NEUIGKEITEN ZUM THEMA DATENSICHERUNG - ?· NEUIGKEITEN ZUM THEMA DATENSICHERUNG Stefan Savoric s.savoric@profi-ag.de…

  • Published on
    20-Jun-2018

  • View
    212

  • Download
    0

Embed Size (px)

Transcript

  • NEUIGKEITEN ZUM THEMA

    DATENSICHERUNG

    Stefan Savoric

    s.savoric@profi-ag.de

    Senior Systemingenieur

    Diplom-Geophysiker

    mailto:s.savoric@profi-ag.de

  • TSM 7.1.1 NEW FEATURES GA 9/12/14

    TSM for VE

    Provide initial TSM for VE solution for Microsoft Hyper-V

    Integrate simplified mount solution for file-level recovery in DP for VMware UI; "Help Desk"

    FCM & DP for VMware - integrated vSphere Web Client user interface (Adobe Flex)

    TSM for ERP 6.4.2 (shipped July 25th)

    Performance Enchantements

    DB2 10.1 /10.5 support

    Support BRTools 7.4

    Windows 2012 Support

    Solaris 11 support

    TDP (Currency)

    Windows 2012 R2 - Exchange, SQL, Oracle,

    SQL 2014 support

    TDP Exchange

    Windows 2012 R2 support

    Reduced authority for Exchange IMR Roll Based Access Control support

    IMR Usability and Performance enhancements

    Exchange config wizard to validate permissions

    FCM for Windows:

    SQL Server 2014 Support, Windows Server 2012 R2 Support

    Exchange IMR Browser Usability & Performance see WI 3304 above

    FCM for VMware:

    GUI integrated with vSphere Web Client

    Configuration Wizard

    NIST SP 800-131a compliance

    Application consistent FlashCopies from target of a metro/global mirror

    TSM Front-End Licensing

    Operations Center

    Daily Email Reports executive summary

    Alert Configuration

    Client, Admin and Server Maintenance schedule

    Storage Pools details

    Bookmarks

    Services (Policies) Details

    SUR Occupancy

    Client Management Services

    TSM Server

    Replication: Scale Enhancements

    Replication: Dissimilar Policies

    Replication: Repair/recover files for source server from replication target

    Compress DB2 backups & archive logs

    TSM Client

    256-bit AES encryption

    Conformance to NIST SP800-131a

    Windows 2012 R2 support

    Solaris x86 BA client (64-bit)

    HSM for Windows

    Backup Performance Enhancement

    TSM for Space Management

    GPFS User Exit Based Failover

    UNIX: Enhanced Recall

    Fastback for Workstations

    Central admin console Websphere Liberty Profile

    Graphing in the reporting tables in Central admin console

    New block level backup strategy

    Help system upgrade

  • TSM 7.1.1 PERFORMANCE ENHANCEMENTS NODE REPLICATIONS

    RECONCILIATION

    3

    Prior to TSM 7.1.1, replication has always done a reconcile (Abgleich)

    Compares complete list of files between the source and target server

    Used to synchronize the source and target servers

    Reconcile in TSM 7.1.1- Examines entire list of files in a file space (much like pre 7.1.1)

    Used during the initial replication between 7.1.1 servers

    Once reconcile completes, change tracking processing takes over during the next replication

    Automatically runs following a database restore on the source or target server

    Can run manually using REPLICATE NODE FORCERECONCILE=NO|YES

    Synchronize source/target files - used like an audit

    Resynchronize source/target files if the db is regressed (other than DSMSERV RESTORE DB)

    Restartable remembers where it left off if cancelled or after some catastrophic server event

  • TSM 7.1.1 PERFORMANCE ENHANCEMENTS NODE REPLICATIONS

    RECONCILIATION

    4

    Change Tracking in TSM 7.1.1 eliminates need to query target server for its list of files

    New and change files are assigned a change identifier: when its stored & when meta data is updated

    Replication only processes files with a change identifier incremental replication

    Replication picks up where the last replication left off

    Improves performance for fs with lots of files

    New Replication rule that enables replication based upon Domain

    In addition to current replication by Server, Node and Filespace

  • TSM 7.1.1 - NODE REPLICATION WITH DISSIMILAR POLICIES

    5

    Description: Decouple target from source server policy, allowing target server to manage replicated

    files via its own policy

    Benefits: Maintain more or fewer versions of replicated backup files between the source and target replication servers Retain replicated archive files for more or less time on the target replication server If fewer versions of files are kept or retained for less time on the target server, the amount of target server

    storage required can be reduced

  • TSM 7.1.1 - NODE REPLICATION WITH DISSIMILAR POLICIES

    6

  • TSM 7.1.1 - NODE REPLICATION WITH DISSIMILAR POLICIES

    7

    Server Support: Different policy for retention time & number versions can exist on

    primary & target server

    On source server first run VALIDATE REPLPOLICY Default is to disable dissimilar policies If disabled, the serves will act as they do today and honor the source servers policy

