Please join me in welcoming Vijoy Pandey as our new Service Provider CTO. Vijoy comes to us from Google where he headed engineering for their Data Center, Cloud and WAN networks.
Welcome Vijoy Pandey as CTO, Cisco Service Provider Business
Last week I attended the Cannes Lions International Festival of Creativity and had the chance to speak on a panel with Live Nation about our partnership – here are my key takeaways.
Creating Connections at Cannes
Cisco’s own IT organization is one of the largest customers of Cisco technologies, often acting as Customer Zero when new innovations are being rolled out. I recently chatted with Mike…
Insights from Customer Zero: Enabling the Next Generation of Hybrid Cloud
I have been spending a lot of time working with Veeam Availability Orchestrator, or VAO, since it was released a few months ago. I have found VAO to be easy to set up and use and have come up with a few tips to help get VAO up and running even faster.
If you are not familiar with VAO, it enables organizations to reduce the time, cost and effort associated with planning for and recovering from a disaster to ensure compliance and the continued delivery of production IT services. A free 30 day trial is available for download from the Veeam website.
Now, let’s start with a few tips for a smooth deployment…
Plan first, install next
One of the fundamental constructs of VAO is the Disaster Recovery site or DR Site. All plans point to the DR Site. One of the earliest steps should be identifying a number of characteristics for the DR Site: Where is it? Will workloads need to be protected at the DR Site –– and how often? Will there need to be multiple DR Sites? Consider below the single DR Site:
Alternatively, multiple DR sites are shown in this figure:
If you like using the whiteboard, a fun way to remember this is “Draw before you install”
Start with the right application to protect
VAO Is a very powerful orchestration tool and it is tempting to make many applications hyper-available out of the gate. However, my recommendation is to start with one application you know very well. When you know an application this well, it makes it easy to translate it into VAO and create a Failover Plan. A Failover Plan is the step by step actions VAO will perform on the virtual machines you are protecting. If you are currently using home grown disaster recovery scripts, you can also import them into VAO to create Custom Steps for your Failover Plan which can be run during recovery or testing. Picking an application you know the ins and outs of will allow you to quickly and easily prove how well VAO works in your environment, versus spending time troubleshooting why an application is not working if you forgot to include a database or another component. Once you have orchestrated the Availability of this application end to end and tested it successfully, you will be ready to take on the other applications in your environment.
Decide on your categorization strategy for virtual machines
VAO Uses a construct called VM Groups to determine which virtual machines make up an application and will be added to a Failover Plan. There are a few ways we can choose to do this. The first method is VMware vSphere tags. The embedded VeeamONE Server will simply get the vSphere tags you are using from vCenter and pass the information along to VAO. vSphere tags are also great for things like creating replication jobs and grouping components together in VMware vSphere. Remember to give your tags and categories easy to understand names such as the name of the application the inventory item is a part of. Examples of useless tag names are things like “Tag1,” “Storage Tag,” etc. For more information on how to get started using vSphere tags, be sure to look at this blog.
You can also use the embedded version of VeeamONE Monitor to directly group your virtual machines. This can be done by creating a new category in Business View. The interesting thing about using this method is you can use one or multiple criteria to group virtual machines. For example, you can choose to group powered on virtual machines, or powered on virtual machines in a specific data center. Please note you can only use one of these methods at a time, so it is a good idea to make your decision up front. For more information, you can see the Veeam Availability Orchestrator 1.0 Categorization Guide.
Start with a fresh virtual machine
I briefly mentioned the embedded VeeamONE server which is included in a VAO installation. VAO Also installs an embedded version of Veeam Backup & Replication, regardless of if you choose to use it or an existing installation of Backup & Replication. VAO Cannot be installed on a server that already has VeeamONE or Veeam Backup & Replication running, so it is best to start with a fresh Virtual Machine. The system requirements for the virtual machine are documented in the Veeam Availability Orchestrator 1.0 Deployment Guide, which is a great document to read before you get started with your first installation of VAO.
These first three tips will make getting started with VAO even easier. Be sure to stay tuned for even more tips coming soon.
The post Getting started with Veeam Availability Orchestrator appeared first on Veeam Software Official Blog.
We’re pleased to introduce Global Problem Solvers: The Series (GPS: The Series), a new Cisco corporate social responsibility (CSR) educational initiative.
Introducing Global Problem Solvers: The Series
Veeam PN was launched as part of Veeam Recovery to Microsoft Azure, but Veeam PN has some great standalone use cases. In the last post, I showed how to access home lab/office machines while on the road using Veeam PN.
