Contents

Dell DD OS 7.5 Google Cloud Operating System Installation And Administration Guide PDF

1 of 56
1 of 56

Summary of Content for Dell DD OS 7.5 Google Cloud Operating System Installation And Administration Guide PDF

PowerProtect DD Virtual Edition on Google Cloud Platform Installation and Administration Guide

DDVE 6.0 with DDOS 7.5

February 2021 Rev. 01

Notes, cautions, and warnings

NOTE: A NOTE indicates important information that helps you make better use of your product.

CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid

the problem.

WARNING: A WARNING indicates a potential for property damage, personal injury, or death.

2016 - 2021 Dell Inc. or its subsidiaries. All rights reserved. Dell, EMC, and other trademarks are trademarks of Dell Inc. or its subsidiaries. Other trademarks may be trademarks of their respective owners.

Revision history..........................................................................................................................................................................5

Preface......................................................................................................................................... 6

Chapter 1: Getting Started............................................................................................................ 7 Purpose of this guide.......................................................................................................................................................... 7 Audience.................................................................................................................................................................................7 Architecture overview........................................................................................................................................................ 7

Chapter 2: Introducing DDVE ....................................................................................................... 9 Introducing DDVE................................................................................................................................................................ 9 DDVE cloud features ......................................................................................................................................................... 9

Chapter 3: Deploying DDVE.......................................................................................................... 11 Prerequisites to Deploy DDVE in GCP........................................................................................................................... 11

Enable Private Google Access .................................................................................................................................. 11 Create bucket in Google Cloud storage.................................................................................................................. 11 Get access and secret keys from GCP web console...........................................................................................12 Deployment manager editor role.............................................................................................................................. 13

Deploy DDVE from GCP marketplace........................................................................................................................... 13 Add more metadata disks for DDVE from the GCP web console ......................................................................... 17 Expand metadata storage................................................................................................................................................ 18

Chapter 4: Completing Initial DDVE Configuration....................................................................... 19 Configure DDVE in GCP................................................................................................................................................... 19

Configure DDVE in GCP using DDSM..................................................................................................................... 19 Configure DDVE in GCP using CLI.......................................................................................................................... 23 Configure DDVE manually......................................................................................................................................... 25

Recovering DDVE using system headswap.................................................................................................................26 Recovering the DDVE instance .....................................................................................................................................28

Chapter 5: Administering DDVE...................................................................................................29 Upgrading the instance type.......................................................................................................................................... 29 Extensions to DDOS for DDVE...................................................................................................................................... 30

perf................................................................................................................................................................................. 30 System vresource........................................................................................................................................................30

DDVE-only commands...................................................................................................................................................... 31 Modified DDOS commands............................................................................................................................................. 32 Unsupported DDOS commands .................................................................................................................................... 33 Troubleshooting performance issues............................................................................................................................37

Appendix A: Best Practices for Working with DDVE in the Cloud................................................. 39 Supportability..................................................................................................................................................................... 39 ASUP Configuration..........................................................................................................................................................39 Increase GCP resource quota........................................................................................................................................ 40

Contents

Contents 3

GCP Licensing....................................................................................................................................................................40 Storage best practices.....................................................................................................................................................40 Security best practices.................................................................................................................................................... 42

Appendix B: Networking Best Practices for DDVE in the Cloud.................................................... 45 VPC architecture...............................................................................................................................................................45 Multiple NICs for DDVE in GCP..................................................................................................................................... 45 Default DHCP configuration........................................................................................................................................... 45 Ports for inbound traffic..................................................................................................................................................45 Ports for outbound traffic...............................................................................................................................................47

Appendix C: Installing and Configuring DDVE on Block Storage in the Cloud ...............................48 Deploying DDVE on Google Cloud Platform Block storage.....................................................................................48

Enabling or updating SSH keys after deployment............................................................................................... 48 Adding NICs for DDVE............................................................................................................................................... 50 Adding disks for DDVE from the GCP console.................................................................................................... 50

Configuring DDVE block storage on the Google Cloud Platform........................................................................... 51 Configuring DDVE block storage in GCP using the DDSM interface.............................................................. 51 Configuring DDVE block storage in GCP using CLI............................................................................................. 51 System Headswap for DDVE block storage in GCP........................................................................................... 55

4 Contents

Revision history Table 1. DDVE 6.0 in Google Cloud Platform Installation and Administration Guide revision history

Revision Date Description

01 February 2021 Update for DDOS 7.5

Revision history 5

As part of an effort to improve its product lines, we periodically release revisions of its software and hardware. Therefore, some functions described in this document might not be supported by all versions of the software or hardware currently in use. The product release notes provide the most up-to-date information on product features.

Purpose This manual describes how to install, configure, and administer DD Virtual Edition (DDVE) systems.

Audience This manual is intended for use by both system administrators and general users of DD Virtual Edition.

Related documentation The following publications and websites provide additional information:

DD Operating System Release Notes DD Operating System Initial Configuration Guide

This manual explains configuration steps that are common to hardware and virtual DD systems. DD Operating System OS Command Reference Guide

This manual explains how to administer DD systems from the command line. DD Operating System OS Administration Guide

This manual explains how to administer DD systems with the System Manager graphical user interface.

DD Boost for OpenStorage Administration Guide

This manual explains how to use the DD Boost protocol for data transfer between backup software and DD systems. Avamar, DD and NetWorker Compatibility Guide: http://compatibilityguide.emc.com:8080/CompGuideApp/

This website lists Avamar and NetWorker software support for DDVE.

Where to get help We support, product, and licensing information can be obtained as follows:

Product information

For documentation, release notes, software updates, or information about products, go to Online Support at https://support.emc.com.

Technical support

For technical support of this release of DDVE, go to Online Support at https://support.emc.com.

Your comments Your suggestions will help us continue to improve the accuracy, organization, and overall quality of the user publications. Send your opinions of this document to DPAD.Doc.Feedback@emc.com.

Preface

6 Preface

Getting Started This chapter includes the following topics:

Topics:

Purpose of this guide Audience Architecture overview

Purpose of this guide This installation guide is intended as a supplement to the DD Operating System Administration Guide, which includes content for all DD systems. The content describes upgrading the DDVE software and using the DD System Manager to monitor DD systems for errors, disk space, and service events.

This guide contains content specific to deploying DD Virtual Edition (DDVE) on Google Cloud Platform. Use this guide with the DD Operating System Administration Guide and applicable Google Cloud Platform documentation.

See Google Cloud documentation for more information.

Audience This document is intended for data protection and storage administrators who want to use Google Cloud Platform to back up DD Virtual Edition (DDVE) content. Users should know about the following technology:

GCP Compute Engine GCP Storage GCP VPC network

Architecture overview DDVE is a virtual deduplication appliance that provides data protection for entry, enterprise, and service provider environments.

The following diagram represents the architecture of the DDVE on Google Cloud Platform solution.

1

Getting Started 7

Figure 1. Dell EMC PowerProtect DD Virtual Edition (DDVE) on GCP

Legend:

1. To keep data traffic between DDVE and the bucket within the GCP infrastructure, Dell EMC recommends that you create Private Google Access. This configuration keeps DDVE from depending on a NAT Gateway or Public IP address to access the bucket.

2. To keep data transfers secure, Dell EMC recommends a VPN connection to replicate data from an on-premises host to DDVE in the cloud or the opposite way.

3. DDVE is categorized as a backend server. It must be kept in a private subnet with a private address. Never set a public IP address for DDVE.

4. Dell EMC recommends that you create the bucket in the region where the DDVE instance is running. Multiregional bucket is also supported and should be used if the user is in a location where no data center is available as a regional location. A separate bucket for each DDVE is required.

5. All DDVE instances must be secured with the appropriate security group entries.

Typically SSH (Port 22) or HTTPS (Port 443) is used for DDVE inbound access.

HTTPS (443) must be allowed for outbound bucket access for DDVE.

TCP ports 2049 and 2051 are used for DD Boost and replication purposes.

See the DDVE documentation for more information and for a complete list of ports.

8 Getting Started

Introducing DDVE This chapter includes the following topics:

Topics:

Introducing DDVE DDVE cloud features

Introducing DDVE DD Virtual Edition (DDVE) is a software-only protection storage appliance: a virtual deduplication appliance that provides data protection for entry, enterprise and service provider environments. Like any DD system, DDVE is always paired with backup software.

DDVE runs the DD Operating System (DDOS), and includes the DD System Manager graphical user interface (GUI) and the DDOS command line interface (CLI) for performing system operations.

DDVE includes the following features:

High-speed, variable length deduplication for a 10 to 30 times reduction in storage requirements Unparalleled data integrity to ensure reliable recovery, and seamless integration with leading backup and archiving

applications DD Boost to speed backups by 50 percent DD Encryption for enhanced security of data DD Replicator for network efficient replication that enables faster time-to-DR readiness

DDVE runs on two types of platforms:

On premises, DDVE supports VMware, Hyper-V, KVM, and VxRail. In the cloud, DDVE also runs in the Amazon Web Services (AWS) (cloud and gov cloud), Azure (cloud and gov cloud),

VMware Cloud (VMC) on AWS cloud platforms, and Google Cloud Platform (GCP).

For more information about the features and capabilities of DD systems (both physical and virtual), see the DD Operating System Administration Guide.

DDVE cloud features Table 2. DDVE on GCP resource configuration size

Type Resource configuration size

DDVE on Block storage up to 16 TB

DDVE on Object storage

NOTE: Object storage is recommended for new deployments.

up to 256 TB

The following sections list supported DD protocols and features in DDVE.

Supported DD protocols

DD Boost over IP DD Boost FS

2

Introducing DDVE 9

Supported DD features

DD Boost managed file replication (MFR) Encryption MTree replication DD System Manager GUI for DDVE management DD Active Tier (DD Cloud Tier is not supported) Secure multitenancy (SMT) with Network Isolation Support DD Boost/BoostFS for Big Data Key Management Interoperability Protocol (KMIP) More restricted IPtables settings

NOTE: DDVE supports these replication capabilities:

Managed file replication and MTree replication

Replication across availability zones and regions

Replication within the GCP cloud and replication to and from other clouds

The DDOS Administration Guide, DD Boost OST Guide, DD Boost for Partner Integration Administration Guide provide additional information about supported protocols and features.

10 Introducing DDVE

Deploying DDVE This chapter includes the following topics:

Topics:

Prerequisites to Deploy DDVE in GCP Deploy DDVE from GCP marketplace Add more metadata disks for DDVE from the GCP web console Expand metadata storage

Prerequisites to Deploy DDVE in GCP Complete the prerequisites in the following sections before attempting to deploy DDVE on the GCP.

The high-level prerequisites steps are as follows:

1. Enable Private Google Access. 2. Create the bucket in Google Cloud Storage. 3. Get access and secret keys from the GCP web console. 4. Ensure the user has the deploymentmanager.editor role.

