DD OS 5.0 Administration Guide

DD OS 5.0 Administration
Guide
Backup Recovery Systems Division
Data Domain LLC
2421 Mission College Boulevard, Santa Clara, CA 95054
866-WE-DDUPE; 408-980-4800
759-0007-0002 Revision B
January 14, 2011
Copyright © 2009-2011 EMC Corporation. All Rights Reserved.
EMC believes the information in this publication is accurate as of its
publication date. The information is subject to change without notice.
THE INFORMATION IN THIS PUBLICATION IS PROVIDED "AS IS." EMC
CORPORATION MAKES NO REPRESENTATIONS OR WARRANTIES OF
ANY KIND WITH RESPECT TO THE INFORMATION IN THIS
PUBLICATION, AND SPECIFICALLY DISCLAIMS IMPLIED WARRANTIES
OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Use, copying, and distribution of any EMC software described in this
publication requires an applicable software license.
EMC, Data Domain, and Global Compression are registered trademarks or
trademarks of EMC Corporation in the United States and/or other countries.
All other trademarks used herein are the property of their respective owners.
2
Contents
About This Guide. . . . . . . . . . . . . . . . . . . . . . . . . . .23
Related Documents . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Contacting Data Domain . . . . . . . . . . . . . . . . . . . . . . . . 25
1 Introducing the Data Domain System . . . . . . . . . . .27
Data Domain Systems . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Data Domain System Features . . . . . . . . . . . . . . . . . . . . 28
Data Integrity. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Data Compression . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Restore Operations . . . . . . . . . . . . . . . . . . . . . . . . . 30
Data Domain Replicator . . . . . . . . . . . . . . . . . . . . . . 30
Multipath and Load Balancing . . . . . . . . . . . . . . . . . . 31
System Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Licensed Features . . . . . . . . . . . . . . . . . . . . . . . . . . 32
How Data Domain Systems Integrate into the Storage
Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Backup Software Requirements . . . . . . . . . . . . . . . . . 35
Application Compatibility Matrices and Integration
Guides . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
View Data Domain Application-Related Documents . . 36
Generic Application Configuration Guidelines . . . . . 36
DD OS 5.0 Administration Guide
3
2 Getting Started . . . . . . . . . . . . . . . . . . . . . . . . . 37
Interacting with the System . . . . . . . . . . . . . . . . . . . . . .37
Using the Enterprise Manager . . . . . . . . . . . . . . . . . . . . .38
Log In and Out of the Enterprise Manager . . . . . . . . . . .38
Clear the Browser Cache . . . . . . . . . . . . . . . . . . .39
About the Enterprise Manager Interface . . . . . . . . . . . .39
DD Network Summary View . . . . . . . . . . . . . . . . . .39
Single System View . . . . . . . . . . . . . . . . . . . . . . .40
EM Page Elements . . . . . . . . . . . . . . . . . . . . . . . .40
Navigational Pane . . . . . . . . . . . . . . . . . . . . . . . .41
Masthead . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41
Informational Pane . . . . . . . . . . . . . . . . . . . . . . .42
Using the EM Configuration Wizard . . . . . . . . . . . . . . . . .44
Configure Licenses . . . . . . . . . . . . . . . . . . . . . . . . . .45
Configure the Network . . . . . . . . . . . . . . . . . . . . . . .45
Configure System Settings . . . . . . . . . . . . . . . . . . . . .45
Configure CIFS. . . . . . . . . . . . . . . . . . . . . . . . . . . . .46
Configure NFS . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47
Configure DD Boost . . . . . . . . . . . . . . . . . . . . . . . . .48
Configure VTL . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49
Using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49
Log In to the System Using the CLI . . . . . . . . . . . . . . .50
Find Online Help for Commands . . . . . . . . . . . . . . . . .50
3 Managing Data Domain Systems . . . . . . . . . . . . . . 53
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53
Managing System Availability . . . . . . . . . . . . . . . . . . . . .55
4
Contents
Add a Data Domain System to the Enterprise Manager . . 55
Remove a Data Domain System from the
Enterprise Manager . . . . . . . . . . . . . . . . . . . . . . . . . 56
Reboot a Data Domain System. . . . . . . . . . . . . . . . . . 56
Power Off a Data Domain System. . . . . . . . . . . . . . . . 57
Working with Upgrade Images . . . . . . . . . . . . . . . . . . . . 57
List Upgrade Packages . . . . . . . . . . . . . . . . . . . . . . . 58
Upload Upgrade Packages . . . . . . . . . . . . . . . . . . . . 58
Upgrade a Data Domain System . . . . . . . . . . . . . . . . . 59
Remove an Upgrade Image . . . . . . . . . . . . . . . . . . . . 60
Managing System Licenses . . . . . . . . . . . . . . . . . . . . . . 60
Display Licenses . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
Add Licenses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
Remove Licenses . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Managing System Storage . . . . . . . . . . . . . . . . . . . . . . . 61
View System Storage Information . . . . . . . . . . . . . . . 61
Storage Overview . . . . . . . . . . . . . . . . . . . . . . . . 62
Status View . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
Disks View . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
Physically Locating a Disk. . . . . . . . . . . . . . . . . . . . . 66
Configuring Storage . . . . . . . . . . . . . . . . . . . . . . . . 67
Managing Network Connections . . . . . . . . . . . . . . . . . . . 67
Configuring Network Interfaces . . . . . . . . . . . . . . . . . 68
View Interface Information . . . . . . . . . . . . . . . . . 68
Configure Physical Interfaces . . . . . . . . . . . . . . . . 71
Configuring Virtual Interfaces . . . . . . . . . . . . . . . 73
Configuring a VLAN . . . . . . . . . . . . . . . . . . . . . . 83
DD OS 5.0 Administration Guide
5
Configuring an IP Alias . . . . . . . . . . . . . . . . . . . . .85
Registering a DDNS . . . . . . . . . . . . . . . . . . . . . . .87
Destroying an Interface . . . . . . . . . . . . . . . . . . . .88
View an Interface Hierarchy with the Tree View . . . .88
Configuring Network Settings . . . . . . . . . . . . . . . . . . .89
View Settings Information . . . . . . . . . . . . . . . . . . .89
Set Hostnames . . . . . . . . . . . . . . . . . . . . . . . . . .90
Manage a Domain Search List . . . . . . . . . . . . . . . . .91
Map Hosts . . . . . . . . . . . . . . . . . . . . . . . . . . . . .92
Set DNS IP Addresses . . . . . . . . . . . . . . . . . . . . . .93
Configuring Routes . . . . . . . . . . . . . . . . . . . . . . . . . .94
View Route Information . . . . . . . . . . . . . . . . . . . .95
Set the Default Gateway . . . . . . . . . . . . . . . . . . .96
Create Static Routes . . . . . . . . . . . . . . . . . . . . . .96
Delete Static Routes . . . . . . . . . . . . . . . . . . . . . .98
Managing Access to the System . . . . . . . . . . . . . . . . . . . .98
Manage Administrator Access . . . . . . . . . . . . . . . . . . .98
View Administrator Access . . . . . . . . . . . . . . . . . .99
Manage Telnet Access . . . . . . . . . . . . . . . . . . . . .99
Manage FTP Access . . . . . . . . . . . . . . . . . . . . . . 100
Manage HTTP/HTTPS Access . . . . . . . . . . . . . . . . 101
Manage SSH Access . . . . . . . . . . . . . . . . . . . . . . 102
Manage Local User Access to the System . . . . . . . . . . 103
View Local User Information . . . . . . . . . . . . . . . . 103
Create Local Users . . . . . . . . . . . . . . . . . . . . . . 105
Modify a Local User Profile . . . . . . . . . . . . . . . . . 106
Delete Local User . . . . . . . . . . . . . . . . . . . . . . . 107
Enable and Disable Local User . . . . . . . . . . . . . . . 108
6
Contents
Change User Passwords . . . . . . . . . . . . . . . . . . . 108
Modify Password Policy . . . . . . . . . . . . . . . . . . . 109
Manage NIS Servers and Workgroups. . . . . . . . . . . . . 110
View NIS Information . . . . . . . . . . . . . . . . . . . . 110
Enable and Disable NIS Authentication . . . . . . . . . 111
Edit Domain Name . . . . . . . . . . . . . . . . . . . . . . 111
Configure Authentication Servers . . . . . . . . . . . . 111
Configure NIS Groups . . . . . . . . . . . . . . . . . . . . 112
Manage Windows Servers and Workgroups . . . . . . . . . 112
View Windows Information . . . . . . . . . . . . . . . . 113
Configure Authentication for Workgroup . . . . . . . 113
Configure Authentication for Active Directory . . . . 114
Create Allowed Groups . . . . . . . . . . . . . . . . . . . 116
Modify Groups . . . . . . . . . . . . . . . . . . . . . . . . . 116
Delete Groups . . . . . . . . . . . . . . . . . . . . . . . . . 117
Managing General Configuration Settings . . . . . . . . . . . . 117
Working with Email Settings . . . . . . . . . . . . . . . . . . 117
Configure Mail Server Settings . . . . . . . . . . . . . . 118
View Autosupport Email List . . . . . . . . . . . . . . . 118
Configure the Autosupport Mailing List . . . . . . . . . 118
Test the Alerts Email List . . . . . . . . . . . . . . . . . 119
Working with Time and Date Settings . . . . . . . . . . . . 119
View Time and Date Information . . . . . . . . . . . . 119
Configure Time and Date Settings . . . . . . . . . . . . 120
Working with System Properties . . . . . . . . . . . . . . . 120
View System Properties . . . . . . . . . . . . . . . . . . . 121
Configure System Properties . . . . . . . . . . . . . . . 121
Working with SNMP . . . . . . . . . . . . . . . . . . . . . . . . 121
DD OS 5.0 Administration Guide
7
Check SNMP Status . . . . . . . . . . . . . . . . . . . . . . 122
Configure SNMP Settings . . . . . . . . . . . . . . . . . . . 123
Enable or Disable SNMP . . . . . . . . . . . . . . . . . . . 123
View the SNMP MIB . . . . . . . . . . . . . . . . . . . . . . 123
Managing Reporting and Logging . . . . . . . . . . . . . . . . . . 124
Managing Autosupport Reporting. . . . . . . . . . . . . . . . 124
About the Daily Alerts Summary . . . . . . . . . . . . . . 124
Add to the Autosupport Report Email List . . . . . . . 125
Review Generated Autosupport Reports . . . . . . . . . 125
Managing Support Bundles . . . . . . . . . . . . . . . . . . . . 125
Generate a Support Bundle . . . . . . . . . . . . . . . . . 125
Review the Support Bundles List . . . . . . . . . . . . . 126
Managing Log Files . . . . . . . . . . . . . . . . . . . . . . . . . 126
Review System Log List . . . . . . . . . . . . . . . . . . . 127
Send Log Messages to Another System . . . . . . . . . . 127
Add a Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
Remove a Host . . . . . . . . . . . . . . . . . . . . . . . . . 128
Enable Sending Log Messages . . . . . . . . . . . . . . . . 128
Disable Sending Log Messages . . . . . . . . . . . . . . . 129
Display the List and State . . . . . . . . . . . . . . . . . . 129
List Log Files . . . . . . . . . . . . . . . . . . . . . . . . . . 129
Display a Log File . . . . . . . . . . . . . . . . . . . . . . . 130
Understand a Log Message . . . . . . . . . . . . . . . . . 131
Save a Copy of Log Files . . . . . . . . . . . . . . . . . . . 132
Using IPMI to Control Remote Data Domain Systems . . . . . 133
Getting Started with IPMI . . . . . . . . . . . . . . . . . . . . 134
Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
8
Contents
View IPMI Configuration Information . . . . . . . . . . 135
Configuring IPMI for a Remote Data Domain System . . 136
Set the IPMI Port on a Remote System . . . . . . . . . 136
Enable or Disable the IPMI Network Port . . . . . . . 137
Managing IPMI Users . . . . . . . . . . . . . . . . . . . . . 137
Managing the Remote Data Domain System . . . . . . . . 138
Log In to an IPMI Remote Data Domain System . . . 138
Performing Power Management on the
Remote System . . . . . . . . . . . . . . . . . . . . . 139
4 Monitoring Data Domain Systems . . . . . . . . . . . . 141
Monitoring with the DD Network Summary . . . . . . . . . . . 141
Check DD Network Status . . . . . . . . . . . . . . . . . . . . 142
About the System Status Pane . . . . . . . . . . . . . . 143
About the Space Usage Pane . . . . . . . . . . . . . . . 143
About the Systems Pane . . . . . . . . . . . . . . . . . . 144
Monitoring a Single System . . . . . . . . . . . . . . . . . . . . . 144
Check the System’s Status Summary . . . . . . . . . . . . 145
About the Alerts Pane . . . . . . . . . . . . . . . . . . . . 145
About the File System Pane . . . . . . . . . . . . . . . . 146
About the Services Pane . . . . . . . . . . . . . . . . . . 146
About the Hardware Pane . . . . . . . . . . . . . . . . . 146
Check the System Details . . . . . . . . . . . . . . . . . . . . 147
Monitoring Chassis Status . . . . . . . . . . . . . . . . . . . . . . 147
Fans. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
Temperature . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
Power Supply. . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
PCI Slots . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
DD OS 5.0 Administration Guide
9
NVRAM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
Working with Alerts . . . . . . . . . . . . . . . . . . . . . . . . . . 150
Working with the Current Alerts Page . . . . . . . . . . 151
Working with the Alerts History Page . . . . . . . . . . 153
Working with the Notification View . . . . . . . . . . . 155
Working with the Daily Alert Summary Page . . . . . . 159
Check Active Users. . . . . . . . . . . . . . . . . . . . . . . . . 159
Check System Statistics. . . . . . . . . . . . . . . . . . . . . . 160
CPU . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
NFS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
Disk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
Replication . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
FS ops . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
Working with Reports . . . . . . . . . . . . . . . . . . . . . . . . . 163
Types of Reports . . . . . . . . . . . . . . . . . . . . . . . . . . 163
File System Cumulative Space Usage Report . . . . . . 164
File System Daily Space Usage Report . . . . . . . . . . 165
Replication Status Report . . . . . . . . . . . . . . . . . . 166
Replication Summary Report
. . . . . . . . . . . . . . . 167
Create a Report. . . . . . . . . . . . . . . . . . . . . . . . . . . 168
View Saved Reports . . . . . . . . . . . . . . . . . . . . . . . . 169
Print Saved Reports . . . . . . . . . . . . . . . . . . . . . . . . 169
Delete Saved Reports . . . . . . . . . . . . . . . . . . . . . . . 169
Rename Saved Reports . . . . . . . . . . . . . . . . . . . . . . 170
Viewing the Task Log . . . . . . . . . . . . . . . . . . . . . . . . . 170
10
Contents
5 Working with the File System . . . . . . . . . . . . . . . 173
About the File System . . . . . . . . . . . . . . . . . . . . . . . . 173
How the File System Stores Data . . . . . . . . . . . . . . . 173
How the File System Reports Space Usage . . . . . . . . . 174
How the File System Uses Compression. . . . . . . . . . . 175
Types of Compression . . . . . . . . . . . . . . . . . . . . 176
How the File System Implements Data Integrity . . . . . 176
End-to-End Verification . . . . . . . . . . . . . . . . . . . 176
Fault Avoidance and Containment . . . . . . . . . . . . 177
Continuous Fault Detection and Healing . . . . . . . . 178
File System Recoverability . . . . . . . . . . . . . . . . . 179
How the File System Reclaims Storage Space with File
System Cleaning . . . . . . . . . . . . . . . . . . . . . . . . . . 179
Supported Interfaces. . . . . . . . . . . . . . . . . . . . . . . 180
Supported Backup Software . . . . . . . . . . . . . . . . . . 180
Data Streams Sent to a Data Domain System . . . . . . . 181
File System Limitations . . . . . . . . . . . . . . . . . . . . . 183
Limits on Number of Files in a Data Domain System
183
Maximum Number of Supported Inodes . . . . . . . . 185
Maximum Path Name Length . . . . . . . . . . . . . . . 185
Monitoring File System Usage . . . . . . . . . . . . . . . . . . . 185
Access the File System View . . . . . . . . . . . . . . . . . . 185
About the File System Overview Pane . . . . . . . . . 186
About the Summary View . . . . . . . . . . . . . . . . . 187
About the Archive Units View . . . . . . . . . . . . . . . 188
About the Configuration View . . . . . . . . . . . . . . 188
About the Space Usage View . . . . . . . . . . . . . . . 189
DD OS 5.0 Administration Guide
11
About the Consumption View . . . . . . . . . . . . . . . . 190
About the Daily Written View . . . . . . . . . . . . . . . 191
When the File System Is Full or Nearly Full . . . . . . . 192
Monitor the Space Usage with Email Alerts . . . . . . . 193
Managing File System Operations. . . . . . . . . . . . . . . . . . 193
Performing Basic Operations . . . . . . . . . . . . . . . . . . 193
Creating the File System . . . . . . . . . . . . . . . . . . . 193
Enable or Disable the File System . . . . . . . . . . . . . 194
Expand the File System . . . . . . . . . . . . . . . . . . . 195
Destroy the File System . . . . . . . . . . . . . . . . . . . 195
Performing Cleaning . . . . . . . . . . . . . . . . . . . . . . . . 196
Manually Start and Stop Cleaning . . . . . . . . . . . . . 196
Modify a Cleaning Schedule . . . . . . . . . . . . . . . . . 197
Throttle the Cleaning Operation . . . . . . . . . . . . . 197
Modifying Basic Settings . . . . . . . . . . . . . . . . . . . . . 198
Change Local Compression . . . . . . . . . . . . . . . . . 198
Change Read-only Settings . . . . . . . . . . . . . . . . . 199
Working with Disk Staging . . . . . . . . . . . . . . . . . . 199
Configure Disk Staging . . . . . . . . . . . . . . . . . . . . 200
Tape Marker Settings . . . . . . . . . . . . . . . . . . . . . 200
Managing Encryption of Data at Rest . . . . . . . . . . . . . . . 201
How Encryption of Data at Rest Works . . . . . . . . . . . . 201
Setting Up Encryption of Data at Rest . . . . . . . . . . . . 203
Locking and Unlocking the System. . . . . . . . . . . . . . . 203
Changing the Encryption Algorithm . . . . . . . . . . . . . . 205
Changing the Encryption Passphrase . . . . . . . . . . . . . 205
Fast Copy Operations . . . . . . . . . . . . . . . . . . . . . . . . . 206
12
Contents
Perform a Fast Copy Operation . . . . . . . . . . . . . . 207
6 Working with MTrees . . . . . . . . . . . . . . . . . . . . 209
About MTrees . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209
Monitoring MTree Usage. . . . . . . . . . . . . . . . . . . . . 210
About the MTree Overview Pane . . . . . . . . . . . . . . . 210
About the Summary View . . . . . . . . . . . . . . . . . . . . 211
View Detail Information . . . . . . . . . . . . . . . . . . 211
View MTree Snapshot Information . . . . . . . . . . . . 213
View MTree Retention Lock Information . . . . . . . . 214
About the Space Usage View. . . . . . . . . . . . . . . . . . 214
About the Daily Written View . . . . . . . . . . . . . . . . . 215
Managing MTree Operations . . . . . . . . . . . . . . . . . . . . 216
Create an MTree . . . . . . . . . . . . . . . . . . . . . . . . . 216
Delete an MTree. . . . . . . . . . . . . . . . . . . . . . . . . . 217
Undelete an MTree . . . . . . . . . . . . . . . . . . . . . . . . 217
Rename an MTree. . . . . . . . . . . . . . . . . . . . . . . . . 217
Working with Retention Lock. . . . . . . . . . . . . . . . . . . . 218
About Retention Lock . . . . . . . . . . . . . . . . . . . . . . 218
Create Client-Side Retention-Locked Files and
Set Retention Dates . . . . . . . . . . . . . . . . . . . . . . . 219
Modify Retention Lock Settings . . . . . . . . . . . . . . . . 220
7 Working with Snapshots . . . . . . . . . . . . . . . . . . 223
About Snapshots . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223
Monitoring Snapshots and Their Schedules . . . . . . . . . . . 224
About the Snapshots View . . . . . . . . . . . . . . . . . . . 224
DD OS 5.0 Administration Guide
13
Snapshots Overview Pane . . . . . . . . . . . . . . . . . . 225
Snapshots View . . . . . . . . . . . . . . . . . . . . . . . . . 225
Schedules View . . . . . . . . . . . . . . . . . . . . . . . . . 226
Managing Snapshots . . . . . . . . . . . . . . . . . . . . . . . . . . 226
Create a Snapshot . . . . . . . . . . . . . . . . . . . . . . . . . 226
Modify a Snapshot Expiration Date . . . . . . . . . . . . . . 227
Rename a Snapshot . . . . . . . . . . . . . . . . . . . . . . . . 228
Expire a Snapshot . . . . . . . . . . . . . . . . . . . . . . . . . 228
Managing Snapshot Schedules . . . . . . . . . . . . . . . . . . . . 229
Create a Snapshot Schedule . . . . . . . . . . . . . . . . . . . 229
Modify a Snapshot Schedule . . . . . . . . . . . . . . . . . . . 231
Delete a Snapshot Schedule . . . . . . . . . . . . . . . . . . . 232
Recover Data from a Snapshot . . . . . . . . . . . . . . . . . . . 232
8 Data Access for CIFS . . . . . . . . . . . . . . . . . . . . 233
Performing CIFS Setup . . . . . . . . . . . . . . . . . . . . . . . . . 234
Prepare Clients for Access to Data Domain Systems . . . 234
Enable CIFS Services . . . . . . . . . . . . . . . . . . . . . . . . 235
Naming the CIFS Server . . . . . . . . . . . . . . . . . . . . . . 235
Change the NetBIOS Hostname . . . . . . . . . . . . . . . 235
Setting Authentication Parameters . . . . . . . . . . . . . . 236
Configure Authentication for Active Directory . . . . 236
Configure Authentication for Workgroups . . . . . . . 238
Configure Authentication for NT4 Mode . . . . . . . . . 238
Resetting the Authentication Mode to the Default
(Workgroup) . . . . . . . . . . . . . . . . . . . . . . . . 239
Specify a WINS Server . . . . . . . . . . . . . . . . . . . . 239
14
Contents
Restrict CIFS Interfaces . . . . . . . . . . . . . . . . . . . . . 239
Set CIFS Options . . . . . . . . . . . . . . . . . . . . . . . . . . 239
Disable CIFS Services. . . . . . . . . . . . . . . . . . . . . . . 240
Working with Shares . . . . . . . . . . . . . . . . . . . . . . . . . 240
Creating Shares on the Data Domain System . . . . . . . 240
Modify a Share on a Data Domain System . . . . . . . . . 242
Create a Share from an Existing Share . . . . . . . . . . . 243
Disable a Share on a Data Domain System . . . . . . . . . 244
Enable a Share on a Data Domain System . . . . . . . . . 244
Delete a Share on a Data Domain System . . . . . . . . . 244
Performing MMC Administration . . . . . . . . . . . . . . . 245
Connect to a Data Domain Share from a CIFS Client . . 245
Create a \backup Subfolder as Read-Only . . . . . . . 246
Display CIFS Information . . . . . . . . . . . . . . . . . . . . 247
Managing Access Control . . . . . . . . . . . . . . . . . . . . . . 247
Accessing Shares from a Windows Client . . . . . . . . . . 248
Provide Domain Users Administrative Access . . . . . . . 248
Allow Access from Trusted Domain Users . . . . . . . . . 248
Allow Administrative Access to a Data Domain System
for Domain Users . . . . . . . . . . . . . . . . . . . . . . . . . 249
Restrict Administrative Access from Windows . . . . . . 249
File Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250
NT Access Control Lists . . . . . . . . . . . . . . . . . . . 250
Set DACL Permissions Using the Windows Explorer . 252
Set SACL Permissions Using the Windows Explorer . 253
View or Change the Current Owner Security ID
(Owner SID) . . . . . . . . . . . . . . . . . . . . . . . . 253
DD OS 5.0 Administration Guide
15
Convert the Metadata . . . . . . . . . . . . . . . . . . . . 254
Monitoring CIFS Operation . . . . . . . . . . . . . . . . . . . . . . 254
Display CIFS Status . . . . . . . . . . . . . . . . . . . . . . . . . 254
Display CIFS Configuration . . . . . . . . . . . . . . . . . . . . 255
Authentication Configuration . . . . . . . . . . . . . . . . 255
Display Share Information . . . . . . . . . . . . . . . . . . . . 256
Viewing Configured Shares . . . . . . . . . . . . . . . . . 256
Viewing Detailed Share Information . . . . . . . . . . . 257
Display CIFS Statistics . . . . . . . . . . . . . . . . . . . . . . . 258
Performing CIFS Troubleshooting . . . . . . . . . . . . . . . . . . 258
Display Clients Current Activity . . . . . . . . . . . . . . . . 258
Set the Maximum Number of Open Files . . . . . . . . . . . 259
Data Domain System Clock. . . . . . . . . . . . . . . . . . . . 259
Synchronize from a Windows Domain Controller . . . . . 260
Synchronize from an NTP Server . . . . . . . . . . . . . . . . 260
9 Data Access for NFS . . . . . . . . . . . . . . . . . . . . . 261
Managing NFS Client Access to the Data Domain System. . . 262
Enable NFS Services . . . . . . . . . . . . . . . . . . . . . . . . 262
Disable NFS Services . . . . . . . . . . . . . . . . . . . . . . . . 262
Create an Export . . . . . . . . . . . . . . . . . . . . . . . . . . 263
Modify an Export . . . . . . . . . . . . . . . . . . . . . . . . . . 264
Create an Export from an Existing Export . . . . . . . . . . 266
Delete an Export . . . . . . . . . . . . . . . . . . . . . . . . . . 266
Displaying NFS Information. . . . . . . . . . . . . . . . . . . . . . 266
View NFS Status. . . . . . . . . . . . . . . . . . . . . . . . . . . 266
View NFS Exports . . . . . . . . . . . . . . . . . . . . . . . . . . 267
16
Contents
View Active NFS Clients . . . . . . . . . . . . . . . . . . . . . 267
10 Data Access for DD Boost . . . . . . . . . . . . . . . . . . 269
About Data Domain DD Boost Software . . . . . . . . . . . . . 269
Working with DD Boost . . . . . . . . . . . . . . . . . . . . . . . . 270
Set or Modify a DD Boost User Name . . . . . . . . . . . . 271
Enable DD Boost . . . . . . . . . . . . . . . . . . . . . . . . . . 272
Disable DD Boost . . . . . . . . . . . . . . . . . . . . . . . . . 272
Create a Storage Unit . . . . . . . . . . . . . . . . . . . . . . 273
Delete a Storage Unit . . . . . . . . . . . . . . . . . . . . . . 273
Clear DD Boost Statistics . . . . . . . . . . . . . . . . . . . . 274
Enable Distributed Segment Processing. . . . . . . . . . . 274
Disable Distributed Segment Processing . . . . . . . . . . 275
Enable Low Bandwidth Optimization . . . . . . . . . . . . 275
Disable Low Bandwidth Optimization . . . . . . . . . . . . 275
Manage an Interface Group . . . . . . . . . . . . . . . . . . 275
Create an Interface Group . . . . . . . . . . . . . . . . . 277
Enable the Interface Group . . . . . . . . . . . . . . . . 277
Disable an Interface . . . . . . . . . . . . . . . . . . . . . 278
Remove an Interface . . . . . . . . . . . . . . . . . . . . 278
Disable DD Boost . . . . . . . . . . . . . . . . . . . . . . . . . 278
Destroy DD Boost . . . . . . . . . . . . . . . . . . . . . . . . . 278
Monitoring DD Boost . . . . . . . . . . . . . . . . . . . . . . . . . 279
About the DD Boost Overview Pane . . . . . . . . . . . . . 279
About the Details Pane . . . . . . . . . . . . . . . . . . . . . 279
Checking Activities . . . . . . . . . . . . . . . . . . . . . . 280
Checking Active File Replication Status . . . . . . . . 281
DD OS 5.0 Administration Guide
17
Checking Storage Units . . . . . . . . . . . . . . . . . . . . 281
Checking File Replication Stats . . . . . . . . . . . . . . 282
Checking DD Boost Statistics . . . . . . . . . . . . . . . . 283
11 Working with VTL . . . . . . . . . . . . . . . . . . . . . . 285
About the Virtual Tape Library (VTL) Feature . . . . . . . . . 285
Planning a Virtual Tape Library . . . . . . . . . . . . . . . . . . . 286
Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287
About Tape Barcodes . . . . . . . . . . . . . . . . . . . . . . . 288
About the Enterprise Manager VTL Interface . . . . . . . . . . 290
Setting Up a Virtual Tape Library . . . . . . . . . . . . . . . . . 291
Working with the VTL Service Operations . . . . . . . . . . . . 291
View the VTL Service Informational Pane . . . . . . . . 292
Enable VTL . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293
Disable VTL . . . . . . . . . . . . . . . . . . . . . . . . . . . 294
Configure VTL Options . . . . . . . . . . . . . . . . . . . . 294
Working with Libraries . . . . . . . . . . . . . . . . . . . . . . 295
View the Libraries Informational Pane . . . . . . . . . . 295
Create a Library . . . . . . . . . . . . . . . . . . . . . . . . 296
Delete a Library . . . . . . . . . . . . . . . . . . . . . . . . 297
Working with a Library . . . . . . . . . . . . . . . . . . . . . . 298
View the Library Informational Pane . . . . . . . . . . . 299
Viewing Changer Information . . . . . . . . . . . . . . . . . . 299
Working with Tape Drives . . . . . . . . . . . . . . . . . . . . 299
View Drives Information . . . . . . . . . . . . . . . . . . . 301
Create Tape Drives . . . . . . . . . . . . . . . . . . . . . . 301
Remove Tape Drives . . . . . . . . . . . . . . . . . . . . . 303
18
Contents
Migrating from LTO-1 to LTO-2 or LTO-3 Type Tapes 303
Access LTO Migration Guides . . . . . . . . . . . . . . . 303
Working with a Tape Drive . . . . . . . . . . . . . . . . . . . 304
View Drive Information . . . . . . . . . . . . . . . . . . . 304
Remove a Tape Drive . . . . . . . . . . . . . . . . . . . . 305
Working with Tapes . . . . . . . . . . . . . . . . . . . . . . . 305
View Tape Information . . . . . . . . . . . . . . . . . . . 306
Import Tapes . . . . . . . . . . . . . . . . . . . . . . . . . 307
Export Tapes . . . . . . . . . . . . . . . . . . . . . . . . . . 309
Move Tapes . . . . . . . . . . . . . . . . . . . . . . . . . . . 310
Search for Tapes . . . . . . . . . . . . . . . . . . . . . . . 312
Create Tapes . . . . . . . . . . . . . . . . . . . . . . . . . 313
Delete Tapes . . . . . . . . . . . . . . . . . . . . . . . . . . 314
Working with Tape Slots and CAPs . . . . . . . . . . . . . . 315
Add Slots . . . . . . . . . . . . . . . . . . . . . . . . . . . . 316
Delete Slots . . . . . . . . . . . . . . . . . . . . . . . . . . 316
Add CAPs . . . . . . . . . . . . . . . . . . . . . . . . . . . . 317
Delete CAPs . . . . . . . . . . . . . . . . . . . . . . . . . . 317
Working with the Vault . . . . . . . . . . . . . . . . . . . . . 318
View Vault Information . . . . . . . . . . . . . . . . . . . 318
Working with a Vault Pools . . . . . . . . . . . . . . . . . . . 318
View Vault Pool Information . . . . . . . . . . . . . . . 319
Working with Access Groups . . . . . . . . . . . . . . . . . . . . 320
View Access Groups Information . . . . . . . . . . . . . 321
Working with an Access Group . . . . . . . . . . . . . . . . 321
View Access Group Information . . . . . . . . . . . . . 321
Configure an Access Group . . . . . . . . . . . . . . . . 322
Delete an Access Group . . . . . . . . . . . . . . . . . . 327
DD OS 5.0 Administration Guide
19
Configure the NDMP Device TapeServer Group . . . . 327
Working with Physical Resources . . . . . . . . . . . . . . . . . . 330
Working with Initiators . . . . . . . . . . . . . . . . . . . . . . 330
View Initiators Information . . . . . . . . . . . . . . . . . 331
Set Initiators Alias . . . . . . . . . . . . . . . . . . . . . . . 331
Working with an Initiator. . . . . . . . . . . . . . . . . . . . . 332
View Initiator Information . . . . . . . . . . . . . . . . . . 332
Reset an Initiator Alias . . . . . . . . . . . . . . . . . . . . 333
Rename an Initiator Alias . . . . . . . . . . . . . . . . . . 333
Set a Group for an Initiator . . . . . . . . . . . . . . . . . 333
Delete an Initiator . . . . . . . . . . . . . . . . . . . . . . . 334
Working with HBA Ports . . . . . . . . . . . . . . . . . . . . . 334
View HBA Ports Information . . . . . . . . . . . . . . . . 334
Enable HBA Ports . . . . . . . . . . . . . . . . . . . . . . . 335
Disable HBA Ports . . . . . . . . . . . . . . . . . . . . . . . 335
Working with an HBA Port . . . . . . . . . . . . . . . . . . . . 336
View HBA Port Information . . . . . . . . . . . . . . . . . 336
Configure HBA Ports for an Access Group . . . . . . . . 339
Working with Storage Pools . . . . . . . . . . . . . . . . . . . . . 339
View Pools Information . . . . . . . . . . . . . . . . . . . . 340
Create Storage Pools . . . . . . . . . . . . . . . . . . . . . 341
Delete Storage Pools . . . . . . . . . . . . . . . . . . . . . 342
Replicate VTL Pools . . . . . . . . . . . . . . . . . . . . . . 342
Working with a Storage Pool . . . . . . . . . . . . . . . . . . 342
View Pool Information . . . . . . . . . . . . . . . . . . . . 343
12 Working with Replication . . . . . . . . . . . . . . . . . 345
About Replication. . . . . . . . . . . . . . . . . . . . . . . . . . . . 345
20
Contents
Types of Replication . . . . . . . . . . . . . . . . . . . . . . . 346
Collection Replication . . . . . . . . . . . . . . . . . . . 347
Directory Replication . . . . . . . . . . . . . . . . . . . . 347
Pool Replication . . . . . . . . . . . . . . . . . . . . . . . 348
Supported Replication Topologies . . . . . . . . . . . . . . . . 348
One-to-One Replication . . . . . . . . . . . . . . . . . . 348
Bi-Directional Replication . . . . . . . . . . . . . . . . . 349
One-to-Many Replication . . . . . . . . . . . . . . . . . . 349
Many-to-One Replication . . . . . . . . . . . . . . . . . . 350
Cascaded Replication . . . . . . . . . . . . . . . . . . . . 351
Using Encryption with Replication . . . . . . . . . . . . . . . . 352
About the Replication View. . . . . . . . . . . . . . . . . . . . . 353
Replication Status. . . . . . . . . . . . . . . . . . . . . . . . . 353
Summary View . . . . . . . . . . . . . . . . . . . . . . . . . . . 354
Detailed Information . . . . . . . . . . . . . . . . . . . . 355
Topology View . . . . . . . . . . . . . . . . . . . . . . . . . . . 357
Performance View . . . . . . . . . . . . . . . . . . . . . . . . 357
Advanced Settings View . . . . . . . . . . . . . . . . . . . . . 358
Throttle Settings . . . . . . . . . . . . . . . . . . . . . . . 358
Network Settings . . . . . . . . . . . . . . . . . . . . . . . 358
Preparing to Configure Replication . . . . . . . . . . . . . . . . 359
Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 360
Configuring Replication . . . . . . . . . . . . . . . . . . . . . . . 360
Create a Replication Pair . . . . . . . . . . . . . . . . . . . . 361
Create a Collection Replication Pair . . . . . . . . . . 361
Create a Directory or Pool Replication Pair . . . . . . 362
Enable and Disable Replication Pair . . . . . . . . . . . . . 364
DD OS 5.0 Administration Guide
21
Delete a Replication Pair. . . . . . . . . . . . . . . . . . . . . 365
Change Host Connection Settings . . . . . . . . . . . . . . . 365
Configuring Low Bandwidth Optimization . . . . . . . . 366
Configuring Encryption Over Wire . . . . . . . . . . . . . 366
Configuring a Non-Default Connection Port . . . . . . 366
Managing Bandwidth with Throttling . . . . . . . . . . . . . 367
Add Throttle Settings . . . . . . . . . . . . . . . . . . . . . 367
Delete Throttle Settings . . . . . . . . . . . . . . . . . . . 368
Temporarily Override a Throttle Setting . . . . . . . . 368
Working with Low Bandwidth Optimization . . . . . . . . . 369
Change the Network Settings . . . . . . . . . . . . . . . . . . 369
Change the Global Network Settings . . . . . . . . . . . 370
Change the Global Listen Port . . . . . . . . . . . . . . . 370
Resynchronize Data in a Replication Pair . . . . . . . . . . . . 370
Resync a Directory Replication Pair . . . . . . . . . . . . . . 371
Abort a Resync of a Directory Replication Pair . . . . 371
Recover Data from Replication Pair . . . . . . . . . . . . . . . . 372
Recover Collection Replication Pair Data . . . . . . . . . . 372
Recover Directory Replication Pair Data . . . . . . . . . . . 372
Abort a Replication Pair Recover . . . . . . . . . . . . . . . 373
Replication Seeding . . . . . . . . . . . . . . . . . . . . . . . . . . 373
Monitoring Replication . . . . . . . . . . . . . . . . . . . . . . . . 374
Checking Replication Status . . . . . . . . . . . . . . . . . . . 374
Check Replication Pair Status . . . . . . . . . . . . . . . 374
Track Status of a Backup Job's Replication Progress . 375
Track Status of a Replication Process . . . . . . . . . . 375
Check the Performance of a Replication Context . . 375
22
Contents
About This Guide
This guide explains how to manage the Data Domain® system
with an emphasis on procedures using the Data Domain
Enterprise Manager (EM), the browser-based graphical user
interface (GUI). If an important administrative task is not
supported from the Enterprise Manager, the Command Line
Interface (CLI) commands are described.
Note: In some cases, for an Enterprise Manager feature, the CLI
command may offer more options than those that are offered by
the Enterprise Manager.
This chapter includes descriptions of the individual chapters,
related documentation, conventions, and audience, as well as
contact information.
Related Documents
The following Data Domain system documents provide additional
information:
•
Data Domain Operating System Release Notes, Version 5.0.x
•
DD OS 5.0 Initial Configuration Guide
•
DD OS 5.0 Command Quick Reference
•
DD OS 5.0 Command Reference Guide
•
Data Domain Hardware Guide
•
Data Domain Expansion Shelf Hardware Guide
•
DD860 Archiver Administrator Guide
•
Data Domain Boost for OpenStorage Administration Guide
DD OS 5.0 Administration Guide
23
•
The Data Domain system installation and setup guides for each
of the supported platforms (for example DD880, DD690g, and
so forth).
Conventions
The following table describes the typographical conventions used
in this guide.
Typeface or
Symbol
Usage
Examples
Monospace
Commands, command
options, and parameters
and computer output.
Use the config command to
manage the Data Domain
system configuration
settings.
Monospace
bold
Commands the user types at
the command prompt (#).
Enter:
# config setup
Monospace
italic bold
Command variables the user
types at the command prompt
(#).
# log view file_name
Italic
Book titles, and variables.
Refer to the DD OS 5.0
Command Reference Guide for
complete descriptions of DD
OS commands.
Pipe (|) and
curly braces
({})
Choose (pipe) between a
required argument (curly
braces) in the CLI.
{arg1 | arg2}
Brackets ([])
and ellipses
(...)
One or more (list with
commas and ellipses)
optional (bracket)
arguments in the CLI.
[arg1, arg2, ...]
Audience
This guide is for system administrators who are familiar with
standard backup software packages and general backup
administration.
24
About This Guide
Contacting Data Domain
To resolve issues with Data Domain products, contact your
contracted support provider or visit us online at
https://my.datadomain.com.
DD OS 5.0 Administration Guide
25
26
About This Guide
1 Introducing the Data Domain
System
This chapter includes the following sections:
•
Data Domain Systems on page 27
•
Data Domain System Features on page 28
•
How Data Domain Systems Integrate into the Storage Environment
on page 33
Data Domain Systems
Data Domain systems are disk-based deduplication appliances
and gateways that provide data protection and disaster recovery
(DR) in the enterprise environment.
All Data Domain systems run the Data Domain operating system
(DD OS), which provides both a command line interface (CLI) for
performing all system operations, and the Enterprise Manager (a
graphical user interface, or GUI) for configuration operations,
management, and monitoring.
Data Domain systems are:
•
A range of appliances that vary in storage capacity and data
throughput.
•
Configurable with expansion shelves that add storage space.
•
Global Deduplication Array (GDA) systems which combine
two Data Domain systems into one global deduplication pool.
•
Gateway systems that store all data on qualified third-party
storage arrays through a Fibre Channel interface.
DD OS 5.0 Administration Guide
27
See the list of qualified arrays in the Storage Array Compatibility
List at https://my.datadomain.com/documentation >
Compatibility Matricies > Data Domain Storage Array Compatibility
List.
Data Domain System Features
The following sections describe how Data Domain systems ensure
data integrity and provide multiple levels of data compression,
reliable restorations, data replication, and multipath
configurations.
•
Data Integrity on page 28
•
Data Compression on page 29
•
Restore Operations on page 30
•
Data Domain Replicator on page 30
•
Multipath and Load Balancing on page 31
•
System Access on page 31
•
Licensed Features on page 32
Data Integrity
The DD OS Data Invulnerability Architecture™ protects against
data loss from hardware and software failures.
28
•
When writing to disk, the DD OS creates and stores checksums
and self-describing metadata for all data received. After
writing the data to disk, the DD OS then recomputes and
verifies the checksums and metadata.
•
An append-only write policy guards against overwriting valid
data.
•
After a backup completes, a validation process looks at what
was written to disk to see that all file segments are logically
correct within the file system and that the data is the same on
the disk as it was before being written to disk.
Introducing the Data Domain System
•
In the background, the online verify operation continuously
checks that data on the disks is correct and unchanged since
the earlier validation process.
•
Storage in most Data Domain systems is set up in a double
parity RAID 6 configuration (two parity drives). Additionally
most configurations include a hot spare in each enclosure,
except the DD1xx and DD400 series systems, which have eight
disks. Each parity stripe has block checksums to ensure that
data is correct. The checksums are constantly used during the
online verify operation and when data is read from the Data
Domain system. With double parity, the system can fix
simultaneous errors on up to two disks.
•
To keep data synchronized during a hardware or power
failure, the Data Domain system uses NVRAM (non-volatile
RAM) to track outstanding I/O operations. An NVRAM card
with fully-charged batteries (the typical state) can retain data
for a minimum of 48 hours.
•
When reading data back on a restore operation, the DD OS
uses multiple layers of consistency checks to verify that
restored data is correct.
Data Compression
DD OS stores only unique data. Through Global Compression, a
Data Domain system eliminates redundant data from each backup
image and only stores unique data.
Any duplicate data are stored only once. The storage of unique
data is invisible to backup software.
DD OS data compression is independent of data format. Data can
be structured, such as databases, or unstructured, such as text files.
Data can be from file systems or raw volumes.
Typical compression ratios are 20:1 on average over many weeks.
This assumes weekly full and daily incremental backups. A
backup that includes many duplicate or similar files (files copied
several times with minor changes) benefits the most from
compression.
DD OS 5.0 Administration Guide
29
Depending on backup volume, size, retention period, and rate of
change, the amount of compression can vary. The best
compression happens with backup volume sizes of at least 10 MiB
(the base 2 equivalent of MB).
To take full advantage of multiple Data Domain systems, a site that
has more than one Data Domain system should consistently
backup the same client system or set of data to the same Data
Domain system. For example, if a full back up of all sales data goes
to Data Domain system A, the incremental backups and future full
backups for sales data should also go to Data Domain system A.
Restore Operations
With disk backup through the Data Domain system, incremental
backups are always reliable and can be easily accessed.
Furthermore, with a Data Domain system, you can perform full
backups more frequently without the penalty of storing redundant
data. With tape backups, a restore operation may rely on multiple
tapes holding incremental backups. Also, the more incremental
backups a site has on multiple tapes, the more time-consuming
and risky the restore process. One bad tape can kill the restore.
From a Data Domain system, file restores create little or no
contention with backup or other restore operations. Unlike tape
drive backups, multiple processes can access a Data Domain
system simultaneously. A Data Domain system allows your site to
offer safe, user-driven, single-file restore operations.
Data Domain Replicator
The Data Domain Replicator sets up and manages the replication
of backup data between two Data Domain systems. After
replication is started, the source Data Domain system
automatically sends any new backup data to the destination Data
Domain system.
A Replicator pair deals with either a complete data set or a
directory from a source Data Domain system that is sent to a
destination Data Domain system. An individual Data Domain
system can be a part of multiple replication pairs and can serve as a
source for one or more pairs and a destination for one or more
pairs.
30
Introducing the Data Domain System
Multipath and Load Balancing
Multipath configuration and load balancing is supported on Data
Domain systems that have at least two HBA ports. In a multipath
configuration on a Data Domain system, each of two HBA ports on
the system is connected to a separate port on the backup server. On
a Data Domain gateway, each of two HBA ports are connected to a
separate port on the array that the gateway uses as a backup
destination. For more on multipath configuration, see the DD OS
5.0 Initial Configuration Guide and the DD OS 5.0 Command Reference
Guide.
System Access
The DD OS provides the following ways to access the system for
configuration and management:
•
CLI—A Data Domain system has a complete command set
available to users in a command line interface. Commands
perform initial system configuration and changes to individual
system settings as well as display system and operation status.
The command line interface is available through a serial
console or a keyboard and monitor attached directly to the
Data Domain system, or through Ethernet connections using
SSH or Telnet.
•
Enterprise Manager—A browser-based graphical user
interface, the Enterprise Manager (EM) is available through
Ethernet connections. Use the Enterprise Manager to perform
initial system configuration, make configuration changes after
initial configuration, display system and component status,
and generate reports and charts. The Enterprise Manager also
provides centralized management for one or multiple Data
Domain systems.
DD OS 5.0 Administration Guide
31
Licensed Features
A license is required to operate each of the following features on a
Data Domain system.
Table 1-1: Features Requiring Licenses
Feature Name
Description
DD Boost
Allows a system to use the Boost interface
on a Data Domain system.
Replication
Adds the Data Domain Replicator for
replication of data from one Data Domain
system to another.
Retention Lock
Prevents retention-locked files from being
deleted or modified for up to 70 years.
VTL (Virtual Tape
Library)
Allows backup software to see a Data
Domain system as a tape library.
Encryption for Data at
Rest
Allows data on system drives or external
storage to be encrypted while being saved,
and then locked before moving to another
location.
Expansion Storage
Allows the upgrade of capacity for the Data
Domain system. Enables either the upgrade
of a 9-disk DD510/DD530 to 15 disks, or the
upgrade of a 7-disk DD610/DD630 to 12
disks.
Global Deduplication
Licenses the global deduplication array.
Nearline
Identifies systems that are deployed for
archive and nearline workloads.
Gateway Expanded
Storage Level 2
Enables gateway systems to support up to
71 TB of usable capacity.
Gateway Expanded
Storage Level 3
Enables gateway systems to support up to
145 TB of usable capacity.
Archiver
Archival tier storage for the DD860
platform.
Contact your Data Domain representative to purchase licensed
features.
32
Introducing the Data Domain System
See Managing System Licenses on page 60 for instructions on
viewing and installing licenses.
How Data Domain Systems Integrate into the
Storage Environment
Data Domain systems integrate easily into existing data centers:
•
All Data Domain systems can be configured as storage
destinations for leading backup and archiving applications
using NFS, CIFS, Boost, or VTL protocols.
•
Consult the compatibility matrices at
https://my.datadomain.com for information the applications
that work with the different configurations.
•
The Data Domain gateway series uses external disk arrays for
storage. Data Domain gateways work with Data Domain
arrays and are also qualified with storage systems from several
leading enterprise storage providers.
•
Multiple backup servers can share one Data Domain system.
•
One Data Domain system can handle multiple simultaneous
backup and restore operations.
•
Multiple Data Domain systems can be connected to one or
more backup servers.
For use as a backup destination, a Data Domain system can be
configured either as a disk storage unit with a file system that is
accessed through an Ethernet connection or as a virtual tape
library (VTL) that is accessed through a Fibre Channel connection.
The VTL feature enables Data Domain systems to be integrated
into environments where backup software is already configured
for tape backups, minimizing disruption.
The configuration is performed both in the DD OS, as described in
the relevant sections of this guide, and in the backup application,
as described in the backup application’s administrator guides and
in Data Domain application-related guides and tech notes.
DD OS 5.0 Administration Guide
33
•
All backup applications can access a Data Domain system as
either an NFS or a CIFS file system on the Data Domain disk
device.
•
The Symantec Veritas NetBackup (NBU), Backup Exec, and
EMC NetWorker application work with a Data Domain system
using DD Boost interface.
The following figure shows a Data Domain system integrated into
an existing basic backup configuration.
Figure 1-1: Data Domain System Integrated in a Storage Environment
Referring to Figure 1-1, data flows to a Data Domain system
through an Ethernet or Fibre Channel connection. Immediately,
the data verification processes begin and are continued while the
data is on the Data Domain system. In the file system, the DD OS
Global Compression™ algorithms dedupe and compress the data
for storage. Data is then sent to the disk RAID subsystem. When a
restore operation is required, data is retrieved from Data Domain
storage, decompressed, verified for consistency, and transferred
34
Introducing the Data Domain System
via Ethernet to the backup servers using Ethernet (NFS, CIFS, DD
Boost) or using Fiber Channel (VTL).
Backup Software Requirements
This section provides information needed to set up a Data Domain
system as a storage destination for an application. It includes:
•
Application Compatibility Matrices and Integration Guides on
page 35
•
View Data Domain Application-Related Documents on page 36
•
Generic Application Configuration Guidelines on page 36
Application Compatibility Matrices and Integration Guides
The Data Domain support Web site provides compatibility
matrices and integration documents on how to integrate Data
Domain systems as storage destinations with qualified backup
applications. Integration is generally easy and straightforward.
The integration guides provide specific parameters and limitations
that must be understood and followed for the applications to be
able to work with Data Domain systems.
The Documentation page at
https://my.datadomain.com/documentation provides links to two
categories of documents.
•
•
The Compatibility Matrices area contains matrices describing the
backup applications that are qualified for use with Data
Domain systems as well as compatibility with the following
components:
•
Data Domain hardware product numbers
•
Data Domain operating system (DD OS) versions
•
Backup server and client operating system versions
•
Application software versions
•
Hardware driver versions
The Integration Documentation area displays a page with a dropdown list of backup software vendors. A page for each vendor
DD OS 5.0 Administration Guide
35
lists integration guides, application introductions, and tech
notes with application-specific integration guidelines.
View Data Domain Application-Related Documents
1. Log in to the Data Domain Support portal at
https://my.datadomain.com/documentation.
2. To view integration-related documents:
a. Click Integration Documentation.
b. Select the vendor of the backup application from the
Vendor menu.
For example, to find Symantec VERITAS NetBackup
guides, select Symantec. A list of related guides appears.
c. Select the desired title from the list and click View.
3. To view compatibility matrices, perform the following steps.
a. Click Compatibility Matrices.
b. Select the desired title from the product menu and click
View.
Generic Application Configuration Guidelines
The DD OS accommodates relatively large streams of sequential
data from backup software and is optimized for high throughput,
continuous data verification, and high compression. It also
accommodates the large numbers of smaller files in nearline
storage.
Data Domain system performance is best when storing data from
applications that are not specifically backup software when:
36
•
Data is sent to the Data Domain system as sequential writes (no
overwrites).
•
No compression or encryption is used before sending the data
to the Data Domain.
Introducing the Data Domain System
2
Getting Started
This chapter describes how to log in to the Data Domain system
and start using the Enterprise Manager and CLI.
This chapter describes the following topics:
•
Interacting with the System on page 37
•
Using the Enterprise Manager on page 38
•
Using the EM Configuration Wizard on page 44
•
Using the CLI on page 49
Interacting with the System
The Data Domain Enterprise Manager is a browser-based graphical
user interface, available through Ethernet connections, for
managing up to 20 Data Domain systems (depending on the
model) at any location. The Enterprise Manager provides a single,
consolidated management interface that allows for configuration
and monitoring of many system features and system settings.
The Enterprise Manager provides real-time graphs and tables that
allow you to monitor the status of system hardware components
and configured features.
Additionally, a command set that performs all system functions is
available to users at the Command Line Interface (CLI). Commands
configure system settings and provide displays of system
hardware status, feature configuration, and operation.
The command line interface is available through a serial console
when a keyboard and monitor are directly attached to the Data
Domain system, or remotely through an Ethernet connection using
SSH or Telnet.
