Backup your VMware vSphere Environment with Veeam

Back Up your VMware vSphere Environment

IBM SoftLayer handles massive amounts of data on a daily basis and keeping that data safe is extremely important. Data backup is currently the most trusted means of maintaining its safety, integrity, and redundancy. However, as the amount of data to be backed up increases, so does the amount of space needed to store it. In the past, storing backups on high-performance storage or tape were feasible solutions. Today, enterprises are seeking to alleviate the capital and operational costs associated with physical on-premises storage by augmenting or even replacing it with Object Storage. In this procedure, we will discuss how you can back up your VMware vSphere environment using a hybrid solution that consists of

  • SoftLayer Object Storage Service
  • NetApp AltaVault Cloud Storage Gateway
  • Veeam Backup & Replication software

Get to the Cloud

Object Storage offers the same durability, protection, and access of traditional, monolithic storage arrays at a much lower price point and enhanced scale. One of the issues with using Object Storage is the current methodology of using REST APIs to ingest (i.e., upload) and access data. Fortunately, there is another solution available that removes the need to use REST APIs – the AltaVault Cloud Gateway Appliance from NetApp (formerly Riverbed SteelStore).

The NetApp AltaVault cloud-integrated storage appliance is a software solution that allows businesses to seamlessly integrate a customer's on-premises environment with private or public clouds. Together with SoftLayer Object Storage, it enables customers to effortlessly archive, manage, and serve large amounts of unstructured data. Additionally, SoftLayer's pay-as-you-go pricing model and full integration with the content delivery network (CDN) offers the ability to store and distribute data across 24 geographically diverse nodes.

AltaVault can be deployed in two modes: back up or archive (i.e., Cold Storage). We will focus on the integration of AltaVault, SoftLayer Object Storage, and Veeam Backup & Replication. The integration of these three components helps creates a robust VMware vSphere environment capable of backing up and recovering quickly from any error. Click on the links for information on disaster recovery using backups and the SoftLayer Object Storage Service .

Keep Data Safe On-Premises

One of the basic rules of backup and recovery is to maintain multiple backups in multiple locations and diverse mediums for maximum safety and redundancy. This could be achieved by storing redundant copies of backups on different on-premises devices, which, given SoftLayer's global presence, would theoretically be a simple task. Yet doing so would require large amounts of expensive high-performance storage and network bandwidth. In addition, it would be difficult to synchronize and reconcile multiple backup copies residing on multiple on-premises devices, especially if those devices spanned a wide geographical area.

Introducing a Hybrid Solution

Veeam Backup & Replication enables a hybrid solution – that includes NetApp AltaVault cloud-integrated storage appliance and SoftLayer Object Storage – to be considered. It is a piece of software that primarily creates, maintains, and restores virtual environments from backups. When used in conjunction with a NetApp AltaVault cloud-integrated storage appliance, it can create backups that can be stored locally, on-premises. It can also simultaneously replicate to SoftLayer Object Storage. With this hybrid solution, two copies of a backup are made, but only one of them exists on on-premises storage, which increases safety and redundancy while reducing cost, space, and operational overhead.

AltaVault Cloud-Integrated Storage Gateway

AltaVault Cloud Storage Gateway lets you integrate your on-premises environment with the cloud without having to write scripts or applications using REST APIs for SoftLayer Object Storage. It exposes a Server Message Block (SMB)/Common Internet File System (CIFS) or Network File System (NFS) mount point on the front end and securely connects to SoftLayer's Object Storage interface on the back end. Customers can simply mount or point to the aforementioned mount points and begin copying data into the cloud securely, as shown in Figure 1.

Figure 1: AltaVault backup flow with Veeam and SoftLayer

Deploy AltaVault On-Premises

This section describes the process of deploying AltaVault as an on-premises backup solution to SoftLayer Object Storage. Note that AltaVault may be purchased as either a physical or a virtual appliance. Only the deployment of the trial-version VMware vSphere ESXi-based AltaVault virtual appliance is covered in this procedure.

