Daily headlines reveal a continued and urgent concern —cybersecurity attacks are now a daily challenge for business leaders. As businesses rely more on technology to reduce costs and improve productivity,…Incident Response: A Key Part of a Comprehensive Security Strategy
You might be forgiven for assuming that, if you selected a Cloud Management Platform (CMP), backup and recovery solutions from strong market leaders, automating your cloud with seamlessly integrated, application-aware, policy-driven Backup as a Service (BaaS) would be a no-brainer.
Tried it lately?
VMware’s vRealize Automation (vRA) is the prohibitive favorite choice for running corporate clouds. According to IDC, vRealize Automation not only nearly doubles the market share of its closest competitors in Cloud Systems Management, it leads in share and growth rate for Datacenter Automation Software.
Veeam is both the fastest growing software vendor and, according to Ovum, the top pick for Data Availability and Protection.
Both solutions have great market presence, large satisfied customer base and extensive ecosystems. However, until now there has not been a simple path to automated, policy-driven and application-aware backups from within vRealize Automation.
There’s an Arthur Bloch saying that I have always liked, “Don’t force it, get a bigger hammer.” In this case though, we don’t need a bigger hammer, we need a better hammer.
Current instruments are limited in backup options
Back in The Dark Ages (say last year), most cloud teams had limited options for backing up applications. They could either:
- Have the backup team execute traditional automated backups that had poor visibility into application requirement inside of VMs
- Manually implement policy-based backups.
It may go without saying, but I’ll say it anyway — backing up without clear visibility into application-level requirements is bad and, at least for clouds, any repeating activity that requires manual operations is probably even worse.
To be clear, here’s what we need to be able to do on the way to policy-driven and application-aware backups:
- Set specific backup job(s)
- Have those applicable across tape, disk to disk to tape, deduplication, on premises or cloud-based backup
- Recover to a specific restore point
- Recover to a specific folder or file
- Back up instantly
- Change any of these policies and entitlements
- Apply them across vRealize Automation machine endpoints.
Fortunately, there is now another and much better option.
A “better hammer” – Veeam and vRealize Automation integration
vRealize Automation can now be seamlessly combined with Veeam Availability solutions to deliver you the desired level of automation for cloud backup and recovery. This integration is implemented through the SovLabs Framework, which features an architecture that quickly, repeatedly and safely integrates third-party solutions for IPAM, DNS, load balancing, service management, (pauses to catch breath) configuration management, platform-specific extensions AND (drum roll, please) Veeam Backup as a Service, natively into vRealize Automation.
Leveraging the SovLabs Module Framework the Veeam Backup as a Service module allows you to assign backup job, self-service VM and file/folder-level recovery and instant backup directly in vRealize Automation.
What does the new integration deliver?
- Simple setup
- Ability to address one or more Veeam Backup Enterprise Manager Endpoints
- SovLabs Backup Profiles with the following features
- Ability to allow the end-user to choose the Veeam Backup Enterprise Manager endpoint and/or protection job at time of request
- Pin backup job(s) to vRealize Automation blueprints
- Self-service VM recovery
- Self-service file/folder-level recovery
- Self-service instant recovery with VeeamZIP
- End-user notifications
To drive the final nails
For a variety of both technical and non-technical reasons, backup is good and necessary. Actually, good backups are good and necessary. Less-than-good backups are ticking bombs. To ensure that backups add value to your enterprise cloud environments, those backups have to be application-aware, policy-driven, and automatically provisioned.
Fortunately, that functionality is now driven all the way home by the powerful combination of VMware, SovLabs and Veeam solutions.
- A new white paper by Michael White Building a self-service backup & recovery portal with VMware vRealize Automation
The post Backups for your cloud: Don’t force IT, get a “better hammer” appeared first on Veeam Software Official Blog.
If you haven’t heard of Instant VM Recovery, you need to go and read up on it here. Veeam describes it as follows:
“With Instant VM Recovery, you can immediately restore a VM into your production environment by running it directly from the compressed and deduplicated backup file. Instant VM Recovery helps improve recovery time objectives, minimize disruption and downtime of production VMs.”
