Professional Documents
Culture Documents
Avamar Book ALL
Avamar Book ALL
PARTICIPANT GUIDE
PARTICIPANT GUIDE
Dell Avamar Concepts Participant Guide
Appendix ................................................................................................. 25
Glossary .................................................................................................. 29
Explore Avamar
Avamar Overview
What is Avamar
Avamar is a
comprehensive,
client/server backup and
restore solution which
addresses the data
protection challenges in
today’s IT environments.
Several components make
up the Avamar System
such as the Avamar
Server, Avamar Client,
Avamar Administrator
Console, and Avamar
User Interface (AUI). A key feature of Avamar is its unique global data
deduplication technology, which ensures that data objects are only backed up once
across the backup environment.
In addition, the redundant data is identified at the source, meaning that duplicate
data is not sent over the network if it exists on the Avamar Server. This results in a
dramatic reduction in the amount of data that is moved across the network and
stored in backup storage.
Avamar Features
Capability Description
1Avamar can also integrate with Data Protection Central for further monitoring and
management capabilities. Similarly, Avamar is integrated with Data Protection
Advisor for reporting purposes.
Data Deduplication
A BCDEFGHIJKLMNOP
Deduplication is when the file is scanned and blocks are cut whenever the data
matches a pattern. The algorithm is used in the Avamar client software to find the
boundary points. If any data is changed, inserted, or deleted, the boundary points
do not change. The algorithm finds the same boundary points. Only the block of
data that has changed must be backed up and stored again.
The algorithm filters redundant data sequences and separates the file system into
data segments. Each data segment is assigned a unique ID. The client software
then determines whether this unique ID has already been stored3 on the Avamar
server. If this object resides on the Avamar server, a link to the stored object is
referenced in the backup. Once an object is stored on the server, it is not sent over
the network again.
3If the Avamar has a PowerProtect DD appliance integrated, then the unique ID
and the stored object are stored on both the Avamar and the PowerProtect DD.
Avamar has three main system components that define the Avamar system.
Optional components include NDMP Accelerator nodes, which may be physical or
virtual, depending on requirements. An Avamar server (multinode or single node)
can manage and direct backups to up to five PowerProtect DD appliances.
4 The Avamar Backup Clients communicate directly to the Avamar Server. Avamar
Client software is installed on each system or server that is being backed up. When
the target is a PowerProtect DD, backup data is written directly to the PowerProtect
DD and the metadata is backed up on to the Avamar server.
5 The Avamar Server stores client backups, and provides essential processes and
services that are required for client access and for remote system administration.
The server can be integrated with a PowerProtect DD which acts as a storage
platform. In this case, the backup data is stored on the PowerProtect DD and the
metadata in the Avamar Server.
6 Data that is stored in the Avamar Server or PowerProtect DD is administered
RAID
RAIN
In the event of a storage node failure, new backup data is written onto the
remaining nodes. The High Availability (HA) dual uplinks and switches provides the
following:
Checkpoints
About
• Often seen as Avamar Server or Avamar Grid
• Contains all components (utility node, storage
node, switches) for proper functionality of the
product
• Dell Trained personnel review the
environment and install the Avamar server
software.
• Deployment time at the customer site is
reduced.8
8Hardware stress tests and initial-benchmark tests are performed before the
hardware is shipped to the customer site.
Types
• Multi-Node Configuration9
1 4C
− Configured in RAIN architecture
Switch B
1 39 t:n power c:<d: 1
1 38 Switch A j
1 37 1
− Expandable in single-node increments
1U f'ont ’iller pane
Spare node
1
35 J
− Shipped with two internal Dell switches10 _ 1| - Expansion i |
hm
1 32 Expansion R
− Supports 2.0 TB, 3.9 TB, or 7.8 TB HU®1 31
Expansion
bhs
licensed storage capacity 'I
1
29
IS Storage node 13
|
I
• Single-Node Configuration 11 27
. Storage node 12 | 1
1 25 |j
1 . Storage node li
|
TB Business Edition | |. '
Storage node 8
1
| |.
17
Storage node 7
Bhh
− Nodes with 2.0 TB, 3.9 TB, and 7.8 TB 1 13 BHH
II-'- Storage node e
uses RAID 1 disk protection is
IwW
| __ Storage node 5 |B1®|
1 i: UM
- Stooge node -
Storageiode3
7
Storage node 2
5
Storage node 1
IM™
3
u' ''tv 'icde
Advantages
• Supported on VMware, Hyper-V, Azure, AWS, and KVM environments
• Server and storage sharing helps in cost reduction.
• Reduced hardware support and maintenance
• Customer self-installation
• Benchmark Test11
11 Benchmark test ensures that the server hardware and the virtual environment
meet expected I/O performance benchmarks. The benchmark tests also help to
determine the impact of AVE on other virtual machines running on the same
physical server.
Avamar server runs on SUSE Linux Enterprise Server (SLES) 12 SP5 operating
system. The Avamar server is capable of operating on server hardware with
multiple processors.
The following table shows the types of nodes that are available in an Avamar Data
Store:
Avamar Business Edition or S2400 (7.8 Eight 3.5" 2 TB hot swappable hard
TB Licensed Capacity) drives
This video describes both multi node systems and single node systems.
Avamar provides a high level of integration with VMware for backing up virtual
environments. VMware backups can be centrally configured, scheduled, and
managed with the Avamar Administrator and Avamar Web User Interface (AUI).
Avamar Administrator or AUI also can browse the virtual machines in the
environment and display information for each machine. You can also perform file
level restore of a backup in case any file is deleted from the original location.
The Avamar Plug-in for vSphere Web Client (Avamar plug-in through vSphere
Client) is an Avamar-integrated VMware plug-in that provides an easy to use
interface for backing up and restoring VMware image-level backups through a
vSphere Web Client instead of logging to Avamar interfaces.
The plug-in for vSphere Web Client supports image-level backup and restoration
for multiple vCenters.
Tip: For more information about VMware backups, see the Dell
Avamar VMware User Guide on Dell Support.
The NDMP Accelerator can be used to perform backups and restores from the
following NAS devices:
NDMP Accelerator is a special version of the Avamar client. This client acts as a
conduit14 from the NAS device to the Avamar server. The NDMP accepts data from
the NAS and performs deduplication and forwards the deduplicated data to the
Avamar.
13 Some of these challenges are they must store large number of files and most
native operating systems do not support backup software being installed.
14 No user data is ever stored in the NDMP accelerator.
• Component IP address
• Avamar version
• Total and available backup metadata storage
• License status of the backup server node
DD Boost
Backup data
Avamar uses the DD Boost protocol through API-based integration to access and
manipulate directories, and files contained on the PowerProtect DD Filesystem.
The DD Boost API gives Avamar visibility into some of the properties and
capabilities of the PowerProtect DD system. Avamar can manage backup images
that are stored on PowerProtect DD series appliances.
When you select an Avamar server as the backup target, the Avamar client agent
on each host performs deduplication segment processing. Data and metadata are
stored only on the Avamar server.
When you select a PowerProtect DD series appliance as the backup target, the
Avamar client transfers its backup data to the PowerProtect DD15 series appliance.
The client sends its backup metadata to the Avamar server. The metadata16
enables the Avamar management system to perform restore operations directly
from the PowerProtect DD system.
Capacity Concerns
If the Avamar server is the backup target and the data redirects to a PowerProtect
DD system, then the PowerProtect DD stores subsequent incremental backup data
while the original backup data remains on the Avamar server. This scheme can
affect capacity because the incremental data remains on the Avamar server while
the PowerProtect DD stores the updated incremental data.
If Avamar server capacity is not a concern, then the system continues to backup
incremental backup data to the PowerProtect DD. Prior backup data remains on
the Avamar server until it expires. A full backup occurs only when the last backup
containing parts on the Avamar server expires. Dell Technologies recommends you
perform a controlled or scheduled full backup.
15 The Avamar client uses the integrated DDBoost protocol to transfer to the
PowerProtect DD.
16 The Avamar client uses the integrated DDBoost protocol to transfer to the
PowerProtect DD.
Virtual Infrastructure
Image backup uses VMware vStorage API for Data Protection (VADP) to protect
virtual machine data. Image backup is fully integrated with vCenter Server to
provide detection of virtual machine clients, and enable efficient centralized
management of backup jobs.
Image backups and restores, require deployment of proxy virtual machines within
the vCenter. The Avamar image backup supports only the following types of virtual
disks:
CLIENTS
vCenter
Proxy
VM1
VM2
VM4
VM5
DataStore
PARTICIPANT GUIDE
PARTICIPANT GUIDE
Dell Avamar Administration-SSP
Avamar Overview 8
Avamar System Components 11
Avamar Administrative and Management Interfaces 14
Avamar User Interface (AUI) Dashboard Overview 18
Avamar Processes 21
Appendix 219
Glossary 221
Avamar Overview
What is Avamar
Avamar is a
comprehensive,
client/server backup
and restore solution
which addresses the
data protection
challenges in IT
I AVAMAR environments. Several
I components make up
the Avamar System
such as the Avamar
Server, Avamar
Client, Avamar Administrator Console, and Avamar User Interface
(AUI). A key feature of Avamar is its unique global data deduplication
technology, which ensures that data objects are only backed up once
across the backup environment.
Avamar Features
Capability Description
1Avamar can also integrate with Data Protection Central for further
monitoring and management capabilities.
Data Deduplication
A BCDEFGHIJKLMNOP
Components Description
The AUI can monitor and configure the Avamar server, and perform
management activities.
D0LLTechnologies Avamar
«
Q Dashboard
Events Protection Activities
Asset Management
I® System
Monitor
Plugin Client Protected
Type Count GB GSAN Space Left: 562
f© Activity aa
Avamar
©2001-2020 Dell Inc. or its subsidiaries. All Rights Reserved.
Avamar Username
Avamar Password
Avamar Domain
/
Avamar Administrator
Avamar Administrator
ave-01.demo.local - PuTTY — X
******************************
admin@ave-01: ~/>: mccli
mccli 19.4.0-116
MCCLI Command
Avamar Desktop/Laptop allows the end users to restore their data without
the intervention of the backup administrator. Avamar Desktop/Laptop is a
version of the Avamar client software for Windows and Macintosh that
adds enhanced features for enterprise desktop and laptop systems. Many
of the features are also available on supported Linux systems. The
following are some of the features of Avamar Desktop/Laptop:
The Orchestra REST API extends the native Avamar server REST API to
facilitate the management of multiple Avamar servers. Once Avamar is
registered with Orchestra, the API provides a single point of interface for
This is displayed when you log in to the AUI based on the user privileges4.
The AUI Dashboard is divided into sections with each section displaying
the summary information.
AUI Dashboard
4 Only users with ADMIN privileges have access to the dashboard view.
3:
The Events | All panel displays any unacknowledged system errors and
warnings that have occurred, as well as system alerts5.
All the events are displayed6 in the list with the name, date, and the time
the event occurred.
5 The type of alerts that are displayed under the Events | All panel include
HFS check failures, Capacity warnings, and Capacity usage warnings. All
the events are categorized as Critical, Error, and Warning.
6 To display all the critical events, click View More option in the AUI. The
user must explicitly acknowledge the events to clear these serious system
errors and warnings.
Avamar Processes
Client Processes
The Avamar client software runs on each system being backed up on the
Avamar server. The client software consists of two main processes. These
two processes are the following:
Avamar
Client
Avamar
Server
The avtar process communicates with the gsan process on the avamar
storage nodes and sends unique backup data for writing to storage. The
gsan process distributes the data across available storage nodes .
From the avagent to MCS, the client receives a work order from MCS
server. From the MCS to avagent, the MCS server pages client to push
the work order as shown here.
Key Description
Processes
The Avamar Administrator and or the AUI is responsible for two important
functions:
Functions Description
Notifications
If the icon is not visible from the Windows System Tray, administrators can
start the avscc by searching for the Avamar client application in the
Windows Start menu.
Restore-
Settings
Languages
Avamar Client activity status
For client-initiated
backups, right-click
the Avamar client icon
for client initiated
backup and restores.
Similarly, click Back
Up Now option to
open the Avamar
Desktop/Laptop
interface.
On an Avamar Windows client, the Avamar binaries, utilities, and log files
are in C:\Program Files\avs by default.
Ji avs - °
(?) Q) T This PC Local Disk (G) Program Files avs v 0 Search avs P
Ji cygwin64 A
Name Date modified Type Size
Ji ddve
Ji bin 7/22/2020 6:57 File folder
I jW
1bin32 6/1/20209:15 Filefolder
Program Files
4 etc 3/10/202211:09 File folder
S
Ji Strawberry v
4 items 1 item selected
avs folder
On an Avamar Linux or MAC client, the Avamar client files are located in
/usr/local/avamar/clientlogs by default. The Agent logs are
located in /var/avamar.
Verify that the services are running and this will show Backup Agent in the
Services window as shown.
Task Manager
File Options View
Processes Performance Users Details Services
>
0% 13%
Name Status CPU ! Memory
Apps (1) *
> ® Task Manager 0% 6.8 MB
Task Manager
Component Services
X
Administrator: C:\Windows\system32\cmd.exe
Microsoft Windows [Uersion 6.3.9600]
<c> 2013 Microsoft Corporation. All rights reserved.
C:\Users \Administrator>ping auel.emc.edu
Pinging auel.emc.edu [192.168.1.131 with 32 bytes of data:
Reply from 192.168.1.13: bytes=32 time<lms TTL=64
Reply from 192.168.1.13: bytes=32 time<lms TTL=64
Reply from 192.168.1.13: bytes =32 time<lms TTL=64
Ping statistics for 192.168.1.13:
Packets: Sent = 3, Receiued = 3, Lost = 0 <0z loss>.
Approximate round trip times in milli-seconds :
Minimum = 0ms, Maximum = 0ms, Average = 0ms
Contro 1-C
C:\Users \Administrator>nslookup auel.emc.edu I
Server 8 UnMnuwii
Address: 192.168.1.21
Name: auel.emc.edu
Address: 192.168.1.13
These three plugins are in the Windows client installation and each have
different purposes.
«
Q Dashboard
Q win10-2.demo.local
gx Asset Management Backup Policy Plugin Activity Information
Policy
l§] Backup Policy ID Name Version Initialize Time Register Time Last Backup Time
Cq Advanced Policy
3015 Windows VSS 194.10 2020-04-08 10:50:18 2020-10-26 09:49:57 N/A
0-116 GMT+1 GMT+0
•g, Replication Policy
Cloud Tier Policy 3001 Windows File 194.10 2020-04-08 10:50:18 2020-10-26 09:49:57 2021-12-16 12:16:22
System 0-116 GMT+1 GMT+0 GMT+0
Validation Policy
Administration
3023 Windows 194.10 2020-04-08 10:50:18 2020-10-26 09:49:57 N/A
Update 0-116 GMT+1 GMT+0
& Setting
Proxy Management
B System
« Server
Monitor
3 Plugins
go Activity
9VSS is used during the backup to handle the backup of open files. You
can select the VSS plug-in when performing regular file system backups.
The following activities take place when the Avamar client and the Avamar
database client are installed on the database server:
• The installation requires the Avamar client software and the Avamar
client plugin for the appropriate database type.
• During a backup, the Avamar database clients communicate with the
database API or backup utility, and pass data to be backed up by
avtar. The avtar process then sends the data to the Avamar server.
If the Avamar has an integrated PowerProtect DD, the data goes to the
PowerProtect DD, and metadata is stored on the Avamar server.
Desktop/Laptop Features
Desktop/Laptop Backups
The following table describes the methods for starting a client backup:
Backups administrators «
Domain C Policy
0 Dashboard
back up other Px Asset Management
V BZ
v B clients ADD 1 EDIT 1 (»1 DELETE 1w RUN 1O
Avamar client Pol<y > n Desktopclient
S] Backup Policy
Name Domain Type
systems in the
t
Advanced Policy
S Setting
groups that are
associated 1 Avamar
with an m Backup
Avamar M
Search
Next Backup: DTLT Group at 3.'24,'20 1:00 AM (in 6 hours and 36 minutes)
Group Policy
Group ’Oley
*
Aozosa
Browse
cieruDesKtopCiert DTLT Group
p client on the
j
Source Data:
C Aoacxup
P4e Paths
C --users
P4e Paths
c Aoaocup
Desktop/Laptop
Hiotory
Interac Interactive
tive backups allow
Back Up Now
users to select a
Back Up... Avamar
backup group that Restore...
Languages
the client and Search
Next Backup: DTLT Group at 3/24/20
Manage
back up the client Group Policy
When on-demand 1 Cb El
.21 Backup
CADawup
Excluded:
Frfe Patts
backup sets are C users
ator •<
included
enabled,
A
Fife Patts
Cu itemize...
interactive 3 sr 20 History
C ADacxup
backups also
allow users to
- tg p, 6:26 PM
3/23/2020
Desktop/Laptop Restores
Avamar ? .
Restore
• Original location
• New location
The Avamar Client for Windows includes the agent, Windows File System
plugin, and the Windows VSS plugin. The Windows File System plugin
enables backups and restores of the file system data on a stand-alone
Windows system or on a share storage in a Windows Cluster.
G Microsoft Windows Vista, 7, 8 8 1 10 and Microsoft Windows Server 2008 2008 R2 2012. 2012 R2 2016 2019
Click Instal to begin the installation. Click Back to review or change any of your
MC server: nstalabon settings. Ckk Cancel to exit the wizard.
|ave 192.emc.edu
MC domain:
Asset Management
Tasks
Create, edit, The user must be logged into the root domain with
and delete the Administrator privilege.
domains.
Create, edit, The user must be logged into a domain with the
and delete Administrator privilege.
users.
Create, edit, The user must be logged into a domain with the
and delete Administrator privilege.
clients.
Move clients to The user must be logged into a domain with the
a different Administrator privilege.
domain.
Avamar Domains
Avamar client domains are distinct zones that are used to organize and
separate backup clients for administrative purposes. The server provides
enhanced security by enabling administrators to define administrative user
accounts on a domain-by-domain basis.
Avamar client domains are internal to the Avamar server and have nothing
to do with Internet or Active Directory domains.
Avamar Domains
Domain ©
v to/
v D clients
v & DataCenterA
> ED SOL_Clients
v & DataCenterB :
> Oracle Clients
V tl MC_RETIRED
v MC_SYSTEM
v 0 vcenterOl.demo.local
v ED Containerclients
v VirtualMachines
REPLICATE Contains
replicated
data from
other Avamar
servers. This
domain is
created once
the server
receives
replication
data.
M wmO2.delledu.lab VREGULA
/clients/WINO2Domain true true
R
The domain tree can expand to view subdomains and clients that are
assigned to the domain as shown below:
The user accounts help define the authentication that is used to grant a
user access to the Avamar system and define the role for each user.
Avamar Users
• Domains for administering the domain and any sub domains within the
domain
• Individual clients to perform backup and restore of client data
The privileges that are assigned to a user determine the tasks that the
user can perform in AUI. Also, the privileges determine the ability of the
user to initiate backups and restores.
Preconfigured Description
Users
Avamar Roles
Roles define the allowable operations for each user account. The following
are the three categories for user roles:
Roles Description
The level at which a user account is added to the Avamar system and the
role that is assigned to the user determine the access and privileges that
are assigned to that user.
The AUI and Administrator allows users to easily perform ADD, EDIT, or
DELETE a domain tasks as shown below:
Create a User
• From the AUI navigation pane, click >> and click on Setting.
• In the Setting pane, click the User tab.
• Select a domain for the new user and click +ADD.
• From the User Management window, select an authentication system.
The Authentication System list appears in a disabled state, with Axion
Authentication System (the internal system) that is selected. This step
indicates that the ability to select an enterprise authentication system is
not currently enabled.
• Enter the usernames and password, and select a role for the new user
from the list.
• Click OK to create the user.
Edit a User
Delete a User
• From the AUI navigation pane, click >> and click Setting.
• In the Setting pane, click the User tab.
• In the domain tree, select the domain and respective user and click the
DELETE button.
• Click YES to confirm the deletion of user.
The AUI and Administrator allows users to easily create, edit, or delete a
domain task as shown below:
Create a Domain
Create Domain
D0LLEMC Avamar
New domain will be added at /clients
« Name • Desktopclient
Backup Policy
> MC.SYSTEM Location
Advanced Policy
% Replication Policy
Domain @
V &/
v & clients :
> D Desktopclient
> XYZDomain
> tJ MC-RETIRED
> MC.SYSTEM
Create a Domain
• Enter the name of the new domain and fill out optional areas as
needed.
• Click OK to create the new domain.
Edit a Domain
« Name '
Domain © Asset Management
Q Dashboard Optional infomation
v b/
Pi Asset Management > clients
Contact JonnDoe
Edit a Domain
Delete a Domain
D0LLEMC Avamar
«
Domain © Asset Management
© Dashboard
&/
Pi Asset Management D clients
Policy D Engineering :
® Backup Policy
Edit Domain
o? ADD CLIENT
Advanced Policy Delete Domain
a Delete Domain
Are you sure you want to delete domain /Engineenng?
CANCEL
Delete a Domain
The following steps are used to register a client with the AUI:
D0LLEMC Avamar
*X Asset Management
e» clients 2 Option* Wormabon CMnt Doolin
Policy > D DesktopC
Backup Pobcy > m XYZDomain
D MC.RETIREO
Advanced Policy
D MC_SYSTEM
Ta. Replication Policy
Name
New Client
CANCtl
: Opccn*i
Add a Client
1. Once logged in to the AUI, click on Asset Management and then click
ADD CLIENT.
2. In the New Client page, select the Client Type, enter the new client
name, and click NEXT.
3. Review the client information in the Finish page, click ADD.
14In order for activation to succeed, the client must be present on the
network. Then client software must be installed and running, and the
Avamar server must be able to resolve the hostname that is used to
register the client.
tar
Edit Cbent
Name Domain Enabled Activated ype
Delete C ent
wmOi emc ec?j /clients/Desktop true false AR
Client invite Client
Move C ent
Retire Cent
Inviting a client
In Windows, with the client software is installed, activate the client by right-
clicking the Avamar client (avscc) tray icon and choosing Manage > Activate.
Activate Close
In Linux and UNIX, the client registration process using the avregister
command also activates the client.
leg-sun3# /opt/AVMRclnt/bin/avregister
Enter the Administrator server address (DNS text name, not numeric IP address) avei.emc.edu
Enter the Avamar server domain [clients]:
avagent.d Info: Stopping Avamar Client Agent (avagent)...
avagent.d Info: Client Agent stopped.
avagent Info <5241>: Logging to /opt/AVMRclnt/var/avagent.log
avagent.d Info: Client activated successfully.
avagent Info <5241>: Logging to /opt/AVMRclnt/var/avagent.log
avagent Info <5417>: daemonized as process id 18819
avagent.d Info: Client Agent started.
Registration Complete.