DD OS 5.0 Administration Guide
37
Using the Enterprise Manager
This section describes how to log in to the Enterprise Manager and
describes the GUI elements. It includes:
•
Log In and Out of the Enterprise Manager on page 38
•
About the Enterprise Manager Interface on page 39
Log In and Out of the Enterprise Manager
1. Open a Web browser and enter the IP address or hostname to
connect to the management system. It must be:
•
A fully qualified domain name (for example,
http://dd01.datadomain.com)
•
A hostname (http://dd01)
•
An IP address (http://10.5.50.5)
Notes:
•
For a secure login, use https with an authorized certificate
instead of http. When https is used, the browser warns if the
certificate is not authorized.
•
The Enterprise Manager uses HTTP port 80 and HTTPS port
443. If your Data Domain system is behind a firewall, you may
need to enable port 80 if using HTTP or port 443 if using
HTTPS to reach the system. The port numbers can be easily
changed if security requirements dictate.
2. At the login dialog box, enter the login name and password
(assigned during the initial configuration. See the DD OS 5.0
Initial Configuration Guide for details).
3. Click Login. The Enterprise Manager Summary screen appears.
For details on this screen, see DD Network Summary View on
page 39.
4. To log out, click the Log Out link in the top pane.
Note: For added security, you can use HTTPS by clicking the
option “Login using enhanced security” on the log in dialog box.
This may generate warnings by browsers if security certificates
need updated.
38
Getting Started
Clear the Browser Cache
Sometimes the information in the browser cache may override
real-time information in the system. To flush the browser cache:
•
In Firefox, go to Tools > Clear Private Data > Check Cache and
Clear then refresh the page.
•
In Internet Explorer, go to Tools > Internet Options. Click
Delete Files.
About the Enterprise Manager Interface
This section describes the main views of the Enterprise Manager
and its components. The following topics are included in this
sections
•
DD Network Summary View on page 39
•
Single System View on page 40
•
Navigational Pane on page 41
•
Masthead on page 41
•
Informational Pane on page 42
•
Tab Bar on page 42
•
More Tasks Menu on page 43
•
Help Buttons and Menus on page 43
DD Network Summary View
After you complete the login to the Enterprise Manager, the DD
Network Summary view appears (see Figure 2-1: Enterprise
Manager Page Components). This page presents a status overview
of all managed systems in the DD Network devices list and
summarizes key operating information. A tally of alerts and charts
of disk space allow problems to be spotted quickly. See the section
Monitoring with the DD Network Summary on page 141 for more
information about this view.
Clicking the plus sign ( + ) next to the DD Network icon exposes
the systems being managed by the Enterprise Manager.
DD OS 5.0 Administration Guide
39
Note: Systems configured for the Global Deduplication Array
feature also display in this view. See the DD OS 5.0 Global
Deduplication Array Administration Guide for details.
Single System View
After the DD Network entry has been opened (see above), clicking
on a managed system in the Navigational pane displays the Status
> Summary view. The Summary page displays important status
data about the selected system.
This page exposes a full set of tabs on the Menu bar that provide
the tools for configuring and monitoring the selected system. For
more information on understanding this view, see Monitoring a
Single System on page 144.
EM Page Elements
Figure 2-1 and the following sections describe the elements on the
Enterprise Manager pages in detail.
Navigational Pane
Informational Pane
Masthead
Figure 2-1: Enterprise Manager Page Components
40
Getting Started
Navigational Pane
The Navigational pane, always visible on the left edge of the page,
displays a hierarchal tree of Data Domain systems managed by the
Enterprise Manager as well as the Reports and Task Log buttons.
•
Clicking the top-level DD Network icon displays the global
Summary page.
•
Clicking the Add and Remove icons adds and removes system
managed by the Enterprise Manager. See Add a Data Domain
System to the Enterprise Manager on page 55 and Remove a Data
Domain System from the Enterprise Manager on page 56 for
details.
•
Expanding the DD Network and clicking a system in the tree
opens the Status > Summary page, where tabs allow detailed
configuration and monitoring for the selected Data Domain
system.
•
Clicking the Reports button opens a report generator tool and
provides access to saved reports for the selected Data Domain
system. Reports for file system and replication usage statistics
can be generated. See Working with Reports on page 163 for
more information.
•
Clicking the Task Log shows a history of tasks that have been
performed on the Data Domain system you are logged into.
Viewing the Task Log on page 170 for more information.
Masthead
The masthead appears at the top of all pages in the Enterprise
Manager. Starting from the right edge and moving left, it includes:
•
User name—the current logged in user.
•
Log Out icon—click to log out of the current session.
•
Refresh icon—click to refresh the Enterprise Manager display.
•
Help icon—click to view the top-level online help. See Help
Buttons and Menus on page 43 for details.
DD OS 5.0 Administration Guide
41
Informational Pane
The Informational pane displays information about the selected
item in the Navigational pane (either the DD Network or an
individual system). The content may be one or many smaller
panes, depending on the type of view.
At the top of the Informational pane is a bar containing important
information about the system or group selected in the
Navigational pane.
Information includes the full system name, uptime, model
number, and Data Domain operating system (DD OS) version
number.
Tab Bar
When a single system is selected in the Navigational pane, the Tab
bar appears. It contains tabs that provide access to the
configuration and monitoring tools for the system. Many of the
these tabs have their own set of tabs. The top-level set of tabs are:
•
Status—displays important information about the system.
Subtabs include Summary, Alerts, Active Users, and Stats.
•
Data Management—contains subtabs for File System, MTree,
Snapshots, CIFS, NFS, VTL, and DD Boost.
•
Replication—provides data replication monitoring and
management tools.
•
Hardware—provides tabs for monitoring health and statistics
of hardware for Storage, Network, and Chassis.
•
System Settings—provides tabs for Licenses, Access
Management, and General Configuration.
•
Maintenance—provides tabs for System, Support, Logs and
IPMI.
Working with Table View Options
Many of the views with tables of items contain controls for
filtering, navigating and sorting the information in the table.
Some common table controls are:
42
Getting Started
•
Click the diamond icon in a column heading to reverse the sort
order of items in the column.
•
Click the < and > arrows at the bottom right of the view to
move forward or backward through the pages. To skip to the
beginning of the sequence of pages, click<< and to skip to the
end, click >>.
•
Click the Items per Page drop-down arrow to change the
number of entries listed on a page. Choices are 15, 30, or 45
entries.
•
Enter text in the Filter By: text box to search for or prioritize the
listing of those items.
•
Click Update to refresh the list.
•
Click Reset to return to the default listing.
More Tasks Menu
Some pages have a More Tasks drop-down list at the top of the
view that contains tasks related to the configuration and
management of the current view.
Help Buttons and Menus
Help is available globally and from individual panes:
•
Help icon—This icon is always visible on the right side of the
Masthead pane. Click to display online help, which is derived
from this guide.
The Help window includes navigation icons that show the
guide contents, index, favorites, search field, and an option to
send to printer. Use the directional arrows to page through the
sections of the book.
•
Context-sensitive help—Most windows and individual views
have a Help icon (?). Click the icon to open detailed online help
for the current window. The tools described in the Help icon
above are also available.
DD OS 5.0 Administration Guide
43
Using the EM Configuration Wizard
The EM Configuration Wizard is similar in content to the CLIbased Configuration Wizard described in the DD OS 5.0 Initial
Configuration Guide, but provides a graphical interface with
additional configuration options. Once the network connection has
been configured using the CLI-based Configuration Wizard, the
EM Configuration Wizard can be used to modify or add
configuration data.
The configuration modules include:
•
Configure Licenses on page 45
•
Configure the Network on page 45
•
Configure System Settings on page 45
•
Configure CIFS on page 46
•
Configure NFS on page 47
•
Configure DD Boost on page 48
•
Configure VTL on page 49
Note: On a new system, the Configuration Wizard is
automatically run the first time you open the Enterprise Manager.
To open the EM Configuration Wizard:
1. Select a Data Domain system in the Navigational tree and click
the Maintenance tab.
2. Select Launch Configuration Wizard from the More Tasks
menu.
The Configuration Wizard dialog box appears showing the
active Licenses (if any).
The configuration modules are listed in the left pane, and the
center pane shows the selected module details. You move
through the module configuration using the Yes, No, Next and
Back buttons. Use the Quit button to exit the wizard.
44
Getting Started
Configure Licenses
1. The installed licensed features and their license keys display.
You are prompted to add a license.
2. Click No to skip this configuration or Yes to continue.
The Add License Key window displays.
3. Enter the license key in the text box and click Submit.
4. If you need to add additional licenses, continue to select the
Yes option until all licenses have been added.
Configure the Network
1. You are prompted to configure the network. Click No to skip
this configuration or Yes to continue.
2. Determine how the host information is provided, either use
DHCP or manually enter the hostname, domain name, and
gateway IP address. Click Next.
3. Use the checkboxes to enable or disable an interface, and to
determine how an interface is configured—by DHCP or
manually by providing an IP address and netmask. Click Next.
4. Determine how the DNS information is provided, either use
DHCP or manually select an existing DNS IP address or enter
the DNS IP address using the + icon. Click Next.
5. At the Summary, after verifying the information click Submit.
Configure System Settings
1. You are prompted to configure the system settings. Click No to
skip this configuration or Yes to continue.
2. Change the Admin password by entering a new password and
verifying it, and/or add/change an email address for the
Admin user. Use the checkboxes to choose which alert emails
are sent to this email address. Click Next.
3. Add or change the Mail Server address, and use the
checkboxes to subscribe to alert and autosupport emails. Click
Next.
DD OS 5.0 Administration Guide
45
4. At the Summary, after verifying the information click Submit.
Configure CIFS
1. You are prompted to configure CIFS protocol settings. Click
No to skip this configuration or Yes to continue.
2. To configure Workgroup mode:
a. From the Mode drop-down list, select Workgroup.
b. Determine the workgroup in the Workgroup Name text
box.
-
Click the checkbox to use the default CIFS server name.
-
Deselect the checkbox and enter the CIFS server name
in the text box.
3. To configure Active Directory mode:
a. From the Mode drop-down list, select Active Directory.
The active-directory mode joins a Data Domain System to
an active-directory domain.
b. In the Realm Name text box, enter the full realm name for
the system, such as domain1.local.
c. In the Domain Joining Credential area, enter a user name
and password.
Enter either a user on your company’s domain, or a user in
a domain that is a trusted domain of your company. The
user name and password must be compatible with
Microsoft requirements for the Active Directory domain
being joined. This user must have permission to create
accounts in your company’s domain.
d. Click the Advanced tab to set additional information.
e. Optionally, to add Organizational Units, in the
Organizational Unit area, set the name of the
Organizational Unit:
-
46
Click the checkbox to use the default Organizational
Unit
Getting Started
f.
Deselect the checkbox and enter the Organizational
Unit name in the text box.
Optionally, to use DDNS, click the Enable checkbox.
4. In the Shares dialog box:
a. Enter the following information:
Item
Description
Share Name
A descriptive name for the share
Directory Path
The path to the target directory (for
example,
/data/col1/backup/target_dir).
b. Add a client by clicking the plus sign ( + ) in the Clients
area. The Client dialog box appears. Enter the name of the
client in the Client text box and click OK.
No blanks or tabs (white space) characters are allowed.
Repeat this step for each client that you need to configure.
5. At the Summary, after verifying the information click Submit.
Configure NFS
1. You are prompted to configure NFS protocol settings. Click No
to skip this configuration or Yes to continue.
2. In the Exports window, enter a pathname for the export in the
Directory Path text box.
3. In the Clients area, select an existing client or click the + icon to
create a client.
The Clients dialog box appears.
a. Enter a server name in the text box.
Enter fully qualified domain names, hostnames, or IP
addresses. A single asterisk (*) as a wild card indicates that
all backup servers are to be used as clients.
Note: Clients given access to the /data/col1/backup
directory have access to the entire directory. A client given
DD OS 5.0 Administration Guide
47
access to a subdirectory of /data/col1/backup has access
only to that subdirectory.
-
A client can be a fully-qualified domain hostname,
class-C IP addresses, IP addresses with either netmasks
or length, an NIS netgroup name with the prefix @, or
an asterisk (*) wildcard with a domain name, such as
*.yourcompany.com.
A client added to a subdirectory under /data/col/backup
has access only to that subdirectory.
-
Enter an asterisk (*) as the client list to give access to all
clients on the network.
b. Select the checkboxes of the NFS options for the client.
-
Read-only permission.
-
(Default) Requires that requests originate on a port that
is less than IPPORT_RESERVED (1024).
-
Map requests from UID or GID 0 to the anonymous UID
or GID.
-
Map all user requests to the anonymous uid or gid.
-
Use default anonymous UID or GID.
c. Click OK and Next.
4. At the Summary, after verifying the information click Submit.
Configure DD Boost
1. You are prompted to configure DD Boost protocol settings.
Click No to skip this configuration or Yes to continue.
2. Configure DD Boost user information:
a. Change the name of an existing user using the Existing
User menu.
b. Configure a new User Name by entering a user name,
password, and privileges in the associated text boxes.
c. Optionally, change the Storage Unit Name in the text box.
3. At the Summary, after verifying the information click Submit.
48
Getting Started
Configure VTL
1. You are prompted to configure VTL protocol settings. Click No
to skip this configuration or Yes to continue.
2. In the Create Library dialog box, enter the library name,
number of drives, slots, and CAPs, changer model, starting
barcode, and tape capacity. (For details on any of these items,
see Create a Library on page 296). Click Next.
3. In the Create Access Group, select the checkboxes from the
Initiators list and click Next.
4. At the Summary, after verifying the information click Submit.
The configuration is complete and the Configuration Wizard exits.
Using the CLI
The DD OS 5.0 Command Reference Guide provides information for
using the commands to accomplish specific administration tasks.
Each command also has an online help page that gives the
complete command syntax. Help pages are available at the CLI
using the help command.
Any Data Domain system command that accepts a list (such as a
list of IP addresses) accepts entries separated by commas, by
spaces, or both.
The Tab key can be used:
•
to complete a command entry when that entry is unique. Tab
completion is supported for all keywords. For example,
entering syst<Tab> sh<Tab> st<Tab> displays the command
system show stats.
•
to show next available option (if no characters are entered
before pressing the Tab key)
•
to show all the partial matched tokens or completes the entry if
it is unique (when characters are entered before pressing the
Tab key)
DD OS 5.0 Administration Guide
49
Log In to the System Using the CLI
After initial configuration, use the SSH or Telnet (if enabled)
utilities to access the system remotely and open the CLI.
•
From a serial console, use the communication settings 9600
baud, 8 data bits, no parity, and 1 stop bit.
•
From a directly attached keyboard and monitor, log in to the
Data Domain system at the login prompt.
•
From a remote machine over an Ethernet connection, use SSH
or Telnet to connect to the Data Domain system:
•
For SSH, use the following command (with the hostname
you chose for the Data Domain system at initial
configuration) and provide the sysadmin password.
# ssh -l sysadmin hostname
Data Domain OS 5.0.0.0-19899
Password:
Find Online Help for Commands
There are several ways to find help for commands:
•
To list Data Domain system commands, enter a question mark
(?) or the command help at the prompt.
•
To list the options for a particular command, enter the
command with no options at the prompt.
•
To find a keyword used in a command option when you do not
remember which command to use, enter a question mark (?) or
the help command followed by the keyword.
For example, the question mark followed by the keyword
password displays all Data Domain system command options
that include password. If the keyword matches a command,
such as net, then the command explanation appears.
50
•
To display a detailed explanation of a particular command,
enter the help command followed by a command name.
•
Use keyboard shortcuts:
Getting Started
•
Up and down arrow keys to move through a displayed
command
•
The q key to exit
•
A slash character (/) and a pattern to search for lines of
particular interest. Matches are highlighted.
DD OS 5.0 Administration Guide
51
52
Getting Started
3 Managing Data Domain
Systems
This chapter describes how to add Data Domain systems into the
Enterprise Manager and manage their operation.
This chapter includes the following sections:
•
Overview on page 53
•
Managing System Availability on page 55
•
Working with Upgrade Images on page 57
•
Managing System Licenses on page 60
•
Managing System Storage on page 61
•
Managing Network Connections on page 67
•
Managing Access to the System on page 98
•
Managing General Configuration Settings on page 117
•
Managing Reporting and Logging on page 124
•
Working with SNMP on page 121
•
Using IPMI to Control Remote Data Domain Systems on page 133
Overview
The Data Domain system running the Enterprise Manager
automatically displays in the Enterprise Manager Navigational
pane (and cannot be removed from that Enterprise Manager). This
system is known as the Management System.
DD OS 5.0 Administration Guide
53
Other accessible Data Domain system (network accessible and
sysadmin authenticated) can be added to an Enterprise Manager
on any Management System, and is known as a Managed System.
Notes:
•
A Managed System should be managed by only one
Management System at one time.
•
If you are an admin on the Management System you become a
global admin and you can configure and monitor all Managed
Systems.
•
If you are a user on the Management System you become a
global user and you can monitor all Managed Systems.
•
Any system that is part of a Global Deduplication Array can be
added and managed from the EM. For details on working with
systems that are configured for Global Deduplication Array,
see the DD OS 5.0 Global Deduplication Array Administration
Guide.
Table 3-1 recommends the maximum number of systems and user
sessions that can be managed by the Enterprise Manager.
Table 3-1: Maximum Number of Systems and Users Managed by
the Enterprise Manager
Data Domain
System Model
Maximum
Active
Users
Maximum
Logged In
Users
Maximum Data
Domain Systems
4 GB modelsa
5
10
8
8 GB modelsb
10
15
12
16 GB and greater
modelsc
10
20
20
a. Includes DD120, DD140, DD410, DD430, DD510, and DD530
b. Includes DD460, DD560, DD565, DD610, DD630, and DD560g
c. Includes DD580, DD660, DD670, DD690, DD880, DD890,
DD580g, DD670g, DD690g, and DD880g
54
Managing Data Domain Systems
Managing System Availability
The topics in this section include how to:
•
Add a Data Domain System to the Enterprise Manager on page 55
•
Remove a Data Domain System from the Enterprise Manager on
page 56
•
Reboot a Data Domain System on page 56
•
Power Off a Data Domain System on page 57
Add a Data Domain System to the Enterprise
Manager
Note: Make sure the Data Domain system being added is running
a DD OS version that is compatible with the Enterprise Manager.
1. Click the + Add icon on the Navigational pane.
The Add System(s) dialog box appears.
2. In the System Name text box, enter a hostname or IP address of
the system to be added.
Note: A Data Domain system should be added to and
managed by only one Enterprise Manager.
3. In the Administration Credentials, enter the sysadmin user
name in the User Name text field, followed by the password.
4. Optionally, click Advanced to enter a Proxy IP address (or
system name) of a system that cannot be reached directly. If
configured, enter a Custom Port instead of the default port
3009.
5. Click OK.
Note: If the system is unreachable after adding it to the
Enterprise Manager, ensure the following:
•
If a hostname (either a fully-qualified domain name
(FQDN) or non-FQDN) is entered, make sure it is
resolvable on the Enterprise Manager Data Domain system
(that is, either configure a domain name for the Enterprise
Manager Data Domain system, ensure a DNS entry for the
DD OS 5.0 Administration Guide
55
system exists, or ensure IP address to hostname mapping is
defined).
•
If an IP address or hostname is entered, ensure there is a
route from the Enterprise Manager Data Domain system to
the Data Domain system being added.
6. If the system certificate has not been verified, the Verify
Certificate dialog box displays, showing details about
certificate. Check the system credentials and click OK if you
trust the certificate or Cancel to abort.
Remove a Data Domain System from the
Enterprise Manager
Note: Removing a system only removes it from the DD Network
list. It does not delete any replication context configure to or from
that system.
To remove a system (other than the system hosting the Enterprise
Manager):
1. Click the X Remove icon on the Navigational pane.
The Remove System(s) dialog box appears.
2. Click the checkbox of the system or systems to be removed:
•
To remove all systems, click the box next to System.
•
To remove one or more specific systems, click the box next
to the name of the system.
3. Click OK.
Note: If only the Enterprise Manager host system is present,
clicking the X Remove icon displays the message No removable
systems found on Enterprise Manager.
Reboot a Data Domain System
1. Click a system in the Navigational pane.
2. Click Maintenance > System.
3. Click the More Tasks menu and select Reboot System.
56
Managing Data Domain Systems
4. Click OK at the Reboot System confirmation dialog box.
Power Off a Data Domain System
The system can be powered down only from the CLI. To shut
down power to the Data Domain system, use the system
poweroff command. The command automatically performs an
orderly shut down of DD OS processes. The command is available
to administrative users only.
Caution: Do not use the chassis power switch to power off the
system. Doing so will prevent the ability of the system to be
remotely powered up using IPMI. Use the following command
instead.
# system poweroff
The ‘system poweroff’ command shuts down the system
and turns off the power.
Continue? (yes|no|?) [no]:
Note: The IMPI Remote System Power Down feature does not
perform an orderly shutdown of the DD OS.
Working with Upgrade Images
When the Data Domain system needs to be upgraded to a newer
major release version (for example 5.1), the Enterprise Manager
provides a link to the Data Domain Support Web site where the
image can be located and downloaded to a local system. From
there, the image can be uploaded to the Data Domain controller,
where the upgrade can be performed from the EM.
To work with upgrade packages, you can:
•
List Upgrade Packages on page 58
•
Upload Upgrade Packages on page 58
•
Upgrade a Data Domain System on page 59
•
Remove an Upgrade Image on page 60
DD OS 5.0 Administration Guide
57
List Upgrade Packages
The Maintenance > System view provides a list of upgrade images
(.rpm files) currently stored on the Data Domain controller in the
Upgrade Packages Available on the Data Domain System pane.
The Upgrade Packages Available on the Data Domain system pane
lists the following information for an image:
Item
Description
File Name
The name of the .rpm file stored on the
system.
Size
The size of the .rpm file.
Last Modified
The date the .rpm file was last changed
(for example, if the image was touched).
Upload Upgrade Packages
To connect to the Data Domain Support Web site and obtain an
upgrade package:
1. Click a system in the Navigational pane.
2. Click Maintenance > System.
3. At the bottom of the Upgrade Packages Available on the Data
Domain System pane, click Upload Upgrade Package.
The Upload Upgrade Package dialog box displays.
Note: A maximum of five upgrade packages can be uploaded
using the Enterprise Manager. To continue with this
procedure, remove the excess images (see Remove an Upgrade
Image on page 60).
There are no restrictions, other than space limitations, if you
use FTP or NFS to copy an upgrade package to the Data
Domain system. (FTP is disabled by default; to use NFS /ddvar
needs to be exported and mounted from an external host).
4. To obtain an upgrade package from the Data Domain Support
site, click the Data Domain Support Portal link. Log in to the
site and use the Download Software link to navigate to the
image recommended for your system by Support personnel.
58
Managing Data Domain Systems
Save the upgrade image to a local computer with access to the
Data Domain system.
5. In the Upload Upgrade Package dialog box, click Browse to
open the File Upload dialog box. Navigate to the system with
the file, select the file, and click Open.
6. Click OK.
Progress on the status of the upload appears in the dialog box.
On successful completion of the upload, the new .rpm will be
listed in the Upgrade Packages Available on the Data Domain
system pane.
Upgrade a Data Domain System
To perform a system upgrade with an image that resides on the
Data Domain system:
1. Log in to the system where the upgrade is to be performed.
You cannot select the system from the DD Network device list
while logged in on another system.
2. From the Upgrade Packages Available on this Data Domain
System list, click in the checkbox of the image to use for the
upgrade.
3. Click Perform System Upgrade.
The Upgrade System dialog box appears.
4. Verify the version of the target image (the upgrade image) and
click OK.
A progress dialog box appears and advises the system will
need to reboot to complete the upgrade. During the reboot, the
connection with the system will be lost.
Once the reboot completes, log back into the system.
DD OS 5.0 Administration Guide
59
Remove an Upgrade Image
To remove a system upgrade image that resides on the Data
Domain system:
1. From the Upgrade Packages Available on this Data Domain
System list, click the checkbox of one or more images to
remove.
2. Click Remove Upgrade Package.
Managing System Licenses
Optional features for the Data Domain system are licensed and
must be purchased separately. See Licensed Features on page 32 for
a list of licensed products. The following procedures describe how
to display and enable licenses.
•
Display Licenses on page 60
•
Add Licenses on page 60
•
Remove Licenses on page 61
Display Licenses
1. In the Navigational pane, expand the DD Network and select a
system.
2. Click the System Settings > Licenses tabs.
The Licensed Features pane appears, showing the list of license
keys and features.
Add Licenses
To add a feature license:
1. In the Licensed Features pane, click Add.
The Add License Key dialog box displays.
2. In the License Key text box, enter the license key.
3. Click OK.
60
Managing Data Domain Systems
The added license displays in the license list.
Remove Licenses
To remove a feature license:
1. In the Licensed Features pane, click a checkbox next to one or
more licenses you wish to remove and click Delete.
2. Click OK.
The deleted licenses are removed from the license list.
Managing System Storage
The Storage view provides a way of organizing the Data Domain
system storage so that disks can be viewed by usage type (Active,
Archive, Failed, and so on), operational status, and location. This
includes internal system storage and systems configured with
external disk shelves— the status and inventory are shown for all
enclosures, disks, and RAID groups. As well, the system is
automatically scanned and inventoried so all storage is shown in
the Storage view.
Managing system storage includes:
•
View System Storage Information on page 61
•
Physically Locating a Disk on page 66
•
Configuring Storage on page 67
View System Storage Information
To open the Storage view:
1. Select the Data Domain system in the Navigational pane.
2. Click the Hardware > Storage tabs.
The Storage view appears.
The Storage view Status area shows the current status of the
storage (such as Operational or Non-Operational) and any
active alerts (these can be clicked to view alert details).
DD OS 5.0 Administration Guide
61
Below the Status area are tabs that organize how the storage
inventory is presented:
•
Storage Overview on page 62
•
Status View on page 64
•
Disks View on page 66
The Status area presents the following information.
Item
Description
Status
The status of the storage system can be:
• Normal—System operational (green). All disks in the
system are in good condition.
• Warning—System operational (yellow). The system is
operational, but there are problems that need to be
corrected. Warnings may result from a degraded
RAID group, presence of foreign storage, or failed or
absent disks.
• Error—System non-operational (red). The system is
not operational.
Operational Drives
Count of drives operating normally:
• Total—Total number of drives operating.
• In-Use—Number of drives the system is using.
• Spare—Number of spare drives (that can be activated
if an in-use disk fails).
Non-Operational Drives
Count of drives that are not operating normally.
• Total—Total number of non-operational drives.
• Failed—Number of known failed drives.
• Absent—Number of slots without drives.
• Foreign—Number of foreign or unsupported drives.
• Unknown—Number of new disks in a shelf.
Storage Overview
The Overview area displays information for all disks in the
selected Data Domain system organized by type. The categories
that display are dependent on the type of storage configuration in
use. The Overview section lists the storage that is found, and can
62
Managing Data Domain Systems
include the following sections, each of which is expandable to
display detailed information:
•
Active Tier—Disks in the Active Tier are currently marked as
usable by the Data Domain file system. Sections are organized
by Disks in Use and Disks Not in Use.
•
Archive Tier—If the optional archive feature is installed, this
section shows the disks that are configured for archival
storage. Sections are organized by Disks in Use and Disks Not
in Use. For more information, see the DD860 Archiver
Administrator Guide.
•
Usable Enclosures—For systems with optional enclosures, this
section shows the enclosures that can be added to the system.
•
Fail/Foreign/Absent Disks (Excluding Systems Disks)—
Shows the disks that are in a state that cannot be added to the
system Active or Archive area.
•
Systems Disks—Shows the disks where the DD OS resides
when the Data Domain controller does not contain data storage
disks.
Each section heading displays a summary of the storage
configured for that section. The Summary shows tallies for the
total number of disks, disks in use, spare disks, reconstructing
spare disks, available disks and known disks.
Clicking the + icon for a section reveals tables presenting
information about the status and content of the storage present.
Sections with the Disks In Use section show the Disk Group Status
tallies and a table with the following information:
Item
Description
Disk Group
The name of the disk group that was created by the file
system (for example, dg1).
Status
The status of the disk (for example Normal, Warning).
Disks Reconstructing
The disks that are undergoing reconstruction, by disk
ID (for example, 1.11).
Total Disks
The total number of usable disks (for example, 14).
Disks
The disk IDs of the usable disks (for example, 2.1-2.14)
DD OS 5.0 Administration Guide
63
Sections with a Disks Not in Use section show the Disks Status
tallies and a table with the following information:
Item
Description
Disk
The disk identifier. It can be:
• The enclosure and disk number (in the form
Enclosure.Slot).
• A gateway disk (devn).
• A LUN.
Status
The status of the disk, for example In Use, Available,
Spare.
Size
The data storage capacity of the disk when used in a
Data Domain system.a
Manufacturer/Model
The manufacturer’s model designation. The display
may include a model ID or RAID type or other
information depending on the vendor string sent by the
storage array.
Firmware
The firmware level used by the third-party physicaldisk storage controller.
Serial Number
The manufacturer’s serial number for the disk.
a. The Data Domain convention for computing disk space defines one gibibyte as 230
bytes, giving a different disk capacity than the manufacturer’s rating.
Status View
The Status view shows the Disks Status table and the
Reconstructing table.
The Disks Status table presents the following information:
Item
Description
Total
The total number of inventoried disks in the Data
Domain system (including enclosures and gateway
storage).
In Use
The number of disks currently in use by the file system.
Spare
The number of spare disks (available to replaced failed
disks).
64
Managing Data Domain Systems
Item
Description
Spare (reconstructing)
The number of disks that are in the process of data
reconstruction (spare disks replacing failed disks).
Available
The number of disks that are available for allocation to
and Active or Archive storage tier.
Known
The number of known unallocated disks.
Unknown
The number of unknown unallocated disks.
Failed
The number of failed disks.
Foreign
The number of foreign disks.
Absent
The number of absent disks.
The Reconstructing table presents the following information:
Item
Description
Disk
Identifies disk being reconstructed. Disk labels are of
the format enclosure.disk. Enclosure 1 is the Data
Domain system, and external shelves start numbering
with enclosure 2. For example, the label 3.4 is the fourth
disk in the second shelf.
Disk Group
Shows the RAID group (dg#) for the reconstructing
disk.
Tier
The name of the tier where the failed disk is being
reconstructed.
Time Remaining
The amount of time before the reconstruction is
complete.
Percentage Complete
The percentage of reconstruction that has been
completed.
When a spare disk is available, the Data Domain file system
automatically replaces a failed disk with a spare and begins the
reconstruction process to integrate the spare into the RAID disk
group. The disk use displays Spare and the status becomes
Reconstructing.
Reconstruction is performed on one disk at a time. If more than
one disk is to be reconstructed, the disks waiting for reconstruction
show as Spare until reconstruction starts.
DD OS 5.0 Administration Guide
65
Disks View
Use the radio buttons to select how the disks are viewed—by All
Disks or by Tier, or by disk group.
The Disks view lists all the system disks in a scrollable table with
following information .
Item
Description
Disk
The disk identifier. It can be:
• The enclosure and disk number (in the form
Enclosure.Slot).
• A gateway disk (devn).
• A LUN.
Status
The status of the disk (for example In Use, Spare).
Manufacturer/Model
The manufacturer’s model designation. The display
may include a model ID or RAID type or other
information depending on the vendor string sent by the
storage array.
Firmware
The firmware level used by the third-party physicaldisk storage controller.
Serial Number
The manufacturer’s serial number for the disk.
Physically Locating a Disk
To locate a disk (for example, when a failed disk needs to be
replaced):
1. Select the Data Domain system in the Navigational pane.
2. Click the Hardware > Storage > Disks tabs.
The Disks view appears.
3. Select a disk from the Disks table and click Beacon.
The Beaconing Disk dialog window appears, and the LED light
on the disk begins flashing.
4. Click Stop to stop the LED beaconing.
66
Managing Data Domain Systems
Configuring Storage
To move system storage from available to active area or vise versa:
1. Select a system in the Navigational pane.
2. Click the Hardware > Storage > Overview tabs.
3. Click Configure Storage.
The Configure Storage dialog window appears.
4. In the Available Storage area, select the checkboxes of the
storage devices to use and click Add to Tier or Remove from
Tier.
System storage must be moved from the Available Storage area
to the Active Tier storage area before the file system can be
created.
Storage may be moved from Active to Available to keep in
reserve.
5. Click OK and Close in the progress dialog box.
Managing Network Connections
The Network view presents status and configuration information
about the system’s Ethernet interfaces. It contains the Interfaces
view, Settings view, and Routes view.
Use the following topics to manage network connections:
•
Configuring Network Interfaces on page 68
•
Configuring Network Settings on page 89
•
Configuring Routes on page 94
The Network view provides a means to:
•
Configure network interfaces so that Data Domain system is
available for management and backup activities over network.
•
Configure network interfaces to maximize throughput and be
highly available.
DD OS 5.0 Administration Guide
67
•
Name the Data Domain system in the network environment
and resolve names of other systems in the environment.
•
Isolate backup/near line traffic in shared network
environments.
•
View all the network related settings.
•
Troubleshoot and diagnose network issues.
Configuring Network Interfaces
This section provides an overview of the types of connections,
physical and virtual, and how they are used to create VLANs, IP
aliases, and bonded interfaces for Data Domain system network
interface options.
This section includes the following tasks:
•
View Interface Information on page 68
•
Configure Physical Interfaces on page 71
•
Configuring Virtual Interfaces on page 73
•
Configuring a VLAN on page 83
•
Configuring an IP Alias on page 85
•
Registering a DDNS on page 87
•
Destroying an Interface on page 88
•
View an Interface Hierarchy with the Tree View on page 88
View Interface Information
The Interfaces view allows you to manage and configure virtual
interfaces, DHCP, DDNS, and IP addresses, and displays network
information and status.
To display the Interfaces view:
1. In the Navigational tree, select the Data Domain system to
view or configure.
2. Click the Hardware > Network tab.
68
Managing Data Domain Systems
The Network view appears, containing the Interfaces, Settings,
and Routes tabs.
The Interfaces table presents the following information.
Item
Description
Interface
The name of each interface associated with the selected Data
Domain system. Physical interfaces names start with eth.
Virtual interface names start with veth.
Enabled
Whether the interface is enabled.
• Select Yes to enable interface and connect it to the
network.
• Select No to disable interface and disconnect it from the
network.
Type
When the interface is part of a Global Deduplication Array
configuration, shows the value Cluster, otherwise, shows
N/A.
DHCP
Indicates if the interface is configured with an IP address
from a DHCP (Dynamic Host Configuration Protocol)
server (Yes/No).
IP Address
IP address associated with the interface. The address used
by the network to identify the interface. If the interface is
configured through DHCP, an asterisk appears after this
value.
Netmask
Netmask associated with the interface. Uses the standard IP
network mask format. If the interface is configured through
DHCP, an asterisk appears after this value.
Link
Whether the interface currently has a live Ethernet
connection (Yes/No).
Additional Info
Additional settings for the interface. For example, the
bonding mode.
Intelligent Platform Management Interface (IPMI)
Yes/No
Indicates if IPMI health and management monitoring is
configured for the interface.
View IPMI Interfaces Links to the Maintenance > IPMI configuration tab.
3. Select an interface in the table to populate the Interface Details
area.
DD OS 5.0 Administration Guide
69
The Interface Details area shows the following information:
Item
Description
Interface Name
Name of the selected interface.
Hardware Address
The MAC address of the selected interface. For example,
00:02:b3:b0:8a:d2
Cable
Shows whether the interface is Copper or Fiber.
MTU
MTU (Maximum Transfer Unit) value assigned to the
interface.
Autonegotiate
When the interface is configured to automatically negotiate
Speed and Duplex settings. Options are Enabled or
Disabled. If autonegotiate is Disabled, then Speed and
Duplex values are manually set.
Duplex
Protocol used in conjunction with Speed value, sets data
transfer protocol. Options are Unknown, Full, Half.
Speed
Used in conjunction with Duplex value, sets rate of data
transfer. Options are Unknown, 10 Mb/s, 100 Mb/s,
1000 Mb/s, 10 Gb/s.
Supported Speeds
Lists all the speeds the interface is capable of using.
Filter the Interfaces Table
The Interfaces table can be filtered by either:
•
Interface Name—Enter an interface name and click Update
to filter the Interface view.
•
Interface Type— Select an interface type and click Update
to filter to Interface view. The value All displays physical,
virtual (Failover and Aggregate), VLAN, and IP Alias
interfaces.
To filter the Interfaces table:
1. Enter a value in the Interface Name field or select a value from
the Interface Type menu.
Filters support wildcards, such as eth*, veth*, or eth0*
2. Click Update.
3. To return the interfaces table to the default listing, click Reset.
70
Managing Data Domain Systems
Configure Physical Interfaces
1. From the Navigational pane, select the Data Domain system to
configure.
2. Click the Hardware > Network > Interfaces tab.
3. Select an interface to configure.
4. Click Configure.
The Configure Interface dialog box appears.
5. Determine how the interface IP address is to be set:
•
Use DHCP to assign the IP address—in the IP Settings
pane, click the radio button Obtain Settings using DHCP.
Setting a physical interface to DHCP automatically enables
the interface.
•
Specify IP Settings manually—in the IP Settings pane, click
the radio button Manually configure IP Address.
The IP Address and Netmask fields become active.
a. Enter an IP Address.
The Internet Protocol (IP) Address is the numerical label
assigned to the interface. For example, 192.168.10.23
b. Enter a Netmask address.
The Netmask is the subnet portion of the IP address that is
assigned to the interface. If the interface is configured through
DHCP, an asterisk appears after this value.
Format is typically 255.255.255.###, where the ### are the
values that identify the interface. If you do not specify a
netmask, the Data Domain system uses the netmask format
is determined by the TCP/IP address class (A,B,C) you are
using.
6. Specify Speed/Duplex settings.
The combination of speed and duplex settings define the rate
of data transfer through the interface. Select one of these
options:
DD OS 5.0 Administration Guide
71
•
Autonegotiate Speed/Duplex — Select this option to allow
the network interface card to autonegotiate the line speed
and duplex setting for an interface.
•
Manually configure Speed/Duplex — Select this option to
manually set an interface data transfer rate. Select the
speed and duplex from the drop-down lists.
-
Duplex options are half-duplex or full-duplex.
-
Speed options listed are limited to the capabilities of the
hardware device. Options are 10 Base-T, 100 Base-T,
1000 Base-T (Gigabit), and 10,000 (10 Gb).
-
Half-duplex is only available for 10 Base-T and 100
Base-T speeds.
-
1000 and 10000 line speeds require full-duplex.
-
Optical interfaces require the Autonegotiate option.
-
Copper interface default is 10 Gb. If a copper interface is
set to 1000 or 10000 line speed, duplex must be fullduplex.
7. Specify the MTU (Maximum Transfer Unit) size for the
physical (Ethernet) interface.
Supported values are from 350 to 9014. For 100 Base-T and
gigabit networks, 1500 is the standard default.
Notes:
•
Click the Default button to return the setting to the default
value.
•
Ensure that all of your network components support the
size set with this option.
8. Optionally, select Dynamic DNS Registration option.
Dynamic DNS (DDNS) is the protocol that allows machines on
a network to communicate with, and register their IP address
on, a Domain Name System (DNS) server.
The DDNS must be registered to enable this option. Refer to
Registering a DDNS on page 87 for additional information.
Note: This option disables DHCP for this interface.
72
Managing Data Domain Systems
9. Click Next.
The Configure Interface Settings summary page appears. The
values listed reflect the new system and interface state, which
are applied on Finish.
10. Click Finish and OK.
Configuring Virtual Interfaces
The following describes how to create virtual interfaces:
•
Create a Virtual Interface for Failover on page 76
•
Creating a Virtual Interface for Link Aggregation on page 79
Before creating a virtual interface, become familiar with the
applicable guidelines:
•
Guidelines for Configuring Virtual Interfaces on page 73
•
Guidelines for Configuring a Virtual Interface for Failover on
page 75
•
Guidelines for Configuring a Virtual Interface for Link Aggregation
on page 79
Guidelines for Configuring Virtual Interfaces
The following considerations apply to both failover and aggregate
virtual interfaces. When you create a virtual interface:
•
The virtual-name must be in the form vethx where x is a
number.
•
You can create as many virtual interfaces as there are physical
interfaces.
•
The physical-name must be in the form ethx where x is an
alphanumeric string. For example, eth0a.
•
Each interface used in a virtual interface must first be disabled.
An interface that is part of a virtual interface is seen as disabled
for other network configuration options.
•
A virtual interface needs an IP address that is set manually.
DD OS 5.0 Administration Guide
73
•
After a virtual interface has been destroyed, the physical
interfaces associated with it remain disabled. You must
manually re-enable the physical interfaces.
•
The number and type of cards installed determines the number
of Ethernet ports available.
•
Each physical interface can belong to at most one virtual
interface.
•
The recommended number of physical interfaces used in
aggregation is two.
•
All interfaces in a virtual interface must be on the same subnet
and on the same LAN, and for aggregation, on a non-Intel
10 Gb card. Network switches used by a virtual interface must
be on the same subnet.
•
A system can have multiple and mixed failover and
aggregation virtual interfaces, subject to the restrictions above.
•
Virtual interfaces must be created from identical physical
interfaces. For example, all copper, all optical, all 1 Gb, or all
10 Gb. However, 1 Gb interfaces support bonding a mix of
copper and optical interfaces.
•
Failover and aggregate links improve network performance
and resiliency by using two to four network interfaces in
parallel, thus increasing the link speed and reliability over that
of a single interface.
•
Remove functionality is available using the Configure button.
Choose a virtual interface from the list of interfaces in the
interface tab, click the Configure button, then from list of
interfaces in the dialog that appears, uncheck the interface to
remove it from bonding (failover or aggregate) and click Next.
Interface Naming Changes
The physical interface name for Data Domain OS versions prior to
4.9 is ethx where x is a number from 0 to 5. Numbering is
sequential without gaps. Starting with Data Domain OS version 4.9
and later, the interface naming format is ethslot #[a-d].
74
Managing Data Domain Systems
The DDOS 4.9 naming uses the following method:
•
For on-board NIC vertical interfaces, the top interface is named
eth0a and the bottom interface is eth0b.
•
For on-board NIC horizontal interfaces, the left interface as
viewed from the rear, is named eth0a and the right is named
eth0b.
•
For optional cards whether they are installed vertical or
horizontal, the top interface at the top of the card is ethxa, the
next is ethxb, the next is ethxc, and so on until the bottom of the
card (where x is the slot number).
This ensures:
•
A deterministic way to identify the correct physical link from
the logical link.
•
That the interface names do not change if cards are added or
removed.
•
That the interface name is not dependent on the type of cards
in the system.
The following systems, if they are running DDOS version 4.9, can
use the DDOS version 4.9 interface naming: DD880, DD880g,
DD670, DD690, DD690g, DD660, DD630, DD610, DD140.
If the interface names are changed to the DDOS 4.9 naming
structure, associated configuration names are changed as well. For
example, eth1.236 becomes eth0a.236, eth1 and eth0 bonded to
veth1 becomes eth0a and eth0b bonded to veth1.
Virtual interfaces do not need to use the DDOS 4.9 naming
structure, although the slaves are renamed. So the virtual
interfaces continue to be veth0, veth1, etc. Note, starting with
DDOS version 4.8 the virtual interfaces can be completely removed
from the list of interfaces by the use of the destroy option.
Guidelines for Configuring a Virtual Interface for Failover
Ethernet failover provides improved network stability and
performance. A failover from one physical interface to another can
take up to 30 seconds. The delay is to guard against multiple
failovers when a network is unstable.
DD OS 5.0 Administration Guide
75
The failover-enabled virtual interface represents a group of
secondary physical interfaces, one of which can be specified as the
primary. The system makes the primary interface the active
interface whenever the primary interface is operational.
While planning, consider the following supported guidelines:
•
A primary interface must be part of the failover. If an interface
is removed from a failover, a warning message is sent.
•
When a primary interface is used in a failover configuration, it
must be explicitly specified and must also be a slave to the
virtual interface. If the primary interface goes down and
multiple interfaces are still available, the next interface used is
a random choice.
•
All interfaces in a virtual interface must be on the same subnet
and on the same LAN. Network switches used by a virtual
interface must be on the same subnet.
•
The recommended number of physical interfaces for failover is
two. However, you can configure one primary interface and up
to five failover interfaces (except with 10 Gb copper Ethernet
cards, which are restricted to one primary interface and one
failover interface, and with the 10 Gb optical Ethernet cards,
which cannot be used).
Create a Virtual Interface for Failover
To create a virtual interface:
1. From the Navigational pane, select the Data Domain system to
configure.
2. Click the Hardware > Network > Interfaces tabs.
3. In the Interfaces table, disable the physical interface where the
virtual interface is to be added by clicking No in the Enabled
column.
4. From the More menu, select Virtual Interface.
The Create Virtual Interface dialog box appears.
5. Specify a virtual interface name in the veth text box.
Enter a virtual interface name in the form vethx, where x is a
unique ID (typically one or two digits). A typical full virtual
76
Managing Data Domain Systems
interface name with VLAN and IP Alias is veth56.3999:199.
The maximum length of the full name is 15 characters. Special
characters are not allowed. Numbers must be between 0 and
9999.
6. Select Failover from the Bonding Type drop-down list.
Note: Registry settings can be different from the bonding
configuration. When interfaces are added to the virtual
interface, the information is not sent to the bonding module
until the virtual interface is brought up. Until that time the
registry and the bonding driver configuration are different.
7. In the area Select an interface to add to the failover
configuration, click the checkbox corresponding to the
interface and click Next.
The Create virtual interface veth_name dialog appears.
8. Enter an IP Address.
The Internet Protocol (IP) Address is the numerical label
assigned to the interface. For example, 192.168.10.23
9. Enter a Netmask address.
The Netmask is the subnet portion of the IP address that is
assigned to the interface.
Format is typically 255.255.255.###, where the ### are the
values that identify the interface. If you do not specify a
netmask, the Data Domain system uses the netmask format is
determined by the TCP/IP address class (A,B,C) you are using.
10. Specify Speed/Duplex options.
The combination of speed and duplex settings define the rate
of data transfer through the interface. Select either:
•
Autonegotiate Speed/Duplex — Select this option to allow
the network interface card to autonegotiate the line speed
and duplex setting for an interface.
•
Manually configure Speed/Duplex — Select this option to
manually set an interface data transfer rate.
-
Duplex options are half-duplex or full-duplex.
DD OS 5.0 Administration Guide
77
-
Speed options listed are limited to the capabilities of the
hardware device. Options are 10 Base-T, 100 Base-T,
1000 Base-T (Gigabit), and 10,000 (10 Gb).
-
Half-duplex is only available for 10 Base-T and 100
Base-T speeds.
-
1000 and 10000 line speeds require full-duplex.
-
Optical interfaces require the Autonegotiate option.
-
Copper interface default is 10 Gb. If a copper interface is
set to 1000 or 10000 line speed, duplex must be fullduplex.
11. Specify MTU Settings.
This sets the Maximum Transfer Unit (MTU) size for the
physical (Ethernet) interface. Supported values are from 350 to
9014. For 100 Base-T and gigabit networks, 1500 is the standard
default.
Notes:
•
Click the Default button to return the setting to the default
value.
•
Ensure that all of your network components support the
size set with this option.
12. Optionally, select Dynamic DNS Registration option.
Dynamic DNS (DDNS) is the protocol that allows machines on
a network to communicate with, and register their IP address
on, a Domain Name System (DNS) server.
The DDNS must be registered to enable this option. Refer to
Registering a DDNS for additional information.
Note: This option disables DHCP for this interface.
13. Click Next.
The Configure Interface Settings summary page appears. The
values listed reflect the new system and interface state.
14. Complete the Interface, click Finish and OK.
78
Managing Data Domain Systems
Guidelines for Configuring a Virtual Interface for Link
Aggregation
Link aggregation provides improved network performance and
resiliency by using two to four network interfaces in parallel, thus
increasing the link speed and reliability over that of a single
interface. For example, enable link aggregation on virtual interface
veth1 to physical interfaces eth1 and eth2 in mode LACP and
hash XOR-L2.
While planning interface link aggregation, consider the following
supported guidelines:
•
The recommended number of physical interfaces used in
aggregation is two.
•
Changes to disabled Ethernet interfaces flush the routing table.
Data Domain recommends making interface changes only
during scheduled maintenance downtime. After making
interface changes, reconfigure the routing rules and gateways.
•
Enable aggregation on an existing virtual interface by
specifying the physical interfaces and mode.
Creating a Virtual Interface for Link Aggregation
To create a virtual interface for link aggregation:
1. From the Navigational pane, select the Data Domain system to
configure.
2. Click the Hardware > Network > Interfaces tabs.
3. In the Interfaces table, disable the physical interface where the
virtual interface is to be added by clicking No in the Enabled
column.
4. From the More menu, select Virtual Interface.
The Create Virtual Interface dialog box appears.
5. Specify a virtual interface name in the veth text box.
Enter a virtual interface name in the form vethx, where x is a
unique ID (typically one or two digits). A typical full virtual
interface name with VLAN and IP Alias is veth56.3999:199.
The maximum length of the full name is 15 characters. Special
DD OS 5.0 Administration Guide
79
characters are not allowed. Numbers must be between 0 and
9999.
6. Select Aggregate from the Bonding Type drop-down list.
Note: Registry settings can be different from the bonding
configuration. When interfaces are added to the virtual
interface the information is not sent to the bonding module
until the virtual interface is brought up. Until that time the
registry and the bonding driver configuration are different.
7. From the General tab, specify the Bonding Mode.
Specify the mode that is compatible with the requirements of
the system to which the interfaces are directly attached.
Available modes are:
•
Round-robin — Transmit packets in sequential order from
the first available link through the last in the aggregated
group.
•
Balanced —Data is sent over interfaces as determined by
the hash method selected. This requires the associated
interfaces on the switch to be grouped into an Ether
channel (trunk).
•
LACP —Line Aggregate Control Protocol. This is similar to
Balanced except it has a control protocol that
communicates to the other end and coordinates what links
within the bond are available to use. In a sense it provides
heartbeat failover.
8. Specify Bonding Hash.
From the General tab, select from the Bonding Hash menu.
Options are: the Layer 2 (L2)or Layer 3/Layer 4 (L3L4).
Layer 2
(XOR-L2)
80
Transmit based on static balanced and
LACP mode aggregation with an XOR hash
of Layer 2 (inbound and outbound MAC
addresses).
Managing Data Domain Systems
Layer
Transmit based on static balanced and
2/Layer
LACP mode aggregation with an XOR hash
3(XOR-L2L3) of Layer 2(inbound and outbound IP
address) and Layer 3(inbound and
outbound interface numbers).
Layer
3/Layer 4
(XOR-L3L4)
Transmit based on static balanced and
LACP mode aggregation with an XOR hash
of Layer 3 (inbound and outbound IP
address) and Layer 4 (inbound and
outbound interface numbers).
9. Select an interface to add to the aggregate configuration by
clicking the checkbox corresponding to the interface, and then
click Next.
The Create virtual interface veth_name dialog appears.
10. Enter an IP Address.
The Internet Protocol (IP) Address is the numerical label
assigned to the interface. For example, 192.168.10.23
11. Enter a Netmask address.
The Netmask is the subnet portion of the IP address that is
assigned to the interface.
Format is typically 255.255.255.###, where the ### are the
values that identify the interface. If you do not specify a
netmask, the Data Domain system uses the netmask format is
determined by the TCP/IP address class (A,B,C) you are using.
12. Specify Speed/Duplex options.
Note: Aggregation is not currently available for Intel Network
Interface Cards (NICs).
The combination of speed and duplex settings define the rate
of data transfer through the interface. Select either:
•
Autonegotiate Speed/Duplex — Select this option to allow
the network interface card to autonegotiate the line speed
and duplex setting for an interface.
•
Manually configure Speed/Duplex — Select this option to
manually set an interface data transfer rate.
DD OS 5.0 Administration Guide
81
-
Duplex options are half-duplex or full-duplex.
-
Speed options listed are limited to the capabilities of the
hardware device. Options are 10 Base-T, 100 Base-T,
1000 Base-T (Gigabit), and 10,000 (10 Gb).
-
Half-duplex is only available for 10 Base-T and 100
Base-T speeds.
-
1000 and 10000 line speeds require full-duplex.
-
Optical interfaces require the Autonegotiate option.
-
Copper interface default is 10 Gb. If a copper interface is
set to 1000 or 10000 line speed, duplex must be fullduplex.
13. Specify MTU Settings.
This sets the Maximum Transfer Unit (MTU) size for the
physical (Ethernet) interface. Supported values are from 350 to
9014. For 100 Base-T and gigabit networks, 1500 is the standard
default.
Notes:
•
Click the Default button to return the setting to the default
value.
•
Ensure that all of your network components support the
size set with this option.
14. Optionally, select Dynamic DNS Registration option.
Dynamic DNS (DDNS) is the protocol that allows machines on
a network to communicate with, and register their IP address
on, a Domain Name System (DNS) server.
The DDNS must be registered to enable this option. Refer to
Registering a DDNS on page 87 for additional information.
