5.6 配置 eBackup
5.6.1 配置备份服务器
将一台安装了eBackup备份软件的服务器初始化为备份服务器,并配置相关参数。
前提条件
● 安装前准备请提前规划备份服务器的相关网络平面参数。
● 已准备跨平台远程访问工具如“PuTTY”。
● 已获取eBackup服务器“root”帐号的登录密码。
操作步骤
步骤1 以“root”帐号登录待配置的eBackup服务器。
“root”帐号初始密码为“Cloud12#$”。
使用跨平台访问工具登录,或在VMware vSphere Client工具中的控制台登录。
步骤2 执行cd 备份软件安装包所在目录命令进入初始配置脚本目录。
备份软件安装包所在目录为/opt/eBackup_8.0.0-LHC01/action。
步骤3 执行sh ebackup_utilities.sh config命令,开始进行初始化配置。
回显如下信息。
Please select network type for this machine:
1.ipv4 2.ipv6
步骤4 输入“1”,按“Enter”。
1Please select a role for this machine:
1.Backup Server 2.Backup Proxy 3.Backup Manager 4.Backup Workflow Server
步骤5 输入“1”,按“Enter”。
1======================================================================================
=============
Note:
In the following steps you will be required to configure four network planes for eBackup.
The definition of each network plane is as follows:
Backup management plane: the communication plane for eBackup to provide external services.
Internal communication plane: the communication plane between backup server and backup proxy.
Production management plane: the communication plane between eBackup and the management plane of the production end.
Storage plane: the communication plane between eBackup and the storage plane of the production end and communication plane between eBackup and backup storage.
======================================================================================
==============
Set network adapter for 'Backup management' network plane:
[1] bond1 MAC=28:6E:D4:88:C6:F2 IP=192.168.1.10 MASK=255.255.254.0 [2] bond2 MAC=28:6E:D4:88:C6:F3 IP=10.10.1.10 MASK=255.255.254.0
Which network adapter from the above list would you like to bind to the 'Backup management' network plane?
步骤6 配置备份服务器网络平面。
1. 选择备份管理平面需要绑定的网卡,按“Enter”。
说明
如果选择bond1作为备份管理平面需要绑定的网卡,请输入“1”。
1Set network adapter for 'Internal communication' network plane:
[1] bond1 MAC=28:6E:D4:88:C6:F2 IP=192.168.1.10 MASK=255.255.254.0 [2] bond2 MAC=28:6E:D4:88:C6:F3 IP=10.10.1.10 MASK=255.255.254.0
Which network adapter from the above list would you like to bind to the 'Internal communication' network plane?
2. 选择内部通信平面需要绑定的网卡,按“Enter”。
1Set network adapter for 'Production management' network plane:
[1] bond1 MAC=28:6E:D4:88:C6:F2 IP=192.168.1.10 MASK=255.255.254.0 [2] bond2 MAC=28:6E:D4:88:C6:F3 IP=10.10.1.10 MASK=255.255.254.0
Which network adapter from the above list would you like to bind to the 'Production management' network plane?
3. 选择生产管理平面需要绑定的网卡,按“Enter”。
1Set network adapter for 'Production Storage' network plane:
[1] bond1 MAC=28:6E:D4:88:C6:F2 IP=192.168.1.10 MASK=255.255.254.0 [2] bond2 MAC=28:6E:D4:88:C6:F3 IP=10.10.1.10 MASK=255.255.254.0
Which network adapter from the above list would you like to bind to the 'Production Storage' network plane?
4. 选择生产存储平面需要绑定的网卡,按“Enter”。
1Set network adapter for 'Backup Storage' network plane:
[1] bond1 MAC=28:6E:D4:88:C6:F2 IP=192.168.1.10 MASK=255.255.254.0 [2] bond2 MAC=28:6E:D4:88:C6:F3 IP=10.10.1.10 MASK=255.255.254.0
Which network adapter from the above list would you like to bind to the 'Backup Storage' network plane?
5. 选择备份存储平面需要绑定的网卡,按“Enter”。
2Enter a floating IP address that is in the same network segment as the internal communication plane.
6. 设置浮动IP地址。
浮动IP地址为内部通信平面浮动IP地址。请确保浮动IP地址跟内部通信平面IP地址 在同一网段中,且未被使用。
回显如下信息,表示配置成功。
192.168.1.12
Configuration succeeded.
grep: this version of PCRE is compiled without UTF support
The ebk_accelerator agent of OceanStor BCManager eBackup was started successfully.
Start:ebk_accelerator service succeeded.
start reload gaussdb
grep: this version of PCRE is compiled without UTF support
The ebk_backup agent of OceanStor BCManager eBackup was started successfully.
Start:ebk_backup service succeeded.
grep: this version of PCRE is compiled without UTF support
The ebk_copy agent of OceanStor BCManager eBackup was started successfully.