    On source server SET DISSIMILARPOLICIES server on Once enabled, target server is notified during the next replication VEREXIST, VERDELETED, RETEXTRA, RETONLY, RETVER, RETMIN will impact what is kept Expiration then runs independently on each server target server runs expiration

  • TSM 7.1.1 - NODE REPLICATION WITH DISSIMILAR POLICIES

    8

    Backup data: VEREXIST, VERDEL, RETONLY, RETEXTRA control when a backup is deleted

    Archive Data: Only RETVER controls the length of time a file is retained for

    Space Management Data: Retains the same behavior with or without dissimilar policies enabled

    VALIDATE REPLPOLICY

    Must be ran prior to enabling dissimilar policies

    Displays differences in policy settings for all nodes that exist on both source and target servers

    Can be used to validate policy settings are correct, or to debug policy related issues

    If no server is specified, defaults to current replication target server

  • TSM 7.1.1 - NODE REPLICATION WITH DISSIMILAR POLICIES

    9

    SET DISSIMILARPOLICIES Issued on source server to enable dissimilar policies for a specific target server

    Must run VALIDATE REPLPOLICY for the given target server before this can be enabled

    QUERY REPLSERVER New field added to tell you if Dissimilar Policies is enabled for target replication server or not

    Rebinding of Files on the Target Replication Server In 7.1.0

  • TSM 7.1.1 - NODE REPLICATION WITH DISSIMILAR POLICIES

    10

    Changes for Expiration

    Source server If dissimilar policies enabled, source server holds onto a file until it has been replicated to the target

    Files that have not yet been replicated, must be replicated before they can expire on the source

    Files that have been updated ( active inactive or inactive expire immediately ) must be replicated (updated) before they can expire

    Bypass this requirement temporarily by updating the node or filespace replication rule to NONE

  • TSM 7.1.1 - NODE REPLICATION WITH DISSIMILAR POLICIES

    11

    Changes for Expiration

    Target Server All files are now deleted by expiration on the target server

    Replication process no longer directly deletes files, instead deferred until expiration processing on the target server

    The exceptions are group data and hsm data: These are still deleted during replication processing

    If dissimilar Policies is enabled, the targets policy take affect as data is ingested into the server

    This is exactly the same way a client backup is handled

    As a file comes in, if there is an extra version, it is set to be expired

    If dissimilar Policies is not enabled, the data's state is copied from the source serve

    If it is active on the source, it will be active on the target

    If it is inactive on the source, it will be inactive on the target

    When expiration runs, it will delete files as it always has

    Files that are expired will be removed whether dissimilar policies is on or off

    Dissimilar Policies just dictates how files are set to expired during the ingest of the data

    ARCHIVE data that has passed its retention data is only expired on the target if dissimilar policies is enabled

  • TSM 7.1.1 - NODE REPLICATION WITH RECOVERY OF DAMAGED FILES

    12

    Description: Retrieve files that have been damaged on the source server from replication target server Benefit: Assist with local recovery of files that have been damaged on the source server

    Replaces damaged files with good copies that have been replicated

    Includes files on volumes that have been updated as destroyed

  • TSM 7.1.1 - NODE REPLICATION WITH RECOVERY OF DAMAGED FILES

    Scenario:1) Server A replicates data to Server B2) Storage pool volume or files on Server A is lost or data is otherwise inaccessible3) Storage pool volume or files is restored from Server B to Server A

    Server Support: Must enable: SET replrecoverdamaged on

    Additional step in replication process, if source server has damaged files in a file space

    being replicated

    Notifies the target server to resend them at the end of the replication

    When source replication ends, the target would start process to resend the damaged files

    Damaged files are deleted and replaced with new copies, retaining original insertion date

    New parameter on REPLICATE NODE command: RECOVERDAMAGED=YES|NO|ONLY

    RECOVERDAMAGED=ONLY will not do replication, it will only recover damaged files

  • TSM 7.1.1 - NODE REPLICATION WITH RECOVERY OF DAMAGED FILES

    14

    New column in Replicated_Objects tracks damaged files

    Valid values are currently 0 (not damaged) and 1 (damaged on source)

    Worker thread periodically re-synchronizes the Damaged column

    Thread wakes every 30 mins, only syncs if count of damaged changed

    Source server initiates recovery, target server controls At the end of a replication process, the source server will decide if a recovery is needed

    If so, it will build up the recovery command and send it to the target for processing

