White!Paper! Protect Your Cisco UCS Domain with Symantec...

This document is provided for informational purposes only. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Copyright © 2014 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

White Paper

Protect Your Cisco UCS Domain with Symantec NetBackup August 2014

SYMAN

TEC NETBACKU

P WHITEPAPER

PROTECTIN

G A CISCO

UCS DO

MAIN

i

Symantec NetBackup Whitepaper – Protecting a Cisco UCS domain with Symantec NetBackup

Table of Contents

What You Will Learn 1 Introduction 1

Audience 1 About Symantec NetBackup 1 About Cisco Unified Computing System 2 Cisco UCS Backup 2

Solution Overview: Protecting a Cisco UCS Domain 5 Cisco UCS Manager 5 Symantec NetBackup and Cisco UCS Manager 5

Solution Configuration: Symantec NetBackup 5 Data Collection 5 Configuring Prebackup and Postbackup Processing 6 Scheduled Backups of a Cisco UCS Domain 6 Configuration Steps 7

Schedule the Backup 7 Define the Client 8 Define the Cisco UCS Manager MIT Snapshot Storage Location 9

Solution Configuration: Cisco UCS Manager Backup 10 Cisco UCS Manager MIT Snapshot 11 Cisco UCS Manager MIT Snapshot Reports 12

Solution Configuration: Restoring UCS Domain Configuration using Symantec NetBackup16 Conclusion 19 Appendix A: Using Microsoft Windows PowerShell Scripts to Take Cisco UCS MIT Snapshots 20 Appendix B: Symantec NetBackup Preprocessing and Postprocessing 21 Appendix C: Symantec NetBackup and Cisco UCS Performance Benchmarks 22 Appendix D: Strategy for using a MIT Snapshot and MIT Snapshot reports 23 Appendix E: Interpreting and using the UCS Snapshot Report 25


What You Will Learn This document explains how Symantec NetBackup can be configured to protect a Cisco Unified

Computing System™ (Cisco UCS®) domain.

This document applies to Symantec NetBackup Versions 7.5 and 7.6.

If you have any feedback or questions about this document, please email them to IMG-‐TPM-‐

[email protected] stating the document title.

Introduction This document explains how Symantec NetBackup can be configured to protect a Cisco UCS domain.

Audience

This document assumes that the reader has or is using Symantec NetBackup and has an understanding

of Symantec NetBackup concepts and architecture. This document covers the use of Symantec

NetBackup on all supported platforms. If there are any OS-‐specific considerations, these are mentioned

in the document.

About Symantec NetBackup

The Symantec NetBackup platform is an enterprise-‐level heterogeneous backup and recovery suite. It

provides cross-‐platform backup functions to a large variety of Microsoft Windows, UNIX, and Linux

operating systems. Symantec NetBackup comes with support for many hardware devices, such as tape

drives, tape libraries, and disk units, and it supports hot backups for major database products such as

Oracle databases, it can natively backup and restore the virtual machines of major virtualization

products such as VMware Infrastructure, it can use the Network Data Management Protocol (NDMP),

and it offers tape vaulting. Symantec NetBackup also enables LAN-‐free and server-‐free backups in SAN

fabric environments.

Symantec NetBackup has a significant history with the Cisco UCS platform. Symantec NetBackup has

achieved recording-‐breaking backup performance in a VMware environment hosted on Cisco UCS. These

benchmarks have been featured at major industry conferences, including the Symantec Vision

conference and VMware VMworld conference. More information about these benchmarks can be found


in Appendix C. Symantec NetBackup is also the first backup vendor to achieve the official Cisco

Interoperability Verification Testing (IVT) certification.

About Cisco Unified Computing System

Cisco UCS is a next-‐generation data center platform that unites computing, networking, and storage

access resources. The platform, optimized for (but not limited to) virtual environments, is designed with

open industry standard technologies and seeks to reduce total cost of ownership (TCO) and increase

business agility. The system integrates a low-‐latency, lossless 10 Gigabit Ethernet unified network fabric

with enterprise-‐class, x86-‐architecture servers. The system is an integrated, scalable, multichassis

platform in which all resources participate in a unified management domain.