During the activation process, the Avamar server passes the client ID
(CID) to the client. The client ID is stored in an encrypted file on the client
file system.
cx«t D»un
*no* *ev*» ^*t>—
xte^veettwcw’V-**' •*<••»
enMMd
Harm » Domaxi enab4«o A<b.Md CM typ» Cl*M Summaty
H M
1
Q«rOimc»a- 7CHrevoe»»apcw»* true trua VKOUUA0
Mme mnO’emceOu Aa-WO- TW 202003 »» ex O’ 29 OW 4
••*»*•«X» M
Dom*" XM^DO^OPCM O4MWMA ftirou
O«M OS 3012 «2 5MMO-M- S*w CO"« INO!•«« BmM «4 1»
a«Miy»« vteoui>B
CO ^WS*»04
VW>«kt4»O> Tvna 2030-03- W 5? 38 *3 OMT-4
Opben SCrr.SuCCKS
CC«*4Cl»Mf«»
Ccr*4d»ho**
COHUctemxt
Ccrt*c! LocM«n
The details of the client can be viewed in the VIEW MORE option after
selecting the client.
Disabling Client
Administrators can disable a client backup from the AUI. When a client is
disabled, it cannot use the Avamar server to backup any data.
E© 1 =»*«
Dornan /c*entty©e»McpC>ent
ADO CLIENT : BACKUP I RESTORE I ADD POLICY "REFRESH I MORE ACTIONS J O*w-e0s*a" No
etktcKne n EMxd
Name Domam Enabled Activated Jrnype
Delete Cfaerf^ J
/c^vDwktoo
Client
true true
mvre cient
invite Client **
Allow a^rt ntateo bAC. 14«
Move Chent
ABM h« on cX"t nt rec badnc: B
Retire Cl*nt
rp ADD CLIENT (♦, BACKUP RESTORE ADD POLICY 0 REFRESH MORE ACTIONS =
Disable a Client
Shown here are the steps to disable the client in the AUI:
Administrators can perform additional tasks with clients from the AUI.
Asset Management
Activities Pobcies
Edit Ghent
Name Domain Enabled Activated j
Delete Cl ert
/c ents/Desktop
G winOl emc edu Client
true true
invite Client
wove Client
Retire C ent
Management tasks
Delete This permanently deletes all backups that are stored that are
Client for the client being deleted. If there is any chance that an
administrator needs to restore data from this client, retire the
client instead.
15 If the client has been replicated to another Avamar server, users at any
time can change the retention times of the replicated backups.
• Avamar Administrator
• Avamar Web Restore
• Avamar Client Web UI (Desktop/Laptop)
• Avamar Web User Interface (AUI)
Ava
aveOl.delledu.iab Avamar Administrator - Administration (/)
Actions
J Actions Tools VMware Navigation Help
Activit
O Ba mini
Pen
Run
Re
Pen
Run
ill R © Sch/Disp: Running/Running Have Unacknowledged Events © Server: Full Access inal Server
From the Account Management tab, select LDAP Maps. Click Actions
and choose New LDAP Map. Fill out the options in the New LDAP Map
dialog box. Click OK.
The LDAP Map needs to be created to allow the LDAP users to access
the Avamar. When an LDAP map is configured, all users who are
assigned to the group have access to an Avamar domain as defined by
the user role.
Users can create LDAP Maps in the Avamar Administrator and the AUI.
The map must be created in the Avamar domain in which the users have
access. When creating an LDAP map, select the LDAP group that is
created for the assigned role.
From the Account Management tab, select LDAP Maps. Click Actions and
choose New LDAP Map. Fill out the options in the New LDAP Map dialog
box. Click OK.
Other tasks that are performed on a client in the AUI and Avamar
Administrator can also be performed from the Avamar Client Manager.
The Avamar Client Manager is useful for managing large number of
clients. The Client Manager can also assist administrators with moving
clients from one Avamar server to another Avamar server.
Overview
The login page authenticates the username and the password with
administrator accounts that are registered on the Avamar server. Avamar
Client Manager only allows access for accounts with administrator
privileges on the Avamar server that is running the Avamar Client
Manager process.
• Activate
• Retire
• Move
• Upgrade
• Delete
• Change Group Associations
Administrators can also move clients from one Avamar server to another.
From the Avamar Client Manager, users can view the Summary pane and
the Actions allows user to Move, Retire, and Delete clients as needed.
Navigation Summary «
avel.emc.edu Filters : OS • Version • Period • Client Name • User Name • ’ Success Criteria - Activity Type -
Overview Actions : Move Retire Delete ivup AssoooUon •^••'Cuku etaio
ST
Clients
J Client • Domain Groups Version OS
-c: Clients /dients/DesktopClient /Default Group 19.2.100-155 Windows Server 2012 R2 Datacenter Server
M ^wmOl.emc.edu Edition (No Service Pack) 64-brt
HRegistered Clients /dients/DesktopClient /Default Group 19.2.100-155 Windows Server 2012 R2 Datacenter Server
i—’ Activated Clients f< ^W1NO2.emc.edu Edition (No Service Pack) 64-bit
a Failed Clients
@Idle Clients
a Upgrade Clients
« «
Avamar Client Manager is a web application, so the client list CSV file
must be available on the machine running the web browser. The client list
CSV is formatted according to the following rules:
Policy Group. All newly imported clients must still be assigned to Avamar
domains after import, as part of activation.
• The first row of the file must consist of the literal names for each type
of value.
• The second row, and all subsequent rows must have at least one value
and no more than two values.
• The formatting rules require a first value that is a valid hostname or
Fully Qualified Domain Name (FQDN) for a computer and a trailing
comma.
• The second value is optional, it is intended to be the directory service
logical group name for the computer. This directory service structure is
shown in Client Manager for all clients that are imported from the CSV
and allow clearer visual organization once imported.
Avamar Backups
D0LLEMC Avamar
«
© Dashboard
Domain c Policy Include Sub-domain o
[£ Asset Management
clients + ADD 0 EDIT ® DELETE & RUN C REFRESH MORE ACTIONS ;
Policy
@] Backup Policy
Name Domain Type
» Policy details
Advanced Policy
REGl Dataset
t. Replication Policy © Daily_Backup_Policy /clients AR
cG; Cloud Tier Policy FODN /dients/dataset
Scheduled Backups
CXHLEMC Avamar
«
Domain © Asset Management
Q Dashboard
&/
Asset Management
clients
Policy MC_RETIRED
9 Activit
@] Backup Policy > D MC_SYSTEM
Advanced Policy ADD CLIENT BACKUP A RESTORE
& Setting
Proxy Management
On-Demand Backups
Avamar Policies
Backup Policies
Setting
Dataset Defines the files, folders, and databases that will be backed
up, as well as the plugins required to perform that backup.
Administrators can also narrow the scope by specifying
certain content, such as file types, to exclude or include.
Datasets can be created at any domain level and can be
assigned to one or more policies and clients within the
assigned domain.
[X^LLEMC Avamar
Cemar Poky
© Oe V'toerd
* B/
A Attet Maneoerncfl:
> Pl dxeti
B
f< Proiy MeM^ement
AU I Avamar Administrator
Pre-Configured Policies
Administrators can create a policy from the Backup Policy option click +ADD.
When the Properties window appears fill out the sections for Members,
Dataset, Schedule, and Retention. Review the Summary page and click
FINISH.
Policy Summary O X
1 Propenes Dataset
PGDN /c lents/dataset
2 Members
Plugins Windows File System
3 Dataset
Schedule
4 Schedule PGDN /schedule
Recurrence type Daily
5 Retention Next run time 2020-03-28 0100 00 GMT-4
6 Summary
Retention
PGDN /c ients/retention_po icy
Retention period 60 DAYS
/Default Dataset
/OpenStack mage Dataset
/Oracle Cumulative Backup Dataset
/Oracle Differential Backup Dataset
/Oracle Fji Backup Dataset
/Oracle Incremental Backup Dataset <CCL BACK
/SOL Server Differential Backup Dataset
Server Fu i Backup Dataset
SOL Server ncremental Backup Dataset
nix Dataset
Mware Image Dataset
indows Dataset
—
clients/Dary.Dataset
*
Avamar Schedules
Overview of Schedules
Schedules that are created at the root domain level can be assigned to
any backup policy throughout the hierarchy.
Preconfigured Schedules
The times displayed when editing or creating a schedule, and the times
that are displayed in the AUI and Avamar Administrator interfaces are in
the local time zone of the Avamar Administrator client or web browser that
is running the AUI.
• The Avamar server utility node is the local time where the Avamar
server resides.
• The Avamar storage nodes, MCDB, and reports track time in GMT.
• The Avamar client20 is in local time of the client machine.
For example:
20 The time that is displayed in most client log files is the local time of the
client. However, there are some client log files that are time/date-stamped
in GMT.
To define a schedule, go to the Setting menu and select the domain that is
needed. From the Schedule tab, click +ADD. From the Create Schedule
window enter the information needed for: Basic Configuration, Recurrence
Pattern, and Activities Constraint. Review the Summary window, click FINISH.
4 Summary
Recurrence Types
Daily These policies that are associated with the schedule that
is run on a daily basis. If the Daily recurrence type is
selected, and then the backup jobs are repeated every
day at one or more times of the day. With daily
schedules, limit the duration of the activity to prevent job
overlap.
The Overtime option allows backups to run longer than their Backup
Window as configured in the relevant schedule assigned.
Edit Client
Name winOtemcedu
Domain /clients
Overtime Option
No overtime After the first successful backup for the client, the
allowed Overtime attribute is changed automatically to No
overtime allowed.
Avamar Retentions
Retention policies specify how long the backup is retained. Any backups
older than the specified retention are automatically removed from the
system.
The removal of expired backup data from the system and returning those
blocks to free space depends on several factors, including whether a
unique data segment is referenced by another backup that has not yet
expired. If the segment is still in use it is not cleared with the rest of the
expired backup's segments, also whether the garbage collection cycle has
run yet.
• Basic
• Advanced
End User Controls the retention settings for on-demand backups that
On- the client begins with, such as using the Back Up Now
Demand command on the Avamar Windows client. Advanced
retention settings are disabled on this retention policy
because advanced retention settings never apply to on-
demand backups. The End User On Demand Retention policy is
a global system object that only controls retention for on-
demand backups that the client begins with. Administrators
cannot assign the End User On Demand Retention policy to a
backup policy.
Retention Description
Setting
Always use daily scheduled backups with retention policies with advanced
retention settings. The Always keep: n weeks of daily backups setting has no
effect unless there are daily backups in the system. Depending on the
schedule used, daily backups may not be in the system.
Creating a Dataset
A single dataset definition can use more than one plug-in type. When
backing up, Avamar uses the appropriate plug-in based on the client
definition. The default dataset is used to back up all local file systems for
all clients. However, there can be instances where there is a must create a
dataset to define specific persistent requirements.
To create a dataset, go to the Setting pane, and chose the domain needed
and chose the Dataset tab and click +ADD.
In the Create DataSet window enter the following information, and click
SUBMIT.
Example:
Create DataSet
Dataset Name: Windows Dataset]
CLOSE SUBMIT
Create DataSet
Source Data Choose the base file systems, directories, or files that this
dataset can backup. Administrators can choose to either
select all data for all local file systems or enter explicit file
systems, directories, or files per plug-in type. If entering
explicit items, the default all local file systems entry for that
plug-in type is removed. Similarly, clients create a backup
for every plug-in that is installed on the client, if those
plugins have been specified in the same dataset.
Managing Backups
D0LLEMC Avamar
«
(2) Dashboard
Q winO1.emc.edu
Asset Management Backup Policy Plugin Activity Information
Policy
C REFRESH Q SEARCH
®] Backup Policy
x Date 2020-03-16 to 2020-03-25 | retrieve |
Advanced Policy
March 2020
g. Replication Policy Lo-1 Sun Mon Tue wed Thu Fri sat Plugin Retention
S Setting
Proxy Management LO
15
22
a 23
17
24
18 19
26
20
27
21
28
Windows
File System Daily
® System
29 30 31 Windows
Monitor O L0 File System Daily.Weekly,Monthly,Yearly
& Activity
A Event
M Fitness Analyzer
Search by Date
Select a client from the Asset Management, click Backup. Use the Search
option to search by dates.
Restore a Backup
win01 enx edu
4 More Options
2020 03-23
O LOCAL 1 183507 D*y Weekly MontniyVeoriy
Restore
Recall a Backup
202003-24 Windows
LOCAL 3 02 00 32 Daily
GMT*0 Fie System
202003-24 Windows
LOCAL 2 01:00:21 Fie System Daily
GMT*0
202003-23 Windows
LOCAL 1 18:35:07 Fie System Daily,Weekly.Monthly.Yearly
GMT*0
Recall a Backup
Delete a Backup
Q win0l.emc.edu
Backup Policy Plugin Activity Information
'
REFRESH H SEARCH I RESTORE DELETE I MORE ACTIONS
2020-03-24
o LOCAL 2 01:00:21
GMT-0
Windows
File System Daily No end
date
415.99
MB
2020-03-23
o LOCAL 1 18:35:07
GMT*0
Windows
File System Daily,Weekly.Monthly.Yearly No end
date
415.99
MB
Delete a Backup
_
® LOCAL 3
202003-2*
020032 n>ww>
Fie System
n^iv No end
date
O *MeM>on penod
® E -a Mt«
60
03/2S/2O20
GMT»0 OHotna«!»
LOCAL 2 W”4
G^r-o
»»rXA7W>
Fie System
PlWw No end
date
2020-03-23 Windows
LOCAL 1 «3507 Fie System Daiy.Weewiy Monthly Yearly
gst-o
Avamar divides each day into two operational windows during which
various system activities are performed:
0 1 2 2 4 5 6 7 S 9 10 11 12 1S 14 15 16 17 18 19 20 21 22 28
24 Hours duration - Amonca Now.York
S Backup Window
•Maintenance window
Maintenance This is the time the Avamar server reserves for performing
Window maintenance activities. During the Maintenance Window, the
Avamar server runs garbage collection, takes a
checkpoint, runs checkpoint validation (HFS check), and
takes a final checkpoint.
If the Avamar server is integrated with a PowerProtect DD,
the data maintenance operations, aside from garbage
collection, are performed on the DD storage. With an
integrated PowerProtect DD, during garbage collection, a
list of cleanable hashes is sent to the PowerProtect DD
and the associated data will be cleared and returned to
free space on the PowerProtect DD when the next DD
cleaning process runs by default, once a week.
Feature Functionality
The following are the three different types of backup configurations with an
Avamar that is integrated with a PowerProtect DD appliance:
Basic Configuration
Metadata for the backup is sent from the Avamar client to the Avamar
server. Avamar manages the backup even though the data is stored on a
PowerProtect DD system. Metadata is stored on the Avamar system, and
the backup data is sent to and stored on the PowerProtect DD.
Backup clients that use incremental backup22 strategies must store the
incremental on the same PowerProtect DD appliance as their associated
full backups.
The backup process for Avamar that are integrated with PowerProtect DD
uses the DDboost Protocol. DD Boost provides deduplication at the client
so that only unique data is sent across the network. The method is similar
to how Avamar provides deduplication except that the file cache is not
used (except for file system backups).
Adding a PowerProtect DD
Deleting a PowerProtect DD
The restore process from the AUI is the same whether Avamar is
integrated with PowerProtect DD or not. The difference is the workflow,
which is transparent to the backup administrator.
When the restore of a backup is initiated, the Avamar server uses the
stored metadata from the backup to locate the data on the PowerProtect
DD. The backup is restored directly from the PowerProtect DD to the
client.
During this 12-hour period Garbage Collection runs, the other time is
spent on checkpoints and HFS checks. If the HFS check completes before
the 12-hour window, the maintenance completes.
Operations Impacts
HFS Check HFS verifies the integrity of the data in the checkpoint.
24 Data Domain runs cleaning only once a week. It moves the data to
/DELETED directory under its cur directory under the Avamar Mtree. By
default, on Tuesday when Data Domain runs cleaning, it clears the entire
/DELETED directory. Recoveries of backups are not possible after hashes
are deleted from Avamar, and the space is reclaimed from Data Domain
only after weekly cleaning is successful.
25 In the event of a rollback on Avamar, the cp allows the Data Domain to
run a fast copy operation of that snapshot back to its point in time.
Administrators can restore by the date of the backup and then restore to
either the same original location, a different location, or multiple locations.
Be sure to see the user guide for each plugin for more details for restores.
Backup Content o x
’ Q &c
* S D Recovery e Name Date Size
D System volume I
2021-12-06 16 1
Q DRecovery 0
* H & Users 800
B D administrator Q
..System Volum
“e information
2021-12-16 1301
S3 20 09 KB
Q t) All Users
2021-12-06 16 1 104 GB
Q &use's 023
B Default
> B Default User
D oemouser
BD
Q3 1-3o<3Ne$
CANCEL
Be sure to refer to the user guide for each plugin for more details for
restores.
Backup Content X
Q3 1-3of3fie$
Restore Content x
Avamar
/
#VX-01 VMAOM
No Data
Restore Summary X
Restore Basic Config X
Source Client /vcanterOt oamo localMriuaiMacnr>e$/UnuM_NEF3S8agOnQ9C4(uqwSBvA
Destratror Restore to Ongnai Vrtuai Macrre 1 Content
1 Content
Type Pastore to Ongnai Virtual Mathre
2 Bas< Config
2 Basic Config
Post Restore Op"xrs Do not power on VM after restore -
3 Summary Pesto'* as a "ew ask *Mse
Pesto** Virtual Macnne
Cor*gu*atKin Pastore vrtuai Macrene
Pesto** as a new ask Confjguraacr
Post Pestora options Do not power on VM attar restore
• Check the contents of the backup in the Backup and Restore interface to
ensure that there is an entry for the Automated System Recovery
(ASR) writer.
• To recover from a disaster, provision new hardware that is similar to
the original hardware. The disk size must be at least the same size as
the source. Also, be sure to have the same number of disks.
When the new client is booted from the WinPE disk, the Avamar System
Recovery Wizard is displayed. The wizard asks for date and time
information, networking information, the address of the Avamar server,
and the backup to recover from.
The VSS plugin does not back up critical disks on shared storage in a
cluster. If the server has shared cluster storage, the cluster share must be
backed up using a file system plugin.
2: Select plugin Type, use the Windows VSS option. The Backup is
performed using the Windows VSS plugin.
3: Clear out all other plugin options, and add in the VSS options. The
dataset should have client file system and system state data.
Policy Dataset X
Dataset New
1 Properties
Dataset Name Full System Windows
2 Members
Plugin Filter All Plugins
3 Dataset
Plugins Options Source Data inclusions Exclusions
Guest backups protect the VM data with the Avamar client software.
Installing and registering are the same steps when installing and
registering a physical client.
• Backups fully support all applications and operating system clients that
are provided by Avamar.
26The Avamar server uses the vCenter server to gather information about
the target virtual machines and manage them during backup.
The image backup uses VMware vStorage API for Data Protection
(VADP) to protect virtual machine (VM) data. This is fully integrated with
vCenter Server to allow for detection of the VM clients and enable
centralized management of backup jobs. Multiple image proxies can be
configured for a single system. Proxies share the load of the backup jobs,
allowing for better performance.
TCP/IP
Clients
vcenter
Proxy
VM1
VM2
VM4
VM5
Avamar Server
Fibre Datastore
Proxies
The image proxy VM is created on the ESXi server by importing the .ova
file. Dell Technologies recommends deploying multiple proxies to allow for
several simultaneous backups.
VMCI device Device on the virtual machine PCI bus that provides support for the
virtual machine communication interface
Other
Edit Settings...
Snapshots
Create DataSet
Dataset Name TruncationSQL
Windows SharePoint
Maximum script run time (minutes): 5
[j Windows SnarePomt VSS
[J Windows Sybase ASE
Post-snapshot Script
Q Windows VMware image
Script file:
n Windows VSS
CLOSE SUBMIT
27In order to use custom scripts, the scripts must exist on the virtual
machine. In the backup options, specify a path to the scripts and provide a
username and password for a virtual machine user account that has
permission to run these scripts.
• Fiber channel Storage Area Networks (SAN) hosting VMFS and RDMS
• iSCSI channel SAN storage
• Network File Share (NFS)
The proxy mounts the virtual machine files and creates a temporary
snapshot29 and deduplicates, compresses, and sends the data to the
Avamar server.
29Once the backup completes, the vCenter server removes the temporary
snapshot.
mcserver.xml
Container Clients
Containers are defined as either dynamic or static when added to the AUI.
• The group created under the domain of the vCenter. This type of group
behaves like any normal group except that clients can be assigned to
different proxy servers.
• The Default Virtual Machine group is where new virtual machine
clients are automatically added when they are registered.
• The Default Proxy group is where VMware image proxy clients reside.
Edit Client
Username ’ administrator@vsphere.local
Password Password
Port 443
Rule Domain
CANCEL
Create Rules
New Rule
CANCEL SUBMIT
Creating a New Rule for all VMs that start with name demo
Rules30 are applied across the entire virtual environment, so VMs from
various hosts, folders, and vApps can all match the same rule. Rules allow
the administrator to filter virtual machines based on various attributes such
as the VM Name, tag, vApp, and more.
More Autodiscovery
30When protecting an ESXi only the VM names and the root folder are
supported in rules.
server will not be fully removed from Avamar, but the VM's icon will
turn from blue to gray. This allows backups that are taken of the
deleted VM to still be restored until they expire.
HTTPS
network connection. The proxy server uses AvFS, which allows the proxy
to access the backed-up VMDK files.
• The proxy sends a customized download script that contains all the
requested file names to the client virtual machine.
• The client runs this script, which downloads the files from the proxy
with the wget command. To take advantage of the performance
improvement. The wget needs to be installed on the client prior to use.
File Copy
Avamar uses the File Copy method only when the HTTPS is not available.
The File Copy method can be used if the client is offline, and only a small
amount of data needs to be restored.
The administrator can choose to migrate the virtual machine from the
PowerProtect DD NFS share to a datastore within the vCenter using
storage vMotion.
The Avamar replication job copies client backups from the source Avamar
system to an alternate destination31. Replicating backups to an alternate
destination protects against data loss if the source Avamar system fails.
Avamar also provides the option to perform policy-based replication and
command-line replication.
The replication process is initiated from the source Avamar server. If the
data that has been selected for replication includes data that is stored on
the source PowerProtect DD, the source Avamar queries the target
Avamar server to ensure that there is a target PowerProtect DD. The
source Avamar also communicates with the target PowerProtect DD to
ensure that replication is possible.
The source Avamar replicates metadata to the target Avamar while the
source PowerProtect DD sends backup data directly to the target
PowerProtect DD. Since the source Avamar server must communicate
with the target PowerProtect DD, it is not possible to separate the Avamar
and PowerProtect DD traffic onto separate networks. The data is not
staged on the Avamar server.
Ensure that the target site has an Avamar server that is configured with its
own PowerProtect DD. Be sure that the destination systems have enough
capacity to store all data, especially when multiple systems are replicating
to one.
Prior to setting up any replication, first add replication for each system.
The administrator must set up one or more replication groups that define
the settings and if needed, create a daily, weekly, or monthly schedule.
Replication Types
Policy-Based Replication
DeiLEMC Avamar
«
Replication Policy
0 Dashboard
!*• Asset Management + ADD C REFRESH
Policy
| % Replication Policy
Administration
& Setting
§ Proxy Management
UI System
Monitor
Activity
No Pol ic
Pl Event
IS Fitness Analyzer
Command-Line Replication
The replication process is initiated from the source Avamar server. If the
data selected for replication includes data that is stored on the source
PowerProtect DD, the source Avamar queries the target Avamar server to
ensure that there is a target PowerProtect DD.