    Target starts modified replication process & corresponding replication recovery process on the

    source

    The source & target will talk, with the target requesting damaged files and the source supplying

    them

    Grouped objects

    Requires special consideration, object ID cannot be reused

    Groups are repaired with the new object IDs during recovery

    Deduplication

    Reuses existing replication code to only send needed chunks

  • 15

    New Maximum Size for Active Logs

    Description

    TSM 7.1.0 increased maximum value allowed for ACTIVELOGSIZE

    Increased 4X from 131072 to 524288

    Not documented or announced

    Benefit

    In 7.1.1 announcing the new limit

    Decision was too late for pubs update 7.2 books will show the new limit

    New max allows active logs to grow to 512GB

    Server Support

    Larger logs can be enabled in 7.1.0 even though announcing in 7.1.1

    Things to watch out for

    Need to provision more space for logs

    Larger logs can lead to longer restart times if DB2 crash recovery is required

  • 16

    TSM 7.1.1 COMPRESS ARCHIVE LOGS

    Description: Compress DB2 archive logs

    DB2 10 introduced the ability to compress log files as they are archived

    In TSM 7.1.1

    Default to compress archive log is set to NO

    Known DB2 active log problem that occurs when the DB2 archive log compression flag is set to YES

    Only seen the DB2 active log problem on our large appliance CET test systems when they are under sustained high volume usage and heavy workloads

  • 17

    TSM 7.1.1 COMPRESS ARCHIVE LOGS

    Benefits: Consume less space and reduce the time required to back up the archive logs

    Potentially reduces the frequency of back ups that are initiated just to clear the archive logs

    Server Support: Default ARCHLOGCOMPress value is No (do not compress archive logs)

    ARCHLOGCOMPress option set in the dsmserv.opt file and by the SETOPT command

    dsmserv.opt: server must be started or restarted for the option to take effect

    SETOPT command: can be used when the server is up and running

    Updates the server option immediately and appends the option and value to the dsmserv.opt file

    Current setting of the server option displayed with:

    Q LOG F=D

    Q OPT

    Q OPT ARCHLOGCOMPress

  • Description: Selectively choose which TSM database backups are compressed

    Benefits:

    TSM deduplication increases size of the TSM database

    The space requirements have also increased when backing up the TSM database

    DB backup to local media: compression doesn't add much, compression overhead can be too much

    DB backup to remote media: reduced amount of data sent compensates for compressions overhead

    Server Support:

    What can be configured

    Can specify a "compress" parameter on the BACKUP DB and SET DBRECOVERY commands

    SET DBRECOVERY sets the compress defaults for the BACKUP DB command

    Impact of configuration decisions

    Processor usage and duration increased

    Increases varied based on database size, and hardware configuration

    Database backup compression decreases the size of the backed up database files

    TSM 7.1.1 Compress Database Backups

  • Backup file sizes: For a brand new database sample (backed up and compressed)

    TSM 7.1.1 Compress Database Backups

  • TSM 7.1.1 256-BIT EAS BACKUP ARCHIVE API ENCRYPTION

    20

    TSM now supports 3 algorithms of encryption

    AES-128

    DES-56

    AES-256 (NEW)

    TSM 7.1.1 introduced AES-256

    Backup-Archive Client , API and DPs that use the API

    Use ENCRYPTIONTYPE AES256 in dsm.opt or dsm.sys

    Then rebackup already backed up and encrypted items

    Data deduplication is not supported with encryption

    query backup shows encryption being used

    Client GUI will have new option

  • 21

    PERFORM LIBACTION NEW ACTION VALUES

    Description New action values, RESET and QUIESCE introduced to PERFORM LIBACTION

    Update all drive paths and all drives online in a specific library with one command

    New DRIVESONLY parameter allowed when ACTION=RESET

    Benefit

    No need to issue multiple commands against each librarys drive & path to make them all online or offline

    In the future this may be utilized by the OC and allow the user to reset their drives and paths

    Server SupportSyntax

    PERform LIBAction Action=

  • 22

    ACTIVITY SUMMARY RECORD ACTIVATE POLICYSET

    New record logged to activity summary table for ACTIVATE POLICYSET command

    Server SupportActivity summary record logged when ACTIVATE POLICYSET command completes successfully

    Purpose of this record is for use by OC

    The following fields of the activity summary record are used

    START_TIME/END_TIME

  • 23

    Querying DB2 Directly

    Description As of 6.1, TSM no longer provides ODBC interface for Admin SQL

    Management Applications / Report Engines were told to use DB2 ODBC/JDBC

    TSM DB2 Schema is not documented

    In particular, there's no way to distinguish between operational and reporting tables

    Benefit Have the ability to identify TSM DB2 Schema

    Server Support SHOW ADMINSQL

    Syntax.-Format--=--Standard----

    >>-SHOW ADMINSQL---+--------------------+--->