A lot of discussion and thought goes into designing backup solutions for adequate capacity, performance at an affordable cost. Normally the focus is on the backups, but we also need to think about the restores. The faster the restore, the less down time and economical loss. Instant VM Recovery is there to achieve the fastest possible restore time. This works great, but at scale, you need to worry about the performance of those virtual machines you made available so quickly and how the operations involved impact your environment. We’ll discuss some key design considerations to make Instant VM Recovery shine.
Next to Instant VM Recovery, many design points here will also benefit and optimize “normal” backup and restores. But when time and scalability are the most important factors during restores, Instant VM Recovery is a great feature. The benefit of speed when getting a service up and running is clear. When you do this for only one or a couple of VMs, knowing this option exists might be all you should care about. But when you might have different external and/or internal customers with hundreds or even thousands of VMs, things change a bit. Consider the case when you have a subset of virtual machines that are so important your recovery time objective becomes mission-critical. You can have all the High Availability and redundancy you want, no mission-critical service should exist without a plan to restore it as fast as possible when things go south.
What if you would like or need to restore multiple virtual machines, dozens or more, simultaneously? How do you ensure that the performance of those virtual machines that you got available so fast is adequate and that you can handle the required number of concurrent restores within a certain time frame? On top of that, can you do this without causing too big of a negative impact on the workloads that are still running or that are being restored at the same time?
Optimizing versus overdesigning
I have designed a couple of smaller solutions leveraging Instant VM Recovery for a few mission-critical services. The number of VMs involved ranged from a 6 to 30. I also helped come up with a larger scale design for a broader capability to do so. That scenario was driven by the desire to reduce the time needed to recover from a whole-sale disaster such as either storage corruption (it does happen) or even a ransomware attack. Even when the backups themselves are not affected (different storage than the VMs) or not encrypted so they don’t need to be recovered from an off-site/air-gapped system, restoring might just take too long. That could make paying the more economically feasible option, if that even works (yes, ransomware operations can also have SLA issues). The design aim was to deliver fast, parallel VM restores in combination with known established restore priority for all VMs in order to get up and running as fast as possible. All this at a lesser cost and in less time than paying for the decryption key after one major ransomware attack and decrypting the backups and/or workloads. It is that simple, but perhaps not that easily done. The biggest concern next to speed was to protect disk-based backups form the ransomware. Hardening the repositories and protecting access (Multi-Factor Authentication) is key here. I myself always like to have multiple options to recover data fast like application-consistent SAN Snapshots that are replicated across arrays or air-gapped copies, (i.e. Tape or Virtual Tape Libraries). Some organizations don’t have that capability and for them it’s even more critical to make sure what they have is rock solid.
Optimizing is always about checks and balances, otherwise it becomes geeks indulging in overdesign. To be clear, I’m not stating or claiming you need to be able to restore all your VMs super-fast and without too much performance impact via Instant VM Recovery. However, if you get your 20, 50, 100, … most critical VMs for mission-critical services back online this way, you’ll get your business moving again while you wait for the remainder of the services to come back online. What I have built has sometimes been called over the top, but I have seen too many cases where backups and restores are just a low priority and any solution will do as long as there is one. Normally, that goes well until restore time comes around.
Please note that you always have to look at your backup design and the placement of your Veeam components in multi-site environments when it comes to optimizing for backups and restores. In that respect, Instant VM Recovery is not magic.
Finally, I do not cover the dark moments you will face and need to overcome during a ransomware event. Like your clusters that are not really playing well with encrypted resources. You need to stop the attack or you’ll just be adding new files to encrypt into the environment. Those days are long, dark and far from easy.
Prerequisites to performance
The goal here is to have very fast restores of multiple virtual machines as fast as possible and to have those run without significant performance loss or impact on other workloads. This requires:
- Fast reading from the backup targets
- A fast network fabric for data movement
- A fast restore target (can be the backup source) to ingest all IO involved
That’s where we focus on here. In essence, this is quite simple. You need ample resources (compute, network, storage). Simple is nice, but is it easy to do? Sizing is difficult, but the options and technologies for optimization are not that different for normal versus Instant VM Recovery.
The faster your backup storage target is the better the performance of the instant recovered virtual machines can be as the data is being read from there for both restore and operation of the VM. Your network needs to be able to handle the traffic elegantly. 10Gbps (or better) is the way to go. Finally, the storage, where your virtual machines are recovered to, needs to be performant as well. For one, all the new IO is written there, so you want the storage to be able to handle that while the data is being restored simultaneously from the backup target.
