Rubrik CDM Version 6.0 Cloud Cluster Setup Guide (Rev. A6)

Rubrik CDM Cloud Cluster Setup Guide
Version 6.0
755-0176-01 Rev A6
Rubrik Headquarters: Palo Alto, California 94304

1-844-4RUBRIK www.rubrik.com
Legal Notices
Copyright and trademarks

Copyright
Copyright © 2022 Rubrik Inc.

All rights reserved. This document may be used free of charge. Selling without prior written consent is
prohibited. Obtain permission before redistributing. In all cases, this copyright notice and disclaimer must
remain intact.
THE CONTENTS OF THIS DOCUMENT ARE PROVIDED "AS IS," AND COPYRIGHT HOLDERS MAKE NO
REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT,
OR TITLE; THAT THE CONTENTS OF THE DOCUMENT ARE SUITABLE FOR ANY PURPOSE; THAT THE
IMPLEMENTATION OF SUCH CONTENTS WILL NOT INFRINGE ANY THIRD PARTY PATENTS, COPYRIGHTS,
TRADEMARKS OR OTHER RIGHTS.
COPYRIGHT HOLDERS WILL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, SPECIAL OR CONSEQUENTIAL
DAMAGES ARISING OUT OF ANY USE OF THE DOCUMENT OR THE PERFORMANCE OR IMPLEMENTATION
OF THE CONTENTS THEREOF.
Trademarks
Registered in the U.S. Trademark Office

Rubrik, the Rubrik graphic, and Datos IO are registered trademarks of Rubrik, Inc. in the U.S. and other
countries. Additionally, Rubrik, Inc. holds common law trademark rights in Rubrik Polaris, Polaris GPS,
Polaris Radar, Polaris Sonar, Rubrik Envision, Rubrik Edge, and Mosaic in the U.S. and/or other countries.
All other trademarks are the property of their respective owners.
Legal Notices
Certain products and features, including the Rubrik-hosted mode of Polaris for Microsoft 365 Protection,
are subject to additional product-specific terms available at https://www.rubrik.com/en/legal.
By using the Rubrik Polaris Sonar application, you understand and acknowledge that Rubrik Polaris Sonar’s
pre-existing Policies and Analyzers contain general suggestions for data elements and formats based on
common data sets and formats. The suggested data elements and formats in Rubrik Polaris Sonar are not
intended to be a comprehensive or exhaustive list of data elements and formats regulated by the GDPR,
CCPA or any other applicable laws and regulations. We also do not guarantee that your Rubrik Polaris
Sonar search results will include every instance of each data element and format within your data set. We
Copyright and trademarks 05/12/2022 | ii

strongly recommend that you consult legal counsel for specific advice regarding compliance with applicable
laws and regulations.
Rubrik Polaris Sonar is designed to assist customers with identifying certain data elements and formats and
should not be solely relied upon to identify all data elements and formats of a certain type for any purpose,
including legal or compliance.
Use of the Polaris Management Console software is subject to additional product-specific terms available at
https://www.rubrik.com/en/legal.
Copyright and trademarks 05/12/2022 | iii

Preface
Welcome to Rubrik. We appreciate your interest in our products.
Rubrik is continually working to improve its products and regularly releases revisions and new versions.
Some information provided by this guide may not apply to a particular revision or version of a product.
Review the release notes for the product to see the most up-to-date information about that product.
Revision history
Revision Date Description
Rev. A0 May 2021 Early Access 2 release of Rubrik CDM version 6.0.
Rev. A1 June 2021 Directed Availability release of Rubrik CDM version 6.0.
• Added information for using Rubrik Cloud Cluster Elastic Storage
(Cloud Cluster ES) on AWS.
• Updated procedure for removing nodes and decommissioning a
Rubrik Cloud Cluster or Cloud Cluster ES on Azure.
• Added requirement to specify a disk type when creating a Rubrik
Cloud Cluster on Azure.
• Added requirement to specify read/write host caching when
creating a Rubrik Cloud Cluster ES on Azure.
• Updated the bootstrap script for Rubrik Cloud Cluster and Rubrik
Cloud Cluster ES on AWS.
Rev. A2 July 2021 General Availability release of Rubrik CDM version 6.0.
Rev. A3 December 2021 Added information about the workflow for using SSH keys to
authenticate a Rubrik Cloud Cluster on Azure.
Rev. A4 March 2022 • Updated About Rubrik Cloud Clusters.
• Added new section on Rubrik Cloud Cluster sizing.
• Added sections for Rubrik Cloud Cluster and Rubrik Cloud Cluster
ES node requirements.
• Removed bucket requirement for GCP Cloud Cluster setup.
Rev. A5 April 2022 Reverted content about creating and setting up Rubrik Cloud Cluster
for Azure through the marketplace.
Rev.A6 May 2022 Reinstated files that were reverted in revision A5.
Preface 05/12/2022 | iv
Support
Use one of the following methods to contact Rubrik Support.
Web Rubrik Support Portal

Phone See Get In Touch for contact options.
Email support@rubrik.com
Related documentation
Rubrik provides documentation that covers a broad range of related concepts, tasks, and reference
information.
• Rubrik Polaris User Guide
• Rubrik Polaris Radar Quick Start Guide
• Rubrik CDM Release Notes
• Rubrik CDM User Guide
• Rubrik CDM Install and Upgrade Guide
• Rubrik CDM Security Guide
• Rubrik CDM Cloud Cluster Setup Guide
• Rubrik CDM Hardware Guide
• Rubrik CDM CLI Guide
• Rubrik CDM Events Guide
• Rubrik Edge Install and Upgrade Guide
• Rubrik Virtual Cluster Install Guide
• Rubrik Compatibility Matrix
Comments and suggestions

We welcome your comments and suggestions about our products and our product documentation.
Products
To provide comments and suggestions about our products contact Rubrik Support, as described in Support.
Product documentation
To provide comments and suggestions about the product documentation, please send your message by
email to: techpubs@rubrik.com.
Please include the following information about the product documentation to help us to find the content
that is the subject or your comments:
• Full title
• Part number
• Revision
• Relevant pages
Preface 05/12/2022 | v
Rubrik Build
Rubrik hosts community-based tools through the Rubrik Build program and associated GitHub repositories
for community-supplied tools.
Rubrik Build is an open source program that provides access to a growing community of enthusiasts and
experts across a number of languages and tools. Rubrik Build is used to create and improve projects that
simplify monitoring, testing, development, and automated workflows for Rubrik product deployments.
Rubrik Build includes the following resources:
• Software Development Kits
• Tooling Integrations
• Use Cases
• Community Projects
• Rubrik REST API documentation
Important: USE AT YOUR OWN RISK. Rubrik does not officially support the community tools. Carefully
investigate a community tool before using it. Always test a community tool on non-production data before
using the tool with production data.
Contents
About Rubrik Cloud Clusters...........................................................................................................9
Rubrik Cloud Cluster sizing........................................................................................................... 10
Rubrik Cloud Cluster on AWS....................................................................................................... 11

Requirements for Rubrik Cloud Cluster on AWS......................................................................... 11
Node requirements for Rubrik Cloud Cluster on AWS................................................................. 11
Node requirements for Rubrik Cloud Cluster ES on AWS............................................................ 12
Security group rules.................................................................................................................12
Workflow for Rubrik Cloud Cluster ES on AWS.......................................................................... 13
Creating a VPC endpoint for Cloud Cluster ES................................................................. 14
Creating an S3 bucket................................................................................................... 14
Creating an IAM role for S3 access.................................................................................15
Creating a security group............................................................................................... 16
Instantiating the nodes for Cloud Cluster ES................................................................... 17
Setting up Rubrik Cloud Cluster ES for AWS....................................................................19
Workflow for Rubrik Cloud Cluster on AWS............................................................................... 21
Creating a security group............................................................................................... 22
Instantiating the nodes for Cloud Cluster........................................................................ 23
Setting up Rubrik Cloud Cluster for AWS.........................................................................25
Logging in to the Rubrik CDM web UI...................................................................................... 27
Configure hosts for data protection.......................................................................................... 27
Modifying the security group policy for protected hosts.................................................... 27
Adding disks to an AWS node.................................................................................................. 28
Adding nodes to a Rubrik Cloud Cluster on AWS....................................................................... 29
Decommissioning a Cloud Cluster on AWS................................................................................ 31
Deleting the S3 bucket and IAM role.............................................................................. 31
Rubrik Cloud Cluster on Azure......................................................................................................33

Requirements for Azure............................................................................................................33
Node requirements for Rubrik Cloud Cluster on Azure................................................................33
Node requirements for Rubrik Cloud Cluster ES on Azure...........................................................34
Security model for Rubrik Cloud Cluster.................................................................................... 34
Workflow for Rubrik Cloud Cluster ES on Azure......................................................................... 35
Creating a resource group..............................................................................................35
Creating a service endpoint............................................................................................ 36
Creating a storage container.......................................................................................... 37
Creating Rubrik Cloud Cluster ES on Azure......................................................................38
Setting up Rubrik Cloud Cluster ES for Azure.................................................................. 40
Workflow for Rubrik Cloud Cluster on Azure..............................................................................42
Creating a resource group..............................................................................................42
Creating Rubrik Cloud Cluster on Azure...........................................................................43
Setting up Rubrik Cloud Cluster for Azure....................................................................... 45
Installing the Rubrik Backup Service on each host.....................................................................47
Adding disks to an Azure node.................................................................................................48
Adding Azure nodes................................................................................................................. 49
Contents 05/12/2022 | vii

Decommissioning a Rubrik Cloud Cluster...................................................................................50
Removing a storage container from Rubrik Cloud Cluster ES on Azure............................... 51
Rubrik Cloud Cluster on GCP........................................................................................................ 52

Requirements for Rubrik Cloud Cluster on GCP..........................................................................52
Node requirements for Rubrik Cloud Cluster on GCP........................................................ 53
Creating a role and a service account.............................................................................53
Creating a key............................................................................................................... 54
Deploying a Rubrik Cloud Cluster on GCP................................................................................. 55
GCP customer details file............................................................................................... 56
Security model for Rubrik Cloud Cluster.................................................................................... 57
Setting up the Rubrik Cloud Cluster on GCP..............................................................................57
Adding disks to a GCP node.....................................................................................................59
Adding GCP nodes................................................................................................................... 60
Removing GCP nodes...............................................................................................................62
Cloud Cluster registration............................................................................................................. 63

Registering Rubrik Cloud Clusters online................................................................................... 63
Registering Rubrik Cloud Clusters offline................................................................................... 64
Chapter 1
About Rubrik Cloud Clusters
About Rubrik Cloud Clusters
Rubrik Cloud Cluster and Rubrik Cloud Cluster Elastic Storage run Rubrik CDM software in a virtual Rubrik
cluster hosted on an AWS, Azure, or GCP virtual private cloud.
Rubrik Cloud Cluster supports standard node or dense node configurations, but does not support mixing
standard nodes with dense nodes. Rubrik Cloud Cluster Elastic Storage (ES) only supports dense node
configurations.
Rubrik Cloud Cluster has the following requirements:
• A minimum of four nodes per cluster
• A minimum of three data disks per node
Rubrik Cloud Cluster ES is hosted on AWS and Azure and has the following requirements:
• A minimum of three nodes per cluster
• One data disk per node
See the Rubrik Compatibility Matrix for AWS, Azure, and GCP configuration requirements.
See the Rubrik CDM User Guide for CDM configuration requirements, including port requirements.
About Rubrik Cloud Clusters 05/12/2022 | 9

Chapter 2
Rubrik Cloud Cluster sizing
Rubrik Cloud Cluster sizing
Rubrik Cloud Cluster supports standard node or dense node configurations.

