• BlueXP Cloud Backup Deployment in Restricted Mode
• Integration with ONTAP S3 as destination (Using REST APIs)
• April ’23 BlueXP Cloud Backup Enhancements
• Additional Job E-Mail and Notification Alerts
• Backup Activation User Experience Optimization
• Job Monitoring:- Enhanced Job Detail page

 

 

BlueXP Cloud Backup Deployment in Restricted Mode

Many organizations , due to their stringent requirements for data security and privacy regulations, opt to deploy BlueXP Connector build(Cloud Manager Connector Cloud build from NSS) in restricted environments within the commercial cloud regions which will have only outbound unidirectional connectivity to the BlueXP SaaS backend, which allows Cloud Volumes ONTAP services,  Cloud Backup  services and Cloud Data Sense services, automatic upgrades and Auth0-based authentication (including private Auth0 federation). Outgoing connection to the BlueXP backend service is limited only to charging data for PAYGO charging.

 

With the Apr ’23 release of BlueXP Cloud Backup, you can deploy BlueXP Connector build(Cloud Manager Connector Cloud Build) in restricted mode in cloud commercial regions. This would mean that you can download the BlueXP Connector build(Cloud Manager Connector Cloud Build) from the NetApp Support site and install the build in restricted mode. The current release supports deployments in AWS and Azure.

 

Features supported on BlueXP Restricted Mode cloud-based deployments ?

 

All the features currently supported for the normal Cloud Manager Connector Cloud (On-Prem) build are also supported in the Cloud Manager Connector restricted-site deployments on commercial cloud. The following table shows the list of features supported.

 

 

 

From the deployment perspective, it is done through an offline installer and internet connectivity is required for the completion of the installation. The supported endpoint will include AWS S3 storage, Azure Blob and StorageGRID. The authentication is done through Auth0 and authorization is based on Cloud Manager tenancy. The software upgrades for this deployment happens automatically on a monthly cadence.

 

 

Installing BlueXP Restricted Commercial Cloud-based Deployments

 

Requirements:-

The Connector software must run on AWS EC2 instance ,Azure VM instance that meet specific operating system requirements, RAM requirements, port requirements, and so on. A dedicated host is required. Please make sure that the AWS EC2 instance or Azure VM instances are not shared with other applications.

Cloud compute Requirements:-

Supported Cloud compute operating systems:-

* Red Hat Enterprise Linux 7.6
* Red Hat Enterprise Linux 7.7
* Red Hat Enterprise Linux 7.8
* Red Hat Enterprise Linux 7.9
* Red Hat Enterprise Linux 8.6
* Red Hat Enterprise Linux 8.7

 

The Red Hat Enterprise Linux system must be registered with Red Hat Subscription Management. If it is not registered, the system cannot access repositories to update required 3rd party software during Connector installation.
The Connector is supported on English-language versions of these operating systems.

 

Hardware Requirements:-

• CPU:- 4 cores or 4 vCPUs
• RAM :- 14 GB
• Disk space in /opt :- 100 GiB of space must be available
• Disk space in /var:- 20 GiB of space must be available

 

Docker Engine:-

Docker Engine version 19 or later is required on the host before you install the Connector. View installation instructions.

 

Downloading the Installer:-

1. Log in to the NetApp Support Site, and navigate to the Download page for installing Cloud Manager on the Red Hat Enterprise Linux platform. https://mysupport.netapp.com/products/index.html
2. Download the Cloud Manager Connector Cloud installer .zip file to a directory on the target system.
3. Verify the checksum to ensure that the software downloaded correctly.

 

 

Installing Cloud Manager(BlueXP) Connector Cloud installer :-

 

In this section, we will discuss how BlueXP in Restricted Mode with Cloud Backup Support can be installed.

1.Verify that docker is enabled and running.

 

 

 

 

sudo systemctl enable docker && sudo systemctl start docker

 

 

 

2.Copy the installer to the Linux host.
3.Assign permissions to run the script

 

 

 

 

chmod +x /path/Cloud-Manager-Connector-Cloud-v3.9.28

 

 

 

4.Run the installation script:

 

 

 

 

sudo /path/Cloud-Manager-Connector-Cloud-v3.9.28

 

 

 

Setting Up BlueXP in Restricted Mode

Now that we have installed Cloud Manager(BlueXP )  , let's go ahead and examine how it can be configured and set up.

