COMMVAULT SnapProtect FieldGuide For NetApp Storage - Including SnapMirror and SnapVault Integration

Simpana SnapProtect Field Guide for NetApp Storage
June 2011
Configuring SnapProtect on NetApp Storage
Page 1
Contents
SnapProtect Field Guide Objective & Overview ...................................................................................4 NetApp Storage Overview ..................................................................................................................6 CommVault Integration Requirements for SnapProtect .......................................................................8 Array Software Licenses ............................................................................................................................ 8 Simpana Software ................................................................................................................................... 10 Software Requirements ...................................................................................................................... 10 Basic File System Environments .......................................................................................................... 10 Application Environments ................................................................................................................... 11 NAS Environments .............................................................................................................................. 11 Virtual Environments .......................................................................................................................... 11 SnapVault and SnapMirror Environments .......................................................................................... 12 Supported Applications and Operating Environments ....................................................................... 12 SnapProtect Array Configuration Details with NetApp FAS ................................................................ 13 NetApp Array Configuration ................................................................................................................... 13 SnapVault & SnapMirror ......................................................................................................................... 15 Data Fabric Manager (DFM) ................................................................................................................ 15 Steps to Configure the NetApp Architecture .......................................................................................... 16 SnapProtect Storage Policy Configuration .............................................................................................. 18 Enabling SnapVault and SnapMirror ................................................................................................... 21 The SnapProtect Process .................................................................................................................. 24 SnapProtect Backup Operation........................................................................................................... 24 Backup Copy Operations ..................................................................................................................... 24 Production Host Configuration ............................................................................................................... 26 For NAS Configurations ....................................................................................................................... 26 Application Configurations ................................................................................................................. 29 For VMware Configurations ................................................................................................................ 33 Microsoft HyperV Configurations ....................................................................................................... 35 Proxy Configuration ................................................................................................................................ 37 For Exchange ....................................................................................................................................... 37 For Oracle ............................................................................................................................................ 38 Configuration Verification Using SnapTest ........................................................................................ 40 Security & Storage Policy Best Practices............................................................................................ 47 Configuring SnapProtect on NetApp Storage Page 2
Security Roles ...................................................................................................................................... 47 Storage Policies ................................................................................................................................... 49 Manipulating Snapshots ................................................................................................................... 51 Mount/Dismount Snaps for Manual Browse .......................................................................................... 52 Reverting a Snapshot .............................................................................................................................. 55 Application Aware Revert ................................................................................................................... 55 Non Application Aware Revert............................................................................................................ 58 Out of Place Restore Capabilities (VMware Example) ......................................................................... 60 Appendix ......................................................................................................................................... 64 The SnapMirror Process Explained ......................................................................................................... 64 SnapMirror and DataAging Explained ................................................................................................. 67 VADP-SPE User Permissions .................................................................................................................... 71 Snap Reconciliation Registry Key ............................................................................................................ 72 Array Credentials for a Non Root User ................................................................................................... 73
Page 3
SnapProtect Field Guide Objective & Overview

The SnapProtect Field Guide provides detailed descriptions for configuring hardware based snapshot mechanisms with the CommVault Simpana Platform. This guide covers a brief introductory overview of the storage array with its built in technology and feature sets, along with the licenses and configuration requirements to integrate these controls with the CommVault Simpana Platform. This document covers multiple storage environments and use cases in detail with Best Practices for scheduling and Storage Policy management to achieve consistent results both for recovery and protection needs. Simpana SnapProtect enables a modernized approach to data protection merging hardware storage systems snapshots directly into the protection/backup process. By automatically integrating application intelligence with the array snapshot abilities, Simpana is able to reach through the application and file systems into the storage array and discover volume/disk configurations for the snapshot operations and coordinate these operations with proper application quiesce minimizing administrative configuration and eliminating any scripting requirements. When a scheduled protection job for the defined application runs, the source system quiesces the selected applications and automatically creates a set of persistent snapshots within the production storage system. Upon confirmation of successful snapshot creation by the host, the workload in the protection job shifts to a secondary proxy server to offload backup operations. This shift releases the production host and it returns to full production side operations. This allows a consistent data image to be created in minutes with RPOs aligning with the frequency of schedule. The Proxy completes the second half of the protection job by reaching into the SAN, mounting the snapshot and automatically indexing and cataloging the file-level contents of the snapshots relative to the production host and the selected contents while preserving application context. Unlike hardware based tools Simpana extends beyond simply creating or deleting snapshots. SnapProtect blends the speed and efficiency of array snapshots directly into the backup /recovery process offering full system recovery or single file/search and restore. Once the content aware indexing completes, the snapshot is retained in the array as a persistent recovery copy to provide the rapid recovery option to revert or restore the data volumes. The Proxy also serves a secondary role after the snapshot executes. The same snapshots can be mounted and the relevant file contents copied from the snapshot to the backup copy destination. Using the Proxy for this data movement offloads the backup burden from the production servers. The backup copy employs a separate retention than the snapshot allowing aggressive snapshot retention to conserve tier1 space to meet the RTO/RPO needs. As the data moves into the backup copy the original indexes are preserved and stored along with the data to ensure access from any location. More importantly, the backup copy leverages Simpanas data deduplication to move and store less data. In light of many of todays new privacy regulations, data encryption may also be a critical feature to apply to data to keep it highly secured from unwanted eyes. A modernized data management system ensures you can take advantage of both benefits at the same time; deduplicating data for reduction while also encrypting it for security without impacting Production Processes. Configuring SnapProtect on NetApp Storage Page 4
SnapProtect supports the leading SAN/NAS storage solutions from Dell, EMC, NetApp, LSI, HP, SUN, IBM and HDS. As of Simpana 9 Service Pack 2, CommVault integrated SnapProtect with the Thin Replication capabilities of the NetApp Storage Architecture. This enables joint CommVault and NetApp customers to leverage SnapVault and SnapMirror between NetApp arrays to provide disk to disk backups by only moving the changed blocks from one NetApp Array to the other through the Thin Replication relationships defined on the storage. Snapshots within the NetApp array replicate to another array while maintaining all previously mentioned capabilities for off-host proxy backups, indexing of all snapshot copies, etc. This provides customers with NetApp Storage a truly integrated approach to managing large data sets by leveraging one data management platform to create, mount, dismount, retain, recover, and delete snapshots as well as create thin provision replication policies and even provision storage on the secondary NetApp Array. Please refer to www.commvault.com for the most up to date revision of the supported hardware and software configurations.
Page 5
NetApp Storage Overview