Start:ebk_copy service succeeded.
grep: this version of PCRE is compiled without UTF support
The ebk_delete agent of OceanStor BCManager eBackup was started successfully.
Start:ebk_delete service succeeded.
grep: this version of PCRE is compiled without UTF support
The ebk_mgr agent of OceanStor BCManager eBackup was started successfully.
Start:ebk_mgr service succeeded.
grep: this version of PCRE is compiled without UTF support
The ebk_restore agent of OceanStor BCManager eBackup was started successfully.
Start:ebk_restore service succeeded.
grep: this version of PCRE is compiled without UTF support
The ebk_vmware agent of OceanStor BCManager eBackup was started successfully.
Start:ebk_vmware service succeeded.
service hcp start:completed
You can access the eBackup UI using the following link.
https://192.168.1.10:8088 or 192.168.1.10
Alternatively, you can access the eBackup CLI through SSH session.
步骤7 依次执行以下命令进行安全加固。
加固后禁止使用“root”帐号直接登录,请使用“hcp”帐号登录,“hcp”帐号的初 始密码为“PXU9@ctuNov17!”。
cd /opt/huawei-data-protection/ebackup/bin/StandardHardening echo -e "yes\nyes\n"|./StandardSuseHardening.sh
说明
执行该命令会重启eBackup服务器,如需登录eBackup服务器请您稍后重试。
----结束
5.6.2 (可选)配置备份代理
当eBackup备份管理系统中规划了备份代理,需要将除备份服务器外安装了eBackup备 份软件的其他服务器初始化为备份代理,并配置相关参数。
前提条件
● 一个eBackup备份管理系统中可以配置多台备份代理。请提前规划备份代理的相 关参数。
● 备份服务器已配置完成。
● 已准备跨平台远程访问工具如“PuTTY”。
● 已获取eBackup服务器“root”帐号的登录密码。
操作步骤
步骤1 以“root”帐号登录待配置的eBackup服务器。
“root”帐号初始密码为“Cloud12#$”。
使用跨平台访问工具登录,或在VMware vSphere Client工具中的控制台登录。
步骤2 执行cd 备份软件安装包所在目录命令进入初始配置脚本目录。
备份软件安装包所在目录为/opt/eBackup_8.0.0-LHC01/action。
步骤3 执行sh ebackup_utilities.sh config命令,开始进行初始化配置。
回显如下信息。
Please select network type for this machine:
1.ipv4 2.ipv6
步骤4 输入“1”,按“Enter”。
1Please select a role for this machine:
1.Backup Server 2.Backup Proxy 3.Backup Manager 4.Backup Workflow Server
步骤5 输入“2”,按“Enter”。
2======================================================================================
=============
Note:
In the following steps you will be required to configure four network planes for eBackup.
The definition of each network plane is as follows:
Backup management plane: the communication plane for eBackup to provide external services.
Internal communication plane: the communication plane between backup server and backup proxy.
Production management plane: the communication plane between eBackup and the management plane of the production end.
Storage plane: the communication plane between eBackup and the storage plane of the production end and communication plane between eBackup and backup storage.
======================================================================================
==============
Set network adapter for 'Backup management' network plane:
[1] bond1 MAC=28:6E:D4:88:C6:F2 IP=192.168.1.11 MASK=255.255.254.0 [2] bond2 MAC=28:6E:D4:88:C6:F3 IP=10.10.1.11 MASK=255.255.254.0
Which network adapter from the above list would you like to bind to the 'Backup management' network plane?
步骤6 配置备份服务器网络平面。
须知
此处需要为备份代理的五个网络平面绑定相应的网卡,具体绑定哪张网卡请根据规划 网络中的网络规划进行选择。
本节以备份代理配置两个网卡,备份管理平面、生产管理平面、内部通信平面、生产 存储平面绑定在同一张网卡,备份存储平面绑定在一张网卡为例说明。
1. 选择备份管理平面需要绑定的网卡,按“Enter”。
说明
如果选择bond1作为备份管理平面需要绑定的网卡,请输入“1”。
1Set network adapter for 'Internal communication' network plane:
[1] bond1 MAC=28:6E:D4:88:C6:F2 IP=192.168.1.11 MASK=255.255.254.0 [2] bond2 MAC=28:6E:D4:88:C6:F3 IP=10.10.1.11 MASK=255.255.254.0
Which network adapter from the above list would you like to bind to the 'Internal communication' network plane?
2. 选择内部通信平面需要绑定的网卡,按“Enter”。
1Set network adapter for 'Production management' network plane:
[1] bond1 MAC=28:6E:D4:88:C6:F2 IP=192.168.1.11 MASK=255.255.254.0 [2] bond2 MAC=28:6E:D4:88:C6:F3 IP=10.10.1.11 MASK=255.255.254.0
Which network adapter from the above list would you like to bind to the 'Production management' network plane?
