Avamar: Backups are replicated to the target grid but not visible in the UI on the source grid

Remote (replicated) backups are not visible on the source Avamar grid.

The following values are correct in the /usr/local/avamar/var/mc/server_data/prefs/mcserver.xml file:

<entry key="allow_dest_replica_management" value="true" />

<entry key="allow_manage_remote_backups_at_source" value="true" />

<entry key="show_external_backups" value="true" />

The certificate changed on one of the Avamar grids and the other partner grid did not update the certificate correctly.

Perform the following on both the Source and Target Avamar grids:

1. Log in to the Avamar Utility Node as admin.

2. Elevate to root privilege.

3. Check for the existing keystores, and if they exist, make a backup copy:

ls -al /home/admin/.keystore 

cp -p /home/admin/.keystore /home/admin/.keystore.original_`date +%y%m%d`

ls -al /home/admin/.keystore*

ls -al /home/tomcat/.keystore 

cp -p /home/tomcat/.keystore /home/tomcat/.keystore.original_`date +%y%m%d`

ls -al /home/tomcat/.keystore*

ls -al /usr/local/avamar/lib/rmi_ssl_keystore

cp -p /usr/local/avamar/lib/rmi_ssl_keystore /usr/local/avamar/lib/rmi_ssl_keystore.original_`date +%y%m%d`

ls -al /usr/local/avamar/lib/rmi_ssl_keystore*

4. Get the replication partner information:

echo | openssl s_client -connect <partner-grid-ip-address>:9443 2>/dev/null | openssl x509 > /tmp/<partner>.cert.pem

echo | openssl s_client -connect South-West:9443 2>/dev/null | openssl x509 > /tmp/South-West.cert.pem

5. Import the partner information: 

keytool --importcert -trustcacerts -alias <partner> -file /tmp/<partner>.cert.pem  -keystore /usr/local/avamar/lib/rmi_ssl_keystore -storepass $(avlockbox.sh -r keystore_passphrase)

keytool --importcert -trustcacerts -alias South-West -file /tmp/South-West.cert.pem  -keystore /usr/local/avamar/lib/rmi_ssl_keystore -storepass $(avlockbox.sh -r keystore_passphrase)

6. Restart the Management Console Server (MCS), Enterprise Manager Server (EMS), and the backup scheduler:

mcserver.sh--restart 

emwebapp.sh--restart 

dpnctl start sched

7. If the remote backups still cannot be seen, stop the firewall service, and restart MCS, EMS and the backup scheduler again:

service avfirewall stop 

mcserver.sh--restart 

emwebapp.sh--restart 

dpnctl start sched

8. If, after stopping the firewall, the backups still cannot be seen, update the mcserver.xml file, and restart MCS, EMS and the backup scheduler again:

a. Make a backup copy of mcserver.xml:

cp -p /usr/local/avamar/var/mc/server_data/prefs/mcserver.xml /usr/local/avamar/var/mc/server_data/prefs/x-mcserver.xml.`date +%y%m%d`

b. Update the value of "get_backups_from_external_server" from false to true.

<entry key="get_backups_from_external_server" value="false" />

<entry key="get_backups_from_external_server" value="true" />

c. Restart the services:

mcserver.sh--restart 

emwebapp.sh--restart 

dpnctl start sched

9. Verify that the remote backups can be seen (this may take some hours to update)

10. When backups are visible, update the firewall rules:

a. Backup the existing rules:

cp -p /usr/local/avamar/lib/admin/security/avfwb_custom_config.txt /usr/local/avamar/lib/admin/security/avfwb_custom_config.txt.`date +%y%m%d`

b. Add the following rules:

|9090||9090|tcp||ACCEPT|OUTPUT|ALL|A |9090||9090|tcp||ACCEPT|INPUT|ALL|A

11. Edit the mcserver.xml file again and revert the value of "get_backups_from_external_server" from true to false.

<entry key="get_backups_from_external_server" value="true" />

<entry key="get_backups_from_external_server" value="false" />

12. Start the firewall service, and restart MCS, EMS, and the backup scheduler again:

service avfirewall start 

mcserver.sh--restart 

emwebapp.sh--restart 

dpnctl start sched

13. Verify that the remote backups are still visible after 24 hours.

If there are ongoing issues viewing the remote backups, create a swarm with the Avamar SCR team.