Standard nodes and dense nodes have minimum resources requirements for Rubrik Cloud Cluster on AWS,
Rubrik Cloud Cluster on Azure, and Rubrik Cloud Cluster on GCP. Standard nodes have lower resource
requirements than dense nodes but do not support all Rubrik features. Dense nodes have higher resource
requirements than standard nodes but are recommended because of the full Rubrik CDM feature support
that they enable.
Use dense nodes to support the following features:
• NAS Direct Archive
• Managed Volumes
• VMware CloudOn for AWS
• 10 GbE NICs
Rubrik Cloud Cluster does not support mixing standard and dense nodes.
Related reference
Node requirements for Rubrik Cloud Cluster on AWS
Rubrik Cloud Cluster has specific standard and dense node requirements for AWS.
Node requirements for Rubrik Cloud Cluster on Azure
Rubrik Cloud Cluster has specific standard and dense node requirements for Azure.
Node requirements for Rubrik Cloud Cluster on GCP
Rubrik Cloud Cluster has specific standard and dense node requirements for GCP.
Rubrik Cloud Cluster sizing 05/12/2022 | 10

Chapter 3
Rubrik Cloud Cluster on AWS
Rubrik Cloud Cluster on AWS
A Rubrik Cloud Cluster protects applications and data by running Rubrik CDM software on Amazon EC2
instances within a virtual private cloud.
A Rubrik Cloud Cluster runs on four or more Amazon EC2 instances, with each instance functioning as a
node of the cluster. Nodes are instantiated through the AWS Management Console, using a Rubrik Amazon
Machine Image (AMI) available from the AWS Marketplace.
For Rubrik Cloud Cluster, data is stored in pre-provisioned block storage on EBS volumes. Reed-Solomon
erasure coding protects data integrity and provides efficient use of storage resources. For Rubrik Cloud
Cluster Elastic Storage (Cloud Cluster ES), data is stored in an S3 bucket.
Requirements for Rubrik Cloud Cluster on AWS

Rubrik Cloud Cluster has specific requirements to run on AWS.
Requirement Description
AWS account The AWS account must have access to the data sources that the Rubrik Cloud
Cluster will manage and protect.
Rubrik Cloud Cluster A license can be purchased from a Rubrik reseller or from the AWS
license Marketplace.
Web browser Rubrik supports the newest version of Google Chrome and the previous two
versions.
Node requirements for Rubrik Cloud Cluster on AWS

Rubrik Cloud Cluster has specific standard and dense node requirements for AWS.
Resource Standard node requirement Dense node requirement

Instance type m5.xlarge m5.4xlarge
vCPU 4 virtual CPUs 16 virtual CPUs
Reserved memory 16 GB 64 GB
Operating system disk 400 GB General Purpose SSD 400 GB General Purpose SSD
(gp2) (gp2)
Number of data disks supported 3 to 6 data disks per node 3 to 6 data disks per node
Data disk capacity .5 TB to 2 TB Throughput 2 TB to 4 TB Throughput
Optimized HDD (st1) Optimized HDD (st1)
Cold HDD (sc1) is supported on
nodes configured with 24 TB
Rubrik Cloud Cluster on AWS 05/12/2022 | 11

Raw data disk capacity per node 1.5 TB to 12 TB 6 TB to 24 TB
Usable data capacity per node 1 TB to 8 TB 4 TB to 16 TB
Node requirements for Rubrik Cloud Cluster ES on AWS

Rubrik Cloud Cluster ES has specific node requirements for AWS.
Resource Node requirement

Instance type m5.4xlarge
vCPU 16 virtual CPUs
Reserved memory 64 GB
Operating system disk 400 GB General Purpose SSD (gp2)
Data disk (for caching) 500 GB General Purpose SSD (gp2)
Note: Cloud Cluster ES supports up to 32 TB of storage on Amazon S3. After Cloud Cluster ES reaches
the 32 TB software limitation, create a new Cloud Cluster ES node for additional storage.
Security group rules

The security group for the Rubrik Cloud Cluster requires specific inbound and outbound rules.
The security group consists of inbound and outbound rules that control access to and from the Rubrik
Cloud Cluster nodes. At a minimum, the security group must include the following inbound rules:
• Allow SSH access on port 22 for Rubrik CLI sessions.
• Allow HTTPS access on port 443 for Rubrik CDM web UI sessions.
The security group must also allow all nodes within the Rubrik Cloud Cluster to communicate with each
other. This requires the security group ID, which is generated after creating a security group that includes
the other rules.
In addition, the security group must have an outbound rule that allows all outbound traffic from the
Rubrik Cloud Cluster. This rule allows the Rubrik Cloud Cluster to back up data on client machines, and to
communicate with Rubrik services.
Protected hosts require a separate security group. This security group must include a rule that allows the
Rubrik Cloud Cluster to establish a connection with the Rubrik Backup Service on ports 12800 and 12801.
Related Tasks
Creating a security group

Create a security group with rules that allow all outbound traffic from the Rubrik Cloud Cluster nodes, and
inbound traffic on ports 22 and 443.
Workflow for Rubrik Cloud Cluster ES on AWS

Setting up a Rubrik Cloud Cluster ES on AWS consists of several stages.
The following table summarizes the steps for setting up the Cloud Cluster Elastic Storage (Cloud Cluster
ES) on AWS.
AWS setup stage Description

Create a VPC endpoint The VPC endpoint allows the Cloud Cluster ES to access the S3
bucket where the data is stored.
Create an S3 bucket The S3 bucket is used to store data, and takes the place of EBS
volumes used in a Cloud Cluster.
Create an IAM role The IAM role contains permissions that allow the Cloud Cluster
ES to access the S3 bucket.
Create a security group The security group limits inbound access to the nodes and
permits access between nodes.
Generate an SSH key pair The public key and private key pair allow SSH access for the
bootstrapping process.
Instantiate the Rubrik AMI to form The Rubrik AMI is available from the Amazon Marketplace. A
nodes Cloud Cluster ES must have at least four instances of the AMI as
Rubrik nodes.
Set up the Cloud Cluster ES The setup process uses SSH to access the Cloud Cluster ES from
one of the management IP addresses, ensure access to DNS and
NTP servers, and run the bootstrap script.
Related Tasks
Creating a VPC endpoint for Cloud Cluster ES
Create a VPC endpoint and attach it to the VPC subnet where Rubrik Cloud Cluster ES will be deployed.
Creating an S3 bucket
Create an S3 bucket to store the data for Rubrik Cloud Cluster ES.
Creating an IAM role for S3 access
Create an IAM role to allow the Rubrik Cloud Cluster ES to access the S3 bucket.
Instantiating the nodes for Cloud Cluster ES
Instantiate the Rubrik Cloud Cluster ES nodes using the Rubrik Cloud Cluster Amazon Machine Image
available through the AWS Marketplace.
Setting up Rubrik Cloud Cluster ES for AWS

Use an SSH session to set up Rubrik Cloud Cluster ES for AWS.

Context
The VPC endpoint creates a network link between the VPC and S3, which allows the Cloud Cluster Elastic
Storage (Cloud Cluster ES) to access the S3 bucket used for data.
Procedure
1. Log in to the AWS Management Console using the account that will manage the Rubrik Cloud Cluster
ES.
2. From the list of AWS services, select VPC.
3. From the navigation pane, select Endpoints.
4. Click Create Endpoint.
5. In Service category, select AWS services.
6. In the search field, type s3.
7. Select the S3 service that has type Gateway.
8. In VPC, open the menu and select the VPC where the Cloud Cluster ES will be deployed.
9. Under Configure route tables, select the route table ID that corresponds to the subnet where the
Cloud Cluster ES will be deployed.
10. In Policy, select Full Access.
11. Click Create endpoint.
An information message displays the randomly generated name of the VPC endpoint.
12. Click Close.
AWS creates the new VPC endpoint and adds it to the list of VPC endpoints for the selected region.
Result
The Rubrik Cloud Cluster ES can use the VPC endpoint to access the S3 bucket.
Context
Rubrik Cloud Cluster Elastic Storage (Cloud Cluster ES) uses an S3 bucket instead of EBS volumes to store
data.
Procedure
1. Log in to the AWS Management Console using the account that will manage the Rubrik Cloud Cluster
ES.
2. From the list of AWS services, select S3.
3. Click Create bucket.
4. In Bucket name, type a name for the S3 bucket.
5. In AWS Region, select the region for the S3 bucket.
The region must be the one where the Cloud Cluster ES will be created.
6. Under Server-side encryption, select Enable.
7. Select Amazon S3 key (SSE-S3).

8. Click Create bucket.
Result
AWS creates the S3 bucket in the specified region.

Context
The IAM role is used to authenticate the Rubrik Cloud Cluster ES nodes with the S3 bucket.
Procedure
1. Log in to the AWS Management Console using the account that will manage the Rubrik Cloud Cluster.
2. From the list of AWS services, select IAM.
The Identity and Access Management (IAM) page appears.
3. Under IAM resources, click Roles.
4. Click Create role.
5. Under Select type of trusted entity, select AWS service.
6. Under Choose a use case, select EC2 and click Next: Permissions.
7. Click Create policy.
A new tab opens in the browser window.
8. Click the JSON tab.
The JSON text editor opens.
9. Copy and paste the JSON policy template.
The policy template includes the necessary permissions for accessing the S3 bucket.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:AbortMultipartUpload",
"s3:DeleteObject*",
"s3:GetObject*",
"s3:ListMultipartUploadParts",
"s3:PutObject*"
],
"Resource": "arn:aws:s3:::<bucket_name>/*"
},
{
"Effect": "Allow",
"Action": [
"s3:GetBucket*",
"s3:ListBucket*"
],
"Resource": "arn:aws:s3:::<bucket_name>"
}
]
}
10. Edit the policy and replace <bucket_name> with the actual name of the S3 bucket.
11. Click Next: Tags.
12. Add tags in the form of key-value pairs.

13. Click Next: Review.
The Review policy page appears.
14. In Name, type a name for the policy.
15. In Description, type a description for the policy.
16. Click Create policy.
A confirmation message appears.
17. Return to the Create role tab and refresh the policy page.
18. In the search field, type the name of the policy.
19. Select the IAM policy created for S3 access, then click Next: Tags.
20. Click Next: Review.
21. In Name, type a name for the role.
22. Click Create role.
Result
AWS creates the IAM role that allows the nodes of the Cloud Cluster ES to access the S3 bucket. The IAM
role is specified when the nodes are instantiated.
Related Tasks

Context
These instructions apply to both Rubrik Cloud Cluster and Rubrik Cloud Cluster Elastic Storage (Cloud
Cluster ES).
Procedure
2. In the region list at the top of the dashboard, select a region for the Rubrik Cloud Cluster.
3. Open the Services menu and select EC2.
The EC2 dashboard appears.
4. On the left-side menu, under Network & Security, select Security Groups.
The Security Groups page appears.
5. Click Create security group.
The Create security group modal appears.
6. In Security group name, type a name for the security group.
7. In Description, type a description for the security group.
8. In VPC, select a virtual private cloud.

9. Under Inbound rules, click Add rule.
10. In Type, select SSH.
11. In Source, select Custom.
12. In the address field, type a range of IP addresses using CIDR notation.
This range of IP addresses outside the VPC will have access to the Rubrik Cloud Cluster nodes inside
the VPC.
13. Type a description for the SSH inbound rule.
14. Click Add rule.
15. In Type, select HTTPS.
the VPC.
18. Type a description for the HTTPS inbound rule.
19. Under Outbound rules, click Add rule.
20. In Type, select All traffic.
21. In Destination, select Custom.
22. In the address field, select 0.0.0.0/0.
By selecting 0.0.0.0/0, the cluster nodes can communicate with any IP address. As an alternative,
specify a restricted range of IP addresses for outbound communication.
23. Click Create Security Group.
AWS creates the security group and assigns a security group ID.
24. From the Actions menu, select Edit inbound rules.
25. Click Add rule.
27. In the Source field, select the name of the security group that was just created.
AWS displays the corresponding security group ID.
28. Click Save rules.
Result
AWS creates the security group for use with the Rubrik Cloud Cluster.
Related Concepts

Prerequisites
Complete these tasks:
• Purchase a Rubrik Cloud Cluster license from a Rubrik reseller or from the AWS Marketplace.
• Create a VPC endpoint to connect to S3.
• Create an S3 bucket for storing data.
• Create an IAM role specifically for accessing the S3 bucket.
• Create a security group.
• Generate a key pair for connecting to the instances.

