Troubleshooting File Level Recovery (FLR) communication issue
File-level recovery requires N2WS to recover volumes in the background and attach them to a temporary EC2 ‘worker’ launched for the operation,
The worker will be launched in the same account and
region as the snapshots being explored, using a pre-defined worker configuration. the N2WS server use this configuration to know which VPC/subnet/SG to use for the temporary worker
You need to make sure that you have a worker configured for the account/region where you are using FLR
The AWS key pair that you are defining will enable you to login into the worker if additional troubleshooting or logs are needed
File Level Restore Worker needs to be able to connect to the N2WS Server over ports 22(SSH) and 443(HTTPS).
- You need to make sure that this ports are opened outbound in the AWS security group of the worker
- You also need to make sure that this ports are opened inbound for the N2WS server
- If the worker does not have public IP, you need to make sure it has a way to reach the N2WS server (for example VPC peering)
The most common issue is communication, You can test connectivity using UI or manually using SSH
You can test connectivity from the Worker by connecting to it over SSH(using "ubuntu" username) and running these commands:
For port 22:
- ssh cpm_server_ip_address
The result should be "cpmuser@cpmserveripaddress: Permission denied (publickey)."
If connection is blocked, you will receive (after a delay) "ssh: connect to host cpmserveripaddress port 22: Connection timed out"
For port 443:
This command should result in status 302 (redirecting to "/signin/") followed by status 200
Note: in order to be able to login to the worker instance over SSH you have to make sure that you have configured the workers to use a key pair in the worker configuration
2. FLR and ELB
Thanks for reading this guide,
N2WS Support Team.