Prerequisites for an Igneous Virtual Machine

Overview

Whether used for data visibility with Igneous DataDiscover or for backup/archive services with Igneous DataProtect, an Igneous virtual machine is deployed into the local virtual infrastructure using a file downloaded from the cloud.igneous.io portal. This VM will connect to your source systems, to the Igneous Cloud Management service in AWS, as well as your preferred destination for backup and archive data (if you are using DataProtect).

This guide will tell you everything needed to deploy, configure, and begin using your Igneous service.

Downloading the virtual machine

Using the link that was provided in the registration email you received, log in to the Igneous download portal, where you’ll see a Download link to obtain the Igneous DataProtect virtual machine package for your environment. Click the link to save the igneous-vm.ova file locally.

Virtual infrastructure requirements

The Igneous virtual machine will need to be deployed on a VMware host cluster that meets the following minimum conditions:

Assigning addresses for the Igneous instance

The following parameters will need to be provided at startup:

• IP address
• Subnet mask
• Default gateway address
• DNS server address(es)

If any or all of these IP connectivity settings will be provided via DHCP lease, some or all of the above parameters can be skipped.

Network access requirements

Internal network access

If your network has an internal firewall between your Igneous instance and your workstation, Igneous will need the following whitelisted on your internal firewall:

• Port 4900

Outbound network access

Your Igneous instance will need to maintain a connection to a few locations in order for the service to function. If your environment has a firewall that will block outbound network access for the Igneous instance, there are two options available:

1. Add the addresses below to your firewall whitelist
2. Configure a proxy during the Igneous VM deployment process

The Igneous instance will need full HTTPS/443 outbound access to:

• cloud.igneous.io
• The specific end point of your cloud instance (provided by Igneous)
• The AWS S3 US-West-2 IP ranges

Network Access to your Cloud (DataProtect Customers only)

If you are writing data to somewhere outside of your network, you may need to whitelist the IP range for that storage service and region.

To obtain cloud vendor specific IP ranges please visit these sites -

• Amazon Web Service
• Azure
• Azure US Government
• Azure Germany
• Azure China
  Note : The “AzureCloud” tag provides the IP ranges for that entire cloud (Public, USGov, Germany, China) and is also broken out by region within that cloud.
• Google Cloud Platform

Source System Access

The Igneous virtual machine will need full access to all unstructured data under management, i.e., to all files on all added NAS systems. NAS systems can be imported into your Igneous service at anytime after deployment of the VM.

Enabling this access will require specific configuration steps for each of these system types:

Target System Access (DataProtect only)

DataProtect writes backup and archive data directly to any public-cloud platform and tier, as well as any S3 or NFS endpoint. These targets can be configured in the UI at cloud.igneous.io at anytime after deployment of the VM.

To begin backing up or archive data, at least one storage target will need to have been configured with the following settings: