Question

Integrate Nutanix with Veritas netbackup via different VLAN (Network Segmentation)

  • 24 June 2024
  • 4 replies
  • 60 views

We have a cluster with 3 nodes, we have configured multiple bridges for different networks, we isolated the NTNX cluster management traffic on specific VLAN and the Backplane traffic on another VLAN as well, we have a backup network with two different dedicated links on a different VLAN.

This backup network which the Veritas NetBackup software is in, and as far as I know it supports Nutniax clusters backup via a plugin, the backup host in our setup is on a different VLAN on a different bridge, so it's isolated from Nutanix cluster management and cluster VIP.

What is the best way to get the backup solution working with the mentioned setup, is there a way to expose the Nutanix API and allow access for that VLAN on dedicated bridge via different IP? or we have to configure network segmentation for KVolumns service? and if so, what the recommended way to route the traffic between the CVMs and the backup network bridge?

Thanks


4 replies

Userlevel 4
Badge +5

Hi,

What is the hypervisor used here? as you are saying bridge i assume AHV, please confirm.

https://portal.nutanix.com/page/documents/solutions/details?targetId=BP-2080-Veritas-NetBackup-AHV:BP-2080-Veritas-NetBackup-AHV

A easy option worth try is use multi-home (two NIC) which will act as proxy (backup host), one interface in CVM range and other in Backup range, in policies specify the backup host. 

 

F>P

Hi @sl.farhanparkar 

 

Yes, we are using AHV.

 

Here’s an image that shows what I mean:

 

We want to use the agent-less backup option in NetBackup, and as far as I understood the backup host will communicate with Cluster API (port 9440) and get access to NFS when added to filesystem whitelist, but in our case, we do need a way so the backup host can reach Cluster API and access to the file-system.

 

Can you expand a little bit about the multi-home (two NICs) option? I was thinking of adding a network segmentation for the ABS service and have this run on the same Subnet and VLAN as the backup host (172.16.x.y).

 

If there is a guide I can follow for what you suggested I would appreciate it if you can share it.

 

Thanks

Userlevel 4
Badge +5

Hi,

The network segmentation might be a good option but never tried it, but worth a try if you have any test cluster or so.

The multi-home as i mentioned is having two network interfaces to backup host, one in DS (Cluster IP) range and other interface in your backup range to access media server, backup target etc,

As on AHV the storage access is not NFS/SMB you will NOT require any whitelist. The backup workflow starts with API call to Nutanix cluster (prism) and the snapshot is mounted as volume group to backup host / proxy through DS IP and data is copied by the backup hosts. once the backup complete the snapshot and VG is deleted through API call again.

Hoe that make it clear

 

F>P

I’ll give the Network Segmentation a try, and report back.

I think the Network Segmentation should give the same result as the solution you mentioned.

So the backup host will only require to access the API at 9440.

I’m still curious to learn how to implement the two NICs, is there a documentation relevant for this setup?

 

Thanks

Reply