Contents

Dell PowerProtect 19.11 Data Manager Google Cloud Platform Deployment Guide PDF

1 of 29
1 of 29

Summary of Content for Dell PowerProtect 19.11 Data Manager Google Cloud Platform Deployment Guide PDF

PowerProtect Data Manager 19.11 Google Cloud Platform Deployment Guide

June 2022 Rev. 01

Notes, cautions, and warnings

NOTE: A NOTE indicates important information that helps you make better use of your product.

CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid

the problem.

WARNING: A WARNING indicates a potential for property damage, personal injury, or death.

2020 - 2022 Dell Inc. or its subsidiaries. All rights reserved. Dell Technologies, Dell, and other trademarks are trademarks of Dell Inc. or its subsidiaries. Other trademarks may be trademarks of their respective owners.

Tables........................................................................................................................................... 4

Preface.........................................................................................................................................................................................5

Chapter 1: Getting Started............................................................................................................ 9 Introducing the PowerProtect Data Manager software............................................................................................ 9 Supported Internet Protocol versions...........................................................................................................................10 PowerProtect Data Manager for GCP..........................................................................................................................10 Unsupported features....................................................................................................................................................... 10 PowerProtect Data Manager and DDVE.......................................................................................................................11 GCP data-transfer costs...................................................................................................................................................11 Architecture overview....................................................................................................................................................... 11 References...........................................................................................................................................................................14 Terminology......................................................................................................................................................................... 14

Chapter 2: Preparing for a Deployment........................................................................................ 16 PowerProtect Data Manager interoperability............................................................................................................. 16 Microsoft application agent and Oracle RMAN agent interoperability................................................................. 16 Networking interoperability............................................................................................................................................. 16 Preparing your environment for deployment...............................................................................................................17 Minimum GCP roles for deployment............................................................................................................................. 18 Resource requirements.....................................................................................................................................................18

Chapter 3: Deployment................................................................................................................ 19 Deploy PowerProtect Data Manager............................................................................................................................ 19

Chapter 4: Configuration............................................................................................................. 21 Configure PowerProtect Data Manager.......................................................................................................................21 Configuring network firewall rules................................................................................................................................ 23

Configure network firewall rules..............................................................................................................................23 Configuring DDVE and storage...................................................................................................................................... 23 Configuring and monitoring system health................................................................................................................. 23 Configuring disaster recovery........................................................................................................................................ 23 Deploying SupportAssist to GCP...................................................................................................................................24 Using SSH........................................................................................................................................................................... 24 Access the PowerProtect Data Manager UI.............................................................................................................. 24

Get Started window....................................................................................................................................................25 UI tools and options ...................................................................................................................................................25

Updating PowerProtect Data Manager....................................................................................................................... 29

Contents

Contents 3

1 Revision history.......................................................................................................................................................... 5

2 Related documentation.............................................................................................................................................6

3 Style conventions....................................................................................................................................................... 7

4 Key features................................................................................................................................................................ 9

5 Benefits........................................................................................................................................................................ 9

6 Related PowerProtect DD Virtual Edition documentation..............................................................................14

7 Term list...................................................................................................................................................................... 14

8 Microsoft application agent and Oracle RMAN agent support matrix........................................................ 16

9 GCP roles required to deploy PowerProtect Data Manager..........................................................................18

10 Instance configuration.............................................................................................................................................19

11 PowerProtect Data Manager Get Started menu items..................................................................................25

12 PowerProtect Data Manager Dashboard...........................................................................................................26

13 PowerProtect Data Manager tools......................................................................................................................27

14 Banner UI options.................................................................................................................................................... 28

Tables

4 Tables

Preface As part of an effort to improve product lines, periodic revisions of software and hardware are released. Therefore, all versions of the software or hardware currently in use might not support some functions that are described in this document. The product release notes provide the most up-to-date information on product features.

If a product does not function correctly or does not function as described in this document, contact Customer Support.

NOTE: This document was accurate at publication time. To ensure that you are using the latest version of this document,

go to the Customer Support website.

Product naming Data Domain (DD) is now PowerProtect DD. References to Data Domain or Data Domain systems in this documentation, in the user interface, and elsewhere in the product include PowerProtect DD systems and older Data Domain systems. In many cases the user interface has not yet been updated to reflect this change.

Language use This document might contain language that is not consistent with Dell Technologies current guidelines. Dell Technologies plans to update the document over subsequent future releases to revise the language accordingly.

This document might contain language from third-party content that is not under Dell Technologies control and is not consistent with the current guidelines for Dell Technologies own content. When such third-party content is updated by the relevant third parties, this document will be revised accordingly.

Website links The website links used in this document were valid at publication time. If you find a broken link, provide feedback on the document, and a Dell Technologies employee will update the document as necessary.

Purpose This document describes how to deploy the Dell PowerProtect Data Manager software to a Google Cloud Platform (GCP) environment.

Audience This document is intended for the system administrator who will deploy the PowerProtect Data Manager software to a GCP environment.

Revision history The following table presents the revision history of this document.

Table 1. Revision history

Revision Date Description

01 June 21, 2022 Initial release of this document for PowerProtect Data Manager version 19.11.

Preface 5

Compatibility information Software compatibility information for the PowerProtect Data Manager software is provided by the E-Lab Navigator.

Related documentation The following publications are available at Customer Support and provide additional information:

Table 2. Related documentation

Title Content

PowerProtect Data Manager Administration and User Guide Describes how to configure the software.

PowerProtect Data Manager Deployment Guide Describes how to deploy the software.

PowerProtect Data Manager Licensing Guide Describes how to license the software.

PowerProtect Data Manager Release Notes Contains information about new features, known limitations, environment, and system requirements for the software.

PowerProtect Data Manager Security Configuration Guide Contains security information.

PowerProtect Data Manager Amazon Web Services Deployment Guide

Describes how to deploy the software to Amazon Web Services (AWS).

PowerProtect Data Manager Azure Deployment Guide Describes how to deploy the software to Microsoft Azure.

PowerProtect Data Manager Google Cloud Platform Deployment Guide

Describes how to deploy the software to Google Cloud Platform (GCP).

PowerProtect Data Manager Cloud Disaster Recovery Administration and User Guide

Describes how to deploy Cloud Disaster Recovery (Cloud DR), protect virtual machines in the AWS or Azure cloud, and run recovery operations.

