-
- Chief Product Officer
- Posts: 31599
- Liked: 7092 times
- Joined: Jan 01, 2006 1:01 am
- Location: Baar, Switzerland
- Contact:
[PREVIEW] Managed Hardened Repository ISO by Veeam
We're extremely excited to present you Community Preview of the new delivery method for Veeam Hardened Repository in a form of bootable ISO which dramatically simplifies the provisioning experience while completely eliminating the need for any Linux expertise. Further, deploying hardened repositories from this ISO reduces on-going management costs thanks to both the hardened repository components as wells as the base Linux OS updates provided directly by Veeam.
The goal of this Community Preview is to collect initial feedback from our users and partners as we're considering making this an officially supported offering next month, therefore your engagement is highly appreciated and will directly impact our decision to move forward. Just share your thoughts and feedback with us directly in this thread.
In addition, the feedback on this Community Preview will directly impact available delivery options for VBR on Linux in V13 and whether we will provide the ISO delivery method in particular. Which makes this the most important technology preview in the history of Veeam!
Build number
0.1.15 (Community Preview)
Build status
• It is a Technology Preview: We do not recommend using this in production environment because the preview builds are not supported by our Customer Support.
• Upgrading to the officially supported version (available later this year depending on feedback on this preview) will require redeploying your repository from a new ISO.
• The base OS update functionality in the Hardened Repository Configurator tool will therefore remain functional for Technology Preview installs only until the supported version is released.
Features and Capabilities
The following functionality is available for testing in the Community Preview build.
ISO Installer
• Simplified base OS installer that allows only keyboard language selection, time setting and network configuration.
• Installer requires at least 2 separate disks (at least 100GB each). Smallest disk will be used for the OS with secure partitioning required by DISA STIG applied automatically. All other disks will form a logical volume (LVM formatted with XFS) to use the entire capacity in a single repository.
Pre-Hardened Base OS
• DISA STIG security profile is applied to the base OS automatically
• SSH is disabled by default
• Time shift protection is enabled by default: the network time service (chrony) is pre-configured to ignore significant time changes during startup.
Hardened Repository Configurator Tool
• Simplified network settings configuration (all settings are available via nmtui)
• HTTP proxy settings (for downloading updates and to access external object storage)
• Change hostname
• Change password for vhradmin user
• Temporarily enable SSH (to allow Veeam Backup & Replication to establish initial connection)
• Update OS and Veeam components (dnf update is leveraged under the hood)
• Reset time shift proteciton
• Logout, reboot, shutdown
• Automatic logout after 10min
System Requirements
• Veeam Backup & Replication 12.2 or later.
• Physical or virtual machine (physical recommended for reduced attack surface)
• At least 2 disks of at least 100GB each.
Known Issues and Limitation
The following known issues and limitation apply to the Community Preview build only and will be addressed in the final release.
ISO Installer
• Current sudo permissions for the veeamsvc user allow to install additional packages that are signed by a trusted key.
• The Installer does not discard systems with UEFI Secure Boot disabled (this is on purpose not to create barriers for preview testing)
• The Help button does not function. Please use the included manual.
Hardened Repository Configurator Tool
• The License Agreement wizard and files are incomplete.
• Some texts and error messages are not final.
Support
Please do NOT contact Veeam Customer Support for assistance with this Community Preview. Instead, share your feedback and experiences directly in this thread. If you experience technical issues, please create a dedicated topic for each issue with the [VHRISO] tag at the start of the topic name. Be sure to include log files using a file sharing service of your choice (see the Troubleshooting section of the user manual on how to get logs).
Documentation & License
The user manual and step-by-step installation and first logon video are included in the download location (see below).
No license file is required to install and use the Community Preview build.
Download
1. Go to https://www.veeam.com/beta/vhriso
2. Log in with your Veeam credentials
3. Additional password for the download is VHRISO
The goal of this Community Preview is to collect initial feedback from our users and partners as we're considering making this an officially supported offering next month, therefore your engagement is highly appreciated and will directly impact our decision to move forward. Just share your thoughts and feedback with us directly in this thread.
In addition, the feedback on this Community Preview will directly impact available delivery options for VBR on Linux in V13 and whether we will provide the ISO delivery method in particular. Which makes this the most important technology preview in the history of Veeam!
Build number
0.1.15 (Community Preview)
Build status
• It is a Technology Preview: We do not recommend using this in production environment because the preview builds are not supported by our Customer Support.
• Upgrading to the officially supported version (available later this year depending on feedback on this preview) will require redeploying your repository from a new ISO.