When you’ve taken care of compute, network and storage in terms of performance of individual components (scale up), scale out comes into play. This is where you add multiple backup targets and restore targets for Instant VM Recovery to leverage, to be able to restore more virtual machines simultaneously. Let’s look at this in a bit more detail.
Backup target considerations for Instant VM Recovery
On the backup side we try to have a solution where the most recent backups land on the fast storage, offering great backup throughput. This gets expensive, so we need to offload older backups to a more cost-effective solution. Depending on the storage array, older backups can be tiered down to a less expensive storage or copied to a lower tier backup repository. There are options here with entry level SANs, S2D. Not all solutions provide shared storage nor do they need to. That depends on the requirements for your backup targets Availability. The goal here is to provide a cost-effective and efficient way to store your most recent backups on a performant storage. That could be the first four backups of the day or the daily backups of the past two days, etc. Again, this depends on your needs. This can most certainly involve some SSD or even NVMe layer.
The key point here is that the backups you’ll use in an Instant VM Recovery scenario are most probably the most recent ones from the latest restore points. These reside on a fast storage and as such give the best possible performance during the Instant VM Recovery process. Especially when multiple instant recovery jobs are running and other backup jobs are still active. Data is being read for virtual machine IO as the VM is “instantly” available (disk mount). But data is also being read to recover the VM (data restore). all while other backup jobs might be writing to that target.
Let’s look at some examples. Depending on the scale and budget, you have different options. We’ll look at three of them. Whatever works for you will do, and there are variants on these as well as other options out there.
Buy a decent entry-level SMB/SME SAN (that doesn’t have to break the bank any more) with configurable tiering. Have a lower capacity tier 1 storage layer for the backups to land on and set a storage progression policy that moves data older down to a tier 2 higher capacity storage layer. You can build both highly available or non-highly available backup repositories with this. As long as the IOPS and latency can follow, you can add repositories to the SAN. If not, you can have more of them and scale it out. As a rule, try to avoid having the same storage array type for your workloads as for your backups. Firmware bugs that can potentially lead to data corruption do exist and you want to minimize your risk.
Deploy Storage Spaces Direct to benefit from High Availability, multiple target servers with ReFS Multi-Resilient Volumes (MVR), providing protection and mirror-accelerated parity that you can size tweak so it can hold “hot” (recently written) data for a while in an SSD mirror before moving “cold” (data that wasn’t accessed when the threshold for moving the data is exceeded) data to the less expensive capacity tier. This has scale up and scale out capabilities.
Build a tier 2 backup solution, perhaps only for backups of those VMs that require the fastest possible backup and restores. This could involve a couple of 2TB SSD/NVMe drives with short retention backup jobs and have those backups copied to cheaper, long-term archival backup targets. Those can be on the same repository host(s) or on different ones. You can leverage Veeam Backup Copy jobs to create a tiered backup repository within the same backup repository or between different repositories.
Normally, these solutions are not highly available, but you can add some protection against storage failure in the usual ways.
Note: You will be hammering that “tier 1” in any solution, so make sure you use write intensive models. If you have an AFA with 60 SDD for virtualization workloads, you can get away with MLC as the IO is distributed over all the disks, but in the case of the backup target here, you are hammering a small set of disks continuously. So, design accordingly.
In the next article, we’ll continue with the discussion with network and restore target considerations, so stay tuned!
The post Instant VM Recovery considerations for modern data center appeared first on Veeam Software Official Blog.
It’s a really exciting day for all of us in the Service Provider Business as we are formally disaggregating the Cisco IOS XR operating system. You can read specific details…Yes – Cisco IOS XR Is Disaggregated!
Cisco announces a five-year, $50 million commitment to Destination: Home, a San Jose-based public-private partnership that provides permanent housing to homeless people, thereby changing the trajectory of their lives.Our Commitment to End Homelessness in Santa Clara County
Many hardware and software vendors frequently organize international events to announce new products and to outline new trends and developments. How important is it for customers or partners to attend these conventions? I would like to share my personal experiences about visiting VeeamON that changed my whole view on traveling to global conventions. This is not going to be a VeeamON sales pitch. I will try to explain how VeeamON became a game changer for me.