Prerequisites

Verify the following prerequisites have been met before proceeding:

  • Obtain a copy of AltaVault Virtual Appliance. It should come as a single file with an OVA file extension. Contact your NetApp representative for the appliance, or download a 90-day trial version from the NetApp AltaVault website.
  •  Have an existing on-premises vSphere ESXi 5.5 environment with the minimum CPU, memory, and disk space requirements available for the AltaVault appliance. If using the trial version, these requirements are four virtual CPUs (vCPUs), 24GB of memory, and up to 8TB of disk space.
  • Have two 10Gbps network interface controllers (NICs) available within the vSphere environment. One NIC will be used for data ingest, and the other will be used for data replication to SoftLayer Object Storage.
  • Have two networks corresponding to the two aforementioned NICs (i.e., VLANs) defined within the vSphere environment. The replication network cannot be assigned to the same network as the data ingest network, as this may create a routing loop.
  • Have a set of SoftLayer Object Storage credentials. These include the SoftLayer username, SoftLayer Object Storage username, and the API key associated with the SoftLayer username.
  • Knowledge of VMware Sphere terminology and administering vSphere ESXi environments. This knowledge includes, but is not limited to, use of the vSphere web client, vSphere client, and assignment of hardware resources including networking and storage.

Deploy AltaVault OVA

Deploy the AltaVault OVA to the vSphere environment once all of the prerequisites have been met. Instructions for OVA deployment can be found in the NetApp AltaVault Installation and Service Guide.

  1. Go back and edit the AltaVault virtual machine (VM) once the deployment of the OVA has completed.
  2. Modify the memory allocated to match the version of AltaVault in the edit window. If you are using the trial version, assign 24GB of memory and add a disk less than or equal to 8TB. This secondary disk storage device will be used to store deduplicated backup data.
  3. Make sure to assign different networks (i.e., VLANs) to the AltaVault appliance after the memory and disk configurations have been modified.

The NICs are assigned the following interface functions:

  • Primary. Used as the management interface.
  • e0a. An interface used to replicate data from the AltaVault appliance to the cloud.
  • e0b. An interface used to export the mount point for the SMB/CIFS or NFS share.
  • e0c. An additional, optional, interface that can be used to export the mount point for the SMB/CIFS or NFS share.

In the example configuration used in this procedure, the AltaVault appliance utilizes the e0a interface as the replicate-to-cloud interface and the e0b interface to export a CIFS/SMB mount point. Note that a CIFS/SMB share and an NFS share cannot both be used to access the same data. In other words, if data is placed in a CIFS/SMB share, it cannot be accessed via an NFS share and vice versa.

Figure 2: AltaVault mounts to SoftLayer

More information on the deployment of the AltaVault appliance and configuration of the VM settings for the appliance is available in the NetApp AltaVault Installation and Service Guide.

Initial Configuration of the AltaVault Appliance

You can power on the AltaVault VM after it has been configured with the appropriate hardware. Be aware that it make take some time for it to initially boot up as the AltaVault appliance is formatting the secondary metadata cache disk.

  1.  Log in to the AltaVault console using admin as the Username, and password as the Password once the appliance has completed the boot process. You can change these credentials after completing the initial configuration.
  2.   After logging into the appliance, the console displays a question whether you want to use the wizard for initial configuration. Enter y.
  3.   Press the Enter key to save your changes.

  •   Use the information in Table 1 once you have entered the wizard.


    Question Answer
    Step 1: Admin Password?

    Enter a new admin password (it cannot be "password")

    Step 2: Hostname? Enter the hostname you wish to use
    Step 3: Use DHCP on primary interface? Enter n
    Step 4: Primary IP Address? Enter the primary network IPO address.  In our configuraiton, this is the network used for cloud replicaiton and applicance management (e.g., 192.168.50.15)
    Step 5: Netmask? Enter the netmask (e.g., 255.255.255.0)
    Step 6: Default gateway? Enter the default gateway (e.g., 192.168.50.1)
    Step 7: Primary DNS server? Enter the primary Domain Name System (DNS) server in your environment
    Step 8: Domain name? Enter the domian name of your environment (e.g., testenv.org)
    Table 1: AltaVault initial configuration values

Configure AltaVault for SoftLayer Object Storage

The appliance will be configured to connect to SoftLayer’s Object Storage Service in this step.