PowerProtect Data Manager Cyber Recovery User Guide Describes how to install, update, patch, and uninstall the PowerProtect Cyber Recovery software.

PowerProtect Data Manager File System User Guide Describes how to configure and use the software with the File System agent for file-system data protection.

PowerProtect Data Manager Kubernetes User Guide Describes how to configure and use the software to back up and restore namespaces and PVCs in a Kubernetes cluster.

PowerProtect Data Manager Microsoft Exchange Server User Guide

Describes how to configure and use the software to back up and restore the data in a Microsoft Exchange Server environment.

PowerProtect Data Manager Microsoft SQL Server User Guide

Describes how to configure and use the software to back up and restore the data in a Microsoft SQL Server environment.

PowerProtect Data Manager Oracle RMAN User Guide Describes how to configure and use the software to back up and restore the data in an Oracle Server environment.

PowerProtect Data Manager SAP HANA User Guide Describes how to configure and use the software to back up and restore the data in an SAP HANA Server environment.

PowerProtect Data Manager Storage Direct User Guide Describes how to configure and use the software with the Storage Direct agent to protect data on VMAX storage arrays through snapshot backup technology.

PowerProtect Data Manager Network Attached Storage User Guide

Describes how to configure and use the software to protect and recover the data on network-attached storage (NAS) shares and appliances.

PowerProtect Data Manager Virtual Machine User Guide Describes how to configure and use the software to back up and restore virtual machines and virtual-machine disks (VMDKs) in a vCenter Server environment.

6 Preface

Table 2. Related documentation (continued)

Title Content

VMware Cloud Foundation Disaster Recovery With PowerProtect Data Manager

Provides a detailed description of how to perform an end-to- end disaster recovery of a VMware Cloud Foundation (VCF) environment.

PowerProtect Data Manager Public REST API documentation Contains the Dell Technologies APIs and includes tutorials to guide you in their use.

vRealize Automation Data Protection Extension for Data Protection Systems Installation and Administration Guide

Describes how to install, configure, and use the vRealize Data Protection Extension.

Typographical conventions The following type style conventions are used in this document:

Table 3. Style conventions

Formatting Description

Bold Used for interface elements that a user specifically selects or clicks, for example, names of buttons, fields, tab names, and menu paths. Also used for the name of a dialog box, page, pane, screen area with title, table label, and window.

Italic Used for full titles of publications that are referenced in text.

Monospace Used for: System code System output, such as an error message or script Pathnames, file names, file name extensions, prompts, and syntax Commands and options

Monospace italic Used for variables.

Monospace bold Used for user input.

[ ] Square brackets enclose optional values.

| Vertical line indicates alternate selections. The vertical line means or for the alternate selections.

{ } Braces enclose content that the user must specify, such as x, y, or z.

... Ellipses indicate non-essential information that is omitted from the example.

You can use the following resources to find more information about this product, obtain support, and provide feedback.

Where to find product documentation The Customer Support website The Community Network

Where to get support The Customer Support website provides access to product licensing, documentation, advisories, downloads, and how-to and troubleshooting information. The information can enable you to resolve a product issue before you contact Customer Support.

To access a product-specific page:

1. Go to the Customer Support website. 2. In the search box, type a product name, and then from the list that appears, select the product.

Preface 7

Knowledgebase The Knowledgebase contains applicable solutions that you can search for either by solution number (for example, KB000xxxxxx) or by keyword.

To search the Knowledgebase:

1. Go to the Customer Support website. 2. On the Support tab, click Knowledge Base. 3. In the search box, type either the solution number or keywords. Optionally, you can limit the search to specific products by

typing a product name in the search box, and then selecting the product from the list that appears.

Live chat To participate in a live interactive chat with a support agent:

1. Go to the Customer Support website. 2. On the Support tab, click Contact Support. 3. On the Contact Information page, click the relevant support, and then proceed.

Service requests To obtain in-depth help from a support agent, submit a service request. To submit a service request:

1. Go to the Customer Support website. 2. On the Support tab, click Service Requests.

NOTE: To create a service request, you must have a valid support agreement. For details about either an account or

obtaining a valid support agreement, contact a sales representative. To find the details of a service request, in the

Service Request Number field, type the service request number, and then click the right arrow.

To review an open service request:

1. Go to the Customer Support website. 2. On the Support tab, click Service Requests. 3. On the Service Requests page, under Manage Your Service Requests, click View All Dell Service Requests.

Online communities For peer contacts, conversations, and content on product support and solutions, go to the Community Network. Interactively engage with customers, partners, and certified professionals online.

How to provide feedback Feedback helps to improve the accuracy, organization, and overall quality of publications. You can send feedback to DPAD.Doc.Feedback@emc.com.

8 Preface

Getting Started

Topics:

Introducing the PowerProtect Data Manager software Supported Internet Protocol versions PowerProtect Data Manager for GCP Unsupported features PowerProtect Data Manager and DDVE GCP data-transfer costs Architecture overview References Terminology

Introducing the PowerProtect Data Manager software PowerProtect Data Manager software is an enterprise solution that provides software-defined data protection, deduplication, operational agility, self-service, and IT governance.

PowerProtect Data Manager key features include the following:

Table 4. Key features

Software-defined data protection with integrated deduplication, replication, and reuse

Data backup and recovery self-service operations from native applications that are combined with central IT governance

Multicloud optimization with integrated Cloud Tiering

SaaS-based monitoring and reporting

Modern services-based architecture for ease of deployment, scaling, and updating

PowerProtect Data Manager integrates multiple data-protection products within the Data Protection portfolio to enable data protection as a service, providing the following benefits:

Table 5. Benefits

Enables data-protection teams to create data paths with provisioning, automation, and scheduling to embed protection engines into their data-protection infrastructure for high-performance backup and recovery

Enables backup administrators of large-scale environments to schedule backups for the following asset types from a central location on the PowerProtect Data Manager server: VMware virtual machines File systems VMAX storage groups Kubernetes clusters Microsoft Exchange Server and Microsoft SQL Server databases Oracle databases SAP HANA databases Network-attached storage (NAS) shares

Provides an agent-based approach to automatically discover and protect databases on an application server

Enables self-service and centralized protection by: Monitoring service-level objectives (SLOs) Identifying violations of recovery-point objectives (RPOs)