I’ve been using Veeam Software for more than a decade and whenever I rolled out a vSphere Cluster, it was coupled with Veeam Backup to guarantee Availability.
In recent years I went to regional Veeam events like the VeeamON Tour, or I took part in VeeamON Tour Virtual events. I thought that this should be enough to learn more about new features and developments in progress and there would be no need for me to travel far to an overseas convention. But I was wrong.
In late 2016, a friend convinced me to visit VeeamON 2017 in New Orleans. There were two factors that triggered my decision to go there. First, I was curious about the event and second, I was attracted by the amazing location. New Orleans Louisiana a.k.a. NOLA. Gators and Jazz, French Quarter and steamboats. Cool software in a hot city. Let’s do it!
There are a couple of reasons that might keep users and customers from coming to international conventions. Usually it’s time and money. Project schedules are often tight and it is difficult to get some spare time off. But the bigger obstacle is money. You need flight tickets, accommodation, and a conference pass. Not a big deal for large enterprises, but many customers are SMBs with a limited budget. Freelancers like me have to pay the expenses on their own (but at least they don’t have to ask a boss for permission).
Looking back, I must say it was totally worth it and I should have considered coming to VeeamON earlier.
Although I’ve attended a lot of regional Veeam events so far, I can confirm that you cannot compare them with the original VeeamON. Nowhere else you will have the chance to meet so many experts from all over the world in a single spot. You can get in touch with Veeam product managers and developers, get some firsthand information and ask them detailed questions about features or address feature requests. They will happily listen.
It’s also a great opportunity to socialize and network with customers, partners, expert bloggers and leaders from all over the world.
There are more than 80 sessions to attend. You have to choose wisely, because you can’t see them all as there are several sessions held in parallel. Attending in person is the ONLY way to get in touch with the speakers, follow the discussion and ask questions. And that’s the most important point about coming to VeeamON: getting firsthand information and an outlook to new developments and features. If you’re lucky, you might get some insider information.
Besides the sessions, there is also the expo. A technical exhibition about the whole Veeam ecosystem. There are partners, cloud providers, and hardware and software vendors. Great to learn more about Veeam and partner technologies.
As I mentioned above, it’s important to socialize. There are many occasions to do so. For example, the breakfast and lunch breaks where you can randomly join some other visitors at the tables. Don’t be shy, start a conversation. You might be surprised and find out that the person next to you does something very cool, or turns out to be product manager of a software or hardware you’ve been using for years.
On every conference day there’s an evening program. Either in the convention center or in locations outside. It’s nowhere easier to chat over a beer with a developer or a product manager. I’ve met a couple of very interesting people. By chance I’ve found myself chatting with some well-known bloggers, whose posts I used to read for years. Without visiting VeeamON, I never would have had the chance to meet them. After the conference I kept in contact with the Veeam IT Pro community and I was also invited to join the expert’s panel during VeeamON Tour Virtual.
When VeeamON 2018 registration opened, I didn’t hesitate. I booked my trip to Chicago.
If you haven’t already done so, go to the VeeamON 2018 registration page and think about buying a ticket.
If the decision is not yours, ask your boss for support. I know in some companies this isn’t easy. But maybe you can remind him/her that you’ve done a good job with a project in the past and you want to improve your knowledge. At the end of the day, both you and your company will benefit. More knowledge, more sales opportunities, more expertise. Knowing someone personally, makes it a lot easier to ask him or her directly if you encounter a special question in the future.
If your current company refuses to support your visit to VeeamON, there’s also a slight chance to win a free ticket. Veeam and partners sometimes have giveaway draws (unfortunately I didn’t win – but good luck to you). All you have to do is follow announcements on the Veeam website and in social media.
For those who do not have the time, or the funding to go to VeeamON this year, make sure to watch at least the recorded sessions, which will be available shortly after the convention. Try to visit a local VeeamON Tour in your region to get an abstract of VeeamON by your domestic Veeam Team. And maybe you’ll get the chance to visit VeeamON in the future.
The post Why to attend VeeamON – seen from a partner’s or customer’s point of view appeared first on Veeam Software Official Blog.
