Contents

Dell PowerProtect 19.10 Data Manager Google Cloud Platform Deployment Guide PDF

1 of 27
1 of 27

Summary of Content for Dell PowerProtect 19.10 Data Manager Google Cloud Platform Deployment Guide PDF

PowerProtect Data Manager 19.10 Google Cloud Platform Deployment Guide

March 2022 Rev. 01

Notes, cautions, and warnings

NOTE: A NOTE indicates important information that helps you make better use of your product.

CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid

the problem.

WARNING: A WARNING indicates a potential for property damage, personal injury, or death.

2020 - 2022 Dell Inc. or its subsidiaries. All rights reserved. Dell, EMC, and other trademarks are trademarks of Dell Inc. or its subsidiaries. Other trademarks may be trademarks of their respective owners.

Tables........................................................................................................................................... 4

Preface.........................................................................................................................................................................................5

Chapter 1: Getting Started............................................................................................................ 9 Introducing the PowerProtect Data Manager software............................................................................................ 9 Supported Internet Protocol versions...........................................................................................................................10 PowerProtect Data Manager for GCP..........................................................................................................................10 Unsupported features....................................................................................................................................................... 10 PowerProtect Data Manager and DDVE.......................................................................................................................11 GCP data-transfer costs...................................................................................................................................................11 Architecture overview....................................................................................................................................................... 11 References...........................................................................................................................................................................14 Terminology......................................................................................................................................................................... 14

Chapter 2: Preparing for a Deployment........................................................................................ 16 PowerProtect Data Manager interoperability............................................................................................................. 16 Microsoft application agent and Oracle RMAN agent interoperability................................................................. 16 Networking interoperability............................................................................................................................................. 16 Preparing your environment for deployment...............................................................................................................17 Minimum GCP roles for deployment............................................................................................................................. 18 Resource requirements.....................................................................................................................................................18

Chapter 3: Deployment................................................................................................................ 19 Deploy PowerProtect Data Manager............................................................................................................................ 19

Chapter 4: Configuration............................................................................................................. 21 Configure PowerProtect Data Manager.......................................................................................................................21 Configuring network firewall rules................................................................................................................................ 23

Configure network firewall rules..............................................................................................................................23 Configuring DDVE and storage...................................................................................................................................... 23 Configuring and monitoring system health................................................................................................................. 23 Configuring disaster recovery........................................................................................................................................ 23 Deploying SupportAssist to GCP...................................................................................................................................24 Using SSH........................................................................................................................................................................... 24 Accessing the PowerProtect Data Manager UI.........................................................................................................24

The Getting Started page..........................................................................................................................................24 UI tools and options ...................................................................................................................................................25

Updating PowerProtect Data Manager....................................................................................................................... 27

Contents

Contents 3

1 Revision history.......................................................................................................................................................... 5

2 Related documentation.............................................................................................................................................6

3 Style conventions....................................................................................................................................................... 7

4 Key features................................................................................................................................................................ 9

5 Benefits........................................................................................................................................................................ 9

6 Related PowerProtect DD Virtual Edition documentation..............................................................................14

7 Term list...................................................................................................................................................................... 14

8 Microsoft application agent and Oracle RMAN agent support matrix........................................................ 16

9 GCP roles required to deploy PowerProtect Data Manager..........................................................................18

10 Instance configuration.............................................................................................................................................19

11 PowerProtect Data Manager Getting Started menu items...........................................................................24

12 PowerProtect Data Manager tools..................................................................................................................... 25

13 Banner UI options.................................................................................................................................................... 26

Tables

4 Tables

Preface As part of an effort to improve product lines, periodic revisions of software and hardware are released. Therefore, all versions of the software or hardware currently in use might not support some functions that are described in this document. The product release notes provide the most up-to-date information on product features.

If a product does not function correctly or does not function as described in this document, contact Customer Support.

NOTE: This document was accurate at publication time. To ensure that you are using the latest version of this document,

go to the Customer Support website.

Product naming Data Domain (DD) is now PowerProtect DD. References to Data Domain or Data Domain systems in this documentation, in the user interface, and elsewhere in the product include PowerProtect DD systems and older Data Domain systems. In many cases the user interface has not yet been updated to reflect this change.

Language use This document might contain language that is not consistent with Dell Technologies current guidelines. Dell Technologies plans to update the document over subsequent future releases to revise the language accordingly.

This document might contain language from third-party content that is not under Dell Technologies control and is not consistent with the current guidelines for Dell Technologies own content. When such third-party content is updated by the relevant third parties, this document will be revised accordingly.

Website links The website links used in this document were valid at publication time. If you find a broken link, provide feedback on the document, and a Dell employee will update the document as necessary.

Purpose This document describes how to deploy the Dell EMC PowerProtect Data Manager software to a Google Cloud Platform (GCP) environment.

Audience This document is intended for the system administrator who will deploy the PowerProtect Data Manager software to a GCP environment.

Revision history The following table presents the revision history of this document.

Table 1. Revision history

Revision Date Description

01 March 22, 2022 Initial release of this document for PowerProtect Data Manager version 19.10.

Preface 5

Compatibility information Software compatibility information for the PowerProtect Data Manager software is provided at the E-Lab Navigator.

Related documentation The following publications are available at Customer Support and provide additional information:

Table 2. Related documentation

Title Content

PowerProtect Data Manager Administration and User Guide Describes how to configure the software.

PowerProtect Data Manager Deployment Guide Describes how to deploy the software.

PowerProtect Data Manager Licensing Guide Describes how to license the software.

PowerProtect Data Manager Release Notes Contains information on new features, known limitations, environment, and system requirements for the software.

PowerProtect Data Manager Security Configuration Guide Contains security information.