Enable Private Google Access

The DDVE object store solution needs network connectivity to the object store bucket. Enable Private Google Access to internally route the network traffic towards the bucket within the Google network.

By default, Private Google Access is not enabled. You can enable it when you create a subnet, and you can enable or disable it by editing a subnet. Configuring Private Google Access provides more information.

NOTE: We strongly recommend that you enable Private Google Access for security and efficiency. Never enable or attach a

public IP address to DDVE in the cloud.

The following figure shows an excerpt of the steps required to enable Private Google Access.

Create bucket in Google Cloud storage

About this task

Create the bucket in the same region as the DDVE instance.

Steps

1. For the Google Cloud Platform navigation pane, select Storage > Browser.

3

Deploying DDVE 11

2. On the Browser page, click + Create Bucket.

3. On the Create a bucket page, provide information for each category:

a. Name your bucket - Enter the bucket name. DDVE does not accept a bucket with a dot (.) in its name. b. Choose where to store your data - For low latency purposes, Dell EMC recommends the location type Region. Select

the same region where the DDVE is running.

Use Multi-regional only for a location where regional type is unavailable.

If you require regional redundancy, it is recommended that you deploy a DDVE in another region and configure replication between the DDVEs.

c. Choose a default class for your data - DDVE in the GCP cloud supports only Standard class. Nearline, Coldline, and Archive classes are not supported as they are not designed for Active tier.

d. Choose how to control access to objects - DDVE supports Fine-grained and Uniform. Uniform is recommended. e. Advanced settings (optional) - Use default settings.

4. When you are satisfied with the bucket settings, click Create.

Get access and secret keys from GCP web console

Steps

1. Login to the GCP web console.

2. Select Storage > Settings.

3. Click Interoperability.

4. Copy the secret and access keys from this page. If the keys do not exist, click Create a new key to create the keys, as shown in the following example.

NOTE: The user with these access and secret keys should be granted the Storage Admin role. Alternatively, for more

granular access of services, the bucket-level Cloud IAM role, storage.legacyBucketWriter can be granted on the bucket

that is created in Create Bucket in GCP. The permissions that are included in this role are:

storage.objects.list

storage.objects.create

storage.objects.delete

storage.buckets.get

For more information, see:

Access Control Lists (ACLs): https://cloud.google.com/storage/docs/access-control/lists

12 Deploying DDVE

Best practices:https://cloud.google.com/storage/docs/access-control/iam#best_practices View and manage permissions: https://console.cloud.google.com/iam-admin/iam

Deployment manager editor role

To ensure successful marketplace deployment, the user must have the deploymentmanager.editor role.

Alternatively, the user must have, at a minimum, the following permissions:

deploymentmanager.deployments.cancelPreview deploymentmanager.deployments.create deploymentmanager.deployments.delete deploymentmanager.deployments.get deploymentmanager.deployments.list deploymentmanager.deployments.stop deploymentmanager.deployments.update deploymentmanager.manifests.get deploymentmanager.manifests.list deploymentmanager.operations.get deploymentmanager.operations.list deploymentmanager.resources.get deploymentmanager.resources.list

Deploy DDVE from GCP marketplace Follow these steps for initial deployment of PowerProtect DD Virtual Edition from the GCP Marketplace.

Steps

1. Log in to the GCP Marketplace portal at https://cloud.google.com/marketplace.

2. Click the Explore Marketplace button. In the search bar, type PowerProtect DD Virtual Edition.

3. Find the product, and click LAUNCH to begin deployment.

4. In the next screen, provide the following information:

a. In the Deployment name field, specify the virtual machine name (this name is also the instance name). b. Select the Zone where the VPC and subnet are created. c. Select the DDVE version from the drop-down list. It is recommended that you select the latest version. d. Select a Machine Type that meets your capacity requirements. The recommended metadata disk number and size for

the capacity is automatically added.

5. If you want to override the number of metadata disks, select the corresponding number from the box.

Deploying DDVE 13

NOTE: Observe these guidelines:

You can override only the number of metadata disks, not the size of each disk.

The maximum number of metadata disks that you can override is 24.

6. (Optional) DDVE supports assigning an SSH key for the sysadmin user. To access the DDVE, provide the SSH Public key.

Under Security, select the option Block project-wise SSH keys option to block access using any project-wide keys.

NOTE: Observe these guidelines:

This SSH key is assigned to the sysadmin user.

This SSH key is instance-level key.

Do not append the username (sysadmin). It is automatically assigned.

7. For the Network interface, select the Network and Subnetwork that you require.

By default, External IP is set to None. This setting is recommended since the PowerProtect DDVE is a backend service and must not be exposed directly over the public Internet. You can use a bastion host or its equivalent to log in to this VM.

14 Deploying DDVE

8. By default, GCP VM instances block all incoming traffic, and all outbound traffic is allowed. If you maintain the firewall rules at the network level, clear these checkboxes.

Deploying DDVE 15

The ports that are shown above are for inbound traffic for PowerProtect DD Virtual Edition.

If you are explicitly restricting outbound traffic in your environment, ensure that you open port 443 for outbound access to object store bucket.

For a complete list of ports and their usage, see "Ports for inbound traffic" and "Ports for outbound traffic" in this document.

NOTE: The default network CIDR for these firewall rules is 0.0.0.0/0, which allows traffic from all IP addresses. Instead,

specify your network CIDRs for allowing traffic.

9. Review the information previously entered to ensure that it is correct. Accept the GCP Marketplace Terms of Service, and click Deploy.

The Deployment Manager page opens.

10. If you want to delete one or more deployments, follow the guidelines in this step.

You are not required to delete deployments, and Dell EMC makes no explicit recommendation to delete deployments. If you want to delete a deployment from the Deployment Manager page, ensure that you select the option to delete the deployment name but preserve its resources.

NOTE: Failure to carefully select this deletion option, instead selecting another option, deletes the deployment and all

resources, including the DDVE and its associated disks.

11. Locate the deployed PowerProtect DD Virtual Edition on the VM instances page.

16 Deploying DDVE

Results

The PowerProtect DD Virtual Edition is successfully deployed. NOTE: Avoid disabling or modifying the primary interface settings. The primary interface in cloud deployments has the

default gateway setting and is the only interface with which the DDVE can connect to the metadata server. The metadata

server is critical for DDVE operation.

Add more metadata disks for DDVE from the GCP web console When required, from the GCP web console, add more metadata disks for the existing DDVE.

About this task

Although GCP provides four types of disk storage, DDVE supports only the following:

SSD persistent disk for the root disk SSD persistent disk for the NVRAM disk and metadata/data disks

Check Storage size specifications on page 41 for recommendations on the metadata disk size.

Steps

1. Log in to the GCP web console.

2. Select Compute Engine > VM instances.

3. Find the VM instance, and select VM instance details. Click EDIT.

4. Select Additional disks > Add new disk.

5. Specify the following:

Name for the disk Type [SSD persistent disk] Size (GB) [2048 for 256 TB, 1024 for other capacities]

For other fields, use default values. Then click Done.

NOTE: If more disks are created for metatdata by selecting Compute Engine > Disks, these disks can be attached to

the DDVE by selecting Additional disks > Attach existing disk.

6. To add more metadata disks, repeat Step 4 on page 17 and Step 5 on page 17.

7. At the bottom of the page, click Save.

8. Log in to the DDVE to configure the storage.

Deploying DDVE 17

NOTE: Step 9 on page 18 provides another alternative for configuring the storage.

Use the command disk show hardware to check for the new disks that were added.

Use the command storage add tier active dev to add the disks to active tier.

Use the command filesys expand to expand the filesystem onto the newly added disk:

# filesys expand The filesystem will be expanded approximately to 261.93 TiB. Are you sure? (yes|no) [no]: yes

For details, see Configure DDVE in GCP using CLI on page 23.

9. Alternatively, you can configure the storage using DD SM. Click Hardware > Storage > Configure Storage.

Expand metadata storage Expand metadata storage by increasing the size of existing metadata disks.

Prerequisites

It is recommended that you expand metadata storage by adding new metadata disks. When the total number of metadata disks reaches its limit, you can expand metadata storage by increasing the size of existing metadata disks. Shrinking disks size is not supported.

Before expanding metadata storage, disable the file system. You cannot expand the first metadata disk. Observe the recommended increment size of 1 TiB.

Steps

1. Power off the DDVE by using the CLI:

#system poweroff

2. Log in to the GCP web console, and select Compute Engine > VM Instances.

3. On VM Instance details page, go to Additional disks, and select the metadata disk that you plan to expand.

NOTE: You cannot expand the first metadata disk.

4. To increase the size of the selected metadata disk, click the EDIT button.

5. To increase the size of other metadata disks, repeat step 3 on page 18 and step 4 on page 18.

6. Start the DDVE.

7. To confirm the disk size change, use the Disk show hardware or Storage show all command.

8. Disable the file system with the filesys disable command.

9. Expand metadata storage with the filesys expand command.

10. Enable file system with the filesys enable command, and check file system status with filesys status command.

11. To confirm the metadata storage expansion, use the filesys show space tier active local-metadata command.

18 Deploying DDVE

Completing Initial DDVE Configuration This chapter includes the following topics:

Topics:

Configure DDVE in GCP Recovering DDVE using system headswap Recovering the DDVE instance

Configure DDVE in GCP

About this task

NOTE: Avoid disabling or modifying the primary interface settings. The primary interface in cloud deployments has the

default gateway setting and is the only interface with which the DDVE can connect to the metadata server. The metadata

server is critical for DDVE operation.

There are two ways to configure a DDVE after deployment:

Using DDSM Interface Using the CLI

Before you begin:

Consider metadata storage size and count requirements. Refer to Storage Best Practices for additional information. Create the GCP storage bucket. Make note of the bucket name, as you will need it when you create the cloud profile. If the storage class is selected as regional, we recommend that you create the bucket in the same region as the DDVE

instance.

Configure DDVE in GCP using DDSM

You can configure DDVE in GCP using the DDSM UI.

Steps

1. Log in to DD System Manager using the IP address of your DDVE. The default login credentials for the DDVE instance are: sysadmin/ .

NOTE: You can find the Instance Id from the VM instance details on the GCP portal.

2. From the Use list, select one of the following licenses:

4

Completing Initial DDVE Configuration 19

Pre-Installed Evaluation License (provides 45 days of limited access to DDVE software for evaluation purposes and may only be used in a non-production environment.)

License File License Server (Alternative choice, if license server is available)

3. Accept the End User License Agreement. The configuration wizard is launched automatically.

4. Leave the default Network settings. Click No to go to the File System Settings.

5. Click Yes for File System configuration.

6. For Storage Type, select Object Store, enter the passphrase, bucket name, access key, and secret key.

These fields are not displayed after the passphrase is set. NOTE:

Create bucket in Google Cloud Storage provides steps to create a bucket.

Getting Access and Secret Keys from GCP Web Console provides steps to get the access key and secret key.

