NetBackup Largely a GUI centric, enterprise level backup sotware. Pretty complicated when compared to even Legato NetWorker. Components:
- Global Device Database Host - Master Servers - Volume Datbase Hosts - Media Servers
SW packages: ICS = Infrastructure Common Service VxSS = security VxAT = Authentication VxAZ = Authorization PBX = Private Branch Exchange, wrapper to use a single TCP port for many threads VxIF = ?? Interface??
NB 6.0 Simple Install Server side install: 1. Use ICU CD, run ./installics Install all components, even if not licensed. These would include PBX, VxSS (Authentication and Authorization), Service Framework, etc.
2. Use NetBackup Server CD, run ./install Install the server, enter license keys, allow it to start all services (eg bprd).
To manually start service: /etc/init.d/netbackup start
3. Start program as /usr/openv/netbackup/jnbSA &
4. Install clients using client cd and install script. For Linux machines, always use RH 2.4, even if it is other flavor and different kernel level. The other tends to mess up lib links.
This setup will work: - no media server - no use of VxSS Security Services, which is not necessary for shops with few admins. - Server should have static IP, all client need to connect to it using its hostname.
bp.conf Main config file, in /usr/openv/netbackup for both client and server.
Ports client side: bpcd 13782 bprd 13720 vnetd 13724 vopied 13783
Info from NB 6.0 Install Guide Catalog can be large, can specify dir, and link it from /usr/openv. NFS install not recommended, need file locking, which is not reliable in NFS.
For access-controlled environments: - You must install the VERITAS Security Software (VxSS) either before or after you install or upgrade NetBackup on your server. The order does not matter, however it is important that you install this software before you use NetBackup, to benefit from an access controlled environment. - The Authorization broker must reside on the master server. - For initial install, add VxSS AFTER NB server install. - VxSS resids on ICS CD (Probably need this on all machine with NB software, including client)
NetBackup Enterprise only: If you are not adding any NetBackup media servers, ignore all references to them.
NetBackup 6.0 contains features that are dependent on a new Infrastructure Core Services (ICS) product called VERITAS Private Branch Exchange (PBX). PBX helps limit the number of TCP/IP ports used by many new features in NetBackup. In addition, it allows all socket communication to take place while connecting through a single port. The PBX port number is 1556.
NetBackup includes wizards that make installing and configuring the software easy. Installing and configuring NetBackup involves the following steps: 1. Mounting the Software CD 2. Installing NetBackup Server Software 3. Installing Alternative Administration Interfaces 4. Installing NetBackup Agents and Options (eg, Oracle agents, etc)
Alternate Admin Interfaces: Windows NetBackup Remote Administration Console or NetBackup-Java Administration Console for Windows UNIX NetBackup-Java Administration Console Multiple versions of the NetBackup-Java Administration Console
Initial config:
The installation process copies the appropriate startup/shutdown script from the /usr/openv/netbackup/bin/goodies directory to the init.d directory and creates links to it from the appropriate rc directory. S77netbackup and K01netbackup
Start: /usr/openv/netbackup/bin/jnbSA
ICS Install Guide VERITAS Private Branch Exchange (VxPBX) Single-port access through a firewall VERITAS Service Management Framework (VxSMF) Service management VERITAS Authentication Service (VxAT) Security authentication VERITAS Authorization Service (VxAZ) Security authorization ==> Not all of them is needed by NetBackup.
Start/Stop (p61): VERITAS Private Branch Exchange /opt/VRTSpbx/bin/vxpbx_exchanged start VERITAS Service Management Framework /opt/VRTSsmf/bin/vxsmfd start VERITAS Authentication Service /etc/rc.d/rc2.d/S70vxatd start VERITAS Authorization Service /opt/VRTSaz/bin/vrtsaz
Security Service Install Guide Basic Tasks Involved in Setting Up Authentication:
In setting up VERITAS Authentication, you must install at least one Root Broker, one Authentication Broker, and one Client.
p15 of pdf for details.
Root + AB: Installs the Root Broker and the Authentication Broker on the same machine. (There may or may not be a Client on this machine.) This is a single process listening on a single port.
Alt: Root and AB in separate machines. Allows windows, NIS etc to be broker for auth, more flexibility, harder to setup.
Init script: /opt/VRTSat/bin/vxatd
VxAZ ...
Veritas NetBackup Basic Commands Administrator Utilities (p 503 of admin guide vol 1) bpadm Starts character-based, menu-driven admin interface on the server. jnbSA Starts Java-based, NetBackup admin interface on the server.
Client-User Interfaces bp Starts character-based, menu-driven client-user interface. jnbSA Starts Java-based, main admin interface. jbpSA java gui for backup/restore portion only.
NOTE on restore: Use java gui for restoring Unix clients Use Windows Admin Console to restore windows file to windows machines This provides better settings for environment specific attributes.
Daemon Control initbprd Starts bprd (request daemon). bprdreq -terminate Stops bprd (request daemon) initbpdbm Starts bpdbm (database manager). bpadm Has option for starting and stopping bprd. jnbSA (Activity Monitor) Has option for starting and stopping bprd.