  1. Open a web browser and enter the IP address of the AltaVault appliance primary interface (this was configured in the previous step).
  2. Log in to the console with the admin credentials. Upon first log in, the Wizard Dashboard will be displayed as shown in Figure 3.

    Figure 3: AltaVault Wizard Dashboard

  3. Select System Settings
  4. Verify that the information is correct on the next screen and adjust the time zone to reflect the time zone of your environment.
  5. Click Next > Save and Apply
  6. Click Exit to return to the Wizard Dashboard.
  7. Select Cloud Settings and click the Provider drop-down menu. Choose SoftLayer Object Storage.
  8. Select the Object Storage Region within SoftLayer that you want to use.
    Note that not all regions are displayed (e.g., Melbourne), however, the Hostname of the Object Storage Service can be modified using the Hostname field. For example, if you wish to use Melbourne as the region, you can select San Jose 1 from the Region drop-down menu and modify the Hostname field to mel01.objectstorage.softlayer.net.
  9. Enter your SoftLayer Object Storage credentials, which are the SoftLayer Object Storage Username and the API key associated with your SoftLayer Username in the Username field. The format of the username must be object_storage_username:SoftLayer_username. For example: ABC-DE123456-7:user. You can find your Object Storage Username under Storage > Object Storage on control.softlayer.com.
  10. Type in a Bucket Name to store the data. The bucket name is simply the container name where you wish to store the data in SoftLayer’s Object Storage.
  11. Do not modify the default port unless otherwise directed to by your network administrator. The Enable Archiving field should default to No. Your configuration should look similar to Figure 4.

    Figure 4: Cloud Settings Wizard

  12. Click Next.
  13. Enter the License Request Token, if necessary, and click Next.
  14. Enter an Encryption Key. You can allow AltaVault to generate a new encryption key or enter an existing key you want to use to encrypt and decrypt the data. Click Next.
  15. Verify all your settings are correct and then click Finish and Apply.
    At this point, AltaVault will attempt to contact the SoftLayer Object Storage Service using the inputs and settings given in the Cloud Settings Wizard. If the connection fails, review your settings and make sure you have appropriate access to the service.
  16. Click Exit once a connection is successfully established to return to the Wizard Dashboard.
  17. Click Exit Wizard to go the AltaVault appliance’s status page.
  18. Verify that the Storage Optimization Service is running and that the Status is ready (Figure 5). Note that it make take few minutes for the Status to change to ready.

Figure 5: Storage Optimization Service status

The AltaVault appliance is now configured to communicate with the SoftLayer Object Storage Service.

Configure the CIFS/SMB Mount Point in AltaVault[2]

The e0b interface needs to be configured so that a CIFS/SMB mount point can be created. Use the following steps to configure e0b.

  1.  Use the menus at the top of the AltaVault web console to navigate to Settings > Data Interfaces.
  2.  Expand the e0b interface, check Enable Data Interface, and fill in the IP Address, Subnet Mask, and Gateway that will be used to mount the CIFS/SMB share.
  3.   Leave the default MTU value of 1500 bytes.

    Although the default maximum transmission unit (MTU) is set to 1,500, you can modify it to 9,000 if you are using jumbo frames. Note that your ESXi host as well as physical infrastructure will also be required to support jumbo frames. By default, SoftLayer already supports an MTU size of 9,000 bytes; no configuration changes are required.
     
  4.  Click Apply when done.  The mount point is ready for configuration.
  5.  Select Storage > CIFS > Add CIFS Share tab.
  6.  Enter a unique name for the share.
  7.  Click the Pin Share drop-down menu and select Yes. Note that Veeam Backup & Replication backups may fail to an unpinned share.
  8.  Enter a unique path for the new share in the Path field. It is preferable to use the share name as the path, e.g., if the share name is cifs_share0, enter /cifs_share0 as the path.
  9.  Uncheck the Allow Everyone Access checkbox if security is not an issue because it is preferable to whitelist the clients that will use the CIFS/SMB share.

    Leave the checkbox as is (default of checked) if security is an issue and click Add Share.
     
  10.  Click the Add CIFS User tab to create accounts for authorized users.
  11.  Fill in the Username and Password fields.
  12.  Expand the newly created CIFS share and click the Add a user or group tab to add the authorized user accounts.