Cisco UCS Manager implements policy-‐driven management of the Cisco UCS server and network

resources. Network, storage, and server administrators all participate in the creation of policies in their

areas of domain expertise. Policies are consumed by service profiles, allowing Cisco UCS Manager to

fully configure the servers, adapters, and fabric extenders and the appropriate isolation, quality of

service (QoS), and uplink connectivity on the Cisco UCS 6200 or 6100 Series Fabric Interconnects.

Cisco UCS Backup

A single Cisco UCS domain can consist of up to 160 servers as well as unified network and storage

infrastructure. The infrastructure and the policies used to configure it represent a significant investment

and provide the foundation for delivery of applications and services in the data center. Because of the

scale and significance of its role in the data center, Cisco UCS should be deployed in conjunction with a

robust backup strategy. The backup strategy should capture the Cisco UCS state and configuration at

regular intervals. For this purpose, Cisco UCS provides several types of backups that administrators can

initiate or schedule at regular intervals:

• Full State: This backup type provides a snapshot of the entire system. It produces a binary file that

can be used to restore or rebuild the system's configuration on the original fabric interconnect or to

re-‐create the configuration on a different fabric interconnect.

• All Configuration: This backup type provides an XML file that includes the system and logical

configuration settings. This file can be imported to the original (or recovery) fabric interconnect.

• Logical Configuration: This backup type provides an XML file that includes only logical configuration

settings. This file can be imported to the original (or recovery) fabric interconnect.


• System Configuration: This backup type provides an XML file that includes only the related

configuration. This file can be imported to the original (or recovery) fabric interconnect.

The foundation of a Cisco UCS backup strategy should be collection of Full State and All Configuration

backup information for the system at regular intervals. This backup strategy will provide the necessary

information to recover from almost any failure scenario.

Although Full State and All Configuration backups provide comprehensive system configuration

information and settings, the backup files are large, and operators may have difficulty locating and

editing settings. The Full State backup file is in binary format, which prevents the operator from editing

or browsing it. It can be applied only in an all-‐or-‐nothing fashion to recover a Cisco UCS domain instance.

The XML backup types (All Configuration, Logical Configuration, and System Configuration) capture only

configuration data (which can be imported into Cisco UCS Manager to facilitate recovery). They do not

provide state information such as information about faults, configuration errors, and hardware

inventory, which can useful during disaster recovery.

Ideally, during system recovery, operators have access to complete information about the state of the

system before the failure occurred. Operators should quickly be able to identify the hardware and

firmware versions of all components in their Cisco UCS domain (because subtle changes can be the

source of changes in system behavior). Operators should be able to view the backed-‐up system's policies

in conjunction with its state information, which would allow operators to check whether a fault was

introduced during recovery or existed on the backed-‐up system. This information should be accessible in

a well-‐organized and graphical format because backups are often several megabytes in size and contain

configuration data spanning the storage, networking, and computing domains. This organization can be

accomplished by using the Cisco UCS XML API to extract a management information tree (MIT), or

configuration management database, snapshot and then mining its data to produce a report about the

Cisco UCS instance.

This document illustrates this technique using two simple scripts to produce a detailed Cisco UCS MIT

Snapshot Report with the following information:

• Hardware inventory for each Cisco UCS component

• Installed firmware version for each Cisco UCS component

• Fault report with a complete list of the Cisco UCS faults, including their severity

• Navigation links to view the XML content to configure many Cisco UCS policies


• LAN and SAN configuration information

• Cisco UCS identifiers report: MAC addresses, World Wide Names (WWNs), World Wide Port Names

(WWPNs), universal user IDs (UUIDs), and International Qualifications Network (IQN) addresses

For each service profile, the report contains the following information:

• All policies referenced from the service profile

• Hardware and firmware information for the associated hardware

• Network and storage VLANs

• Identities used by the service profile

The Cisco UCS MIT Snapshot Report is useful whether you are recovering from multiple failed

components or from the inadvertent deletion of a policy. You can modify or augment this report to

harvest the information that is most valuable to your Cisco UCS deployment. Because the report is

produced offline, there is no risk of affecting the Cisco UCS domain, and the Cisco UCS MIT snapshot is

available for additional processing.

To prepare for disaster recovery, a Cisco UCS backup regimen should include Full State and All

Configuration backup as well as a Cisco UCS Snapshot Report. The remainder of this document

describes how you can implement this regimen using Symantec NetBackup.