 

1. Open a web browser and enter https://ipaddress where ipaddress is the IP address of the Linux host.

 

 

2. You should see the following “Log in to NetApp BlueXP ”screen. Sign up as a new user.

 

3.Give in the email ID, password, company, full name , phone number and click on “Sign-Up”. Accept the End User License Agreement, clicking on the check box stating that “I accept all the Terms and Conditions”. Click on continue.

 

4.Upon clicking continue, you will be greeted with a welcome screen prompting you get started by creating an new account for your organization. If your organization has already an existing account, request the admin to add you to the account. Give in the “Connector Name” and “Account Name”

On the lower part of the screen you will be asked if you are running in a restricted environment. Using restricted deployment mode disconnects this account from blue XP backend services .Restricted deployments are often required in extremely secure and regulated environments.It will warn that you should use “restricted” option only if you’re sure or else certain BlueXP functionality will not be available in the “restricted” deployment.

 

5. Once the restricted account is created, the Cloud Manager install will be completed by pulling all the required containers for deploying in restricted mode.

 

6. Once the installation is completed and you are logged in, it asks the user to go ahead and add the first working environment. Click on “Add Working Environment” to start the wizard that will help you add the Cloud Volumes ONTAP systems

 

7. Now Click on the discovered working environment and it will list all the services that can be assigned to the working environment and their current status. On the “Backup and Recovery” service tab, click on “Enable”. Give the “Provider Settings” details to provision the S3 bucket which will be used as the backup destination. Go ahead and define a policy. Choose the appropriate backup schedule and the retention count. Click on “Next”. Choose the required volumes that need to be backed up. Click on “Activate Backup”. Backups will be activated on the chosen volumes.

 

Integration with ONTAP S3 as destination (Using REST APIs)

 

Since ONTAP 9.7, S3 object storage server has been made accessible in ONTAP, and under the hood, it stored objects in a FlexGroup. This integration involved support of the AWS S3 API functions by ONTAP, which allows data to be presented as objects within ONTAP-based platforms, such as AFF, FAS, and ONTAP Select. Initially released as a product preview, the S3 server became a fully supported protocol in version 9.8. The ONTAP S3 server is compatible with all platforms running ONTAP 9.8 or later.

 

The latest version of the BlueXP Cloud Backup service now includes compatibility with ONTAP S3 as a backend endpoint. This means that you can utilize Snapmirror to Cloud to securely backup your volume to ONTAP S3 via the BlueXP Cloud Backup service.

 

Please note,  currently ONTAP S3 backend integration is available only using BlueXP Cloud Backup REST APIs.

 

In this blog, we will briefly examine how you can backup your Volume snapshots to ONTAP S3 using BlueXP Cloud Backup REST APIs.

 

Where can I learn more about ONTAP S3 :- https://www.netapp.com/pdf.html?item=/media/17219-tr4814pdf.pdf

 

Kindly take note of the following details regarding the integration of API with ONTAP S3:

1. The current support is limited to backing up volumes from On-Prem ONTAP only. Cloud Volumes ONTAP working environments are not yet supported for backup.
2. Although volume restores are supported, restores for folders and files are currently unavailable.
3. Search and Restore (Indexed Catalog) capability is supported on ONTAP S3 as the backend.
4. You can perform single file restores, folder restores, and volume restores using the "Search and Restore" feature.
5. Upon completion of the backup process through the BlueXP Cloud Backup REST API, you may use the BlueXP Cloud Backup UI to restore volumes, and use the "Search and Restore" feature to restore files, folders, or volumes.

 

 

How do I backup to ONTAP S3 using BlueXP Cloud Backup REST APIs?

 

In order to backup your volumes to ONTAP S3 using BlueXP Cloud Backup APIs, we would need to first use the v3 version of the backup working-environment BlueXP Cloud Backup REST API to enable backup on the specified working environment. Following is the example of the backup working environment REST API that can be used to enable the backup

 

 

 

 

 

curl --location --request POST 'http://localhost:8061/account/account-mdLRozSn/providers/cloudmanager_cbs/api/v3/backup/working-environment/OnPremWorkingEnvironment-dY2cZPXs' \
--header 'X-Agent-Id: GX6OQ3xrKn92K7QgRb9oS0QRt9z4S4cHclients' \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data-raw ' {
"provider": "ONTAP_S3",
"region": "eastus",
"backup-policy": {
"name": "CloudBackupService-1675677456440",
"rule": [
{
"label": "hourly",
"retention": "3"
}
]
},
"ontap-s3": {
"storage-server": http://CBSFAS8300-02-ip7.rtp.openenglab.netapp.com,
"access-key": "XDFDG141OYGOSXXXXXXX",
"secret-password": "843KTWkz3_WBtt2h98QXlLHO_J0VqUXCOOXXXXXX"
},
"ip-space": "Default"
} '

 

 

 

 

 

In the body of the backup working-environment REST API, make sure to include the “ontap-s3” storage-server details, access key and secret password.