    Figure 6: Adding a CIFS/SMB share in AltaVault

  13. Locate the Global CIFS Settings area at the bottom of the page.
  14. Click the Listening Interface drop-down menu and select e0b.
  15. Click Apply.

The AltaVault appliance is minimally configured to allow communications between itself, SoftLayer Object Storage, and the computer running Veeam Backup & Replication. It is recommended to export the configuration of the AltaVault appliance to expedite future deployments, if necessary.

To export your AltaVault appliance configuration,

  1. Click Settings > Setup Wizard to access the Wizard Dashboard in the web management console of the on-premises AltaVault appliance.
  2. Click Export Configuration and then click the Export Configuration button.
  3. Save the configuration file (a tarball) in a safe location.

Veeam Backup & Replication

Veeam Backup & Replication software provides complete backup, replication, and recovery capabilities for VMs and their data. It can be fully integrated with an AltaVault Cloud Gateway Appliance, making for a seamless backup and recovery experience.

Deploy Veeam Backup & Replication

A trial version of Veeam Backup & Replication Version 8 will be used in our example.

Prerequisites

Before proceeding with deployment, verify that the following prerequisites have been satisfied.

  • Have an existing AltaVault appliance that is minimally configured for use with SoftLayer Object Storage and Veeam Backup & Replication. (Refer to Initial Configuration of the AltaVault Appliance for complete installation instructions, if necessary.)
  • Obtain a copy of Veeam Backup & Replication for VMware environments, which is a single executable file. Contact your Veeam representative for a copy or download a 30-day trial version.
  • Obtain a license file for use with Veeam Backup & Replication. In most cases, this file will be emailed to the email address used to download Veeam Backup & Replication. If you did not receive this file, contact your Veeam representative.

The license file will be used to activate full Veeam Backup & Replication functionality. If this file is not supplied during program installation, all features and functionality will revert to those of the 30-day trial version.

  • Have an existing backup server, which may either be on-site or off-site, with the specifications found in Table 2. The installed operating system must be a 64-bit version.
  Minimum Recommended
OS
  • Windows Server 2012 R2
  • Windows Server 2012
  • WIndows Server 2008 R2 SP1
  • Windows Server 2008 SP2
  • Windows 8.x
  • Windows 7 SP1
  • Windows Server 2012 R2
  • WIndows Server 2012
  • Windows Server 2008 R2 SP1
  • Windows Server 2008 SP2
  • Windows 8.x
  • Windows 7 SP1
# of cores or vCPUs 2 4
Memory 4GB-base RAM plus 500MB for each concurrent backup job. 16GB-base RAM plus 4GB for each concurrent backup job.
Disk space 2GB for product installation; 10GB per 100 VMs for guest ifle system catalog data (persistant data). 2GB for product installation; 10GB for 100 VMs for guest file systme catalog (persistant data).
Network 1Gbps LAN for on-site backup and replicatoin; 1Mbps WAN for off-site backup and replication. 1Gbps LAN for on-site backup and replication; 1Mbps WAN for off-site backups and replciation.

Table 2: System requirements for Veeam Backup & Replication backup server


Install Veeam Backup & Replication

Use the following steps to install Veeam Backup & Replication to the backup server once all of the prerequisites have been met.

  1. Double-click on the program executable and click Veeam Backup & Replication – Install to launch the setup wizard.
  2. Click Next and. click the I accept the terms in the license agreement radio button.
  3. Click Next and click install for Veeam Backup & Replication.

    Figure 7: Installation screen

  4. Specify the location of the license file obtained in the previous section in the License file for Veeam Backup & Replication filed and click Next.
  5.  Select the Veeam Backup & Replication components to be installed and their installation location on the Veeam Backup & Replication Setup screen. Veeam Backup & Replication and Veeam Backup Catalog are required components.
  6. Click Next.

    Figure 8: Veeam Backup & Replication Setup

    The setup wizard runs a series of checks to make sure that all required program frameworks and supporting components have been installed. If any are missing, the setup wizard will offer to install them automatically; click Install if this is the case.

