Sponsored Post: Vembu BDR Suite Free Edition latest and greatest

The latest version of Vembu BDR Suite v3.8.0 is available, and so is a new Free Edition. Free? Yes, the Vembu BDR Suite is available in a Free and a paid edition. The bits are the same for both free and paid edition, but the functionality depends on the license being used. If you want to use the Free Edition this does not require any license conversion post its trial period, as the trial package of Vembu BDR Suite automatically gets converted into the Free edition. The only thing you have to do for the Free Edition is to choose between the following two options:

  • Having Unlimited Vembu BDR features for a maximum of three virtual machines, or
  • Being able to back up an unlimited amount of virtual machines with restricted Vembu features.

The free edition is free forever and IT administrators can continue managing their backups with the trial version with one of the above choice. If you want to find out and compare the Free versus the Paid Edition, you can start here.

Latest and greatest features of the Vembu BDR Suite Free Edition

In this blog post, we will dive further into the details of the feature options. Starting with the free unlimited features for a maximum of three VMs option, followed by the limited features for an unlimited amount of VMs.

Continue reading Sponsored Post: Vembu BDR Suite Free Edition latest and greatest

PowerCLI Collection: Back up the ESXi configuration (and restore it)

I happen to run in to vSphere environments without Enterprise plus, or need to implement vSphere environments where for example budget is a constrain, and one or more other limiting factors are there for having Enterprise Plus.

When we don’t have a vSphere edition supporting Host Profiles, Auto Deploy and Distributed switches, we need to have to create a way to (multiple) host back up and restoring for a disaster recovery or such. It can be easy with PowerCLI…

Back-up

In this post I want to write about the PowerCLI cmdlet to back-up a host configuration. We can use the Get-VMHostFirmware cmdlet to back-up the local configuration to a tarbal and save this on a disk location. The Get-VMHostFirmware takes the following options:

Get-VMHostFirmware -VMHost <host> -BackupConfiguration -DestinationPath <directorywithouttrailing\>

This creates a tarbal (in other words tar archive zipped in .tgz) bundle with the the filename configBundle-hostname.tgz. In this tarbal there is a manifest text file with the release level of the host, UUID, kernel options and user options.  There is also a state.tgz tarbal with the host state of the moment the tarbal is created. In this state tarbal is the local tarbal (getting lost a bit here ;-)) with local dump of the configuration of the host. Here you will find the files for creating local settings, vSwitch configurations, Resource Pools, Authentication, NTP, SSH etc. etc. etc.

Configuration Tarbal

Script

We need to build a script around this to occasionally take the dumps from hosts, for example with a schedule task. For the current customer I’m doing this for clusters. An side effect to doing the configuration dump, is checking the configuration is the same across all hosts in the cluster. If you happen to have a tarbal with a different size there is probably something different about this host. This can be with a reason or not. But something worth to check.

The following script takes input in variables for the vCenter, cluster, Hostroot, Hostpassword (note: plain text!), Destinationpath (without trailing \). It furthermore creates a log file name with the cluster and date. In this logfile we put the hostname, buildnumber to get the exact patchlevel and output of the Get-VMHostFirmware.

# This script dumps the config of hosts in cluster
# to be used with restoring via Set-VMHostFirmware (and Set-VMHost -State ‘maintenance’)
# To be runned with a user with access to the environment
# Must be runned against hosts with same build, when needed use -f force to override

# Log is created where name and build is written with time stamp

#Settings
$vCenter = “<vcenter server>”
$Cluster = “<clustername>”
$HostRoot = “root”
$HostPassword = “<password>”
$DestinationPath = “<driveletter:\pathname>”

# connect to vCenter
Connect-VIServer $vCenter

# Create LogFileName
$LogFile = “$DestinationPath\Dump-$Cluster-$(Get-Date -Format ddMMyyyy).log”

# Open Logfile with timestamp
Get-Date | Out-File $LogFile

Foreach($Hostname in (Get-VMHost -Location $Cluster | Select-Object name, build)){
“Dump and build for $Hostname” | Out-File $LogFile -Append
Get-VMHostFirmware -VMHost $Hostname.name -BackupConfiguration -DestinationPath $DestinationPath | Out-File $LogFile -Append
“Dump created” | Out-File $LogFile -Append
}

Disconnect-VIServer -Confirm:$False

Restore

Restoring the configuration when something goes amiss? Take a host at the same build number, either the one where some configuration change went wrong or reinstall a host in case of a complete disaster.