NetApp provides customers a storage platform to meet all storage needs. From NAS-based storage to block based storage, NetApp continues to provide leading edge technology in the storage space for Physical, Virtual, and Network based storage. This guide provides a brief storage technology overview and necessary steps to configure Simpana SnapProtect with NetApp FAS systems. The NetApp FAS devices provide a unified storage platform for mixed data types and access protocols via the ONTAP operating system. NetApp supports NFS and CIFS based protocols for NAS storage as well as the ability to provision block-based storage for Fiber Channel and iSCSI connections. NetApp supports SATA, Fiber Channel, or SAS disk drives grouped together into RAID groups. RAID groups combined together into a pool of storage are aggregates from which volumes may be provisioned. The Data ONTAP operating system leverages these aggregate pools to configure "flexible volumes" for storing end user data. This type of thin provisioning enables NetApp storage arrays to virtualize multiple volumes over a vast number of spindles without the 1:1 RAID group restriction per volume. The thin provisioning capability increases overall performance on the array and enables customers to better utilize their storage capacity much more effectively. Traditional volumes may also be leveraged (where one or more RAID groups form a single static volume), but the abilities of thin provisioning has reduced their use. Flexible volumes offer advantages such as dynamic resizing, leveraging multiple spindles, and better performance for multiple volumes leveraging the same spindles. The only negative, a big one, is if space runs out in an aggregate, all shared volumes will be effect negatively so judicious IT monitoring is typically employed. NetApp has also enable checks and balances to help customers manage largely thin provisioned environments. The basis of NetApps storage platform is the Data ONTAP operating environment. NetApps Data ONTAP implements snapshots by tracking changes to disk-blocks on the WAFL file system. Changes that occur between snapshot operations are stored with pointers providing direct access the data set at the snapshot point in time. Due to the write-optimized fashion for executing snapshots, ONTAP executes snapshots in seconds. This differs from the snapshot technology provided by other storage vendors, which incorporate Copy-On-Write functionality (Changed blocks are written out to defined snap storage at the time of write). NetApp eliminates write penalties associated with Copy-OnWrite and highlights this as core differentiation for leveraging snapshot technology for DR, and fast SLA data access. NetApp introduced FlexClones in ONTAP 7 to allow snapshots to be mounted and modifiable. This becomes extremely important for data operations, refreshing environments, and fast access to data. Snapshots also have formed the basis for NetApp thin replication between two NetApp arrays via SnapVault and SnapMirror. Both processes require a Primary and Secondary Array license for SnapMirror or SnapVault, where the Primary License is for the source locations and the secondary is the destination location.
Page 6
While very similar in function, SnapVault and SnapMirror are two different technologies. SnapMirror relationships are between a specified source volume on a primary array and a destination volume where the replica lives on the secondary array. Once this relationship is created, SnapMirror will creates a snapshot copy of the data on the source volume and then copy only the delta blocks from the source to the destination read only volume. Updates can occur in a Synchronous, Semi Synchronous, or Asynchronous fashion (Simpana only supports a scheduled asynchronous replication today). When the scheduled replication occurs, the updates to the destination volume only reflect the incremental changes seen on the source. The result of this process is an online, read-only volume containing the same data as the source at the time of the most recent update, including any snapshots present on the source volume. Manually severing the SnapMirror allows the destination SnapMirror volume to be accessed as read write, or alternatively snapshots may be mounted as a FlexClone to execute DR operations from the destination volume. SnapVault relationships are between a specified source volume/qtree on a primary array and a destination volume/qtree where the replica baseline and snapshot vaulted versions live on the secondary array. For each Snapshot set, SnapVault saves the number of primary storage Snapshot copies you specify. The SnapVault secondary storage system carries out a specified set of scheduled data transfer and Snapshot actions. For each of its secondary volume/qtrees on a given volume, SnapVault retrieves, from the Snapshot data of each corresponding primary volume/qtree, the incremental changes to the primary volume/qtrees made since the last data transfer. Then SnapVault creates a volume Snapshot copy of the changes in the secondary volume/qtrees. For each transfer SnapVault saves the number of secondary storage Snapshot copies specified. The primary difference between SnapVault and SnapMirror is that SnapVault target volumes are not exact replicas of the source volumes they can have different retention criteria for the snaps than the source volumes. In SnapProtect all of these operations are orchestrated by a set of APIs built into DFM (Data Fabric Manager). DFM registers each of the arrays, and creates policies and relationships that define the replication topology, schedule, and retention. Required DFM components are: Operations Manager Protection Manager Provisioning Manager
Page 7
CommVault Integration Requirements for SnapProtect

Array Software Licenses
CommVault recommends, and depending on the application environment requires, enabling the following Array Licenses on the FAS to integrate with CommVault Software. FCP, ISCSI, CIFS, NFS These Array licenses enable features such as Fiber Channel Protocol, iSCSI protocol, CIFS file sharing and NFS File Sharing. Enable the appropriate license for those specific data types managed by CommVault and NetApp. DataFabric Manager (DFM) - A server running NetApp DataFabric Manager server software. DataFabric Manager 4.0.2 or later is required with licenses for Protection Manager, Operations Manager, and Provisioning Manager. FlexClone - NetApp FlexClone enables true cloning, instant replication of data volumes and data sets without requiring additional storage space at the time of creation. Each cloned volume is a transparent, virtual copy for use for essential enterprise operations, such as testing, bug fixing, platform, and upgrade checks, multiple simulations against large data sets, remote office testing and staging, and market-specific product variations. FlexClone is required to mount CIFS/NFS share snapshots for data protection. Any solution leveraging CIFS/NFS snapshots must have the flex clone license. In the absence of FlexClone in a Block-based configuration, SnapProtect will default to LUN Clone operations. Remember a LUN in NetApp is simply a file defined in a volume for presentation to a host. Depending on snapshot schedules, you will have a new LUN created within the same volume as the parent LUN. This will use no storage, and is great for running verifications, testing, reporting or even protection. LUN clones may prove to become problematic due to the nature of snapshots and the location of LUN clone data. A volume snapshot takes a copy of the file pointer tables of an entire volume. A LUN clone creates thin-provisioned clones of the parent LUN internal to the defined volume. Despite using no actual storage, the LUN clone becomes data snapped by any new snapshots taken after the LUN snapshot. This is where potential problems start as locked volumes and busy snapshot conditions may arise. To eliminate these complexities or management concerns FlexClone is highly recommend for Block devices as well as NFS and CIFS shares. SnapRestore Enables the ability to revert back single files, LUNS, and Volume from a snapshot in seconds. This drastically improves recovery performance as a copy out is not necessary. SnapMirror - NetApp replication technology used for DR. A mirror copy uses SnapMirror and requires a SnapMirror Primary and Secondary License to be available. SnapVault - NetApp replication technology used for backup and recovery. A vault copy uses SnapVault and requires a SnapVault Primary and Secondary License to be available.
No required software on the Production Host or Proxy is necessary for NetApp snapshot integration.
Page 8
Application/Environment
Application & FS iDAs NAS iDA (NetApp Only) Virtual Server iDA
Connection Protocol
iSCSI, FC, NFS CIFS, NFS iSCSI, FC, NFS
Minimum ONTAP Version2