Monitor Processes bpps Lists active NetBackup processes. jnbSA (Activity Monitor) Lists active NetBackup processes.
/usr/openv/java/auth.conf Authorization options. /usr/openv/netbackup/bp.conf Configuration options (server and client). /usr/openv/java/nbj.conf Configuration options for the NetBackup-Java Console $HOME/bp.conf Configuration options for user (on client).
Veritas NetBackup "Basic++" Commands commands in /usr/openv/netbackup/bin (from Unix Admin CLI guide) bplist Lists backed up and archived files on the NetBackup server. bplist -t 35 -R / | grep NBDB see type 35 (catalog backup)
Client Commands bpcd NB Client Daemon. started by xinetd, so may not be running. Listen on port 13782; telnet in to see if server is responding. -debug # print debug messages NOTE: client can be at lower MP level than server (but not vice versa)
bpclntcmd Tests the functionality of a NetBackup system -gethostname -bn # see server assigned hostname, should match above
Server Commands /usr/openv/netbackup/bin/admincmd/bpminlicense # manage nb license file -nb_features # list active NB feature ID -sm_features # list active Storage Migrator feature ID -verbose -debug -add_keys ... # add keys.
Commands from Training Class
ch1
Ch2 bpgetconfig bpsetconfig bpps -a bpps -x
/usr/openv/netbackup/db catalog db /usr/openv/db sybase db storing EMM DB
bpbackup $HOME client side, backup the dir indicated bparchive $HOME client side, archive the dir indicated (archive erase files when done, but dir/tree structure is left intact) bprestore $HOME restore files of indicated dir CLI def = overwrite !! GUI def = NO overwrite
bpminlicense -verbose display license keys and descriptions bplicense display low level license info
bpup -f -v start netbackup server bpdown
ch 3
bpdbjobs [-M masterSvr] activity monitor bptestbpcd -client ClientName test connectivity to server vmoprcmd list tape drive(s)
robtest script to test library robot exclusive use of robot while running!! tldtest tape drive test subcommands :: t transport, use robot arm d drive m s1 d1 move (tape) from slot1 to drive1 unload d1 unload tape from drive m d1 s1 q quit
vmchange -m mt -newMt
ch 4
bpimmedia -u bpimagelist bpstulist -U bperror -S 219 -r show msg for given err code, -r = fix Recommendation
ch 5
nbemmcmd change volume pool ... vmadm volume management admin vmpool
vmupdate vmcheckxxx vmphinv physical inventory, read tape header, not just bar code, so take some time vmquery -a -b list all media known to EMM vmrule -listall tape bar code rule vmadd vmchange
bpexpdate -m MediaID -d 0 expire dates on tape vmdelete bplabel label tape, erasing it
volmgr/vm.conf volume (tape) manager config
tape drive path in solaris is def even when in robot, eg /dev/rmt/0cbn RHEL4 is /dev/nst0
ch5 bpmount client side, find mount point (each produc its own stream, also cross mount options, etc)
ch 7 - Scheduling
nbpermreq -update policies policy execution mgrt
cp 9
bppllist list all policies bpplsched POLICYNAME display schedule of a policy -L human readable list [-M MasterSvr] specify master server if needed
bpdbjobs -jobid 210 -all_columns
bperror -all list all std err messages
ch 10 restore ??
ch 11 media and images
bpadm TUI *****
bpverify -m tape verify image on tape
nbemmcmd -errorsdb list all media error, see if some tape have persistent problem.
ch 12 - catalog bk/recovery
bpsyncinfo -doBackup bpdbbackup nbmail.cmd mail script on windows, need blat
bprecover -wizard TUI recovery tool nbpemreq -h "undocumented" command for policy execution, see 14-5
vxlogmgr -f /mydir copy all logs to specified dir (before they disapear) it merge from multiple source and time sort them (?)
TLA, Terms STU Storage Unit BMR Bare Metal Recovery (reinstall OS and recover data from backup) EMM Enterprise Media Manager - Server that keeps track of all tapes and what is on them. TIR True Image Restore - keep track to see if files deleted/moved, so incremental restore will be aware of them and produce same result need to store more meta data info during each inc bk
MSCO server side encryption option, so that crypt key is not per client node Compress before Encrypt, don't recommend doing both on same node. Tape hardware compression is outside veritas and done last, (but that still can't do magic to encrypted data).
NOM Network Operation Manager, Web Server for day to day backup operator use admin/Vxadmin def pw
multiplexing place several image on same tape using interveaving writes. Produces a single tar stream.
multistreaming create multiple write process, thus several tars created. (ie diff files if staging to disk, if write to tape, multiple tars).
vault feature to manage tape offsite/safe storage xfer image from disk storage to tape, etc
BMC Control M software that can interject backup job into NB give better control of scheduling
NetBackup Common Error Codes For NetBackup 6.0 MP4. Email does not have any useful info. Using GUI console, sometime one can dig out the activity and look into the detail tab to find what is the real problem. Overall, the reporting process is overly simplified and thus a chore to find out what is going on 0 Success. No error. 1 Partially successful. Typically means some files were in locked state and not backed up. Usually little can be done about them, just ignore. 50 Client process aborted. ...
|