Cloud Volumes Backup: Support tool - Portal

The portal sub-commands allow an operator to interact with the Cloud Volumes Backup API. These commands enable you to perform actions against provisioned backup stores. Notable exceptions to this include creation and deletion of backup stores. You can view information relating to your backup stores as well as re-issuing credentials.

The available sub-commands in the portal module are:

  • download-config
  • download-secure-client
  • get-geos
  • list-stores
  • reissue-catalyst
  • reissue-certificate
  • tar-secure-client-cert
  • verify-credentials

The --api-endpoint optional parameter can be provided to change the endpoint the portal commands target. Valid options are: demo or production

The --geo optional parameter can be provided to change the geography that the portal commands target. Valid options are: us, uk, eu and jp. The options can be seen by running ./cvbu-support-tool portal get-geos

The --password optional parameter can be passed to the portal commands to specify the users Cloud Volumes password. By default you will be prompted for this password interactively.

WARNING: If --password is supplied, Cloud Volumes password information will be stored in the terminals history.

download-config - Reissue secure client configuration file

The download-config sub-command enables you to re-download the default configuration file for their secure client. This configuration will include the correct datapath endpoints embedded under the keys target1/target2.

To use this command, specify the Cloud Volumes user email and the ID for the backup store. This ID can be seen via a call to list-stores.

Example usage:

To download the default configuration file for store id 7f2b882d-1aec-45d0-ae72-90241a422afa as user support-tool@hpe.com, run the following command:

bash$ ./cvbu-support-tool portal download-config support-tool@hpe.com 7f2b882d-1aec-45d0-ae72-90241a422afa

secure_client_config.yaml written successfully

download-secure-client - Download secure client

The download-secure-client sub-command enables you to re-download the secure client binary for their backup store. This is useful as it does not cycle the key/certificates for the store in the process and as such is non-disruptive.

To use this command, specify the Cloud Volumes user email and the ID for the backup store. This ID can be seen via a call to list-stores.

Example usage:

To download the secure client binary for store id 7f2b882d-1aec-45d0-ae72-90241a422afa as user support-tool@hpe.com, run the following command:

bash$ ./cvbu-support-tool portal download-secure-client support-tool@hpe.com 7f2b882d-1aec-45d0-ae72-90241a422afa

Downloading: 100% |#######################################| Time:  0:00:22 571.1 KiB/s
secure_client written successfully

get-geos - Get available geographies

The get-geos sub-command enables you to list the available geographies in Cloud Volumes Backup.

Example usage:

To list geos, run the following command:

bash$ ./cvbu-support-tool portal get-geos

Available geos: eu, jp, uk, us

list-stores - List user backup stores

The list-stores sub-command enables you to list backup stores that exist within a given geo of Cloud Volumes. Information shown includes the store name, store id, deployed region, current status, number of Catalyst objects as well as logical stored and physical used capacity.

Example usage:

To list stores within the US geo of Cloud Volumes Backup, run the following command:

bash$ ./cvbu-support-tool portal list-stores support.tool@hpe.com --geo us

Name                 Items  Region            Status    Reachable    Disk Bytes    User Bytes    ID
-----------------  -------  ----------------  --------  -----------  ------------  ------------  ------------------------------------
demo-restore             3  us-stage-sanjose  Active    True         894.84 MB     968.88 MB     e112c815-998c-45b5-954d-228eaeeeef97
support-tool             1  us-stage-sanjose  Active    True         18.12 MB      1.02 KB       7f2b882d-1aec-45d0-ae72-90241a422afa

reissue-catalyst - Reissue Catalyst credentials

The reissue-catalyst sub-command enables you to reissue the Catalyst username and password used for datapath communication with a backup store.

To use this command, specify the Cloud Volumes user email and the ID for the backup store. This ID can be seen via a call to list-stores.

WARNING: Reissuing Catalyst credentials invalidates existing credentials used for store communication. As such, any backup software configured with the existing credentials will fail the next backup. Remember to update in any backup software.