Context
Instantiate a minimum of three nodes in preparation for forming a cluster.
Procedure
1. Log in to the AWS account that will manage the Rubrik Cloud Cluster ES.
2. On the AWS services page, click EC2.
4. Click Launch instance > Launch instance.
The Choose an Amazon Machine Image (AMI) page appears.
5. In the search field, type Rubrik and press return.
The left-side menu populates with matches for the search term.
6. From the left-side menu, select AWS Marketplace.
The Rubrik Cloud Cluster (BYOL) AMI appears.
7. Click Select.
The Rubrik Cloud Cluster (BYOL) dialog box appears.
8. Click Continue.
The Choose an Instance Type page appears.
9. In Filter by, select m5.
10. Select m5.4xlarge as the instance type.
11. Click Next: Configure Instance Details.
12. In Number of instances, type an integer.
A Rubrik Cloud Cluster ES requires a minimum of three instances.
13. In Network, select the VPC where the Rubrik Cloud Cluster ES will be deployed.
14. In Subnet, select the subnet where the Rubrik Cloud Cluster ES will be deployed.
15. In IAM role, select the IAM role that was created to allow access to the S3 bucket.
AWS will attach the IAM role to the instances when they are launched.
16. In Enable termination protection, select Protect against accidental termination.
17. Click Next: Add Storage.
The Add Storage page appears with the root volume specified.
18. Click Add New Volume.
The volume will be used as a staging area disk.
19. In Size (GiB), type 512.
20. In Volume Type, select General Purpose SSD (gp2).
21. Select Delete on Termination.
22. In Encryption, select (default) aws/ebs.
23. Click Next: Add Tags.
24. Optional: Click Add Tag.
A key field and a value field appear.
25. Optional: In Key, type Name.
26. Optional: In Value, type the name of the Rubrik Cloud Cluster ES.
The name helps identify the instances in the EC2 inventory. AWS does not associate this name with
the Rubrik Cloud Cluster ES name.
27. Click Next: Configure Security Group.
28. In Assign a security group, choose Select an existing security group.
A list of security group IDs appears.
29. Select the security group that was created for the Rubrik Cloud Cluster ES.

30. Click Review and Launch.
The Review Instance Launch page appears with the configuration choices that were made in the
previous steps.
31. Click Launch.
The Select an existing key pair or create a new key pair dialog box appears.
32. Select Choose an existing key pair.
33. In Select a key pair, select the key pair to use for connecting to the instance.
34. Click the key access acknowledgment.
35. Click Launch Instances.
The Launch Status screen appears.
36. Click View Instances.
Result
The Instances page of the EC2 Dashboard appears and AWS launches the Rubrik node instances. When
the instances are fully running, the value in the Instance State column changes to running.
Next task
Set up the Rubrik Cloud Cluster ES through an SSH session on one of the nodes, as described in Setting up
Rubrik Cloud Cluster ES for AWS.
Related Tasks

Prerequisites
Complete the tasks described in:
• Creating a VPC endpoint for Cloud Cluster ES
• Creating an S3 bucket
• Creating an IAM role for S3 access
• Creating a security group
• Instantiating the nodes for Cloud Cluster
In addition to these tasks, gather the following information:
• IP addresses for the nodes in the Rubrik Cloud Cluster Elastic Storage (Cloud Cluster ES). The IP
addresses are available from the Instances page in the EC2 dashboard.
• Name of the .pem file that contains the SSH key.
Procedure
1. Log in to a computer with access to the Cloud Cluster ES and the SSH key pair.
2. Use SSH to connect to one of the Cloud Cluster ES nodes.

From a terminal prompt, type: ssh -i path-to-pem-file admin@node-private-ip-
address
Where:
• path-to-pem-file is the path to the file containing the SSH key.
• node-private-ip-address is the private IP address of one of the nodes in the Cloud Cluster ES.
The welcome message appears.
3. At the prompt, type network nslookup www.rubrik.com dns, where dns is the IP address of a
DNS server to be used by the Cloud Cluster ES.
This command tests the connectivity between the Cloud Cluster ES node and the DNS servers.
The system setup script uses Google DNS at 8.8.8.8 as the default value.
If the network nslookup request fails to access www.rubrik.com, replace dns with the IP address
of a DNS server that is available to the Cloud Cluster ES.
4. Repeat the connectivity test for each DNS server used by the Rubrik Cloud Cluster ES.
5. At the prompt, type network ping ntp, where ntp is the IP address of the NTP server to be used
by the Rubrik Cloud Cluster ES.
The system setup script uses the NTP Project server pool at pool.ntp.org as the default value.
If the ping command fails, replace ntp with the IP address of an NTP server that is available to the
Rubrik Cloud Cluster ES.
6. Repeat the network ping test for each NTP server used by the Cloud Cluster ES.
7. At the prompt, type: cluster bootstrap.
The User configuration section appears.
8. At E-mail, type a valid email address.
The Rubrik Cloud Cluster ES will send notifications and alerts to this email address.
9. At Password, type a secure password for the admin account.
Keep the new password in a secure location. The password also provides web UI access for the admin
account.
10. At Re-enter Password, retype the password.
The Cluster configuration section appears.
11. At Cluster name, type a name for the Rubrik Cloud Cluster ES.
The Rubrik Cloud Cluster ES uses the name to identify itself in the Rubrik CDM web UI and with other
Rubrik clusters.
12. At DNS Nameservers, type a comma-separated list of IP addresses of DNS servers.
Alternatively, press Enter to accept the default DNS server, 8.8.8.8, which is the Google DNS server.
13. Optional: At DNS Search Domains, type a comma-separated list of search domains.
14. At NTP Servers, type a comma-separated list of NTP servers.
Provide the FQDN or IP address of each NTP server.
Alternatively, press Enter to accept the default value, pool.ntp.org. This is the virtual cluster of NTP
servers that is provided for public use by the NTP Pool Project.
An invalid NTP server configuration prevents the addition of vCenter servers, and Windows and Linux
hosts.
When the NTP server is invalid, the web UI displays a banner alert. When this alert appears, correct
the NTP server configuration.
15. At Use cloud storage (y/n), press Enter to answer "yes".
16. At S3 bucket name, type the name of the S3 bucket that will store the data for the Rubrik Cloud
Cluster ES.

17. At Management Gateway, type the IP address of the management gateway to use.
Alternatively, press Enter to accept the default value, which the cloud provider assigned to the nodes
on the network.
18. At Management Subnet Mask, type the subnet mask of the management network.
Alternatively, press Enter to accept the default subnet mask.
19. At Number of nodes, type the number of AMI instances in the Rubrik Cloud Cluster ES.
This number is the same as the number of instances deployed from the AWS Marketplace.
20. At Node 1 Management IP, type the IP address for the first node in the Rubrik Cloud Cluster ES.
This value is available from the Instances page of the AWS management console, in the Private IP
Address field for the first AMI instance.
The IP address must be entered correctly, since IP addresses assigned to the Rubrik Cloud Cluster ES
nodes cannot be changed later.
The script prompts for the IP address of the next node.
21. At the prompt for each of the remaining nodes, type the IP address for that node and press Enter.
After entering the last IP address, the JSON-formatted body of the setup request appears.
22. At Proceed?, type y.
Result
The Rubrik CLI starts the system setup process. The Bootstrap Progress section appears and the CLI
displays progress messages. When the setup process finishes, the Rubrik Cloud Cluster ES is ready to
register.
Next task
Choose a method to register the Rubrik Cloud Cluster ES, as described in Cloud Cluster registration.
Workflow for Rubrik Cloud Cluster on AWS

Setting up a Rubrik Cloud Cluster on AWS consists of several stages.
The following table summarizes the steps for setting up the Cloud Cluster on AWS.
AWS setup process Description

Create a security group. The security group limits inbound access to the nodes and
permits access between nodes.
Generate an SSH key pair. The public key and private key pair allow SSH access for the
bootstrapping process.
Instantiate the Rubrik AMI to form at The Rubrik AMI is available from the Amazon Marketplace. A
least four nodes. Cloud Cluster must have at least four instances of the AMI as
Rubrik nodes.
Set up the Cloud Cluster. The setup process uses SSH to access the Cloud Cluster from
one of the management IP addresses, ensure access to DNS and
NTP servers, and run the bootstrap script.
Related Tasks
Instantiating the nodes for Cloud Cluster

Instantiate the Rubrik Cloud Cluster nodes using the Rubrik Cloud Cluster Amazon Machine Image available
through the AWS Marketplace.
Setting up Rubrik Cloud Cluster for AWS
Use an SSH session to set up Rubrik Cloud Cluster for AWS.

Context
These instructions apply to both Rubrik Cloud Cluster and Rubrik Cloud Cluster Elastic Storage (Cloud
Cluster ES).
Procedure
3. Open the Services menu and select EC2.
4. On the left-side menu, under Network & Security, select Security Groups.
5. Click Create security group.
The Create security group modal appears.
6. In Security group name, type a name for the security group.
7. In Description, type a description for the security group.
8. In VPC, select a virtual private cloud.
9. Under Inbound rules, click Add rule.
10. In Type, select SSH.
the VPC.
13. Type a description for the SSH inbound rule.
14. Click Add rule.
15. In Type, select HTTPS.
the VPC.
18. Type a description for the HTTPS inbound rule.
19. Under Outbound rules, click Add rule.
21. In Destination, select Custom.
22. In the address field, select 0.0.0.0/0.
By selecting 0.0.0.0/0, the cluster nodes can communicate with any IP address. As an alternative,
specify a restricted range of IP addresses for outbound communication.
23. Click Create Security Group.
AWS creates the security group and assigns a security group ID.

24. From the Actions menu, select Edit inbound rules.
25. Click Add rule.
27. In the Source field, select the name of the security group that was just created.
AWS displays the corresponding security group ID.
28. Click Save rules.
Result
AWS creates the security group for use with the Rubrik Cloud Cluster.
Related Concepts

Prerequisites
• Purchase a Rubrik Cloud Cluster license from a Rubrik reseller or from the AWS Marketplace.
• Create a security group.
• Generate a key pair for connecting to the instances.
Context
Instantiate a minimum of four nodes in preparation for forming a cluster.
Procedure
2. From the list of AWS services, click EC2.
4. Click Launch instance > Launch instance.
The Choose an Amazon Machine Image (AMI) page appears.
5. In the search field, type Rubrik and press return.
The left-side menu populates with matches for the search term.
6. From the left-side menu, select AWS Marketplace.
The Rubrik Cloud Cluster (BYOL) AMI appears.
7. Click Select.
The Rubrik Cloud Cluster (BYOL) dialog box appears.
8. Click Continue.
The Choose an Instance Type page appears.
9. In Filter by, select m5.
10. Select a type.
Option Description
m5.4xlarge Choose this type for a dense node cluster.
m5.xlarge Choose this type for a standard node cluster.
11. Click Next: Configure Instance Details.

12. In Number of instances, type an integer.
A Rubrik Cloud Cluster requires a minimum of four instances.
13. In Network, select the VPC where the Rubrik Cloud Cluster will be deployed.
14. In Subnet, select the subnet where the Rubrik Cloud Cluster will be deployed.
15. In Enable termination protection, select Protect against accidental termination.
16. Click Next: Add Storage.
The Add Storage page appears with the root volume specified.
17. Click Add New Volume.
Click once for each volume to create. Each node can have between three and six volumes. The
number of volumes must be the same for each node in the cluster.
Dense node clusters using sc1 disks must have six 4 TB volumes for each node.
18. For each EBS volume row, specify the EBS volume settings.
All volumes must have the same settings, as described in EBS volume settings.
19. Click Next: Add Tags.
20. Optional: Click Add Tag.
A key field and a value field appear.
21. Optional: In Key, type Name.
22. Optional: In Value, type the name of the Rubrik Cloud Cluster.
The name helps identify the instances in the EC2 inventory. AWS does not associate this name with
the Rubrik Cloud Cluster name.
23. Click Next: Configure Security Group.
24. In Assign a security group, choose Select an existing security group.
A list of security group IDs appears.
25. Select the security group that was created for the Rubrik Cloud Cluster.
26. Click Review and Launch.
The Review Instance Launch page appears with the configuration choices that were made in the
previous steps.
27. Click Launch.
The Select an existing key pair or create a new key pair dialog box appears.
28. Select Choose an existing key pair.
29. In Select a key pair, select the key pair to use for connecting to the instance.
30. Click the key access acknowledgment.
31. Click Launch Instances.
The Launch Status screen appears.
32. Click View Instances.
Result
The Instances page of the EC2 Dashboard appears and AWS launches the Rubrik node instances. When
the instances are fully running, the value in the Instance State column changes to running.
Next task
Set up the Rubrik Cloud Cluster through an SSH session on one of the nodes, as described in Setting up
Rubrik Cloud Cluster for AWS.
Related Tasks

EBS volume settings

EBS volumes for a Rubrik Cloud Cluster have specific configuration requirements.
Column Specification
Size (GiB) Type 512, 1024, or 2048. Choose the same number for each volume. For
dense nodes using sc1 disks, type 4096.
Volume Type Select Throughput Optimized HDD (st1) or Cold HDD (sc1). Choose the same
type for each volume. Cold HDD (sc1) is only supported for dense nodes.
Delete on Termination Select this feature.
Encryption Select the (default) aws/ebs KMS key alias to use AWS native encryption on
the EBS volumes. If another key was created for this purpose, select that key
from the menu.
Setting up Rubrik Cloud Cluster for AWS