In this blog post, I’ll be covering a very real-world solution with Veeam PN where it will be used to easily connect geographically disparate cloud hosting zones, enabling you to achieve High Availability for applications and provide cross cloud application and services access. This is probably the most exciting of the three use cases I will cover in this blog series on Veeam PN, and with multi-cloud adoption in full swing, this is a very timely and useful capability.
Taking this use case one step further, how can cloud-to-cloud Availability be achieved in the most cost effective and operationally efficient way? There are obviously a few ways to connect clouds, and many other solutions out there, whether that be via some sort of MPLS, IPSec, L2VPN or stretched network solution. What Veeam PN achieves is simplicity — it’s very easy to configure, and it’s also very cost effective (remember it’s FREE). This makes it one of the best ways to connect one to one or one to many cloud zones with little to no overhead.
Cloud-to-cloud-to-cloud Veeam PN appliance deployment model
In this scenario, I want each vCloud Director zone to have access to the other zones and be always connected. I also want to be able to connect in via the OpenVPN endpoint client and have access to all zones remotely. All zones will be routed through the Veeam PN Hub Server deployed into Azure via the Azure Marketplace. To go over the Veeam PN deployment process, read my first post and also visit this VeeamKB that describes where to get the OVA and how to deploy and configure the appliance for first use.
- Veeam PN Hub Appliance x 1 (Azure)
- Veeam PN Site Gateway x 3 (One Per Zettagrid vCD Zone)
- OpenVPN Client (For remote connectivity)
Networking overview and requirements
- Veeam PN Hub Appliance – Incoming Ports TCP/UDP 1194, 6179 and TCP 443
- Azure VNET 10.0.0.0/16
- Azure Veeam PN Endpoint IP and DNS Record
- Veeam PN Site Gateways – Outgoing access to at least TCP/UDP 1194
- Perth vCD Zone 192.168.60.0/24
- Sydney vCD Zone 192.168.70.0/24
- Melbourne vCD Zone 192.168.80.0/24
- OpenVPN Client – Outgoing access to at least TCP/UDP 6179
In my setup, the Veeam PN Hub Appliance has been deployed into Microsoft Azure mainly because that’s where I was able to test out Veeam PN initially, but also because in theory it provides a centralized, highly available location for all the site-to-site connections to terminate into. This central hub can be deployed anywhere, and as long as it’s got HTTPS connectivity configured correctly to access the web interface, you can start to configure your site and standalone clients.
Configuring site clients for cloud zones (site-to-site)
In order to configure the Veeam PN Site Gateway you’ll need to register the sites from the Veeam PN Hub Appliance. When you register a client, Veeam PN generates a configuration file that contains VPN connection settings for the client. You must use the configuration file (downloadable as an XML) to set up the Site Gateways. Referencing the diagram at the beginning of the post, I needed to register three separate client configurations as shown below.
Once this has been completed, you need to deploy a Veeam PN Site Gateway in each vCloud Hosting Zone, and because we are dealing with an OVA, the OVFTool will need to be used to upload the Veeam PN Site Gateway appliances. I’ve previously created and blogged about an OVFTool upload script using PowerShell. Each Site Gateway needs to be deployed and attached to the vCloud vORG Network that you want to extend, in my case it’s the 192.168.60.0, 192.168.70.0 and 192.168.80.0 vORG Networks.
Once each vCloud zone has the Site Gateway deployed and the corresponding XML configuration file added, you should see all sites connected in the Veeam PN Dashboard.
At this stage, we have connected each vCloud Zone to the central Hub Appliance which is configured now to route to each subnet. If I was to connect an OpenVPN Client to the Hub Appliance, I could access all subnets and be able to connect to systems or services in each location. Shown below is the Tunnelblick OpenVPN Client connected to the Hub Appliance showing the injected routes into the network settings.
You can see above that the 192.168.60.0, 192.168.70.0 and 192.168.80.0 static routes have been added and set to use the tunnel interfaces default gateway which is on the central Hub Appliance.
Adding static routes to cloud zones (cloud to cloud to cloud)
To complete the setup and have each vCloud zone talking to each other, we need to configure static routes on each zone network gateway/router so that traffic destined for the other subnets knows to be routed through to the Site Gateway IP, through to the central Hub Appliance onto the destination and then back. To achieve this, you just need to add static routes to the router. In my example, I have added the static route to the vCloud Edge Gateway through the vCD Portal as shown below in the Melbourne Zone.