PowerProtect Data Manager Amazon Web Services Deployment Guide

Describes how to deploy the software to Amazon Web Services (AWS).

PowerProtect Data Manager Azure Deployment Guide Describes how to deploy the software to Microsoft Azure.

PowerProtect Data Manager Google Cloud Platform Deployment Guide

Describes how to deploy the software to Google Cloud Platform (GCP).

PowerProtect Data Manager Cloud Disaster Recovery Administration and User Guide

Describes how to deploy Cloud Disaster Recovery (Cloud DR), protect virtual machines in the AWS or Azure cloud, and run recovery operations.

PowerProtect Data Manager Cyber Recovery User Guide Describes how to install, update, patch, and uninstall the Dell EMC PowerProtect Cyber Recovery software.

PowerProtect Data Manager File System User Guide Describes how to configure and use the software with the File System agent for file-system data protection.

PowerProtect Data Manager Kubernetes User Guide Describes how to configure and use the software to back up and restore namespaces and PVCs in a Kubernetes cluster.

PowerProtect Data Manager Microsoft Exchange Server User Guide

Describes how to configure and use the software to back up and restore the data in a Microsoft Exchange Server environment.

PowerProtect Data Manager Microsoft SQL Server User Guide

Describes how to configure and use the software to back up and restore the data in a Microsoft SQL Server environment.

PowerProtect Data Manager Oracle RMAN User Guide Describes how to configure and use the software to back up and restore the data in an Oracle Server environment.

PowerProtect Data Manager SAP HANA User Guide Describes how to configure and use the software to back up and restore the data in an SAP HANA Server environment.

PowerProtect Data Manager Storage Direct User Guide Describes how to configure and use the software with the Storage Direct agent to protect data on VMAX storage arrays through snapshot backup technology.

PowerProtect Data Manager Network Attached Storage User Guide

Describes how to configure and use the software to protect and recover the data on network-attached storage (NAS) shares and appliances.

PowerProtect Data Manager Virtual Machine User Guide Describes how to configure and use the software to back up and restore virtual machines and virtual-machine disks (VMDKs) in a vCenter Server environment.

6 Preface

Table 2. Related documentation (continued)

Title Content

VMware Cloud Foundation Disaster Recovery With PowerProtect Data Manager

Provides a detailed description of how to perform an end-to- end disaster recovery of a VMware Cloud Foundation (VCF) environment.

PowerProtect Data Manager Disaster Recovery Best Practices Guide

Provides guidance and best practices for a PowerProtect Data Manager server disaster-recovery solution.

PowerProtect Data Manager Public REST API documentation Contains the PowerProtect Data Manager APIs and includes tutorials to guide you in their use.

vRealize Automation Data Protection Extension for Data Protection Systems Installation and Administration Guide

Describes how to install, configure, and use the Dell EMC vRealize Data Protection Extension.

Typographical conventions The following type style conventions are used in this document:

Table 3. Style conventions

Formatting Description

Bold Used for interface elements that a user specifically selects or clicks, for example, names of buttons, fields, tab names, and menu paths. Also used for the name of a dialog box, page, pane, screen area with title, table label, and window.

Italic Used for full titles of publications that are referenced in text.

Monospace Used for: System code System output, such as an error message or script Pathnames, file names, file name extensions, prompts, and syntax Commands and options

Monospace italic Used for variables.

Monospace bold Used for user input.

[ ] Square brackets enclose optional values.

| Vertical line indicates alternate selections. The vertical line means or for the alternate selections.

{ } Braces enclose content that the user must specify, such as x, y, or z.

... Ellipses indicate non-essential information that is omitted from the example.

You can use the following resources to find more information about this product, obtain support, and provide feedback.

Where to find product documentation The Customer Support website The Community Network

Where to get support The Customer Support website provides access to product licensing, documentation, advisories, downloads, and how-to and troubleshooting information. The information can enable you to resolve a product issue before you contact Customer Support.

To access a product-specific page:

1. Go to the Customer Support website.

Preface 7

2. In the search box, type a product name, and then from the list that appears, select the product.

Knowledgebase The Knowledgebase contains applicable solutions that you can search for either by solution number (for example, KB000xxxxxx) or by keyword.

To search the Knowledgebase:

1. Go to the Customer Support website. 2. On the Support tab, click Knowledge Base. 3. In the search box, type either the solution number or keywords. Optionally, you can limit the search to specific products by

typing a product name in the search box, and then selecting the product from the list that appears.

Live chat To participate in a live interactive chat with a support agent:

1. Go to the Customer Support website. 2. On the Support tab, click Contact Support. 3. On the Contact Information page, click the relevant support, and then proceed.

Service requests To obtain in-depth help from a support agent, submit a service request. To submit a service request:

1. Go to the Customer Support website. 2. On the Support tab, click Service Requests.

NOTE: To create a service request, you must have a valid support agreement. For details about either an account or

obtaining a valid support agreement, contact a sales representative. To find the details of a service request, in the

Service Request Number field, type the service request number, and then click the right arrow.

To review an open service request:

1. Go to the Customer Support website. 2. On the Support tab, click Service Requests. 3. On the Service Requests page, under Manage Your Service Requests, click View All Dell Service Requests.

Online communities For peer contacts, conversations, and content on product support and solutions, go to the Community Network. Interactively engage with customers, partners, and certified professionals online.

How to provide feedback Feedback helps to improve the accuracy, organization, and overall quality of publications. You can send feedback to DPAD.Doc.Feedback@emc.com.