• The base OS update functionality in the Hardened Repository Configurator tool will therefore remain functional for Technology Preview installs only until the supported version is released.
Features and Capabilities
The following functionality is available for testing in the Community Preview build.
ISO Installer
• Simplified base OS installer that allows only keyboard language selection, time setting and network configuration.
• Installer requires at least 2 separate disks (at least 100GB each). Smallest disk will be used for the OS with secure partitioning required by DISA STIG applied automatically. All other disks will form a logical volume (LVM formatted with XFS) to use the entire capacity in a single repository.
Pre-Hardened Base OS
• DISA STIG security profile is applied to the base OS automatically
• SSH is disabled by default
• Time shift protection is enabled by default: the network time service (chrony) is pre-configured to ignore significant time changes during startup.
Hardened Repository Configurator Tool
• Simplified network settings configuration (all settings are available via nmtui)
• HTTP proxy settings (for downloading updates and to access external object storage)
• Change hostname
• Change password for vhradmin user
• Temporarily enable SSH (to allow Veeam Backup & Replication to establish initial connection)
• Update OS and Veeam components (dnf update is leveraged under the hood)
• Reset time shift proteciton
• Logout, reboot, shutdown
• Automatic logout after 10min
System Requirements
• Veeam Backup & Replication 12.2 or later.
• Physical or virtual machine (physical recommended for reduced attack surface)
• At least 2 disks of at least 100GB each.
Known Issues and Limitation
The following known issues and limitation apply to the Community Preview build only and will be addressed in the final release.
ISO Installer
• Current sudo permissions for the veeamsvc user allow to install additional packages that are signed by a trusted key.
• The Installer does not discard systems with UEFI Secure Boot disabled (this is on purpose not to create barriers for preview testing)
• The Help button does not function. Please use the included manual.
Hardened Repository Configurator Tool
• The License Agreement wizard and files are incomplete.
• Some texts and error messages are not final.
Support
Please do NOT contact Veeam Customer Support for assistance with this Community Preview. Instead, share your feedback and experiences directly in this thread. If you experience technical issues, please create a dedicated topic for each issue with the [VHRISO] tag at the start of the topic name. Be sure to include log files using a file sharing service of your choice (see the Troubleshooting section of the user manual on how to get logs).
Documentation & License
The user manual and step-by-step installation and first logon video are included in the download location (see below).
No license file is required to install and use the Community Preview build.
Download
1. Go to https://www.veeam.com/beta/vhriso
2. Log in with your Veeam credentials
3. Additional password for the download is VHRISO
-
- Product Manager
- Posts: 14643
- Liked: 2990 times
- Joined: Sep 01, 2014 11:46 am
- Full Name: Hannes Kasparick
- Location: Austria
- Contact:
Feedback Request
As it comes to feedback, we are interested in the following information in particular:
1) Thinks you liked
2) Things you didn’t like
3) Features you're missing from the Configurator
4) Hardware you used to deploy a hardened repository with this ISO:
- Vendor
- Model & Generation
- RAID controller
- Network card model & speed
- Disk configuration (e.g. 2x 200GB RAID 1 for OS and 12x10TB RAID 60 for data)
5) If the installation failed, please provide logfiles via a file sharing service of your convenience. See the troubleshooting section of the user manual on how to get logs.
1) Thinks you liked
2) Things you didn’t like
3) Features you're missing from the Configurator
4) Hardware you used to deploy a hardened repository with this ISO:
- Vendor
- Model & Generation
- RAID controller
- Network card model & speed
- Disk configuration (e.g. 2x 200GB RAID 1 for OS and 12x10TB RAID 60 for data)
5) If the installation failed, please provide logfiles via a file sharing service of your convenience. See the troubleshooting section of the user manual on how to get logs.
-
- Novice
- Posts: 9
- Liked: never
- Joined: Oct 26, 2020 9:19 am
- Full Name: Javier Larrea
- Contact:
Re: [PREVIEW] Managed Hardened Repository ISO by Veeam
Hi
1) Thinks you liked
Simple and straightforward process to deploy
2) Things you didn’t like
missing Admin menu to mantain appliance once deployed (e.g. adding new LUNs to stg pool without need of advanced Linux skills)
3) Features you're missing from the Configurator
'Advanced mode' for LVM setup (option to configure SSD cache)
4) Hardware you used to deploy a hardened repository with this ISO:
Virtual machine
5) If the installation failed, please provide logfiles via a file sharing service of your convenience. See the troubleshooting section of the user manual on how to get logs.
