IBM Support

File indexing and restore requirements: IBM Spectrum Protect Plus V10.1.5

Preventive Service Planning


Abstract

This document details the file indexing and restore requirements for IBM Spectrum Protect Plus V10.1.5.

Content

This document is divided into linked sections for ease of navigation. Use the following links to jump to the section of the document that you require:


General

  • iSCSI disks that are directly mapped to the guest operating system will not be indexed. Supported volumes include virtual machine disk (VMDK) or virtual machine disk (VMDK) volumes that are mounted through the configuration of the associated virtual machine.

  • The amount of free space required for the metadata in the catalog depends on the total number of files in the environment.  To catalog 1 million files, the catalog volume in the IBM Spectrum Protect Plus appliance requires roughly 350 MB of free space per retained version. The space used by file indexing metadata is reclaimed when the corresponding backup instances expire.



 


VMware requirements

In the virtual machine settings under Advanced Configuration, the disk.EnableUUID parameter must be set to true.



 


Windows requirements

Supported operating systems
  • Windows Server 2008 R2
  • Windows Server 2012 R2 and Windows Server 2012R2 core
  • Windows Server 2016 and Windows Server 2016 core
  • Windows Server 2019 and Windows Server 2019 core
Supported file systems
  • New Technology file system (NTFS)
  • Resilient file system (ReFS)
  • File allocation table (FAT)
Supported disk storage types Basic disks with the following partitions:
  • MBR (Master Boot Record)
  • GPT (GUID Partition Table)
Restriction: You cannot back up or restore files on dynamic disks.


 

  • IBM Spectrum Protect Plus supports only the operating systems that are to your hypervisors. Review your hypervisor documentation for information about supported operating systems.
  • File indexing and restore operations support SCSI disks in a Hyper-V environment. Integrated Drive Electronics (IDE) disks are not supported. Generation 1 virtual machines require IDE boot disks; however, if more SCSI disks are available, file indexing and restore operations are supported on those disks.
  • Windows Remote Shell (WinRM) must be enabled.
    Important: IBM Spectrum Protect Plus can protect and restore virtual machines with other file systems, but only the previously listed file systems are eligible for file indexing and restore.
  • When files are indexed in a Windows environment, the following directories on the resource are skipped:
    \Program Files
    \Program Files (x86)
    \Windows
    \winnt
    Files within these directories are not added to the IBM Spectrum Protect Plus inventory and are not available for file recovery.
  • Ensure that the latest version of VMware Tools is installed on VMware virtual machines, and Hyper-V Integration Services is installed on your Hyper-V virtual machines.
  • File indexing and file restore of a Windows VM require that the Windows Powershell binary path is set in the %PATH% environment variable.
  • Encrypted Windows file systems are not supported for file cataloging or file restore.
  • Ensure that the 64-bit Microsoft Visual C++ 2008 SP1 Redistributable Package is installed on the VM guest machine, before you start restore operation from a backup image.
  • File indexing and file restore are not supported from restore points that were offloaded to cloud resources or repository servers.
  • When restoring files in a Resilient File System (ReFS) environment, restores from newer versions of Windows Server to earlier versions are not supported. For example, restoring a file from Windows Server 2016 to Windows Server 2012.
  • File cataloging, backup, point-in-time restores, and other operations that start the Windows agent fail if a non-default local administrator is entered as the Guest OS username when defining a backup job. A non-default local administrator is any user that has been created in the guest OS and has been granted the administrator role.
    This occurs if the registry key LocalAccountTokenFilterPolicy in [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] is set to 0 or not set. If the parameter is set to 0 or not set, a local non-default administrator cannot interact with WinRM, which is the protocol IBM Spectrum Protect Plus uses to install the Windows agent for file cataloging, send commands to this agent, and get results from it.
    Set the LocalAccountTokenFilterPolicy registry key to 1 on the Windows guest that is being backed up with Catalog File Metadata enabled. If the key does not exist, navigate to [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] and add a DWord Registry key named LocalAccountTokenFilterPolicy with a value of 1.


Space requirements

  • The C:\ drive must have sufficient temporary space to save the file indexing results.
  • When file systems are indexed, temporary metadata files are generated under the /tmp directory and are deleted when the indexing is complete. The amount of free space required for the metadata depends on the total number of files in the system. Ensure that there is approximately 350 MB of free space per 1 million files.


Connectivity requirements

  • The hostname of the IBM Spectrum Protect Plus appliance should be resolvable from the Windows virtual machine.
  • The Internet Protocol (IP) address of the virtual machine selected for indexing must be visible to the vSphere client or Hyper-V Manager.
  • The Windows virtual machine selected for indexing must allow outgoing connections to port 22 (SSH) on the IBM Spectrum Protect Plus appliance.
  • All firewalls must be configured to allow IBM Spectrum Protect Plus to connect to the server through WinRM.


Authentication and privilege requirements

The credentials specified for the virtual machine must include a user with the following privileges:

  • The user identity must have the "Log on as a service" right, which is assigned through the Administrative Tools control panel on the local server (Local Security Policy > Local policies > User Rights Assignment > Log on as a service).
    For more information about the "Log on as a service" right, see Add the Log on as a service Right to an Account
  • The default security policy uses the Windows NTLM protocol, and the user identity follows the default domain\Name format if the Hyper-V virtual machine is attached to a domain. The format local administrator is used if the user is a local administrator. Credentials must be established for the associated virtual machine through the Guest OS user name and Guest OS password option within the associated backup job definition.
  • The system login credential must have the permissions of the local administrator.