15. Click Next.
The Configure Interface Settings summary page appears. The
values listed reflect the new system and interface state.
16. Click Finish and OK.
82
Managing Data Domain Systems
Modifying a Virtual Interface
To modify settings on an existing virtual interface:
1. From the Navigational pane, select the Data Domain system to
configure.
2. Click the Hardware > Network > Interfaces tabs.
3. In the Interfaces column, select the checkbox of the interface
and disable the virtual interface by clicking No in the Enabled
column and click OK in the warning dialog box.
4. In the Interfaces column, select the checkbox of the interface
and click Configure.
The Configure Virtual Interface dialog box appears.
5. Change the settings that are described in the procedures Create
a Virtual Interface for Failover on page 76 or Creating a Virtual
Interface for Link Aggregation on page 79.
6. Click Next and Finish.
Configuring a VLAN
Create a new VLAN interface from either a physical interface or a
virtual interface.
The recommended total number that can be created is 80, though it
is possible to create up to 100 interfaces before the system is
affected.
1. From the Navigational pane, select the Data Domain system to
configure.
2. Click the Hardware > Network > Interfaces tabs.
3. Click Create and select the VLAN option.
The Create VLAN dialog box appears.
4. Specify a VLAN ID by entering a number in the ID field.
The range of a VLAN ID is between 1 and 4095.
5. Enter an IP Address.
DD OS 5.0 Administration Guide
83
The Internet Protocol (IP) Address is the numerical label
assigned to the interface. For example, 192.168.10.23
6. Enter a Netmask address.
The Netmask is the subnet portion of the IP address that is
assigned to the interface.
Format is typically 255.255.255.###, where the ### are the
values that identify the interface. If you do not specify a
netmask, the Data Domain system uses the netmask format is
determined by the TCP/IP address class (A,B,C) you are using.
7. Specify MTU Settings.
This sets the Maximum Transfer Unit (MTU) size for the
physical (Ethernet) interface. Supported values are from 350 to
9014. For 100 Base-T and gigabit networks, 1500 is the standard
default.
Notes:
•
Click the Default button to return the setting to the default
value.
•
Ensure that all of your network components support the
size set with this option.
8. Specify Dynamic DNS Registration option.
Dynamic DNS (DDNS) is the protocol that allows machines on
a network to communicate with, and register their IP address
on, a Domain Name System (DNS) server.
The DDNS must be registered to enable this option. Refer to
Registering a DDNS for additional information.
9. Click Next.
The Configure Interface Settings summary page appears. The
values listed reflect the new system and interface state.
10. Click Finish and OK.
Modifying a VLAN Interface
To modify settings on an existing VLAN interface:
84
Managing Data Domain Systems
1. From the Navigational pane, select the Data Domain system to
configure.
2. Click the Hardware > Network > Interfaces tabs.
3. In the Interfaces column, select the checkbox of the interface
and disable the VLAN interface by clicking No in the Enabled
column and click OK in the warning dialog box.
4. In the Interfaces column, select the checkbox of the interface
and click Configure.
The Configure VLAN Interface dialog box appears.
5. Change the settings that are described in the procedures
Configuring a VLAN on page 83.
6. Click Next and Finish.
Configuring an IP Alias
Create a new IP Alias interface from either a physical interface or a
virtual interface.
The recommended total number of IP Aliases and virtual
interfaces that can be created is 80 though it is possible to create up
to 100 interfaces.
1. From the Navigational pane, select the Data Domain system to
configure.
2. Click the Hardware > Network > Interfaces tabs.
3. Click Create and select the IP Alias option.
The Create IP Alias dialog box appears.
4. Specify a IP Alias ID by entering a number in the eth0a field.
Requirements are: 1 to 4096
5. Enter an IP Address.
The Internet Protocol (IP) Address is the numerical label
assigned to the interface. For example, 192.168.10.23
6. Enter a Netmask address.
DD OS 5.0 Administration Guide
85
The Netmask is the subnet portion of the IP address that is
assigned to the interface.
Format is typically 255.255.255.###, where the ### are the
values that identify the interface. If you do not specify a
netmask, the Data Domain system uses the netmask format is
determined by the TCP/IP address class (A,B,C) you are using.
7. Specify Dynamic DNS Registration option.
Dynamic DNS (DDNS) is the protocol that allows machines on
a network to communicate with, and register their IP address
on, a Domain Name System (DNS) server.
The DDNS must be registered to enable this option. Refer to
Registering a DDNS for additional information.
8. Click Next.
The Configure Interface Settings summary page appears. The
values listed reflect the new system and interface state.
9. Click Finish and OK.
Modifying an IP Alias Interface
To modify settings on an existing virtual interface:
1. From the Navigational pane, select the Data Domain system to
configure.
2. Click the Hardware > Network > Interfaces tabs.
3. In the Interfaces column, select the checkbox of the interface
and disable the IP Alias interface by clicking No in the Enabled
column and click OK in the warning dialog box.
4. In the Interfaces column, select the checkbox of the interface
and click Configure.
The Configure IP Alias dialog box appears.
5. Change the settings that are described in the procedure
Configuring an IP Alias on page 85.
6. Click Next and Finish.
86
Managing Data Domain Systems
Registering a DDNS
DDNS (Dynamic DNS) is the protocol used by CIFS that allows
machines on a network to communicate with, and register their IP
address on, a DNS Server. Changes you can make to the DDNS
registration include:
•
Manually register (add) configured interfaces to the DDNS
registration list.
•
Remove interfaces from the DDNS registration list.
•
Enable or disable DNS updates. Display whether DDNS
registration is enabled or not.
•
Display interfaces in the DDNS registration list.
To register a DDNS:
1. From the Navigational pane, select the Data Domain system to
configure.
2. Click the Hardware > Network > Interfaces tabs.
3. Click DDNS Registration.
The DDNS Registration dialog box appears.
4. To add an interface to the DDNS, click Add.
The Add Interface dialog box appears.
a. Enter a name in the Interface field.
b. Click OK.
The system responds
5. Optionally, to remove an interface from the DDNS
a. Click the checkbox of the interface to remove.
b. Click Remove.
The Confirm Remove dialog box appears.
c. Click OK.
The system responds
6. Specify Dynamic DNS Registration option.
DD OS 5.0 Administration Guide
87
•
Click the checkbox next to Enable DDNS updates for all
interface which are already registered.
•
Click the Default to set to default settings for DDNS
updates, and default value is disabled.
•
Uncheck the box to Disable DDNS updates for the
registered interfaces.
The DDNS must be registered to enable this option. Refer to
Registering a DDNS for additional information.
7. Complete the DDNS registration, click OK.
Destroying an Interface
Destroying an interface applies to virtual interface, VLAN, and IP
Alias interfaces. If virtual interfaces are destroyed, the system
deletes the veth and releases all it's bonded physical interfaces. If
there were VLAN/IP alias interfaces created on this virtual
interface these are also deleted. Destroy VLAN deletes the VLAN
and all IP Alias interfaces that are created under it, if any. Destroy
IP Alias deletes only that alias interface.
To destroy an Interface:
1. From the Navigational pane, select the Data Domain system to
configure.
2. Click the Hardware > Network > Interfaces tabs.
3. Click the box next to the interface to destroy (Virtual or VLAN
or IP Alias).
4. Click Destroy .
The Confirm Destroy dialog box appears.
5. Click OK.
View an Interface Hierarchy with the Tree View
1. From the Navigational pane, select the Data Domain system to
view.
2. Click the Hardware > Network > Interfaces tabs.
88
Managing Data Domain Systems
3. Click Tree View.
The Tree View dialog box appears.
4. Click the plus or minus boxes to expand or contract the tree
view that shows the hierarchy.
5. Click Close to exit the Tree View.
Configuring Network Settings
Use the Hardware > Network > Settings view to view and
configure the network settings. This includes network parameters
such as the hostname, domain name, search domains, host
mapping, and DNS list.
Configuring network settings is described in the following
sections:
•
View Settings Information on page 89
•
Set Hostnames on page 90
•
Manage a Domain Search List on page 91
•
Map Hosts on page 92
•
Set DNS IP Addresses on page 93
View Settings Information
1. From the Navigational pane, select the Data Domain system to
view or configure.
2. Click the Hardware > Network > Settings tabs.
The Settings view appears containing the Host Settings, Search
Domain, and Host Mapping options.
The Settings tab displays the following information.
Item
Description
Host Settings
Host Name
The hostname of the selected Data Domain system.
Domain Name
The fully-qualified domain name associated with the
selected Data Domain system.
DD OS 5.0 Administration Guide
89
Item
Description
Search Domain List
Search Domain
A list of search domains that the Data Domain system
uses. The Data Domain system applies the search
domain as a suffix to the hostname.
Hosts Mapping
IP Address
IP address of the host to resolve.
Host Name
Hostnames associated with the IP address.
DNS List
DNS IP Address
Current DNS IP addresses associated with the selected
Data Domain system. An asterisk (*) indicates the IP
addresses were assigned through DHCP.
Set Hostnames
You can change the hostname and domain name that other
systems use to access the Data Domain System.
•
Do not include an underscore in the hostname. It is
incompatible with some browsers.
Changing the names of an active host can cause:
•
A break in the current connection. If this happens log back in
and check the saved settings.
•
Disrupt replication and CIFS active directory authentication. If
this happens reconfigure CIFS authentication after you change
the names.
To set a hostname:
1. In the Settings view, click Edit in the Host Settings area.
The Configure Host dialog box appears.
2. Determine how network connections are set. Either:
90
•
Select the radio button for Obtain Settings using DHCP. (At
least one of the interfaces must be configured using
DHCP.)
•
Select the radio button for Manually configure the host.
Managing Data Domain Systems
a. Enter an hostname in the Host Name text box.
For example, id##.yourcompany.com
b. Enter a domain name in the Domain Name text box.
This is the domain name associated with your Data
Domain system. Typically this is your company domain
name. For example, yourcompany.com
3. Click OK.
Progress messages display. When changes are applied, you are
returned to the Hardware > Network > Settings tab.
Manage a Domain Search List
To add a search domain:
1. In the Settings view, click Edit in the Search Domain List area.
The Configure Search Domains dialog box appears.
2. To add a search domain, click the add (plus) button.
The Add Search Domain dialog box appears.
a. Enter a name in the Search Domain text box.
For example, id##.yourcompany.com
b. Click OK.
The system adds the new domain to the list of searchable
domains, but the changes are not applied to system yet.
3. Click OK.
Changes are applied to the system. The system returns you
to the Settings view.
To remove a search domain:
1. In the Settings view, click Edit in the Search Domain List area.
The Configure Search Domains dialog box appears.
a. Click the checkbox of the search domain to remove.
b. Click the remove (X) button.
DD OS 5.0 Administration Guide
91
The system removes the selected domain from the list of
searchable domains, but changes are not applied to system
yet.
Note: There is no confirmation dialog.
2. Click OK.
Changes are applied to system.The system returns you to
the Settings tab.
Map Hosts
Use the Hosts Mapping area to add a mapping that ties an IP
address to a name. You can modify these mappings as follows:
•
Add a Host to Map on page 92
•
Delete a Host Mapping on page 93
Add a Host to Map
1. In the Settings view, click Add in the Hosts Mapping area.
The Add Hosts dialog box appears.
2. Enter the IP address of the host in the IP Address text boxes.
The Internet Protocol (IP) Address is the numerical label
assigned to the interface. For example, 192.168.10.23
3. Click the add (Plus) button.
The Add Host dialog box appears.
4. Enter a hostname in the Host Name text box for the listed
system.
For example, id##.yourcompany.com
5. Click OK.
The new hostname is added to the list of Host Names.
6. Click OK.
The system returns you to the Settings tab.
92
Managing Data Domain Systems
Delete a Host Mapping
1. In the Settings view, click the checkbox of the host mapping to
delete in the Hosts Mapping area.
2. Click Delete in the Hosts Mapping area.
The Delete Host confirmation dialog box appears.
3. Click Delete.
Confirmation messages are displayed.
4. Click Close, when the Completed message appears.
The system returns you to the Settings tab.
Set DNS IP Addresses
To add a DNS IP address:
1. In the Settings view, click Edit in the DNS List area.
The Configure DNS dialog box appears.
2. Determine the method for obtaining the DNS. Either:
•
Click the radio button for Obtain Settings using DHCP.(At
least one interface must be configured using DHCP.)
•
Click the radio button for the Manually configure DNS
radio button.
The DNS IP address checkboxes become available.
a. Click the plus (+) button.
The Add DNS dialog box appears.
b. Enter the DNS IP address to add.
c. Click OK.
The system adds the new IP address to the list of DNS
available IP addresses, but changes are not applied yet to
the system.
To delete an existing DNS IP address:
1. Click the Manually configure DNS radio button.
DD OS 5.0 Administration Guide
93
The DNS IP address checkboxes become active.
2. Click the DNS IP Address checkbox for the DNS IP address to
delete.
3. Click the delete (X) button.
The system removes the IP address from the list of DNS IP
Addresses, but changes are not applied yet to the system.
Note: There is no confirmation dialog.
4. Click OK.
The system processes the edits and returns you to the Settings
tab.
Configuring Routes
Routes determine the path taken to transfer data to and from the
localhost (the Data Domain system) to another network or host.
Data Domain systems do not generate or respond to any of the
network routing management protocols (RIP, EGRP/EIGRP, and
BGP) in any way. The only routing implemented on a Data
Domain system is based upon the internal route table, where the
administrator may define a specific network or subnet that a
physical interface (or interface group) uses.
Data Domain systems use source-based routing, which means that
outbound network packets that match the subnet of multiple
interfaces will only be routed over the physical interface from
which they originated.
Note: The routing for connections initiated from the Data Domain
system (such as for replication) depend on the source address used
for interfaces using the same subnet. To force traffic for a specific
interface to a specific destination (even if that interface is on the
same subnet as other interfaces), a static routing entry between two
systems can be configured and will override source routing.
Configuring routes is described in the following sections:
94
•
View Route Information on page 95
•
Set the Default Gateway on page 96
Managing Data Domain Systems
•
Create Static Routes on page 96
•
Delete Static Routes on page 98
View Route Information
1. From the Navigational s pane, select the Data Domain system
to view or configure.
2. Click the Hardware > Network > Routes tabs.
The Routes view presents the following information. IP routing
tables show the destination, gateway, netmask, and other
information for each route.
Item
Description
Static Routes
Route Spec
Lists the route specification that is being used to configure
routes.
Dynamic Routes
List of dynamically assigned routes using network or host paths
for data transmission.
Destination
The destination host/network where the network traffic (data)
is sent.
Gateway
The address of the router in the Data Domain network or 0.0.0.0
if no gateway is set.
Genmask
The netmask for the destination net. Set to 255.255.255.255 for a
host destination and 0.0.0.0 for the default route.
Flags
Possible flags include:
U—Route is up
H—Target is a host
G —Use gateway
R —Reinstate route for dynamic routing
D—Dynamically installed by daemon or redirect
M —Modified from routing daemon or redirect
A —Installed by addrconf
C —Cache entry
! —Reject route
Metric
The distance to the target (usually counted in hops). (It is not
used by the DD OS, but might be needed by routing daemons.)
DD OS 5.0 Administration Guide
95
Item
Description
MTU
Maximum Transfer Unit (MTU) size for the physical (Ethernet)
interface.
Window
Default window size for TCP connections over this route.
IRTT
Initial RTT (Round Trip Time). The kernel uses this to estimate
the best TCP protocol parameters without waiting on (possibly
slow) answers.
Interface
Interface name associated with the routing interface.
Set the Default Gateway
1. From the Navigational pane, select the Data Domain system to
configure.
2. Click the Hardware > Network > Routes tabs.
3. Click Edit in the Default Gateway area.
The Configure Default Gateway dialog box appears.
4. Choose how the gateway address is set. Either:
•
Select Use DHCP value radio button for setting the
gateway.
Dynamic Host Configuration Protocol (DHCP) indicates if
the gateway is configured using value from DHCP server.
•
Select the Manually Configure radio button.
The Gateway address box becomes available.
-
Enter the gateway address in the Gateway field.
5. Click OK.
The system processes the information and returns you to the
Routes tab.
Create Static Routes
1. From the Navigational pane, select the Data Domain system to
configure.
2. Click the Hardware > Network > Routes tabs.
96
Managing Data Domain Systems
3. Click Create in the Static Routes area
The Create Routes dialog box appears.
4. Select an interface to configure for the static route.
a. Click the checkboxes of the interface(s) whose route you are
configuring.
b. Click Next.
5. Specify the Destination. Select either of the following.
The Network Address and Netmask.
a. Click the Network radio button.
b. Enter destination information, by providing destination
network address and netmask.
Note: This is not the IP of any interface. The interface is
selected in the initial dialog and it is used for routing traffic.
The hostname or IP address of host destination.
a. Click the Host radio button.
b. Enter the hostname or IP address of the destination host to
use for the route.
6. Optionally, change the gateway for this route.
a. Click the checkbox, Specify different gateway for this route.
b. Enter a gateway address in the Gateway field.
7. Review changes, click Next.
The Create Routes > Summary page appears. The values listed
reflect the new configuration.
8. Complete the action, click Finish.
Progress messages display. When changes are applied, the
message indicates Completed. Click OK to close the dialog.
The new route specification is listed in the Route Spec list.
DD OS 5.0 Administration Guide
97
Delete Static Routes
1. From the Navigational pane, select the Data Domain system to
configure.
2. Click the Hardware > Network > Routes tabs.
3. Click the Route Spec checkbox of the route specification to
delete.
4. Click Delete in the Static Routes area.
The Delete Route confirmation dialog appears.
5. Click Delete and Close.
The selected route specification is removed from the Route
Spec list.
Managing Access to the System
Access management includes viewing and configuring the services
that provide administrator and user access to the system.
The tasks to manage access to the system include:
•
Manage Administrator Access on page 98
•
Manage Local User Access to the System on page 103
•
Manage NIS Servers and Workgroups on page 110
•
Manage Windows Servers and Workgroups on page 112
Manage Administrator Access
The following tasks can be performed to manage administrator
access:
98
•
View Administrator Access on page 99
•
Manage Telnet Access on page 99
•
Manage FTP Access on page 100
•
Manage HTTP/HTTPS Access on page 101
•
Manage SSH Access on page 102
Managing Data Domain Systems
View Administrator Access
To view Administrator Access information:
1. In the Navigational pane, expand the DD Network and select a
system.
2. Click the System Settings > Access Management tabs.
The Access Management page appears, containing the
Administrator Access, Local Users, NIS, and Windows tabs.
The Administrator Access view lists the following information.
Item
Description
Service
The name of a service/protocol that can access the
system.
Enabled
The status of the service, either enabled or disabled.
Allowed Hosts
The access permissions set for the named host.
HTTP port
The port number opened for the HTTP protocol
(port 80, by default).
HTTPS port
The port number opened for the HTTPS protocol
(port 443, by default).
Session Timeout
The amount of inactive time allowed before a
connection closes (10800 seconds, which is 3 hours,
by default).
Manage Telnet Access
To provides access to the system through a Telnet connection:
1. On the Access Management page, select Configure Telnet from
the More Tasks menu.
The Configure Telnet Access dialog box appears.
2. To enable Telnet access, click the Allow Telnet Access
checkbox.
3. Determine how hosts connect:
•
To allow complete access, click the Allow all hosts to
connect radio button.
DD OS 5.0 Administration Guide
99
•
To configure specific hosts, click the Limit Access to the
following systems radio button and click the appropriate
icon in the Allowed Hosts pane. Hostnames can be a fully
qualified hostname or an IP address.
-
To add a host, click the plus button ( +). Enter the
hostname, and click OK.
-
To modify a hostname, click the checkbox of the
hostname in the Hosts list and click the edit button
(pencil). Change the hostname and click OK.
-
To remove a hostname, click the checkbox of the
hostname in the Hosts list and click the minus button
(-), and click OK.
4. Click OK.
Manage FTP Access
To provides access to the system through an FTP connection:
1. On the Access Management page, select Configure FTP from
the More Tasks menu.
The Configure FTP Access dialog box appears.
2. To enable FTP access, click the Allow FTP Access checkbox.
3. Determine how hosts connect:
100
•
To allow complete access, click the Allow all hosts to
connect radio button.
•
To configure specific hosts, click the Limit Access to the
following systems radio button and click the appropriate
icon in the Allowed Hosts pane. Hostnames can be a fully
qualified hostname or an IP address.
-
To add a host, click the plus button (+). Enter the
hostname and click OK.
-
To modify a hostname, click the checkbox of the
hostname in the Hosts list and click the edit button
(pencil). Change the hostname and click OK.
Managing Data Domain Systems
-
To remove a hostname, click the checkbox of the
hostname in the Hosts list, click the minus button
(-), and click OK.
4. Click OK.
Manage HTTP/HTTPS Access
To provides access to the system through an HTTP and/or HTTPS
connection:
1. On the Access Management page, select Configure
HTTP/HTTPS from the More Tasks menu.
The Configure HTTP/HTTPS Access dialog box appears.
2. To enable HTTP and/or HTTPS access, click the checkbox for
Allow HTTP Access and/or the Allow HTTPS Access.
3. Determine how hosts connect:
•
To allow complete access, click the Allow all hosts to
connect radio button.
•
To configure specific hosts, click the Limit Access to the
following systems radio button and click the appropriate
icon in the Allowed Hosts pane. Hostnames can be a fully
qualified hostname or an IP address.
-
To add a host, click the plus button (+). Enter the
hostname and click OK.
-
To modify a hostname, click the checkbox next to the
hostname in the Hosts list and click the edit button
(pencil). Change the hostname and click OK.
-
To remove a hostname, click the checkbox of the
hostname in the Hosts list, click the minus button
( - ), and click OK.
4. To configure system ports and session timeout values, click the
Advanced tab.
•
In the HTTP Port text entry box, enter the port for
connection. Port 80 is assigned by default.
DD OS 5.0 Administration Guide
101
•
In the HTTPS Port text entry box, enter the port for
connection. Port 443 is assigned by default.
•
In the Session Timeout text entry box, enter the interval in
seconds that must elapse before connection closes. 10800
seconds (3 hours) is assigned by default.
Note: Click Default to return the setting back to the default value.
5. Click OK.
Manage SSH Access
To provides access to the system through an SSH connection:
1. On the Access Management page, select Configure SSH from
the More Tasks menu.
The Configure SSH Access dialog box appears.
2. To enable SSH access, click the Allow SSH Access checkbox.
3. Determine how hosts connect:
•
To allow complete access, click the Allow all hosts to
connect radio button.
•
To configure specific hosts, click the Limit Access to the
following systems radio button and click the appropriate
icon in the Allowed Hosts pane. Hostnames can be a fully
qualified hostname or an IP address.
-
To add a host, click the plus button (+). Enter the
hostname and click OK.
-
To modify a hostname, click the checkbox of the
hostname in the Hosts list and click the edit button
(pencil). Change the hostname and click OK.
-
To remove a hostname, click the checkbox of the
hostname in the Hosts list, click the minus button
( - ), and click OK.
4. Click OK.
102
Managing Data Domain Systems
Manage Local User Access to the System
The following sections describe the tasks to manage user access:
•
View Local User Information on page 103
•
Create Local Users on page 105
•
Modify a Local User Profile on page 106
•
Delete Local User on page 107
•
Enable and Disable Local User on page 108
•
Change User Passwords on page 108
•
Modify Password Policy on page 109
View Local User Information
To view Local User information:
1. In the Navigational pane, expand the DD Network and select a
system.
2. Click the System Settings > Access Management> Local Users
tabs.
The Local Users view appears showing the Local Users table
and the Detailed Information area.
The Local Users table lists the following information.
Item
Description
Name
The user ID, as added to the system.
Privilege
The privilege of the user: admin, user, or security
officer.
DD OS 5.0 Administration Guide
103
Item
Description
Status
• Active—User access to the account is permitted.
• Disabled—User access to the account is denied
because the expiration date for the account has
been reached or a locked account’s password has
not been renewed.
Admin users can disable/enable users with
admin or user privilege, except SysAdmin User.
No users can disable SysAdmin. Security officers
can only disable/enable other security officers.
• Locked—User access the account is denied
because the password has expired.
Disable Date
The date the account is set to be disabled.
Last Login From
The location where the user last logged in.
Last Login Time
The time the user last logged in.
Note: Users who have admin or security officer privilege can
view all users. Users without these privileges, can only view
their own user account.
3. Select the user you want to view from the list of users.
Information about the selected user displays in the Detailed
Information area.
The Detailed Information area displays the following
information about the selected user:
104
Item
Description
Password Last
Changed
The date the password was last changed.
Minimum Days
Between Change
The minimum number of days between password
changes that you allow a user. Default is 0.
Maximum Days
Between Change
The maximum number of days between password
changes that you allow a user. Default is 99999.
Warn Days Before
Expire
The number of days to warn the users before their
password expires. Default is 7.
Disable Days
After Expire
The number of days after a password expires to
disable the user account. Default is Never.
Managing Data Domain Systems
Note: The default password policy can change if the admin user
changes them from the Modify Password Policy task. The default
values are the initial default password policy values.
Create Local Users
A Data Domain system supports three classes of access.
•
The user class is for standard users who have access to a limited
number of operations and commands. Mostly, the user class
can only display information.
•
The admin class is for administrative users who have access to
all Data Domain system operations and commands. The
default administrative account is sysadmin.
You can change the sysadmin password, but cannot delete the
account.
•
The security officer class is for users who can enable/disable
other security officers.
To create new users, follow these steps:
1. In the Navigational pane, expand the DD Network and select a
system.
2. Click the System Settings > Access Management> Local Users
tabs.
The Local Users view appears.
3. Click the Create button to create a new user.
The Create User dialog box appears.
4. Enter the following information in the General Tab:
Item
Description
User
The user ID or name.
Password
The user password. Set a default password, and the
user can change it later.
Verify Password
The user password, again.
Privilege
The privilege of the user: admin, security, or user.
DD OS 5.0 Administration Guide
105
Note: The default value for the minimum length of a password
or minimum number of character classes required for a user
password is 1. Allowable character classes include:
•
Lowercase letters (a-z)
•
Uppercase letters (A-Z)
•
Numbers (0-9)
•
Special Characters ($, %, #, +, and so on)
Note: The available privileges display based on user’s
privilege. Only the Sysadmin user can create the first security
officer. After the first security officer is created, only security
officers can create or modify other security officers. Sysadmin
is the default admin user and cannot be deleted or modified.
5. Enter the following information in the Advanced Tab:
Item
Description
Minimum Days
Between Change
The minimum number of days between password
changes that you allow a user. Default is 0.
Maximum Days
Between Change
The maximum number of days between password
changes that you allow a user. Default is 99999.
Warn Days Before
Expire
The number of days to warn the users before their
password expires. Default is 7.
Disable Days
After Expire
The number of days after a password expires to
disable the user account. Default is Never.
Disable account
on the following
date
Check this box and enter a date (mm/dd/yyyy)
when you want to disable this account. Also, you
can click the calendar to select a date.
6. Click OK.
Note: Note: The default password policy can change if the
admin user changes them from the Modify Password Policy
task. The default values are the initial default password policy
values.
Modify a Local User Profile
To change user profiles, follow these steps:
106
Managing Data Domain Systems
1. In the Navigational pane, expand the DD Network and select a
system.
2. Click the System Settings > Access Management> Local Users
tabs.
The Local Users view appears.
3. Click a user name from the list.
4. Click Modify to make changes to a user account.
The Modify User dialog box appears.
5. Enter the following information in the General Tab:
Item
Description
User
The user ID or name.
Password
The user password. Set a default password, and the
user can change it later.
6. Enter the following information in the Advanced Tab:
Item
Description
Minimum Days
Between Change
The minimum number of days between password
changes that you allow a user. Default is 0.
Maximum Days
Between Change
The maximum number of days between password
changes that you allow a user. Default is 99999.
Warn Days Before
Expire
The number of days to warn the users before their
password expires. Default is 7.
Disable Days
After Expire
The number of days after a password expires to
disable the user account. Default is Never.
Disable account
on the following
date
Check this box and enter a date (mm/dd/yyyy)
when you want to disable this account. Also, you
can click the calendar to select a date.
7. Click OK.
Delete Local User
You can delete certain users based on your user privileges. If one
of the selected users cannot be deleted, the Delete button is
DD OS 5.0 Administration Guide
107
disabled. For example, Sysadmin cannot be deleted. Admin users
cannot delete security officers. Security officers can delete, enable,
and disable other security officers.
To delete users, follow these steps:
1. In the Navigational pane, expand the DD Network and select a
system.
2. Click the System Settings > Access Management> Local Users
tabs.
The Local Users view appears.
3. Click one or more user names from the list.
4. Click Delete to delete the user accounts.
The Delete User dialog box appears.
5. Click OK and Close.
Enable and Disable Local User
To enable or disable users, follow these steps:
1. In the Navigational pane, expand the DD Network and select a
system.
2. Click the System Settings > Access Management> Local Users
tabs.
The Local Users view appears.
3. Click one or more user names from the list.
4. Click either the Enable or Disable button to enable or disable
user accounts.
The Enable or Disable User dialog box appears.
5. Click OK and Close.
Change User Passwords
To change user passwords, follow these steps:
1. In the Navigational pane, expand the DD Network and select a
system.
108
Managing Data Domain Systems
2. Click the System Settings > Access Management> Local Users
tabs.
The Local Users view appears.
3. Click a user name from the list.
4. Click Change Password to change the user password.
The Change Password dialog box appears.
If the user is assigned user privilege, the old password is
required before changing to the new password.
5. Enter the new password into the New Password box.
6. Enter the new password again into Verify New Password box.
7. Click OK.
Modify Password Policy
To modify and configure the password policy:
1. On the Access Management page, select Modify Password
Policy from the More Tasks menu.
The Modify Password Policy dialog box appears.
2. Enter the password policy information in the appropriate
boxes. To select the default value, click the Default button next
to each value.
Item
Description
Minimum Days
Between Change
The minimum number of days between password
changes that you allow a user. Default is 0.
Maximum Days
Between Change
The maximum number of days between password
changes that you allow a user. Default is 99999.
Warn Days Before
Expire
The number of days to warn the users before their
password expires. Default is 7.
Disable Days
After Expire
The number of days after a password expires to
disable the user account. Default is Never.
DD OS 5.0 Administration Guide
109
Item
Description
Minimum Length
of Password
The minimum password length required. Default is
1.
Minimum
Number of
Character Classes
The minimum number of character classes
required for a user password. Default is 1.
Character classes include:
• Lowercase letters (a-z)
• Uppercase letters (A-Z)
• Numbers (0-9)
• Special Characters ($, %, #, +, and so on)
3. Click OK to save the password settings.
Manage NIS Servers and Workgroups
NIS workgroup management includes configuring NIS
authentication, domain names, and NIS groups.
The following topics are described:
•
View NIS Information on page 110
•
Enable and Disable NIS Authentication on page 111
•
Edit Domain Name on page 111
•
Configure Authentication Servers on page 111
•
Configure NIS Groups on page 112
View NIS Information
To view NIS information, follow these steps:
1. In the Navigational pane, expand the DD Network and select a
system.
2. Click the System Settings > Access Management> NIS tabs.
The NIS view appears.
110
Managing Data Domain Systems
The NIS view lists the following information.
Item
Description
Status
The status of the service, either enabled or disabled.
Domain Name
The name of the domain for this service.
Authentication Server
Server
The name of the server performing authentication.
Configured NIS Groups
Group
The name of the NIS group.
Privilege
The privilege of the group (admin or user).
Enable and Disable NIS Authentication
To enable or disable NIS Authentication, follow these steps:
1. In the Navigational pane, expand the DD Network and select a
system.
2. Click the System Settings > Access Management> NIS tabs.
The NIS view appears.
3. Click Enable to enable or Disable to disable NIS
Authentication.
The Enable or Disable NIS dialog box appears.
4. Click OK.
Edit Domain Name
1. Click Edit next to Domain Name to edit the NIS domain name.
The Configure NIS Domain Name dialog box appears.
2. Enter the domain name in the Domain Name box.
3. Click OK.
Configure Authentication Servers
1. Click Edit below Authentication Servers to configure the
authentication server.
DD OS 5.0 Administration Guide
111
2. In the Configure NIS Authentication Servers dialog box, select
one of the following:
•
Obtain NIS Servers from DHCP
•
Manually Configure
a. To add an authentication server, click the plus button ( +).
Enter the server name, and click OK.
b. To modify an authentication server, click the checkbox of
the authentication server name in the server list and click
the edit icon (pencil). Change the server name, and click
OK.
c. To remove an authentication server name, click the
checkbox of the hostname in the server list, click the X icon,
and click OK.
3. Click OK.
Configure NIS Groups
1. Click Edit in the Configured NIS Groups area to configure the
NIS groups.
2. In the Configure Allowed NIS Groups dialog box, select an NIS
group.
•
To add an NIS group, click the plus button (+). Enter the
NIS group name and privilege, and click Validate. Click
OK to exit the add NIS group dialog box. Click OK again to
exit the Configure Allowed NIS Groups dialog box.
•
To modify an NIS group, click the checkbox of the NIS
group name in the NIS group list and click the edit button
(pencil). Change the NIS group name, and click OK.
•
To remove an NIS group name, click the checkbox of the
NIS group in the list and click the X button, and click OK.
Manage Windows Servers and Workgroups
Windows workgroup management includes configuring Windows
authentication, active directory, and assigning group privileges.
112
Managing Data Domain Systems
The tasks to manage Windows workgroups include:
•
View Windows Information on page 113
•
Configure Authentication for Workgroup on page 113
•
Configure Authentication for Active Directory on page 114
View Windows Information
To view Windows information, follow these steps:
1. In the Navigational pane, expand the DD Network and select a
system.
2. Click the System Settings > Access Management> Windows
tabs.
The Windows view appears.
The Windows view lists the following information.
Item
Description
Authentication
Mode
The name type of authentication mode
(Workgroup or Active Directory).
Workgroup/Active
Directory Names
The name of the Workgroup or Active Directory.
CIFS Server Name
The name of the CIFS Server in use.
WINS Server
The name of the WINS Server in use.
Allowed Groups
Windows Group
The name of the Windows group.
Privilege
The privilege of the group (admin or user).
Configure Authentication for Workgroup
To configure Workgroup authentication parameters:
1. In the Navigational pane, expand the DD Network and select a
system.
2. Click the System Settings > Access Management> Windows
tabs.
DD OS 5.0 Administration Guide
113
The Windows view appears.
3. Select Configure Authentication.
The Configure Authentication dialog appears.
4. From the Mode drop-down list, select Workgroup.
The Workgroup mode joins a Data Domain system to a
workgroup domain.
5. Optionally, uncheck the Use Default box and enter a
Workgroup Name in the text box.
6. Click the Advanced tab to set additional information.
7. Optionally, uncheck the Use Default box and enter a CIFS
Server Name in the field.
8. Click OK.
Configure Authentication for Active Directory
The Data Domain system must meet all active-directory
requirements, such as a clock time that differs no more than five
minutes from that of the domain controller.
To set Active Directory authentication parameters:
1. In the Navigational pane, expand the DD Network and select a
system.
2. Click the System Settings > Access Management> Windows
tabs.
The Windows view appears.
3. Select Configure Authentication.
The Configure Authentication dialog appears.
4. From the Mode drop-down list, select Active Directory.
The active-directory mode joins a Data Domain system to an
active-directory domain.
5. In the Realm Name text box, enter the full realm name for the
system, such as domain1.local.
114
Managing Data Domain Systems
6. In the Domain Joining Credential area, enter a user name and
password. Enter either a user on your company’s domain, or a
user in a domain that is a trusted domain of your company.
The user name and password must be compatible with
Microsoft requirements for the Active Directory domain being
joined. This user must have permission to create accounts in
your company’s domain.
7. Click the Advanced tab to set additional information.
8. Optionally, to set a CIFS server name, in the CIFS Server Name
area:
•
Click the checkbox to use the default CIFS server name.
•
Deselect the checkbox and enter the CIFS server name in
the text box.
9. In the Domain Controller area, determine how domain
controllers are assigned:
•
For automatic assignment, click the radio button for
Automatically assign Domain Controllers. This is the
default and recommended method.
•
To add specific domain controllers, click the radio button
for Manually assign Domain Controllers and enter a
controller name in the text box. Up to three controller
names can be added. You can enter fully qualified domain
names, hostnames, or IP addresses.
10. Optionally, to set Organizational Units, in the Organizational
Unit area:
•
Click the checkbox to use the default Organizational Unit
•
Deselect the checkbox and enter the Organizational Unit
name in the text box
Note: The account will not be moved to the new
Organizational Unit if it already exists under another
Organizational Unit.
11. Click OK.
DD OS 5.0 Administration Guide
115
Create Allowed Groups
To create Allowed Groups:
1. In the Navigational pane, expand the DD Network and select a
system.
2. Click the System Settings > Access Management> Windows
tabs.
The Windows view appears.
3. Select Create in the Allowed Groups pane.
The Create Windows Group dialog appears.
4. Enter the Group name in the text box. The domain for the
group must be specified. For example, domain\group name.
5. Select a Privilege from the drop-down list. Choose either
Admin or User.
6. Click OK.
Modify Groups
To modify existing workgroups:
1. In the Navigational pane, expand the DD Network and select a
system.
2. Click the System Settings > Access Management> Windows
tabs.
The Windows view appears.
3. Select a Windows Group from the list.
4. Select Modify in the Allowed Groups pane.
The Edit Windows Group dialog appears.
5. Edit the Group name in the text box. The domain for the group
must be specified. For example, domain\group name.
6. Select a Privilege from the drop-down list. Choose from either
Admin or User.
7. Click OK.
116
Managing Data Domain Systems
Delete Groups
You cannot delete default Windows groups, such as Domain
Admins. If the default Windows group is selected, the Delete
button is grayed out. To delete existing workgroups:
1. In the Navigational pane, expand the DD Network and select a
system.
2. Click the System Settings > Access Management> Windows
tabs.
The Windows view appears.
3. Select a Windows Group from the list.
4. Select Delete in the Allowed Groups pane.
The Delete Windows Group dialog appears.
5. Click OK.
Managing General Configuration Settings
The System Settings > General Configuration area allows you to
view and set system configuration parameters.
General configuration settings include:
•
Working with Email Settings on page 117
•
Working with Time and Date Settings on page 119
•
Working with System Properties on page 120
•
Working with SNMP on page 121
Working with Email Settings
The procedures for working with email settings include:
•
Configure Mail Server Settings on page 118
•
Configure Mail Server Settings on page 118
•
Configure the Autosupport Mailing List on page 118
•
Test the Alerts Email List on page 119
DD OS 5.0 Administration Guide
117
Configure Mail Server Settings
To configure a mail server:
1. Click the System Settings > General Configuration >Mail
Server tabs.
2. From the More Tasks menu, select Set Mail Server.
The Set Mail Server dialog box appears.
3. In the Mail Server text box, enter the name of the mail server.
4. Click OK.
View Autosupport Email List
1. Select the system to be checked in the Navigational pane.
2. Click the Maintenance > Support tabs.
The configured emails for the autosupport email list are shown
below the Detailed Autosupport Mailing List area.
Configure the Autosupport Mailing List
To receive emails for autosupport reports, add a recipient’s email
address to the email list. It is advisable to test the setup to ensure
messages are received.
To set the list of email addresses receiving autosupport
notification:
1. Click the Maintenance > Support tabs.
2. Click Add or Modify next to the Detailed Autosupport Mailing
List.
The Add or Modify Detailed Autosupport Mailing Lists dialog
box appears.
3. In the Email area, click the plus ( + ) icon.
The Email dialog box appears.
4. Enter the recipients email address in the Autosupport Email
text box.
118
Managing Data Domain Systems
5. Click OK.
The new autosupport email addresses appear in the Detailed
Autosupport Mailing Lists area (see Configure Mail Server
Settings on page 118).
Test the Alerts Email List
After configuring the email lists, the addresses should be tested to
ensure they are receiving mail.
To test newly added alerts emails:
1. Click the Status > > Alerts > Notification tabs.
2. Select Send Test Alert from the More Tasks menu.
The Send Test Alert dialog box appears.
3. In the Notification Groups area, select the checkboxes of
groups to send test emails and click Next.
4. Optionally, add or create additional email addresses.
5. Click Send Now and OK.
To test newly added autosupport emails for mailer problems, use
the autosupport test command
autosupport test email email-addr
For example, after adding the email address
djones@yourcompany.com to the list, check the address with
the command:
# autosupport test email djones@yourcompany.com
Working with Time and Date Settings
The procedures for working with time and date settings include:
•
View Time and Date Information on page 119
•
Configure Time and Date Settings on page 120
View Time and Date Information
1. Select the system to be checked in the Navigational pane.
DD OS 5.0 Administration Guide
119
2. Click the System Settings > General Configuration > Time and
Date Settings tabs.
The Time and Date Settings page presents the current system date
and time, and shows whether NTP is enabled or not, and the IP
addresses or hostnames of configured NTP servers.
Configure Time and Date Settings
To configure time and date settings:
1. On the Time and Date Settings page, select Configure Time
Settings from the More Tasks menu.
The Configure Time Settings dialog box appears.
2. Click the Time Zone drop-down list and select the timezone
where the Data Domain system resides.
3. Set how system time is synchronized:
•
To manually set the time and date, click the None radio
button and enter the date in the text box, and use the dropdown lists to set the time.
•
To use NTP to synchronize the time, select the NTP radio
button. Set how the NTP server is accessed:
-
To use DHCP to automatically select a server, click the
Obtain NTP Servers using DHCP radio button.
-
To configure an NTP server IP address, click the
Manually Configure radio button, add the IP address of
the server, and click OK.
4. Click OK.
Working with System Properties
The procedures for working with system property settings include:
120
•
View System Properties on page 121
•
Configure System Properties on page 121
Managing Data Domain Systems
View System Properties
1. Select the system to be checked in the Navigational pane.
2. Click the System Settings > General Configuration > System
Properties tabs.
The System Properties page displays location of the system, the
administrator email address, and the administrator hostname.
Configure System Properties
To configure system properties:
1. On the System Properties page, select Set System Properties
from the More Tasks menu.
The Set System Properties dialog box appears.
2. In the Location text field enter information about where the
Data Domain system is located.
3. In the Admin Email text field, enter the email address of the
system administrator.
4. In the Admin Server, enter the name of the administration
server.
5. Click OK.
Working with SNMP
Simple Network Management Protocol (SNMP) is a standard
protocol used to exchange network management information. It is
part of the Transmission Control Protocol/Internet Protocol
(TCP/IP) protocol suite. SNMP provides a tool for network
administrators to monitor and manage network-attached devices
such as Data Domain systems. The default port that is open when
SNMP is enabled is port 161. Traps are sent out through port 162.
To monitor Data Domain systems using SNMP, you will need to
install the Data Domain MIB in your SNMP Management system.
The Data Domain MIB can be obtained by following the
instructions to download it in View the SNMP MIB on page 123. The
Data Domain MIB will allow SNMP queries for Data Domain
specific information.
DD OS 5.0 Administration Guide
121
DD OS also support the standard MIB-II so you can also query
MIB-II statistics for general data such as network statistics. For full
coverage of available data you should utilize both the Data
Domain MIB and the standard MIB-II MIB.
•
The DD OS 5.0 Initial Configuration Guide describes how to set
up the Data Domain system to use SNMP monitoring.
•
The DD OS 5.0 Command Reference Guide describes the full set
of MIB parameters included in the Data Domain MIB branch.
The procedures for working with SNMP include:
•
Check SNMP Status on page 122
•
Configure SNMP Settings on page 123
•
Enable or Disable SNMP on page 123
•
View the SNMP MIB on page 123
Check SNMP Status
1. Select the system to be checked in the Navigational pane.
2. Click the System Settings > General Configuration > SNMP
tabs.
The SNMP status and settings display.
The SNMP pane displays the following status and
configuration information:
122
Item
Description
Status
The operational status of the SNMP agent on the
Data Domain system: Enabled or Disabled.
SNMP System
Location
The location of the Data Domain system being
monitored.
SNMP System
Contact
The person designated as the person to contact
for the Data Domain system administration.
Trap Hosts
The systems designated to receive SNMP traps
generated by the Data Domain system. If this
parameter is set, systems receive alert messages,
even if the SNMP agent is disabled.
Managing Data Domain Systems
Item
Description
Read-only
Communities
Community strings that enable read-only access
to the Data Domain system (admin viewing
only).
Read-write
Communities
Community strings that enable read-write access
to the Data Domain system (admin viewing
only).
Configure SNMP Settings
1. From the System Settings > General Configuration page, click
SNMP
2. Click Configure.
The SNMP Configuration dialog box appears.
3. Modify or add SNMP settings such as system location, system
contact, trap hosts, read-only communities, and read-write
communities.
4. Click OK.
Enable or Disable SNMP
1. From the System Settings > General Configuration page, click
SNMP.
2. Click Enable to enable SNMP or Disable to disable SNMP.
View the SNMP MIB
1. From the System Settings > General Configuration > SNMP
page, click Download MIB file.
2. In the Opening DATA_DOMAIN.mib dialog box, select Open.
3. Click Browse and select a browser to view the MIB in a
browser window.
4. Save the MIB or exit the browser.
DD OS 5.0 Administration Guide
123
Managing Reporting and Logging
The Data Domain system provides several types of reporting and
logging, as described in the following sections:
•
Managing Autosupport Reporting on page 124
•
Managing Support Bundles on page 125
•
Managing Log Files on page 126
Managing Autosupport Reporting
The Autosupport feature sends to Data Domain Support a daily
report that shows system identification information and
consolidated output from a number of Data Domain system
commands and entries from various log files. At the end of the
report, extensive and detailed internal statistics and information
are included to aid Data Domain in debugging system problems.
The time the email is sent can be scheduled, the default time being
06.00 a.m.
The procedures for managing autosupport reporting include:
•
Add to the Autosupport Report Email List on page 125
•
Review Generated Autosupport Reports on page 125
About the Daily Alerts Summary
Every morning at 8:00 a.m. (local time for your system), the Data
Domain system sends the Daily Alert Summary email to the
autosupport report email list. The Daily Alert Summary email
contains current and historical alerts showing messages about noncritical hardware situations and disk space usage numbers that
should be addressed soon. An example would be a fan failure. A
failed fan should be replaced as soon as is reasonably possible, but
the system can continue operations. When Support receives the
failure notification, they contact you to arrange a replacement
component.
124
Managing Data Domain Systems
Add to the Autosupport Report Email List
By default, autosupport reports are enabled and sent daily to Data
Domain Customer Support. You may wish to add additional email
addresses as recipients of autosupport reports. To add to the
autosupport mailing list, see Configure the Autosupport Mailing List
on page 118.
Review Generated Autosupport Reports
1. Select the system to be checked in the Navigational pane.
2. Click the Maintenance > Support >Autosupport Reports tabs.
The Autosupport Reports page shows the autosupport report
file name and file size, and the date the report was generated.
Reports are automatically named. The most current report is
autosupport, the previous day is autosupport.1, and the
number increments as the reports move back in time.
3. Click the file name link to view the report using a text editor. If
doing so is required by your browser, download the file first.
Managing Support Bundles
The following tasks are used to manage support bundles:
•
Generate a Support Bundle on page 125
•
Review the Support Bundles List on page 126
Generate a Support Bundle
When troubleshooting problems, Data Domain Customer Support
may ask for a support bundle, which is a tar-g-zipped selection of
log files with a README file that includes identifying autosupport
headers. To create a support bundle, use the following procedure:
1. Select the system to be checked in the Navigational pane.
2. On the Maintenance > Support page, click the More Tasks
menu and select Generate Support Bundle.
3. Click the link to download the bundle.
DD OS 5.0 Administration Guide
125
4. Email the file to Data Domain support at
support@datadomain.com.
Note: If the bundle is too large to be emailed, use the Data
Domain support site to upload the bundle. (Go to
https://my.datadomain.com > UploadFile.)
Review the Support Bundles List
1. Select the system to be checked in the Navigational pane.
2. Click the Maintenance > Support > Support Bundles tabs.
The Support Bundles page appears.
Listed are the support bundle file name, file size, and date the
bundle was generated. Bundles are automatically named,
where the most current bundle is support-bundle.tar.gz,
the previous bundle is support-bundle.tar.gz.1. The
number increments as the reports move back in time.
3. Click the file name link and select a gz/tar decompression tool
to view the ASCII contents of the bundle.
Managing Log Files
The Data Domain system logs a system status message every hour.
Log files can be bundled and sent to Data Domain Support to
provide the detailed system information that aids in
troubleshooting any system issues that may arise.
The Data Domain system log file entries contain messages from the
alerts feature, autosupport reports, and general system messages.
The log directory is /ddvar/log.
Every Sunday at 3 a.m., the Data Domain system automatically
opens new log files and renames the previous files with an
appended number of 1 (one) through 9, such as messages.1. Each
numbered file is rolled to the next number each week. For
example, at the second week, the file messages.1 is rolled to
messages.2. If a file messages.2 already existed, it rolls to
messages.3. An existing messages.9 is deleted when
messages.8 rolls to messages.9.
The procedures for working with log files include:
126
Managing Data Domain Systems
•
Review System Log List on page 127
•
Send Log Messages to Another System on page 127
•
Add a Host on page 128
•
Remove a Host on page 128
•
Enable Sending Log Messages on page 128
•
Disable Sending Log Messages on page 129
•
Display the List and State on page 129
•
Display a Log File on page 130
•
List Log Files on page 129
•
Understand a Log Message on page 131
•
Save a Copy of Log Files on page 132
Review System Log List
To review the log file list on the system:
1. Select the system to be checked in the Navigational pane.
2. Click the Maintenance > Logs tabs.
The Log Files page shows the log file name and file size, and
the date the log was generated. Log files are automatically
named. For more information on log files, see Managing Log
Files on page 126.
3. Click a log file name to view its contents. You may be
prompted to select an application, such as Notepad.exe, to
open the file.
Send Log Messages to Another System
Some log messages can be sent from the Data Domain system to
other systems. DD OS uses syslog to publish log messages to
remote systems.
A Data Domain system exports the following facility.priority
selectors for log files. For information on managing the selectors
DD OS 5.0 Administration Guide
127
and receiving messages on a third-party system, see your vendorsupplied documentation for the receiving system.
•
*.notice—Sends all messages at the notice priority and higher.
•
*.alert—Sends all messages at the alert priority and higher
(alerts are included in *.notice).
•
kern.*—Sends all kernel messages (kern.info log files).
•
local7.*—Sends all messages from system startups (boot.log
files).
The log host commands manage the process of sending log
messages to another system.
Add a Host
To add a system to the list that receives Data Domain system log
messages, use the log host add command.
log host add host
For example, the following command adds the system log-server
to the hosts that receive log messages:
# log host add log-server
Remove a Host
To remove a system from the list that receives Data Domain
system log messages, use the log host del command.
log host del host
For example, the following command removes the system logserver from the hosts that receive log messages:
# log host del log-server
Enable Sending Log Messages
To enable sending log messages to other systems, use the log
host enable command.
log host enable
128
Managing Data Domain Systems
Disable Sending Log Messages
To disable sending log messages to other systems, use the log
host disable command.
log host disable
Display the List and State
To display the list of systems that receive log messages and
logging status (enabled or disabled), use the log host show
command.
log host show
The output is similar to the following:
# log host show
Remote logging is enabled.
Remote logging hosts
log-server
List Log Files
To view the log files, see Review System Log List on page 127, or
enter:
log list
The basic log files are:
•
messages—The system log, generated from Data Domain
system actions and general system operations.
•
space.log—Messages about disk space use by Data Domain
system components and data storage, and messages from the
cleaning process. A space use message is generated every hour.
Each time the cleaning process runs, it creates about 100
messages. All the messages are in comma-separated format
with tags that you can use to separate out the disk space or
cleaning messages. You can use third-party software to analyze
either set of messages. The tags are:
•
CLEAN for data lines from cleaning operations.
DD OS 5.0 Administration Guide
129
•
•
CLEAN_HEADER for lines that contain headers for the
cleaning operations data lines.
•
REPL for data lines from replication operations.
•
REPL_HEADER for lines that contain headers for the
replication data lines.
•
SPACE for disk space data lines.
•
SPACE_HEADER for lines that contain headers for the disk
space data lines.
ssi_request—Messages from the Data Domain Enterprise
Manager when users connect with HTTPS.
•
windows—Messages about CIFS-related activity from CIFS
clients attempting to connect to the Data Domain system.
Display a Log File
To view the log files, see Review System Log List on page 127, or use
the log view command to view a file in the list (see previous
section to list log files). With no argument, the command displays
the current messages file. When viewing the log, use the up and
down arrows to scroll through the file; use the q key to quit; enter a
slash character (/) and a pattern to search through the file.
log view [file_name]
The display of the messages file is similar to the following. The last
message in the example is an hourly system status message that
the Data Domain system generates automatically. The message
reports system uptime, the amount of data stored, NFS operations,
and the amount of disk space used for data storage (%). The hourly
130
Managing Data Domain Systems
messages go to the system log and to the serial console if one is
attached.