7. Configure Storage. Select the disks under Available Storage and move them to the Metadata Storage section by clicking Add to Metadata. Add the disks to the active tier (this action adds the metadata storage disk to the instance).

8. File System Summary Page: Click the Summary tab to review all the fields. Check the box Enable file system after creation

and click Submit.

20 Completing Initial DDVE Configuration

The file system is created and enabled.

9. Click OK to go to the System Settings tab.

10. Change the DDVE password.

11. Configure the email server as needed.

12. Click Submit to save the system settings, and then exit the wizard.

Completing Initial DDVE Configuration 21

NOTE: DDVE running in GCP must have its clock synchronized with NTP for object store communication. DDVE

automatically synchronizes its clock using the time server information in the DHCP response that the GCP infrastructure

provides. If there are any changes in the GCP setup that prevent the NTP server announcement, configure and check

the NTP status by going to Administration > Settings > More Tasks > Configure Time Settings. See Google Set

up network time protocol (NTP) for instances.

Results

The DDVE configuration using DDSM is complete.

Re-launch the configuration wizard

About this task

You will need to re-launch the configuration wizard after completing the initial DDVE configuration, if you choose to modify the object-store profile or make other changes after this initial configuration.

Steps

1. Navigate to Maintenance >System.

2. Click on the Configuration System option.

3. Object store local metadata storage can be checked by navigating to Data Management>File System.

22 Completing Initial DDVE Configuration

Configure DDVE in GCP using CLI

You can log in using SSH to configure DDVE using the command line interface. Authentication using key-value pair and username and password are supported.

Steps

1. Log in to the DDVE instance to configure the system. The default login credentials for the DDVE instance are: sysadmin/ .

NOTE: The exact DDOS version that is shown here varies depending on the deployment. The version numbers that are

listed in this document are only an example.

# ssh sysadmin@ EMC DD Virtual Edition Password:

Welcome to Data Domain OS 7.3.0.5-xyz ------------------------------------------ sysadmin@myddve0#

2. During the first login, you are prompted to accept the EULA and change the password.

The configuration wizard launches.

3. Follow the steps in the wizard to add the elicense and configure the Object Store.

NOTE: If an elicense file cannot be found in /ddr/var, you can paste the license directly in the wizard.

Welcome to Data Domain OS 7.4.0.5-668303 ---------------------------------------- Press any key then hit enter to acknowledge the receipt of EULA information: q Enter new password: Re-enter new password: Passwords matched.

Security Officer Do you want to create security officer ? (yes|no) [no]:

Do you want to configure system using GUI wizard (yes|no) [no]:

Network Configuration Configure Network at this time (yes|no) [no]:

eLicenses Configuration Configure eLicenses at this time (yes|no) [no]: yes

Available eLicense Files # File Name - ------------ 1 elicense.lic - ------------

Do you want to use an existing eLicense file (yes|no) [yes]: yes Enter the index of eLicense file [1|cancel]: 1

Pending eLicense Settings Existing Licenses:

......

New Licenses: Capacity licenses: ## Feature Capacity Type State Expiration Date Note -- -------- --------- --------------- ------ --------------- ---- 1 CAPACITY 87.31 TiB permanent (int) active n/a -- -------- --------- --------------- ------ --------------- ----

Completing Initial DDVE Configuration 23

** New license(s) will overwrite existing license(s). Do you want to save these settings (Save|Cancel|Retry): Save

Successfully updated eLicenses.

Filesystem Configuration Configure Filesystem at this time (yes|no) [no]:

System Configuration Configure System at this time (yes|no) [no]:

CIFS Configuration Configure CIFS at this time (yes|no) [no]:

NFS Configuration Configure NFS at this time (yes|no) [no]:

SMT Configuration Configure SMT at this time (yes|no) [no]:

Storage object-store profile Configuration Configure Storage object-store profile at this time (yes|no) [no]: yes

Do you want to enable object store (yes|no) [yes]: yes A passphrase needs to be set on the system. Enter new passphrase: Re-enter new passphrase: Passphrases matched. Enter the access key: Enter the secret key: Enter the bucket name: simp-test-bucket

Object-store endpoint needs the GlobalSign certificate to be imported. Do you want to import that certificate with below fingerprint? 75:E0:AB:B6:13:85:12:27:1C:04:F8:5F:DD:DE:38:E4:B7:24:2E:FE (yes|no) [yes]: yes

Pending Object Store Settings Bucket name: simp-test-bucket Do you want to save these settings (Save|Cancel|Retry): Save The passphrase is set

Successfully set object store profile.

Configuration complete.

4. Run the following command to view the disks that are attached to the DDVE:

# disk show hardware

Example:

# disk show hardware Disk Slot Manufacturer/Model Firmware Serial No. Capacity Type (pci/idx) ---- --------- ------------------------ -------- ---------- --------- ------- dev1 0:0 Google PersistentDisk n/a (unknown) 250.0 GiB SAS dev2 0:1 Google PersistentDisk n/a (unknown) 10.0 GiB SAS-SSD dev3 0:2 Google PersistentDisk n/a (unknown) 1.0 TiB SAS-SSD dev4 0:3 Google PersistentDisk n/a (unknown) 1.0 TiB SAS-SSD ---- --------- ------------------------ -------- ---------- --------- ------- 4 drives present.

24 Completing Initial DDVE Configuration

5. Add the disks to the active tier (this action adds the metadata storage disk to the instance).

# storage add tier active dev

6. Create and enable file system.

# filesys create # filesys enable

NOTE: DDVE running in GCP must have its clock synchronized with NTP for successful object store communication.

The DDVE automatically synchronizes its clock by using the time server information in the DHCP response that the GCP

infrastructure provides. If there are any changes in the GCP setup that prevent NTP server announcement, configure

NTP explicitly by using ntp add timeserver and ntp sync commands. You can check the NTP status

for your instance by running the command ntp status.

See Google set up network time protocol (NTP) for instances for more information about GCP time synchronization.

Results

The DDVE configuration using CLI is complete.

Configure DDVE manually

You can manually configure the DDVE if the configuration wizard was skipped or at any point after the initial configuration.

About this task

This procedure enables you to configure or update the elicense, set the system passphrase, enable the object-store feature, and set the object-store profile.

Steps

1. To add the elicense, save the license file to /ddr/var/license. Run the command elicense update license.lic.

NOTE: if the license file cannot be found in /ddr/var, you can paste its content directly to the console.

# elicense update license.lic

Existing licenses:

Capacity licenses: ## Feature Capacity Type State Expiration Date Note -- -------- -------- -------------------- ------ --------------- ---- 1 CAPACITY 0.45 TiB unexpired evaluation active n/a -- -------- -------- -------------------- ------ --------------- ----

Feature licenses: ## Feature Count Type State Expiration Date Note -- ------------------------- ----- -------------------- ------ --------------- ---- 1 REPLICATION 1 unexpired evaluation active n/a 2 DDBOOST 1 unexpired evaluation active n/a 3 RETENTION-LOCK-GOVERNANCE 1 unexpired evaluation active n/a 4 ENCRYPTION 1 unexpired evaluation active n/a -- ------------------------- ----- -------------------- ------ --------------- ----

New licenses:

Capacity licenses: ## Feature Capacity Type State Expiration Date Note -- -------- --------- --------------- ------ --------------- ---- 1 CAPACITY 87.31 TiB permanent (int) active n/a -- -------- --------- --------------- ------ --------------- ----

Completing Initial DDVE Configuration 25

Feature licenses: ## Feature Count Type State Expiration Date Note -- ----------- ----- --------------- ------ --------------- ---- 1 REPLICATION 1 permanent (int) active n/a 2 DDBOOST 1 permanent (int) active n/a 3 ENCRYPTION 1 permanent (int) active n/a -- ----------- ----- --------------- ------ --------------- ----

** New license(s) will overwrite all existing license(s).

Do you want to proceed? (yes|no) [yes]: yes

eLicense(s) updated.

2. Set the system passphrase by running the command system passphrase set.

# system passphrase set Enter new passphrase: Re-enter new passphrase: Passphrases matched. The passphrase is set.

3. Enable the object store using the command storage object-store enable

# storage object-store enable Object-store is enabled. #

4. Get the access and secret keys by following the steps in Getting Access and Secret Keys from GCP Web Console.

5. Run the following command to create/modify the cloud profile: # storage object-store profile set. Enter the access and secret keys obtained from the previous step.

6. Enter the bucket name created in Create bucket in Google Cloud Storage.

7. GCP needs the GlobalSign certificate to communicate with the object store. Import the certificate using the following command:

# storage object-store profile set Enter the access key: Enter the secret key: Enter the bucket name: my-bkt

Object-store endpoint needs the GlobalSign certificate to be imported. Do you want to import that certificate with below fingerprint? 75:E0:AB:B6:13:85:12:27:1C:04:F8:5F:DD:DE:38:E4:B7:24:2E:FE (yes|no) [yes]: yes

Profile is set. #

Recovering DDVE using system headswap A system headswap recovers a DDVE instance from a head unit failure. The head unit refers to the DDVE root disk.

Prerequisites

System headswap between the same DDOS versions is recommended. When the same DDOS version not available, system headswap can be done with a higher DDOS version. The version check rules for RPM upgrade also apply.

Ensure that the vNVRAM disk and metadata disks from system A (original system) are available, as they will be attached to the new instance B. If either the vNVRAM disk or any metadata disk is not available, use the system recovery from object-store command instead.

About this task

Use this procedure only to run the system headswap command to recover DDVE with a head unit failure in GCP Object Store.

26 Completing Initial DDVE Configuration

NOTE: The failed instance is referred to as instance A. The new instance is instance B.

Steps

1. Create instance B with Head Unit (root disk only) with the same instance type as the original one.

2. Detach the vNVRAM and metadata disks from the failed head unit (instance A).

3. Attach the vNVRAM and metadata disks that were detached from instance A to instance B

4. Set the system passphrase.

NOTE: Set the passphrase to match system A, otherwise, headswap fails.

# system passphrase set

Enter new passphrase: Re-enter new passphrase: Passphrases matched. The passphrase is set.

5. Ensure that system A is powered off.

This step is required to detach the bucket from system A and make it available to be attached with system B.

6. Run the system headswap command on instance B.

NOTE: The system will reboot during the headswap process.

# system headswap

This command returns the system back to its prior operational conditions. The system will be rebooted before resuming normal operations.

** If system passphrase was set on the old head, you will need to do one of the following after headswap completes: - unlock the filesystem if you have encrypted data, or - set the system passphrase if you don't have encrypted data

Are you sure? (yes|no) [no]: yes

ok, proceeding.

Please enter sysadmin password to confirm 'system headswap': Restoring the system configuration, do not power off / interrupt process ...

# Broadcast message from root (Fri May 25 07:12:35 2018): The system is going down for reboot NOW!

7. Verify the file system status after the headswap process completes.

# filesys status The filesystem is enabled and running.

NOTE:

You might need to re-activate the license on the new instance if an unserved-mode license is used.