7.3.5 7.3.5 7.3.5
FAS Licensed Feature

FlexClone1, Snap Restore FlexClone, SnapRestore FlexClone, SnapRestore
1 - With Block Based Storage, Flex Clone is not explicitly required. If FlexClone is not available, the FAS will default to LUN Clone. 2- C-MODE is not supported by SnapProtect as NetApp has not rolled out support for C-Mode DOT environments with the necessary SnapVault/SnapMirror capabilities.
Page 9
Simpana Software
Software Requirements CommVault for SnapProtect solutions will require the appropriate data agents as defined by the customer configuration. Below we will define a few terms in use going forward in this document: Production Host Server housing the actual production LUN being snapped or cloned Proxy Server mounting the snapshot or clone for backup purposes off of the Production Host Array Hardware Storage Array executing the snapshots File System iDA iDataAgent for protecting the file system of a host MediaAgent Agent for creating and managing snapshots as well as for writing data to backup targets Application iDA Agents providing for application aware data protection operations for applications such as SQL, Exchange, Oracle etc. Enables Application Aware snapshots Virtual Server Agent (VSA) Agent providing protection of Virtualization Environments without placing backup agents internal to the guests VSS Provider CommVault VSS Provider for Windows to allow for creation of snapshots with application consistency NAS iDA Logical IDA linked to an NDMP host for data protection operations
Note** - To enable SnapVault and SnapMirror functionality, the appropriate NetApp Hardware licenses must be available and the CommCell must have license type 196 added to provide support.
Basic File System Environments As with all configurations, a CommServe, necessary storage capacity, and MediaAgents must exist to enable a completely functional solution. On top of the basic infrastructure components, the SnapProtect base configuration requires the following agents on the Production Host: File System iDA (for the appropriate Operating System) MediaAgent CommVault VSS Provider (Windows Only)
For a configuration where snapshots mount off host to a Proxy server, implement the following agents on the Proxy server. File System iDA (Must be similar to Production Host OS) MediaAgent
Page 10
Application Environments When implementing for Application Environments simply add the appropriate snap supported Application iDA to the SnapProtect base configuration as follows on the Production Host: File System iDA (for the appropriate Operating System) MediaAgent CommVault VSS Provider Application iDA for selected Application
For a configuration where snapshots mount off host to a Proxy server, implement the following agents on the Proxy server. With SnapVault and Mirror capabilities the option to choose a Proxy Server from the Secondary Array is possible. To do so, the same software components must be available in the Proxy to Tape Server as well. File System iDA (Must be similar to Production Host OS) MediaAgent Application specific binaries to enable Proxy application API protection (i.e. Exchange Management Pack, Oracle for RMAN integration, etc.)
NAS Environments For Network Attached Storage environments (NetApp Only) the configuration is slightly different. Since a NAS iDA is a logical agent pointing to an assigned IP address to the NetApp FAS, nothing must be installed for the Production host. Simply configure the NAS iDA per Books Online and check the enable SnapProtect box under the client advanced properties to enable local ONTAP snaps to drive the protection operation. There is no notion of a Proxy in this configuration due to the local nature of the ONTAP snapshot. NDMP operations will simply function from the primary FAS. In the scenario where the customer wants to execute crashconsistent snapshots of VM, database, or application environments, the best way to achieve this is through the NAS iDA. It allows the customer to define the Volume, qtree, or LUN as the contents of a NAS iDA subclient and execute a crash consistent snap at the schedule defined on the subclient. Virtual Environments The SnapProtect with the Virtual Server Agent enables pointin-time snapshots with hardware snapshot engines to provide snapshot functionality for data protection operations of virtual guests. Using a dedicated ESX server for selective copy to tier2 storage completely removes any utilization on the Production ESX farm. The copy operation to tier2 storage enables Granular Recovery for individual file and folder recovery. Configuring SnapProtect on NetApp Storage Page 11
To enable SnapProtect for the Virtual Environment ensure the following: File System iDA (for the appropriate Operating System) MediaAgent Virtual Server Agent (VSA) iDA
The virtual server Agent may be running as a Hot Add mode guest external to the production farm to eliminate processing. The Virtual Server Agent leverages Proxy capabilities by default with no agents installed on the ESX server. SnapVault and SnapMirror Environments SnapProtect now extends enterprise management for backup and recovery in the data center for local Snapshot copies on NetApp primary storage and replication to secondary and tertiary storage, as well as tape creation. Any of the above environments discussed (application data, file data for NAS, file data in LUNs, or data in virtualized environments) with SnapVault and SnapMirror enables management, storage provisioning, cataloging, and the granular recoverability for seamless operation off of any copy.
Supported Applications and Operating Environments See Books Online for a complete listing of supported SnapProtect Applications and Operating Environments and any potential solution caveats. http://documentation.commvault.com
Page 12
SnapProtect Array Configuration Details with NetApp FAS

NetApp Array Configuration
Provisioning storage as a NFS/CIFS target or a LUN requires physical disks assignment in the Array to an Aggregate for storage usage. Volumes creation occurs within the Aggregate grouping of disks internal to the Array. Generation of Shares and Qtrees for NFS/CIFS access occurs within these volumes. Additionally LUNS live internal to the volumes for block-based access to hosts. NetApps snapshot mechanism is a pointer-based approach so blocks of the active file system blocks co-mingle with snapshot blocks internal to the LUN. Ensure sufficient space is available for snapshot generation and retention of the point in time copies. The required space directly correlates to the change rate of the data stored on the LUN and the number of snapshots retained. NetApps default setting is 20% for snapshot capacity. In the graphic below, note that the total volume size is greater than the total capacity. The extra space designates the reserved area for snapshots.
Note** - Ensure the Volumes/LUNS have enough space to accommodate the retention settings internal to Simpana for SnapProtect functions.
Page 13
Other Provisioning Best Practices include: When Possible - Group LUNs according to their rate of change: When planning for Snapshots, do not create LUNs with high rate of change in the same volumes as LUNs with a low rate of change. When calculating the size of volumes, use rate of change to determine the amount of space necessary for Snapshots. ONTAP takes Snapshots at a volume level and the rate of change of data in all LUNs affects the amount of space needed for Snapshots. A 1:1 Volume to LUN relationship is not Necessary, but may simplify Storage and Application Management. It is also best practice to ensure each LUN lives within a Qtree in SnapMirror and SnapVault configurations. Thin Provisioned Volumes with LUNS are a great way to provide flexibility to your storage provisioning and snapshot management; however, it is not required. SnapProtect will still provide the full suite of capabilities for recovery regardless of the Volume to LUN relationship and ratio. Disable NetApp Schedule for Snapshots on Volumes CommVault highly recommends disabling the native NetApp schedule for snapshots on volumes Simpana manages. This ensures snapshot retention and storage use is in line with the policies defined within Simpana. This may accomplished by un-checking the Scheduled checkbox for the volume from Filer View (below) or System Manager.
Page 14
Note** Failing to disable the internal snapshot scheduling set by default may cause contention issues if multiple calls occur at the same time for snapshot creation. Snapshot retention management only applies to CommVault Simpana generated snapshots.
SnapVault & SnapMirror

Data Fabric Manager (DFM) To Integrate SnapVault and SnapMirror it required to install Data Fabric Manager 4.0.2 and register all pertaining NetApp arrays with the Management Console. DFM may be installed on any Windows server in the environment and will require licensing keys for Operations Manager, Provisioning Manager and Protection Manager. Multiple DFM instances can be leveraged for distributed environments and redundancy control. Once installed it is required to define Resource Pools for the SnapVault secondary and SnapMirror secondary targets. SnapProtect will automatically provision the proper Qtree, volume, and/or LUN configuration for the desired source contents of the defined resource pools. Resource Pools are allocated by adding defined aggregates in the NetApp FAS. These can be created from within the NetApp Management Console.
Page 15
Steps to Configure the NetApp Architecture

Defining configuration properties for the NetApp Architecture requires arrays and DFM servers leveraged for SnapProtect to be defined in the Array Management area of the Simpana Control Panel. Defining the NetApp component to the platform enables execution of snapshot operations during the appropriate backup jobs using the credentials provided. To define a NetApp FAS: 1. Click on Array Management in the Control Panel
2. Select Add on the Array Management Dialog Box
3. Select NetApp for the Snap Vendor dropdown 4. Enter the Fully Qualified Domain Name or IP address of the Controller for the FAS in the Array ID field, or the FQDN of the DFM server in the Name field. 5. Enter a username and confirm the username password for the Username and Password fields. DFM will use the login credentials for the NetApp Management Console, while registered FAS will use local login rights (Root, etc. See Appendix for specific security rights for a non-Root user) 6. For NetApp Arrays, ensure the File Server button is selected. If it will act as a Primary Array in a SnapVault or SnapMirror relationship, ensure the Primary Checkbox is marked. This will also consume a license for SKU based customers. If this is a DFM component, ensure the DataFabric Manager button is selected. NetApp NFS Specific Integration Notes
Page 16
1. For VMware ensure the VMware Data Store array ID (FQDN or IP address in vCenter) matches what the array ID (IP or FQDN) in Array Management. For example, if the Data Store leverages the NetApp controller IP address then utilize the NetApp IP address for Array Management. The same rule applies for applications leveraging NFS storage. Ensure the same naming convention appears in array management as it appears for the application access. 2. For NFS Data Stores in VMware configurations Repeat Steps 2 7 from the preceding page for each IP used for NetApp NFS storage into Array Management. A single IP for a management interface is not sufficient for NFS configurations with SnapProtect in VMware 3. The VSA will need visibility into the storage network for NFS and iSCSI implementations. This may require a second network connection on the VSA for isolated storage networks.
Page 17
SnapProtect Storage Policy Configuration

