This section provides a high-level overview of the steps required to set up standard replication between a backup system and replication system. These procedures refer to the backup system as the source and replication system as the target. Replication setup requires you to access the Replication Wizard in both the source and target systems. This guide divides the replication setup into several parts that minimize the need for switching between the source and the target systems.
Before beginning the setup process, perform the following:
| 1 | See Replication requirements to verify that all requirements have been met for the source and target systems. |
| 2 | Make sure you know the hostname and IP address for both the source and target systems. To view a system’s hostname in the Administrator Interface, select Settings > Clients, Networking, and Notifications > Networks > Hostname. |
| 3 | Make sure the IP addresses and ports in use on your network will not conflict with the default settings for the secure tunnel that you will create for optimized, secure communication between the source and target systems. The secure tunnel uses the following settings: |
| • | Secure Tunnel IP: 172.17.3.0 |
| • | Netmask: 255.255.255.0 |
| • | Port: 1194 |
If the network settings conflict with your environment, you can change them when creating the secure tunnel as part of the setup process.
Important! Do not use this procedure for systems running version 7.0 or 7.1.x. Upgrade to the latest release or, if this is not possible, configure replication as described in KB 3174. Do not use this procedure for source systems that are configured for legacy vaulting. If your system is vaulting data, see Upgrading from legacy vaulting to replication.
To set up standard replication between a source and target
A high-level overview of the standard replication setup process is given here. Proceed to the sections that follow for detailed procedures associated with each high-level step.
Note: Use the Replication Wizard for easy setup. If you are familiar with setting up replication from the WAN Settings or Secure Tunnel settings page, this is still supported. For details on using these pages, see KB 3174
| Step 1: | Configure encryption on the replication target |
Configure encryption on the replication target
In replicating systems, backups that are encrypted on the source are encrypted on the target using the target system's key. If encryption is not configured on the target, replication of encrypted backups fails. Once encryption is configured, the target can receive both encrypted and non-encrypted backups from source systems for replication.
| Step 2: | (Optional) Add a logical device to associate with a source system |
Add a logical device to associate with a source system
When setting up replication, adding a logical device is optional. If you do not add a logical device, replicated backups are stored on the default backup device. This works just fine, especially for targets with one replicating source system.
For targets with multiple replicating sources, you can opt to associate sources with specific logical devices. You can associate each source with its own device, or associate multiple sources to a given device, grouping them as desired. If you do not define associations, replicated backups for all sources are stored together on the default device.
Before adding a logical device that will be associated to a source system, note the following requirements and considerations:
| • | The device must support deduplication. Unitrends’ devices support deduplication by default. Note that if you have disabled deduplication, logical device association to a source is not supported. |
| • | The device must be at least 128 GB in size to be used for replicated backup storage. When associating a device to the source system, only devices that meet this size requirement display in the list. |
| • | Once a device is associated to a source, you can remove or modify the association at any time. |
| • | Upon removing the association, subsequent jobs are written to the default backup device. Jobs in progress are not impacted, they are written to the original device. |
| • | Upon modifying the association, subsequent jobs are written to the newly specified device. Jobs in progress are not impacted, they are written to the original device. |
| • | Upon changing the default device (designating another device as the new default), the new default is used for all sources for which an association is NOT defined. No change is made to sources that have been explicitly associated with a device. |
| • | Replicated backups remain on the device to which they were originally written. Modifying or removing an association does not migrate existing replicated backups. |
To create a logical device for a replication source
Add a logical device to the replication target as described in To add a device. You will associate the source to this device later in the replication setup procedure.
test
| Step 3: | Configure the source system role and grant privilege to the target for remote management |
Configure the source system role and grant privilege to the target for remote management
In standard replication, one system acts as a source, and a second system acts as a target. For a target or a management system to remotely manage a local backup system, the backup system has to explicitly grant privilege to the manager. This is done to secure a two-way handshake between the manager and the managed system. As part of the setup process, you will create a secure tunnel for optimized, secure communication between the source and target systems. For more details about remote management, see Granting privilege for remote management. For more details about secure tunnels, see About replication.
Begin replication setup by configuring the role of the source system and granting privilege to the target for remote management.
Note: To use the Replication Wizard, it is best to connect to both the source and target systems in separate tabs in the same browser. The setup steps require that you switch from one system to the other at various points.
