Introduction
Earlier this month, Data Protection Suite 18.2 was released. This covers:
- Avamar
- Data Protection Advisor (DPA)
- Data Protection Central (DPC)
- NetWorker
- Data Protection Search
- Boost for Enterprise Apps
- Data Domain OS/DDVE
Avamar, DPA, DPC and NetWorker all got overhauls in the 18.2 release. Boost for Enterprise Apps, and Data Domain OS/DDVE got updates, but they still follow the Data Domain versioning.
Given I called the 18.1 release “Christmas in July”, and it’s now December I really should call this a bevy of holiday goodies.
I downloaded the updates and set about getting my lab environment updated to give it a whirl.
Data Protection Central
I’m going to start with Data Protection Central because it’s really something you should be putting into your environment if you’ve got NetWorker or Avamar. Follow this link to the DPC support page, where you can download and deploy the virtual machine into your environment.
You should see DPC as your web-native dashboard into a Dell EMC Data Protection environment from now on. This will give you an instant view of your data protection status and allow you to have a central jumping point to other functions that you need to perform.
DPC gets a new dashboard which has even more great information built in from the ground up. Here’s a view of it:
There’s a few more widgets on the initial dashboard now – the final three that you see chopped off in the above screen capture are:
DPC isn’t just a HTML5 monitoring and management console, it’s a fully portable one at that. Here’s a screen shot of DPC running on my Oppo Find X Android phone:
And likewise, DPC from a tablet:
Am I belabouring the point here that DPC is truly a modern, web accessible application? If anything I’d suggest I’ve failed to previously mention this (earlier versions were OK with mobile OS access as well). Where this is important is that backup administrators aren’t always at their desk any longer. We’re in an increasingly hyper-connected work environment. When I was a backup administrator I loved NetWorker’s nsrwatch because it meant I could easily connect to and view a backup server’s status over the poorest of VPN connections. With DPC you get the same capability across your data protection environment (NetWorker, Avamar, Data Domain, Data Protection Search, Data Protection Adviser) all from within a browser. So it doesn’t matter if you’re in a meeting, working from home, or ducked across the road to get a coffee, you can always keep your finger on the pulse of your data protection status.
You may have noticed as well from the Oppo screen grab that there’s more information available on hover; in the example there, it’s the view of the number of completed jobs over a period of days – so you can instantly see a view of which days are your busiest or even quickly see a trend there you’re not expecting.
The notion of a three strikes report is so integral to understanding pain points in a backup environment that it’s now a widget within DPC itself, so you can easily see if there is any risk you need to be aware of. (If you’re not familiar with a three strikes report, it’s a view of backups that have had repeated failures.)
Adding systems to DPC to manage is as easy as ever. Here’s a quick run through for me adding my Avamar, Data Domain, NetWorker and DP Search systems into the view.
To add your systems, navigate to System Management (shown above) and click the + icon to start the wizards for folding specific systems in your environment into DPC. For example, Data Domain:
I repeated the above steps for each of my 3 x DDVE 0.5TB test systems, then moved on to Avamar:
There’s certificate warnings there from the self-signed certificate; enterprise environments that give systems fully signed/authorised certificates of course will see different information.
Moving on, NetWorker follows the same process:
(Unfortunately I don’t have Data Protection Advisor system running in my lab, so I can’t show that. We can’t have everything we want, of course, otherwise I’d have a Data Domain 6300 running in my garage, too!)
Finally, adding DP-Search:
(I’ve left the Part 3/Save option out there, but I imagine you can see by now how simple it is to set this monitoring up.)
After your systems are added and DPC has had time to poll everything, you’ll get the health status reported in system management area:
In this case unhealthy systems are just those that aren’t successfully triggering email home alerts – nothing out of the ordinary in a lab environment.
The new DPC also has the ability to show you information about the assets of your data protection environment – i.e., the actual clients you’re protecting:
Clicking the three vertical dots in front of an asset name will give you the appropriate actions for that asset based on whether it’s a NetWorker or Avamar client.
The overall new features of DPC 18.2 include:
- The ability to monitor assets and their activities (beyond the above, you’ll be able to see activities for assets as well, for instance)
- A whole new and powerful set of dashboard widgets offering greater insight into your data protection environment
- Certificate validation when adding a new system to DPC
- Extension of the Single Sign-On functionality to also include Data Protection Adviser
- Greater tracking of replication activities
- Longer idle timeout (increased from 10 to 20 minutes).
DPC will work in almost all sized environments – if you look at the “system limitations” part of the documentation, it lists some pretty impressive limitations to be aware of:
- Maximum 200 Avamar/NetWorker servers
- Maximum Avamar group size of 10,000 clients
- Maximum NetWorker policy size of 20,000 clients
- Maximum 10,000 concurrent backup/replication jobs
- Maximum 80 Data Domain systems
Overall, the vast majority of environments will find a single DPC system adequate for even their busiest of times.
To me, DPC is a no brainer. If you’ve got NetWorker, Avamar or Data Domain (or any combination thereof), it’s free to install and gives you access to great information, so you should get it plugged into your environment ASAP. This latest version just strengthens that argument.
Avamar 18.2
I haven’t had a chance to upgrade my Avamar 18.1 server to 18.2 yet (I’ll get to that over the holiday break), but Avamar has seen some substantial updates as well.
The Avamar HTML5 user interface (AUI) gets more functionality – in addition to an enhanced dashboard and that asset functionality, you also get:
- Role Based Access Control (RBAC) to the AUI
- Integration of Data Domain Cloud DR controls into the AUI
- Ability to edit and run replication policies
- Functionality to add and maintain Data Domain Cloud Tier policies
- Event management access
- Activity restarts
- Plugin visibility extended to cover Oracle, DB2, ItemPoint and NDMP.
The Avamar VMware backup proxy security process is enhanced – root login access is taken away, and instead you’ll login as an admin user and su to root.
For Avamar environments using Data Domain, it’s now easier than ever before at locking down backups to only run to the Data Domain, and finally, there’s all those standard compatibility updates you’d expect to see in a new release, including support for:
- RHEL 7.5
- Oracle 18c
- OS X 10.13
- Solaris 11.4
- Ubuntu 18.04
- Unity OE NDMP 4.4
Increasing its cloud support, updated Avamar Virtual Editions are now available for AWS and Azure, and AVE is also certified to run in Azure’s US Government Cloud.
NetWorker 18.2
NetWorker 18.2 gets a raft of updates, too, including:
- vProxy can now recover from VBA backups – this lets you decommission your VBA appliances while still being able to recover from the older appliance type
- vProxy support for IPv6
- Policy management in the NetWorker HTML5 User Interface (NUI) for VMware related policies
- Automated multi-streaming support for Exchange backups
- New options for client retries and timeouts
- Enhanced reporting on client backups
- More resources exposed through the REST API for clients (including: save operations, server network interface, data domain interface, NetWorker version, etc.)
- SNMP enhancements – SNMP v2c MIB support, success/failure notifications for backup and clone, etc.
- On Linux, the NMC server service (gstd) now runs as a non-root user.
I’m loving where the NetWorker HTML5 UI (NUI). In fact, here’s a view of how simple it is to run a VMware file level recovery, jumping across from DPC into NetWorker and getting the recovery running:
The advantage of kicking this off if you’re already in DPC is that you’ll leverage SSO to jump into the NetWorker interface, saving a second login. Once into the NetWorker restore area, you can drill down into the vCenter environment and to the virtual machine you want to recover from:
Once you’ve selected the virtual machine you want to recover from, you choose which backup (or clone) you’d like to recover from, and optionally change the recovery type – in the example above I’m switching it over to a file level recovery.
Once you’ve got your selections made and clicked to continue (not shown above), you’ll get the recovery wizard:
You can change those configuration settings if you need, but I just clicked Next to continue.
Now, when you’re doing file level recovery from image level backups, you have to recover back to a virtual machine (this is because of the way in which we mount the backup images), so you’ll choose your virtual machines from the hosts on the vCenter server you’re recovering to. In this case, I drilled down to the source virtual machine, as I wanted to recover the files back to there.
Here you’ll provide the credentials into the virtual machine so you can kick off the recovery. I recommend to leave the FLR agent installed after recovery, but you have the option to have the FLR agent removed after each recovery if your security processes require it. Before you click Next here, you’ll have to mount the image. Once the backup image is mounted, you’ll see an update such as the following:
Now you can click Next to continue.
