Deploying VMware Virtual Appliance

• Deploying Virtual Appliance with vSphere Web Client
• Deploying Virtual Appliance with vSphere Client
• Virtual Appliance OS, Credentials, and Security
• Web Interface Login

NAKIVO Backup & Replication offers the following VA deployment options:

• Full Solution
• Full Solution without Backup Repository
• Transporter-only
• Transporter with Backup Repository
• Multi-tenant Director  

The Virtual Appliance (VA) has two disks: the first (30 GB) contains a Linux OS with NAKIVO Backup & Replication, and the second (500 GB) is used as a Backup Repository. If you deploy the Virtual Appliance disks using the Thin Provision option, then the disks will not reserve space on your datastore and will only consume space when actual data (such as your backups) is written to disks.

Deploying Virtual Appliance with vSphere Web Client

1. Download NAKIVO Backup & Replication VA. 

2. Log in to your vSphere vCenter with the vSphere Web Client.

3. Select Deploy OVF Template from the Actions menu. Note that the Client Integration Plug-in must be installed to enable OVF functionality. 
   

   

4. On the Select an OVF template page of the Deploy OVF Template wizard, select Local file and upload the VA file (.ova) you've downloaded. Click Next. 

   

5. On the Select a name and folder page, specify a unique name and target location for the Virtual Appliance. Click Next.

   

6. On the Select a computer resource page, select the resource pool within which you would like to deploy the Virtual Appliance and click Next.

   

7. On the Review details page, review the template details and click Next.

   

8. On the License agreements page, read the end-user license agreement (EULA). If you agree to its terms, select I accept all license agreements and then click Next.

   

9. On the Select storage page, select a datastore in which you would like to keep the Virtual Appliance disk, virtual disk format (Thin Provisioning is recommended), VM storage policy and click Next.

   Important
   If you use thick provisioning instead of thin provisioning, keep in mind that NAKIVO Backup & Replication can take up to 0,5 TB of data. Check to see if it is 0,5 TB by default for all cases.
   

   

10. On the Select networks page, select a network to which the Virtual Appliance will be connected. Opting for a network with DHCP and Internet access is recommended. Click Next.

    >

8. On the License agreements page, read the end-user license agreement (EULA). If you agree to its terms, select I accept all license agreements and then click Next.

   

9. On the Select storage page, select a datastore in which you would like to keep the Virtual Appliance disk, virtual disk format (Thin Provisioning is recommended), VM storage policy and click Next.

   Important
   If you use thick provisioning instead of thin provisioning, keep in mind that NAKIVO Backup & Replication can take up to 0,5 TB of data. Check to see if it is 0,5 TB by default for all cases.
   

   

10. On the Select networks page, select a network to which the Virtual Appliance will be connected. Opting for a network with DHCP and Internet access is recommended. Click Next.

    

11. On the Ready to complete page, review the summary of the setups you have configured and click Finish to complete deployment.
    

    

    After the Virtual Appliance is deployed, you may need to configure it.

    Important
    If you plan to expose the Virtual Appliance to the Internet, change the default credentials and set up a login and password for the Web interface

Deploying Virtual Appliance with vSphere Client

1. Download NAKIVO Backup & Replication VA. 

2. Log in to your vSphere vCenter with the vSphere Client, go to File in the top menu and select Deploy OV Template.

   

3. On the Source page of the Deploy OVF Template wizard, select and locate the file with the template. Click Next.
   

4. On the OVF Template Details page, review the template details and click Next.

   

5. On the End User License Agreement page, read the license agreement. If you agree to its terms, click Accept and then click Next.

   

6. On the Name and Location page, specify a name and location for the deployed VA and click Next.

   

7. On the Host/Cluster page, select the host or cluster on which you wish to run the deployed template and click Next.

   

8. On the Storage page, select a datastore where you would like to keep the VA disk and click Next.

   

9. On the Disk Format page, select a virtual disk format (Thin Provision is recommended) and click Next.

   Important
   If you wish to select one of the Thick Provision options instead of Thin Provision, keep in mind that NAKIVO Backup & Replication can take 0,5 TB of data. Check to see if it is 0,5 TB by default for all cases.

   
   

10. On the Network Mapping page, select a network to which the VA will be connected. It is recommended that you choose a network with DHCP and Internet access. Click Next.

    

11. On the Ready to Complete page, review the summary of the options you have configured and select the Power on after deployment option.

    

12. Click Finish to complete the deployment.

13. After the Virtual Appliance is deployed, configure it if necessary.

After the installation is complete, you can log in to NAKIVO Backup & Replication by opening the following URL in your web browser: https://machine_IP_or_DNS:director_https_port

Virtual Appliance OS, Credentials, and Security

The appliance runs Ubuntu 18.04, 64-bit. Use the following credentials to log in to the appliance:

• Username: root

• Password: QExS-6b%3D

For the versions of NAKIVO Backup & Replication older than 7.2, the password is root.

 

Important
If you plan to expose the Virtual Appliance to the Internet, change the default VA credentials and set up a login and password for the Web interface.

 

To enable Backup Immutability for Amazon S3 or Local Folder type of Backup Repository deployed as part of virtual appliance, NAKIVO Backup & Replication does the following:

• Creates a new user for all administrative needs and adds it to the sudo group.

• Disables root user.

• Changes default SSH port to 2221.
  
  

  Note

  The default SSH port for VA that was not hardened is 22.
  
  

• Configure the following kernel parameters via sysctl.conf:

  • Limits network-transmitted configuration for IPv4/IPv6

  • Turns on execshield protection

  • Prevents the common 'syn flood attack'

  • Turns on source IP address verification

  • Prevents a cracker from using a spoofing attack against the IP address of the server.

  • Logs several types of suspicious packets, such as spoofed packets, source-routed packets, and redirects.

  • Configures swap. Sets vm.swappiness to 15

  • Sets kernel.unprivileged_bpf_disabled to 1

  • Sets kernel.core_pattern to /tmp/%e.%p.core

  • Sets kernel.core_uses_pid to 1

  • Sets kernel.dmesg_restrict to 1

  • Sets kernel.kptr_restrict to 2

  • Sets kernel.sysrq to 0

• Secures /tmp and /var/tmp

• Secures Shared Memory

• Prevents IP Spoofing

• Installs and configures fail2ban

Web Interface Login

Open the following URL to access the product's web interface: https://Appliance_VM_IP:4443.

Refer to the  Getting Started section to better understand how to continue working with NAKIVO Backup & Replication.