Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Dell PowerProtect Cyber Recovery 19.12 Installation Guide

PDF

Installing the Cyber Recovery software

Use the crsetup.sh setup script to install the Cyber Recovery software.

Prerequisites

Ensure that you satisfy all preinstallation requirements (see Getting Started).

For a Cyber Recovery software installation, we recommend using SELinux as the Linux Security Module for added operating system security. Because SELinux provides granular access control, be careful when configuring security contexts for Cyber Recovery files and directories.

About this task

The installation procedure takes approximately five minutes.

NOTE To deploy the Cyber Recovery virtual appliance, go to the next topic.

Steps

  1. Log in to the Cyber Recovery management host as root.
  2. Optionally, enable SELinux.
  3. Download the Cyber Recovery installation package to a directory with approximately 1.5 GB of free space.
  4. Untar the installation package: 
     # tar -xzvf <installation package tar file>
    The file is untarred to the staging directory (within the current directory). The extraction includes the crsetup.sh setup script.
  5. Go to the staging directory and make the crsetup.sh setup script an executable script: 
    # cd staging
# chmod +x ./crsetup.sh
  6. Verify that the prerequisite software is installed: 
    # ./crsetup.sh --check
    If any prerequisites are not satisfied, do not proceed with the installation.
  7. Use the hostname -i command to determine if there are multiple IP addresses that are associated with the management host. If the command returns multiple IP addresses, use the following command to specify the IP address for the Cyber Recovery software to use to communicate with the DD storage in the Cyber Recovery vault: 
    # export dockerHost=<IP address>
  8. If you need to impose specific Docker subnets, follow these steps. Otherwise or if you plan to readdress the Docker network after the installation, go to step 8.
    1. Stop the Docker services: 
      systemctl stop docker.service
    2. Add a default-address-pools definition for your environment to the /etc/docker/daemon.json file.
      For example: 
       

{
    "default-address-pools": [
        {
        "base":"172.18.0.0/16",
       "size":24
        }
    ]
}
      NOTE This code is an example; use values that are appropriate for your environment.
    3. Update the configuration: 
      systemctl daemon-reload
    4. Restart the Docker services: 
      service docker start
    5. Verify that the docker0: interface is allocated from the pool that is defined in step b.
  9. Begin the installation: 
    # ./crsetup.sh --install
  10. When prompted, press Enter to view the End User License Agreement (EULA). Enter q to exit the EULA at any time, and then enter y to accept the EULA.

    If you decline the EULA, the installation stops. Otherwise, the installation continues.

    The installation procedure attempts to create a Linux user (cyber-recovery-admin) on the management host in the Cyber Recovery vault. It assigns a reserved UID:GID of 14999 to the cyber-recovery-admin user. This user owns specific installation directories.

    If the reserved UID:GID 14999 is assigned to another user or the cyber-recovery-admin user exists but is not assigned the reserved UID:GID 14999, the installation procedure issues a warning message. Otherwise, the installation procedure continues.

  11. If the installation procedure displays a warning about creating the cyber-recovery-admin user, indicate if you want to continue or cancel the installation.
    If you complete the installation, the Cyber Recovery software operates correctly, however, a non-cyber-recovery-admin user might own some installation directories.
  12. When prompted, specify the directory where you want to install the Cyber Recovery software or press Enter to accept the default location.
  13. When prompted, specify the directory where you want to install the database or press Enter to accept the default location.
    Output is displayed about creating directories, loading Docker containers, and starting the Docker registry and MongoDB database.
    NOTE The installation procedure also creates internal IP addresses that enable communication between the Docker containers.
  14. At the prompts , enter and confirm a lockbox passphrase, database password, and crso user account password of your choosing.

    The crso is the default security officer and can be considered the superuser. You log in to the Cyber Recovery software initially as the crso.

    The passphrase and password requirements are:

    • Between 9-64 characters
      NOTE For FIPS compliance, the lockbox passphrase must be at least 14 characters, and after a power loss, the passphrase must be changed.
    • At least one numeric character (0-9)
    • At least one uppercase character (A-Z)
    • At least one lowercase character (a-z)
    • At least one special character: ~!@#$%^&*()+={}|:";<>?[]-_,^'.
    CAUTION

    Do not forget the lockbox passphrase; it cannot be recovered. If you forget or lose the passphrase, a fresh installation of the Cyber Recovery software is required.

    The lockbox passphrase is required to perform updates and reset the Security Officer's password.

Results

The installation procedure starts Cyber Recovery services and then exits.

The installation procedure loads the cyber-recovery.service file. If the Cyber Recovery management host restarts after a shutdown, this file directs the management host to start the Cyber Recovery services automatically.

NOTE At this time, the full system control options are not configured. If you run the systemctl command for cyber-recovery.service, the status is displayed as inactive.

Next steps

In your browser, go to the URL shown at the end of the installation script. Then, log in to the Cyber Recovery UI using the default Security Officer (crso) account and the password that you created.

NOTE If your system has an active firewall, ensure that the ports that are listed at the end of the installation script are open on the firewall.

If you:

  • Enabled SELinux in step 2, the Cyber Recovery software might not start after a reboot due to unlabeled context type and custom policies. Change the SELinux context (see Changing the SELinux context).
  • Readdressed the Docker network during this installation, verify that bridge interfaces and the Docker cr_back and cr_front networks are on separate subnets that are based on the default-address-pools configuration in the /etc/docker/daemon.json file.
  • Plan to readdress the Docker network, see Readdressing the Docker network on an existing Cyber Recovery deployment.

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\