1

Getting Started 9

Table 5. Benefits (continued)

Supports deploying an external VM Direct appliance that moves data with a VM Direct Engine that is optimized for performing high-capacity backup streams

Comes with a basic embedded VM Direct Engine that has the following functions and capabilities: It is automatically used as a fallback proxy for performing backup and restore operations when an external VM Direct

Engine fails, is disabled, or is unavailable It has a limited capacity for performing backup streams It can work with virtual-machine crash-consistent protection policies that use the Transparent Snapshot Data Mover

(TSDM) protection mechanism It enables the Search Service used by PowerProtect Search

Supports PowerProtect Search, which enables backup administrators to quickly search for and restore VM and NAS file copies

Supports the vRealize Automation DP extension, which enables the automatic provisioning of virtual machines and on-demand backups and restores

Integrates with Cloud Disaster Recovery (Cloud DR), including workflows for Cloud DR deployment, protection, and recovery operations in the AWS and Azure clouds

Integrates with PowerProtect Cloud Snapshot Manager to view PowerProtect Cloud Snapshot Manager jobs, alerts, and reports from a consolidated PowerProtect Data Manager dashboard

Integrates with PowerProtect Cyber Recovery to protect the integrity of a PowerProtect Data Manager environment from cyber threats

Provides a RESTful API interface that allows PowerProtect Data Manager to be monitored, configured, and orchestrated: Existing automation frameworks can be integrated New scripts can be quickly written Easy-to-follow tutorials are provided

Supported Internet Protocol versions PowerProtect Data Manager only supports the use of IPv4 addresses.

Using an IPv6 address can result in errors or other unexpected behavior. When configuring devices to connect over the network with PowerProtect Data Manager, use only IPv4 addresses.

PowerProtect Data Manager for GCP You use the Google Cloud Console to deploy a virtual appliance with PowerProtect Data Manager to a Google cloud.

PowerProtect Data Manager on Google Cloud Platform (GCP) provides protection for cloud-based assets such as the following:

Oracle, SQL, and SAP HANA databases Kubernetes clusters that are deployed to GCP

NOTE: If you use SAP HANA, add the fully qualified domain name (FQDN) of the GCP virtual machine hosting the agent to

the /etc/hosts file for that virtual machine. For more information, see the PowerProtect Data Manager SAP HANA User

Guide at Customer Support.

Unsupported features Familiarize yourself with those features that are not supported when deploying PowerProtect Data Manager to GCP.

With the exception of the following, PowerProtect Data Manager on GCP supports all features supported by on-premises PowerProtect Data Manager and PowerProtect Data Manager deployed to GCVE on GCP:

Microsoft Exchange Server Cloud Disaster Recovery Search Clusters

10 Getting Started

Block-based backups (BBB) with the Linux File System agent (FSA) Backing up and restoring virtual machines with the Transparent Snapshot Data Mover (TSDM)

PowerProtect Data Manager and DDVE In a GCP environment, PowerProtect Data Manager requires an instance of DD Virtual Edition (DDVE).

DDVE is a software-only protection storage appliance: a virtual deduplication appliance that provides data protection for entry, enterprise, and service-provider environments. Like any PowerProtect DD System, DDVE always pairs with backup software.

When you deploy PowerProtect Data Manager to GCP, you can deploy DDVE simultaneously or outside of the deployment process. For more information, see PowerProtect DD Virtual Edition in Google Cloud Platform Installation and Administration Guide at Customer Support.

GCP data-transfer costs Google charges a monthly fee based on the amount and types of data transferred by PowerProtect Data Manager and DDVE in a Google cloud.

Consider the following information when planning your GCP architecture:

Most of the data that is transferred in a Google cloud occurs between the hosts being protected and DDVE. If Kubernetes is being used, data is also transferred between the protection engine hosts and DDVE. Google does not have data-transfer fees for hosts that are in the same region. For current details of all Google data-transfer costs and other fees, see the Google Cloud Pricing Calculator.

NOTE: To minimize data-transfer costs, minimize the path that data transfers take by using as few zones and regions as

possible.

An example of data transfer

The following items describe a possible data-protection scenario where the hosts being protected and storage are in different regions:

Outbound data transfers in the Central US region Twenty 100 GB databases that each have a daily change rate of 5 percent Weekly full backups Daily incremental backups and archived-log backups An average deduplication ratio of 2:1 for initial full backups and for incremental backups An average deduplication ratio of between 20:1 and 30:1 for subsequent full backups

This data-protection scenario would result in approximately 3,600 GB of data transfer in the first month.

NOTE: Different regions have different data-transfer costs. For more information, see All network pricing and Network

Service Tiers geolocations.

Architecture overview Access to PowerProtect Data Manager and DDVE is managed by a virtual private cloud (VPC), virtual network service endpoints and their policies, and network and application firewall rules. DDVE uses buckets to store the backed-up data of virtual appliances and virtual machines in GCP.

For more information about this, see the following resources:

Cloud storage documentation VPC overview VPC network overview Configuring Private Google Access Firewall rules Best practices

Getting Started 11

To deploy additional instances of DDVE to GCP outside of the PowerProtect Data Manager deployment process, see the PowerProtect DD Virtual Edition in Google Cloud Platform Installation and Administration Guide at Customer Support.

PowerProtect Data Manager deploys with a private IP address. For access from an external site, configure a VPN connection. For security considerations, deploy PowerProtect Data Manager and DDVE to a private subnet.

The following diagram represents the basic PowerProtect Data Manager architecture on GCP. The diagram shows a possible distribution of PowerProtect Data Manager and DDVE in one private subnet and application hosts in another subnet.

Figure 1. Basic PowerProtect Data Manager architecture

Sensitive PowerProtect Data Manager data, such as passwords, is encrypted and stored in a lockbox. The PowerProtect Data Manager Security Configuration Guide at Customer Support provides more information.

Control and data paths

The following diagram shows the transfer of data between PowerProtect Data Manager, DDVE, and application hosts. This network traffic composes the majority of data transferred in a Google cloud.

12 Getting Started

Figure 2. Paths

DDVE and replication of data between private subnets

The following diagram shows how data replicates between private subnets as well as the transfer of data during regular operations. The diagram also shows the application hosts distributed between public and private subnets.