Solution Overview: Protecting a Cisco UCS Domain Cisco UCS Manager and Symantec NetBackup work together to protect the Cisco UCS domain.

Cisco UCS Manager

The Cisco UCS Manager MIT, or configuration management database, contains comprehensive

configuration settings that define the network, storage, and server configurations for domains that

consist of large numbers of servers. Erroneous configuration changes, whether malicious or inadvertent,

and hardware failures may require operator intervention to recover the system. To plan for this

contingency, you should have in place a backup strategy that includes the following:

• Full State backup

• All Configuration backup

• Cisco UCS MIT snapshot

• Cisco UCS MIT Snapshot Report

Symantec NetBackup and Cisco UCS Manager

Symantec NetBackup can easily be configured to protect a Cisco UCS domain. The Cisco UCS domain can

be backed up as often as necessary, retained for any length of time, and restored on demand. This level

of protection helps ensure that any version of any Cisco UCS domain policy can be accessed whenever

needed.

Solution Configuration: Symantec NetBackup Symantec NetBackup uses the concept of a policy. A policy defines what gets backed up, when it gets

backed up, how long the backed-‐up data is retained, and where the data is written (to disk, tape, etc.).

Symantec NetBackup uses a client that is installed on a Linux system. This client is then configured to

collect the Cisco UCS domain information and write it to a predefined destination.

Data Collection

The collection of Cisco UCS domain information is processed through prebackup and postbackup

processing capabilities designed into Symantec NetBackup. These capabilities are available through any

Symantec NetBackup Linux client. Each time a backup is performed, Symantec NetBackup automatically

runs a pre-‐backup processing script, called bpstart_notify. When the scheduled backup of this client is


finished, a postbackup processing script, called bpend_notify, is automatically run. It is through this

prebackup and postbackup processing that the Cisco UCS domain backup information can be collected.

This processing is discussed in greater detail in subsequent sections.

Configuring Prebackup and Postbackup Processing

Configuration of the Symantec NetBackup bpstart_notify and bpend_notify behavior varies somewhat

depending on the version of Symantec NetBackup in use. Consult the Symantec NetBackup

administration guide for the specific version of Symantec NetBackup that you are using to obtain

information that is specific to that version.

The script that is defined in subsequent sections of this document must be configured as described here.

The script text is copied to the following file:

• Linux: /usr/openv/netbackup/bin/bpstart_notify

This script, called by the Symantec NetBackup client process (bpbkar), is started as part of a standard

backup process. The script is run during all scheduled backups for the Symantec NetBackup policy.

Because no post-‐backup processing is required, the bpend_notify script does not need to be created.

Scheduled Backups of a Cisco UCS Domain

During the pre-‐backup processing described previously, the Cisco UCS Manager MIT snapshot is copied

to the Symantec NetBackup system, where Symantec NetBackup protects it. This protection process is

accomplished by configuring a Symantec NetBackup policy. Basic information related to the Symantec

NetBackup policy can be found in the Symantec NetBackup administration guide associated with your

version of Symantec NetBackup.


Configuration Steps

The main configuration tasks within the Symantec NetBackup policy are described in the following

sections.

Schedule the Backup

From within the Symantec NetBackup policy, select the Schedule tab (Figure 1). Here you can define

specifically when the Cisco UCS MIT snapshot will be taken. In this example, the domain is backed up

every night at 22:00 although this backup window can be defined for any time frame. A best practice is

to perform backup operations when Cisco UCS Manager is less likely to apply configuration changes.

Figure 1: Symantec NetBackup Schedule


Define the Client

Next, define the client that will receive a copy of the Cisco UCS Manager MIT snapshot (Figure 2). Note

that this client can be a physical system or a virtual machine. This client can also be any Symantec

NetBackup configuration including a Symantec NetBackup (Linux) master, media, or client system.

Figure 2: Symantec NetBackup Client Definition


Define the Cisco UCS Manager MIT Snapshot Storage Location

Define the data that will actually be protected by Symantec NetBackup (Figure 3). The location defined

here on the Backup Selections tab is the location to which the Cisco UCS Manager MIT snapshot is sent.

Figure 3: Cisco UCS MIT Snapshot Storage Location


Solution Configuration: Cisco UCS Manager Backup Cisco UCS Manager provides the capability to create backup policies to schedule Full State and All

Configuration backups. Figure 4 shows the Cisco UCS Manager Configuration screen.