# log view
Jun 27 12:11:33 localhost rpc.mountd: authenticated
unmount request from perfsun-g.datadomain.com:668 for
/ddr/col1/segfs (/ddr/col1/segfs)
Jun 27 12:28:54 localhost sshd(pam_unix)[998]: session
opened for user jsmith10 by (uid=0)
Jun 27 13:00:00 localhost logger: at 1:00pm up 3 days,
3:42, 52324 NFS ops, 84763 GiB data col. (1%)
Note: GiB = Gibibytes = the binary equivalent of Gigabytes.
Understand a Log Message
1. View the log file. This can be done with the command log
view message or the command log view, or from the
Enterprise Manager (see Display a Log File on page 130).
In the log file is text similar to:
Jan 31 10:28:11 syrah19 bootbin: NOTICE: MSGSMTOOL-00006: No replication throttle schedules
found: setting throttle to unlimited.
The components of the message are:
DateTime Host Process [PID]: Severity: MSG-ModuleMessageID: Message
Severity levels, in descending order, are Emergency, Alert,
Critical, Error, Warning, Notice, Info, Debug.
2. Look for the file of log messages. A detailed description of log
messages can be obtained from the Data Domain support Web
site (https://my.datadomain.com/) for a specific DD OS release
by clicking Download Software > View > Details and
Download > Full Documentation on this Release, then Error
Message Catalog.
3. In the Error Messages Catalog, search for the message “MSG-
SMTOOL-00006.” Find the following:
DD OS 5.0 Administration Guide
131
ID: MSG-SMTOOL-00006 - Severity: NOTICE - Audience:
customer
Message: No replication throttle schedules found:
setting throttle to unlimited.
Description: The restorer cannot find a replication
throttle schedule. Replication is running with
throttle set to unlimited.
Action: To set a replication throttle schedule, run
the replication throttle add command.
4. Based on the message, one could run the replication
throttle add command to set the throttle.
Save a Copy of Log Files
To save a copy of log files, use FTP to move the files to another
machine.
1. On the Data Domain system, use the adminaccess show ftp
command to see whether FTP service is enabled. If the service
is disabled, use the command adminaccess enable ftp.
2. On the Data Domain system, use the adminaccess show ftp
command to see that the FTP access list has the IP address of
your remote machine or a class-C address that includes your
remote machine. If the address is not in the list, use the
command adminaccess add ftp ipaddr.
3. On the remote machine, open a web browser.
4. In the Address box at the top of the web browser, use FTP to
access the Data Domain system. For example:
ftp://Data Domain system_name.yourcompany.com/
Note: Some Web browsers do not automatically ask for a login
if a machine does not accept anonymous logins. In that case,
add a user name and password to the FTP line. For example:
ftp://sysadmin:your-pw@Data Domain
system_name.yourcompany.com/
5. At the login pop-up, log in to the Data Domain system as user
sysadmin.
132
Managing Data Domain Systems
6. On the Data Domain system, you are in the directory just
above the log directory. Open the log directory to list the
messages files.
7. Copy the file that you want to save. Right-click the file icon and
select Copy To Folder from the menu. Choose a location for the
file copy.
8. If you want the FTP service disabled on the Data Domain
system, after completing the file copy, use SSH to log in to the
Data Domain system as sysadmin and invoke the command
adminaccess disable ftp.
Using IPMI to Control Remote Data Domain
Systems
You can configure and use the Intelligent Platform Management
Interface (IPMI) to power up, power down, or power cycle a Data
Domain system in a remote location from a host Data Domain
system, if both systems support this standard.
IPMI runs independently of the DD OS and allows an IPMI user to
perform power management for the system, as long as the system
is connected to a power source and the Internet. The remote
system is contacted using an IP address of an Ethernet port that
has been configured for IPMI from the host Data Domain system.
This feature eliminates the need to be physically present to power
on or power off the remote system.
Caution: IPMI does not perform an orderly shutdown of the
DD OS file system and should not be used as the preferred way of
shutting down a Data Domain system. IPMI can be used in
emergency situations to remove power from a Data Domain
system that is not operating normally. IPMI can also be used after a
Data Domain system has been shutdown gracefully. The system
poweroff command should be used whenever possible and
completed before IPMI power removal.
The following sections describe IPMI use:
•
Getting Started with IPMI on page 134
•
Configuring IPMI for a Remote Data Domain System on page 136
DD OS 5.0 Administration Guide
133
•
Managing the Remote Data Domain System on page 138
Getting Started with IPMI
To use IPMI, your Data Domain systems must be able to support
the IPMI standard.
If the ability to view the boot sequence of a remote Data Domain
system is required, see the section “Configuring SOL for IPMI” in
the Additional Configuration chapter of the DD OS 5.0 Initial
Configuration Guide.
Limitations
The following Data Domain systems do not support IPMI:
•
DD2xx
•
DD4xx
•
DD560 and DD560G
Terminology
The following terms are used to describe the status and
responsibility of systems running IPMI:
134
•
Host system—This system performs the power management of
remote IPMI systems. It can manage and keep the status of
registered remote systems, and can also manage an IPMI
system that is not registered, as long as the system is accessible
on the network.
•
Remote system—A system that can be power managed by the
host system; also referred to as the target system. It does not
have to be present in the EM Navigational Tree to be power
managed. A remote system can be powered up or powered
down by the host system, depending on its powered-on state.
•
Managed system—An IPMI system that is registered and
actively monitored by the host system. This system’s BMC port
entry displays in the Network Ports pane of the IPMI page (see
View IPMI Configuration Information on page 135). The
configuration of managed systems are checked every 15
minutes.
Managing Data Domain Systems
View IPMI Configuration Information
To navigate to the IPMI page:
1. In the Navigational Tree, select the system to view.
2. Navigate to Maintenance > IPMI.
The IPMI management page displays.
The IPMI management page shows configuration information
about the currently selected system and the list of IPMI users
for that system.
Table 3-2: Network Ports
Item
Description
Port
The IPMI Ethernet port being used on the
selected system. See Set the IPMI Port on a
Remote System on page 136 for configuration
details.
Enabled
Whether the port is enabled for IPMI (Yes or No).
See Enable or Disable the IPMI Network Port on
page 137 for details on how to change the status.
DHCP
Whether the port uses DHCP to set its IP address
(Yes or No).
MAC Address
The hardware MAC address for the IPMI port.
IP Address
The IP address for the IPMI port. This port is a
logical port bmc-eth0 or bmc-eth1, or bmc0a or
bmc0b, depending on the Data Domain system
model and port. Physically, these ports use the
Ethernet ports on the motherboard.
Netmask
The subnet bit mask for the IPMI port.
Gateway
The gateway IP address used for the IPMI port.
.
Table 3-3: IPMI Users
Item
Description
User Name
The name of the user with access privileges to
power manage the remote system. See Add an
IPMI User on page 137 for configuration details.
DD OS 5.0 Administration Guide
135
Configuring IPMI for a Remote Data Domain System
Prior to performing power management on a remote system, the
remote system must be configured to use IPMI and the IPMI
network port must be enabled.
When a remote system is configured for IPMI using the Enterprise
Manager, the IP address of the network port assigned for IPMI
communication is maintained by the host system and used when
power management is necessary. If you do not configure a remote
system using the EM, you must maintain the IPMI IP address
yourself (in a notebook, for example) and enter it manually when
power management is necessary.
To configure the remote system to be managed by IPMI, you need
to set an Ethernet port as an IPMI network port and add IPMI
users:
•
Set the IPMI Port on a Remote System on page 136
•
Enable or Disable the IPMI Network Port on page 137
•
Managing IPMI Users on page 137
Note: If a system does not have the correct hardware or software
to support IPMI, a message to that effect is generated when
navigating to the configuration page.
Set the IPMI Port on a Remote System
The BMC (Baseboard Management Controller) port, a logical port
assigned to one or both of the two Ethernet ports on the
motherboard, handles the IP communication between the host
system and the remote system and must be physically connected to
the LAN.
To set the IPMI port:
1. Select the remote system in the Navigational Tree and navigate
to the IPMI page (see View IPMI Configuration Information on
page 135).
2. In the Network Ports pane of the IPMI Configuration area,
click Configure.
The Configure Port dialog window appears.
136
Managing Data Domain Systems
3. Choose how network addressing is assigned, either with
DHCP or manually (addresses use the standard IP addressing
format, for example, 192.168.10.10)).
•
To use DHCP, click the Dynamic (DHCP) radio button.
•
To manually assign network addressing, click the Static
(Manual) radio button, and enter the IP address, Netmask,
and Gateway addresses.
4. Click Apply.
The port is enabled and appears in the Network Ports pane.
Enable or Disable the IPMI Network Port
To change the status of a managed system’s IPMI network port:
•
To enable a disabled IPMI network port, in the Network Ports
pane, click the checkbox of the network port and click Enable.
•
To disable an enabled IPMI network port, in the Network Ports
pane, click the checkbox of the network port and click Disable.
Managing IPMI Users
You can add, delete, and change passwords of users who can
manage IPMI operations on the remote system.
Note: IPMI users are not the same as users configured with the
Enterprise Manager.
•
Add an IPMI User on page 137
•
Modify an IPMI User Password on page 138
•
Remove an IPMI User on page 138
Add an IPMI User
To add an IPMI user:
1. In the IPMI Users pane of the IPMI Configuration area of the
selected system, click Add.
The Add User dialog window appears.
DD OS 5.0 Administration Guide
137
2. Enter the User Name (16 or less characters) and Password in
the appropriate text boxes (reenter the password in the
VerifyPassword box).
3. Click Apply.
The user entry appears in the IPMI User pane.
Modify an IPMI User Password
To modify the password of an IPMI user:
1. In the IPMI Users pane of the IPMI Configuration area of the
host system, select the row with the user name and click
Change Password.
The Change Password dialog box appears.
2. Enter the Password in the appropriate text box (reenter the
password in the VerifyPassword box).
3. Click Update.
Remove an IPMI User
To delete an IPMI user:
1. In the IPMI Users pane of the IPMI Configuration area of the
selected system, select the row with the user name and click
Delete.
The Delete User dialog box appears.
2. Verify the user deletion and click OK.
Managing the Remote Data Domain System
To manage a remote Data Domain system:
•
Log In to an IPMI Remote Data Domain System on page 138
•
Performing Power Management on the Remote System on page 139
Log In to an IPMI Remote Data Domain System
To log in to a remote Data Domain system:
138
Managing Data Domain Systems
1. In the IPMI Power Management area, click Manage Another
System.
The IPMI Power Management dialog window appears.
2. In the Target System area, click the radio button for how to
access the remote system:
•
Managed System—Click the drop-down arrow to select the
name of a managed system.
•
Another System—Enter the IPMI IP address or hostname of
the system.
3. Enter the IPMI user name and password for the remote system.
4. Click Connect.
The IPMI Power Management dialog window appears.
Performing Power Management on the Remote System
To perform power management on the IPMI remote system:
•
Check Power Status on page 139
•
Change the Power Status on page 139
Check Power Status
The Status area of the IPMI Power Management window shows
the current power status for the target system. The Status area
always shows the current status.
Note: The Refresh icon (the blue arrows) next to the status can be
used to refresh the configuration status (for example, if the IPMI IP
address or user configuration were changed within the last 15
minutes using the CLI commands).
Click Done to close the IPMI Power Management window.
Change the Power Status
The buttons that are active to change the power status are
dependent on the current power status of the remote system. The
available options are:
DD OS 5.0 Administration Guide
139
•
Power Up—Displays when the remote system is powered off.
Clicking this button starts a power up on the remote system.
•
Power Down—Displays when the remote system is powered
on. Clicking this button starts a power down on the remote
system.
Caution: The IPMI Power Down feature does not perform an
orderly shutdown of the DD OS. This option can be used if the DD
OS hangs and cannot be used to gracefully shutdown a system.
•
Power Cycle—Displays when the remote system is powered
on. Clicking this button starts a power cycle on the remote
system.
•
Manage Another System—Click this button to log in to another
IPMI remote system.
Click Done to close the IPMI Power Management window.
140
Managing Data Domain Systems
4 Monitoring Data Domain
Systems
For monitoring Data Domain systems, the Enterprise Manager
provides, at a glance, a composite view of important statistics for a
group of Data Domain systems, as well as detailed status for a
single system and its components.
You can monitor Data Domain system operation with a variety of
Enterprise Manager tools: reporting tools that automatically send
emails containing status and alerts, log files that contain a record of
important system events, and SNMP monitoring using third-party
SNMP managers.
Automatic logging and reporting tools that provide system status
to Customer Support and designated email recipients are
important in monitoring system operation. Their setup and use are
described in this chapter.
This chapter includes the following topics.
•
Monitoring with the DD Network Summary on page 141
•
Monitoring a Single System on page 144
•
Monitoring Chassis Status on page 147
•
Working with Alerts on page 150
•
Working with Reports on page 163
•
Viewing the Task Log on page 170
Monitoring with the DD Network Summary
The Enterprise Manager DD Network Summary presents key
statistics to help you understand the health of managed Data
Domain systems. The System Status, Space Usage, and Systems
DD OS 5.0 Administration Guide
141
panes provide key factors to help you recognize problems
immediately and to allow you to drill down to the system
exhibiting the problem.
Check DD Network Status
1. Select the DD Network icon in the Navigational pane.
2. Click the Summary tab.
The DD Network Summary view appears. It presents a highlevel view of important information for the systems in the
network. The summary view contains the System Status, Space
Usage, and Systems panes.
142
Monitoring Data Domain Systems
About the System Status Pane
System Status summarizes the following about the network.
Item
Description
Systems with Alerts The number of systems with active alerts.
Reachable Systems
The total number of systems reporting to the Enterprise
Manager. A system may not be reporting if:
• the system is offline
• the network path to the system is down
• a SSL certificate error occurred
Total Systems
The total number is the number of Data Domain systems
configured on this EM system.
About the Space Usage Pane
Space Usage summarizes the total networked storage amounts.
Item
Description
Total Pre-Compression
The total amount of data sent to all Data Domain systems
by backup servers. This is the data written before
compression.
Total Post-Compression
The total data amount of all systems after compression
has been performed.
Average Compression
(Reduction)
The average amount of compression as calculated on each
individual system.
DD OS 5.0 Administration Guide
143
About the Systems Pane
The Systems pane summarizes important data for each of the
systems.
Item
Description
System
The names of a system in the DD network.
Status
If the system is reachable, No Alerts or n Alerts displays,
where n is the number of active alerts. The status line
changes to red with an active alert.
If the system is not reachable, the status column displays
one of the following:
• Unknown
• Not reachable
• SSL certificate error
File System Status
The status of the file system. Status can be:
• Running
• Disabled
• N/A—The system is not reachable.
Compression
(Reduction)
The average amount of compression for the listed system
or N/A if the system is not reachable.
Space Usage
A bar graph showing the size, used, available, and
cleanable disk space (see Space Usage on page 187) or
N/A if the system is not reachable.
Clicking a system name in the Systems pane take you to that
system’s Summary page described in Monitoring a Single System on
page 144.
Monitoring a Single System
To help you proactively recognize trouble signs that keep a system
from operating normally, the Enterprise Manager presents system
alerts, graphs, and logs. Procedures for working with these tools
are provided in this section
Sometimes, the system needs troubleshooting from Data Domain
Customer Support. This section provides procedures for obtaining
and sending system logs and reports.
144
Monitoring Data Domain Systems
Check the System’s Status Summary
Click the plus sign ( + ) next to DD Network in the Navigational
pane and click a system name. The Status > Summary view
appears.
The Summary page shows important high-level information about
the selected system. It contains the Alerts, File System, Services,
and Hardware panes. Clicking any one of these panes takes you to
the area of the Enterprise Manager that provides more detail on
the topic
About the Alerts Pane
The Alerts pane shows the count, type, and the text of the most
recent alerts in the system, for each subsystem (Hardware,
Replication, File System, and Others).
Click an alert to go to the Alerts page. See View Current Alerts on
page 152.
DD OS 5.0 Administration Guide
145
About the File System Pane
The File System pane show a summary of file system statistics,
including the operational status, compression factor, and data
written statistics.
Click in the File System pane to go to the File System page. See
Monitoring File System Usage on page 185.
About the Services Pane
The Services pane presents the status of the system services, such
as Replication, VTL, CIFS, NFS, and DD Boost. The color-coded
box shows the operational status (green for normal, yellow for
warnings, or red for errors). The total numbers for warnings and
errors are displayed as well.
Click a service to go to its area of the Enterprise Manager.
•
See Checking Replication Status on page 374.
•
See Working with VTL on page 285.
•
See Monitoring CIFS Operation on page 254.
•
See View NFS Status on page 266.
•
Monitoring DD Boost on page 279.
About the Hardware Pane
The Hardware pane presents the status of the system hardware,
such as disk drives and optional enclosures. The color-coded icons
show the operational status (green for normal, or red for degraded
or failed). A count shows the number of enclosures, and the
number of drives per condition (operational, spare, and failed).
Note: Counts on the dashboards refer to the total number of
errors, not the index number of the component exhibiting the
error.
Click an icon to go to the Hardware > Storage page (see Managing
System Storage on page 61).
146
Monitoring Data Domain Systems
Check the System Details
1. Select the system to be checked in the Navigational pane.
2. Click the Maintenance > System tabs.
The System pane appears and reports the model number of the
system, the DD OS version, and the amount of time since the
last reboot (System Uptime).
Monitoring Chassis Status
The Chassis view provides a block drawing of the chassis and its
components—disks, fans, power supplies, NVRAM, CPUs,
Memory, and so forth. The components that appear depend upon
the Data Domain system model.
1. Select the Data Domain system in the Navigational pane.
2. Click the Hardware > Chassis tabs.
The Chassis view appears, showing the system components.
Enclosures for systems show below the chassis.
Components with problems show yellow (warning) or red
(error); otherwise, the component displays OK.
3. Hover the cursor over a component to see detailed status.
The view includes information for:
•
Fans on page 148
•
Temperature on page 148
•
Power Supply on page 149
•
PCI Slots on page 150
•
NVRAM on page 150
DD OS 5.0 Administration Guide
147
Fans
Fans are numbered and correspond to their location in the chassis.
The tooltip provides the following.
Item
Description
Description
The location within the chassis and name of the
fan.
Level
The current operating speed range (Low,
Medium, High).
The operating speed changes depending on the
temperature inside the chassis.
Status
The health of the fan.
Temperature
The tooltips shows temperature measurements for the CPUs,
baseboard, midplane, and front panel of the chassis.
Item
Description
Description
The location within the chassis being measured.
Components are dependent on the model. Some
examples are:
• CPU 0 relative
• CPU 1 relative
• Baseboard
• Mid-plane
• Front panel
C/F
148
The C/F column displays temperature in degrees
Celsius and Fahrenheit.
For CPUs (CPU n Relative), this column displays
the number of degrees that each CPU is below the
maximum allowable temperature and the actual
temperature for the interior of the chassis (chassis
ambient).
Monitoring Data Domain Systems
Item
Description
Status
Shows the temperature status:
• OK—The temperature is acceptable
• Critical—The temperature is higher than the
shutdown temperature.
• Warning—The temperature is higher than the
warning temperature (but lower than the
shutdown temperature).
If the overall temperature for a Data Domain system reaches
50 degrees Celsius (122 degrees Fahrenheit), a warning message is
generated. If the temperature reaches 60 degrees Celsius
(140 degrees Fahrenheit), the Data Domain system shuts down.
The CPU temperature value is relative to the shutdown
temperature, and depends on the Data Domain system model.
With newer models, the numbers are negative when the status is
OK and move toward 0 (zero) as CPU temperature increases. If a
CPU temperature reaches 0 Celsius, the Data Domain system shuts
down. With older models, the numbers are positive. If the CPU
temperature reaches 80 Celsius (176 degrees Fahrenheit), the Data
Domain system shuts down.
Power Supply
The tooltips shows the status of the power supply (OK or
DEGRADED if a power supply is absent or failed). You can also
look at the back panel of the enclosure and check the LED for each
power supply to identify those that need replacing.
DD OS 5.0 Administration Guide
149
PCI Slots
The tooltips shows memory and battery information about the
various cards installed.
Item
Description
Component
The component within the chassis being
measured:
• Memory Size
• Battery 1
• Battery 2
Value
• Memory Size—size in MBs
• Battery 1—Percent charged, status
(Enabled/Disabled)
• Battery 2—Percent charged, status
(Enabled/Disabled)
NVRAM
NVRAM shows information about the Non-Volatile RAM.
Item
Description
Component
The component within the chassis being
measured:
• Memory Size
• Battery 1
• Battery 2
Value
• Memory Size—size in MBs
• Battery 1—Percent charged, status
(Enabled/Disabled)
• Battery 2—Percent charged, status
(Enabled/Disabled)
Working with Alerts
During normal operation, a Data Domain system may produce
warnings or encounter failures whereby administrators must be
150
Monitoring Data Domain Systems
informed immediately. This communication is performed by
means of an alert.
Alerts are sent out to designated individuals or groups so that
appropriate actions can be taken promptly.
Alerts are sent as email (immediately via the notification settings
or cumulatively as Daily Alert Summary email) and logged on the
Current Alerts page. A subset of alerts are also sent as SNMP traps.
See the DD OS 5.0 Command Reference Guide for the full list of traps
(they are also documented in the SNMP MIB).
The Alerts views present lists of current and historical system
alerts, and clicking on an alert shows its details. The Alerts view
also allows you to configure alert notification settings and set
when and to whom daily alert summaries are sent.
To access the Alerts view:
1. Select the system in the Navigational pane.
2. Click the Status > Alerts tabs.
The Alerts page appears. It contains tabs for:
•
Working with the Current Alerts Page on page 151
•
Working with the Alerts History Page on page 153
•
Working with the Notification View on page 155
•
Working with the Daily Alert Summary Page on page 159
Working with the Current Alerts Page
The Current Alerts page list the alerts on the selected system that
have not been corrected or manually cleared. A total of the current
alerts displays at the bottom right of the list pane.
You can perform the following tasks on the Current Alert page:
•
View Current Alerts on page 152
•
Filter Current Alerts on page 153
•
Clear a Current Alert on page 153
DD OS 5.0 Administration Guide
151
View Current Alerts
The first pane lists the current alerts which displays the following
information. Clicking an alert in the list shows additional
information in the Details pane, which follows:
152
Item
Description
ID
A unique numerical identifier for the alert.
Message
The alert message text.
Severity
The level of seriousness of the alert.For example,
warning, critical, info, emergency,
Date
The time and date the alert occurred.
Class
The subsystem where the alert occurred.
Object
The physical component where the alert is
occurring.
Item
Description
Alert ID
A unique numerical identifier for the alert.
Name
A textual identifier for the alert.
Message
The alert message text.
Severity
The level of seriousness of the alert.For example,
warning, critical, info, emergency.
Class
The subsystem and device where the alert occurred.
Date
The time and date the alert occurred.
Object ID
The physical component where the alert is
occurring.
Event ID
An event identifier.
Description
More descriptive information about the alert.
Action
A suggestion to remedy the alert.
SNMP OID
SNMP object ID.
Monitoring Data Domain Systems
Filter Current Alerts
To rearrange or search the list of current alerts:
1. In the Filter By area, click the Severity and Class drop-down
lists to expose only alerts that pertain to those choices.
2. Click Update.
All alerts not matching the Severity and Class are removed
from the list.
To remove filtering and return to the full listing of current
alerts, click Reset.
Clear a Current Alert
An alert is automatically removed from the Current Alerts list
when the underlying situation is corrected or when manually
cleared. For example, an alert about a fan failure is removed when
the fan is replaced with a working unit.
To manually clear an alert and remove it from the Current Alerts
list:
1. Click the checkbox of the alert in the list.
2. Click Clear.
The alert is moved to the Alerts History list.
Working with the Alerts History Page
The Alerts History page lists cleared alert messages with the most
recent alert listed first. This page can be used to see how healthy a
Data Domain system has been in the past and to track the actions
that were taken to keep the system healthy. It is useful in spotting
trends and avoiding problems.
You can perform the following tasks on the Alert History page:
•
View Alerts History on page 154
•
Filter Alerts History on page 155
DD OS 5.0 Administration Guide
153
View Alerts History
The first pane lists the historical alerts which displays the
following information. Clicking an alert in the list shows
additional information in the Details pane, which follows:
154
Item
Description
ID
A unique numerical identifier for the alert.
Message
The alert message text.
Severity
The level of seriousness of the alert.For example,
warning, critical, info, emergency,
Date
The time and date the alert occurred.
Class
The subsystem where the alert occurred.
Object
The physical component where the alert is
occurring.
Status
The current disposition of the alert (for example,
Posted or Cleared).
Item
Description
Alert ID
A unique numerical identifier for the alert.
Name
A textual identifier for the alert.
Message
The alert message text.
Severity
The level of seriousness of the alert.For example,
warning, critical, info, emergency,
Class
The subsystem and device where the alert occurred.
Date
The time and date the alert occurred.
Object ID
The physical component where the alert is
occurring.
Event ID
An event identifier.
Additional
Information
More descriptive information about the alert.
Type
The type of alert.
Status
The status of the alert.
Monitoring Data Domain Systems
Item
Description
Clear By
The user name that cleared the alert.
Filter Alerts History
The Alerts History alert list can be rearranged with the following
options:
•
Click any diamond in a column heading to reverse the listing.
•
Use the Filter By options to search for the Severity, Date, Class,
and Status options, then Click Update.
•
Use the Other option in the Date list to set a specific start and
end date for when alerts were closed using the calendar
exposed with the calendar icon.
•
Click Reset to return to the default, where the latest alert is
listed first.
Working with the Notification View
The Notification view lists the group of email recipients who
receive alert notifications and allows you to view and configure the
notification groups.
You can perform the following tasks on the Notifications page:
•
View the Notifications List on page 155
•
Filter the Notifications List on page 156
•
Add a Notification Group on page 156
•
Verify Subscriber Emails in a Notification Group on page 157
•
Modify a Notification Group on page 157
•
Delete a Notification Group on page 158
•
Reset a Notification Group on page 158
•
Manage a Subscriber List on page 158
View the Notifications List
The first pane lists the notification groups which displays the
following information. Clicking a group in the list shows Class
DD OS 5.0 Administration Guide
155
Attributes and Subscribers in the Detailed Information pane,
which follows:
Item
Description
Group Name
The name of the group receiving the notification.
Class
The number of classes being tracked.
Subscribers
The number of email subscribers in the group.
Item
Description
Class Attributes
The name of a class and the severity ranking that
will trigger an alert.
Subscribers
The email addresses of subscribers in the group.
Filter the Notifications List
To filter (or search for an item) in the notifications group list, type a
group name and/or subscriber email in the appropriate text box in
Filter By area, and click Update. The result is brought to the top of
the notification list.
Note: Click Reset to return the group list to the default order.
Add a Notification Group
Alert notification is completely configurable, but by default, alerts
are sent to the following:
•
WARNING alerts are sent to the recipients specified in the
autosupport email list. (See Managing Autosupport Reporting on
page 124.)
•
CRTICAL alerts are sent to the recipients specified in the alerts
email list. (See Configure the Autosupport Mailing List on
page 118.)
To create a notification group:
1. Click Add.
The Add Group dialog window appears.
2. Type the name of the group in the Group Name text box.
156
Monitoring Data Domain Systems
3. Click the checkbox of one or more classes of which to be
notified.
4. Click the drop-down list to change the default severity level
(Warning) and select another level.
5. Click OK.
6. Click the checkbox of the group, now in the Notifications
group list, and click Modify.
The Modify Group dialog window appears.
7. Click Update Subscribers in the left pane.
8. In the Subscribers pane, click the + icon.
The Email Address dialog window appears.
9. Enter the email address of a subscriber and click OK.
10. Repeat steps 8 and 9 for each subscriber that needs to ba added
to the group.
11. Click Finish.
Verify Subscriber Emails in a Notification Group
To send a test email to subscribers in a notification group:
1. Click More Tasks and select Send Test Alert.
The Send Test Alert dialog window appears.
2. In the Notification Groups pane, click the checkboxes of the
groups to receive the test email and click Next.
3. In the Additional Email Addresses pane, add or modify email
addresses, if necessary.
4. Click Send Now.
Modify a Notification Group
To modify the attribute classes in an existing group:
1. Click the checkbox of the group in the Notifications group list,
and click Edit in the Class Attributes pane of the Detailed
Information area.
The Edit Group dialog window appears.
DD OS 5.0 Administration Guide
157
2. Click (or deselect) the checkbox of one or more classes.
3. Click the menu to change the severity level and select another
level.
4. Click OK.
Delete a Notification Group
To delete one or more existing notification group:
1. Click one or more checkboxes of groups in the Notifications
group list, and click Delete.
The Delete Group dialog window appears.
2. Verify the deletion and click OK.
Reset a Notification Group
To remove all notification groups that were added and any
changes to the Default group:
1. Click More Tasks and select Reset Notification Groups.
The Reset Notification Groups dialog window appears.
2. Click Yes in the verification dialog window and OK.
Manage a Subscriber List
To add, modify, or delete email addresses from a subscriber list:
1. Click the checkbox of the group in the Notifications group list,
and click Edit in the Subscribers pane of the Detailed
Information area.
The Edit Subscribers dialog window appears.
2. Manage a subscriber email:
158
•
To add a subscriber, click the + icon and enter the email
address in the Email Address dialog window, and click
OK.
•
To modify an email address, click the checkbox of the email
address in the Subscriber Email list and click the pencil
icon. Edit the email address in the Email Address dialog
window, and click OK.
Monitoring Data Domain Systems
•
To delete an email address, click the checkbox of the email
address in the Subscriber Email list and click the X icon.
Working with the Daily Alert Summary Page
An email containing a summary log messages for the last 24 hours
can be emailed to designated subscribers:
1. If the default deliver time of 8 AM is not acceptable, click
Schedule in the Delivery Time pane.
The Schedule Alert Summary dialog window appears.
2. Click the drop-down lists to select the hour, minute, and
AM/PM, and click Finish.
3. Click Configure/Edit in the Subscribers pane.
The Daily Alert Summary Mailing List dialog window appears.
4. Manage a subscriber email:
•
To add a subscriber, click the + icon and enter the email
address in the Email Address dialog window, and click
OK.
•
To modify an email address, click the checkbox of the email
address in the Subscriber Email list and click the pencil
icon. Edit the email address in the Email Address dialog
window, and click OK.
•
To delete an email address, click the checkbox of the email
address in the Subscriber Email list and click the X icon.
5. Click Finish.
Check Active Users
1. From the Navigational pane, select the system.
2. Click the Status > Active Users tabs.
The Active Users page appears.
Item
Description
Name
User name of the logged-in user.
DD OS 5.0 Administration Guide
159
Item
Description
Idle
Time since last activity of user.
Last Login From
System from which the user logged in.
Last Login Time
Datestamp of when user logged in.
TTY
Terminal notation for CLI login.
Session
Identifier of the user session.
Note: To manage local users, click the Go to Active Users link (see
Manage Local User Access to the System on page 103).
Check System Statistics
The Performance Graph pane shows the performance of several
subsystems in the system. It contains graphs that show real-time
statistics for the CPU, the network, file system operation, disk
traffic, and so forth.
1. Select the system in the Navigational pane.
2. Click the Status > Stats tabs.
The Performance Graphs page appears.
160
Monitoring Data Domain Systems
Each graph shows a percentage of usage over the last 200 seconds.
Click Pause to temporarily stop the charting. The graphs are:
•
CPU on page 161
•
Network on page 161
•
NFS on page 162
•
Disk on page 162
•
Replication on page 162
•
FS ops on page 162
CPU
The percentage of time that all CPUs are busy.
Network
The amount of data in Megabytes per second passing through each
Ethernet connection. One line appears for each Ethernet port.
DD OS 5.0 Administration Guide
161
NFS
•
recv %—The proportion of NFS-busy time spent waiting for
data on the NFS socket.
•
proc %—The proportion of NFS-busy time spent servicing
requests.
•
send %—The proportion of NFS-busy time spent sending data
out on the socket.
Disk
The amount of data in Mebibytes (binary equivalent of Megabytes)
per second going to and from all disks in the Data Domain system.
Note: 1 Mebibytes = 1 MiB = 220 bytes = 1,048,576 bytes
Replication
(Displays only if the Replicator feature is licensed)
•
KB/s in—The total number of kilobytes per second received by
this side from the other side of the Replicator pair. For the
destination, the value includes backup data, replication
overhead, and network overhead. For the source, the value
includes replication overhead and network overhead.
•
KB/s out—The total number of kilobytes per second sent by
this side to the other side of the Replicator pair. For the source,
the value includes backup data, replication overhead, and
network overhead. For the destination, the value includes
replication and network overhead.
FS ops
(File system operations per second)
162
•
NFS ops/s—The number of NFS operations per second.
•
CIFS ops/s—The number of CIFS operations per second.
Monitoring Data Domain Systems
Working with Reports
Data Domain Enterprise Manager allows you to generate reports
to track space usage on a Data Domain system for a period of up to
2 years back. In addition, you can generate reports to help
understand replication progress. You can view reports on file
system daily and cumulatively, over a period of time.
The Reports view is divided into two sections. The upper section
allows you to create the various types of reports. The lower section
allows you to view and manage saved reports.
Reports display in a table format, and as charts, depending on the
type of report. You can select a report for a specific Data Domain
system and specify a specific time period.
The reports display historical data, not real-time data. Once the
report is generated, the charts remain static and do not update.
Examples of type of information administrators can obtain from
reports are:
•
The amount of data that was backed up to the system and the
amount of de-duplication that was achieved
•
Estimates of when the Data Domain system will be full, based
on weekly space usage trends
•
Backup and compression utilization based on selected intervals
•
Historical cleaning performance, (including duration of
cleaning cycle, amount of space that can be cleaned, and
amount of space that was reclaimed)
•
Amount of WAN bandwidth used by replication, (for source
and destination, and if bandwidth is sufficient to meet
replication requirements)
•
System performance and resource utilization
Types of Reports
The types of reports that are available are:
•
File System Cumulative Space Usage Report on page 164
•
File System Daily Space Usage Report on page 165
DD OS 5.0 Administration Guide
163
•
Replication Status Report on page 166
•
Replication Summary Report on page 167
Note: Replication reports can only be created if the system has a
replication license and a valid replication context configured.
File System Cumulative Space Usage Report
File System Cumulative Space Usage Reports include cumulative
pre-compression, post-compression, and total compression factor
data on the system during the specified duration. This report is
used to analyze how much data is backed up, the amount of
deduplication performed, and how much space is consumed.
The File System Cumulative Space Usage report lists the following
information:
Item
Description
File System—Usage
Data Written (GiB)
The amount of data written before
compression. This is indicated by a purple shaded area on the report.
Time
The timeline for data that has been written.
The time displayed on this report changes
based upon the Duration selection when the
chart was created.
Total Compression
Factor
The total compression factor reports the
compression ratio.
File System—Consumption
164
Used (GiB)
The amount of space used after compression.
Time
The date the data was written. The time
displayed on this report changes based upon
the Duration selection when the chart was
created.
Post Comp
The amount of storage used after compression.
Usage Trend
The dotted black line shows the storage usage
trend. When the line reaches the red line at the
top, the storage is almost full.
Monitoring Data Domain Systems
Item
Description
Size and Cleaning
Size is the Total Capacity on a Data Domain
system. Cleaning is the Cleaning cycle (start
and end time for each cleaning cycle).
Administrators can use this information to
decide when space cleaning should run and
what throttle to set.
File System Weekly Cumulative Capacity
Date (or Time for 24
hour report)
The last day of each week, based on the criteria
set for the report.
Data Written (PreComp)
The cumulative data written before
compression for the specified time period.
Used (Post-Comp)
The cumulative data written after compression
for the specified time period.
Total Compression
Factor
The total compression factor. This is indicated
by a black line on the report.
File System Daily Space Usage Report
File System Daily Space Usage Reports include daily precompression written, post-compression used, and total
compression factor on the system during the specified duration.
This report is used to analyze daily activities
The File System Daily Space Usage report lists the following
information.
Item
Description
File System Daily Space Usage
Space Used (GiB)
The amount of space used. Post-comp is red
shaded area. Pre-Comp is purple shaded area.
Time
The date the data was written.
Compression Factor
The total compression factor. This is indicated
by a black square on the report.
File System Daily Capacity Utilization
Date
DD OS 5.0 Administration Guide
The date the data was written.
165
Item
Description
Data Written
(Pre-Comp)
The amount of data written pre-compression.
Used (Post-Comp)
The amount of storage used after compression.
Total Compression
Factor
The total compression factor.
File System Weekly Cumulative Capacity
Start Date
The first day of the week for this summary.
End Date
The last day of the week for this summary.
Available
Total amount of storage available.
Consumed
Total amount of storage used.
Data (Post -Comp)
The cumulative data written before
compression for the specified time period.
Replication (PostComp)
The cumulative data written after compression
for the specified time period.
Overhead
Extra space used for non-data storage.
Reclaimed by Cleaning The total space reclaimed after cleaning.
Replication Status Report
Replication Status reports include the status of the current
replication job running on the system. This report is used to
provide a snapshot of what is happening for all replication
contexts to help understand the overall replication status on a Data
Domain System
The Replication Status report lists the following information:
Item
Description
Replication Context Summary
166
ID
The Replication Context identification.
Source
Source system name.
Destination
Destination system name.
Type
Type of replication context: Directory,
Collection, or Pool.
Monitoring Data Domain Systems
Item
Description
Status
Replication status types include: Error,
Normal.
Sync as of Time
Time and date stamp of last sync.
Estimated Completion
The estimated time the replication should be
complete.
Pre-Comp Remaining
The amount of storage remaining precompression. This only applies to Collection
type.
Post-Comp Remaining The amount of storage remaining postcompression. This only applies to Directory
and Pool types.
Replication Context Error Status
ID
The Replication Context identification.
Source
Source system name.
Destination
Destination system name.
Type
Replication context type: Directory or Pool.
Status
Replication status types include: Error,
Normal, and Warning.
Description
Description of the error.
Replication Destination Space Availability
Destination
Destination system name.
Space Availability
(GiB)
Total amount of storage available.
Replication Summary Report
Replication Summary reports include network in and network out
usage for all replication, in addition to per-context levels on the
system during the specified duration. This report is used to
analyze network utilization during the replication process to help
understand the overall replication performance on a Data Domain
System.
DD OS 5.0 Administration Guide
167
The Replication Summary report lists the following information
for the system and for the selected context:
Item
Description
Replication Summary (shown for system and context)
Network In (Mbps)
The amount of date entering the system.
Network In is indicated by a thin red line.
Network Out (Mbps)
The amount of data sent from the system.
Network Out is indicated by a thick red line.
Time
The date the data was written.
Pre-Comp Remaining
(MiB)
The amount of pre-compression storage space
available. Pre-Comp Remaining is indicated
by a blue line.
Create a Report
To create a report:
1. Click the Reports button on the Navigational pane.
The Reports pane appears.
2. Click the name of the report in the New Reports area (see Types
of Reports on page 163 for descriptions of available reports).
3. From the System menu, select the system for which you want
to create a report .
4. Select additional option for the report (based on the type of
report:
•
Duration— Last 4 Weeks, Last 7 Days, Last 24 Hours, or
Custom
•
Contexts—Available contexts for working with the
Replication Summary report
5. If you select Custom, enter Start and End Date and Time in the
additional fields.
6. Click Create.
The report displays and is added to the end of the Saved
Reports list.
168
Monitoring Data Domain Systems
Note: If the report does not display, verify the option to block
pop-up windows is enabled on your browser.
View Saved Reports
Once you have generated some reports, you can view these reports
by selecting them from the Saved Reports section at the bottom of
the Reports pane.
1. Click the Reports button on the Navigational pane.
The Reports view appears.
2. Check the box for the report you want to view in the Saved
Reports area.
3. Click View.
The report displays in a new browser window.
Note: If the report does not display, verify the option to block
pop-up windows is enabled on your browser.
Print Saved Reports
To print a saved report, follow these steps:
1. Click the Reports button on the Navigational pane.
The Reports view appears.
2. Check the box for the report you want to view in the Saved
Reports pane.
3. Click View.
The report displays in a new browser window.
4. In the browser window, from the File menu, select Print.
Delete Saved Reports
1. Click the Reports button on the Navigational pane.
The Reports view appears.
DD OS 5.0 Administration Guide
169
2. Check the box for the report you want to delete under the
Saved Reports pane. You can select multiple reports to delete.
Click the box at the top to select all the reports to delete.
3. Click Delete.
A warning dialog box asks if you are sure you want to delete
the selected reports.
5. Click OK and Close.
Rename Saved Reports
1. Click the Reports button on the Navigational pane.
The Reports view appears.
2. Check the box for the report you want to rename under the
Saved Reports pane.
3. Click Rename.
The Rename Report dialog box appears.
4. Click in the New Report Name text box and enter a new name
for your report.
It is a good idea to give the report a simple, descriptive name
you can easily recognize.
5. Click OK.
Viewing the Task Log
The Task Log shows the status of currently running jobs, such as,
replication or system upgrades. An EM Management Station can
manage several Data Domain systems and can initiate tasks on
those systems. If a task is initiated on a remote system, the
progress of that task is tracked in the Management Station's Task
Log, not on the remote system’s Task Log.
To view the Task Log:
1. Click the Task Log button on the Navigational pane.
The Tasks pane appears.
170
Monitoring Data Domain Systems
2. Select a filter by which to display the Task Log from the Filter
By drop-down list. You can choose All, In Progress, Failed, or
Completed.
The Tasks pane displays the status of all tasks based on the
filter you select and refreshes every 60 seconds.
3. To manually refresh the Tasks pane:
•
Click Update to update the Task log.
•
Click Reset to display all tasks and remove any filters you
have set.
4. Click to select a task in the Task Log pane. The Detailed
Information pane at the bottom displays more details on the
selected task.
The following status information displays in the Detailed
Information pane:.
Item
Description
System
The descriptive name of the Data Domain
system.
Task Description
A description of the type of task.
Start Time
The date and time the task started.
Status
The status of the task (completed, failed, or in
progress).
End Time
The date and time the task ended.
Error Message
An applicable error message, if any.
5. To return to the managing a system, select the system in the
DD Network tree in the Navigational pane.
DD OS 5.0 Administration Guide
171
172
Monitoring Data Domain Systems
5
Working with the File System
This chapter includes the following topics.
•
About the File System on page 173
•
Monitoring File System Usage on page 185
•
Managing File System Operations on page 193
•
Managing Encryption of Data at Rest on page 201
•
Fast Copy Operations on page 206
About the File System
The topics that describe the file system include:
•
How the File System Stores Data on page 173
•
How the File System Reports Space Usage on page 174
•
How the File System Uses Compression on page 175
•
How the File System Implements Data Integrity on page 176
•
How the File System Reclaims Storage Space with File System
Cleaning on page 179
•
Supported Interfaces on page 180
•
Supported Backup Software on page 180
•
Data Streams Sent to a Data Domain System on page 181
•
File System Limitations on page 183
How the File System Stores Data
A Data Domain system is designed as a very reliable online system
for backups and archive data. As new backups are added to the
DD OS 5.0 Administration Guide
173
system, old backups are aged out. Such removals are normally
done under the control of backup or archive software based on the
configured retention period.
When backup software expires or deletes an old backup from a
Data Domain system, the space on the Data Domain system
becomes available only after the Data Domain system cleans the
data of the expired backups from disk. A good way to manage
space on a Data Domain system is to retain as many online
backups as possible with some empty space (about 20% of total
space available) to comfortably accommodate backups until the
next scheduled cleaning run, which runs once a week by default.
Some storage capacity is used by Data Domain systems for internal
indexes and other metadata. The amount of storage used over time
for metadata depends on the type of data stored and the sizes of
the stored files. With two otherwise identical systems, one system
may, over time, reserve more space for metadata and have less
space for actual backup data than the other if different data sets are
sent to each system.
Space utilization on a Data Domain system is primarily affected
by:
•
The size and compressibility of the backup data.
•
The retention period specified in the backup software.
High levels of compression result when backing up datasets with
many duplicates and retaining them for long periods of time.
How the File System Reports Space Usage
All Data Domain Enterprise Manager windows and system
commands display storage capacity using base 2 calculations. For
example, a command that displays 1 GiB of disk space as used is
reporting 230 bytes = 1,073,741,824 bytes.
174
•
1 KiB = 210 bytes = 1024 bytes
•
1 MiB = 220 bytes = 1,048,576 bytes
•
1 GiB = 230 bytes = 1,073,741,824 bytes
•
1 TiB = 240 bytes = 1,099,511,627,776 bytes
Working with the File System
How the File System Uses Compression
The file system uses compression to optimize available disk space
when storing data, so disk space is calculated two ways: physical
and logical. (See Data Compression on page 29 for details about
compression.) Physical space is the actual disk space used on the
Data Domain system. Logical space is the amount of
uncompressed data written to the system.
The file system space reporting tools (Enterprise Manager graphs
and filesys show space command, or the alias df) show both
physical and logical space. These tools also report the size and
amounts of used and available space.
From clients that mount a Data Domain system, use your usual
tools for displaying a file system’s physical use of space.
The Data Domain system generates warning messages as the file
system approaches its maximum capacity. The following
information about data compression gives guidelines for disk use
over time.
The amount of disk space used over time by a Data Domain system
depends on:
•
The size of the initial full backup.
•
The number of additional backups (incremental and full)
retained over time.
•
The rate of growth of the backup dataset.
For data sets with typical rates of change and growth, data
compression generally matches the following guidelines:
•
For the first full backup to a Data Domain system, the
compression factor is generally 3:1.
•
Each incremental backup to the initial full backup has a
compression factor generally in the range of 6:1.
•
The next full backup has a compression factor of about 60:1.
Over time, with a schedule of weekly full and daily incremental
backups, the aggregate compression factor for all the data is about
20:1. The compression factor is lower for incremental-only data or
DD OS 5.0 Administration Guide
175
for backups with less duplicate data. Compression is higher when
all backups are full backups.
Types of Compression
A Data Domain system compresses data at two levels: global and
local. Global compression compares received data to data already
stored on disks. Duplicate data does not need to be stored again,
while data that is new is locally compressed before being written
to disk.
Local Compression
A Data Domain system uses a local compression algorithm
developed specifically to maximize throughput as data is written
to disk. The default algorithm (lz) allows shorter backup windows
for backup jobs but uses more space. Local compression options
provide a trade-off between slower performance and space usage.
To change compression, see Change Local Compression on page 198.
Changing the algorithm immediately affects any new data written
to the system. Any data already stored on the system will be
recompressed during the next cleaning run, which may take much
longer to run than usual.
How the File System Implements Data Integrity
Multiple layers of data verification are performed by the DD OS
file system on data received from backup applications to ensure
that data is written correctly to the Data Domain system disks. This
ensures the data can be retrieved without error.
The DD OS is purpose-built for data protection and it is
architecturally designed for data invulnerability. There are four
critical areas of focus, described in the following sections.
End-to-End Verification
End-to-end checks protect all file system data and metadata. As
data comes into the system, a strong checksum is computed. The
data is deduplicated and stored in the file system. After all data is
flushed to disk, it is read back, and re-checksummed. The
176
Working with the File System
checksums are compared to verify that both the data and the file
system metadata are stored correctly.
Figure 5-1: End-to-End Verification
Fault Avoidance and Containment
New data never puts old data at risk. Data Domain uses a logstructured file system that never overwrites or updates existing
data. New data (in red) is always written in new containers and
appended to existing old containers (in blue). The old containers
and references remain in place and are safe even in the face of
software bugs or hardware faults that may occur when storing
new backups.
DD OS 5.0 Administration Guide
177
Figure 5-2: Fault Avoidance and Containment
Continuous Fault Detection and Healing
Continuous fault detection and healing protects against storage
system faults. The system periodically rechecks the integrity of the
RAID stripes, and uses the redundancy of the RAID system to heal
any faults. During a read, data integrity is reverified and any
errors are healed on the fly.
Figure 5-3: Fault Detection and Healing
178
Working with the File System
File System Recoverability
Data is written in a self-describing format. The file system can be
re-created, if necessary, by scanning the log and rebuilding it from
the metadata stored with the data.
Figure 5-4: File System Recoverability
How the File System Reclaims Storage Space with
File System Cleaning
When your backup application (such as NetBackup or NetWorker)
expires data, the data is marked by the Data Domain system for
deletion. However, the data is not deleted immediately; it is
removed during a cleaning operation.
•
During the cleaning operation, the file system is available for
all normal operations including backup (write) and restore
(read).
•
Although cleaning uses a significant amount of system
resources, cleaning is self-throttling and gives up system
resources in the presence of user traffic.
•
Data Domain recommends running a cleaning operation after
the first full backup to a Data Domain system. The initial local
compression on a full backup is generally a factor of 1.5 to 2.5.
An immediate cleaning operation gives additional
compression by another factor of 1.15 to 1.2 and reclaims a
corresponding amount of disk space.
•
When the cleaning operation finishes, a message is sent to the
system log giving the percentage of storage space that was
reclaimed.
DD OS 5.0 Administration Guide
179
A default schedule runs the cleaning operation every Tuesday at 6
a.m. (tue 0600). You can change the schedule or you can run the
operation manually (see Modify a Cleaning Schedule on page 197).
Data Domain recommends running the cleaning operation once a
week.
Note: Any operation that shuts down the file system (such as
disabling the file system) or the Data Domain system (such as a
system power-off or reboot) aborts the cleaning operation. The
cleaning operation does not restart when the system restarts.
Either manually restart the cleaning or wait until the next
scheduled cleaning operation.
Note: Replication between Data Domain systems can affect
cleaning operations. If a source Data Domain system receives large
amounts of new or changed data while disabled or disconnected,
cleaning is not able to recover data that may have been deleted but
is pending replication until the replication completes. Replication
should be monitored regularly to ensure that it does not fall too far
behind.
Supported Interfaces
The following interfaces are supported by the file system:
•
NFS
•
CIFS
•
DD Boost
•
VTL
Supported Backup Software
Data Domain offers guidance on setting up backup software and
backup servers for use with a Data Domain system. Because such
information tends to change often, it is available on the Data
Domain Support Web site (https://my.datadomain.com/).
For more information about the backup applications that are
supported and instructions for accessing the Data Domain Support
Web site compatibility matrices, refer to the section Backup Software
Requirements on page 35.
180
Working with the File System
Data Streams Sent to a Data Domain System
A data stream, in the context of Table 5-1, refers to a a large bytestream associated with a sequential file access, such a write stream
to a backup file or a read stream from a restore image. A Repl
Source or Destination stream refers to a directory replication
operation or an OptDup (optimized deduplication) stream
associated with a file replication operation for the Symantec
NetBackup and BackupExec applications.
For optimal performance, Data Domain recommends the limits on
simultaneous streams between Data Domain systems and your
backup servers, as described in Table 5-1.
Table 5-1: Data Streams Sent to a Data Domain System in DD OS 5.0
Model
RAM/
NVRAM
Backup
Write
Streams
Backup Repl
Read
Source
Streams Streams
Repl
Mixed
Dest
Streams
DD120
DD140,
DD4xx,
DD510,
DD530
DD610
6 GB or
4 GB/
0.5 GB
16
4
15
20
w<= 16 ; r<= 4
ReplSrc<=15;
ReplDest<=20;
ReplDest+w<=16;
Total<=16
DD560,
DD565,
DD630
8 GB/
0.5 GB
20
16
30
20
w<=20; r<=16;
ReplSrc<=30;
ReplDest<=20;
ReplDest+w<=20;
Total<=30
DD565,
DD560
12 GB/
0.5 GB
45
20
45
45
w<=20; r<=16;
ReplSrc<=45;
ReplDest<=45;
ReplDest+w<=45;
Total<=45
DD580,
DD580g
16 GB/
0.5 GB
45
30
60
45
w<=45; r<=30;
ReplSrc<=60;
ReplDest<=45;
ReplDest+w<=45;
Total<=60
DD OS 5.0 Administration Guide
181
Table 5-1: Data Streams Sent to a Data Domain System in DD OS 5.0
Model
RAM/
NVRAM
Backup
Write
Streams
Backup Repl
Read
Source
Streams Streams
Repl
Mixed
Dest
Streams
DD660,
DD670
DD690
16 GB/
1 GB
90
30
60
90
w<=90; r<=30;
ReplSrc<=60;
ReplDest<=90;
ReplDest+w<=90;
Total<=90
DD690
24 GB/
1 GB
90
50
90
90
w<=90; r<=50;
ReplSrc<=90;
ReplDest<=90;
ReplDest+w<=90;
Total<=90
DD670
DD860
36 GB/
1 GB
90
50
90
90
w<=90; r<=50;
ReplSrc<=90;
ReplDest<=90;
ReplDest+w<=90;
Total<=140
DD880,
DD880g
64 GB/
2 GB
180
50
90
180
w<=180; r<=50;
ReplSrc<=90;
ReplDest<=180;
ReplDest+w<=180;
Total<=180
DD860
72 GB/
1 GB
90
50
90
90
w<=90; r<=50;
ReplSrc<=90;
ReplDest<=90;
ReplDest+w<=90;
Total<=140
DD890
96 GB/
2 GB
180
50
90
180
w<=180; r<=50;
ReplSrc<=90;
ReplDest<=180;
ReplDest+w<=180;
Total<=TBD
182
Working with the File System
Table 5-1: Data Streams Sent to a Data Domain System in DD OS 5.0
Model
RAM/
NVRAM
Backup
Write
Streams
Backup Repl
Read
Source
Streams Streams
Repl
Mixed
Dest
Streams
DD880GDA
64 GB/
2 GB
per
controller
270
75
135
270
w<=270; r<=75;
ReplSrca<=135;
ReplDest* <=270;
ReplDest*+w<=270;
Total<=270
DD890GDA
96 GB/
2 GB
per
controller
270
75
135
270
w<=270; r<=75;
ReplSrc*<=135;
ReplDest* <=270;
ReplDest*+w<=270;
Total<=270
a. OptDup only
File System Limitations
There are some file system limitations to be aware of while
working with the Data Domain system, as described in the
following sections.
