Redeploying Cloud Connector
This article contains instructions for redeploying the Clumio Cloud Connector in response to the Security Announcement: "Cloud Connector Upgrade Available - January 2022 (CVE-2021-41103)".
Who needs to upgrade
All customers who are concerned of being affected by CVE-2021-41103 (containerd vulnerability)
In order to start the cloud connector upgrade, there are few prerequisites which need to be met
- You need to have administrator access to both VMware and Clumio
- You will need to ensure there is enough space/capacity on the hosts/datastores where the cloud connector will be installed
- You will need to ensure no backups are running at this time
- You will need to have IP addresses available to configure cloud connectors during deployment. Each cloud connector needs one unique IP address.
Note: Customers who do not have the host capacity to deploy the new CCCs while the old CCCs remain will need to plan a re-deployment window during which the old CCCs can be shut down, while the new CCCs are deployed.
Please follow the listed steps to cleanly migrate from the previous cloud connector build to the new one
- Navigate to the Clumio Portal Page and copy the URL of the new Cloud Connector
- Go to the portal home page
- Go to VMware > Vcenters
- Click on any vcenter
- Click on Cloud Connector Settings
- Copy the Cloud Connector URL (This should be the same for all vcenters)
- Copy the Token to be used in Step 14b below.
- Once you have the Cloud Connector URL from step 1, you are now ready to deploy.
NOTE: Make sure to choose a non-backup window time or a time of the day, when no backups are running.
- The cloud connector can be deployed using these instructions from the user guide:
- https://west.portal.clumio.com/userguide/Content/Deploy a cloud connector.html
- https://east.portal.clumio.com/userguide/Content/Deploy a cloud connector.html
- https://canada.portal.clumio.com/userguide/Content/Deploy a cloud connector.html
- Log in to the vSphere client.
- Select the folder where you want to deploy the cloud connector, or create a new folder.
- Right click on the folder and choose Deploy OVF Template.
- In the URL field, enter the URL from the Connect vCenter window in the Clumio UI. Alternatively, you can enter the URL in your browser. This downloads the OVF template. Then, click Upload Files to add the OVF template.
Note: If you see a Source Verification warning message, click Yes to continue.
- Enter the virtual machine name for the cloud connector. Make sure to use a unique name for the cloud connector, particularly if you are going to deploy multiple cloud connectors, i.e. Clumio-01, Clumio-02, etc.
- Select the location that you want to deploy the cloud connector into and click Next.
- Select a resource pool for the storage and click Next.
- Review the details of the information to ensure it is accurate, and then click Next.
- Select the datastore for storage for the configuration and disk space. You must use a data store. Clumio does not support using the vSANdatastore. Click Next.
- Select a destination network for each source network. Click Next.
- In the Customize Template window, enter the following information:
- Username and password for the vCenter.
- The Clumio token, which you copy from the Clumio UI.
- IP addresses for the Clumio cloud connector (leave blank for DHCP). Click Next. You can also re-use the old cloud connector IPs.
- On the Ready to complete screen, verify that all the information is correct. Click Finish. The cloud connector takes a few minutes to deploy.
The Deploy OVF Template status bar at the bottom of the screen shows the progress. A message displays confirming the successful connection.
- Power on the cloud connector and finish the setup.
- Once deployed, go ahead and hit apply and verify that they are present in the UI.
- This should complete your Cloud Connector migration to the new version.
- Send a note to Clumio Support to confirm everything is in order.
Note: If you have enough capacity on the hosts in Vcenter, feel free to deploy the new ones and in parallel, decommission the old ones once the new ones have connected. You could also decommission the old connectors and then deploy new ones if insufficient host capacity is a concern.
Please email email@example.com with any questions/concerns.