Example usage:

To regenerate catalyst credentials for store id 7f2b882d-1aec-45d0-ae72-90241a422afa as user support-tool@hpe.com, run the following command:

bash$ ./cvbu-support-tool portal reissue-catalyst support-tool@hpe.com 7f2b882d-1aec-45d0-ae72-90241a422afa

--------  ------------------------
User      support-tool_client
Password  1rFp6gkVjpPa8f5vLnE5
--------  ------------------------

reissue-certificate - Reissue secure client certificates

The reissue-certificate sub-command enables you to re-issue a certificate and key for communication with a backup store. This may be useful if a certificate has expired as they are provisioned with a 90 day TTL. The following files will be written in the filesystem ca.crt, client.key and client.crt.

To use this command, specify the Cloud Volumes user email and the ID for the backup store. This ID can be seen via a call to list-stores.

WARNING: Reissuing the certificates on a store revokes existing certificates and as such only the new certificates will be valid for the service. Therefore you must restart any running secure client with the new certificates in place to prevent transport errors.

Example usage:

To reissue the key and certificate for store id 7f2b882d-1aec-45d0-ae72-90241a422afa as user support-tool@hpe.com, run the following command:

bash$ ./cvbu-support-tool portal reissue-certificate support-tool@hpe.com 7f2b882d-1aec-45d0-ae72-90241a422afa

CA:
-----BEGIN CERTIFICATE-----
MIIGQzCCBCugAwIBAgIJANBT3QljxbFzMA0GCSqGSIb3DQEBCwUAMIG3MQswCQYD
VQQGEwJVUzEVMBMGA1UEBwwMRGVmYXVsdCBDaXR5MSswKQYDVQQKDCJIZXdsZXR0
IFBhY2thcmQgRW50ZXJwcmlzZSBDb21wYW55MRwwGgYDVQQLDBNDbG91ZCBEYXRh
IFNlcnZpY2VzMUYwRAYDVQQDDD1IZXdsZXR0IFBhY2thcmQgRW50ZXJwcmlzZSBD
bG91ZCBEYXRhIFNlcnZpY2VzIFByaXZhdGUgU1NMIENBMB4XDTIwMDEyOTE3MDYw
NVoXDTMwMDEyNjE3MDYwNVowgbcxCzAJBgNVBAYTAlVTMRUwEwYDVQQHDAxEZWZh
dWx0IENpdHkxKzApBgNVBAoMIkhld2xldHQgUGFja2FyZCBFbnRlcnByaXNlIENv
bXBhbnkxHDAaBgNVBAsME0Nsb3VkIERhdGEgU2VydmljZXMxRjBEBgNVBAMMPUhl
d2xldHQgUGFja2FyZCBFbnRlcnByaXNlIENsb3VkIERhdGEgU2VydmljZXMgUHJp
dmF0ZSBTU0wgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDsXaE1
xEYqc2NAtp6rsg5VxQVVyOxOrDWenWI0t/IfNtSYW9y4HsAAMJQbUw9vWQ42tH5C
ftO9PNwbvTddQk8mmw+uf2N3fWovqpzgzu5466G1/QeW43KNfH0G59EDHY3H1AMA
kPQWsLExVDr++2Nq92HSqOJozVy40rNFZ3WDAv1/mDC6xwZ38Dj7XCauSkxMNt/I
OXd57w49sDqgXp8TnmeLKelsPAzVgANzKaq+fvdruKFs81Ig7cbvsNNmlpgc+W8j
P6DXcv6JYiDprs8CKAzlFJbjSfkytmfrYZj4a3V6pf491SAEGoilgewEoG854XlT
i0OjUWvtvrotbsr2NQ2otjXtgQGPk+3IZkv8Fe2nvpDvdYKG12nJaqP2zm2MkTcK
17tQiUMuaa1eaNJtTkk/bAdAjLXe0DCE5geNohaa8wMWTaWf9hwzWT5klOrtEqEv
45VN0m7bsSMYLTgRk9+9aeb03lOvIYPvumOYGYZ22T1kgcU2S6H25t5i5isgELC4
w6Vj30dvcso4u14LdDKMd0QP+xWzmy0BsJU0nZKcQQL4IcblHuxYFcMg8g2lbM86
7j4x5bhxsgKwKpuvbCB5VE/3XDEFUN1IdT3FPJGXA2a7S941IxvfuBI7oP9wo9tY
FaZcykhzdM8ynpykHAhCcS5B53x5WcaUAf1JKQIDAQABo1AwTjAdBgNVHQ4EFgQU
f8ptagj4hAIvCOj8bzJhKqiZFiUwHwYDVR0jBBgwFoAUf8ptagj4hAIvCOj8bzJh
KqiZFiUwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEA3p0J+cdKpXXz
o3G9EzSMGK7nKe8qom2pdThXz/vT43cMDuo0YIwofNy0xP6zXjqZ/5BeVcv6bg3U
FYNw21L8p8d2VunDcj0MnOZR+uri96Rf4fnP4yBsIttFnehmy3a+yMhccSLOVtQ0
PLKEnBRJBYUhcT1ub4GuuOMQ5WFhLGxaC02ehgxmgW9LczlPXI4U9sJvnCosGRUS
1qUp5HUNImF3llPAKIu/K7qLMcoTTdA2+BhamZ2EaOp5AaJCuKfMOuYzPPNSFVDK
2d1532khF5ruf4cys2SeNQ6J3zb6aC/FIhnS1TpEOjJjvc8Zz4IxFKq4Q4jeGjzB
Bxmg1241MphQRcdMUCWkvS+yZ+K7Rb09bChSa6ccFpLzH9qqcrVYFcMNRuw9Wbad
fceaxUVrHHcbtb4PvRZHi/qCMfRMhSU5/styKPOwWo09LkfE34CT1b1210ZLvzPM
bipDSvrkrdmf3prCwPx/J6KCqNLJrzVV+4qh3Tyagw3ZwxaQWnrY45LpYuYuF2fF
9QRsvxqcKPQ9lnPeQMaeP531oTnjV3x70RlJEzIP12UKMizAwbOhs47FXkoIF0V4
TiYmdc//ZI0cfr+hVDdCO0pemZxSDPR5L61+SuQxbvpqAwlhWeKu/ii34hLq+zRq
SZ41jw667iSA2xBKvcz3YFU/oe3o22Q=
-----END CERTIFICATE-----

