Comprehensive data protection for all workloads
Post Reply
Gostev
Chief Product Officer
Posts: 31599
Liked: 7092 times
Joined: Jan 01, 2006 1:01 am
Location: Baar, Switzerland
Contact:

[PREVIEW] Managed Hardened Repository ISO by Veeam

Post by Gostev » 7 people like this post

We're extremely excited to present you Community Preview of the new delivery method for Veeam Hardened Repository in a form of bootable ISO which dramatically simplifies the provisioning experience while completely eliminating the need for any Linux expertise. Further, deploying hardened repositories from this ISO reduces on-going management costs thanks to both the hardened repository components as wells as the base Linux OS updates provided directly by Veeam.

The goal of this Community Preview is to collect initial feedback from our users and partners as we're considering making this an officially supported offering next month, therefore your engagement is highly appreciated and will directly impact our decision to move forward. Just share your thoughts and feedback with us directly in this thread.

In addition, the feedback on this Community Preview will directly impact available delivery options for VBR on Linux in V13 and whether we will provide the ISO delivery method in particular. Which makes this the most important technology preview in the history of Veeam!

Build number
0.1.15 (Community Preview)

Build status
• It is a Technology Preview: We do not recommend using this in production environment because the preview builds are not supported by our Customer Support.
• Upgrading to the officially supported version (available later this year depending on feedback on this preview) will require redeploying your repository from a new ISO.
• The base OS update functionality in the Hardened Repository Configurator tool will therefore remain functional for Technology Preview installs only until the supported version is released.

Features and Capabilities
The following functionality is available for testing in the Community Preview build.

ISO Installer
• Simplified base OS installer that allows only keyboard language selection, time setting and network configuration.
• Installer requires at least 2 separate disks (at least 100GB each). Smallest disk will be used for the OS with secure partitioning required by DISA STIG applied automatically. All other disks will form a logical volume (LVM formatted with XFS) to use the entire capacity in a single repository.

Pre-Hardened Base OS
• DISA STIG security profile is applied to the base OS automatically
• SSH is disabled by default
• Time shift protection is enabled by default: the network time service (chrony) is pre-configured to ignore significant time changes during startup.

Hardened Repository Configurator Tool
• Simplified network settings configuration (all settings are available via nmtui)
• HTTP proxy settings (for downloading updates and to access external object storage)
• Change hostname
• Change password for vhradmin user
• Temporarily enable SSH (to allow Veeam Backup & Replication to establish initial connection)
• Update OS and Veeam components (dnf update is leveraged under the hood)
• Reset time shift proteciton
• Logout, reboot, shutdown
• Automatic logout after 10min

System Requirements
• Veeam Backup & Replication 12.2 or later.
• Physical or virtual machine (physical recommended for reduced attack surface)
• At least 2 disks of at least 100GB each.

Known Issues and Limitation
The following known issues and limitation apply to the Community Preview build only and will be addressed in the final release.

ISO Installer
• Current sudo permissions for the veeamsvc user allow to install additional packages that are signed by a trusted key.
• The Installer does not discard systems with UEFI Secure Boot disabled (this is on purpose not to create barriers for preview testing)
• The Help button does not function. Please use the included manual.

Hardened Repository Configurator Tool
• The License Agreement wizard and files are incomplete.
• Some texts and error messages are not final.

Support
Please do NOT contact Veeam Customer Support for assistance with this Community Preview. Instead, share your feedback and experiences directly in this thread. If you experience technical issues, please create a dedicated topic for each issue with the [VHRISO] tag at the start of the topic name. Be sure to include log files using a file sharing service of your choice (see the Troubleshooting section of the user manual on how to get logs).

Documentation & License
The user manual and step-by-step installation and first logon video are included in the download location (see below).
No license file is required to install and use the Community Preview build.