Figure 3. Replication

Getting Started 13

PowerProtect Data Manager policies and DDVE

If you have a different DDVE instance in each region or zone, configure PowerProtect Data Manager policies to protect all the hosts in the same region or zone as each DDVE instance.

References Some procedures in this document reference other publications for further details.

For a list of PowerProtect Data Manager publications, see "Related documentation" in the preface.

For information about DD Virtual Edition, see the following publications at Customer Support:

Table 6. Related PowerProtect DD Virtual Edition documentation

PowerProtect DD Virtual Edition in VMware Cloud Installation and Administration Guide

PowerProtect DD Virtual Edition in Google Cloud Platform Installation and Administration Guide

PowerProtect DD Virtual Edition on Premise Installation and Administration Guide

PowerProtect DD Virtual Edition in Azure Installation and Administration Guide

PowerProtect DD Virtual Edition in Amazon Web Services Installation and Administration Guide

Terminology Familiarize yourself with the terminology for the PowerProtect Data Manager user interface and documentation.

The following table provides more information about names and terms that you should know to use PowerProtect Data Manager:

Table 7. Term list

Term Description

Application agent Application agents are installed on application or database host servers to manage protection using PowerProtect Data Manager. These agents are commonly known as DD Boost Enterprise Agents (DDBEAs) for databases and applications.

Application-aware A virtual machine protection policy that includes additional application-aware data protection for Microsoft SQL Servers. An application-aware virtual machine protection policy provides the ability to quiesce the application during virtual machine image backup to perform a full backup of Microsoft SQL Server databases. You can also schedule Microsoft SQL Server log backups for the virtual machines in the policy.

Asset Assets are objects in PowerProtect Data Manager for which you want to manage protection, including virtual machines, databases, and file systems.

Asset source Assets that PowerProtect Data Manager protects reside within asset sources, which include vCenter servers, application or database hosts, and file servers.

Cloud Tier storage Cloud Tier storage can be added to a protection storage system to expand the deduplication storage capacity onto less expensive object storage in public or private object storage clouds, including secure Elastic Cloud Storage appliances.

Copy A PowerProtect Data Manager copy is a point-in-time backup copy of an asset.

Copy Map The PowerProtect Data Manager Copy Map is a visual representation of backup copy locations on your protection storage and is available for all protected assets that have copies.

Discovery Discovery is an internal process that scans asset sources to find new assets to protect and scans infrastructure components to monitor their health and status.

Instant Access PowerProtect Data Manager virtual machine backup copies can be accessed, mounted, and booted directly from the protection storage targets as running virtual machines. This

14 Getting Started

Table 7. Term list (continued)

Term Description

operation is called Instant Access. Copies can also be moved to a production VMware datastore using vMotion. PowerProtect Data Manager Virtual machine application-aware backup copies can be mounted directly from protection storage as running Microsoft SQL Server databases, which includes the ability to roll forward log backups. These Microsoft SQL Server database disks can also be moved to a production VMware datastore using vMotion.

PowerProtect Data Manager agent

An agent that is included in PowerProtect Data Manager and installed on each application agent host server so that you can monitor and manage the application agent through PowerProtect Data Manager.

Protection policy Protection policies configure and manage the entire life cycle of backup data, which includes backup types, assets, backup start and stop times, backup devices, and backup retention.

Service-level agreement (SLA) An optional policy that you can layer on top of a protection policy. An SLA performs additional checks on protection activities to ensure that protection goals meet the standards of an organization. SLAs are made up of one or more service-level objectives.

Service-level objective (SLO) A definable rule that sets the criteria for recovery-point objectives (RPOs), encryption, and the location of backups according to company requirements.

Getting Started 15

Preparing for a Deployment

Topics:

PowerProtect Data Manager interoperability Microsoft application agent and Oracle RMAN agent interoperability Networking interoperability Preparing your environment for deployment Minimum GCP roles for deployment Resource requirements

PowerProtect Data Manager interoperability PowerProtect Data Manager integrates multiple data protection products within the Dell Technologies Data Protection portfolio to enable data protection as a service. PowerProtect Data Manager enables new data paths with provisioning, automation, and scheduling that enable a data protection team to embed protection engines into the infrastructure for high-performance backup and recovery.

NOTE: PowerProtect Data Manager for GCP is only compatible with DD Virtual Edition (DDVE) 6.0.

This section includes several tables that list the supported software and hardware configurations for a PowerProtect Data Manager deployment for each direct data path.

Microsoft application agent and Oracle RMAN agent interoperability The Microsoft application agent and Oracle RMAN agent enable an application administrator to protect and recover data on a SQL Server host and Oracle server host. PowerProtect Data Manager integrates with the Microsoft application agent and Oracle RMAN agent to check and monitor the backup compliance against protection policies. PowerProtect Data Manager also supports central scheduling for backups.

You can install the Microsoft application agent or Oracle RMAN agent on the host that you plan to protect by using the installation instructions that are provided in the PowerProtect Data Manager Microsoft SQL Server User Guide and PowerProtect Data Manager Oracle RMAN User Guide.

NOTE: The most up-to-date software compatibility information for the PowerProtect Data Manager software and

application agents is provided by the E-Lab Navigator.

Table 8. Microsoft application agent and Oracle RMAN agent support matrix

Product Supported versions

Microsoft application agent Refer to the E-Lab Navigator.

Oracle RMAN agent Refer to the E-Lab Navigator.

Networking interoperability This section details PowerProtect Data Manager on GCP networking interoperability and requirements.

2

16 Preparing for a Deployment

Google Cloud VMware Engine interoperability

PowerProtect Data Manager on GCP works with Google Cloud VMware Engine (GCVE) on GCP, and can be used to protect virtual-machine assets in a GCVE-on-GCP environment. Unless noted in Unsupported features, PowerProtect Data Manager on GCP supports all of the features that are supported by GCVE on GCP. For information about what is not supported by GCVE on GCP, see the PowerProtect Data Manager Virtual Machine User Guide.

For the purpose of the following sections, the network used in a GCVE-on-GCP environment will be called the GCVE network, and the network used in a PowerProtect Data Manager-on-GCP environment will be called the VPC network.

Required DNS configuration

You must configure a Domain Name System (DNS) server to be used for name resolution of hosts in both the GCVE and VPC networks. This server can be located in either the GCVE or the VPC network.

