IBM Support

File indexing and restore requirements: IBM Spectrum Protect™ Plus V10.1.2

Preventive Service Planning


Abstract

This document details the file indexing and restore requirements for IBM® Spectrum Protect™ Plus V10.1.2

Content

Review the following requirements for indexing and restoring files through IBM Spectrum Protect™ Plus.

This document is divided into linked sections for ease of navigation. You may use the links below to jump to the desired section of the document.
 

General
VMware requirements
Windows requirements
Linux requirements
 


General

iSCSI disks that are directly mapped to the guest operating system will not be indexed. Supported volumes include VMDK or VHD volumes that are mounted through the configuration of the associated virtual machine.
 


VMware requirements

In the virtual machine settings under Advanced Configuration, the disk.enableUUID setting must be present and set to true.
 


Windows requirements

Supported operating systems
  • Windows Server 2008 R2
  • Windows Server 2012 R2
  • Windows Server 2016
Supported file systems
  • NTFS
  • ReFS


IBM Spectrum Protect Plus supports only the operating systems available to your hypervisors. Review your hypervisor documentation for information about supported operating systems.
File indexing and restore operations support SCSI disks in a Hyper-V environment. IDE disks are not supported. Note that Generation 1 virtual machines require IDE boot disks; however if additional SCSI disks are available, file indexing and restore operations will be supported on those disks.
Windows Remote Shell (WinRM) must be enabled.
Important: IBM Spectrum Protect Plus can protect and restore virtual machines with other file systems, but only the file systems listed above are eligible for file indexing and restore.
Note: 06/14/2019 As per APAR IT29258: it indicated that Cluster shared volumes (CSVFS) are supported.
However, the support Cluster shared volumes (CSVFS) are not supported in V10.1.2 IBM Spectrum Protect Plus file indexing and support operations.

When file indexing is performed in a Windows environment, the following directories on the resource are skipped: /Drivers, /Program Files, /Program Files (x86), /Windows, and /winnt. Files within these directories are not added to the IBM Spectrum Protect Plus Inventory and are not available for file recovery.
Ensure the latest version of VMware Tools is installed on VMware virtual machines, and Hyper-V Integration Services is installed on your Hyper-V virtual machines.
 

Space requirements

The C drive must have sufficient temporary space to save the file indexing results.

 

Connectivity requirements

The hostname of the IBM Spectrum Protect Plus appliance should be resolvable from the Windows virtual machine. If the hostname of the IBM Spectrum Protect Plus appliance is not resolvable, add the IP address of the appliance in the ecxAddress field in the IBM Spectrum Protect Plus configuration file, which can be found in the following location on the appliance:

  • /opt/virgo/repository/ecx-usr/deploy.vmware.vmdeployer.json

The IP address of the virtual machine selected for indexing must be visible to the vSphere client or Hyper-V Manager.
The Windows virtual machine selected for indexing must allow outgoing connections to port 22 (ssh) on the IBM Spectrum Protect Plus appliance.
All firewalls must be configured to allow IBM Spectrum Protect Plus to connect to the server through WinRM.
 

Authentication and privilege requirements

The credentials specified for the virtual machine must include a user with the following privileges:

  • The user identity must have the "Log on as a service" right, which is assigned through the Administrative Tools control panel on the local machine (Local Security Policy > Local Policies > User Rights Assignment > Log on as a service). For more information about the "Log on as a service" right, https://technet.microsoft.com/en-us/library/cc794944.aspx.

  • The default security policy uses the Windows NTLM protocol, and the user identity follows the default domain\Name format if the Hyper-V virtual machine is attached to a domain. The format <local administrator> is used if the user is a local administrator. Note that credentials must be established for the associated virtual machine through the Guest OS Username and Guest OS Password option within the associated backup job definition.

  • The system login credential must have the permissions of the local administrator.

Kerberos requirements

Kerberos-based authentication can be enabled through a configuration file on the IBM Spectrum Protect Plus appliance. This will override the default Windows NTLM protocol. Note that Kerberos does not allow local user accounts to be used and is only suitable for environments in which all machines are on a single domain.
For Kerberos-based authentication only, the user identity must be specified in the username@FQDN format. The username must be able to authenticate using the registered password to obtain a ticket-granting ticket (TGT) from the key distribution center (KDC) on the domain specified by the fully qualified domain name.
Kerberos authentication also requires that the clock skew between the Domain Controller and the IBM Spectrum Protect Plus appliance is less than 5 minutes. Note that the default Windows NTLM protocol is not time dependent.
 