Since the source Avamar server must communicate with the target
PowerProtect DD, it is not possible to separate the Avamar and
PowerProtect DD traffic onto separate networks.
D0LLEMC Avamar
«
System
(2) Dashboard
Pi Asset Management Certificate VMware Plugin DD NFS Datastores Data Dorna n R<
Pobcy
I ADD EDIT > DELETE C REFRESH
& Backup Policy
Administration
Account
1 System
& Setting user NamefDDBoost) ddboost_user
2 SNMP
Password
S Proxy Management 3 Tiering
verify Password
System
Instant Access
Monitor instant Access limit 32
Max Streams
Mise
CANCEL VALIDATE
If the Data Domain system is already listed, select the system and click
Edit.
To map a domain:
tXM-LEMC Avamar
«
System
Q Dashboard
Pl Asset Management Certificate VMware Plugin DD NPS Datastores Data Domain Replication Destination Storage Mapping
Poky
Data Domain
(•) ddve2.emc.edu
SUBMIT CANCEL
Map a domain
Replication Destination
Replication Destination
36An Avamar system can also replicate to another Avamar system that is
running a different version of the Avamar server software. However, the
best results occur with the same software version.
Name
Encryption High v
Configuration
Credentials
VALIDATE
CANCEL
D^LLEMC Avamar ® S’ © ©
«
Domain Asset Management
© Dashboard
&/
Ass*, Management
D clients Clients The VIEW MORE
Pd*cy MC.RETIRED displays the details of the
D MC_SYSTEM
0j Backup Policy
£5 REPLICATE
backup
Qi Advanced Policy v £5 avel emc ed & RESTORE
© LOCAL 1 2020-03-25
04 50 02 GMT-
Windows
File System
Not
tagged
2020-05-23
200000
415 99
MS
Em
4 GMT-4
EXM.LFMC Avamar
Domain C Setting
Q Dashboard
Ei Asset Management
y
_
>
_
D clients
Schedule Retention Dataset Rule User
fg Advanced Policy
Name Domain Recurrence Start
Time
Replication Policy
Administration
Default / Weekly 23.00
& Setting Replication
Schedule
• Members
• Backup Filters
• Schedule
• Retention
• Destination
Replication Policy
Q Dashboard
Policy
fg Advanced Policy
/Default
(•) repl_policy true Replication ave2.emc.edu
% Replication Policy Schedule
D0LLEMC Avamar
«
Activity Auto- Refresh «3
Q Dashboard
Monitor
Rephcafon Sou
& Activity
©Failed avel emc edu 0%°GMT?4°61 0 Replicate
O Event
© Failed avelemc.edu s^GMT-a 03 5
3
0 Replicate
Replication Sou
1 - 5 of 5 Activities
ADMe Compatibilities
Phases of ADMe
37The only exception to this is that Oracle and PAX file archives. User
need to leverage the Avamar to complete the restores.
The Avamar Cloud Tier feature works in tandem with the PowerProtect
DD Cloud Tier feature to move Avamar backups from PowerProtect DD
series appliances to the cloud. Cloud Tier provides long-term storage of
Avamar backups by seamlessly and securely tiering data to the cloud.
Avamar moves the existing backups that have been marked for tiering to
the new cloud unit, and the PowerProtect DD system triggers data
movement. Avamar marks the backups for tiering while the PowerProtect
DD system triggers data movement. Only backups older than 14 days can
be marked for Cloud Tier data movement.
To use the Cloud Tier feature on Avamar, enable the Cloud Tier on the
PowerProtect DD system first.
1 System
Cloud Unit
D0LLEMC Avamar
Polky
Advanced Policy
Cloud T Policy
Administration
Qi Setting
[J Proxy Management
® System
• From the navigation pane, click Cloud Tier Policy and click + ADD.
• Follow the steps in the Policy wizard to complete the Cloud Tier
Policy.
A Cloud Tier policy runs according to the schedule selected during the
configuration of the Cloud Tier policy.
D0LLEMC Avamar
«
Cloud Tier Policy
(2) Dashboard
Advanced Policy
Cloud_Tier_Policy true Default Tienng Schedule
q. Replication Policy
Administration
Setting
CXAL
38 The Cloud Tier is the representation of the size of the storage that is
provided from the supported Cloud Provider.
39 The active tier is the default storage tier that exists when the file system
is created.
Avamar supports file level (FLR) restore from Elastic Cloud Storage (ECS)
cloud units. When the backups are stored on a non-ECS cloud, the entire
backup needs to be recalled to the PowerProtect DD active tier before
FLR can be performed.
Avamar Profiles
Managing Profiles
• Pop-up Alerts
• Acknowledgement-required list
• Email messages
• Syslog files
• SNMP traps
Third-party tools and applications can also be used to monitor and report
on the syslog files and SNMP traps.
OK Cancel Help
The System Profile contains all possible system event codes. System event
codes can be edited to control whether an event generates a pop-up alert
in Avamar Administrator, an entry in the common unacknowledged events
list, or neither.
Sequencing Activity
Notes
The Event Management pane in the AUI is seen from Event Management
window. Use filters to narrow down the event viewing, and a selection can
be reset of retrieved by dates.
1: The Event Management offers views for Critical, Error, and Warnings.
2: Filters can be set to narrow down the events. Administrators can use
a date range, Type, and Categories. Selecting the Unacknowledge event only and
then select RETRIEVE.
DetLEMC Avamar
«
Server Management
0] Backup Policy
Checkpoints Backup Window Garbage Collection Services
fg Advanced Policy
rvo 1 UKCOUL UM 1 HDHOC KUI II III iy
% Replication Policy
Core services WEB SERVICES Running
<S Cloud Tier Policy
WEB RESTORE DISK SPACE 261.573.56OK
AVAILABLE
= Validation Policy
LOGIN MANAGER Running
Administration GSAN STATE Full Access
SNMP SUB-AGENT t
Disabled •
AUI ConnectEMC
Disable, Used to test any of these transports and to test any new
Stop, and changes that are made.
Test
Help This can be used at any time to provide more details for
the ConnectEMC feature.
Avamar Checkpoints
when required. By default, Avamar always retains the last two checkpoints
including the last validated checkpoint.
Server Management
CREATE REFRESH
Checkpoints in AUI
Creating Checkpoints
Server Management
+ CREATE C REFRESH
A Create Checkpoint
Validated
The maintenance scheduler is enabled The maintenance scheduler will be
disabled for the duration of this operation and regularly scheduled
cp 20211216090102
maintenance operation will not run Do you want to continue?
cp 20211216090446
CANCEL YES
Server Management
+ CREATE C REFRESH
From the Checkpoint Management window, administrators can see the latest
checkpoint with a question mark to the left. This question mark is a
checkpoint that is not yet validated.
To view and or create a checkpoint (cp) in the AUI, from the left menu
select the Server option. From the Server Management window click on the
Checkpoints tab and click +CREATE.
From the Server Management window, administrators can see the latest
checkpoint with a question mark to the left. This questions mark is a
checkpoint that is not yet validated.
Checkpoint Utilization
admingavel:-/>: cps
Checkpoints Utilization
The cps command shows the total amount of data in cur directory for
each checkpoint directory on the node in which the command is run. The
cps command can only be run from single-node server or multi-node
server storage nodes. In a multi-node server environment, first copy the
cps executable file from the utility node to each storage node.
Mise
CANCEL
42If a disaster were to occur and the Avamar server is destroyed, the
checkpoint data can be restored.
Performing a Rollback
Forced Rollbacks
If a data server (gsan) did not shut down correctly, dpnctl prompts for a
rollback upon restart. A rollback can also be forced using the--
force_rollback option in dpnctl start.
|
admin@ave-01:-/>: cplist
cp.20211216090102 Thu Dec 16 09:01:02 2021
-
adialn@ave 01:~/s|:
dpnctl start —
force_rol]
Identity added: /home/admin/.ssh/admin_key
cp.20211216090446 Thu Dec 16 09:04:46 2021
|
admin@ave-01:~/>:
Considerations
Avamar Monitoring
[XM-LEMC Avamar
«
Q Dashboard
Activity Auto-Refresh o
Pl Asset Management
Policy
On O Waiting ©0 ACtiV'tes
Running 0 9Activities
O Completed
Sj Backup Policy C REFRESH Filter activities by domain: / Fi ter activities by duration: Last 72 hours
Advanced Policy
Status Client y Started y Processed Rugin y Type Y > Details
Bytes
q. Replication Policy
Id: 9158498849040909
2020-03-24 Windo
Cloud Tier Policy 0 Completed win01.emc.edu 02 00 25 GM 415 99 MB ws File Scheduled Backup
’•0 System Domain /clients/DesktopC sent
f© Activity Server -
DDR d<Tvel.emc.edu
1^1 Event Nev/ Bytes 93.0%
Activity pane
Activity Monitoring
By default, the Activity Monitor tab displays the most recent 5,000 client
activities during the past 24 to 72 hours. Administrators can increase or
reduce the amount of information in the Activity Monitor by editing the
mcserver.xml file located:
/usr/local/avamar/var/mc/server_data/prefs/mcserver.xm
l
SI Fitness Analyzer E 1 .
1 - 2 of 2 Dataset /Ghent On-Demand Data
W1D: MOD-1584980576952
VIEW JOBS Shows the details of the client backup and restores.
Administratorss can also choose to download and send
to support.
Details In the window administratorss can get the details for the
client, name, domain, operating system, client release,
and proxy.
Server Monitoring
In the Server window the tabs that are offered are Server Monitor, Server
Management, Session Monitor, Checkpoint Management, and Data Domain NFS
Data Stores.
Data This tab provides the CPU, disk activity, and network activity
Domain for each node on the PowerProtect DD appliance. If the
status is yellow or red, administratos can view additional
status information to determine and resolve the problem.
Node In the Avamar tab the Node details are the following:
• Online (green is functioning correctly).
• Read-Only (blue means backups have been suspended
and normal backgrounded operations are taking place).
• Time-Out (gray is the MCS cannot communicate).
• Unknown (yellow is the Node status cannot be determined).
• Offline (red is the node has a problem and if setup a
Service Request (SR) is logged).
CPU In the Avamar tab, the details of the CPU are the following:
• Load: Avamar number of CPU threads over the past
minute.
• User: Percentage of CPU capacity that is consumed by
running server instructions (anything other than operating
system overhead).
• Sys: Percentage of CPU capacity that is consumed by the
operating system overhead.
Network In the Avamar tab, the Network details are Ping, In, and Out.
Disk In the Avamar tab, the Disk details are the following:
• Reads: Average number of hard drive reads per second as
reported by the operating system.
• Writes: Average number of hard drive writes per second
as reported by the operating system.
• Utilization: Percentage of total available server storage
capacity currently used.
System Management
From the left menu, select System, and click Server Management. In this
view, administrators can review Checkpoints, Backup Window, Garbage
Collection, and Services.
CXM-LEMC Avamar
« [XM-LEMC Avamar
© Dashboard »
System
Q
Px Asset Management
Policy Ri Certrtica VMware Piu DO NFS Datasto Data Oom Replication Destinat Storage Mapp, RSA Authentication Mana Server Managem
Administration a CHE£j^ltLTJNF2gMAlK»
2020-
& Setting
as 03-16 Tag cp 20200316101223
CP 20200316101223 9' 06122 1 25 N/A N/A 0
3GMT- Creation time 2020-03-16
& 4 06 12 23 GMT-4
S Proxy Management
Q No. OtNodefs) 1
® System 0
2020-
03-16
2020-
03-16
2020-
03-16
Stripes completed/total 25 / 25
cp 20200316112805 07:280 t 25 07 30 07303 0 Deletable No
Momtor '
<.
5GMT-
4
06
GMT-4
6GMT-
4 On Data Domain No
Fo Activity
VALIDATION INFORMATION ©
O Event
ED Fitness Analyzer -
1 2 ot 2 Checkpoints Not Validated
• Garbage collection
• Checkpoints
• HFS checks
Backup Window defines a period when the server does not perform any
maintenance activities, including checkpoint, garbage collection, and
checkpoint validation.
The Backup Window is that portion of each day reserved to perform normal
scheduled backups. By default the Backup window begins at 8 p.m. local
server time and continues uninterrupted for 12 hours until 8 a.m.
Administrators can customize the Backup Window start time and duration.
If the Avamar is not integrated with the PowerProtect DD, the garbage
collection runs once daily starting at the beginning of the Maintenance
Window.
»
System
©
Pi Certrf<a VMware Mu DD 7« Datasto Data Dorn Replicator Destinat Storage Mapc PSA Authentication Mana Server Ma-agem
a
Window start tmetm 24 2000
notes)
1
Bl Duration 12 hours
a
Q Tmezone Ar^er<a/Ne* York
0 1 2 I 4 S « 7
• 9 10 11 12 IS 14 tS 1« 17 It 19 20 21 22 21
24 Hotel duration - America New. York
• Backup Window
• Ma ntenance window
Duration 12 hours v
4 hours
5 hours
Time zone 6 hours /_York v
7 hours
3 hours
9 hours
10 hours
11 hours
13 hours
14 nours
15 hours
16 hours
Duration 12 hours v
4 hours
5 hours
Time zone York
6 hours
7 hours
S hours
9 hours
10 hours
11 hours
12 hours
13 hours
14 hours
15 hours
16 hours
America/New_York
America/Maceio
America/Managua
America/Manaus
America/Marigot
America/Mart nrque
America/Matamo'os
America/Mazatlan
America/Mendoza
Americ a/Menominee
America/Merida
Americ a/Metlakatia
America/Mexrco_City
America/Miquelon
America/Moncton
Americ a/Monterrey
America/Mcntevideo
America/Montrea
America/Montserrat
Americ a/Nassau
America/New York
HFS Checks
• Garbage collection cannot start. All other maintenance
jobs, such as checkpoint, replication, can start.
• All backup work orders are queued until the HFS has
started.
• New backups are queued.
43 During this 12-hour period Garbage Collection runs 3 hours, the other
time is spent on checkpoints and HFS checks. If the HFS check completes
before the 12-hour window, the maintenance completes.
44
In the event of a rollback on Avamar, the cp allows the PowerProtect
DD to run a fast copy operation of that snapshot back to its point in time.
New bytes are added to the Avamar server through the backup process.
Old bytes are removed from the server through expiring or deleting
backups. An administrator can control the reported capacity with the
following:
At this level Dell Support is required and will perform the following:
Gsan View
OS View
Example of steady-state
A newly deployed Avamar system typically fills rapidly for the first few
weeks. Almost every client being backed up contains large amount of
unique data. Avamar commonality feature is not leveraged until several
similar clients have been backed up or if the same clients have been
backed up at least one time.
The capacity.sh utility provides the net rate of change in the Avamar
system for each day over a period of the last two weeks. The
capacity.sh also identifies the clients with the highest change rate.
2020-03-28 0 mb 0 77 mb 3 104 mb 0 mb
0 0 0 mb 74.44%
2020-03-30 0 mb 0 1 mb 3 109 mb 0 mb
0 0 0 mb 1.20%
2020-03-31 92 mb 3 39682 mb 2 263869 mb 0 mb
0 0 92 mb 15.07%
2020-04-01 3 mb 3 88 mb 1 74046 mb 0 mb
0 0 3 mb 0.12%
2020-04-02 0 mb 0 0 mb -5 mb 0 17 -5
mb N/A
2020-04-03 0 mb 0 0 mb 0 mb 338 4 0
mb N/A
2020-04-04 0 mb 0 0 mb 0 mb 0 6 0
mb N/A
2020-04-05 0 mb 0 0 mb 0 mb 0 7 0
mb N/A
Command Action
Use the AUI dashboard to view the Capacity of the PowerProtect DD and
the GSAN.
Avamar collects and displays data for health monitoring, system alerts,
and capacity reports for the PowerProtect DD system by using SNMP
protocols.
• The Data Domain tab in the Server Monitor provides Server Utilization,
Total Capacity, and File System Used for the PowerProtect DD.
• Avamar checks the capacity of the PowerProtect DD system every 24
hours. Avamar logs an event in the Event Monitor if the capacity reaches
95% full.
To see the Active Tier and Cloud Tier space usage separately, the DDSM or
the PowerProtect DD CLI must be used.
Alerts on Avamar
Avamar does not send alerts about the capacity of the PowerProtect DD.
When capacity is full, the following alerts are sent from the Avamar.
• The data integrity issue alert appears when an HFScheck could not be
performed.
• MSG_ERR_DDR appears when Avamar maintenance fails due to space
issues. This message will appear in the Events window.
Overview Pane
Bytes The Bytes view toggle button, at the top-right corner of the
View timeline, changes the display units for the horizontal axis to
Gigabytes, so the timeline represents the amount of raw
data that is transferred to the Avamar server. This view
distinguishes the relative impact of each group on the
server.
Limitations
• Reports and summaries do not show active, running jobs. These jobs
appear in the reports and summaries after completion.
• During the initial creation of each pane, Fitness Analyzer may take
slightly longer than usual to display results. Subsequent views use
cached data.
• Results are cached for approximately 15 minutes from their creation
time. Moving away from a pane and then back, the data may not
regenerate until the cache expires.
• When there are more than 500 backup activities per day, some of the
reports that display backup activities over the default timeline reporting
of seven days may take several minutes to display data or, in extreme
cases, may become unresponsive. To avoid this situation, reduce the
number of days of data that are displayed in the timeline reporting
period to limit the report to 3000 backup activities.
'S' Overview
B? Replication summary o -
Activities Bytes Protected Client •2 Bytes Protected Per Client Report (Date Limited) c;
o -
Activities Bytes Protected Total Total Bytes Protected Report c«
Q Client summary
o -
Activities Bytes Protected Total •2 Total Bytes Protected Report (Date Limited) c<
S Proxy summary o Activities - Client Perf Track Client Performance Tracking Report (Date Limited) Ci
Backup summary 3€
Ca System Summary
0 Available reports
Generate Reports
& Group summary Activities - Bytes Protected Client Bytes Protected Per Client Report
Replication summary (•) Activities - Bytes Protected Client - 2 Bytes Protected Per Client Report (Date Limited)
Q Client summary
-
Activities Bytes Protected Total Total Bytes Protected Report
Activities - Bytes Protected Total - 2 Total Bytes Protected Report (Date Limited)
S Proxy summary Activities - Client Perf Track Client Performance Tracking Report (Date Limited)
GENERATE a report
Accessing Reports
After the report is generated, the finished report becomes available in the
Completed Reports panel.
—
O
INIT_RPT_ACT_BYTES_PROT_
CU2"
INIT RPT_ACT_BYTES_PROT_CLI2-2021-03-02-
12-31-42
2021-03-02-12-
31-42
P
DOWNLOAD a report
Group Summary
Replication Summary
Client Summary
The Client summary pane provides statistics that summarize the behavior
and attributes of individual Avamar clients.
• View History page opens to the Statistics tab. The Statistics tab contains
two panels:
− Tabular Report: Display all the recorded client activities over the
duration of the reporting period.
− Graphical Report: A graphical report that breaks down the completion
codes for each job in the tabular report.
• The Backup Timeline tab shows start and stop times of the client
activities.
Proxy Summary
Backup Summary
The Backup summary pane provides statistics that summarize the results of
individual backups on the server. The tabs that are offered are the
following:
System Summary
To create a report:
46 These necessary details are name, title, and description of the report.
Select the Report View from the drop-down list, and set filter options. After
clicking OK, the Report Name is listed under the selected domain in
Manage All Reports.
The Avamar server uses a PostgreSQL database to store the data. The
following are some of the details:
Database Views
MCS database views define the types of information accessible from the
Avamar Administrator. Shown below are some of the supported database
views:
psql mcdb
\d Displays all
tables and
views
\d v_groups Shows
columns in
tables
\o /tmp/sample_report_output Redirect
output to a file
B Bookl - Excel
File Home Insert Page Layout Formulas Data Review View Help Q Tell me what you want to do
Get External
Show Queries
PS^Properties
IL~
Connections A
z
Sort
Reapply B'S Remove Duplicates
Data’
New Refresh
All Edit Links U Filter
X Advanced
Text to
Columns Data Validation ’ f^l Manage Data
Connections Sort & Filter Data Tools
From File
Al
From Database
A E F G H 1 K | L M J N
2 From Azure
3
4 From Online Services
5
6 From Other Sources From Web
7
8
| Combine Queries From SharePoint List
9
10 [J Data Source Settings...
11 From OData Feed
|??| Query Options
12
13 From Hadoop File (HDFS)
14
15 From Active Directory
16
17 From ODBC
From Microsoft Excl
18 Import data from ODBC.
19
From ODBC
20
In Microsoft Excel, select Data > Get Data > From Other Sources >
From Microsoft Query, and select MCDatabase as the data source.
Possible situations that may block a successful backup are the following:
High Client High client activity levels can prevent files from being
Activity backed up or backed up in the backup window. These
tasks have Completed with Exceptions as their status.
The following actions help reduce errors and perform successful backups:
Activity Auto-Refresh «3
©0 Activates
Waiting 0 Running © 15 Activities
Completed o
filter activities Oy domain / v Filter activities by duration: Ail »
0 Completed wm01 emc edu 2020-03-31 02 05 23 GMT-4 62 32 GB Windows Rie System Scnedued Backup
> 0 Completed ave! emc edu 2020-03-31 02 00 44 GMT-4 114 GB Replicate Repxcation Source
©Competed winOI emc edu 2020-03-31 02 00 01 GMT-4 62 31 GB Windows File System Scheduled Backup
0 Comp eted wm01 emc edu 2020-03-31 0105 23 GMT-4 62 33 GB Windows File System Scheduled Backup
0 Completed winOI emc edu 2020-03-31 0100.01 GMT-4 62 32 GB Windows File System Scnedued Backup
0 Competed wmO1 emc edu 2020-03-30 02 07 02 GMT-4 62 33 GB Windows File System Scheduled Backup
> A Competed w/Exceptoi ave! emc edu 2020-03-30 02 00 14 GMT-4 105 GB RepKate Rep icaton Source
0 Competed wm01 emc.edu 2020-03-30 02 00 01 GMT-4 62 32 GB Windows "lie System Scheduled Backup
0 Completed wm01 emc edu 2020-03-30 0107 02 GMT-4 62 34 GB Windows File Sys 3001 Scheduled Backup
Activity View
Action Description
Monitor Daily Regularly review the Activity window and other backup
Activities activity reports to ensure healthy backups.
Initial backups can be large and may lead to issues with client
initialization. Potential issues include:
Time-Out
If the initial backups are larger than daily backups, initial backups time out
at the end of the backup window that is configured to meet daily backup
requirements. Some errors administrators may see are as follows:
Network Issues
• If the backup ends abruptly, partial backups may not be saved. Dell
Technologies recommends breaking the backup into smaller datasets
to avoid such situations.
• Always run a ping test between server and client to validate any
network connectivity issues.
The Avamar server has server log files that may help an administrator
troubleshoot an Avamar server.
The output of the getlogs script is a single tar file that contains the
compressed logs from all nodes.
Client Logs
Client logs on the client machine provide information about the backup
and restore operations.
• Windows
Work order: %SystemDrive%\Program Files\avs\var\clientlogs\
Agent: %SystemDrive%\Program Files\avs\var\
Console: %APPDATA%\Avamar\
• Linux and Mac
Mac: $HOME/.avamardata/
Avtar Logs
• Scheduled backups:
− <Schedule name>-<Group name>-<Unix time in msec>
• Ad hoc group or client backups using a defined group policy:
− <Group name>-<Unix time in msec>
• Ad hoc backups that are performed through Backup and Restore:
− MOD-<Unix time in msec>
cid.bin
The cid.bin file is essential for the client to communicate with the Avamar
server.
cid.bin - Notepad
File Edit Format View Help
-°
avel.emc.edu
2512d2f536d492c2a5b6b37cd82cll0aa47ba9
f41584352822
• This file is located in the installation location /var on the client machine.
Miscellaneous Logs
Logs for activities run the cron include health_check.log and replicate.log.
The logs for activities are located in /usr/local/avamar/var/cron on
the utility node.
Checkpoint, HFS check, and garbage collection are in the persistent store
in /sysinfo/log.
Garbage Collection
BYTES RECOVERED 0
CHUNKS DELETED 0
ELAPSED TIME 05
END TIME 1969-12-3119:00 00 GMT-5
INDEXSTRIPES PROCESSED 0
INDEXSTRIPES TOTAL 0
MEGABYTES RECOVERED 0MB
NODE COUNT 1
PASSES 1
RESULT OK s/
START TIME 1969-12-3119:00 00 GMT-5
47A partial backup is when a backup did not complete in a backup window
or had errors during a scheduled backup.
Avamar Server
An Avamar server is a logical grouping of one or more nodes that are
used to store and manage client backups. The server also provides
processes and services that are required for client access and remote
system administration.
Critical Disk
A critical disk is defined as one that contains operating system files or
application services. Dell Technologies recommends any application data,
such as database or Exchange files, be on a separate disk.
EMT
The Avamar EM Tomcat server (EMT) provides essential services that are
required to display, and work with Avamar server.information. The EMT
communicates directly to the MCS and is required for all Avamar systems.
GSAN
Global Storage Area Network, also known as the Avamar server
subsystem. The GSAN process communicates with the Avamar clients.
LDAP Map
LDAP map is an association between an LDAP user group and an Avamar
domain and role.
MCDB
MCS
The Avamar MCS (Management Console Server) provides centralized
management including scheduling of backups, restore of backups,
monitoring and reporting. When administrators open the Avamar User
Interface, they are interacting with the MCS.
MCS
Provides centralized administration (scheduling, monitoring, and
management) for the Avamar server.
PostgreSQL
PostgreSQL is an open-source Relational Database management System
(RDMS). Avamar uses the PostgreSQL to store data. The information in
the Avamar database is accessible through any PostgreSql compliant
ODBC interface.
PARTICIPANT GUIDE
PARTICIPANT GUIDE
Dell Avamar Installation and Maintenance- Participant Guide
Dell SolVe
SolVe Online
Tip: Users can also access the SolVe online version which
contains all the procedures as SolVe desktop. For other
documents, see the Dell Support site.
The following manuals and guides are available on the Dell support portal:
Dell Support
Required Tools
Before going onsite to install the Avamar GEN4T, the following is needed:
Other items that may be needed are tie straps, Phillips screwdriver, and
labels for cables.
Required Files
Customer Supplied
Installation Overview
1. Install the nodes1 into the rack and perform internal network cabling.
Some larger systems will already be in the rack and pre cabled,
pending customer needs.
2. Configure initial network configuration.
Node Placement
All the Avamar nodes must be placed in the rack. Typically, nodes are
installed in a Dell Titan rack, but an existing customer rack may also be
used.
Multinode racking
Avamar Data Store (ADS) is the physical hardware edition of Avamar. The
Avamar Data Store has the following features:
Initial configurations range from four to eighteen nodes, one utility node
plus a maximum of sixteen active storage nodes and one optional
spare storage node.
2In a single-node setup, the single node performs all Avamar functions.
Whereas in a multi-node configuration, a group of nodes work together as
a single Avamar server.
Avamar Single-Node
With the Gen4T version of hardware, there are four options for a single-
node Avamar Data Store:
Avamar Multi-Node
6 Most larger systems will shipped in the rack and may not need to be
racked or assembled.
NDMP Accelerator
In Dell PowerProtect 8300, the utility node is placed on top of the NDMP
accelerator, with the storage nodes above it. The Avamar switches are
placed at the top of the rack, just below the Dell PowerProtect switch.
Connect both power supplies on each node to the power distribution units
(PDUs). The top power supply on each node connects to the PDU on the
left, and the bottom power supply on each node connects to the PDU on
the right.
Cable ties are used to combine and tie the power cables together.
Depending on whether the power is single-phase, three-phase delta, or
three-phase, the exact receptacle on the PDU used for each node varies.
PDU Connections
For a multi-node server, there are two network cable bundles, one for
each switch:
Single-Node Networking
Single-node networking
Multi-Node Networking
Multi-node servers use the same ports as a single-node server with the
following changes:
Switch B
• SLIC1NIC3 connects to
internal8Switch B, at the top.
8An easy way to remember this is that the top NIC of SLIC1 on the node
connects to the top switch.
port 2.
Port Labeling
In an Avamar system, each node has two Subscriber Line Interface Card
(SLICs) that provide four NICs each.
SLIC1NIC0
Port labeling
• The SLICs are named SLIC0 on the left, and SLIC1 on the right.
• The ports on SLICs are named NIC0, NIC1, NIC2, and NIC3, from the
bottom to top.
• Ports are named by combining the names of SLIC and NIC. The
customer connections are bonded together as bond0, and internal
connections are bonded together as bond1. Each bond has its own IP
address and these bonds are on the OS only and are Active or
Passive.
− The NICs on left side of the rear I/O panel are used for dedicated
RMC connections.
− The NICs on the right of the rear I/O panel are used for shared
RMC connections.
Multi-node Avamar servers have two Dell N1124T switches for internal
networking, a primary switch A and secondary switch B for failover
functionality.
RMC Options
9 The storage nodes should be connected in the order that they are in the
rack, from bottom to top. For example, storage node 1 at the bottom of the
rack connects to port 2, storage node 2 connects to port 3.
10 This port is dedicated to RMC and does not work for anything else.
Shared RMC can work without using additional ports. In this case,
(Right RMC can share a port with backup traffic. The RMC shared
Port) port on the right is enabled for RMC and also mapped
internally to eth0 for regular network use. The backup
Power on each node after the nodes are racked and cabled. To power on
a node11, press the reset/power button on the rear I/O panel with a tool or
paperclip. Once the nodes are powered on, on the utility node or single-
node:
• Connect a laptop to the serial port. (The nodes have no local ports for
a keyboard or mouse)
• Use PuTTy to connect and configure serial connections. Configure the
PuTTY for serial connections and linux keyboard as shown here.
11The order in which the nodes are powered on is not important since
they do not have any Avamar software installed. They are individual nodes
with an SLES operating system installed.
Modifying Bondconf.xml
bondconf.xml
Ensure that the entry for the backup network, bond0, includes the proper
port names.
12By default, the eth1 and eth2 network ports are bonded together for the
backup network as bond0. However, if the customer chooses to use
shared RMC ports, the backup network uses eth0 and eth1 instead. In this
case, the bonding configuration file has to be modified.
13The user can modify them manually or copy the bondconf.xml file from
the utility node once networking has been configured on all nodes.
3. Select the primary backup port and edit it. For dedicated RMC
configurations14, the primary backup port is eth1.
4. Set DNS parameters and gateway information.
Network Settings
</node>
—
rGloba 1 Opt ions Overview — Hostnane/DNS — Routing—
Nane IP Address Device Note
</nodes>
<bo.n.ds> Ethernet Network Card
Linernei nctworK carci
ffilll
ethd
<bond name="bondO" mode="l"> Ethernet Network Card eth3
Ethernet Network Card eth4
<slave>ethl</slave> Ethernet Network Card eth5
Ethernet Network Card eth6
<slave>eth2</slave>
</bond> 1
V J Ethernet Network Card
MAC 00:50:56:01:27:4b
3
PusID 0000:02:01.0
f1
[ Add IQOQ1I Delete]
(— J
(Help] (Back) (Cancc 1J [ OK ]
Use the yast utility to set the IP Address, subnet mask, hostname, DNS
parameters, and gateway. Ensure that the primary ports connected are
correct - eth1 for dedicated RMC and eth0 for shared RMC.
14 For shared RMC configurations, the primary backup port is eth0. Also
provide an IP Address, subnet mask, and hostname.
15 Modify the bondconf.xml file manually or copy the already modified file
For the complete installation to take place, the installation files and their
md5sum files must be transferred to the utility node, or the single node
server. Transfer files to the directory /usr/local/avamar/src/ on the
utility node or the single-node. The files include:
1. Run an md5sum check on each file to ensure that they were not
corrupted.
2. Extract the Avamar bundle .zip file.
Test the internal network security of the system by running the Network
Test Script17.
16 The Avamar bundle zip file includes different installation files including
the avinstaller-bootstrap file, dpnnetutil, and the network test script.
17 The Network Test Script is extracted from the Avamar bundle. This
script must be run on multi-node installations. It will ensure that all internal
network connections have been made to the right ports on the right
switches.
Success Failed
Interface:eth8:; MAC Address:c...>; Vendor:CLARIION ; ## Neighbors IPv6 responses to IPv6 check
Link detected:yes; Speed:1Gb; Duplex:full; Auto ##
negotiation:on 11 neighbor responses were received from
WARN: No link detected in eth2: MAC:<...>, this is Switch A
cabling error or non HA configuration of backup network 10 neighbor responses were received from
.
of host <. .> Switch B
HINT: Check cable, port eth2: MAC:<...> settings on host ERROR: Switch A and Switch B have a
<...> and corresponding switch port different count of neighbor nodes
Verifying link presence and connection quality, RESULT:
PASSED #### There're some ERROR with the network
configuration. ####
RESULT: PASSED
A successful test reports that no errors were found and it will also report
the correct number of storage nodes, including the spare if one is present.
For example, if four nodes are connected to both switch A and B and the
report matches, and then the cabling is correct and the network is working.
Install system tools, update firmware, and configure power button for each
node.
A few system tools are not preinstalled in the Gen4T operating system. To
Install these tools on each node, perform the following steps:
unzip gen4t-sys-<version>.zip
cd gen4t-sys-<version>
./avsetup.sh
Update Firmware
mount /firmware
rm -rf /firmware/*
cd /firmware
cp -p /usr/local/avamar/src
/Avamar_EMC_l705.zip .
unzip Avamar_EMC_l705.zip
reboot
./dpnnetutil-<Version>.run
dpnnetutil
Enter the VLAN id (number m range 1..999) available m the interface bondO
(leave blank to continue)
Dpnnetutil is a part of the Avamar Bundle .zip file. To use it, install the
utility from its .run file, and run the dpnnetutilutility tool.20
Step 1
Using PuTTY, establish an SSH session to the server, and log in as the
admin user. Perform the following:
WinSCP
Step 2
ls -l AvamarInstallSles* AvamarBundle*
AvPlatformOsRollup*
2. If any of the required files do not exist, copy them using a USB device,
or download them from the FTP to:
/usr/local/avamar/src/
3. Verify the checksum by typing one of the following two commands,
depending on the type of checksum file. Here, <filename> is the
name of the required file:
a. md5sum -c <filename>*.md5sum
b. sha256sum -c <filename>*.sha256sum
-rw-r r
-rw-r r
. —— ——
1 root
1 root
v4 avp.md5sum
-rwxr-xr-x 1 root
root
root
root
988885002 Jan 13 22:40 AvPlatformOsRollup 2015-Q3-v4 .avp
68 Jan 13 22:40 AvPlatformOsRollup 2015-Q3-
Step 3
./AvamarBundle_<VERSION>/avinstaller-bootstrap-
<version>.sles11_64.x86_64.run
Step 1
Step 2
• mv /usr/local/avamar/src/AvamarInstallSles-
<version>.avp /data01/avamar/repo/packages
• mv /usr/local/avamar/src/AvPlatformOsRollup_<year>-
Q<q>-v<v>.avp /data01/avamar/repo/packages
In the commands:
• rm AvPlatformOsRollup*.md5sum
• rm AvPlatformOsRollup*.sha256sum
Step 3
Step 4
Ensure that all storage nodes are powered on and connected to the
internal network.
Step 1
D^LLEMC
O Session was timed out or server error occurred You need to re-login
Username
Password
LOGIN
Step 2
Step 3
Step 4
1. Inspect all tabs, and enter required workflow inputs. The icons next to
the fields indicate tabs containing required inputs. When all inputs have
been entered, click Save.
2. Click Continue. The Installation Progress pageappears. It displays a
progress bar, status messages, and the Information Log table.
3. Respond to all installation problems, and click Issue Resolved to
continue the installation.
Step 5
1. During the installation process, the user may login to the Avamar
Installation Manager using the new root credentials set via the
workflow inputs.
2. When the installation completes, the Installation Progress page
displays a message.
3. Close the installed by clicking the Close button.
Avamar includes a feature for callable AVPs that allows the user to run
multiple AVP packages in a single activity. This feature creates two
categories for AVP packages:
Main Workflow
The Avamar Software Installation and Avamar Server Upgrade AVPs are
the only main workflows.
Callable AVP
• The workflow tasks are consolidated so any duplicated tasks will only
be run once.
• There may be multiple workflow input pages. The number of pages can
be viewed at the bottom-left corner of the screen.
The assigned license keys for standard Avamar products are available
from Software Licensing Central (SLC) on the Online Support site. To
access Online Support, type the login credentials that are provided in the
License Activation Code (LAC) email that is sent from
licensing@emc.com, licensingnorthamerica@emc.com,
licensingemea@emc.com, or licensingapj@emc.com.
Avamar
©2001-2020 Dell Inc. or its subsidiaries. All Rights Reserved.
Avamar Username
Avamar Password
Avamar Domain
/
The earliest start time of the default schedule should be 8:00 PM. Check
and modify the default schedule as follows:
Configure Replication
nodenumbers
admungavall:-/>: nodenumbers
Nodenumbers Utility (vl.6) Mon Aug 3 04:21:37 PDT 2015
Using /usr/local/avamar/var/probe.xml
. . . .
Running ’avmaint nodelist --hfsaddr-192 168 255 2'
Appending to Zusr/local/avamar/var/nodenumbers.out
HFSCreateTime-1345584007 Mon Aug 3 04:21:37 PDT 2015
Avamar probe,xml
Logical Node Physical Node IP Address MAC Address
0.0 0.0 192.168.255.2 00:50:56:12:05:D9
0.1 0.1 192.168.255.3 00:50:56:12:05:DA
0.2 0.2 192.168.255.4 00:50:56:12:05:DB
Note:
- "Physical" means "probe order", not rack location.
• The utility node requires a valid probe.xml file. The probe.xml file is
required in order to resolve MODULE.NODE designations into actual
IP addresses. The utility node requires a valid probe.xml file.
• The SYSPROBEDIR environment variable stores the path to probe.out
file.
• If SYSPROBEDIR is not set, the default probe.xml location is used.
Override this location with the --nodedb=FILE option
mapall
rootgutility:/usr/local/ava&ar/src/*: mapall —
all --user-root 'date*
Using /usr/local/avamar/var /probe.xml
(O.s) ssh -x -o GSSAPIAuthentication-no rootg!92.168.255.31 ’date*
Mon Aug 3 04:21:37 PDT 2015
(0.0) ssh -x -o GSSAPIAuthentication-no root9192.168.25S.32 ‘date*
Mon Aug 3 04:21:37 PDT 2015
(0.1) ssh -x -o GSSAPIAuthentication-no root8192.168.255.33 ’date’
Mon Aug 3 04:21:37 PDT 2015
(0.2) ssh -x -o GSSAPIAuthentication-no rootg!92.168.255.34 *date'
Mon Aug 3 04:21:37 PDT 2015
rootgutility:/usr/local/avamar/src/4:|
The mapall command runs the same command on all of the nodes in the
Avamar server. Load SSH keys to avoid password prompts.
avmaint
ssn
The ssn command is the Avamar secure remote shell program. This
program wraps the OpenSSH ssh program to accept simpler
MODULE.NODE designations. The ssn utility requires a valid probe.xml
file in order to resolve MODULE.NODE designations into actual IP
addresses.
scn
The scn command is the Avamar secure file copy program. The scn
program uses MODULE.NODE (0.0, for example) to represent a source or
destination instead of a hostname. This utility requires a valid probe.xml
file.
The scn program copies to or from the running nodes. The probe.xml
file specifies running status of a node by the connected attribute’s setting.
True indicates a node is running, and false indicates it is not running.
dpnctl
Use the dpnctl utility21 to manually start up, stop, enable, disable, and
check the status of Avamar server subsystems. It implements unattended
automated shutdowns and restarts of single-node servers. It also
simplifies shutdowns and restarts on all Avamar servers.
getlogs
The getlogs command gathers important log files22 from all server nodes
and writes them to local utility-node directories. The command creates a
master tar file on the utility node, which contains the individual
nodelogs.tgz files.
21 The dpnctl utility is run from the command-line on the Avamar single-
node server or utility node of a multi-node Avamar server.
22 Log files are viewed and analyzed to support maintenance and
troubleshooting activities.
23 Burn this ISO file to a DVD, and insert it to an external USB DVD drive.
Then connect the drive to the node, and boot the node. Edit the BIOS
settings to boot from the external DVD drive. Once the node is booting
from the DVD drive, select the hardware configuration of the node from
the menu. The OS installs in a few minutes.
• Root and Admin user accounts are configured with default password of
changeme.
• Disks are partitioned (data01, data02, so forth) and mounted to
proper directories.
Types of Replacement
Node Transplant
Replacement
Node
Failed
Node
Avamar Server
Node Transplant
• Configuration Tasks
• Rebuilding data from parity
Replacement
Node
Failed Node
Avamar Server
24An Avamar node may have a hardware failure in which disks are not
corrupted. In such cases, the node may be transplanted.
Command Actions
To discover the physical node number, run the mapall command. This
command is used to send a command to all nodes. But it also lists each
node’s physical node number and IP address. The example below shows
how each node reports its configured date along with its physical node
number and IP address.
Using /usr/local/avamar/var/probe.xml
(O.s) ssh -x —
o GSSAPIAuthentication=no admin@192.168.255.1 ’date'
Mon Apr 18 15:48:51 EDT 2016
(0.0) ssh -x —o GSSAPIAuthentication=no admin@192.168.255.2 * date ’
Mon Aor 18 19:48:51 UTC 2016
H0.1) ssh -x —
o GSSAPIAuthentication=no| admin@192.168.255.3 ’date'
Mon Apr 18 19:48:51 UTC 2016
− Passwords on the spare node must reflect the passwords for the
existing production Avamar system. Login to the replacement node
and use the passwd command to change passwords for root and
admin.
a. As a new physical utility node has new NICs and MAC addresses,
relicense the Avamar Server, as per the administration guide.
Avamar server licensing uses the utility node MAC addresses. If the
MAC addresses have changed, the license is no longer valid.
If the failed utility node has disk corruption, it must be fully replaced.
1. Copy the following configuration files from the failed node, if possible: 25
a. probe.xml
b. sysconfig.xml
c. Server log scanners file
d. Networking config files
2. Replace the node on the rack.
a. Power off the defective utility node, and perform the physical
replacement. Place the new node on the rack, and connect all
cables appropriately. It is helpful to label all cables before
unplugging them to avoid mixing up wires.
3. Copy configuration files to new node.
a. If the configuration files can be copied from the defective node,
copy them to appropriate directories the new node. If these files are
not available, they have to be reconfigured.
4. Install operating system Security Patch.
a. The new node must be brought up to the same operating system
patch level as the other nodes. Download the necessary patch files,
and install them.
5. Run the change_nodetype --utility.
a. The change_nodetype --utility is used to designate the new
node as a utility node.
6. Copy .ssh directories from any storage node.
a. SSH keys enable the utility node to securely communicate with the
other nodes.
a. Since the utility node has just been booted, its clock may not be
synchronized with the rest of the nodes.
3. Relicense the server.
a. Since the Avamar utility node has been changed, its network cards
have new MAC addresses. This means the license will no longer
work. Generate and install a new Avamar license.
4. Restore EMS and Management Console using commands26
a. emserver.sh --restore
b. mcserver.sh --restore
5. Start Avamar services.
6. Set up DTLT.
Prerequisite Tasks
Perform the following pre-requisite tasks in order to verify the health of the
server, collect important configuration files, and perform a checkpoint with
validation.
available, this task copies the files from another storage node
instead. These files are used to configure the network ports on the
replacement storage node.
5. Update checkpoint information.
a. Change the number of retained checkpoints to avoid roll-off of any
existing good checkpoints.
6. Power off the defective node.
Perform the following steps to replace a defective storage node from the
rack:
The following tasks describe how to rebuild the virtual disks and re-
kickstart the storage node over the RMC interface:
1. Configure RMC.
a. A node can communicate with a management network either by
sharing eth0 (RMC shared) or through the RMC dedicated port.
Regardless of whether the shared or dedicated port is used, the
RMC must be configured to perform the re-kickstart procedure.
2. Review the RMC configuration.
3. Mount the ISO Image or a Local DVD as a Virtual DVD Drive.
a. Ensure that the Avamar software on the node is shut down. This
procedure can be found in Solve Desktop under Avamar Service
Procedures > ADS Shutdown or Reboot Procedure.
4. Rebuild the virtual disks.
5. Rekickstart from the Virtual DVD Drive through BIOS.
− Nodes that are added to the Avamar server must be of the same
capacity and the same hardware version as the nodes already in
the server.
The following commands are used during the manual node addition
process.
Command Description
Run proactive_check.pl
28A value of zero disables load balancing. A value of one transfers only
index stripes, and any other value sets the percentage threshold at which
balancing begins.For example, a value of two means balancing occurs if a
node density is 0.2% less than the average density of the other nodes.
The default behavior of an Avamar server is to use a balancemin value of
ten during the maintenance window and zero during the backup window. If
the user modifies the balancemin parameter manually, it is no longer
automatically modified. Set balancemin to zero to enable automatic
balancing again.
a. If there are any errors, the script reports them and makes
recommendations to repair them. Be sure that all errors are
repaired before continuing.
Configure Checkpoints
To convert the new nodes into storage nodes, perform the following steps:
a. This tool collects all the network files from the utility node and
places them into a tar file. Move this file to the new node, and
extract it. The files must be edited to reflect the IP address and
settings for the new node. Restart the networking to apply the
changes.
Install RAID tools by downloading the file as shown on the slide from the
Avamar FTP site, unzip it, and install it onto the node. Many networking
files can also be copied from existing nodes. Stunnel provides TLS/SSH
tunneling services for Avamar. It must be updated before the node is
online.
The new node needs to have at least 16 GB of swap space. Check the
amount of swap space on the new node with the Linux swapon -s
command. If more swap space is needed, add 12 GB to the node29.
Modify the maximum open files that Linux enables. Change the kernel
setting fs.file-max to 1,600,000. This sets a system-wide limit. Edit the
limits.conf file and set the nofile setting (number of open files) to
10,00,000. This sets the limit on a user basis.
In order for the new nodes to be used as a part of the Avamar server, they
must appear in the probe.xml file on the utility node. Log onto the utility
node, and add the new information using commands:
then place the entire swap file there. After creating the swap files, add
them to the Linux kernels swap space with the swapon command and by
modifying the /etc/fstab file.
SSH Keys will not be present on the new nodes. These keys can be
copied from the utility node. Failure to do this causes an erroneous
warning about a potential man-in-the-middle attack to appear. OS
user passwords must be changed on all new nodes to match those
already on the server.
Configure Time
Run a date command on each node to confirm date settings. Then use
asktime on the utility node to synchronize clocks.
Each node in an Avamar server maintains a hosts file that lists the
hostnames and IP addresses of other nodes in the server.
Install License
Home • Activate .
£ ACTIVATE
Results shown below for ’LAC: ZHS2M4MYPBPY1F6L3SXT
REVIEW
COMPLETE
PARTICIPANT GUIDE
PARTICIPANT GUIDE
Data Protection and Management
Course Instruction 25
Course Objectives 25
Data Center 37
Data Center 37
Objectives 37
Introduction to Data Center 38
Data Center IT Equipment – Compute System 39
Data Center IT Equipment – Storage 41
Data Center IT Equipment – Connectivity Elements 42
Concepts in Practice 62
Concepts in Practice 62
Storage 140
Storage 140
Objectives 140
Why Storage Fault-tolerant Techniques? 140
Redundant Array of Independent Disks (RAID) 141
Redundant Array of Independent Nodes (RAIN) 142
Erasure Coding Technique 143
Hot Spare (Dynamic Drive Sparing) 144
Cache Protection - Mirroring 145
Exercise 157
Solution 158
Replication 217
Replication 218
Exercise: Data Protection in Big Data and Mobile Device Environment 382
Solution 383
Summary 474
You Have Completed This eLearning 475
Data Protection and Management – Associate 475
Appendix 477
Course Instruction
Course Objectives
Objectives
• Taking a copy of a data helps to protect the data from loss due to
many reasons.
• The sensitive data of an organization must be safeguarded so that
miscreants can't use that data to demand a ransom, publicly release
an organization's client data, and many other crimes.
For more information about the need for data protection, select here.
The correlation between data protection and availability has been depicted
in the following illustration:
Data Availability
MTBF
Data Availability = MTBF+ MTTR x 100
2:
• Revenue recognition
• Cash flow
• Lost discounts
• Payment guarantees
• Credit rating
• Stock price
• Direct losses
• Compensatory payments
• Future revenue losses
• Investment losses
Management
Servers
Data Center
Data Center
Objectives
Facility
It is the building and floor space where the data center is constructed. It
typically has a raised floor with ducts underneath holding power and
network cables.
IT equipment
Support infrastructure
Network Adapters
Servers
Network Cables
Storage Systems
Compute
Storage
Network
Scale in 5 minutes.
Lower TCO by 30%.
Deploy a fully-
virtualized environment
in just 20 minutes
Objectives
• Data protection and availability solutions assure that the data is safe
and accessible to the intended users at a required level of
performance.
1Based on the RPO, organizations plan for the frequency with which a
backup or replica must be made. For example, if the RPO of a particular
business application is 24 hours, then backups are created every
midnight. The corresponding recovery strategy is to restore data from the
set of last backups. An organization can plan for an appropriate data
protection solution on the basis of the RPO it sets.
This is the time within which systems and applications must be recovered
after an outage. It defines the amount of downtime that a business can
endure and survive. Based on the RTO, an organization can decide which
data protection technology is best suited. The more critical the application,
the lower the RTO should be.
Time
RPO = Amount of data loss that a RTO = Amount of downtime that a business
business can endure can endure
Fault-tolerant IT Infrastructure
Data Backup
Data Backup
Backup Data
Backup Server/
Media Server
Application Servers Backup Storage
Primary Storage
• Data backup is the process of making a copy of primary data for the
purpose of restoring the original data in the event of data loss or
corruption.
• Select here3 to learn more about data backup.
3 The backup data should not be kept in the same storage device where
the original data is stored. Otherwise, both the original data and the
backup data will be lost if physical damage occurs to the storage device.
Often, data backups are performed both within and between sites or data
centers. The local backup within a site enables easy access to the backup
data and quick recovery. The backup data at the remote site (cloud)
provides protection against a disaster.
Data Replication
Data Replication
Data Replication
Replica Storage
Data Archiving
Data Archiving
Data Archive
Application Servers
Data Migration
Data Migration
Data Security
6 There are solutions like Dell PowerProtect Cyber Recovery, which offer
protection to organizations against ransomware and other devastating
attacks. With such a solution in place, the organization is equipped with
immutable clean backups, kept safely in their vault, even in the case of
production or backup data infiltration. This way the organization can
protect itself from huge data and revenue losses and minimize downtime
because of data unavailability.
Cloud
My organization needs a remote data protection service to
eliminate the risk of downtime due to a disaster.
cloud
Data
c\°°
4^
Select the highlighted boxes in the given image for more information about
the data protection management activities.
0
X X X
Troubl
Gathering information on
resources and checking status of Identifying the root cause of
protection operations issues and resolving the issues
CapaciK anning
Estimating the amount of
resources required for data
Re 2 ng protection and forecasting
Resource 5 imization
capacity requirement
Presenting the details on Improving the overall utilization and
performance, capacity, performance of IT resources
configuration, and chargeback
Concepts in Practice
Concepts in Practice
VxBlock provides a single unified interface and access point for converged
infrastructure operations. It dramatically simplifies daily administration by
providing enhanced system-level awareness, automation, and analytics.
Dell VxRail
2. Expected Deliverables:
• What are the expected annual uptime and downtime of the storage
system?
Solution
= 0.9988 × 100
= 99.88 %
Expected annual uptime of the storage system = 8760 hours per year ×
(0.9988) ≈ 8749.5 hours
Expected annual downtime of the storage system = 8760 hours per year ×
(1 − 0.9988) ≈ 10.5 hours
= 0.9918 × 100
= 99.18 %
• Data source
• Protection application and storage
• Data security and management
1: It is the source of the data that must be protected. The data source can
be a business application, a hypervisor, or primary storage.
4: Both the protection application and the protection storage interact with
the data sources. During interaction, they can identify the data that needs
protection.
Objectives
• Each Virtual Machine (VM) is isolated from the other VMs on the same
physical compute system.
• The isolation also provides fault tolerance so that if one VM crashes,
the other VMs remain unaffected.
machine (VM).
Virtual Machine
Virtual Appliance
disk files, each of which appears as a separate disk drive to the VM.
18 Stores the memory contents of a VM and is used to resume a VM that is
in a suspended state.
19 Used to keep a record of the VM’s activity and is often used for
troubleshooting purposes.
20 A clustered file system can be mounted on multiple compute systems
Containers
Container
1
VM container^
App 1 | App 2 App 3
Containers VMs
Stateless Stateful
Objectives
none 5 1 >
none
i— Storage
Storage System
1:
2:
24Storage systems typically have a fixed capacity ceiling, which limits their
scalability. Performance may also start to degrade when reaching the
capacity limit.
SAN-Attached Storage
NAS Clients
NAS Device
users.
Application Server
OSD stores data in the form of objects on a flat address space29. All
objects exist at the same level and an object cannot be placed inside
another object.
− The object ID is used to retrieve and send the file to the application
server.
Unified Storage
Unified Controller
Block
Request
Storage
Unified Controller
Objectives
2:
• Identifies and moves inactive data out of primary storage systems into
lower cost storage systems, called data archives, for long term
retention.
• Creates a stub file34 on the primary storage after moving the original
data to archive storage.
35By utilizing the index, users may also search and retrieve their data with
the web search tool.
Primary
Storage
Device
Disk density has increased dramatically over the past few years, lowering
the cost per gigabyte to the point where disk is a viable protection storage
option for organizations.
• SAN-attached Storage
• Network-attached Storage (NAS)
• Object-based Storage
• Cloud-based Storage
Tape Library
1: A tape library contains one or more tape drives that record and retrieve
data on magnetic tape.
3: Robotic arms are used to move tapes around the library such as
moving a tape drive into a slot.
4: Used to add or remove tapes from the library without opening the
access doors because opening the access doors causes a library to go
offline.
38A low-cost, portable solution and can be used for long-term, off-site
storage. Physical transportation of tapes to offsite locations also adds
management overhead and increases the possibility of loss of tapes
during offsite shipment.
Must be stored in locations with a controlled environment to ensure
preservation of media and prevention of data corruption.
Highly susceptible to wear and tear and may have a short shelf life.
Traditional backup process using tapes is not optimized to recognize
duplicate content.
Storing and retrieving the data takes more time with tape.
Data integrity and recoverability are also major issues with tape-based
media.
Objectives
Data is one of the most important assets for any organization. Other
assets include hardware, software, and other infrastructure components
required to access and protect data.
• Encodes the targeted system or files. To decode the system or files the
hacker demands for some ransom mostly in form of cryptocurrency.
• Spreads through phishing emails that contain malicious attachments or
through drive-by downloading46.
45 Data is the currency of the internet economy and a critical asset that
must be protected, kept confidential and made available at a moment’s
notice. Global business relies on the constant flow of data across
interconnected networks, and digital transformation means an increase of
sensitive data. This presents ample opportunity for cyber threats and
exposure to leverage data for ransom, corporate espionage or even cyber
warfare.
46 Occurs when an end-user by mistake visits an infected website and
Expert guidance to select critical data sets, applications, and other vital
assets to determine RTOs and RPOs and streamline recovery.
Data protection management functions are necessary for the visibility and
control of data source and protection components, and data protection
operations.
Discovery
Configuration ....
Performance ....
Protection Status ....
Availability ....
VM Movement ....
Monitor
Threshold Exceptions ....
Operations Management
Orchestration
Data protection services are provisioned to meet the availability and data
protection requirements of business applications and IT services.
Concepts in Practice
Concepts in Practice
Click the right and left arrows to view all the concepts in practice.
Dell PowerStore
52 Tower servers generally contain more disk drives bays and expansion
card slots than other server form factors. The advantages of a tower
server lie in its compact shape. Tower servers can be used in work areas
which are not designed to contain servers. Its simplicity and robustness
make the tower server an ideal place for a small company to begin using a
server.
53 A rack server is also called a rack-mounted server. Rack-mount servers
are designed to save space when there are several servers in a confined
area. Rack servers are generally more expensive. They are better suited
to medium-sized businesses or micro-businesses.
54 Modular servers are the latest development in the history of the different
Dell PowerMax
Dell Unity XT
Dell PowerScale
insights, and the ability to place the data anywhere it needs to be – at the
edge, in the core or in the cloud.
Dell ECS
− Three file servers for Windows users and the remaining three file
servers for UNIX users.
• Email application uses a SAN-attached (block-based) storage
system as primary storage.
2. Organization’s Challenges:
• UNIX users and Microsoft Windows users are unable to share files.
• Some of the file servers are overly utilized and therefore new file
servers must be deployed.
3. Organization’s Requirements:
4. Expected Deliverables:
Solution
Objectives
Impact of Fault
− Compute
− Network
− Storage
− Application
To learn about the need for fault tolerance, select here.
Transient
Unavailability
Intermittent
Fault Tolerance Unavailability
Permanent
Unavailability
• Hardware failure
• Software bugs
• Administrator/user errors
• Transient unavailability57
• Intermittent unavailability58
• Permanent unavailability59
Elimination of SPOF
Clustered Compute
Systems
Fault Isolation
• Limits the scope of a fault into local area so that the other areas of a
system is not impacted by the fault.
• Does not prevent failure of a component but ensures that the failure
does not impact the overall system.
• Requires a fault detection mechanism that identifies the location of a
fault and a contained system design (like sandbox) that prevents a
faulty system component from impacting other components.
Fault Recovery
Restores a system to the desired operating level after a fault has occurred
in the system.
Restores a
system to the Functional
Complete Degraded
Recovery Using
desired Functional
Alternative
Functional
operating level Recovery Recovery
Logic/Process
after a fault
Complete
functional recovery
Functional
recovery using an alternative logic or process
Degraded
functional recovery
Forward
recovery
Backward
recovery
− For example, the memory state, settings state, and power state (on,
off, or suspended) of a virtual machine (VM) is saved at a specific
1. Which of the following are types of fault recovery? Choose all that
apply.
a. Complete functional recovery
b. Functional recovery using an alternative logic
c. Degraded functional recovery
d. Backwards recovery
Objectives
− Compute clustering
− Virtual machine (VM) live shadow copy
− Link aggregation
− NIC teaming
− Switch aggregation
− Multipathing
− Configuring hot-swappable components
Compute Clustering
Hypervisor
duster
Link Aggregation
NIC Teaming
Switch Aggregation
Compute Systems
OS OS
Hypervisor
Ethernet Switch
Aggregated Links
1 I I I I 11 I I I I I l~3
* Switch Aggregation
Aggregated Links
Ethernet Switch
Multipathing
Compute System
Hot Swappable
Controller Blade
Storage
Storage
Objectives
Storage Pool
HDD/SDD
Storage System
1: Key Functions:
2: A logical unit that consists of multiple drives where the data is written in
blocks across the drives in the pool.
Encoded Fragments
k=3 m=9
− A set of 'n' disks is divided into 'm' disks to hold data and 'k' disks to
hold coding information.
− Coding information is calculated from data.
To understand the illustration, select here.
• Hot spare62 refers to a spare disk drive that replaces a failed drive by
taking the identity of the failed drive.
• When a new disk drive is added to the system, data from the hot spare
is copied to it. The hot spare63 returns to its idle state, ready to replace
the next failed drive.
62 With the hot spare, one of the following methods of data recovery is
performed depending on the RAID implementation:
If parity RAID is used, the data is rebuilt onto the hot spare from the parity
and the data on the surviving disk drives in the RAID set.
If mirroring is used, the data from the surviving mirror is used to copy the
data onto the hot spare.
63 A hot spare should be large enough to accommodate data from a failed
Disk
Drives
Storage
systems
2: Even if one cache fails, the data is still available in the mirrored cache
− If a cache failure occurs, the write data will still be safe in the
mirrored location and can be committed to the storage drive.
Data
Disk Drives
After power is restored, the data from the drive is written back to cache.
65The risk of data loss due to power failure can be addressed in various
ways; powering the memory with a battery until the AC power is restored
or using battery power to write the cache content to the storage drives. If
an extended power failure occurs, using batteries is not a viable option.
Objectives
Graceful Degradation
1: When failure happens, the retry logic sends a second request and the
service becomes available then.
Repository
Database Rollback
Checkpointing
Service Failover
1: In the event of a zone outage, services can fail over to another zone.
• Availability zone is a location with its own set of resources and isolated
from other zones.
Concepts in Practice
Concepts in Practice
Dell PowerPath
Exercise
2. Organization Challenges:
3. Organization requirements:
4. Expected Deliverables:
Solution
Data Backup
Introduction to Backup
Introduction to Backup
Objectives
For more details about need for data backup, select here
Backup Architecture
Tracking
Information
Backup Data
Backup Device
Backup Clients
Component Role
Backup Operations
Backup Clients
X VM I VM n VM r VM K
Backup server instructs storage Storage node sends metadata and media
node to load backup media in the information to the backup server.
backup device.
Backup Device
Backup Description
Operation
Backup-Type • File-level
One or more files are backed up on a client
system.
• Block-level
Backup data at block-level instead of file-level.
• Image-level
Recovery Operations
Backup Clients
7 VM 1 VM
Hill
Hill
Hill
Hill
Backup Server
Backup server scans backup catalog to identify data to be restored and the
client that will receive data.
Backup server updates the backup catalog
After the data is backed up, it can be restored70 when required. A recovery
operation restores data to its original state at a specific PIT. Typically,
backup applications support restoring one or more individual files,
directories, or VMs.
70A restore process can be manually initiated from the client. It can also
be initiated from the server interface.
Types of Recovery
The various types of recoveries are data recovery, disaster recovery, bare
metal recovery and cloud disaster recovery.
Types of Description
Recovery
Offline Online
Backup Granularities
Full Backup
Full Backup-Restore
Backup Granularities
Incremental Backup
Incremental backup copies the data that has changed since the last
backup.
on Sunday, and incremental backups are created for the rest of the week.
Monday's backup would contain only the data that has changed since
Sunday. Tuesday's backup would contain only the data that has changed
since Monday.
Backup Granularities
• Wednesday
Cumulative Backup
Cumulative (differential) backup copies the data that has changed since
the last full backup.
differential backups for the rest of the week. Monday’s backup would
contain all of the data that has changed since Sunday. It would therefore
be identical to an incremental backup at this point. On Tuesday, however,
the differential backup would backup any data that had changed since
Sunday (full backup).
Backup Granularities
Wednesday
Rather than scheduling periodic full backups, this backup solution requires
only one initial full backup.
77Also reduces the data growth because all incremental backups contain
only the blocks that have changed since the previous backup.
Backup Granularities
IKflllWllI
Updates to the
Incremental backup
production data
is combined with
the full backup
• Created from an existing full backup and is merged with the data from
any existing incremental backups.
• This backup is not created directly from production data.
Backup Granularities
Backup Multiplexing
Multiplexing
lipe
(Backup Ohkc>
One of the ways that backup software achieves backup efficiency with
tapes is by interleaving or multiplexing multiple backups onto a backup
device. Multiplexing allows:
Some of the backup software provides the ability to further manage and
protect the backup data using cloning78 and staging79.
Task Description
period, ensuring that sufficient disk space is available for the next backup
session.
1. From the list of steps provided - drag and drop each into the correct
sequence to perform a backup operation.
Backup Topologies
Backup Topologies
Objectives
Direct-Attached Backup
Backup Server
Backup Client/Storage
Node
In the image shown, the client acts as a storage node that writes data on
the backup device.
LAN-based Backup
Storage Node
Data
Metadata
Backup Server
• Advantage:
− Centralized backups reduce management complexity.
• Disadvantage:
SAN-based Backup
The SAN-based backup80 (as shown in the image) is also known as the
LAN-free backup. The high-speed and extended distance capabilities of
Fiber Channel are used for the backup data movement path.
• Advantage:
− Production LAN environment is not impacted.
− Backup device can be shared among the clients.
− Offers improved backup and restore performance due to FC SAN.
• Disadvantage:
− Impacts the application’s performance.
• In the shown image, clients read the data from the application servers
in the SAN and write to the SAN-attached backup device.
− The backup data traffic is restricted to the SAN and the backup
metadata is transported over the LAN.
− However, the volume of metadata is insignificant when compared to
production data.
NAS-based Backup
Storage System
Backup Device
− In this approach, the NAS head retrieves data from storage over
the network and transfers it to the backup client running on the
application server.
− The backup client sends this data to a storage node, which in turn
writes the data to the backup device.
Cloud-based Backup
• Monitor the health of the data protection environment and comply with
government and industry regulations.
• Manages the data backup with robust on-site, off-site and hybrid
cloud–based security.
• Advantages:
Application Server/
Backup Client
Backup Backup
Server Device
Backup Methods
Backup Methods
Objectives
• Advantage:
Image-Based Backup
Create Snapshot
VM Management Server
Application Servers
Image-level backup81 (as shown in the image) makes a copy of the virtual
machine disk and configuration associated with a particular VM. The
backup is saved as a single entity called VM image.
101010101010101010 101010101010101010
101010101010101010 101010101010101010
Application Server 101010101010101010 101010101010101010
101010101010101010 101010101010101010
101010101010101010 101010101010101010
101010101010101010 101010101010101010
101010101010101010 101010101010101010
VM Kernel creates an 101010101010101010 101010101010101010
—
101010101010101010 101010101010101010
Hypervisor additional file where it 101010101010101010 101010101010101010
stores a map of all the VM 101010101010101010 101010101010101010
::::: VM Kernel disk's blocks 101010101010101010
101010101010101010
101010101010101010
101010101010101010
101010101010101010 101010101010101010
101010101010101010 101010101010101010
x
Backup Device
82This feature identifies and tags any blocks that have changed since the
last VM snapshot. This enables the backup application to backup only the
blocks that have changed, rather than backing up every block.
For more details about the changed block tracking mechanism, select
here.
Backup Device
VM Disk
Files
FS Volume
(Production)
NDMP-Based Backup
Backup Server
NDMP Server
Running on NAS
Head
• The NDMP server has two components- data server84 and media
server85.
• Backup server uses NDMP client and instructs the NAS head to start
the backup.
• The NAS head uses its data server to read the data from the storage.
• The NAS head then uses its media server to send the data read by the
data server to the backup device.
Storage
Application
Servers
Backup
Backup
Device
Data
NAS Client
Instructs NAS to Start Backup Backup Data
r
NAS
Device
Backup
Server
NAS Server
Concepts in Practice
Concepts in Practice
Click the right and left arrows to view all the concepts in practice.
Dell NetWorker
• The organization:
3. Organization’s Requirements:
4. Expected Deliverables:
Solution
Data Deduplication
Objectives
Backup device
Deduplication Ratio
Retention period The longer the data retention period, the greater
is the chance of identical data existence in the
backup.
Data type The more unique the data, the less intrinsic
duplication exists.
The backup source takes the data, segments it out, compares it with
segments already on the backup device, and only sends over new, unique
segments.
Step 1
Client agent checks the file system and determines if a file has been
backed up before.
Step 2
ce62c34ab
e15acee22
362ae92b2
362ae92b2
Step 3
Hashes are compared with chunks already existing on the backup device.
c23f038d2
e1 5acee22
Step 4
Only new and unique data chunks are backed up on the backup device.
Objectives
Deduplication Granularity
File-level
Deduplication
Object-level Block-level
Deduplication Deduplication Deduplication
(Fixed-length)
Granularity
Block-level
Deduplication
(Variable Length)
File-level Deduplication
Fixed-length
Deduplication
AB/Q DEFGHIJK LMNO >
Backup
Object-level Deduplication
rBi
BlClient 2
Object ID is created from the content of
the file (Apr.Txt) and the value is
checked against the already existing
hash values. Since this hash value
already exists, the object is not stored,
only a pointer to that object is created.
Deduplication Methods
Deduplication Methods
Inline
Deduplication
Target-based
Deduplication
Deduplication
Post-process
Methods
Deduplication
Source-based
Deduplication
Source-based Deduplication
• The backup client sends only new, unique segments across the
network.
• Source-based data deduplication88 method is suitable for environment
where storage and network are a constraint.
Target-based Deduplication
Deduplication
Appliance
Typically, organizations maintain a copy of data at the remote site (DR site
or cloud) for DR purpose. If the primary site goes down due to disaster or
any other reasons, the data at the remote site will enable restoring of
services and data to the primary site. Data deduplication can enhance DR
because of the following reasons:
• Uses tapes for protecting data at the remote site for DR purpose.
2. Organization’s Challenges:
3. Organization’s Requirements:
4. Expected Deliverables:
Solution
Replication
Objectives
A data replication solution is one of the key data protection solutions that:
Offline Online
Types of Replication
Replication can be classified into two major categories: local and remote
replication.
Local Replication
Local Replication
Objectives
Storage System
Local Replication
FS Snapshot 3
Wednesday View
Tuesday View
Monday View
FS Snapshot 2
FS Snapshot 1
VM Snapshot
VM Snapshot
91 The state includes the VM’s power state (for example, powered-on,
powered-off, or suspended).