For restoring we need two cmdlets, one to put the host in maintenance and one to restore.

Set-VMHost -VMHost <host> -State ‘Maintenance’

And to restore:

Set-VMHostFirmware -VMHost <host> -Restore -SourcePath <backupfile complete pathname.tgz> -HostUser <user> -HostPassword <password>

The Sourcepath must include the driveletter\directory-tree\dumpfilename.extension.

Like said when restoring configuration the build number of the host must match the build number of the host that created the backup file. If this not possible, use the -force option to override this requirement. Recommended is having the same build number.

– Enjoy!

Sources: vmware.com

Protecting vCenter services, what is around (comes around)

Depending on your environment there is a need to protect vCenter or some of the services included in the vCenter system. A big question to ask yourself is what kind of downtime can you have according to your service levels and what kind of options do we have or need to have in place?

What will go down if you lose a vCenter component?

Like said this depends on your environment and components using vCenter services to connect to and from. A “plain” server virtualization workload for one company is different than a VD workload in a high demanding organization. The latter probably needs the ability to provision a little more urgent then the first example. Want to deploy a vCOPS vApp or VD Desktop, well wait until your vCenter is back. Using solutions like VMware Data Protection requires an operational vCenter with a functioning vCenter Single Sign-On server to restore a virtual machine. Losing that part of your environment could impact your recovery options seriously. Manage/Edit some VM version 10? How will you do that without vSphere Web client? You can’t. Have a HA or DRS cluster? Well HA will still partially function, it will react with restarts when needed. But to add to the cluster will need vCenter to make this posible. DRS needs vCenter to function in manual or automatic mode. And these are just a few examples.
Important to keep in mind, running VM’s will keep on running and HA will keep on HA’ing, no need to panic there.

Let see which components make up vCenter, a little vCenter architecture to start with.

A “standard” vCenter is made up of the components vCenter SSO (Single Sign-on), Lookup Service, Inventory Service, vSphere Web Client and the vCenter Server (with all of it’s services) itself. Optional services are Dump collector, Syslog Collector and Auto Deploy (and optionally TFTP and PXE DHCP service, but they can be on a separate system so not included in the model as a part). vCenter is also expanded by Update Manager, vCOPS and all sorts.

image

What are your standard protecting options?

