How do I set up and maintain a Datto Private Node?
- Datto Private Node
This article describes the process for setting up and maintaining a Datto Private Node.
- Network Configuration
- Node Configuration
- Configuring IPMI
- The size of a Datto node must be a minimum of twice the sum of the size of the Datto devices that are connecting to it. This sizing allows the Datto node to have archiving capabilities for all the data that is backed up to it.
- The installation site needs to have a download stream that is capable for source machines
to sync to the node. Datto recommends 20Mbps as a minimum for incoming bandwidth as
nodes constantly process multiple data synchronizations simultaneously.
- The Datto node's deployment location must have a dedicated static public
IP address. Have this public IP address available when you are ready to set up the Private Node.
The following are the network requirements for a Datto node:
- The node must have a static, dedicated public IP address. The node will use this address for most of its functionality. You will also need to configure NAT rules to forward the public IP traffic to the node’s primary LAN address.
- The following ports must be open inbound and outbound:
- Port 22 - SSH
- Port 1194 (UDP) - OpenVPN
- Port 443 - offsite file restores and cloud synchronization operations
- Ports 1024 through 65535 - VM RDP
- The node must have inbound and outbound SSH access to:
- 22.214.171.124, 126.96.36.199 and 188.8.131.52 (Datto web servers)
- 184.108.40.206, 220.127.116.11, 18.104.22.168, and 22.214.171.124 (Datto Technical Support)
- The node must have outbound access to the following servers:
- The Datto devices that sync to the node require that the traffic appears to be coming and going from the same public IP address.
You must configure the node directly on the device. Follow these steps:
- Plug in the Datto node’s AC Power and connect an Ethernet cable to the Primary NIC, ETH0
(the NIC that is closest to the PS/2 port).
- Attach a monitor and keyboard to the device.
- Power on the device. It will prompt you with the user and server number.
- Contact Datto Technical Support, and we will send the root password for your node. The password will be sent via email to a verified partner portal account holder of your choosing.
- Run this command to set up the IP address for the node:
- In this file, customize the address (IP address), netmask, and gateway for your network.
- Press CTRL+O to save. Press Enter to confirm.
- Press CTRL+X to exit the editor.
- Next, run this command:
- Edit the nameserver line with your DNS address.
- Press CTRL+O to save. Press Enter to confirm.
- Press CTRL+X to exit the editor.
- Next, run this command to restart the networking interfaces on the device:
- Then, force the device to connect to Datto's servers:
- Provide the public IP address for the node to Datto Technical Support, so that we can update our database.
- A Datto technician will verify access from our end, and our Cloud Operations Team will verify that the device is ready to accept client devices.
- Once setup is complete, run RoundTrips on all the node's client devices. If data needs to be moved from Datto Cloud, order a Reverse RoundTrip to retrieve that data.
- Connect the RoundTrip drives to the node. Contact Technical Support to have a technician verify that the devices can mount the drives, and run commands to copy the data to the node. Once this is complete, you will be able to manage the node from the Partner Portal page, as well as the node's GUI.
- Contact Technical Support to have Cloud Support run a final Server Configuration task.
In the BIOS
To configure IP and MAC addresses, enter the BIOS by pressing the Del key when the node boots.
- Enter the BIOS password. Contact Datto Technical Support if you do not have it.
- Select Advanced, and press Enter.
- Select IPMI Configuration, and press Enter.
- Select Set LAN Configuration and press Enter. This will give you the ability to change IP settings and toggle Static and DHCP services.
- Enter a static, reserved IP address.
Accessing the IPMI Web Interface
Once you have configured the dedicated IPMI port with an IP address, you can connect to the web interface to manage your node.
- Using a computer that is connected to the same network as the Datto, open a web browser.
- Enter the IP address you configured earlier into the address bar in your browser.
- At the login page, use the default username and password. Contact Datto Technical Support if you do not have it.
- Change your password:
- Click on the Configuration menu and choose Users.
- Select ADMIN and click Modify User.
- Then, select the Change Password check-box and enter your new password.
- Last, click the Modify button.
The following section describes Datto-recommended proactive maintenance steps to keep your Private Node in optimal condition. Datto recommends performing these steps quarterly unless otherwise specified.
Update the Private Node
Updating your Private Node ensures it has all updated security patches and software package updates, including required packages for file restore and offsite virtualization. To update your Private Node:
- Log into the node with the root password
- open a screen:
screen -S update
- Run the following command:
puppet apply /etc/puppet/manifests/site.pp
Make sure that your Private Node is checking in successfully with Datto's monitoring servers. From the Command-Line Interface (CLI) of the node, type
checkin. If the checkin runs without error, your node can reach the Datto monitoring servers and resolve addresses.