Use the CLI elicense checkout and elicense checkin to obtain licenses from DDVE

If an invalid key magic error occurs after a headswap, set the passphrase on the new DDVE, and then

perform the headswap using ddboost user revoke token-access sysadmin.

If DDVE was attached to an AV-server and a certificate authentication error occurs after a headswap, detach and

re-attach the DD from the AV-server. The AV-server regenerates the certificate and imports it to DD.

Completing Initial DDVE Configuration 27

Recovering the DDVE instance Use this procedure only when you lose the original DDVE instance and must recover data to a new DDVE instance.

About this task

This procedure recovers the DDVE system on the GCP Object Store. The system recovery command recovers the DDVE with failure of the head unit, NVRAM disk, metadata disk, or any combination of the three.

If both NVRAM and metadata disks are available, use the system headswap command instead.

Steps

1. Create instance B with the same configuration as instance A, including instance type, and metadata disk capacity.

2. Use the following command to enable the object-store:

# storage object-store enable Object-store is enabled.

3. Set the object-store profile.

Ensure that the passphrase on system B matches that on system A. Otherwise, the recovery fails. Also, ensure that the bucket name for both systems is the same.

4. Run the command to verify the disks that are attached to the DDVE: # disk show hardware.

5. Add disks to the active tier: # storage add tier active dev NOTE: Add disks with at least the same capacity as system A.

6. Run system recovery precheck:

# system recovery precheck from object-store Recovery precheck passed. Use start command to start the recovery.

7. Run the recovery:

NOTE: Ensure that instance A is shut down before running the recovery.

# system recovery start from object-store System recovery has started. Use status command to check the status.

8. Check the recovery status.

The system reboots during the recovery process.

# system recovery status System recovery is running: stage 2 of 6 (attaching object-store).

9. After the recovery process is complete, check the file system status.

# filesys status The filesystem is enabled and running.

28 Completing Initial DDVE Configuration

Administering DDVE This chapter includes the following topics:

Topics:

Upgrading the instance type Extensions to DDOS for DDVE DDVE-only commands Modified DDOS commands Unsupported DDOS commands Troubleshooting performance issues

Upgrading the instance type You can upgrade the DDVE instance type to any higher capacity configuration. You can also upgrade an instance type to the recommended instance within the same capacity. For example, you can upgrade a 256-TB DDVE instance from custom-32-131072 to e2-standard-32.

Prerequisites

NOTE: Upgrade is not supported for Block storage solution. If DDVE is using block storage, only 16 TB configuration is

supported.

For details about CPU and memory requirements for the supported configurations, see this table:

Table 3. DDVE instance type configurations

DDVE capacity configuration (TB)

Instance type vCPUs Memory Number of disks Disk size

16 e2-standard-4 4 16 1-2 1024 GB

32 e2-standard-8 8 32 1-4 1024 GB

96 e2-standard-16 16 64 1-10 1024 GB

256 e2-standard-32 32 128 1-13 2048 GB

NOTE: Custom instance types are also supported.

Steps

1. Power off the DDVE using the CLI:

#system poweroff

2. From the GCP web console, ensure that the DDVE instance is powered off.

3. Change the memory and CPU configurations for the DDVE by selecting Compute Engine > VM Instances > VM Instance details > Edit > Machine configuration. See the table in this topic.

4. Power on the DDVE instance.

5. Log in to the DDVE and run this command to verify the new instance configuration:

#system vresource show current

5

Administering DDVE 29

Next steps

After upgrading the instance to a higher capacity configuration, you can add more disks for metadata. Details are provided in Add more metadata disks for DDVE from the GCP web console on page 17.

If the DDVE is configured with recommended disks, and metadata disks are nearly full, you can expand metadata storage on the existing disks. Instructions are provided in Expand metadata storage on page 18.

Extensions to DDOS for DDVE Several DDOS commands are supported on the DDVE platform only. This section describes these commands.

perf

Collect and show DDVE performance statistics. perf disable trace event-regexp [module {default | ddfs}] Disable tracing of specified events.

perf enable trace event-regexp [module {default | ddfs}] Enable tracing of the specified events.

perf start histogram [module {default | ddfs} Start collecting performance histograms. This command may reduce performance marginally.

perf start stats Start printing statistics. This command may reduce performance marginally.

perf start trace [allow-wrap] [module {default | ddfs}] Start tracing events. This command may reduce performance marginally.

perf status trace event-regexp [module {default | ddfs}] Shows whether tracing is enabled or disabled for the specified events.

perf stop histogram histogram-filename [module {default | ddfs} Stop collecting histograms and write the collected histograms to the specified file.

perf stop stats Stop printing statistics.

perf stop trace trace-filename [module {default | ddfs}] Stop tracing events and write the collected traces to the specified file.

System vresource

Display details about the virtual CPU and memory resources on the DDVE. system vresource show [current | requirements]

# system vresource show requirements Active Tier Cloud Tier Instance Capacity (TB) Capacity (TB) Type ------------- ------------- --------------------------------------------- 16 n/a e2-standard-4 32 n/a e2-standard-8 96 n/a e2-standard-16 256 n/a e2-standard-32 ------------- ------------- --------------------------------------------- ** The maximum allowed system capacity for active tier on block storage is 16 TB

30 Administering DDVE

DDVE-only commands The following commands only work on DDVE and are not supported on physical DD systems.

Table 4. DDVE-only commands

Command Description

elicense checkout feature-license

Allows user to check out the features of licenses for License Server installation

elicense checkout capacity-license value {TB|GB}

Allows user to check out the capacity of licenses for License Server installation. Here is sample output: sysadmin@localhost# elic checkout capacity- license capacity value 10 TB Checking out CAPACITY license willl also checkout available feature licenses. An addition 10 TB CAPACITY license will be checked out. 10 TB additional CAPACITY license has been checked out. License(s) have been checked out for REPLICATION, DDBOOST, ENCRYPTION. Total 10 TB CAPACITY license is now available on this system.

elicense checkin { | all} Allows user to check in features for licenses for License Server installation

elicense license-server set server { | } port elicense license-server reset Returns DDVE to factory license settings.

elicense license-server show filesys show space tier active local- metadata

Displays the usage for the metadata storage. NOTE: Some portion of the disk space is reserved for internal metadata, such as index. The amount of reserved space is based on the maximum capacity of the platform and not on licensed capacity.

net hosts add Two DDVEs in different regions cannot resolve each other's hostname. Run this command to add a host list entry.

storage object-store enable Enables the object-store feature for DDVE.

storage object-store disable Disables the object-store feature for DDVE.

storage object-store profile set Configures the object-store access profile.

storage object-store profile show Displays the object-store access profile.

storage object-store profile status This CLI lists the object-store profile information set on the DDVE.

system vresource show [requirements] Displays the file system capacity, the number of virtual CPUs, and the amount of memory assigned to the virtual machine running the DDVE instance. The requirements option displays the physical storage requirements for DDVE.

Administering DDVE 31

Modified DDOS commands The behavior of the following commands is modified on the DDVE platform:

Table 5. Modified DDOS commands

Command Changes

alert The tenant-unit parameter is not supported.

compression The tenant-unit parameter is not supported.

config setup show Arguments for configuring features not available in DDVE have been removed.

ddboost clients show active The tenant-unit parameter is not supported.

ddboost file-replication show active The tenant-unit parameter is not supported.

ddboost file-replication show detailed-file- history

The tenant-unit parameter is not supported.

ddboost file-replication show file-history The tenant-unit parameter is not supported.

ddboost option reset The fc parameter is not supported.

ddboost option show The fc parameter is not supported.

ddboost storage-unit create The tenant-unit parameter is not supported.

ddboost storage-unit modify The tenant-unit parameter is not supported.

ddboost storage-unit show The tenant-unit parameter is not supported.

ddboost streams show active The tenant-unit parameter is not supported.

ddboost streams show history The tenant-unit parameter is not supported.

disk rescan The . parameter is not supported.

disk show state DDVE system disks show the System Dev state.

disk show stats The DDVE format for this command is disk show stats [dev ]

disk status The Spare row has been removed from the output. The System row has been added.

enclosure show all The [ ] parameter is not supported.

enclosure show controllers The [ ] parameter is not supported.

enclosure show cpus The [ ] parameter is not supported.

enclosure show io-cards The [ ] parameter is not supported.

enclosure show memory The [ ] parameter is not supported.

filesys encryption keyes delete The [tier {active | archive} | archive-unit <unit-name>] parameter is not supported.

filesys encryption keys show The [tier {active | archive} | archive-unit <unit-name>] parameter is not supported.

filesys fastcopy The [retention-lock] parameter is supported with DDVE.

Retention lock compliance mode is not supported for any DDVE.

32 Administering DDVE

Table 5. Modified DDOS commands (continued)

Command Changes

filesys show compression The [tier {active | archive} | archive-unit <unit-name>] parameter is not supported.

filesys show space The [tier {active | archive} | archive-unit <unit-name> | arcjove-unit {all | name>] parameter is not supported.

mtree create The tenant-unit parameter is not supported.

mtree list The tenant-unit parameter is not supported.

mtree show compression The tenant-unit and tenant-unit parameters are not supported.

mtree show performance The tenant-unit parameter is not supported.

net create interface The parameter is not supported.

net destroy The parameter is not supported.

perf The vtl option is not supported on any perf command.

storage add The enclosure and disk parameters are not supported.

storage remove The enclosure and disk parameters are not supported.

storage show The archive option is not supported.

system show stats NVRAM statistics are not reported, because DDVE systems do not have physical NVRAM.

quota The tenant-unit parameter is not supported.

replication MTree replication is the only type of replication supported.

snapshot The tenant-unit parameter is not supported.

Unsupported DDOS commands The following DDOS commands and command options are not supported on the DDVE platform.

