Configuring Auto-Scaling for Amazon EC2 Access Nodes in an Environment with a Single AWS Account

Updated

To configure auto-scaling in an environment that has a single AWS account, you need to create and configure a few entities.

Commvault software supports the manual deployment of only the Unix image of the Commvault Cloud Access Node BYOL and not the Microsoft Windows image for creating an Amazon EC2 auto-scaled node.

Create an Empty Auto-Scaling Server Group

The Commvault software uses this empty sever group to create and decommission access nodes.

Auto-scaled access nodes inherit network configuration and permissions from this server group.

  1. From the navigation pane, go to Manage > Server groups.

    The Server groups page appears.

  2. In the upper-right corner of the page, click Add.

    The Add server group dialog box appears.

  3. In the Name box, enter a name for the server group.

  4. Select Manual association.

    Important: Do not select servers. The server group must be empty.

  5. Click Save.

Create an Auto-Scaling Hypervisor

The Commvault software uses this hypervisor to manage auto-scaling.

  1. From the navigation pane, go to Protect > Virtualization.

    The Virtual machines page appears.

  2. In the upper-right area of the page, click Add hypervisor.

    The Configure Hypervisor page appears.

  3. Select Amazon Web Services, and then click Next.

    The Configure Amazon Web Services Hypervisor page appears.

  4. In Server name, enter a name for the hypervisor.

  5. To specify a region for the access nodes you are adding to the hypervisor, in Regions, enter the region.

    You can enter multiple regions, separated by a comma. For example, you can enter us-east-1,us-west-1.

  6. Select the authentication method that you want to use.

  7. From the Access nodes list, select the access nodes to use for the hypervisor.

  8. Click Save.

    The Add VM Group page appears.

  9. In Name, enter a name for the VM group.

  10. From the Plan list, select a plan for the hypervisor.

  11. Click Save.

Configure VM Provisioning Settings for the Auto-Scaling Hypervisor

  1. From the navigation pane, go to Protect > Virtualization.

    The Virtual machines page appears.

  2. On the Hypervisors tab, click the auto-scaling hypervisor.

    The hypervisor page appears.

  3. On the Configuration tab, in the Access node section, move the Auto scale toggle key to the right.

    The VM provisioning settings dialog box appears.

  4. To specify that the VM provisioning settings for this hypervisor are the preferred or "default" settings, move the toggle key Set as system default settings to the right.

    If you enable this setting, when users select a hypervisor, they see a visual indication that these settings are the preferred or default settings.

  5. From the Server group list, select the empty auto-scaling server group.

  6. From the IAM Role list, select the IAM role that has both the AmazonSSMManagedInstanceCore managed policy and the restricted_role_permissions.json file attached.

    You can find the policy in the AWS console at arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore.

    For information about the use of AWS IAM admin user accounts in the Commvault software, see Using Resources from an Admin Account.

  7. To create a public IP address that can be used to access the auto-scaled access nodes, move the Create public IP toggle key to the right.

  8. Specify the security group to use for the hypervisor:

    • To use the default security group, move the Deploy access nodes into default VPC toggle key to the right.

      If you select this option, the Commvault software assigns the default security group that is defined within your Amazon Virtual Private Cloud (VPC), instead of a specific security group for your Amazon EC2 instance. For more information, see Default security group for your VPC in the AWS documentation.

    • To specify a different security group, do the following:

      1. Click Add.

        The Add region dialog box appears.

      2. From the Availability zone list, select the availability zone that you want to use to create access nodes.

      3. From the VPC list, select a virtual private cloud.

      4. From the Subnet list, select a subnet.

      5. From the Security groups list, select a security group.

        After running a backup job, if you try to change the security group for the access nodes that will be launched in a new security group, the original security group is used anyway. To avoid that problem, remove the access nodes from the server group, and then select a new security group. The software creates new access nodes using the security group that you selected.

      6. To require an interactive login for the access node, do the following:

        a. Move the Enable key pair toggle key to the right.

        b. When prompted to confirm, click Yes.

        b. From the Key pair list, select the key pair.

      7. Click Save.

  9. Under Auto scale, do the following:

    1. In Maximum number of access nodes, enter the maximum number of access nodes that can be created in each region to back up the VMs in the region.

      The default value is 10. The maximum number is 100.

    2. For Default operating system, select the OS for the access nodes.

  10. Under Advanced, do the following:

    1. To specify the type of instance that is used to create the auto-scaled access nodes, move the Auto select instance type toggle key to the left, and then select the instance type.

      After running a backup, if you try to change the instance type for the access nodes that will be launched in a new instance, the original instance type is used anyway. To avoid that problem, remove the access nodes from the server group, and then change the instance type.

    2. To create a public IP address that can be used to access the auto-scaled access nodes, move the Create public IP toggle key to the right.

    3. To specify a network gateway for the auto-scaled access nodes to communicate with the CommServe server, in Network gateway, enter the gateway in the hostname:port format.

    4. To associate users and/or user groups with the auto-scaled access nodes, from the Security list, select the users and/or user groups.

    5. For User Approval, select a user to send an email for the user's approval. After the user approves, the job to create the access node job starts.

    1. To execute a provisioning workflow on the access nodes after they are created, from Provisioning workflow, select the workflow. The workflows assigned/created by user with prefix underscore (_) are shown.

  11. Click Save.