To summarize, below are the 5 steps that were taken to setup and configure the configuration of a cloud-to-cloud-to-cloud network using Veeam PN and its site-to-site connectivity feature. By doing so, allowing cross-site connectivity while enabling access to systems and services via the point-to-site VPN:
- Deploy and configure Veeam PN Hub Appliance
- Register cloud sites
- Register endpoints
- Deploy and configure Veeam PN Site Gateway in each vCloud zone
- Configure static routes in each vCloud zone
These five steps took me less than 30 minutes, which also took into consideration the OVA deployments as well. At the end of the day, I’ve connected three disparate cloud zones which all access each other through a Veeam PN Hub Appliance deployed in Microsoft Azure. From here, there is nothing stopping me from adding more cloud zones that could be situated in any public cloud, whether AWS, IBM or Google. I could even connect my home office or a remote site to the central Hub to give full coverage.
The key here is that Veeam Powered Network offers a very simple solution to what is traditionally a complex and costly one. Again, this will not suit all use cases, but at its most basic functional level, it’s a great solution for customers who have a need for cross-cloud connectivity.
Go give it a try! Get started with Veeam PN.
The post Simplifying cloud to cloud connectivity with Veeam PN appeared first on Veeam Software Official Blog.
Managed service providers (MSPs) are playing an increasingly critical role in helping businesses of all sizes realize their digital transformation aspirations. The extensive offerings made available to businesses continue to allow them to shift day-to-day management onto you, the MSP, while allowing them to focus on more strategic initiatives. One of the most notable services being backup and recovery.
We introduced Veeam Availability Console in November 2017, a FREE, cloud-enabled management platform built specifically for service providers. Through this console, service providers can remotely manage and monitor the Availability of their customer’s virtual, physical and cloud-based workloads protected by Veeam solutions with ease. And, in just a few short months, we’ve seen incredible adoption across our global Veeam Cloud & Service Provider (VCSP) partner base, with overwhelmingly positive feedback.
Today, I’m happy to announce the General Availability (GA) of Veeam Availability Console U1, bringing with it some of the most hotly requested features to help further address the needs of your service provider business.
Enhanced Veeam Agent support
The initial release of Veeam Availability Console was capable of monitoring Veeam Agents deployed and managed by the service provider through Veeam Availability Console. New to U1 is the ability to achieve greater insights into your customer environments with new support that extends to monitoring and alarms for Veeam Agents that are managed by Veeam Backup & Replication. With this new capability, we’re enabling you to extend your monitoring services to even more Veeam customers that purchase their own Veeam Agents, but still want the expertise that you can bring to their business. And yes, this even includes monitoring support for Veeam Agent for Linux instances that are managed by Veeam Backup & Replication.
New user security group
VCSP partners wanting to delegate Veeam Availability Console access without granting complete control (like local administrator privileges) can now take advantage of the new operator role. This role permits access to everything within Veeam Availability Console essential to the remote monitoring and management of customer environments (you can even assign access to your employees on a company-by-company basis), but excludes access to Veeam Availability Console server configuration settings. Now you can assign access to Veeam Availability Console to your staff without exposing settings of the Veeam Availability Console server.
ConnectWise Manage integration
We’re introducing native integration with ConnectWise Manage. Through this new, seamless integration (available in the plugins library tab), the management, monitoring and billing of Veeam Availability Console-powered cloud backup and Disaster Recovery as a Service (DRaaS) can now be consolidated with your other managed service offerings into the single pane of glass that is ConnectWise Manage. This integration makes it easier and more efficient to expand your services portfolio while making administration of multiple, differing managed services much more efficient.
Matt Baldwin, President of Vertisys said, “This integration is exactly what my business needs to streamline our managed backup and DRaaS offering. The interface is clean and intuitive with just the right number of features. We project a yearly savings of 50 to 60 hours.”
Let’s take a closer look at some of the integration points between Veeam Availability Console and ConnectWise Manage.
Firstly, the integration will help avoid a lot of manually intensive work by automatically synchronizing and mapping companies present in ConnectWise Manage with those in Veeam Availability Console. Automatic mapping is achieved through the company name. Before mapping is fully-complete, Veeam Availability Console allows you to check over what it’s automatically mapped before committing to the synchronization. If no match is found, mapping can be completed manually to an existing company or through the creation of a new company, with the option to send login credentials for the self-service customer portal, too.