What does it take to back up MySQL on a Linux VM? This is a riddle we sometimes hear at Veeam: When running on a Linux VM, how does one quiesce MySQL databases? Unfortunately, there are not many new ways to answer this riddle, and the answers we currently have are already tried and tested!
The answers can be found in our popular white paper Consistent protection of MySQL/MariaDB with Veeam, written by Solutions Architect Pascal Di Marco. The paper is available for download on our website and describes three different methods for backing up MySQL/MariaDB on a Linux VM. Two hot backup methods running pre- and post-snapshot scripts, and cold backup using database shutdown. This makes use of VMware tools installed on the Linux VM. It is not straightforward like a Microsoft SQL quiescence, because Linux doesn’t have a VSS mechanism like Windows does.
Described are methods of backing up MySQL/MariaDB on a Linux VM using activated scripts local to the database. VMware can run a script to act before the snapshot is created, known as the pre-freeze script and can run a script to do things after the snapshot is created, known as the post-thaw script.
Here’s a quick summary:
Option 1: Hot backup — Database online dump
The mysqldump command copies a database to storage accessible from the MySQL server, taking an online dump of each database without disrupting the MySQL service. This method lets you take a transaction consistent backup of databases but more steps are needed to perform a restore. As with Option 1, the pre-freeze-script will only run if you have the VMware tools running.
Advantage: This allows for 100% uptime; the MySQL service does not stop and the dumped databases are in a transaction-consistent state.
Disadvantage: Depending on the size of your databases, the process may take a considerable amount of time to achieve. A second copy of the database means extra storage space is required to maintain it.
Option 2: Hot backup — Database freezing
Stop the MySQL service for a few moments while the snapshot is created, then start it again. The post-thaw script will not run until the snapshot is created. The pre-freeze script and post-thaw script will only be able to run if you have the VMware tools running in your MySQL server.
Advantage: This is quick and simple, allowing you to take a transaction of all databases with no additional disk usage local to the MySQL server.
Disadvantage: Databases running on the MySQL server will briefly be unavailable, and applications that need 100% uptime may not find this suitable.
Option 3: Cold Backup — Database shutdown
In this method, the application service will be stopped during snapshot creation and restarted once the VM snapshot has been created. It requires permission to start and stop application services but does not require MySQL user permissions. You can authenticate by either using the MySQL default configuration file or hardcoding the username and password in the script.
Advantage: This is easy to set up and doesn’t take extra space. It provides a short RTO, since no further action is required aside from booting the restored guest.
Disadvantage: The databases will be totally unavailable while the guest snapshot is created.
Guest recovery: The cold backup and freeze method will leave the database consistent and able to start up without additional operation, so restoring the VM from the backup files is the only operation to perform. The guest recovery may benefit from Veeam’s Instant VM Recovery feature, which lets you boot up the guest directly from the Veeam Backup Repository in minutes.
Additional dump restoration: The extra task of injecting the dump file into the database using file redirection is necessary if the following is true: The issue is not limited to a database outage, the entire VM must be recovered from the Veeam Backup file and the database dump method has been used.
Veeam U-AIR database restoration: Whether it is a granular or a full database restoration, Veeam U-AIR wizard can be used in conjunction with any relevant database management tool such as MySQL Workbench to recover a database item.
In my previous blog, we walked through Veeam Agent for Microsoft Windows configurations and ways it provides for backing up data on travelers’ laptops to a cloud provider. Now should you need to recover your data, let’s see how to do it and which options you have with Veeam Agent.
Restoring files and volumes from a cloud backup
Now that we have a full backup in the cloud, we are able to restore individual files along with volumes to our workstation using the Veeam Agent console. To restore individual files, simply open the Veeam Agent console, click on whichever restore point you intend on using, and select the “Restore files” icon. Should you have a need, you can also restore entire volumes from the cloud using the “Restore volume” icon.
Restoring volumes directly from the Agent console can be useful for imaging a secondary or attached drive; however, if the boot volume is in need of restore, we must rely on the Veeam bootable media we created earlier. At its core, Veeam bootable media is nothing but a stripped-down Windows image that includes a number of useful utilities outside of the Veeam functionality.
After booting into the Veeam Recovery Media, we are greeted with the main menu, and can select three options: Bare Metal Recovery, Windows Recovery Environment, and Tools (Figure 1).
