Veritas-bu

[Veritas-bu] Setting list/restore security for virtual clients

2004-05-05 15:26:40
Subject: [Veritas-bu] Setting list/restore security for virtual clients
From: fahnoe AT FahnoeTech DOT com (Larry Fahnoe)
Date: Wed, 5 May 2004 14:26:40 -0500
Hello,

In a NBU 5.0 environment, we have several Solaris and Windows clusters
and have been backing up both the individual host filesystems and the
virtual server filesystems that are being offered.  Example:

  C1-hostA     10.0.0.1   / /usr ...
  C1-hostB     10.0.0.2   / /usr ...
  C1-virtual1  10.0.0.10  /u100 /u101 ...
  C1-virtual2  10.0.0.11  /u200 /u201 ...
  C1-virtual3  10.0.0.12  /u300 /u301 ...

The virtual addresses and filesystems float between nodes via either
MS or Vx cluster services.  We have a policy that backs up the host-
specific filesystems (/ /usr ...) on the two C1-hosts and then three
other policies that back up the virtual filesystems on the appropriate
virtual host.  The NetBackup client has not been told about the
virtual services (I don't know how do to that).

This works just fine with a couple of limitations: 1) failover during
backups is not pretty, and 2) I cannot list or restore a virtual
service from either of the clients.  I can do the list and restore
from the master and media servers.

The bp.conf on the two hosts have a CLIENT_NAME entry which matches
the hostname.  When I attempt a bplist -l -b -C C1-virtual2 from
either of the two C1-host[AB] I get a STATUS 135, client is not
validated to perform the requested operation.

We are currently not using either Access Management or Enhanced
Authentication and Authorization.  I can solve the problem with a
db/altnames entry for every actual host name listing each virtual
name, but this seems cumbersome.

What is the proper way to solve this problem, is there one?  

I'm starting to work with the Oracle agent to back up clustered
databases and I want to use the virtual server names, but the bplist
failure is precluding the client from doing the backup as it checks to
make sure the file it is about to back up has a unique name.

Thanks for any ideas!

--Larry

-- 
Larry Fahnoe, Fahnoe Technology Consulting, fahnoe AT FahnoeTech DOT com
952/925-0744      Minneapolis, Minnesota       www.FahnoeTech.com 

<Prev in Thread] Current Thread [Next in Thread>