Forward and reverse lookups are required for the following hosts:

the PowerProtect Data Manager instance all DDVE instances the VM Direct protection engines vCenter and ESXi

Set this DNS server as the primary DNS server for the PowerProtect Data Manager instance during deployment. For more information, see the PowerProtect Data Manager Administration and User Guide.

Required network traffic rules

You must configure certain network traffic rules in order for hosts in the VPC network to communicate with hosts in the GCVE network.

PowerProtect Data Manager requires inbound and outbound traffic between it and the following hosts in the GCVE network:

the VM Direct protection engines the primary DNS server vCenter and ESXi

To configure PowerProtect Data Manager or DDVE traffic rules on an instance after it has been deployed, see Configure network firewall rules. To configure traffic rules on GCVE-on-GCP hosts, see the PowerProtect Data Manager Administration and User Guide.

Preparing your environment for deployment The following sections provide information about deploying PowerProtect Data Manager to GCP:

Creating a GCP account

To deploy PowerProtect Data Manager to GCP, you must have a Google Cloud account. To set up an account, navigate to https://console.cloud.google.com. For information about the Google Cloud Platform, see Google Cloud overview.

Managing key access pairs

For a secure login to PowerProtect Data Manager, GCP can manage key access pairs for you. For instructions, see Connecting to VMs.

Setting up the network environment

For secure access to the PowerProtect Data Manager on GCP, it is recommended that you use the VPC architecture provided by Google. Set up and configure the following components:

Preparing for a Deployment 17

The VPC A subnet Routing tables Firewall rules A network access control list

Security and operational best practices

The following link provide more information:

Google Cloud security best practices center

GCP service limits and restrictions

The following links provide more information about GCP service limits and restrictions:

Working with Quotas Quotas and limits Naming resources

Minimum GCP roles for deployment In order to deploy a GCP-based PowerProtect Data Manager instance, you must use an account assigned a minimum number of roles.

The following table lists the required GCP roles for deployment.

Table 9. GCP roles required to deploy PowerProtect Data Manager

Role Purpose

roles/deploymentmanager.editor Creates a deployment manager

roles/compute.instanceAdmin.v1 Creates and manages instances

roles/iam.serviceAccountUser Edits instance metadata

Resource requirements The following assigned system resources belong to the required Customer PowerProtect Data Manager instance type:

8 CPU cores 32 GB of RAM 15,000 IOPS 1 premium NIC

You cannot change these resources. If these resources are insufficient for a required protection workload, you can deploy multiple PowerProtect Data Manager instances.

18 Preparing for a Deployment

Deployment

Topics:

Deploy PowerProtect Data Manager

Deploy PowerProtect Data Manager Providing the required information and deploying PowerProtect Data Manager takes approximately 15 minutes.

Steps

1. In a browser, navigate to https://cloud.google.com/marketplace.

2. Log in to the Google Cloud Marketplace portal.

3. Click Explore Marketplace.

4. Click Search products and resources, and type PowerProtect Data Manager and PowerProtect DD Virtual Edition.

5. Select the product, and click LAUNCH.

6. From the New PowerProtect Data Manager and PowerProtect DD Virtual Edition deployment pane, configure the PowerProtect Data Manager instance.

Table 10. Instance configuration

Parameters Description

Deployment name The name of the GCP deployment.

Version The combination of PowerProtect Data Manager and DDVE versions to deploy.

Zone The zone where both PowerProtect Data Manager and DDVE will be deployed.

Network interfaces The network interface to use. Accept the default or add a new interface. If adding a new interface, the name, subnetwork, and external IP must be provided.

Data Manager name The name of the PowerProtect Data Manager instance.

Machine type The resources assigned to the PowerProtect Data Manager instance. This cannot be changed from the default of Customer, which provides 8 CPU cores, 32 GB of RAM, 16,000 IOPS, and 1 premium NIC.

SSH public key (Optional) The SSH public key for the PowerProtect Data Manager instance. If entered, this is associated with the admin user.

Use Custom DNS Server (Optional)

Select this to use one or more of your own DNS servers, which allows for reverse DNS lookups of IP addresses to hostnames. Otherwise, leave it unselected and leave the following three parameters empty.

DNS Server IP Address The IP addresses of up to 2 DNS servers, separated by a comma.

Data Manager IP Address The IP address of the PowerProtect Data Manager server.

Data Manager FQDN The fully qualified domain name of the PowerProtect Data Manager server.

Deploy DDVE (Optional) By default, a DDVE instance is deployed with PowerProtect Data Manager, and launched in the same subnet. You might choose to not deploy DDVE if you already have an instance deployed, or if you are performing PowerProtect Data Manager server disaster recovery.

If selected, also configure the following:

DDVE name. The name of the DDVE instance.

3

Deployment 19

Table 10. Instance configuration (continued)

Parameters Description

Machine type. Select from the following options: 32 TB Model: 8 vCPUs, 32GB Memory 96 TB Model: 16 vCPUs, 64 GB Memory 256 TB Model: 32 vCPUs, 128 GB Memory.

Number of metadata disks, to override default value. The default number of 1 TB metadata disks are, respective to the machine type selected: 2, 4, and 10.

SSH public key (Optional). If entered, this is associated with the sysadmin DD user.

7. Click Deploy.

8. From the Deployment Manager > Deployments pane, wait until the deployment is complete..

Deploying PowerProtect Data Manager and DDVE can take up to 10 minutes.

20 Deployment

Configuration

Topics:

Configure PowerProtect Data Manager Configuring network firewall rules Configuring DDVE and storage Configuring and monitoring system health Configuring disaster recovery Deploying SupportAssist to GCP Using SSH Access the PowerProtect Data Manager UI Updating PowerProtect Data Manager

Configure PowerProtect Data Manager Perform these steps from a host that has access to the PowerProtect Data Manager virtual appliance. Performing these steps and applying the configuration takes approximately 10 minutes.

Prerequisites

Wait for the PowerProtect Data Manager virtual appliance to start and initialize. This process takes a few minutes, during which you cannot continue.

(Optional) Download a local copy of the PowerProtect Data Manager virtual appliance license file.

NOTE: To connect to the appliance by hostname, configure DNS. For more information, see Cloud DNS overview.

About this task

A deployed PowerProtect Data Manager instance becomes a virtual appliance. This information also applies to any DDVE instance that you deployed simultaneously.