Figure 1. Veeam Recovery Media main menu
Bare Metal Recovery is how we’ll be restoring our volume from the cloud. Windows Recovery Environment allows you to boot into a live version of Windows for use in recovery, but requires a valid Windows image to do so. Tools contains a number of useful utilities that may come in handy during restores.
The following tools are available in the Recovery Media:
- Command Prompt – Just as you’d expect, this opens a Windows command prompt to run any native Windows commands that would be necessary.
- Memory Diagnostic – A diagnostic utility for testing system memory.
- Reset Password – A password reset utility to edit the Windows SAM file and reset local user account passwords.
- Startup Repair – Windows startup repair utility.
- Load Driver – Utility used to load storage or networking drivers should they be needed.
- Export logs – Utility to export logs from the recovery appliance debug to attached storage.
As we can see, there are several incredibly useful utilities included with this bootable media, which makes it even more valuable to carry in your laptop bag.
Now, let’s assume this workstation had a failed hard drive. The new drive has already been replaced, and we’ve booted into our recovery USB media. Restoring the volume is easy, first we’ll head back to the main menu, and select “Bare Metal Restore.” We’re then asked where our backups are located. Since our backups exist in the cloud, we’ll select “Network storage.” Next, we’re asked what type of network storage. In our case, we select “Veeam Cloud Connect Repository.” You can also edit network settings using the “Configure network settings” icon to ensure you have access to the internet. After proceeding and entering the cloud gateway address of our cloud provider, we’ll need to enter the same credentials we initially used to configure our backups. These can be reset by the cloud provider if necessary, but it’s wise to keep them on hand to prevent any delays in the restore (Figure 2).
Figure 2. Credentials
Next, we’ll be shown any available agent backups in the cloud repository that were created under this specific subtenant account (or a tenant account depending on the user account type and credentials provided). As you can see, in our example, the backup is encrypted. We’ll need to attempt to expand the backup and enter the encryption password before being able to proceed (Figure 3). Unlike Cloud Connect credentials, this password cannot be changed by your service provider, and it’s critical that this encryption password is kept secure. Should this password go missing, there is little that can be done to recover the data inside (hence the nature of encryption).
Figure 3. Choose the backup
After we’ve entered our backup encryption file and continue to the next screen, we’re asked to choose which restore point we will restore from. Generally, in this instance we’ll be choosing the latest restore point, but in the event we’re restoring from a crypto virus incident we may have to choose an older point (Figure 4).
Figure 4. Restore point
Finally, we’re asked to select the restore mode. In our case, we have a small workstation with a blank hard drive so we’ll be restoring the entire computer, but notice the two other options available:
- Restore System Volume – This option should be used if there is a problem with the workstation’s bootable partition, and we only want Veeam to restore the bootable system volume. This is the fastest way to restore a machine, especially if the workstation has a system volume and a data volume. In such an event, we’ll restore the system volume to get the workstation up and running as soon as possible so our user can work, then perform individual file restores or a full volume restore of the data volume using the Veeam Agent console.
- Manual Restore – “For Advanced Users only” should there be a need to manually edit the partition table of the target disk. There are a number of use cases for this option, namely restoring to smaller or larger drives and adjusting partitions manually.
After selecting “Entire computer,” we simply enter the summary tab and proceed with the restore. Depending on the size of the image and your bandwidth, this could take quite a bit of time, so it’s best to ensure the workstation is plugged in and has a reliable internet connection.
With our workstation fully restored, we’re now able to remove the bootable media, and our user can continue working as normal in record time. In the past, this same user may have needed to purchase a brand-new machine, remove the inevitable bloatware, re-install all of their applications, and finally download all of their files through the cloud. Since we’re using Veeam Agent for Microsoft Windows however, the entire process comes down to replacing a hard drive, booting from the recovery media, and restoring the backup. Our “road warrior” can now continue on with their travels relatively un-impacted by the loss of a critical workstation component.
The post Restore from a cloud provider with Veeam Agent for Microsoft Windows appeared first on Veeam Software Official Blog.
One of the best things about Veeam Agent for Microsoft Windows is the ability to back up to and restore from one of the many Veeam Cloud Service Providers. This functionality opens up a new use case for Veeam Agent for Microsoft Windows, the business traveler.