3. 选择生产管理平面需要绑定的网卡,按“Enter”。
1Set network adapter for 'Production Storage' network plane:
[1] bond1 MAC=28:6E:D4:88:C6:F2 IP=192.168.1.11 MASK=255.255.254.0 [2] bond2 MAC=28:6E:D4:88:C6:F3 IP=10.10.1.11 MASK=255.255.254.0
Which network adapter from the above list would you like to bind to the 'Production Storage' network plane?
4. 选择生产存储平面需要绑定的网卡,按“Enter”。
1Set network adapter for 'Backup Storage' network plane:
[1] bond1 MAC=28:6E:D4:88:C6:F2 IP=192.168.1.11 MASK=255.255.254.0 [2] bond2 MAC=28:6E:D4:88:C6:F3 IP=10.10.1.11 MASK=255.255.254.0
Which network adapter from the above list would you like to bind to the 'Backup Storage' network plane?
5. 选择备份存储平面需要绑定的网卡,按“Enter”。
2Please input the leader IP(The IP of internal communication plane at backup server):
6. 输入备份服务器的内部通信平面IP地址,按“Enter”。
192.168.1.10
Please input the floating IP address at backup server:
7. 输入备份服务器的浮动IP地址,按“Enter”。
192.168.10.12
Please enter the public key of the backup server. To obtain the public key, run the following CLI command: show server_public_key.
To use the default public key, press Enter.
8. 输入备份服务器的公钥,按“Enter”。如果使用默认公钥,直接按“Enter”。
说明
在备份代理已完成初始配置后,一旦更换了备份服务器,需要重新配置备份代理。重新配 置时,不能使用默认公钥,请参见相关操作获取新的备份服务器公钥。
回显如下信息,表示配置成功。
service hcp start:completed
You can access the eBackup UI using the following link.
https://backup server's backup management plane:8088 or backup server's backup management plane
Alternatively, you can access the eBackup CLI through SSH session.
步骤7 依次执行以下命令进行安全加固。
加固后禁止使用“root”帐号直接登录,请使用“hcp”帐号登录,“hcp”帐号的初 始密码为“PXU9@ctuNov17!”。
cd /opt/huawei-data-protection/ebackup/bin/StandardHardening
echo -e "yes\nyes\n"|./StandardSuseHardening.sh 说明
执行该命令会重启eBackup服务器,如需登录eBackup服务器请您稍后重试。
----结束
相关操作
在备份代理已完成初始配置后,一旦更换了备份服务器,需要重新配置备份代理。重 新配置时,不能使用默认公钥,请执行以下步骤获取新的备份服务器公钥。
1. 使用“hcp”帐号,登录备份服务器。
“hcp”帐号的初始密码为“PXU9@ctuNov17!”。
2. 执行su root命令,输入“root”帐号密码,切换至“root”帐号。
3. 执行cd /opt/huawei-data-protection/ebackup/cli/命令,进入“/opt/huawei-data-protection/ebackup/cli/”目录。
4. 执行sh hcpcli.sh admin命令,并输入密码。
“admin”帐号的初始密码为“PXU9@ctuNov17!”。
5. 执行setting命令。
6. 执行show server_public_key命令,获取公钥。
IP Public Key --- ---
172.28.12.5 E]D)b9M?G.mgAhl@cA)bhKc1F(.B[+uLkiEGp-+/
“Public Key”下面的字段即为公钥。
7. 输入exit按“Enter”退出setting界面。
8. 输入exit按“Enter”退出admin界面。
9. 输入y按“Enter”确认退出。
5.6.3 (可选)配置 HA 功能
当需要提高备份服务器的可靠性时,可以配置备份服务器的HA功能。
前提条件
已明确HA主备节点对应的备份服务器和备份代理。
背景信息
HA英文全称High Availability,即高可用性,通常指采用主、备两个相同的模块以热 备份或者冷备份的方式完成指定功能,在主用模块故障时,备用模块会自动接替主用 模块执行系统功能,以提高系统可靠性。
eBackup备份管理系统支持HA功能,需要规划至少两个eBackup服务器(将其中一台 服务器初始化为备份服务器,其余服务器初始化为备份代理)。默认情况下,完成安 装配置后系统不启用HA功能,需要用户设置HA参数,将eBackup配置为高可用系统。
设置完成后,备份服务器和一个备份代理互为主备节点。当备份服务器故障时,备份 代理接替其维持系统正常运行。
操作步骤
步骤1 在导航栏上选择“ > 服务器”。
步骤2 可选: 在右上角搜索栏设置搜索条件,单击 ,快速查找相应的服务器。
步骤3 单击“HA管理”的下拉箭头,在弹出的快捷菜单中选择“增加HA成员”。
步骤4 根据提示信息选择一个备份代理(“可访问状态”为“可访问”,“注册状态”为
“已注册”)作为HA系统中的备节点(备份服务器作为主节点)。
步骤5 设置“浮动IP地址”和“仲裁网关”。
仲裁网关需要和主备节点的管理平面连通且IP地址不重复,此外,IP地址不能以127开 头。
----结束