Table 6. Unsupported commands and command options

Unsupported command or command option Notes

adminaccess https generate certificate Deprecated. Use adminaccess certificate generate instead.

alerts add Deprecated. Use alerts notify-list add instead.

alerts del Deprecated. Use alerts notify-list del instead.

alerts notify-list option set group-name tenant-alert-summary {enabled | disabled} alerts notify-list option reset group-name tenant-alert-summary alerts reset Deprecated. Use alerts notify-list reset instead.

alerts show alerts-list Deprecated. Use alerts notify-list show instead.

alerts test Deprecated. Use alerts notify-list test instead.

archive authorization

Administering DDVE 33

Table 6. Unsupported commands and command options (continued)

Unsupported command or command option Notes

autosupport display Deprecated. Use autosupport show report instead.

autosupport reset support-list Deprecated. Use autosupport reset { all | alert- summary | asup-detailed | support-notify } instead.

autosupport show support-list Deprecated. Use autosupport show { all | asup- detailed | alert-summary | support-notify } instead.

cifs set authentication nt4 Deprecated. Use cifs set authentication active- directory instead.

cluster ddboost fc ddboost option reset fc ddboost option set distributed-segment- processing disabled

Turning off distributed segment processing (DSP) with this DDBoost command is not supported for DDVE on DDOS 6.1.2.x.

ddboost option show Turning off DSP with this DDBoost command is not supported for DDVE on DDOS 6.1.2.x.

ddboost option show fc ddboost show image-duplication Deprecated. Use ddboost file-replication show

instead.

ddboost user option set user default-tenant- unit tenant-unit ddboost user option reset user [default- tenant-unit] disk add devdisk-id [spindle-group 1-16] Deprecated. Use storage add instead.

disk add enclosure enclosure-id Deprecated. Use storage add instead.

disk benchmark start Not supported by DDVE in cloud

disk benchmark show Not supported by DDVE in cloud

disk benchmark stop Not supported by DDVE in cloud

disk benchmark watch Not supported by DDVE in cloud

disk expand Deprecated. Use storage add instead.

disk failenclosure-id.disk-id disk multipath disk port disk rescan [enclosure-id.disk-id] disk show detailed-raid-info Deprecated. Use disk show state and storage show

instead.

disk show failure-history disk show performance Not supported by DDVE in cloud

disk show raid-info Deprecated. Use disk show state and storage show instead.

disk show reliability-data

34 Administering DDVE

Table 6. Unsupported commands and command options (continued)

Unsupported command or command option Notes

disk disk show stats Not supported by DDVE in cloud

disk unfail enclosure beacon enclosure show all [enclosure] This command is supported, but not with the enclosure

argument.

enclosure show chassis enclosure show controllers enclosure This command is supported, but not with the enclosure

argument.

enclosure show cpus [enclosure] This command is supported, but not with the enclosure argument.

enclosure show fans enclosure show io-cards [enclosure] This command is supported, but not with the enclosure

argument.

enclosure show memory [enclosure] This command is supported, but not with the enclosure argument.

enclosure show nvram enclosure show powersupply enclosure show summary enclosure show temperature-sensors enclosure show topology enclosure test topology filesys archive filesys clean update-stats Deprecated. Use filesys show space instead.

filesys encryption filesys encryption passphrase change Deprecated. Use system passphrase change instead.

filesys retention-lock Deprecated. Use mtree retention-lock instead.

filesys show compression tier The tier option is not supported.

filesys show history Deprecated. Use filesys show compression daily instead.

ha create Not supported by DDVE in cloud

ha destroy Not supported by DDVE in cloud

ha status Not supported by DDVE in cloud

ha failover Not supported by DDVE in cloud

ha online Not supported by DDVE in cloud

ha offline Not supported by DDVE in cloud

license The license commands are not supported because DDVE uses new elicense commands.

mtree show compression mtree_path tier net aggregate net config ifname type cluster

Administering DDVE 35

Table 6. Unsupported commands and command options (continued)

Unsupported command or command option Notes

net create interface virtual-ifname net create interface physical-ifname vlan vlan-id

net create virtual vethid net destroy virtual-ifname net destroy vlan-ifname net failover net modify virtual-ifname bonding {aggregate | failover net set portnaming ndmp ndmpd nfs option disable report-replica-as- writable

Deprecated. Use filesys option disable report- replica-as-writable instead.

nfs option enable report-replica-as-writable Deprecated. Use filesys option enable report- replica-as-writable instead.

nfs option reset report-replica-as-writable Deprecated. Use filesys option reset report- replica-as-writable instead.

nfs option show report-replica-as-writable Deprecated. Use filesys option show report- replica-as-writable instead.

perf * module vtl san shelf migration start Not supported by DDVE in cloud

shelf migration status Not supported by DDVE in cloud

shelf migration suspend Not supported by DDVE in cloud

shelf migration resume Not supported by DDVE in cloud

shelf migration precheck Not supported by DDVE in cloud

shelf migration option Not supported by DDVE in cloud

shelf migration finalize Not supported by DDVE in cloud

shelf migration show history Not supported by DDVE in cloud

snapshot add schedule name [days days] time time [,time...] [retention period]

Deprecated. Use snapshot schedule create instead.

snapshot add schedule name [days days] time time every mins [retention period]

Deprecated. Use snapshot schedule create instead.

snapshot add schedule name [days days] time time-time [every hrs | mins] [retention period]

Deprecated. Use snapshot schedule create instead.

snapshot del schedule {name | all} Deprecated. Use snapshot schedule destroy instead.

snapshot modify schedule name {[days days] | time time [,time...] | [retention period]}

Deprecated. Use snapshot schedule modify instead.

36 Administering DDVE

Table 6. Unsupported commands and command options (continued)

Unsupported command or command option Notes

snapshot modify schedule name {[days days] | time time every {mins | none} | [retention period]}

Deprecated. Use snapshot schedule modify instead.

snapshot modify schedule name {[days days] | time time-time [every {hrs | mins | none}] | [retention period]}

Deprecated. Use snapshot schedule modify instead.

snapshot reset schedule Deprecated. Use snapshot schedule reset instead.

snapshot show schedule Deprecated. Use snapshot schedule show instead.

storage add enclosure enclosure-id storage add disk enclosure-id.disk-id storage remove enclosure enclosure-id storage remove disk enclosure_id.disk-id system firmware system option set console system retention-lock system sanitize system show anaconda system show controller-inventory system show nvram system show nvram-detailed system show oemid system upgrade continue user user change priv Deprecated, with no replacement.

vserver config set host Not supported by DDVE in cloud

vserver config reset Not supported by DDVE in cloud

vserver config show Not supported by DDVE in cloud

vserver config perf-stats start Not supported by DDVE in cloud

vserver config perf-stats stop Not supported by DDVE in cloud

vserver config perf-stats status Not supported by DDVE in cloud

vtl lunmask Deprecated. Use vtl group instead.

vtl lunmask add Deprecated. Use vtl group add instead.

vtl lunmask del Deprecated.

vtl lunmask show Deprecated. Use vtl group show instead.

Troubleshooting performance issues You can check DDVE performance statistics as follows:

You can also use the following to monitor benchmark performance:

Administering DDVE 37

Extensions to DDOS for DDVE on page 30 provides more information about commands.

CPU Performance

The two key statistics for CPU performance are:

CPU usageCPU usage as a percentage during the interval CPU readyThe percentage of time that the virtual machine was ready, but could not get scheduled to run on the physical

CPU. This counter might not be displayed by default.

If these counters are high, there may be a performance problem on the hypervisor host.

Memory Performance

Memory swappingThe key statistic for memory performance, which is the current amount of guest physical memory swapped out to the virtual machines swap file.

Virtual Disk Performance

The key statistics for virtual disk performance are:

I/O throughputA decrease in these values indicates a performance issue. I/O latencyAn increase in read and write latency values indicates a performance problem. Failed commandsAn increase in the average number of outstanding read and write requests indicates a performance problem.

38 Administering DDVE

Best Practices for Working with DDVE in the Cloud

This chapter includes the following topics:

Topics:

Supportability ASUP Configuration Increase GCP resource quota GCP Licensing Storage best practices Security best practices

Supportability Use this procedure to connect to the serial console.

About this task

The interactive serial console is useful to debug boot and networking issues, troubleshoot malfunctioning instances, interact with the GRand Unified Bootloader (GRUB), and perform other troubleshooting tasks. GCP supports enabling interactive serial console access for an individual instance or an entire project. We recommend enabling the serial console for the DDVE.

Steps

1. Navigate to Compute Engine>VM Instances on the GCP web console.

2. Select your DDVE instance.

3. Click Connect to serial console.

4. In the console dialog box, log in using the DDVE credentials.

NOTE: GCP Serial Console provides more information.

ASUP Configuration Enable AutoSupport (ASUP) in DDVE to ensure that ASUPs and alert emails from your system are sent to the DD system.

Set up the following:

Administrator: Enter a password and email address for the Administrator. Email/Location: Enter the mail server used to send outgoing alert and ASUPs to recipients. Recipients are subscribers

to groups. A group that is named default is created with the email address of two subscribers: the administrator and autosupportalert@autosupport.datadomain.com. The location field is for your information, only.

Summary: Review the summary carefully. The default address for alerts and autosupport emails is autosupportalert@autosupport.datadomain.com. A detailed autosupport and an alert summary are scheduled to run daily at 06:00.

A

Best Practices for Working with DDVE in the Cloud 39

Increase GCP resource quota GCP might have a default quota setup for each region/zone for your project. To support DDVE 16 TB, 32 TB, 96 TB, and 256 TB requirements, increase the quota before deploying DDVE. Because only an SSD persistent disk is supported as a data disk, ensure that the SSD persistent disk meets the quota requirement. If you plan to deploy multiple DDVE instances, you might also need to increase other resource quotas, such as CPU number, IP address number, and instance number. Storage Best Practices provides more requirement details.

You can determine each resource requirement by multiplying the number of requirements by the planned instance number. GCP Resource Quotas provides more information about sending a quota increase request.

GCP Licensing The DDVE license is node locked, which means the same license cannot be used on multiple DDVE instances. To facilitate DDVE license management, we recommend using a served-mode license for multiple DDVE instances.

NOTE:

The DDVE license might become invalid after removing the first NIC ethV0.

In the case of a head swap, a served-mode license continues to work on new DDVE instance. Other license types require

that you re-activate the license.

You can create a new DDVE instance from GCP snapshot. A served-mode license is automatically checked out from the

license server on the new instance, as long as the license server has sufficient licenses. Other license types require that

you re-activate the license.

Storage best practices

Storage type

Ensure that you use the appropriate storage type. DDVE on GCP uses the standard persistent disk (HDD) for the root disk. The NVRAM disk and all metadata disks use the SSD persistent disk.

NOTE: For GCP, the hard limit of total throughput per instance is 120 MB/s. The HDD disk cannot meet this requirement.

Object storage specifications for DDVE on GCP

The following table shows the instance types and storage types that are required for the Object Store. The compression ratio in your environment might require more metadata disks.

Table 7. Storage Configuration Types for DDVE on GCP

DDVE Configuration

Instance Type Root Disk/Size NVRAM Disk Metadata Disk Number of Metadata Disks

Data Storage

16 TB e2-standard-4 SSD persistent disk/250 GB

SSD persistent disk/10 GB

SSD persistent disk/1024 GB

1-2 Google Cloud Storage (Regional is recommended)

32 TB e2-standard-8 SSD persistent disk/250 GB

SSD persistent disk/10 GB

SSD persistent disk/1024 GB

1-4 Google Cloud Storage (Regional is recommended)

96 TB e2-standard-16 SSD persistent disk/250 GB

SSD persistent disk/10 GB

SSD persistent disk/1024 GB

1-10 Google Cloud Storage (Regional is recommended)

40 Best Practices for Working with DDVE in the Cloud

Table 7. Storage Configuration Types for DDVE on GCP (continued)

DDVE Configuration

Instance Type Root Disk/Size NVRAM Disk Metadata Disk Number of Metadata Disks

Data Storage

256 TB e2-standard-32 SSD persistent disk/250 GB

SSD persistent disk/10 GB

SSD persistent disk/2048 GB

1-13 Google Cloud Storage (Regional is recommended)

GCP Machine Types provides more details about GCP instance types.