Cert:
-----BEGIN CERTIFICATE-----
MIIGyDCCBLCgAwIBAgIUSm90JSOqaD9Vi9nEC7GThzt+Ck0wDQYJKoZIhvcNAQEL
BQAwgbcxCzAJBgNVBAYTAlVTMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxKzApBgNV
BAoMIkhld2xldHQgUGFja2FyZCBFbnRlcnByaXNlIENvbXBhbnkxHDAaBgNVBAsM
E0Nsb3VkIERhdGEgU2VydmljZXMxRjBEBgNVBAMMPUhld2xldHQgUGFja2FyZCBF
oErEBZ63wNS3xiY6cpdt4lMYgiV2a9m51mbKBMt9lTDn5qdcjXeILpAE9ps1HyU8
MjAwODExMTAzODQ5WhcNMjAxMTA5MTAzOTE5WjBdMVswWQYDVQQDE1JjZXJ0LTEu
c3VwcG9ydC10b29sLXRlc3QuZDk5NDYzYTItMmE0Zi00NTQ0LTkwZmQtYWQwNWJj
MGIyMzkyLmNsb3Vkdm9sdW1lcy5ocGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxxqcoMlg/yC2vdcK93osgVuCSuOu83vkcW1XvZbPVDTFNnpd
8U2kdYS/O712OYqbBD6ZkD4EzrQKGcIAjMJukq1b1/6nIXqf+Q6mCK9PETekx+/8
z7RAkpQwFf09pCDjGbTtq7zF9LMS9QgKVsl1FWnW66TdE5qwT3zb4aBLZz88OKN3
swqWUoooZrvPGiwIgww+nPm+HqNw1JJ2jRgaMBDyRyT6P9uAgpwtava2K8fF2ScY
irtJn7acqda8Arx1EJHeYjS9fn56qrxhi/rsI9pbdmG3sJ85EAVztL5rGIJccIqO
fcMsjUppC13m2jNgunfIlNOMi7zqZoz2QrjbQQIDAQABo4ICIzCCAh8wDgYDVR0P
AQH/BAQDAgOoMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4E
FgQUY6CrQ82HjWf6AxUScAJPGY1xrCgwHwYDVR0jBBgwFoAUf8ptagj4hAIvCOj8
bzJhKqiZFiUwUgYIKwYBBQUHAQEERjBEMEIGCCsGAQUFBzAChjZodHRwczovL2Fs
Yi51cy5zdGFnaW5nLmNsb3Vkdm9sdW1lcy5pbnRlcm5hbC92MS9wa2kvY2EwSAYD
VR0fBEEwPzA9oDugOYY3aHR0cHM6Ly9hbGIudXMuc3RhZ2luZy5jbG91ZHZvbHVt
ZXMuaW50ZXJuYWwvdjEvcGtpL2NybDCCAQ4GA1UdEQSCAQUwggEBoDcGDSsGAQQB
AtzGZZNJ+kI2Z6iszE7qP0ATJmW25wJmdB69CrMIrXMXHw+dFKAeewG6URzQlFib
oCQGDSsGAQQBgvBchh6CTwKgEwwRc3VwcG9ydC10b29sLXRlc3SgJQYNKwYBBAGC
8FyGHoJPA6AUDBIxMC4xMC4xMy4xMTE6MzI0MzWgJQYNKwYBBAGC8FyGHoJPBKAU
DBIxMC4xMC4xMy4xMTE6MzIxMDaCUmNlcnQtMS5zdXBwb3J0LXRvb2wtdGVzdC5k
OTk0NjNhMi0yYTRmLTQ1NDQtOTBmZC1hZDA1YmMwYjIzOTIuY2xvdWR2b2x1bWVz
LmhwZS5jb20wDQYJKoZIhvcNAQELBQADggIBAJw8jongJVsyFa/0EATnGHVGoZqZ
9eM7E/Mpmd3SBVY3qrzKMpNRuK8oDSJvusMUHDkK6xKwUnkVnI0F1oL3084KM+e8
mFkCDhwpMRTGzJdkfGBYtLBGBOpgXuO6sj20TrILuRdZKYhVaWnUJbbmwfz5uywH
RaOgD9fbldKJzOeZaaa9SXDVXWTZpQO6qyCuXq62JcmchfNid+5wvg3vvt9AT/zJ
ltwLxopEkECd0DAnJzY7ekOtC6pFy1KTWeP/ZHtn6+cT4wRdoF5or4wOOhFn8vDB
g2UbqCnGP5dlwvCfFMY8GF7e6kS3AUQXIkF1GvZ967nrIBq0uZVPuqL6QRBSVp6M
ansItywqSZyaixOPuAnzECrokQnMXRO4FVGyA0RVXZHOVC9HL0/xJDI8mSV0sIaa
ROdfu2+LWuSjFx3JKjoXtZ2bpQujl8d3jH0ak5VT4bjxRi9EOmJ8V9+a/dVqHBry
8ag7LtzwzesOO9wCikr6uHry+xib7iY87sWAhOYocjAr0DTXZA+P4ol64Vaw6Lyp
KyJ9/+MbPot2leJUSdP42IL1NGZrwYVSQQMKw+7qikaWXzoL7FDeaNohYHk+NOHl
IrYtujXBfkiYrz9FdZF0P8fYX7p2RyM19ri9cSoVRHLCrhnuHcD3YCh4kPLQFb6B
OdZKxkKH/8L0Bt0y
-----END CERTIFICATE-----