  • Do nothing
    Not advisable, but if you are sure, have a small (just a few hosts and VM’s) environment and have an insight of your environment (or use some scripting to dump your configuration), you could do nothing. You lose part of your services and (in worse case) will have to manually rebuild vCenter and your configuration. You will lose any trending information. Recovery time is typically measured in days, and requires manual intervention.
  • Back-up Restore or Replication.
    Backup and restore should be an essential part of any availability solution, exclamation mark. This provides a recovery method utilizing tape, disk, replication or snapshot technology. This also enables a recovery method when data corruption occurs, depending on the solution that is. If data is corrupt on the primary VM then a replication to the recovery VM can occur after this moment. vCenter VM replication from primary to recovery site should be well monitored (and tested with SRM plans for example). Preferably used on several layers, application and application data (for example databases, certificates, logs, dump locations etc.). Be sure to know your backup  and recovery steps (look in the VMware KB’s for backing up the vCenter Server Appliance services and embedded vPostgres database), document, practice and test them. Recovery time is typically measured in hours or days, and typically requires manual intervention.
  • MS SQL Log shipping – database only
    A simple and cost effective solution. You can use log shipping to send transaction logs from one database (the primary database) to another (the secondary database) on a constant basis. Continually backing up the transaction logs from a primary database server and then copying and restoring them to a secondary database server keeps the secondary database nearly synchronized (depending on your plan) with the primary database. The destination server acts as a cold standby or backup server. Your destination server can also act as primary database for other databases so you will have some sort of active-active instead of a cold standby. Be ware of licensing in this case, log shipping target only or serving database is a different license show! Has to be setup for every database, include your vCenter, Inventory, SSO and such. Recovery time is depending on your plan, but can be minutes or hours. Requires manual intervention to fail over from primary to secondary.
  • SQL mirror / clustering – database only
    Depending on the license of MSSQL these are a more robust solution then the previously mentioned SQL log shipping. These have data replication mechanism in place and have the ability to automatically detect failures and do there fail overs with out manual intervention. Mostly used with a Witness out side the cluster/mirror pair to act as a tie breaker to prevent split brain scenario’s in case of partial failures. Mirroring, clustering has to be setup  for every database, include your vCenter, Inventory, SSO and such. Clustering can also be done per instance with it’s included databases. Oracle will have it’s own clustering, with Oracle RAC for example. Recovery time is typically measured in minutes. No intervention to fail over.
  • Hypervisor HA.
    Hypervisor HA will start your VM after a host failure or VMtools timeout. The time it takes to recover is depending on your amount of free slots, your priority of vCenter vs the other workload and the amount of VM’s needed to restart. Depending on your environment this can take some time to start up. Hypervisor HA will not protect against service failures as it will not monitor any application components, it will also not protect against any data corruption. Hypervisor HA is to be used in conjunction with one or more other protection options. For example a vCenter system on HA and SQL databases on MSSQL Cluster. Recovery time is typically measured in minutes or hours depending on your consolidation ratio and restart settings.
  • App Aware HA.
    If you have the correct edition and have the application aware components in place. Monitors the application and if it goes down, it can be restarted. There is no app aware HA specifically for vCenter yet. But you can protect parts of the applications with app HA, for example MSSQL services. Recovery time is typically measured in minutes or hours.
  • FT
    That is currently a no no. Why did I put it up here? Because it comes up as a question once in a while. FT creates virtual machine “pairs” that run in lock step—essentially mirroring the execution state of a virtual machine. This only protects against host or VM failures. Services that go down or corruption in the application data will be mirrored to the secondary VM.
    FT in vSphere 5.5 is still limited to 1 vCPU, and with a small inventory you still need a minimum of 2vCPU. Same goes for for example a database server these also tend to have more vCPU’s. Yes this has been a issue all along for FT, and we know from following those VMworld sessions demo’s that there is work in progress on multiple vCPU FT, but unfortunately this is not yet released. But a similar technique is next up.
  • vCenter Server Heartbeat
    vCenter Server Heartbeat is a separately licensed vCenter Server plug-in that provides protection of your vCenter system, (physical or virtual). Next to protecting against host failures, heartbeat adds application-level monitoring and intelligence of all vCenter Server components. Heartbeat replicates changes to a cloned virtual machine. The cloned virtual machine can take over when a failure event is triggered.
    imageThe vCenter recovery can be accomplished by restarting the vCenter service, by restarting the entire application, or by the entire failover of the vCenter system. Use in conjuction with a data protection like SQL mirroring to protect against corruption. Recovery time is measured in minutes and requires no manual intervention.
  • Scale out / HA service pair
    Move some of your vCenter services to other components or use multiple same role servers to provide high available and load balanced services. Not all of the vCenter services can be separated this way, but for example SSO can be. Those high availability service are placed behind a third-party network load balancer (for example, Apache HTTPD, vCloud Networking and Security vShield Edge load balancer or load balance appliance like Netscaler).
    imageMove logs to a log insight server, move statistics to vCOPS. Keep vCenter lean and mean.

Conclusion

vCenter Server Heartbeat is a done package for protecting your vCenter server system, but this is at an additional cost. More often you will have some back-end services, like Oracle/MSSQL clustering and back-up restore/replication solutions, already in place or products with a similar need. A combination of protection is the preferred way to utilize those in or to be in place solutions with the need for protection and the allowed recovery/down time. But this is the main thing, know your environment, know how the components interact, know what is needed at which time and know what will be (temporary) unavailable when services are down. Protect against unavailability, corruption and please randomly test to be sure all components are working as expected (even the manual procedures).