SnapProtect operations require a Primary Snap Copy to house the indexing information for the data retained internal to the snapshots. Any currently defined or newly created Storage Policy supports the addition of an additional Primary Snap Copy. For detailed information on Storage Policy creation and the options available for configuration see the online documentation at: http://documentation.commvault.com/commvault/release_9_0_0/books_online_1/english_us/enus/universl/subclient/storage_device.htm To create configure a Storage Policy with a Snapshot Copy: 1. Select a Storage Policy and right click; select All Tasks; select Create New Snapshot Copy
2. Define a unique Copy Name of the newly created Snapshot Copy and define the Library and MediaAgent where the Snapshot Copy indexing information will be stored.
Page 18
3. Select the Retention tab and define retention for the number of days or cycles the snapshots will live internal to the array and click OK to create the Snapshot Copy
The configured Storage Policy will show both the previously defined Primary Copy and the new Snapshot Copy as seen below.
4. To protect Snapshot data in the Primary Snap Copy to the Primary Storage Policy Copy initiate a Backup Copy to backup the selected jobs. To define which snapshots are marked for inclusion of the backup copy operation select the previously configured Storage Policy, right click and go to properties. 5. Select the Snapshot tab. Under the Snapshot tab are the options to define which snapshots generate backup copies. The selection rules allow all snapshot operations to drive a synchronous backup copy or selectively choose snapshots based upon timing or manual selection. Any job meeting the rules for backup copy will be mounted on the defined proxy upon executing the backup copy operation.
Page 19
6. To execute the Storage Policy Backup Copy operation, simply right click on the Storage Policy, select All Tasks, and Run Backup Copy. The Backup Copy dialog box allows for backup copy creation on demand or through a schedule.
Page 20
Enabling SnapVault and SnapMirror SnapVault and SnapMirror copies are managed and controlled by creating a specified SnapCopy for the Vault and Mirror destinations. Execution of the Vault or Mirror process initiates through a simple Auxiliary Copy operation between Snap Copies. Simpana supports all Vault and Mirror configurations supported by NetApp Protection Manager Policies. To create configure a Storage Policy with a Snapshot Copy: 1. Select a Storage Policy and right click; select All Tasks; select Create New Snapshot Copy 2. On the General Tab define the copy name as well as the disk library target for indexing. Select the Protection Type as a Mirror or Vault Copy. Note, if Mirror is selected, the retention tab will remain greyed out as the Mirror copy will inherit the retention values of the primary Snap Copy. If Vault is chosen the Retention Tab will be enabled to define specific retention needs.
3. Under the Copy Policy Tab, define the Source Copy from which the Mirror or Vault process will execute from. A mirror can come from the Primary Snap copy or from another Mirror or Vault Copy. Same for a Vault Copy, with the one exception, a Vault cannot specify another Vault copy as the Source (this is not supported by DFM architecture with NetApp)
Page 21
4. Next go to the Provisioning Tab and select the Resource Pool (automatically imported from DFM) as the destination storage location for the Vault/Mirror copies.
5. Click Ok. At this point DFM will execute upon a conformance check and will create the protection policy internal to the NetApp Management Console.
Page 22
6. To execute the NetApp Thin Replication for Mirror or Vault, simply execute an Auxiliary Copy from the Source Snap Copy to the destination. Schedule this process as often as desired to synchronize the snapshot points in time from one array to the next.
Page 23
The SnapProtect Process

SnapProtect Backup Operation SnapProtect backups encompass the following operations: 1. Backup job initiates from the CommCell Console via schedule or an on demand Job 2. When the backup job starts the files system or associated applications or Virtual Machines properly acquiesce (VSS calls in Windows or through application interfaces such as RMAN to put the DB in a hot protection mode). In VMware configurations, vStorage APIs are called to create software snapshots and enable delta file creation for each of the guests targeted as contents of the snapshot. 3. Array API calls proceed next to: a. Verify the backup job contents (validate underlying disk structure for file systems, databases, VM data stores, etc. and the required log files) b. Create a snapshot or clone c. Mount up the snapshot on a selected proxy or the source computer for post snapshot operations (For e.g., Scan & Catalog for File System, Integrity checks for Exchange Database & backup to media if selected). For VMware and RMAN proxy configurations the Virtual Machines and database files will be registered by the proxy application software. 4. Array API calls proceed next to: a. Unmount the snapshot and retain based upon retention rules This snapshot now provides availability for backup copy operations and high speed restore /mount /revert operations. Backup Copy Operations A backup copy operation provides the capability to copy the snapshots of the data to media. You have the ability to enable/disable backup copy operations for a snapshot copy, i.e., once a backup copy is enabled, the snapshots will be copied to media during a Backup Copy operation. Additionally, the snapshots will be copied to media based on the backup copy rules specified for the snapshot copy. A backup copy execution occurs during the SnapProtect backup or at a later time. The backup copy operations can be useful for creating additional standby copies of data. When selecting/deselecting a job for backup copy operations, ensure that all the dependent jobs (e.g., incremental, differential, etc.) in the complete backup cycle are selected/deselected as the snapshots are copied to media in a sequential order. If a previously selected snapshot has not been copied to media, a request inline SnapProtect backup job will complete without creating the backup copy due to sequential order in which these copies must be made. An on demand offline backup copy operations must be scheduled for the current backup and the previously non copied job to get the data to backup media. Backup Copy operations mount the selected snapshots in sequential fashion to execute a file system level backup of the snapshots. Configuring SnapProtect on NetApp Storage Page 24
For Oracle and VMware, the backup copy operations will leverage RMAN and VADP to provide complete object integration (table level restore, single file access, etc.) in to the backup copy store. During the Backup Copy operation: 1. The snapshot is mounted to the source or proxy computer. The mounted snapshot receives commands to scan and backups like a normal file system and the required contents are read. 2. The file system backup is performed to Primary Copy of the Storage Policy of all defined files. The data is indexed and linked back to the original production host. 3. When the backup copy job is finished, the snapshot is unmounted and retained based upon SnapCopy retention settings. ** Note With Vault and Mirror operations it is possible to execute backup operations off of the Vault or Mirror copy. You must define the SnapCopy for Backup Copy execution on the Storage Policy properties. A new Subclient Option noted as Separate Proxy for Snap to Tape will allow servers local to the secondary and tertiary copies to mount the desired snapshots and drive the data protection operations to disk or tape.
Page 25
Production Host Configuration