 

Now use the backup volume REST API to go ahead and backup all the volumes within the working environment .

 

 

 

 

 

curl 'http://localhost:8061/account/account-mdLRozSn/providers/cloudmanager_cbs/api/v3//v1/working-environment/ OnPremWorkingEnvironment-dY2cZPXs/volume' \
-H 'authorization: Bearer Iqjjdj8er3IRPBJ7FAUlBQSIzD5DlO3qFK7DPfJ2NmnUXKmbX3ic7C7KYkM7r4iXwGBXVbwk2oYZuvpjO8rQ' \
-H 'x-agent-id: 3WYUZ5HLkECQsS6TXuBF9kNZq5fIdhrOclients' \
-H 'x-netapp-workspace-id: workspace-q5vun7ee' \
--compressed

 

 

 

 

 

You can use the BlueXP Cloud Backup Job Monitoring page to check the status of the backup activation job process.

 

You can also check the progress of the backup activation on the BlueXP Timeline

 

 

Once the backup activation is completed using the BlueXP Cloud Backup REST API, you can use the BlueXP Cloud Backup UI to do backup management of the protected volumes and perform volume-level restores using the “Restore Dashboard” -> “Volume Restore” button.

 

You can also enable the “Indexed Catalog” feature using the “Indexed Settings” button and also do a “Search and Restore” for a file, folder, and volume using the “Search & Restore” button.

 

 

April ’23 BlueXP Cloud Backup Enhancements

Additional Job E-Mail and Notification Alerts

Previously, BlueXP Cloud Backup sent Job alerts for ad-hoc backup job failures, restore job failures, backup activation failures for a working environment, and potential ransomware attack detection.

With the April ’23 release, enhancements have been made to send alerts to BlueXP notification center in case of a scheduled job failure and restore job completion with warnings.

With the new enhancements, mail will be sent to the users configured under the “Alerts and Notification” setting when a scheduled backup job fails. The following picture shows the mail content sent to the usesr for a scheduled backup failure.

 

The following picture shows the notification shown on the BlueXP Console for a scheduled backup failure.

 

 

Email messages will also be sent to users when a failure is encountered with restore jobs.( in the event of a File restore failures, Folder restore failures and Volume restore failures)

 

The following picture shows the notification shown on the BlueXP Console in the event of a File restore failure, Folder restore failure, and Volume restore failure.

 

 

 

Backup Activation User Experience Optimization

Currently, when a cloud backup user initiates a backup for a working environment, the BlueXP user interface becomes inaccessible until the selected volumes are backed up to object storage. This process can take a long time, especially if a significant number of volumes with large capacities are chosen to backup , and it prevents the user from carrying out any further tasks in Cloud Backup . This behavior is not desirable for the backup activation flow.

 

The latest update to BlueXP Cloud Backup has brought about an improvement in the user experience by allowing the backup process to run in the background, without blocking the user's session. This means that users can continue to use the UI while their backup job is being processed, without any interruption. Moreover, a link to the job monitoring page will be provided to users, enabling them to keep track of the progress of their backup activation.

 

 

Clicking on the “Job Monitoring” tab,will take you to the Job page which will list “Backup From”, “Backup To”, “Backup Details” and “Time Indication and Data Transfer” details.

 

 

A notification will also be displayed when the Backup Activation completes, in the notification panel.

 

 

Job Monitoring:- Enhanced Job Detail page

Previously, BlueXP Cloud Backup “Job Details” page under the Job Monitoring functionality provided very basic details on backup and restore jobs. In the new release, 4 widgets have been introduced to organize the job details of backup jobs and 5 widgets have been introduced to organize the job details of restore jobs.

• For the backup job details, the widgets will show you the “Backup From” details, “Backup To” details, “Backup Details” and “Time Indicator and Data Transfer” details.

 

• For the Restore job details, the widgets will show you the “Restore Content” details,“Restore From” details, “Restore To” details, “Restore Details” and “Time Indicator and Data Transfer” details