And yes sure there will be some other great options out there like a script collection or cold standby solution et al….. but hey isn’t that what the comments section is about. Tell me yours. Share.

– Happy managing your environment!

Evaluations – Veeam Backup and Replication version 7- What and Installation.

And now for something completely different… Well different, still has to do with a virtual infrastructure. Evaluating the version 7 of Veeam Backup and Replication.

What is Veeam Backup and replication?

Veeam Backup and replication is a data protection and disaster recovery solution for virtual infrastructures. It supports virtual infrastructures from VMware or Hyper-V.
It brings features such as instant file-level recovery and VM recovery, scalability, backup & replication, built-in de-duplication and bringing centralized back-up and replication management to your infrastructure.

To produce a backup, Veeam Backup leverages VMware snapshot capabilities. When you need to perform backup. The VMware snapshot technology lets you back up VMs without suspending them; also known as online hot backup.

Architecture

image

The picture above (picture credits to the Veeam Evaluation guide. Get this guide at  http://veeampdf.s3.amazonaws.com/guide/veeam_backup_evaluators_guide_7_vmware.pdf) shows the components that make up the Veeam Backup and replication infrastructure:

  • Veeam Backup server—a physical or virtual machine. The Veeam Backup server is the core component: responsible for configuration and management.
  • Backup proxy—a “data mover” component used to process VM data and transfers to the datastore targets.
  • Backup repository—a storage location for storing backup files, VM copies and replicas.
  • Virtual infrastructure servers—ESXi or Hyper-V hosts which are sources and targets for backup and replication operations.

Evaluating

For the evaluation I’m doing a simple deployment with a Server 2012 host as backup server and repository, and a VMware ESXi host managed by a vCenter Server Appliance. I’m not using multi core/processors so you will get a warning about data processing times.

image

The wizard starts when you push the appropriate installer. You can input your license file or use the free edition when you have got one. I’m using a NFR license for demo purposes.

image

I’m doing the complete setup. Not changing the default install, I currently just have one disk connected. Prerequisite software checks are done next. If you are not compliant push the install button to get the required software.

Connect with a local admin (from domain or not) and use a existing SQL instance or let the installer add a MS SQL Express 2008R2 one for you (I’m currently going for the latter). Ports can remain the default ones. Same goes for the locations, be sure to change them to your needs. And hit the install button to start the engines….

image

And have a little patience for the installer to finish. And lift off..

image

Now let’s add the virtual servers. Go to Backup Infrastructure – Managed Servers and right click to select add server. You can select vSphere, vCloud, Hyper-V and Windows hosts. Add the VCSA via the vSphere option.

Add the VCSA credentials to the Wizard (in my case the standard root vmware combo). It takes a while as my lab has not enough resources…
The Wizard will create a new VMware object in the backup inventory.

image

Next up, the backup proxy. As described earlier, this is the data mover and needs access to the source and destination datastore. This is a Windows server with either a physical connection (physical server with LUN’s attached) or a VM. Add it as a managed server (add a windows server at managed servers) and assign the backup proxy role (add at backup Proxies.). I am using the same server for all roles, so it is already added to the server list and to the VMware proxy by the Veeam Wizard.

image

Next up: a backup repository. This can be a:
– Windows Server with storage attached.
– Linux server with local or NFS mounted storage.
– a CIFS share.

I have added a vmdk to my server, and am using this as the backup repository. So I add a repository to a Microsoft Windows server, to this server and use populate to find the appropriate disk. For additional features I’m also adding this as a vPower NFS server. image

And boom, your Veeam infrastructure is up and running in minutes. Just know the architecture components and prepare in advance. Surely this test lab is not sufficient for production as I haven’t taken retention, archiving, access and RTO/RPO in mind.

Next up is creating some jobs and fill up the repository. Go to backup & Replication pane, and add a backup job.

The add backup job is straightforward  Select the source machine and th what. Select the destination and which proxy to use.

image

One of the important screens is the Advanced Settings.

image

here the mode can be selected, storage and methods (use vSphere CBT).

And viola start you engines, a test job can be run.

image

This concludes the Veeam Backup and Replication introduction and basic installation.

– Enjoy Veeaming across your virtual infrastructure.