Skip to main content
NetApp Solutions

Getting started on premises

Contributors kevin-hoke

The NetApp SnapCenter tool uses role based access control (RBAC) to manage user resources access and permission grants, and SnapCenter installation creates prepopulated roles. You can also create custom roles based on your needs or applications.

On Premises

1. Setup database admin user in SnapCenter

It makes sense to have a dedicated admin user ID for each database platform supported by SnapCenter for database backup, restoration, and/or disaster recovery. You can also use a single ID to manage all databases. In our test cases and demonstration, we created a dedicated admin user for both Oracle and SQL Server, respectively.

Certain SnapCenter resources can only be provisioned with the SnapCenterAdmin role. Resources can then be assigned to other user IDs for access.

In a pre-installed and configured on-premises SnapCenter environment, the following tasks might have already have been completed. If not, the following steps create a database admin user:

  1. Add the admin user to Windows Active Directory.

  2. Log into SnapCenter using an ID granted with the SnapCenterAdmin role.

  3. Navigate to the Access tab under Settings and Users, and click Add to add a new user. The new user ID is linked to the admin user created in Windows Active Directory in step 1. . Assign the proper role to the user as needed. Assign resources to the admin user as applicable.

Figure showing input/output dialog or representing written content

2. SnapCenter plugin installation prerequisites

SnapCenter performs backup, restore, clone, and other functions by using a plugin agent running on the DB hosts. It connects to the database host and database via credentials configured under the Setting and Credentials tab for plugin installation and other management functions. There are specific privilege requirements based on the target host type, such as Linux or Windows, as well as the type of database.

DB hosts credentials must be configured before SnapCenter plugin installation. Generally, you want to use an administrator user accounts on the DB host as your host connection credentials for plugin installation. You can also grant the same user ID for database access using OS-based authentication. On the other hand, you can also employ database authentication with different database user IDs for DB management access. If you decide to use OS-based authentication, the OS admin user ID must be granted DB access. For Windows domain-based SQL Server installation, a domain admin account can be used to manage all SQL Servers within the domain.

Windows host for SQL server:

  1. If you are using Windows credentials for authentication, you must set up your credential before installing plugins.

  2. If you are using a SQL Server instance for authentication, you must add the credentials after installing plugins.

  3. If you have enabled SQL authentication while setting up the credentials, the discovered instance or database is shown with a red lock icon. If the lock icon appears, you must specify the instance or database credentials to successfully add the instance or database to a resource group.

  4. You must assign the credential to a RBAC user without sysadmin access when the following conditions are met:

    • The credential is assigned to a SQL instance.

    • The SQL instance or host is assigned to an RBAC user.

    • The RBAC DB admin user must have both the resource group and backup privileges.

Unix host for Oracle:

  1. You must have enabled the password-based SSH connection for the root or non-root user by editing sshd.conf and restarting the sshd service. Password-based SSH authentication on AWS instance is turned off by default.

  2. Configure the sudo privileges for the non-root user to install and start the plugin process. After installing the plugin, the processes run as an effective root user.

  3. Create credentials with the Linux authentication mode for the install user.

  4. You must install Java 1.8.x (64-bit) on your Linux host.

  5. Installation of the Oracle database plugin also installs the SnapCenter plugin for Unix.

3. SnapCenter host plugin installation

Note Before attempting to install SnapCenter plugins on cloud DB server instances, make sure that all configuration steps have been completed as listed in the relevant cloud section for compute instance deployment.

The following steps illustrate how a database host is added to SnapCenter while a SnapCenter plugin is installed on the host. The procedure applies to adding both on-premises hosts and cloud hosts. The following demonstration adds a Windows or a Linux host residing in AWS.

Configure SnapCenter VMware global settings

Navigate to Settings > Global Settings. Select "VMs have iSCSI direct attached disks or NFS for all the hosts" under Hypervisor Settings and click Update.

Figure showing input/output dialog or representing written content

Add Windows host and installation of plugin on the host

  1. Log into SnapCenter with a user ID with SnapCenterAdmin privileges.

  2. Click the Hosts tab from the left-hand menu, and then click Add to open the Add Host workflow.

  3. Choose Windows for Host Type; the Host Name can be either a host name or an IP address. The host name must be resolved to the correct host IP address from the SnapCenter host. Choose the host credentials created in step 2. Choose Microsoft Windows and Microsoft SQL Server as the plugin packages to be installed.