Bridging the Availability Gap for “road warriors”
Anyone who has travelled extensively for work knows the hardships involved in ensuring your local data is secure and recoverable. Laptops, after all, are fragile and susceptible to fatal damage from short falls and bumps. To ensure the highest Availability of local data, a traveler would generally have to utilize two methods of backup: File-level backups to a provider, and volume-level backups to a USB drive. In this case, should data be accidentally deleted or over-written, it would be easy enough to pull down a previous copy using the file-level backup, and in the event of a hardware failure, the volume can be restored to a different hard drive or workstation from the USB drive. While this strategy did work, there are a number of short-falls that lead to an Availability Gap. For starters, travelers may not always have access to the internet, or may choose to disable file-level backups while on metered connections, preventing local backups from running. As for volume backups, USB drives can be cumbersome, require the user to remember to plug them in for backups to run, and not to mention that they are susceptible to being lost or damaged alongside the workstation, rendering the backup useless.
In order to address the issues that plague travelers, Veeam has introduced the following features into Veeam Agent for Microsoft Windows:
- Backup directly to a cloud provider – This functionality provides the backbone of protecting traveler’s workstations. The user or administrator can now perform backups of the entire computer, individual volumes, or file-level backups, directly to a cloud provider from anywhere in the world with an internet connection.
- Local backup caching – Having full knowledge that travelers may occasionally find themselves without reliable internet access, Veeam has introduced the ability to create a backup cache on local storage for use during these times. During times of unreliable internet access, Veeam Agent for Microsoft Windows will utilize this local storage to house any new incremental backups. Once unmetered internet access is available, it will immediately push these backups up to the cloud to ensure they are stored safely off-site.
- Bare metal recovery from a cloud provider – In the event of hardware failure of a local machine, the traveler is able to utilize the Veeam bootable recovery media to connect to their cloud provider from new or replaced hardware, and initialize a full volume restore. You are able to import drivers into the bootable recovery media for easy recover to dissimilar hardware, and as long as there is adequate free space, you can restore to a smaller or larger disk.
- Cloud provider sub–tenants – Previously, a cloud provider would generally create a single tenant for a customer with one large quota for all of their backups. To allow for ease of management and user isolation, Veeam has introduced the ability to create sub-tenants. Administrators can now assign individual quotas to each sub-tenant to ensure backup-happy users do not over-utilize all of the available cloud storage, while at the same time ensuring no tenants have access to each other’s backups.
- Scheduled backups and backup events – For most traveling users, scheduled backups may not always be ideal. Who knows if at 10 PM will be the optimal time to backup, and what happens if the workstation is off at that time? With backup events, Veeam is able to schedule backups automatically if you either lock, or log off of the workstation. You can also force backups to complete if the workstation is powered off during the scheduled backup time, and Veeam will even shut the computer down for you once the backup has finished.
Configuring backups to a cloud provider
Now that we’ve covered all of the great things Veeam Agent for Microsoft Windows has to offer to “road warriors,” let’s go over some best practices for configuring these jobs. If you run into any hiccups, you can always review the Veeam Agent for Microsoft Windows User Guide.
Creating a recovery media
After installing Veeam Agent for Microsoft Windows, you are asked to provide some form of removable media to act as a backup target. Since we’ll be backing up directly to a cloud provider, this is un-necessary and can be skipped. You’ll then be asked to configure your bootable recovery media. In the event of any sort of hardware failure, this media will be used to restore the workstation from any available backups to either similar or dissimilar hardware. Should your organization have standardized hardware, you’ll likely want to choose to create an .iso of the bootable media, however, you may also choose to burn the image directly to an inserted USB key or CD-ROM/DVD. It is critical that this media is distributed to any traveling user. Not only is it vital in performing volume-level restores, but it also includes numerous utilities that will prove useful for system recovery. For our example, we’ll be creating an .iso of the recovery media which can later be burned to external media.