•
Limits on Number of Files in a Data Domain System on page 183
•
Maximum Number of Supported Inodes on page 185
•
Maximum Path Name Length on page 185
Limits on Number of Files in a Data Domain System
The number of files allowable on a system is determined by the
amount of storage available and the number of MTrees in use
(each of which can handle about 4 billion files). There is a
maximum supported limit of 100 MTrees per Data Domain system,
so the actual maximum number of files is less than 400 billion files,
as long as the files are distributed across multiple Mtrees.
Note: The overall performance for the Data Domain system will
fall to unacceptable levels if the system is required to support the
maximum file amount, and the workload from the client machines
is not extremely carefully controlled.
DD OS 5.0 Administration Guide
183
As well, consider the overhead of about 500 post-comp bytes per
empty file and about 1K post-comp bytes per non-empty file.
Therefore, a 5 TB system could hold about 10 billion zero length
files (if they were spread across multiple Mtrees) is less than
5 billion non-empty files, depending on the data compression
factor. After that, the disk space occupied by user data will
dominate the equation and the total number of files the Data
Domain system can store will gradually decrease based upon the
overall compression factor of the user data.
Many systems operate without problems with hundreds of
millions of files. After a billion files, some processes or operations
may see an impact:
•
Lengthy cleaning or garbage collection operations (which
could be scheduled less frequently in a stable, archive
environment).
•
AutoSupport operations (you may wish to schedule these to
occur less frequently).
•
Any process or command that needs to enumerate all the files.
If there are many small files, other considerations arise:
184
•
Initial bulk migration of files may take a while. For example, at
70 MB/sec, the task will take at least four hours.
•
The number of separate files that can be created per second,
(even if the files are very small) may be more of a limitation
than the number of MB/s that can be moved into a Data
Domain system. When files are large, the file creation rate does
not signify, but when files are small, the file creation rate
dominates and may become a factor. File creation rate is
measured in the low 10’s of files per second, and should be
taken into account during system sizing when a bulk ingest of
a large number of files is needed by a customer environment.
•
NFS accesses are not affected by the number of files in a
directory; they are the same speed regardless of directory size.
Some CIFS operations are affected, however. To the extent
possible, we recommend directory sizes of less than a thousand
files when CIFS is the dominant protocol in use. Larger
directory sizes will experience slower responses to metadata
operations such as listing the files in the directory or opening a
Working with the File System
file. Note that read/write bandwidth via CIFS to a file once the
file has been opened will not be affected.
•
Opening files may also be slow if too many files exist in a
directory.
•
Time for backing up small files may increase for all storage
devices (overhead per file) but even greater for backupoptimized Data Domain systems. We recommend you
implement replication to another Data Domain system instead
of backup.
Maximum Number of Supported Inodes
An NFS or CIFS client request causes a Data Domain system to
report a capacity of about 2 billion inodes (files and directories). A
Data Domain system can exceed that number, but the reporting on
the client may be incorrect.
Maximum Path Name Length
The maximum length of a full path name (including the characters
in /data/col1/backup) is 1023 bytes. The maximum length of a
symbolic link is also 1023 bytes.
Monitoring File System Usage
The File System view has tabs that show real-time data storage
statistics, including current compression factors showing the space
saved by using data deduplication. graphs of space usage
amounts, consumption factors, and data written trends. There are
also some options for managing file system cleaning, expansion,
copying, and destruction.
Access the File System View
1. Select a system in the Navigational pane.
2. Click the Data Management > File System tabs.
The File System view has a File System overview pane and four
tabs which are described in detail in the following sections:
DD OS 5.0 Administration Guide
185
•
About the File System Overview Pane on page 186
•
About the Summary View on page 187
•
About the Configuration View on page 188
•
About the Space Usage View on page 189
•
About the Consumption View on page 190
•
About the Daily Written View on page 191
About the File System Overview Pane
The File System overview pane displays the file system State and
the Clean Status.
State
The State area contains an Enable/Disable button and the shows
the working state of the file system:
•
Enabled and running—and the latest consecutive length of
time the file system has been enabled and running.
•
Disabled and shutdown.
•
Enabling and disabling—in the process of becoming enabled or
disabled.
•
Destroying—if the file system is being deleted.
•
Error—if there is an error condition, such as a problem
initializing the file system.
Clean Status
The Clean Status area contain a Start/Stop Cleaning button and
shows the date the last cleaning operation occurred, or the current
cleaning status if the cleaning operation is currently running. For
example:
Cleaning finished at 2009/01/13 06:00:43
or, if the file system is disabled, shows:
Unavailable
186
Working with the File System
About the Summary View
Click the Summary tab to view important file system statistics, as
described in the following section.
Space Usage
The first Space Usage pane shows the amount of disk space
available and used by file system components, based on the last
cleaning.
•
The /data:post-comp line shows amounts for compressed
data in the /data directory.
•
The /ddvar line shows amounts for log and core files. (Remove
old logs and core files to free space in this area.)
For both of these, the following amounts are shown in real
numbers and in the color-coded graph as described in About the
Space Usage View on page 189:
•
Size—the amount of total physical disk space available for
data.
•
Used—The actual physical space used for compressed data.
Warning messages go to the system log and an email alert is
generated when the use reaches 90%, 95%, and 100%. At 100%,
the Data Domain system accepts no more data from backup
servers.
If the Used amount is always high, check the cleaning schedule
to see how often the cleaning operation runs automatically,
then use the procedure Modify a Cleaning Schedule on page 197
to run the operation more often. Also consider reducing the
data retention period or splitting off a portion of the backup
data to another Data Domain system.
•
Available (GiB)—The total amount of space available for data
storage. This figure can change because an internal index may
expand as the Data Domain system fills with data. The index
expansion takes space from the Avail GiB amount.
•
Cleanable (GiB)—The amount of space that could be reclaimed
if a cleaning operation were run.
The second Space Usage pane shows the compression factors:
DD OS 5.0 Administration Guide
187
•
Currently Used—The amounts currently in use by the file
system.
•
Written in Last 24 Hours—The compression activity over the
last day.
For both of these areas, the following is shown:
•
Pre-Compression (GiB)—Data written before compression.
•
Post-Compression (GiB)—Storage used after compression.
•
Global-Comp Factor—Pre-Compression / (Size after global
compression).
•
Local-Comp Factor—(Size after global compression) / PostCompression
•
Total-Comp Factor—Pre-Comp / Post-Comp
•
Reduction %—[(Pre-Comp - Post-Comp) / Pre-Comp] * 100
About the Archive Units View
The Archive Units view (shown only when the optional Archiver
license is activated) on the File System page lists each archive unit.
It shows the unit’s state (new, sealed, or target), its status
(disabled, ready, or stand-by), and its size. If the unit has been
sealed, that is, no more data can be added, the date that it was
sealed is given.
Click the diamond symbol to the right of a column heading to sort
the order of the values in reverse.
About the Configuration View
To check the file system configuration settings, click the
Configuration tab. The Configuration view presents the
configurable options and the current clean schedule, along with
Edit buttons to change those settings.
188
Working with the File System
The Options settings and the descriptions of settings are shown
below:
Options Settings
Description
Local Compression
Type
The type of local compression in use. See:
• Types of Compression on page 176 for an
overview.
• Change Local Compression on page 198.
Report Relica as
Writable
How applications see a replica. See:
• Change Read-only Settings on page 199.
Marker Type
Backup software markers (tape markers, tag
headers, or other names are used) in data
streams. See: Tape Marker Settings on page 200.
Staging Reserve
Manage disk staging. See:
• Working with Disk Staging on page 199.
•
Configure Disk Staging on page 200.
Cleaning Schedule
Settings
Description
Time
The date time cleaning operations run.See:
• Modify a Cleaning Schedule on page 197.
Throttle
The system resources allocation. See:
• Throttle the Cleaning Operation on page 197.
About the Space Usage View
The Space Usage view contains a graph that displays a visual
representation of data usage, derived from the space.log file.
Click the graph to display a box with data at that point.
The lines of the graph denote measurement for:
•
Pre-comp Written—The total amount of data sent to the Data
Domain system by backup servers. Pre-compressed data on a
Data Domain system is what a backup server sees as the total
uncompressed data held by a Data Domain system-as-storage-
DD OS 5.0 Administration Guide
189
unit. Shown with the Space Used (left) vertical axis of the
graph.
•
Post-comp Used—The total amount of disk storage in use on
the Data Domain system. Shown with the Space Used (left)
vertical axis of the graph.
•
Comp Factor—The amount of compression the Data Domain
system has performed with the data it received (compression
ratio). Shown with the Compression Factor (right) vertical axis
of the graph.
Checking Historical Space Usage
On the Space Usage graph, clicking an interval (ie, 7d, 30d, 60d,
120d) on the Duration line above the graph allows you to change
the number of days of data shown on the graph, from 7 to 120
days.
To see space usage for intervals over 120 days, use the following
command on the command line:
filesys show compression [summary | daily | daily-detailed]
{[last n {hours | days | weeks | months}] | [start date [end
date]]}
About the Consumption View
The Consumption view presents the space used over time, shown
in relation to total system capacity.
Click the graph to display a box with data at that point.
The lines of the graph denote measurement for:
190
•
Capacity—The total amount of disk storage available for data
on the Data Domain system. The amount is shown with the
Space Used (left) vertical axis of the graph. Clicking the
Capacity checkbox toggles this line on and off.
•
Post-comp—The total amount of disk storage in use on the
Data Domain system. Shown with the Space Used (left) vertical
axis of the graph.
•
Comp Factor—The amount of compression the Data Domain
system has performed with the data it received (compression
Working with the File System
ratio). Shown with the Compression Factor (right) vertical axis
of the graph.
•
Cleaning—A grey diamond appears on the chart each time a
file system cleaning operation was started.
•
Data Movement—The amount of disk space moved to the
archiving storage area (if the Archive license is enabled).
Checking Historical Consumption Usage
On the Consumption graph, clicking an interval (ie, 7d, 30d, 60d,
120d) on the Duration line above the graph allows you to change
the number of days of data shown on the graph, from 7 to 120
days.
About the Daily Written View
The Daily Written view contains a graph that displays a visual
representation of data that is written daily to the system over a
period of time, selectable from 7 to 120 days. The data amounts are
shown over time for pre- and post-compression amounts.
It also provides totals for global and local compression amounts,
and pre-compression and post-compression amounts.
Click a point on the graph to display a box with data for that point.
The lines on the graph denote measurements for:
•
Pre-Comp—The total amount of data written to the Data
Domain system by backup servers. Pre-compressed data on a
Data Domain system is what a backup server sees as the total
uncompressed data held by a Data Domain system-as-storageunit.
•
Post-Comp—The total amount of data written to the Data
Domain system after compression has been performed, as
shown in GiBs.
•
Total Comp—The total amount of compression the Data
Domain system has performed with the data it received
(compression ratio). Shown with the Total Compression Factor
(right) vertical axis of the graph.
DD OS 5.0 Administration Guide
191
Checking Historical Written Data
On the Daily Written graph, clicking an interval (7d, 30d, 60d,
120d) on the Duration line above the graph allows you to change
the number of days of data shown on the graph, from 7 to 120
days.
Below the Daily Written graph, the following totals display for the
current duration value:
•
Pre-comp
•
Post-comp
•
Global-comp factor
•
Local-comp factor
•
Total-comp factor
When the File System Is Full or Nearly Full
A Data Domain system has three progressive levels of being full.
As each level is reached, progressively more operations are
disallowed. At each level, deleting data and performing a file
system cleaning operation makes disk space available for
continued operation. Deleting files and removing snapshots do not
immediately reclaim disk space, but allow the next cleaning
operation to reclaim the space.
1. Level 1—At the first level of fullness, no more new data can be
written to the file system. An informative out of space message
is generated.
Remedy—Delete unneeded datasets, reduce the retention
period, delete snapshots, and perform a file system cleaning
operation.
2. Level 2—At the second level of fullness, files cannot be deleted.
This is because deleting files also require free space but the
system has so little free space available that it cannot even
delete files.
Remedy—Expire snapshots and perform a file system cleaning
operation.
192
Working with the File System
3. Level 3—At the third and final level of fullness, attempts to
expire snapshots, delete files, or write new data fail.
Remedy—Perform a file system cleaning operation to free
enough space to at least delete some files or expire some
snapshots and then rerun cleaning.
Monitor the Space Usage with Email Alerts
Alerts are generated when the file system is at 90%, 95%, and 100%
full. To receive these alerts, add the user to the alert emailing list.
To join the alert email list, see Working with the Notification View on
page 155.
Managing File System Operations
The following file system operations are described in this section:
•
Performing Basic Operations on page 193
•
Performing Cleaning on page 196
•
Modifying Basic Settings on page 198
Note: For information about how to manage a DD860 Archiver
system, refer to the DD860 Archiver Administrator Guide.
Performing Basic Operations
Basic file system operations include enabling and disabling the file
system, and in the rare occasion, destroying a file system.
Creating the File System
There are a few circumstances when the file system must be
created. These include a new Data Domain system, a system being
started up after a receiving a clean installation, and after a file
system has been destroyed.
To create the file system:
1. Select a system in the Navigational pane.
2. Click the Data Management > File System tabs.
DD OS 5.0 Administration Guide
193
3. From the More Tasks menu, select Create File System.
The Create File System dialog window appears.
4. In the Configure Storage area, click Configure.
The Configure Storage dialog window appears.
5. In the Available Storage area, select the checkboxes of the
storage devices to use and click Move to Tier.
System storage must be moved from the Available Storage area
to the Active Tier storage area before the file system can be
created.
6. Click OK and Close in the progress dialog box.
Enable or Disable the File System
The option to enable or disable the file system is dependent on the
current state of the file system—if its enabled, you can disable it
and vice versa.
•
Enabling the file system allows Data Domain system
operations to begin. This ability is available to administrative
users only.
•
Disabling the file system halts all Data Domain system
operations, including cleaning. This ability is available to
administrative users only.
Caution: Disabling the file system when a backup application is
sending data to the system can cause the backup process to fail.
Some backup software applications are able to recover by
restarting where they left off when they are able to successfully
resume copying files; others might fail, leaving the user with an
incomplete backup.
1. Select a system in the Navigational pane.
2. Click the Data Management > File System tabs.
3. In the Overview pane, click Enable or Disable in the State area.
4. Click OK and Close.
194
Working with the File System
Expand the File System
The size of a file system may need to be expanded if the remedies
in the section When the File System Is Full or Nearly Full on page 192
do not sufficiently clear enough space for normal operations.
To expand the file system:
1. Select a system in the Navigational pane.
2. Click the Data Management > File System tabs.
3. From the More Tasks menu, select Expand Capacity.
The Expand File System Capacity dialog window appears,
showing the current size of the file system, and noting how
much additonal storage space is available for expansion.
•
If enough capacity is available for expansion requirements,
continue to step 7.
•
If capacity needs to be added, continue with the next step.
4. Click Configure to allocate existing storage to the file system.
The Configure Storage dialog window appears.
5. In the Available Storage area, click the checkboxes of the
storage devices to use and click Move to Tier.
System storage must be moved from the Available Storage area
to the Active Tier storage area before the file system can be
created.
6. Click OK and Close in the progress dialog box.
7. Click Finish to expand the file system into the available
storage.
Destroy the File System
Destroying the file system deletes all data in the Data Domain file
system (including virtual tapes) and creates a new empty file
system. This operation also removes Replication configuration
settings.
DD OS 5.0 Administration Guide
195
Caution: Deleted data is not recoverable.
This operation is used when it is necessary to cleaning out existing
data, to create a new collection replication destination, or to
replace a collection source, or for security reasons because the
system is being removed from operation.
The optional Write zeros to disk operation writes zeros to all file
system disks, effectively removing all traces of data.
Caution: If the Data Domain system contains a large amount of
data, this can take many hours or a day to complete.
Note: As this is a destructive procedure, this operation is available
to administrative users only.
1. From the More Tasks menu, select Destroy.
2. In the Destroy File System dialog box, enter the sysadmin
password. (It is the only accepted password.)
3. Optionally, click the checkbox for Write zeros to disk to
completely remove data.
4. Click OK.
Performing Cleaning
To start or stop cleaning, or to modify the default cleaning
schedule (every Tuesday at 6 a.m. with 50% throttle), use one of
the procedures below.
Manually Start and Stop Cleaning
To immediately start a cleaning operation:
1. In the Overview pane, click Start Cleaning in the Clean Status
area.
The Start File System Clean dialog box appears.
2. In the Throttle Percentage text box, enter a system throttle
amount. This is the percentage of CPU usage dedicated to
cleaning.
3. Click OK.
196
Working with the File System
4. The Start File System Clean dialog box appears where you can
watch the cleaning operation progress. Click Close to exit the
progress dialog box.
To immediately stop a cleaning operation (stopping the process
means that all work done so far is lost):
1. In the Overview pane, click Stop Cleaning in the Clean Status
area.
The Stop File System Clean dialog box appears.
2. Click OK.
Modify a Cleaning Schedule
To change the schedule for cleaning:
1. Click the Data Management > File System > Configuration
tabs.
2. In the Clean Schedule area, click Edit.
The Modify Schedule dialog box appears.
3. Click the Custom Clean Schedule radio button.
4. Enter the start time, throttle percentage, and days (either
weekly or monthly).
Note: The throttle setting affects cleaning only when the
system is servicing user requests. When there are no user
requests, cleaning always runs at full throttle.
5. Click OK.
Throttle the Cleaning Operation
If the cleaning operation is slowing down the rest of the system,
consider modifying the throttle settings to change the amount of
system resources used by the cleaning process. Stop and restart the
cleaning operation, using the procedures above.
DD OS 5.0 Administration Guide
197
Modifying Basic Settings
The Modify Settings option allows you to change the type of
compression used, marker types, Replica write status, and Staging
Reserve percentage, as described in the following sections:
•
Change Local Compression on page 198
•
Change Read-only Settings on page 199
•
Configure Disk Staging on page 200
Change Local Compression
To change the type of local compression in use:
1. Click the Data Management > File System > Configuration
tabs.
2. In the Options area, click Edit.
The Modify Settings dialog box appears.
3. In the Local Compression Type area, click the drop-down list
and select a new compression type.
Option
Description
none
Do not compress data.
lz
The default algorithm that gives the best throughput.
Data Domain recommends the lz option.
gzfast
A zip-style compression that uses less space for
compressed data, but more CPU cycles (twice as much as
lz). Gzfast is the recommended alternative for sites that
want more compression at the cost of lower performance.
gz
A zip-style compression that uses the least amount of
space for data storage (10% to 20% less than lz on average;
however, some datasets get much higher compression).
This also uses the most CPU cycles (up to five times as
much as lz). The gz compression type is commonly used
for nearline storage applications in which performance
requirements are low.
4. Click OK at the confirmation dialog box.
5. Click Close to exit the status dialog box.
198
Working with the File System
Change Read-only Settings
Some backup applications must see the replica as writable to do a
restore or vault operation from the replica. To change the replica to
writable:
1. Click the Data Management > File System > Configuration
tabs.
2. In the Options area, click Edit.
The Modify Settings dialog box appears.
3. In the Report Replica as Writable pane, click the Enable
checkbox.
4. Click OK.
5. Click Close to exit the status dialog box.
Working with Disk Staging
Disk staging enables a Data Domain system to serve as a staging
device, where the system is viewed as a basic disk via a CIFS share
or NFS mount point. Disk staging can be used in conjunction with
your backup software, such as Symantec’s NetBackup (NBU) and
Legato’s NetWorker.
The Data Domain disk staging feature does not require a license
and is disabled by default.
Note: The VTL feature is not required or supported when the Data
Domain system is used as a Disk Staging device.
The reason that some backup applications use disk staging devices
is to enable tape drives to stream continuously. After the data is
copied to tape, it is retained on disk for as long as space is
available. Should a restore be needed from a recent backup, more
than likely the data is still on disk and can be restored from it more
conveniently than from tape. When the disk fills up, old backups
can be deleted to make space. This delete-on-demand policy
maximizes the use of the disk.
In normal operation, the Data Domain System does not reclaim
space from deleted files until a cleaning operation is done. This is
not compatible with backup software that operates in a staging
DD OS 5.0 Administration Guide
199
mode, which expects space to be reclaimed when files are deleted.
When you configure disk staging, you reserve a percentage of the
total space—typically 20 to 30 percent—in order to allow the
system to simulate the immediate freeing of space.
The amount of available space is reduced by the amount of the
staging reserve. When the amount of data stored uses all of the
available space, the system is full. However, whenever a file is
deleted, the system estimates the amount of space that will be
recovered by cleaning and borrows from the staging reserve to
increase the available space by that amount. When a cleaning
operation runs, the space is actually recovered and the reserve
restored to its initial size. Since the amount of space made available
by deleting files is only an estimate, the actual space reclaimed by
cleaning may not match the estimate. The goal of disk staging is to
configure enough reserve so that you do not run out before
cleaning is scheduled to run.
Configure Disk Staging
To enable disk staging and specify the staging reserve percentage:
1. Click the Data Management > File System > Configuration
tabs.
2. In the Options area, click Edit.
The Modify Settings dialog box appears.
3. In the Staging Reserve pane, click the Enable checkbox.
4. Enter a value in the % of Total Space text box.
This value represents the percentage of the total disk space to
be reserved for disk staging, typically 20 to 30 percent.
5. Click OK.
Tape Marker Settings
Backup software from some vendors insert markers (tape markers,
tag headers, or other names are used) in all data streams (both file
system and VTL backups) sent to a Data Domain system. Markers
can significantly degrade data compression on a Data Domain
system. As such, the default marker type auto is set and cannot be
200
Working with the File System
changed by the user. If this setting is not compatible with your
backup software, contact the Data Domain Support Web Site.
Managing Encryption of Data at Rest
The optional Encryption of Data at Rest feature encrypts all
incoming data to the Data Domain system before being it is written
to the physical storage media. The data is physically stored in an
encrypted manner and cannot be accessed on the existing Data
Domain system or in any other environment without first
decrypting it.
The following sections describe how to use the Encryption of Data
at Rest feature:
•
How Encryption of Data at Rest Works on page 201
•
Setting Up Encryption of Data at Rest on page 203
•
Locking and Unlocking the System on page 203
•
Changing the Encryption Algorithm on page 205
•
Changing the Encryption Passphrase on page 205
How Encryption of Data at Rest Works
Data encryption protects user data if the Data Domain system is
stolen or if the physical storage media is lost during transit, and
eliminates accidental exposure of a failed drive if it is replaced. As
well, if an intruder circumvents network security controls and
gains access to encrypted data, without the proper cryptographic
keys, the data is unreadable and unusable to that person.
When data enters the Data Domain system using any of the
supported protocols (NFS, CIFS, VTL, DD Boost, and Distributed
Segmented Processing), the stream is segmented, fingerprinted,
de-duplicated (global compression), then grouped into multisegment compression regions, locally compressed and finally
encrypted before storage to disk.
Note: Once enabled, the Encryption at Rest feature encrypts all
data entering the Data Domain system. You cannot enable
encryption at a more granular level.
DD OS 5.0 Administration Guide
201
Caution: Data that has been stored before the encryption feature is
enabled does not automatically get encrypted. To protect all of the
data on the system, be sure to enable encryption before you put the
system into use. See Setting Up Encryption of Data at Rest on
page 203.
The first time the feature is enabled, the system randomly
generates a system encryption key and uses the passphrase to
encrypt that key before it is stored in multiple locations on disk.
The system encryption key cannot be changed and is not, in any
way, accessible to a user.
The administrator can select a 128-bit or 256-bit Advanced
Encryption Standard (AES) algorithm for encrypting all data
within the system. One of two cipher modes, Cipher Block
Chaining mode (CBC) or Galois/Counter mode (GCM), can be
selected to best fit security and performance requirements.
All the currently supported backup applications described in the
Backup Application Matrix on the Support portal can be used with
the Encryption of Data at Rest feature.
Data Domain Replicator software can be used with the encryption
option, enabling encrypted data to be replicated using collection,
directory or application-specific optimized duplication forms of
replication and with the various topologies. Each replication form
works uniquely with encryption and offers the same level of
security. For more information, see the section Using Encryption
with Replication on page 352.
Files locked using the Data Domain Retention Lock software
option can be stored, encrypted, and replicated.
The autosupport feature includes information about the state of
encryption on the Data Domain system:
202
•
Whether or not encryption is enabled
•
The encryption algorithm that is configured
•
The state of the file system
Working with the File System
Setting Up Encryption of Data at Rest
Use the following procedure to set up the Encryption at Rest
feature:
1. License the Encryption at Rest feature (see About Licenses on
page 15).
2. If the file system is enabled, disable the file system:
# filesys disable
3. Globally enable encryption on the Data Domain system (you
will be prompted to provide a passphrase):
# filesys encryption enable
Caution: Be sure to take care of the passphrase. If the passphrase is
lost, you will never be able to unlock the file system and access the
data. The data will be irrevocably lost.
4. Show the relevant encryption and algorithm configuration:
# filesys encryption show
5. Optionally, select a different cryptographic algorithm from the
default (aes_256_cbc) (see Changing the Encryption Algorithm
on page 205 for more information):
# filesys encryption algorithm set [aes_128_cbc |
aes_256_cbc | aes_128_gcm | aes_256_gcm]
6. Enable the file system for use:
# filesys enable
The system is now set to encrypt data before it is stored to disk.
Locking and Unlocking the System
Use this procedure when an encryption-enabled Data Domain
system (and its external storage devices) are being transported, or
if you want to lock a disk that is being replaced. The procedure
requires two accounts with system administration privileges.
1. Disable the file system:
# filesys disable
DD OS 5.0 Administration Guide
203
2. Lock the system by providing the account name and password
of a second administrator account (an authorized user in the
administrator group on that Data Domain system). You will be
prompted to enter a new passphrase:
# filesys encryption lock
Enter a second authorized user name: sysadmin2
Enter password:
Enter the current passphrase:
Enter new passphrase:
Re-enter new passphrase:
Passphrases matched.
The filesystem is now locked.
This command creates a new passphrase and destroys the
cached copy of the current passphrase, so anyone who does not
possess the new passphrase will not be able to decrypt the
data.
Note: Changing the passphrase requires two-user
authentication to protect against “rogue” employee shredding
the data.
Caution: Be sure to take care of the passphrase. If the passphrase is
lost, you will never be able to unlock the file system and access the
data. The data will be irrevocably lost.
3. Shut down the system:
Caution: Do not use the chassis power switch to power off the
system. Use the following command instead.
# system poweroff
The ‘system poweroff’ command shuts down the system
and turns off the power.
Continue? (yes|no|?) [no]:
4. Transport the system or remove the disk being replaced.
5. Power on the system.
6. Unlock the system:
# filesys encryption unlock
This command prepares the encrypted file system for use after
it has arrived at its destination. The system prompts you to
204
Working with the File System
enter the passphrase that was specified in the encryption
lock command.
7. Enable the file system:
# filesys enable
If the passphrase is incorrect, the file system does not start and
the system reports the error. Re-enter the correct passphrase, as
directed in the previous step.
Changing the Encryption Algorithm
•
To view the type of encryption algorithm in use:
# filesys encryption algorithm show
•
To select an encryption algorithm:
# filesys encryption algorithm set [aes_128_cbc |
aes_256_cbc | aes_128_gcm | aes_256_gcm]
# filesystem restart
The aes_256_gcm option, which selects AES in the
Galois/Counter mode, is the most secure algorithm but it is
significantly slower than the Cipher Block Chaining (CBC)
mode. After running this command, you must restart the file
system with the filesys restart command.
•
To reset the algorithm to the default (aes_256_cbc):
# filesys encryption algorithm reset
# filesystem restart
After running this command, you must restart the file system
with the filesys restart command.
Changing the Encryption Passphrase
The encryption passphrase is a human-readable (understandable)
key (like a smart card) which is used to generate a machine usable
AES256 encryption key.
The administrator can change the passphrase without having to
manipulate the actual encryption keys. Changing the passphrase
DD OS 5.0 Administration Guide
205
indirectly changes the encryption of the keys, but does not affect
user data or the underlying Data Domain system encryption key.
The passphrase allows a Data Domain system to be transported
with an encryption key on the system, but without the passphrase
being stored on it. If the system is stolen in transit, an attacker
cannot easily recover the data; at most, they can recover the
encrypted user data and the encrypted keys.
The passphrase is stored internally on a hidden part the Data
Domain storage subsystem. This allows the Data Domain system
to boot and continue servicing data access without any
administrator intervention.
Changing the passphrase requires two-user authentication to
protect against “rogue” employee shredding the data.
The passphrase is set when the encryption is enabled, but it can be
changed with the following commands:
1. Disable the file system:
# filesys disable
2. Change the passphrase:
# filesys encryption passphrase change
Caution: Be sure to take care of the passphrase. If the passphrase is
lost, you will never be able to unlock the file system and access the
data. The data will be irrevocably lost.
3. Enable the file system:
# filesys enable
Fast Copy Operations
A fast copy operation copies files and directory trees of a source
directory to a target directory on a Data Domain system. The force
option allows the destination directory to be overwritten if it exists.
Executing the fastcopy operation displays a progress status dialog
box.
Note: A fast copy operation makes the destination equal to the
source, but not at a particular point in time. There are no
206
Working with the File System
guarantees that the two are or were ever equal if you change either
folder while copying.
Perform a Fast Copy Operation
1. Click the Data Management > File System tabs and select Fast
Copy from More Tasks.
The Fast Copy dialog box appears.
2. In the Source text box, enter the pathname of the directory
where the data to be copied resides. For example,
/data/col1/backup/.snapshot/snapshot-name/dir1.
3. In the Destination text box, enter the pathname of the directory
where the data will be copied to. For example,
/data/col1/backup/dir2. This destination directory must be
empty, or the operation fails.
•
If the Destination directory exists, click the checkbox
“Overwrite existing destination if it exists.”
4. Click OK.
5. In the progress dialog box that appears, click Close to exit.
DD OS 5.0 Administration Guide
207
208
Working with the File System
6
Working with MTrees
This chapter includes the following topics.
•
About MTrees on page 209
•
Monitoring MTree Usage on page 210
•
Managing MTree Operations on page 216
•
Working with Retention Lock on page 218
About MTrees
An MTree is a new directory type, introduced in DD OS 5.0, that
that provides more granular space usage, and allows finer
management of snapshots and retention locking. These operations
can be performed on a specific MTree rather than on the entire file
system.
If MTrees are implemented on systems upgraded to 5.0, files and
subdirectories in the /backup area are automatically mapped to
the MTree /data/col1/backup.
It is recommended for DD OS 5.0 that new MTrees be created only
under /data/col1/backup.
Note: Although a Data Domain system supports a maximum of
100 MTrees, system performance might degrade rapidly if more
than 14 MTrees are actively engaged in read or write streams. The
degree of degradation depends on overall I/O intensity and other
file system loads. For optimum performance, constrain the number
of simultaneously active MTrees to a maximum of 14. And,
whenever possible, aggregate operations on the same MTree into a
single operation.
DD OS 5.0 Administration Guide
209
Monitoring MTree Usage
1. Select a system in the Navigational pane.
2. Click the Data Management > MTree tabs.
The MTree view shows a list of configured MTrees, and when
selected in the list, details of the MTree in the Summary tab.
The Space Usage and Daily Written tabs show graphs that
visually display space usage amounts and data written trends
for a selected MTree. The view also contains options that allow
MTree configuration for CIFS, NFS, and DD Boost, as well as
sections for managing snapshots and retention lock for an
MTree.
The MTree view has an MTree overview pane and three tabs
which are described in detail in the following sections:
•
About the MTree Overview Pane on page 210
•
About the Summary View on page 211
•
About the Space Usage View on page 214
•
About the Daily Written View on page 215
About the MTree Overview Pane
By default, the MTree overview lists all the active MTrees on the
system and shows real-time data storage statistics. Information in
the overview area is helpful in visualizing space usage trends.
•
Click a checkbox of an MTree in the list to display details and
perform configuration in the Summary view.
•
Enter text (wildcards are supported) in the Filter By MTree
Name and click Update to list specifics MTree names in the list.
•
Delete filter text and click Rest to return to the default list.
The MTree overview information includes:
210
Item
Description
MTree Name
The pathname of the MTree.
Working with MTrees
Item
Description
Last 24 hr Pre-Comp
Amount of raw data from the backup
application that has been written in the last
24 hours.
Last 24 hr Post-Comp Amount of storage used after compression
in the last 24 hours:.
Last 24 hr Comp
Ratio
The compression ratio for the last 24 hours.
Weekly Avg PostComp
Average amount of compressed storage
used in the last five weeks.
Last Week PostComp
Average amount of compressed storage
used in the last seven days.
Weekly Avg Comp
Ratio
The average compression ratio for the last five
weeks.
Last Week Comp
Ratio
The average compression ratio for the last seven
days.
About the Summary View
Click the Summary tab to view detailed MTree information, as
described in the following sections:
•
View Detail Information on page 211
•
View MTree Snapshot Information on page 213
•
View MTree Retention Lock Information on page 214
View Detail Information
Selecting an MTree in the overview list displays additional details
in this area.
DD OS 5.0 Administration Guide
211
The detailed information for a selected MTree includes:
Item
Description
Full Path
The pathname of the MTree.
Pre-Comp Size
The current amount of raw data from the
backup application that has been written to
the MTree.
Status
The current status of the MTree
(combinations are supported). Status can
be:
• D—Deleted
• RO—Read-only
• RW—Read/write
• RLE—Retention lock enabled
• RLD—Retention lock disabled
CIFS Shared
The CIFS share status. Status can be:
• Yes—The MTree or its parent directory is
shared.
• Partial—The subdirectory under this MTree
is shared.
• No—This MTree and its parent or child
directories are not shared.
Click the CIFS link to go to the CIFS view.
NFS Exported
The NFS export status. Status can be:
• Yes—The MTree or its parent directory is
exported.
• Partial—The subdirectory under this MTree
is exported.
• No—This MTree and its parent or child
directories are not exported.
Click the NFS link to go to the NFS view.
212
Working with MTrees
Item
Description
DD Boost Storage
Unit
The DD Boost export status. Status can be:
• Yes—The MTree is exported.
• No—This MTree is not exported.
• Unknown—There is no information.
Click the DD Boost link to go to the DD Boost
view.
View MTree Snapshot Information
If the selected MTree is configured for snapshots, summary
information about the snapshot configuration displays in this area.
•
Click the Snapshots link to go to the Snapshots page to perform
configuration or to see additional details.
•
Click Assign Snapshot Schedules to assign a snapshot schedule
to the selected MTree. Click the checkbox of the schedule and
click OK and Close. To create a snapshot schedule, click Create
Snapshot Schedule (see Create a Snapshot Schedule on page 229
for instructions).
The Snapshot information includes:
Item
Description
Total Snapshots
The total number of snapshots created for this
MTree. A total of 750 snapshots can be created
for each MTree.
Expired
The number of snapshots in this MTree that
have been marked for deletion, but have not
been removed with the clean operation as yet.
Unexpired
The number of snapshots in this MTree that are
marked for keeping.
Oldest Snapshot
The date of the oldest snapshot for this MTree.
Newest Snapshot
The date of the newest snapshot for this MTree.
Next Scheduled
The date of the next scheduled snapshot.
Assigned Snapshot
Schedules
The name of the snapshot schedule assigned to
this MTree.
DD OS 5.0 Administration Guide
213
View MTree Retention Lock Information
The retention lock feature directs the system to keep selected files
from being modified and deleted for a specified retention period of
up to 70 years. To enable the retention lock feature, the system
must have a retention lock license.
If the selected MTree is configured for Retention Lock, summary
information about the Retention Lock configuration displays in
this area.
Note: To manage Retention Lock for an MTree, see Working with
Retention Lock on page 218.
The Retention Lock information includes:
Item
Description
Status
Shows whether Retention lock is enabled or
disabled.
Retention Period
Shows the minimum and maximum Retention
Lock time periods.
Unexpired
The number of snapshots in this MTree that are
marked for keeping.
UUID
The identification information for the Retention
Lock.
About the Space Usage View
The Space Usage view contains a graph that displays a visual
representation of data usage for the MTree.
Click the graph to display a box with data at that point.
The lines of the graph denote measurement for:
214
•
Pre-comp Written—The total amount of data sent to the MTree
by backup servers. Pre-compressed data on an MTree is what a
backup server sees as the total uncompressed data held by an
MTree-as-storage-unit. Shown with the Space Used (left)
vertical axis of the graph.
•
Post-comp Used—The total amount of disk storage in use on
the MTree. Shown with the Space Used (left) vertical axis of the
graph.
Working with MTrees
•
Comp Factor—The amount of compression the Data Domain
system has performed with the data it received (compression
ratio). Shown with the Compression Factor (right) vertical axis
of the graph.
Checking Historical Space Usage
On the Space Usage graph, clicking an interval (ie, 7d, 30d, 60d,
120d) on the Duration line above the graph allows you to change
the number of days of data shown on the graph, from 7 to 120
days.
About the Daily Written View
The Data Written pane contains a graph that displays a visual
representation of data that is written daily to the MTree over a
period of time, selectable from 7 to 120 days. The data amounts are
shown over time for pre- and post-compression amounts.
It also provides totals for global and local compression amounts,
and pre-compression and post-compression amounts.
Click a point on the graph to display a box with data for that point.
The lines on the graph denote measurements for:
•
Pre-Comp—The total amount of data written to the MTree by
backup servers. Pre-compressed data on an MTree is what a
backup server sees as the total uncompressed data held by an
MTree -as-storage-unit.
•
Post-Comp—The total amount of data written to the MTree
after compression has been performed, as shown in GiBs.
•
Total Comp—The total amount of compression the Data
Domain system has performed with the data it received
(compression ratio). Shown with the Total Compression Factor
(right) vertical axis of the graph.
Checking Historical Written Data
On the Daily Written graph, clicking an interval (7d, 30d, 60d,
120d) on the Duration line above the graph allows you to change
the number of days of data shown on the graph, from 7 to 120
days.
DD OS 5.0 Administration Guide
215
Below the Daily Written graph, the following totals display for the
current duration value:
•
Pre-comp
•
Post-comp
•
Global-comp factor
•
Local-comp factor
•
Total-comp factor
Managing MTree Operations
The following MTree operations are described in this section:
•
Create an MTree on page 216
•
Delete an MTree on page 217
•
Undelete an MTree on page 217
•
Rename an MTree on page 217
Create an MTree
MTrees are created in the area /data/col1/mtree_name.
To create an MTree:
1. Select a system in the Navigational pane.
2. Click the Data Management > MTree tabs.
3. In the MTree overview area, click Create.
The Create MTree dialog box appears.
4. Enter the name of the MTree in the MTree Name text box.
MTree names can be up to 50 characters using upper and lower
case letters, digits, and the _ and -.
5. Click OK.
The new MTree displays in the MTree table.
216
Working with MTrees
Note: You may need to expand the width of the MTree Name
column to see the entire pathname.
Delete an MTree
Deleting an MTree remove the MTree from the MTree table and
removes all data in that MTree at the next file system cleaning.
1. Select a system in the Navigational pane.
2. Click the Data Management > MTree tabs.
3. In the MTree overview area, click Delete.
4. Click OK at the Warning dialog box.
5. Click Close in the Delete MTree Status dialog box after viewing
the progress.
Undelete an MTree
Undeleting an MTree retrieve a deleted MTree and its data and
places it back in the MTree table.
1. Select a system in the Navigational pane.
2. Click the Data Management > MTree tabs.
3. From the More Tasks menu, select Undelete.
The Undelete MTree dialog box appears.
4. Click the checkboxes of the MTrees you wish to bring back and
click OK.
5. Click Close in the Undelete MTree Status dialog box after
viewing the progress.
The recovered MTree displays in the MTree table.
Rename an MTree
1. Select a system in the Navigational pane.
2. Click the Data Management > MTree tabs.
3. Select an MTree in the MTree table.
DD OS 5.0 Administration Guide
217
4. In the Summary Detailed Information overview area, click
Rename.
The Rename MTree dialog box appears.
5. Enter the name of the MTree in the New MTree Name text box.
MTree names can be up to 50 characters using upper and lower
case letters, digits, and the _ and -.
6. Click OK.
The renamed MTree displays in the MTree table.
Working with Retention Lock
To work with the Retention Lock feature:
•
About Retention Lock on page 218
•
Create Client-Side Retention-Locked Files and Set Retention Dates on
page 219
•
Modify Retention Lock Settings on page 220
About Retention Lock
The retention lock feature directs the system to keep selected files
from being modified and deleted for a specified retention period of
up to 70 years. To enable the retention lock feature, the system
must have a retention lock license.
A file must be explicitly committed to be a retention-locked file
through client-side file commands before the file is protected from
modification and premature deletion. These commands can be
issued directly by the user or automatically by applications that
support the retention lock feature. Most archive applications and
selected backup applications issue these commands when
appropriately configured. Applications that do not issue these
commands do not trigger the retention lock feature. For a
description of the set of client-side control commands that can be
used for managing retention-locked files, see the mtree
retention-lock section of the DD OS 5.0 Command Reference
Guide.
218
Working with MTrees
Once a file is committed as a retention-locked file, it cannot be
deleted until its retention period is reached, and its contents cannot
be modified. The retention period can be extended but not
reduced. The access control information of a retention-locked file
may be updated.
Note: Once a file has been committed as retention-locked file, it is
always protected from modification and premature deletion,
regardless of whether the retention lock license is disabled or the
retention lock feature is enabled.
If retention lock is required on VTL, virtual tapes must be
configured using the vtl tape modify command. See the DD
OS 5.0 Command Reference Guide for details.
Enabling the retention lock feature allows you to:
•
Commit non-retention-locked files to retention-locked files.
•
Extend the retention period of retention-locked files.
Once a retention lock has been enabled on a Data Domain system,
you cannot rename non-empty folders or directories on that
system (although you can rename empty ones).
The retention lock feature supports a maximum retention period of
70 years and does not support the retain forever option offered by
certain archive applications. Also, certain archiving applications
may impose a different limit (such as 30 years) on retention period,
so check with the appropriate vendor.
The retention period referred to in this section differs from the
retention period for snapshots. The retention period for the
retention lock feature specifies the minimum period of time a
retention-locked file is retained, whereas the retention period for
snapshots specifies the maximum length of time snapshot data is
retained.
Create Client-Side Retention-Locked Files and Set
Retention Dates
The user creates a file in the usual way and then sets the last access
time (atime) of the file to the desired retention date of the file. If the
atime is set to a value that is larger than the current time plus the
configured minimum retention period, then the file is committed
DD OS 5.0 Administration Guide
219
to be a retention-locked file. Its retention date is set to the smaller
of the atime value and the current time plus the configured
maximum retention period. Setting the atime for a non-retentionlocked file to a value less than the current time plus the configured
minimum retention period is ignored without error.
The following (Unix) command can be used to set the atime:
ClientOS# touch -a -t [atime] [filename]
The format of atime is: [[YY]YY]MMDDhhmm[.ss]
For example, suppose the current date and time is 1 p.m. on
December 18th 2009 (that is, 200912181300) and the minimum
retention period is 12 hours. Adding the minimum retention
period of 12 hours to that date/time gives 200912190100.
Therefore, if atime for a file is set to a value greater than
201112190100, the file becomes retention-locked:
ClientOS# touch -a -t 201112312230 SavedData.dat
Note: The file must be completely written to the Data Domain
system before it is committed to be a retention-locked file.
Modify Retention Lock Settings
To enable or disable Retention Lock, or modify the retention
period:
1. Select a system in the Navigational pane.
2. Click the Data Management > MTree > Summary tabs.
3. In the Retention Lock area, click Edit.
The Modify Retention Lock for MTree dialog box appears.
4. To modify a setting:
•
Click the Enable or Disable checkbox.
•
Modify the Retention period:
a. In the Retention Period pane, modify the minimum and/or
maximum time period by typing a number for the interval
in the text box (for example, 5 or 14).
220
Working with MTrees
b. From the drop-down list, select an interval (minutes, hours,
days, years)
•
To reset either of the Retention Lock settings to the default,
click Default.
5. Click OK.
DD OS 5.0 Administration Guide
221
222
Working with MTrees
7
Working with Snapshots
This chapter describes how to use the snapshot feature with
MTrees. The following topics are included in this section:
•
About Snapshots on page 223
•
Monitoring Snapshots and Their Schedules on page 224
•
Managing Snapshots on page 226
•
Managing Snapshot Schedules on page 229
•
Recover Data from a Snapshot on page 232
About Snapshots
A snapshot saves a read-only copy of the designated MTree (for
background on MTrees, see Working with MTrees on page 209). A
snapshot is useful for saving a copy of an MTree at a specific point
in time, where it can later be used as restore point if files need to be
restored from that specific point in time.
Use the snapshot feature to take an image of an MTree, to manage
MTree snapshots and schedules, and display information about
the status of existing snapshots.
Note: If the Data Domain system is a source for collection
replication, snapshots are replicated. If the Data Domain system is
a source for MTree or directory replication, snapshots are not
replicated and snapshots must be created and replicated
separately.
Snapshots for the MTree named “backup” are created in the
system directory /data/col1/backup/.snapshot. Each
directory under /data/col1/backup also has a .snapshot
directory with the name of each snapshot that includes the
directory. Each MTree has the same type of structure, so an
DD OS 5.0 Administration Guide
223
MTree named SantaClara would have a system directory
/data/col1/backup/SantaClara/.snapshot, and each
subdirectory in /data/col1/backup/SantaClara would have
a .snapshot directory as well.
Note: The .snapshot directory is not visible if only /data is
mounted. When the MTree itself is mounted, the .snapshot
directory is visible.
An expired snapshot remains available until the next file system
cleaning operation.
The maximum number of snapshots allowed per MTree is 750.
Warnings are sent when the number of snapshots per MTree
reaches 90% of the maximum allowed number (from 675 to 749
snapshots), and an alert is generated when the maximum number
is reached. To clear the warning, expire snapshots and then run the
file system cleaning operation.
Note: To identify an MTree that is nearing the maximum number
of snapshots, check the Snapshots pane of the MTree page (see
View MTree Snapshot Information on page 213).
Snapshot retention for an MTree does not take any extra space, but
if a snapshot exists and the original file is no longer there, the space
cannot be reclaimed.
Monitoring Snapshots and Their Schedules
The Snapshots view provides detailed and summary information
about the status of snapshots and snapshot schedules.
About the Snapshots View
The Snapshot view contains the following components:
224
•
Snapshots Overview Pane on page 225
•
Snapshots View on page 225
•
Schedules View on page 226
Working with Snapshots
Snapshots Overview Pane
The Snapshots overview pane displays following snapshot
information.
Field
Description
Total Snapshots
The total number of snapshots, active and
(Across all MTrees) expired, on all MTrees in the system.
Expired
The number of snapshots that have been marked
for deletion, but have not been removed with the
clean operation as yet.
Unexpired
The number of snapshots that are marked for
keeping.
Next file system
clean scheduled
The date the next scheduled file system clean
operation will be performed.
Snapshots View
The Snapshots tab displays a list of snapshots and lists the
following information.
Field
Description
Selected Mtree
A drop-down list that selects the MTree the
snapshot operates on.
Filter By
Items to search for in the list of snapshots that
display. Options are:
• Name—Name of the snapshot (wildcards are
accepted).
• Year—Drop-down list to select the year.
• Status—Drop-down list to select the status
(Expired or Unexpired).
Name
The name of the snapshot image.
Creation Time
The date the snapshot was created.
Expires On
The date the snapshot expires.
Status
The status of the snapshot, which can be Expired
or blank if the snapshot is active.
DD OS 5.0 Administration Guide
225
Schedules View
The Schedules tab displays a list of snapshot schedules and lists
the following information.
Field
Description
Name
The name of the snapshot schedule
Days
The days the snapshots will be taken.
Times
The time of day the snapshots will be taken.
Retention Period
The amount of time the snapshot will be retained.
Snapshot Name
Pattern
A string of characters and variables that translate
into a snapshot name (for example, scheduled%Y-%m-%d-%H-%M, which translates to
scheduled-2010-04-12-17-33).
Managing Snapshots
Managing snapshots includes the following topics:
•
Create a Snapshot on page 226
•
Modify a Snapshot Expiration Date on page 227
•
Rename a Snapshot on page 228
•
Expire a Snapshot on page 228
Create a Snapshot
A snapshot can be created manually, when an unscheduled
snapshot is required.
To manually create a snapshot, use the following procedure.
1. Click the Data Management > Snapshots tabs to open the
Snapshots view.
The Snapshots tab is active by default.
2. In the Snapshots view, click Create.
The Create dialog box appears.
3. In the Name text field, enter the name of the snapshot.
226
Working with Snapshots
4. In the MTree(s) area, select a checkbox of one or more MTrees
in the Available MTrees pane and click Add.
The MTrees move to the Selected MTrees pane.
5. In the Expiration area, click the radio button for when the
snapshot should be expired:
a. Never Expire
b. Enter a number for the In text field, and select Days, Weeks,
Month, or Years from the drop-down list. The snapshot will
be retained until the same time of day as when it is created.
c. Enter a date (using the format mm/dd/yyyy) in the On
text field, or click Calendar and click a date. The snapshot
will be retained until midnight (00:00, the first minute of
the day) of the given date.
6. Click OK and Close.
The snapshot is added to the list.
Modify a Snapshot Expiration Date
The administrator may wish to modify snapshot expiration dates,
for example, when snapshots take up too much disk space, if
snapshots were created too frequently, or if a date needs to be
extended for auditing or compliance.
To modify a scheduled snapshot expiration date:
1. Click the Data Management > Snapshots > tabs to open the
Snapshots view.
The Snapshots tab is active by default.
2. Click the checkbox of the snapshot entry in the list and click
Modify Expiration Date.
Note: More than one snapshot can be selected by clicking
additional check boxes.
The Modify dialog box appears.
3. In the Expiration area, click the radio button for when the
snapshot should be expired:
DD OS 5.0 Administration Guide
227
a. Never Expire
b. In the In text field, enter a number and select Days, Weeks,
Month, or Years from the drop-down list. The snapshot will
be retained until the same time of day as when it is created.
c. In the On text field, enter a date (using the format
mm/dd/yyyy) or click Calendar and click a date. The
snapshot will be retained until midnight (00:00, the first
minute of the day) of the given date.
4. Click OK.
Rename a Snapshot
To rename a snapshot:
1. Click the Data Management > Snapshots tabs to open the
Snapshots view.
The Snapshots tab is active by default.
2. Click the checkbox of the snapshot entry in the list and click
Rename.
The Rename dialog box appears.
3. In the Name text field, enter a new name.
4. Click OK.
Expire a Snapshot
Snapshots cannot be deleted. To free up disk space, you can expire
snapshots manually and they will be deleted in the next cleaning
operation after the expiry date. This operation can be used to
remove snapshots that are no longer needed, but their scheduled
expiration date has not occurred, or that have no expiration date.
To expire a scheduled snapshot:
1. Click the Data Management > Snapshots tabs to open the
Snapshots view.
The Snapshots tab is active by default.
228
Working with Snapshots
2. Click the checkbox next to snapshot entry in the list and click
Expire.
Note: More than one snapshot can be selected by clicking
additional check boxes.
The snapshot is marked as Expired in the Status column and
will be deleted at the next cleaning operation.
Managing Snapshot Schedules
The previous section describes manually creating a one-time
snapshot. This section describes how to set up and manage a series
of snapshots that are automatically taken at regular intervals in the
future. Such a series of snapshots is called a “snapshot schedule,”
or “schedule” for short.
Multiple snapshot schedules can be active at the same time.
Note: If multiple snapshots are scheduled to occur at the same
time, only one is retained. Which one is retained is indeterminate,
thus only one snapshot should be scheduled for a given time.
Create a Snapshot Schedule
To add a snapshot schedule:
1. Click the Data Management > Snapshots >Schedules tabs to
open the Schedules view.
2. Click Create.
The Create dialog appears.
3. In the Name text field, enter the name of the schedule.
4. In the Snapshot Name Pattern text box, enter a name pattern.
Use alphabets, numbers, _, -, and variables (such as %Y-%m%d-%H-%M that translate into current values).