1) Thinks you liked
Simple and straightforward process to deploy
2) Things you didn’t like
missing Admin menu to mantain appliance once deployed (e.g. adding new LUNs to stg pool without need of advanced Linux skills)
3) Features you're missing from the Configurator
'Advanced mode' for LVM setup (option to configure SSD cache)
4) Hardware you used to deploy a hardened repository with this ISO:
Virtual machine
5) If the installation failed, please provide logfiles via a file sharing service of your convenience. See the troubleshooting section of the user manual on how to get logs.
-
- Product Manager
- Posts: 14643
- Liked: 2990 times
- Joined: Sep 01, 2014 11:46 am
- Full Name: Hannes Kasparick
- Location: Austria
- Contact:
Re: [PREVIEW] Managed Hardened Repository ISO by Veeam
Hello,
thank you for the feedback!
Adding storage is something we have in mind and it's the main reason why LVM is used. I also noted the SSD cache as feature request
Best regards,
Hannes
thank you for the feedback!
Adding storage is something we have in mind and it's the main reason why LVM is used. I also noted the SSD cache as feature request
Best regards,
Hannes
-
- Service Provider
- Posts: 13
- Liked: 1 time
- Joined: Feb 02, 2022 9:54 am
- Full Name: Bjarke Ravn-Jonsen
- Contact:
Re: [PREVIEW] Managed Hardened Repository ISO by Veeam
4) Hardware you used to deploy a hardened repository with this ISO:
- Vendor : HPE
- Model & Generation: ProLiant XL450 Gen10 / HPE Apollo 4510 Gen10
- RAID controller: HPE Smart Array P408i-p SR Gen 10 ( for mechanical drives) / HPE NS204i-p GEN10+ Boot Controller (for raid1 NVME boot device)
- Network card model & speed: 1G for the test
- Disk configuration : HPE boot device 2 x nvme | 38 x 10 TB SAS-HDD for storage ~ 300TiB
5) If the installation failed, please provide logfiles via a file sharing service of your convenience. See the troubleshooting section of the user manual on how to get logs.
Install failed, logfiles provided. Properly due to OS would be installed on NVME device
Logfiles and a few screenshots has been uploaded to:
https://cnm.sharefile.com/public/share/ ... 8221907e42
We did get the iso working in a VM, and that went just fine. But we often use hardware like the ProLiant XL450 Gen10 / HPE Apollo 4510 Gen10 .
- Vendor : HPE
- Model & Generation: ProLiant XL450 Gen10 / HPE Apollo 4510 Gen10
- RAID controller: HPE Smart Array P408i-p SR Gen 10 ( for mechanical drives) / HPE NS204i-p GEN10+ Boot Controller (for raid1 NVME boot device)
- Network card model & speed: 1G for the test
- Disk configuration : HPE boot device 2 x nvme | 38 x 10 TB SAS-HDD for storage ~ 300TiB
5) If the installation failed, please provide logfiles via a file sharing service of your convenience. See the troubleshooting section of the user manual on how to get logs.
Install failed, logfiles provided. Properly due to OS would be installed on NVME device
Logfiles and a few screenshots has been uploaded to:
https://cnm.sharefile.com/public/share/ ... 8221907e42
We did get the iso working in a VM, and that went just fine. But we often use hardware like the ProLiant XL450 Gen10 / HPE Apollo 4510 Gen10 .
-
- Service Provider
- Posts: 36
- Liked: 11 times
- Joined: Sep 11, 2018 4:21 pm
- Location: Aachen, Germany
- Contact:
Re: [PREVIEW] Managed Hardened Repository ISO by Veeam
Hello,
if i locked me out by 3 times failed login, how I can reset the password?
The link to the KB in the PDF points to an 404.
if i locked me out by 3 times failed login, how I can reset the password?
The link to the KB in the PDF points to an 404.
Proud to be a Veeam Certified Architect.
-
- Product Manager
- Posts: 14643
- Liked: 2990 times
- Joined: Sep 01, 2014 11:46 am
- Full Name: Hannes Kasparick
- Location: Austria
- Contact:
Re: [PREVIEW] Managed Hardened Repository ISO by Veeam
@bcravn: thanks for reporting and uploading the logs. We look into and if there are more questions, I might come back to you directly.
