Get your data ready for vSphere 5.5 End of Support

Source: Veeam

There have been lots of articles and walkthroughs on how to make that upgrade work for you, and how to get to a supported level of vSphere. This VMware article is very thorough walking through each step of the process.

But we wanted to touch on making sure your data is protected prior, during and after the upgrade events.

If we look at the best practice upgrade path for vSphere, we’ll see how we make sure we’re protected at each step along the way:

Upgrade Path

The first thing that needs to be considered is what path you’ll be taking to get away from the end of general support of vSphere 5.5. You have two options:

  • vSphere 6.5 which is now going to be supported till November 2021 (so another 5 years’ time)
  • vSphere 6.7 which is the latest released version from VMware.

Another consideration to make here is support for surrounding and ecosystem partners, including Veeam. Today, Veeam fully supports vSphere 6.5 and 6.7, however, vSphere 6.5 U2 is NOT officially supported with Veeam Backup & Replication Update 3a due to the vSphere API regression.

The issue is isolated to over-provisioned environments with heavily loaded hosts (so more or less individual cases).

It’s also worth noting that there is no direct upgrade path from 5.5 to 6.7. If you’re currently running vSphere 5.5, you must first upgrade to either vSphere 6.0 or vSphere 6.5 before upgrading to vSphere 6.7.

Management – VMware Virtual Center

The first step of the vSphere upgrade path after you’ve decided and found the appropriate version, is to make sure you have a backup of your vCenter server. The vSphere 5.5 virtual center could be a Windows machine or it could be using the VCSA.

Both variants can be protected with Veeam, however, the VCSA runs on a Postgres-embedded database. Be sure to take an image-level backup with Veeam and then there is a database backup option within the appliance. Details of the second step can be found in this knowledge base article.

If you’re an existing Veeam customer, you’ll already be protecting the virtual center as part of one of your existing backup jobs.

You must also enable VMware tools quiescence to create transactionally-consistent backups and replicas for VMs that do not support Microsoft VSS (for example, Linux VMs). In this case, Veeam Backup & Replication will use the VMware Tools to freeze the file system and application data on the VM before backup or replication. VMware Tools quiescence is enabled at the job level for all VMs added to the job. By default, this option is disabled.

You must also ensure Application-Aware Image Processing (AAIP) is either disabled or excluded for the VCSA VM.

Virtual Machine Workloads

If you are already a Veeam customer, then you’ll already have your backup jobs created and working with success before the upgrade process begins. However, as part of the upgrade process, you’ll want to make sure that all backup job processes that initiate through the virtual center are paused during the upgrade process.

If the upgrade path consists of new hardware but with no vMotion licensing, then the following section will help.

Quick Migration

Veeam Quick Migration enables you to promptly migrate one or more VMs between ESXi hosts and datastores. Quick Migration allows for the migration of VMs in any state with minimum disruption.

More information on Quick Migration can be found in our user guide.

During the upgrade process

As already mentioned in the virtual machine workloads section, it is recommended to stop all vCenter-based actions prior to update. This includes Veeam, but also any other application or service that communicates with your vCenter environment. It is also worth noting that whilst the vCenter is unavailable, vSphere Distributed Resource Scheduler (DRS) and vSphere HA will not work.

Veeam vSphere Web Client

If you’re moving to vSphere 6.7 and you have the Veeam vSphere Web Client installed as a vSphere plug-in, you’ll need to install the new vSphere Veeam web client plug-in from a post-upgraded Veeam Enterprise Manager.

More detail can be found in Anthony Spiteri’s blog post on new HTML5 plug-in functionality.

You’ll also need to ensure that any VMware-based products or other integrated products vCenter supports are the latest versions as you upgrade to a newer version of vSphere.

Final Considerations

From a Veeam Availability perspective, the above steps are the areas that we can help and make sure that you are constantly protected against failure during the process. Each environment is going to be different and other considerations will need to be made.

Another useful link that should be used as part of your planning: Update sequence for vSphere 5.5 and its compatible VMware products (2057795)

One last thing is a shout out to one of my colleagues who has done an in-depth look at the vSphere upgrade process.