To configure the system role for the source
| 1 | Verify that all requirements have been met for the source and target systems. See Replication requirements. |
| 2 | Open a browser and connect to the source system. |
Select Replication > Replication Wizard. On the welcome screen, click Next to begin replication setup.
| 3 | The wizard asks how you would like to configure the system. Click Replication Source so it is highlighted. Click Next. |
To grant the remote management privilege
| 4 | The wizard asks you to select a target for the source system’s replicated backups. Perform one of the following: |
| • | If the target has not been added to the source system’s hosts file, select Add a New Target in the drop-down menu. Enter the hostname and IP address of the replication target in the specified fields. Be sure to enter the hostname exactly as it displays in the hosts file on the replication target system. Click Next. |
| • | If the replication target has already been added, select it in the drop-down menu. Click Next. |
| 5 | Check the box that reads I agree that target can manage my system. This allows the target system to manage the source system. Click Next to proceed with generating a secure tunnel certificate request. |
| 6 | Click Generate Request. This generates a certificate signing request file. Click Okay, and save the file <source>.csr in a convenient location. |
To continue with replication setup, you must configure the system role for the target and accept management privileges, as explained in Configure the target system role and create a secure tunnel.
| Step 4: | Configure the target system role and create a secure tunnel |
Configure the target system role and create a secure tunnel
After configuring the system role for the source and granting management privilege to the target, you must configure the system role for the target and create a secure tunnel between the source and target systems. For more information about secure tunnels, see About replication.
To configure the system role for the target
| 1 | Verify that all requirements have been met for the source and target systems. See Replication requirements. |
| 2 | Open a browser and connect to the target system. |
| 3 | Select Replication > Replication Wizard. On the welcome page, click Next to begin replication setup. |
| 4 | The wizard asks how you would like to configure the system. Click Replication Target so it is highlighted. Click Next. |
| 5 | If you have not configured the system as a replication target, the wizard prompts you to change the installation type. Select Install as a vault (a replication target for some other local backup system.). (If you have already configured the system as a replication target, the wizard skips to the next step.) ClickNext. |
To create a secure tunnel
| 6 | The wizard asks you to select a source to replicate to the target. Perform one of the following: |
| • | If the replication source has not been added to the target system’s hosts file, select Add a New Source from the drop-down menu. Enter the hostname and IP address of the replication source in the specified fields. Be sure to enter the hostname exactly as it displays in the hosts file on the replication target system. Click Next to view the Create a Secure Tunnel Target step. |
| • | If the source has already been added, select it in the drop-down menu. Click Next to view the Create a Secure Tunnel Target step. |
| 7 | At the top of the Create a Secure Tunnel target page, the network settings for the connection display. These settings are used to create the secure tunnel interface. Use the default IP, subnet, and port unless these settings cause a conflict in your environment. If necessary, enter your own values. Click Create a Secure Tunnel Target. |
| 8 | A message displays asking if you are sure you want to proceed. Once you create a secure tunnel, this procedure cannot be undone. If you are ready to create a secure tunnel, click Yes to proceed with signing the secure tunnel certificate request. |
Note: If the replication setup process is interrupted after Step 7, the wizard skips this step when you start over with the setup process. This is not an error, as a secure tunnel can only be created once. When the wizard skips this step, proceed to Step 8.
| 9 | Click Sign Request. You are prompted to browse and open the file called <source>.csr you saved earlier. By opening the file, you sign the certificate. Click Okay and save the signed certificate file, called <source>.<target>.crt, in a convenient location. |
| 10 | You are prompted to save the Certificate Authority file. Click Okay and save the file called <target>-ca.crt in a convenient location. |
| 11 | You are prompted to send the certificate files and other information to the source system for final configuration. Click Okay. |
To continue with replication setup, you must return to the replication wizard on the source system and proceed to Configure the secure tunnel and add the source system to the target.
| Step 5: | Configure the secure tunnel and add the source system to the target |
Configure the secure tunnel and add the source system to the target
Perform these steps to configure the secure tunnel and add the source system to the target.
To configure the secure tunnel
| 1 | Switch to the source system in your browser to view the Configure the Secure Tunnel on the Source System step. Click Complete Configuration. |
| 2 | You see a message asking you to complete the Secure Tunnel configuration and sign the Source System Certificate. Click Okay. |
| 3 | You are prompted to browse and open the <target>-ca.crt file. When you open the file, a message displays stating that you have successfully loaded the CA certificate. |
| 4 | Click Okay to load the signed Secure Tunnel certificate. You are prompted to browse and open the <source>.<target>.crt file. Open this file to complete Secure Tunnel configuration on the source system. Click Okay to acknowledge that the configuration is complete. |
Note: If you have previously created a secure tunnel between the source and target, a message displays stating that the source has already been configured as an OpenVPN client of the target. Click Okay, and proceed to the next step.