Figure 4: Cisco UCS Manager Configuration Screen

You can configure the communications protocol, credentials, and backup frequency. Using these

settings, Cisco UCS Manager will perform backup operations and copy backup files to the specified

remote location. This is all you need to do to automate Full State and All Configuration backups.

Note: This backup approach is the one that most customers use; however, you can also manually initiate

backup operations on demand from Symantec NetBackup using the Cisco UCS Manager XML API. The

Microsoft Windows PowerShell script provided in Appendix A: Using Microsoft Windows PowerShell

Scripts to Take Cisco UCS MIT Snapshot demonstrates this approach.


Cisco UCS Manager MIT Snapshot

The example in this document uses a Perl script named snapshot-‐mit.pl to take a Cisco UCS Manager

MIT snapshot. This script has the following requirements:

• Perl must be installed on the backup system1.

• IP connectivity from the backup system to Cisco UCS Manager is required.

• Cisco UCS Manager credentials are required.

Download and unzip the ucs-‐snapshot.tgz2 archive. The top-‐level directory of the archive is referred to

as SNAPSHOT_HOME below. The directory structure is as follows:

• bin: Contains the Perl script ucs-‐backup-‐report.pl

• cfg: Contains configuration files

• snapshots: Is used to store the Cisco UCS snapshots

Edit the configuration file SNAPSHOT_HOME/cfg/snapshot.cfg as appropriate for your Cisco UCS

domain and snapshot directory. The configuration file contains the following settings:

# snapshot.cfg : snapshot-‐mit configuration file;

[UCS]

URI = https://ucs-‐vip-‐ip/nuova

UNAME = admin

PASSWORD = PASSWORD

1 The appendix contains instructions on how to collect a Cisco UCS MIT snapshot using a

Microsoft Windows PowerShell script. It requires Cisco UCS PowerTool libraries to be installed

on the backup system.

2 UCS Manager MIT Snapshot Tool -‐ https://communities.cisco.com/docs/DOC-‐52108


[APP]

# Local directory to store the MIT backup to:

BACKUP_HOME = /home/ucs-‐snapshot/snapshots

# Maximum number of backup files to retain (before deleting oldest)

MAX_BACKUP_FILES = 7

Enter the following command to take a Cisco UCS Manager MIT snapshot:

perl ./bin/snapshot-‐mit.pl –cfg=./cfg/snapshot.cfg

Manually run the script to verify that the configuration was successful. The MIT snapshot file will contain

a timestamp in its name, like this:

ucs-‐snapshot-‐2014-‐04-‐25-‐04_51_08.xml

After you have verified the configuration, add the command to the bpstart_notify script. Then Symantec

NetBackup will automatically collect Cisco UCS MIT snapshots based on its configuration.

You can process the Cisco UCS Manager MIT snapshot offline to extract configuration information and

produce reports about the system.

Cisco UCS Manager MIT Snapshot Reports

You can copy the Cisco UCS Manager MIT snapshot to another system for offline processing, such as

report generation. The example here uses a ucs-‐snapshot-‐report script to generate a report. This script

has the following requirements:

• Perl must be installed on the system.

• The system must have sufficient memory and disk space for processing Cisco UCS Manager MIT

snapshots, which are often many megabytes in size.


Download and install the UcsSimple-‐CommMgr-‐master.tgz3 package. One way to install this package and

its dependent packages is to extract the archive, cd into the extracted directory, and use cpanm, as

follows:

cpanm –I UcsSimple-‐CommMgr-‐0.0001.tar.gz

Download and unzip the ucs-‐snapshot.tgz archive. For clarity, the top-‐level directory of the archive is

referred to here as SNAPSHOT_HOME. The following directories are pertinent for this application:

• bin: Contains the Perl script ucs-‐backup-‐report.pl

• cfg: Contains configuration files

• snapshots: Stores Cisco UCS snapshots

• assets: Contains CSS files and JavaScript used by the reports

• schema: Used for your UCS-‐IN schema file

Download the Cisco UCS XML schema that corresponds to the version of Cisco UCS Manager from which

the snapshot was taken. This schema can be found here on the Cisco Communities website4. Download

the schema files archive that match your UCS Manager version and extract the contents to the

SNAPSHOT_HOME/schema directory.