The post Get your data ready for vSphere 5.5 End of Support appeared first on Veeam Software Official Blog.


Get your data ready for vSphere 5.5 End of Support

The Office 365 Shared Responsibility Model

Source: Veeam

The No. 1 question we get all the time: “Why do I need to back up my Office 365 Exchange Online, SharePoint Online and OneDrive for Business data?”

And it’s normally instantaneously followed up with a statement similar to this: “Microsoft takes care of it.”

Do they? Are you sure?

To add some clarity to this discussion, we’ve created an Office 365 Shared Responsibility Model. It’s designed to help you — and anyone close to this technology — understand exactly what Microsoft is responsible for and what responsibility falls on the business itself. After all — it is YOUR data!

Over the course of this post, you’ll see we’re going to populate out this Shared Responsibility Model. On the top half of the model, you will see Microsoft’s responsibility. This information was compiled based on information from the Microsoft Office 365 Trust Center, in case you would like to look for yourself.

On the bottom half, we will populate out the responsibility that falls on the business, or more specifically, the IT organization.

Now, let’s kick this off by talking specifically about each group’s primary responsibility. Microsoft’s primary responsibility is focused on THEIR global infrastructure and their commitment to millions of customers to keep this infrastructure up and running, consistently delivering uptime reliability of their cloud service and enabling the productivity of users across the globe.

An IT organization’s responsibility is to have complete access and control of their data — regardless of where it resides. This responsibility doesn’t magically disappear simply because the organization made a business decision to utilize a SaaS application.

Here you can see the supporting technology designed to help each group meet that primary responsibility. Office 365 includes built-in data replication, which provides data center to data center georedundancy. This functionality is a necessity. If something goes wrong at one of Microsoft’s global data centers, they can failover to their replication target, and, in most cases, the users are completely oblivious to any change.

But replication isn’t a backup. And furthermore, this replica isn’t even YOUR replica; it’s Microsoft’s. To further explain this point, take a minute and think about this hypothetical question:

What has you fully protected, a backup or a replica?

Some of you might be thinking a replica — because data that is continuously or near-continuously replicated to a second site can eliminate application downtime. But some of you also know there are issues with a replication-only data protection strategy. For example, deleted data or corrupt data is also replicated along with good data, which means your replicated data is now also deleted or corrupt.

To be fully protected, you need both a backup and a replica! This fundamental principle has been the bedrock of Veeam’s data protection strategy for over 10 years. Look no further than our flagship product, aptly named Veeam Backup & Replication.

Some of you are probably already thinking: “But what about the Office 365 recycle bin?” Yes, Microsoft has a few different recycle bin options, and they can help you with limited, short-term data loss recovery. But if you are truly in complete control of your data, then “limited” can’t check the box. To truly have complete access and control of your business-critical data, you need full data retention. This is short-term retention, long-term retention and the ability to fill any / all retention policy gaps. In addition, you need both granular recovery, bulk restore and point-in-time recovery options at your fingertips.

The next part of the Office 365 Shared Responsibility Model is security. You’ll see that this is strategically designed as a blended box, not separate boxes — because both Microsoft AND the IT organization are each responsible for security.

Microsoft protects Office 365 at the infrastructure level. This includes the physical security of their data centers and the authentication and identification within their cloud services, as well as the user and admin controls built into the Office 365 UI.

The IT organization is responsible for security at a data-level.  There’s a long list of internal and external data security risks, including accidental deletion, rogue admins abusing access and ransomware to name a few. Watch this five-minute video on how ransomware can take over Office 365. This alone will give you nightmares.

The final components are legal and compliance requirements. Microsoft makes it very clear in the Office 365 Trust Center that their role is of the data processor. This drives their focus on data privacy, and you can see on their site that they have a great list of industry certifications. Even though your data resides within Office 365, an IT organization’s role is still that of the data owner. And this responsibility comes with all types of external pressures from your industry, as well as compliance demands from your legal, compliance or HR peers.

In summary, now you should have a better understanding of exactly what Microsoft protects within Office 365 and WHY they protect what they do. Without a backup of Office 365, you have limited access and control of your own data. You can fall victim to retention policy gaps and data loss dangers. You also open yourself up to some serious internal and external security risks, as well as regulatory exposure.