Use an SSH session to set up Rubrik Cloud Cluster for AWS.
Prerequisites
Complete the tasks described in:
• Creating a security group
• Instantiating the nodes for Cloud Cluster
In addition to these tasks, gather the following information:
• IP addresses for the nodes in the Rubrik Cloud Cluster. The IP addresses are available from the
Instances page in the EC2 dashboard.
• Name of the .pem file that contains the SSH key.
Procedure
1. Log in to a computer with access to the Rubrik Cloud Cluster and the SSH key pair.
2. Use SSH to connect to one of the Rubrik Cloud Cluster nodes.
From a terminal prompt, type: ssh -i path-to-pem-file admin@node-private-ip-
address
Where:
• path-to-pem-file is the path to the file containing the SSH key.
• node-private-ip-address is the private IP address of one of the nodes in the Rubrik Cloud Cluster.
DNS server to be used by the Cloud Cluster.
This command tests the connectivity between the Cloud Cluster node and the DNS servers.
of a DNS server that is available to the Cloud Cluster.
4. Repeat the connectivity test for each DNS server used by the Rubrik Cloud Cluster.

by the Rubrik Cloud Cluster.
Rubrik Cloud Cluster.
6. Repeat the network ping test for each NTP server used by the Cloud Cluster.
7. At the prompt, type: cluster bootstrap.
The Rubrik Cloud Cluster will send notifications and alerts to this email address.
Keep the new password in a secure location. The password also provides web UI access for the admin
account.
11. At Cluster name, type a name for the Rubrik Cloud Cluster.
The Rubrik Cloud Cluster uses the name to identify itself in the Rubrik CDM web UI and with other
Rubrik clusters.
Alternatively, press Enter to accept the default value, pool.ntp.org. This is the virtual cluster of NTP
An invalid NTP server configuration prevents the addition of vCenter servers, and Windows and Linux
hosts.
When the NTP server is invalid, the web UI displays a banner alert. When this alert appears, correct
the NTP server configuration.
15. At Use cloud storage (y/n), type n to answer "no".
16. At Management Gateway, type the IP address of the management gateway to use.
Alternatively, press Enter to accept the default value, which the cloud provider assigned to the nodes
on the network.
17. At Management Subnet Mask, type the subnet mask of the management network.
Alternatively, press Enter to accept the default subnet mask.
18. At Number of nodes, type the number of AMI instances in the Rubrik Cloud Cluster.
The minimum number of nodes is 4.
19. At Node 1 Management IP, type the IP address for the first node in the Rubrik Cloud Cluster.
This value is available from the Instances page of the AWS management console, in the Private IP
Address field for the first AMI instance.
The IP address must be entered correctly, since IP addresses assigned to the Rubrik Cloud Cluster

Result
displays progress messages. When the setup process finishes, the Rubrik Cloud Cluster is ready to register.
Next task
Choose a method to register the Rubrik Cloud Cluster, as described in Cloud Cluster registration.
Logging in to the Rubrik CDM web UI

Log in to the Rubrik CDM web UI of the Rubrik Cloud Cluster for the first time using the admin account.
Procedure
1. On a computer with access to port 443 on one of the nodes of the Rubrik Cloud Cluster, start Google
Chrome.
2. In the address field, type https://Rubrik_Cluster, where Rubrik_Cluster is the resolvable
hostname or private IP address of one of the nodes of the Rubrik Cloud Cluster.
The Welcome page appears.
3. In Username, type admin.
4. In Password, type the password for the admin account.
Use the password for the admin account that was created during system setup.
5. Click Sign In.
Result
The Dashboard page appears.
Configure hosts for data protection

After setting up the Rubrik Cloud Cluster, prepare hosts for data protection and management.
Hosts require the following changes to permit data protection and management by the Rubrik Cloud
Cluster:
1. Modify the security group policy assigned to the hosts to permit inbound access on ports 12800 and
12801 from the Rubrik Cloud Cluster.
2. Install the Rubrik Backup Service on each host.
Related Tasks
Modifying the security group policy for protected hosts
Edit the existing security group assigned to protected hosts or create a new security group.
Modifying the security group policy for protected hosts

Edit the existing security group assigned to protected hosts or create a new security group.
Prerequisites
Note the ID of the Rubrik Cloud Cluster security group. The security group prevents inbound access to the
Rubrik Cloud Cluster and is only assigned to the Rubrik Cloud Cluster.
Procedure

2. From the list of AWS services, click EC2.
4. In the left-side menu, under Networking & Security, select Security Groups.
5. Select the security group that is assigned to the protected host.
6. On the Actions menu, select Edit inbound rules.
The Edit inbound rules modal appears.
7. Click Add Rule.
8. Select and type the specified values.
Type Custom TCP
Protocol TCP
Port Range 12800-12801
Source Custom
9. In the Custom text field, type or paste the ID of the Rubrik Cloud Cluster security group.
10. Click Save.
11. Repeat this task for each security group that controls inbound access to a protected host.
Result
AWS modifies the security groups of the protected hosts to allow inbound access from the Rubrik Cloud
Cluster to the Rubrik Backup Service that is running on the host.
Adding disks to an AWS node

Add disks to increase capacity on a Rubrik Cloud Cluster. These steps cannot be performed on Rubrik Cloud
Cluster ES.
Procedure
1. Log in to the AWS Management Console using an account with administrator privileges.
3. In the region list at the top of the dashboard, select the region for the Rubrik Cloud Cluster.
4. From the left-side menu, under Elastic Block Store, select Volumes.
5. Click Create Volume.
The Create Volume page appears.
6. Configure the volume parameters.
Choose the same volume type and size as the existing disks.
7. Click Encryption.
The Master Key field appears.
8. In Master Key, select the default master key from the menu.
9. Click Create Volume.
The Volumes page displays the new volume.
10. Select the new volume, then select Actions > Attach Volume.
The Attach Volume dialog box appears.

11. In Instance, select the instance ID of the node where the new disk will be attached.
12. Click Attach.
AWS attaches the new volume to the Rubrik Cloud Cluster node instance.
13. Log in to the Rubrik CDM web UI using an account with administrator privileges.
14. From the left-side menu, select Dashboards > System Performance.
The System Performance dashboard appears, and displays all the nodes for the cluster.
15. Click the name of the node that has the new disk.
The node details page appears, with the new disk indicated by an orange symbol.
16. On the HDD Status card, click Set Up Disk.
The Manage Disk dialog box appears.
17. Click Submit.
Result
The Rubrik cluster formats the new disk and adds it to the specified node of the Rubrik Cloud Cluster.
Adding nodes to a Rubrik Cloud Cluster on AWS

Add nodes to a Rubrik Cloud Cluster or Rubrik Cloud Cluster ES to provide additional capacity and
improved performance.
Prerequisites
Create one or more new EC2 instances from the Rubrik AMI.
• For Rubrik Cloud Cluster Elastic Storage (Cloud Cluster ES), use the procedure described in Instantiating
the nodes for Cloud Cluster ES.
• For Rubrik Cloud Cluster, use the procedure described in Instantiating the nodes for Cloud Cluster.
Note: For Rubrik Cloud Cluster, all nodes on a cluster must have the same number of disks, and each disk
must be the same type and size. Rubrik Cloud Clusters do not support mixing dense nodes and standard
nodes.
Procedure
1. From a computer with network access to the IP address of one of the new nodes, open an SSH
session on that node.
Type ssh admin@node-ip-address, where node-ip-address is the IP address of the new node.
The password prompt appears.
2. Type rubrik.
The Rubrik CLI opens.
3. At the command prompt, type network ifconfig.
Save the node ID and subnet mask for later use.
4. At the command prompt, type network route -n.
Save the default gateway IP address for later use.
5. Open an SSH session on each of the remaining new nodes and obtain their node IDs.
Each new node has the same subnet mask and default gateway IP address. The only unique
information for each node is the node ID.
6. Open the Rubrik REST API playground.
In a web browser, open https://rubrik_cluster/docs/internal/playground/, where
rubrik_cluster is the resolvable hostname or IP address of the Rubrik cloud cluster.
The Rubrik REST API Explorer appears.

7. Click /cluster.
The listing expands to show all operations for that endpoint.
8. Click POST /cluster/{id}/node.
The endpoint listing expands.
9. Click Try it out.
The page opens the JSON fields in the request section for editing.
10. In the request section, type the node ID of the first new node, the IP address, the netmask, and the
gateway IP address.
{
"nodes": {
"node_id": {
"managementIpConfig": {
"address": "ip-address",
"netmask": "netmask",
"gateway": "gateway"
}
}
},
"ipmiPassword": "NoPassword"
}
• Replace node_id with the node ID of the node being added.

• Replace ip-address with the IP address of the node being added.
• Replace netmask with the subnet mask of the cloud cluster.
• Replace gateway with the default gateway IP address of the cloud cluster.
11. Create a node_id block for each of the remaining new nodes.
Use the node_id block of the first new node as a template for the remaining new nodes. Replace
the node ID and IP address values with the corresponding values for each new node, and leave the
netmask and gateway values the same.
12. Click Execute.
Result
The Rubrik REST API server processes the POST request and adds the new nodes to the Rubrik Cloud
Cluster or the Rubrik Cloud Cluster ES.
Related Tasks

Decommissioning a Cloud Cluster on AWS

Remove the Rubrik Cloud Cluster nodes and their associated objects from AWS.
Context
Decommissioning a Rubrik Cloud Cluster removes the associated objects from AWS, and permanently
deletes all data that is stored on the Rubrik Cloud Cluster. These instructions apply to both Rubrik Cloud
Cluster and Rubrik Cloud Cluster ES.
Procedure
3. In the navigation pane, under Instances, select Instances.
The Instances page appears.
4. Select one of the Rubrik Cloud Cluster instances.
5. Open the Actions menu and select Instance settings > Change termination protection.
The Change termination protection modal appears.
6. Clear Enable and click Save.
The instance summary on the Details tab shows that termination protection is disabled.
7. Open the Actions menu and select Manage instance state.
8. In Instance state settings, select Terminate.
9. Click Change state.
AWS deletes the instance of the Rubrik Cloud Cluster and removes the EBS root volume.
10. Repeat this process for the remaining instances.
Result
AWS removes the instances from the Rubrik Cloud Cluster.
Next task
For a Rubrik Cloud Cluster ES, complete the decommissioning process by removing the associated S3
bucket and the IAM role, as described in Deleting the S3 bucket and IAM role.
Deleting the S3 bucket and IAM role

Delete the S3 bucket and the IAM role used for Rubrik Cloud Cluster ES.
Prerequisites
Remove the instances used as nodes for the Rubrik Cloud Cluster ES, along with their associated
resources, as described in Decommissioning a Cloud Cluster on AWS.
Context
This task completes the decommissioning of a Rubrik Cloud Cluster ES by removing the S3 bucket and the
associated IAM role.
Procedure
1. Log in to the AWS Management Console using the account for the Rubrik Cloud Cluster ES.

2. Open the Services menu and select S3.
3. From the Buckets list, select the name of the S3 bucket used for the Cloud Cluster ES.
4. Click Delete.
A confirmation window appears.
5. In the text input field, type the name of the S3 bucket.
6. Click Delete bucket.
A success message confirms that the bucket was successfully deleted.
7. Open the Services menu and select IAM.
The IAM dashboard appears.
8. Under IAM resources, click Roles.
9. Select the name of the role that was created to allow access to the S3 bucket.
10. Click Delete role.
A confirmation window appears.
11. Click Yes, delete.
AWS deletes the IAM role, along with any attached instance profiles and inline policies.
Result
The Cloud Cluster ES is completely decommissioned, and AWS removes the S3 bucket and IAM role.