For NAS Configurations Simpana SnapProtect supports NAS configurations on NetApp only. This configuration replaces the deprecated Quick Recovery configurations leveraging ONTAP local snapshots to drive scheduled snapshot operations and then execute NDMP backups from the those snaps. Like standard production hosts, enabling SnapProtect occurs on the NAS NDMP agent for NetApp FAS Arrays. 1. Configure the NAS NDMP iDA by selecting and then right clicking on Client Computers in the CommCell. Select new client, and in the next dialogue box choose NAS client. This produces the NAS NDMP Server screen. Enter in the NetApp FAS Hostname in the NDMP Server Hostname field and provide an account for NDMP Login with the associated password in NDMP Password. Typically Root is used here (See Appendix for Security Details for non-Root users). Click Detect to validate the configuration and login information are correct. The Vendor and Firmware Revision should populate with the appropriate details if the detection succeeds. Click OK to configure the NAS Client.
Page 26
1. Next select the NAS iDA server name just added and right click and select properties. Navigate to the Advanced Tab and select the Enable SnapProtect checkbox.
2. Create a new subclient (or simply use the default one) and select the Volumes that will leverage snapshots for protection. It is recommended to select the NFS and CIFS shares at the VOLUME level as NetApp snapshots will occur at the volume level. For best multi-threaded performance create multiple subclients for separate volumes to drive higher parallelism for backup copy creation.
3. After setting the contents, navigate to the SnapProtect Operations Tab and enable SnapProtect for this Subclient by selecting the SnapProtect checkbox. Choose NetApp as the available snap engine, and then set the appropriate Storage Policy under the Storage Device Tab. When completed, choose OK to save the configuration.
Page 27
4. The defined NFS/CIFS shares will now execute snapshots for their protection when backup jobs are selected. Backup copies will enact NDMP Backups from the defined snapshots based off the snapshot job selection in the Storage Policy. Incremental snapshots will leverage SnapDiff APIs to execute fast incremental indexes of the snapshot copies. Note** - Selecting Restore ACLS or Use Direct Access Restore is not applicable when restoring data from a snapshot. Note** - Cross-platform restores of NetApp data to Windows/Unix hosts using File System NDMP Restore Enabler is not supported with SnapProtect enabled operations.
Page 28
Application Configurations Protecting Application Databases and log volumes through an array snapshot provides fast access for recovery and many flexible options for data protection. SnapProtect integrates key application awareness together with the array and our Platform to deliver all of the benefits of traditional streaming backups with all of the performance and Proxy capabilities of a snapshot. The application awareness allows true log consistent hot backups with appropriate log management operations based off the contents of the data in the snapshot. SnapProtect aligns all of the log and data base volumes and snapshots using them in concert to provide fast low impact recovery points through the Array without scripts. Before stepping through any configuration steps, deploy the proper agents on the Production Host requiring snapshot integration with the Array. Application environments require: File System iDA (for the appropriate Operating System) The Base agent that manages and protects the file system data from the Production Host. File System contents are supported for SnapProtect operations as well, but it is recommended to define application data sets with the application iDA.
**Note - If no supported Application iDAs are available, end-user written Pre and Post Snap scripts can be used to acquiesce the unsupported application successfully for SnapProtect integration. MediaAgent Provides media management capabilities to execute array functions and provide LAN free access to snapshots for recovery CommVault VSS Provider Provide VSS interaction with the array and the Simpana Platform to ensure Microsoft applications are properly quiesced and protected during the snapshot process Application iDA for selected applications Provides low level application integration for Oracle, SQL, Exchange, VMware, Hyper-V, DB2, SAP, etc. ensuring the appropriate APIs are called when quiescing and releasing the application during the snapshot operations. This iDA will also align the volumes to be snapped based off the logical databases or contents defined in the subclient including logs. If five databases all have separate LUNS and log volumes, the application agent will defined the contents appropriately for all ten volumes to be snapshotted together.
Page 29
The following steps will configure the implemented Application Environment for SnapProtect operations: 1. First, enable SnapProtect on the Application Server acting as the Production Host in the CommCell GUI. Right Click on the server name, select All Tasks, and then select Properties. 2. Navigate to the Advanced Tab and check the box marked Enable SnapProtect. This will consume a SnapProtect license from the license key.
3. Browse to the Production Host Application iDA (in this case we are using Exchange Database iDA) and select the desired subclient to enable SnapProtect Operations.
Page 30
4. Browse to the SnapProtect Operations tab; check the SnapProtect box. Select NetApp as the Available Snap Engine.
5. To define Proxy configurations on the SnapProtect Operations tab click on the drop down box next to Use Proxy. This provides available servers to use as the Proxy during the index and backup copy operations. The selected server mounts the Array snapshot when a backup copy operation executes. If the Use source if proxy is unreachable is selected the snapshot will default to the Product Host if the defined proxy server is unreachable for any reason.
6. Ensure the Storage Device tab has a Storage Policy with a Snap Copy defined and click OK to close the Subclient properties.
Page 31
7. To execute a Snap Operation for the Application agent, simply schedule or generate a backup request of the previously configured subclient.
**Note - For Exchange Database SnapProtect operations, an ESE consistency check run on the snapshot copy to validate the consistency of the database files. This is enabled by default and can be found and modified under the advanced job options on the scheduled backup operation. It is highly recommended to leave this enabled to provide integrity checks to Exchange messaging environments.
Page 32
For VMware Configurations SnapProtect enables fast protection of large or volatile VMware environments without placing load on the production Virtualization Farm. SnapProtect technology integration with the Virtual Server Agent (VSA) enables the Array to perform backups in minutes even with large numbers of virtual machines and sizable data stores. A dedicated ESX server for Proxy data movement completely removes any utilization on the ESX farm with granular access providing individual file and folder recovery from the secondary tier of storage. Prior to configuring the virtualization environment, deploy the proper agents requiring snapshot integration with the Array. VMware specifically requires more security rights beyond the typical VADP use case. See the Appendix for security details in creating proper security environment for SnapProtect. Virtualization environments require the following agents: Virtual Server Agent (VSA) on the physical server(s) or virtual hot-add guest(s) File System iDA on the physical server(s) or virtual hot-add guest(s) MediaAgent on the physical server(s) or virtual hot-add guest(s)
The following steps will configure the implemented Virtualization Environment for SnapProtect operations: 1. First, enable SnapProtect on the physical or virtual server with the VSA Agent by selecting the server in the CommCell GUI. Right Click on the server name, select All Tasks, and then select Properties. 2. Navigate to the Advanced Tab and check the box marked Enable SnapProtect. This will consume a SnapProtect license from the license key.
3. Browse to the VSA iDA and select the desired backup set and then access the properties on the desired subclient to enable SnapProtect Operations. Configuring SnapProtect on NetApp Storage Page 33
4. Browse to the SnapProtect Operations tab, check the SnapProtect box. Select NetApp as the Available Snap Engine.
5. To define Proxy configurations on the SnapProtect Operations tab, below the Proxy ESX Server, click on Select ESX server for snap mount. This opens a dialogue box with the available ESX servers in the environment. Select the desired ESX server to perform the Proxy operations for generating granular backups to disk/tape/cloud. The selected ESX server mounts the Array snapshot when a backup copy operation executes.
6. Ensure the Storage Device tab has a Storage Policy with a Snap Copy defined and click OK to close the Subclient properties. 7. To execute a Snap Operation for the VSA agent, simply schedule or generate a backup request of the previously configured subclient.
Page 34
Microsoft HyperV Configurations SnapProtect enables fast protection of large or volatile HyperV environments placing minimal load on the production Virtualization Farm. SnapProtect technology integration with the Virtual Server Agent (VSA) enables the Array to perform backups in minutes even with large numbers of virtual machines and sizable data stores. Granular access provides individual file and folder recovery from the secondary tier of storage along with the full guest .vhd files. Prior to configuring the virtualization environment, deploy the proper agents requiring snapshot integration with the Array. Microsoft HyperV is very similar to an application environment for the components necessary to execute SnapProtect operations. Microsoft HyperV virtualization environments require the following agents: Virtual Server Agent (VSA) on the Microsoft HyperV physical server(s) or virtual cluster server(s) File System iDA on the Microsoft HyperV physical server(s) or virtual cluster server(s) MediaAgent on the Microsoft HyperV physical server(s) or virtual cluster server(s) CommVault VSS Provider on the Microsoft HyperV physical server(s)
The following steps will configure the implemented Virtualization Environment for SnapProtect operations: 1. First, enable SnapProtect on the physical or virtual server with the VSA Agent by selecting the server in the CommCell GUI. Right Click on the server name, select All Tasks, and the n select Properties. 2. Navigate to the Advanced Tab and check the box marked Enable SnapProtect. This will consume a SnapProtect license from the license key.
3. Browse to the VSA iDA and select the desired backup set and then access the properties on the desired subclient to enable SnapProtect Operations.
Page 35
4. Browse to the SnapProtect Operations tab; check the SnapProtect box. Select NetApp as the Available Snap Engine. To define Proxy configurations on the SnapProtect Operations tab click on the drop down box next to Use Proxy. This provides available servers to use as the Proxy during the index and backup copy operations. The selected server mounts the Array snapshot when a backup copy operation executes.
Note** - Always select a proxy if this client is a node of a Hyper-V Live Migration Cluster 5. Ensure the Storage Device tab has Storage Policy with a Snap Copy defined and click OK to close the Subclient properties. 6. To execute a Snap Operation for the VSA agent, simply schedule or generate a backup request of the previously configured subclient.
Page 36
Proxy Configuration
SnapProtect provides a modernized architecture for handling data protection operations within the datacenter. Proxy capabilities enable an array based snapshot to mount off-host eliminating backup processes on the production servers and linking indexing information to the original location. Allowing for multiple snapshots from differing servers across high-speed FC and IP networks eliminates any compression, deduplication, and encryption load and centralizes this execution to a dedicated tier of services. Each OS with a SnapProtect client requires a similar OS for proxy (i.e. Windows to Windows, Linux to Linux, etc.) execution. Simpana will automatically link indexing information back to the original host enabling full application protection for recovery purposes. Execution of application integrity checks may also occur on the Proxy servers to validate the data prior to backup creation. For a configuration where snapshots mount off host to a Proxy server, implement the following agents on the Proxy server.
File System iDA (Must be similar to Production Host OS) MediaAgent Application Specific Binaries for Proxy (i.e. Exchange Management Pack, Oracle & RMAN, etc.)
For Exchange Any Proxy configuration interacting with Exchange Databases provides the capability to execute an ESE Integrity check against the Exchange Database. In order to enable the Proxy to validate the Microsoft Exchange database files, install the proper version of the Microsoft Exchange Management Tools from the Exchange installation media on to the Proxy.
Page 37
Upon implementation of the management tools, verify the implementation of the necessary MediaAgent and File System as well. This enables the Proxy for selection as the Proxy Host in the application subclient contents. When scheduling the Microsoft Exchange SnapProtect backup operation, click the advanced button. This will bring you to the General Options to enable the integrity check for the Exchange Backup job upon Snapshot Index completion.
For Oracle SnapProtect supports Unix and Linux based ASM (Automatic Storage Management) and RMAN backups with Array based snapshots. With this support SnapProtect enables RMAN based movement to disk/tape allowing Recovery Manager (RMAN) for the movement to media operation. This however, requires the installation and configuration of the Oracle binaries and the configuration of an Oracle instance on the Proxy server. In order to perform a proxy based SnapProtect backup or restore operation; configure the following on the proxy computer: The Oracle database instance on the proxy machine should be the same version as the source. For example if Oracle 10.2.0.4 is installed on source then the proxy should be 10.2.0.4 ASM instances require configuration for both ASM and the RDBMS instances on the Proxy. The catalog user and the catalog database must be the accessible by the source and the proxy Oracle instances. Best Practice is to mount the snapshots on the same mount point as the source. Best Practice is to ensure that the data and log mount points do not overlap. Page 38
Before executing any ASM based Snapshot or Movement to media jobs, run the following commands: o cd $ORACLE_HOME/rdbms/lib o gmake -f ins_rdbms.mk ikfed; ensure that kfed is specified in the path.
After putting the above configurations and considerations in place, the configured server may enable RMAN for tape movement and properly manage ASM databases in a proxy configuration.
Note** - Table Level restores of SnapProtect data is now supported. Note** - It is highly recommended to work with Professional Services to ensure successful implementation of SnapProtect with Oracle databases, especially in Proxy Configurations
Page 39
Configuration Verification Using SnapTest

