> Software > Cleanroom recovery > Configuration

Modify settings for a cleanroom site

Settings you can modify for a cleanroom site include recovery options and infrastructure (access node scaling) settings.

Start the edit cleanroom site wizard

  1. In the Command Center navigation pane, go to Security services > Cleanroom.

  2. On the Cleanroom sites tab, click the cleanroom site.

  3. In the upper-right area of the page, click Edit cleanroom site.

General page

  • Destination hypervisor: The Amazon EC2 hypervisor that instances are recovered to.

  • Access node: The access node or access nodes that perform recovery operations. When set to Automatic, Commvault selects the best access nodes, given the operation.

  • Security: The user or group permissions applied to this cleanroom site configuration, controlling who can initiate and manage recoveries.

  • Resource display name: A prefix or suffix for the names of recovered resources, to distinguish them from production resources.

  • Resource provisioning: Specifies whether to have Commvault create resources or to create your own resources.

    For details about Commvault-created resources, see Resources automatically created in your AWS or Commvault account for cleanroom recovery.

Recovery options page

Modify the settings as needed.

  • Availability Zone: The AWS Availability Zone where recovered instances will be launched.

  • Instance type: The EC2 instance size used for recovered workloads. When set to Automatic, Commvault selects an instance type based on source configuration and availability.

  • Key pair: The EC2 key pair associated with recovered instances for secure SSH access. If none is selected, no key-based login is configured.

  • IAM role for Amazon EC2: The IAM role attached to recovered EC2 instances, granting permissions to access AWS services such as S3 or CloudWatch.

  • Network: The virtual private cloud (VPC) into which recovered instances are deployed. You can have Commvault create a new network or select an existing VPC.

  • Network: The virtual private cloud (VPC) into which recovered instances are deployed. You can have Commvault a new network or select an existing VPC.

  • Security groups: The firewall rules applied to recovered instances, controlling inbound and outbound traffic.

  • Volume type: The Amazon EBS volume type used for attached disks (for example, general purpose SSD). When set to Automatic, Commvault selects the volume type based on source or recommended settings.

  • KMS key: The AWS Key Management Service (KMS) key used to encrypt EBS volumes attached to recovered instances.

  • Tenancy: Specifices whether instances run on shared hardware (default tenancy) or dedicated hardware, based on AWS tenancy settings.

Infrastructure page

Modify the settings as needed.

  • Max access nodes per workload type in a recovery group: The upper limit on the number of access nodes that can be automatically created (scaled) for each workload type in the recovery group.

  • Network: The VPC configuration for new access nodes.

  • Security groups: The security groups attached to new access nodes.

  • Create public IP address: Specifies whether new access nodes are assigned a public IP address.

  • Workload server group: The server group that recovered workload instances are assigned to.

  • IAM role for Amazon EC2: The IAM role for new access nodes.

  • Default instance type: The default EC2 instance type of new access nodes.

  • Create custom image: Specifies whether a custom machine image is used for new access nodes. If disabled, a default system image is used.

Advanced options page

Modify the settings as needed.

  • Virtual private cloud: The overall VPC CIDR block for the cleanroom site.

  • Resource: The subnet CIDR range for recovered workload resources.

  • Infrastructure: The subnet CIDR range for infrastructure components such as access nodes.

  • Endpoint subnet: The subnet CIDR range used for VPC endpoints.

  • NAT subnet: The subnet CIDR range used for Network Address Translation (NAT) resources to enable outbound internet access.

  • Security group rules

    • Type: The protocol or traffic type (for example, SSH, HTTPS, custom TCP).

    • Direction: The direction of traffic (inbound or outbound) the rule applies to.

    • Name: The identifier for the security group rule.

    • Source IP range: The allowed source CIDR range for inbound traffic.

    • Destination port range: The port or range of ports allowed by the rule.

Start the edit cleanroom site wizard

  1. In the Command Center navigation pane, go to Security services > Cleanroom.

  2. On the Cleanroom sites tab, click the cleanroom site.

  3. In the upper-right area of the page, click Edit cleanroom site.

General page

Modify the settings as needed.

  • Destination hypervisor: The Azure hypervisor that VMs are recovered to.

  • Access node: The access node or access nodes that perform recovery operations. When set to Automatic, Commvault selects the best access nodes, given the operation.

  • Security: The user or group permissions applied to this cleanroom site configuration, controlling who can initiate and manage recoveries.

  • Resource display name: A prefix or suffix for the names of recovered resources, to distinguish them from production resources.

  • Resource provisioning: Specifies whether to have Commvault create resources or to create your own resources.

    For details about Commvault-created resources, see Resources automatically created in your Azure or Commvault subscription for cleanroom recovery.

Recovery options page

Modify the settings as needed.

  • Resource group: The Azure resource group that VMs and associated resources are deployed to.

  • Region: The Azure geographic region that resources are created in.

  • Storage account: The Azure storage account that hosts VM disks.

  • Availability Zone: The Azure Availability Zone for the recovered VMs, if zonal deployment is required.

  • Storage type: The disk performance tier (for example, Standard SSD) for VM disks.

  • VM size: The Azure VM size, including CPU, memory, and disk configuration, for recovered workloads.

  • Virtual network: The Azure virtual network (VNet) that VMs are deployed to.

  • Security group: The network security group (NSG) applied to recovered VMs to control inbound and outbound traffic.

  • Create public IP: Specifies whether recovered VMs are assigned a public IP address.

Infrastructure page

Modify the settings as needed.

  • Max access nodes per workload type in a recovery group: The maximum number of access nodes that can be created (scaled) for each workload type in the recovery group.

  • Virtual network: The virtual network for new access nodes.

  • NAT gateway public IP prefix: The public IP prefix associated with the NAT gateway for outbound internet connectivity from infrastructure resources.

  • Security group: The network security group for new access nodes.

  • Create public IP address: Specifies whether new access nodes are assigned a public IP address.

  • Workload server group: The server group for recovered workload VMs.

  • Infrastructure server group: The server group for infrastructure components such as access nodes or proxy servers.

  • Resource group: The Azure resource group that infrastructure components for access node scaling are created in.

  • Default VM size: The default VM size for new access nodes.

  • Create custom image: Specifies whether a custom Azure image is used for new access nodes. If disabled, a default system image is used.

×

Loading...