8 Preface

Getting Started

Topics:

Introducing the PowerProtect Data Manager software Supported Internet Protocol versions PowerProtect Data Manager for GCP Unsupported features PowerProtect Data Manager and DDVE GCP data-transfer costs Architecture overview References Terminology

Introducing the PowerProtect Data Manager software PowerProtect Data Manager software is an enterprise solution that provides software-defined data protection, deduplication, operational agility, self-service, and IT governance.

PowerProtect Data Manager key features include the following:

Table 4. Key features

Software-defined data protection with integrated deduplication, replication, and reuse

Data backup and recovery self-service operations from native applications that are combined with central IT governance

Multicloud optimization with integrated Cloud Tiering

SaaS-based monitoring and reporting

Modern services-based architecture for ease of deployment, scaling, and updating

PowerProtect Data Manager integrates multiple data-protection products within the Dell EMC Data Protection portfolio to enable data protection as a service, providing the following benefits:

Table 5. Benefits

Enables data-protection teams to create data paths with provisioning, automation, and scheduling to embed protection engines into their data-protection infrastructure for high-performance backup and recovery

Enables backup administrators of large-scale environments to schedule backups for the following asset types from a central location on the PowerProtect Data Manager server: VMware virtual machines File systems VMAX storage groups Kubernetes clusters Microsoft Exchange Server and Microsoft SQL Server databases Oracle databases SAP HANA databases Network-attached storage (NAS) shares

Provides an agent-based approach to automatically discover and protect databases on an application server

Enables self-service and centralized protection by: Monitoring service-level objectives (SLOs) Identifying violations of recovery-point objectives (RPOs)

1

Getting Started 9

Table 5. Benefits (continued)

Supports deploying an external VM Direct appliance that moves data with a VM Direct Engine that is optimized for performing high-capacity backup streams

Comes with a basic embedded VM Direct Engine that has the following functions and capabilities: It is automatically used as a fallback proxy for performing backup and restore operations when an external VM Direct

Engine fails, is disabled, or is unavailable It has a limited capacity for performing backup streams It can work with virtual-machine crash-consistent protection policies that use the Transparent Snapshot Data Mover

(TSDM) protection mechanism It enables the Search Service used by PowerProtect Search

Supports PowerProtect Search, which enables backup administrators to quickly search for and restore VM and NAS file copies

Supports the vRealize Automation DP extension, which enables the automatic provisioning of virtual machines and on-demand backups and restores

Integrates with Dell EMC Cloud Disaster Recovery (Cloud DR), including workflows for Cloud DR deployment, protection, and recovery operations in the AWS and Azure clouds

Integrates with Dell EMC PowerProtect Cloud Snapshot Manager to view PowerProtect Cloud Snapshot Manager jobs, alerts, and reports from a consolidated PowerProtect Data Manager dashboard

Integrates with Dell EMC PowerProtect Cyber Recovery to protect the integrity of a PowerProtect Data Manager environment from cyber threats

Provides a RESTful API interface that allows PowerProtect Data Manager to be monitored, configured, and orchestrated: Existing automation frameworks can be integrated New scripts can be quickly written Easy-to-follow tutorials are provided

Supported Internet Protocol versions PowerProtect Data Manager only supports the use of IPv4 addresses.

Using an IPv6 address can result in errors or other unexpected behavior. When configuring devices to connect over the network with PowerProtect Data Manager, use only IPv4 addresses.

PowerProtect Data Manager for GCP You use the Google Cloud Console to deploy a virtual appliance with PowerProtect Data Manager to a Google cloud.

PowerProtect Data Manager on Google Cloud Platform (GCP) provides protection for cloud-based assets such as the following:

Oracle, SQL, and SAP HANA databases Kubernetes clusters that are deployed to GCP

NOTE: If you use SAP HANA, add the fully qualified domain name (FQDN) of the GCP virtual machine hosting the agent to

the /etc/hosts file for that virtual machine. For more information, see the PowerProtect Data Manager SAP HANA User

Guide at Customer Support.

Unsupported features Familiarize yourself with those features that are not supported when deploying PowerProtect Data Manager to GCP.

With the exception of the following, PowerProtect Data Manager on GCP supports all features supported by on-premises PowerProtect Data Manager and PowerProtect Data Manager deployed to GCVE on GCP:

Microsoft Exchange Server Cloud Disaster Recovery Search Clusters

10 Getting Started

Block-based backups (BBB) with the Linux File System agent (FSA) Backing up and restoring virtual machines with the Transparent Snapshot Data Mover (TSDM)

PowerProtect Data Manager and DDVE In a GCP environment, PowerProtect Data Manager requires an instance of DD Virtual Edition (DDVE).

DDVE is a software-only protection storage appliance: a virtual deduplication appliance that provides data protection for entry, enterprise, and service-provider environments. Like any PowerProtect DD System, DDVE always pairs with backup software.

When you deploy PowerProtect Data Manager to GCP, you can deploy DDVE simultaneously or outside of the deployment process. For more information, see PowerProtect DD Virtual Edition in Google Cloud Platform Installation and Administration Guide at Customer Support.

GCP data-transfer costs Google charges a monthly fee based on the amount and types of data transferred by PowerProtect Data Manager and DDVE in a Google cloud.

Consider the following information when planning your GCP architecture:

Most of the data that is transferred in a Google cloud occurs between the hosts being protected and DDVE. If Kubernetes is being used, data is also transferred between the protection engine hosts and DDVE. Google does not have data-transfer fees for hosts that are in the same region. For current details of all Google data-transfer costs and other fees, see the Google Cloud Pricing Calculator.

NOTE: To minimize data-transfer costs, minimize the path that data transfers take by using as few zones and regions as

possible.