Chapter 4
Rubrik Cloud Cluster on Azure
Rubrik Cloud Cluster on Azure
Rubrik CDM on Azure provides the ability to run a Rubrik Cloud Cluster to protect applications and data
within a Microsoft Azure virtual network.
A Rubrik Cloud Cluster runs on four or more virtual machines, with each virtual machine serving as a node
of the cluster.
Rubrik Cloud Cluster stores data in pre-provisioned block storage on Azure data disks. Rubrik Cloud Cluster
Elastic Storage (Cloud Cluster ES) stores data in a container within a storage account.
Requirements for Azure

Before setting up a Rubrik Cloud Cluster on Azure, certain preparations must be completed.
The following table summarizes the preparations for setting up a Rubrik Cloud Cluster on Azure. These
requirements apply to both Rubrik Cloud Cluster and Rubrik Cloud Cluster Elastic Storage (Cloud Cluster
ES).
Requirement Information
Azure subscription account The Azure subscription account must have access to the data sources that
the Rubrik Cloud Cluster will manage and protect.
Rubrik Cloud Cluster license A license can be purchased from a Rubrik reseller or from the Azure
Marketplace.
Secure access Secure access controls which IP addresses can access the Rubrik Cloud
Cluster from outside the virtual network.
Web browser Rubrik supports the newest version of Google Chrome and the previous
two versions.
Node requirements for Rubrik Cloud Cluster on Azure

Rubrik Cloud Cluster has specific standard and dense node requirements for Azure.

Instance type Standard_DS3_v2 Standard_DS5_v2
Operating system disk 400 GB premium SSD 400 GB premium SSD
Number of data disks supported 3 to 6 data disks per node 3 to 6 data disks per node
Data disk capacity .5 TB to 2 TB standard HDD 2 TB to 4 TB standard HDD
Rubrik Cloud Cluster on Azure 05/12/2022 | 33

Node requirements for Rubrik Cloud Cluster ES on Azure

Rubrik Cloud Cluster ES has specific node requirements for Azure.
Resource Node requirement

Instance type Standard_DS5_v2
vCPU 16 virtual CPUs
Reserved memory 56 GB
Operating system disk 400 GB premium SSD
Data disk (for caching) 500 GB premium SSD
Note: Cloud Cluster ES supports up to 32 TB of storage on Azure Blob Storage. After Cloud Cluster ES
reaches the 32 TB software limitation, create a new Cloud Cluster ES node for additional storage.
Security model for Rubrik Cloud Cluster

Protect data managed on a Rubrik Cloud Cluster by using a simple security model.
Rubrik recommends using a simple security model to prevent all access to the Rubrik Cloud Cluster from
IP addresses outside of the virtual network. This model also applies to the Rubrik Cloud Cluster Elastic
Storage (Rubrik Cloud Cluster ES).
A Rubrik Cloud Cluster consists of virtual machines that function as nodes in the cluster. Each virtual
machine requires a network interface to connect it to the virtual network. For additional security, control
access to the virtual network subnet of the Rubrik Cloud Cluster.
To administer the Rubrik Cloud Cluster, use a host that has secure access to the nodes of the Rubrik Cloud
Cluster. Provide VPN access between management hosts and the virtual network subnet of the Rubrik
Cloud Cluster. The following table lists the methods for administrative access to the Rubrik Cloud Cluster.
Method Description
Access through a jump Access the public IP of the jump server. From the jump server:
server
• Access the nodes of the Rubrik Cloud Cluster.
• Start a web browser on the jump server and access the Rubrik CDM web
UI of the Rubrik Cloud Cluster through the browser session.
VPN access to the virtual Configure a VPN that includes the virtual network where the Rubrik Cloud
network Cluster is running and the network locations of management hosts. From the
local machine:
• Start a web browser on the local machine and access the Rubrik CDM
web UI of the Rubrik Cloud Cluster through the browser session.

Workflow for Rubrik Cloud Cluster ES on Azure
Setting up a Rubrik Cloud Cluster with elastic storage on Azure consists of a sequence of tasks, which must
be performed in the correct order.
Setting up Rubrik Cloud Cluster ES on Azure involves several discrete tasks. The order in which you
complete these tasks is important because the later tasks build on the results of earlier tasks.
The first task requires you to create a resource group, as described in Creating a resource group. That task
has a following task that must be completed, and then each task thereafter has a preceding task and a
following task until you have finalized the setup.
The following list provides the sequence of tasks:
• Creating a resource group
• Creating a service endpoint
• Creating a storage container
• Creating Rubrik Cloud Cluster ES
• Setting up Rubrik Cloud Cluster ES
Related Tasks
Creating a service endpoint
In the virtual network where Rubrik Cloud Cluster ES will be deployed, create a service endpoint to provide
direct connectivity to Azure storage.
Creating a storage container
Create a storage account with one container to store the data for Rubrik Cloud Cluster ES.
Creating Rubrik Cloud Cluster ES on Azure
Create at least three virtual machines to use as nodes for Rubrik Cloud Cluster ES on Azure.
Creating a resource group

Create the resource group to use for the Rubrik Cloud Cluster.
Context
The virtual machines that form the Rubrik Cloud Cluster are deployed and managed from this resource
group.
Procedure
1. Log in to the Azure portal using the subscription account.
2. Under Azure services, select Resource groups.
The Resource groups page appears.
3. Click Create.
The Create a resource group blade appears, with the Basics tab selected.
4. Complete the fields on the blade.
5. Click Next:Tags and supply a name and value for the tag.
Tags can help organize resources by categories.
6. Click Review + create.
A validation message appears.
7. Click Create.

Result
The resource group is available for the Rubrik Cloud Cluster.
Next task
For Rubrik Cloud Cluster ES, create a service endpoint in the account where the Rubrik Cloud Cluster ES
will be deployed, as described in Creating a service endpoint.
For Rubrik Cloud Cluster, create the virtual machines, as described in Creating Rubrik Cloud Cluster on
Azure.
Related Concepts
Related Tasks

Prerequisites
Do the following:
• Complete the steps described in Creating a resource group.
• Create a virtual network with a subnet for Rubrik Cloud Cluster Elastic Storage (Rubrik Cloud Cluster
ES). Azure documentation describes several methods for creating a virtual network.
Context
The service endpoint creates a network link between the virtual network and the storage container.
Procedure
1. Log in to the Azure portal and navigate to the Virtual networks service.
The Virtual networks page displays a list of virtual networks.
2. Click the virtual network where Rubrik Cloud Cluster ES will be deployed.
The overview page for that virtual network appears.
3. From the left-side menu, under Settings, select Subnets.
4. Click the subnet where the Rubrik Cloud Cluster ES will be deployed.
The page with the details for that subnet opens.
5. Under Service Endpoints, in Services, open the menu and select Microsoft.Storage.
6. Click Save.
Result
Azure saves the subnet with the new service endpoint.

Next task
For Rubrik Cloud Cluster ES, create a storage container, as described in Creating a storage container.
Related Concepts
Related Tasks

Prerequisites
Complete the steps described in Creating a service endpoint.
Context
Create a storage account in the same region where Rubrik Cloud Cluster Elastic Storage (Rubrik Cloud
Cluster ES) will be deployed, then create a container in that storage account.
Procedure
1. Log in to the Azure portal and navigate to Storage accounts.
The Storage accounts page displays a list of storage accounts.
2. Click + Create.
The Create a storage account blade appears, with the Basics tab selected.
3. In Resource group, select the resource group to use for Rubrik Cloud Cluster ES.
4. Under Instance details, in Storage account name, type a name for the storage account.
5. In Region, select the region where Rubrik Cloud Cluster ES will be deployed.
6. In Performance, select Standard.
7. In Redundancy, select Locally-redundant storage (LRS).
8. Click the Networking tab.
9. In Connectivity method, select Public endpoint (selected networks).
10. In Virtual network, select the virtual network for Rubrik Cloud Cluster ES from the menu.
11. In Subnets, select the subnet for Rubrik Cloud Cluster ES.
A summary appears on the Create a storage account page, along with a validation message.
13. Click Create.
14. Once the storage account is successfully created, navigate to the Storage accounts page and click the
name of the new storage account.
15. From the left-side menu, select Containers.
16. Click + Container.
The New container blade appears.
17. In Name, type a unique name for the container.
18. Click Create.

The new container is added to the list of containers for the storage account.
19. From the left-side menu, select Access keys.
20. Click Show keys.
21. Copy the connection string for either key1 or key2.
The connection string is required during the setup task.
Result
Azure creates a storage account with the specified container for use with Rubrik Cloud Cluster ES.
Next task
Create Rubrik Cloud Cluster ES, as described in Creating Rubrik Cloud Cluster ES on Azure.
Related Concepts
Related Tasks

Prerequisites
• Complete the steps described in Creating a storage container.
• Purchase a Rubrik Cloud Cluster license from a Rubrik reseller or from the Azure Marketplace.
• Generate an SSH key pair. Azure documentation describes how to create and manage SSH keys.
Context
Instantiate a minimum of three nodes, one at a time, in preparation for forming a cluster.
Procedure
1. Log in to the Azure Portal.
2. Navigate to the Virtual machines service.
3. Click + Create and select + Virtual machine.
The Create a virtual machine blade appears.
4. In Subscription, select the subscription associated with the Rubrik Cloud Cluster ES.
5. In Resource group, select the resource group for the Rubrik Cloud Cluster ES nodes.
6. In Virtual machine name, type a unique name for the node.
7. In Region, select the region where the Rubrik Cloud Cluster ES will be deployed.
The Rubrik Cloud Cluster ES must be in the same region as the storage container.
8. In Image, click See all images.
The Select an image page appears.

9. In the search field, type Rubrik and press Enter.
The Rubrik Cloud Data Management on Azure tile appears.
10. Click Select, then select the Rubrik CDM image to use for the Rubrik Cloud Cluster ES.
The Azure Marketplace offers the latest version of Rubrik CDM software and up to two previous
versions.
11. In Size, select Standard_DS5_v2.
12. For Authentication type, select SSH public key.
13. In Username, keep the default name, azureuser.
14. In SSH public key source, choose a source for the key pair.
Azure documentation describes the source alternatives.
15. In Stored Keys, select the name of the SSH key generated previously.
16. Click Next: Disks.
17. In OS disk type, select Premium SSD.
18. Under Data disks, click Create and attach a new disk.
The new disk will be used as a staging area disk.
The Create a new disk page appears.
19. In Name, type a unique name or accept the default generated name.
20. In Size, click Change size.
The Select a disk size page appears.
21. Select 512 GiB and click OK.
22. Click OK.
The Create a virtual machine page appears, and Azure updates the information in the Data disks
section.
23. In Host caching, select Read/write.
25. In Virtual network, select the virtual network where the service endpoint was created.
26. In Subnet, select the subnet where the service endpoint was created.
27. In Public IP, select None.
28. Select Accelerated networking.
29. Fill in any necessary custom information on the remaining tabs.
A summary appears on the Create a virtual machine page, along with a validation message.
31. Click Create.
Azure submits the deployment template for the node. When the deployment finishes, Azure displays a
deployment overview page.
32. Repeat these steps for each node in the Rubrik Cloud Cluster ES.
33. Obtain the private IP address for each node from the Virtual machine page for that node.
System setup requires the IP addresses for each node.
Result
Azure creates the virtual machines for the Rubrik Cloud Cluster ES in the account.
Next task
Configure the cluster, as described in Setting up Rubrik Cloud Cluster ES for Azure.
Related Concepts

Related Tasks
Setting up Rubrik Cloud Cluster ES for Azure

Set up Rubrik Cloud Cluster ES for Azure.
Prerequisites
Have the following information available:
• IP addresses for the nodes in the Rubrik Cloud Cluster Elastic Storage (Rubrik Cloud Cluster ES). The IP
addresses are available from the node overview page in the Azure portal.
• Connection string for the storage container.
• Name of the private key file that contains the private SSH key.
Procedure
1. Log in to a computer with access to the Rubrik Cloud Cluster ES and the SSH key pair.
2. Use SSH to connect to one of the Rubrik Cloud Cluster ES nodes.
From a terminal prompt, type ssh -i path-to-private-key-file admin@node-private-
ip-address
Where:
• path-to-private-key-file is the path to the file containing the private SSH key.
• node-private-ip-address is the private IP address of the node selected for management access to
the Rubrik Cloud Cluster ES.
DNS server to be used by the Rubrik Cloud Cluster ES.
This command tests the connectivity between the Rubrik Cloud Cluster ES node and the DNS servers.
of a DNS server that is available to the Rubrik Cloud Cluster ES.
4. Repeat the connectivity test for each DNS server used by the Rubrik Cloud Cluster ES.
by the Rubrik Cloud Cluster ES.
Rubrik Cloud Cluster ES.
6. Repeat the network ping test for each NTP server used by the Rubrik Cloud Cluster ES.
7. At the prompt, type cluster bootstrap.

