Tuesday, November 27, 2012

NDMP, NETAPP and CA ARCserve Backup 12.5

 Configuring NetApp FAS 3xxx controllers to use NDMP

1)      Verify the tape device is on Netapp’s Data Protection Supported Devices list
a.       http://www.netapp.com/us/solutions/a-z/data-protection-devices.html
b.      If needed just download the configuration file for your device from the web site listed above.
 Note: The configuration file should have a TCF extension. This is an example of a TCF file for my device which happens to be an HP ULTRIUM 4-SCSI tape drive (FC connected).

file name = HP_LTO4_ULTRIUM.TCF

# Configuration file for Hewlett-Packard tape drive HP LTO Gen4 AKA ULTRIUM-4
# Version 1.0
# Copyright (c) 2008 NetApp
# All rights reserved.

vendor_id="HP"
product_id="Ultrium 4-SCSI"
id_match_size=9

vendor_pretty="Hewlett-Packard"
product_pretty="LTO-4"

l_description="LTO-2(ro)/3 2/400GB"
l_density=0x00
l_algorithm=0x00

m_description="LTO-2(ro)/3 4/800GB cmp"
m_density=0x00
m_algorithm=0x01

h_description="LTO-4 800GB"
h_density=0x46
h_algorithm=0x00

a_description="LTO-4 1600GB cmp"
a_density=0x46
a_algorithm=0x01

autoload="yes"

2)      Verify / Install the Tape Configuration file
* Check the Netapp etc$\tape_config folder to see if the configuration file already exists.

       netapp> rdfile /etc/tape_config/HP_LTO4_ULTRIUM.TCF

 Note: the configuration file is just a text file that can be opened in any text editor.



The following steps may or may not be needed on the individual FC ports. When we purchased our controllers we purchased two additional quad port FC cards, one for each controller and each had been pre-configured as initiators, one less thing for my to do. 

1)   configure the appropriate Netapp FC port as an Initiator
a.       Warning: Changing the selected Netapp FC port from Target to Initiator will change the WWN associated with the port.
b.      Typically only the embedded Netapp FC ports can be configured as either Target or Initiator.  Because of this the fcadmin commands only work on those ports.  Usually, the expansion HBA’s installed into the Netapp Controllers are ordered hardcoded as Target or Initiator ports and can not be changed.
c.       The embedded Netapp FC ports are usually labeled as 0a, 0b, 0c, or 0d.  Be sure you know which FC port is being changed to the Initiator port.
                                                               i.      To map WWN to Netapp FC labels use this command.
netapp> fcp show adapter

d.      Run the following command to view the current FC Port configuration.

 netapp> fcadmin config

adapter    type        State                Status
0a             initiator  configured        online
0b             target     configured        online
0c             target     configured        online
0d             target     configured        online

e.       Disable the selected port
netapp> fcadmin config -d 0c

 Fibre Channel target adapter 0c offlined


f.        Change the selected port to an Initiator
netapp> fcadmin config -t initiator 0c

*A reboot is required for the new adapter configuration to take affect


g.       If this is a Netapp FAS Cluster you need to perform the same configuration, on the same port, on the partner Netapp controller.  port 0c would need to be configured in the same manner on the partner Controller.  This is required to support proper takeover and giveback during a failure.

h.       Reboot the controller
                                                               * If this Netapp FAS Cluster perform a takeover, reboot, and giveback on each of the controllers in the Netapp FAS cluster.
                                                              * If this is a single controller reboot the controller

i.         Enable / Verify the selected Netapp FC port
                                                               i.      The port should come back online after the reboot.  Use this command to verify.
netapp> fcadmin config

 adapter    type            State                Status
0a             initiator     configured        online
0b             target        configured        online
0c             initiator     configured        online
0d             target        configured        online

                                                             ii.      If the port is not enabled use the following command to enable it.
 netapp> fcadmin config -e 0c

j.        Obtain the current WWPN of the selected initiator port.
netapp> storage show adapter

 Slot: 0c
Description:
Firmware Rev:
FC Node Name: 2:101:001b32:ba7xxx
FC Node Name: 2:101:001b32:fa7xxx
FC Packet Size: 2048
Link Data Rate: 4 Gbit
SRAM Parity: Yes
External GBIC: No
State: Enabled
In Use: No
Redundant: Yes


                                                               The WWPN may be needed to do the FC zoning.

2)      Connect the Tape Device to the selected Netapp FC Port
a.       If using an FC Switch
                                                               * Zone the selected Netapp FC port to the FC tape device.
b.      If using a directly connected FC tape device
                                                               * Connect the FC tape device directly to the Netapp FC port.
c.       If using an Enterprise VTL
                                                               * Grant the Netapp WWPN access to the VTL as required.