NOTE: If DDVE in GCP uses the incorrect instance type, an incorrect virtual hardware configuration alert appears.

Storage Specifications for Block Storage for DDVE on GCP

The following table shows the instance types and storage types that are required for Block Storage. Each instance type supports both Block Storage and Object Storage solutions, but the maximum supported capacity is 16 TB.

Table 8. Storage Configuration Types for Block Storage

DDVE Configuration Instance Type Root Disk/Size NVRAM Disk Data Disk

16 TB e2-standard-4 SSD persistent disk/250 GB

SSD persistent disk/10 GB

SSD persistent disk/ 2048 GB

GCP Machine Types provides more details about GCP instance types.

NOTE: If DDVE in GCP uses the incorrect instance type, an incorrect virtual hardware configuration alert appears.

Storage Size Specifications

The compression ratio in your environment might require more metadata disks.

Table 9. Storage size specifications

Capacity Configuration

Instance Type Storage Configuration Type

Root Disk NVRAM Disk Metadata Disk

Up to 16 TB e2-standard-4 250 GB 10 GB 2 x 1024 GB

16 TB32 TB e2-standard-8 250 GB 10 GB 4 x 1024 GB

32 TB96 TB e2-standard-16 250 GB 10 GB 10 x 1024 GB

96 TB256 TB e2-standard-32 250 GB 10 GB 13 x 2048 GB

NOTE: The metadata requirements that are listed for supported virtualization platforms are based on 10X deduplication

ratio and 2X compression. Your system configuration may require a higher storage ratio. Expand the storage if required.

Supported Stream Count

Table 10. Supported stream and MTree count (Object Storage)

Capacity Configuration (TiB)

Instance Type vCPUs Memory Max MTree

Stream Counts

Read Write Replication In

Replication Out

Combined

16 e2-standard-4 4 16 6 30 45 45 42 60

32 e2-standard-8 8 32 14 50 90 90 82 90

Best Practices for Working with DDVE in the Cloud 41

Table 10. Supported stream and MTree count (Object Storage) (continued)

96 e2-standard-16 16 64 32 50 180 180 100 180

256 e2-standard-32 32 128 128 110 540 540 220 540

Table 11. Supported stream count (Block Storage)

Capacity Configuration (TiB)

Instance Type vCPUs Memory Max MTree

Stream Counts

Read Write Replication In

Replication Out

Combined

16 e2-standard-4 4 16 6 30 45 45 45 60

Metadata Disk Storage Expansion Notes

You can deploy metadata disks incrementally. The minimum incremental size is 1 TiB. Add metadata disks as required up to the supported system capacity. The following table lists the recommended number of metadata disks by instance. The information is based on the assumption of 2X overall deduplication ratio (10X deduplication and 2X compression). For workloads with a higher deduplication ratio, additional metadata storage is required.

Table 12. Recommended metadata disks by instance

Instance Recommended metadata disks

16 TB 2 (1 TB)

32 TB 4 (1 TB)

96 TB 10 (1 TB)

256 TB 13 (2 TB)

When adding the volume, there is no requirement to specify a spindle group. The spindle group assignment is balanced automatically when storage is added. It is recommended that you do not manually set or change the spindle group setting. Run storage show all to verify that each data volume has been assigned to a different spindle group.

Data Storage Configuration Notes for Object Storage Solution

The bucket that is provided during file system creation must be empty, otherwise file system creation fails. When the file system is destroyed, the associated bucket and the objects it contains are not automatically deleted or

removed. The bucket must be deleted intentionally to avoid incurred costs with the content stored in the object store.

Security best practices

Avoid public IP address

To prevent brute force attacks on the DDVE, do not configure DDVE with a public IP address.

Secure access

DDVE supports the authentication methods listed in the following table:

Table 13. Access types and authentication

Access Type Authentication Methods

GUI username/password X509 certificates

SSH username/password

42 Best Practices for Working with DDVE in the Cloud

Table 13. Access types and authentication (continued)

Access Type Authentication Methods

SSH key pair

REST API username/password X509 certificates

For better security, we recommend that you disable the username/password-based user authentication. If the username/ password based authentication is required, configure it with a strong password.

NOTE: Do not disable password-based login if you want to configure Avamar Virtual Edition, NetWorker, or other backup

software to connect to DDVE in GCP, because these products use password authentication for communication between

them.

Security best practices

Because GCP is a public cloud, pay attention to the security in your deployment. We suggest these best practices:

Use public key based authentication for SSH access. Use certificate based authentication for DDSM access. Do not configure public IP for DDVE in GCP. Enable encryption for DDFS and replication. Use an external KMIP server to store encryption keys.

When deploying DDVE from the Google cloud console, you cannot assign a password for the DDVE default user sysadmin, but you can assign a public key for the sysadmin.

Note the important differences between the DDVE and the standard Linux flavor in GCP:

After deployment, the DDVE SSH user/password login is enabled. The default password is the instance ID (instanceid) of the DDVE. On first login, you must change the password.

If you assign a public key when deploying DDVE from the Google cloud console, you can access DDVE over SSH key pair. For DDVE, the public key is applied only to the sysadmin user. In standard Linux, if you provide a public key with the format

ssh-rsa [KEY_VALUE] [USERNAME], and then create a USERNAME, this public key is applied only to this user.

IP Tables feature

After protecting the DDVE using secure setup, in DDVE you can filter the network traffic that enters by using the iptables feature. The Net Filter section of the DDOS Command Reference Guide provides more configuration information.

Firewall rule settings

Because the DDVE instance on GCP is always running in a VPC, configure the VPC so that only required and trusted clients have access to the DD system. The following tables show the TCP and UDP ports that are used by the DD system for inbound and outbound traffic the services that use them. Consider the following information when configuring VPC firewall rules. GCP firewall rules provides more information.

Inbound control

The following table lists the inbound ports used by DDVE.

Table 14. Inbound ports used by DDVE

Port Service Description

TCP 22 SSH Used for SSH (CLI) access and for configuring DDVE.

TCP 443 HTTPS Used for DDSM (GUI) access and for configuring DDVE.

TCP 2049 DD Boost/NFS Main port used by NFS. You can modify using the nfs set server-port command which requires SE mode.

Best Practices for Working with DDVE in the Cloud 43

Table 14. Inbound ports used by DDVE (continued)

Port Service Description

TCP 2051 Replication/DD Boost/ Optimized Duplication

Used only if replication is configured (run replication show config on DD system to determine). You can modify this port using replication modify.

TCP 3009 SMS (system management) Used for managing a system remotely with DD System Manager. This port cannot be modified. This port must be open if you plan to configure replication from within the DD System Manager, as the replication partner needs to be added to the DD System Manager.

Depending on the protocol that is used to backup data to DDVE, additional ports are enabled with inbound firewall rules. Ports for inbound traffic provides a complete list of all ports enabled for inbound traffic for DD systems.

Outbound control

The following table lists the outbound ports that are used by DDVE.

Table 15. Outboard ports used by DDVE

Port Service Description

UDP 123 NTP Used by the DD system to synchronize to a time server.

TCP 443 HTTPS Used for DDVE to communicate with outside services.

TCP 2049 DD Boost/NFS Main port used by NFS - can be modified using the nfs set server-port command which requires SE mode.

TCP 2051 Replication/DD Boost/ Optimized Duplication

Used only if replication is configured (run replication show config on DD system to determine). This port can be modified using replication modify.

TCP 3009 SMS (system management) Used for managing a system remotely using DD System Manager. This port cannot be modified. This port will also need to be opened if you plan to configure replication from within the DataDomain System Manager, as the replication partner needs to be added to the DD System Manager.

Depending on the other applications/services that are being used, additional ports are enabled for outbound firewall rules. For a complete list of all ports enabled for outbound traffic for DD systems, see Ports for outbound traffic table.

44 Best Practices for Working with DDVE in the Cloud

Networking Best Practices for DDVE in the Cloud

This chapter includes the following topics:

Topics:

VPC architecture Multiple NICs for DDVE in GCP Default DHCP configuration Ports for inbound traffic Ports for outbound traffic

VPC architecture It is recommend that you use public or private subnet architecture to deploy the DDVE in a private subnet. It will secure the DDVEs (VMs) with the appropriate VPC components such as route tables, access control lists, and firewall rules.

Multiple NICs for DDVE in GCP Follow this guidance when deploying a DDVE with multiple NICs.

Assign multiple NICs when deploying the DDVE. GCP does not support adding additional NICs after the VM has been deployed.

Ensure the first NIC ethV0 is not disabled Ensure that each NIC is in a different VPC. This is a GCP requirement.

Default DHCP configuration Dynamic Host Configuration Protocol (DHCP) is enabled by default for up to two interfaces in the DDVE. If there are additional interfaces, DHCP can be manually enabled or those interfaces can be configured manually. All the interfaces in DDVE can be configured manually using static IP addresses. However, ensure that the IP addresses are known to the corresponding network interfaces in GCP.

Ports for inbound traffic The following are the ports that are used by the DD system for inbound traffic.

Table 16. Ports Used by DD System for Inbound Traffic

Port Service Note

TCP 21 FTP Port is used for control only if FTP is enabled (run 'adminaccess show' on the DD system to determine if this is the case).

TCP 22 SSH Port is used only if SSH is enabled (run 'adminaccess show' on the DD system to determine if this is the case).

TCP 23 Telnet Port is used only if Telnet is enabled (run 'adminaccess show' on the DD system to determine if this is the case).

B

Networking Best Practices for DDVE in the Cloud 45

Table 16. Ports Used by DD System for Inbound Traffic (continued)

Port Service Note

TCP 80 HTTP Port is used only if HTTP is enabled (run 'adminaccess show' on the DD system to determine if this is the case).

TCP 111 DDBOOST/ NFS (portmapper) Used to assign a random port for the mountd service used by NFS and DDBOOST. Mountd service port can be statically assigned.

UDP111 DDBOOST/ NFS (portmapper) Used to assign a random port for the mountd service used by NFS and DDBOOST. Mountd service port can be statically assigned.

UDP 123 NTP Port is used only if NTP is enabled on the DD system. Run ntp status to determine if this is the case.

UDP 137 CIFS (NetBIOS Name Service) Port used by CIFS for NetBIOS name resolution.

UDP 138 CIFS (NetBIOS Datagram Service) Port used by CIFS for NetBIOS Datagram Service.

TCP 139 CIFS (NetBIOS Session Service) Port used by CIFS for session information.

UDP 161 SNMP (Query) Port is used only if SNMP is enabled. Run 'snmp status' to determine if this is the case.

TCP 389 LDAP LDAP server listens on this port for any LDAP client request. By Default it uses TCP.

