AWS EC2 queries

Last post 12-13-2018, 10:17 AM by Guy Heaton. 8 replies.
Sort Posts: Previous Next
  • AWS EC2 queries
    Posted: 11-20-2018, 10:56 AM

    Hello all.

     

     

    I have a media agent and VSA in AWS.  I'm attempting to query the region eu-west-2 for content but it uses the public facing Internet address for the region which is not routed from this internal subnet

     

    We have created a VPC endpoint for the EC2 API because the subnet that the instances are in also has no access to the internet gateway.


    Am I able to get the VSA to query this endpoint and not the region?  There seems to be an additional setting if this was Azure but not AWS.

     

    Thanks


    Cheers

    Guy
  • Re: AWS EC2 queries
    Posted: 11-21-2018, 3:49 PM

    Hi Guy 

    In regards to your setup, if there is a communication limitation within the environment, for AWS on top of using VPC, you can also consider setting up CommVault Proxy Clients:

    http://documentation.commvault.com/commvault/v11/article?p=43067.htm

    This will create additional path for communication 

    Thank you 

    Winston

  • Re: AWS EC2 queries
    Posted: 12-07-2018, 11:02 PM

    HI Yugguy,

    How did you configure VSA/media agent using VPC endpoint?

     

    I am trying to define Amazon virtual client and my EC2 media agent/proxy has VPC endpoint access but registraion of virtual Amazon client is failing. In my case i don't have internet access and trying to access AWS API without going through internet.

    Thanks

  • Re: AWS EC2 queries
    Posted: 12-08-2018, 4:37 AM
    Hi I am not in the office TIL Monday but will post what I did then. I have my backups working now
    Cheers

    Guy
  • Re: AWS EC2 queries
    Posted: 12-10-2018, 4:08 AM

    Hello.

     

    So, firstly there had to be some work in our internal DNS and route 53 to allow my media agent to resolve the region and s3 endpoints correctly via the s3.region.amazonaws.com type addresses.

     

    My media agent is also the vsa.

     

    I had to enable the correct securityproviders in [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols]

     

    I added the following additional settings to the MA/VSA:

    AmazonRegion eu-west-2

    ChangeSecurityProtocolType 1

    nCloudServerCertificateNameCheck 0


    Cheers

    Guy
  • Re: AWS EC2 queries
    Posted: 12-10-2018, 1:16 PM

    Thanks for your response following option did the trick and working ok now.

     

    ChangeSecurityProtocolType 1

  • Re: AWS EC2 queries
    Posted: 12-12-2018, 12:57 PM

    HI Guy,

    My EC2 is working through VPC endpoint, how are you accessing RDS instances or even are you doing RDS snapshots?

    When i am trying to discover RDS instance its failing with webxexception error.

    Thanks in advance.

  • Re: AWS EC2 queries
    Posted: 12-13-2018, 10:03 AM

    Sounds proxy related, but I'm not doing RDS yet.

     

    I would remove proxy from control panel, Internet options

     

    And then you can set it for the commserve only for downloads via psexec.


    Cheers

    Guy
  • Re: AWS EC2 queries
    Posted: 12-13-2018, 10:17 AM

    Sounds proxy related, but I'm not doing RDS yet.

     

    I would remove proxy from control panel, Internet options

     

    And then you can set it for the commserve only for downloads via psexec.


    Cheers

    Guy
The content of the forums, threads and posts reflects the thoughts and opinions of each author, and does not represent the thoughts, opinions, plans or strategies of Commvault Systems, Inc. ("Commvault") and Commvault undertakes no obligation to update, correct or modify any statements made in this forum. Any and all third party links, statements, comments, or feedback posted to, or otherwise provided by this forum, thread or post are not affiliated with, nor endorsed by, Commvault.
Commvault, Commvault and logo, the “CV” logo, Commvault Systems, Solving Forward, SIM, Singular Information Management, Simpana, Commvault Galaxy, Unified Data Management, QiNetix, Quick Recovery, QR, CommNet, GridStor, Vault Tracker, InnerVault, QuickSnap, QSnap, Recovery Director, CommServe, CommCell, SnapProtect, ROMS, and CommValue, are trademarks or registered trademarks of Commvault Systems, Inc. All other third party brands, products, service names, trademarks, or registered service marks are the property of and used to identify the products or services of their respective owners. All specifications are subject to change without notice.
Close
Copyright © 2019 Commvault | All Rights Reserved. | Legal | Privacy Policy