Edit the configuration file SNAPSHOT_HOME/cfg/report.cfg as appropriate for your Cisco UCS domain

and desired snapshot directory. The configuration file contains the following settings:

# report.cfg : ucs-‐backup-‐report configuration file;

[APP]

SCHEMA = /home/ucs-‐snapshot/schema/UCSM-‐IN.xsd

CSS_DIR = /home/ucs-‐snapshot/assets

BACKUP_HOME = /home/ucs-‐snapshot/snapshots

3 UCS Manager MIT Snapshot Tool -‐ https://communities.cisco.com/docs/DOC-‐52108

4 UCS Manager XML Schema at https://communities.cisco.com/docs/DOC-‐36350


A report can be generated as follows:

perl ucs-‐snapshot-‐report -‐-‐cfg=./cfg/report.cfg

-‐-‐xml=./snapshots/ucs-‐backup-‐2014-‐04-‐25-‐04_51_08.xml

This script will create a subdirectory in BACKUP_HOME to hold the report. The directory’s name will

have the same name as the snapshot file, without the “.xml” extension. Thus, for the example here, the

report directory name would be:

REPORT-‐ucs-‐snapshot-‐2014-‐04-‐25-‐04_51_08/

To view the report, you open the index.html file in your browser (Figure 5).

Figure 5 shows the top-‐level page of the report. This report provides many different tabs and views. Feel

free to explore and to add the information and views that you find useful.


Figure 5: Cisco UCS Backup Report


Solution Configuration: Restoring UCS Domain Configuration using Symantec NetBackup In the “Solution Configuration: Symantec NetBackup” section, we described how to protect the Cisco

UCS state and configuration snapshots. In this section we will describe the steps required to restore the

Cisco UCS state and configuration snapshots.

There are two steps involved in this process. First, the Cisco UCS state and configuration snapshot is

restored from a previously performed backup. Second, the Cisco UCS state and configuration snapshot

data is used by UCS/NetBackup Administrators to selectively restore a UCS Configuration. The following

sections document this restore process.

NetBackup Restore Overview

NetBackup offers flexible methods for restoring file and folder data. By default NetBackup will restore

protected data to the original location from which the data was backed up. This may not be optimal as

this location may contain actively backed up copies of the Cisco UCS state and configuration. Optionally,

NetBackup can easily be configured to restore data to an alternate location. We will describe how to

restore the Cisco UCS state and configuration snapshot to the original or alternate location.

Restore the Cisco UCS State and Configuration Snapshot from Previous Backup

This restore process is essentially the same process used to restore any file that was backed up with

NetBackup. In this restore description, we will assume the same client name and restore folder and file

definitions that we used to back up the UCS Manager MIT snapshot. Those definitions are as follows:

Client name: UCS_Profile_VM16

Restore directory: /home/ucs-‐snapshot/snapshots

To process the restore of the Cisco UCS state and configuration snapshot, perform the following steps

from the main NetBackup Administration console:


1. Select the Backup,

Archive, and Restore

option.

2. Click the Restore Files

tab.

3. Click here to select the Restore options.

4. Type the name of our

client: UCS_Profile_VM16

We will restore the data to

the same client. If we needed

to restore the data to a

different NetBackup client, we

could enter that client name

here.

5. Make sure the policy type

is Standard.

6. Click OK.

Now we see the files and folders that we backed up. Our Cisco UCS state and configuration snapshot

was stored in the “/home/ucs-‐snapshot/snapshots” directory as shown next.


We can process the restore as follows:

From this section we can

select the specific backup

image that we want to

restore. In this example

we will used the default

backup image which is the

most recent image.

1. Mark the checkbox next

to the folder named:

snapshots

2. Click here to begin the

restore process.

The Restore Marked Files dialogue box

provides additional restore options. In this

case, we will restore the files to the original

location.

To ensure that we don’t inadvertently

overwrite important files we will not select

the Overwrite existing files option.

3. Select Start Restore to begin the restore

process.


Conclusion Cisco UCS should be deployed in conjunction with a robust backup strategy. The foundation of this

strategy should be Full State and All Configuration backups and Cisco UCS Manager MIT snapshots

captured at regular intervals. The Cisco UCS Manager MIT snapshots can be processed offline to

generate useful reports about all aspects of Cisco UCS. This document described how to use Symantec

NetBackup to implement this backup strategy.