    Figure showing input/output dialog or representing written content

  4. After the plugin is installed on a Windows host, its Overall Status is shown as "Configure log directory."

    Figure showing input/output dialog or representing written content

  5. Click the Host Name to open the SQL Server log directory configuration.

    Figure showing input/output dialog or representing written content

  6. Click "Configure log directory" to open "Configure Plug-in for SQL Server."

    Figure showing input/output dialog or representing written content

  7. Click Browse to discover NetApp storage so that a log directory can be set; SnapCenter uses this log directory to roll up the SQL server transaction log files. Then click Save.

    Figure showing input/output dialog or representing written content

    Note For NetApp storage provisioned to a DB host to be discovered, the storage (on-prem or CVO) must be added to SnapCenter, as illustrated in step 6 for CVO as an example.
  8. After the log directory is configured, the Windows host plugin Overall Status is changed to Running.

    Figure showing input/output dialog or representing written content

  9. To assign the host to the database management user ID, navigate to the Access tab under Settings and Users, click the database management user ID (in our case the sqldba that the host needs to be assigned to), and click Save to complete host resource assignment.

    Figure showing input/output dialog or representing written content

    Figure showing input/output dialog or representing written content

Add Unix host and installation of plugin on the host

  1. Log into SnapCenter with a user ID with SnapCenterAdmin privileges.

  2. Click the Hosts tab from left-hand menu, and click Add to open the Add Host workflow.

  3. Choose Linux as the Host Type. The Host Name can be either the host name or an IP address. However, the host name must be resolved to correct host IP address from SnapCenter host. Choose host credentials created in step 2. The host credentials require sudo privileges. Check Oracle Database as the plug-in to be installed, which installs both Oracle and Linux host plugins.

    Figure showing input/output dialog or representing written content

  4. Click More Options and select "Skip preinstall checks." You are prompted to confirm the skipping of the preinstall check. Click Yes and then Save.

    Figure showing input/output dialog or representing written content

  5. Click Submit to start the plugin installation. You are prompted to Confirm Fingerprint as shown below.

    Figure showing input/output dialog or representing written content

  6. SnapCenter performs host validation and registration, and then the plugin is installed on the Linux host. The status is changed from Installing Plugin to Running.

    Figure showing input/output dialog or representing written content

  7. Assign the newly added host to the proper database management user ID (in our case, oradba).

    Figure showing input/output dialog or representing written content

    Figure showing input/output dialog or representing written content

4. Database resource discovery

With successful plugin installation, the database resources on the host can be immediately discovered. Click the Resources tab in the left-hand menu. Depending on the type of database platform, a number of views are available, such as the database, resources group, and so on. You might need to click the Refresh Resources tab if the resources on the host are not discovered and displayed.

Figure showing input/output dialog or representing written content

When the database is initially discovered, the Overall Status is shown as "Not protected." The previous screenshot shows an Oracle database not protected yet by a backup policy.

When a backup configuration or policy is set up and a backup has been executed, the Overall Status for the database shows the backup status as "Backup succeeded" and the timestamp of the last backup. The following screenshot shows the backup status of a SQL Server user database.

Figure showing input/output dialog or representing written content

If database access credentials are not properly set up, a red lock button indicates that the database is not accessible. For example, if Windows credentials do not have sysadmin access to a database instance, then database credentials must be reconfigured to unlock the red lock.

Figure showing input/output dialog or representing written content

Figure showing input/output dialog or representing written content

After the appropriate credentials are configured either at the Windows level or the database level, the red lock disappears and SQL Server Type information is gathered and reviewed.

Figure showing input/output dialog or representing written content

5. Setup storage cluster peering and DB volumes replication

To protect your on-premises database data using a public cloud as the target destination, on-premises ONTAP cluster database volumes are replicated to the cloud CVO using NetApp SnapMirror technology. The replicated target volumes can then be cloned for DEV/OPS or disaster recovery. The following high-level steps enable you to set up cluster peering and DB volumes replication.

  1. Configure intercluster LIFs for cluster peering on both the on-premises cluster and the CVO cluster instance. This step can be performed with ONTAP System Manger. A default CVO deployment has inter-cluster LIFs configured automatically.

    On-premises cluster:

    Figure showing input/output dialog or representing written content

    Target CVO cluster:

    Figure showing input/output dialog or representing written content

  2. With the intercluster LIFs configured, cluster peering and volume replication can be set up by using drag-and-drop in NetApp Cloud Manager. See "Getting Started - AWS Public Cloud" for details.

    Alternatively, cluster peering and DB volume replication can be performed by using ONTAP System Manager as follows:

  3. Log into ONTAP System Manager. Navigate to Cluster > Settings and click Peer Cluster to set up cluster peering with the CVO instance in the cloud.

