配置eBackup备份代理

1. 以“root”账号登录待配置的eBackup服务器。

   “root”账号初始密码为“Cloud12#$”。

   使用跨平台访问工具登录，或在VMware vSphere Client工具中的控制台登录。

2. 执行cd 备份软件安装包所在目录命令进入初始配置脚本目录。

   备份软件安装包所在目录为/opt/eBackup_8.0.0-LHC01/action。

3. 执行sh ebackup_utilities.sh config命令，开始进行初始化配置。

   回显如下信息。

   Please select network type for this machine: 1.ipv4 2.ipv6

4. 输入“1”，按“Enter”。

   1Please select a role for this machine: 1.Backup Server  2.Backup Proxy  3.Backup Manager  4.Backup Workflow Server 

5. 输入“2”，按“Enter”。

   2===================================================================================================Note:In the following steps you will be required to configure four network planes for eBackup.The definition of each network plane is as follows:Backup management plane: the communication plane for eBackup to provide external services.Internal communication plane: the communication plane between backup server and backup proxy.Production management plane: the communication plane between eBackup and the management plane of the production end.Storage plane: the communication plane between eBackup and the storage plane of the production end and communication plane between eBackup and backup storage.====================================================================================================Set network adapter for 'Backup management' network plane:[1] bond1 MAC=28:6E:D4:88:C6:F2 IP=192.168.1.11 MASK=255.255.254.0 [2] bond2 MAC=28:6E:D4:88:C6:F3 IP=10.10.1.11 MASK=255.255.254.0 Which network adapter from the above list would you like to bind to the 'Backup management' network plane?

6. 配置备份服务器网络平面。
   

   此处需要为备份代理的五个网络平面绑定相应的网卡，具体绑定哪张网卡请根据规划网络中的网络规划进行选择。

   本节以备份代理配置两个网卡，备份管理平面、生产管理平面、内部通信平面、生产存储平面绑定在同一张网卡，备份存储平面绑定在一张网卡为例说明。

   1. 选择备份管理平面需要绑定的网卡，按“Enter”。
      

      如果选择bond1作为备份管理平面需要绑定的网卡，请输入“1”。

      1Set network adapter for 'Internal communication' network plane:[1] bond1 MAC=28:6E:D4:88:C6:F2 IP=192.168.1.11 MASK=255.255.254.0 [2] bond2 MAC=28:6E:D4:88:C6:F3 IP=10.10.1.11 MASK=255.255.254.0 Which network adapter from the above list would you like to bind to the 'Internal communication' network plane?

   2. 选择内部通信平面需要绑定的网卡，按“Enter”。

      1Set network adapter for 'Production management' network plane:[1] bond1 MAC=28:6E:D4:88:C6:F2 IP=192.168.1.11 MASK=255.255.254.0 [2] bond2 MAC=28:6E:D4:88:C6:F3 IP=10.10.1.11 MASK=255.255.254.0 Which network adapter from the above list would you like to bind to the 'Production management' network plane?

   3. 选择生产管理平面需要绑定的网卡，按“Enter”。

      1Set network adapter for 'Production Storage' network plane:[1] bond1 MAC=28:6E:D4:88:C6:F2 IP=192.168.1.11 MASK=255.255.254.0 [2] bond2 MAC=28:6E:D4:88:C6:F3 IP=10.10.1.11 MASK=255.255.254.0 Which network adapter from the above list would you like to bind to the 'Production Storage' network plane?    

   4. 选择生产存储平面需要绑定的网卡，按“Enter”。

      1Set network adapter for 'Backup Storage' network plane:[1] bond1 MAC=28:6E:D4:88:C6:F2 IP=192.168.1.11 MASK=255.255.254.0 [2] bond2 MAC=28:6E:D4:88:C6:F3 IP=10.10.1.11 MASK=255.255.254.0 Which network adapter from the above list would you like to bind to the 'Backup Storage' network plane?

   5. 选择备份存储平面需要绑定的网卡，按“Enter”。

      2Please input the leader IP(The IP of internal communication plane at backup server):

   6. 输入备份服务器的内部通信平面IP地址，按“Enter”。

      192.168.1.10Please input the floating IP address at backup server:

   7. 输入备份服务器的浮动IP地址，按“Enter”。

      192.168.10.12Please enter the public key of the backup server. To obtain the public key, run the following CLI command: show server_public_key.To use the default public key, press Enter.

   8. 输入备份服务器的公钥，按“Enter”。如果使用默认公钥，直接按“Enter”。
      

      在备份代理已完成初始配置后，一旦更换了备份服务器，需要重新配置备份代理。重新配置时，不能使用默认公钥，请参见相关操作获取新的备份服务器公钥。

      回显如下信息，表示配置成功。

      service hcp start:completedYou can access the eBackup UI using the following link. https://backup server's backup management plane:8088 or backup server's backup management planeAlternatively, you can access the eBackup CLI through SSH session.

7. 依次执行以下命令进行安全加固。

   加固后禁止使用“root”账号直接登录，请使用“hcp”账号登录，“hcp”账号的初始密码为“PXU9@ctuNov17!”。

   cd /opt/huawei-data-protection/ebackup/bin/StandardHardening

   echo -e "yes\nyes\n"|./StandardSuseHardening.sh

   

   执行该命令会重启eBackup服务器，如需登录eBackup服务器请您稍后重试。