Key:
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEArZ9edVOqe9j5wbuMGPwBXEdDbq1dZIEfJhZX47J/Sv5lIvMr
xsFiepJrgOsTTiPrTlXvw5cVeYoBeHrpmq2OF9Yn1EyXammonwo+2qLncx366wvk
pcoImNFlsz5Cr30DEAwfmqLKrOt2vB5PGuO9vTkziJ2zHd2DjDD5MpIiFnt3CAuP
g2UbqCnGP5dlwvCfFMY8GF7e6kS3AUQXIkF1GvZ967nrIBq0uZVPuqL6QRBSVp6M
AtzGZZNJ+kI2Z6iszE7qP0ATJmW25wJmdB69CrMIrXMXHw+dFKAeewG6URzQlFib
y1r4xFgGJXa7DPRRZHOPXk9ZkKBPXLt4xoF7mQIDAQABAoIBAE6OvnmNuqTA3vj2
eARR+feb0vn//TLdbY+ZKnk/KXNwOaifqF4M4Bcfqv6w3pJLlEtkfNDdynysoc+2
pX40KwfEAU+AvD4Mwpv7UccxUFH47bBuOC1/hXZHwKFieV/Xy4v2QFKCd/vXqmih
uh8rjo1QlW2qFQJdWQkUm5xzHHNY+Eg8UAyJYN7Gx7hEP5I2r2a5U/FL+B5QAUkS
Fp6j9cbpRKnMa0aWWwQomsJ53GXUvJSFSvl7BY6Va58HcUl5SHxU27OHzsXRTNVQ
X7zJAuj7zJ0tgpGMBPyjGnhBItNsCKL9Xknd+F28yGsugTmxM0jhYy6jHKXHlEF8
Ju282gECgYEA5tPaPTmnminxKiuSzAojMl1CgU9xgYIBkqDPRxn+KcICx5WObUJZ
mlS8nQXdYlmP1kqe6UShQSc2+9NveNch9uqS2YlWunMty9zf0Y+lvsH6EMHz2RwH
TlU4seL/BmSgy3apDWfIvVPH8I9uEqTGYpDyGWM0dMVavNSgX5bGHsECgYEAwI59
nn6Y++JrxAPSh4TlwZ7pjWdHJ7TWbYQ6oKoPpaA39heWUXCVCLnaJi7ZM1Aij37H
JzIJxF913cuhWOb7kdduqOkPC4XIBIlnXtR+qMfvYwyjh5v7SvO4aUaK5AXpELgB
BnUTvJYL/sKdxEyRGkJS/OQ7sohT+xrd16K16tkCgYEAmY2DF8mb2i1eliwIap2v
zlhF3pnHq1ydyToayXTcJFFA4h52ce56hvUpx9dX744e5nIbhpg2IY6BwEJmXF/Y
41YmvHnlbQEkDQLxDYpeuyh1PuKXYe2IWq7MmWGlP05/vPpB+X36ByCN2FTB57sf
kgBUXVkmUyvacdWMnipBv8ECgYAgOPgOiNLi+83a3GTjprqn/wbIUesXWuyzIPiK
oErEBZ63wNS3xiY6cpdt4lMYgiV2a9m51mbKBMt9lTDn5qdcjXeILpAE9ps1HyU8
OkUDy4lkwt2uuMyBi21luJdPdym8UX5ibT8jRNy3AixSiBmUEls+1Jak1qlvENzk
0+araQKBgHK667Co/Kol49hfKiH6d4jch7SxGHpKaVupKW2i5GJsVj5uOdsqVI7E
wGuyBvvUlCvvgap+0A33OhQDv/UUHKD/WFLLN51vp52B7IQbWAI3pQo41kme4xrN
rm9MoNc0d7PUwyIW/VnfNd+XzAe7ieFnK1m+PQZtluPm8rvEmWi+
-----END RSA PRIVATE KEY-----