Linux requirements

Supported operating systems
  • Red Hat Enterprise Linux 6.4+,
  • CentOS 6.4+,
  • Red Hat Enterprise Linux 7.0+,
  • CentOS 7.0+,
  • SUSE Linux Enterprise Server 12.0+
Supported file systems
  • ext2,
  • ext3,
  • ext4,
  • XFS


A file system created on a newer kernel version may not be mountable on a system with an older kernel, in which case restoring files from the newer to the older system is not supported.
IBM Spectrum Protect Plus supports only the operating systems available to your hypervisors. Review your hypervisor documentation for information about supported operating systems.
Note: IBM Spectrum Protect Plus can protect and restore virtual machines with other file systems, but only the file systems listed above are eligible for file indexing and restore.
When file indexing is performed in a Linux environment, the following directories on the resource are skipped: /tmp, /usr/bin, /Drivers, /bin, and /sbin.
Files in virtual file systems like /proc, /sys, and /dev are also skipped. Files within these directories are not added to the IBM Spectrum Protect Plus Inventory and are not available for file recovery.
 

Software requirements

Python version 2.6.x or 2.7.x must be installed.
When file systems are indexed, temporary metadata files are generated under the /tmp directory and then deleted as soon as the indexing is complete. The amount of free space required for the metadata depends on the total number of files present on the system. Ensure that there is approximately 350 MB of free space per 1 million files.
Red Hat Enterprise Linux / CentOS 6.x only: Ensure the util-linux-ng package is up-to-date by running yum update util-linux-ng. Depending on your version or distribution, the package may be named util-linux.
If data resides on LVM volumes, ensure the LVM version is 2.0.2.118 or later. Run lvm version to check the version and run yum update lvm2 to update the package if necessary.
If data resides on LVM volumes, the lvm2-lvmetad service must be disabled as it can interfere with the ability of IBM Spectrum Protect Plus to mount and re-signature volume group snapshots/clones. To disable:

  • systemctl stop lvm2-lvmetad

  • systemctl disable lvm2-lvmetad

  • Edit the file /etc/lvm/lvm.conf and set use_lvmetad = 0

For a discussion of the lvmetad service, see https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Logical_Volume_Manager_Administration/metadatadaemon.html.

If data resides on XFS file systems and the version of xfsprogs is between 3.2.0 and 4.1.9, the file restore can fail due to a known issue in xfsprogs that causes corruption of a clone/snapshot file system when its UUID is modified. To resolve this issue, update xfsprogs to version 4.2.0 or above. For more information, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782012.

 

Connectivity requirements

The SSH service must be running on port 22 on the server, and any firewalls must be configured to allow IBM Spectrum Protect Plus to connect to the server through SSH. The SFTP subsystem for SSH must also be enabled. For SFTP configuration information, see https://en.wikibooks.org/wiki/OpenSSH/Cookbook/File_Transfer_with_SFTP.
 

Authentication and Privilege Requirements

The credentials specified for the virtual machine must specify a user that has the following sudo privileges:

  • The sudoers configuration must allow the user to run commands without a password.

  • The !requiretty setting must be set.

The recommended approach is to create a dedicated IBM Spectrum Protect Plus Agent user with the following privileges. Sample configuration:

  • Create user: useradd -m sppagent

  • Set a password: passwd sppagent

  • Place the following lines at the end of your sudoers configuration file, typically /etc/sudoers. If your existing sudoers file is configured to import configurations from another directory (for example, /etc/sudoers.d), you can also place the lines in a new file in that directory:

    • Defaults: sppagent !requiretty
      sppagent ALL=(root) NOPASSWD:ALL


[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSNQFQ","label":"IBM Spectrum Protect Plus"},"Component":"Not Applicable","Platform":[{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"10.1.2","Edition":"","Line of Business":{"code":"LOB26","label":"Storage"}}]

Document Information

Modified date:
13 June 2019

UID

ibm10728847