92 The data includes all of the files that make up the VM.
VM Clone
Local Replication
Only th« updated data is copied to the Clone
Source
Primary
Compute System
Secondary
Compute System
Full volume local replication provides the ability to create fully populated
point-in-time copies of LUNs within a storage system.
Replication Session
Save
Location
Source Snapshot
• CDP provides the capability to restore data and VMs to any previous
point-in-time (PIT).
Continue 1 plication
HCFTWRC
Supports both loca 3 remote replications
Multi-! 5 pport
3: CDP supports both local and remote replication of data and VMs to
meet operational and disaster recovery respectively.
•Contains all the data that •Intelligent hardware •Intercepts writes to the
has changed from the time platform that runs the CDP production volume from the
the replication session software compute system and splits
started to the production •Manages both the local and each write into two copies
volume the remote replications •Can be implemented at the
•Journal volumes hold •Appliance could also be compute, fabric, or storage
snapshots of data to be virtual, where CDP software system
replicated runs on VMs
Journal
Volume
Write I/O
CDP
Appliance
Write I/O
Data is written to the journal
volume along with its timestamp
is written
to replica
Storage System
• All the writes to the source are split into two copies.
− One of the copies is sent to the CDP appliance and the other to the
production volume.
• CDP appliance writes the data to the journal volume.
• Data from the journal volume is sent to the replica at predefined
intervals.
• While recovering data to the source, the appliance restores data from
the replica and applies journal entries up to the point-in-time chosen for
recovery.
Virtual Appliance
Write Splitter
Hypervisor-based CDP -
Local Replication
Remote Replication
Remote Replication
Objectives
− One of the storage systems is in the source site and the other
system is in the remote site for DR purpose. Data can be
transmitted from the source storage system to the target system
over a shared or a dedicated network.
− Replication between storage systems may be performed in
synchronous or asynchronous modes.
− Hypervisor-based remote replication replicates VMs between a
primary site and a remote site.
o Initial synchronization is required between the source and the
target.
o Copies all the data from source to target.
o Only the changes are replicated; this reduces network
utilization.
Remote Replication
Synchronous
/ VM " VM ’ VM ” VM K
Asynchronous
Write I/O Is received from the Writes are collected In the delta set
production compute system
to the cache of the source The write I/O is
and placed in the queue transmitted
to the cache of the
Source target storage
Multi-site Replication
Storage System at
Remote Site 2
In a two-site synchronous replication, the source and the target sites are
usually within a short distance.
Write
Splitter
Remote CDP
5. Data is copied to the
remote replica
Local CDP
Appliance
4. Data is written to
the journal
In this method, the replica is synchronized with the source, and then the
replication process starts. After the replication starts:
• All the writes from the host to the source are split into two copies.
− Write splitter creates a copy of a write data and sends it to the CDP
appliance and production volume.
• Data is sequenced, compressed, and replicated to the remote
appliance.
• Data is received, uncompressed, and sequenced.
• Data is written to the journal.
• Data is copied to the remote replica.
For more information about remote replication CDP operation, select here.
Concepts in Practice
Concepts in Practice
Dell TimeFinder
Dell SRDF
SRDF replicates data between two, three, or four arrays located in the
same room, on the same campus, or thousands of kilometers apart.
Exercise- Replication
Exercise- Replication
1. Present Scenario:
• The bank has two data centers which are 100 miles apart.
2. Organization’s Challenges:
3. Organization’s Requirements:
• During billing and reporting, the source volume should not have any
impact.
4. Expected Deliverables:
Solution
Data Archiving
Objectives
To learn more about the need for data archiving, select here.
Archiving Architecture
Application Server
Archive Server Primary Storage
(Policy Engine)
Archiving
Archive Agent
Storage
Clients
SEC
Rule 17a-4
Sarbanes-Oxley
Act
• Passed in 2002 and it protects the shareholders and the public from
accounting errors and fraudulent practices in the enterprise.
• Created to protect investors by improving the accuracy and reliability of
corporate disclosures.
• Applies to all public companies and accounting firms.
• Not a set of business practices and does not specify how a business
should store records.
• Defines which records are to be retained and for how long.
Health
Insurance Portability and Accountability Act
1. Which of the following statements are correct? Choose all that apply
a. Archiving fixed data before taking backup reduces the backup
window
b. Primary objectives of archiving are compliance adherence and
lower cost
c. Nearline archive makes the data immediately accessible
d. Data archiving must occur outside the application operating time
e. Archiving agent indexes and moves fixed data to high-
performance storage
Objectives
Clients
Archive Server
• Archiving agent scans primary storage to find files that meet the
archiving policy. The archive server indexes the files.
• Once the files have been indexed, they are moved to archive storage
and small stub files are left on the primary storage.
To learn more about Correlating Storage Tiering and Archive, select here.
Data Movement
Example: If a policy states, “move the files from tier 2 to tier 3 storage that
are not accessed for the last six months,” then all the files in tier 2 storage
that match this condition are moved to tier 3 storage. Multiple rules may
also be combined to create a policy as shown in the image.
NAS Device
Application
Server
Feature Description
Feature Description
To get a little more detail about the key features of CAS, select here.
Archive
Servers
Clients
Concepts in Practice
Concepts in Practice
PowerScale family of archive nodes for highly efficient and resilient active
archive storage or long-term data retention for large-scale data archives.
With the scale-out architecture of PowerScale, an organization can keep
pace with growing archive needs. Keep archive data safe with a choice of
enterprise-grade data protection and security options.
• One of the storage systems has mostly SSDs while another has
only HDDs.
• Each backup copy is retained in the tape library for one month and
then the tapes are moved and maintained in a vault.
2. Organization Challenges:
• Last year, some of the old records were altered resulting in a delay
in treatment.
− Old records were retrieved by bringing the old tapes from the vault
and making them online.
• A long backup window impacts application performance during
peak hours.
3. Organization Requirements:
• Need to ensure that the old records are authentic and are not
altered.
• Need to reduce the backup window and the associated costs and
risks.
4. Expected Deliverables:
Solution
Data Migration
Data Migration
2. Disaster avoidance
3. Technology refresh
migrate their data and applications to the new system from the old
one.
- VM live migration
- VM storage migration
Compute
system
Hypervisor
Control
device
Old storage system control system New storage system
(ControlStorageSystem) (RemoteStorageSystem)
Non-disruptive data
migration from storage
system A to B
Clients
Compute system
Host-based Migration
In this type of migration, virtual machines (VMs) are moved from one
physical compute system to another without any downtime. This enables -
Compute System
Network
VM Storage
Migration
Storage Storage
system system
Application Migration
App
Application
Migration
OS
Migration of disk content
(app, OS, and data) to an VM
OS empty VM
Hypervisor
Physical
compute
system VM disk
Network
the disk content (application, OS, and data) to an empty VM. After
this, the VM is configured based on the physical compute system
configuration and the VM is booted to run the application.
• Now-a-days the applications are deployed using containers, and it is
easy to migrate the containers from one platform to another.
Concepts in Practice
Concepts in Practice
1. Present Scenario:
2. Organization’s Challenges:
• It is also identified that some of the NAS systems are over utilized
and some of the NAS systems are underutilized - Clients are
impacted when accessing the over utilized NAS systems.
3. Organization’s Requirements:
4. Expected Deliverables:
Solution
Objectives
Orchestrator and
Plane Management Tools
Mana 2 (CLI, GUI, API)
Software
SDDC Controller
Co 3 Controller
IT
Infrastructure
3: Provides the programming logic and policies that the data plane follows
to perform its operations.
The key functions of the control plane include asset discovery, resource
abstraction and pooling, provisioning resources for services.
Benefits Description
Objectives
Software- Defined
Compute
• Discovery100
100 SDS controller discovers physical storage systems to gather data and
bring them under its control and management.
Physical storage systems are separated into two parts- virtual storage
system and virtual storage pool. Let us understand each of them.
101 SDS controller abstracts physical storage systems into virtual storage
systems and virtual storage pools as per policies and also enables an
administrator to define storage services.
102 SDS controller automates the storage provisioning tasks and delivers
• A virtual storage pool is a logical entity that maps to the storage pools
in the virtual storage systems.
• Administrator may configure multiple virtual storage pools of different
capacity, performance, and protection characteristics based on the
policy.
• A virtual storage pool may include storage pools from multiple virtual
storage systems.
1 ih 11;1 11ni:
Switch
L jimmiiiim
Switch Switch
103 The function of the data plane is to transfer the network traffic from one
physical port to another by following rules that are programmed into the
component.
104 The function of the control plane is to provide the programming logic
that the data plane follows for switching or routing of the network traffic.
• Discovery105
• Network component management106
• Network flow management107
Virtual Network
Virtual Switch
Virtual Router
Compute-based SAN
C Client Program
s Server Instance (server program)
Objectives
Management Tools
@ API
IT Infrastructure
service catalog.
111 Orchestration of protection operations enables automated coordination
Self-service Portal
User Interaction
between
Components Components
Examples of a service unit are: per GB of storage, per transaction, and per
hour of application usage.
• It also generates billing report112 based on price per unit and number of
units consumed of a service.
112 The billing report is visible to the user through the cloud portal.
Concepts in Practice
Concepts in Practice
Click the right and left arrows to view all the concepts in practice.
Dell PowerFlex
Dell ObjectScale
• SDS controller provides a single virtual storage pool for all the VMs
to store email data.
2. Organization’s Requirement:
3. Expected Deliverables:
Solution
Objectives
Mobile
Devices
Rapid
elasticity
On-Demand
self-service
Resource pooling
Measured
service
Broad
network
access
My organization wants
to test a software, My organization
before investing on it. can not afford
investment for
seasonal peaks.
laas Examples:
Amazon, EC2, S3
Google Compute Engine
Microsoft Azure
PaaS Example
AWS Elastic Beanstalk
Microsoft Azure
Network
Application
SaaS Example
Salesforce.com
Google Apps
Provider's Resources < Microsoft Office 365
Network
Public Cloud
Enterprise Q
Enterprise P
| | f
|
I 11 n ,
I
Individual R
Private Cloud
Multi Cloud
Some application workloads run better on one cloud platform while other
workloads achieve higher performance and lower cost on another one.
Enterprise R
i n
Community Users
Resources Dedicated
for Community
Hybrid Cloud
Enterprise Q
Cloud Benefits
Objectives
Backup as a Service
The three common backup service deployment options that cloud service
providers offer to their consumers are:
Backup data
is sent to the
cloud
. r~llOn ,
I I
Agent is running on Consumer
thebackupclienton
Organization
consumer'slocation
Backup data
is replicated to the
cloud
Agent is running on
thebackupclienton Consumer
consumer'slocation Organization
Consumer organization
accesses cloud-hosted
applications (SaaS-based Backup data to the
application) third party cloud
This service provider is
backing up data from the
location of service
provider 1 to their data
center
Consumer
Organization
I I
Organization's
Data Center
non
| | | |
Backup to Backup to
cloud cloud
Remote Remote
Office 1 Office 2
Backup to
cloud
|I |
Remote
Office 3
Backup is performed in
consumer's location Consumer Organization
Objectives
Cloud-only Archiving
Archive server
determines which data
needs to be archived
Email Servers based on policies Cloud Archive Storage
Archive Data
File Server
Public Cloud
Primary Archive
Storage Storage Active Data
System System
Critical Data
Organization's Private Cloud Inactive Data
Hybrid Archiving
Cloud Archive
Storage
Archive server determines
which data needs to be
archived based on policies
Email Servers
Active Data
Inactive Data
Organization's Data Center
− IaaS - Archiving server on its data center and the archiving storage
will reside on the cloud.
− SaaS - Both the archiving server and the archiving storage reside
on cloud infrastructure.
Cloud-based Storage-Tiering
Backup
Application Data Migration
Application
Servers
=1 Cloud
Archive Server
Archive
Storage
Clients Primary
Storage
Application Servers
Cloud Gateway
Block Based Appliance
REST
Interface
Data Center
1. Which archiving method is most suitable and cost effective for a large
organization having both sensitive data and non-sensitive data?
a. Cloud-only Archiving
b. Hybrid Archiving
c. In-house Archiving
Concepts in Practice
Concepts in Practice
Click the right and left arrows to view all the concepts in practice.
A product-based company
2. Organization Challenges:
• Does not want to build and manage its own DR site due to budget
constraint.
• Increases the complexity and cost while managing the huge volume
of inactive data within its data center.
3. Organization Requirements:
4. Expected Deliverables:
Solution
Objectives
• Big Data represents the information assets whose high volume, high
velocity, and high variety require the use of new technical architectures
and analytical methods to gain insights and derive business value.
• The definition of Big Data has three principal aspects. Select each tab
to know more about the principal aspects of Big Data.
Characteristic of Data
• Apart from its considerable size (volume), the data is generated rapidly
(velocity) and is highly complex as it comes from diverse sources
(variety). Nearly 80-90 percent of the data getting generated is
unstructured data.
Business Value
Volume
Velocity
• Refers to the rate at which data is produced and changes, and how
fast the data must be processed to meet business requirements.
• Real-time or near real-time analysis of the data is a challenge for many
organizations.
Variety
Variability
Veracity
Value
Storage
MapReduce
Query
• Name Node:
− Acts as a Primary server and has in-memory maps of every file, file
locations, as well as all the blocks within the file and the Data
Nodes to which they reside on.
− Responsible for managing FS namespace and controlling the
access of files by the clients.
• Data Node:
Ingest
Objectives
Sources
To learn more about Data Lake as a Repository for Big Data, select here.
Backup Data
Backup
Device
Backup of a Snapshot
Replication
Replication of a snapshot
To learn more about Data Mirroring and Parity Protection, select here.
Service provider offers resources to enable the consumers to run big data
analytics workload in the cloud
1. Which native utility is built into HDFS to backup and restore data from
the data lake to a backup device?
a. HDFS Mirroring
b. Hadoop Distributed Copy
c. Erasure Coding
d. Hadoop Data Copy
Objectives
• Data is protected (backed up) only when the mobile device is online.
• Data protection from mobile device to data center is impacted due to
intermittent network connectivity.
• Devices are not always connected to the corporate network, so it
connects over the Internet, which may rise to a security threat.
• Data protection software must support the mobile device OS.
• Network bandwidth limitations.
• Security features on the mobile devices restrict the access of the data
stored on the device.
Mobile Backup
Clients
Enterprise Data
Center
Mobile Devices
File Storage
Mobile Devices
Compute processing and storage from the mobile device in the cloud
• Compute processing and storage are moved away from the mobile
device and takes place in a computing platform located in the cloud.
• Applications running in the cloud are accessed over wireless
connection using a thin client application/web browser on the mobile
devices.
• Cloud services accessed over mobile devices.
Lower
capital cost
Reduced
management complexity
Increased
backup consistency
• Plans to implement big data analytics for their business along with
necessary data protection solutions.
3. Organization Requirements:
4. Expected Deliverables:
Solution
Objectives
Interaction
Backup
«=
Hypervisor
Applications
Replication
Applications
Interaction
Archiving
Applications
Data security includes a set of practices that protect data and information
systems from unauthorized disclosure, access, use, destruction, deletion,
modification, and disruption.
• The two key drivers for organization’s data security are Confidentiality,
Integrity, and Availability (CIA); and Governance, Risk, and
Compliance (GRC) requirements.
Governance
Risk
Steps Description
Compliance
Types of Compliance
Types of compliance
1:
2:
3:
Vulnerabilities
1:
• Refers to the various entry points that an attacker can use to launch an
attack, which include people, process, and technology.
• For example, each component of a storage infrastructure is a source of
potential vulnerability.
2:
Defense-in-depth
Objectives
Modification of system
configuration by unauthorized
access to management
Data Security and Management application
Operations Management
Discovery
App1
Applications
Replication
App2 Applications
Interaction Archiving
*ppi
Applications
The threats in the data protection environment may exist at data source,
protection application and protection storage, and data management
domain.
Itlil
•■•I
Util
Compute
System A SAN
Database Multimedia
Application Application
An attacker may gain
unauthorized access to
application by bypassing access
control
Hill
ill
*r
Primary Storage
System B
An attacker installs a rogue
An attacker can access business hypervisor to takecontrolof
application by using stolen computesystem
mobile devices
An attacker exploits the vulnerability and attacking to the backup and replication
application
An attacker is gaining
Primary Cloud access to user data
Storage Protection
Storage
Backup Agent
Backup
Agent
Shipping media to DR site
Compute
Backup Device
System B (Protection
Storage)
An attacker is stealing the
Protection physical media by gaining
Storage access to protection storage
An attacker is stealing the
physical media by gaining
Backup access to protection storage
Server/Storage Node
Storage Storage
System System
Attacker may gain unauthorized access to A
managementapplicationtoperform B
unauthonzedresourceprovisioning.
VSAN
Management
Applications Compute System A Compute System B
VLAN
Management VLAN
Objectives
Physical Security
©
o©
Different types of physical security controls in an organization
117 An attack that relies heavily on human interaction and often involves
tricking people into breaching security measures.
Network
Backup Application
User
Cloud
Storage
IT Resources
• Select the example to know how a user is validated for identity and
privileges.
• Multi-factor authentication118 uses more than one factor to authenticate
a user.
Roles Permissions
Security
+ Create, delete, and modify security settings
Administrator
administrator.
Security Controls
Click the right and left arrows to view all security controls.
Firewall
I Data Packets
Firewall-Demilitarized Zone
121 A rule may use various filtering parameters such as source address,
destination address, port numbers, and protocols.
122 A physical firewall is a device that has custom hardware and software
filtering service. Virtual firewalls give visibility and control over virtual
machine traffic and enforce policies at the virtual machine level.
IDPS
− Signature-based detection126
124 A security tool that automates the detection process. An IDS generates
alerts, in case anomalous activity is detected.
125 A tool that has the capability to stop the events after they have been
− Anomaly-based detection127
Internet
VLAN
VLAN10 VLAN20
VLAN10 allows traffic between Compute VLAN30 (HR)
(Engineering) (Finance)
System A, Compute System B, and
Storage
System A. VLAN 10 also restricts traffic to
and from VLAN 20 and VLAN 30
Compute
System E
Compute
VLAN configured on Ethernet Switch System C
A provides traffic isolation and
therefore enhanced security Compute
Ethernet Switch A
System A
Compute
System F
IP Router
Compute
System D
Replication traffic between
Storage System A and Storage Compute
System B has to pass through the Ethernet Switch B System B
IP Router
Storage
System C
Storage
Ethernet Switch C
System B
Storage
System A
128 A remote client (typically client software installed on the user’s compute
system) initiates a remote VPN connection request. A VPN server
authenticates and provides the user access to the network.
129 The remote site initiates a site-to-site VPN connection. The VPN server
VSAN
VSAN 10 VSAN 20
VSAN10 allows traffic between (Engineering) (Finance)
Compute System A and Storage
System A. VSAN 10 also
restncts traffic from VSAN 20
2333 FC Switch A
Hypervisor
Compute Compute
System A System B
FC Switch B
F=~
Storage Storage
System A System B
Zoning
Switch Domain ID = 15
Compute Storage
System System
WWN 10:00:00:00:C9:20:DC:40
min
nun
mm
WWN 50:06:04:82:E8:91:2B:9E
− WWN zoning
− Port zoning
− Mixed zoning
To learn more about types of zoning, select here.
LUN Masking
Hypervisor
11111 D
mu :
mu
mu
Compute System A - HR
min.*
SAN
mm.*
Storage System
− Without LUN masking, both the departments can easily see and
modify each other’s data, posing a high risk to data integrity and
security.
− With LUN masking, LUNs are accessible only to the designated
hosts.
Discovery Domain
System B
Objectives
Storage
System B
VSAN
VLAN
Management VLAN
Component Roles
Demilitarized Zone
130In this technique, the malware protection software scans the files to
identify a malware signature.
Data Encryption
WAN SAN
Encryption Decryption
Appliance Appliance
Replication
Encryption Appliance
encrypts the data before
sending on the Replication
Network Decryption Appliance decrypts the
data before storing on the Storage
System
Data Shredding
Destruction Description
Techniques
Cyber Recovery
Cyber Recovery
Objectives
Cyber Attacks
− Keep the backup copies offline, where cyber attacks cannot access
the secure copies.
− Keep security software up to date on latest definitions of virus and
malware.
− Keep operating systems and software updated with security
patches.
135 What, where, when and how data is secured in the vault.
Synchronizes the latest data, creates a copy, and then secures it.
3: Immutable file locking and secure data retention to meet both corporate
governance and compliance standards.
5:
1. Match the type of attack description with the name of the attack.
Concepts in Practice
Concepts in Practice
Click the right and left arrows to view all the concepts in practice.
2. Organization’s Challenges:
3. Organization’s Requirements:
4. Expected Deliverable:
Solution
Objectives
Overly complex
Overly complex
Manual operations
Manual operations
Interoperability issues
Interoperability issues
Service-focused approach
End-to-end visibility
e END-TO-END
Orchestrated operations
• Discovery
• Operations management
Discovery
Periodic discovery
Discovery provides the visibility needed to monitor and manage data center infrastructure
Discovery tool
interacts and
collects information
from the
components
Operations Management
Monitoring
Configuration
Management
Availability If Incident
Management Management
Performance
Management
Change Capacity Problem Security
Management Management Management Management
Operations Management – 1
Operations Management – 1
Objectives
• Define monitoring.
• Explain alerting.
• Understand the concept of reporting.
Introduction to Monitoring
Monitoring
Tracks the performance and availability Measures the utilization and consumption of
status of components and services protection storage by the services
Monitoring Parameters
Monitoring Configuration
The table shows a list of backup clients (VMs), their type, CPU and
memory configurations, and compliance to a predefined backup policy.
The VM configurations are captured and reported by a monitoring tool.
Monitoring Availability
Monitoring Capacity
Pool expanded
Notification: Pool is 66% full
Monitoring Performance
Performance monitoring -
Monitoring Security
Alerting
Reporting
Select the report type for more information about that report.
storage media used by various user groups or tenants along with the
associated cost.
Operations Management - 2
Operations Management -2
Objectives
Configuration Management
CIs components
The information about CIs includes their attributes, used and available
capacity, history of issues, and inter-relationships.
Change Management
Change management
Capacity Management
Capacity management
Performance Management
Performance management
Availability Management
Availability management
Incident Management
Severity Event Type Device Priority Status Last Updated Owner Escalation
Summary
Problem Management
Problem management
Problem management:
Security management
With the flow of personal data across industries and on a global scale,
data security governance and data protection compliance requirements
are becoming stronger day by day. Organizations, which are dealing with
personally identifiable information (PII) must comply with stringent data
protection regulations, including:
• Payment Card Industry Data Security Standard (PCI DSS) in the USA.
• Health Insurance Portability and Accountability Act (HIPAA) in the
USA.
• General Data Protection Regulation (GDPR) in Europe.
• California Consumer Privacy Act (CCPA) in California.
• POPI in South Africa.
Select each primary software method type on the given figure for more
information.