Download
1. Go to https://www.veeam.com/beta/vhriso
2. Log in with your Veeam credentials
3. Additional password for the download is VHRISO
HannesK
Product Manager
Posts: 14643
Liked: 2990 times
Joined: Sep 01, 2014 11:46 am
Full Name: Hannes Kasparick
Location: Austria
Contact:

Feedback Request

Post by HannesK »

As it comes to feedback, we are interested in the following information in particular:

1) Thinks you liked

2) Things you didn’t like

3) Features you're missing from the Configurator

4) Hardware you used to deploy a hardened repository with this ISO:
- Vendor
- Model & Generation
- RAID controller
- Network card model & speed
- Disk configuration (e.g. 2x 200GB RAID 1 for OS and 12x10TB RAID 60 for data)

5) If the installation failed, please provide logfiles via a file sharing service of your convenience. See the troubleshooting section of the user manual on how to get logs.
javichumellamo
Novice
Posts: 9
Liked: never
Joined: Oct 26, 2020 9:19 am
Full Name: Javier Larrea
Contact:

Re: [PREVIEW] Managed Hardened Repository ISO by Veeam

Post by javichumellamo »

Hi
1) Thinks you liked
Simple and straightforward process to deploy

2) Things you didn’t like
missing Admin menu to mantain appliance once deployed (e.g. adding new LUNs to stg pool without need of advanced Linux skills)

3) Features you're missing from the Configurator
'Advanced mode' for LVM setup (option to configure SSD cache)


4) Hardware you used to deploy a hardened repository with this ISO:
Virtual machine

5) If the installation failed, please provide logfiles via a file sharing service of your convenience. See the troubleshooting section of the user manual on how to get logs.
HannesK
Product Manager
Posts: 14643
Liked: 2990 times
Joined: Sep 01, 2014 11:46 am
Full Name: Hannes Kasparick
Location: Austria
Contact:

Re: [PREVIEW] Managed Hardened Repository ISO by Veeam

Post by HannesK »

Hello,
thank you for the feedback!

Adding storage is something we have in mind and it's the main reason why LVM is used. I also noted the SSD cache as feature request

Best regards,
Hannes
bcravn
Service Provider
Posts: 13
Liked: 1 time
Joined: Feb 02, 2022 9:54 am
Full Name: Bjarke Ravn-Jonsen
Contact:

Re: [PREVIEW] Managed Hardened Repository ISO by Veeam

Post by bcravn »

4) Hardware you used to deploy a hardened repository with this ISO:
- Vendor : HPE
- Model & Generation: ProLiant XL450 Gen10 / HPE Apollo 4510 Gen10
- RAID controller: HPE Smart Array P408i-p SR Gen 10 ( for mechanical drives) / HPE NS204i-p GEN10+ Boot Controller (for raid1 NVME boot device)
- Network card model & speed: 1G for the test
- Disk configuration : HPE boot device 2 x nvme | 38 x 10 TB SAS-HDD for storage ~ 300TiB

5) If the installation failed, please provide logfiles via a file sharing service of your convenience. See the troubleshooting section of the user manual on how to get logs.
Install failed, logfiles provided. Properly due to OS would be installed on NVME device

Logfiles and a few screenshots has been uploaded to:
https://cnm.sharefile.com/public/share/ ... 8221907e42
We did get the iso working in a VM, and that went just fine. But we often use hardware like the ProLiant XL450 Gen10 / HPE Apollo 4510 Gen10 .
Adrian1980
Service Provider
Posts: 36
Liked: 11 times
Joined: Sep 11, 2018 4:21 pm
Location: Aachen, Germany
Contact:

Re: [PREVIEW] Managed Hardened Repository ISO by Veeam

Post by Adrian1980 »

Hello,

if i locked me out by 3 times failed login, how I can reset the password?
The link to the KB in the PDF points to an 404.
Proud to be a Veeam Certified Architect.
HannesK
Product Manager
Posts: 14643
Liked: 2990 times
Joined: Sep 01, 2014 11:46 am
Full Name: Hannes Kasparick
Location: Austria
Contact:

Re: [PREVIEW] Managed Hardened Repository ISO by Veeam

Post by HannesK »

@bcravn: thanks for reporting and uploading the logs. We look into and if there are more questions, I might come back to you directly.