A successful checkin will look similar to the following examples.
mmansfield@datto-siris:~# checkin Checking to see if checkin is currently running Updating checkin script (using device.dattobackup.com)... % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 24330 0 24252 100 78 191k 629 --:--:-- --:--:-- --:--:-- 239k Checkin script updated, executing... config_utils is up to date Generating Stats... Gathering traffic statistics (takes 5 seconds)... rm: cannot remove `/home/_config/': Is a directory rm: cannot remove `/datto/config/local/': Is a directory 1Share list hasn't changed Communicating with server % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 24639 0 21773 100 2866 128k 17297 --:--:-- --:--:-- --:--:-- 150k File download successful. starting server script Starting downloaded script config_utils is up to date Updating ntfs-3g...
You will see the appliance reach out to multiple packaging servers to check for device updates. Make note of any errors. Then, the checkin will exit:
Reading package lists... Done Reading package lists... Done Building dependency tree Reading state information... Done ntfs-3g is already the newest version. The following packages were automatically installed and are no longer required: isc-dhcp-server linux-image-3.13.0-65-generic dhcp3-server linux-headers-3.13.0-65-generic linux-headers-3.13.0-65 libnet1 Use 'apt-get autoremove' to remove them. 0 upgraded, 0 newly installed, 0 to remove and 151 not upgraded.
If you notice any errors during the checkin process, including the ability to resolve any DNS addresses, review the Network Configuration section of this article. Also, make sure that the node's environment meets the specifications in the Datto Networking Requirements article.
1. Use the
df -h command to make sure that the appliance's file system is mounted. The filesystem should show mountpoints for all directories in the Mounted on column. The below example shows a correctly-mounted filesystem on a Private Node. The number after dattoArray/ is the unique device identifier. The number of mounted devices will vary based on how many devices are syncing to your node.
root@server2285:~# df -h dattoArray/119766 1.8T 34M 1.8T 1% /datto/array1/119766
dattoArray/119767 1.8T 64M 1.8T 1% /datto/array1/119767
dattoArray/119768 1.8T 384K 1.8T 1% /datto/array1/119768
dattoArray/119769 1.8T 1.7G 1.8T 1% /datto/array1/119769
dattoArray/119770 1.8T 384K 1.8T 1% /datto/array1/119770
dattoArray/119771 1.8T 384K 1.8T 1% /datto/array1/119771
If the filesystem is not correctly mounted, run the
./up.sh command to remount it. You will also need to run this command after any reboot of the node.
2. Run the
df -h | head command to check the available space on the OS drive. /dev/sda1 should be at the top of the list, and the Use% value should show less than 100%.
3. Run the
zfs list | head command to check the available space on the array drives. The /dattoArray volume should be at the top of the list, and the Use% value should show less than 100%.
bash /datto/utils/sSCheck.sh command to check the overall health of the node. Make note of any reported issues.
/datto/scripts/checkWeightedSmart.sh command to check the node's hard drive health. This script runs a smart check on all drives, Checking for values > 0 in properties:
If the script detects a problem, it will return output similar to the following:
Checking drive /dev/sdb... /dev/sdb - Failing property 'Multi_Zone_Error_Rate': 2 * Weight 10 = 20 score Total /dev/sdb Score = 20
If a drive has a total score greater than 100 this drive should be replaced. High error count on a drive can cause data corruption or loss. Address any reported disk issues before proceeding with further maintenance.
zpool status -v command to check for zpool corruption. If corruption is present, run the command
zpool scrub <name of affected pool>.
Your Datto appliance will attempt to correct the disk errors. Run the
zpool status -v command again to view the status of the scrub. Shown below is an example of corruption on the homePool storage pool.
mmansfield@datto-siris:~# zpool status -v pool: homePool state: DEGRADED status: One or more devices has experienced an error resulting in data corruption. Applications may be affected. action: Restore the file in question if possible. Otherwise restore the entire pool from backup. see: http://zfsonlinux.org/msg/ZFS-8000-8A scan: resilvered 50K in 0h0m with 0 errors on Mon Feb 15 22:31:48 2016 config: NAME STATE READ WRITE CKSUM homePool DEGRADED 402 0 0 mirror-0 DEGRADED 402 0 0 8518445531633777586 UNAVAIL 0 0 0 was /dev/disk/by-id/ata-Hitachi_HDS721010DLE630_MSK5235H262VAG-part1 ata-Hitachi_HDS721010DLE630_MSK5235H262UHG ONLINE 402 0 0
errors: Permanent errors have been detected in the following files: <metadata>:<0x0> /home/agents/agent1/3ca014117ef111e1ba4e806e6f6e6963.datto /home/agents/126.96.36.199/37641e626d6d11e480b4806e6f6e6963.datto
If the device is unsuccessful at clearing the corruption, contact Datto Technical Support for further assistance.
Datto recommends rebooting your node every 6 to 12 months. Make sure that there are no file restores or virtualizations in use on the node before rebooting; a reboot will interrupt connections to them. To reboot the node from the command line, run the
reboot now command. Remember to remount the file system after reboot, as described in the Verify File System and Disk Space section of this article.