Steps

1. From a host that has network access to the virtual appliance, use Google Chrome to connect to the appliance private IP address:

https://<appliance_private_IP> 2. If an SSL certificate warning page appears with the message Your connection is not private, click Advanced, and then

click Proceed to hostname_or_ip_address (unsafe).

3. On the Welcome pane, perform the following actions:

a. To set up PowerProtect Data Manager as a new deployment, select New Install. b. To perform disaster recovery, select Restore Backup. c. Click Next.

4. On the License pane, perform the following actions:

NOTE: If the license was already applied, review the license information and then click Next.

a. In the License Type field, select a type of license.

i. To use an evaluation license, select 90 days evaluation license.

A description of the license appears in the License File field. ii. To load a license, select License File > Choose File, and then browse to and select the license that you want to

load.

4

Configuration 21

iii. To copy the contents of the license file, select Plain Text and then copy the contents of the license file into the Plain Text field.

b. Click Next.

5. In the Authentication pane, perform the following actions:

The Use common password option is selected by default. This toggle sets one initial password for use with all PowerProtect Data Manager interfaces.

a. Optionally, clear the Use common password option.

If you leave the Use common password option selected, in the Enter a new password and Reenter password to confirm fields, specify a password.

If you clear the Use common password option, in the Enter a new password and Reenter password to confirm fields, specify individual passwords for the interfaces.

Ensure that the password meets the following requirements:

Contains a minimum of nine characters and a maximum of one hundred characters Contains at least one numeric character (0-9) Contains at least one uppercase character (A-Z) Contains at least one lowercase character (a-z) Contains at least one special character from the following list of acceptable characters:

!@#$%^&*()_-+=~{}[]<>?/`:;',.|\"

Spaces are allowed. Contains only letters from the English alphabet Does not contain other sensitive information that is associated with the user account, such as the first and last

names, username, or email address

NOTE: The admin password expires after 60 days by default. If you do not change it before it expires, you will be

unable to log in to PowerProtect Data Manager until you reset it. For more information, see the PowerProtect Data

Manager Security Configuration Guide.

b. Click Next.

6. In the System Settings pane, perform the following actions:

a. In the Current Timezone list box, select the time zone where the system is physically located. b. To add an NTP server, click Add. c. In the Server IP Address field, specify the NTP server IP address. d. Click Add. e. To change the list of NTP servers, click Edit or Delete. f. Click Next.

7. In the Email Setup - Optional pane, perform the following actions:

a. In the Mail Server field, specify the SMTP server IP address. b. In the Email From field, specify the administrator email address. c. In the Recipient for Test Email field, specify the recipient email address. d. In the Port field, specify the TCP port to connect to the SMTP server. e. In the Username field, specify the mail username. f. In the Password field, specify the mail password. g. To send a test email to the specified IP address, click Send Test Email. h. To acknowledge the test email was successfully sent, click OK. i. To send diagnostic and usage data to Dell Technologies for proactive support and to help improve products and services,

switch Auto Support to ON.

When enabling auto support, click View Terms to review the telemetry software terms. Scroll down to click Accept to finish enabling auto support, or Decline to disable auto support.

j. Click Next.

NOTE: Email Server Setup is required before you can perform a local user password reset and send customized alert

notifications.

8. In the Summary pane, review the configuration choices, and then click Done.

22 Configuration

Configuring network firewall rules After the PowerProtect Data Manager instance is deployed, it is recommended to change the default network traffic rules that block all inbound and outbound connections with other networks.

For information about the required ports for each component, see the PowerProtect Data Manager Security Configuration Guide.

Configure network firewall rules

Configure network traffic rules to allow inbound and outbound connections with other networks.

About this task

CAUTION:

When configuring network firewall rules, do not allow IP addresses that belong to the 172.24.0.192/26 subnet.

IP addresses in the 172.24.0.192172.24.0.255 range are used for Docker network configuration, and unexpected

results can occur if they are also used by PowerProtect Data Manager.

The following example describes the procedure to allow inbound TCP traffic on port 9000.

NOTE: GCP uses the terms ingress and egress for inbound and outbound traffic.

Steps

1. From the Google Cloud Console, navigate to VPC network > Firewall, and click CREATE FIREWALL RULE.

2. Under Direction of traffic, select Ingress.

3. Under Action on match, select Allow.

4. Under Targets select Specified target tags.

5. Under Target tags, enter the name of the network firewall rule.

6. Under Source IP ranges, enter the subnet of the allowed inbound traffic..

7. Under Protocols and ports, select Specified protocols and ports, select tcp, and enter 9000.

8. Navigate to Compute Engine > VM Instances, select the PowerProtect Data Manager instance, and click EDIT.

9. Under Network tags, add the network firewall rule you created in step 5.

Configuring DDVE and storage For information on how to configure DDVE and storage, see the following publications that are available at Customer Support:

PowerProtect DD Virtual Edition in Google Cloud Platform Installation and Administration Guide PowerProtect Data Manager Administration and User Guide

Configuring and monitoring system health For information on how to configure and monitor system health, and how to configure and monitor alerts, jobs, and tasks, see the PowerProtect Data Manager Administration and User Guide at Customer Support

Configuring disaster recovery PowerProtect Data Manager can be configured to automatically back up critical servers on a periodic basis. This protects your infrastructure from catastrophic data loss.

It is recommended to enable DD MTree replication on a local DDVE instance so that the disaster-recovery data is replicated to a DDVE instance in a different region or Availability Zone. Such an infrastructure enhances existing data-protection schemes.

Configuration 23

When configured, the RPO of server disaster-recovery backups is a maximum of one hour, and the RTO of server disaster recovery is approximately 45 minutes, depending on the amount of data recovered. Even if PowerProtect Data Manager server disaster-recovery backups are up to an hour old, the system will attempt to synchronize any backups that occurred between the last backup and the time of failure.

For more information about how to prepare for and recover from a disaster, see the PowerProtect Data Manager Administration and User Guide at Customer Support:

Deploying SupportAssist to GCP You can deploy SupportAssist by using a gateway or a direct connection. To deploy SupportAssist to GCP through a gateway, you must deploy a SupportAssist container in a Linux or Windows host that is using Docker to GCP.

For more information, see the PowerProtect Data Manager Administration and User Guide at Customer Support

Using SSH You can use SSH to access the PowerProtect Data Manager virtual appliance on GCP.

