (each produc its own stream, also cross mount options, etc)

ch 7 - Scheduling

nbpermreq -update policies	policy execution mgrt


cp 9 

bppllist		list all policies
bpplsched POLICYNAME 	display schedule of a policy
	-L 		human readable list
	[-M MasterSvr]	specify master server if needed

bpdbjobs -jobid 210 -all_columns

bperror -all		list all std err messages


ch 10 restore
??

ch 11 media and images 

bpadm			TUI			*****


bpverify -m tape 	verify image on tape

nbemmcmd -errorsdb	list all media error, see if some tape have persistent problem.


ch 12 - catalog bk/recovery

bpsyncinfo -doBackup
bpdbbackup
nbmail.cmd		mail script on windows, need blat

bprecover -wizard	TUI recovery tool
					
nbpemreq -h	"undocumented" command for policy execution, see 14-5 

vxlogmgr -f /mydir	copy all logs to specified dir (before they disapear)
			it merge from multiple source and time sort them (?)

		

TLA, Terms

STU	Storage Unit
BMR	Bare Metal Recovery (reinstall OS and recover data from backup)
EMM	Enterprise Media Manager - Server that keeps track of all tapes and what is on them.
TIR	True Image Restore - keep track to see if files deleted/moved, so 
	incremental restore will be aware of them and produce same result
	need to store more meta data info during each inc bk

MSCO	server side encryption option, so that crypt key is not per client node
	Compress before Encrypt, don't recommend doing both on same node.
	Tape hardware compression is outside veritas and done last,
	(but that still can't do magic to encrypted data).

NOM	Network Operation Manager, Web Server for day to day backup operator use
	admin/Vxadmin	def pw


multiplexing		place several image on same tape using interveaving writes.  Produces a single tar stream.

multistreaming		create multiple write process, thus several tars created.  
			(ie diff files if staging to disk, if write to tape, multiple tars).

vault			feature to manage tape offsite/safe storage
			xfer image from disk storage to tape, etc

BMC Control M 		software that can interject backup job into NB
			give better control of scheduling

NetBackup Common Error Codes

0	Success.  No error.
1	Partially successful.  
	Typically means some files were in locked state and not backed up.
	Usually little can be done about them, just ignore.
50	Client process aborted.
	...