An example of data transfer

The following items describe a possible data-protection scenario where the hosts being protected and storage are in different regions:

Outbound data transfers in the Central US region Twenty 100 GB databases that each have a daily change rate of 5 percent Weekly full backups Daily incremental backups and archived-log backups An average deduplication ratio of 2:1 for initial full backups and for incremental backups An average deduplication ratio of between 20:1 and 30:1 for subsequent full backups

This data-protection scenario would result in approximately 3,600 GB of data transfer in the first month.

NOTE: Different regions have different data-transfer costs. For more information, see All network pricing and Network

Service Tiers geolocations.

Architecture overview Access to PowerProtect Data Manager and DDVE is managed by a virtual private cloud (VPC), virtual network service endpoints and their policies, and network and application firewall rules. DDVE uses buckets to store the backed-up data of virtual appliances and virtual machines in GCP.

For more information about this, see the following resources:

Cloud storage documentation VPC overview VPC network overview Configuring Private Google Access Firewall rules Best practices

Getting Started 11

To deploy additional instances of DDVE to GCP outside of the PowerProtect Data Manager deployment process, see the PowerProtect DD Virtual Edition in Google Cloud Platform Installation and Administration Guide at Customer Support.

PowerProtect Data Manager deploys with a private IP address. For access from an external site, configure a VPN connection. For security considerations, deploy PowerProtect Data Manager and DDVE to a private subnet.

The following diagram represents the basic PowerProtect Data Manager architecture on GCP. The diagram shows a possible distribution of PowerProtect Data Manager and DDVE in one private subnet and application hosts in another subnet.

Figure 1. Basic PowerProtect Data Manager architecture

Sensitive PowerProtect Data Manager data, such as passwords, is encrypted and stored in a lockbox. The PowerProtect Data Manager Security Configuration Guide at Customer Support provides more information.

Control and data paths

The following diagram shows the transfer of data between PowerProtect Data Manager, DDVE, and application hosts. This network traffic composes the majority of data transferred in a Google cloud.

12 Getting Started

Figure 2. Paths

DDVE and replication of data between private subnets

The following diagram shows how data replicates between private subnets as well as the transfer of data during regular operations. The diagram also shows the application hosts distributed between public and private subnets.

Figure 3. Replication

Getting Started 13

PowerProtect Data Manager policies and DDVE

If you have a different DDVE instance in each region or zone, configure PowerProtect Data Manager policies to protect all the hosts in the same region or zone as each DDVE instance.

References Some procedures in this document reference other publications for further details. Additionally, updates to documentation after initial publication are provided in the release notes.

For a list of PowerProtect Data Manager publications, see "Related documentation" in the preface.

For information about DD Virtual Edition, see the following publications at Customer Support:

Table 6. Related PowerProtect DD Virtual Edition documentation

PowerProtect DD Virtual Edition in VMware Cloud Installation and Administration Guide

PowerProtect DD Virtual Edition in Google Cloud Platform Installation and Administration Guide

PowerProtect DD Virtual Edition on Premise Installation and Administration Guide

PowerProtect DD Virtual Edition in Azure Installation and Administration Guide

PowerProtect DD Virtual Edition in Amazon Web Services Installation and Administration Guide

Terminology Familiarize yourself with the terminology for the PowerProtect Data Manager user interface and documentation.

The following table provides more information about names and terms that you should know to use PowerProtect Data Manager:

Table 7. Term list

Term Description

Application agent Application agents are installed on application or database host servers to manage protection using PowerProtect Data Manager. These agents are commonly known as DD Boost Enterprise Agents (DDBEAs) for databases and applications.

Application-aware A virtual machine protection policy that includes additional application-aware data protection for Microsoft SQL Servers. An application-aware virtual machine protection policy provides the ability to quiesce the application during virtual machine image backup to perform a full backup of Microsoft SQL Server databases. You can also schedule Microsoft SQL Server log backups for the virtual machines in the policy.

Asset Assets are objects in PowerProtect Data Manager for which you want to manage protection, including virtual machines, databases, and file systems.

Asset source Assets that PowerProtect Data Manager protects reside within asset sources, which include vCenter servers, application or database hosts, and file servers.

Cloud Tier storage Cloud Tier storage can be added to a protection storage system to expand the deduplication storage capacity onto less expensive object storage in public or private object storage clouds, including Dell EMC secure Elastic Cloud Storage appliances.

Copy A PowerProtect Data Manager copy is a point-in-time backup copy of an asset.

Copy Map The PowerProtect Data Manager Copy Map is a visual representation of backup copy locations on your protection storage and is available for all protected assets that have copies.

Discovery Discovery is an internal process that scans asset sources to find new assets to protect and scans infrastructure components to monitor their health and status.

14 Getting Started

Table 7. Term list (continued)

Term Description

Instant Access PowerProtect Data Manager virtual machine backup copies can be accessed, mounted, and booted directly from the protection storage targets as running virtual machines. This operation is called Instant Access. Copies can also be moved to a production VMware datastore using vMotion. PowerProtect Data Manager Virtual machine application-aware backup copies can be mounted directly from protection storage as running Microsoft SQL Server databases, which includes the ability to roll forward log backups. These Microsoft SQL Server database disks can also be moved to a production VMware datastore using vMotion.

PowerProtect Data Manager agent

An agent that is included in PowerProtect Data Manager and installed on each application agent host server so that you can monitor and manage the application agent through PowerProtect Data Manager.

Protection policy Protection policies configure and manage the entire life cycle of backup data, which includes backup types, assets, backup start and stop times, backup devices, and backup retention.

Service-level agreement (SLA) An optional policy that you can layer on top of a protection policy. An SLA performs additional checks on protection activities to ensure that protection goals meet the standards of an organization. SLAs are made up of one or more service-level objectives.

Service-level objective (SLO) A definable rule that sets the criteria for recovery-point objectives (RPOs), encryption, and the location of backups according to company requirements.