    Figure showing input/output dialog or representing written content

  4. Go to the Volumes tab. Select the database volume to be replicated and click Protect.

    Figure showing input/output dialog or representing written content

  5. Set the protection policy to Asynchronous. Select the destination cluster and storage SVM.

    Figure showing input/output dialog or representing written content

  6. Validate that the volume is synced between the source and target and that the replication relationship is healthy.

    Figure showing input/output dialog or representing written content

6. Add CVO database storage SVM to SnapCenter

  1. Log into SnapCenter with a user ID with SnapCenterAdmin privileges.

  2. Click the Storage System tab from the menu, and then click New to add a CVO storage SVM that hosts replicated target database volumes to SnapCenter. Enter the cluster management IP in the Storage System field, and enter the appropriate username and password.

    Figure showing input/output dialog or representing written content

  3. Click More Options to open additional storage configuration options. In the Platform field, select Cloud Volumes ONTAP, check Secondary, and then click Save.

    Figure showing input/output dialog or representing written content

  4. Assign the storage systems to SnapCenter database management user IDs as shown in 3. SnapCenter host plugin installation.

    Figure showing input/output dialog or representing written content

7. Setup database backup policy in SnapCenter

The following procedures demonstrates how to create a full database or log file backup policy. The policy can then be implemented to protect databases resources. The recovery point objective (RPO) or recovery time objective (RTO) dictates the frequency of database and/or log backups.

Create a full database backup policy for Oracle

  1. Log into SnapCenter as a database management user ID, click Settings, and then click Polices.

    Figure showing input/output dialog or representing written content

  2. Click New to launch a new backup policy creation workflow or choose an existing policy for modification.

    Figure showing input/output dialog or representing written content

  3. Select the backup type and schedule frequency.

    Figure showing input/output dialog or representing written content

  4. Set the backup retention setting. This defines how many full database backup copies to keep.

    Figure showing input/output dialog or representing written content

  5. Select the secondary replication options to push local primary snapshots backups to be replicated to a secondary location in cloud.

    Figure showing input/output dialog or representing written content

  6. Specify any optional script to run before and after a backup run.

    Figure showing input/output dialog or representing written content

  7. Run backup verification if desired.

    Figure showing input/output dialog or representing written content

  8. Summary.

    Figure showing input/output dialog or representing written content

Create a database log backup policy for Oracle

  1. Log into SnapCenter with a database management user ID, click Settings, and then click Polices.

  2. Click New to launch a new backup policy creation workflow, or choose an existing policy for modification.

    Figure showing input/output dialog or representing written content

  3. Select the backup type and schedule frequency.

    Figure showing input/output dialog or representing written content

  4. Set the log retention period.

    Figure showing input/output dialog or representing written content

  5. Enable replication to a secondary location in the public cloud.

    Figure showing input/output dialog or representing written content

  6. Specify any optional scripts to run before and after log backup.

    Figure showing input/output dialog or representing written content

  7. Specify any backup verification scripts.

    Figure showing input/output dialog or representing written content

  8. Summary.

    Figure showing input/output dialog or representing written content

Create a full database backup policy for SQL

  1. Log into SnapCenter with a database management user ID, click Settings, and then click Polices.

    Figure showing input/output dialog or representing written content

  2. Click New to launch a new backup policy creation workflow, or choose an existing policy for modification.

    Figure showing input/output dialog or representing written content

  3. Define the backup option and schedule frequency. For SQL Server configured with an availability group, a preferred backup replica can be set.

    Figure showing input/output dialog or representing written content

  4. Set the backup retention period.

    Figure showing input/output dialog or representing written content

  5. Enable backup copy replication to a secondary location in cloud.

    Figure showing input/output dialog or representing written content

  6. Specify any optional scripts to run before or after a backup job.

    Figure showing input/output dialog or representing written content

  7. Specify the options to run backup verification.

    Figure showing input/output dialog or representing written content

  8. Summary.

    Figure showing input/output dialog or representing written content

Create a database log backup policy for SQL.

  1. Log into SnapCenter with a database management user ID, click Settings > Polices, and then New to launch a new policy creation workflow.

    Figure showing input/output dialog or representing written content

  2. Define the log backup option and schedule frequency. For SQL Server configured with a availability group, a preferred backup replica can be set.

    Figure showing input/output dialog or representing written content

  3. SQL server data backup policy defines the log backup retention; accept the defaults here.

    Figure showing input/output dialog or representing written content

  4. Enable log backup replication to secondary in the cloud.

    Figure showing input/output dialog or representing written content

  5. Specify any optional scripts to run before or after a backup job.

    Figure showing input/output dialog or representing written content

  6. Summary.

    Figure showing input/output dialog or representing written content

8. Implement backup policy to protect database

SnapCenter uses a resource group to backup a database in a logical grouping of database resources, such as multiple databases hosted on a server, a database sharing the same storage volumes, multiple databases supporting a business application, and so on. Protecting a single database creates a resource group of its own. The following procedures demonstrate how to implement a backup policy created in section 7 to protect Oracle and SQL Server databases.