The password entered in this step replaces the temporary password for the admin account. Keep the
new password in a secure location. The password also provides web UI access for the admin account.
11. At Cluster name, type a name for the Rubrik Cloud Cluster ES.
The Rubrik Cloud Cluster ES uses the name to identify itself in the Rubrik CDM web UI and with other
Rubrik clusters.
12. At DNS Nameservers, type a comma-separated list of IP addresses of DNS servers, or press Enter
to accept the default DNS server, 8.8.8.8.
14. At NTP Servers, type a comma-separated list of NTP servers, or press Enter to accept the default
value, pool.ntp.org.
NTP servers can be listed by FQDN or by IP address.
The default value, pool.ntp.org, is the virtual cluster of NTP servers provided for public use by the NTP
Pool Project.
When the NTP server is invalid, the web UI displays a banner alert. An invalid NTP server configuration
prevents the addition of vCenter servers and Windows and Linux hosts. Correct the NTP server
configuration to proceed.
15. At Use cloud storage (y/n), press Enter to answer "yes".
16. At Connection string, type the connection string for the storage account.
17. At Re-enter Connection string, type the connection string again.
18. At Container name, type the name of the storage container.
19. At Management Gateway, type the IP address of the management gateway to use, or press Enter
to accept the default value.
The cloud provider determines the default value and assigns it to the nodes on the network.
20. At Management Subnet Mask, type the subnet mask of the management network, or press Enter
to accept the default subnet mask.
21. At Number of nodes, type an integer for the number of nodes in the cluster.
This number is the same as the number of instances deployed from the Azure Marketplace.
22. At Node 1 Management IP, type the IP address for the first node in the Rubrik Cloud Cluster ES
and press Enter.
The IP address must be entered correctly, since IP addresses assigned to the Rubrik Cloud Cluster ES
Result
Next task
Choose a method to register the Rubrik Cloud Cluster ES, as described in Cloud Cluster registration.

Related Tasks
Workflow for Rubrik Cloud Cluster on Azure

Setting up a Rubrik Cloud Cluster on Azure consists of a sequence of tasks, which must be performed in
the correct order.
Setting up Rubrik Cloud Cluster on Azure involves several discrete tasks. The order in which you complete
these tasks is important because the later tasks build on the results of earlier tasks.
The first task requires you to create a resource group, as described in Creating a resource group. That task
has a following task that must be completed, and then each task thereafter has a preceding task and a
following task until you have finalized the setup.
The following list provides the sequence of tasks:
• Creating a resource group
• Creating Rubrik Cloud Cluster on Azure
• Setting up Rubrik Cloud Cluster for Azure
Related Tasks
Creating Rubrik Cloud Cluster on Azure
Create at least four virtual machines to use as nodes for Rubrik Cloud Cluster on Azure.
Setting up Rubrik Cloud Cluster for Azure
Set up Rubrik Cloud Cluster for Azure.

Context
The virtual machines that form the Rubrik Cloud Cluster are deployed and managed from this resource
group.
Procedure
1. Log in to the Azure portal using the subscription account.
2. Under Azure services, select Resource groups.
The Resource groups page appears.
3. Click Create.
The Create a resource group blade appears, with the Basics tab selected.
4. Complete the fields on the blade.
5. Click Next:Tags and supply a name and value for the tag.
Tags can help organize resources by categories.
A validation message appears.

7. Click Create.
Result
The resource group is available for the Rubrik Cloud Cluster.
Next task
For Rubrik Cloud Cluster ES, create a service endpoint in the account where the Rubrik Cloud Cluster ES
will be deployed, as described in Creating a service endpoint.
For Rubrik Cloud Cluster, create the virtual machines, as described in Creating Rubrik Cloud Cluster on
Azure.
Related Concepts
Related Tasks

Prerequisites
Complete the following:
• Purchase a Rubrik Cloud Cluster license from a Rubrik reseller or from the Azure Marketplace.
• Create a resource group for the Rubrik Cloud Cluster nodes, as described in Creating a resource group.
• Generate an SSH key pair. Azure documentation describes how to create and manage SSH keys.
Context
Instantiate a minimum of four nodes, one at a time, in preparation for forming a cluster.
Procedure
1. Log in to the Azure Portal.
2. Navigate to the Virtual machines service.
3. Click + Create and select + Virtual machine.
The Create a virtual machine blade appears.
4. In Subscription, select the subscription associated with the Rubrik Cloud Cluster from the menu.
5. In Resource group, select the resource group for the Rubrik Cloud Cluster nodes.
6. In Virtual machine name, type a unique name for the node.
7. In Region, select the region where the Rubrik Cloud Cluster will be deployed.
8. In Image, click See all images.
The Select an image page appears.
9. In the search field, type Rubrik and press Enter.
The Rubrik Cloud Data Management on Azure tile appears.
10. Click Select, then select the Rubrik CDM image to use for the Rubrik Cloud Cluster.

The Azure Marketplace offers the latest version of Rubrik CDM software and up to two previous
versions.
11. In Size, select the size to use for each virtual machine.
Option Description
Standard_DS5_v2 Choose this size for a dense node cluster.
Standard_DS3_v2 Choose this size for a standard node cluster.
12. For Authentication type, select SSH public key.
13. In Username, keep the default name, azureuser.
14. In SSH public key source, choose a source for the key pair.
Azure documentation describes the source alternatives.
15. In Stored Keys, select the name of the SSH key generated previously.
16. Click Next: Disks.
17. Under Data disks, click Create and attach a new disk.
18. In Name, type a unique name or accept the default generated name.
19. In Size, click Change size.
The Select a disk size page appears.
20. In Disk SKU, select Standard HDD.
21. Select a disk size and click OK.
Choose the same disk size for each node. For a list of supported disk sizes, refer to the Rubrik
Compatibility Matrix.
22. Click OK.
The Create a virtual machine page appears.
24. In Virtual network, select the virtual network where the Rubrik Cloud Cluster will be deployed.
25. In Subnet, select the subnet where the Rubrik Cloud Cluster will be deployed.
26. In Public IP, select None.
27. Select Accelerated networking.
28. Fill in any necessary custom information on the remaining tabs.
29. Repeat the steps for creating and attaching a new disk until the node has the required number of
disks.
Each node in a Rubrik Cloud Cluster must have at least three disks, and each node must have the
same number of disks.
A summary appears on the Create a virtual machine page, along with a validation message.
31. Click Create.
Azure submits the deployment template for the node. When the deployment finishes, Azure displays a
deployment overview page.
32. Repeat these steps for each node in the Rubrik Cloud Cluster.
33. Obtain the private IP address for each node from the Virtual machine page for that node.
System setup requires the IP addresses for each node.
Result
Azure creates the virtual machines for the Rubrik Cloud Cluster in the account.
Next task
Configure the cluster, as described in Setting up Rubrik Cloud Cluster for Azure.

Setting up Rubrik Cloud Cluster for Azure
Set up Rubrik Cloud Cluster for Azure.
Prerequisites
Complete the following:
• Create a Rubrik Cloud Cluster on Azure, as described in Creating Rubrik Cloud Cluster on Azure.
• Obtain and have available the IP addresses for the nodes in the Rubrik Cloud Cluster. The IP addresses
are available from the node overview page in the Azure portal.
• Obtain and have available the name of the private key file that contains the private SSH key.
Procedure
1. Log in to a computer with access to the Rubrik Cloud Cluster and the SSH key pair.
2. Use SSH to connect to one of the Rubrik Cloud Cluster nodes.
From a terminal prompt, type: ssh -i path-to-private-key-file admin@node-private-
ip-address
Where:
• path-to-private-key-file is the path to the file containing the private SSH key.
• node-private-ip-address is the private IP address of one of the nodes in the Rubrik Cloud Cluster.
DNS server to be used by the Rubrik Cloud Cluster.
This command tests the connectivity between the Rubrik Cloud Cluster node and the DNS servers.
of a DNS server that is available to the Rubrik Cloud Cluster.
4. Repeat the connectivity test for each DNS server used by the Rubrik Cloud Cluster.
by the Rubrik Cloud Cluster.
6. Repeat the network ping test for each NTP server used by the Rubrik Cloud Cluster.
11. At Cluster name, type a name for the Rubrik Cloud Cluster.
Rubrik clusters.

12. At DNS Nameservers, type a comma-separated list of IP addresses of DNS servers, or press Enter
to accept the default DNS server, 8.8.8.8.
14. At NTP Servers, type a comma-separated list of NTP servers, or press Enter to accept the default
value, pool.ntp.org.
NTP servers can be identified by FQDN or by IP address.
The default value, pool.ntp.org, is the virtual cluster of NTP servers provided for public use by the NTP
Pool Project.
15. At Use cloud storage (y/n), type n to answer "no".
16. At Management Gateway, type the IP address of the management gateway to use, or press Enter
to accept the default value.
The cloud provider assigns the default value to the nodes on the network.
17. At Management Subnet Mask, type the subnet mask of the management network, or press Enter
to accept the default subnet mask.
This number is the same as the number of instances deployed from the Azure Marketplace.
19. At Node 1 Management IP, type the IP address for the first node in the Rubrik Cloud Cluster and
press Enter.
The IP address must be entered correctly, since IP addresses assigned to the Rubrik Cloud Cluster
Result
Next task
Choose a method to register the Rubrik Cloud Cluster, as described in Cloud Cluster registration.
Related Tasks

Procedure
Chrome.

5. Click Sign In.
Result
Installing the Rubrik Backup Service on each host

Obtain the Rubrik Backup Service installation file from the Rubrik Cloud Cluster and install it on protected
hosts.
Procedure
1. Log in to the Rubrik CDM web UI.
2. From the left-side menu, select Servers & Apps and click a choice based on the protected host.
Option Description
Linux Hosts The Linux Hosts tab of the Linux Hosts page
appears.
Windows Hosts The Windows Hosts tab of the Windows Hosts
page appears.
SQL Server DBs The Hosts/Instances tab of the SQL Server DBs
page appears.
3. Depending on the choice made in the previous step, select:
Option Description
Add Linux Hosts The Add Linux Hosts dialog box appears.
Add Windows Hosts The Add Windows Hosts dialog box appears.
4. In the text of the dialog box, click Rubrik Backup Service.
A browser-specific dialog box appears to enable saving the package file.
5. Save the file to a temporary location.
6. In the Rubrik CDM web UI of the Rubrik Cloud Cluster, add each protected host.
Result
The Rubrik Cloud Cluster adds the protected hosts.

Adding disks to an Azure node
Add disks to increase capacity on a Rubrik Cloud Cluster. These steps cannot be performed on Rubrik Cloud
Cluster ES.
Context
Each node can have up to six disks, and each node must have the same number of disks. Disks are added
in the Azure UI first, then the disks are set up and formatted in the Rubrik CDM web UI.
Procedure
1. Log in to the Azure subscription account.
2. On the left-side menu, click Virtual Machines.
The Virtual machines page appears.
3. Click the name of the virtual machine corresponding to the node where the new disk will be added.
The overview page for the virtual machine appears.
4. From the left-side menu, select Disks.
The Disks page appears.
5. Under Data Disks, click + Create and attach a new disk once for each new disk to add to the
node.
A Rubrik Cloud Cluster node can have up to six disks total.
6. Type a name for each disk, and select the same storage type and size as the other disks in the Rubrik
Cloud Cluster.
7. Click Create.
8. Click Save.
Azure creates the disks, attaches them to the virtual machine, and lists the new disks in the virtual
machine's disk settings under Data disks.
9. Return to the Virtual machines page and repeat the process for each of the remaining virtual machines
in the cluster.
Each virtual machine must have the same number of disks so that each node will be the same size.
12. Click the name of one of the nodes that has new disks.
The node details page appears, with the new disks indicated by an alert symbol.
The Manage Disk dialog box appears.
14. Click Submit.
15. Set up any remaining new disks for the node.
16. Repeat the process of setting up new disks for all nodes in the cluster.
Result
The Rubrik Cloud Cluster formats the disks and adds them to the specified nodes.