Getting Started 15

Preparing for a Deployment

Topics:

PowerProtect Data Manager interoperability Microsoft application agent and Oracle RMAN agent interoperability Networking interoperability Preparing your environment for deployment Minimum GCP roles for deployment Resource requirements

PowerProtect Data Manager interoperability PowerProtect Data Manager integrates multiple data protection products within the Dell EMC Data Protection portfolio to enable data protection as a service. PowerProtect Data Manager enables new data paths with provisioning, automation, and scheduling that enable a data protection team to embed protection engines into the infrastructure for high-performance backup and recovery.

NOTE: PowerProtect Data Manager for GCP is only compatible with DD Virtual Edition (DDVE) 6.0.

This section includes several tables that list the supported software and hardware configurations for an PowerProtect Data Manager deployment for each direct data path.

Microsoft application agent and Oracle RMAN agent interoperability The Microsoft application agent and Oracle RMAN agent enable an application administrator to protect and recover data on a SQL Server host and Oracle server host. PowerProtect Data Manager integrates with the Microsoft application agent and Oracle RMAN agent to check and monitor the backup compliance against protection policies. PowerProtect Data Manager also supports central scheduling for backups.

You can install the Microsoft application agent or Oracle RMAN agent on the host that you plan to protect by using the installation instructions that are provided in the PowerProtect Data Manager Microsoft SQL Server User Guide and PowerProtect Data Manager Oracle RMAN User Guide.

NOTE: The most up-to-date software compatibility information for the PowerProtect Data Manager software and

application agents is provided by the E-Lab Navigator.

Table 8. Microsoft application agent and Oracle RMAN agent support matrix

Product Supported versions

Microsoft application agent Refer to the E-Lab Navigator.

Oracle RMAN agent Refer to the E-Lab Navigator.

Networking interoperability This section details PowerProtect Data Manager on GCP networking interoperability and requirements.

2

16 Preparing for a Deployment

Google Cloud VMware Engine interoperability

PowerProtect Data Manager on GCP works with Google Cloud VMware Engine (GCVE) on GCP, and can be used to protect virtual-machine assets in a GCVE-on-GCP environment. Unless noted in Unsupported features, PowerProtect Data Manager on GCP supports all of the features that are supported by GCVE on GCP. For information about what is not supported by GCVE on GCP, see the PowerProtect Data Manager Virtual Machine User Guide.

For the purpose of the following sections, the network used in a GCVE-on-GCP environment will be called the GCVE network, and the network used in a PowerProtect Data Manager-on-GCP environment will be called the VPC network.

Required DNS configuration

You must configure a Domain Name System (DNS) server to be used for name resolution of hosts in both the GCVE and VPC networks. This server can be located in either the GCVE or the VPC network.

Forward and reverse lookups are required for the following hosts:

the PowerProtect Data Manager instance all DDVE instances the VM Direct protection engines vCenter and ESXi

Set this DNS server as the primary DNS server for the PowerProtect Data Manager instance during deployment. For more information, see the PowerProtect Data Manager Administration and User Guide.

Required network traffic rules

You must configure certain network traffic rules in order for hosts in the VPC network to communicate with hosts in the GCVE network.

PowerProtect Data Manager requires inbound and outbound traffic between it and the following hosts in the GCVE network:

the VM Direct protection engines the primary DNS server vCenter and ESXi

To configure PowerProtect Data Manager or DDVE traffic rules on an instance after it has been deployed, see Configure network firewall rules. To configure traffic rules on GCVE-on-GCP hosts, see the PowerProtect Data Manager Administration and User Guide.

Preparing your environment for deployment The following sections provide information about deploying PowerProtect Data Manager to GCP:

Creating a GCP account

To deploy PowerProtect Data Manager to GCP, you must have a Google Cloud account. To set up an account, navigate to https://console.cloud.google.com. For information about the Google Cloud Platform, see Google Cloud overview.

Managing key access pairs

For a secure login to PowerProtect Data Manager, GCP can manage key access pairs for you. For instructions, see Connecting to VMs.

Setting up the network environment

For secure access to the PowerProtect Data Manager on GCP, it is recommended that you use the VPC architecture provided by Google. Set up and configure the following components:

Preparing for a Deployment 17

The VPC A subnet Routing tables Firewall rules A network access control list

Security and operational best practices

The following link provide more information:

Google Cloud security best practices center

GCP service limits and restrictions

The following links provide more information about GCP service limits and restrictions:

Working with Quotas Quotas and limits Naming resources

Minimum GCP roles for deployment In order to deploy a GCP-based PowerProtect Data Manager instance, you must use an account assigned a minimum number of roles.

The following table lists the required GCP roles for deployment.

Table 9. GCP roles required to deploy PowerProtect Data Manager

Role Purpose

roles/deploymentmanager.editor Creates a deployment manager

roles/compute.instanceAdmin.v1 Creates and manages instances

roles/iam.serviceAccountUser Edits instance metadata

Resource requirements The following assigned system resources belong to the required Customer PowerProtect Data Manager instance type:

8 CPU cores 32 GB of RAM 15,000 IOPS 1 premium NIC

You cannot change these resources. If these resources are insufficient for a required protection workload, you can deploy multiple PowerProtect Data Manager instances.

18 Preparing for a Deployment

Deployment

Topics:

Deploy PowerProtect Data Manager

Deploy PowerProtect Data Manager Providing the required information and deploying PowerProtect Data Manager takes approximately 15 minutes.