Kerberos requirements

  • Kerberos-based authentication can be enabled through a configuration file on the IBM Spectrum Protect Plus appliance. This setting overrides the default Windows NTLM protocol. Kerberos does not allow local user accounts to be used and is suitable only for environments in which all virtual machines are on a single domain.
  • For Kerberos-based authentication only, the user identity must be specified in the username@FQDN format. The specified user must be able to authenticate by using the registered password to obtain a ticket-granting ticket (TGT) from the key distribution center (KDC) on the domain specified by the fully qualified domain name.
  • Kerberos authentication also requires that the clock skew between the Domain Controller and the IBM Spectrum Protect Plus appliance is less than 5 minutes. The default Windows NTLM protocol is not time-dependent.



 


Linux requirements

Supported operating systems
  • Red Hat Enterprise Linux® (RHEL) 6.4 and later maintenance and modification levels
  • CentOS 6.4 and later maintenance and modification levels
  • RHEL 7.0 and later maintenance and modification levels
  • CentOS 7.0 and later maintenance and modification levels
  • SUSE Linux Enterprise Server 12.0 and later maintenance and modification levels
Supported file systems
  • ext2
  • ext3
  • ext4
  • XFS


 

  • A file system created on a newer kernel version might not be mountable on a system with an older kernel, in which case restoring files from the newer to the older system is not supported.

  • IBM Spectrum Protect Plus supports only the operating systems available to your hypervisors. Review your hypervisor documentation for information about supported operating systems.
    IBM Spectrum Protect Plus can protect and restore virtual machines with other file systems, but only the previously listed file systems are eligible for file indexing and restore operations.

  • When file indexing is performed in a Linux environment, the following directories on the resource are skipped:
    /tmp
    /usr/bin
    /Drivers
    /bin
    /sbin

  • Files in virtual file systems like /proc, /sys, and /dev are also skipped. Files within these directories are not added to the IBM Spectrum Protect Plus inventory and are not available for file recovery.


Space requirements

  • The system disk must have sufficient temporary space to save the file indexing results.
  • When file systems are indexed, temporary metadata files are generated under the /tmp directory and then deleted when the indexing is complete. The amount of free space required for the metadata depends on the total number of files in the system. Ensure that there is approximately 350 MB of free space is available per 1 million files.


Software requirements

  • Red Hat Enterprise Linux / CentOS 6.x only:
    Ensure that the util-linux-ng package is current by running the following command:
    yum update util-linux-ng
  • Depending on your version or distribution, the package might be named util-linux.
  • If data resides on LVM volumes, ensure that the LVM version is 2.0.2.118 or later.
    Run the lvm version command to check the version and run the yum update lvm2 to update the package if necessary.
  • If data resides on LVM volumes, the lvm2-lvmetad service must be disabled, as it can interfere with the ability of IBM Spectrum Protect Plus to mount and resignature volume group snapshots and clones. To disable the service, complete the following steps:
    1. Run the following commands:
      systemctl stop lvm2-lvmetad
      systemctl disable lvm2-lvmetad
    2. Edit the /etc/lvm/lvm.conf and specify the following setting: use_lvmetad = 0
      For more information, see The Metadata Daemon (lvmetad)
  • If data resides on XFS file systems and the version of xfsprogs is between 3.2.0 and 4.1.9, the file restore operation can fail due to a known issue in xfsprogs that causes corruption of a clone or snapshot file system when its UUID is modified. To resolve this issue, update xfsprogs to version 4.2.0 or later. For more information, see Debian Bug report logs


Connectivity requirements

The SSH service must be running on port 22 on the server, and any firewalls must be configured to allow IBM Spectrum Protect Plus to connect to the server through Secure Shell (SHH). The secure file transfer protocol (SFTP) subsystem for SSH must also be enabled.


Authentication and privilege requirements

The credentials specified for the virtual machine must specify a user that has the following sudo privileges:

  • The sudoers configuration must allow the user to run commands without a password.
  • The !requiretty setting must be specified.


The recommended approach is to create a dedicated IBM Spectrum Protect Plus agent user with the following privileges. Sample configuration:

  • Create user by using the command:
    useradd -m sppagent
    Where sppagent specifies the IBM Spectrum Protect Plus agent user
  • Set a password by using the command:
    passwd <sppagent>


Place the following lines at the end of your sudoers configuration file, typically: /etc/sudoers.
If your existing sudoers file is configured to import configurations from another directory (for example: /etc/sudoers.d), you can also place the lines in a new file in that directory:
Defaults: sppagent !requiretty
sppagent ALL=(root) NOPASSWD:ALL



 

[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSNQFQ","label":"IBM Spectrum Protect Plus"},"Component":"Not Applicable","Platform":[{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"10.1.5","Edition":"","Line of Business":{"code":"LOB26","label":"Storage"}}]

Document Information

Modified date:
24 November 2020

UID

ibm11071902

Page Feedback