Create a resource group for full backup of Oracle

  1. Log into SnapCenter with a database management user ID, and navigate to the Resources tab. In the View drop-down list, choose either Database or Resource Group to launch the resource group creation workflow.

    Figure showing input/output dialog or representing written content

  2. Provide a name and tags for the resource group. You can define a naming format for the Snapshot copy and bypass the redundant archive log destination if configured.

    Figure showing input/output dialog or representing written content

  3. Add database resources to the resource group.

    Figure showing input/output dialog or representing written content

  4. Select a full backup policy created in section 7 from the drop-down list.

    Figure showing input/output dialog or representing written content

  5. Click the (+) sign to configure the desired backup schedule.

    Figure showing input/output dialog or representing written content

  6. Click Load Locators to load the source and destination volume.

    Figure showing input/output dialog or representing written content

  7. Configure the SMTP server for email notification if desired.

    Figure showing input/output dialog or representing written content

  8. Summary.

    Figure showing input/output dialog or representing written content

Create a resource group for log backup of Oracle

  1. Log into SnapCenter with a database management user ID, and navigate to the Resources tab. In the View drop-down list, choose either Database or Resource Group to launch the resource group creation workflow.

    Figure showing input/output dialog or representing written content

  2. Provide a name and tags for the resource group. You can define a naming format for the Snapshot copy and bypass the redundant archive log destination if configured.

    Figure showing input/output dialog or representing written content

  3. Add database resources to the resource group.

    Figure showing input/output dialog or representing written content

  4. Select a log backup policy created in section 7 from the drop-down list.

    Figure showing input/output dialog or representing written content

  5. Click on the (+) sign to configure the desired backup schedule.

    Figure showing input/output dialog or representing written content

  6. If backup verification is configured, it displays here.

    Figure showing input/output dialog or representing written content

  7. Configure an SMTP server for email notification if desired.

    Figure showing input/output dialog or representing written content

  8. Summary.

    Figure showing input/output dialog or representing written content

Create a resource group for full backup of SQL Server

  1. Log into SnapCenter with a database management user ID, and navigate to the Resources tab. In the View drop-down list, choose either a Database or Resource Group to launch the resource group creation workflow. Provide a name and tags for the resource group. You can define a naming format for the Snapshot copy.

    Figure showing input/output dialog or representing written content

  2. Select the database resources to be backed up.

    Figure showing input/output dialog or representing written content

  3. Select a full SQL backup policy created in section 7.

    Figure showing input/output dialog or representing written content

  4. Add exact timing for backups as well as the frequency.

    Figure showing input/output dialog or representing written content

  5. Choose the verification server for the backup on secondary if backup verification is to be performed. Click Load Locator to populate the secondary storage location.

    Figure showing input/output dialog or representing written content

  6. Configure the SMTP server for email notification if desired.

    Figure showing input/output dialog or representing written content

  7. Summary.

    Figure showing input/output dialog or representing written content

Create a resource group for log backup of SQL Server

  1. Log into SnapCenter with a database management user ID, and navigate to the Resources tab. In the View drop-down list, choose either a Database or Resource Group to launch the resource group creation workflow. Provide the name and tags for the resource group. You can define a naming format for the Snapshot copy.

    Figure showing input/output dialog or representing written content

  2. Select the database resources to be backed up.

    Figure showing input/output dialog or representing written content

  3. Select a SQL log backup policy created in section 7.

    Figure showing input/output dialog or representing written content

  4. Add exact timing for the backup as well as the frequency.

    Figure showing input/output dialog or representing written content

  5. Choose the verification server for the backup on secondary if backup verification is to be performed. Click the Load Locator to populate the secondary storage location.

    Figure showing input/output dialog or representing written content

  6. Configure the SMTP server for email notification if desired.

    Figure showing input/output dialog or representing written content

  7. Summary.

    Figure showing input/output dialog or representing written content

9. Validate backup

After database backup resource groups are created to protect database resources, the backup jobs runs according to the predefined schedule. Check the job execution status under the Monitor tab.

Figure showing input/output dialog or representing written content

Go to the Resources tab, click the database name to view details of database backup, and toggle between Local copies and mirror copies to verify that Snapshot backups are replicated to a secondary location in the public cloud.

Figure showing input/output dialog or representing written content

At this point, database backup copies in the cloud are ready to clone to run dev/test processes or for disaster recovery in the event of a primary failure.