5. Click Validate Pattern & Update Sample. The name displays in
the Live Sample field.
6. Click Next.
DD OS 5.0 Administration Guide
229
7. Click a radio button to set the date when the schedule will be
executed:
a. Weekly—Click check boxes next to the days of the week or
select Every Day.
b. Monthly—Click the Selected Days option and click the
dates on the calendar, or select the Last Day of the Month
option.
c. Click Next.
8. Click a radio button to set the time of day when the schedule
will be executed:
a. At Specific Times—Click Add and in the Time dialog that
appears, enter the time in the format hh:mm, and click OK.
b. In Intervals—Click the drop-down arrows to select the start
and end time hh:mm and AM or PM. Click the Interval
drop-down arrows to select a number and then the hours
or minutes of the interval.
c. Click Next.
9. In the Retention Period text entry field, enter a number and
click the drop-down arrow to select days, months, or years,
and click Next.
Schedules must explicitly specify a retention time.
10. Review the parameters in the schedule summary and click
Finish to complete the schedule or Back to change any entries.
11. If an MTree is not associated with the schedule, a warning
dialog box appears asking if you’d like to add an MTree to the
schedule. Click OK to continue (or Cancel to exit). See the
chapter
12. To assign an MTree to the schedule, in the MTree(s) area, click
the checkbox of one or more MTrees in the Available MTrees
pane, click Add and OK.
The MTrees move to the Selected MTrees pane.
230
Working with Snapshots
Naming Conventions for Snapshots Created by a Schedule
The naming convention for scheduled snapshots is the word
scheduled followed by the date when the snapshot is to occur, in
the format scheduled-yyyy-mm-dd-hh-mm. For example,
scheduled-2009-04-27-13-30.
The name mon_thurs is the name of a snapshot schedule.
Snapshots generated by that schedule might have the names
scheduled-2008-03-24-20-00, scheduled-2008-03-25-20-00,
etc.
Modify a Snapshot Schedule
To modify a snapshot schedule:
1. In the schedule list, select the schedule and click Modify.
The Modify Schedule dialog appears.
2. In the Name text field, enter the name of the schedule and click
Next.
Use alphanumeric characters, and the _ and -.
3. Click a radio button to set the date when the schedule will be
executed:
a. Weekly—Click check boxes next to the days of the week or
select Every Day.
b. Monthly—Click the Selected Days option and click the
dates on the calendar, or select the Last Day of the Month
option.
c. Click Next.
4. Click a radio button to set the time of day when the schedule
will be executed:
a. At Specific Times—Click the checkbox of the scheduled
time in the Times list and click Edit. In the Times dialog
that appears, enter a new time in the format hh:mm, and
click OK. Or click Delete to remove the scheduled time.
b. In Intervals—Click the drop-down arrows to select the start
and end time hh:mm and AM or PM. Click the Interval
DD OS 5.0 Administration Guide
231
drop-down arrows to select a number and then the hours
or minutes of the interval.
c. Click Next.
5. In the Retention Period text entry field, enter a number and
click the drop-down arrow to select days, months, or years,
and click Next.
6. Review the parameters in the schedule summary and click
Finish to complete the schedule or Back to change any entries.
Delete a Snapshot Schedule
To delete a snapshot schedule, in the schedule list, click the
checkbox to select the schedule and click Delete. In the verification
dialog window, click OK and then Close.
Recover Data from a Snapshot
The fastcopy operation can be used to retrieve data stored in a
snapshot. See Fast Copy Operations on page 206 for details.
232
Working with Snapshots
8
Data Access for CIFS
The Common Internet File System (CIFS) clients can have access to
the system directories on the Data Domain system. The
/data/col1/backup directory is the destination directory for
compressed backup server data. The /ddvar directory contains
Data Domain system core and log files.
Clients, such as backup servers that perform backup and restore
operations with a Data Domain system, at the least, need access to
the /data/col1/backup directory. Clients that have
administrative access need to be able to access the /ddvar
directory to retrieve core and log files.
As part of the initial Data Domain system configuration, CIFS
clients were configured to access these directories. This chapter
describes how to modify these settings and how to manage data
access using the Enterprise Manager and cifs command.
Notes:
•
The Enterprise Manager Data Management > CIFS page
allows you to perform major CIFS operations (such as
enabling and disabling CIFS, setting authentication,
managing shares, and viewing configuration and share
information.
•
The cifs command contains all the options to manage
CIFS backup and restores between Windows clients and
Data Domain systems, and display CIFS statistics and
status. For complete information about the cifs command,
see the DD OS 5.0 Command Reference Guide.
•
For information about the initial system configuration, see
the DD OS 5.0 Initial Configuration Guide.
•
For information about setting up clients to use the Data
Domain system as a server, see the related tuning guide,
such as the CIFS Tuning Guide, which is available from the
DD OS 5.0 Administration Guide
233
Data Domain support Web site. From the Documentation >
Integration Documentation page, select the vendor from
the list and click OK. Select the tuning guide from the list.
This chapter consists of these major sections.
•
Performing CIFS Setup on page 234
•
Working with Shares on page 240
•
Managing Access Control on page 247
•
Monitoring CIFS Operation on page 254
•
Performing CIFS Troubleshooting on page 258
Performing CIFS Setup
The following sections describe tasks that are performed to set up
CIFS:
•
Prepare Clients for Access to Data Domain Systems on page 234
•
Enable CIFS Services on page 235
•
Naming the CIFS Server on page 235
•
Setting Authentication Parameters on page 236
•
Restrict CIFS Interfaces on page 239
•
Set CIFS Options on page 239
•
Disable CIFS Services on page 240
Prepare Clients for Access to Data Domain Systems
1. Log in to the Data Domain Support Web site.
2. In the Systems pane, click Documentation.
3. On the Documentation page, clink Integration Documentation.
4. Select the vendor for the client system’s operating system, such
as Microsoft, and click OK.
5. Select the appropriate tuning document, such as the CIFS
Tuning Guide.
234
Data Access for CIFS
6. Follow the instructions given in the tuning document.
Enable CIFS Services
After configuring client access, as described in Prepare Clients for
Access to Data Domain Systems on page 234, enable CIFS services,
which allow the client to access the system using the CIFS protocol.
1. For the Data Domain system that is selected in the Enterprise
Manager Navigational tree, click Data Management > CIFS.
2. In the CIFS Status area, click Enable.
Naming the CIFS Server
The hostname for the Data Domain system that serves as the CIFS
server was set during the system’s initial configuration. To change
a CIFS server name, see the procedures in Setting Authentication
Parameters on page 236.
A Data Domain system’s hostname should match the name
assigned to its IP address, or addresses, in the DNS table.
Otherwise, there might be problems when the system attempts to
join a domain, and authentication failures can occur. If you need to
change the Data Domain system’s hostname, use the net reset
hostname command, and also modify the system’s entry in the
DNS table.
When the Data Domain system acts as a CIFS server, it takes the
hostname of the system. For compatibility, it also creates a
NetBIOS name. The NetBIOS name is the first component of the
hostname in all uppercase letters. For example, the hostname
jp9.oasis.local is truncated to the NetBIOS name JP9. The CIFS
server responds to both names.
You can have the CIFS server respond to different names at the
NetBIOS levels by changing the NetBIOS hostname.
Change the NetBIOS Hostname
1. Display the current NetBIOS name by entering:
# cifs show config
2. Enter:
DD OS 5.0 Administration Guide
235
# cifs set nb-hostname nb-hostname
Setting Authentication Parameters
The Enterprise Manager Configure Authentication dialog box
allows you to set the authentication parameters the Data Domain
system uses for working with CIFS.
The Data Domain system needs to join one of these domains: active
directory (AD) workgroups (the default), or NT4 Mode. If you did
not use the Enterprise Manager’s Configuration Wizard to set the
join mode, use the procedures in this section to choose or change a
mode.
The authentication configuration procedures are:
•
Configure Authentication for Active Directory on page 236
•
Configure Authentication for Workgroups on page 238
•
Configure Authentication for NT4 Mode on page 238
•
Resetting the Authentication Mode to the Default (Workgroup) on
page 239
Configure Authentication for Active Directory
The Data Domain system must meet all active-directory
requirements, such as a clock time that differs no more than five
minutes from that of the domain controller.
Note: See Managing Access Control on page 247 for information
about synchronizing clock time with a domain controller.
To set Active Directory authentication parameters:
1. On the CIFS page, click Configure Authentication.
2. Select Configure Authentication.
The Configure Authentication dialog appears.
3. From the Mode drop-down list, select Active Directory.
The active-directory mode joins a Data Domain system to an
active-directory domain.
236
Data Access for CIFS
4. In the Realm Name text box, enter the full realm name for the
system, such as domain1.local.
5. In the Domain Joining Credential area, enter a user name and
password.
Enter either a user on your company’s domain, or a user in a
domain that is a trusted domain of your company. The user
name and password must be compatible with Microsoft
requirements for the Active Directory domain being joined.
This user must have permission to create accounts in your
company’s domain.
6. Click the Advanced tab to set additional information.
7. Optionally, to modify a CIFS server name, in the CIFS Server
Name area, change the name of the CIFS server (for
information about the CIFS server name, see Naming the CIFS
Server on page 235):
•
Click the checkbox to use the default CIFS server name.
•
Deselect the checkbox and enter the CIFS server name in
the text box.
8. In the Domain Controller area, determine how domain
controllers are assigned:
•
For automatic assignment, click the radio button next to
Automatically assign Domain Controllers. This is the
default and recommended method.
•
To add specific domain controllers, click the radio button
next to Manually assign Domain Controllers and enter a
controller name in the text box. Up to three controller
names can be added.
You can enter fully qualified domain names, hostnames, or
IP addresses.
9. Optionally, to add Organizational Units, in the Organizational
Unit area, set the name of the Organizational Unit:
•
Click the checkbox to use the default Organizational Unit
•
Deselect the checkbox and enter the Organizational Unit
name in the text box.
DD OS 5.0 Administration Guide
237
10. Optionally, to use DDNS, click the Enable checkbox.
11. Click OK.
Configure Authentication for Workgroups
The workgroup mode means that the Data Domain system
authenticates users from CIFS clients.
To set Workgroup authentication parameters:
1. On the CIFS page, click Configure Authentication.
The Configure Authentication dialog appears.
2. From the Mode drop-down list, select Workgroup.
3. Enter the name of the workgroup in the Workgroup Name text
box.
4. Click the Advanced tab to configure additional settings.
5. Optionally, to modify a CIFS server name, in the CIFS Server
Name area, change the name of the CIFS server:
•
Click the checkbox to use the default CIFS server name.
•
Deselect the checkbox and enter the CIFS server name in
the text box.
Configure Authentication for NT4 Mode
This mode allows the Data Domain system to join NT4 domains.
Specify the NT4 domain authentication mode using the cifs set
authentication command, using the mode’s syntax.
cifs set authentication nt4 domain [ [pdc [bdc]] |
* ]
This command sets the authentication mode to the NT4 domain for
pdc or bdc domain controllers or all domain controllers ( * ).
238
Data Access for CIFS
Resetting the Authentication Mode to the Default
(Workgroup)
1. On the CIFS page, click Configure Authentication.
The Configure Authentication dialog appears.
2. From the Mode drop-down list, select Workgroup (default).
3. Click OK.
Specify a WINS Server
Enter:
# cifs set wins-server ipaddr
Note: If CIFS clients are using NetBIOS, a WINS server may be
needed to resolve NetBIOS names to IP addresses.
Restrict CIFS Interfaces
By default, the CIFS server listens on all Data Domain system NICactive interfaces.
Enter:
# cifs option set interfaces value
The value is a list of interfaces, such as Ethernet port names.
Multiple interfaces must be separated by a space and enclosed
within double quotation marks; for example, "eth0 eth2".
Set CIFS Options
1. Select the Data Domain system in the Navigational tree and
click the Data Management > CIFS > Configuration tabs.
2. In the Options area, click Configure Options.
The Configure Options dialog box appears.
3. To restrict anonymous connections, click the checkbox of the
Enable option in the Restrict Anonymous Connections area.
4. In the LogLevel area, click the drop-down list to select the level
number.
DD OS 5.0 Administration Guide
239
The level is an integer from 0 (zero) to 10 (ten). One is the
default system level that sends the least-detailed level of CIFSrelated log messages; ten results in the most detail. Log
messages are located in the file /ddvar/log/windows.
Note: A log level of 10 degrades system performance. Click the
Default in the Log Level area after debugging an issue. This
sets the level back to 1.
Disable CIFS Services
To prevent clients from accessing the Data Domain system:
1. Select the Data Domain system in the Navigational tree and
click the Data Management > CIFS tabs.
1. In the Status area, click Disable.
The Disable CIFS dialog box appears.
2. Click OK.
Working with Shares
To share data, create shares on the Data Domain system. Shares are
administered on the Data Domain system and the CIFS systems.
This section describes the following topics:
•
Creating Shares on the Data Domain System on page 240
•
Modify a Share on a Data Domain System on page 242
•
Delete a Share on a Data Domain System on page 244
•
Disable a Share on a Data Domain System on page 244
•
Enable a Share on a Data Domain System on page 244
•
Performing MMC Administration on page 245
•
Connect to a Data Domain Share from a CIFS Client on page 245
Creating Shares on the Data Domain System
When creating shares, you have to assign client access to each
directory separately and to remove access from each directory
240
Data Access for CIFS
separately. For example, a client can be removed from /ddvar and
still have access to /data/col1/backup.
Note: If Replication is to be implemented, a single destination
Data Domain system can receive backups from both CIFS clients
and NFS clients as long as separate directories are used for each.
Do not mix CIFS and NFS data in the same directory.
1. From the Navigational pane, select a Data Domain system to
configure shares.
2. Click Data Management > CIFS tabs to navigate to the CIFS
view.
3. Ensure authentication has been configured, as described in
Setting Authentication Parameters on page 236.
4. On the CIFS client, set shared directory permissions or security
options.
5. On the CIFS view, click the Shares tab.
6. Click Create.
The Create Shares dialog box appears.
7. In the Create Shares dialog box, enter the following
information:
Item
Description
Share Name
A descriptive name for the share.
Directory Path
The path to the target directory (for
example, /data/col1/backup/dir1).
Comment
A descriptive comment about the share.
8. Add a client by clicking the plus sign ( + ) in the Clients area.
The Client dialog box appears. Enter the name of the client in
the Client text box and click OK.
No blanks or tabs (white space) characters are allowed.
Repeat this step for each client that you need to configure.
9. Optionally, add a user or group by clicking the plus sign ( + ) in
the User/Group area. The User/Group dialog box appears.
DD OS 5.0 Administration Guide
241
a. Click the Type radio button to select User or Group.
b. Enter the name of the user or group in the Name text box.
Group names must be proceeded by the at (@) symbol. For
example, @group1.
Note: To make share available to all clients specify an asterisk
( * ) as the client. All users in the client list can access the share,
unless one or more user names are specified, in which case
only the listed names can access the share.
c. Click OK.
10. In the Max Connections area, click the radio button beside the
text box and enter the maximum number of connections to the
share that are allowed at one time. The default value is zero,
(also settable with the Unlimited radio button) which enforces
no limit on the number of connections.
11. To allow browsing (the share can be seen, which is the default),
ensure the checkbox next to Allow Browsing is checked.
Deselect this box if you wish the share not to be browsable.
12. To keep the share writable, ensure the checkbox next to
Writable is checked (the default). Uncheck this box if you wish
the share to be read only.
13. Click OK.
The newly created share appears at the end of the list of shares,
located in the center of the Shares pane.
Modify a Share on a Data Domain System
To modify the setup of an existing share:
1. In the Shares tab, click the checkbox next the share you wish to
modify in the Share Name list.
2. Click Modify.
The Modify Share dialog box appears.
3. Modify share information:
a. To change the comment, enter new text in the Comment
text field.
242
Data Access for CIFS
b. To modify a client name, in the Client list, click the
checkbox of the client and click edit (pencil icon) or delete
( X ). To add a client, click ( + ) and add the name in the
Client dialog box.
c. To modify a User or Group names, in the User/Group list,
click the checkbox of the user or group and click edit
(pencil icon) or delete ( X ). To add a user or group, click
( + ), and in the User/Group dialog box select the Type
radio button for User or Group, and enter the user or group
name.
Group names must be proceeded by the at (@) symbol. For
example, @group1.
Note: To make share available to all clients specify an asterisk
( * ) as the client. All users in the client list can access the share,
unless one or more user names are specified, in which case
only the listed names can access the share.
d. Click OK.
4. In the Max Connections area, in the text box, change the
maximum number of connections to the share that are allowed
at one time. Or select the Unlimited radio button to enforce no
limit on the number of connections.
5. To allow browsing (the share can be seen, which is the default),
ensure the checkbox next to Allow Browsing is checked.
Deselect this box if you wish the share not to be browsable.
•
To keep the share writable, ensure the checkbox next to
Writable is checked (the default). Uncheck this box if you wish
the share to be read only.
6. Click OK.
Create a Share from an Existing Share
To create a share from an existing share, and then modify as
needed:
1. In the CIFS Shares table, click the checkbox of share you wish
to use as the source
2. Click Create From.
DD OS 5.0 Administration Guide
243
The Create From Existing Share dialog box appears.
3. Modify the share information, as described in Modify a Share on
a Data Domain System on page 242.
Disable a Share on a Data Domain System
To disable one or more existing shares:
1. In the Shares tab, click the checkbox of the share you wish to
disable in the Share Name list.
2. Click Disable.
The Disable Shares Status dialog box appears.
3. Click Close.
Enable a Share on a Data Domain System
To enable one or more existing share:
1. In the Shares tab, click the checkbox of the shares you wish to
enable in the Share Name list.
2. Click Enable.
The Enable Shares Status dialog box appears.
3. Click Close.
Delete a Share on a Data Domain System
To delete one or more existing shares:
1. In the Shares tab, click the checkbox of the shares you wish to
delete in the Share Name list.
2. Click Delete.
The Warning dialog box appears.
3. Click OK.
The shares are removed.
244
Data Access for CIFS
Performing MMC Administration
You can use the Microsoft Management Console (MMC) for
administration. DD OS supports these MMC features:
•
Share management, except for browsing when adding a share
or when the change of the offline settings default, which is
manual.
•
Session management.
•
Open file management, except for deleting files.
Connect to a Data Domain Share from a CIFS Client
1. On the Data Domain system CIFS page, verify that CIFS Status
shows CIFS is enabled and running.
2. In the Control Panel, open Administrative Tools and select
Computer Management.
3. In the Computer Management dialog box, right-click
Computer Management (Local) and select Connect to another
computer from the menu.
4. In the Select Computer dialog box, select Another computer
and enter the name or IP address for the Data Domain system.
5. Create a \backup subfolder as read-only. See Create a \backup
Subfolder as Read-Only on page 246.
DD OS 5.0 Administration Guide
245
Figure 8-1: Computer Management Dialog Box
Create a \backup Subfolder as Read-Only
1. In the Control Panel, open Administrative Tools and select
Computer Management.
2. Right-click Shares in the Shared Folders directory.
3. Select New File Share from the menu.
The Create a Shared Folder Wizard opens. The computer name
should be the name or IP address of the Data Domain system.
4. Enter the path for the Folder to share; for example, enter
C:\backup\newshare
5. Enter the Share name; for example, enter newshare. Click Next.
6. For the Share Folder Permissions, selected Administrators have
full access; other users have read-only access. Click Next.
246
Data Access for CIFS
Figure 8-2: Completing the Create a Shared Folder Wizard
7. The Completing screen shows that you have successfully
shared the folder with all Microsoft Windows clients in the
network. Click Finish.
The newly created shared folder is listed in the Computer
Management dialog box.
Display CIFS Information
1. In the Control Panel, open Administrative Tools and select
Computer Management.
2. Select one of the Shared Folders (Shares, Sessions, or Open
Files) in the System Tools directory.
Information about shared folders, sessions, and open files is
shown in the right pane.
Managing Access Control
To manage access controller, refer to the following topics:
•
Accessing Shares from a Windows Client on page 248
•
Provide Domain Users Administrative Access on page 248
•
Allow Access from Trusted Domain Users on page 248
DD OS 5.0 Administration Guide
247
•
Allow Administrative Access to a Data Domain System for Domain
Users on page 249
•
Restrict Administrative Access from Windows on page 249
Accessing Shares from a Windows Client
From the Windows client enter:
> net use drive: \\DD_sys\data\col1\backup
/USER:DD_sys\user
For example, enter:
> net use H: \\dd02\data\col1\backup
/USER:dd02\backup22
This command maps the /data/col1/backup directory from Data
Domain System dd02 to drive H on the Windows system and gives
the user named backup22 access to the /data/col1/backup
directory.
Provide Domain Users Administrative Access
Enter:
# adminaccess authentication add cifs
The SSH, Telnet, or FTP command that accesses the Data Domain
system must include, in double quotation marks, the domain
name, a backslash, and the user name. For example:
C:> ssh “domain2\djones” @ddr22
Allow Access from Trusted Domain Users
Enter:
# cifs option set allowtrusteddomains {enabled |
disabled}
Note: These are domains that are trusted by the domain that
includes the Data Domain system.
248
Data Access for CIFS
Allow Administrative Access to a Data Domain
System for Domain Users
1. Enter:
# cifs option set "dd admin group2"
["windows grp-name"]
The Windows group name is a group that exists on a Windows
domain controller.
2. Enable CIFS administrative access by entering:
# adminaccess authentication add cifs
You can use this command to map a Data Domain system
default group number to a Windows group name that differs
from the default group name. For example:
•
The default Data Domain system group dd admin group1
is mapped to the Windows group Domain Admins.
•
You can map the default Data Domain system group dd
admin group2 to a Windows group named Data Domain
that you create on a Windows domain controller.
•
Access is available through SSH, Telnet, FTP, HTTP, and
HTTPS.
•
After setting up administrative access to the Data Domain
system from the Windows group Data Domain, you must
enable CIFS administrative access using the adminaccess
command.
Restrict Administrative Access from Windows
Enter:
# adminaccess authentication del cifs
This commands prohibits Windows users access to the Data
Domain system if they do not have an account on the Data Domain
system.
DD OS 5.0 Administration Guide
249
File Access
The following sections describe file access options:
•
NT Access Control Lists on page 250
•
Set DACL Permissions Using the Windows Explorer on page 252
•
Set SACL Permissions Using the Windows Explorer on page 253
•
View or Change the Current Owner Security ID (Owner SID) on
page 253
•
Convert the Metadata on page 254
NT Access Control Lists
Access control lists (ACLs) are enabled by default on the Data
Domain system.
Note: When CIFS ACLs are disabled via the command
cifs option set ntfs-acls disabled, the Data Domain
system generates an ACL that approximates the UNIX
permissions, whether or not there were previously set CIFS ACLs.
For more detailed information about ACLs than is provided in this
section, see your Windows Operating System documentation.
Caution: Data Domain recommends that you do not disable NTFS
ACLs once they have been enabled. Contact Data Domain Support
prior to disabling NTFS ACLs.
Default ACL Permissions
The default permissions, which are assigned to new objects created
through the CIFS protocol when ACLs are enabled, depend on the
status of the parent directory. There are three different
possibilities:
250
•
The parent directory has no ACL because it was created
through CIFS protocol. See Permissions for a Parent Directory
Without ACL on page 251.
•
The parent directory has an inheritable ACL, either because it
was created through the CIFS protocol or because ACL had
been explicitly set. The inherited ACL is set on new objects.
Data Access for CIFS
•
The parent directory has an ACL, but it is not inheritable. The
permissions are as follows:
Table 8-1: Permissions for Parent Directory with Non-Inheritable ACLs
Type
Name
Permission
Apply To
Allow
SYSTEM
Full control
This folder only
Allow
CREATOR
OWNER
Full control
This folder only
Note: CREATOR OWNER is replaced by the user creating the
file/folder for normal users and by Administrators for
administrative users.
Permissions for a Parent Directory Without ACL
The permissions for a parent directory without ACL are as follows:
•
BUILTIN\Administrators:(OI)(CI)F
•
NT AUTHORITY\SYSTEM:(OI)(CI)F
•
CREATOR OWNER:(OI)(CI)(IO)F
•
BUILTIN\Users:(OI)(CI)R
•
BUILTIN\Users:(CI)(special access:)FILE_APPEND_DATA
•
BUILTIN\Users:(CI)(IO)(special access:)FILE_WRITE_DATA
•
Everyone:(OI)(CI)R
These permissions are described in more detail below.
Table 8-2: Permissions for a Parent Directory with No ACL
Type
Name
Permission
Apply To
Allow
Administrators
Full control
This folder, subfolders,
and files
Allow
SYSTEM
Full control
This folder, subfolders,
and files
Allow
CREATOR OWNER
Full control
Subfolders and files
only
Allow
Users
Read & execute
This folder, subfolders,
and files
DD OS 5.0 Administration Guide
251
Table 8-2: Permissions for a Parent Directory with No ACL
Type
Name
Permission
Apply To
Allow
Users
Create subfolders
This folder and
subfolders only
Allow
Users
Create files
Subfolders only
Allow
Everyone
Read & execute
This folder, subfolders,
and files
Setting ACL Permissions and Security
Windows-based backup and restore tools such as NetBackup can
be used to back up DACL- and SACL-protected files to the Data
Domain system, and to restore them from the Data Domain
system.
Granular and Complex Permissions (DACL)
You can set granular and complex permissions (DACL) on any file
or folder object within the DDFS file systems, either through using
Windows commands such as cacls, xcacls, xcopy and scopy, or
through the CIFS protocol using the Windows Explorer GUI.
Audit ACL (SACL)
You can set audit ACL (SACL) on any object in the Data Domain
File System (DDFS), either through commands or through the CIFS
protocol using the Windows Explorer GUI.
Set DACL Permissions Using the Windows Explorer
1. Right-click the file or folder and select Properties from the
menu.
2. In the ACL Properties dialog box, click the Security tab.
3. Select the group or user name, such as Administrators, from
the list. The permissions appear, in this case for
Administrators, Full Control.
4. Click the Advanced button, which enables you to set special
permissions.
5. In the Advanced Security Settings for acl dialog box, click the
Permissions tab.
252
Data Access for CIFS
6. Select the permission entry in the list.
7. To view more information about a permission entry, select the
entry and click Edit.
8. Select the Inherit from parent option to have the permissions of
parent entries inherited by their child objects, and click OK.
Set SACL Permissions Using the Windows Explorer
1. Right-click the file or folder and select Properties from the
menu.
2. In the acl Properties dialog box, click the Security tab.
3. Select the group or user name, such as Administrators, from
the list, which displays its permissions, in this case, Full
Control.
4. Click the Advanced button, which enables you to set special
permissions.
5. In the Advanced Security Settings for ACL dialog box, click the
Auditing tab.
6. Select the auditing entry in the list.
7. To view more information about special auditing entries, select
the entry and click Edit.
8. Select the Inherit from parent option to have the permissions of
parent entries inherited by their child objects, and click OK.
View or Change the Current Owner Security ID (Owner
SID)
1. In the Advanced Security Settings for ACL dialog box, click the
Owner tab.
2. To change the owner, select a name from the Change owner
list, and click OK.
Controlling ID Account Mapping
The CIFS option idmap-type controls ID account mapping
behavior. It has two values: rid (the default) and none. When the
DD OS 5.0 Administration Guide
253
option is set to rid, the ID-to -id mapping is performed internally.
When the option is set to none, all CIFS users are mapped to a local
UNIX user named cifsuser belonging to the local UNIX group
users.
Notes:CIFS must be disabled to set this option. If CIFS is running,
disable CIFS services.
idmap-type can set to none only when ACL support is enabled.
Whenever the idmap type is changed, a file system metadata
conversion may need required for correct file access. Without any
conversion, the user may not be able to access the data.
Convert the Metadata
Enter this command on the Data Domain system:
# dd-aclutil -m root-directory
In this command, the root directory is the directory where the user
ID or group ID is to be changed.
Monitoring CIFS Operation
The following topics describe how to monitor CIFS operation.
•
Display CIFS Status on page 254
•
Display CIFS Configuration on page 255
•
Display Share Information on page 256
•
Display CIFS Statistics on page 258
Display CIFS Status
1. In the Enterprise Manager, select Data Management > CIFS.
2. Check CIFS information, as follows:
•
Status is either enabled and running or disabled.
To enable CIFS, see Enable CIFS Services on page 235. To
disable CIFS, see Disable CIFS Services on page 240.
254
Data Access for CIFS
•
Connections lists the tally of open connections and open
files.
Click Connection Details to see more connection
information.
•
Configuration details are described in Display CIFS
Configuration on page 255.
•
Share information is described in Display Share Information
on page 256.
Display CIFS Configuration
On the CIFS page, click the Configuration tab. See information for:
•
Authentication Configuration on page 255
•
Display Share Information on page 256
Authentication Configuration
The information in the Authentication pane changes, depending
on the type of authentication that is configured:
•
Active Directory Configuration on page 255
•
Workgroup Configuration on page 256
Active Directory Configuration
The following Authentication information is displays for Active
Directory configuration:
Item
Description
Mode
The Active Directory mode displays.
Realm
The configured realm displays.
DDNS
The status of the DDNS Server displays: either
enabled or disabled.
Domain Controller
The name of the configured domain controller
displays or a * if all controllers are permitted.
Organizational Unit
The name of the configured organizational
units displays.
DD OS 5.0 Administration Guide
255
Item
Description
CIFS Server Name
The name of the configured CIFS server
displays.
WINS Server Name
The name of the configured WINS server
displays.
Short Domain Name
The short domain name displays.
Workgroup Configuration
The following Authentication information is displays for
Workgroup configuration:
Item
Description
Mode
The Workgroup mode displays.
Workgroup Name
The configured workgroup name displays.
DDNS
The status of the DDNS Server displays: either
enabled or disabled.
CIFS Server Name
The name of the configured CIFS server
displays.
WINS Server Name
The name of the configured WINS server
displays.
Display Share Information
On the CIFS page, click the Shares tab. See information for:
•
Viewing Configured Shares on page 256
•
Viewing Detailed Share Information on page 257
Viewing Configured Shares
By default, the list of configured shares displays, showing the
following:
256
Item
Description
Share Name
The name of the share (for example, share1).
Share Status
The status of the share: either enabled or
disabled.
Data Access for CIFS
Item
Description
Directory Path
The directory path to the share (for example,
/data/col1/backup/dir1).
Directory Path Status
The status of the directory path.
•
To list information about a specific share, enter the share name
in the Filter by Share Name text box and click Update.
•
Click Update to return to the default list.
•
To page through the list of shares, click the < and > arrows at
the bottom right of the view to page forward or backward. To
skip to the beginning of the list, click|< and to skip to the end,
click >|.
•
Click the Items per Page drop-down arrow to change the
number of share entries listed on a page. Choices are 15, 30, or
45 entries.
Viewing Detailed Share Information
To see detailed information about a share, click the share name in
the share list. The following detailed information displays:
Item
Description
Share Name
The name of the share (for example, share1).
Directory Path
The directory path to the share (for example,
/data/col1/backup/dir1).
Comment
The comment that was configured when the
share was created.
Share Status
The status of the share: either enabled or
disabled.
Number of ACE’s
The number of Access Control Entries.
•
The Clients area lists the clients that are configured to access
the share, along with a client tally beneath the list.
•
The User/Groups area lists the names and type of users or
groups that are configured to access the share, along with a
user or group tally beneath the list.
DD OS 5.0 Administration Guide
257
•
The Options area lists the name and value of configured
options.
Display CIFS Statistics
Enter:
# cifs show stats
The output shows total operations, reads, and writes.
Performing CIFS Troubleshooting
This section provides basic troubleshooting procedures.
Note: The cifs troubleshooting commands provide detailed
information about CIFS users and groups.
Display Clients Current Activity
Enter:
# cifs show active
The output shows shares accessed from a client system, current
data transfer, and locked files.
258
PID
Username
Group
Machine
568
sysadmin
admin
srvr24 (192.168.1.5)
566
sysadmin
admin
srvr22 (192.168,1,6
Services
PID
Machine
Connected at
ddvar
566
server22
Tues Jan 13 12:11:03 2009
backup
568
server24
Tues Jan 13 12:09:44 2009
Data Access for CIFS
The output for locked files provides the following information by
file name or date.
PID
Deny Mode
Access
Read/Write
Oplock
566
DENY_WRITE
0x20089
RDONLY
NONE
566
DENY_ALL
0x30196
WRONLY
NONE
Set the Maximum Number of Open Files
Enter:
# cifs option set maxopenfiles value
The value for the maximum number of files that can be open
concurrently is an integer from 128 to 59412. The default is 10000.
If the system runs out of open files, increase the value’s number.
Because each open file requires a certain amount of memory, the
server may run out of memory if you set the value to the
maximum. If a value is not within the accepted range, the system
automatically resets it to 128 or 59412, depending on whether the
value was below 128 or above 59412.
Data Domain System Clock
When using active directory mode for CIFS access, the Data
Domain system clock time can differ by no more than five minutes
from that of the domain controller. The Enterprise Manager
System Settings > General Configuration Configure Time Settings
option synchronizes the clock with a time server.
Because the Windows domain controller obtains the time from an
external source, NTP must be configured. See the Microsoft
documentation on how to configure NTP for the Windows
operating system version or service pack that is running on your
domain controller.
DD OS 5.0 Administration Guide
259
Synchronize from a Windows Domain Controller
Note: This example is for Windows 2003 SP1; substitute your
domain server for the NTP server’s name.
1. On the Windows system, enter commands similar to the
following:
C:\>w32tm /config /syncfromflags:manual
/manualpeerlist: ntp-server-name
C:\>w32tm /config /update
C:\>w32tm /resync
2. After NTP is configured on the domain controller, configure
the time server synchronization, as described in Working with
Time and Date Settings on page 119.
Synchronize from an NTP Server
To synchronize from an NTP server, configure the time server
synchronization, as described in Working with Time and Date
Settings on page 119.
260
Data Access for CIFS
9
Data Access for NFS
Network File System (NFS) clients can have access to the system
directories or MTrees on the Data Domain system.
•
/backup is the default destination for non-MTree compressed
backup server data.
•
The /data/col1/backup path is the root destination when
using MTrees for compressed backup server data.
•
The /ddvar directory contains Data Domain system core and
log files.
Clients, such as backup servers that perform backup and restore
operations with a Data Domain system, need access to the
/backup or /data/col1/backup areas. Clients that have
administrative access need to be able to access the /ddvar
directory to retrieve core and log files.
As part of the initial Data Domain system configuration, NFS
clients were configured to access these areas. This chapter
describes how to modify these settings and how to manage data
access.
Notes:
•
For information about the initial system configuration, see the
DD OS 5.0 Initial Configuration Guide.
•
The nfs command manages backups and restores between
NFS clients and Data Domain systems, and displays NFS
statistics and status. For complete information about the nfs
command, see the DD OS 5.0 Command Reference Guide.
•
For information about setting up third-party clients to use the
Data Domain system as a server, see the related tuning guide,
such as the Solaris System Tuning, which is available from the
Data Domain support Web site. From the Documentation >
DD OS 5.0 Administration Guide
261
Integration Documentation page, select the vendor from the
list and click OK. Select the tuning guide from the list.
This chapter consists of these major topics.
•
Managing NFS Client Access to the Data Domain System on
page 262
•
Displaying NFS Information on page 266
Managing NFS Client Access to the Data
Domain System
Topics for managing NFS include:
•
Enable NFS Services on page 262
•
Disable NFS Services on page 262
•
Create an Export on page 263
•
Modify an Export on page 264
•
Create an Export from an Existing Export on page 266
•
Delete an Export on page 266
Enable NFS Services
To enable NFS services, which allows the client to access the
system using the NFS protocol:
1. Select the Data Domain system from the Navigational tree.
The Summary page for the system displays.
2. Select the Data Management > NFS tabs.
The NFS view showing the Exports tab appears.
3. Click Enable.
Disable NFS Services
To disable NFS services, which prevents the client access to the
system using the NFS protocol.
262
Data Access for NFS
1. Select the Data Domain system from the Navigational tree.
The Summary page for the system displays.
2. Select the Data Management > NFS tabs.
The NFS view showing the Exports tab appears.
3. Click Disable.
Create an Export
You can use Enterprise Manager’s Create button on the NFS view
or the Configuration Wizard to specify the NFS clients that can
access the /backup, /data/col1/backup, and /ddvar areas.
Note: You have to assign client access to each export separately
and to remove access from each export separately. For example, a
client can be removed from /ddvar and still have access to
/data/col1/backup.
Caution: If Replication is to be implemented, a single destination
Data Domain system can receive backups from both CIFS clients
and NFS clients as long as separate directories or MTrees are used
for each. Do not mix CIFS and NFS data in the same area.
1. Select the Data Domain system from the Navigational tree.
The Summary page for this system is displayed.
2. Select the Data Management > NFS tabs.
The NFS view showing the Exports tab appears.
3. Click Create.
The Create NFS Exports dialog box appears.
4. Enter the pathname in the Directory Path text box (for example,
/data/col1/backup/dir1).
5. In the Clients area, select an existing client or click the + icon to
create a client.
The Clients dialog box appears.
a. Enter a server name in the text box.
DD OS 5.0 Administration Guide
263
Enter fully qualified domain names, hostnames, or IP
addresses. A single asterisk (*) as a wild card indicates that
all backup servers are to be used as clients.
Note: Clients given access to the /data/col1/backup
directory have access to the entire directory. A client given
access to a subdirectory of /data/col1/backup has access
only to that subdirectory.
-
A client can be a fully-qualified domain hostname,
class-C IP addresses, IP addresses with either netmasks
or length, an NIS netgroup name with the prefix @, or
an asterisk (*) wildcard with a domain name, such as
*.yourcompany.com.
A client added to a subdirectory under
/data/col1/backup has access only to that subdirectory.
-
Enter an asterisk (*) as the client list to give access to all
clients on the network.
b. Select the check boxes of the NFS options for the client.
-
Read-only permission.
-
(Default) Requires that requests originate on an Internet
port that is less than IPPORT_RESERVED (1024).
-
Map requests from uid or gid 0 to the anonymous uid or
gid.
-
Map all user requests to the anonymous uid or gid.
-
Use default anonymous UID or GID.
c. Click OK.
6. Click OK to create the export.
Modify an Export
1. Select the Data Domain system from the Navigational tree.
The Summary page for this system is displayed.
2. Select the Data Management > NFS tabs.
The NFS view showing the Exports tab appears.
264
Data Access for NFS
3. Click the checkbox of an export in the NFS Exports table.
4. Click Modify.
The Modify NFS Exports dialog box appears.
5. Modify the pathname in the Directory Path text box.
6. In the Clients area, select another client or click the + icon to
create a client.
The Clients dialog box appears.
a. Enter a server name in the text box.
Enter fully qualified domain names, hostnames, or IP
addresses. A single asterisk (*) as a wild card indicates that
all backup servers are to be used as clients.
Note: Clients given access to the /data/col1/backup
directory have access to the entire directory. A client given
access to a subdirectory of /data/col1/backup has access
only to that subdirectory.
-
A client can be a fully-qualified domain hostname,
class-C IP addresses, IP addresses with either netmasks
or length, an NIS netgroup name with the prefix @, or
an asterisk (*) wildcard with a domain name, such as
*.yourcompany.com.
A client added to a subdirectory under
/data/col1/backup has access only to that subdirectory.
-
Enter an asterisk (*) as the client list to give access to all
clients on the network.
b. Select the check boxes of the NFS options for the client.
-
Read-only permission.
-
(Default) Requires that requests originate on an Internet
port that is less than IPPORT_RESERVED (1024).
-
Map requests from uid or gid 0 to the anonymous uid or
gid.
-
Map all user requests to the anonymous uid or gid.
-
Use default anonymous UID or GID.
DD OS 5.0 Administration Guide
265
c. Click OK.
7. Click OK to modify the export.
Create an Export from an Existing Export
To create an export from an existing export, and then modify as
needed:
1. In the NFS Exports table, click the checkbox of the export you
wish to use as the source .
2. Click Create From.
The Create NFS Export From dialog box appears.
3. Modify the export information, as described in Modify an Export
on page 264.
Delete an Export
To delete an export:
1. In the NFS Exports table, click the checkbox of the export you
wish to delete .
2. Click Delete.
The Warning dialog box appears.
3. Click OK and Close to delete the export.
Displaying NFS Information
You can use the Data Domain Enterprise Manager to monitor
NFS client status and NFS configuration:
•
View NFS Status on page 266
•
View NFS Exports on page 267
•
View Active NFS Clients on page 267
View NFS Status
1. Log in to the Enterprise Manager.
266
Data Access for NFS
2. Select the Data Domain system in the Navigational tree.
3. Click the Data Management > NFS tabs.
The top pane shows the operational status of NFS, for example,
NFS is currently active and running.
View NFS Exports
To see the list of clients allowed to access the Data Domain System:
1. Log in to the Enterprise Manager.
2. Select the Data Domain system in the Navigational pane.
3. Select the Data Management > NFS tabs.
The Exports view shows a table of NFS exports that are
configured for Data Domain system and the mount path,
status, and NFS options for each export.
4. Click an export in the table to populate the Detailed
Information area, below the Exports table.
In addition to the export’s directory path, configured options,
and status, a list of clients displays.
View Active NFS Clients
1. Log in to the Enterprise Manager.
2. Select the Data Domain system in the Navigational pane.
3. Select the Data Management > NFS > Active Clients tabs.
The Active Clients view displays, showing all clients that have
been connected in the past 15 minutes and their mount path.
Use the Filter By text boxes to sort by mount path and client
name.
DD OS 5.0 Administration Guide
267
268
Data Access for NFS
10 Data Access for DD Boost
This chapter describes how to use the Enterprise Manager to
manage and monitor an installed Data Domain Boost (DD Boost)
software option, and consists of the following major topics.
•
About Data Domain DD Boost Software on page 269
•
Working with DD Boost on page 270
•
Monitoring DD Boost on page 279
Notes:
•
DD Boost software is an optional product that requires a
license to operate on the Data Domain system. You can
purchase a DD Boost software license key for a Data Domain
system directly from Data Domain.
•
This chapter does not contain installation instructions. For
complete information about setting up DD Boost with
Symantec backup applications (NetBackup and Backup Exec),
see the Data Domain Boost for OpenStorage Administration Guide.
For EMC NetWorker, refer to the EMC NetWorker
documentation.
•
Additional in-depth information about configuring and
managing DD Boost on the Data Domain system can be found
in the ddboost chapter of the DD OS 5.0 Command Reference
Guide.
About Data Domain DD Boost Software
DD Boost software enables backup servers to communicate with
storage systems without the need for Data Domain systems to
emulate tape. There are two components to DD Boost: one
component that runs on the backup server and another that runs
on the Data Domain system.
DD OS 5.0 Administration Guide
269
•
In the context of the EMC NetWorker backup application, the
component that runs on the backup server (DD Boost libraries)
is integrated into the NetWorker storage node.
•
In the context of Symantec backup applications (NetBackup
and Backup Exec), you need to download an appropriate
version of the DD Boost SDK that is installed on each media
server. The DD Boost SDK includes the DD Boost libraries for
integrating with the DD Boost server running on the Data
Domain system.
A Data Domain system can be a single Data Domain system, a
gateway, or a Global Deduplication Array.
The backup application (NetWorker, NetBackup or Backup Exec)
sets policies that control when backups and duplications occur.
Administrators manage backup, duplication, and restores from a
single console and can use all of the features of DD Boost,
including WAN-efficient replicator software. The application
manages all files (collections of data) in the catalog, even those
created by the Data Domain system.
The Data Domain system exposes pre-made disk volumes called
storage units to a DD Boost-enabled backup server. Multiple
backup servers, can use the same storage unit on a Data Domain
system as a storage server. Each backup server can run a different
operating system, provided that it is supported by Data Domain.
Working with DD Boost
To start working with the DD Boost, from the Enterprise Manager:
1. Select the Data Domain system in the Navigational Pane.
2. Verify that the file system is enabled and running by clicking
Data Management > File System and checking the state.
3. Verify the Boost license has been activated by clicking System
Settings > Licenses. If necessary, click Add to install the Boost
license.
4. Click Data Management > DD Boost tabs to access the DD
Boost view.
The DD Boost summary and detail panes display.
270
Data Access for DD Boost
5. Add a DD Boost user (see Set or Modify a DD Boost User Name on
page 271).
6. Enable DD Boost (see Enable DD Boost on page 272).
7. Create a Storage Unit (see Create a Storage Unit on page 273).
The remainder of this section describes tasks you can perform to
manage DD Boost and includes:
•
Delete a Storage Unit on page 273
•
Clear DD Boost Statistics on page 274
•
Enable Distributed Segment Processing on page 274
•
Disable Distributed Segment Processing on page 275
•
Enable Low Bandwidth Optimization on page 275
•
Disable Low Bandwidth Optimization on page 275
•
Manage an Interface Group on page 275
•
Disable DD Boost on page 278
•
Destroy DD Boost on page 278
•
Monitoring DD Boost on page 279
Set or Modify a DD Boost User Name
A DD Boost user is a Data Domain user. Before setting the DD
Boost user access, the username and password must have already
been set up on the Data Domain system. See Managing Access to the
System on page 98 for more information.
•
Backup applications use this user’s credentials to connect to the
Data Domain system. You must add the credentials to each
backup server that connects to this Data Domain system. For
complete information about setting up DD Boost with
Symantec backup applications, NetBackup and Backup Exec,
see the Data Domain Boost for OpenStorage Administration Guide.
For NetWorker, refer to the EMC NetWorker documentation.
When DD Boost is enabled, a DD OS administrative user can set or
change to another DD Boost user. Only one DD Boost user can
operate DD Boost at a time.
DD OS 5.0 Administration Guide
271
To set or modify the DD Boost user name:
1. In the DD Boost overview pane, click Add or Modify in the DD
Boost User area.
The Set or Modify DD Boost User Name dialog appears.
2. To add a user, click the User Name radio button.
a. Enter the user name in the DD Boost User Name text field.
The user must be configured in the backup application to
connect to the Data Domain system.
b. Enter the password twice in the text fields.
c. Select the privilege level for the is user: admin or user.
3. To switch to a user that has already been added, click the
Existing User radio button and select the user name from the
drop-down list.
4. Click OK.
Enable DD Boost
Before DD Boost can be enabled, a DD Boost user must be added
using the procedure in Set or Modify a DD Boost User Name on
page 271.
To enable DD Boost:
1. In the DD Boost overview pane, click Enable in the DD Boost
Status area.
The Enable DD Boost dialog box appears.
2. Select an existing user name from the menu, or add a new user
by supplying the name, password, and privilege.
Disable DD Boost
Disabling DD Boost drops all active connections to the backup
server.
Note: Ensure there are no jobs running from your backup
application before disabling.
272
Data Access for DD Boost
To disable DD Boost:
1. In the DD Boost overview pane, click Disable in the DD Boost
Status area.
2. Click OK in the Disable DD Boost confirmation dialog
window.
Create a Storage Unit
You need to create at least one Storage Unit on the Data Domain
system.
Each Storage Unit is a top-level subdirectory of the /data/col1
directory; there is no hierarchy among Storage Units.
To create a Storage Unit:
1. Click the Storage Unit tab.
2. Click Create Storage Unit.
The Create Storage Unit dialog window appears.
3. Enter the Storage Unit name in the Name text field.
Each Storage Unit name must be unique.
4. Click OK.
5. Repeat the above steps for each Data Domain Boost-enabled
system.
Delete a Storage Unit
Deleting a Storage Unit removes all images contained in the
Storage Unit.
To delete a Storage Unit:
1. Click the Storage Unit tab.
2. In the Storage Unit Name list, click the checkbox of the Storage
Unit you want to delete.
3. Click Delete Storage Unit.
4. Click OK.
DD OS 5.0 Administration Guide
273
The Storage Unit is removed from your Data Domain system. You
must also manually remove the corresponding backup application
catalog entries.
Clear DD Boost Statistics
When this option is used, all DD Boost statistics are removed from
the system and cannot be recovered.
Note: DD Boost must be enabled for statistics to be removed.
To clear DD Boost statistics:
1. From the Tasks menu, select Clear DD Boost Statistics.
The Clear DD Boost Statistics dialog appears.
2. Click OK.
Enable Distributed Segment Processing
Distributed segment processing increases backup throughput in
almost all cases by eliminating duplicate data transmission
between the media server and the Data Domain system.
Notes:
•
You can also manage distributed segment processing via the
ddboost option commands, which are described in detail in
the DD OS 5.0 Command Reference Guide.
•
Distributed segment processing is enabled by default on a
system initially installed with DD OS 4.8. If a system is
upgraded from DD OS 4.6.x or 4.7.x to DD OS 4.8, and the DD
Boost license is installed at the time of the upgrade, distributed
segment processing is not automatically enabled.
•
Distributed segment processing is enabled by default on
Global Deduplication Array configurations and cannot be
disabled.
To enable distributed segment processing:
1. On the DD Boost page, click the Activities tab.
2. In the Distributed Segment Processing area, click Enable.
274
Data Access for DD Boost
Disable Distributed Segment Processing
To disable distributed segment processing:
1. On the DD Boost page, click the Activities tab.
2. In the Distributed Segment Processing area, click Disable.
Enable Low Bandwidth Optimization
Customers who utilize file replication over a low-bandwidth
network (WAN) can increase replication speed by using low
bandwidth optimization. This feature provides additional
compression during data transfer. Low bandwidth compression is
available to Data Domain systems with an installed Replication
license.
Low-bandwidth optimization, which is disabled by default, is
designed for use on networks with less than 6 Mbps aggregate
bandwidth. Do not use this option if maximum file system write
performance is required.
Note: You can also manage low bandwidth optimization via the
ddboost file-replication commands, which are described in
detail in the DD OS 5.0 Command Reference Guide.
1. Click the Active File Replication tab.
2. In the Low Bandwidth Optimization area, click Enable.
Disable Low Bandwidth Optimization
1. Click the Active File Replication tab.
2. In the Low Bandwidth Optimization area, click Disable.
Manage an Interface Group
Configuring an interface group creates a private network within
the Data Domain system, comprised of the IP addresses
designated as a group. The group interface uses the Advanced
Load Balancing and Failover feature to improve data transfer
performance and increase reliability.
DD OS 5.0 Administration Guide
275
For example, in the Symantec NetBackup environment, media
server clients use a single public network IP address to access the
Data Domain system. All communication with the Data Domain
system is initiated via this master IP connection, which is
configured on the NetBackup server.
If an interface group is configured, when the Data Domain system
receives data from the media server clients, the data transfer is
load-balanced and distributed on all the interfaces in the group,
providing higher input/output throughput, especially for
customers who use multiple 1 GigE connections.
The data transfer is load-balanced based on the number of
connections outstanding on the interfaces. Only connections for
backup and restore jobs are load-balanced. Check the Open
Connections display for more information on the number of
outstanding connections on the interfaces in a group (see Checking
Activities on page 280 for details).
Should an interface in the group fail, all the in-flight jobs to that
interface are automatically restarted on healthy operational links
(unbeknownst to the backup applications). Any jobs that are
started subsequent to the failure are also routed to a healthy
interface in the group.
Notes:
•
The IP address must be configured on the Data Domain
system, and its interface enabled. To check the interface
configuration, see the Network Settings tab in the Hardware >
Network page, and check for free ports. See the net chapter of
the DD OS 5.0 Command Reference Guide or the DD OS 5.0 Initial
Configuration Guide for information about configuring an IP
address for an interface.
•
It is not recommended that you use 1 GigE and 10 GigE
connections in the same interface group.
•
You can also manage Advanced Load Balancing and Failover
via the ddboost ifgroup commands, which are described in
detail in the DD OS 5.0 Command Reference Guide.
Configured interfaces are listed in the Open Connection area, on
the lower portion of the Activities page (see Checking Activities on
page 280).
276
Data Access for DD Boost
The management options for interfaces are:
•
Create an Interface Group on page 277
•
Enable the Interface Group on page 277
•
Disable an Interface on page 278
•
Remove an Interface on page 278
Create an Interface Group
Use this option to select the interfaces that are used in the interface
group. Only one interface group can be configured on a Data
Domain system.
To add interfaces to an interface group:
1. Click the Activities tab.
2. In the Interface Group area, click Configure.
The Configure Interface Group dialog window displays.
3. In the Available Interfaces pane, click the checkbox of the
interface to add or the checkbox next to Available Interfaces to
add all available interfaces.
4. Click Add.
The interface name moves into the Configured Interfaces pane.
5. Click OK.
The information for the interface is updated in the Open
Connections pane.
Enable the Interface Group
To enable the configured interface group to perform loadbalancing and failover:
1. Click the Activities tab.
2. In the Interface Group Status area, click Enable.
The Interface Group Status is now Enabled.
DD OS 5.0 Administration Guide
277
Disable an Interface
To disable the interface group and disable load-balancing and
failover:
1. Click the Activities tab.
2. In the Interface Group Status area, click Disable.
The Interface Group Status now shows Disabled. Currently
running jobs are not affected.