PowerProtect Data Manager for GCP supports two methods of SSH access. You can use password-based SSH, or you can use the private key from the key pair assigned to the instance when PowerProtect Data Manager was deployed.

For example:

ssh -i data_manager_private_key admin@10.2.1.5 For more information, see Connecting to VMs.

Access the PowerProtect Data Manager UI PowerProtect Data Manager provides a web-based user interface (UI) that you can use to manage and monitor system features and settings from any location over a network.

Steps

1. From a host that has network access to the virtual appliance, use Google Chrome to connect to the appliance:

https://<appliance_hostname> NOTE: You can specify the hostname or the IP address of the appliance.

2. Log in with your user name and password.

The PowerProtect Data Manager Security Configuration Guide provides more information about the available user roles and their associated permissions. The associated roles for an account determine what parts of the UI a user can see and use, and what operations a user can perform.

If this is your first time accessing the PowerProtect Data Manager UI, an unsigned certificate warning might appear in the web browser.

The security certificate that encrypts communication between the PowerProtect Data Manager UI and the web browser is self-signed. A self-signed certificate is signed by the web server that hosts the secure web page. There is nothing wrong with this certificate. This certificate is sufficient to establish an encrypted channel between the web browser and the server. However, it is not signed by a trusted authority.

NOTE: If the user interface is left unattended for more than 30 minutes and times out, the login page might display with

the error 503: Unknown Error. If this occurs, dismiss the error and log in again with your username and password.

The Get Started window appears with configuration options that are required upon first deployment. To skip this window and go right to the Dashboard, click Launch.

From the Dashboard window:

The left pane provides links to the available menu items. Expand a menu item for more options. The icons in the PowerProtect Data Manager banner provide additional options.

24 Configuration

Get Started window

The Get Started window provides configuration options that are required when the PowerProtect Data Manager system is first deployed. This window continues to display by default each time you log in until you click Launch.

You can access the Get Started window at any time, or view any getting started options that have yet to be configured, by

clicking , and then selecting Getting Started.

The Get Started window enables you to configure or edit the following menu items:

Table 11. PowerProtect Data Manager Get Started menu items

Options Description

License Launches the License window, which prompts you to add a license file to PowerProtect Data Manager. Once a license is uploaded, you can view license details, such as capacity usage and software ID.

Support Launches the Support window, which enables you to configure SupportAssist, AutoSupport, and set up the email server for application notifications and messages.

Assets Launches the Asset Sources window, where you can enable any of the asset source types that PowerProtect Data Manager supports. Upon enabling an asset source, you can add and register the source for the protection of assets.

Storage Launches the Add Storage window, where you can add a PowerProtect DD System or PowerProtect DD Management Center as protection storage for primary backup and replicated copies.

UI tools and options

Learn about the available tools in the user interface (UI). CAUTION: Although displayed, some tools are not supported in GCP deployments of PowerProtect Data

Manager. Using these tools might cause unexpected results.

Dashboard

The Dashboard is visible when you log in to the PowerProtect Data Manager UI, and can be accessed from the left navigation pane. This window provides a high-level view of the overall state of the PowerProtect Data Manager system through six widgets. The following table describes each widget.

Figure 4. Dashboard widgets

Configuration 25

Table 12. PowerProtect Data Manager Dashboard

Dashboard widget Description

Jobs | Protection, Jobs | Restore and Jobs | System

This widget provides a color-coded status of backup, restore, and system jobs that are in progress or have been performed in PowerProtect Data Manager over a specified period. Jobs | Protection displays by default, showing jobs performed over the last 24 hours.

Click the three vertical dots at the top of the widget to:

Select Protection, Restore, or System to switch the jobs view in the widget. Choose the time period for the jobs that you want to view (last 24 hours, last 3 days,

last 7 days, or all). Once a time period is selected, the widget updates to display only jobs performed within that time period.

Click a color in the chart to view details about jobs with a specific status, or click the links next to each status. This will open the Jobs > Protection Jobs or Jobs > System Jobs window, which is filtered to display the jobs that match the selected status and time period. From this window, you can manage jobs, view more details, and search jobs.

Assets | Count and Assets | Size

Details in this widget include the number of protected assets, unprotected assets, and excluded assets for each asset source that has been added and enabled in PowerProtect Data Manager. You can also view the total number of assets for each asset source, and the total size of these assets. Assets | Count displays by default, and the asset types are sorted based on the percentage of the total asset count that are unprotected, or the total size of the unprotected assets for the asset source, depending on the view.

Click the three vertical dots at the top of the widget to:

Select Count or Size to switch the assets view in the widget. Select one or more asset sources from the list. You can display asset statistics for a single

asset source, multiple asset sources, or all asset sources.

Hover over a color to view the exact number of protected, unprotected, and excluded assets and the total size of these assets. Click a color to open the Infrastructure > Assets window, which is filtered to display the assets that match the selected status.

Health This widget provides a score for the overall PowerProtect Data Manager system health (Good, Fair, or Poor). Health details and status are provided for the following categories:

Components: Identifies the state of hardware and software services, such as Running or Failed.

Configuration: Identifies whether any aspects of the PowerProtect Data Manager configuration are incomplete, such as System Support configuration.

Capacity: Identifies the provisioned and currently allocated size of the associated storage system.

Performance: Identifies key performance indicators, such as memory use. Data Protection: Identifies key protection indicators, such as service-level agreements not

being met and disaster-recovery backup copies not being present.

Click View All to view more details about the system health issues for all categories.

Compliance This widget provides compliance verification statistics for protection policies that are linked to a Service Level Agreement (SLA). The widget also identifies the number of assets within these policies that are compliant and non-compliant.

Click the three vertical dots at the top of the widget to select one or more asset sources from the list. You can display compliance statistics for a single asset source, multiple asset sources, or all asset sources. By default, the total count and number of protection policies for compliant and non-compliant assets displays for all asset sources.

Click View All to open the Protection > SLA Compliance window, where you can view more details about the specific policies and assets that are non-compliant.

Capacity | Active Tier and Capacity | Cloud Tier

This widget displays the capacity status of the DD protection storage systems that are associated with this instance of PowerProtect Data Manager for the active tier and cloud tier. Based on the available capacity on each DD system, a color coded bar graph displays the number of systems that are Good (>20% available), Fair (<20% available), or Poor (<10%).