tar-secure-client-cert - Download secure client, config and certs and...

The tar-secure-client-cert sub-command enables you to download the bundle required to communicate with a backup store. It is the equivalent of running: download-config, download-secure-client and reissue-certificate.

To use this command, specify the Cloud Volumes user email and the ID for the backup store. This ID can be seen via a call to list-stores.

WARNING: Reissuing the certificates on a store revokes existing certificates and as such only the new certificates will be valid for the service. Therefore you must restart any running secure client with the new certificates in place to prevent transport errors.

Example usage:

To download a tar for communication with store id 7f2b882d-1aec-45d0-ae72-90241a422afa as user support-tool@hpe.com, run the following command:

bash$ ./cvbu-support-tool portal tar-secure-client-cert support-tool@hpe.com 7f2b882d-1aec-45d0-ae72-90241a422afa

Downloading: 100% |#######################################| Time:  0:00:18 699.2 KiB/s

verify-credentials - Verify Cloud Volume credentials

The verify-credentials sub-command enables you to verify your Cloud Volumes portal username and password. The sub-command will indicate if the credentials validate successfully or are invalid.

In the case of invalid credentials, you should verify that the username/password match and if required reset via the web-ui.

Example usage:

To validate the cloud volumes credentials for user support.tool@hpe.com, run the following command:

bash$ ./cvbu-support-tool portal verify-credentials support.tool@hpe.com

Credentials validated successfully