Applies to: MSP admin, tenant admin
You can specify the settings that are used when access nodes for an Amazon EC2 hypervisor (which represents an AWS account) are created—either manually by end users or by the Commvault software when auto-scaling access nodes.
Go to the Amazon Hypervisor
-
From the Command Center navigation pane, go to Protect > Virtualization.
The Overview page appears.
-
On the Hypervisors tab, click the AWS account that you want to configure with VM provisioning settings.
The hypervisor page appears.
-
On the Configuration tab, in the Access node section, click VM provisioning settings.
The VM provisioning settings dialog box appears.
Associate an Existing VM Provisioning Policy
You can associate an existing VM provisioning policy with the auto-scaling for this AWS account.
-
Move the Associate existing VM provisioning settings toggle key to the right.
-
From the Destination hypervisor list, select the AWS account.
Create a New VM Provisioning Policy
You can create a new VM provisioning policy to associate with the auto-scaling for this AWS account.
Go to the Provisioning Settings Dialog Box
-
Move the Associate existing VM provisioning settings toggle key to the right.
-
Click Confirm.
The Provisioning settings dialog box appears.
Select the Server Group and IAM Role
-
From the Server group list, select the server group to use for the access nodes.
-
From the IAM role list, select the IAM role that has both the AmazonSSMManagedInstanceCore managed policy and the amazon_restricted_role_permissions.json file attached.
You can find the policy in the AWS console at arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore.
-
To specify that the VM provisioning settings for this AWS account are the default settings, move the toggle key Set as system default settings to the right.
If you enable this setting, when users select an Amazon EC2 hypervisor, they see a visual indication that these settings are the default settings.
-
To disable creating a public IP address for the provisioned access node, move the Create public IP address toggle key to the left.
By default, the toggle is enabled and creates a public IP address on the provisioned access node.
Note
To communicate with the Commserve computer, the default ports 8400 and 8403 must be open on the access node machines in the network security group rules.
-
Click Next.
The Availability zone page appears.
Configure an Availability Zone
Specify an AWS Availability Zone for auto-scaled access nodes.
-
To use the default security group in the Amazon Virtual Private Cloud (VPC), move the Deploy access nodes into default VPC toggle key to the right.
If you select this option, the Commvault software assigns the default security group that is defined within your VPC, instead of a specific security group for your Amazon EC2 instance. For more information, see Default security group for your VPC in the AWS documentation.
-
To specify a different security group, do the following:
-
Move the Deploy access nodes into default VPC toggle key to the left.
-
Click Add.
The Add region dialog box appears.
-
From the Availability zone list, select the AWS Availability Zone to create access nodes in.
-
From the VPC list, select a VPC.
-
From the Subnet list, select a subnet.
-
From the Security group list, select a security group.
After running a backup, if you try to change the security group for the access nodes that will be launched in a new security group, the original security group is used anyway. To avoid that problem, remove the access nodes from the server group, and then select a new security group. The software creates new access nodes using the security group that you selected.
-
If you are using an access node to host deduplication databases, move the Enable key pair toggle key to the right.
-
In the confirmation dialog box that appears, click Yes.
-
From the Key pair list, select the key pair to use for logging on to the access node.
-
Click Save.
-
Click Next.
The Access Nodes page appears.
-
Specify the Access Node Details
-
To allow the Commvault software auto select the instance type, leave the Auto select instance type toggle key to the right.
During auto scaling, the software uses an ARM64 image with a c6g.large as default instance type. If an ARM64 image is not available in the Region, then an X86 image with a C6i.large is selected as default instance type.
-
To specify the type of instance that is used to create the Amazon EC2 access nodes, do the following:
-
Move the Auto select instance type toggle key to the left.
-
From the Instance type list, select an instance type.
Only the following AWS instance types are supported:-
ARM64: c6.large (default), c7g.large, c7g.xlarge, c7g.2xlarge, c6g.large, c6g.xlarge, c6g.2xlarge, r6g.large, r6g.xlarge, r6g.2xlarge, r6g.4xlarge
-
X86: c5.large (default), c5.xlarge, c5.2xlarge, m5a.2xlarge, r5a.large, r5a.xlarge
After running a backup, if you try to change the instance type for the access nodes that will be launched in a new instance, the original instance type is used anyway. To avoid that problem, remove the access nodes from the server.
-
-
To choose size, move the Choose size while launching job toggle key to the right.
-
-
Under Auto scale, do the following:
-
In Maximum number of access nodes, enter the maximum number of access nodes that can be created in each Region to back up the VMs in the Region.
The default value is 10 and the maximum number is 100.
-
For Select operating system, select the OS for the access nodes.
-
-
Click Next.
The Advanced Settings page appears.
Specify the Advanced Settings
-
To specify a network gateway for the access nodes to communicate with the CommServe server, in the Network gateway box, enter the gateway in the hostname:port format.
-
To associate users and/or user groups with the VM provisioning settings, from the Security list, select the users and/or user groups.
-
In the User approval box, select a user to send an email for the user's approval.
When the user approves, then the create access node job launches. -
To specify the properties of the workflow that will execute after successful provisioning of the Access node or Pre/Post editing access node properties, do the following:
-
Click Add
-
From the Workflow type list, select the workflow type from options that display [Provisioning, Pre edit-VM, Post edit-VM]
-
From the Workflow list, select the workflow to execute for the specified workflow type.
Only workflows with the suffix
_provisioning
appear in this list. -
Click Save.
-
-
To specify tags for the provisioned access node, do the following:
- In the Tags section, click Add.
The Add tag dialog box appears.
-
Specify the Workload type:
-
General: Adds the specified tag to all provisioned access node.
-
Virtualization: Adds the specified tag to provisioned node for Virtualization workload.
-
Office 365: Adds the specified tag to provisioned node for Office 365 workload
-
Media agent: Adds the specified tag to provisioned node for Media agent workload.
-
-
In the Key box, enter the key value of the tag.
-
In the Value, enter the value of the tag.
-
Click Save.
-
Click Next.
The Summary page appears.
Review the Summary
-
Review the selections for server groups, IAM role, Availability Zone, access node details, and advanced settings.
-
Click Submit.