@Adrian1980: I will send you the draft of the KB article directly and work that we get the KB article online
@Adrian1980: I will send you the draft of the KB article directly and work that we get the KB article online
-
- Veeam Software
- Posts: 145
- Liked: 93 times
- Joined: Jan 16, 2013 5:27 pm
- Full Name: Tyler Payton
- Contact:
Re: [PREVIEW] Managed Hardened Repository ISO by Veeam
Veeam KB4663:How to Reset Hardened Repository ISO Appliance Account Lockout has been published.
Tyler Payton
Customer Experience Manager / KB Manager
Customer Experience Manager / KB Manager
-
- Enthusiast
- Posts: 61
- Liked: 3 times
- Joined: Aug 07, 2015 8:45 pm
- Full Name: David Engler
- Contact:
Re: [PREVIEW] Managed Hardened Repository ISO by Veeam
First install using Dell R730xd with PERC H730P Mini raid controller. Three logical volumes, vDisk0 mirrored 120GB SSD. vDisk1 and vDisk2 configured as raid-6 with twelve 1.6TB drives each. I need to run through the process again to see if I can get an Active/Backup bond setup with two NICs.
I was expecting to see two data volumes after the install, but they were combined into a single 32TB volume after the system was added to Veeam. Is this expected behavior or will the new ISO always combine the larger volumes?
Is the data evenly split between both logical volumes or is it written to just one until its full before writing to the other?
Dave
I was expecting to see two data volumes after the install, but they were combined into a single 32TB volume after the system was added to Veeam. Is this expected behavior or will the new ISO always combine the larger volumes?
Is the data evenly split between both logical volumes or is it written to just one until its full before writing to the other?
Dave
-
- Product Manager
- Posts: 14643
- Liked: 2990 times
- Joined: Sep 01, 2014 11:46 am
- Full Name: Hannes Kasparick
- Location: Austria
- Contact:
Re: [PREVIEW] Managed Hardened Repository ISO by Veeam
Hello David,
thanks for testing!
For networking: bonding can also be configured in the advanced networking section in the Hardened Repository Configurator. A re-installation should not be needed.
Yes, this is documented in the first post of this topic: all volumes except the operating system volume are combined to one large logical volume. That makes repository management easier. It also avoids situations where customers configured multiple scale out backup repository extents on the same machine.
Best regards,
Hannes
thanks for testing!
For networking: bonding can also be configured in the advanced networking section in the Hardened Repository Configurator. A re-installation should not be needed.
Yes, this is documented in the first post of this topic: all volumes except the operating system volume are combined to one large logical volume. That makes repository management easier. It also avoids situations where customers configured multiple scale out backup repository extents on the same machine.
this is what we do today because we format with help of the installer. The plan is to add striping to distribute load and improve performance. The only downside would be, that a failure of one RAID would lead to the loss of all data. RAID6 vs RAID60.or is it written to just one until its full before writing to the other
Best regards,
Hannes
-
- Influencer
- Posts: 10
- Liked: 1 time
- Joined: Aug 31, 2023 1:55 pm
- Full Name: Arngrimur
- Contact:
Re: [PREVIEW] Managed Hardened Repository ISO by Veeam
I guess this is going to be licensed in the future?
-
- Product Manager
- Posts: 14643
- Liked: 2990 times
- Joined: Sep 01, 2014 11:46 am
- Full Name: Hannes Kasparick
- Location: Austria
- Contact:
Re: [PREVIEW] Managed Hardened Repository ISO by Veeam
We don't license our backup infrastructure components, you get to use as many as you need. We only license protected workloads. There are no plans for now to change that.
-
- Enthusiast
- Posts: 61
- Liked: 3 times
- Joined: Aug 07, 2015 8:45 pm
- Full Name: David Engler
- Contact:
Re: [PREVIEW] Managed Hardened Repository ISO by Veeam
I like this especially with new repositories but the reason I’m asking is when it comes time to upgrade my existing repos. Using the old ISO I have 8 systems (2 SOBRs) with 2 106TB volumes each and was hoping once the repair option was available, I would be able to reload the OS leaving the data volumes alone. If that won’t be an option, I will have to evacuate the extents and totally rebuild each one.
-
- Product Manager
- Posts: 14643
- Liked: 2990 times
- Joined: Sep 01, 2014 11:46 am
- Full Name: Hannes Kasparick
- Location: Austria
- Contact:
Re: [PREVIEW] Managed Hardened Repository ISO by Veeam
ah okay... for the "repair mode" we plan to keep whatever exists and mount everything to /mnt/veeamrepository-XX - that should solve that issue.
Who is online
Users browsing this forum: Bing [Bot], fspadaro, Semrush [Bot] and 79 guests