@Adrian1980: I will send you the draft of the KB article directly and work that we get the KB article online :-)
tpayton
Veeam Software
Posts: 145
Liked: 93 times
Joined: Jan 16, 2013 5:27 pm
Full Name: Tyler Payton
Contact:

Re: [PREVIEW] Managed Hardened Repository ISO by Veeam

Post by tpayton » 1 person likes this post

Tyler Payton
Customer Experience Manager / KB Manager
efd121
Enthusiast
Posts: 61
Liked: 3 times
Joined: Aug 07, 2015 8:45 pm
Full Name: David Engler
Contact:

Re: [PREVIEW] Managed Hardened Repository ISO by Veeam

Post by efd121 »

First install using Dell R730xd with PERC H730P Mini raid controller. Three logical volumes, vDisk0 mirrored 120GB SSD. vDisk1 and vDisk2 configured as raid-6 with twelve 1.6TB drives each. I need to run through the process again to see if I can get an Active/Backup bond setup with two NICs.
I was expecting to see two data volumes after the install, but they were combined into a single 32TB volume after the system was added to Veeam. Is this expected behavior or will the new ISO always combine the larger volumes?
Is the data evenly split between both logical volumes or is it written to just one until its full before writing to the other?
Dave
HannesK
Product Manager
Posts: 14643
Liked: 2990 times
Joined: Sep 01, 2014 11:46 am
Full Name: Hannes Kasparick
Location: Austria
Contact:

Re: [PREVIEW] Managed Hardened Repository ISO by Veeam

Post by HannesK »

Hello David,
thanks for testing!

For networking: bonding can also be configured in the advanced networking section in the Hardened Repository Configurator. A re-installation should not be needed.

Yes, this is documented in the first post of this topic: all volumes except the operating system volume are combined to one large logical volume. That makes repository management easier. It also avoids situations where customers configured multiple scale out backup repository extents on the same machine.
or is it written to just one until its full before writing to the other
this is what we do today because we format with help of the installer. The plan is to add striping to distribute load and improve performance. The only downside would be, that a failure of one RAID would lead to the loss of all data. RAID6 vs RAID60.

Best regards,
Hannes
arngrimurm
Influencer
Posts: 10
Liked: 1 time
Joined: Aug 31, 2023 1:55 pm
Full Name: Arngrimur
Contact:

Re: [PREVIEW] Managed Hardened Repository ISO by Veeam

Post by arngrimurm »

I guess this is going to be licensed in the future?
HannesK
Product Manager
Posts: 14643
Liked: 2990 times
Joined: Sep 01, 2014 11:46 am
Full Name: Hannes Kasparick
Location: Austria
Contact:

Re: [PREVIEW] Managed Hardened Repository ISO by Veeam

Post by HannesK » 1 person likes this post

We don't license our backup infrastructure components, you get to use as many as you need. We only license protected workloads. There are no plans for now to change that.
efd121
Enthusiast
Posts: 61
Liked: 3 times
Joined: Aug 07, 2015 8:45 pm
Full Name: David Engler
Contact:

Re: [PREVIEW] Managed Hardened Repository ISO by Veeam

Post by efd121 »

HannesK wrote: Oct 02, 2024 5:49 amThe plan is to add striping to distribute load and improve performance. The only downside would be, that a failure of one RAID would lead to the loss of all data. RAID6 vs RAID60.
I like this especially with new repositories but the reason I’m asking is when it comes time to upgrade my existing repos. Using the old ISO I have 8 systems (2 SOBRs) with 2 106TB volumes each and was hoping once the repair option was available, I would be able to reload the OS leaving the data volumes alone. If that won’t be an option, I will have to evacuate the extents and totally rebuild each one.
HannesK
Product Manager
Posts: 14643
Liked: 2990 times
Joined: Sep 01, 2014 11:46 am
Full Name: Hannes Kasparick
Location: Austria
Contact:

Re: [PREVIEW] Managed Hardened Repository ISO by Veeam

Post by HannesK » 2 people like this post

ah okay... for the "repair mode" we plan to keep whatever exists and mount everything to /mnt/veeamrepository-XX - that should solve that issue.
Post Reply

Who is online

Users browsing this forum: Bing [Bot], fspadaro, Semrush [Bot] and 79 guests