| 5 | Click Next to continue. The replication wizard instructs you to return to the target system to continue with the setup. |
To add the source system to the target
| 6 | Switch to the target system in your browser. Click Next to view the Add Source System to Target step. In the drop-down menus, select a customer and location for the source system or use the default values provided. If you have multiple backup devices on the target system, select the device where you would like backups to replicate. Click Next. |
| 7 | The wizard now asks if you would like to configure attributes on the source system. You can tune the source system to perform optimally given the bandwidth available for replication. You can also configure clients and applications for replication. The wizard allows you to perform these configurations from either system, but to simplify the setup process, these instructions ask you to configure attributes through the source. On the target, select The replication attributes of source are already setup, and I am done. (You will still be able to configure attributes on the source system.) Click Next. |
| 8 | The wizard informs you that replication is complete. Click Finish to complete the Replication Wizard setup for the target system. You must now return to the source system to complete the replication setup. Proceed to Tune replication attributes on the source system. |
| Step 6: | Tune replication attributes on the source system |
Tune replication attributes on the source system
From the source system, configure replication attributes using the steps below.
To set replication attributes on the source system
| 1 | Switch to the source system in your browser. You see the Add Source System to target step. Click Next to begin configuring attributes. |
| 2 | Select I would like to configure the replication attributes of the source system, click Next. |
| 3 | In the Replication Report Options section, enter the following to receive email reports: |
| • | The time to receive the report in the Time to Send Report field. |
| • | The email address in the Report Email Address field. |
Note: If you want to receive an email Replication report, you must enter values in each of these fields.
| 4 | In the Bandwidth and Throttling Options section, configure the following: |
| • | Connection Type – The connection’s theoretical physical bandwidth. If your specific connection is not in the list, pick the closest upstream bandwidth match. |
| • | Connection Effective Bandwidth – What you expect the actual bandwidth of the physical connection to be. |
| • | Throttling Settings – Use the grid to configure settings. |
Throttling is simply the act of responsibly sharing the bandwidth of the WAN by which the Unitrends’ target provides replication and disaster recovery services. Set the weekly replication schedule using the graphical tool consisting of 7x24 small boxes that represent each hour of the week.
Multiple throttling scenarios can be configured. Select the throttle percentage, then click and drag the mouse pointer to highlight the days and times to use the selected percentage. Perform this step as many times as needed to fully configure throttling scenarios. The percentage you select uses X percent of the Connection Effective Bandwidth you set above for replication.
Note: Throttling is enforced in one-second intervals. There could be spikes in bandwidth consumed within a fraction of a second causing utilization to exceed the level you set here.
| 5 | Click Next to accept the settings. The Configure Replication of the Source’s Clients step displays. Proceed to Configure clients and applications for replication. |
| Step 7: | Configure clients and applications for replication |
Configure clients and applications for replication
A backup for a client is replicated if the following conditions are satisfied:
| • | Replication is enabled for the client or its application backups. See To configure clients and applications for replication for details. |
| • | The client backups are located on a backup disk device. |
| • | The client backups are successful. |
To configure clients and applications for replication
| 1 | Use the check boxes to select all clients whose backups are to be replicated to the target system. Once you select a client, all subsequent file-level and bare metal backups will replicate. Click Next. |
The system applies the replication settings to all clients you have selected. This process can take a few seconds to several minutes depending on the number of clients you selected.
Note: Clients hosting NDMP volumes, virtual machines, or application such as Exchange, Oracle, or SQL must be configured for replication in the next step. Backups of NDMP volumes, virtual machines, and application databases will not replicate if you configure only the client and not the application.
| 2 | Select applications whose backups are to be replicated to the target system. Use the Navigation pane on the left to select an application, then use the check boxes to select the databases, virtual machines, and NDMP volumes to replicate. After making all desired selections, click Next. |
Note: If you add databases, virtual machines, or NDMP volumes to your backup system after setting up replication, their backups will not automatically replicate. You must configure them for replication using the procedure described in To replicate application backups.
| 3 | The replication wizard informs you that replication setup is complete. Click Finish to complete the Replication Wizard setup. |
You are finished with replication setup. For clients and applications that you have selected for replication, all successful backups completed after replication setup will be replicated to the target system. The replication queue scheme is set to Recency, so the most recent backups are replicated first. This is the recommended approach, but you can change the setting to Maximum Retention, where backups are added to the end of the replication queue as they complete, or Manual, which enables you to add backups to the replication queue manually. For details, see Configuring connection options and process control.
It is also recommended that for large data sets you seed the initial data set to the target using removable media. This greatly reduces the time required to replicate the first backups. For details, see Seeding the initial data set.