After you’ve mounted the backup image, you’ll then drill through the virtual disks to choose the file(s) (or directories) that you want to recover. I just selected /var/log/messages and clicked Next to continue.
Your next step of course is to choose where you’re going to recover to – I selected the /tmp directory. Clicking next will get you to the wizard summary tab:
At this point, clicking Finish will submit the recovery job, and you can jump across to the monitoring view to watch the job run. In my case, that didn’t take long:
All this from within the NUI. You’ll want to get more used to the NUI – you can clearly see that’s the direction NetWorker is going.
Data Protection Advisor
DPA‘s updates start with the continued overhaul of its interface, bringing it too towards a bright, crisp, HTML5 environment to use. DPA’s HTML5 interface now covers you for:
- Alerts
- Adminsitration
- Dashboards (most features)
Additionally, there’s been some enhancements in the HTML5 interface for the Run Reports section and Alerts section.
Dashboards can be now exported as multi-page PDFs.
There’s some security enhancements, too, including:
- SSO support with Data Protection Central
- The option to have unique passwords for the datastores in a multi-host DPA environment
- Advanced installation options to define a non-root account in Linux to run the DPA Server, Datastore and Agent services under.
- Auto-logout after user-specified period of inactivity
- SNMP v3 trap support (allowing for authentication and message encryption).
Data Domain OS 6.2
Data Domain gets an updated OS version, 6.2 – DDOS continues to blitz everything else in the market in terms of powering the most powerful and most popular deduplicating protection storage there is.
Some of the updates to DDOS 6.2 include:
- CIFS enhancements, including automated self-diagnostics for AD authentication
- Secure LDAP support
- Enhancements for recovery performance
- Optimization of the core files and support bundles
- Boost API and REST API enhancements
- Boost max users increased from 100 to 256 (yes, that’s because you can now define up to 256 storage units)
- BoostFS gets support for Kerberos authentication with Windows, and a new implementation of Kerberos authentication with Linux.
Within Cloud Tier, there’s a variety of updates, including:
- Multi-streamed recalls
- Enhanced capacity management support
- Support for Alibaba and Google Cloud Platforms
DDVE isn’t left out, it now gets:
- AWS GovCloud and Azure Government Cloud support
- 1TB of Cloud Tier capacity added to DDVE – and that includes the ‘try and buy’ 0.5TB DDVE.
- Support for Google Cloud Platform
- Support for ATOS environments
The Data Domain 3300 in this release also gets VTL and i/OS enablement.
DDMC isn’t left out – it gets LDAP authentication, support for running in KVM, and support for Alibaba/Google Cloud Platform.
Remember, DDMC is a free console that allows you to administer and monitor your Data Domain systems (either in the cloud, or on-premises – or both). It lets you easily work on upgrades to a Data Domain fleet, and lets you easily see capacity forecasts, such as:
Boost for Databases and Microsoft
The Boost Plugins for Microsoft, and Databases (previously known as DDBEA and DDBMA) have increased option, including:
- SQL:
- Directed restore to any SQL Server in the environment
- Integration with eCDM v3 (I’ll be running that up over the holiday break, too)
- Oracle:
- Enhancements to integration with Oracle ASM
- Support for Oracle 18c
In Summary
All in all, it’s a bumper crop of updates in the 18.2 release. My primary recommendation of course is to make sure you get over to the Data Protection Central support page and download/install DPC for your environment today. By all means of course, upgrade the other components in your environment as soon as possible to the latest releases, but Data Protection Central is the future, and will give you such a clean, easy to access view of your environment that you’ll find yourself using it every day.
Happy holidays!
Hi Preston,
thanks a lot for the summary. I really appreaciate it.
Let me just point an issue with respect to NW 18.2’s retry options: Although the values have increased per the docs this change have obviously not been implemented yet. You still receive an error if you want to define values beyond the previous max. values. I have raised an SR with support but am still waiting for the confimation. Not a big issue but of course a customer expects a new feature to work as decscribed.
Thank you very much for your permanent updates.
Merry Christmas and best wishes from this side of the planet, Carsten
Hi Carsten,
They can be modified from the command line (e.g., nsradmin). I’ll do a post about using nsradmin edit policies later this week.
[Edit – in a coming week.]
Cheers,
Preston.