Adding Azure nodes
Add nodes to a Rubrik Cloud Cluster or Rubrik Cloud Cluster ES to provide additional capacity and
improved performance.
Prerequisites
Create one or more new Azure nodes.
• For Rubrik Cloud Cluster Elastic Storage (Cloud Cluster ES), use the procedure described in Creating
Rubrik Cloud Cluster ES on Azure.
• For Rubrik Cloud Cluster, use the procedure described in Creating Rubrik Cloud Cluster on Azure.
Note: For Rubrik Cloud Cluster, all nodes must have the same number of disks, and each disk must be the
same type and size. Rubrik Cloud Clusters do not support mixing dense nodes and standard nodes.
Procedure
2. Type rubrik.
5. Open an SSH session on each of the remaining new nodes and obtain their node IDs.
Each new node has the same subnet mask and default gateway IP address. The only unique
6. Open the Rubrik REST API playground.
In a web browser, open https://rubrik_cluster/docs/internal/playground/, where
rubrik_cluster is the resolvable hostname or IP address of the Rubrik cloud cluster.
7. Click /cluster.
gateway IP address.
{
"nodes": {
"node_id": {
}
}

},
}

• Replace gateway with the default gateway IP address of the cloud cluster.
11. Create a node_id block for each of the remaining new nodes.
12. Click Execute.
Result
Cluster.
Related Tasks
Decommissioning a Rubrik Cloud Cluster

Remove the virtual machines from the Rubrik Cloud Cluster, then remove the associated resources.
Context
Decommissioning a Rubrik Cloud Cluster removes the associated virtual machines from Azure, and
permanently deletes all data that is stored on the Rubrik Cloud Cluster. These instructions apply to both
Rubrik Cloud Cluster and Rubrik Cloud Cluster Elastic Storage (Cloud Cluster ES).
Procedure
1. Log in to the Azure portal using the subscription account for the Rubrik Cloud Cluster or Cloud Cluster
ES.
2. Navigate to the All resources page.
3. Select all the virtual machines that form the Rubrik Cloud Cluster.
The filter field and the grouping field can be used to narrow the results.
4. Select all resources associated with the selected virtual machines.
Each virtual machine has resources of the following types:
• Network security group
• Network interface
• Disk (for Cloud Cluster, this includes one OS disk and three to six data disks; for Cloud Cluster ES,
this includes one OS disk and one staging area disk)
5. On the top menu bar, click Delete.
A confirmation dialog box appears.
6. In Confirm delete, type yes, then click Delete.
Azure deletes the virtual machines and the resources.

Result
Azure removes the virtual machines and their associated resources from the Rubrik Cloud Cluster.
Next task
For a Rubrik Cloud Cluster ES, complete the decommissioning process by removing the associated storage
container, as described in Removing a storage container from Rubrik Cloud Cluster ES on Azure.
Removing a storage container from Rubrik Cloud Cluster ES on Azure

Remove the storage container used for Rubrik Cloud Cluster ES.
Prerequisites
Remove the virtual machines used as nodes for the Rubrik Cloud Cluster ES, along with their associated
resources, as described in Decommissioning a Rubrik Cloud Cluster.
Context
This task completes the decommissioning of a Rubrik Cloud Cluster ES by removing the storage container
from the storage account. If the storage account has no containers used for other purposes, delete the
entire storage account.
Procedure
1. Log in to the Azure portal using the subscription account for the Rubrik Cloud Cluster ES.
2. Navigate to the Storage accounts page.
3. Select the storage account that has the container used by the Rubrik Cloud Cluster ES.
The details page for the storage account appears.
4. On the top menu bar, open the menu and select Containers.
The Storage account page lists the containers for that account.
5. Select the container to delete.
6. On the top menu bar, click Delete.
7. Click OK.
Result
Azure deletes the storage container from the storage account.

Chapter 5
Rubrik Cloud Cluster on GCP
Rubrik CDM on Google Cloud Platform provides the ability to run a Rubrik cloud cluster for protecting
applications and data within a virtual network.
Standard node Rubrik Cloud Cluster on Google Clould Platform (GCP) runs on four or more virtual
machines and dense node Rubrik Cloud Cluster GCP runs on three or more virtual machines. Each virtual
machine performs as a node of the cluster. The Rubrik Cloud Cluster uses Reed-Solomon erasure coding to
protect data integrity and provide efficient use of storage resources.
Rubrik provides an image to use as a template when instantiating the nodes of a Rubrik Cloud Cluster.
Rubrik also provides a script that copies the image to the customer account.
Requirements for Rubrik Cloud Cluster on GCP

There are requirements for configuring Rubrik Cloud Cluster on GCP.
The following table describes the requirements for running the deployment script.
Requirement Description
Rubrik Cloud Cluster setup The setup files orchestrate the deployment of the Rubrik Cloud Cluster on
files GCP. Setup files include:
• deploy_client_base.py
• deploy_gcp_client.py
• deploy_rubrik_cluster.py
• gcp_client_ext.py
• cloud_platform_client.py
• customer_details.yml
Download these files from support.rubrik.com.
Web browser Use the latest version of the Google Chrome web browser to install Rubrik
Cloud Cluster on GCP. Rubrik supports the newest version of Chrome and
the previous two versions.
Service account The service account is configured with permissions to allow access to the
GCP API used for deploying the Rubrik Cloud Cluster on GCP.
Related Tasks
Creating a role and a service account
Rubrik Cloud Cluster on GCP 05/12/2022 | 52

Create a custom role with specific permissions required for the Rubrik Cloud Cluster on GCP, then assign it
to a service account.
Node requirements for Rubrik Cloud Cluster on GCP

Rubrik Cloud Cluster has specific standard and dense node requirements for GCP.

Instance type n1-standard-4 n1-standard-16
Operating system disk 400 GB Zonal SSD persistent disk 400 GB Zonal SSD persistent disk
Data disk .5 TB to 2 TB Zonal standard .5 TB to 2 TB Zonal standard
persistent disks persistent disks
Creating a role and a service account

Create a custom role with specific permissions required for the Rubrik Cloud Cluster on GCP, then assign it
to a service account.
Context
The deployment script uses the service account to copy the image to the account and deploy the Cloud
Cluster nodes. The service account must have specific permissions, which are granted by the role.
Procedure
1. Log in to the Google Cloud Console using a project owner account, or an account with the IAM Role
Administrator role.
The account must have the iam.roles.create permission.
2. From the menu, select Access > Roles.
The Roles page appears and lists the roles for the current project.
3. Click Create Role.
4. Type a name, a title, and a description for the role.
5. Click Add Permissions, then select the permissions to assign to the role.
Select the following permissions:
• accessapproval.requests.dismiss
• compute.disks.create
• compute.globalOperations.get
• compute.images.create
• compute.images.get
• compute.images.getIamPolicy
• compute.images.useReadOnly
• compute.instances.create
• compute.instances.get
• compute.instances.getSerialPortOutput
• compute.subnetworks.get

• compute.subnetworks.use
6. Click Create.
7. From the left-side menu, select Identity > Service Accounts.
8. Click Create Service Account.
9. Assign a name to the service account and click Create.
The service account ID is generated automatically while typing the service account name.
10. Select the role created as part of this task, and click Done.
Result
The Google Cloud Console creates the service account with the required permissions.
Next task
Create a key for the service account, as described in Creating a key.
Creating a key
Create a key to authenticate the service account.
Prerequisites
Create a role with the required permissions and assign it to a service account, as described in Creating a
role and a service account.
Context
The service account requires a private key to authenticate to the Rubrik cloud cluster.
Procedure
1. Log in to the Google Cloud Console using a project owner account, or an account with the Service
Account Key Admin role.
2. From the menu, select Identity > Service Accounts.
3. Select the service account that was previously created.
4. Open the three-dot menu for the service account and select Create key.
The Create private key dialog box appears.
5. Under Key type, select JSON and click Create.
A window appears and displays the name of the file that contains the private key. The Google Cloud
Console downloads the key file to the default location.
6. Click Close.
7. Store the private key in the same directory as the deployment files from support.rubrik.com.
The file can be renamed to a name that is easier to remember; for example, credentials.json.
Result
The deployment script can access the private key to authenticate the service account.
Next task
Specify cluster configuration details and deploy the cluster from the Cloud Shell, as described in Deploying
a Rubrik Cloud Cluster on GCP.

Deploying a Rubrik Cloud Cluster on GCP
Edit the customer details file and use that file to deploy a Rubrik Cloud Cluster on Google Cloud Platform.
Prerequisites
Download the setup files from support.rubrik.com. Create a key for the service account to
authenticate to the Rubrik Cloud Cluster.
Procedure
1. On a computer, navigate to the directory that contains the files obtained from
support.rubrik.com, along with the private key file.
2. Using a plain text editor, open customer_details.yml and fill in the fields.
3. Save the file.
4. Log in to the Google Cloud Console.
5. In the upper-right of the display, click the terminal icon to activate Cloud Shell.
6. At the top of the console, open the three-dot menu and select Upload Files.
The Rubrik base image folder opens and lists the files in that folder.
7. Select all the files in the folder and click Open.
A window appears and shows file transfer progress.
8. In the Cloud Shell, grant execute permission to deploy_rubrik_cluster.py.
Type chmod u+x deploy_rubrik_cluster.py.
9. Run the command to deploy the Rubrik Cloud Cluster.
Type ./deploy_rubrik_cluster.py --deployment_details_file
customer_details.yml.
The Cloud Shell displays information messages that indicate the progress of the deployment. After
each node is deployed, the script displays the IP address for that node.
10. Copy and retain the name and private IP address of each node.
System setup requires these IP addresses.
Result
Google Cloud instantiates Rubrik Cloud Cluster nodes with the Rubrik base image, and deploys the nodes
according to the instructions in the customer_details.yml file.
Next task
SSH to one of the nodes and set up the Rubrik Cloud Cluster, as described in Setting up the Rubrik Cloud
Cluster on GCP.
Related Tasks
Creating a key
Related reference
GCP customer details file

The GCP customer details file provides information for cluster configuration and platform settings.
GCP customer details file

The GCP customer details file provides information for cluster configuration and platform settings.
Cluster Description Default setting

configuration
option
node_type The Rubrik Cloud Cluster can have either dense or standard Dense nodes
nodes. The node_type configuration option applies to all
nodes in the Rubrik Cloud Cluster.
deletion_protection When the deletion_protection configuration option is set to Yes
Yes, the virtual machines in the Rubrik Cloud Cluster cannot
be accidentally deleted.
disks_per_node There can be three to six disks per node for either dense or 3
standard nodes.
disk_size_gb Disk sizes appear in 100 GB increments. For a dense node 2000 GB
cluster, each disk can be from 2000 GB to 4000 GB, with a
cluster maximum of 24 TB. For a standard node cluster, each
disk can be from 500 GB to 2000 GB, with a cluster maximum
of 6 TB.
node_names Each node must have a unique name and comply with GCP No default setting
Cloud Platform naming conventions. applied
platform The platform is set to gcp. gcp
base_node_image Rubrik Support supplies the base node image name in this No default setting
field. applied
credentials_file The credentials file is the json object with the private key. No default setting
applied
project Project refers to the project ID, not the project name. The No default setting
project ID is available in the Google Cloud console. applied
zone This field refers to the zone where the virtual machine No default setting
instances are hosted. applied
vpc Google Cloud requires a VPC network to use with the Rubrik No default setting
cloud cluster. The VPC name is available from the VPC network applied
page of the Google Cloud Console.
subnet Google Cloud requires a subnet to use with the Rubrik cloud No default setting
cluster. The subnet for the VPC is available from the VPC applied
network page of the Google Cloud Console.
Related Tasks
Creating a key

Security model for Rubrik Cloud Cluster

Protect data managed on a Rubrik Cloud Cluster by using a simple security model.
Rubrik recommends using a simple security model to prevent all access to the Rubrik Cloud Cluster from
IP addresses outside of the virtual network. This model also applies to the Rubrik Cloud Cluster Elastic
Storage (Rubrik Cloud Cluster ES).
A Rubrik Cloud Cluster consists of virtual machines that function as nodes in the cluster. Each virtual
machine requires a network interface to connect it to the virtual network. For additional security, control
access to the virtual network subnet of the Rubrik Cloud Cluster.
To administer the Rubrik Cloud Cluster, use a host that has secure access to the nodes of the Rubrik Cloud
Cluster. Provide VPN access between management hosts and the virtual network subnet of the Rubrik
Cloud Cluster. The following table lists the methods for administrative access to the Rubrik Cloud Cluster.
Method Description
Access through a jump Access the public IP of the jump server. From the jump server:
server
• Start a web browser on the jump server and access the Rubrik CDM web
UI of the Rubrik Cloud Cluster through the browser session.
VPN access to the virtual Configure a VPN that includes the virtual network where the Rubrik Cloud
network Cluster is running and the network locations of management hosts. From the
local machine:
• Start a web browser on the local machine and access the Rubrik CDM
web UI of the Rubrik Cloud Cluster through the browser session.
Setting up the Rubrik Cloud Cluster on GCP

Set up the Rubrik Cloud Cluster for GCP by opening an SSH connection to one of the virtual nodes and
performing the system setup task.
Prerequisites
Complete the tasks described in the following sections:
• Creating a role and a service account
• Creating a key
• Deploying a Rubrik Cloud Cluster on GCP
Procedure
1. Open an SSH session and navigate to the IP address of one of the nodes.
Type ssh admin@node-ip-address, where node-ip-address is the IP address of the node selected
for management access to the Rubrik Cloud Cluster.
2. Type rubrik.
In a later step, the setup script prompts for a new password to replace this temporary password for
the admin account.