Validation of the SnapProtect configuration prior to running production jobs occurs through the SnapTest utility. This tool, located in the Base folder of the Simpana installation, allows one to check array connectivity and exercise the hardware snap engine to create and remove snapshots. Running this prior to productions routines will validate the configuration is properly defined on the Production Host side. 1. Locate the SnapTest executable in the base directory (\simpana\base\snaptest.exe) and run it from the Command Line.
2. Enter option 1 Show HBA/iSCSI address (example shows iSCSI configuration)
Page 40
In this example the LUNs are being exposed via iSCSI 3. Choose Option 2 Send SCSI inquiry to the storage device
For Windows Servers enter a drive letter or mount path for the mount point. In a Unix/Linux environment, enter only a mount path location.
Page 41
The iSCSI LUN presentation from the NetApp FAS shows in the inquiry string output. This validates we have an array based volume to execute snapshot operations from. 4. Choose option 3 Snapshot management
Page 42
Select the appropriate Snap Engine 5. Exercise the selected Snapshot Engine by choosing C
Page 43
6. Enter the Mount Point for the volume(s) on the NetApp FAS
Page 44
7. Execute array options for Mounting, Dismounting, etc as necessary. Successful creation and deletion of snapshots will verify the configuration is likely correct. Enter D to delete
Page 45
Note that snap identifiers will require that the - be included as shown here.
8. Once deleted, the snapshots will no longer exist in the array. Choose option E to exit from the Snap Engine Operation menu.
Page 46
Security & Storage Policy Best Practices