All of this can be easily solved with a backup of your own data, stored in a place of your choosing, so that you can easily access and recover exactly what you want, when you want.

Looking to find a simple, easy-to-use Office 365 backup solution?

Look no further than Veeam Backup for Microsoft Office 365. This solution has already been downloaded by over 35,000 organizations worldwide, representing 4.1 million Office 365 users across the globe. Veeam was also named to Forbes World’s Best 100 Cloud Companies and is a Gold Microsoft Partner. Give Veeam a try and see for yourself.

Additional resources:

The post The Office 365 Shared Responsibility Model appeared first on Veeam Software Official Blog.


The Office 365 Shared Responsibility Model

Veeam and Nutanix AHV in a multi-hypervisor environment

Source: Veeam

Many environments have the requirement to be flexible to what platform they are running. Flexibility allows for the ability to move, migrate and leverage data between each of their virtual environment assets. This also applies to extending into other cloud environments, whether that be for backup retention purposes, using a Veeam Cloud & Service Provider partner for managed service providers or expanding the production environment into the public cloud to offer further flexibility to the on-premises infrastructure.

Brief architecture overview

The agentless architecture for Veeam Availability for Nutanix AHV consists of a Veeam Backup Proxy Appliance that will reside within the AHV cluster. The requirement here is one proxy per cluster, and as a v1 product with extensive beta testing, we have not seen a requirement to scale this function out. The Veeam Backup Proxy Appliance is a lightweight installation, offering an intuitive Prism-like web UI that is used to manage the appliance itself, configure, schedule and run backups, and perform both full-VM recoveries and disk-based recoveries.

The Veeam Backup Proxy Appliance is required to have communication with a Veeam Backup & Replication server for authentication purposes, but this also extends recovery capabilities with the ability to perform file-level recoveries and application item-level recoveries using the established Veeam Explorers. Also, as an extension to the backup policy, you can leverage backup copy jobs or send AHV backups to tape. Finally, there’s the ability to do more with AHV data, like converting those backup files into VMDK, VHD and VHDX for use in different virtual environments, as well as sending and converting them to machines in Microsoft Azure, which is ideal for a testing environment with infinite and scalable resources.

The final thing to mention on the architecture is where the backup files are stored — a Veeam Backup & Replication repository, the primary reason for the communication and authentication from Veeam Backup Proxy Appliance to the Veeam Backup & Replication server.

Zero socket license

Because of the requirement for a Veeam Backup & Replication server and repository, a common question is “if we are moving completely to Nutanix AHV as our only hypervisor in the environment, how do we gain access to the required Veeam Backup & Replication components if we do not have a license for it?” This is essentially the same question in Veeam Agent-only customer environments with no virtualization in place, so the same answer applies.

All Veeam Availability for Nutanix AHV licenses (and Veeam Agent licenses) are delivered with a zero-socket license for Veeam Backup & Replication at no additional cost. The zero-socket license unlocks Veeam Backup & Replication functionality for AHV backups in environments where an existing Veeam Backup & Replication for VMware vSphere of Microsoft Hyper-V instance does not exist.

Mixed environments

As mentioned above, many environments will have the requirement to run a multi-hypervisor infrastructure for numerous reasons. The possibilities from a management, backup and recovery perspective for AHV environments that have been brought with the release of Veeam Availability for Nutanix AHV have already been discussed, but if we were to also have a VMware vSphere or a Microsoft Hyper-V footprint alongside AHV, does this mean I have to have additional Veeam management components?

No, that same Veeam Backup & Replication management server and repository can be used for Nutanix AHV, VMware and Microsoft Hyper-V backups, as well as Veeam Agent backups. However, in some circumstances, there may be a requirement to have separate management for these environments, and that can be achievable using the zero socket license applicable in both AHV- or Veeam Agent-only environments. Remember, Veeam does not license the components that are licensed on the production workload, meaning you are able to have as many Veeam components as you see fit.

The post Veeam and Nutanix AHV in a multi-hypervisor environment appeared first on Veeam Software Official Blog.


Veeam and Nutanix AHV in a multi-hypervisor environment