Verify that the Commvault software meets the following system requirements for recovering entities using the Cleanroom recovery operation.
Commvault Software Requirements
-
Add a tertiary copy of data to Air Gap Protect utilizing either Hot or Cool tiers.
For more information, see Air Gap Protect.
-
Verify that your control plane DR backup is set to uploaded daily to the Commvault Cloud Portal.
Source Environment Requirements
Azure has the following requirements for the source VMs that are restored into Azure.
-
The source VMs must use Indexing Version 2. If the source VMs are using Indexing Version 1, migrate them to Indexing Version 2 using the VSA V1 to V2 Migration workflow.
For migration instructions, see Migration of Virtualization Clients to Indexing Version 2.
-
Before you back up source VMs, verify the following:
-
The source VM name must conform to the following format restrictions. This can be addressed in the recovery options in cleanroom recovery or on the source VM, whichever is the most convenient:
-
Cannot contain special characters and whitespaces.
-
Cannot begin with an underscore (_) and does not end with a period (.) and a dash (-).
-
-
The Remote Desktop Protocol (RDP) is enabled on the source VM. For Linux, verify that SSH is also enabled.
-
For Linux VMs, if you want to automatically power on the source VMs after the conversion, enable integration services on the source VMs.
-
Verify that Linux VMs have the required Hyper-V drivers for the VMs.
-
For Windows VMs, to enable disks that must be brought online as part of the conversion, enable a SAN policy for the source VM.
-
-
To recover an Active Directory, install the Active Directory agent on the source VM.
If you are unable to access your AD user account for recovery, use a break glass account from a domain different from the current one or use a local account. This will provide emergency access to AD in situations such as cyber-attack or a compromised on-premises AD server.
Azure Cleanroom Recovery Site Requirements
-
Verify that the Cleanroom recovery site is isolated from the production site.
-
Verify that the source entities to recover are supported by Azure. For more details, see the Support Matrix.
-
Set up IAM to access Azure resources.
-
An Azure subscription and tenant that has never been accessed by production accounts or connections.
-
Create resource groups, storage accounts, and network watcher resource groups in the Azure cleanroom recovery site.
- Azure Standard or Azure Premium general-purpose storage accounts are required for auto VM conversion.
-
Verify that identity management, such as AD, is configured in the cleanroom site.
-
Verify that the following network resources are already configured to prevent outbound communication: Gateway, IPv4/IPv6 ranges defined, DNS, firewall policies, DNS updates, TTL, public and private IP registration, and network encapsulation.
-
If your source data is encrypted, you must have the key management service and encryption key configured in the Azure Cleanroom recovery site. Also, verify that the key management service is added in Commvault. For more information, see Managing a Key Management Server