The integration also enables you to more quickly resolve issues before they impact your customers’ business through automatic ticket creation within ConnectWise Manage from Veeam Availability Console alarms. You can specify from the list of available alarms within Veeam Availability Console all those that are capable of triggering a ticket (e.g. failed backup, exceeding quota, etc.), and to which service board within ConnectWise Manage the ticket is posted. We’ve also enabled you with the capability to set delays (e.g. 1 minute, 5 minutes, 15 minutes, etc.) between the alarm occurring and the ticket posting, so issues like a temporary connectivity loss that self-resolves doesn’t trigger a ticket immediately. Every ticket created in ConnectWise Manage is automatically bundled with the corresponding configuration, such as representing a computer managed by Veeam Availability Console. This makes it incredibly easy for support engineers to find which component failed and where to go fix it. The integration also works in reverse, so that when tickets are closed within ConnectWise Manage, the corresponding alarm in Veeam Availability Console will be resolved.
The final part of the integration extends to billing, reducing complexities for you and your customers by consolidating invoices for all the managed services in your portfolio connected to ConnectWise Manage into a single bill. Not only this, but the integration allows for the automatic creation of new products in ConnectWise Manage, or mapping to existing ones. Service providers can select which agreement Veeam Availability Console-powered services should be added to on a per-customer basis, with agreements updated automatically based on activity, quota usage, etc.
Finally, we’ve enhanced the scalability potential of Veeam Availability Console, enabling you to deliver your services to even more customers. The scalability improvements specifically align to the supported number of managed Veeam Backup & Replication servers, and this is especially useful when paired with the enhanced Veeam Agent support discussed earlier. This ensures optimal operation and performance when managing up to 10,000 Veeam Agents and up to 600 Veeam Backup & Replication servers, protecting 150-200 VMs and Veeam Agents each.
We’re very excited about the new possibilities this latest update will bring for not only your business, but also for your customers’ and their Availability. To get started with these new features of Veeam Availability Console, download the latest update today — it’s FREE!
In this blog post, I will show you how you can deploy Veeam Backup & Replication 9.5 with Update 3 to a virtual machine. This is a really handy, little script because it can help you get Veeam going in your lab in a snap. The basic steps to accomplish this are as follows.
1. Create a virtual machine running Windows Server 2016. In my case, I created a Hyper-V VM called Management01.
2. Download a copy of Veeam Backup & Replication and prepare either an already existing license file or request a trial one from the same download page.
3. In our case, we stored both files in F:Temp1
4. Grab a copy of the PowerShell script from my GitHub repository and save it to the same F:Temp1 location
5. Open an Administrative PowerShell Prompt and change the path to
F:temp1. Then type
Import-Module .Install-Veeam-HyperV.PS1 -Force -Verbose and press Enter. This will load the
Install-Veeam Module which we will use to deploy Veeam to our lab.
Install-Veeam -VMName Management01 -GuestOSName -Management01 -VMPath F:dcbuild_test and run it.
7. On the Please Select the Veeam 9.5 UR3 ISO window, browse to F:temp1VeeamBackup&Replication_126.96.36.1995.Update3.iso
8. On the Please Select the Veeam License File window, browse to your license file prepared at step 2. In my case, I used my Veeam NFR license.
9. Input the credentials for your lab. In my case, I will install using my Domain Administrator Account “MVPDaysAdministrator”. We will pipe this into the VM using PowerShell direct with the
At this point it is time to sit back and relax as the next steps will happen automatically:
- Add a new VHDx file from the host
- Format the new VHDx file and giving it a volume label of Veeam
- Mount the VHDx to the host
- Copy the Veeam ISO specified earlier
- Copy the Veeam license file specified earlier
- Install 2012 System CLR types
- Install SQL Express
- Install the Veeam Backup & Replication 9.5 server
- Install the Veeam Backup Console
- Install the Explorer for Active Directory
- Install the Explorer for Exchange
- Install the Explorer for SQL
- Install the Explorer for Oracle
- Install the Explorer for SharePoint
- Install the Enterprise Manager web and Cloud Portal
- Finally update to Rollup 3
Your finished product will look just like this:
I hope you enjoyed this post, and please feel free to update my code and use it in your lab. As always, happy learning!
The post PowerShell script to deploy Veeam Backup & Replication appeared first on Veeam Software Official Blog.
DNA Center’s new open platform capabilities mean all its powerful, networkwide automation and assurance tools are available to our partners and customers. #CiscoDNA
Intent-Based Networking’s Next Evolution: The DNA Center Platform