Steps

1. In a browser, navigate to https://cloud.google.com/marketplace.

2. Log in to the Google Cloud Marketplace portal.

3. Click Explore Marketplace.

4. Click Search products and resources, and type PowerProtect Data Manager and PowerProtect DD Virtual Edition.

5. Select the product, and click LAUNCH.

6. From the New PowerProtect Data Manager and PowerProtect DD Virtual Edition deployment pane, configure the PowerProtect Data Manager instance.

Table 10. Instance configuration

Parameters Description

Deployment name The name of the GCP deployment.

Version The combination of PowerProtect Data Manager and DDVE versions to deploy.

Zone The zone where both PowerProtect Data Manager and DDVE will be deployed.

Network interfaces The network interface to use. Accept the default or add a new interface. If adding a new interface, the name, subnetwork, and external IP must be provided.

Data Manager name The name of the PowerProtect Data Manager instance.

Machine type The resources assigned to the PowerProtect Data Manager instance. This cannot be changed from the default of Customer, which provides 8 CPU cores, 32 GB of RAM, 16,000 IOPS, and 1 premium NIC.

SSH public key (Optional) The SSH public key for the PowerProtect Data Manager instance. If entered, this is associated with the admin user.

Use Custom DNS Server (Optional)

Select this to use one or more of your own DNS servers, which allows for reverse DNS lookups of IP addresses to hostnames. Otherwise, leave it unselected and leave the following three parameters empty.

DNS Server IP Address The IP addresses of up to 2 DNS servers, separated by a comma.

Data Manager IP Address The IP address of the PowerProtect Data Manager server.

Data Manager FQDN The fully qualified domain name of the PowerProtect Data Manager server.

Deploy DDVE (Optional) By default, a DDVE instance is deployed with PowerProtect Data Manager, and launched in the same subnet. You might choose to not deploy DDVE if you already have an instance deployed, or if you are performing PowerProtect Data Manager server disaster recovery.

If selected, also configure the following:

DDVE name. The name of the DDVE instance.

3

Deployment 19

Table 10. Instance configuration (continued)

Parameters Description

Machine type. Select from the following options: 32 TB Model: 8 vCPUs, 32GB Memory 96 TB Model: 16 vCPUs, 64 GB Memory 256 TB Model: 32 vCPUs, 128 GB Memory.

Number of metadata disks, to override default value. The default number of 1 TB metadata disks are, respective to the machine type selected: 2, 4, and 10.

SSH public key (Optional). If entered, this is associated with the sysadmin DD user.

7. Click Deploy.

8. From the Deployment Manager > Deployments pane, wait until the deployment is complete..

Deploying PowerProtect Data Manager and DDVE can take up to 10 minutes.

20 Deployment

Configuration

Topics:

Configure PowerProtect Data Manager Configuring network firewall rules Configuring DDVE and storage Configuring and monitoring system health Configuring disaster recovery Deploying SupportAssist to GCP Using SSH Accessing the PowerProtect Data Manager UI Updating PowerProtect Data Manager

Configure PowerProtect Data Manager Perform these steps from a host that has access to the PowerProtect Data Manager virtual appliance. Performing these steps and applying the configuration takes approximately 10 minutes.

Prerequisites

Wait for the PowerProtect Data Manager virtual appliance to start and initialize. This process takes a few minutes, during which you cannot continue.

(Optional) Download a local copy of the PowerProtect Data Manager virtual appliance license file.

NOTE: To connect to the appliance by hostname, configure DNS. For more information, see Cloud DNS overview.

About this task

A deployed PowerProtect Data Manager instance becomes a virtual appliance. This information also applies to any DDVE instance that you deployed simultaneously.

Steps

1. From a host that has network access to the virtual appliance, use Google Chrome to connect to the appliance private IP address:

https://<appliance_private_IP> 2. If an SSL certificate warning page appears with the message Your connection is not private, click Advanced, and then

click Proceed to hostname_or_ip_address (unsafe).

3. On the Welcome pane, perform the following actions:

a. To set up PowerProtect Data Manager as a new deployment, select New Install. b. To perform disaster recovery, select Restore Backup. c. Click Next.

4. On the License pane, perform the following actions:

NOTE: If the license was already applied, review the license information and then click Next.

a. In the License Type field, select a type of license.

i. To use an evaluation license, select 90 days evaluation license.

A description of the license appears in the License File field. ii. To load a license, select License File > Choose File, and then browse to and select the license that you want to

load.

4

Configuration 21

iii. To copy the contents of the license file, select Plain Text and then copy the contents of the license file into the Plain Text field.

b. Click Next.

5. In the Authentication pane, perform the following actions:

The Use common password option is selected by default. This toggle sets one initial password for use with all PowerProtect Data Manager interfaces.

a. Optionally, clear the Use common password option.

If you leave the Use common password option selected, in the Enter a new password and Reenter password to confirm fields, specify a password.

If you clear the Use common password option, in the Enter a new password and Reenter password to confirm fields, specify individual passwords for the interfaces.

Ensure that the password meets the following requirements:

Contains a minimum of nine characters and a maximum of one hundred characters Contains at least one numeric character (0-9) Contains at least one uppercase character (A-Z) Contains at least one lowercase character (a-z) Contains at least one special character from the following list of acceptable characters:

!@#$%^&*()_-+=~{}[]<>?/`:;',.|\"

Spaces are allowed. Contains only letters from the English alphabet Does not contain other sensitive information that is associated with the user account, such as the first and last

names, username, or email address

NOTE: The admin password expires after 60 days by default. If you do not change it before it expires, you will be

unable to log in to PowerProtect Data Manager until you reset it. For more information, see the PowerProtect Data

Manager Security Configuration Guide.

b. Click Next.

6. In the System Settings pane, perform the following actions:

a. In the Current Timezone list box, select the time zone where the system is physically located. b. To add an NTP server, click Add. c. In the Server IP Address field, specify the NTP server IP address. d. Click Add. e. To change the list of NTP servers, click Edit or Delete. f. Click Next.

