Prerequisites for collection from Cohesity NetBackup deployed on Kubernetes clusters
This section describes the portal configurations required, before adding a Cohesity NetBackup policy, when Cohesity NetBackup is deployed on Kubernetes clusters in the cloud and it is using the cloud resources to perform backups.
Since Cohesity NetBackup is deployed on Kubernetes clusters, it must communicate with the Data Collector using SSH key-based authentication.
- Generate an SSH public/private key pair. This key will be required later during configuration. To generate this key pair, run the ssh-keygen command on a Linux system or an equivalent command on Windows.
Save the public and private key pair along with the passphrase used while generating the key, as you will need to provide the private key path and the passphrase while creating the NetBackup Collection policy in IT Analytics Portal.
- Copy the public key to the itAnalyticsPublicKey spec of the Environment Custom Resource
environment.yaml. You can find this file on the jumpserver that was used to create the initial NetBackup setup on Kubernetes cluster. - Apply the update to itAnalyticsPublicKey spec using kubectl apply -f environment.yaml. The
environment.yamlfile is available on the jumpserver used to create the NetBackup primary server setup on Kubernetes cluster.Alternatively, if the jumpserver is not accessible, use kubectl edit environment <environment_name> -n <namespace> command to edit the environment to add the public key to the itAnalyticsPublicKey sec
- On a successful deployment, describe the Environment Custom Resource using kubectl describe PrimaryServer <primary-server-name> -n <namespace>.
This API key is required when you add or edit a Cohesity NetBackup primary server for the Cohesity NetBackup policy configuration. This API key is essential especially when IT Analytics has to collect metrics from NetBackup deployed on Kubernetes clusters in the cloud.
See the Manage API keys section from the NetBackup Web UI Security Administrator's Guide for steps to get the API key.
If the Firewall of the NetBackup primary server is turn on, follow these steps to communicate through the Firewall port:
- Open and edit the file
/etc/firewalld/zones/public.xml. - Add the following lines in the file:
<service-name="https"/> <port protocol = "tcp" port="1556">
- Save the file.