3)      Reboot the selected Netapp FC Port to force a scan for new devices.  A scan for new devices is only done during a reboot or fiber state change.
                                                               i.      A fiber state change can be initiated using one of the following methods.
1.      On the FC Switch disable then enable the Switch port the selected Netapp FC port is connected to.
2.      Unplug the selected Netapp FC port from the switch or directly connect tape device.
                                                             ii.      Leave the port down for at least 2 minutes so the Netapp Controller properly detects the fiber state change and configures the FC port as offline.

4)      List the currently discovered devices.
a.       List the tape devices
netapp> sysconfig -t

b.      List robotic Tape Library devices
netapp> sysconfig -m

c.       If the tape devices are not listed review your configuration and/or perform another bounce of the selected Netapp FC port.

5)      Review and Enable NDMP on the Netapp Controller(s)
a.       Check NDMP current status
netapp> ndmpd status

b.      Enable NDMP
netapp> ndmpd on


Configuring NetApp to support CA ARCserve Backup for use with NDMP
 The last step in my configuration was to install and configure CA ARCserve Backup 12.5 SP3 on a Windows 2008 R2 Server. The install was straight forward, the only thing I had to do differently was to run through the "Device Configuration" (QuickStart>Administration>More on Device>Device Configuration) setup.  During the setup I Selected "NAS Servers", then select "Add". Here you list the NetApp controllers by FQN with a user name and password ONLY.

note: I did run into an issue where "IF" I entered a tape device configuration name or controller name, gathered form the NetApp controller command (netapp> sysconfig -t and netapp> sysconfig -m), I couldn't run any restores from CA ARCserve backup? I chose to leave it blank. Still not sure why this was occurring but as of now my backups and restores are running great!   

 In general to support third party backup software integration with NDMP you will need to configure most of the following options on the Netapp controller(s). 

1)      On the Netapp Controller
a.       Add a backup user account for use by the software
useradmin user add backupuser -g “Backup Operators”

                                                               i.      Change the backupuser name as needed for your environment
                                                             ii.      Enter the user password when prompted.

b.      Specify the NDMP password length
                                                               i.      Users that do not have root access must enter a system generated NDMP password to run NDMP operations on the Netapp controller.  This password will also be used to authenticate the backup user when used with third party backup software.
options ndmpd.password_length {8 | 16}

                                                             ii.      The system generated password can be either 8 or 16 characters in length.

c.       Generate an NDMP password for the backup user.
                                                               i.      Use the following command to generate the NDMP password.
ndmpd password backupuser

                                                             ii.      Record the generated NDMP password.
                                                            iii.      This password is good until the regular password for this account it changed.  Once the regular password is changes you must repeat this command to obtain a new system generated password.
                                                           iv.      The system generated password will be unique to each Netapp Controller.

d.      Grant NDMP access to the host name of the server running the third party backup software.
options ndmpd.access host=server.domain.fqdn

                                                               i.      This host name must be resolved via DNS or it should be manually added to the etc$\hosts file.  You may use the IP Address instead of the DNS name.
                                                             ii.      Optionally, you can grant NDMP access to all hosts using the following command.
options ndmpd.access all

1.      By default all hosts should be granted NDMP access.  It is recommended you leave this setting at its default value.

e.       Specify the NDMP authentication type
options ndmpd.authtype {challenge | plaintext | plaintext,challenge}

                                                               i.      Challenge (MD5) is the preferred and more secure method.
                                                             ii.      Refer to your third party backup software to determine which authentication type you should configure.

f.        Enable or disable NDMP connection logging
                                                               i.      This will log NDMP connections to the etc$\messages file and can be useful for troubleshooting or auditing access.
options ndmpd.connectlog.enabled {on | off}

g.       Configure the type of Tape Reservation to use.
                                                               i.      Sharing the Tape Drive and/or Media Changer between multiple systems requires all the systems to use the same Tape Reservation method.  This may not be required if the Tape Drive and/or Media Changer is dedicated to a single Netapp Controller.
options tape.reservations {scsi | persistent | off}

                                                             ii.      The two tape reservation methods are SCSI-Reserve and SCSI-Persistent.  SCSI-Persistent reservations are not affected by error recovery mechanisms, such as loop reset, but not all devices implement SCSI-Persistent reservations correctly.

h.       Determine or set NDMP version
                                                               i.      Determine NDMP version
ndmpd version

                                                             ii.      Set NDMP version
ndmpd version {1 | 2 | 3| 4}

1.      Use this command to specify an NDMP version compatible with your third party backup software.  The highest NDMP version is 4.



To verify if your software is compatible with Netapp’s NDMP use the following link
http://www.netapp.com/us/solutions/a-z/backup-to-tape/backup-to-tape-ndmp.html


Monitoring and Managing NDMP sessions

You can monitor and manage NDMP sessions directly from the Netapp system console using the following commands
1)      View NDMP Session details
ndmpd probe [session]
2)      Terminating an NDMP session
ndmpd kill session
3)      Enable NDMP debug log messages
ndmpd debug {10 | 30 | 50 | 70}
4)      View current NDMP debug log setting
 ndmpd debug

Posted by at 1 comment:
Subscribe to: Posts (Atom)