26 Configuration

Table 12. PowerProtect Data Manager Dashboard (continued)

Dashboard widget Description

Click the three vertical dots at the top of the widget to:

Select Active Tier or Cloud Tier to switch between a view of protection storage systems for the active tier and cloud tier in the widget. By default, the widget displays Capacity | Active Tier.

Select a DD system from the list. The widget updates to display capacity statistics for the selected DD system. You can only display capacity statistics for one system at a time.

Click View All to open the Infrastructure > Storage window, where you can view more details about specific protection storage systems.

Space Optimization This widget provides information about how efficient the active tier storage capacity is on individual DD systems associated with this instance of PowerProtect Data Manager. Efficiency is determined based on the size of pre-compression data compared with the size of post- compression data on the system.

Click the three vertical dots at the top of the widget to select a DD system from the list. The widget updates to display space optimization statistics for the selected DD system.

PowerProtect Data Manager UI tools and windows

CAUTION: Although displayed, some tools are not supported in GCP deployments of PowerProtect Data

Manager. Using these tools might cause unexpected results.

Table 13. PowerProtect Data Manager tools

Menu item Description

Dashboard

Click Dashboard to view the overall state of the PowerProtect Data Manager system.

Infrastructure

Click Infrastructure to: View and manage all assets:

VMware virtual machines File systems VMAX storage Groups Kubernetes clusters NOTE: Microsoft Exchange Server is not supported.

Network Attached Storage (NAS) Microsoft SQL Server databases Oracle databases SAP HANA databases

Add vCenter and application and File System host asset sources. View and manage Integrated Storage. Add a VM Direct appliance with the VM Direct protection engine for virtual machine data

protection. Manage registration of Oracle RMAN agent, Microsoft application agent, SAP HANA agent,

and File System agent. NOTE: Cloud Disaster Recovery is not supported.

NOTE: Search Clusters are not supported.

Add PowerProtect Cloud Snapshot Manager tenants as asset sources for jobs, alerts, and reports.

Configuration 27

Table 13. PowerProtect Data Manager tools (continued)

Menu item Description

Protection

Click Protection to: Add protection policies to back up assets.

NOTE: Block-based backup (BBB) with the Linux File System agent (FSA) is not supported.

Manage service-level agreements (SLAs). Add, edit, and delete Dynamic Groups for assets.

Restore

Click Restore to: View asset copy location details and initiate a Restore operation. Manage Instant Access Sessions. Use the File Search feature to find and restore virtual machine file copies.

Alerts

Click Alerts to: View and acknowledge alerts and events. Filter alerts by critical, warning, and informational status, and specify the time range. View and examine Audit logs. Export audit logs to CSV files. Set audit log boundaries. Configure alert notifications.

There is also a banner UI option, represented by the icon, which provides links that enable you to view all unacknowledged alerts.

Administration

Click Administration to: Configure users and roles. Set password credentials and manage key chains. View and replace certificates. Add external identity providers. View and manage resource groups.

Jobs

Click Jobs to manage jobs, view by protection or system, filter, and view details.

Banner UI options

The following table describes the icons that are located in the PowerProtect Data Manager banner.

Table 14. Banner UI options

Option Description

Click to enter search criteria to find assets, jobs, logs, and alerts.

The number next to this icon indicates the critical unacknowledged alerts over the last 24 hours.

Click to expand for more information about unacknowledged alerts, including:

The total number of alerts (all statuses critical, warning, or informational) that have yet to be acknowledged, or just the unacknowledged alerts from the last 24 hours (marked with the New tag).

The number of critical alerts that have yet to be acknowledged, or just the unacknowledged critical alerts from the last 24 hours (marked with the New tag).

Within this menu, click any of these links to open the Alerts window, where you can view specific details about these unacknowledged alerts.

28 Configuration

Table 14. Banner UI options (continued)

Option Description

Click to restore assets from replicated copies through quick recovery. This icon only appears when this system receives replicated metadata from a source system.

Click to configure and manage PowerProtect Data Manager system network, time zone, and NTP settings, DR backups, security, licenses, updates, authentication, agent downloads, and support, and to access the Get Started window.

Click to log out, and log in as a different user, or change the current user password.

Click to see PowerProtect Data Manager version information.

Click to obtain more information about PowerProtect Data Manager, access Customer Support, send feedback, or view the REST API documentation.

Click to launch CloudIQ, APEX Backup Services, and Cloud Snapshot Manager.

Updating PowerProtect Data Manager When a new version of PowerProtect Data Manager is released, you might want to use the newer version in your cloud environment.

The following general procedure should be followed when updating PowerProtect Data Manager:

1. Back up the PowerProtect Data Manager virtual appliance. For instructions, see the documentation provided by the cloud provider.

NOTE: Backing up the virtual applianc

Manualsnet FAQs

If you want to find out how the PowerProtect Dell works, you can view and download the Dell PowerProtect 19.11 Data Manager Google Cloud Platform Deployment Guide on the Manualsnet website.

Yes, we have the Google Cloud Platform Deployment Guide for Dell PowerProtect as well as other Dell manuals. All you need to do is to use our search bar and find the user manual that you are looking for.

The Google Cloud Platform Deployment Guide should include all the details that are needed to use a Dell PowerProtect. Full manuals and user guide PDFs can be downloaded from Manualsnet.com.

The best way to navigate the Dell PowerProtect 19.11 Data Manager Google Cloud Platform Deployment Guide is by checking the Table of Contents at the top of the page where available. This allows you to navigate a manual by jumping to the section you are looking for.

This Dell PowerProtect 19.11 Data Manager Google Cloud Platform Deployment Guide consists of sections like Table of Contents, to name a few. For easier navigation, use the Table of Contents in the upper left corner.

You can download Dell PowerProtect 19.11 Data Manager Google Cloud Platform Deployment Guide free of charge simply by clicking the “download” button in the upper right corner of any manuals page. This feature allows you to download any manual in a couple of seconds and is generally in PDF format. You can also save a manual for later by adding it to your saved documents in the user profile.

To be able to print Dell PowerProtect 19.11 Data Manager Google Cloud Platform Deployment Guide, simply download the document to your computer. Once downloaded, open the PDF file and print the Dell PowerProtect 19.11 Data Manager Google Cloud Platform Deployment Guide as you would any other document. This can usually be achieved by clicking on “File” and then “Print” from the menu bar.