7. In the Email Setup - Optional pane, perform the following actions:

a. In the Mail Server field, specify the SMTP server IP address. b. In the Email From field, specify the administrator email address. c. In the Recipient for Test Email field, specify the recipient email address. d. In the Port field, specify the TCP port to connect to the SMTP server. e. In the Username field, specify the mail username. f. In the Password field, specify the mail password. g. To send a test email to the specified IP address, click Send Test Email. h. To acknowledge the test email was successfully sent, click OK. i. To send diagnostic and usage data to Dell EMC for proactive support and to help improve products and services, switch

Auto Support to ON.

When enabling auto support, click View Terms to review the telemetry software terms. Scroll down to click Accept to finish enabling auto support, or Decline to disable auto support.

j. Click Next.

NOTE: Email Server Setup is required before you can perform a local user password reset and send customized alert

notifications.

8. In the Summary pane, review the configuration choices, and then click Done.

22 Configuration

Configuring network firewall rules After the PowerProtect Data Manager instance is deployed, it is recommended to change the default network traffic rules that block all inbound and outbound connections with other networks.

For information about the required ports for each component, see the PowerProtect Data Manager Security Configuration Guide.

Configure network firewall rules

Configure network traffic rules to allow inbound and outbound connections with other networks.

About this task

CAUTION:

When configuring network firewall rules, do not allow IP addresses that belong to the 172.24.0.192/26 subnet.

IP addresses in the 172.24.0.192172.24.0.255 range are used for Docker network configuration, and unexpected

results can occur if they are also used by PowerProtect Data Manager.

The following example describes the procedure to allow inbound TCP traffic on port 9000.

NOTE: GCP uses the terms ingress and egress for inbound and outbound traffic.

Steps

1. From the Google Cloud Console, navigate to VPC network > Firewall, and click CREATE FIREWALL RULE.

2. Under Direction of traffic, select Ingress.

3. Under Action on match, select Allow.

4. Under Targets select Specified target tags.

5. Under Target tags, enter the name of the network firewall rule.

6. Under Source IP ranges, enter the subnet of the allowed inbound traffic..

7. Under Protocols and ports, select Specified protocols and ports, select tcp, and enter 9000.

8. Navigate to Compute Engine > VM Instances, select the PowerProtect Data Manager instance, and click EDIT.

9. Under Network tags, add the network firewall rule you created in step 5.

Configuring DDVE and storage For information on how to configure DDVE and storage, see the following publications that are available at Customer Support:

PowerProtect DD Virtual Edition in Google Cloud Platform Installation and Administration Guide PowerProtect Data Manager Administration and User Guide

Configuring and monitoring system health For information on how to configure and monitor system health, and how to configure and monitor alerts, jobs, and tasks, see the PowerProtect Data Manager Administration and User Guide at Customer Support

Configuring disaster recovery PowerProtect Data Manager can be configured to automatically back up critical servers on a periodic basis. This protects your infrastructure from catastrophic data loss.

It is recommended to enable DD MTree replication on a local DDVE instance so that the disaster-recovery data is replicated to a DDVE instance in a different region or Availability Zone. Such an infrastructure enhances existing data-protection schemes.

Configuration 23

When configured, the RPO of server disaster-recovery backups is a maximum of one hour, and the RTO of server disaster recovery is approximately 45 minutes, depending on the amount of data recovered. Even if PowerProtect Data Manager server disaster-recovery backups are up to an hour old, the system will attempt to synchronize any backups that occurred between the last backup and the time of failure.

For more information about how to prepare for and recover from a disaster, see the PowerProtect Data Manager Administration and User Guide at Customer Support:

Deploying SupportAssist to GCP You can deploy SupportAssist by using a gateway or a direct connection. To deploy SupportAssist to GCP through a gateway, you must deploy a SupportAssist container in a Linux or Windows host that is using Docker to GCP.

For more information, see the PowerProtect Data Manager Administration and User Guide at Customer Support

Using SSH You can use SSH to access the PowerProtect Data Manager virtual appliance on GCP.

PowerProtect Data Manager for GCP supports two methods of SSH access. You can use password-based SSH, or you can use the private key from the key pair assigned to the instance when PowerProtect Data Manager was deployed.

For example:

ssh -i data_manager_private_key admin@10.2.1.5 For more information, see Connecting to VMs.

Accessing the PowerProtect Data Manager UI PowerProtect Data Manager provides a web-based user interface (UI) that you can use to manage and monitor system features and settings from any location over a network.

Steps

1. From a host that has network access to the virtual appliance, use Google Chrome to connect to the appliance:

https://<appliance_hostname> NOTE: You can specify the hostname or the IP address of the appliance.

2. Login with your user name and password. The Getting Started page appears. The left pane provides links to the available menu items. Expand a menu item for more options. The icons in the PowerProtect Data Manager banner provide additional options.

The Getting Started page

The Getting Started page provides configuration options that are required when the system is first deployed.

The Getting Started page appears upon first deployment of PowerProtect Data Manager and opens to this page by default until you click Skip This.

You can access the Getting Started page at any time by selecting System Settings > Getting Started.

CAUTION: Although displayed, some configuration options are not supported in GCP deployments of

PowerProtect Data Manager. Attempting to configure these resources might cause unexpected results.

Table 11. PowerProtect Data Manager Getting Started menu items

Options Description

Support View and configure SupportAssist, Email Setup, Auto Support, Logs, and System Health.

24 Configuration

Table 11. PowerProtect Data Manager Getting Started menu items (continued)

Options Description

Disaster Recovery Backup Configure and manage backups for disaster recovery.