  7. Verify that all components Passed the systems check and click Next.
  8. Select the Service (user) Account under which the Veeam Backup Service should be run. The default service account is the LOCAL SYSTEM account. Click Next.
  9. Select the SQL Server Instance that should be used to create and store Veeam Backup & Replication databases. Contact your database administrator for more information, if necessary. Click Next.

    Figure 9: Select SQL Server Instance

  10. Enter the Catalog service port and Veeam Backup service port; the default ports are 9393 and 9392, respectively. Contact your network administrator for more information, if necessary. Click Next.
  11. Select the directories where the guest file system catalog (persistent data) and vPower NFS write cache (non-persistent data) should be stored. Click Next.
  12. Verify that all settings and values are correct and click Install to begin installation. Once installation is complete, click Finish.

Configure Veeam Backup & Replication for Backups

After Veeam Backup & Replication has been installed, you are ready to connect it to the vSphere ESXi host containing the AltaVault virtual appliance discussed in Deploy AltaVault OVA.

  1. Launch Veeam Backup & Replication.
  2. Click Backup Infrastructure on the bottom-left side of the screen.
  3. Click Managed Servers in the Backup Infrastructure window and click Managed servers.
  4. Click Add Server in the menu ribbon at the top.
  5. Double-click on VMware vSphere.
     

    Figure 10: Adding a new server environment
     
  6. Enter the DNS name or IP address and Description of the vCenter server. Click Next.
  7. Enter the Credentials of a local account with administrator privileges on the vSphere server specified in Step 6. Note that the account username must be in DOMAIN\USER format for domain accounts, or HOST\USER format for local accounts. To add an account, click Add and enter the account's Username and Password.
    Do not change the Default VMware web services port unless your network administrator specified otherwise during Veeam Backup & Replication installation.

    Figure 11: Specify server access credentials
     
  8. Click Next. Veeam Backup & Replication will then attempt to connect to the VMware vSphere server. If the connection attempt fails, check that the account entered in Step 7 exists and has administrator privileges on the VMware vSphere server before trying again.

    Figure 12: Connecting to the server

  9. Click Finish on the Summary window.
  10. Verify that the vSphere server was successfully added by clicking on Managed Servers > VMware vSphere.

Figure 13: Add new server confirmation screen

Add a Backup Repository to Veeam Backup & Replication

By default, Veeam Backup & Replication creates a local backup repository on the C:\ drive of the Veeam Backup & Replication backup server during program installation. Skip this section if you wish to use the default backup repository.

We will create a new backup repository to store all backups on the AltaVault appliance in this section.

  1. Click Backup Infrastructure in the bottom-left corner of the Backup Infrastructure screen.
  2. Click Backup Repositories > Add Repository.
  3. Enter a unique repository name in the Name field. Optionally, edit the Description field and click Next.
  4. Click the Shared folder radio button. Recall that a CIFS/SMB share was created in Configure the CIFS/SMB Mount Point in AltaVault, which is the share that this backup repository will use. Click Next.
  5. Specify the location of the CIFS/SMB share on the AltaVault appliance. To determine the location, first open a web browser and enter the IP address of the AltaVault appliance. Navigate to Storage > CIFS and note the Share Path of the share (Figure 14). Be aware that this is NOT the same as the local path of the share.

    Figure 14: CIFS/SMB share in AltaVault

    The share path format is \\<AltaVault appliance hostname>\<share name>. The AltaVault appliance hostname in the Share Path needs to be replaced with the IP address of the e0b network interface (the mount point of the share) of the AltaVault appliance.

    To find the IP address of the e0b interface, click Settings > Data Interfaces in the AltaVault appliance management window. See Configure the CIFS/SMB Mount Point in AltaVault for more information, if necessary.

    Figure 15: e0b interface in AltaVault

    Based on Figure 14and Figure 15, the share path specified in Veeam Backup & Replication would be \\192.168.50.16\cifs_test2, not \\backup-appliance\cifs_test2.

  6. Return to Veeam Backup & Replication, input the share path of the mount point in the Shared folder field, and click Next. Veeam Backup & Replication will then attempt to establish a connection with the mount point (Figure 16). If this fails, go back and verify the network settings for the AltaVault appliance are correct before trying again.