Security Roles The power of a Storage Array in providing fast full volume recovery changes data architectures and SLA alignment. Any technology providing fast sweeping recovery directly linked to production data can be potentially dangerous without proper controls. Revert operations are perfect for massive data corruptions on productions volumes that require fast recoveries, assuming the proper controls are in place to allow only those who understand what the defined action will do for/to the business. Typical script based tools lack these controls and expose environments to high risk side effects with very little oversight or reporting. A single mis-aligned scripted argument could bring an entire production database environment down and cause catastrophic data loss. Further, restoring data through array based reverts when a single file/database is all that is necessary can destroy entire collections of data resetting the environment back hours or days if done incorrectly. Recent mail, revenue transactions, business data, etc. would all be lost due to a simple mistake in operation Rather than risking the business to make or beat the backup window with scripts or standalone tool sets, an integrated data management platform should provide proper safety controls to allow critical actions to entrust the right users at the right time while ensuring a reporting and audit system to overlay the full end-to-end view. In most medium to large environments, application operational responsibilities, backup, DR, compliance and audit may be distributed functions that need to be coordinated into a single policy. The embedded role based security system native to Simpana automates this function. For Example, a customer may have three specific roles within an operations environment Backup Admins Application owners (DBAs) Audit & Business Compliance
Each of these roles own specific responsibilities to managing and protection the enterprise. Backup Admins are the typical day to day operators with access to perform standard backup and recoveries, manage media, issue reports, etc. However, the Backup Admin Role may not be the right team to execute application level recoveries or have the capabilities to issue array based reverts for recoveries due to knowledge and awareness of the application architecture. The Application Owner Role is not so concerned about the general day to day backup environment, but is laser focused on the application space they own. They need to know what tools are available to them and who has the capabilities to execute on those toolsets at any time as they manage the applications running the business. Any recovery operations involving their applications, especially powerful techniques such as Array reverts and snapshots must be managed from their group to mitigate any risk to the business. The Audit Role simply needs to eliminate red flag events and provide security, operational, and process proof of who can perform what and how.
Page 47
For this three specific roles should be defined solely for the SnapProtect and Application iDAs within the CommCell. An example of this basic security structure as defined in Simpana Security Roles is below: Audit Team
X X X X X X X X X X X X X X X X X X
(For Application Clients or Groups) Assigned to SnapProtect Application Client Groups
Backup
Security Roles
Administrative Management Agent Management Agent Scheduling Alert Management Browse Browse and In-Place Recover Browse and Out of Place Recover Compliance Search Data Protection Data Protection Management End User Search Job Management Library Management Library Administration License Management MediaAgent Management Report Management Storage Policy Management User Management Vault Tracker Operations
Application
X X X X X X X X X X X
(Separate groups may provide this grouping of users more right for other objects in the CommCell. This solely highlights the ability to lock down capabilities for the applications to ensure that an entire volume is not inadvertently reverted with SnapProtect integration.)
Page 48
Storage Policies Managing proper retention on the snapshot copies becomes another critical requirement. Improper retention either increases the amount of tier 1 storage that is holding recovery points, or it causes the snapshots to fall short of fully meeting SLA requirements for the business. Simpanas Storage Policies are broken down into copies for managing retention on the proper tier of storage. In the typical Storage Policy for SnapProtect, three copies will be available, the Primary SnapCopy, the Primary backup to disk copy, and the Offsite disk/tape copy. Properly meeting SLA requirements for the business requires proper alignment for the retention characteristics of each of the storage tiers. For example, SLAs for Sub 24hr RPO/RTO drastically lower the returns on leveraging snapshot technology on copies beyond 48hrs. The typical Best Practice for Storage Policy configuration will change from environment to environment, with the standard retention aligning to the primary recovery time for the SnapCopy with the primary backup to disk and tape copies providing SLA coverage for complete Site based disasters. For Example, with the previous description retention may be set in the following way: Primary SnapCopy 2days & 0 Cycles Primary Disk Copy 28days & 1 Cycle Offsite Disk/Tape Copy 60days & 1 Cycle
This definition allows snapshot retention on a 48hr rotation providing multiple high-speed recovery points available on the array to meet the SLA requirement. This configuration requires storage space allocation to maintain two persistent days of change for the associated clients. By setting cycles to 0, the removal of old snapshots occurs regardless of success, so proper alerting and monitoring is required. The other recommended option for SnapCopy retention sets the days variable to 0 and focuses solely on the Number of cycles. In this configuration full backups must occur frequently to allow for proper snap management. With this setup, the # of snapshots retained will be determined on the number of cycles configured. The scheduled frequency becomes very important to defining the environment conditions. If 8 snapshots execute over a week timeframe, then 7 days of delta change must be available in the Array configuration. If 8 Snapshots execute in a 48 hour period, only 48hrs of delta change must be available in the Array configuration. Fully understanding the schedule and process configurations enable making the proper retention setting when keying off of cycles. Improperly setting retention and effects of days and cycles can adversely affect the available recovery scenarios for the business applications. This definition will then enable the Primary and Secondary backup to disk and tape copies. Backup Copies should follow that standard backup schedule for the production (i.e. daily backups should equate into at least one SnapCopy Point in time to drive local and offsite backups). Remember, backup copies will execute synchronously, and the failure to backup SnapCopys to disk/tape will extend the storage requirement on the Array, as the snapshots will not prune until the selected recovery points execute in a Backup Copy to disk/tape copies. Application data will always be consistent on this data movement. Backup Copy operations will always use File System mechanisms to protect the properly acquiesced applications except in the instance of RMAN Proxys in an Oracle configuration. The rest of the data aging follows the standard days and cycles rules for purging off data sets.
Page 49
Note** - Snapshots may be deleted from the array due to factors like low disk space on the array, number of snapshots exceeds the threshold etc. and the jobs corresponding to these deleted snapshots can no longer be used for any data recovery or backup copy operations. Use the nRunSnapRecon registry key to start snap reconciliation to check for missing snapshots once in every 24 hours and marks jobs corresponding to the missing snapshots as invalid. See Appendix for detailed information.
Page 50
Manipulating Snapshots
Part of the value of creating and leveraging snapshot is the flexible options it provides IT in achieve typical tasks by leaning on the high speed storage infrastructure to efficient results. Out of place refresh, single file recoveries, mount and browse capabilities, etc. provide flexibility in executing daily IT operations. The following sections describe how to perform these operations for hosts protected with SnapProtect. 1. Snapshot access is always achieved via right clicking on your defined object and selecting the All Tasks options and selecting List Snaps
2. The snapshot list for the client application is displayed when the List Snaps item is selected. From the dialog several snapshot operations are available.
Page 51
Mount/Dismount Snaps for Manual Browse

1. After accessing the available snapshots for the selected client, mount the desired snapshot by a right click on the snapshot shown in the menu. Select the mount operation to continue Note** Any writes or updates made to a mounted snapshot will be lost when the snapshot is dismounted. Ensure any changes required to retain are protected while the snapshot is mounted
2. The following dialog appears. Click Yes to continue. On NetApp arrays the mount time rarely will exceed 30 45 seconds.
3. Define the host you wish to mount the snapshot to (this must be a MediaAgent). Ensure the host has the appropriate Storage Zoning to mount this snapshot. If this is an iSCSI volume log in the initiator for this host if not already done, otherwise the mount will fail. For Destination Path, select a mount point. This must be a folder, and is recommended to be an empty folder.
4. Once the snapshot is mounted the following dialog will appear. Click OK.
Page 52
5. The Snapshot list updates with the current information on the snap which will include the mount path and the updated time of the mount operation.
6. The mounted snapshot can now be accessed from the mount host.
Page 53
7. Dismount of the snapshot is a simple process. Select the mounted snapshot and use the right click menu to select the Unmount option.
8. The following dialog will appear. Click OK to continue.
9. Once completed the following dialog will appear.
Note** - It is important to remember to dismount the snapshot once finished. If a snapshot has been manually mounted it will not be pruned until it no longer is being accessed. Mounted snaps that have not been copied for backup copy will fail on the backup copy operation until they are unmounted.
Page 54
Reverting a Snapshot
There are two ways to revert a snapshot. One is application aware and one is not. Generally the application aware revert is the mechanism to use. Application Aware Revert 1. An application aware revert is done in the context of a standard recovery. This starts with browsing for the application data to be restored. Click the Browse Backup Data menu item.
2. The backup selection dialogue appears to select the time frame from which the restore will take place. Here the latest backup will be used. Click OK.
Page 55
3. The browse window will appear from which the appropriate application data can be selected for restore. The entire information store for Exchange is selected. Click the Recover All Selected button.
4. The Recovery dialog box appears. Select the Advanced Button.
Page 56
5. In the Advanced Dialog check the Use hardware revert option and click OK to the warning dialog to proceed with the revert operation.
This will execute a LUN revert from the Latest Snapshot back to the production Server (in this case we showed Exchange). Note** - Some Applications require an overwrite option for any restore to occur including LUN based Reverts. Ensure Applications such as Exchange and others have the appropriate overwrite settings defined for this to execute properly. ALL FILES and DATABASES will be rolled back to the point in time of the last snapshot. DO NOT REVERT IF NOT ALL DATA REQUIRES TO BE ROLLED BACK TO THE PREVIOUS POINT IN TIME!
Page 57
Non Application Aware Revert A hardware revert can be done which is not application aware as well. This is done directly from the snapshot list. This process initiates a rollback for the selected volumes instantly to the desired point in time without communicating with applications for graceful restore. This option may be leveraged for file systems and shut down application environments. 1. The process begins by selecting the List Snaps menu item to bring up the list of snapshots dialog.
2. When the dialog appears, select the desired snap and use the right click menu to select the Use hardware revert option to revert the snap. The following confirmation dialog will appear.
3. Validate this operation is correct and type Confirm in the dialog box and click OK to perform the operation. Configuring SnapProtect on NetApp Storage Page 58
Note** - Caution should be taken when using the non-application aware revert functionality as you can corrupt a running application as a result of this operation. You should be absolutely sure that you will not cause any data corruption issues before using this option.
Page 59
Out of Place Restore Capabilities (VMware Example)