De-identification
Concepts in Practice
Concepts in Practice
Dell CloudIQ
1. Present Scenario:
2. Organization’s Challenges:
3. Organization’s Requirements:
4. Expected Deliverables:
Solution
Summary
•Data Protection • PowerProtect Data Manager •PowerProtect Data Manager • Implementing the NIST
-Data Protection Training Bundle - PowerProtect Data Manager - PowerProtect Data Manager Cybersecurity Framework
tXM-Llachnologies Training Bundle Training Bundle
• Avamar • Avamar
- Avamar Implementation and - Avamar Administration
Administration •DataDomain
• Data Domain -DataDomain System
- Data Domain System Administration
Administration •NetWorker
• NetWorker -NetWorker Implementation and
- NetWorker Implementation and Administration
Administration
(C)- Classroom
(VC)- VirtualClassroom
(ODC)- OnDemandCourse
Data protection is one of the least glamorous yet important aspect in any
organization. In many aspect it’s like being the goalkeeper in a soccer
game—when you do your job effectively, it’s easy to get overlooked. But if
you fail, it generally results in a loss. Data can exist in a variety of forms
such as photographs and drawings, alphanumeric text and images, and
tabular results of a scientific survey. In computing, digital data is a
collection of facts that is transmitted and stored in electronic form and
processed through software. Digital data is generated by various devices
such as desktops, laptops, tablets, mobile phones, and electronic sensors.
It is stored as strings of binary values (0s and 1s). In this course, the word
“data” implies the digital data. Most organizations use one or more data
protection methods to protect their digital data from disruption and
disaster.
The problem with MTTR is that while a component (or part of a service)
may have been repaired, the service itself is still not available to an end
user. MTRS takes care of the end user’s interest by encompassing the
entire elapsed time after a failure till the end user can get access to a
service.
Note: In general, the outages can be broadly categorized into planned and
unplanned outages. Planned outages may include installation and
maintenance of new hardware, software upgrades or patches, performing
application and data restores, facility operations (renovation and
Data center usually stores large amounts of data and provides services to
a vast number of users. Therefore, data protection in a data center is vital
for carrying out business operations. There are several methods available
to protect data in a data center.
The commonly used cables are copper and optical fiber. A network
adapter on a compute or storage system provides a physical interface for
communicating with other systems.
Notes
Business Applications
• Business applications run on compute systems139.
• Various types of business applications are enterprise resource
planning (ERP) applications, customer relationship management
(CRM) applications, email applications, ecommerce applications,
database applications, and analytic applications.
generated responses.
Hypervisors
• From a hypervisor’s perspective, each VM is a discrete set of files that
store the VM configuration, VM memory content, and guest OS and
application data.
− Availability of these files is the key to run the VMs and continue
business operations. Therefore, protection of VMs should be
included in the data protection plan.
• Protection at the hypervisor level requires the hypervisor to function as
the source of all VM files managed by it.
Virtual Machine
• A VM does not have direct access to the hardware of the physical
compute system (host machine) on which it is created.
The virtual disk stores the VM’s OS, program files, and application data. A
virtual network adapter provides connectivity between VMs running on the
same or different compute systems, and between a VM and the physical
compute systems.
Containers
Imagine needing multiple versions of applications for testing or production.
IT team would need multiple Virtual Machines which are running multiple
iterations of applications with necessary binaries and libraries. This would
be challenging as moving around large amounts of data limits VM mobility.
• Multiple containers can run on the same machine and share the
Operating System Kernel with other containers.
− For example, you might have one container on a system running
Red Hat Linux, serving a database, through a virtual network to
another container running Ubuntu Linux, running a web server that
talks to that database, and that web server might also be talking to
a caching server that runs in a SUSE Linux based container.
• Containers are lightweight in nature but running them in production
environment can quickly become a massive effort. Especially when
An entire storage system or some of its storage drives that store business
application data can also be the primary storage device. In addition to
transactional data, a primary storage device may also store OS and
application software.
Fault Isolation
The example shown image represents two I/O paths between a compute
system and a storage system.
The compute system uses both the paths to send I/O requests to the
storage system. If an error or fault occurs on a path causing a path failure,
the fault isolation mechanism present in the environment automatically
detects the failed path. It isolates the failed path from the set of available
paths and marks it as a dead path to avoid sending the pending I/Os
through it.
All pending I/Os are redirected to the live path. This helps avoiding the
time-out and the retry delays.
Compute Clustering
Compute clustering provides continuous availability of services even when
a virtual machine (VM), physical compute system, OS, or hypervisor fails.
In compute clustering technique, at least two compute systems or
hypervisors work together and are viewed as a single compute system to
provide high availability and load balancing. If one of the compute systems
in a cluster fails, the service running on the failed compute system moves
to another compute system in the cluster to minimize or avoid outage.
Clustering uses a heartbeat mechanism to determine the health of each
compute system in the cluster. The exchange of heartbeat signals, usually
happens over a private network, allows participating cluster members to
monitor each other’s status. Clustering can be implemented among
multiple physical compute systems, or multiple VMs, or VM and physical
compute system, or multiple hypervisors
Link Aggregation
Link aggregation combines two or more parallel interswitch links (ISLs)
into a single logical ISL, called a link aggregation group. It optimizes
network performance by distributing network traffic across the shared
bandwidth of all the ISLs in a link aggregation group. This allows the
network traffic for a pair of node (compute system and storage system)
ports to flow through all the available ISLs in the group rather than
restricting the traffic to a specific, potentially congested ISL. The number
of ISLs in a link aggregation group can be scaled depending on
application’s performance requirement.
Link aggregation also enables network traffic failover in the event of a link
failure. If a link in a link aggregation group is lost, all network traffic on that
link is redistributed across the remaining links.
Multipathing
Enables automated path failover. This eliminates the possibility of
disrupting an application or a service due to failure of a component on the
path such as network adapter, cable, port, and storage controller (SC). In
the event of a path failure, all outstanding and subsequent I/O requests
are automatically directed to alternative paths.
and then redirects the pending I/Os of the failed path to another available
path.
Can also perform load balancing by distributing I/Os across all available
paths. The figure on the page shows a configuration where four paths
between a compute system (with dual-port HBAs) and a storage device
enable multipathing.
RAID
Disk and solid state drives are susceptible to failures. A drive failure may
result in data loss. Today, a single storage system may support thousands
of drives. Greater the number of drives in a storage system, the greater is
the probability of a drive failure in the system.
RAID protects against data loss when a drive fails, through the use of
redundant drives and parity. Typically, in a RAID storage system, the data
is distributed across physical drives and these set of physical drives are
viewed as single logical drive or volume by operating system. RAID also
helps in improving the storage system performance as read and write
operations are served simultaneously from multiple drives.
Graceful Degradation
Graceful degradation of application functionality refers to the ability of an
application to maintain limited functionality even when some of the
components, modules, or supporting services are not available.
A retry strategy must also be defined to state how many retries can be
attempted before deciding that the fault is not transient and define what
the intervals should be between the retries. The logic will typically attempt
to execute the action(s) a certain number of times, registering an error,
and utilizing a secondary service if the fault continues.
Database Rollback
A rollback is the operation of restoring a database to a previous state by
canceling a specific transaction or transaction set. Rollbacks are important
for database integrity because they mean that the database can be
restored to a consistent previous state even after erroneous operations
are performed.
Thus, a rollback occurs when a user begins to change data and realizes
that the wrong record is being updated and then cancels the operation to
undo any pending changes. Rollbacks may also be issued automatically
after a server or database crashes, e.g. after a sudden power loss. When
the database restarts, all logged transactions are reviewed; then all
pending transactions are rolled back, allowing users to reenter and save
appropriate changes.
Backup Operations
The backup server initiates the backup process for different clients based
on the backup schedule configured for them. For example, the backup for
a group of clients may be scheduled to start at 3:00 a.m. every day. The
backup server coordinates the backup process with all the components in
a backup environment.
The storage node then sends additional backup metadata (location of the
data on the backup device, time of backup, and so on) to the backup
server. The backup server updates the backup catalog with this
information. The backup data from the client can be sent to the backup
device over a LAN or a SAN network.
Backup mode: Hot backup and cold backup are the two modes deployed
for backup. They are based on the state of the application when the
backup is performed. A cold backup requires the application to be
shutdown during the backup process. Hence, this method is also referred
to as offline backup. The disadvantage of a cold backup is that the
application is inaccessible to users during the backup process. In a hot
backup, the application is up-and-running, with users accessing their data
during the backup process. This method of backup is also referred to as
online backup. The hot backup of online production data is challenging
because data is actively being used and changed. If a file is open, it is
normally not backed up during the backup process. In such situations, an
open file agent is required to back up the open file. These agents interact
directly with the operating system or application and enable the creation of
consistent copies of open files.
Recovery Operations
Upon receiving a restore request, an administrator opens the restore
application to view the list of clients that have been backed up. While
selecting the client for which a restore request has been made, the
administrator also needs to identify the client that will receive the restored
data. Data can be restored on the same client for whom the restore
request has been made or on any other client.
The administrator then selects the data to be restored and the specific
point-in-time to which the data must be restored based on the RPO.
Because all this information comes from the backup catalog, the restore
application needs to communicate with the backup server.
The backup server instructs the appropriate storage node to mount the
specific backup media onto the backup device. Data is then read and sent
to the client that has been identified to receive the restored data.
This ensures consistency for the restored data. In these cases, the RTO is
extended due to the additional steps in the restore operation. It is also
important to have security mechanisms on the backup and recovery
applications to avoid recovery of data by non-authorized users.
Types of Recovery
Operational recovery or restore typically involves the recovery of
individual files or directories after they have been accidentally deleted or
corrupted.
Full VM recovery permanently restore your VMs either to the same host
or to a different virtual host, it can be done through the Live Recovery to
ESXi Server option. The VMs will be restored into the data store that is
present in the storage repositories.
Backing up data while files are open becomes more challenging because
data is actively being used and changed. An open file is locked by the
operating system and is not copied during the backup process until the
user closes it. The backup application can back up open files by retrying
the operation on files that were opened earlier.
During the backup process, it may be possible that files opened earlier will
be closed and a retry will be successful. However, this method is not
considered robust because in some environments certain files are always
open. In such situations, the backup application or the operating system
can provide open file agents. These agents interact directly with the
operating system and enable the creation of copies of open files.
The downside is that the database will not be accessible by users. Hot
backup is used in situations where it is not possible to shutdown the
database. Backup is facilitated by database backup agents that can
perform a backup while the database is active. The disadvantage
associated with a hot database backup is that the agents can negatively
affect the performance of the database application server.
All subsequent increments use the created synthetic full backup as a new
starting point. A previously used full backup file remains on backup device
until it is automatically deleted according to the backup retention policy.
Backup Multiplexing
Multiplexing allows backups of multiple client machines to send data to a
single tape drive simultaneously. Multiplexing is useful when your tape
drive throughput is faster than the rate at which data can be extracted
from the source (client).
Multiplexing may decrease backup time for large numbers of clients over
slow networks, but it does so at the cost of recovery time. Restores from
multiplexed tapes must pass over all non-applicable data.
Note: Multistreaming
Direct-Attached Backup
Direct-attached backups are generally better suited for smaller
environments. The key advantage of direct-attached backups is speed.
The tape devices can operate at the speed of the channels.
LAN-Based Backup
In a LAN-based backup, the data to be backed up is transferred from the
backup client (source), to the backup device (destination) over the LAN,
which may affect network performance.
This approach doesn’t provide the ability to backup and restore the VM.
The agent running on the compute system consumes CPU cycles and
memory resources.
Image-Based Backup
Image-level backup makes a copy of the virtual machine disk and
configuration associated with a particular VM. The backup is saved as a
single entity called VM image. This type of backup is suitable for restoring
an entire VM in the event of a hardware failure or human error such as the
accidental deletion of the VM. It is also possible to restore individual files
and folders/directories within a virtual machine.
The proxy server then performs backup by using the snapshot. Performing
an image-level backup of a virtual machine disk provides the ability to
execute a bare metal restore of a VM.
Given the scalability and sheer explosion in the size of virtualized and
cloud environments, the workload burden placed on one proxy server can
quickly be built. In this scenario, the recommendation is to provision
multiple proxies to handle the combined workload and increase the
amount of parallelism.
This enables the backup application to backup only the blocks that have
changed, rather than backing up every block. If changed block tracking is
enabled for a VM disk, the virtual machine kernel will create an additional
file where it stores a map of all the VM disk's blocks.
Once a block is changed it will be recorded in this map file. This way the
kernel can easily communicate to a backup application about the blocks of
a file that have changed since a certain point-in-time.
The backup application can then perform a backup by copying only these
changed blocks. Changed block tracking technique dramatically reduces
the amount of data to be copied before additional data reduction
technologies (deduplication) are applied. It also reduces the backup
windows and the amount of storage required for protecting VMs.
This technique reduces the recovery time (RTO) compared to full image
restores by only restoring the delta of the changed VM blocks. During a
restore process, it is determined which blocks have changed since the last
backup. For example, if a large database is corrupted, a changed block
recovery would just restore the parts of the database that has changed
since the last backup was made.
Recovery-in-Place
Recovery-in-place (Instant VM recovery) is a term that refers to running a
VM directly from the purpose-built backup appliance, using a backed up
copy of the VM image instead of restoring that image file to the production
system. In the meantime, the VM data is restored to the primary storage
from the backup copy. Once the recovery has been completed, the
workload is redirected to the original VM.
A large number of operating systems, application files and data files are
common across multiple systems in a data center environment. Identical
files such as Word documents, PowerPoint presentations and Excel
spreadsheets, are stored by many users across an environment. Backups
of these systems will contain many identical files. Additionally, many users
keep multiple versions of files that they are currently working on. Many of
these files differ only slightly from other versions but are seen by backup
applications as new data that must be protected.
Due to this redundant data, the organizations are facing many challenges.
Backing up redundant data increases the amount of storage needed to
protect the data and subsequently increases the storage infrastructure
cost. It is important for organizations to protect the data within the limited
budget. Organizations are running out of backup window time and facing
difficulties meeting recovery objectives. Backing up large amount of
duplicate data at the remote site or cloud for DR purpose is also very
cumbersome and requires lots of bandwidth.
•Retention period: This is the period that defines how long the backup
copies are retained. The longer the retention, the greater is the chance of
identical data existence in the backup set which would increase the
deduplication ratio and storage space savings.
•Change rate: This is the rate at which the data received from the backup
application changes from backup to backup. Client data with a few
changes between backups produces higher deduplication ratios.
subsequent copies are replaced with a pointer that points to the original
file. Indexes for file-level deduplication are significantly smaller, which
takes less computational time when duplicates are being determined.
Backup performance is, therefore, less affected by the deduplication
process. File-level deduplication is simple but does not address the
problem of duplicate content inside the files. A change in any part of a file
results in classifying that as a new file and saving it as a separate copy as
shown in the figure. Typically, the file-level deduplication is implemented in
a NAS environment.
If there is no match on the server, the client will send the hash and the
corresponding chunk to the deduplication server to store the backup data.
If the chunk has already been backed up, then the chunk will not be sent
to the deduplication server by the client, which ensures that the redundant
backup data is eliminated at the client. The deduplication server can be
deployed in different ways. The deduplication server software can be
installed on a general purpose physical server (as shown in the figure) or
on VMs. Some vendors offer deduplication server along with backup
device as an appliance.
The deduplication server would support encryption for secure backup data
transmission and would support replication for disaster recovery purpose.
Source-based deduplication reduces the amount of data that is
transmitted over a network from the source to the backup device, thus
requiring less network bandwidth. There is also a substantial reduction in
the capacity required to store the backup data. Backing up only unique
data from clients reduces the backup window. However, a deduplication
agent running on the client may impact the backup performance,
especially when a large amount of data needs to be backed up. When an
image-level backup is implemented, the backup workload is moved to a
proxy server.
Target
Data Replication
Data is one of the most valuable assets of any organization. It is being
stored, mined, transformed, and utilized continuously. It is a critical
component in the operation and function of organizations. Outages,
whatever may be the cause, are extremely costly, and customers are
always concerned about data availability.
Safeguarding and keeping the data highly available are some of the top
priorities of any organization. To avoid disruptions in business operations,
it is necessary to implement data protection technologies in a data center.
Replica Consistency
Consistency is a primary requirement to ensure the usability of replica
device. In case of file systems (FS), consistency can be achieved either by
taking FS offline i.e. by un-mounting FS or by keeping FS online by
flushing compute system buffers before creating replica.
File systems buffer the data in the compute system memory to improve
the application response time. Compute system memory buffers must be
flushed to the disks to ensure data consistency on the replica, prior to its
creation. If the memory buffers are not flushed to the disk, the data on the
replica will not contain the information that was buffered in the compute
system.
Types of Replication
• Local replication helps to
− Replicate data within the same storage system (in case of remote
replication) or the same data center (in case of local replication).
− Restore the data in the event of data loss or enables restarting the
application immediately to ensure business continuity. Local
replication can be implemented at compute, storage, and network.
• Remote replication helps to
VM Clone
• When the cloning operation completes, the clone becomes a separate
VM. The changes made to a clone do not affect the parent VM.
Changes made to the parent VM do not appear in a clone.
• Installing a guest OS and applications on a VM is a time-consuming
task. With clones, administrators can make many copies of a virtual
machine from a single installation and configuration process.
− For example, in an organization, the administrator can clone a VM
for each new employee, with a suite of preconfigured software
applications.
• Snapshot is used to save the current state of the virtual machine, so
that it can allow to revert to that state in case of any error. But clone is
used when a copy of a VM is required for separate use.
− A full clone is an independent copy of a VM that shares nothing
with the parent VM. Because a full clone needs to have its own
independent copy of the virtual disks, the cloning process may take
a relatively longer time.
− A linked clone is made from a snapshot of the parent VM. The
snapshot is given a separate network identity and assigned to the
hypervisor to run as an independent VM.
• All files available on the parent now of the snapshot creation continue
to remain available to the linked clone VM in read-only mode.
− The ongoing changes (writes) to the virtual disk of the parent do not
affect the linked clone and the changes to the virtual disk of the
linked clone do not affect the parent. All the writes by the linked
clone are captured in a delta disk.
Snapshot – RoW
• Redirects new writes destined for the source LUN to a reserved LUN in
the storage pool.
• Replica (snapshot) still points to the source LUN.
− All reads from the replica are served from the source LUN.
To learn more about snapshot-RoW, click here.
Multi-Site Replication
• Multi-site replication mitigates the risks identified in two-site replication.
In a multi-site replication, data from the source site is replicated to two
Thirdly, data that must be preserved over a long period for compliance
reasons may be modified or deleted by the users.
Archiving fixed data before taking backup helps to reduce the backup
window and backup storage acquisition costs. Data archiving helps in
preserving data that may be needed for future reference and data that
must be retained for regulatory compliance. For example, new product
innovation can be fostered if engineers can access archived project
materials such as designs, test results, and requirement documents.
Similarly, both active and archived data can help data scientists drive new
innovations or help to improve current business processes. In addition,
government regulations and legal/contractual obligations mandate
organizations to retain their data for an extended period.
After the files are identified for archiving, the archive server creates the
index for the files. Once the files have been indexed, they are moved to
the archive storage and small stub files are left on the primary storage.
Each archived file on primary storage is replaced with a stub file. The stub
file contains the address of the archived file. As the size of the stub file is
small, it significantly saves space on primary storage.
As the tier number reduces, the storage performance improves but the
cost of storage increases which limits the usage of storage capacity. The
higher the tier number, the higher can be the storage capacity due to its
cost advantage.
Before moving a file to archive storage, the policy engine scans the NAS
device to identify files that meet the predefined tiering policies. After
identifying the candidate files, the policy engine creates stub files on the
NAS device and then moves the candidate files to the destination archive
storage.
The small, space-saving stub files point to the actual files in the archive
storage. When an application server (NAS client) tries to access a file from
its original location on the NAS device, the actual file is provided from the
archive storage.
Content integrity: It provides assurance that the stored data has not
been altered. If the fixed data is altered, CAS generates a new content
address for the altered data, rather than overwriting the original fixed data.
The best solution in one migration may not necessarily be the best
solution for another migration. No one-size-fits-all migration tool or solution
exists. Each migration solution has its own set of advantages and
challenges. So, it is important to choose an appropriate solution to
successfully perform migration operation.
not required because the compute system still points to the same virtual
volume on the virtualization layer. However, the mapping information on
the virtualization layer should be changed. These changes can be
executed dynamically and made transparent to the end user. The key
advantage of using virtualization appliance is to support data migration
between multi-vendor heterogeneous storage systems.
In a NAS to NAS direct data migration, file-level data is migrated from one
NAS system to another directly over the LAN without the involvement of
any external server. The two primary options of performing NAS-based
migration is either by using NDMP protocol or software tool. In this
example, the new NAS system initiates the migration operation and pulls
the data directly from the old NAS system over the LAN. The key
advantage of NAS to NAS direct data migration is that there is no need for
an external component (host or appliance) to perform or initiate the
migration process.
Software Controller
• The control plane in software-defined data center is implemented by a
software controller. The controller is a software that:
• Discovers the available underlying resources and provides an
aggregated view of resources. It abstracts the underlying hardware
resources (compute, storage, and network) and pools them.
− This enables the rapid provisioning of resources from the pool,
based on pre-defined policies that align to the service level
agreements for different users.
Architecture of SDDC
• The SDDC architecture decouples the control plane from the data
plane.
− It separates the control functions from the underlying infrastructure
components and provides it to an external software controller.
− The centralized control plane provides policies for processing and
transmission of data, which can be uniformly applied across the
multi-vendor infrastructure components.
− The policies can also be upgraded centrally to add new features
and to address application requirements.
• The controller usually provides CLI and GUI for administrators to
manage the IT infrastructure and configure the policies. It also
automates and orchestrates many hardware-based or component-
specific management operations.
− This reduces the need for manual operations that are repetitive,
error-prone, and time-consuming.
• The software controller provides APIs for external management tools
and orchestrators to manage data center infrastructure and orchestrate
controller operations.
• The SDDC architecture enables users to view and access IT resources
as a service from a self-service portal.
− Allows the end user to specify a compute system for which a virtual
storage must be provisioned and a virtual storage system and
virtual storage pool from which the storage has to be derived.
− Automates the storage provisioning tasks and delivers virtual
storage resources based on the requested services.
The cloud model is like utility services such as electricity, water, and
telephone. When consumers use these utilities, they are typically unaware
of how the utilities are generated or distributed. The consumers
periodically pay for the utilities based on usage. Consumers simply hire IT
resources as services from the cloud without the risks and costs
associated with owning the resources.
Cloud services are accessed from different types of client devices over
wired and wireless network connections. Consumers pay only for the
services that they use, either based on a subscription or based on
resource consumption. The figure on the slide illustrates a generic cloud
computing environment, wherein various types of cloud services are
accessed by consumers from different client devices over different
network types.
Public Cloud
A cloud infrastructure deployed by a provider to offer cloud services to the
general public and/or organizations over the Internet.
Private Cloud
Many organizations may not wish to adopt public clouds as they are
accessed over the open Internet and used by the general public. With a
public cloud, an organization may have concerns related to privacy,
external threats, and lack of control over the IT resources and data.
Since the costs are shared by lesser consumers than in a public cloud,
this option may be more expensive. However, a community cloud may
offer a higher level of control and protection against external threats than a
public cloud. There are two variants of a community cloud: on-premise
and externally-hosted. In an on-premise community cloud, one or more
participant organizations provide cloud services that are consumed by the
community.