    Figure 16: Connecting to the CIFS/SMB share

  7. Enter a value to Limit maximum concurrent tasks to the number of resources available. This is the maximum number of tasks a backup proxy can send to the selected share. The default number of concurrent tasks is 4; AltaVault recommends starting with 5 concurrent tasks and increasing or decreasing this value as resources allow. This value can be adjusted after the backup repository has been created.

    Figure 17: Connection to CIFS/SMB share established
     
    1. Click Next to continue.
    2. Specify the vPower NFS settings, if desired. If the Enable vPower NFS server checkbox is left checked, then Veeam Backup & Replication will use vPower for recovery and recovery verification. Click Next to continue.
    3. Confirm all your settings are correct on the Review screen, and click Next.
    4. Click Finish to exit the wizard. You are now ready to begin backing up your data.

    Backup the Environment

    We will create a backup of a complete virtual environment in this section.

    1. Click Backup & Replication in the bottom-left corner of the Backup Infrastructure screen.
    2. Click Jobs > Backup Job in the Backup & Replication window
    3. Enter a unique name in the Name field. Optionally, enter a Description, and click Next.
    4. Select which VM(s) to back up by clicking Add Objects and navigating through the tree structure to select the VM(s). Click Add once you have selected the correct one.
      If only specific parts of the VM(s) should be backed up (e.g., the boot/system disk), click Exclusions to specify the parts. Otherwise, click Next.
    5. Select the backup repository that was created in Adding a Backup Repository to Veeam Backup & Replication using the Backup repository drop-down menu.

    For optimal performance, be sure to change the data deduplication and compression settings.

    1. Click the Advanced button, select the Storage tab, and uncheck Enable inline data duplication checkbox. Performance is improved because the AltaVault appliance will perform block-level deduplication of the Veeam Backup & Replication backups that pass through it.
    2. Select None under the Compression level drop-down menu and select LAN target under the Storage optimization drop-down menu.
      Note that if the network on which the CIFS/SMB share is located is congested, leaving Enable inline data deduplication checked may alleviate network performance issues but at the cost of lower deduplication ratios experienced on the AltaVault appliance.
    3. Click Next.
    4. Check the appropriate checkbox (Figure 18) if application-aware processing and or guest file system indexing is desired. Set the Guest OS credentials [the username/password of the guest OS of the VM(s) that is being backed up], if necessary. Click Next.

      Figure 18: Select guest processing options
       
      1. Click the Run the job automatically checkbox if backups are to run on a regular basis and set the desired intervals. Otherwise, click Create and Finish.

      Initiate a manual back up

      To manually initiate the backup job, right-click on the backup job and select Start (select Active Full if a brand-new backup is desired).

      Figure 19: Newly created backup job

      Note that Veeam Backup & Replication is also capable of restoring virtual environments from the backups it creates. Visit the Veeam Backup & Replication website or more information.

      Conclusion

      As the need for backups, and their size, continues to grow, companies are increasingly seeking alternative means of lowering the operational and capital expenditures associated with storing these backups on on-premises storage. With cloud Object Storage, the economics of data backups become more feasible but do not solve the need to maintain multiple, redundant copies on multiple storage devices and or mediums.

      Using Veeam Backup & Replication in conjunction with a NetApp AltaVault Cloud Gateway appliance and the SoftLayer Object Storage Service lets enterprises have a hybrid solution. A solution that is able to create and store backups on both on-premises storage and SoftLayer Object Storage. Best of all, these three technologies seamlessly integrate with one another and allow for fully automated backups, with file-level granularity available to maximize use of costly resources.

      By following the steps outlined above, enterprises can quickly realize the benefits of utilizing Object Storage along with conventional on-premises storage for backups. They are able to reduce the time, space, and computational resources needed while still maintaining maximum data safety and integrity.

      Visit the following websites for more information on the components of this hybrid solution:

      ·         NetApp AltaVault website

      ·         Veeam Backup & Replication website

      ·         SoftLayer Object Storage website

       



      [1] For this article, a trial version of an AltaVault AVA-v8 appliance was used with AltaVault Cloud-Integrated Storage 4.1

      [2] A CIFS/SMB share will be used for our example because the Veeam Backup & Replication backup server must be hosted on a machine running Windows.