Remove an Interface
To delete an interface from the interface group:
1. Click the Activities tab.
2. In the Interface Group area, click Configure.
The Configure Interface Group dialog window displays.
3. In the Configured Interfaces pane, click the checkbox of the
interface to remove.
4. Click Remove.
The interface name moves into the Available Interfaces pane.
5. Click OK.
Disable DD Boost
An administrative user can disable DD Boost.
1. From the Tasks menu, select Disable DD Boost.
The Disable DD Boost dialog appears.
2. Click OK.
Destroy DD Boost
This option permanently removes all of the data (images)
contained in the Storage Units.
An administrative user can destroy DD Boost.
278
Data Access for DD Boost
1. Manually remove (expire) the corresponding backup
application catalog entries.
Note: If multiple backup applications are using the same Data
Domain system, then remove all entries from each of those
applications’ catalogs.
2. From the More Tasks menu, select Destroy DD Boost.
3. Enter your administrative credentials when prompted.
4. Click OK.
Monitoring DD Boost
To check DD Boost status and activity, look at the overview and
tabular details panes, described in the following sections:
•
About the DD Boost Overview Pane on page 279
•
About the Details Pane on page 279
About the DD Boost Overview Pane
The DD Boost overview pane contains the More Tasks menu and
the following information:
Item
Description
DD Boost Status
The status is either enabled or disabled.
DD Boost User
The name of the logged-in DD Boost user.
About the Details Pane
The content of the details pane changes according to the tab that is
clicked. Tabs include:
•
Activities (see Checking Activities on page 280)
•
Active file replication status (see Checking Active File Replication
Status on page 281)
•
Storage Units (see Checking Storage Units on page 281)
•
File Replication Stats (see Checking File Replication Stats on
page 282)
DD OS 5.0 Administration Guide
279
•
Statistics (see Checking DD Boost Statistics on page 283)
Checking Activities
The Activities page list the following information:
280
•
Distributed Segment Processing Status—Shows whether or not
the distributed segment processing option is enabled or
disabled.
•
Clients—Shows the following information for a connected
client.
Item
Description
Client
The name of the connected client.
Idle
Whether the client is idle (Yes) or not (No).
CPUs
The number of CPUs that the client has, such
as 8.
Memory (GiB)
The amount of memory (in GiB) the client has,
such as 7.8.
Plug-In Version
The DD Boost plug-in version installed, such
as 2.2.1.1.
OS Version
The operating system version installed, such
as Linux 2.6.1 7-1.2142_FC4smp x86_64.
Application Version
The backup application version installed, such
as NetBackup 6.5.6.
•
Interface Group Status—Shows the status of aggregated
interface configuration: enabled or disabled.
•
Open Connections—Shows the following information about
open connections:
Item
Description
Interface
The IP address of the interface.
Interface Group
Members
Whether the interface is part of an interface
group.
Backup Connection
The number of active backup connections.
Restore Connection
The number of active restore connections.
Data Access for DD Boost
Item
Description
Control Connection
The number of active control connections.
Total
The total number of connections for the
interface.
Checking Active File Replication Status
The Active File Replication tab shows the following information:
•
Low Bandwidth Optimization status—Shows the status of the
low-bandwidth option, either enabled or disabled.
•
File Replication Encryption status—Shows the status of the file
replication encryption option, either enabled or disabled.
•
Outbound Files—Shows the following information for outbound files:
Out-bound Files Item
Description
File Name
The name of the out-going image file.
Target Host
The name of the host receiving the file.
Logical Bytes to
Transfer
The number of logical bytes to be transferred.
Logical Bytes
Transferred
The number of logical bytes already
transferred.
Low Bandwidth
Optimization
The number of low-bandwidth bytes already
transferred.
Checking Storage Units
The Storage Unit page lists the names of the Storage Units that
have been created at the top of the page. To see more information
about the Storage Unit, click the name of the Storage Unit to
populate the details frame below the list.
Details for a Storage Unit include:
Item
Description
Storage Unit Name
The name of the Storage Unit.
DD OS 5.0 Administration Guide
281
Item
Description
Total Files
The total number of file images on the Storage
Unit.
Download Files
Link to download Storage Unit file
details in .tsv format. You must allow pop-ups
to use this function.
Compression Ratio
The compression ratio achieved on the files.
Metadata Size
The amount of space used for metadata
information.
Original Size
The size of the file before compression was
performed.
Global Compression
Size
The total size after global compression of the
files in the Storage Unit when they were
written.
Locally Compressed
Size
Total size after local compression of the files
in the Storage Unit when they were written.
Checking File Replication Stats
The File Replication Stats page lists detailed summary information
about inbound and outbound traffic in the top panes. Below that,
use the filtering controls to list a historical summary of File
Replication statistics.
The top panes list the following for both in-bound and out-bound
data:
282
Item
Description
Direction
Which way the data is traveling: inbound or
outbound.
Network bytes
The number of network bytes.
Pre-comp bytes
The number of bytes before compression.
Bytes after filtering
The number of bytes after filtering.
Bytes after Low-bwoptim
The number of bytes after low-bandwidth
optimization.
Bytes after local comp
The number of bytes after local compression
was performed.
Data Access for DD Boost
Item
Description
Compression ratio
The compression ratio achieved.
The History area lists the following information:
Item
Description
Data Time
The date and time of the summary.
Direction
The direction the is data travelling: inbound
or outbound.
Pre-comp (KiB)
The number of KiBs before compression.
Post-comp (KiB)
The number of KiBs after compression.
Network (KiB)
The number of network KiBs.
Low Bandwidth
Optimization
The effective optimization ratio, if enabled.
Number of Errors
The number of errors that occurred in the
transmission.
Checking DD Boost Statistics
The DD Boost Statistics page lists three areas with statistics. The
statistic types are:
•
Histogram Statistics on page 283
•
Statistics on page 283
•
File Statistics on page 284
Histogram Statistics
This area displays the latencies of DD Boost operations in the form
of a histogram that Data Domain can use to analyze performance.
Statistics
Statistics list count and error amounts for DD Boost operations.
DD OS 5.0 Administration Guide
283
File Statistics
File statistics list count and error amounts for the following:
284
•
File creates
•
File deletes
•
Pre-compressed bytes received
•
Bytes after filtering
•
Bytes after local compression
•
Network bytes received
•
Compression Ratio
•
Total bytes read
Data Access for DD Boost
11 Working with VTL
This chapter includes the following topics.
•
About the Virtual Tape Library (VTL) Feature on page 285
•
Planning a Virtual Tape Library on page 286
•
About the Enterprise Manager VTL Interface on page 290
•
Setting Up a Virtual Tape Library on page 291
•
Working with the VTL Service Operations on page 291
•
Working with Access Groups on page 320
•
Working with Physical Resources on page 330
•
Working with Storage Pools on page 339
About the Virtual Tape Library (VTL) Feature
Using the Data Domain VTL feature, backup applications can
connect to and manage Data Domain system storage as if it were a
tape library. All of the functionality generally supported by a
physical tape library is available with a Data Domain system
configured as a VTL. The movement of data from a system
configured as a VTL to a physical tape is managed by backup
software, not by the Data Domain system.
Virtual tape drives are accessible to backup software in the same
way physical tape drives are. Once drives are created in the VTL,
they appear to the backup software as SCSI tape drives. A virtual
tape library appears to the backup software as a SCSI robotic
device accessed through standard driver interfaces.
When DR is needed, pools and tapes can be replicated to a remote
Data Domain system using the Data Domain Replicator. See
Replicate VTL Pools on page 342 for details.
DD OS 5.0 Administration Guide
285
To protect data on tapes from modification, tapes can be locked
with the retention lock feature. See the vtl tape modify
command in the DD OS 5.0 Command Reference Guide (This feature
is currently not available in the Enterprise Manager.).
Some terms that are important for working with VTL are:
•
Library—Emulates a physical tape library with tape drives,
changer, CAPs (cartridge access ports) and slots (cartridge
slots).
•
Tapes—Tapes are represented in the system as files. Tapes can
be exported or imported from a vault to the library. Tapes can
be moved within a library across drives, slots, and CAPs.
•
Pool—A collection of tapes that map to a directory on the file
system. A pool is used to replicate tapes to a destination.
•
Vault—Tapes that are not being used by any library are in the
vault. Tapes reside in either a library or the vault.
Data Domain VTL has been tested and is supported with specific
backup software and hardware configurations that are listed in the
VTL matrices. For specific backup software and hardware
configurations tested and supported by Data Domain, see
Application Compatibility Matrices and Integration Guides on page 35.
Data Domain VTL supports simultaneous use of tape library and
file system (NFS/CIFS/DD Boost) interfaces.
Planning a Virtual Tape Library
Before starting to use Data Domain VTL, you need:
•
A license.
VTL is a licensed feature. See your Data Domain sales
representative to purchase a license.
See the section Managing System Licenses on page 60 for
instructions to activate the license.
Note: Some configuration functions are available without a
VTL license, but a license is required to perform any
configuration or functions that involve the Fibre Channel.
286
Working with VTL
•
An installed Fibre Channel (FC) interface card or VTL
configured to use NDMP.
If the VTL communication between a backup server and a Data
Domain system is through a Fibre Channel interface, the Data
Domain system must have a Fibre Channel interface card
installed.
If the VTL communication between a backup server and a Data
Domain system is through NDMP, no FC is required, and the
TapeServer Access Group is configured. Also, when using
NDMP, all initiator and port functionality does not apply. See
Configure the NDMP Device TapeServer Group on page 327.
•
A backup software minimum record (block) size.
Data Domain strongly recommends that backup software be
set to use a minimum record (block) size of 64 KiB or larger.
Larger sizes usually give faster performance and better data
compression.
•
User access to the system
User login can be used for basic tape operations and
monitoring. Sysadmin login is needed to enable and configure
the VTL service and to perform other configuration.
Caution: If you change the size after initial configuration, data
written with the original size becomes unreadable.
Limitations
The following limitations should be considered when planning a
virtual tape library:
•
Libraries—A maximum of 64 libraries per system are
supported (that is, 64 concurrently active virtual tape library
instances on each Data Domain system).
•
Drives—From 1 to 256 tape drives are supported, depending
on the Data Domain model. The DD4xx, DD510 and DD530
systems can have a maximum of 64 drives. All other models
can have a maximum of 128 drives, except the DD880, which
can have up to 256 drives.
DD OS 5.0 Administration Guide
287
Note: Although one can configure up to 256 tape devices on a
DD880 there is a maximum stream limit of 180 streams.
Therefore, the maximum number of concurrent backups is 180.
Additional drives beyond 180 can be configured for
provisioning as per backup policies.
•
Initiators—A maximum of 92 initiators or WWPNs can be
added to an access group.
•
Slots—Maximum number of slots in the library:
•
•
32,000 slots per library
•
64,000 slots per system
•
The system automatically adds slots to keep number of
slots equal to or greater than the number of drives.
CAPs—Maximum number of cartridge access ports (CAPs):
•
100 CAPs per library
•
2000 CAPs per system
About Tape Barcodes
When a tape is created, you assign a bar code that is a unique
identifier of that tape.
The eight-character barcode must start with six numeric or uppercase alphabetic characters (from the set {0-9, A-Z}) and end in a
two-character tag for the supported LT0-1, LT0-2, and LT0-3 tape
type.
Tape Code
Capacity
Tape Type
L1
100 GiB
LTO-1
L2
200 GiB
LTO-2
L3
400 GiB
LTO-3
LAa
50 GiB
LTO-1
LB
30 GiB
LTO-1
LC
10 GiB
LTO-1
a. For TSM, use the L2 tape code if the LA code is ignored.
288
Working with VTL
These capacities are the default sizes used if the capacity option is
not included when creating the tape cartridge. If a capacity value is
included, then it overrides the two-character tag.
The numeric characters immediately to the left of L set the number
for the first tape created. To make use of automatic incrementing of
the barcode when creating more than one tape, Data Domain
numbering starts at the sixth character position, just before L. If
this is a digit, then the system increments it. If an overflow occurs
(9 to 0), numbering moves one position to the left. If the next
character to increment is an alphabetic character, incrementation
stops.
For example, a barcode of ABC100L1 starts numbering the tapes at
100 and can go to a maximum of 999.
A few representative sample barcodes:
•
000000L1 creates tapes of 100 GiB capacity and can accept a
count of up to 1,000,000 tapes (from 000000 to 999999).
•
AA0000LA creates tapes of 50 GiB capacity and can accept a
count of up to 10,000 tapes (from 0000 to 9999).
•
AAAA00LB creates tapes of 30GiB capacity and can accept a
count of up to 100 tapes (from 00 to 99).
•
AAAAAALC creates one tape of 10 GiB capacity. Only one
tape can be created with this name.
•
AAA350L1 creates tapes of 100 GiB capacity and can accept a
count of up to 650 tapes (from 350 to 999).
•
000AAALA creates one tape of 50 GiB capacity. Only one tape
can be created with this name.
•
5M7Q3KLB creates one tape of 30 GiB capacity. Only one tape
can be created with this name.
Note: Data Domain recommends creating tapes with unique
barcodes only. Duplicate bar codes in the same tape pool create an
error. Although no error is created for duplicate barcodes in
different pools, duplicate bar codes may cause unpredictable
behavior in backup applications.
DD OS 5.0 Administration Guide
289
About the Enterprise Manager VTL Interface
1. To open the VTL page, select a system from the Navigational
pane.
2. Click the Data Management > VTL tabs.
The VTL page appears:
Click the More Tasks menu for actions that
can be performed for the selected item.
Click a Stack Menu button
to expose a tree view.
The Informational pane presents detailed
information about the selected item.
The VTL page provides the following views of the tape storage,
which are accessed by clicking a Stack menu button:
•
Virtual Tape Libraries
•
Access Groups
•
Physical Resources
•
Pools
The Stack menu is a stack of individual menus; clicking a button
brings it to the top of the stack and reveals its elements. Clicking an
290
Working with VTL
element (for example, a library within the Virtual Tape Libraries,
or a drive within that library) displays informational content
specific to that element in the Informational pane.
The More Tasks menu lists operations that can be performed on
the object selected in Stack menu. Available operations differ,
depending on the item that is selected.
Setting Up a Virtual Tape Library
If you haven’t already done so, use the Configuration Wizard to set
up a simple VTL. See the section Configure VTL on page 49 for
details.
Then follow these procedures:
•
Enable VTL on page 293
•
Create a Library on page 296
•
Create Tapes on page 313
•
Import Tapes on page 307
Working with the VTL Service Operations
In the stack menu, click Virtual Tape Libraries > VTL Service.
The VTL Service area is where you perform basic VTL operations,
which include:
•
View the VTL Service Informational Pane on page 292
•
Enable VTL on page 293
•
Disable VTL on page 294
•
Configure VTL Options on page 294
•
Working with Libraries on page 295
•
Working with the Vault on page 318
DD OS 5.0 Administration Guide
291
View the VTL Service Informational Pane
The Virtual Tape Libraries > VTL Service page includes the:
•
Operational Status on page 292
•
Compression Tab on page 293
•
Options Tab on page 293
Operational Status
At the top left of the Informational pane, a two-part status code
displays, for example, Enabled:Running shown in a color coded to
the status.
As well, the license status displays. Licensed is color-coded in
green, and Not Licensed is color-coded in red. If not licensed, a
link labeled Add License displays to allow adding the license
directly from this area.
The first part of the status code can be Enabled (On) or Disabled
(Off). The possible states after the colon are:
292
State
Description
Running
The VTL process is enabled and active.
The status color is green.
Starting
The VTL process is being started.
Stopping
The VTL process is being shut down.
Stopped
The VTL process is disabled. The status
Timing out
The VTL process crashed and is
attempting an automatic restart.
Stuck
After a number of VTL process automatic
restarts fail, the process is not able to shut
down normally and attempts to kill the
failed process.
color is red.
Working with VTL
Compression Tab
The Compression tab displays the following information:
Item
Description
Duration
The interval of time for the following items.
Pre-Compression
The amount of pre-compressed data written to
the VTL in this time duration.
Post-Compression
The amount of post-compressed data that was
actually written to disk.
Compression Factor
Amount of space saved by compression (ratio).
Options Tab
The Options tab displays the following information:
Item
Description
Property
Configured options. For example:
• Loop ID
• Auto-eject
• I/OS License
Value
Value of the configured option. For example:
• Loop-id—The ID of the loop. This is a hard
address that does not conflict with another
node. The range for the loop ID is 0-125.
• Auto-eject—The state, either enabled or
disabled.
• I/OS License—Displays license. Click Add
License to add a license for I/OS.
Enable VTL
To start VTL and enable all libraries and library drives:
1. In the More Tasks menu, select Service > Enable.
The Enable Service dialog box appears.
2. In the Enable VTL dialog box, click OK.
The Enable Service Status dialog box appears.
DD OS 5.0 Administration Guide
293
3. When the Enable Service Status dialog box displays
Completed, click Close.
When VTL is enabled, the status in the Informational pane
displays Enabled: Running in green text. (See View the VTL
Service Informational Pane on page 292 for details.) A summary
of the compression statistics and options configured is
displayed in the Informational pane.
Disable VTL
To disable VTL and shut down the VTL operation:
1. In the More Tasks menu, select Disable.
The Disable Service dialog box appears.
2. In the Disable VTL dialog box, click OK.
The Disable Service Status dialog box appears.
3. When the Disable Service Status dialog box displays
Completed, click Close.
The status in the Informational pane changes to
Disabled: Stopped in red text.
Configure VTL Options
VTL configuration options include setting a loop-id, enabling or
disabling auto-eject, and setting an I/OS license.
Some backup software requires all private-loop targets to have a
hard address (loop ID) that does not conflict with another node.
Enabling auto-eject causes any tape that is put into a CAP to
automatically move to the virtual vault, unless the tape came from
the vault, in which case the tape stays in the CAP.
To configure the loop-id and/or auto-eject options:
1. In the More Tasks menu, click Options > Configure.
The Configure Option dialog box appears.
2. In the Loop ID field, enter a value for the address.
294
Working with VTL
The range for the value is 0 - 125. For a new value to take effect,
it may be necessary to disable and enable VTL or reboot the
Data Domain system. (Setting this field is optional.)
3. In the auto-Eject drop-down list, select Enabled.
Note: With auto-eject enabled, a tape moved from any element
to a CAP is ejected to the vault unless an
ALLOW_MEDIUM_REMOVAL command with a 0 value (false) was
issued to the library to prevent the removal of the medium
from the CAP to the outside world.
4. Click OK.
Note: To disable either of these features, click the Reset to Default
button in the Configure Option dialog box.
Working with Libraries
In the stack menu, click Virtual Tape Libraries > VTL Service >
Libraries.
From the Libraries page, you can perform the following functions:
•
View the Libraries Informational Pane
•
Create a Library on page 296
•
Delete a Library on page 297
•
Search for Tapes on page 312
View the Libraries Informational Pane
The Virtual Tape Libraries > VTL Service > Libraries page displays
the following information:
Item
Description
Name
Name of a configured library.
Drives
Number of drives configured in the library.
Slots
Number of slots configured in the library.
CAPs
Number of CAPs configured in the library.
DD OS 5.0 Administration Guide
295
Create a Library
A maximum of 64 libraries per system are supported (that is, 64
concurrently active virtual tape library instances on each Data
Domain system).
1. In the More Tasks menu, click Library Create.
The Create Library dialog box appears.
2. Enter the VTL library information:
Field
User Input
Library Name
Name can be from 1 to 32 alphanumeric
characters.
Number of Drives
From 1 to 256 tape drives. Systems with
4 G of memory (DD4xx, DD510 and
DD530) can have a maximum of 64 drives.
Systems with 8 G to 24 G (DD560to
DD690) can have a maximum of 128
drives. The DD880 with 48 G of memory
can have up to 256 tape drives.
Note: Although one can configure up
to 256 tape devices on a DD880 there is
a maximum stream limit of 180
streams. Therefore, the maximum
number of concurrent backups is 180.
Additional drives beyond 180 can be
configured for provisioning as per
backup policies.
Drive Model
Click the drop-down list and select the
model:
• IBM-LTO-1
• IBM-LTO-2
• IBM-LTO-3
Number of Slots
Number of slots in the library:
• Up to 32,000 slots per library
• Up to 64,000 slots per system
• This should be equal or greater than the
number of drives.
296
Working with VTL
Field
User Input
Number of CAPs
Optional. Number of cartridge access ports
(CAPs):
• Up to 100 CAPs per library
• Up to 2000 CAPs per system
Changer Model Name
Click the drop-down list and select the
model:
• L180
• RESTORER-L180
• TS3500
Check the backup software application
documentation on the Data Domain
support site for the model name that you
should use.
3. Click Next.
After the Create Library Status dialog box shows Completed,
click Close.
The new library appears under the Libraries icon in the VTL
Service tree and options configured above appear as icons
under the library. Clicking the library displays details about
the library in the Informational pane.
Note: Access to VTLs and tape drives can be managed with the
Access Grouping feature. See Working with Access Groups on
page 320.
Delete a Library
To remove a library:
1. In the More Tasks menu, click Library Delete.
The Delete Libraries dialog box appears.
2. Click or confirm the checkbox of the items to delete:
•
The name of each library, or
•
Library Names, to delete all libraries
DD OS 5.0 Administration Guide
297
Click Next.
3. Click Next in the confirmation dialog boxes.
4. After the Delete Libraries Status dialog box shows Completed,
click Close.
The selected libraries are deleted from the VTL.
Note: If any tapes are in the library when it is deleted, they are
moved to the vault.
Working with a Library
1. In the stack menu, click Virtual Tape Libraries > VTL Service >
Libraries.
2. Click the icon of a specific library.
From the library page, the tasks that are available include:
298
•
View the Library Informational Pane on page 299
•
Viewing Changer Information on page 299
•
Delete a Library on page 297
•
Create Tapes on page 313
•
Delete Tapes on page 314
•
Import Tapes on page 307
•
Export Tapes on page 309
•
Move Tapes on page 310
•
Add Slots on page 316
•
Delete Slots on page 316
•
Add CAPs on page 317
•
Delete CAPs on page 317
Working with VTL
View the Library Informational Pane
The Virtual Tape Libraries > VTL Service > Libraries/library page
displays detailed library information:
Item
Description
Device
Elements in the library, such a drives, slots,
and CAPs.
Loaded
Number of devices with media loaded.
Empty
Number of devices without media loaded.
Total
Total of loaded and empty devices.
Viewing Changer Information
1. In the stack menu, click Virtual Tape Libraries > VTL Service >
Libraries.
2. Click the name of a specific library.
3. Click the library plus sign ( + ) to open the library and click a
Changer element to display the Changer Informational pane,
containing the following information:
Item
Description
Vendor
The name of the vendor who manufactured
the changer.
Product
The model name.
Revision
The revision level.
Serial Number
The changer serial number.
Working with Tape Drives
1. In the stack menu, click Virtual Tape Libraries > VTL Service >
Libraries.
2. Click the name of a specific library.
3. Click the library plus sign ( + ) to open the library and click the
Drives icon.
From the Drives page, the available tasks include:
DD OS 5.0 Administration Guide
299
•
View Drives Information on page 301
•
Create Tape Drives on page 301
•
Remove Tape Drives on page 303
To work with tape drives, you need to use the tape and library
drivers supplied by your backup software vendor that support the
IBM LTO-1, IBM LTO-2, or IBM LTO- 3 (the default) drives and the
IBM 3500, StorageTek L180 or RESTORER-L180 library drivers (see
the Application Compatibility Matrices and Integration Guides on
page 35).
Because the Data Domain system treats the IBM LTO drives as
virtual drives, you can set a maximum capacity to 4 TiB (4000 GiB)
for each drive type.
The default capacities for each IBM LTO drive type are as follows:
•
LTO-1 drive: 100 GB
•
LTO-2 drive: 200 GB
•
LTO-3 drive: 400 GB
Note: When configuring tape drives, keep in mind the limits on
backup streams, which are determined by the platform in use.
Refer to Data Streams Sent to a Data Domain System on page 181 for
details.
Although one can configure up to 256 tape devices on a DD880
there is a maximum stream limit of 180 streams. Therefore, the
maximum number of concurrent backups is 180. Additional drives
beyond 180 can be configured for provisioning as per backup
policies.
300
Working with VTL
View Drives Information
The Virtual Tape Libraries > VTL Service > Libraries> library >
Drives page displays detailed Drives information:
Column
Description
Drive
A list of the drives by name. The name is of
the form “Drive #” where # is a number
between 1 and n that represents the
address or location of the drive in the list
of drives.
Vendor
Manufacturer or vendor of the drive. For
example, IBM.
Product
The product name of the drive. For
example, ULTRIUM-TD1.
Revision
The revision number of the drive product.
For example, 4561.
Serial #
The serial number of the drive product.
For example, 6666660001.
Status
If there is a tape loaded, this column shows
the barcode of the loaded tape. If there is
no tape loaded in this drive, the status is
shown as empty.
Create Tape Drives
VTL supports the IBM TS3500 and the StorageTek L180 and
RESTORER-L180 tape libraries.
The maximum number of tape drives supported is dependent on
the memory installed in your Data Domain system.
•
Data Domain systems with 4 G of memory (DD4xx, DD510 and
DD530) can have a maximum of 64 drives per system.
•
Data Domain systems with 8 GB to 24 GB (DD560 to DD690
models) can have a maximum of 128 drives per system. DD880
systems with 48 G of memory can have a maximum of 256 tape
drives.
Note: Although one can configure up to 256 tape devices on a
DD880 there is a maximum stream limit of 180 streams. Therefore,
DD OS 5.0 Administration Guide
301
the maximum number of concurrent backups is 180. Additional
drives beyond 180 can be configured for provisioning as per
backup policies.
Note: You cannot mix drive types (LTO-1, LTO-2 and LTO-3) in
the same library.
To create tape drives:
1. In the More Tasks menu, click Drives Create.
The Add Drive dialog box appears.
2. Enter information about the drives being added:
Field
User Input
Location
Select a library name or leave the name as
selected.
Number of Drives
From 1 to 128 tape drives. Systems with
4 G of memory (DD4xx, DD510 and
DD530) can have a maximum of 64 drives.
Systems with 8 GB to 24 GB (DD560 to
DD690) can have a maximum of 128
drives. DD880 systems with 48 G of
memory can have a maximum of 256
tape drives.
Note: Although one can configure up
to 256 tape devices on a DD880 there is
a maximum stream limit of 180
streams. Therefore, the maximum
number of concurrent backups is 180.
Additional drives beyond 180 can be
configured for provisioning as per
backup policies.
Model Name
Click drop-down and select the model
(must be the same as existing model in
library):
• IBM-LTO-1
• IBM-LTO-2
• IBM-LTO-3
3. Click Next and OK.
The new drive entry appears in the Drives list.
302
Working with VTL
Remove Tape Drives
1. In the More Tasks menu, click Drives Delete.
The Delete Drives dialog box appears.
Note: If a tape is in the drive, you are prompted to remove the
tape.
2. Click the check boxes of the drives to delete or the Drives box
to delete all drives.
3. Click Next, and Next to verify drive deletion.
4. After the Delete Drives Status dialog box shows Completed,
click Close.
The drive entry is removed from the Drives list.
Migrating from LTO-1 to LTO-2 or LTO-3 Type Tapes
You can migrate tapes from existing LTO-1 type VTLs to VTLs that
include either all LTO-2 or all LTO-3 type tapes and drives. The
migration options differ in different backup applications. Follow
the instructions in the application-specific LTO migration guides
posted at the Data Domain support portal lists if you want to
migrate existing LTO-1 tapes.
Access LTO Migration Guides
1. Go to the Data Domain Support Web site and log in:
https://my.datadomain.com/documentation
2. Select Integration Documentation > vendor_name.
3. In the list of integration documents for the vendor, click the
LTO Migration link. A page appears with generic LTO
migration information and a list of application-specific
migration guides.
4. Read the generic LTO migration information and then click the
name of the migration document for a particular application.
DD OS 5.0 Administration Guide
303
Working with a Tape Drive
1. In the stack menu, click Virtual Tape Libraries > VTL Service >
Libraries.
2. Click the name of a specific library.
3. Click the library plus sign ( + ) to open the library and click the
Drives icon.
4. Click the icon of a specific tape drive.
From the Drive page, the tasks that are available include:
•
View Drive Information on page 304
•
Remove a Tape Drive on page 305
•
Refresh a drive—Click More Tasks > Refresh to refresh the
Drive Informational pane.
View Drive Information
The Virtual Tape Libraries > VTL Service > Libraries > library >
Drives > Drive view includes the:
•
Drive Tab on page 304
•
Statistics Tab on page 305
Drive Tab
The Drive tab presents the following information:
304
Item
Description
Drive
The ID number of the tape drive. For example,
Drive 1 or Drive 2.
Vendor
The name of the vendor who manufactured
the drive.
Product
The model name.
Revision
The revision level.
Serial Number
The serial number of the drive.
Status
The status of the drive.
Working with VTL
Statistics Tab
The Statistics tab presents the following statistical information:
Item
Description
Port
HBA port number (for example, 6a). This
number corresponds to the Data Domain
system slot in which the HBA is installed,
where a is the top HBA port and b is the
bottom HBA port.
Ops/s
The average number of operations per second
in the current sample.
Read KiB/s
The average number of 1024 bytes per second
read in the current sample.
Write KiB/s
The average number of 1024 bytes per second
written in the current sample.
Remove a Tape Drive
1. In the More Tasks menu, click Delete Drive.
The Delete Drives dialog box appears with the checkbox of
selected drive checked.
Note: If a tape is in the drive, you are prompted to remove the
tape.
2. Click Next, and Next to verify drive deletion.
3. After the Delete Drives Status dialog box shows Completed,
click Close.
The drive entry is removed from the Drives list.
Working with Tapes
When tapes are created, they are placed into the vault. Once they
have been added to the vault, they can be imported, exported,
moved, searched, and removed.
1. In the stack menu, click Virtual Tape Libraries > VTL Service >
Libraries.
2. Click the name of a specific library.
DD OS 5.0 Administration Guide
305
3. Click the Tapes icon.
From the Tapes page, the available tasks include:
•
View Tape Information on page 306
•
Import Tapes on page 307
•
Export Tapes on page 309
•
Move Tapes on page 310
•
Search for Tapes on page 312
Tape operations from other pages (Pool and Vault) include:
•
Create Tapes on page 313
•
Delete Tapes on page 314
View Tape Information
The Virtual Tape Libraries > VTL Service > Libraries > library >
Tapes page displays information:
Item
Description
Barcode
Each tape is identified by its barcode.
Pool
The name of the pool that holds the tape. The
default pool holds all tapes that are not
assigned to a user-created pool.
Location
Displays whether tapes are in a library (and
which drive, CAP, or slot number) or in the
virtual vault.
State
The state of the tape:
• RW—Read-writable
• RL—Retention-locked
• RO—Read-only
• WP—Write-protected
• RD—Replication destination
306
Capacity
The total capacity of the tape.
Used
The amount of space used on the tape.
Working with VTL
Item
Description
Compression
The amount of compression performed on the
data on a tape.
Import Tapes
Importing moves existing tapes from the vault to a library slot,
drive, or cartridge access port (CAP).
The number of tapes that you can import at one time is limited by
the number of empty slots in the library. (You cannot import more
tapes than the number of currently empty slots.)
•
To view the available slots for a library, select the library from
the stack menu. The Information pane for the library shows the
count in the Empty column.
•
If a tape is in a drive and the tape origin is known to be a slot,
the slot is reserved.
•
If a tape is in a drive and the tape origin is unknown (slot or
CAP), a slot is reserved.
•
A tape that is known to have come from a CAP and that is in a
drive does not get a reserved slot. (The tape returns to the CAP
when removed from the drive.)
•
To move a tape to a drive, see the procedure Move Tapes on
page 310.
To import tapes:
1. In the Tapes view, either:
a. Enter search information about the tapes to import:
Field
User Input
Location
Select the location of the tape, for example,
Vault.
Note: Only tapes with the location Vault
selected will be imported.
Pool
Select the name of the pool where the tapes
reside. If no pools have been created, use
the default pool.
DD OS 5.0 Administration Guide
307
Field
User Input
Barcode
• Leave the default (*) selected to search
for a group of tapes.
• Specify a specific barcode to search for,
and only that tape is imported.
• Barcode allows the wildcards ? and *,
where ? matches any single character
and * matches 0 or more characters.
Count
The maximum number of tapes the search
can find.
• Enter a specific maximum value
• Leave blank to find all matching tapes
(the Barcode group default (*) is used)
Tapes Per Page
Select the maximum number of tapes to
display per page. Possible values are 15,
30, and 45.
Note: Based on the conditions above, a default set of tapes is
searched to select the tapes to import. If pool, barcode, or count
are changed, click Search to update the set of tapes that are
available to choose from.
b. Select tapes to import by clicking the checkbox next to:
-
An individual tape,
-
The Barcode column to select all tapes on the current
page, or
-
Click the Select All Pages checkbox to select all tapes
returned by the search query.
Note: Only tapes showing Vault in the Location will be
imported.
c. Click Import from Vault.
2. From the Import Tapes: library view, verify the summary
information and the tape list, and click Next.
3. Click Close on the status window.
308
Working with VTL
Export Tapes
To export tapes from a library to the vault:
1. In the Tapes view, either:
a. Select the tape(s) from the list and click Export from Vault.
b. Enter search information about the tapes to export:
Field
User Input
Location
Select the name of the library where the
tape is located.
Pool
Select the name of the pool to which the
tape is to be exported. If no pools have
been created, use the default pool.
Barcode
• The default (*) selected for a group of
tapes.
• Specify a specific barcode to search for,
and only that tape is exported.
• Barcode allows the wildcards ? and *,
where ? matches any single character
and * matches 0 or more characters.
Count
The maximum number of tapes the search
can find.
• Enter a specific maximum value, or
• Leave blank and use the Barcode
group default (*).
Tapes Per Page
Select the maximum number of tapes to
display per page. Possible values are 15,
30, and 45.
Select All Pages
Click the Select All Pages checkbox to
select all tapes returned by the search
query.
c. Select tapes to export by clicking the checkbox next to:
-
An individual tape
-
The Barcode column to select all tapes on the current
page, or
DD OS 5.0 Administration Guide
309
-
Click the Select All Pages checkbox to select all tapes
returned by the search query.
Note: Only tapes showing a library name in the Location
column will be exported.
d. Click Export from Library.
2. From the Export Tapes: library view, verify the summary
information and the tape list, and click Next.
3. Click Close on the status window.
Move Tapes
A tape can be moved between physical devices from within a
library or several tapes can be moved between pools. See:
•
Move a Tape Between Devices within a Library on page 310
•
Move Tapes Between Pools on page 311
Move a Tape Between Devices within a Library
A tape can be moved between physical devices within a library to
mimic backup software procedures for physical tape libraries
(which moves a tape in a library from a slot to a drive, a slot to a
CAP, a CAP to a drive, and the reverse). In a physical tape library,
the backup software never moves a tape outside the library.
Therefore, the destination library cannot change and is shown only
for clarification.
1. In the More Tasks menu, click Tapes Move.
The Move Tapes dialog box appears.
When invoked from a library, the Tapes pane allows tapes to
be moved only between devices.
2. Enter information to search for the tapes to move and click
Search:
310
Field
User Input
Location
The location cannot be changed.
Pool
N/A
Working with VTL
Field
User Input
Barcode
• Leave the default (*) selected to search
among a group of tapes, or
• Specify a specific barcode to search for.
Count
The maximum number of tapes the search
can find (must be 1).
Tapes Per Page
N/A
3. From the search results list, select the tape to move.
4. Select the device from the Device list (for example, a slot, drive,
or CAP) and enter a starting address for the device in the Start
Address text box (slot address 1-32000, drive address 1-256,
and CAP address 1-100). This option is available only when
invoked from the (named) Library view.
5. Click Next.
6. From the Move Tapes view, verify the summary information
and the tape listing, and click Next.
7. Click Close on the status window.
Move Tapes Between Pools
Tapes can be moved between pools to accommodate replication
activities. For example, pools are needed if all tapes were created
in the Default pool, but it is later determined that independent
groups are needed for replicating groups of tapes. The user can
create named pools and re-organize the groups of the tapes into
the new pools. To move tapes between pools, the tapes must be in
the vault.
1. In the More Tasks menu, click Tapes Move.
The Move Tapes dialog box appears.
When invoked from a pool, the Tapes pane allows tapes to be
moved only between pools.
DD OS 5.0 Administration Guide
311
2. Enter information to search for the tapes to move and click
Search:
Field
User Input
Location
The location cannot be changed.
Pool
To move tapes between pools, select the
name of the pool where the tapes currently
reside. If no pools have been created, use
the default pool.
Barcode
• Leave the default (*) selected to search
for a group of tapes, or
• Specify a specific barcode to search for,
and only that tape is found.
Count
The maximum number of tapes the search
can find (at least 1).
Tapes Per Page
Select the maximum number of tapes to
display per page. Possible values are 15,
30, and 45.
3. From the search results list, select the tapes to move.
4. From the Select Destination: Location list, select the location of
the pool to which tapes are to be moved. This option is
available only when invoked from the (named) Pool view.
5. Click Next.
6. From the Move Tapes view, verify the summary information
and the tape list, and click Next.
7. Click Close on the status window.
Search for Tapes
1. In the VTL Navigation tree, click the area to search (library,
vault, and so on).
2. From the More Tasks menu, select Tapes Search.
The Search Tapes dialog box appears.
312
Working with VTL
3. Enter information about the tapes to search for:
Field
User Input
Location
Select the location or leave the default
library selection.
Pool
Select the name of the pool in which to
search for the tape. If no pools have been
created, use the default pool.
Barcode
• Leave the default (*) selected to search
for a group of tapes, or
• Specify a specific barcode to search for.
Count
The maximum number of tapes the search
can find.
• Enter a specific maximum value, or
• Leave blank and use the Barcode
group default (*).
4. Click Search.
Create Tapes
Note: This procedure can be performed from either a library or a
pool. If initiated from a library, the system will first create the tapes
then import them to the library.
VTL supports a maximum of 100,000 tapes (cartridges) of up to
4 TiB (4000 GiB) for an individual tape (GibiBytes, the base 2
equivalent of Gigabytes).
The following procedure creates tapes in a specified pool then
imports them to the current library.
1. In the More Tasks menu, click Tapes Create.
The Create Tape dialog box appears.
2. Enter information about the tape:
Field
User Input
Location
Select the library or leave the default
selection.
DD OS 5.0 Administration Guide
313
Field
User Input
Pool Name
Click the drop-down list and select the
name of the pool where the tape will
reside. If no pools have been created, use
the default pool.
Number of Tapes
From 1 to 100,000 tapes.
Starting Barcode
Enter the initial barcode number (using the
format A99000LA, for example). See the
section About Tape Barcodes on page 288
for details.
Tape Capacity
Optional. Specify the number of GBs from
1 to 4000 for each tape (this setting
overrides the barcode capacity setting). For
efficient use of disk space, use 100 GB or
less.
3. Click Next and Close.
Delete Tapes
Note: This procedure can be performed from both a library and a
pool. If initiated from a library, it will first export the tapes and
then delete them.
To remove one or more tapes from the vault and delete all of the
data in the tapes, use the Tapes Delete option. The tapes must be in
the vault, not in a library.
Note: On a Replication destination Data Domain system, deleting
a tape is not permitted.
To delete tapes from the vault:
1. In the More Tasks menu, click Tapes Delete.
The Delete Tapes dialog box appears.
2. Enter information about the tape to delete:
314
Field
User Input
Location
Select a library or leave the default Vault
selection.
Working with VTL
Field
User Input
Pool
Select the name of the pool from which to
delete the tape. If no pools have been
created, use the default pool.
Barcode
• Leave the default (*) selected to search
for a group of tapes, or
• Specify a specific barcode to search for.
• Barcode allows the wildcards ? and *,
where ? matches any single character
and * matches 0 or more characters.
Count
Enter the number of tapes to delete.
• Enter a specific maximum value, or
• Leave blank and use the Barcode
group default (*).
Tapes Per Page
Select the maximum number of tapes to
display per page. Possible values are 15,
30, and 45.
Select All Pages
Click the Select All Pages checkbox to
select all tapes returned by the search
query.
3. Click the checkbox of the tape that should be deleted or the
checkbox on the heading column to delete all tapes and click
Next
4. Click Next in the confirmation window and click Close.
After a tape is removed, the physical disk space used for the
tape is not reclaimed until after a file system cleaning
operation.
Working with Tape Slots and CAPs
You can add and delete slots and CAPs (cartridge access ports)
from a configured library to change the number of storage
elements.
Note: Some backup applications do not automatically recognize
that drives, slots, or CAPs have been added to a VTL. For example,
when a tape drive is added to a VTL, the administrator may need
to remove the VTL from the application and then add it back in
DD OS 5.0 Administration Guide
315
before the tape drive can be detected by the application. Refer to
the application documentation for information on how to
configure the application to recognize changes.
1. In the stack menu, click Virtual Tape Libraries > VTL Service >
Libraries.
2. Click the name of a specific library.
Tasks for working with slots and CAPs include:
•
Add Slots on page 316
•
Delete Slots on page 316
•
Add CAPs on page 317
•
Delete CAPs on page 317
Add Slots
The total number of slots in a library or all libraries on a system
cannot exceed 32,000 for a library, and 64,000 for a system.
1. In the More Tasks menu, click Slots Add.
The Add Slots dialog box appears.
2. In the Number of Slots text field, type in the number of slots to
add.
3. Click Next and OK.
Delete Slots
If there are tape cartridges loaded in the slots to be deleted, the
cartridges should be moved to the vault. The system will delete
only empty, uncommitted slots.
The number of drives should be equal to or fewer than the number
of slots in a library. The operation fails if the number of remaining
slots after the deletion is fewer than the number of drives in a
library, or if there are tape cartridges imported to drives from the
slots to be deleted.
1. In the More Tasks menu, click Slots Delete.
The Delete Slots dialog box appears.
316
Working with VTL
2. In the Number of Slots text field, type in the number of slots to
delete.
From 1 to 32,000 slots can be deleted.
3. Click Next and OK.
Add CAPs
Note: CAPs are used by a limited number of backup applications.
Refer to your backup application documentation to ensure that
CAPs are supported.
The total number of CAPs cannot exceed 100 per library or 1000
per system.
1. In the Task menu, click CAPs Add.
The Add CAPs dialog box appears.
2. In the Number of CAPs text field, type in the number of CAPs
to add.
From 1 to 100 CAPs per library and 2,000 CAPs per system can
be added.
3. Click OK.
Delete CAPs
If there are tape cartridges loaded in CAPs to be deleted, the
cartridges are moved to vault.
1. In the More Tasks menu, click CAPs Delete.
The Delete CAPs dialog box appears.
2. In the Number of CAPs text field, type in the number of CAPs
to delete.
A maximum of 100 CAPs per library and 2,000 CAPs per
system can be deleted.
3. Click Next and OK.
DD OS 5.0 Administration Guide
317
Working with the Vault
In the stack menu, click Virtual Tape Libraries > VTL Service >
Vault.
From the Vault page, the tasks that are available include:
•
View Vault Information on page 318
•
Create Storage Pools on page 341
•
Delete Storage Pools on page 342
•
Create Tapes on page 313
•
Delete Tapes on page 314
•
Search for Tapes on page 312
View Vault Information
The Virtual Tape Libraries > VTL Service > Vault page provide the
following information:
Item
Description
Location
Name of the pool
Tape Count
Number of tapes in the pool.
Total Space
Total amount of space in the pool.
Space Used
Amount of space used on in the pool.
Average Compression
Average amount of compression in the pool.
Working with a Vault Pools
The vault contains storage pools that can be replicated.
To access a vault pool, click Virtual Tape Libraries > VTL Service >
Vault > pool. Notice that pool Default always exists.
From a vault pool, the following tasks can be performed:
318
•
View Vault Pool Information on page 319
•
Delete Storage Pools on page 342
•
Create Tapes on page 313
Working with VTL
•
Delete Tapes on page 314
•
Move Tapes on page 310
•
Search for Tapes on page 312
View Vault Pool Information
The Virtual Tape Libraries > VTL Service > Vault > pool page
includes the:
•
Pool Tab on page 319
•
Replication Tab on page 319
Pool Tab
The Pool tab contains the following information:
Item
Description
Tape Count
Number of tapes in the pool.
Capacity
Total configured data capacity of the tapes in
that pool, in GiB (Gibibytes, the base-2
equivalent of GB, Gigabytes).
Used
Amount of space used on the virtual tapes in
that pool.
Average Compression
Average amount of compression achieved on
the data on the tapes in that pool.
Replication Tab
The Replication tab presents the following replication information:
Item
Description
Name
Name of the storage pool.
Configured
Shows whether or not replication is configured
for the pool: yes or no.
DD OS 5.0 Administration Guide
319
Working with Access Groups
A VTL access group (or VTL group) is created to hold a collection
of initiator WWPNs or aliases and the drives and changers they are
allowed to access.
As well, a default group exists named TapeServer, where you can
add devices that will support NDMP-based backup applications.
See Configure the NDMP Device TapeServer Group on page 327 for
details
Access group configuration allows initiators (in general backup
applications) to read and write data to the devices that are also in
the access group.
Access groups allow clients to access only selected LUNs (media
changers or virtual tape drives) on a system. A client that is set up
for an access group can access only devices that are in its access
group.
Note: Avoid making access group changes on a Data Domain
system during active backup or restore jobs. A change may cause
an active job to fail. The impact of changes during active jobs
depends on a combination of backup software and host
configurations.
In the stack menu, click Access Groups > Groups.
From the Groups page, the tasks that are available include:
320
•
View Access Groups Information on page 321
•
Configure an Access Group on page 322
•
Delete an Access Group on page 327
Working with VTL
View Access Groups Information
The Access Groups > Groups pane displays the following
information:
Item
Description
Group Name
Name of the group.
Initiators
Number of initiators in the group.
Devices
Number of devices in the group.
Working with an Access Group
To start working with an access group, click an access group in the
Access Groups > Groups list.
From the Access Group page, tasks that are available include:
•
View Access Group Information on page 321
•
Configure an Access Group on page 322
•
Delete an Access Group on page 327
•
Configure the NDMP Device TapeServer Group on page 327
•
Configure HBA Ports for an Access Group on page 339
View Access Group Information
The Access Groups > Groups > group page includes the:
•
LUNs Tab on page 322
•
Initiators Tab on page 322
DD OS 5.0 Administration Guide
321
LUNs Tab
The LUNs pane contains the following information:
Item
Description
LUN
A device address. The maximum number is
16383. A LUN can be used only once within a
group, but can be used again within another
group. VTL devices added to a group must use
contiguous LUN numbers.
Library
The name of the library associated with the
LUN.
Device
The changers and drives.
In-Use Ports
The port that is currently being used (one of
the ports listed in primary and secondary
ports).
Primary Ports
The initial (or default) port used by the backup
application. In the event of a failure on this
port, the Secondary ports may be used, if
available.
Secondary Ports
The set of fail-over ports to use should a
primary port fail. Use the task Configure HBA
Ports for an Access Group on page 339 to
manually fail-over to the Secondary ports.
Initiators Tab
The Initiators pane contains the following information:
Item
Description
Initiator
The name of the initiator. This is either the
WWPN or the alias assigned to the initiator
(see Set Initiators Alias on page 331).
WWPN
World-Wide Port Name of the Fibre Channel
port in the media server.
Configure an Access Group
When you create or configure an access group on a Data Domain
system, each Data Domain system device (media changer or drive)
can usually be assigned to a maximum of 1 access group.
322
Working with VTL
However, multi-initiator devices may appear in more than one
group when using features such as Shared Storage Option (SSO).
A maximum of 128 groups can be created.
To configure or modify an Access Group:
1. Click the Access Groups Stack menu.
The Groups icon should be highlighted, or select an existing
group from the list to change the configuration.
2. In the More Tasks menu, click Group Create
The Create Group dialog box appears if the Groups icon is
selected. If an existing group is selected, the Configure Group
dialog box appears showing a table listing the devices that
have been configured for the group.
3. In the Group Name text box, enter a name for the group. (This
field is required.)
The group name must be a unique name of up to 128
characters, and can contain only the characters 0-9, a-z, A-Z,
underscore(_), and hyphen (-). Group names are not case
sensitive. Up to 128 groups can be created.
The names “TapeServer,” “all,” and “summary” are reserved
and cannot be used as group names.
4. To configure initiators to the access group, check the box next
to the initiator in the Initiators pane. You can add initiators to
the group later (see Set Initiators Alias on page 331).
5. Click Next.
The Devices dialog box appears showing a table listing the
devices that have been configured for the group. The name of
the library, devices in the group, LUN number, and primary or
secondary status is displayed in the table.
6. Click the plus (+) icon to add devices to the Access Group. as
described in the steps a-e. In this dialog, you can also modify or
delete a set of devices that were previously added. See Modify
Access Group Devices on page 325 and Delete Access Group
Devices on page 327.
DD OS 5.0 Administration Guide
323
a. Verify the correct library is selected in the Library Name
drop-down list, or select another library.
b. In the Device area, click the check boxes of the devices
(changer and drives) that are to be included in the group.
c. Optionally, specify a starting LUN number in the Starting
LUN text box.
This is the LUN number that the Data Domain system
returns to the initiator. Each device is uniquely identified
by the library and the device name. (For example, it is
possible to have drive 1 in Library 1 and drive 1 in Library
2). Therefore, a LUN is associated with a device, which is
identified by its library and device name.
The initiators in the access group interact with the LUN
devices that are added to the group.
The maximum LUN number accepted when creating an
access group is 16383.
A LUN number can be used only once for an individual
group. The same LUN number can be used with multiple
groups.
Note: Some VTL initiators (clients) have specific rules for VTL
target LUN numbering; for example, requiring LUN 0 or
requiring contiguous LUN numbers. If these rules are not
followed, an initiator may not be able to access some or all of
the LUNs assigned to a VTL target port.
Check your initiator documentation for special rules and, if
necessary, alter the device LUNs on the VTL target port to
follow the rules. For example, if an initiator requires LUN 0 to
be assigned on the VTL target port, check the LUNs for devices
assigned to ports, and if there is no device assigned to LUN 0,
change the LUN of a device so that it is assigned to LUN 0.
d. In the Primary and Secondary Ports area, select an option
to determine which ports the selected device is seen from.
The following conditions apply for designated ports:
324
-
All—The checked device is seen from all ports.
-
None—The checked device is not seen from any port.
Working with VTL
-
Select—The checked device is seen from selected ports.
Click the check boxes of the ports that are seen.
If only primary ports are selected, the checked device is
visible only from primary ports.
If only secondary ports are selected, the checked device
is visible only from secondary ports. Secondary ports
can be used if the primary ports become unavailable.
Note: The switch over to a secondary port is not an automatic
operation. The user must manually switch the VTL device to
the secondary ports manually if the primary ports become
unavailable Configure HBA Ports for an Access Group on
page 339.
The port list is a list of physical port numbers. A port
number denotes the PCI slot and a letter denotes the
port on a PCI card. Examples are 1a, 1b, or 2a, 2b.
Note: A drive appears with the same LUN number on all the
ports that the user has configured.
e. Click OK.
You are returned to the Devices dialog box where the
new group is listed. To add more devices, repeat steps
6a-e.
7. Click Next.
The Summary dialog box appears.
8. In the Summary dialog box, verify that the configuration is
correct and click Finish, or click Back and correct the
configuration.
9. Click OK when the Group Add Completed status message
displays.
Modify Access Group Devices
The Create Group dialog allows the list of devices for the group to
be modified.
1. Select a device in the group table and click the edit (pencil) icon
to modify devices in the access group, as described in the steps
a-e.
DD OS 5.0 Administration Guide
325
The Modify Devices dialog box appears.
a. Verify the correct library is selected in the Library Name
drop-down list, or select another library.
b. In the Device to Modify area, click the check boxes of the
devices (changer and drives) that are to modified.
c. Optionally, modify the starting LUN number in the
Starting LUN text box.
This is the LUN number that the Data Domain system
returns to the initiator. Each device is uniquely identified
by the library and the device name. (For example, it is
possible to have drive 1 in Library 1 and drive 1 in Library
2). Therefore, a LUN is associated with a device, which is
identified by its library and device name.
The initiators in the access group interact with the LUN
devices that are added to the group.
The maximum LUN number accepted when creating an
access group is 16383.
A LUN number can be used only once for an individual
group. The same LUN number can be used with multiple
groups.
d. In the Primary and Secondary Ports area, change the option
that determines which ports the selected device is seen
from. The following conditions apply for designated ports:
-
All—The checked device is seen from all ports.
-
None—The checked device is not seen from any port.
-
Select—The checked device is seen from selected ports.
Click the check boxes of the ports that are seen.
If only primary ports are selected, the checked device is
visible only from primary ports.
If only secondary ports are selected, the checked device
is visible only from secondary ports. Secondary ports
can be used if the primary ports become unavailable.
Note: The switch over to a secondary port is not an automatic
operation. The user must manually switch the VTL device to
326
Working with VTL
the secondary ports manually if the primary ports become
unavailable Configure HBA Ports for an Access Group on
page 339.