Should you have skipped the initial recovery media creation step, you can also navigate to the “Tools” folder under the Veeam program files entry to start the wizard. The first screen (Figure 1) shows the available options for creating the bootable media. In our example, we see we have a 1GB USB drive, along with the option for creating an .iso image, which we’ve selected. We also have a number of options for this recovery media. I’ve chosen to not include decryption keys in the recovery media for security reasons, and I’ve also chosen to include the network connection settings and hardware drivers for this computer to allow for a seamless restore for my users. You may notice that we can also choose to include additional drivers for storage and network, should we be creating an image for other physical hardware, we can utilize this feature to automatically inject drivers into the recovery media. Don’t fret if you’ve skipped this step as you’ll be able to inject drivers into the bootable recovery media after booting as well.
Figure 1. Bootable media creation
After configuring our recovery media, we’re prompted to save the .iso. You can either save it locally or choose a CIFS share and enter the credentials needed to connect if necessary.
Click “Next” and you’ll be asked to verify the configuration, and then the .iso file will be created. Just a reminder that it is critical this image be burned to either a CD/DVD or USB and included in all traveling equipment.
Now that we have the product installed, we’ll be asked to perform an initial backup job configuration. You’ll be prompted for what backup mode you’d prefer. For our purposes, we’ll be choosing an entire computer backup to ensure all of our volumes and files are backed up to the cloud. We’ll also want to choose the “Veeam Cloud Connect Repository” option (Figure 2).
Figure 2. Backup destination
Under the Service Provider tab, you’ll enter the DNS name or IP address of your preferred service provider, which should be supplied to you upon signing up. You’ll also be asked to supply a port. For our purposes the port will remain the default of 6180, but this may be different depending on the service provider you choose. On the next screen you’ll be asked to enter the credentials for connecting to the service provider. These should also be supplied to you by your chosen Veeam Cloud Connect service provider. In this case, we have a subtenant “bjervis” of the fake company “Jervis Holdings LLC.” Note that subtenant usernames are entered similarly to an Active Directory domain and user account. In this case, the main tenant account is “Jervis Holdings LLC” and the username is “bjervis,” separated by a “” (Figure 3).
Figure 3. Credentials
Next, we’ll see the allocated backup resources to our sub-tenant. Note that we will only see the resources allocated to the subtenant, and not the full resource allocation of the primary tenant. We can also configure retention period for this backup, which is different than a standard Veeam backup in that it keeps backups based on “how long since the machine has been running.” In this case, if the machine has not checked into the cloud service provider for a lengthy amount of time, backups will not be removed, even if they surpass the retention period (Figure 4). We also have the option to configure advanced settings. Here we can configure synthetic/active full backup settings, along with compression, deduplication, and encryption settings. Encryption should be used to secure your data while sending it across the internet, and avoid raw access to your backups for the service provider, however, the administrator should ensure the password is saved in a reliable, secure location. It is never fun having to tell a customer that their backup data is almost useless because they lost their encryption password.
Figure 4. Backup configuration
Next, we’ll configure our backup cache settings. As mentioned previously, backup cache is a local storage that will be used to store backups in the event a cloud provider is unavailable. In my example, I have a 1 TB spinning hard disk assigned to the D: letter that is separate from the SSD running my OS on C:. Since I’m already low on space on my D: drive, I’ve assigned it a total maximum size of 10 GBs which should be sufficient for the small incremental backups I generate while on the road and unable to connect to an un-metered internet connection. However, if you have the space, it’s wise to keep more space reserved for a cache (Figure 5).
Figure 5. Backup cache
Finally, we reach the schedule configuration. Here we can see I have configured my workstation to backup daily at 12:30 AM. Since I rarely turn my workstation off, even while traveling, this will be sufficient for my needs. However, we can also configure the backups to kick off following a Lock, or Log Off. With our backup configured, we can kick off the initial full backup to the cloud. It is recommended this be performed over an un-metered, fast connection, as once it’s complete we’ll only need to send incremental to the cloud, unless active fulls have been configured to run (not recommended for cloud backup jobs).
Next comes restore from our configured and created cloud backups, and this will be the topic of my next blog — keep your eyes on the Veeam blog and don’t miss it!
The post Backup to a cloud provider with Veeam Agent for Microsoft Windows appeared first on Veeam Software Official Blog.
The Mobile World Congress is always an exciting gathering of technology leaders showcasing the latest in mobile technology, and previewing what’s coming down the line.Cisco and Reliance Jio Recognized as “Best of the Best” at Mobile World Congress