Appendix A: Using Microsoft Windows PowerShell Scripts to Take Cisco UCS MIT Snapshots You can use a Microsoft Windows PowerShell script and the Cisco UCS PowerTool library to take a Cisco

UCS Manager MIT snapshot (as an alternative to the Perl script simple-‐ucs-‐backup.pl). In this case, you

need to install the Cisco UCS PowerTool libraries on the backup system. You can invoke the

BackupMIT.ps1 script 5as follows:

./BackupMIT.ps1 –backupDir c:\Backups

This script will download the following items:

• Full State backup

• All Configuration backup

• Cisco UCS MIT snapshot

Note: you can comment out commands in this file to get only the Cisco UCS Manager MIT snapshot.

The script creates files of the following form in the specified backup directory:

• SJC18-‐L07-‐UCS1-‐2014-‐24-‐04-‐22-‐06-‐config-‐all.xml (Full State backup)

• SJC18-‐L07-‐UCS1-‐2014-‐24-‐04-‐22-‐05-‐config-‐system.xml (All Configuration backup)

• SJC18-‐L07-‐UCS1-‐2014-‐24-‐04-‐22-‐06-‐MIT.xml (MIT snapshot)

The Cisco UCS Manager MIT snapshot can be processed offline to create the Cisco UCS Manager Backup

report.

5 UCS Manager MIT Snapshot Tool at https://communities.cisco.com/docs/DOC-‐52108


Appendix B: Symantec NetBackup Preprocessing and Postprocessing The prebackup and postbackup processing capabilities provided by Symantec NetBackup are performed

using scripts named bpstart_notify and bpend_notify. To enable the use of these scripts, you need to

place them on a system configured as a Symantec NetBackup master, media, or client system. The pre-‐

processing script must be placed in the following location:

• Linux or UNIX: /usr/openv/netbackup/bin/bpstart_notify

Every time a Symantec NetBackup policy runs against this client, this script will be implemented.

The exact way in which these scripts run can vary between Symantec NetBackup versions. Information

that is specific to the version of Symantec NetBackup in use can be found in the Symantec NetBackup

administration guide that covers your version.

Additional information can be found in the following Symantec TechNotes:

• How to use the bpstart_notify and bpend_notify scripts:

http://www.symantec.com/docs/TECH162973 • Implementing the Symantec NetBackup bpstart_notify and the bpend_notify scripts when using

multistreaming in the backup policy: http://www.symantec.com/docs/TECH69986.


Appendix C: Symantec NetBackup and Cisco UCS Performance Benchmarks The Symantec NetBackup and Cisco UCS teams have worked together to provide two separate

performance benchmarks. These benchmarks provide information related to performance tuning,

recommended hardware configurations, and performance best practices.

More information about these benchmarks can be found at the following URLs:

• Symantec NetBackup, Cisco UCS, and VMware vSphere joint backup performance benchmark:

http://eval.symantec.com/mktginfo/enterprise/white_papers/b-‐

nbu_cisco_vmware_backup_perf_21157021_WP.en-‐us.pdf

• Increasing backup performance: https://www4.symantec.com/Vrt/offer?a_id=151949


Appendix D: Strategy for using a MIT Snapshot and MIT Snapshot reports

Summary: As mentioned earlier, a MIT (Management Information Tree) Snapshot is a point-‐in-‐time

snapshot of the UCS Manager MIT. MIT Snapshot Reports can be created from any MIT Snapshot, and

the result will be a user-‐friendly html report that is easy to browse for configuration data.

The MIT Snapshots and Reports can be very useful as a reference of how the UCS System hardware was

configured at a particular point in time. Next we will discuss some sample example Use Cases for using

SnapShot Reports.

Example Use Cases where the MIT Snapshot/Report can be helpful:

1. Restoring NetBackup data to a UCS Domain with different hardware

a. If a disaster has occurred and Operating System data is to be restored to a UCS domain

with different attributes (perhaps different server models, adapters, etc...), the MIT

Snapshot and Report can be useful in determining the exact server configuration before

the disaster, so that an appropriate server can be identified for data restore.

b. Example: If restoring a Database server, it may be important that the new target server

has similar type of hardware (processors, memory, and disk controller/local disks). In

many cases, it is equally important to understand the granular details of the hardware

configurations (Firmware Levels, BIOS Settings, NIC and HBA configurations, access layer

configurations for Network/SAN). Using this data from the MIT Snapshots/Reports,

NetBackup and UCS Administrators can work collaboratively in locating an appropriately

configured server to restore data backups and reduce risk.