The provider:
Hybrid Cloud
Is composed of two or more individual clouds, each of which can be
private, community, or public clouds. There can be several possible
compositions of a hybrid cloud as each constituent cloud may be of one of
the five variants as discussed previously.
May change over the period as component clouds join and leave. In a
hybrid cloud environment, the component clouds are combined using
open or proprietary technology such as interoperable standards,
architectures, protocols, data formats, application programming interfaces
(APIs), and so on.
Data in a cloud can be broken into small pieces and distributed across a
large cluster of nodes in such a manner that an entire data set can be
reconstructed even if there is failure of individual nodes.
A service availability zone is a location with its own set of resources. Each
zone is isolated from the other zone so that a failure in one zone does not
impact the other. If a service is distributed among several zones,
consumers of that service can fail over to other zones in the event of a
zone failure.
Backup as a Service
• Enables organizations to procure backup services on-demand in the
cloud. Organizations can build their own cloud infrastructure and
provide backup services on demand to their employees/users. Some
organizations prefer hybrid cloud option for their backup strategy,
keeping a local backup copy in their private cloud and using public
cloud for keeping their remote copy for DR purpose. For providing
backup as a service, the organizations and service providers should
have necessary backup technologies in place in order to meet the
required service levels.
• Enables individual consumers or organizations to reduce their backup
management overhead. It also enables the individual consumer/user to
perform backup and recovery anytime, from anywhere, using a
network connection. Consumers do not need to invest in capital
equipment to implement and manage their backup infrastructure.
These infrastructure resources are rented without obtaining ownership
of the resources.
• Backups can be scheduled and infrastructure resources can be
allocated with a metering service. This will help to monitor and report
resource consumption. Many organizations’ remote and branch offices
have limited or no backup in place. Mobile workers represent a
particular risk because of the increased possibility of lost or stolen
devices.
• Ensures regular and automated backup of data. Cloud computing
gives consumers the flexibility to select a backup technology, based on
their requirement, and quickly move to a different technology when
their backup requirement changes.
To perform backup to the cloud, typically the cloud backup agent software
is installed on the servers that need to be backed up. After installation, this
software establishes a connection between the server and the cloud
where the data will be stored.
The backup data transferred between the server and the cloud is typically
encrypted to make the data unreadable to an unauthorized person or
system.
Replication to Cloud
Cloud-based replication helps organizations to mitigate the risk associated
with outages at the consumer production data center. Organization of all
levels are looking for the cloud to be a part of the business continuity.
Replicating application data and VM to the cloud enable organization to
restart the application from the cloud and also allow to restore the data
from any location.
Having a DR site in the cloud reduces the need for data center space and
IT infrastructure, which leads to significant cost reduction, and eliminates
the need for upfront capital expenditure. Resources at the service provider
can be dedicated to the consumer or they can be shared. The service
provider should design, implement, and document a DRaaS solution
specific to the customer’s infrastructure.
They must conduct an initial recovery test with the consumer to validate
complete understanding of the requirements and documentation of the
correct, expected recovery procedures.
Enables storing the right data to the right tier, based on service level
requirements, at a minimal cost. Each tier has different levels of
protection, performance, and cost.
cost HDDs as tier 2 storage to keep the less frequently accessed data,
and cloud as tier 3 storage to keep the rarely used data.
Provides a local cache to reduce the latency associated with having the
storage capacity far away from the data center.
Compliance
• Internal policy compliance controls the nature of IT operations within
an organization. This requires clear assessment of the potential
difficulties in maintaining the compliance and processes to ensure that
this is effectively achieved.
• External policy compliance includes legal requirements, legislation,
and industry regulations. These external compliance policies control
the nature of IT operations related to the flow of data out of an
organization.
− They may differ, based upon the type of information (for example,
source code versus employee records), and business (for example,
medical services versus financial services).
• Compliance management ensures that an organization adheres to
relevant policies and legal requirements. Policies and regulations can
be based on configuration best practices and security rules.
− These include administrator roles and responsibilities, physical
infrastructure maintenance timelines, information backup
schedules, and change control processes.
• Ensuring CIA and GRC are the primary objectives of any IT security
implementation.
Firewall-Demilitarized Zone
• A demilitarized zone is a control to secure internal assets while
allowing Internet-based access to selected resources.
• In a demilitarized zone environment, servers that need Internet access
are placed between two sets of firewall.
• Servers in the demilitarized zone may or may not be allowed to
communicate with internal resources.
• Application-specific ports such as those designated for HTTP or FTP
traffic are allowed through the firewall to the demilitarized zone
servers.
• No Internet-based traffic is allowed to go through the second set of
firewall and gain access to the internal network.
VLAN Example
• Consider the example with three VLANs: VLAN 10, VLAN 20, and
VLAN 30.
VSAN Example
• Consider the example with two VSANs: VSAN 10 and VSAN 20.
Types of Zoning
• WWN zoning: It uses World Wide Names to define zones. The zone
members are the unique WWN addresses of the FC HBA and its
targets (storage systems).
Data Encryption
• Data should be encrypted as close to its origin as possible. Data
encryption:
− Can be used for encrypting data at the point of entry into the
storage network.
− Can be implemented on the fabric to encrypt data between the
compute system and the storage media. These controls can protect
both the data at-rest on the destination device and the data in-
transit.
Types of Attacks
Denial of Service
Types of Attacks
Digital Currency Mining
Types of Attacks
Spam
Types of Attacks
Adware
EEI
Adware is part greyware, potentially unwanted
programs that are not a virus or malicious software, but
have problematic code or hidden intensions. Adware
collects information about a user with the purpose of
advertisement.
Types of Attacks
Malicious Web Scripts
Types of Attacks
Business Email Compromise
Types of Attacks
Banking Trojan
Types of Attacks
Ransomware
Here, utilization of the shared backup storage system port is shown by the
solid and dotted lines in the graph. If the port utilization prior to deploying
the new compute system is close to 100 percent, then deploying the new
compute system is not recommended because it might impact the
performance of the backup clients running on other compute systems.
However, if the utilization of the port prior to deploying the new compute
system is closer to the dotted line, then there is room to add a new
compute system.
All information about CIs is usually collected and stored by the discovery
tools in a single database or in multiple autonomous databases mapped
into a federated database called a configuration management system
(CMS). Discovery tools also update the CMS when new CIs are deployed
or when attributes of CIs change. CMS provides a consolidated view of CI
attributes and relationships, which is used by other management
processes for their operations. For example, CMS helps the security
management process to examine the deployment of a security patch on
VMs, the problem management to resolve a remote replication issue, or
the capacity management to identify the CIs affected on expansion of a
virtual storage pool.
The monitoring tools also help the administrators to identify the gap
between the required availability and the achieved availability. With this
information, the administrators can quickly identify errors or faults in the
components that may cause data unavailability in future. Based on the
data availability requirements and areas found for improvement, the
availability management team may propose and architect new data
protection and availability solutions or changes in the existing solutions.
The example shown illustrates the resolution of a problem that impacts the
performance of a synchronous replication over a SAN recurrently. The
problem is detected by an integrated incident and problem management
Application Hardening
• Application hardening is a process followed during application
development, with the goal of preventing the exploitation of
vulnerabilities that are typically introduced during the development
cycle.
• Application architects and developers must focus on various factors
such as proper application architecture, threat modeling, and secure
coding while designing and developing an application.
− Installing current application updates or patches provided by the
application developers can reduce some of the vulnerabilities
identified after the application is released.
• Application hardening process also includes process spawning control,
executable file protection, and system tampering protection.
• A common type of attack that can be imparted on applications is
tampering with executable files.
PARTICIPANT GUIDE
PARTICIPANT GUIDE
Dell Avamar Virtual Edition Implementation-SSP
Glossary .................................................................................................. 51
The following factors affect the reliability, availability, and supportability of an AVE
virtual machine:
• I/O performance capability of an AVE storage subsystem
• Amount of data added daily to the AVE virtual machine
• Capacity used within the AVE virtual machine
The file server and mixed environments determine the proper implementation of an
AVE. File server environments include only file system data and mixed
environments include file system data and structured data (for example, database
data).
• VMware ESXi
• Microsoft Azure
• Hyper-V
• Kernel Virtual Machine (KVM)
• Amazon Web Services (AWS)
Go to: See the E-Lab Navigator on Dell Support for the latest
supported versions.
System Requirements
Requireme 0.5 TB 1 TB 2 TB 4 TB 8 TB 16 TB
nts AVE AVE AVE AVE AVE AVE
Memory 6 GB 8 GB 16 GB 36 GB 48 GB 96 GB
The AVE disk layout consists of one operating system disk and several storage
partitions1. The table below defines the number and size of the virtual disks that are
1Backup data is stored in the storage partitions. All the data is evenly distributed
across the storage partitions. The primary portion of the disk read, write, and seek
usage occurs on the storage partitions. Distribute the storage partitions across
high-performance logical units in order to improve the performance in a storage
configuration.
required for each capacity configuration. The operating system disk stores the
operating system, Avamar application, and log files.
Software Requirements
2 An AVE .ova installation creates three 250 GB storage partitions along with the
operating system disk and hence requires approximately 935 GB of free disk space
during the installation. However, an AVE .ovf installation does not create storage
partitions during installation and therefore requires only enough disk space for the
operating system disk at the time of installation. Then manually create additional
storage partitions.
Network Requirements
• Hostnames and IP addresses for the AVE virtual machine and the DNS server
• Gateway, netmask, and domain of the AVE virtual machine
• Firewall access
VM Disk Configuration
Virtual machines use virtual disks for storage. These disks can be set to thin
provision or thick provision, which are also seen as dynamic and fixed in Hyper-V.
Avamar Virtual Edition uses thick-provisioning disks. When thick provisioning is
used, all disk space is allocated upon creation of the virtual disk.
Similarly, virtual disks can be either eager zeroed or lazy zeroed. Eager-zeroing
zeroes out all disk blocks at the time of disk creation. Lazy zeroing waits until the
first write to a disk block before that block is zeroed out.
Lazy zeroing is used during installation which can be converted to eager zeroing
later for better performance. The drawback of using eager zeroing is even though
eager zeroing provides better initial performance during the operation of the AVE,
creating these disks can take hours and can lead to timeout errors during
installation.
Perform the AVE virtual machine environment using one of the two following
templates:
OVA
During an AVE OVA template deployment, three 250 GB virtual disks are created
that match the 0.5 TB configuration. These virtual disks can be reused for the 1 TB
configuration as well. For any other configurations (2 TB, 4 TB, 8 TB, and 16 TB)
deployment requires the removal of these virtual disks and create disks of the
appropriate size.
The following tasks must be performed while deploying AVE virtual machine using
an OVA template:
OVF
During an AVE OVF template deployment, no virtual disks are created. Manually
create the virtual disks as per the configurations used in the environment. Users
must configure additional network configuration during the deployment itself. If
there is an AVE OVF template deployment, all supporting files should be available
in the system.
The following tasks must be performed while deploying AVE virtual machine using
an OVF template:
Simulation Activity
Simulation Activity
This interactive simulation shows the student how to install the AVE.OVA.
1. In the simulation we selected thin provision for the disk format because this
deployment is in a virtual lab. Why is thin provision the best choice for a lab
environment?
a. Thin provisioning is a fixed size.
b. Thin provisioning uses the entire allocated space.
The steps below show how to deploy and configure the AVE VM in a KVM
Infrastructure using the AVE .zip file and KVM tools. The Avamar Installation
Manager installs and configures the Avamar server.
Using the host CLI to extract the .zip file, and create VM disks
In the following steps, the primary and storage partitions are created for the virtual
machine.
The following step describes importing the AVE image into the VM and choosing
the storage volume.
• Launch the KVM Virtual Machine Manager wizard to create an AVE instance.
OS type Linux
Carxel
In the following steps, the storage path is provided and primary disk is selected.
Add VM Resources
<
New VM
Name slesl2sp5-2
OS: SUSE Linux Enterprise Server 12 SP5
install Import existing OS image
Memory 6144 M6
Network selection
Vrtual network default NAT
Adding VM resources
The following step describes selecting the resources for the VM.
• Select Memory and CPU requirements for the size of AVE being deployed and
then click Forward.
Md* »»»»7
< *K ««*•)
O’-V—
*W**— 0^-*
•in tM.M
KVMJI It -Hr
10310X3«
X root root X04<SX<Y0<0 Son X3 09« 27 AVt-X>H,0.U4-m»»J.qcw3
1 root root 200704 Jan SI O»;1J ave-JT-l.qccnrJ
1 root root S00704 Jan 21 09U3
X root root 200704 Jan 21 WtU avw-JT-S.qeov; Add Mew Wrti* H»tfw
X root root 200704•n 21 09H J .re-JT-^.qcowa
X root root 200704 Jan 21 09 US Storage
1 root root 09U3 avw-ST-d.qwnrS
Morale
Comrotke.
Create a dtk image fcr the vrtud m« hew
* Nefmxk
200 QB
300 68 *»a*att»
Gfaphct
* Ow <MauH locator.
Sound • (re ata (intern c^agr
Ser*
/*vwv*»m.ierver/19 4 Q 12W
Partial
Come*
Channet
Dew* type ;i DM dew •
USB Hoit Dewe SCSI
PCI Hott Device
V»o » Advanced c^iom
Watchdog
Smartcard
USBRe*e«t«i
TPM
RNG
Parvr No*W»
Cancel Fm*
Network interface
In the main page of the VM user interface, networking is set up and the VM is
deployed.
• In the left navigation pane of the Basic Details window, select the NIC.
− From the Virtual Network Interface fields, configure the NIC to ensure that
you can access AVE from outside of the KVM host.
• Select Overview from the menu and then click the Begin Installation button.
Verify Network
»le$12sp5-2 on QEMU/KVM x
- in: root
iO ! • ®
:"z«:
is an Auanar Uirtuai Appliance •
Please read the documentation before performing
any administrative functions on this node. “
For help, contact ENC at https:zzsupport.emc.com.
hyperuisor only
KgEEKUM uirtio enui eminent detected
^^^^^■Detect i nq current network configuration
<x>t9nodc:~zg:
The steps below show how to deploy and configure an AVE VM on Hyper-V using
the AVE .zip file and Hyper-V tools. These steps are only for the deployment of the
VM. Use the Avamar Installation Manager to install and configure the Avamar
server.
The Hyper-V Manager Import Virtual Machine Wizard uses the VM to deploy the
AVE.
Hyper- V Manager O X
*4 S0 Q
MI Hypet -V Manager Ac Hom
11 QA-HYPERVAVEOI Virtual Machines
QA-HYPERVAVEO4
Name Stt" CPU Usage Assigned Memory Uptime Stetui New
j JUL.HTB_yrn-ave6O.224 Ruminfl 0* 6144 MB 13.20:3045
| HARSP1_HTB_vma*e62 Import Virtual Machine...
Ruminfl 0* 6144 MB 1320.3055
Hyper-V Settings ..
Virtual Switch Manager..
Virtual SAN Manager...
Edit Disk .
a Inspect Dis*-..
Stop Service
Remove Server
Q Refresh
View
Q He*>
H ARSP 1 _HTB_vm-ave62
Checkpoints $ Connect,.
L Settings..
Turn Off.
ut Down.
Save
ii Pause
is Reset
& Checkpoint
i* Move...
-I Rename..
Enable Replication-
Help
HARSP1_HTB_vm-ave62
11:00 PM
7/1/2016
VM File Locations
Edit Disk...
a nspect Disk...
•) Stop Service
Remove Server
Q Refresh
View
Help
HARSP1_HTB_vm-ave62
Connect..
C- Settings
@ Turn Off-.
® Shut Down..
O Save
|| Pause
|> Reset
2^ Checkpoint
gP Move...
Export. .
•I Rename...
J® Enable Replication-
Q Help
El 11:00 PM
* 7/3Z2O16
Selecting the location for the VM files is the next step in the wizard.
Configure VM Resources
In the following steps the VM resources that are selected include Memory, CPU,
and Networking.
@ Stop Senate
T Settings:
NTP Servers : 10.6.254.4 2S Remove Server
Rehash
- Change IPv4 Configuration
- Change IPv6 Configuration View 6
Change DNS Configuration Q Help
- Change NTP Conf igurat ion
- Apply changes and exit HARSP1_HTB_vm-ave62
- Quit and discard all changes
ter selection fron nenu (1-61:5 nJ Connect..
Settings—
11 changes and exit (YzN) (N1?Y
@ TumOFF...
new network configuration 0 Save
Resume
Ik Reset
Revert...
3* Move...
0, Export
•I Rename...
Q Help
- ' E1EJLJE3
12:21AM
7/4/2016
The avenetconfig command runs automatically when the virtual machine is first
booted.
Upgrading AVE
Open a web browser and log in to the Avamar Installation Manager by entering
the following:
Download Package
Nippon
Welcome to Support
sr a Service Tag, Serial Number, Service Request, Model, or Keyword, o Recently viewed
Cookie Consent
Search Browse
Search backed up directories and Files Browse backed up directories and Files
£9
Downloads Documentation
Get Avamar Software Get Avamar Documentation
£9 £S
Download the AVE upgrade workflow package from Dell Support Avamar
Downloader Service or Local Downloader Service (LDLS).
Open
PacMpaa Repository
Stam* Noto
Filename AvamariJpgrade-19.4.avp
Repository
This page displays the files and download status m the Installation Manager Repository.
Package Upload
Brov.-se .
Packages in Repository
FileName Status Hole
AvamarUpgrade-19.4.avp Accepted Package Is Available
SW Upgrades
Select a package and then click the appropriate button Io proceed
Nota: For Support-Only packages the action buttons wH be disabled for Non-Support users Server ave01.emc.edu
Click the SW Upgrade tab, and click Install to initiate the Avamar upgrade.
Required Information
> Step 1 Package Selection > Step 2 Instalabon Setup > Step 3 InstataOon Progress
On the Installation Setup page, enter the required information, click Save, and
click Continue.
Installation Manager
I
lagmg ave01.rnK.edu
Information log
D0LLEMC
Username
During the upgrade process, the Avamar server restarts and the Avamar
Installation Manager UI is displayed.
Available Packages
/ Step i Package Selection Step 2 insUr'ation Setup > Step 3. installation Progress
Installation Progress
SW Releases
This page displays the installation progress and details If issues occur, the program Server aveot.emc.edu
provides actions to take. Currently installing j AvamarUpgrade192O
SW Upgrades
Restore Postgres databases after upgrade. (115 of 162)
SW Updates
Maintenance ©
History
Information Log a
Repository Task Name Progress(... Timestamp User Actions Installation Messages
Export.
Log in to the Avamar Installation Manager and click Monitor to view the progress
of the upgrade.
Upgrades for the Avamar host operating system and the client plugins are installed
independently from the Avamar upgrades.
Security Rollups
Security rollups patch vulnerabilities in the SUSE Linux operating system that
Avamar runs on.
The Avamar security team collects patches that are released by SUSE. The
patches are and then packaged and made available as quarterly security rollup
downloads. The rollups include bug fixes and Common Vulnerabilities and
Exposures (CVE).
Verify that the latest security rollup is installed on the Avamar system using the
following methods:
Avamar upgrades do not include the client plugins, the following upgrade packages
are available:
Client downloads
3The proactive_check.pl script is a Technical Support tool for checking the health
of an Avamar server.
• Upgrades all client downloads on the Avamar Web Restore web page.
• Upgrades the Avamar client plugin catalog4.
4 The Avamar plugin catalog lets the Avamar system know what versions of clients
it can support.
5 The Avamar Client Manager helps Avamar administrators manage and update
Verify all Avamar services are up Log in to the Avamar server and run the
and running. command dpnctl status. Verify the gsan
version6 and all nodes are up and running. If
any services are not running the command
dpnctl start resumes all services.
Best Practice: Always review the Dell Avamar Installation and Upgrade
Guide on Dell Support before doing any installations or upgrades.
2 TB 4 TB, 8 TB, 16 TB
4 TB 8 TB, 16 TB
8 TB 16 TB
Tip: For more information about the ave_scale command, run the
command ave_scale <command> --help
Supported Commands
The precheck command identifies the AVE and finds out possible scalable
options. Also, the command checks whether the datastore, on which the virtual
machine is present, has sufficient space for expansion.
Option Description
--ave-vm-name AVE name from vCenter Server (mandatory for the use of
<value> the tool).
--vc-name vCenter Server name (mandatory for the use of the tool).
<value>
Option Description
--ave-ssh-port AVE SSH port number (the default port number is 22).
<value>
--ave-vm-name AVE name from vCenter Server (mandatory for the use
<value> of the tool).
--vc-name <value> vCenter Server name (mandatory for the use of the
tool).
Option Description
--ave-vm-name AVE guest name from vCenter Server (mandatory for the
<value> use of the tool).
Examples Descriptio
n
—
The output
ave_scale : 19.4.0-5
Date : 03 Sep 2021 11:58 POT
of the
Logging to : .Zave_scale.log ave_scal
e
ave_scale: [INFO]: 2021-09-03Tll:58:57-0700 :
5 starting - logging to .Zave_scale.log
—— ave_scale version 19.4.0-
createsp
ave_scale: [INFO]: 2021-09-03111:58:57-0700 : Create new space partition ace
operation invoked
ave_scale: [INFO]: 2021-09-03Tll:58:57-0700 : Pinging ae-283d command
ave_scale: [INFO]: 2021-09-03111:58:57-0700 : Ping ae-283d rtt -
378.553ps
shows that
ave_scale: [INFO]: 2021-09-03111:58:57-0700 : Logging into aevc2
ave_scale: [INFO]: 2021-09-03Tll:58:58-0700 : VM ae-283d (no. 3, Terry's) found on a 96GB
host-781, vSphere version 6.7.0
partition
ave_scale: [INFO]: 2021-09-03Tll:58:58-0700 : Creating a working directory on ae-
283d exists. The
av o At . ^*111 VJ . avia a j J i aa . w •
partition is
<snipZ> found to be
ave_scale: [INFO]: 2021-09-03112:00:00-0700 : found a Z space partition of
adequate -
size 96 GB
ave_scale: [INFO]: 2021-09-03T12:00:00-0700 : The 96 GB Zspace partition on ae- no
283d is adequate - no expansion needed
expansion
ave_scale: [INFO]: 2021-09-03112:00:00-0700 : exit status 0
ave_scale: [INFO]: 2021-09-03T12:00:00-0700 : ....
ave_scale version 19.4.0- needed.
5 ending at 03 Sep 2021 12:00 PDT - exit status 0 - log file: -Zave_scale.log
sss s
T
vSphere Client Menu Before the
ave_scal
Edit Settings ae-283d (no.3. Jerry's)
e
Virtual Hardware VM Options createsp
1 ADD NEW ace
> CPU 2 v command
> Memory 6 1
I
w
।
1 GB is run there
> Hard disk 1 126 GB
are three
> Hard disk 2 250 GB storage
> Hard disk 3 250 GB partitions
> Hard disk 4 250 GB v with 250
> SCSI controller O LSI Logic Parallel GB.
CANCEL
After the
Edit Settings ae-283d eno. 3. Jerry’s)
command
is run, the
vCenter
storage for
the AVE
shows an
additional
partition of
96 GB
created.
Click the Save Progress and Exit button in the course menu or below
to record this content as complete.
Go to the next learning or assessment, if applicable.