3. Test the connectivity between the Rubrik Cloud Cluster node and the DNS servers to be used by the
At the prompt, type network nslookup www.rubrik.com dns, where dns is the IP address of a
DNS server.
of a DNS server that is available to the Rubrik Cloud Cluster.
Repeat this test for each DNS server to be used by the Rubrik cloud cluster.
4. At the prompt, type network ping ntp.
Where ntp is the IP address of the NTP server to be used by the Rubrik Cloud Cluster.
If the network ping command fails, replace ntp with the IP address of an NTP server that is
available to the Rubrik cloud cluster.
Repeat this test for each NTP server used by the Rubrik cloud cluster.
The Rubrik Cloud Cluster sends notification messages to the specified email address.
9. At Cluster name, type a name for the Rubrik cloud cluster.
Rubrik clusters.
Optionally, press Enter to accept the default value, pool.ntp.org. This is the virtual cluster of NTP
The system setup script automatically determines and assigns the Management Gateway value and
Management Subnet Mask.
The Node Configuration section appears.
14. At Node 1 Management IP, type the IP address for the first node in the Rubrik Cloud Cluster.
Use the private IP address assigned at the end of the deployment procedure, as described in
Deploying a Rubrik Cloud Cluster on GCP.
Be sure the IP address is correct. The network re_ip command is not supported for changing the
IP addresses assigned to the nodes of a Rubrik cloud cluster.
Repeat this step for each node.

After entering the last instance, the JSON-formatted body of the setup request appears.
Result
displays progress messages.
Next task
Register the Cloud Cluster, as described in Cloud Cluster registration.

Procedure
Chrome.
5. Click Sign In.
Result
Adding disks to a GCP node

Add disks to increase capacity on a Rubrik Cloud Cluster.
Context
Add the disk to the node in the Google Cloud Console, then go to the Rubrik CDM web UI to format the
disk and add it to the Rubrik Cloud Cluster.
Procedure
1. Log in to the Google Cloud Console using an account with administrator privileges.
2. Select the project associated with the Rubrik Cloud Cluster.
3. From the main menu, select Compute Engine > VM instances.
4. Click the name of the node where the disk will be added.
The VM instance details page appears.
5. On the top menu bar, click Edit.
The page displays additional information available for editing.
6. Under Additional Disks, click Add new disk.
The Additional disks listing expands to include a placeholder for the new disk.
7. In Name, type a name for the new disk.

8. In Size, type an integer.
The integer represents the size of the disk in GB. The size must be the same as other disks on the
nodes of the cluster. The default disk size is 500 GB.
9. Click Done.
GCP updates the VM instance details page to include the new disk.
10. Click Save.
13. Click the name of the node that has the new disk.
The node details page appears, with the new disk indicated by an alert symbol.
15. On the Manage Disk dialog box, click Submit.
Result
The Rubrik cluster formats the new disk and adds it to the Rubrik Cloud Cluster on Google Cloud Platform.
Adding GCP nodes

Add nodes to a Rubrik Cloud Cluster to provide additional capacity and improved performance.
Prerequisites
Have available the customer_details.yml file that was used to set up the Rubrik Cloud Cluster.
Context
Add information about the node to the GCP customer details file. In the Google Cloud Shell interface, use
the customer details file to deploy the Rubrik Cloud Cluster. Collect network information for the Rubrik
Cloud Cluster. Use the Rubrik REST API with the network information to configure the network settings on
the Rubrik cloud cluster.
Procedure
1. In a web browser, navigate to the directory that contains the customer_details.yml file.
2. Using any plain text editor, open customer_details.yml and type the names of the new nodes in
the node_names section.
Delete the names of the previously deployed nodes. The script only requires the names of the new
nodes to add to the existing Cloud Cluster.
3. Save the file.
4. Log in to the Google Cloud Console.
5. In the upper-right of the display, click the terminal icon to activate Cloud Shell.
6. At the top of the console, open the three-dot menu and select Upload Files.
The Rubrik base image folder opens and lists the files in that folder.
7. Select the customer_details.yml file and click Open.
A window appears and shows file transfer progress.
8. Run the command to deploy the Rubrik Cloud Cluster.
Type:
./deploy_rubrik_cluster.py --deployment_details_file customer_details.yml
After GCP deploys the new nodes, the script displays the IP address for each node.

10. Type rubrik.
13. Repeat steps 9 through 11 for each of the remaining new nodes.
Each new node has the same subnet mask and the same default gateway IP address. The only unique
14. In a web browser, navigate to https://rubrik_cluster/docs/internal/playground/.
Replace rubrik_cluster with the resolvable hostname or IP address of the Rubrik Cloud Cluster.
15. Click /cluster.
gateway IP address.
{
"nodes": {
"node_id": {
}
}
},
}

• Replace gateway with the default gateway IP address of the Cloud Cluster.
19. Create an additional node_id block for each of the remaining new nodes.
20. Click Execute.
Result
Cluster.

Removing GCP nodes
Use the Google Cloud Console to remove a node from a Rubrik cloud cluster.
Procedure
1. Log in to the Google Cloud Console using an account with administrator privileges.
2. Select the project associated with the Rubrik Cloud Cluster.
3. From the main menu, select Compute Engine > VM instances.
4. Click the name of a node.
The VM instance details page appears.
5. On the top menu bar, click Edit.
The page displays additional information available for editing.
6. Under Deletion protection, clear Enable deletion protection.
7. Click Save.
8. In the upper right corner of the VM instance details page, click the delete icon.
9. Click Delete.
Result
A message indicates that the Google Cloud Platform successfully deleted the instance, and the VM
instances page shows that the node is gone from the list.

Chapter 6
Cloud Cluster registration
Register Rubrik Cloud Clusters through the Rubrik Support portal.

Rubrik Cloud Clusters can be registered by using an online connection between the Rubrik Cloud Cluster
and the Rubrik Support portal. When the Rubrik Cloud Cluster cannot connect directly to the Rubrik
Support portal, use offline registration.
Related Concepts
Workflow for Rubrik Cloud Cluster ES on AWS
Setting up a Rubrik Cloud Cluster ES on AWS consists of several stages.
Workflow for Rubrik Cloud Cluster on AWS
Setting up a Rubrik Cloud Cluster on AWS consists of several stages.
Workflow for Rubrik Cloud Cluster on Azure
Setting up a Rubrik Cloud Cluster on Azure consists of a sequence of tasks, which must be performed in
the correct order.
Rubrik CDM on Google Cloud Platform provides the ability to run a Rubrik cloud cluster for protecting
applications and data within a virtual network.
Related Tasks
Registering Rubrik Cloud Clusters online
If online access is available, register Rubrik Cloud Clusters with the Rubrik Support portal through online
registration.
Registering Rubrik Cloud Clusters offline
If online access is not available, register Rubrik Cloud Clusters with the Rubrik Support portal through
offline registration.

registration.
Prerequisites
Contact Rubrik Support to obtain a Support Portal login.
Procedure
1. Log in to the Rubrik CDM web UI.
2. Click the gear icon.
The gear menu appears.
3. Click Register Cluster.
Cloud Cluster registration 05/12/2022 | 63

The Register Cluster dialog box appears.
4. In Register With, select Support Portal Username and Password.
5. Click Register.
6. In Username, type the username for your Support Portal account.
7. In Password, type the password for the account.
Result
The Rubrik Cloud Cluster makes a secure connection with the Rubrik Support Portal server, authenticates
the account information, obtains a registration token, and applies the token to the Rubrik Cloud Cluster.
The Rubrik Cloud Cluster removes the Register Cluster gear menu entry.
Related Concepts
Related Tasks

Prerequisites
Contact Rubrik to obtain a Support Portal login.
Procedure
1. From a computer with internet access, log in to https://support.rubrik.com.
2. Navigate to the My Products tab.
3. Click Register a Product.
The Register your Rubrik Cluster page appears.
4. Specify the Cluster Name and Cluster UUID.
5. Click Download Key, to save the registration token to portable media.
The registration token is sometimes referred to as the registration key or the regcode.
6. From the Rubrik Cloud Cluster, log in to the Rubrik CDM web UI.
7. Click the gear icon on the top bar of the Rubrik CDM web UI.
The gear menu appears.
8. Click Register Cluster.
The Register Cluster page appears.
9. In Register Type, select Registration Token.
10. In Registration Token, paste the contents of the registration token file, and click Register.
Result
The Rubrik Cloud Cluster applies the registration token and completes the registration. The Rubrik Cloud
Cluster removes the Register Cluster gear menu entry.
Related Concepts

Related Tasks
registration.

Rubrik CDM Version 6.0 Cloud Cluster Setup Guide (Rev. A6)

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Rubrik CDM Version 6.0 Cloud Cluster Setup Guide (Rev. A6)

Uploaded by

Copyright:

Available Formats

Rubrik CDM Cloud Cluster Setup Guide

Rubrik Headquarters: Palo Alto, California 94304

Copyright and trademarks

Copyright © 2022 Rubrik Inc.

Registered in the U.S. Trademark Office

Copyright and trademarks 05/12/2022 | ii

Copyright and trademarks 05/12/2022 | iii

Web Rubrik Support Portal

Comments and suggestions

About Rubrik Cloud Clusters...........................................................................................................9

Rubrik Cloud Cluster sizing........................................................................................................... 10

Rubrik Cloud Cluster on AWS....................................................................................................... 11

Rubrik Cloud Cluster on Azure......................................................................................................33

Contents 05/12/2022 | vii

Rubrik Cloud Cluster on GCP........................................................................................................ 52

Cloud Cluster registration............................................................................................................. 63

About Rubrik Cloud Clusters

About Rubrik Cloud Clusters 05/12/2022 | 9

Rubrik Cloud Cluster sizing

Rubrik Cloud Cluster supports standard node or dense node configurations.

Rubrik Cloud Cluster sizing 05/12/2022 | 10

Rubrik Cloud Cluster on AWS

Requirements for Rubrik Cloud Cluster on AWS

Node requirements for Rubrik Cloud Cluster on AWS

Resource Standard node requirement Dense node requirement

Rubrik Cloud Cluster on AWS 05/12/2022 | 11

Node requirements for Rubrik Cloud Cluster ES on AWS

Resource Node requirement

Security group rules

Rubrik Cloud Cluster on AWS 05/12/2022 | 12

Workflow for Rubrik Cloud Cluster ES on AWS

AWS setup stage Description

Rubrik Cloud Cluster on AWS 05/12/2022 | 13

Creating a VPC endpoint for Cloud Cluster ES

Rubrik Cloud Cluster on AWS 05/12/2022 | 14

Creating an IAM role for S3 access

Rubrik Cloud Cluster on AWS 05/12/2022 | 15

Creating a security group

Rubrik Cloud Cluster on AWS 05/12/2022 | 16

Instantiating the nodes for Cloud Cluster ES

Rubrik Cloud Cluster on AWS 05/12/2022 | 17

Rubrik Cloud Cluster on AWS 05/12/2022 | 18

Setting up Rubrik Cloud Cluster ES for AWS

Rubrik Cloud Cluster on AWS 05/12/2022 | 19

Rubrik Cloud Cluster on AWS 05/12/2022 | 20

Workflow for Rubrik Cloud Cluster on AWS

AWS setup process Description

Rubrik Cloud Cluster on AWS 05/12/2022 | 21

Creating a security group

Rubrik Cloud Cluster on AWS 05/12/2022 | 22

Instantiating the nodes for Cloud Cluster

Rubrik Cloud Cluster on AWS 05/12/2022 | 23

Rubrik Cloud Cluster on AWS 05/12/2022 | 24

EBS volume settings

Setting up Rubrik Cloud Cluster for AWS

Rubrik Cloud Cluster on AWS 05/12/2022 | 25

Rubrik Cloud Cluster on AWS 05/12/2022 | 26

Logging in to the Rubrik CDM web UI

Configure hosts for data protection

Modifying the security group policy for protected hosts

Rubrik Cloud Cluster on AWS 05/12/2022 | 27

Type Custom TCP

Port Range 12800-12801

Adding disks to an AWS node