TCP 443 HTTPS Port is used only if HTTPS is enabled (run adminaccess show on the DD system to determine if this is the case).

TCP 445 CIFS (Microsoft-DS) Main port used by CIFS for data transfer.

TCP 2049 DD Boost / NFS Main port used by NFS. Can be modified via the 'nfs set server-port' command. Command requires SE mode.

TCP 2051 Replication / DD Boost / Optimized Duplication

Port is used only if replication is configured on the DD system. Run replication show config to determine if this is the case. This port can be modified via the replication modify command.

TCP 2052 NFS Mountd / DD BOOST / Optimized Duplication

Main port used by NFS MOUNTD

TCP 3009 SMS (System Management) Port is used for managing a system remotely using Web Based GUI DD EM (DD Enterprise Manager). This port cannot be modified. This port is only used on DD systems running DDOS 4.7.x or later. This port will also need to be opened if you plan to configure replication from within the DD GUI interface, as the replication partner needs to be added to the DD Enterprise Manager.

TCP 5001 iPerf Port is default used by iperf. To change the port, it requires -p option from se iperf or port option from the net iperf command. The remote side must listen on the new port.

TCP 5002 Congestion-checker Port is default used by congestion-checker, when it runs iperf. To change the port the new port needs to be specified in the port option of the net congestion-check command. The remote side must also be listen on the new port. It is available only for DDOS 5.2 and above.

46 Networking Best Practices for DDVE in the Cloud

Ports for outbound traffic The following are the ports that are used by the DD system for outbound traffic.

Table 17. Ports Used by DD System for Outbound Traffic

Port Service Note

TCP 20 FTP Port is used for data only if FTP is enabled (run adminaccess show on the DD system to determine if this is the case).

TCP 25 SMTP Used by the DD system to send email autosupports and alerts.

UDP/TCP 53 DNS Port is used by DD system to perform DNS lookups when DNS is configured. Run net show dns to review DNS configuration.

TCP 80 HTTP Used by DD system for uploading log files to DD Support via the support upload command.

UDP 123 NTP Used by the DD system to synchronize to a time server.

UDP 162 SNMP (Trap) Used by the DD system to send SNMP traps to SNMP host. Use snmp show trap-hosts to see destination hosts and snmp status to display service status.

TCP 443 HTTPS Port is used for communicating with Object store (S3).

UDP 514 Syslog Used by the DD system to send syslog messages, if enabled. Use 'log host show' to display destination hosts and service status.

TCP 2051 Replication / OST / Optimized Duplication

Used by DD system only if replication is configured. Use replication show config to determine if this is the case.

TCP 3009 SMS (System Management) Port is used for managing a system remotely using Web Based GUI DD EM (DD Enterprise Manager). This port cannot be modified. This port is only used on DD systems running DDOS 4.7.x or later. This port will also need to be opened if you plan to configure replication from within the DD GUI interface, as the replication partner needs to be added to the DD Enterprise Manager.

TCP 5001 iPerf Port is default used by iperf.To change the port, it requires -p option from se iperf or port option from the net iperf command. And the remote side must listen on the new port.

TCP 5002 Congestion-checker Port is default used by congestion-checker, when it runs iperf. To change the port the new port needs to be specified in the port option of the net congestion-check command. The remote side must also be able to listen on the new port. It is available only for DDOS 5.2 and above.

TCP 27000 Avamar client communications with Avamar server

Avamar client network hosts.

TCP 27000 Avamar server communications with Replicator target server (Avamar proprietary communication)

Required if server is used as replicator source.

TCP 28001 Avamar client communications with administrator server

Avamar clients required.

TCP 28002 Administrator server communications with Avamar client

Optional for browsing clients and cancelling backups from Avamar administrator management console.

TCP 29000 Avamar client Secure Sockets Layer (SSL) communications with Avamar server

Avamar clients required.

TCP 29000 Avamar server SSL communications with Replicator target server

Required if server is replicator source.

Networking Best Practices for DDVE in the Cloud 47

Installing and Configuring DDVE on Block Storage in the Cloud

This chapter includes the following topics:

Topics:

Deploying DDVE on Google Cloud Platform Block storage Configuring DDVE block storage on the Google Cloud Platform

Deploying DDVE on Google Cloud Platform Block storage Learn about deploying DDVE on GCP block storage.

See Deploy DDVE from GCP marketplace on page 13, and select the 16 TB Capacity under Machine Configuration > Machine types.

The 16 TB capacity is the only model that is supported for the block storage solution.

By default, two disks of each 1 TiB disk are added to the instance.

Select Allow overriding the default meatada disks number, and enter the required number of disks in the text field Number of Metadata disks to override default value.

You can enter a number up to 16 since 16 TB is the maximum supported disk capacity for the block storage solution.

NOTE: For the block storage solution, the metadata disks are actually data disks. Disregard the metadata designation in this

case, and consider these disks as user data disks.

Ensure that the system meets the requirements that are listed.

Table 18. GCP System Requirements

Instance type Requirement

CPU 4 cores

Memory 16 GiB

System Disk Boot disk: 250 GB Standard persistent disk

NVRAM disk: 10 GB SSD persistent disk

Storage Capacity 16 TB

Enabling or updating SSH keys after deployment

DDVE supports assigning SSH keys during deployment from the Google Cloud console, but you cannot use the Google Cloud console to update SSH keys after deployment. DDVE adds both project-wide and instance-level SSH keys only during the first boot. Use this procedure to enable or update SSH keys.

Steps

1. Generate SSH key pairs in any Linux client if you do not have SSH keys ready.

$ ssh-keygen t rsa Generating public/private rsa key pair.

C

48 Installing and Configuring DDVE on Block Storage in the Cloud

Enter file in which to save the key (/home/yourusername/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/ yourusername /.ssh/id_rsa. Your public key has been saved in /home/ yourusername /.ssh/id_rsa.pub. The key fingerprint is: SHA256:QcPMwxTVRMpDZ3SrnmZKm4mLpmdhmSHAt4hpjTf6FD4 yourusername@yourlinuxclient The key's randomart image is: +---[RSA 2048]----+ | . *=oo=* . | | o . .*+ +.. . | | oo+ . ..+ . | |oo.=o . . . . | |. + o. +S . | | . E = . . | | o .. . . = | | . +. o B | | .=. o.= | +----[SHA256]-----+

Default options create a pair of SSH keys in the $HOME/.ssh/ directory. The private key file is id_rsa, and the public key file is id_rsa.pub.

2. Run the following command to add the public key content to DDVE: adminaccess add ssh-keys user sysadmin

sysadmin@myddve1# adminaccess add ssh-keys user sysadmin Enter the key and then press Control-D, or press Control-C to cancel. ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyYNyPI1QjpmWbDjbTqkqe7qi3wc97K5JpygX9EeLNEY3VQqzAJsfHwv xkPnyOqKiYXOV3johwQKiZct2/1MUEpd8MvMCaDhlzyf7OrJ7DNgI5P8Ilh/ dhCxe6W0crlWcG6UE+ldHzbRrphhMzdt2CNJ3nh/gLGMpQGASHtCJZrXzUHCqu/ vivfdm6Zy2bbsNYeCdbJ6MJwaQ2FnKUhGAyeDi7SdsXb+kizokL6J5dJHKDhIJY2lNfF5jclpkoM694wvfSupe +Zz4tx7EVlxDi2BtLrwRSiRWtTIsXYGiyz2Wx3AWzxPGSkLLqBEk0AacWsGba4hElLiAa31NZI5mt SSH key accepted.

NOTE:

You can disable some key pair access by deleting the corresponding key from DDVE with the following command:

adminaccess del ssh-keys user sysadmin.

You can list keys and get the by running the following command: adminaccess show ssh-keys user sysadmin.

sysadmin@ # adminaccess show ssh-keys user sysadmin

User "sysadmin" : 1 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGKQpC6UL9B4Nd5yGj4GsdKbdPnBTc1D7h sY1GXZ/WeZzdDZDDRUplKaKV8dLJLJ/S9fOpxA3FlroLQxha77cy8= google-ssh {"userName":"cloudboost .blr@gmail.com","expireOn":"2018-08-28T09:07:10+0000"}

2 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPfRza+rT93vmT9XqMRHWjpjInAxG3HzX0 g4pGzY5J5vu1VmLNKYodmESCXxuSjKD8hJko+6emdnVl2OlzFIv5k= google-ssh {"userName":"cloudboost .blr@gmail.com","expireOn":"2018-08-28T09:06:51+0000"}

3 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAGt7Gbl1IR70bO/ Yj9RD8iOLbhhTuvXTJPf62lbZk6GUFLLbVzYgg7fgMm+YOAqNiiNpx+fC26zkwKNRHl6o1HG3xHj6tOviG6Y8E VM8pXOvkI4n0beMkk8MhohkoiFO7YZECcfqysVdjcQf4CEl8ivs4bOTco6 qAG11cYzG2Xg8wDchwgAklI2+TPzk8oGpfBoDkrEbUN5lQshWy5i0k50eLcMVPoiAwJEfsenD1X6k9xC3qeBRs +ck6gPUmyIJXfjAU2gdfQDcwIrEIzLjKS7nChrJ+705EkFX3IhbaStosTS9WmrxhDZUBMQejXXk9DSqyj7kn5u 2VPP9eDRwGlc= google-ssh { "userName":"cloudboost.blr@gmail.com","expireOn":"2018-08-28T09:06:50+0000"}

4 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCQ1HwgGdLjpHZ7XZYEfq2nV2YFBJxecoF MVjewDhLSKW6XG1jmySpgsyZNmze/NcXwcZmzxN6Rxkj5ObQ3nBOo= google-ssh {"userName":"cloudboost .blr@gmail.com","expireOn":"2018-08-28T09:06:46+0000"}

Installing and Configuring DDVE on Block Storage in the Cloud 49

5 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCBkkwQaZpErCrAuuaDI1MysqnC+xBM9LVGJaFriEmvcwoXG8/ 8k66r+Y6t1Qw/ JWJVSCA15+MNdD9uDGqFaLve3CdOwVIiYXT3CH0YR6V+cIZjQ2iLVXKoFT1Ch3XVAG6N88h8VuhiM/6mPm/ sGC3Jhrl4pkC wUCD3xTywGt2SCMbumXtNs/QCOX50rog6/i7iyyyQ2SAWT1C3cXo5ImC5S/ TophAma532J9dPZl0kGoFYubh2h9D9zPdQJr8VkjFiBRazH4pp6yIZoNy3xgjmz5RJPYITurOK9hPyiHWMtj0l Zyrbviq4a57KYfSWcbAd1eIGyqdlwooP/OYPLNRD google-ssh { "userName":"cloudboost.blr@gmail.com","expireOn":"2018-08-28T09:06:45+0000"}

3. Run the following command to disable password login for additional security: adminaccess option set password- auth disabled

sysadmin@myddve1# adminaccess option set password-auth disabled ** Disabling password based authentication will disallow users to login using password. Ensure users have other login option(s) configured to access the system. Do you want to continue? (yes|no) [no]: yes

** Import CA certificate for "login-auth" application to enable GUI/Web-services access. Adminaccess option "password-auth" set to "disabled".