The port list is a list of physical port numbers. A port
number denotes the PCI slot and a letter denotes the
port on a PCI card. Examples are 1a, 1b, or 2a, 2b.
Note: A drive appears with the same LUN number on all the
ports that the user has configured.
e. Click OK.
Delete Access Group Devices
The Create Group dialog allows devices for the group to be
deleted.
Select a device in the group table and click the remove (X) icon to
delete a device. The device is deleted.
Delete an Access Group
Before a group can be removed, you must remove the initiators
and LUNs from the group.
To remove an access group:
1. Delete devices in the group using the procedure Configure an
Access Group on page 322
2. In the More Tasks menu, click Group Delete.
The Delete Group dialog box appears.
3. Click the checkbox of the group to be removed and click Next.
4. Click Next at the delete groups confirmation dialog box.
5. Click Close when the Delete Groups Status displays
Completed.
Configure the NDMP Device TapeServer Group
The TapeServer group holds tape drives that interface with
NDMP-based backup applications, and which send its control
information and data streams over IP instead of FC.
DD OS 5.0 Administration Guide
327
Note: A device used by the NDMP TapeServer must be in the VTL
group TapeServer and that device will then be unavailable to only
the NDMP TapeServer.
To configure the TapeServer group:
1. Add tape drives to a new or existing library (named dd660-16
in this example), as described in the section Create Tape Drives
on page 301.
2. Create slots and CAPS to the library, as described in Add Slots
on page 316 and Add CAPs on page 317.
3. Add the all the created devices in the library dd660-16 to the
TapeServer access group using the procedure in Configure an
Access Group on page 322.
4. Enable NDMPD:
sysadmin@dd660-16# ndmpd enable
Starting NDMP daemon, please wait...............
NDMP daemon is enabled.
5. Ensure that the NDMP daemon sees the devices in the
TapeServer group:
sysadmin@dd660-16# ndmpd show devicenames
NDMP Device
Virtual Name
Vendor
Product
Serial Number
-----------------
----------------
------
-----------
-------------
/dev/dd_ch_c0t0l0
dd660-16 changer
STK
L180
6290820000
/dev/dd_st_c0t1l0
dd660-16 drive 1
IBM
ULTRIUM-TD3
6290820001
/dev/dd_st_c0t2l0
dd660-16 drive 2
IBM
ULTRIUM-TD3
6290820002
/dev/dd_st_c0t3l0
dd660-16 drive 3
IBM
ULTRIUM-TD3
6290820003
/dev/dd_st_c0t4l0
dd660-16 drive 4
IBM
ULTRIUM-TD3
-----------------
----------------
------
-----------
6290820004
-------------
6. Add an NDMP user (ndmp in this example) with the following
command:
sysadmin@dd660-16# ndmpd user add ndmp
Enter password:
Verify password:
7. Verify the user ndmp is added correctly:
328
Working with VTL
sysadmin@dd660-16# ndmpd user show
ndmp
8. Show the NDMP configuration:
sysadmin@dd660-16# ndmpd option show all
Name
Value
--------------
--------
authentication
text
debug
disabled
port
10000
preferred-ip
--------------
--------
9. Change the default user password authentication to use MD5
encryption for enhanced security and verify the change (notice
the authentication value changes from text to md5):
sysadmin@dd660-16# ndmpd option set authentication md5
sysadmin@dd660-16# ndmpd option show all
Name
Value
--------------
--------
authentication
md5
debug
disabled
port
10000
preferred-ip
--------------
--------
NDMP is now configured and the TapeServer access group shows
the device configuration. See the ndmpd chapter of the DD OS 5.0
Command Reference Guide for the complete command set and
options.
DD OS 5.0 Administration Guide
329
Working with Physical Resources
The Physical Resources area of the stack menu provides
management operations for Initiators and HBA ports. The Physical
Resources informational pane provides the:
•
Initiators Tab on page 330
•
Ports Tab on page 330
Initiators Tab
The Initiators pane displays the following information:
Item
Description
Initiators
The name of the initiator. This is either the
WWPN or the alias assigned to the initiator
(see Set Initiators Alias on page 331).
WWPN
World-Wide Port Name of the Fibre Channel
port in the media server.
Online Ports
Group name where ports are seen by this
initiator.
Ports Tab
The Ports pane displays the following information:
Item
Description
Port
The physical port number.
Port ID
The port ID.
Enabled
The port operational state; either Enabled or
Disabled.
Status
Either Online or Offline; that is, whether or not
the port is up and capable of handling traffic.
Working with Initiators
An initiator is a client system FC HBA (fibre channel host bus
adapter) world-wide port name (WWPN) that the Data Domain
system interfaces with. An initiator name is an alias for the client’s
WWPN for ease of use.
330
Working with VTL
Note: During the time that a client is mapped as an initiator and
before adding an access group, the client cannot access any data on
the Data Domain system.
After adding an access group for the initiator or client, the client
can access only the devices in the access group. A client can have
access groups for multiple devices.
Note: An Access Group may contain multiple Initiators
(maximum 92) but an Initiator can exist in only one Access Group.
A maximum of 128 initiators can be configured.
To start working with initiators, click Physical Resources >
Initiators.
From the Initiators page, the tasks that are available include:
•
View Initiators Information on page 331
•
Set Initiators Alias on page 331
View Initiators Information
The Initiators pane contains the following information:
Item
Description
Initiator
Name of the initiator.
Group
Group associated with the initiator.
Online Ports
Ports seen by this Initiator.
WWNN
World-Wide Node Name of the Fibre Channel
port in the media server.
WWPN
World-Wide Port Name of the Fibre Channel
port in the media server.
Symbolic Port Name
Symbolic Port Name of the Fibre Channel port
in the media server.
Set Initiators Alias
Note: In general, VTL can detect the initiators it can see, but it is
possible to also add an initiator or alias name without it being
detected. If this is the case, use the following procedure:
DD OS 5.0 Administration Guide
331
To set an alias for the Initiators WWPN:
1. In the Physical Resources stack, select Initiators.
2. In the More Tasks menu, click Initiators Set Alias.
The Set Initiators Alias dialog box appears.
3. In the WWPN text field, add the port name of the WWPN.
4. In the Alias text field, add the alias (using from 1 to 32
characters).
5. Click OK.
Working with an Initiator
1. To work with a specific initiator, click Physical Resources >
Initiators.
2. Click the name of an individual initiator.
From the Initiator page, the tasks that are available include:
•
View Initiator Information on page 332
•
Set Initiators Alias on page 331
•
Reset an Initiator Alias on page 333
•
Rename an Initiator Alias on page 333
•
Set a Group for an Initiator on page 333
•
Delete an Initiator on page 334
View Initiator Information
The Initiator pane contains the following information:
332
Item
Description
Initiator
Name of the initiator.
Group
Group associated with the initiator.
Online Ports
Ports seen by this Initiator.
WWNN
World-Wide Node Name of the Fibre Channel
port in the media server.
Working with VTL
Item
Description
WWPN
World-Wide Port Name of the Fibre Channel
port in the media server.
Symbolic Port Name
Symbolic Port Name of the Fibre Channel port
in the media server.
Reset an Initiator Alias
To delete (reset) an alias that is set for an initiator:
1. To work with a specific initiator, click Physical Resources >
Initiators.
2. Click the name of an individual initiator.
3. In the More Tasks menu, click Initiators Reset Alias.
The Reset Initiators Alias dialog box appears.
4. Click OK.
Rename an Initiator Alias
To rename an alias that is set for an initiator, use the procedure in
Set Initiators Alias on page 331.
Set a Group for an Initiator
To assign an initiator to an access group:
1. Click Physical Resources > Initiators.
2. Click the name of an individual initiator.
3. In the More Tasks menu, click Set Group.
The Set Group dialog box appears.
4. Click a group name in the list of groups to set the group.
5. Click OK.
DD OS 5.0 Administration Guide
333
Delete an Initiator
To delete an initiator from an access group, use the procedure in
Configure an Access Group on page 322.
Working with HBA Ports
To start working with HBA Ports, click Physical Resources > HBA
Ports.
From the HBA Ports page, the tasks that are available include:
•
View HBA Ports Information on page 334
•
Enable HBA Ports on page 335
•
Disable HBA Ports on page 335
View HBA Ports Information
The HBA Ports Information page includes the:
•
Hardware Tab on page 334
•
Ports Tab on page 335
Hardware Tab
The Hardware pane contains the following information:
334
Item
Description
Port
HBA port number (for example, 6a). The
number corresponds to the Data Domain
system slot in which the HBA is installed,
where a is the top HBA port and b is the
bottom HBA port.
Model
Model number of the HBA controller.
Firmware
Firmware version running on the HBA
controller.
WWNN
World-Wide Node Name of the Fibre Channel
port.
WWPN
World-Wide Port Name of the Fibre Channel
port in the media server.
Working with VTL
Ports Tab
The Ports pane displays the following information
Item
Description
Port
HBA port number (for example, 6a). The
number corresponds to the Data Domain
system slot in which the HBA is installed,
where a is the top HBA port and b is the
bottom HBA port.
Connection Type
Fibre Channel connection type, such as loop or
SAN.
Link Speed
Transmission speed of the link.
Port ID
Fibre Channel port ID.
Enabled
HBA port operational state; that is, whether it
has been enabled or disabled.
Status
Data Domain system VTL link status; that is,
whether it is online and capable of handling
traffic, or offline.
Enable HBA Ports
only ports currently disabled will be listed.
1. In the More Tasks menu, select Ports Enable.
The Enable Ports dialog box appears. Only ports currently
disabled will be listed.
2. In the Enable Ports dialog box, click the check boxes of the
ports to enable.
3. Click OK.
Disable HBA Ports
1. In the More Tasks menu, select Ports Disable.
The Disable Ports dialog box appears. Only ports currently
enabled will be listed.
2. In the Disable Ports dialog box, click the check boxes of the
ports to disable.
DD OS 5.0 Administration Guide
335
3. Click Next to verify the configuration.
4. When the Disable Ports Status dialog box displays Completed,
click Close.
Working with an HBA Port
To start working with HBA Ports, click Physical Resources > HBA
Ports > port.
From the HBA Ports page, the tasks that are available include:
•
View HBA Ports Information on page 334
•
Enable HBA Ports on page 335
•
Disable HBA Ports on page 335
•
Configure HBA Ports for an Access Group on page 339
•
Refresh an HBA port by selecting the Ports Refresh option in
the More Tasks menu.
View HBA Port Information
The HBA Port Information page includes the:
•
Hardware Tab on page 334
•
Summary Tab on page 337
•
Statistics Tab on page 337
•
Detailed Statistics on page 338
Hardware Tab
The Hardware tab contains the following information:
336
Item
Description
Port
HBA port number (for example, 6a). The
number corresponds to the Data Domain
system slot in which the HBA is installed,
where a is the top HBA port and b is the
bottom HBA port.
Model
Model number of the HBA controller.
Working with VTL
Item
Description
Firmware
Firmware version running on the HBA
controller.
WWNN
World-Wide Node Name of the Fibre Channel
port.
WWPN
World-Wide Port Name of the Fibre Channel
port in the media server.
Summary Tab
The Summary tab contains the following information:
Item
Description
Port
HBA port number (for example, 6a). The
number corresponds to the Data Domain
system slot in which the HBA is installed,
where a is the top HBA port and b is the
bottom HBA port.
Connection Type
Fibre Channel connection type, such as loop or
SAN.
Link Speed
Transmission speed of the link.
Port ID
Fibre Channel port ID.
Enabled
HBA port operational state; that is, whether it
has been enabled or disabled.
Status
Data Domain system VTL link status; that is,
whether it is online and capable of handling
traffic, or offline.
Statistics Tab
The Statistics tab contains the following information:
Item
Description
Port
HBA port number (for example, 6a). This
number corresponds to the Data Domain
system slot in which the HBA is installed,
where a is the top HBA port and b is the
bottom HBA port.
DD OS 5.0 Administration Guide
337
Item
Description
Library
The library that contains the specified device
as associated in a LUN Mask Group.
Device
A device associated with this port via a LUN
Mask Group definition.
Ops/s
The average number of operations per second
in the current sample.
Read KiB/s
The average number of 1024 bytes per second
read in the current sample.
Write KiB/s
The average number of 1024 bytes per second
written in the current sample.
Detailed Statistics
The Detailed Statistics tab contains the following information:
338
Item
Description
Port
HBA port number (for example, 6a). This
number corresponds to the Data Domain
system slot in which the HBA is installed,
where a is the top HBA port and b is the
bottom HBA port.
# of Control
Commands
Number of control commands.
# of Read Commands
Number of read commands.
# of Write Commands
Number of write commands.
In (MiB)
Number of MiBs (1,048,576 bytes) written.
Out (MiB)
Number of MiBs (1,048,576 bytes) read.
# of Error Protocol
Number of protocol errors.
# of Link Fail
Number of link failures.
# of Invalid Crc
Number of frames received with a bad CRC.
# of Invalid TxWord
Number of invalid transmit words.
# of Lip
LIP (Loop Initialization Primitive) count.
# of Loss Signal
Number of signal losses.
# of Loss Sync
Number of sync losses.
Working with VTL
Configure HBA Ports for an Access Group
Use this dialog to change the manual fail-over state of devices to
either primary or secondary ports.
1. Click the group from the Access Group tree.
2. In the Task menu, click Ports Configure.
The Configure Ports dialog box appears.
3. Verify the correct group is selected, or select another group.
4. Verify the correct library is selected, or click the drop-down list
to select another library.
5. Click a checkbox to select a specific device or click the Devices
checkbox to select all devices.
6. Click the radio button to assign ports as primary or secondary
status.
7. Click Next.
8. After the Configure Ports Status dialog box displays
Completed, click Close.
Working with Storage Pools
VTL storage pools allow replication of pools of VTL virtual tapes.
VTL virtual tapes can be replicated from multiple replication
originators to a single replication destination (many-to-one
configurations). For replication details, see the section Pool
Replication on page 348 in the chapter on replication.
When using pools, consider the following:
•
A pool can be replicated no matter where individual tapes are
located. Tapes can be in the vault, a library, or a drive.
•
You can move a tape from one pool to another.
•
Two tapes in different pools on one Data Domain system can
have the same name (except if the tape will be moved between
those pools).
DD OS 5.0 Administration Guide
339
•
A pool sent to a replication destination must have a pool name
that is unique on the destination.
•
Data Domain pools are not accessible by backup software.
•
No VTL configuration or license is needed on a replication
destination when replicating pools.
•
Data Domain recommends creating tapes with unique bar
codes only. Having duplicate bar codes in the same tape pool
creates an error. Although no error is created for duplicate bar
codes in different pools, duplicate bar codes may cause
unpredictable behavior in backup applications and can lead to
operator confusion.
In the stack menu, click Pools > Pools.
From the Pools page, the tasks that are available include:
•
View Pools Information on page 340
•
Create Storage Pools on page 341
•
Delete Storage Pools on page 342
•
Search for Tapes on page 312
View Pools Information
The Pools page includes the:
•
Pools Tab on page 340
•
Replication Tab on page 341
Pools Tab
The Pools tab displays the following information:
340
Item
Description
Location
Name of each pool. The default pool holds all
tapes that are not assigned to a user-created
pool.
Tape Count
Number of tapes in the pool.
Working with VTL
Item
Description
Capacity
Total configured data capacity of the tapes in
that pool, in GiB (Gibibytes, the base-2
equivalent of GB, Gigabytes).
Used
Amount of space used on the virtual tapes in
that pool.
Average Compression
Average amount of compression achieved on
the data on the tapes in that pool.
Replication Tab
The Replication tab presents the following detailed replication
information:
Item
Description
Name
Name of the storage pool.
Configured
Shows whether or not replication is configured
for the pool: yes or no.
Create Storage Pools
When creating pools, consider the following:
•
A pool name cannot have the restricted names all, vault, or
summary.
•
A pool can be replicated no matter where individual tapes are
located. Tapes can be in the vault, a library, or a drive.
•
A pool sent to a replication destination must have a pool name
that is unique on the destination.
•
Data Domain pools are not accessible by backup software.
To create a pool:
1. In the More Tasks menu, click Pool Create.
The Create Pool dialog box appears.
2. In the Pool Name text box, enter a name containing between 1
and 32 characters for the pool. Pool names are case-sensitive so
the pool “TEST” is not the same as the pool “test.”
DD OS 5.0 Administration Guide
341
3. Click Next.
The Create Pool Status dialog appears.
4. After the Create Pool Status dialog box shows Completed, click
Close.
The pool is added under the Pools icon in the tree and is ready
to have virtual tapes added to it.
Delete Storage Pools
Note: Before a pool can be deleted, you must delete any tapes
contained within it. If replication is configured for the pool, the
replication pair must be deleted.
1. In the More Tasks menu, click Pool Delete.
The Delete Pools dialog box appears.
2. Click the checkbox of items to delete:
•
The name of each pool, or
•
Pool Names, to delete all pools.
3. Click Next in the confirmation dialog boxes.
The selected pools are deleted.
4. After the Delete Pool Status dialog box shows Completed, click
Close.
The pool entry is removed from the pool list.
Replicate VTL Pools
Pools can be replicated and monitored through the Replication tab
of the Enterprise Manager.
•
See Create a Directory or Pool Replication Pair on page 362.
•
See Track Status of a Replication Process on page 375
Working with a Storage Pool
To access a storage pool, on the stack menu, click Pools > Pools >
pool. Notice that pool Default always exists.
342
Working with VTL
From a storage pool page, the following tasks can be performed:
•
View Pool Information on page 343
•
Create Tapes on page 313
•
Delete Tapes on page 314
•
Move Tapes on page 310
•
Search for Tapes on page 312
View Pool Information
The Pools > pool page includes the:
•
Pool Tab on page 343
•
Replication Tab on page 343
Pool Tab
The Pool tab contains the following information:
Item
Description
Tape Count
Number of tapes in the pool.
Capacity
Total configured data capacity of the tapes in
that pool, in GiB (Gibibytes, the base-2
equivalent of GB, Gigabytes).
Used
Amount of space used on the virtual tapes in
that pool.
Average Compression
Average amount of compression achieved on
the data on the tapes in that pool.
Replication Tab
The Replication tab presents the following replication information:
Item
Description
Name
Name of the storage pool.
Configured
Shows whether or not replication is configured
for the pool: yes or no.
DD OS 5.0 Administration Guide
343
344
Working with VTL
12 Working with Replication
This chapter includes the following topics:
•
About Replication on page 345
•
Supported Replication Topologies on page 348
•
Using Encryption with Replication on page 352
•
About the Replication View on page 353
•
Configuring Replication on page 360
•
Resynchronize Data in a Replication Pair on page 370
•
Recover Data from Replication Pair on page 372
•
Replication Seeding on page 373
•
Monitoring Replication on page 374
About Replication
Replicator software provides automated, fast, and reliable
replication of data for disaster recovery (DR), remote office data
protection, and multiple site tape consolidation. The Replicator
duplicates deduplicated and compressed data over a network
(including WANs), greatly reducing the demands on the network.
Once replication has been configured between a source and
destination, any new data written to the source is automatically
replicated to the destination.
A replication pair is sometimes referred to as a context.
•
When you replicate to an offsite location, data is first
deduplicated at the originating Data Domain system and then
deduplicated again on the destination system, greatly reducing
network bandwidth demand.
DD OS 5.0 Administration Guide
345
•
Replicator enables automated offsite replication and integrates
with the existing network and backup infrastructure.
•
Replicator supports online data recovery from a remote
location.
•
Network-efficient replication eliminates the security risks
associated with human intervention and physical tape
transportation.
•
To meet a broad scope of data protection needs, different
topologies can be deployed, such as one-to-one mirroring, bidirectional vaulting and many-to-one remote site vaulting.
•
Many-to-one replication allows geographically distributed
branch offices to vault replication pair data to a central hub or
data center for enterprise-wide site recovery.
•
Replicator eliminates the need for tape backup at a remote
office and enables organizations to consolidate tape
infrastructure at a central hub.
Notes:
•
A file (or directory) may not be renamed or moved into or out
of a replication source. Note that this includes a Cut operation
followed by a Paste operation in Windows, which is
implemented as a rename operation.
•
Replicator is a licensed product. Contact Data Domain Sales to
obtain a license, then install the license, as described in
Managing System Licenses on page 60.
Types of Replication
Choose a replication type based on the how you wish to replicate.
The replication types are:
346
•
Collection, where the entire /backup directory is replicated.
This is useful for entire site backup. See Collection Replication on
page 347.
•
Directory, where only specific subdirectories under /backup
are replicated. Useful when only a portion of /backup is
needed, or if specific directories are replicated to different
destinations. See Directory Replication on page 347.
Working with Replication
•
Pool, which is used to replicate a set of VTL files or tapes.
Replication typically consists of a source Data Domain system
(which receives data from a backup system), and one or more
destination Data Domain systems.
Collection Replication
Collection replication duplicates the entire /backup directory from
a source Data Domain system (which receives data from a backup
system) to a destination Data Domain system.
Other than receiving data from the source, the destination is a
read-only system.
With collection replication, all user accounts and passwords are
replicated from the source to the destination. Any changes made
manually on the destination are overwritten after the next change
is made on the source. It is recommended that changes be made
only on the source.
Directory Replication
Directory replication duplicates data at the level of individual
subdirectories under /backup.
A Data Domain system can be a source or a destination for
multiple directories and can also be a source for some directories
and a destination for others. See Types of Replication on page 346.
During directory replication, a Data Domain system is able to
perform normal backup and restore operations. Replication
command options with directory replication may target a single
replication pair (source and destination directories) or may target
all pairs that have a source or destination on the Data Domain
system.
Some points to consider with directory replication:
•
A destination Data Domain system must have available
storage capacity that is at least the post-compressed size of the
expected maximum size of the source directory.
•
A single destination Data Domain system can receive backups
from both CIFS clients and NFS clients as long as separate
DD OS 5.0 Administration Guide
347
directories are used for each. Do not mix CIFS and NFS data in
the same directory.
•
When replication is initialized, a destination directory is
created automatically if it does not already exist.
•
After replication is initialized, ownership and permissions of
the destination directory are always identical to those of the
source directory.
•
At any time, due to differences in global compression, the
source and destination directory can differ in size.
Pool Replication
Pool Replication refers to directories that contain VTL tape
cartridges (or pools).
•
Pool replication operates similarly to directory replication.
•
Pools are created in VTL (see Create Storage Pools on page 341
and Create Storage Pools on page 341).
•
Replicating VTL pools and tape cartridges does not require the
VTL license on the destination Data Domain system.
Supported Replication Topologies
This section describes the various supported replication topologies
and the typical uses for those configurations.
One-to-One Replication
The simplest type of replication is from a Data Domain source
system to a Data Domain destination system, otherwise known as
a one-to-one replication pair. To set up this type of configuration,
see Create a Replication Pair on page 361.
348
Working with Replication
Figure 12-1: One-to-One Replication Pair
DD System B
DD System A
Source
Data
Dest
Data flows from the source to the destination system over a LAN or WAN
Bi-Directional Replication
In a bi-directional replication pair, data from a source on System A
is replicated to a destination on System B, and from a source on
System B to a destination on System A.
To set up this type of configuration, see Configure Bi-Directional
Replication on page 363.
Figure 12-2: Bi-directional Replication
DD System B
DD System A
Source
Data
Dest
Dest
Source
Data flows from a source to a destination over a LAN or WAN
One-to-Many Replication
In one-to-many replication, data flows from a source replica on a
single System A to several destination systems. This type of
replication can be used, for example, for enhanced disaster
recovery and to facilitate software distribution.
To set up this type of configuration, see Configure One-to-Many
Replication on page 363.
DD OS 5.0 Administration Guide
349
Figure 12-3: One-to-Many Replication
DD System A
Data
Source
Dest
DD System B
Dest
DD System C
Dest
DD System D
Data flows from a context on a single source system to many
destination systems over a LAN or WAN
Many-to-One Replication
In many-to-one replication, data flows from several source
contexts to a single destination system. This type of replication
occurs, for example, when several branch offices replicate their
data to the corporate headquarter’s IT systems.
To set up this type of configuration, see Configure Many-to-One
Replication on page 364.
Figure 12-4: Many-to-One Replication
DD Systems
DD System
Source
Data
Source
Dest 1
Dest 2
Dest 3
Source
Data flows from many source systems to one destination system over a
LAN or WAN
350
Working with Replication
Cascaded Replication
Figure 12-5: Cascaded Replication
Source
dir1
.
.
.
Source
dirn
DD System C
DD System B
DD System A
Data
Dest n
Data
Dest
Source
Data flows from the source to the destination, which is also a source
to another destination over a LAN or WAN.
In a cascaded replication topology, a source replica is chained
among three or more Data Domain systems. The last system in the
chain can be configured for a collection or a directory. For
example, DD System A replicates one or more directories to a
destination in DD System B, which then replicates those directories
to DD System C, and so forth. The contexts on DD System B are
both a destination context (from DD System A) and a source
context (to DD System C).
Data recovery can be performed from the non-degradated
replication pair context. For example:
•
In the event DD System A requires a recover, replication
recover can be used to recover data from DD System B.
•
In the event DD System B requires a recover, the simplest
method is to perform a replication resync from DD System A to
(the replacement) DD System B. In this case, the replication
context from DD System B to DD System C should be broken
first. After the DD System A to DD System B replication
context finishes resync, a new DD System B to DD System C
context should be configured and resync'd.
To set up this type of configuration, see Configure Cascaded
Replication.
DD OS 5.0 Administration Guide
351
Using Encryption with Replication
Data Domain Replicator software can be used with the optional
Encryption of Data at Rest feature, enabling encrypted data to be
replicated using collection, directory or application-specific
optimized duplication forms of replication and with the various
topologies. Each replication form works uniquely with encryption
and offers the same level of security.
Replication contexts are always authenticated with a shared secret.
That shared secret is used to establish a session key using a DiffieHellman key exchange protocol and that session key is used to
encrypt and decrypt the Data Domain system encryption key.
when appropriate.
•
Collection replication requires the source and target to have the
exact same encryption configuration because the target is
expected to be an exact replica of the source data. In particular,
the encryption feature must be turned on or off at both source
and target and if the feature is turned on, then the encryption
algorithm and the system passphrases must also match. The
parameters are checked during the replication association
phase.
During collection replication, the source system transmits the
encrypted user data along with the encrypted system
encryption key. The data can be recovered at the target because
the target machine has the same passphrase and the same
system encryption key.
•
Directory replication does not require encryption configuration
to be the same at both the source and target Data Domain
systems. Instead, the source and target securely exchange the
target system’s encryption key during the replication
association phase and the data at rest is first decrypted and
then re-encrypted at the source using the target system’s
encryption key before transmission to the target.
If the target machine has a different encryption configuration,
then the data transmitted is prepared appropriately. For
example, if the feature is turned off at the target, then the
source decrypts the data and it is sent to the target unencrypted.
352
Working with Replication
•
In a cascaded replication topology, a replica is chained among
three or more Data Domain systems. The last system in the
chain can be configured as a collection or a directory.
If the last system is a collection replication target, then it uses
the same encryption keys and encrypted data as its source.
The encryption key for the target at each link is used for
encryption. Encryption for systems in the chain works as in a
replication pair.
About the Replication View
The Replication view allows you to configure replication pairs and
see the configured replicas as a list and as a topology map, check
performance graphs, and configure d network settings that affect
performance.
The Replication view contains the following components:
•
Replication Status on page 353
•
Summary View on page 354
•
Topology View on page 357
•
Performance View on page 357
To display to the Replication view:
1. Click the source system in the Navigational pane of the
Enterprise Manager.
2. Click the Replication tab to access the Replication view.
The Replication Status and Summary view displays.
3. Click a replication context in the table to populate the Detailed
Information area of the Summary view.
Replication Status
The replication Status area shows the system-wide count of
replication contexts exhibiting warning (yellow text) and error (red
text) state, or if conditions are normal.
DD OS 5.0 Administration Guide
353
Summary View
The Summary view contains a table that lists the configured
replication contexts for the system. Selecting a context in the table
populates the content’s information in Detailed Information area.
The Summary table shows aggregated information about the
selected Data Domain system—that is, summary information
about all of the system’s inbound replication pairs, and all of that
system’s outbound replication pairs. The focus is the Data Domain
system itself and the inputs to it and outputs from it.
The Detailed Information pane, by contrast, shows the information
for a selected individual replication pair.
The Summary view table can be filtered by entering a Source or
Destination name, or selecting a State (Error, Warning, or Normal).
The Summary view includes the following information:.
Item
Description
Source
The system and path name of the source context,
with the format system.path. For example, for a
directory dir1 on the system dd120-22, the entry
displays dd12022.datadomain.com/backup/dir1.
Destination
The system and path name of the destination
context, with the format system.path. For example,
for a directory dir1 on the system dd120-22, the
entry displays dd12044.datadomain.com/backup/dir1.
Type
The type of context: Collection (col), directory
(dir), or pool.
State
The Current state describes the replication pair
status. Possible states include:
• Normal—If the replica is Initializing,
Replicating, Recovering, Resynching,
Migrating,.
• Warning—If there is an unusual delay for the
first five states, or for the Uninitialized state.
• Error—Any possible error states, such as
Disconnected.
354
Working with Replication
Item
Description
Synced as of Time
The timestamp for last automatic replication sync
operation performed by the source. The source
runs a replication sync operation every hour and
displays the time local to the source. A value of
unknown displays during replication
initialization.
Pre-Comp
Remaining
Amount of pre-compressed data left to transfer.
Time to
Completion
The amount of required to complete the
replication data transfer or shows Completed.
Detailed Information
The Detailed Information area provides the following information
for the selected replication context:.
Item
Description
State Description
Informational message about the state of the
replica.
Source
The system and path name of the source context,
with the format system.path. For example, for a
directory dir1 on the system dd120-22, the entry
displays dd12044.datadomain.com/backup/dir1.
Destination
The system and path name of the destination
context, with the format system.path. For example,
for a directory dir1 on the system dd120-22, the
entry displays dd12044.datadomain.com/backup/dir1.
Connection Port
The system name and listen port used for the
replication connection. See Change Host
Connection Settings on page 365.
Completion Stats
DD OS 5.0 Administration Guide
355
Item
Description
Synced as of Time
The timestamp for last automatic replication sync
operation performed by the source. The source
runs a replication sync operation every hour and
displays the time local to the source. A value of
unknown displays during replication
initialization.
Time to
Completion
The amount of required to complete the
replication data transfer or shows Completed.
Pre-Comp
Remaining
The amount of data that is yet to be replicated to
the destination.
Status
For the source and destination endpoints, shows
the status (Enabled, Disabled, Not Licensed, etc)
of major components on the system, such as:
• Replication
• File System
• Replication Lock
• Encryption at Rest
• Encryption over Wire
• Available Space
• Low Bandwidth Optimization
• Compression Ratio
• Low Bandwidth Ratio
Performance Graph
Click Performance Graph to open the Replication Chart for the
selected context.
The Replication chart shows DataIn, Replicated, and Remaining,
and differs depending on whether it is for a collection or a
directory pair.
Item
Description for Collection
Description for Directory
Pre-Comp
Remaining
Post-compressed data that is
remaining to be sent to the
destination for the interval.
Pre-compressed data that is
remaining to be sent to the
destination for the interval.
356
Working with Replication
Item
Description for Collection
Description for Directory
Pre-Comp
Written
Pre-compressed data that has
been received on the source for
the interval.
Pre-compressed data that has
been received on the source for
the interval.
Post-Comp
Replicated
Post-compressed data that has
been sent to the destination for
the interval.
Post-compressed data that has
been sent to the destination for the
interval.
Completion Predictor
A widget for predicting when replication will complete for the
selected context. See Track Status of a Backup Job's Replication
Progress on page 375
Topology View
The Topology view shows how the selected Data Domain system’s
replication pairs are configured in the network.
•
The arrow between Data Domain systems represents one or
more replication pairs.
•
Depending on the status of the contexts between the two
systems, the arrow displays as normal (green), warning
(yellow), or error (red).
•
Click Expand All to show all the destination directory contexts
configured on other systems.
•
Click a context to open the Context Summary dialog box,
where context details can be viewed (paths, status), and links
to other operations are available (Show Summary, Modify
Options, Enable/Disable Pair, Graph Performance).
•
Click Collapse All to roll-up the Expand All context view and
show only the name of the system and the count of destination
contexts.
•
Click Reset Layout to return to the default view.
Performance View
The Performance view holds a graph that accurately represents the
fluctuation of data during replication. However, during times of
DD OS 5.0 Administration Guide
357
inactivity, (when no data is being transferred), the shape of the
graph may display a gradually descending line instead of an
expected sharply descending line.
The Performance view displays a replication’s historical data for:
•
Network In: Total replication network bytes entering the
system (all contexts)
•
Network Out: Total replication network bytes leaving the
system (all contexts)
These are aggregated statistics of each replication pair for this Data
Domain system. The duration (x-axis) is 21 days by default. The
y-axis is in GibiBytes or MebiBytes (the binary equivalents of
GigaBytes and MegaBytes).
Hover the cursor over points in the chart for an accurate reading.
The tooltip displays the ReplIn, ReplOut, date/time and amount of
data for a given point in time.
Advanced Settings View
Throttle Settings
The Throttle Settings area shows the current settings for:
•
Temporary Override— If configured, shows the throttle rate or
0, which means all replication traffic is stopped.
•
Permanent Schedule—Shows the time for days of the week
that scheduled throttling occurs.
For details about configuring these options, see the section Add
Throttle Settings on page 367.
Network Settings
Network setting show setting that affect data transfer over the
network:
Bandwidth Settings
Shows (Default) if bandwidth has not been configured or the
configured data stream rate. The average data stream to the
358
Working with Replication
replication destination is at least 98,304 bits per second (12 KiB). To
configure bandwidth, see Change the Global Network Settings on
page 370.
Delay
Shows (Default) if a network delay has not been configured or the
configured network delay setting (in milliseconds). To configure
network delay, see Change the Global Network Settings on page 370.
Listen Port
Shows (Default) if a listen port has not been configured or the
configured global listen port. To configure the global listen port,
see Change the Global Listen Port on page 370.
Preparing to Configure Replication
Before starting the Replication configuration, be sure to consider
the following:
•
Configuring replication from the Enterprise Manager can be
performed only if both the source and destination Data
Domain systems are managed by the Enterprise Manager.
•
Ensure adequate storage is available on the source and
destination. At a minimum, the destination must have more
space than the source.
•
Ensure the destination directories do not overlap.
•
Determine the type of replication configuration to use (see
Types of Replication on page 346).
•
For Directory replication, ensure the destination directory is
empty or its contents not required. It will be overwritten.
DD OS 5.0 Administration Guide
359
Limitations
Before configuring directory replication, review the following
information.
Table 12-1: Maximum Contexts for Directory Replication
Model
Maximum Number of Contexts
DD880
180
DD660, DD690, and DD690g
90
DD580, DD580g, DD565 (12 GB RAM), and
DD560 (12 GB RAM)
45
DD630, DD565 (8 GB RAM), and DD560 (8 GB
RAM)
20
All other models
20
•
If the source holds a lot of data, the replication operation can
take many hours. Consider putting both Data Domain systems
in the Replicator pair in the same location with a direct link to
cut down on initialization time.
•
A subdirectory that is under a source directory in a replication
context cannot be used in another directory replication context.
A directory can be in only one context at a time.
Configuring Replication
To configure replication, follow the procedures for creating the
replications contexts in Create a Replication Pair. Once the
replication pair has been created, data replication begins and the
progression of the data copy can be monitored from the
Replication Enterprise Manager Summary view (see Monitoring
Replication).
Other optional replication configuration tasks include the
following:
360
•
Enable and Disable Replication Pair on page 364
•
Delete a Replication Pair on page 365
•
Change Host Connection Settings on page 365
Working with Replication
•
Managing Bandwidth with Throttling on page 367
•
Change the Network Settings on page 369
Create a Replication Pair
To create and start initiation of a replication pair, use the following
procedure. This function is available to administrative users only.
1. Click the source system in the Navigational tree of the
Enterprise Manager.
2. Click the Replication tab to access the Replication view.
3. In the Summary view, click Create Pair.
The Create Pair dialog box appears, where you add specific
information to create a collection, directory, or pool replication
pair, as described in the following sections:
•
Create a Collection Replication Pair on page 361
•
Create a Directory or Pool Replication Pair on page 362
Note: For information on configuring parameters in the Advanced
tab, see Change Host Connection Settings on page 365.
Create a Collection Replication Pair
1. In the Create Pair dialog box, select Collection from the
Replication Type menu.
2. Select the source system hostname from the Source System
menu.
3. Select the destination system hostname from the Destination
System menu.
The list includes only those hosts in the DD-Network list.
4. Click OK.
Replication from the source to the destination begins.
Test results from Data Domain returned the following
performance guidelines for replication initialization. Note that the
following are guidelines and actual performance seen in
production environments may vary.
DD OS 5.0 Administration Guide
361
•
Over a gibibit LAN, performance is about 70 MiB/sec of
compressed data.
•
Over a WAN, performance is governed by the WAN link line
speed, bandwidth, latency, and packet loss rate.
Create a Directory or Pool Replication Pair
The following describes the procedure for creating a basic
directory or VTL pool replication pair. Advanced directory
replication pair configurations, which build on this procedure are
described in:
•
Configure Bi-Directional Replication on page 363
•
Configure One-to-Many Replication on page 363
•
Configure Many-to-One Replication on page 364
•
Configure Cascaded Replication on page 364
1. In the Create Pair dialog box, select Directory or Pool from the
Replication Type menu.
2. Select the source system hostname from the Source System
menu.
3. Select the destination system hostname from the Destination
System menu.
4. Enter the source path in the Source Path text box (notice the
first part of the path is a constant that changes based on the
type of replication chosen).
5. Enter the destination path in the Destination Directory text box
(notice the first part of the path is a constant that changes based
on the type of replication chosen).
6. Click OK.
The Replication from the source to the destination begins.
Notes:
•
362
When a new directory or pool replication pair is being created,
the source directory cannot be written to until the replication
relationship between source and destination systems has been
established. Attempts to write to the newly configured
Working with Replication
replication source directory will fail until the replication
relationship has been established. Instead, schedule the
replication configuration at a time when backups are not
occurring.
•
Replicated files can arrive on the destination system in a
different order from which they were closed (or last written) on
the source. If file order is important to your site, refer to the
release notes for additional details and a workaround or
contact Technical Support.
Test results from Data Domain returned the following guidelines
for estimating the time needed for replication initialization. Note
that the following are guidelines only and may not be accurate in
specific production environments.
•
Using a T3 connection, 100ms WAN, performance is about
40 MiB/sec of pre-compressed data, which gives data transfer
of:
40 MiB/sec = 25 seconds/GiB = 3.456 TiB/day
•
Using a gibibit (the base-2 equivalent of gigabit) LAN,
performance is about 80 MiB/sec of pre-compressed data,
which gives data transfer of about double the rate for a T3
WAN.
Configure Bi-Directional Replication
To create the configuration described in Bi-Directional Replication on
page 349, use the procedure Create a Directory or Pool Replication Pair
on page 362 to create a replication pair (for example, using dir2)
from host A to host B. Use the same procedure to create a
replication pair (for example, using dir1) from host B to host A. For
this configuration, destination pathnames cannot be the same.
Guidelines for directory replication are applicable.
Configure One-to-Many Replication
To create the configuration described in One-to-Many Replication on
page 349, use the procedure Create a Directory or Pool Replication Pair
on page 362 to create pairs (for example, using dir1) on host A to:
•
dir1 on host B
•
dir1 on host C
DD OS 5.0 Administration Guide
363
•
dir1 on host D
Note: A replication recover cannot be done to a source context
whose path is the source path for other contexts; the other contexts
need to be broken and resync'd subsequent to the recovery.
Configure Many-to-One Replication
To create the configuration described in Many-to-One Replication on
page 350, use the procedure Create a Directory or Pool Replication Pair
on page 362 to create a pair, for example:
•
dir1 from host A to dir1 on host C
•
dir2 on host B to dir2 on host C
Configure Cascaded Replication
To create the configuration described in Cascaded Replication on
page 351, use the procedure Create a Directory or Pool Replication Pair
on page 362 to create a pair for:
•
dir1 on host A todir1 on host B
•
On host B, create a pair for dir1 to dir1 on host C
The final destination context (on host C in this example, but
more than three hops are supported) can be a collection replica
or a directory replica.
Enable and Disable Replication Pair
Disabling a replication pair temporarily pauses the active
replication of data between a source and a destination. The source
stops sending data to the destination and the destination stops
serving an active connection to the source.
To disable a replication pair, from either the source or the
destination:
1. Select the replication pair in the Summary table, and click
Disable Pair.
The Disable Pair dialog box appears.
2. Click Next and then OK.
364
Working with Replication
To resume operation of a disabled replication pair:
1. Select the replication pair in the Summary table, and click
Enable Pair.
The Enable Pair dialog box appears.
2. Click Next and then OK.
Replication of data is resumed.
Delete a Replication Pair
Note: While this operation is completing, the file system is
disabled.
To delete a replication pair:
1. Select the replication pair in the Summary table, and click
Delete Pair.
The Delete Pair dialog box appears.
2. Click Next and then OK.
The Replication pairs are deleted.
After a destination Data Domain system is removed from a
collection replication pair, it becomes a stand-alone read/write
Data Domain system that can be used as a source for replication.
Change Host Connection Settings
To change a replication pair connection settings:
1. Select the replication pair in the Summary table, and click
Modify Settings.
The Modify Connection Settings dialog box appears.
2. Implement any of the following options:
•
Configuring Low Bandwidth Optimization on page 366
•
Configuring Encryption Over Wire on page 366
•
Configuring a Non-Default Connection Port on page 366
3. Click Next and then Close.
DD OS 5.0 Administration Guide
365
The replication pair settings are updated and replication
resumes.
Configuring Low Bandwidth Optimization
Low bandwidth optimization can be enabled on a per-context
basis. Low bandwidth optimization must be enabled on both the
source and destination Data Domain systems. If the source and
destination have incompatible low bandwidth optimization
settings, low bandwidth optimization will be inactive for that
context.
•
To configure low bandwidth optimization, in the Modify
Connection Settings dialog box, click the checkbox for Use Low
Bandwidth Optimization.
•
In the Create Pair, Start Resync, or Start Recover window
(either for collection or directory), click the Advanced tab, and
click the checkbox for Use Low Bandwidth Optimization.
Configuring Encryption Over Wire
To encrypt the data that is sent over the replication network
connection, in the Modify Connection Settings dialog box, click the
checkbox for Enable Encryption Over Wire.
Both sides of the connection must enable this feature for the
encryption to proceed. Encrypted replication will use the ADHAES256-SHA cipher suite.
Configuring a Non-Default Connection Port
The source system transmits data to a destination system listen
port. As a source system can have replication configured for many
destination systems (each of which can have a different listen
port), each context on the source can configure the connection port
to the corresponding listen port of the destination.
To change the connection port:
•
366
In the Modify Connection Settings dialog box, in the Details
area, click the checkbox for Use Non-default Connection Host,
and in the source Connection Port text box, change the listen
port to a new value.
Working with Replication
•
In the Create Pair, Start Resync, or Start Recover window
(either for collection or directory), click the Advanced tab, and
in the Connection area, click the checkbox for Use Non-default
Connection Host, and change the listen port to a new value.
Managing Bandwidth with Throttling
To modify the amount of bandwidth used in the network, modify
the throttle setting for the replication data stream. Throttling can
be implemented via a schedule to occur at certain times.
The average data stream to the replication destination is at least
98,304 bits per second (12 KiB).
Throttle options:
•
Apply equally to all replication pairs and all network interfaces
on a system.
•
Affect only outbound network traffic.
•
Calculate the proper TCP buffer size for replication usage,
using bandwidth settings.
Add Throttle Settings
1. Click the Replication > Advanced Settings tabs and click Add
Throttle Setting.
The Add Throttle Setting dialog box appears.
2. Set the days of the week that throttling is active by clicking the
check boxes next to the days.
3. Set the time that throttling starts with the Start Time drop-
down selectors for the hour:minute and AM/PM.
4. In the Throttle Rate area:
•
Click the Unlimited radio button to set no limits.
•
Enter a number in the text entry box (for example, 20000)
and select the rate from the menu (bps, Bps, Kibps, or
KiBps).
•
Select the 0 Bps (Disabled) option to disable all replication
traffic.
DD OS 5.0 Administration Guide
367
5. Click OK to set the schedule.
The new schedule is shown in the Throttle Settings Permanent
Schedule area.
Replication runs at the given rate until the next scheduled change
or until a new throttle setting forces a change.
Delete Throttle Settings
1. Click the Replication > Advanced Settings tabs and click Delete
Throttle Setting.
The Delete Throttle Setting dialog box appears.
2. Click the checkbox for the throttle setting to delete or the
heading checkbox to delete all settings. This list can include
settings for the “disabled” state.
3. Click OK to remote the setting.
4. On the Delete Throttle Setting Status dialog box, click Close.
Temporarily Override a Throttle Setting
A throttle override temporarily changes a throttle setting. The
current setting is listed at the top of the window.
With the clear option enabled, the setting is in effect until a
scheduled change or a system reboot. If the clear option is
disabled, the change is in effect indefinitely.
1. Click the Replication > Advanced Settings tabs and click Set
Throttle Override.
The Throttle Override dialog box appears.
2. Click the radio button to change how the current throttle
setting is to be overridden.
368
•
Unlimited—Reverts to the system-set throttle rate (no
throttling performed).
•
Set the throttling bit and rate in the text entry box (for
example, 20000) and (bps, Bps, Kibps, or KiBps).
Working with Replication
•
0 Bps (Disabled—Sets the throttle rate to 0, effectively
stopping all replication network traffic.
3. To enforce the change temporarily, check the box Clear at next
scheduled throttle event.
4. Click OK to save the setting.
Note: To clear an override that has been set, click the Clear
Throttle Override radio button and click OK.
Working with Low Bandwidth Optimization
Low bandwidth optimization can be used to improve data transfer
over low bandwidth links. Using low bandwidth optimization
adds increased data compression to optimize network bandwidth.
More compression directly translates to more throughput on lowbandwidth links. On high-bandwidth links, the computational
overhead of low bandwidth optimization may actually reduce
throughput. For this reason, low bandwidth optimization is
recommended on T2 and lower bandwidth links.
•
To configure low bandwidth optimization, see Change Host
Connection Settings on page 365.
•
To check the status of a low bandwidth optimization
configuration, see Detailed Information on page 355.
Change the Network Settings
To change network settings for bandwidth, network delay, and
global IP listen port:
1. Click the source system in the Navigational tree of the
Enterprise Manager.
2. Click the Replication > Advanced Settings tabs.
3. In the Network Settings area, click Change Network Settings.
The Network Settings dialog box appears.
4. Implement any of the following options:
•
Change the Global Network Settings on page 370
•
Change the Global Listen Port on page 370
DD OS 5.0 Administration Guide
369
5. Click OK.
The new settings appear in the Network Settings table.
Change the Global Network Settings
Using the bandwidth and network-delay settings together,
replication calculates the proper TCP buffer size for replication
usage.
Notes:
•
Changing these values should be needed only for high-latency,
low-bandwidth WANs where the default TCP setting is not
sufficient to provide the best throughput.
•
Find the actual bandwidth and the actual network delay values
for each server (for example, by using the ping command).
These network settings are global to the Data Domain system and
need be set only once per system.
1. In the Network Settings area, click the Custom Values radio
button.
2. Enter Delay and Bandwidth values in the text boxes.
The network delay setting is in milliseconds and bandwidth is
in bytes per second.
Change the Global Listen Port
The default IP Listen port for a replication destination for receiving
data streams from the replication source is 2051. This is a global
setting for the Data Domain system.
•
In the Listen Port pane, enter the new value in the text box.
Resynchronize Data in a Replication Pair
Resynchronization is the process of recovering (or bringing back
into sync) the data between a source and destination replication
pair after a manual break. The replication pair are resynchronized
so both endpoints contain the same data.
370
Working with Replication
A replication resynchronization can also be used:
•
To re-create a context has been deleted.
•
When a directory replication destination runs out of space
while the source destination still has data to replicate.
•
To convert a collection replication to directory replication
Resync a Directory Replication Pair
1. From either the source or the destination directory replication
system, click the More menu and select Start Resync.
The Start Resync dialog box appears.
2. Select the source system hostname from the Source System
menu.
3. Select the destination system hostname from the Destination
System menu.
4. Enter the directory path in the Source Directory text box.
5. Enter the directory path in the Destination Directory text box.
6. If either directory is part of a pool, click the Source is a Pool or
Destination is a Pool checkbox.
7. Click OK.
Abort a Resync of a Directory Replication Pair
Use this procedure to abort a resync that is in progress.
1. From either the source or destination directory replication
system, click the More menu and select Abort Resync.
The Abort Resync dialog box appears. It lists all the contexts
that are currently performing resynchronization.
2. Select the check boxes of one or more contexts to abort their
resync.
3. Click OK.
Replication resynchronization is aborted.
DD OS 5.0 Administration Guide
371
Recover Data from Replication Pair
If something has occurred that makes the source replication data
inaccessible, the data can be recovered from the replication pair
destination. Either collection or directory can be recovered to the
source, as described in the following procedures:
•
Recover Collection Replication Pair Data on page 372
•
Recover Directory Replication Pair Data on page 372
Note: The source must be empty for the recovery to proceed.
Recovery can be performed for all types of replication topologies.
Recover Collection Replication Pair Data
Use this procedure if it becomes necessary to recover a replication
pair source.
Note: The destination context must be fully initialized for the
recover to be successful.
1. Click the More menu and select Start Recover.
The Start Recover dialog box appears.
2. Select Collection from the Replication Type menu.
3. Select the source system hostname from the System to Recover
To menu.
4. Select the destination system hostname from the System to
Recover From menu.
5. Select the context on the destination from which data is
recovered. Only one collection will exist on the destination.
6. Click OK to start the recovery.
Recover Directory Replication Pair Data
Use this procedure if it becomes necessary to recover one or more
directory replication pairs.
Note: The source must be empty for the recovery to proceed.
372
Working with Replication
1. Click the More menu and select Start Recover.
The Start Recover dialog box appears.
2. Select Directory from the Replication Type menu.
3. Select the hostname of the system that needs to have data
restored to it from the System to Recover To menu.
4. Select the hostname of the system that will be the data source
from the System to Recover From menu.
5. Select the context to restore from the context list.
6. Click OK to start the recovery.
Abort a Replication Pair Recover
If a recovery fails or must be terminated, the replication recover
can be aborted.
1. Click the More menu and select Abort Recover.
The Abort Recover dialog box appears showing the contexts
that are currently performing recovery.
2. Click the checkbox of one or more contexts to abort from the
list.
3. Click OK.
Recovery on the source should be restarted again as soon as
possible by restarting the recovery.
Replication Seeding
If the source has a lot of data, the initial replication seeding can
take some time over a slow link. To expedite the initial seeding,
bring the destination system to the same location as the source
system to use a high-speed, low-latency link. Once data is initially
seeded using the high speed network, move the system back to its
intended location. As data is initially seeded, only new data is sent
from that point onwards.
DD OS 5.0 Administration Guide
373
All replication topologies are supported and the procedures to
start the replication are found in Configuring Replication on
page 360.
Monitoring Replication
This section describes how to use the Enterprise Manager interface
to check the status of replication operations. For an overview of the
visual components of the Replication page, see About the
Replication View on page 353.
Checking Replication Status
Replication status is available at all levels of the Replication page,
as described in the following procedures.
•
Check Replication Pair Status on page 374
•
Track Status of a Backup Job's Replication Progress on page 375
•
Track Status of a Replication Process on page 375
•
Check the Performance of a Replication Context on page 375
Check Replication Pair Status
1. Click the Data Domain system to be checked in the
Navigational pane.
The content of the Replication > Topology view changes to
focus on that system. The system has a blue arrow pointing to
it in the Topology pane.
2. In the Topology pane, check the colors of the arrows showing
status of the context (for more information, see Topology View
on page 357).
3. In the Replication > Summary view, from the Filter By drop-
down list (beneath the Overview pane), select State and select
Error, Warning, or Normal from the state menu.
The Replication contexts are sorted according to the selection.
374
Working with Replication
Track Status of a Backup Job's Replication Progress
To check the progress of a replication for a point in time:
1. Click the Summary tab and select a Replication context to
display the Detailed Information area.
2. In the Completion Predictor area, select options from the
Source Time drop-down list for a replication’s completion time
and click Track.
The estimated time displays in the Completion Time area for
when a particular backup will finish its replication to the
destination. If the replication is finished, the area shows
Completed.
Track Status of a Replication Process
To display the progress of a replication initialization, resync, or
recovery operation, use the Summary table view to check the
current state.
Check the Performance of a Replication Context
To check the performance of a replication context over time, select
a Replication context in the Summary view and click Performance
Graph in the Detailed Information area.
DD OS 5.0 Administration Guide
375
376
Working with Replication
Download PDF
Similar pages