Within the restore process snapshots can be used just like any other media based backup. MediaAgent software and access to the NetApp array for access to the snap directly is a requirement. Also, the corresponding application agent must be installed on the target for it to be an eligible candidate (if necessary). 1. To restore out of place select the Browse Backup Data option for the desired data set. Select the appropriate time or the latest backup.
Page 60
2. Depending on the application different options are available for out of place restore. In this example the graphics show a VSA agent used to backup VMs which live in a data store which is an NFS share being presented by the NetApp FAS. The selected VM will be restored to a different data store with a new name. Browse into the subclient contents and select the data to be recovered out of place. In this case the selection is a Virtual Machine.
3. When the Recover All Selected button is clicked the following dialog appears to direct the restore activity. Note the VM Name. The ability to automatically enable the VM can be done through the Power ON Virtual Machine After Restore box.
Page 61
4. The Browse Virtual Center / ESX Server for Destination provides out of place selections. Here DataStore_3 is the location for the VM recovery. Select OK, and then OK again on the Restore Options windows to execute the recovery, out of place.
Page 62
Page 63
Appendix
The SnapMirror Process Explained
Make sure destination filer has SnapMirror access to the source filer. The SnapMirror filer's name or IP address should be in /etc/snapmirror.allow. Use wrfile to add entries to /etc/snapmirror.allow:
source-filer> wrfile /etc/snapmirror.allow destination-filer <Ctrl+C> source-filer> rdfile /etc/snapmirror.allow destination-filer
Alternatively, you can also go into each of the hosts in DFM and configure the FAS for the proper security rights for source and destination. This is done by selecting the Hosts section and editing the During the First Auxiliary Copy Job (to get the full detailed Snap Management plan for SnapMirror/SnapVault to run) it runs will always give you a Conformation check:
Page 64
During every SnapMirror Auxiliary Copy, SnapMirror will create a BackupVersion basically a new Snapshot of the entire volume requiring replication:
Once a new Snapshot for SnapMirror is available the Snapshot is listed under the volume on the Primary Filer:
Page 65
That has a relationship with the current SnapMirror session:
On the destination filer site, we notice the same Snapshot has been sent. In addition, if there were any previous SnapMirror on-demand jobs run, only the very last one will stay on the target box:
NetApp calls this a Swizzling Process. That is, the primary FAS takes delta set between the original snapshot used from the previous SnapMirror job and the new snapshot created for the current SnapMirror job. Only the details of the snapshot and the deltas are sent to the destination FAS, and will refer to the previous snapshot (that used to be the target SnapMirror session) and will de-swizzle the volume to match what is in the primary FASs side. The previous snapshot does not get deleted as the entire de-swizzling process is a background job.
Page 66
SnapMirror and DataAging Explained Once a job has been Data-Aged or even deleted manually, the job will no longer appear in the SnapMirror target as well (SnapVault is not affected here): Pre-deleted:
Page 67
Post-Delete: Primary FAS
CommVault on the SnapMirror:
Page 68
Secondary FAS:
The DataAging process will not remove this either. Only the next AuxCopy will this is after a new job has run (AuxCopy complains there is no new data to move): Primary FAS shows a new snapshot used for SnapMirror:
Page 69
Secondary FAS now shows the new snapshot here, but the de-swizzle process has not removed the volume snapshot pertained to Job 18.
Now the Job has been deleted from within Simpana. This wont affect the SnapMirror relationship until the next job is run and another Auxiliary Copy has been run, the latest SnapMirror Snapshot that was synchronized to the Secondary FAS will be the one responsible for deleting the snapshot on the destination FAS box.
Page 70
VADP-SPE User Permissions

A dedicated account can be used for performing VSA with SnapProtect. This account requires additional permissions for the VADP User role. This account is only required in the event a restricted account is desired.
Backup Permission Requirements

Datastore
Allocate Space Browse a datastore Configure Datastore Remove Datastore
Restore Permission Requirements

Datastore Allocate space Host Configuration Storage partition configuration Network Assign network Resource
Assign virtual machine to resource pool Assign vApp to resource pool
Host Configuration
Storage partition configuration
Virtual machine Configuration

Disk Change Tracking Disk Lease Low Level file operations
Virtual machine Provisioning

Allow read-only disk access Allow virtual machine download Clone virtual machine
Virtual machine Configuration

Add existing disk Add new disk Add or Remove device Advanced Change CPU count Change Resource Disk change Tracking Disk Lease Host USB device Memory Modify device setting Raw device Reload from path Remove disk Rename Reset guest information Settings Swapfile placement Upgrade virtual hardware
Virtual machine State

Create snapshot Remove snapshot
Virtual machine Interaction

Power Off Power On
Virtual machine Inventory

Create new Register Remove Unregister
Virtual machine Provisioning

Allow disk access Allow read-only disk access Allow virtual machine download
Virtual machine State

Create snapshot Remove snapshot Revert to snapshot
Page 71
Snap Reconciliation Registry Key

This key validates Simpana created snapshots have not been altered externally to the software invalidating recovery options.
Location Windows HKEY_LOCAL_MACHINE\SOFTWARE\CommVault Systems\Galaxy\Instance<xxx>\MediaManager Unix Not Applicable NetWare Not Applicable Key Value Value Type Valid Range Default Value Created in Description nRunSnapRecon (optional) Not Applicable DWORD 1 or x, where 'x' is any other value than 1 None Client Computer To enable Snap Reconciliation from the Media Manager. When this registry key is set to 1, the snap reconciliation is enabled and the MM will run the snap reconciliation every 24 hours. When this registry key is set to 0, the snap reconciliation is disabled. Also, the absence of this registry key is considered as if the value is set to 0 and hence the snap reconciliation will not be started. N/A
Additional Information Applies To
SnapProtect Backup
Page 72
Array Credentials for a Non Root User

To use a Non-Root user for the Array configuration and NDMP configurations follow the command steps below: Snapprotectrole may be names as the customer chooses Snapprotectgroup may be named as the customer chooses SnapProtectuser may be named as the customer chooses The first command creates the SnapProtect Role with the proper rights The second command adds this role to a newly created SnapProtect group The third command creates the user to for the Array credential field in the Simpana Control Panel NetApp1> useradmin role add snapprotectrole -c SnapProtect Management Role" -a login-ndmp,loginhttp-admin,api-* NetApp1> useradmin group add snapprotectgroup -c snapprotectrole SnapProtect Management Group" r
NetApp1> useradmin user add snapprotectuser -c SnapProtect Management Account" -n S Admin" g snapprotectgroup The same user can be used for NDMP credentials by using the encrypted password NetApp1> ndmpd password snapprotectsuser
Page 73

COMMVAULT SnapProtect FieldGuide For NetApp Storage - Including SnapMirror and SnapVault Integration

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

COMMVAULT SnapProtect FieldGuide For NetApp Storage - Including SnapMirror and SnapVault Integration

Hochgeladen von

Copyright:

Verfügbare Formate

Simpana SnapProtect Field Guide for NetApp Storage

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

SnapProtect Field Guide Objective & Overview

Configuring SnapProtect on NetApp Storage

NetApp Storage Overview

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

CommVault Integration Requirements for SnapProtect

Configuring SnapProtect on NetApp Storage

Minimum ONTAP Version2

FAS Licensed Feature

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

SnapProtect Array Configuration Details with NetApp FAS

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

SnapVault & SnapMirror

Configuring SnapProtect on NetApp Storage

Steps to Configure the NetApp Architecture

2. Select Add on the Array Management Dialog Box

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

SnapProtect Storage Policy Configuration

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

The SnapProtect Process

Configuring SnapProtect on NetApp Storage

Production Host Configuration

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

Configuration Verification Using SnapTest

2. Enter option 1 Show HBA/iSCSI address (example shows iSCSI configuration)

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

Security & Storage Policy Best Practices

Configuring SnapProtect on NetApp Storage

(For Application Clients or Groups) Assigned to SnapProtect Application Client Groups

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage

Configuring SnapProtect on NetApp Storage