Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. NetBackup™ Deployment Guide for Azure Kubernetes Services (AKS) Cluster
  5. Deployment with environment operators
  7. About deployment with the environment operator
  9. Prerequisites
NetBackup™ Deployment Guide for Azure Kubernetes Services (AKS) Cluster

Prerequisites

Ensure that the following prerequisites are met before proceeding with the deployment.

  • A Kubernetes cluster in Azure Kubernetes Service in Azure with multiple nodes. Using separate node pool is recommended for the NetBackup servers, MSDP Scaleout deployments and for different media server objects. It is required to have separate node pool for Snapshot Manager data plane.

  • Taints and tolerations allows you to mark (taint) a node so that no pods can schedule onto it unless a pod explicitly tolerates the taint. Marking nodes instead of pods (as in node affinity/anti-affinity) is particularly useful for situations where most pods in the cluster must avoid scheduling onto the node.

    Taints are set on the node pool while creating the node pool in the cluster. Tolerations are set on the pods.

    To use this functionality, user must create the node pool with the following detail:

    • Add a label with certain key value. For example key = nbpool, value = nbnodes

    • Add a taint with the same key and value which is used for label in above step with effect as NoSchedule.

      For example, key = nbpool, value = nbnodes, effect = NoSchedule

  • Define storage class of AzureFiles and Azure managed disks for primary and Azure managed disks for media and MSDPX.

  • Access to a container registry that the Kubernetes cluster can access, like an Azure Kubernetes Service Container Registry.

  • Enable AKS Uptime SLA. AKS Uptime SLA is recommended for a better resiliency. For information about AKS Uptime SLA and to enable it, see Azure Kubernetes Service (AKS) Uptime SLA.

  • Install Cert-Manager. You can use the following command to install the Cert-Manager:

    $ kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.6.0/cert-manager.yaml

    For details, see https://cert-manager.io/docs/installation/

  • A workstation or VM running Linux with the following:

    • Configure kubectl to access the cluster.

    • Install Azure CLI to access Azure resources.

    • Configure docker to be able to push images to the container registry.

    • Free space of approximately 8.5GB on the location where you copy and extract the product installation TAR package file. If using docker locally, there should be approximately 8GB available on the /var/lib/docker location so that the images can be loaded to the docker cache, before being pushed to the container registry.

Feedback

Was this page helpful?
Previous

About deployment with the environment operator

Next

Contents of the TAR file

Feedback

Was this page helpful?