VMware vCenter Opens the Infrastructure > Asset Sources page where you can add a vCenter instance as an asset source so that it can be added to a protection policy.

Protect Assets Opens the Protection Policies page where you can manage protection policy workflows for all asset types.

UI tools and options

Learn about the available tools in the user interface (UI).

PowerProtect Data Manager UI tools

CAUTION: Although displayed, some tools are not supported in GCP deployments of PowerProtect Data

Manager. Using these tools might cause unexpected results.

Table 12. PowerProtect Data Manager tools

Menu item Description

Dashboard

Click Dashboard to view the overall state of the PowerProtect Data Manager system.

Infrastructure

Click Infrastructure to: View and manage all assets:

VMware virtual machines File systems VMAX storage Groups Kubernetes clusters Microsoft Exchange Server

NOTE: Microsoft Exchange Server is not supported.

SQL databases Oracle databases SAP HANA databases

Add vCenter and application and File System host asset sources. Add application and File System host asset sources. View and manage Integrated Storage. Add a VM Direct appliance with the VM Direct protection engine for virtual machine data

protection. Manage registration of Oracle RMAN agent, Microsoft application agent, SAP HANA agent,

and File System agent. View and manage Cloud Disaster Recovery.

NOTE: Cloud Disaster Recovery is not supported.

Create and manage a Search Cluster.

NOTE: Search Clusters are not supported.

Add PowerProtect Cloud Snapshot Manager tenants as asset sources for jobs, alerts, and reports.

Protection

Click Protection to: Add protection policies to back up assets.

NOTE: Block-based backup (BBB) with the Linux File System agent (FSA) is not supported.

Configuration 25

Table 12. PowerProtect Data Manager tools (continued)

Menu item Description

Manage Service Level Agreements (SLAs). Add, edit, and delete Dynamic Groups for assets.

Restore

Click Restore to: View asset copy location details and initiate a Restore operation. Manage Instant Access Sessions. Use the File Search feature to find and restore virtual machine file copies.

Alerts

Click Alerts to: View and acknowledge alerts and events. Filter alerts by critical, warning, and informational status, and specify the time range. View and examine Audit logs. Export audit logs to CSV files. Set audit log boundaries.

There is also a banner UI option, represented by the icon, which provides links that enable you to view all unacknowledged alerts.

Administration

Click Administration to: Configure users and roles. Set password credentials and manage key chains. View and replace certificates. Configure alert notifications. Add external identity providers.

Jobs

Click Jobs to manage jobs, view by protection or system, filter, and view details.

Banner UI options

The following table describes the icons that are located in the PowerProtect Data Manager banner.

Table 13. Banner UI options

Option Description

Click to enter search criteria to find assets, jobs, logs, and alerts.

The number next to this icon indicates the critical unacknowledged alerts over the last 24 hours.

Click to expand for more information about unacknowledged alerts, including:

The total number of alerts (all statuses critical, warning, or informational) that have yet to be acknowledged, or just the unacknowledged alerts from the last 24 hours (marked with the New tag).

The number of critical alerts that have yet to be acknowledged, or just the unacknowledged critical alerts from the last 24 hours (marked with the New tag).

Within this menu, click any of these links to open the Alerts window, where you can view specific details about these unacknowledged alerts.

Click to restore assets from replicated copies through quick recovery. This icon only appears when this system receives replicated metadata from a source system.

Click to configure and manage PowerProtect Data Manager system network, time zone, and NTP settings, DR backups, security, licenses, updates, authentication, agent downloads, and support, and to access the Getting Started page.

26 Configuration

Table 13. Banner UI options (continued)

Option Description

Click to log out, and log in as a different user.

Click to see PowerProtect Data Manager version information.

Click to obtain more information about PowerProtect Data Manager, access Customer Support, send feedback, or view the REST API documentation.

Click to launch CloudIQ, APEX Backup Services, and Cloud Snapshot Manager.

Updating PowerProtect Data Manager When a new version of PowerProtect Data Manager is released, you might want to use the newer version in your cloud environment.

The following general procedure should be followed when updating PowerProtect Data Manager:

1. Back u

Manualsnet FAQs

If you want to find out how the PowerProtect Dell works, you can view and download the Dell PowerProtect 19.10 Data Manager Google Cloud Platform Deployment Guide on the Manualsnet website.

Yes, we have the Google Cloud Platform Deployment Guide for Dell PowerProtect as well as other Dell manuals. All you need to do is to use our search bar and find the user manual that you are looking for.

The Google Cloud Platform Deployment Guide should include all the details that are needed to use a Dell PowerProtect. Full manuals and user guide PDFs can be downloaded from Manualsnet.com.

The best way to navigate the Dell PowerProtect 19.10 Data Manager Google Cloud Platform Deployment Guide is by checking the Table of Contents at the top of the page where available. This allows you to navigate a manual by jumping to the section you are looking for.

This Dell PowerProtect 19.10 Data Manager Google Cloud Platform Deployment Guide consists of sections like Table of Contents, to name a few. For easier navigation, use the Table of Contents in the upper left corner.

You can download Dell PowerProtect 19.10 Data Manager Google Cloud Platform Deployment Guide free of charge simply by clicking the “download” button in the upper right corner of any manuals page. This feature allows you to download any manual in a couple of seconds and is generally in PDF format. You can also save a manual for later by adding it to your saved documents in the user profile.

To be able to print Dell PowerProtect 19.10 Data Manager Google Cloud Platform Deployment Guide, simply download the document to your computer. Once downloaded, open the PDF file and print the Dell PowerProtect 19.10 Data Manager Google Cloud Platform Deployment Guide as you would any other document. This can usually be achieved by clicking on “File” and then “Print” from the menu bar.