Adding NICs for DDVE

By default, DDVE is provisioned with one NIC for Google Cloud Platform. You cannot add more NICs to existing virtual machines, but you can create a DDVE with multiple NICs when you deploy the DDVE instance.

Steps

1. Configure each NIC with a different VPC. Creating Instances with Multiple Network Interfaces provides additional information.

2. Add additional NIC cards.

For a customized instance type, you can add one NIC per vCPU, up to a maximum of 8 NIC cards.

Adding disks for DDVE from the GCP console

Prerequisites

Verify that sufficient licensed capacity is available to add capacity to the DDVE instance. Ensure that the DDVE instance can support the new capacity. DDVE in GCP supports up to 16 TB.

About this task

Although GCP provides four types of disk storage, DDVE supports only the following: SSD persistent diskfor the root disk SSD persistent diskfor the root disk, NVRAM disk, and metadata/data disks

New storage for the DDVE must meet the following requirements:

The minimum size of the first data disk is 477 GiB (512 GB). We recommend 2 TB. The recommended size for any subsequent data disks is 2 TB. The disk type must be SSD persistent.

Steps

Add more metadata disks for DDVE from the GCP web console on page 17 provides instructions to add a data disk to DDVE.

50 Installing and Configuring DDVE on Block Storage in the Cloud

Configuring DDVE block storage on the Google Cloud Platform You can configure block storage using the DDSM interface or the CLI interface.

Configuring DDVE block storage in GCP using the DDSM interface

Steps

1. Login to DD System Manager using the DDVE IP address. The default login credentials for the DDVE instance are sysadmin/changeme.

2. Add licenses. Select from the following licenses to apply:

Pre-installed Evaluation License License file License Server (if license server is available)

3. Accept the End User License Agreement.

4. Complete the configuration wizard, as follows:

a. For Network Settings accept the default settings, and click No to move to the File System settings. b. Click Yes to configure the File System settings. c. For Storage type, select Block Storage. d. Click Add to Tier, verify the disk is shown in the Active Tier, and click Next.

e. Review the summary and click Submit to create and enable the file system.

The DDVE configuration is complete. To view space usage and availability details for the Active Tier, select Data Management > File System.

Configuring DDVE block storage in GCP using CLI

You can configure DDVE block storage in GCP using the Command Line Interface (CLI) on Google Cloud Platform.

About this task

If you assigned an SSH key for the default user sysadmin when you deployed DDVE from the Google Cloud console, login to DDVE using either a key pair or a password.

Installing and Configuring DDVE on Block Storage in the Cloud 51

Steps

1. Log in to the DDVE instance to configure the system. The default password for the DDVE instance is the instance ID (instanceid).

# ssh sysadmin@ EMC DD Virtual Edition Password: Welcome to DD OS 6.2.0.10-xyz ------------------------------------------ sysadmin@myddve0#

2. During the first login, you are prompted to accept the EULA and change the password. The configuration wizard is launched.

3. Follow the steps in the wizard to add the elicense.

Do you want to configure system using GUI wizard (yes|no) [no]:

Network Configuration Configure Network at this time (yes|no) [no]:

eLicenses Configuration Configure eLicenses at this time (yes|no) [no]: yes

Available eLicense Files # File Name - ------------ 1 elicense.lic - ------------

Do you want to use an existing eLicense file (yes|no) [yes]: yes Enter the index of eLicense file [1|cancel] : 1

Pending eLicense Settings Existing Licenses: Capacity licenses: ## Feature Capacity Type State Expiration Date Note -- -------- -------- -------------------- ------ --------------- ---- 1 CAPACITY 0.45 TiB unexpired evaluation active n/a -- -------- -------- -------------------- ------ --------------- ----

Feature licenses: ## Feature Count Type State Expiration Date Note -- ------------------------- ----- -------------------- ------ --------------- ---- 1 REPLICATION 1 unexpired evaluation active n/a 2 DDBOOST 1 unexpired evaluation active n/a 3 RETENTION-LOCK-GOVERNANCE 1 unexpired evaluation active n/a 4 ENCRYPTION 1 unexpired evaluation active n/a -- ------------------------- ----- -------------------- ------ --------------- ----

New Licenses: Capacity licenses: ## Feature Capacity Type State Expiration Date Note -- -------- --------- --------------- ------ --------------- ---- 1 CAPACITY 87.31 TiB permanent (int) active n/a -- -------- --------- --------------- ------ --------------- ----

** New license(s) will overwrite existing license(s). Do you want to save these settings (Save|Cancel|Retry): Save

Successfully updated eLicenses.

52 Installing and Configuring DDVE on Block Storage in the Cloud

Filesystem Configuration Configure Filesystem at this time (yes|no) [no]:

System Configuration Configure System at this time (yes|no) [no]:

CIFS Configuration Configure CIFS at this time (yes|no) [no]:

NFS Configuration Configure NFS at this time (yes|no) [no]:

SMT Configuration Configure SMT at this time (yes|no) [no]:

Storage object-store profile Configuration Configure Storage object-store profile at this time (yes|no) [no]:

Configuration complete.

4. Run the following command to add storage: # storage add tier active dev3

sysadmin@myddve1# disk show state Dev 1 2 3 --- --------- 1-3 Y Y U --- ---------

Legend State Count ------ -------------- ----- U Unknown Device 1 Y System Device 2 ------ -------------- ----- Total 0 disks and 3 devs

sysadmin@myddve1# storage add tier active dev3

Object-store is not enabled. Filesystem will use block storage for user data. Do you want to continue? (yes|no) [no]: yes

Checking storage requirements...done Adding dev3 to the active tier...done

Updating system information...done

dev3 successfully added to the active tier.

5. Run the following command to add multiple storage devices at the same time.

# storage add tier active dev4-6

Checking storage requirements...done Adding dev4 to the active tier...done

Updating system information...done

dev4 successfully added to the active tier.

Checking storage requirements... done Adding dev5 to the active tier...done

Updating system information...done

dev5 successfully added to the active tier.

Checking storage requirements... done Adding dev6 to the active tier...done

Installing and Configuring DDVE on Block Storage in the Cloud 53

Updating system information...done

dev6 successfully added to the active tier.

6. Run the following command to view the attached disks. # storage show all

sysadmin@myddve1# storage show all Active tier details: Device Device Device Group Size ----------- ------ ------- (available) 3 1.0 TiB ----------- ------ -------

Spindle Devices Count Total Size Group ------- ------- ----- ---------- 1 3 1 1.0 TiB ------- ------- ----- ----------

Current active tier size: 1.0 TiB Active tier maximum capacity: 16.0 TiB

Capacity License: License Total Used Remaining -------- --------- -------- --------- CAPACITY 14.55 TiB 0.90 TiB 13.65 TiB -------- --------- -------- ---------

7. Run the following command to create the file system. #filesys create

sysadmin@myddve1# filesys create A filesystem of approximate size 846.65 GiB will be created. Do you want to continue? (yes|no) [yes]: yes

ok, continuing.

This will take 5 - 10 minutes.

Provisioning storage... ########################################### [100%]

Initializing filesystem... ########################################### [100%]

snapshot schedules deleted

You now have a freshly initialized filesystem. Enable the filesystem using 'filesys enable'.

8. Run the following command to enable the file system # filesys enable

sysadmin@myddve1# filesys enable Please wait.............................. The filesystem is now enabled.

NOTE: If the license file cannot be found in /ddr/var its content can be pasted in the console.

# elicense update license.lic Existing licenses:

No licenses found.

New licenses:

54 Installing and Configuring DDVE on Block Storage in the Cloud

Capacity licenses: ## Feature Capacity Type State Expiration Date Note -- -------- --------- --------------- ------ --------------- ---- 1 CAPACITY 87.31 TiB permanent (int) active n/a -- -------- --------- --------------- ------ --------------- ----

** New license(s) will overwrite all existing license(s).

Do you want to proceed? (yes|no) [yes]: yes

eLicense(s) updated.

Results

The DDVE configuration is complete.

To manually add an elicense or to update an elicense after the initial configuration, place the license file in the folder, /ddr/var/license.lic, and then run the command elicense update license.lic.

System Headswap for DDVE block storage in GCP

A system headswap recovers a DDVE instance from a head unit failure. The head unit refers to the DDVE root disk.

About this task

NOTE: The failed instance is referred to as instance A. The new instance is instance B.

Steps

1. Create instance B with the same instance type and DDOS build. Do not create an NVRAM disk for the new instance.

2. Detach the NVRAM and data disks from the failed head unit (instance A).

3. If instance B was deployed with an NVRAM disk, detach the NVRAM disk, then attach the NVRAM and data disks from instance A to instance B with the same order. Save the configuration of instance B.

Installing and Configuring DDVE on Block Storage in the Cloud 55

4. Run the system headswap command on instance B.

NOTE: The system restarts during the headswap process.

# system headswap

This command returns the system back to its prior operational conditions. The system will be rebooted before resuming normal operations.

** If system passphrase was set on the old head, you will need to do one of the following after headswap completes: - unlock the filesystem if you have encrypted data, or - set the system passphrase if you don't have encrypted data

Are you sure? (yes|no) [no]: yes

ok, proceeding.

Please enter sysadmin password to confirm 'system headswap': Re

Manualsnet FAQs

If you want to find out how the Google Cloud Dell works, you can view and download the Dell DD OS 7.5 Google Cloud Operating System Installation And Administration Guide on the Manualsnet website.

Yes, we have the Installation And Administration Guide for Dell Google Cloud as well as other Dell manuals. All you need to do is to use our search bar and find the user manual that you are looking for.

The Installation And Administration Guide should include all the details that are needed to use a Dell Google Cloud. Full manuals and user guide PDFs can be downloaded from Manualsnet.com.

The best way to navigate the Dell DD OS 7.5 Google Cloud Operating System Installation And Administration Guide is by checking the Table of Contents at the top of the page where available. This allows you to navigate a manual by jumping to the section you are looking for.

This Dell DD OS 7.5 Google Cloud Operating System Installation And Administration Guide consists of sections like Table of Contents, to name a few. For easier navigation, use the Table of Contents in the upper left corner.

You can download Dell DD OS 7.5 Google Cloud Operating System Installation And Administration Guide free of charge simply by clicking the “download” button in the upper right corner of any manuals page. This feature allows you to download any manual in a couple of seconds and is generally in PDF format. You can also save a manual for later by adding it to your saved documents in the user profile.

To be able to print Dell DD OS 7.5 Google Cloud Operating System Installation And Administration Guide, simply download the document to your computer. Once downloaded, open the PDF file and print the Dell DD OS 7.5 Google Cloud Operating System Installation And Administration Guide as you would any other document. This can usually be achieved by clicking on “File” and then “Print” from the menu bar.