2. Recovering UCS configuration that was inadvertently changed or deleted

a. If a UCS Administrator makes an inadvertent change or even deletion to UCS

Configuration (policies, pools, templates or individual configurations), you can use the

Snapshots and Reports to review the system configuration that was in place at a given


time. The Reports can be a reference for re-‐creating configuration manually, but as you

will see shortly, the Reports also contain XML data for these individual pools, policies,

templates, that can be imported using UCS Automation Tools like the UCS Python SDK,

UCS PowerTool (PowerShell library) or goUCS.

b. Example: a BIOS Policy contains an exhaustive list of the BIOS Settings of an x86 Server.

If a BIOS Policy was inadvertently changed, there would be many settings to compare,

and there would be risk that an Administrator might miss one of the many settings that

are being compared. Rather than comparing the BIOS Settings manually, an

Administrator could choose to import the XML Data for this particular policy from the

report. Importing the XML data will create the BIOS Policy if it was deleted, or modify

an existing BIOS policy, in the event that the policy was changed inadvertently.


Appendix E: Interpreting and using the UCS Snapshot Report The UCS Snapshot report (See “Cisco UCS Manager MIT Snapshot Reports” above) can be created from

the UCS MIT Snapshot – the end result is a folder of html files that can be used to browse the UCS

Configuration in a user-‐friendly manner. First locate the folder where your reports are written to (check

your configuration files – the default location is /home/ucs/ucs-‐snapshot/snapshots):

Navigate inside the Report folder you are most interested in and you will see a list of html files and

subfolders containing the configuration that was generated from the ucs-‐snapshot-‐report utility:


The index.html will default to the Domain tab and provide a summary:


Click the Service Profiles tab to review the list of Service Profiles configured at the time that the

Snapshot was taken.

Note: On the Service Profiles tab, you can see the UUID associated with each Service Profile. The

Server UUID is a great example of a unique identifier that can be used to identify the hardware

configuration of one specific server for which you may need to restore data.

Note: Other examples of unique server identifiers are MAC, Port WWN, or ISCSI IQN addresses. These

identifiers are available in their respective tabs, or by navigating the hyperlinks in the Service Profile tab.


After the Service Profile name is identified, the UCS and NetBackup administrators now have access to

the detailed hardware configuration for this server (at a point in time when the snapshot was taken).

The Tabs on the left side will link to detailed Hardware Configuration, inventory, etc...

Using this detailed hardware configuration, UCS and NetBackup Administrators can now make an

informed choice as to where OS data should be restored, and identify the desired hardware

configuration for the target server.


For Use Cases where UCS configuration was inadvertently changed or deleted by an Administrator:

Hyperlinks that point to a specific Policy, Pool or Template will link to the specific XML for that object in

the UCS MIT. The screenshot below illustrates a UCS Scrub Policy:


This data can be easily imported with UCS Automation tools such as the UCS Python SDK, UCS

PowerTool (Microsoft PowerShell library), or goUCS.

Example with UCS PowerTool:

For more information on UCS Automation Tools, including the UCS Platform Emulator (which can be

useful for testing system changes in a “sandbox” environment), visit the UCS Communities Page:

http://communities.cisco.com/ucs

Direct link to information on the UCS Platform Emulator:

http://communities.cisco.com/ucspe

About Symantec:

Symantec is a global leader in providing security, storage, and systems management solutions to help consumers and organizations secure and manage their information-‐driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored.

Headquartered in Mountain View, Calif., Symantec has operations in 40 countries. More information is available at www.symantec.com.

For specific country offices and

contact numbers, please visit our Web

site: www.symantec.com

Symantec Corporation

World Headquarters

350 Ellis Street

Mountain View, CA 94043 USA

+1 (650) 527 8000

+1 (800) 721 3934

Copyright © 2014 Symantec Corporation. All rights reserved. Symantec and the Symantec logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

White!Paper! Protect Your Cisco UCS Domain with Symantec...

Documents

Transcript of White!Paper! Protect Your Cisco UCS Domain with Symantec...